Commit 8bf6aba6 authored by Jan Kadlec's avatar Jan Kadlec

Removed non-thread-safe base64 call.

- Deleted obsolete files
- Added new b64 decode/encode implementation (same author as out current b32 impl.)
- Makefile/Knot.files changes.
parent 41e23d2c
......@@ -252,8 +252,6 @@ src/libknot/tsig.h
src/libknot/tsig.c
src/libknot/tsig-op.c
src/libknot/tsig-op.h
src/libknot/util/conv.c
src/libknot/util/conv.h
src/tests/libknot/libknot/tsig_tests.h
src/tests/libknot/libknot/tsig_tests.c
src/knot/zone/semantic-check.c
......@@ -261,3 +259,5 @@ src/knot/zone/semantic-check.h
src/tests/xfr_tests.h
src/tests/xfr_tests.c
doc/knot.texi
src/common/base64.c
src/common/base64.h
......@@ -157,8 +157,6 @@ libknot_la_SOURCES = \
libknot/util/debug.c \
libknot/util/debug.h \
libknot/util/utils.h \
libknot/util/conv.h \
libknot/util/conv.c \
libknot/util/descriptor.c \
libknot/util/tolower.h \
libknot/util/tolower.c \
......@@ -223,6 +221,8 @@ libknots_la_SOURCES = \
common/mempattern.c \
common/lists.c \
common/base32.c \
common/base64.c \
common/base64.h \
common/lists.h \
common/heap.h \
common/heap.c \
......
This diff is collapsed.
/* base64.h -- Encode binary data using printable characters.
Copyright (C) 2004-2006, 2009-2012 Free Software Foundation, Inc.
Written by Simon Josefsson.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1, or (at your option)
any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program; if not, see <http://www.gnu.org/licenses/>. */
#ifndef BASE64_H
# define BASE64_H
/* Get size_t. */
# include <stddef.h>
/* Get bool. */
# include <stdbool.h>
/* This uses that the expression (n+(k-1))/k means the smallest
integer >= n/k, i.e., the ceiling of n/k. */
# define BASE64_LENGTH(inlen) ((((inlen) + 2) / 3) * 4)
struct base64_decode_context
{
unsigned int i;
char buf[4];
};
extern bool isbase64 (char ch);
extern void base64_encode (const char *restrict in, size_t inlen,
char *restrict out, size_t outlen);
extern size_t base64_encode_alloc (const char *in, size_t inlen, char **out);
extern void base64_decode_ctx_init (struct base64_decode_context *ctx);
extern bool base64_decode_ctx (struct base64_decode_context *ctx,
const char *restrict in, size_t inlen,
char *restrict out, size_t *outlen);
extern bool base64_decode_alloc_ctx (struct base64_decode_context *ctx,
const char *in, size_t inlen,
char **out, size_t *outlen);
#define base64_decode(in, inlen, out, outlen) \
base64_decode_ctx (NULL, in, inlen, out, outlen)
#define base64_decode_alloc(in, inlen, out, outlen) \
base64_decode_alloc_ctx (NULL, in, inlen, out, outlen)
#endif /* BASE64_H */
......@@ -21,10 +21,10 @@
#include <time.h>
#include "common.h"
#include "common/base64.h"
#include "tsig.h"
#include "tsig-op.h"
#include "util/wire.h"
#include "libknot/util/conv.h"
#include "util/error.h"
#include "util/debug.h"
#include "consts.h"
......@@ -32,7 +32,9 @@
const int KNOT_TSIG_MAX_DIGEST_SIZE = 64; // size of HMAC-SHA512 digest
const uint16_t KNOT_TSIG_FUDGE_DEFAULT = 300; // default Fudge value
enum b64_const {
B64BUFSIZE = 65535
};
static int knot_tsig_check_algorithm(const knot_rrset_t *tsig_rr)
{
......@@ -104,14 +106,21 @@ static int knot_tsig_compute_digest(const uint8_t *wire, size_t wire_len,
/* Decode key from Base64. */
char decoded_key[B64BUFSIZE];
int decoded_key_size = b64_pton(key->secret, (uint8_t *)decoded_key,
B64BUFSIZE);
size_t decoded_key_size = B64BUFSIZE;
int ret = base64_decode(key->secret, strlen(key->secret),
decoded_key,
&decoded_key_size);
if (ret != 1) {
dbg_tsig("TSIG: New decode function failed! (%d)\n", ret);
return KNOT_ERROR;
}
if (decoded_key_size < 0) {
dbg_tsig("TSIG: Could not decode Base64\n");
return KNOT_ERROR;
}
dbg_tsig_detail("TSIG: decoded key size: %d\n", decoded_key_size);
dbg_tsig_detail("TSIG: decoded key: '%*s'\n", decoded_key_size, decoded_key);
......
/*
* Copyright (c) 2001-2011, NLnet Labs. All rights reserved.
*
* This software is open source.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of the NLNET LABS nor the names of its contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdlib.h>
#include <stdint.h>
#include <ctype.h>
#include "conv.h"
#define B64BUFSIZE 65535 /*!< Buffer size for b64 conversion. */
static const char Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const char Pad64 = '=';
static int b64rmap_initialized = 0;
static uint8_t b64rmap[256];
static const uint8_t b64rmap_special = 0xf0;
static const uint8_t b64rmap_end = 0xfd;
static const uint8_t b64rmap_space = 0xfe;
static const uint8_t b64rmap_invalid = 0xff;
/**
* Initializing the reverse map is not thread safe.
* Which is fine for NSD. For now...
**/
static void b64_initialize_rmap()
{
int i;
char ch;
/* Null: end of string, stop parsing */
b64rmap[0] = b64rmap_end;
for (i = 1; i < 256; ++i) {
ch = (char)i;
/* Whitespaces */
if (isspace(ch)) {
b64rmap[i] = b64rmap_space;
}
/* Padding: stop parsing */
else if (ch == Pad64) {
b64rmap[i] = b64rmap_end;
}
/* Non-base64 char */
else {
b64rmap[i] = b64rmap_invalid;
}
}
/* Fill reverse mapping for base64 chars */
for (i = 0; Base64[i] != '\0'; ++i) {
b64rmap[(uint8_t)Base64[i]] = i;
}
b64rmap_initialized = 1;
}
static int b64_pton_do(char const *src, uint8_t *target, size_t targsize)
{
int tarindex, state, ch;
uint8_t ofs;
state = 0;
tarindex = 0;
while (1) {
ch = *src++;
ofs = b64rmap[ch];
if (ofs >= b64rmap_special) {
/* Ignore whitespaces */
if (ofs == b64rmap_space) {
continue;
}
/* End of base64 characters */
if (ofs == b64rmap_end) {
break;
}
/* A non-base64 character. */
return (-1);
}
switch (state) {
case 0:
if ((size_t)tarindex >= targsize) {
return (-1);
}
target[tarindex] = ofs << 2;
state = 1;
break;
case 1:
if ((size_t)tarindex + 1 >= targsize) {
return (-1);
}
target[tarindex] |= ofs >> 4;
target[tarindex+1] = (ofs & 0x0f)
<< 4 ;
tarindex++;
state = 2;
break;
case 2:
if ((size_t)tarindex + 1 >= targsize) {
return (-1);
}
target[tarindex] |= ofs >> 2;
target[tarindex+1] = (ofs & 0x03)
<< 6;
tarindex++;
state = 3;
break;
case 3:
if ((size_t)tarindex >= targsize) {
return (-1);
}
target[tarindex] |= ofs;
tarindex++;
state = 0;
break;
default:
abort();
}
}
/*
* We are done decoding Base-64 chars. Let's see if we ended
* on a byte boundary, and/or with erroneous trailing characters.
*/
if (ch == Pad64) { /* We got a pad char. */
ch = *src++; /* Skip it, get next. */
switch (state) {
case 0: /* Invalid = in first position */
case 1: /* Invalid = in second position */
return (-1);
case 2: /* Valid, means one byte of info */
/* Skip any number of spaces. */
for ((void)NULL; ch != '\0'; ch = *src++)
if (b64rmap[ch] != b64rmap_space) {
break;
}
/* Make sure there is another trailing = sign. */
if (ch != Pad64) {
return (-1);
}
ch = *src++; /* Skip the = */
/* Fall through to "single trailing =" case. */
/* FALLTHROUGH */
case 3: /* Valid, means two bytes of info */
/*
* We know this char is an =. Is there anything but
* whitespace after it?
*/
for ((void)NULL; ch != '\0'; ch = *src++)
if (b64rmap[ch] != b64rmap_space) {
return (-1);
}
/*
* Now make sure for cases 2 and 3 that the "extra"
* bits that slopped past the last full byte were
* zeros. If we don't check them, they become a
* subliminal channel.
*/
if (target[tarindex] != 0) {
return (-1);
}
}
} else {
/*
* We ended by seeing the end of the string. Make sure we
* have no partial bytes lying around.
*/
if (state != 0) {
return (-1);
}
}
return (tarindex);
}
static int b64_pton_len(char const *src)
{
int tarindex, state, ch;
uint8_t ofs;
state = 0;
tarindex = 0;
while (1) {
ch = *src++;
ofs = b64rmap[ch];
if (ofs >= b64rmap_special) {
/* Ignore whitespaces */
if (ofs == b64rmap_space) {
continue;
}
/* End of base64 characters */
if (ofs == b64rmap_end) {
break;
}
/* A non-base64 character. */
return (-1);
}
switch (state) {
case 0:
state = 1;
break;
case 1:
tarindex++;
state = 2;
break;
case 2:
tarindex++;
state = 3;
break;
case 3:
tarindex++;
state = 0;
break;
default:
abort();
}
}
/*
* We are done decoding Base-64 chars. Let's see if we ended
* on a byte boundary, and/or with erroneous trailing characters.
*/
if (ch == Pad64) { /* We got a pad char. */
ch = *src++; /* Skip it, get next. */
switch (state) {
case 0: /* Invalid = in first position */
case 1: /* Invalid = in second position */
return (-1);
case 2: /* Valid, means one byte of info */
/* Skip any number of spaces. */
for ((void)NULL; ch != '\0'; ch = *src++)
if (b64rmap[ch] != b64rmap_space) {
break;
}
/* Make sure there is another trailing = sign. */
if (ch != Pad64) {
return (-1);
}
ch = *src++; /* Skip the = */
/* Fall through to "single trailing =" case. */
/* FALLTHROUGH */
case 3: /* Valid, means two bytes of info */
/*
* We know this char is an =. Is there anything but
* whitespace after it?
*/
for ((void)NULL; ch != '\0'; ch = *src++)
if (b64rmap[ch] != b64rmap_space) {
return (-1);
}
}
} else {
/*
* We ended by seeing the end of the string. Make sure we
* have no partial bytes lying around.
*/
if (state != 0) {
return (-1);
}
}
return (tarindex);
}
int b64_pton(char const *src, uint8_t *target, size_t targsize)
{
if (!b64rmap_initialized) {
b64_initialize_rmap();
}
if (target) {
return b64_pton_do(src, target, targsize);
} else {
return b64_pton_len(src);
}
}
#define B64BUFSIZE 65535 /*!< Buffer size for b64 conversion. */
/*
* Copyright (c) 2001-2011, NLnet Labs. All rights reserved.
*
* This software is open source.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of the NLNET LABS nor the names of its contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _KNOT_CONV_H_
#define _KNOT_CONV_H_
#define B64BUFSIZE 65535 /*!< Buffer size for b64 conversion. */
/*!
* \brief Base64 presentation to wire conversion.
*/
int b64_pton(char const *src, uint8_t *target, size_t targsize);
#endif // _KNOT_CONV_H_
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment