mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
Move and rename decode_escaped_string()
This function decodes something different from the usual c-escaped format. It is only used in controller authorization.
This commit is contained in:
parent
0c0b869ba4
commit
ba05324242
@ -17,6 +17,7 @@
|
|||||||
#include "lib/crypt_ops/crypto_rand.h"
|
#include "lib/crypt_ops/crypto_rand.h"
|
||||||
#include "lib/crypt_ops/crypto_util.h"
|
#include "lib/crypt_ops/crypto_util.h"
|
||||||
#include "lib/encoding/confline.h"
|
#include "lib/encoding/confline.h"
|
||||||
|
#include "lib/encoding/qstring.h"
|
||||||
|
|
||||||
#include "lib/crypt_ops/crypto_s2k.h"
|
#include "lib/crypt_ops/crypto_s2k.h"
|
||||||
|
|
||||||
@ -149,8 +150,8 @@ handle_control_authchallenge(control_connection_t *conn, uint32_t len,
|
|||||||
cp += strspn(cp, " \t\n\r");
|
cp += strspn(cp, " \t\n\r");
|
||||||
if (*cp == '"') {
|
if (*cp == '"') {
|
||||||
const char *newcp =
|
const char *newcp =
|
||||||
decode_escaped_string(cp, len - (cp - body),
|
decode_qstring(cp, len - (cp - body),
|
||||||
&client_nonce, &client_nonce_len);
|
&client_nonce, &client_nonce_len);
|
||||||
if (newcp == NULL) {
|
if (newcp == NULL) {
|
||||||
connection_write_str_to_buf("513 Invalid quoted client nonce\r\n",
|
connection_write_str_to_buf("513 Invalid quoted client nonce\r\n",
|
||||||
conn);
|
conn);
|
||||||
@ -275,7 +276,7 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (!decode_escaped_string(body, len, &password, &password_len)) {
|
if (!decode_qstring(body, len, &password, &password_len)) {
|
||||||
connection_write_str_to_buf("551 Invalid quoted string. You need "
|
connection_write_str_to_buf("551 Invalid quoted string. You need "
|
||||||
"to put the password in double quotes.\r\n", conn);
|
"to put the password in double quotes.\r\n", conn);
|
||||||
connection_mark_for_close(TO_CONN(conn));
|
connection_mark_for_close(TO_CONN(conn));
|
||||||
|
@ -305,80 +305,6 @@ send_control_done(control_connection_t *conn)
|
|||||||
connection_write_str_to_buf("250 OK\r\n", conn);
|
connection_write_str_to_buf("250 OK\r\n", conn);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** If the first <b>in_len_max</b> characters in <b>start</b> contain a
|
|
||||||
* double-quoted string with escaped characters, return the length of that
|
|
||||||
* string (as encoded, including quotes). Otherwise return -1. */
|
|
||||||
static inline int
|
|
||||||
get_escaped_string_length(const char *start, size_t in_len_max,
|
|
||||||
int *chars_out)
|
|
||||||
{
|
|
||||||
const char *cp, *end;
|
|
||||||
int chars = 0;
|
|
||||||
|
|
||||||
if (*start != '\"')
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
cp = start+1;
|
|
||||||
end = start+in_len_max;
|
|
||||||
|
|
||||||
/* Calculate length. */
|
|
||||||
while (1) {
|
|
||||||
if (cp >= end) {
|
|
||||||
return -1; /* Too long. */
|
|
||||||
} else if (*cp == '\\') {
|
|
||||||
if (++cp == end)
|
|
||||||
return -1; /* Can't escape EOS. */
|
|
||||||
++cp;
|
|
||||||
++chars;
|
|
||||||
} else if (*cp == '\"') {
|
|
||||||
break;
|
|
||||||
} else {
|
|
||||||
++cp;
|
|
||||||
++chars;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (chars_out)
|
|
||||||
*chars_out = chars;
|
|
||||||
return (int)(cp - start+1);
|
|
||||||
}
|
|
||||||
|
|
||||||
/** Given a pointer to a string starting at <b>start</b> containing
|
|
||||||
* <b>in_len_max</b> characters, decode a string beginning with one double
|
|
||||||
* quote, containing any number of non-quote characters or characters escaped
|
|
||||||
* with a backslash, and ending with a final double quote. Place the resulting
|
|
||||||
* string (unquoted, unescaped) into a newly allocated string in *<b>out</b>;
|
|
||||||
* store its length in <b>out_len</b>. On success, return a pointer to the
|
|
||||||
* character immediately following the escaped string. On failure, return
|
|
||||||
* NULL. */
|
|
||||||
const char *
|
|
||||||
decode_escaped_string(const char *start, size_t in_len_max,
|
|
||||||
char **out, size_t *out_len)
|
|
||||||
{
|
|
||||||
const char *cp, *end;
|
|
||||||
char *outp;
|
|
||||||
int len, n_chars = 0;
|
|
||||||
|
|
||||||
len = get_escaped_string_length(start, in_len_max, &n_chars);
|
|
||||||
if (len<0)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
end = start+len-1; /* Index of last quote. */
|
|
||||||
tor_assert(*end == '\"');
|
|
||||||
outp = *out = tor_malloc(len+1);
|
|
||||||
*out_len = n_chars;
|
|
||||||
|
|
||||||
cp = start+1;
|
|
||||||
while (cp < end) {
|
|
||||||
if (*cp == '\\')
|
|
||||||
++cp;
|
|
||||||
*outp++ = *cp++;
|
|
||||||
}
|
|
||||||
*outp = '\0';
|
|
||||||
tor_assert((outp - *out) == (int)*out_len);
|
|
||||||
|
|
||||||
return end+1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/** Return a longname the node whose identity is <b>id_digest</b>. If
|
/** Return a longname the node whose identity is <b>id_digest</b>. If
|
||||||
* node_get_by_id() returns NULL, base 16 encoding of <b>id_digest</b> is
|
* node_get_by_id() returns NULL, base 16 encoding of <b>id_digest</b> is
|
||||||
* returned instead.
|
* returned instead.
|
||||||
|
@ -25,8 +25,6 @@ char *circuit_describe_status_for_controller(origin_circuit_t *circ);
|
|||||||
|
|
||||||
size_t write_escaped_data(const char *data, size_t len, char **out);
|
size_t write_escaped_data(const char *data, size_t len, char **out);
|
||||||
size_t read_escaped_data(const char *data, size_t len, char **out);
|
size_t read_escaped_data(const char *data, size_t len, char **out);
|
||||||
const char *decode_escaped_string(const char *start, size_t in_len_max,
|
|
||||||
char **out, size_t *out_len);
|
|
||||||
void send_control_done(control_connection_t *conn);
|
void send_control_done(control_connection_t *conn);
|
||||||
|
|
||||||
MOCK_DECL(const char *, node_describe_longname_by_id,(const char *id_digest));
|
MOCK_DECL(const char *, node_describe_longname_by_id,(const char *id_digest));
|
||||||
|
@ -11,6 +11,7 @@ src_lib_libtor_encoding_a_SOURCES = \
|
|||||||
src/lib/encoding/keyval.c \
|
src/lib/encoding/keyval.c \
|
||||||
src/lib/encoding/kvline.c \
|
src/lib/encoding/kvline.c \
|
||||||
src/lib/encoding/pem.c \
|
src/lib/encoding/pem.c \
|
||||||
|
src/lib/encoding/qstring.c \
|
||||||
src/lib/encoding/time_fmt.c
|
src/lib/encoding/time_fmt.c
|
||||||
|
|
||||||
src_lib_libtor_encoding_testing_a_SOURCES = \
|
src_lib_libtor_encoding_testing_a_SOURCES = \
|
||||||
@ -25,4 +26,5 @@ noinst_HEADERS += \
|
|||||||
src/lib/encoding/keyval.h \
|
src/lib/encoding/keyval.h \
|
||||||
src/lib/encoding/kvline.h \
|
src/lib/encoding/kvline.h \
|
||||||
src/lib/encoding/pem.h \
|
src/lib/encoding/pem.h \
|
||||||
|
src/lib/encoding/qstring.h \
|
||||||
src/lib/encoding/time_fmt.h
|
src/lib/encoding/time_fmt.h
|
||||||
|
90
src/lib/encoding/qstring.c
Normal file
90
src/lib/encoding/qstring.c
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||||
|
* Copyright (c) 2007-2019, The Tor Project, Inc. */
|
||||||
|
/* See LICENSE for licensing information */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \file qstring.c
|
||||||
|
* \brief Implement QuotedString parsing.
|
||||||
|
*
|
||||||
|
* Note that this is only used for controller authentication; do not
|
||||||
|
* create new users for this. Instead, prefer the cstring.c functions.
|
||||||
|
**/
|
||||||
|
|
||||||
|
#include "orconfig.h"
|
||||||
|
#include "lib/encoding/qstring.h"
|
||||||
|
#include "lib/malloc/malloc.h"
|
||||||
|
#include "lib/log/util_bug.h"
|
||||||
|
|
||||||
|
/** If the first <b>in_len_max</b> characters in <b>start</b> contain a
|
||||||
|
* QuotedString, return the length of that
|
||||||
|
* string (as encoded, including quotes). Otherwise return -1. */
|
||||||
|
static inline int
|
||||||
|
get_qstring_length(const char *start, size_t in_len_max,
|
||||||
|
int *chars_out)
|
||||||
|
{
|
||||||
|
const char *cp, *end;
|
||||||
|
int chars = 0;
|
||||||
|
|
||||||
|
if (*start != '\"')
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
cp = start+1;
|
||||||
|
end = start+in_len_max;
|
||||||
|
|
||||||
|
/* Calculate length. */
|
||||||
|
while (1) {
|
||||||
|
if (cp >= end) {
|
||||||
|
return -1; /* Too long. */
|
||||||
|
} else if (*cp == '\\') {
|
||||||
|
if (++cp == end)
|
||||||
|
return -1; /* Can't escape EOS. */
|
||||||
|
++cp;
|
||||||
|
++chars;
|
||||||
|
} else if (*cp == '\"') {
|
||||||
|
break;
|
||||||
|
} else {
|
||||||
|
++cp;
|
||||||
|
++chars;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (chars_out)
|
||||||
|
*chars_out = chars;
|
||||||
|
return (int)(cp - start+1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Given a pointer to a string starting at <b>start</b> containing
|
||||||
|
* <b>in_len_max</b> characters, decode a string beginning with one double
|
||||||
|
* quote, containing any number of non-quote characters or characters escaped
|
||||||
|
* with a backslash, and ending with a final double quote. Place the resulting
|
||||||
|
* string (unquoted, unescaped) into a newly allocated string in *<b>out</b>;
|
||||||
|
* store its length in <b>out_len</b>. On success, return a pointer to the
|
||||||
|
* character immediately following the escaped string. On failure, return
|
||||||
|
* NULL. */
|
||||||
|
const char *
|
||||||
|
decode_qstring(const char *start, size_t in_len_max,
|
||||||
|
char **out, size_t *out_len)
|
||||||
|
{
|
||||||
|
const char *cp, *end;
|
||||||
|
char *outp;
|
||||||
|
int len, n_chars = 0;
|
||||||
|
|
||||||
|
len = get_qstring_length(start, in_len_max, &n_chars);
|
||||||
|
if (len<0)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
end = start+len-1; /* Index of last quote. */
|
||||||
|
tor_assert(*end == '\"');
|
||||||
|
outp = *out = tor_malloc(len+1);
|
||||||
|
*out_len = n_chars;
|
||||||
|
|
||||||
|
cp = start+1;
|
||||||
|
while (cp < end) {
|
||||||
|
if (*cp == '\\')
|
||||||
|
++cp;
|
||||||
|
*outp++ = *cp++;
|
||||||
|
}
|
||||||
|
*outp = '\0';
|
||||||
|
tor_assert((outp - *out) == (int)*out_len);
|
||||||
|
|
||||||
|
return end+1;
|
||||||
|
}
|
18
src/lib/encoding/qstring.h
Normal file
18
src/lib/encoding/qstring.h
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||||
|
* Copyright (c) 2007-2019, The Tor Project, Inc. */
|
||||||
|
/* See LICENSE for licensing information */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \file qstring.h
|
||||||
|
* \brief Header for qstring.c
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef TOR_ENCODING_QSTRING_H
|
||||||
|
#define TOR_ENCODING_QSTRING_H
|
||||||
|
|
||||||
|
#include <stddef.h>
|
||||||
|
|
||||||
|
const char *decode_qstring(const char *start, size_t in_len_max,
|
||||||
|
char **out, size_t *out_len);
|
||||||
|
|
||||||
|
#endif
|
Loading…
Reference in New Issue
Block a user