Skip to content

Commit

Permalink
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if …
Browse files Browse the repository at this point in the history 
…string has literal prefix

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from #15847)
  • Loading branch information
@DDvO
DDvO committed Nov 17, 2021
1 parent a6838c8 commit 2ff286c
Show file tree
Hide file tree
Showing 36 changed files with 177 additions and 211 deletions.
6 changes: 3 additions & 3 deletions apps/fipsinstall.c
View file
Expand Up @@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/

#include <string.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/provider.h>
Expand Down Expand Up @@ -368,9 +368,9 @@ int fipsinstall_main(int argc, char **argv)
case OPT_MACOPT:
if (!sk_OPENSSL_STRING_push(opts, opt_arg()))
goto opthelp;
if (strncmp(opt_arg(), "hexkey:", 7) == 0)
if (HAS_PREFIX(opt_arg(), "hexkey:"))
gotkey = 1;
else if (strncmp(opt_arg(), "digest:", 7) == 0)
else if (HAS_PREFIX(opt_arg(), "digest:"))
gotdigest = 1;
break;
case OPT_VERIFY:
Expand Down
1 change: 1 addition & 0 deletions apps/include/apps.h
View file
Expand Up @@ -11,6 +11,7 @@
# define OSSL_APPS_H

# include "e_os.h" /* struct timeval for DTLS */
# include "internal/cryptlib.h" /* for HAS_PREFIX */
# include "internal/nelem.h"
# include "internal/sockets.h" /* for openssl_fdset() */
# include <assert.h>
Expand Down
28 changes: 13 additions & 15 deletions apps/lib/apps.c
View file
Expand Up @@ -260,21 +260,21 @@ static char *app_get_pass(const char *arg, int keepbio)
int i;

/* PASS_SOURCE_SIZE_MAX = max number of chars before ':' in below strings */
if (strncmp(arg, "pass:", 5) == 0)
return OPENSSL_strdup(arg + 5);
if (strncmp(arg, "env:", 4) == 0) {
tmp = getenv(arg + 4);
if (CHECK_AND_SKIP_PREFIX(arg, "pass:"))
return OPENSSL_strdup(arg);
if (CHECK_AND_SKIP_PREFIX(arg, "env:")) {
tmp = getenv(arg);
if (tmp == NULL) {
BIO_printf(bio_err, "No environment variable %s\n", arg + 4);
BIO_printf(bio_err, "No environment variable %s\n", arg);
return NULL;
}
return OPENSSL_strdup(tmp);
}
if (!keepbio || pwdbio == NULL) {
if (strncmp(arg, "file:", 5) == 0) {
pwdbio = BIO_new_file(arg + 5, "r");
if (CHECK_AND_SKIP_PREFIX(arg, "file:")) {
pwdbio = BIO_new_file(arg, "r");
if (pwdbio == NULL) {
BIO_printf(bio_err, "Can't open file %s\n", arg + 5);
BIO_printf(bio_err, "Can't open file %s\n", arg);
return NULL;
}
#if !defined(_WIN32)
Expand All @@ -286,13 +286,13 @@ static char *app_get_pass(const char *arg, int keepbio)
* on real Windows descriptors, such as those obtained
* with CreateFile.
*/
} else if (strncmp(arg, "fd:", 3) == 0) {
} else if (CHECK_AND_SKIP_PREFIX(arg, "fd:")) {
BIO *btmp;
i = atoi(arg + 3);
i = atoi(arg);
if (i >= 0)
pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
if ((i < 0) || !pwdbio) {
BIO_printf(bio_err, "Can't access file descriptor %s\n", arg + 3);
BIO_printf(bio_err, "Can't access file descriptor %s\n", arg);
return NULL;
}
/*
Expand Down Expand Up @@ -450,10 +450,8 @@ CONF *app_load_config_modules(const char *configfile)
return conf;
}

#define IS_HTTP(uri) ((uri) != NULL \
&& strncmp(uri, OSSL_HTTP_PREFIX, strlen(OSSL_HTTP_PREFIX)) == 0)
#define IS_HTTPS(uri) ((uri) != NULL \
&& strncmp(uri, OSSL_HTTPS_PREFIX, strlen(OSSL_HTTPS_PREFIX)) == 0)
#define IS_HTTP(uri) ((uri) != NULL && HAS_PREFIX(uri, OSSL_HTTP_PREFIX))
#define IS_HTTPS(uri) ((uri) != NULL && HAS_PREFIX(uri, OSSL_HTTPS_PREFIX))

X509 *load_cert_pass(const char *uri, int format, int maybe_stdin,
const char *pass, const char *desc)
Expand Down
17 changes: 7 additions & 10 deletions apps/lib/http_server.c
View file
Expand Up @@ -17,7 +17,6 @@
# define _POSIX_C_SOURCE 2
#endif

#include <string.h>
#include <ctype.h>
#include "http_server.h"
#include "internal/sockets.h"
Expand All @@ -37,6 +36,7 @@ static int verbosity = LOG_INFO;
#define HTTP_VERSION_PATT "1." /* allow 1.x */
#define HTTP_PREFIX_VERSION HTTP_PREFIX""HTTP_VERSION_PATT
#define HTTP_1_0 HTTP_PREFIX_VERSION"0" /* "HTTP/1.0" */
#define HTTP_VERSION_STR " "HTTP_PREFIX_VERSION

#ifdef HTTP_DAEMON

Expand Down Expand Up @@ -336,15 +336,12 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
*end = '\0';
log_message(prog, LOG_INFO, "Received request, 1st line: %s", reqbuf);

meth = reqbuf;
url = meth + 3;
if ((accept_get && strncmp(meth, "GET ", 4) == 0)
|| (url++, strncmp(meth, "POST ", 5) == 0)) {
static const char http_version_str[] = " "HTTP_PREFIX_VERSION;
static const size_t http_version_str_len = sizeof(http_version_str) - 1;
url = meth = reqbuf;
if ((accept_get && CHECK_AND_SKIP_PREFIX(url, "GET "))
|| CHECK_AND_SKIP_PREFIX(url, "POST ")) {

/* Expecting (GET|POST) {sp} /URL {sp} HTTP/1.x */
*(url++) = '\0';
url[-1] = '\0';
while (*url == ' ')
url++;
if (*url != '/') {
Expand All @@ -360,7 +357,7 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
for (end = url; *end != '\0'; end++)
if (*end == ' ')
break;
if (strncmp(end, http_version_str, http_version_str_len) != 0) {
if (!HAS_PREFIX(end, HTTP_VERSION_STR)) {
log_message(prog, LOG_WARNING,
"Invalid %s -- bad HTTP/version string: %s",
meth, end + 1);
Expand All @@ -370,7 +367,7 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq,
*end = '\0';
/* above HTTP 1.0, connection persistence is the default */
if (found_keep_alive != NULL)
*found_keep_alive = end[http_version_str_len] > '0';
*found_keep_alive = end[sizeof(HTTP_VERSION_STR) - 1] > '0';

/*-
* Skip "GET / HTTP..." requests often used by load-balancers.
Expand Down
6 changes: 3 additions & 3 deletions apps/openssl.c
View file
Expand Up @@ -8,8 +8,8 @@
*/

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "internal/cryptlib.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/trace.h>
Expand Down Expand Up @@ -417,12 +417,12 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
warn_deprecated(fp);
return fp->func(argc, argv);
}
if ((strncmp(argv[0], "no-", 3)) == 0) {
f.name = argv[0];
if (CHECK_AND_SKIP_PREFIX(f.name, "no-")) {
/*
* User is asking if foo is unsupported, by trying to "run" the
* no-foo command. Strange.
*/
f.name = argv[0] + 3;
if (lh_FUNCTION_retrieve(prog, &f) == NULL) {
BIO_printf(bio_out, "%s\n", argv[0]);
return 0;
Expand Down
4 changes: 2 additions & 2 deletions apps/s_client.c
View file
Expand Up @@ -2530,7 +2530,7 @@ int s_client_main(int argc, char **argv)
*/
if (mbuf_len > 1 && mbuf[0] == '"') {
make_uppercase(mbuf);
if (strncmp(mbuf, "\"STARTTLS\"", 10) == 0)
if (HAS_PREFIX(mbuf, "\"STARTTLS\""))
foundit = 1;
}
} while (mbuf_len > 1 && mbuf[0] == '"');
Expand Down Expand Up @@ -2558,7 +2558,7 @@ int s_client_main(int argc, char **argv)
*/
strncpy(sbuf, mbuf, 2);
make_uppercase(sbuf);
if (strncmp(sbuf, "OK", 2) != 0) {
if (!HAS_PREFIX(sbuf, "OK")) {
BIO_printf(bio_err, "STARTTLS not supported: %s", mbuf);
goto shut;
}
Expand Down
24 changes: 10 additions & 14 deletions apps/s_server.c
View file
Expand Up @@ -2985,7 +2985,7 @@ static void print_connection_info(SSL *con)

static int www_body(int s, int stype, int prot, unsigned char *context)
{
char *buf = NULL;
char *buf = NULL, *p;
int ret = 1;
int i, j, k, dot;
SSL *con;
Expand All @@ -3001,7 +3001,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
/* Set width for a select call if needed */
width = s + 1;

buf = app_malloc(bufsize, "server www buffer");
p = buf = app_malloc(bufsize, "server www buffer");
io = BIO_new(BIO_f_buffer());
ssl_bio = BIO_new(BIO_f_ssl());
if ((io == NULL) || (ssl_bio == NULL))
Expand Down Expand Up @@ -3093,15 +3093,14 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
}

/* else we have data */
if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
char *p;
if ((www == 1 && HAS_PREFIX(buf, "GET "))
|| (www == 2 && HAS_PREFIX(buf, "GET /stats "))) {
X509 *peer = NULL;
STACK_OF(SSL_CIPHER) *sk;
static const char *space = " ";

if (www == 1 && strncmp("GET /reneg", buf, 10) == 0) {
if (strncmp("GET /renegcert", buf, 14) == 0)
if (www == 1 && HAS_PREFIX(buf, "GET /reneg")) {
if (HAS_PREFIX(buf, "GET /renegcert"))
SSL_set_verify(con,
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
NULL);
Expand Down Expand Up @@ -3142,6 +3141,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
BIO_puts(io, "\n");
for (i = 0; i < local_argc; i++) {
const char *myp;

for (myp = local_argv[i]; *myp; myp++)
switch (*myp) {
case '<':
Expand Down Expand Up @@ -3221,16 +3221,12 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
}
BIO_puts(io, "</pre></BODY></HTML>\r\n\r\n");
break;
} else if ((www == 2 || www == 3)
&& (strncmp("GET /", buf, 5) == 0)) {
} else if ((www == 2 || www == 3) && HAS_PREFIX(p, "GET /")) {
BIO *file;
char *p, *e;
char *e;
static const char *text =
"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";

/* skip the '/' */
p = &(buf[5]);

dot = 1;
for (e = p; *e != '\0'; e++) {
if (e[0] == ' ')
Expand Down Expand Up @@ -3523,7 +3519,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
p--;
i--;
}
if (!s_ign_eof && (i == 5) && (strncmp(buf, "CLOSE", 5) == 0)) {
if (!s_ign_eof && i == 5 && HAS_PREFIX(buf, "CLOSE")) {
ret = 1;
BIO_printf(bio_err, "CONNECTION CLOSED\n");
goto end;
Expand Down

0 comments on commit 2ff286c

Please sign in to comment.