From 37d4c59e6efb70d12733257d45fdd8cd41e73d20 Mon Sep 17 00:00:00 2001 Message-Id: <37d4c59e6efb70d12733257d45fdd8cd41e73d20.1716259320.git.mdw@distorted.org.uk> From: Mark Wooding Date: Sat, 2 Sep 2017 19:55:09 +0100 Subject: [PATCH] server/admin.c: Use the more modern mLib `codec' classes for Base64. Organization: Straylight/Edgeware From: Mark Wooding The main effect, other than making the code slightly briefer, is that decoding is now significantly stricter. --- server/admin.c | 49 +++++++++++++++++++++++------------------ server/tripe-admin.5.in | 4 ++++ server/tripe.h | 1 + 3 files changed, 32 insertions(+), 22 deletions(-) diff --git a/server/admin.c b/server/admin.c index 2d1658ee..b493a36b 100644 --- a/server/admin.c +++ b/server/admin.c @@ -284,14 +284,11 @@ void a_vformat(dstr *d, const char *fmt, va_list *ap) } else if (strcmp(fmt, "?B64") == 0) { const octet *p = va_arg(*ap, const octet *); size_t n = va_arg(*ap, size_t); - base64_ctx b64; + codec *b64 = base64_class.encoder(CDCF_NOEQPAD, "", 0); dstr_putc(d, ' '); - base64_init(&b64); - b64.indent = ""; - b64.maxline = 0; - base64_encode(&b64, p, n, d); - base64_encode(&b64, 0, 0, d); - while (d->len && d->buf[d->len - 1] == '=') d->len--; + b64->ops->code(b64, p, n, d); + b64->ops->code(b64, 0, 0, d); + b64->ops->destroy(b64); } else if (strcmp(fmt, "?TOKENS") == 0) { const char *const *av = va_arg(*ap, const char *const *); while (*av) u_quotify(d, *av++); @@ -1789,35 +1786,43 @@ static void acmd_getchal(admin *a, unsigned ac, char *av[]) static void acmd_checkchal(admin *a, unsigned ac, char *av[]) { - base64_ctx b64; + codec *b64 = base64_class.decoder(CDCF_NOEQPAD); + int err; buf b; dstr d = DSTR_INIT; - base64_init(&b64); - base64_decode(&b64, av[0], strlen(av[0]), &d); - base64_decode(&b64, 0, 0, &d); - buf_init(&b, d.buf, d.len); - if (c_check(&b) || BBAD(&b) || BLEFT(&b)) - a_fail(a, "invalid-challenge", A_END); - else - a_ok(a); + if ((err = b64->ops->code(b64, av[0], strlen(av[0]), &d)) != 0 || + (err = b64->ops->code(b64, 0, 0, &d)) != 0) + a_fail(a, "bad-base64", "%s", codec_strerror(err), A_END); + else { + buf_init(&b, d.buf, d.len); + if (c_check(&b) || BBAD(&b) || BLEFT(&b)) + a_fail(a, "invalid-challenge", A_END); + else + a_ok(a); + } + b64->ops->destroy(b64); dstr_destroy(&d); } static void acmd_greet(admin *a, unsigned ac, char *av[]) { peer *p; - base64_ctx b64; + int err; + codec *b64; dstr d = DSTR_INIT; - if ((p = a_findpeer(a, av[0])) != 0) { - base64_init(&b64); - base64_decode(&b64, av[1], strlen(av[1]), &d); - base64_decode(&b64, 0, 0, &d); + if ((p = a_findpeer(a, av[0])) == 0) return; + b64 = base64_class.decoder(CDCF_NOEQPAD); + if ((err = b64->ops->code(b64, av[1], strlen(av[1]), &d)) != 0 || + (err = b64->ops->code(b64, 0, 0, &d)) != 0) + a_fail(a, "bad-base64", "%s", codec_strerror(err), A_END); + else { p_greet(p, d.buf, d.len); - dstr_destroy(&d); a_ok(a); } + b64->ops->destroy(b64); + dstr_destroy(&d); } static void acmd_addr(admin *a, unsigned ac, char *av[]) diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in index df87b709..c220b4b4 100644 --- a/server/tripe-admin.5.in +++ b/server/tripe-admin.5.in @@ -942,6 +942,10 @@ server is already running as a daemon. (For commands accepting socket addresses.) The address couldn't be understood. .SP +.BI "bad-base64 " message +(For commands accepting Base64-encoded input.) The Base64-encoded +string was invalid. +.SP .BI "bad-syntax " cmd " " message (For any command.) The command couldn't be understood: e.g., the number of arguments was wrong. diff --git a/server/tripe.h b/server/tripe.h index 0004f17e..6978bf28 100644 --- a/server/tripe.h +++ b/server/tripe.h @@ -66,6 +66,7 @@ #include #include #include +#include #include #include #include -- [mdw]