Changeset 6738a67 for lib

Timestamp:

2008-07-16T23:22:52Z (16 years ago)

Author:

Sven Moritz Hallberg <pesco@…>

Branches:

master

Children:

9b55485

Parents:

9730d72 (diff), 6a78c0e (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

merge in latest trunk

Location:

lib

Files:

• Makefile (modified) (1 diff)
• arc.c (modified) (2 diffs)
• arc.h (modified) (1 diff)
• base64.c (modified) (1 diff)
• events_glib.c (modified) (1 diff)
• misc.c (modified) (5 diffs)
• misc.h (modified) (2 diffs)
• proxy.c (modified) (4 diffs)
• ssl_bogus.c (modified) (1 diff)
• ssl_client.h (modified) (1 diff)
• ssl_gnutls.c (modified) (1 diff)
• ssl_nss.c (modified) (1 diff)
• ssl_openssl.c (modified) (2 diffs)
• ssl_sspi.c (added)
• url.c (modified) (6 diffs)
• url.h (modified) (2 diffs)
• xmltree.c (moved) (moved from protocols/jabber/xmltree.c) (1 diff)
• xmltree.h (moved) (moved from protocols/jabber/xmltree.h) (2 diffs)

lib/Makefile

@@ -10 +10 @@
 
 # [SH] Program variables
-objects = arc.o base64.o $(EVENT_HANDLER) http_client.o ini.o md5.o misc.o proxy.o sha1.o $(SSL_CLIENT) url.o
+objects = arc.o base64.o $(EVENT_HANDLER) http_client.o ini.o md5.o misc.o proxy.o sha1.o $(SSL_CLIENT) url.o xmltree.o
 
 CFLAGS += -Wall

lib/arc.c

@@ -131 +131 @@
    
    Both functions return the number of bytes in the result string.
+   
+   Note that if you use the pad_to argument, you will need zero-termi-
+   nation to find back the original string length after decryption. So
+   it shouldn't be used if your string contains \0s by itself!
 */
 
-int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password )
+int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password, int pad_to )
 {
         struct arc_state *st;
         unsigned char *key;
-        int key_len, i;
+        char *padded = NULL;
+        int key_len, i, padded_len;
         
         key_len = strlen( password ) + ARC_IV_LEN;
         if( clear_len <= 0 )
                 clear_len = strlen( clear );
+        
+        /* Pad the string to the closest multiple of pad_to. This makes it
+           impossible to see the exact length of the password. */
+        if( pad_to > 0 && ( clear_len % pad_to ) > 0 )
+        {
+                padded_len = clear_len + pad_to - ( clear_len % pad_to );
+                padded = g_malloc( padded_len );
+                memcpy( padded, clear, clear_len );
+                
+                /* First a \0 and then random data, so we don't have to do
+                   anything special when decrypting. */
+                padded[clear_len] = 0;
+                random_bytes( (unsigned char*) padded + clear_len + 1, padded_len - clear_len - 1 );
+                
+                clear = padded;
+                clear_len = padded_len;
+        }
         
         /* Prepare buffers and the key + IV */
@@ -161 +183 @@
         
         g_free( st );
+        g_free( padded );
         
         return clear_len + ARC_IV_LEN;

lib/arc.h

@@ -31 +31 @@
 };
 
-struct arc_state *arc_keymaker( unsigned char *key, int kl, int cycles );
+#ifndef G_GNUC_MALLOC
+#define G_GNUC_MALLOC
+#endif
+
+G_GNUC_MALLOC struct arc_state *arc_keymaker( unsigned char *key, int kl, int cycles );
 unsigned char arc_getbyte( struct arc_state *st );
-int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password );
+int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password, int pad_to );
 int arc_decode( unsigned char *crypt, int crypt_len, char **clear, char *password );

lib/base64.c

@@ -118 +118 @@
         int i, outlen = 0;
         
-        for( i = 0; in[i]; i += 4 )
+        for( i = 0; in[i] && in[i+1] && in[i+2] && in[i+3]; i += 4 )
         {
                 int sx;

lib/events_glib.c

@@ -51 +51 @@
 } GaimIOClosure;
 
-static GMainLoop *loop;
+static GMainLoop *loop = NULL;
 
 void b_main_init()
 {
-        loop = g_main_new( FALSE );
+        if( loop == NULL )
+                loop = g_main_new( FALSE );
 }
 

lib/misc.c

@@ -33 +33 @@
 #define BITLBEE_CORE
 #include "nogaim.h"
+#include "base64.h"
 #include <stdio.h>
 #include <stdlib.h>
@@ -59 +60 @@
         strcpy(text, text2);
         g_free(text2);
-}
-
-char *normalize(const char *s)
-{
-        static char buf[BUF_LEN];
-        char *t, *u;
-        int x = 0;
-
-        g_return_val_if_fail((s != NULL), NULL);
-
-        u = t = g_strdup(s);
-
-        strcpy(t, s);
-        g_strdown(t);
-
-        while (*t && (x < BUF_LEN - 1)) {
-                if (*t != ' ') {
-                        buf[x] = *t;
-                        x++;
-                }
-                t++;
-        }
-        buf[x] = '\0';
-        g_free(u);
-        return buf;
 }
 
@@ -408 +384 @@
 void random_bytes( unsigned char *buf, int count )
 {
+#ifndef _WIN32
         static int use_dev = -1;
         
@@ -457 +434 @@
         
         if( !use_dev )
+#endif
         {
                 int i;
@@ -608 +586 @@
                 return sockerr_again();
 }
+
+/* Returns values: -1 == Failure (base64-decoded to something unexpected)
+                    0 == Okay
+                    1 == Password doesn't match the hash. */
+int md5_verify_password( char *password, char *hash )
+{
+        md5_byte_t *pass_dec = NULL;
+        md5_byte_t pass_md5[16];
+        md5_state_t md5_state;
+        int ret = -1, i;
+        
+        if( base64_decode( hash, &pass_dec ) == 21 )
+        {
+                md5_init( &md5_state );
+                md5_append( &md5_state, (md5_byte_t*) password, strlen( password ) );
+                md5_append( &md5_state, (md5_byte_t*) pass_dec + 16, 5 ); /* Hmmm, salt! */
+                md5_finish( &md5_state, pass_md5 );
+                
+                for( i = 0; i < 16; i ++ )
+                {
+                        if( pass_dec[i] != pass_md5[i] )
+                        {
+                                ret = 1;
+                                break;
+                        }
+                }
+                
+                /* If we reached the end of the loop, it was a match! */
+                if( i == 16 )
+                        ret = 0;
+        }
+        
+        g_free( pass_dec );
+
+        return ret;
+}

lib/misc.h

@@ -41 +41 @@
 G_MODULE_EXPORT char *add_cr( char *text );
 G_MODULE_EXPORT char *strip_newlines(char *source);
-G_MODULE_EXPORT char *normalize( const char *s );
 
 G_MODULE_EXPORT time_t get_time( int year, int month, int day, int hour, int min, int sec );
@@ -67 +66 @@
 G_MODULE_EXPORT gboolean ssl_sockerr_again( void *ssl );
 
+G_MODULE_EXPORT int md5_verify_password( char *password, char *hash );
+
 #endif

lib/proxy.c

@@ -114 +114 @@
 {
         struct sockaddr_in *sin;
+        struct sockaddr_in me;
         int fd = -1;
 
@@ -127 +128 @@
 
         sock_make_nonblocking(fd);
+        
+        if( global.conf->iface_out )
+        {
+                me.sin_family = AF_INET;
+                me.sin_port = 0;
+                me.sin_addr.s_addr = inet_addr( global.conf->iface_out );
+                
+                if( bind( fd, (struct sockaddr *) &me, sizeof( me ) ) != 0 )
+                        event_debug( "bind( %d, \"%s\" ) failure\n", fd, global.conf->iface_out );
+        }
         
         event_debug("proxy_connect_none( \"%s\", %d ) = %d\n", host, port, fd);
@@ -530 +541 @@
         struct PHB *phb;
         
-        if (!host || !port || (port == -1) || !func || strlen(host) > 128) {
+        if (!host || port <= 0 || !func || strlen(host) > 128) {
                 return -1;
         }
@@ -538 +549 @@
         phb->data = data;
         
-        if ((proxytype == PROXY_NONE) || strlen(proxyhost) > 0 || !proxyport || (proxyport == -1))
+        if (proxytype == PROXY_NONE || !proxyhost[0] || proxyport <= 0)
                 return proxy_connect_none(host, port, phb);
         else if (proxytype == PROXY_HTTP)

lib/ssl_bogus.c

@@ -65 +65 @@
         return GAIM_INPUT_READ;
 }
+
+int ssl_pending( void *conn )
+{
+        return 0;
+}

lib/ssl_client.h

@@ -63 +63 @@
 G_MODULE_EXPORT int ssl_write( void *conn, const char *buf, int len );
 
+/* See ssl_openssl.c for an explanation. */
+G_MODULE_EXPORT int ssl_pending( void *conn );
+
 /* Abort the SSL connection and disconnect the socket. Do not use close()
    directly, both the SSL library and the peer will be unhappy! */

lib/ssl_gnutls.c

@@ -216 +216 @@
 }
 
+/* See ssl_openssl.c for an explanation. */
+int ssl_pending( void *conn )
+{
+        return 0;
+}
+
 void ssl_disconnect( void *conn_ )
 {

lib/ssl_nss.c

@@ -175 +175 @@
 }
 
+/* See ssl_openssl.c for an explanation. */
+int ssl_pending( void *conn )
+{
+        return 0;
+}
+
 void ssl_disconnect( void *conn_ )
 {

lib/ssl_openssl.c

@@ -68 +68 @@
         
         conn->fd = proxy_connect( host, port, ssl_connected, conn );
+        if( conn->fd < 0 )
+        {
+                g_free( conn );
+                return NULL;
+        }
+        
         conn->func = func;
         conn->data = data;
         conn->inpa = -1;
-        
-        if( conn->fd < 0 )
-        {
-                g_free( conn );
-                return NULL;
-        }
         
         return conn;
@@ -236 +236 @@
 }
 
+/* Only OpenSSL *really* needs this (and well, maybe NSS). See for more info:
+   http://www.gnu.org/software/gnutls/manual/gnutls.html#index-gnutls_005frecord_005fcheck_005fpending-209
+   http://www.openssl.org/docs/ssl/SSL_pending.html
+   
+   Required because OpenSSL empties the TCP buffer completely but doesn't
+   necessarily give us all the unencrypted data.
+   
+   Returns 0 if there's nothing left or if we don't have to care (GnuTLS),
+   1 if there's more data. */
+int ssl_pending( void *conn )
+{
+        return ( ((struct scd*)conn) && ((struct scd*)conn)->established ) ?
+               SSL_pending( ((struct scd*)conn)->ssl ) > 0 : 0;
+}
+
 void ssl_disconnect( void *conn_ )
 {

lib/url.c

@@ -26 +26 @@
 #include "url.h"
 
-/* Convert an URL to a url_t structure                                  */
+/* Convert an URL to a url_t structure */
 int url_set( url_t *url, char *set_url )
 {
-        char s[MAX_STRING];
+        char s[MAX_STRING+1];
         char *i;
         
-        /* protocol://                                                  */
+        memset( url, 0, sizeof( url_t ) );
+        memset( s, 0, sizeof( s ) );
+        
+        /* protocol:// */
         if( ( i = strstr( set_url, "://" ) ) == NULL )
         {
@@ -49 +52 @@
                         url->proto = PROTO_SOCKS5;
                 else
-                {
-                        return( 0 );
-                }
+                        return 0;
+                
                 strncpy( s, i + 3, MAX_STRING );
         }
         
-        /* Split                                                        */
+        /* Split */
         if( ( i = strchr( s, '/' ) ) == NULL )
         {
@@ -67 +69 @@
         strncpy( url->host, s, MAX_STRING );
         
-        /* Check for username in host field                             */
+        /* Check for username in host field */
         if( strrchr( url->host, '@' ) != NULL )
         {
@@ -76 +78 @@
                 *url->pass = 0;
         }
-        /* If not: Fill in defaults                                     */
+        /* If not: Fill in defaults */
         else
         {
@@ -82 +84 @@
         }
         
-        /* Password?                                                    */
+        /* Password? */
         if( ( i = strchr( url->user, ':' ) ) != NULL )
         {
@@ -88 +90 @@
                 strcpy( url->pass, i + 1 );
         }
-        /* Port number?                                                 */
+        /* Port number? */
         if( ( i = strchr( url->host, ':' ) ) != NULL )
         {

lib/url.h

@@ -26 +26 @@
 #include "bitlbee.h"
 
-#define PROTO_HTTP              2
-#define PROTO_HTTPS             5
-#define PROTO_SOCKS4    3
-#define PROTO_SOCKS5    4
-#define PROTO_DEFAULT   PROTO_HTTP
+#define PROTO_HTTP      2
+#define PROTO_HTTPS     5
+#define PROTO_SOCKS4    3
+#define PROTO_SOCKS5    4
+#define PROTO_DEFAULT   PROTO_HTTP
 
 typedef struct url
@@ -36 +36 @@
         int proto;
         int port;
-        char host[MAX_STRING];
-        char file[MAX_STRING];
-        char user[MAX_STRING];
-        char pass[MAX_STRING];
+        char host[MAX_STRING+1];
+        char file[MAX_STRING+1];
+        char user[MAX_STRING+1];
+        char pass[MAX_STRING+1];
 } url_t;
 

lib/xmltree.c

@@ -111 +111 @@
 };
 
-struct xt_parser *xt_new( gpointer data )
+struct xt_parser *xt_new( const struct xt_handler_entry *handlers, gpointer data )
 {
         struct xt_parser *xt = g_new0( struct xt_parser, 1 );
         
         xt->data = data;
+        xt->handlers = handlers;
         xt_reset( xt );
         

lib/xmltree.h

@@ -71 +71 @@
         struct xt_node *cur;
         
-        struct xt_handler_entry *handlers;
+        const struct xt_handler_entry *handlers;
         gpointer data;
         
@@ -77 +77 @@
 };
 
-struct xt_parser *xt_new( gpointer data );
+struct xt_parser *xt_new( const struct xt_handler_entry *handlers, gpointer data );
 void xt_reset( struct xt_parser *xt );
 int xt_feed( struct xt_parser *xt, char *text, int text_len );