Loading lib/vauth/cleartext.c +17 −7 Original line number Diff line number Diff line Loading @@ -66,16 +66,27 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, char *plainauth; size_t ulen; size_t plen; size_t plainlen; *outlen = 0; *outptr = NULL; ulen = strlen(userp); plen = strlen(passwdp); plainauth = malloc(2 * ulen + plen + 2); if(!plainauth) { *outlen = 0; *outptr = NULL; /* Compute binary message length, checking for overflows. */ plainlen = 2 * ulen; if(plainlen < ulen) return CURLE_OUT_OF_MEMORY; plainlen += plen; if(plainlen < plen) return CURLE_OUT_OF_MEMORY; plainlen += 2; if(plainlen < 2) return CURLE_OUT_OF_MEMORY; plainauth = malloc(plainlen); if(!plainauth) return CURLE_OUT_OF_MEMORY; } /* Calculate the reply */ memcpy(plainauth, userp, ulen); Loading @@ -85,8 +96,7 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, memcpy(plainauth + 2 * ulen + 2, passwdp, plen); /* Base64 encode the reply */ result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, outlen); result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen); free(plainauth); return result; Loading lib/vtls/cyassl.c +2 −1 Original line number Diff line number Diff line Loading @@ -512,7 +512,8 @@ cyassl_connect_step2(struct connectdata *conn, } memset(&x509_parsed, 0, sizeof x509_parsed); Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len); if(Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len)) return CURLE_SSL_PINNEDPUBKEYNOTMATCH; pubkey = &x509_parsed.subjectPublicKeyInfo; if(!pubkey->header || pubkey->end <= pubkey->header) { Loading lib/vtls/gskit.c +1 −2 Original line number Diff line number Diff line Loading @@ -875,9 +875,8 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) curl_X509certificate x509; curl_asn1Element *p; if(!cert) if(Curl_parseX509(&x509, cert, certend)) return CURLE_SSL_PINNEDPUBKEYNOTMATCH; Curl_parseX509(&x509, cert, certend); p = &x509.subjectPublicKeyInfo; result = Curl_pin_peer_pubkey(data, ptr, p->header, p->end - p->header); if(result) { Loading lib/x509asn1.c +21 −12 Original line number Diff line number Diff line Loading @@ -40,6 +40,9 @@ #include "curl_memory.h" #include "memdebug.h" /* For overflow checks. */ #define CURL_SIZE_T_MAX ((size_t) ~0) /* ASN.1 OIDs. */ static const char cnOID[] = "2.5.4.3"; /* Common name. */ Loading Loading @@ -117,7 +120,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem, Returns a pointer in source string after the parsed element, or NULL if an error occurs. */ if(beg >= end || !*beg) if(!beg || !end || (size_t) (end - beg) > CURL_ASN1_MAX) return (const char *) NULL; /* Process header byte. */ Loading Loading @@ -198,15 +201,17 @@ static const char * bool2str(const char * beg, const char * end) static const char * octet2str(const char * beg, const char * end) { size_t n = end - beg; char * buf; char * buf = NULL; /* Convert an ASN.1 octet string to a printable string. Return the dynamically allocated string, or NULL if an error occurs. */ if(n <= (CURL_SIZE_T_MAX - 1) / 3) { buf = malloc(3 * n + 1); if(buf) for(n = 0; beg < end; n += 3) snprintf(buf + n, 4, "%02x:", *(const unsigned char *) beg++); } return buf; } Loading Loading @@ -282,6 +287,8 @@ utf8asn1str(char * * to, int type, const char * from, const char * end) if(inlength % size) return -1; /* Length inconsistent with character size. */ if(inlength / size > (CURL_SIZE_T_MAX - 1) / 4) return -1; /* Too big. */ buf = malloc(4 * (inlength / size) + 1); if(!buf) return -1; /* Not enough memory. */ Loading Loading @@ -669,7 +676,7 @@ const char * Curl_DNtostr(curl_asn1Element * dn) * X509 parser. */ void Curl_parseX509(curl_X509certificate * cert, int Curl_parseX509(curl_X509certificate * cert, const char * beg, const char * end) { curl_asn1Element elem; Loading @@ -686,7 +693,8 @@ void Curl_parseX509(curl_X509certificate * cert, cert->certificate.end = end; /* Get the sequence content. */ Curl_getASN1Element(&elem, beg, end); if(!Curl_getASN1Element(&elem, beg, end)) return -1; /* Invalid bounds/size. */ beg = elem.beg; end = elem.end; Loading Loading @@ -749,6 +757,7 @@ void Curl_parseX509(curl_X509certificate * cert, } if(elem.tag == 3) Curl_getASN1Element(&cert->extensions, elem.beg, elem.end); return 0; } static size_t copySubstring(char * to, const char * from) Loading Loading @@ -889,7 +898,8 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, /* Prepare the certificate information for curl_easy_getinfo(). */ /* Extract the certificate ASN.1 elements. */ Curl_parseX509(&cert, beg, end); if(Curl_parseX509(&cert, beg, end)) return CURLE_OUT_OF_MEMORY; /* Subject. */ ccp = Curl_DNtostr(&cert.subject); Loading Loading @@ -1080,9 +1090,8 @@ CURLcode Curl_verifyhost(struct connectdata * conn, if(!data->set.ssl.verifyhost) return CURLE_OK; if(!beg) if(Curl_parseX509(&cert, beg, end)) return CURLE_PEER_FAILED_VERIFICATION; Curl_parseX509(&cert, beg, end); /* Get the server IP address. */ #ifdef ENABLE_IPV6 Loading lib/x509asn1.h +6 −3 Original line number Diff line number Diff line Loading @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading @@ -34,6 +34,9 @@ * Constants. */ /* Largest supported ASN.1 structure. */ #define CURL_ASN1_MAX ((size_t) 0x40000) /* 256K */ /* ASN.1 classes. */ #define CURL_ASN1_UNIVERSAL 0 #define CURL_ASN1_APPLICATION 1 Loading Loading @@ -121,7 +124,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem, const char * beg, const char * end); const char * Curl_ASN1tostr(curl_asn1Element * elem, int type); const char * Curl_DNtostr(curl_asn1Element * dn); void Curl_parseX509(curl_X509certificate * cert, int Curl_parseX509(curl_X509certificate * cert, const char * beg, const char * end); CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum, const char * beg, const char * end); Loading Loading
lib/vauth/cleartext.c +17 −7 Original line number Diff line number Diff line Loading @@ -66,16 +66,27 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, char *plainauth; size_t ulen; size_t plen; size_t plainlen; *outlen = 0; *outptr = NULL; ulen = strlen(userp); plen = strlen(passwdp); plainauth = malloc(2 * ulen + plen + 2); if(!plainauth) { *outlen = 0; *outptr = NULL; /* Compute binary message length, checking for overflows. */ plainlen = 2 * ulen; if(plainlen < ulen) return CURLE_OUT_OF_MEMORY; plainlen += plen; if(plainlen < plen) return CURLE_OUT_OF_MEMORY; plainlen += 2; if(plainlen < 2) return CURLE_OUT_OF_MEMORY; plainauth = malloc(plainlen); if(!plainauth) return CURLE_OUT_OF_MEMORY; } /* Calculate the reply */ memcpy(plainauth, userp, ulen); Loading @@ -85,8 +96,7 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, memcpy(plainauth + 2 * ulen + 2, passwdp, plen); /* Base64 encode the reply */ result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, outlen); result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen); free(plainauth); return result; Loading
lib/vtls/cyassl.c +2 −1 Original line number Diff line number Diff line Loading @@ -512,7 +512,8 @@ cyassl_connect_step2(struct connectdata *conn, } memset(&x509_parsed, 0, sizeof x509_parsed); Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len); if(Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len)) return CURLE_SSL_PINNEDPUBKEYNOTMATCH; pubkey = &x509_parsed.subjectPublicKeyInfo; if(!pubkey->header || pubkey->end <= pubkey->header) { Loading
lib/vtls/gskit.c +1 −2 Original line number Diff line number Diff line Loading @@ -875,9 +875,8 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) curl_X509certificate x509; curl_asn1Element *p; if(!cert) if(Curl_parseX509(&x509, cert, certend)) return CURLE_SSL_PINNEDPUBKEYNOTMATCH; Curl_parseX509(&x509, cert, certend); p = &x509.subjectPublicKeyInfo; result = Curl_pin_peer_pubkey(data, ptr, p->header, p->end - p->header); if(result) { Loading
lib/x509asn1.c +21 −12 Original line number Diff line number Diff line Loading @@ -40,6 +40,9 @@ #include "curl_memory.h" #include "memdebug.h" /* For overflow checks. */ #define CURL_SIZE_T_MAX ((size_t) ~0) /* ASN.1 OIDs. */ static const char cnOID[] = "2.5.4.3"; /* Common name. */ Loading Loading @@ -117,7 +120,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem, Returns a pointer in source string after the parsed element, or NULL if an error occurs. */ if(beg >= end || !*beg) if(!beg || !end || (size_t) (end - beg) > CURL_ASN1_MAX) return (const char *) NULL; /* Process header byte. */ Loading Loading @@ -198,15 +201,17 @@ static const char * bool2str(const char * beg, const char * end) static const char * octet2str(const char * beg, const char * end) { size_t n = end - beg; char * buf; char * buf = NULL; /* Convert an ASN.1 octet string to a printable string. Return the dynamically allocated string, or NULL if an error occurs. */ if(n <= (CURL_SIZE_T_MAX - 1) / 3) { buf = malloc(3 * n + 1); if(buf) for(n = 0; beg < end; n += 3) snprintf(buf + n, 4, "%02x:", *(const unsigned char *) beg++); } return buf; } Loading Loading @@ -282,6 +287,8 @@ utf8asn1str(char * * to, int type, const char * from, const char * end) if(inlength % size) return -1; /* Length inconsistent with character size. */ if(inlength / size > (CURL_SIZE_T_MAX - 1) / 4) return -1; /* Too big. */ buf = malloc(4 * (inlength / size) + 1); if(!buf) return -1; /* Not enough memory. */ Loading Loading @@ -669,7 +676,7 @@ const char * Curl_DNtostr(curl_asn1Element * dn) * X509 parser. */ void Curl_parseX509(curl_X509certificate * cert, int Curl_parseX509(curl_X509certificate * cert, const char * beg, const char * end) { curl_asn1Element elem; Loading @@ -686,7 +693,8 @@ void Curl_parseX509(curl_X509certificate * cert, cert->certificate.end = end; /* Get the sequence content. */ Curl_getASN1Element(&elem, beg, end); if(!Curl_getASN1Element(&elem, beg, end)) return -1; /* Invalid bounds/size. */ beg = elem.beg; end = elem.end; Loading Loading @@ -749,6 +757,7 @@ void Curl_parseX509(curl_X509certificate * cert, } if(elem.tag == 3) Curl_getASN1Element(&cert->extensions, elem.beg, elem.end); return 0; } static size_t copySubstring(char * to, const char * from) Loading Loading @@ -889,7 +898,8 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, /* Prepare the certificate information for curl_easy_getinfo(). */ /* Extract the certificate ASN.1 elements. */ Curl_parseX509(&cert, beg, end); if(Curl_parseX509(&cert, beg, end)) return CURLE_OUT_OF_MEMORY; /* Subject. */ ccp = Curl_DNtostr(&cert.subject); Loading Loading @@ -1080,9 +1090,8 @@ CURLcode Curl_verifyhost(struct connectdata * conn, if(!data->set.ssl.verifyhost) return CURLE_OK; if(!beg) if(Curl_parseX509(&cert, beg, end)) return CURLE_PEER_FAILED_VERIFICATION; Curl_parseX509(&cert, beg, end); /* Get the server IP address. */ #ifdef ENABLE_IPV6 Loading
lib/x509asn1.h +6 −3 Original line number Diff line number Diff line Loading @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading @@ -34,6 +34,9 @@ * Constants. */ /* Largest supported ASN.1 structure. */ #define CURL_ASN1_MAX ((size_t) 0x40000) /* 256K */ /* ASN.1 classes. */ #define CURL_ASN1_UNIVERSAL 0 #define CURL_ASN1_APPLICATION 1 Loading Loading @@ -121,7 +124,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem, const char * beg, const char * end); const char * Curl_ASN1tostr(curl_asn1Element * elem, int type); const char * Curl_DNtostr(curl_asn1Element * dn); void Curl_parseX509(curl_X509certificate * cert, int Curl_parseX509(curl_X509certificate * cert, const char * beg, const char * end); CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum, const char * beg, const char * end); Loading
