schannel: loop over the algos to pick the selected one

Avoid using the funny macro and the extra buffer copy. Closes #10647
curl · Mar 3, 2023 · e135bc9 · e135bc9
1 parent 56d5c07
commit e135bc9
Showing 1 changed file with 68 additions and 63 deletions.
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
@@ -264,128 +264,133 @@ set_ssl_version_min_max(DWORD *enabled_protocols,
 
 /* longest is 26, buffer is slightly bigger */
 #define LONGEST_ALG_ID 32
-#define CIPHEROPTION(X)                         \
-  if(strcmp(#X, tmp) == 0)                      \
-    return X
+#define CIPHEROPTION(x) {#x, x}
 
-static int
-get_alg_id_by_name(char *name)
-{
-  char tmp[LONGEST_ALG_ID] = { 0 };
-  char *nameEnd = strchr(name, ':');
-  size_t n = nameEnd ? (size_t)(nameEnd - name) : strlen(name);
+struct algo {
+  const char *name;
+  int id;
+};
 
-  /* reject too-long alg names */
-  if(n > (LONGEST_ALG_ID - 1))
-    return 0;
-
-  strncpy(tmp, name, n);
-  tmp[n] = 0;
-  CIPHEROPTION(CALG_MD2);
-  CIPHEROPTION(CALG_MD4);
-  CIPHEROPTION(CALG_MD5);
-  CIPHEROPTION(CALG_SHA);
-  CIPHEROPTION(CALG_SHA1);
-  CIPHEROPTION(CALG_MAC);
-  CIPHEROPTION(CALG_RSA_SIGN);
-  CIPHEROPTION(CALG_DSS_SIGN);
+static const struct algo algs[]= {
+  CIPHEROPTION(CALG_MD2),
+  CIPHEROPTION(CALG_MD4),
+  CIPHEROPTION(CALG_MD5),
+  CIPHEROPTION(CALG_SHA),
+  CIPHEROPTION(CALG_SHA1),
+  CIPHEROPTION(CALG_MAC),
+  CIPHEROPTION(CALG_RSA_SIGN),
+  CIPHEROPTION(CALG_DSS_SIGN),
 /* ifdefs for the options that are defined conditionally in wincrypt.h */
 #ifdef CALG_NO_SIGN
-  CIPHEROPTION(CALG_NO_SIGN);
+  CIPHEROPTION(CALG_NO_SIGN),
 #endif
-  CIPHEROPTION(CALG_RSA_KEYX);
-  CIPHEROPTION(CALG_DES);
+  CIPHEROPTION(CALG_RSA_KEYX),
+  CIPHEROPTION(CALG_DES),
 #ifdef CALG_3DES_112
-  CIPHEROPTION(CALG_3DES_112);
+  CIPHEROPTION(CALG_3DES_112),
 #endif
-  CIPHEROPTION(CALG_3DES);
-  CIPHEROPTION(CALG_DESX);
-  CIPHEROPTION(CALG_RC2);
-  CIPHEROPTION(CALG_RC4);
-  CIPHEROPTION(CALG_SEAL);
+  CIPHEROPTION(CALG_3DES),
+  CIPHEROPTION(CALG_DESX),
+  CIPHEROPTION(CALG_RC2),
+  CIPHEROPTION(CALG_RC4),
+  CIPHEROPTION(CALG_SEAL),
 #ifdef CALG_DH_SF
-  CIPHEROPTION(CALG_DH_SF);
+  CIPHEROPTION(CALG_DH_SF),
 #endif
-  CIPHEROPTION(CALG_DH_EPHEM);
+  CIPHEROPTION(CALG_DH_EPHEM),
 #ifdef CALG_AGREEDKEY_ANY
-  CIPHEROPTION(CALG_AGREEDKEY_ANY);
+  CIPHEROPTION(CALG_AGREEDKEY_ANY),
 #endif
 #ifdef CALG_HUGHES_MD5
-  CIPHEROPTION(CALG_HUGHES_MD5);
+  CIPHEROPTION(CALG_HUGHES_MD5),
 #endif
-  CIPHEROPTION(CALG_SKIPJACK);
+  CIPHEROPTION(CALG_SKIPJACK),
 #ifdef CALG_TEK
-  CIPHEROPTION(CALG_TEK);
+  CIPHEROPTION(CALG_TEK),
 #endif
-  CIPHEROPTION(CALG_CYLINK_MEK);
-  CIPHEROPTION(CALG_SSL3_SHAMD5);
+  CIPHEROPTION(CALG_CYLINK_MEK),
+  CIPHEROPTION(CALG_SSL3_SHAMD5),
 #ifdef CALG_SSL3_MASTER
-  CIPHEROPTION(CALG_SSL3_MASTER);
+  CIPHEROPTION(CALG_SSL3_MASTER),
 #endif
 #ifdef CALG_SCHANNEL_MASTER_HASH
-  CIPHEROPTION(CALG_SCHANNEL_MASTER_HASH);
+  CIPHEROPTION(CALG_SCHANNEL_MASTER_HASH),
 #endif
 #ifdef CALG_SCHANNEL_MAC_KEY
-  CIPHEROPTION(CALG_SCHANNEL_MAC_KEY);
+  CIPHEROPTION(CALG_SCHANNEL_MAC_KEY),
 #endif
 #ifdef CALG_SCHANNEL_ENC_KEY
-  CIPHEROPTION(CALG_SCHANNEL_ENC_KEY);
+  CIPHEROPTION(CALG_SCHANNEL_ENC_KEY),
 #endif
 #ifdef CALG_PCT1_MASTER
-  CIPHEROPTION(CALG_PCT1_MASTER);
+  CIPHEROPTION(CALG_PCT1_MASTER),
 #endif
 #ifdef CALG_SSL2_MASTER
-  CIPHEROPTION(CALG_SSL2_MASTER);
+  CIPHEROPTION(CALG_SSL2_MASTER),
 #endif
 #ifdef CALG_TLS1_MASTER
-  CIPHEROPTION(CALG_TLS1_MASTER);
+  CIPHEROPTION(CALG_TLS1_MASTER),
 #endif
 #ifdef CALG_RC5
-  CIPHEROPTION(CALG_RC5);
+  CIPHEROPTION(CALG_RC5),
 #endif
 #ifdef CALG_HMAC
-  CIPHEROPTION(CALG_HMAC);
+  CIPHEROPTION(CALG_HMAC),
 #endif
 #ifdef CALG_TLS1PRF
-  CIPHEROPTION(CALG_TLS1PRF);
+  CIPHEROPTION(CALG_TLS1PRF),
 #endif
 #ifdef CALG_HASH_REPLACE_OWF
-  CIPHEROPTION(CALG_HASH_REPLACE_OWF);
+  CIPHEROPTION(CALG_HASH_REPLACE_OWF),
 #endif
 #ifdef CALG_AES_128
-  CIPHEROPTION(CALG_AES_128);
+  CIPHEROPTION(CALG_AES_128),
 #endif
 #ifdef CALG_AES_192
-  CIPHEROPTION(CALG_AES_192);
+  CIPHEROPTION(CALG_AES_192),
 #endif
 #ifdef CALG_AES_256
-  CIPHEROPTION(CALG_AES_256);
+  CIPHEROPTION(CALG_AES_256),
 #endif
 #ifdef CALG_AES
-  CIPHEROPTION(CALG_AES);
+  CIPHEROPTION(CALG_AES),
 #endif
 #ifdef CALG_SHA_256
-  CIPHEROPTION(CALG_SHA_256);
+  CIPHEROPTION(CALG_SHA_256),
 #endif
 #ifdef CALG_SHA_384
-  CIPHEROPTION(CALG_SHA_384);
+  CIPHEROPTION(CALG_SHA_384),
 #endif
 #ifdef CALG_SHA_512
-  CIPHEROPTION(CALG_SHA_512);
+  CIPHEROPTION(CALG_SHA_512),
 #endif
 #ifdef CALG_ECDH
-  CIPHEROPTION(CALG_ECDH);
+  CIPHEROPTION(CALG_ECDH),
 #endif
 #ifdef CALG_ECMQV
-  CIPHEROPTION(CALG_ECMQV);
+  CIPHEROPTION(CALG_ECMQV),
 #endif
 #ifdef CALG_ECDSA
-  CIPHEROPTION(CALG_ECDSA);
+  CIPHEROPTION(CALG_ECDSA),
 #endif
 #ifdef CALG_ECDH_EPHEM
-  CIPHEROPTION(CALG_ECDH_EPHEM);
+  CIPHEROPTION(CALG_ECDH_EPHEM),
 #endif
-  return 0;
+  {NULL, 0},
+};
+
+static int
+get_alg_id_by_name(char *name)
+{
+  char *nameEnd = strchr(name, ':');
+  size_t n = nameEnd ? (size_t)(nameEnd - name) : strlen(name);
+  int i;
+
+  for(i = 0; algs[i].name; i++) {
+    if((n == strlen(algs[i].name) && !strncmp(algs[i].name, name, n)))
+      return algs[i].id;
+  }
+  return 0; /* not found */
 }
 
 #define NUM_CIPHERS 47 /* There are 47 options listed above */