New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SASL Code Quality and Feature Improvements #598
Merged
Merged
Changes from 65 commits
Commits
Show all changes
119 commits
Select commit
Hold shift + click to select a range
6573037
modules/saslserv/main: fix function prototype
aaronmdjones 21d6a26
include/sasl.h: tidy up structures
aaronmdjones 4d75c43
modules/saslserv/: various adjustments
aaronmdjones 49c12af
modules/saslserv/*.c: move mod(de)init to the bottom of the file
aaronmdjones e0572b5
modules/saslserv/*.c: move sasl_mechanism_t declaration
aaronmdjones 3a3f600
modules/saslserv/*.c: put function names on their own line
aaronmdjones 6605352
libathemecore/authcookie: promise not to modify tickets
aaronmdjones fbf6025
modules/saslserv/authcookie: general code quality cleanups
aaronmdjones 72900dc
modules/saslserv/ecdsa-nist256p-challenge: general code quality cleanups
aaronmdjones 3c459c7
modules/saslserv/external: general code quality cleanups
aaronmdjones d861474
modules/saslserv/plain: general code quality cleanups
aaronmdjones a44cccb
modules/saslserv/scram-sha: general code quality cleanups
aaronmdjones ada622f
PBKDF2v2/SCRAM-SHA: Move shared functions to a shared structure
aaronmdjones 0c10d11
modules/saslserv/main: make private symbols actually private
aaronmdjones 2e37d4a
modules/saslserv/main: put function names on their own line
aaronmdjones 13404b2
modules/saslserv/main: move mod(de)init functions to the bottom
aaronmdjones 8bdc0b9
modules/saslserv/main: fix (dead) potential segfault in moddeinit
aaronmdjones 9ab5578
modules/saslserv/main: move structures to the top of the file
aaronmdjones bd7790b
modules/saslserv/ecdsa-nist256p-challenge: guard against no mechdata
aaronmdjones eb37524
modules/saslserv/main: use size_t, not int, for buffer/string lengths
aaronmdjones ababf28
modules/saslserv/main: reindent vtable structure
aaronmdjones 0139282
modules/saslserv/main: saslserv: cleanup
aaronmdjones 61e130b
modules/saslserv/main: sasl_mech_register: cleanup
aaronmdjones a6ca0b0
modules/saslserv/main: sasl_mech_unregister: cleanup
aaronmdjones f1e9c57
modules/saslserv/main: find_session: cleanup
aaronmdjones 5069e21
modules/saslserv/main: make_session: cleanup
aaronmdjones eeb38f7
modules/saslserv/main: destroy_session: cleanup
aaronmdjones e75f378
modules/saslserv/main: sasl_sourceinfo_delete: cleanup
aaronmdjones 94b5e51
modules/saslserv/main: sasl_sourceinfo_create: cleanup
aaronmdjones b14ef97
modules/saslserv/main: sasl_input: cleanup
aaronmdjones a603131
modules/saslserv/main: find_mechanism: cleanup
aaronmdjones 142f075
modules/saslserv/main: sasl_server_eob: cleanup
aaronmdjones 5d0455a
modules/saslserv/main: mechlist_do_rebuild: cleanup
aaronmdjones 0025a44
modules/saslserv/main: mechlist_build_string: cleanup
aaronmdjones c461c3d
modules/saslserv/main: sasl_packet: cleanup
aaronmdjones 0e2fbd6
modules/saslserv/main: sasl_write: cleanup
aaronmdjones 1e9e5ad
modules/saslserv/main: may_impersonate: cleanup
aaronmdjones 20d7232
modules/saslserv/main: login_user: cleanup
aaronmdjones 1d68dc2
modules/saslserv/main: sasl_newuser: cleanup
aaronmdjones 72ba0f6
modules/saslserv/main: delete_stale: cleanup
aaronmdjones 29fcbe9
modules/saslserv/main: sasl_format_sourceinfo: cleanup
aaronmdjones 95c386d
modules/saslserv/main: sasl_get_source_name: cleanup
aaronmdjones daec26c
modules/saslserv/main: mod_(de)init: cleanup
aaronmdjones 0e72886
modules/saslserv/main: sasl_get_source_name: more cleanup
aaronmdjones 8056bfd
modules/saslserv/main: less magic numbers
aaronmdjones d97e5eb
modules/saslserv/main: remove free(3) indirection
aaronmdjones 8110458
modules/saslserv/main: mod_(de)init: more cleanup
aaronmdjones 8b47109
modules/saslserv/main: saslserv: move
aaronmdjones eef56b7
modules/saslserv/main: sasl_mech_(un)register: move
aaronmdjones df0302f
modules/saslserv/main: remove erroneous comment
aaronmdjones f77a8b6
modules/saslserv/main: sasl_vtable: move
aaronmdjones eafc7e6
modules/saslserv/main: remove unnecessary forward decls
aaronmdjones 9a16559
modules/saslserv/main: rename a variable
aaronmdjones 227f021
modules/saslserv/main: sasl_write: move
aaronmdjones a683f27
modules/saslserv/main: sasl_input: move
aaronmdjones 59e1d1e
modules/saslserv/main: login_user: move
aaronmdjones 6b26bec
modules/saslserv/main: sasl_session_abort: move
aaronmdjones 822e985
modules/saslserv/main: sasl_sourceinfo_create: move
aaronmdjones 219cf3a
modules/saslserv/main: may_impersonate: move
aaronmdjones 0f8c200
modules/saslserv/main: remove unnecessary forward decls
aaronmdjones dccd978
modules/saslserv/main: mechlist_do_rebuild: move
aaronmdjones 40857d0
modules/saslserv/main: sasl_sourceinfo_t: reindent
aaronmdjones 5e1dde6
modules/saslserv/main: sasl_sourceinfo_t: rename
aaronmdjones 4788844
modules/saslserv/: don't use reserved identifier names
aaronmdjones e77f4bd
modules/saslserv/main: avoid TOCTOU and make user_can_login hooks useful
aaronmdjones b39a9d2
modules/saslserv/plain: no need to wrap this line
aaronmdjones 6fe8864
modules/saslserv/main: remove duplicate code
aaronmdjones 6ae3da8
modules/saslserv/main: sasl_packet: use larger buffer
aaronmdjones 4b7dc65
modules/saslserv/scram-sha: various adjustments
aaronmdjones 59d0328
modules/saslserv/*.c: adjust function parameter types
aaronmdjones ca18f82
modules/saslserv/main: overlooked opportunity to use less memory
aaronmdjones 3962290
modules/saslserv/ecdsa-nist256p-challenge: remove unnecessary code
aaronmdjones 44cf98f
libathemecore/authcookie: provide a macro for the cookie length
aaronmdjones 3dd7da7
modules/saslserv/{authcookie,plain}: remove magic number, explain format
aaronmdjones 8c64dce
modules/saslserv/{authcookie,plain}: clarify pointer arithmetic inten…
aaronmdjones 099edf0
libmowgli: update to current master HEAD
aaronmdjones 7e8bcbf
modules/saslserv/*.c: more guards against aberrant program states
aaronmdjones 5ca1e7f
modules/saslserv/main: more const correctness
aaronmdjones 9a3a97f
modules/saslserv/main: don't user_can_login twice for the same user
aaronmdjones 57ebc82
modules/saslserv/main: remove unnecessary pointer gymnastics
aaronmdjones 97f9395
modules/saslserv/main: remove more unnecessary pointer gymnastics
aaronmdjones 1f3a05a
modules/saslserv/main: remove unnecessary test
aaronmdjones 9f43a16
modules/saslserv/main: test for max length data from client first
aaronmdjones 001b2be
modules/saslserv/main: realloc(NULL, foo>0) == malloc(foo)
aaronmdjones 333bab7
modules/saslserv/main: fail EXTERNAL without certfp sooner
aaronmdjones d6047a2
modules/saslserv/main: simplify SASL 'S' command processing
aaronmdjones ba384a4
modules/saslserv/main: more const-correctness
aaronmdjones 015e006
modules/saslserv/main: clarify function intention
aaronmdjones 5fef7f9
modules/saslserv/main: add debugging log message
aaronmdjones 44d0b84
modules/saslserv/*.c: ensure/assume mech_step input is NULL-terminated
aaronmdjones 8b6f12b
modules/saslserv/main: short-circuit client data if possible
aaronmdjones b246ed5
modules/saslserv/main: add some defensive code to sasl_packet()
aaronmdjones 6fdeb73
modules/saslserv/main: fix bound on client-provided data
aaronmdjones cd3a79c
modules/saslserv/*.c: update copyright notices
aaronmdjones 703a0fe
modules/saslserv/main: don't erroneously process end-of-data marker
aaronmdjones 2e0c282
modules/saslserv/main: remove (now) duplicate code
aaronmdjones fc1a909
sasl_sts / proto modules: promise not to modify string arguments
aaronmdjones e3e22dd
modules/saslserv/main: optimise sasl_write for short data
aaronmdjones a55a115
modules/saslserv/main: don't allow malicious clients to flood log
aaronmdjones b3e5e28
modules/saslserv/main: sasl_packet: use smaller buffer length
aaronmdjones 42dff7e
modules/saslserv/main: more const-correctness
aaronmdjones 09a1e27
modules/saslserv/{authcookie,plain}: arithmetic on void* is a GNU ext…
aaronmdjones 7808cc3
modules/saslserv/main: mechlist_build_string: more cleanup
aaronmdjones 2e4968d
include/sasl.h: move some macros to the top and reindent them
aaronmdjones b5493b4
modules/saslserv/*.c: add new kind of start/step mech error code
aaronmdjones 8c942f3
modules/saslserv/ecdsa-nist256p-challenge: add condition to feature test
aaronmdjones 6557f68
modules/saslserv/*.c: results and bitfield flags should be unsigned
aaronmdjones 3a2809a
modules/saslserv/scram-sha: correct function type
aaronmdjones 23922a7
modules/saslserv/scram-sha: simplify attribute processing
aaronmdjones baf6ada
include/sasl.h: add documentation comments
aaronmdjones 9b7179e
modules/saslserv/main: fix use-after-free & double-free
aaronmdjones 2335d28
modules/saslserv/main: break out complex logic to separate functions
aaronmdjones 58f8ad5
modules/saslserv/main: replace hardcoded function names
aaronmdjones dbb8555
modules/saslserv/main: remove unnecessary zero-initialisation
aaronmdjones 1eca6ba
modules/saslserv/main: move 'struct sasl_sourceinfo' to shared header
aaronmdjones cf3473f
modules/saslserv/scram-sha: generate snonce in a simpler way
aaronmdjones 42031c9
modules/saslserv/scram-sha: respect MU_NOPASSWORD flag
aaronmdjones 636bb2d
modules/saslserv/main: preserve auth[cz]id for better logging
aaronmdjones 45a7f19
modules/saslserv/main: remove code duplication
aaronmdjones File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Really not sure whether I like assignments hidden so deep inside an
if()
.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The alternative is a lot more lines that do the same thing; a la
That would get old, quickly, no?
EDIT: Added syntax highlighting
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Eh, I think that'd be fine. Yes, I guess you can't fit as much in a single screen, but (as someone who isn't all that fluent in C) it's easier to decipher at a quick glance – specifically, it's easier to notice that
ptr
is being assigned to.||
chains are fine, assignments inside if() are okay I suppose, but combining the two begins to look like golfing just for the sake of it... How about this then:(Maybe that first check should in fact be
if (! *authzid)
? Technically it's the same thing, but semantically it makes more sense.)There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
8c64dce