From 060474df1626bcc597ef6e786cc58d9b2daac8db Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Mon, 3 Jun 2013 21:45:51 -0700 Subject: [PATCH] quel 64bit warnings, fixup implicit encoding for template, fix spelling --- kdc/digest.c | 40 +++---- kuser/kdigest.c | 4 +- lib/asn1/Makefile.am | 20 ++-- lib/asn1/asn1-common.h | 24 ++-- lib/asn1/asn1-template.h | 68 +++++++++++- lib/asn1/asn1_print.c | 11 +- lib/asn1/asn1parse.y | 44 +++++--- lib/asn1/check-common.c | 19 +--- lib/asn1/check-common.h | 2 +- lib/asn1/check-der.c | 189 ++++++++++++++++++++++++-------- lib/asn1/check-gen.c | 144 +++++++++++++++++++++--- lib/asn1/check-template.c | 25 +++-- lib/asn1/der.h | 2 - lib/asn1/der_cmp.c | 17 +-- lib/asn1/der_format.c | 2 +- lib/asn1/der_get.c | 109 +++++++++++------- lib/asn1/der_put.c | 103 ++++++++--------- lib/asn1/digest.asn1 | 4 +- lib/asn1/gen.c | 105 +++++++++--------- lib/asn1/gen_decode.c | 8 ++ lib/asn1/gen_encode.c | 7 +- lib/asn1/gen_glue.c | 3 +- lib/asn1/gen_length.c | 10 +- lib/asn1/gen_locl.h | 3 + lib/asn1/gen_template.c | 189 +++++++++++++++++++++----------- lib/asn1/heim_asn1.h | 2 - lib/asn1/krb5.asn1 | 73 +++++++++++- lib/asn1/libasn1-exports.def | 12 +- lib/asn1/main.c | 23 +++- lib/asn1/pkinit.asn1 | 2 + lib/asn1/rfc2459.asn1 | 2 + lib/asn1/symbol.c | 2 +- lib/asn1/symbol.h | 2 +- lib/asn1/template.c | 174 +++++++++++++++-------------- lib/asn1/test.asn1 | 2 +- lib/asn1/timegm.c | 4 +- lib/base/heimbase.h | 11 +- lib/gssapi/ntlm/kdc.c | 10 +- lib/hx509/crypto.c | 5 +- lib/ipc/heim-ipc.h | 2 +- lib/krb5/digest.c | 6 +- lib/krb5/krb5.h | 4 +- lib/krb5/libkrb5-exports.def.in | 2 +- lib/krb5/version-script.map | 2 +- 44 files changed, 977 insertions(+), 515 deletions(-) diff --git a/kdc/digest.c b/kdc/digest.c index 9dfe220f6..07b801db4 100644 --- a/kdc/digest.c +++ b/kdc/digest.c @@ -801,7 +801,7 @@ _kdc_do_digest(krb5_context context, } } else if (strcasecmp(ireq.u.digestRequest.type, "MS-CHAP-V2") == 0) { - unsigned char md[SHA_DIGEST_LENGTH], challange[SHA_DIGEST_LENGTH]; + unsigned char md[SHA_DIGEST_LENGTH], challenge[SHA_DIGEST_LENGTH]; krb5_principal clientprincipal = NULL; char *mdx; const char *username; @@ -836,7 +836,7 @@ _kdc_do_digest(krb5_context context, ctp = EVP_MD_CTX_create(); - /* ChallangeHash */ + /* ChallengeHash */ EVP_DigestInit_ex(ctp, EVP_sha1(), NULL); { ssize_t ssize; @@ -867,7 +867,7 @@ _kdc_do_digest(krb5_context context, EVP_DigestUpdate(ctp, serverNonce.data, serverNonce.length); EVP_DigestUpdate(ctp, username, strlen(username)); - EVP_DigestFinal_ex(ctp, challange, NULL); + EVP_DigestFinal_ex(ctp, challenge, NULL); EVP_MD_CTX_destroy(ctp); @@ -898,7 +898,7 @@ _kdc_do_digest(krb5_context context, /* ChallengeResponse */ ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, key->key.keyvalue.length, - challange, &answer); + challenge, &answer); if (ret) { krb5_set_error_message(context, ret, "NTLM missing arcfour key"); goto failed; @@ -949,7 +949,7 @@ _kdc_do_digest(krb5_context context, EVP_DigestInit_ex(ctxp, EVP_sha1(), NULL); EVP_DigestUpdate(ctxp, md, sizeof(md)); - EVP_DigestUpdate(ctxp, challange, 8); + EVP_DigestUpdate(ctxp, challenge, 8); EVP_DigestUpdate(ctxp, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2)); EVP_DigestFinal_ex(ctxp, md, NULL); @@ -1064,15 +1064,15 @@ _kdc_do_digest(krb5_context context, krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - r.u.ntlmInitReply.challange.data = malloc(8); - if (r.u.ntlmInitReply.challange.data == NULL) { + r.u.ntlmInitReply.challenge.data = malloc(8); + if (r.u.ntlmInitReply.challenge.data == NULL) { ret = ENOMEM; krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - r.u.ntlmInitReply.challange.length = 8; - if (RAND_bytes(r.u.ntlmInitReply.challange.data, - r.u.ntlmInitReply.challange.length) != 1) + r.u.ntlmInitReply.challenge.length = 8; + if (RAND_bytes(r.u.ntlmInitReply.challenge.data, + r.u.ntlmInitReply.challenge.length) != 1) { ret = ENOMEM; krb5_set_error_message(context, ret, "out of random error"); @@ -1107,10 +1107,10 @@ _kdc_do_digest(krb5_context context, goto out; } - ret = krb5_storage_write(sp, r.u.ntlmInitReply.challange.data, 8); + ret = krb5_storage_write(sp, r.u.ntlmInitReply.challenge.data, 8); if (ret != 8) { ret = ENOMEM; - krb5_set_error_message(context, ret, "storage write challange"); + krb5_set_error_message(context, ret, "storage write challenge"); goto out; } ret = krb5_store_uint32(sp, r.u.ntlmInitReply.flags); @@ -1144,7 +1144,7 @@ _kdc_do_digest(krb5_context context, case choice_DigestReqInner_ntlmRequest: { krb5_principal clientprincipal; unsigned char sessionkey[16]; - unsigned char challange[8]; + unsigned char challenge[8]; uint32_t flags; Key *key = NULL; int version; @@ -1193,10 +1193,10 @@ _kdc_do_digest(krb5_context context, goto out; } - ret = krb5_storage_read(sp, challange, sizeof(challange)); - if (ret != sizeof(challange)) { + ret = krb5_storage_read(sp, challenge, sizeof(challenge)); + if (ret != sizeof(challenge)) { ret = ENOMEM; - krb5_set_error_message(context, ret, "NTLM storage read challange"); + krb5_set_error_message(context, ret, "NTLM storage read challenge"); goto out; } ret = krb5_ret_uint32(sp, &flags); @@ -1248,7 +1248,7 @@ _kdc_do_digest(krb5_context context, ireq.u.ntlmRequest.username, targetname, 0, - challange, + challenge, &answer, &infotarget, sessionkey); @@ -1289,10 +1289,10 @@ _kdc_do_digest(krb5_context context, EVP_DigestInit_ex(ctx, EVP_md5(), NULL); - EVP_DigestUpdate(ctx, challange, sizeof(challange)); + EVP_DigestUpdate(ctx, challenge, sizeof(challenge)); EVP_DigestUpdate(ctx, ireq.u.ntlmRequest.lm.data, 8); EVP_DigestFinal_ex(ctx, sessionhash, NULL); - memcpy(challange, sessionhash, sizeof(challange)); + memcpy(challenge, sessionhash, sizeof(challenge)); EVP_MD_CTX_destroy(ctx); @@ -1305,7 +1305,7 @@ _kdc_do_digest(krb5_context context, ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, key->key.keyvalue.length, - challange, &answer); + challenge, &answer); if (ret) { krb5_set_error_message(context, ret, "NTLM missing arcfour key"); goto failed; diff --git a/kuser/kdigest.c b/kuser/kdigest.c index f15b661a0..cd4ec1b99 100644 --- a/kuser/kdigest.c +++ b/kuser/kdigest.c @@ -458,9 +458,9 @@ ntlm_server_init(struct ntlm_server_init_options *opt, * */ - ret = krb5_ntlm_init_get_challange(context, ntlm, &challenge); + ret = krb5_ntlm_init_get_challenge(context, ntlm, &challenge); if (ret) - krb5_err(context, 1, ret, "krb5_ntlm_init_get_challange"); + krb5_err(context, 1, ret, "krb5_ntlm_init_get_challenge"); if (challenge.length != sizeof(type2.challenge)) krb5_errx(context, 1, "ntlm challenge have wrong length"); diff --git a/lib/asn1/Makefile.am b/lib/asn1/Makefile.am index 18aa5cab9..7ccd79cf9 100644 --- a/lib/asn1/Makefile.am +++ b/lib/asn1/Makefile.am @@ -39,7 +39,7 @@ gen_files_pkinit = asn1_pkinit_asn1.x gen_files_pkcs12 = asn1_pkcs12_asn1.x gen_files_pkcs8 = asn1_pkcs8_asn1.x gen_files_pkcs9 = asn1_pkcs9_asn1.x -gen_files_test_template = test_template_asn1-template.c +gen_files_test_template = asn1_test_asn1-template.x gen_files_test = asn1_test_asn1.x gen_files_digest = asn1_digest_asn1.x gen_files_kx509 = asn1_kx509_asn1.x @@ -97,6 +97,7 @@ dist_libasn1base_la_SOURCES = \ der_copy.c \ der_cmp.c \ der_format.c \ + fuzzer.c \ heim_asn1.h \ extra.c \ template.c \ @@ -137,8 +138,9 @@ CLEANFILES = \ $(gen_files_pkcs12) \ $(gen_files_digest) \ $(gen_files_kx509) \ + $(gen_files_test) \ $(gen_files_test_template) \ - $(gen_files_test) $(nodist_check_gen_SOURCES) \ + $(nodist_check_gen_SOURCES) \ asn1_err.c asn1_err.h \ rfc2459_asn1_files rfc2459_asn1*.h* \ cms_asn1_files cms_asn1*.h* \ @@ -149,10 +151,9 @@ CLEANFILES = \ pkcs12_asn1_files pkcs12_asn1*.h* \ digest_asn1_files digest_asn1*.h* \ kx509_asn1_files kx509_asn1*.h* \ - test_template_asn1_files test_template_asn1*.h* \ test_asn1_files test_asn1*.h* -dist_include_HEADERS = der.h heim_asn1.h +dist_include_HEADERS = der.h heim_asn1.h dist_include_HEADERS += $(srcdir)/der-protos.h $(srcdir)/der-private.h dist_include_HEADERS += asn1-common.h @@ -181,10 +182,11 @@ priv_headers += test_asn1.h test_asn1-priv.h -$(asn1_compile_OBJECTS): asn1parse.h asn1parse.c -$(libasn1_la_OBJECTS): $(nodist_include_HEADERS) $(priv_headers) +$(asn1_compile_OBJECTS): asn1parse.h asn1parse.c $(srcdir)/der-protos.h $(srcdir)/der-private.h +$(libasn1_la_OBJECTS): $(nodist_include_HEADERS) $(priv_headers) asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h +$(libasn1base_la_OBJECTS): asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h $(check_gen_OBJECTS): test_asn1.h -$(check_template_OBJECTS): test_template_asn1.h test_template_asn1-priv.h test_template_asn1_files +$(check_template_OBJECTS): test_asn1_files $(asn1_print_OBJECTS): krb5_asn1.h asn1parse.h: asn1parse.c @@ -198,8 +200,8 @@ $(gen_files_digest) digest_asn1.hx digest_asn1-priv.hx: digest_asn1_files $(gen_files_kx509) kx509_asn1.hx kx509_asn1-priv.hx: kx509_asn1_files $(gen_files_rfc2459) rfc2459_asn1.hx rfc2459_asn1-priv.hx: rfc2459_asn1_files $(gen_files_cms) cms_asn1.hx cms_asn1-priv.hx: cms_asn1_files -$(gen_files_test_template) test_template_asn1.hx test_template_asn1-priv.hx: test_template_asn1_files $(gen_files_test) test_asn1.hx test_asn1-priv.hx: test_asn1_files +$(gen_files_test_template) test_asn1_template.hx test_asn1_template-priv.hx: test_asn1_files rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1 $(ASN1_COMPILE) --one-code-file --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) @@ -229,7 +231,7 @@ kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 $(ASN1_COMPILE) --one-code-file $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) test_template_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1 - $(ASN1_COMPILE) --template --sequence=TESTSeqOf $(srcdir)/test.asn1 test_template_asn1 || (rm -f test_template_asn1_files ; exit 1) + $(ASN1_COMPILE) --template --sequence=TESTSeqOf $(srcdir)/test.asn1 test_template_asn1 || (rm -f test_template_asn1_files ; exit 1) test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1 $(ASN1_COMPILE) --one-code-file --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) diff --git a/lib/asn1/asn1-common.h b/lib/asn1/asn1-common.h index 6c7f6dd50..8a935d374 100644 --- a/lib/asn1/asn1-common.h +++ b/lib/asn1/asn1-common.h @@ -7,24 +7,26 @@ #ifndef __asn1_common_definitions__ #define __asn1_common_definitions__ +#ifndef __HEIM_BASE_DATA__ +#define __HEIM_BASE_DATA__ 1 +struct heim_base_data { + size_t length; + void *data; +}; +#endif + typedef struct heim_integer { size_t length; void *data; int negative; } heim_integer; -#ifndef __HEIM_OCTET_STRING__ -#define __HEIM_OCTET_STRING__ -typedef struct heim_octet_string { - size_t length; - void *data; -} heim_octet_string; -#endif +typedef struct heim_base_data heim_octet_string; typedef char *heim_general_string; typedef char *heim_utf8_string; -typedef struct heim_octet_string heim_printable_string; -typedef struct heim_octet_string heim_ia5_string; +typedef struct heim_base_data heim_printable_string; +typedef struct heim_base_data heim_ia5_string; typedef struct heim_bmp_string { size_t length; @@ -48,8 +50,8 @@ typedef struct heim_bit_string { void *data; } heim_bit_string; -typedef struct heim_octet_string heim_any; -typedef struct heim_octet_string heim_any_set; +typedef struct heim_base_data heim_any; +typedef struct heim_base_data heim_any_set; #define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \ do { \ diff --git a/lib/asn1/asn1-template.h b/lib/asn1/asn1-template.h index 5fd6b8126..c3591a1a2 100644 --- a/lib/asn1/asn1-template.h +++ b/lib/asn1/asn1-template.h @@ -90,7 +90,7 @@ struct asn1_template { uint32_t tt; - size_t offset; + uint32_t offset; const void *ptr; }; @@ -136,8 +136,72 @@ enum template_types { A1T_BOOLEAN, A1T_OID, A1T_TELETEX_STRING, - A1T_NULL + A1T_NUM_ENTRY }; +extern struct asn1_type_func asn1_template_prim[A1T_NUM_ENTRY]; + +#define ABORT_ON_ERROR() abort() + +#define DPOC(data,offset) ((const void *)(((const unsigned char *)data) + offset)) +#define DPO(data,offset) ((void *)(((unsigned char *)data) + offset)) + +/* + * These functions are needed by the generated template stubs and are + * really internal functions. Since they are part of der-private.h + * that contains extra prototypes that really a private we included a + * copy here. + */ + +int +_asn1_copy_top ( + const struct asn1_template */*t*/, + const void */*from*/, + void */*to*/); + +void +_asn1_free_top(const struct asn1_template *t, + void *data); + +int +_asn1_decode_top ( + const struct asn1_template */*t*/, + unsigned /*flags*/, + const unsigned char */*p*/, + size_t /*len*/, + void */*data*/, + size_t */*size*/); + +int +_asn1_encode ( + const struct asn1_template */*t*/, + unsigned char */*p*/, + size_t /*len*/, + const void */*data*/, + size_t */*size*/); + +int +_asn1_encode_fuzzer ( + const struct asn1_template */*t*/, + unsigned char */*p*/, + size_t /*len*/, + const void */*data*/, + size_t */*size*/); + +void +_asn1_free ( + const struct asn1_template */*t*/, + void */*data*/); + +size_t +_asn1_length ( + const struct asn1_template */*t*/, + const void */*data*/); + +size_t +_asn1_length_fuzzer ( + const struct asn1_template */*t*/, + const void */*data*/); + #endif diff --git a/lib/asn1/asn1_print.c b/lib/asn1/asn1_print.c index 81415c0b2..e90204f9c 100644 --- a/lib/asn1/asn1_print.c +++ b/lib/asn1/asn1_print.c @@ -174,13 +174,14 @@ loop (unsigned char *buf, size_t len, int indent) printf ("(length %lu), ", (unsigned long)length); if (inner_flag) { - Der_class c; - Der_type ty; - unsigned int ta; + Der_class class2; + Der_type type2; + unsigned int tag2; - ret = der_get_tag(str.data, str.length, &c, &ty, &ta, &sz); + ret = der_get_tag(str.data, str.length, + &class2, &type2, &tag2, &sz); if (ret || sz > str.length || - type != CONS || tag != UT_Sequence) + type2 != CONS || tag2 != UT_Sequence) goto just_an_octet_string; printf("{\n"); diff --git a/lib/asn1/asn1parse.y b/lib/asn1/asn1parse.y index 11681ed09..9b519b463 100644 --- a/lib/asn1/asn1parse.y +++ b/lib/asn1/asn1parse.y @@ -60,6 +60,8 @@ struct string_list { struct string_list *next; }; +static int default_tag_env = TE_EXPLICIT; + /* Declarations for Bison */ #define YYMALLOC malloc #define YYFREE free @@ -241,9 +243,10 @@ ModuleDefinition: IDENTIFIER objid_opt kw_DEFINITIONS TagDefault ExtensionDefaul } ; -TagDefault : kw_EXPLICIT kw_TAGS +TagDefault : kw_EXPLICIT kw_TAGS + { default_tag_env = TE_EXPLICIT; } | kw_IMPLICIT kw_TAGS - { lex_error_message("implicit tagging is not supported"); } + { default_tag_env = TE_IMPLICIT; } | kw_AUTOMATIC kw_TAGS { lex_error_message("automatic tagging is not supported"); } | /* empty */ @@ -500,13 +503,13 @@ SequenceType : kw_SEQUENCE '{' /* ComponentTypeLists */ ComponentTypeList '}' { $$ = new_type(TSequence); $$->members = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$); + $$ = new_tag(ASN1_C_UNIV, UT_Sequence, default_tag_env, $$); } | kw_SEQUENCE '{' '}' { $$ = new_type(TSequence); $$->members = NULL; - $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$); + $$ = new_tag(ASN1_C_UNIV, UT_Sequence, default_tag_env, $$); } ; @@ -514,13 +517,14 @@ SequenceOfType : kw_SEQUENCE size kw_OF Type { $$ = new_type(TSequenceOf); $$->range = $2; - if ($2) { - if ($2->min < 0) + if ($$->range) { + if ($$->range->min < 0) lex_error_message("can't use a negative SIZE range " "length for SEQUENCE OF"); - } + } + $$->subtype = $4; - $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$); + $$ = new_tag(ASN1_C_UNIV, UT_Sequence, default_tag_env, $$); } ; @@ -528,13 +532,13 @@ SetType : kw_SET '{' /* ComponentTypeLists */ ComponentTypeList '}' { $$ = new_type(TSet); $$->members = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$); + $$ = new_tag(ASN1_C_UNIV, UT_Set, default_tag_env, $$); } | kw_SET '{' '}' { $$ = new_type(TSet); $$->members = NULL; - $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$); + $$ = new_tag(ASN1_C_UNIV, UT_Set, default_tag_env, $$); } ; @@ -542,7 +546,7 @@ SetOfType : kw_SET kw_OF Type { $$ = new_type(TSetOf); $$->subtype = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$); + $$ = new_tag(ASN1_C_UNIV, UT_Set, default_tag_env, $$); } ; @@ -644,11 +648,16 @@ TaggedType : Tag tagenv Type $$ = new_type(TTag); $$->tag = $1; $$->tag.tagenv = $2; - if($3->type == TTag && $2 == TE_IMPLICIT) { + if (template_flag) { + $$->subtype = $3; + } else { + if($3->type == TTag && $2 == TE_IMPLICIT) { $$->subtype = $3->subtype; free($3); - } else + } else { $$->subtype = $3; + } + } } ; @@ -656,7 +665,7 @@ Tag : '[' Class NUMBER ']' { $$.tagclass = $2; $$.tagvalue = $3; - $$.tagenv = TE_EXPLICIT; + $$.tagenv = default_tag_env; } ; @@ -680,11 +689,11 @@ Class : /* */ tagenv : /* */ { - $$ = TE_EXPLICIT; + $$ = default_tag_env; } | kw_EXPLICIT { - $$ = TE_EXPLICIT; + $$ = default_tag_env; } | kw_IMPLICIT { @@ -995,11 +1004,14 @@ add_oid_to_tail(struct objid *head, struct objid *tail) o->next = tail; } +static unsigned long idcounter; + static Type * new_type (Typetype tt) { Type *t = ecalloc(1, sizeof(*t)); t->type = tt; + t->id = idcounter++; return t; } diff --git a/lib/asn1/check-common.c b/lib/asn1/check-common.c index e086082ba..7eadc0109 100644 --- a/lib/asn1/check-common.c +++ b/lib/asn1/check-common.c @@ -33,9 +33,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #ifdef HAVE_SYS_MMAN_H #include #endif @@ -47,8 +45,6 @@ #include "asn1-common.h" #include "check-common.h" -RCSID("$Id$"); - struct map_page { void *start; size_t size; @@ -178,20 +174,15 @@ static RETSIGTYPE segv_handler(int sig) { int fd; - ssize_t ret; char msg[] = "SIGSEGV i current test: "; fd = open("/dev/stdout", O_WRONLY, 0600); if (fd >= 0) { - ret = write(fd, msg, sizeof(msg)); - if (ret != -1) - ret = write(fd, current_test, strlen(current_test)); - if (ret != -1) - ret = write(fd, " ", 1); - if (ret != -1) - ret = write(fd, current_state, strlen(current_state)); - if (ret != -1) - ret = write(fd, "\n", 1); + write(fd, msg, sizeof(msg)); + write(fd, current_test, strlen(current_test)); + write(fd, " ", 1); + write(fd, current_state, strlen(current_state)); + write(fd, "\n", 1); close(fd); } _exit(1); diff --git a/lib/asn1/check-common.h b/lib/asn1/check-common.h index 9ecbdbc35..43fb4271b 100644 --- a/lib/asn1/check-common.h +++ b/lib/asn1/check-common.h @@ -35,7 +35,7 @@ struct test_case { void *val; - int byte_len; + ssize_t byte_len; const char *bytes; char *name; }; diff --git a/lib/asn1/check-der.c b/lib/asn1/check-der.c index f4da5bc7f..7cff5b420 100644 --- a/lib/asn1/check-der.c +++ b/lib/asn1/check-der.c @@ -58,16 +58,16 @@ static int test_integer (void) { struct test_case tests[] = { - {NULL, 1, "\x00", NULL}, - {NULL, 1, "\x7f", NULL}, - {NULL, 2, "\x00\x80", NULL}, - {NULL, 2, "\x01\x00", NULL}, - {NULL, 1, "\x80", NULL}, - {NULL, 2, "\xff\x7f", NULL}, - {NULL, 1, "\xff", NULL}, - {NULL, 2, "\xff\x01", NULL}, - {NULL, 2, "\x00\xff", NULL}, - {NULL, 4, "\x7f\xff\xff\xff", NULL} + {NULL, 1, "\x00", NULL }, + {NULL, 1, "\x7f", NULL }, + {NULL, 2, "\x00\x80", NULL }, + {NULL, 2, "\x01\x00", NULL }, + {NULL, 1, "\x80", NULL }, + {NULL, 2, "\xff\x7f", NULL }, + {NULL, 1, "\xff", NULL }, + {NULL, 2, "\xff\x01", NULL }, + {NULL, 2, "\x00\xff", NULL }, + {NULL, 4, "\x7f\xff\xff\xff", NULL } }; int values[] = {0, 127, 128, 256, -128, -129, -1, -255, 255, @@ -184,14 +184,14 @@ static int test_unsigned (void) { struct test_case tests[] = { - {NULL, 1, "\x00", NULL}, - {NULL, 1, "\x7f", NULL}, - {NULL, 2, "\x00\x80", NULL}, - {NULL, 2, "\x01\x00", NULL}, - {NULL, 2, "\x02\x00", NULL}, - {NULL, 3, "\x00\x80\x00", NULL}, - {NULL, 5, "\x00\x80\x00\x00\x00", NULL}, - {NULL, 4, "\x7f\xff\xff\xff", NULL} + {NULL, 1, "\x00", NULL }, + {NULL, 1, "\x7f", NULL }, + {NULL, 2, "\x00\x80", NULL }, + {NULL, 2, "\x01\x00", NULL }, + {NULL, 2, "\x02\x00", NULL }, + {NULL, 3, "\x00\x80\x00", NULL }, + {NULL, 5, "\x00\x80\x00\x00\x00", NULL }, + {NULL, 4, "\x7f\xff\xff\xff", NULL } }; unsigned int values[] = {0, 127, 128, 256, 512, 32768, @@ -222,13 +222,7 @@ test_unsigned (void) static int cmp_octet_string (void *a, void *b) { - heim_octet_string *oa = (heim_octet_string *)a; - heim_octet_string *ob = (heim_octet_string *)b; - - if (oa->length != ob->length) - return ob->length - oa->length; - - return (memcmp (oa->data, ob->data, oa->length)); + return der_heim_octet_string_cmp(a, b); } static int @@ -237,7 +231,7 @@ test_octet_string (void) heim_octet_string s1 = {8, "\x01\x23\x45\x67\x89\xab\xcd\xef"}; struct test_case tests[] = { - {NULL, 8, "\x01\x23\x45\x67\x89\xab\xcd\xef", NULL} + {NULL, 8, "\x01\x23\x45\x67\x89\xab\xcd\xef", NULL } }; int ntests = sizeof(tests) / sizeof(*tests); int ret; @@ -278,8 +272,8 @@ test_bmp_string (void) heim_bmp_string s2 = { 2, bmp_d2 }; struct test_case tests[] = { - {NULL, 2, "\x00\x20", NULL}, - {NULL, 4, "\x00\x20\x00\x20", NULL} + {NULL, 2, "\x00\x20", NULL }, + {NULL, 4, "\x00\x20\x00\x20", NULL } }; int ntests = sizeof(tests) / sizeof(*tests); int ret; @@ -326,8 +320,8 @@ test_universal_string (void) heim_universal_string s2 = { 2, universal_d2 }; struct test_case tests[] = { - {NULL, 4, "\x00\x00\x00\x20", NULL}, - {NULL, 8, "\x00\x00\x00\x20\x00\x00\x00\x20", NULL} + {NULL, 4, "\x00\x00\x00\x20", NULL }, + {NULL, 8, "\x00\x00\x00\x20\x00\x00\x00\x20", NULL } }; int ntests = sizeof(tests) / sizeof(*tests); int ret; @@ -370,7 +364,7 @@ test_general_string (void) char *s1 = "Test User 1"; struct test_case tests[] = { - {NULL, 11, "\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31", NULL} + {NULL, 11, "\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31", NULL } }; int ret, ntests = sizeof(tests) / sizeof(*tests); @@ -397,15 +391,15 @@ cmp_generalized_time (void *a, void *b) time_t *ta = (time_t *)a; time_t *tb = (time_t *)b; - return *tb - *ta; + return (int)(*tb - *ta); } static int test_generalized_time (void) { struct test_case tests[] = { - {NULL, 15, "19700101000000Z", NULL}, - {NULL, 15, "19851106210627Z", NULL} + {NULL, 15, "19700101000000Z", NULL }, + {NULL, 15, "19851106210627Z", NULL } }; time_t values[] = {0, 500159187}; int i, ret; @@ -446,10 +440,10 @@ static int test_oid (void) { struct test_case tests[] = { - {NULL, 2, "\x29\x01", NULL}, - {NULL, 1, "\x29", NULL}, - {NULL, 2, "\xff\x01", NULL}, - {NULL, 1, "\xff", NULL} + {NULL, 2, "\x29\x01", NULL }, + {NULL, 1, "\x29", NULL }, + {NULL, 2, "\xff\x01", NULL }, + {NULL, 1, "\xff", NULL } }; heim_oid values[] = { { 3, oid_comp1 }, @@ -490,7 +484,7 @@ static int test_bit_string (void) { struct test_case tests[] = { - {NULL, 1, "\x00", NULL} + {NULL, 1, "\x00", NULL } }; heim_bit_string values[] = { { 0, "" } @@ -528,13 +522,13 @@ static int test_heim_integer (void) { struct test_case tests[] = { - {NULL, 2, "\xfe\x01", NULL}, - {NULL, 2, "\xef\x01", NULL}, - {NULL, 3, "\xff\x00\xff", NULL}, - {NULL, 3, "\xff\x01\x00", NULL}, - {NULL, 1, "\x00", NULL}, - {NULL, 1, "\x01", NULL}, - {NULL, 2, "\x00\x80", NULL} + {NULL, 2, "\xfe\x01", NULL }, + {NULL, 2, "\xef\x01", NULL }, + {NULL, 3, "\xff\x00\xff", NULL }, + {NULL, 3, "\xff\x01\x00", NULL }, + {NULL, 1, "\x00", NULL }, + {NULL, 1, "\x01", NULL }, + {NULL, 2, "\x00\x80", NULL } }; heim_integer values[] = { @@ -592,8 +586,8 @@ static int test_boolean (void) { struct test_case tests[] = { - {NULL, 1, "\xff", NULL}, - {NULL, 1, "\x00", NULL} + {NULL, 1, "\xff", NULL }, + {NULL, 1, "\x00", NULL } }; int values[] = { 1, 0 }; @@ -1075,6 +1069,104 @@ corner_tag(void) return 0; } +struct randomcheck { + asn1_type_decode decoder; + asn1_type_release release; + size_t typesize; + size_t inputsize; +} randomcheck[] = { +#define el(name, type, maxlen) { \ + (asn1_type_decode)der_get_##name, \ + (asn1_type_release)der_free_##name, \ + sizeof(type), \ + maxlen \ + } + el(integer, int, 6), + el(heim_integer, heim_integer, 12), + el(integer, int, 6), + el(unsigned, unsigned, 6), + el(general_string, heim_general_string, 12), + el(octet_string, heim_octet_string, 12), + { (asn1_type_decode)der_get_octet_string_ber, + (asn1_type_release)der_free_octet_string, + sizeof(heim_octet_string), 20 }, + el(generalized_time, time_t, 20), + el(utctime, time_t, 20), + el(bit_string, heim_bit_string, 10), + el(oid, heim_oid, 10), + { NULL, NULL, 0, 0 } +#undef el +}; + +static void +asn1rand(uint8_t *rand, size_t len) +{ + while (len) { + *rand++ = arc4random(); + len--; + } +} + +static int +check_random(void) +{ + struct randomcheck *r = randomcheck; + uint8_t *input; + void *type; + size_t size, insize; + int ret; + + while (r->decoder) { + type = emalloc(r->typesize); + memset(type, 0, r->typesize); + + input = emalloc(r->inputsize); + + /* try all zero first */ + memset(input, 0, r->inputsize); + + ret = r->decoder(input, r->inputsize, type, &size); + if (ret) + r->release(type); + + /* try all one first */ + memset(input, 0xff, r->inputsize); + ret = r->decoder(input, r->inputsize, type, &size); + if (ret) + r->release(type); + + /* try 0x41 too */ + memset(input, 0x41, r->inputsize); + ret = r->decoder(input, r->inputsize, type, &size); + if (ret) + r->release(type); + + /* random */ + asn1rand(input, r->inputsize); + ret = r->decoder(input, r->inputsize, type, &size); + if (ret) + r->release(type); + + /* let make buffer smaller */ + insize = r->inputsize; + do { + insize--; + asn1rand(input, insize); + + ret = r->decoder(input, insize, type, &size); + if (ret == 0) + r->release(type); + } while(insize > 0); + + free(type); + + r++; + } + return 0; +} + + + int main(int argc, char **argv) { @@ -1110,6 +1202,7 @@ main(int argc, char **argv) ret += test_misc_cmp(); ret += corner_generalized_time(); ret += corner_tag(); + ret += check_random(); return ret; } diff --git a/lib/asn1/check-gen.c b/lib/asn1/check-gen.c index 0aecd481e..68c8b5c36 100644 --- a/lib/asn1/check-gen.c +++ b/lib/asn1/check-gen.c @@ -33,9 +33,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include #include #include @@ -48,11 +46,10 @@ #include #include #include +#include #include "check-common.h" -RCSID("$Id$"); - static char *lha_principal[] = { "lha" }; static char *lharoot_princ[] = { "lha", "root" }; static char *datan_princ[] = { "host", "nutcracker.e.kth.se" }; @@ -60,7 +57,7 @@ static char *nada_tgt_principal[] = { "krbtgt", "NADA.KTH.SE" }; #define IF_OPT_COMPARE(ac,bc,e) \ - if (((ac)->e == NULL && (bc)->e != NULL) || (((ac)->e != NULL && (bc)->e == NULL))) return 1; if ((ac)->e) + if (((ac)->e == NULL && (bc)->e != NULL) || (((ac)->e != NULL && (bc)->e == NULL))) return 1; if ((ab)->e) #define COMPARE_OPT_STRING(ac,bc,e) \ do { if (strcmp(*(ac)->e, *(bc)->e) != 0) return 1; } while(0) #define COMPARE_OPT_OCTECT_STRING(ac,bc,e) \ @@ -675,6 +672,91 @@ test_cert(void) return 0; } +struct { + const char *sd; + size_t len; +} signeddata[] = { + { + "\x30\x80\x02\x01\x03\x31\x0b\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a" + "\x05\x00\x30\x80\x06\x07\x2b\x06\x01\x05\x02\x03\x03\xa0\x80\x24" + "\x80\x04\x50\x30\x4e\xa0\x2b\x30\x29\xa0\x03\x02\x01\x12\xa1\x22" + "\x04\x20\x78\xf4\x86\x31\xc6\xc2\xc9\xcb\xef\x0c\xd7\x3a\x2a\xcd" + "\x8c\x13\x34\x83\xb1\x5c\xa8\xbe\xbf\x2f\xea\xd2\xbb\xd8\x8c\x18" + "\x47\x01\xa1\x1f\x30\x1d\xa0\x03\x02\x01\x0c\xa1\x16\x04\x14\xa6" + "\x2c\x52\xb2\x80\x98\x30\x40\xbc\x5f\xb0\x77\x2d\x8a\xd7\xa1\xda" + "\x3c\xc5\x62\x00\x00\x00\x00\x00\x00\xa0\x82\x02\x09\x30\x82\x02" + "\x05\x30\x82\x01\x6e\xa0\x03\x02\x01\x02\x02\x04\x49\x75\x57\xbf" + "\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x30\x3b\x31" + "\x1f\x30\x1d\x06\x03\x55\x04\x03\x0c\x16\x63\x6f\x6d\x2e\x61\x70" + "\x70\x6c\x65\x2e\x6b\x65\x72\x62\x65\x72\x6f\x73\x2e\x6b\x64\x63" + "\x31\x18\x30\x16\x06\x03\x55\x04\x0a\x0c\x0f\x53\x79\x73\x74\x65" + "\x6d\x20\x49\x64\x65\x6e\x74\x69\x74\x79\x30\x1e\x17\x0d\x30\x39" + "\x31\x32\x30\x34\x30\x30\x32\x30\x32\x34\x5a\x17\x0d\x32\x39\x31" + "\x31\x32\x39\x30\x30\x32\x30\x32\x34\x5a\x30\x3b\x31\x1f\x30\x1d" + "\x06\x03\x55\x04\x03\x0c\x16\x63\x6f\x6d\x2e\x61\x70\x70\x6c\x65" + "\x2e\x6b\x65\x72\x62\x65\x72\x6f\x73\x2e\x6b\x64\x63\x31\x18\x30" + "\x16\x06\x03\x55\x04\x0a\x0c\x0f\x53\x79\x73\x74\x65\x6d\x20\x49" + "\x64\x65\x6e\x74\x69\x74\x79\x30\x81\x9f\x30\x0d\x06\x09\x2a\x86" + "\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x81\x8d\x00\x30\x81\x89" + "\x02\x81\x81\x00\xb2\xc5\x4b\x34\xe3\x93\x99\xbb\xaa\xd1\x70\x62" + "\x6c\x9c\xcc\xa6\xbc\x47\xc3\x23\xff\x15\xb9\x11\x27\x0a\xf8\x55" + "\x4c\xb2\x43\x34\x75\xad\x55\xbb\xb9\x8a\xd0\x25\x64\xa4\x8c\x82" + "\x74\x5d\x89\x52\xe2\x76\x75\x08\x67\xb5\x9c\x9c\x69\x86\x0c\x6d" + "\x79\xf7\xa0\xbe\x42\x8f\x90\x46\x0c\x18\xf4\x7a\x56\x17\xa4\x65" + "\x00\x3a\x5e\x3e\xbf\xbc\xf5\xe2\x2c\x26\x03\x52\xdd\xd4\x85\x3f" + "\x03\xd7\x0c\x45\x7f\xff\xdd\x1e\x70\x6c\x9f\xb0\x8c\xd0\x33\xad" + "\x92\x54\x17\x9d\x88\x89\x1a\xee\xef\xf7\x96\x3e\x68\xc3\xd1\x60" + "\x47\x86\x80\x5d\x02\x03\x01\x00\x01\xa3\x18\x30\x16\x30\x14\x06" + "\x03\x55\x1d\x25\x04\x0d\x30\x0b\x06\x09\x2a\x86\x48\x86\xf7\x63" + "\x64\x04\x04\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x81\x81\x00\x9b\xbb\xaa\x63\x66\xd8\x70\x84\x3e\xf6" + "\xa1\x3b\xf3\xe6\xd7\x3d\xfc\x4f\xc9\x45\xaa\x31\x43\x8d\xb5\x72" + "\xe4\x34\x95\x7b\x6e\x5f\xe5\xc8\x5e\xaf\x12\x08\x6d\xd7\x25\x76" + "\x40\xd5\xdc\x83\x7f\x2f\x74\xd1\x63\xc0\x7c\x26\x4d\x53\x10\xe7" + "\xfa\xcc\xf2\x60\x41\x63\xdf\x56\xd6\xd9\xc0\xb4\xd0\x73\x99\x54" + "\x40\xad\x90\x79\x2d\xd2\x5e\xcb\x13\x22\x2b\xd0\x76\xef\x8a\x48" + "\xfd\xb2\x6e\xca\x04\x4e\x91\x3f\xb4\x63\xad\x22\x3a\xf7\x20\x9c" + "\x4c\x0e\x47\x78\xe5\x2a\x85\x0e\x90\x7a\xce\x46\xe6\x15\x02\xb0" + "\x83\xe7\xac\xfa\x92\xf8\x31\x81\xe8\x30\x81\xe5\x02\x01\x01\x30" + "\x43\x30\x3b\x31\x1f\x30\x1d\x06\x03\x55\x04\x03\x0c\x16\x63\x6f" + "\x6d\x2e\x61\x70\x70\x6c\x65\x2e\x6b\x65\x72\x62\x65\x72\x6f\x73" + "\x2e\x6b\x64\x63\x31\x18\x30\x16\x06\x03\x55\x04\x0a\x0c\x0f\x53" + "\x79\x73\x74\x65\x6d\x20\x49\x64\x65\x6e\x74\x69\x74\x79\x02\x04" + "\x49\x75\x57\xbf\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x30" + "\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x04\x81" + "\x80\x50\x2c\x69\xe1\xd2\xc4\xd1\xcc\xdc\xe0\xe9\x8a\x6b\x6a\x97" + "\x1b\xb4\xe0\xa8\x20\xbe\x09\x6d\xe1\x55\x5f\x07\x70\x94\x2e\x14" + "\xed\x4e\xb1\x69\x75\x40\xbb\x99\x87\xed\x23\x50\x27\x5f\xaa\xc4" + "\x84\x60\x06\xfe\x45\xfd\x7e\x1b\x18\xe0\x0b\x77\x35\x2a\xb2\xf2" + "\xe0\x88\x31\xad\x82\x31\x4a\xbc\x6d\x71\x62\xe6\x4d\x33\xb4\x09" + "\x6e\x3f\x14\x12\xf2\x89\x29\x31\x84\x60\x2b\xa8\x2d\xe6\xca\x2f" + "\x03\x3d\xd4\x69\x89\xb3\x98\xfd\xac\x63\x14\xaf\x6a\x52\x2a\xac" + "\xe3\x8e\xfa\x21\x41\x8f\xcc\x04\x2d\x52\xee\x49\x54\x0d\x58\x51" + "\x77\x00\x00", + 883 + } +}; + +static int +test_SignedData(void) +{ + SignedData sd; + size_t size, i; + int ret; + + for (i = 0; i < sizeof(signeddata) / sizeof(signeddata[0]); i++) { + + ret = decode_SignedData((unsigned char *)signeddata[i].sd, + signeddata[i].len, &sd, &size); + if (ret) + return ret; + + free_SignedData(&sd); + } + + return 0; +} + static int cmp_TESTLargeTag (void *a, void *b) @@ -951,6 +1033,7 @@ test_choice (void) return ret; } +#ifdef IMPLICIT_TAGGING_WORKS static int cmp_TESTImplicit (void *a, void *b) { @@ -962,27 +1045,30 @@ cmp_TESTImplicit (void *a, void *b) COMPARE_INTEGER(aa,ab,ti3); return 0; } +#endif /* UNIV CONS Sequence 14 CONTEXT PRIM 0 1 00 CONTEXT CONS 1 6 - CONTEXT CONS 127 3 - UNIV PRIM Integer 1 02 + CONTEXT CONS 127 3 + UNIV PRIM Integer 1 02 CONTEXT PRIM 2 1 03 */ static int test_implicit (void) { + int ret = 0; +#ifdef IMPLICIT_TAGGING_WORKS struct test_case tests[] = { - { NULL, 16, - "\x30\x0e\x80\x01\x00\xa1\x06\xbf" - "\x7f\x03\x02\x01\x02\x82\x01\x03", + { NULL, 18, + "\x30\x10\x80\x01\x00\xa1\x06\xbf" + "\x7f\x03\x02\x01\x02\xa2\x03\x84\x01\x03", "implicit 1" } }; - int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + int ntests = sizeof(tests) / sizeof(*tests); TESTImplicit c0; memset(&c0, 0, sizeof(c0)); @@ -999,7 +1085,6 @@ test_implicit (void) cmp_TESTImplicit, (generic_copy)copy_TESTImplicit); -#ifdef IMPLICIT_TAGGING_WORKS ret += generic_test (tests, ntests, sizeof(TESTImplicit2), (generic_encode)encode_TESTImplicit2, (generic_length)length_TESTImplicit2, @@ -1261,6 +1346,30 @@ check_fail_choice(void) (generic_decode)decode_TESTChoice1); } +static int +check_fail_Ticket(void) +{ + char buf[100]; + size_t i; + int ret; + struct test_case test; + Ticket ticket; + + for (i = 0; i < sizeof(buf); i++) { + memset(buf, 0, sizeof(buf)); + memset(&ticket, 0, sizeof(ticket)); + test.val = &ticket; + test.byte_len = i; + test.bytes = buf; + test.name = "zero life"; + ret = generic_decode_fail(&test, 1, sizeof(Ticket), + (generic_decode)decode_Ticket); + if (ret) + return ret; + } + return 0; +} + static int check_seq(void) { @@ -1409,6 +1518,7 @@ check_TESTMechTypeList(void) return 0; } +#ifdef IMPLICIT_TAGGING_WORKS static int cmp_TESTSeqOf4(void *a, void *b) { @@ -1451,10 +1561,13 @@ cmp_TESTSeqOf4(void *a, void *b) } return 0; } +#endif /* IMPLICIT_TAGGING_WORKS */ static int test_seq4 (void) { + int ret = 0; +#ifdef IMPLICIT_TAGGING_WORKS struct test_case tests[] = { { NULL, 2, "\x30\x00", @@ -1499,7 +1612,7 @@ test_seq4 (void) "seq4 3" }, }; - int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + int ntests = sizeof(tests) / sizeof(*tests); TESTSeqOf4 c[4]; struct TESTSeqOf4_b1 b1[4]; struct TESTSeqOf4_b2 b2[4]; @@ -1577,7 +1690,7 @@ test_seq4 (void) (generic_free)free_TESTSeqOf4, cmp_TESTSeqOf4, (generic_copy)copy_TESTSeqOf4); - +#endif /* IMPLICIT_TAGGING_WORKS */ return ret; } @@ -1602,15 +1715,18 @@ main(int argc, char **argv) ret += test_choice(); ret += test_implicit(); + ret += test_taglessalloc(); ret += test_optional(); ret += check_fail_largetag(); ret += check_fail_sequence(); ret += check_fail_choice(); + ret += check_fail_Ticket(); ret += check_seq(); ret += check_seq_of_size(); + ret += test_SignedData(); ret += check_TESTMechTypeList(); ret += test_seq4(); diff --git a/lib/asn1/check-template.c b/lib/asn1/check-template.c index 02af09c09..33d66f465 100644 --- a/lib/asn1/check-template.c +++ b/lib/asn1/check-template.c @@ -69,25 +69,25 @@ test_uint64(void) size_t i; int ret = 0, ntests = sizeof(tests) / sizeof(*tests); TESTuint64 values[] = { 0, 8589934591LL, 8589934592LL, - 36028797018963967LL, 36028797018963968LL, - 9223372036854775807LL, 18446744073709551615ULL }; + 36028797018963967LL, 36028797018963968LL, + 9223372036854775807LL, 18446744073709551615ULL }; for (i = 0; i < ntests; i++) - tests[i].val = &values[i]; + tests[i].val = &values[i]; if (sizeof(TESTuint64) != sizeof(uint64_t)) { - ret += 1; - printf("sizeof(TESTuint64) %d != sizeof(uint64_t) %d\n", - (int)sizeof(TESTuint64), (int)sizeof(uint64_t)); + ret += 1; + printf("sizeof(TESTuint64) %d != sizeof(uint64_t) %d\n", + (int)sizeof(TESTuint64), (int)sizeof(uint64_t)); } ret += generic_test (tests, ntests, sizeof(TESTuint64), - (generic_encode)encode_TESTuint64, - (generic_length)length_TESTuint64, - (generic_decode)decode_TESTuint64, - (generic_free)free_TESTuint64, - cmp_dummy, - NULL); + (generic_encode)encode_TESTuint64, + (generic_length)length_TESTuint64, + (generic_decode)decode_TESTuint64, + (generic_free)free_TESTuint64, + cmp_dummy, + NULL); return ret; } @@ -278,6 +278,7 @@ test_seqof3(void) return ret; } + static int test_seqof4(void) { diff --git a/lib/asn1/der.h b/lib/asn1/der.h index f73234864..f20cdb83c 100644 --- a/lib/asn1/der.h +++ b/lib/asn1/der.h @@ -36,8 +36,6 @@ #ifndef __DER_H__ #define __DER_H__ -#include - typedef enum { ASN1_C_UNIV = 0, ASN1_C_APPL = 1, diff --git a/lib/asn1/der_cmp.c b/lib/asn1/der_cmp.c index 468ccb2d0..f4612c469 100644 --- a/lib/asn1/der_cmp.c +++ b/lib/asn1/der_cmp.c @@ -37,7 +37,7 @@ int der_heim_oid_cmp(const heim_oid *p, const heim_oid *q) { if (p->length != q->length) - return p->length - q->length; + return (int)(p->length - q->length); return memcmp(p->components, q->components, p->length * sizeof(*p->components)); @@ -48,7 +48,7 @@ der_heim_octet_string_cmp(const heim_octet_string *p, const heim_octet_string *q) { if (p->length != q->length) - return p->length - q->length; + return (int)(p->length - q->length); return memcmp(p->data, q->data, p->length); } @@ -70,12 +70,13 @@ int der_heim_bit_string_cmp(const heim_bit_string *p, const heim_bit_string *q) { - int i, r1, r2; + int r1, r2; + size_t i; if (p->length != q->length) - return p->length - q->length; + return (int)(p->length - q->length); i = memcmp(p->data, q->data, p->length / 8); if (i) - return i; + return (int)i; if ((p->length % 8) == 0) return 0; i = (p->length / 8); @@ -94,7 +95,7 @@ der_heim_integer_cmp(const heim_integer *p, if (p->negative != q->negative) return q->negative - p->negative; if (p->length != q->length) - return p->length - q->length; + return (int)(p->length - q->length); return memcmp(p->data, q->data, p->length); } @@ -102,7 +103,7 @@ int der_heim_bmp_string_cmp(const heim_bmp_string *p, const heim_bmp_string *q) { if (p->length != q->length) - return p->length - q->length; + return (int)(p->length - q->length); return memcmp(p->data, q->data, q->length * sizeof(q->data[0])); } @@ -111,6 +112,6 @@ der_heim_universal_string_cmp(const heim_universal_string *p, const heim_universal_string *q) { if (p->length != q->length) - return p->length - q->length; + return (int)(p->length - q->length); return memcmp(p->data, q->data, q->length * sizeof(q->data[0])); } diff --git a/lib/asn1/der_format.c b/lib/asn1/der_format.c index 4f06c1b01..0aaabed87 100644 --- a/lib/asn1/der_format.c +++ b/lib/asn1/der_format.c @@ -163,7 +163,7 @@ der_parse_heim_oid (const char *str, const char *sep, heim_oid *data) free(s); return EINVAL; } - data->components[data->length++] = l; + data->components[data->length++] = (unsigned int)l; } free(s); return 0; diff --git a/lib/asn1/der_get.c b/lib/asn1/der_get.c index 8a456d4d9..f2bbc706f 100644 --- a/lib/asn1/der_get.c +++ b/lib/asn1/der_get.c @@ -62,13 +62,13 @@ der_get_unsigned (const unsigned char *p, size_t len, int der_get_unsigned64 (const unsigned char *p, size_t len, - uint64_t *ret, size_t *size) + uint64_t *ret, size_t *size) { uint64_t val = 0; size_t oldlen = len; if (len == sizeof(val) + 1 && p[0] == 0) - ; + ; else if (len > sizeof(val)) return ASN1_OVERRUN; @@ -107,18 +107,19 @@ der_get_integer64 (const unsigned char *p, size_t len, size_t oldlen = len; if (len > sizeof(val)) - return ASN1_OVERRUN; + return ASN1_OVERRUN; if (len > 0) { - val = (signed char)*p++; - while (--len) - val = val * 256 + *p++; + val = (signed char)*p++; + while (--len) + val = val * 256 + *p++; } *ret = val; if(size) *size = oldlen; return 0; } + int der_get_length (const unsigned char *p, size_t len, size_t *val, size_t *size) @@ -182,18 +183,22 @@ der_get_general_string (const unsigned char *p, size_t len, */ while ((size_t)(p1 - p) < len && *p1 == '\0') p1++; - if ((size_t)(p1 - p) != len) + if ((size_t)(p1 - p) != len) { + *str = NULL; return ASN1_BAD_CHARACTER; + } } - if (len > len + 1) + if (len > len + 1) { + *str = NULL; return ASN1_BAD_LENGTH; + } - s = malloc (len + 1); + *str = s = malloc (len + 1); if (s == NULL) return ENOMEM; memcpy (s, p, len); s[len] = '\0'; - *str = s; + if(size) *size = len; return 0; } @@ -205,14 +210,23 @@ der_get_utf8string (const unsigned char *p, size_t len, return der_get_general_string(p, len, str, size); } +#define gen_data_zero(_data) \ + do { (_data)->length = 0; (_data)->data = NULL; } while(0) + int der_get_printable_string(const unsigned char *p, size_t len, heim_printable_string *str, size_t *size) { + if (len > len + 1) { + gen_data_zero(str); + return ASN1_BAD_LENGTH; + } str->length = len; str->data = malloc(len + 1); - if (str->data == NULL) + if (str->data == NULL) { + gen_data_zero(str); return ENOMEM; + } memcpy(str->data, p, len); ((char *)str->data)[len] = '\0'; if(size) *size = len; @@ -232,14 +246,20 @@ der_get_bmp_string (const unsigned char *p, size_t len, { size_t i; - if (len & 1) + if (len & 1) { + gen_data_zero(data); return ASN1_BAD_FORMAT; + } data->length = len / 2; - if (data->length > UINT_MAX/sizeof(data->data[0])) + if (data->length > UINT_MAX/sizeof(data->data[0])) { + gen_data_zero(data); return ERANGE; + } data->data = malloc(data->length * sizeof(data->data[0])); - if (data->data == NULL && data->length != 0) + if (data->data == NULL && data->length != 0) { + gen_data_zero(data); return ENOMEM; + } for (i = 0; i < data->length; i++) { data->data[i] = (p[0] << 8) | p[1]; @@ -247,8 +267,7 @@ der_get_bmp_string (const unsigned char *p, size_t len, /* check for NUL in the middle of the string */ if (data->data[i] == 0 && i != (data->length - 1)) { free(data->data); - data->data = NULL; - data->length = 0; + gen_data_zero(data); return ASN1_BAD_CHARACTER; } } @@ -263,14 +282,20 @@ der_get_universal_string (const unsigned char *p, size_t len, { size_t i; - if (len & 3) + if (len & 3) { + gen_data_zero(data); return ASN1_BAD_FORMAT; + } data->length = len / 4; - if (data->length > UINT_MAX/sizeof(data->data[0])) + if (data->length > UINT_MAX/sizeof(data->data[0])) { + gen_data_zero(data); return ERANGE; + } data->data = malloc(data->length * sizeof(data->data[0])); - if (data->data == NULL && data->length != 0) + if (data->data == NULL && data->length != 0) { + gen_data_zero(data); return ENOMEM; + } for (i = 0; i < data->length; i++) { data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; @@ -278,8 +303,7 @@ der_get_universal_string (const unsigned char *p, size_t len, /* check for NUL in the middle of the string */ if (data->data[i] == 0 && i != (data->length - 1)) { free(data->data); - data->data = NULL; - data->length = 0; + gen_data_zero(data); return ASN1_BAD_CHARACTER; } } @@ -313,7 +337,7 @@ der_get_octet_string_ber (const unsigned char *p, size_t len, { int e; Der_type type; - Der_class class; + Der_class cls; unsigned int tag, depth = 0; size_t l, datalen, oldlen = len; @@ -321,9 +345,9 @@ der_get_octet_string_ber (const unsigned char *p, size_t len, data->data = NULL; while (len) { - e = der_get_tag (p, len, &class, &type, &tag, &l); + e = der_get_tag (p, len, &cls, &type, &tag, &l); if (e) goto out; - if (class != ASN1_C_UNIV) { + if (cls != ASN1_C_UNIV) { e = ASN1_BAD_ID; goto out; } @@ -547,13 +571,13 @@ der_get_oid (const unsigned char *p, size_t len, int der_get_tag (const unsigned char *p, size_t len, - Der_class *class, Der_type *type, + Der_class *cls, Der_type *type, unsigned int *tag, size_t *size) { size_t ret = 0; if (len < 1) return ASN1_OVERRUN; - *class = (Der_class)(((*p) >> 6) & 0x03); + *cls = (Der_class)(((*p) >> 6) & 0x03); *type = (Der_type)(((*p) >> 5) & 0x01); *tag = (*p) & 0x1f; p++; len--; ret++; @@ -579,13 +603,13 @@ der_get_tag (const unsigned char *p, size_t len, int der_match_tag (const unsigned char *p, size_t len, - Der_class class, Der_type type, + Der_class cls, Der_type type, unsigned int tag, size_t *size) { Der_type thistype; int e; - e = der_match_tag2(p, len, class, &thistype, tag, size); + e = der_match_tag2(p, len, cls, &thistype, tag, size); if (e) return e; if (thistype != type) return ASN1_BAD_ID; return 0; @@ -593,7 +617,7 @@ der_match_tag (const unsigned char *p, size_t len, int der_match_tag2 (const unsigned char *p, size_t len, - Der_class class, Der_type *type, + Der_class cls, Der_type *type, unsigned int tag, size_t *size) { size_t l; @@ -603,7 +627,7 @@ der_match_tag2 (const unsigned char *p, size_t len, e = der_get_tag (p, len, &thisclass, type, &thistag, &l); if (e) return e; - if (class != thisclass) + if (cls != thisclass) return ASN1_BAD_ID; if(tag > thistag) return ASN1_MISPLACED_FIELD; @@ -615,13 +639,13 @@ der_match_tag2 (const unsigned char *p, size_t len, int der_match_tag_and_length (const unsigned char *p, size_t len, - Der_class class, Der_type *type, unsigned int tag, + Der_class cls, Der_type *type, unsigned int tag, size_t *length_ret, size_t *size) { size_t l, ret = 0; int e; - e = der_match_tag2 (p, len, class, type, tag, &l); + e = der_match_tag2 (p, len, cls, type, tag, &l); if (e) return e; p += l; len -= l; @@ -672,14 +696,19 @@ der_get_bit_string (const unsigned char *p, size_t len, * any of them will cause a interger overrun */ if ((len - 1) >> (sizeof(len) * 8 - 3)) return ASN1_OVERRUN; - data->length = (len - 1) * 8; - data->data = malloc(len - 1); - if (data->data == NULL && (len - 1) != 0) - return ENOMEM; - /* copy data is there is data to copy */ - if (len - 1 != 0) { - memcpy (data->data, p + 1, len - 1); - data->length -= p[0]; + /* + * If there is data to copy, do that now. + */ + if (len - 1 > 0) { + data->length = (len - 1) * 8; + data->data = malloc(len - 1); + if (data->data == NULL) + return ENOMEM; + memcpy (data->data, p + 1, len - 1); + data->length -= p[0]; + } else { + data->data = NULL; + data->length = 0; } if(size) *size = len; return 0; diff --git a/lib/asn1/der_put.c b/lib/asn1/der_put.c index 0ccb181c0..1fd1e714c 100644 --- a/lib/asn1/der_put.c +++ b/lib/asn1/der_put.c @@ -82,28 +82,28 @@ der_put_unsigned64 (unsigned char *p, size_t len, const uint64_t *v, size_t *siz uint64_t val = *v; if (val) { - while (len > 0 && val) { - *p-- = val % 256; - val /= 256; - --len; - } - if (val != 0) - return ASN1_OVERFLOW; - else { - if(p[1] >= 128) { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = 0; - } - *size = base - p; - return 0; - } + while (len > 0 && val) { + *p-- = val % 256; + val /= 256; + --len; + } + if (val != 0) + return ASN1_OVERFLOW; + else { + if(p[1] >= 128) { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = 0; + } + *size = base - p; + return 0; + } } else if (len < 1) - return ASN1_OVERFLOW; + return ASN1_OVERFLOW; else { - *p = 0; - *size = 1; - return 0; + *p = 0; + *size = 1; + return 0; } } @@ -154,34 +154,34 @@ der_put_integer64 (unsigned char *p, size_t len, const int64_t *v, size_t *size) int64_t val = *v; if(val >= 0) { - do { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = val % 256; - len--; - val /= 256; - } while(val); - if(p[1] >= 128) { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = 0; - len--; - } + do { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = val % 256; + len--; + val /= 256; + } while(val); + if(p[1] >= 128) { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = 0; + len--; + } } else { - val = ~val; - do { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = ~(val % 256); - len--; - val /= 256; - } while(val); - if(p[1] < 128) { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = 0xff; - len--; - } + val = ~val; + do { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = ~(val % 256); + len--; + val /= 256; + } while(val); + if(p[1] < 128) { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = 0xff; + len--; + } } *size = base - p; return 0; @@ -339,7 +339,8 @@ der_put_heim_integer (unsigned char *p, size_t len, len -= data->length; if (data->negative) { - int i, carry; + ssize_t i; + int carry; for (i = data->length - 1, carry = 1; i >= 0; i--) { *p = buf[i] ^ 0xff; if (carry) @@ -415,7 +416,7 @@ der_put_oid (unsigned char *p, size_t len, const heim_oid *data, size_t *size) { unsigned char *base = p; - int n; + size_t n; for (n = data->length - 1; n >= 2; --n) { unsigned u = data->components[n]; @@ -540,12 +541,12 @@ der_put_bit_string (unsigned char *p, size_t len, int _heim_der_set_sort(const void *a1, const void *a2) { - const struct heim_octet_string *s1 = a1, *s2 = a2; + const heim_octet_string *s1 = a1, *s2 = a2; int ret; ret = memcmp(s1->data, s2->data, s1->length < s2->length ? s1->length : s2->length); if(ret) return ret; - return s1->length - s2->length; + return (int)(s1->length - s2->length); } diff --git a/lib/asn1/digest.asn1 b/lib/asn1/digest.asn1 index 027402f1e..7a73993e3 100644 --- a/lib/asn1/digest.asn1 +++ b/lib/asn1/digest.asn1 @@ -24,7 +24,7 @@ DigestInit ::= SEQUENCE { } DigestInitReply ::= SEQUENCE { - nonce UTF8String, -- service nonce/challange + nonce UTF8String, -- service nonce/challenge opaque UTF8String, -- server state identifier [0] UTF8String OPTIONAL } @@ -78,7 +78,7 @@ NTLMInitReply ::= SEQUENCE { flags [0] INTEGER (0..4294967295), opaque [1] OCTET STRING, targetname [2] UTF8String, - challange [3] OCTET STRING, + challenge [3] OCTET STRING, targetinfo [4] OCTET STRING OPTIONAL } diff --git a/lib/asn1/gen.c b/lib/asn1/gen.c index cdc7f4ad9..8d2505c9b 100644 --- a/lib/asn1/gen.c +++ b/lib/asn1/gen.c @@ -163,20 +163,21 @@ init_generate (const char *filename, const char *base) fprintf (headerfile, "#ifndef __asn1_common_definitions__\n" "#define __asn1_common_definitions__\n\n"); + fprintf (headerfile, + "#ifndef __HEIM_BASE_DATA__\n" + "#define __HEIM_BASE_DATA__ 1\n" + "struct heim_base_data {\n" + " size_t length;\n" + " void *data;\n" + "};\n" + "typedef struct heim_base_data heim_octet_string;\n" + "#endif\n\n"); fprintf (headerfile, "typedef struct heim_integer {\n" " size_t length;\n" " void *data;\n" " int negative;\n" "} heim_integer;\n\n"); - fprintf (headerfile, - "#ifndef __HEIM_OCTET_STRING__\n" - "#define __HEIM_OCTET_STRING__\n" - "typedef struct heim_octet_string {\n" - " size_t length;\n" - " void *data;\n" - "} heim_octet_string;\n" - "#endif\n\n"); fprintf (headerfile, "typedef char *heim_general_string;\n\n" ); @@ -184,10 +185,10 @@ init_generate (const char *filename, const char *base) "typedef char *heim_utf8_string;\n\n" ); fprintf (headerfile, - "typedef struct heim_octet_string heim_printable_string;\n\n" + "typedef struct heim_base_data heim_printable_string;\n\n" ); fprintf (headerfile, - "typedef struct heim_octet_string heim_ia5_string;\n\n" + "typedef struct heim_base_data heim_ia5_string;\n\n" ); fprintf (headerfile, "typedef struct heim_bmp_string {\n" @@ -213,8 +214,8 @@ init_generate (const char *filename, const char *base) " void *data;\n" "} heim_bit_string;\n\n"); fprintf (headerfile, - "typedef struct heim_octet_string heim_any;\n" - "typedef struct heim_octet_string heim_any_set;\n\n"); + "typedef struct heim_base_data heim_any;\n" + "typedef struct heim_base_data heim_any_set;\n\n"); fputs("#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \\\n" " do { \\\n" " (BL) = length_##T((S)); \\\n" @@ -264,19 +265,18 @@ init_generate (const char *filename, const char *base) "/* Do not edit */\n\n" "#include \n" "#include \n" - "#include \n" "#include \n" "#include \n" "#include \n" "#include \n" - "#include \n", - filename); + "#include <%s>\n", + filename, + type_file_string); fprintf (templatefile, "#include <%s>\n" "#include <%s>\n" "#include \n" - "#include \n" "#include \n", header, privheader); @@ -307,7 +307,8 @@ gen_assign_defval(const char *var, struct value *val) fprintf(codefile, "if((%s = strdup(\"%s\")) == NULL)\nreturn ENOMEM;\n", var, val->u.stringvalue); break; case integervalue: - fprintf(codefile, "%s = %lld;\n", var, (long long)val->u.integervalue); + fprintf(codefile, "%s = %lld;\n", + var, (long long)val->u.integervalue); break; case booleanvalue: if(val->u.booleanvalue) @@ -328,8 +329,8 @@ gen_compare_defval(const char *var, struct value *val) fprintf(codefile, "if(strcmp(%s, \"%s\") != 0)\n", var, val->u.stringvalue); break; case integervalue: - fprintf(codefile, "if(%s != %lld)\n", var, - (long long)val->u.integervalue); + fprintf(codefile, "if(%s != %lld)\n", + var, (long long)val->u.integervalue); break; case booleanvalue: if(val->u.booleanvalue) @@ -364,24 +365,26 @@ generate_header_of_codefile(const char *name) "#define ASN1_LIB\n\n" "#include \n" "#include \n" - "#include \n" "#include \n" "#include \n" "#include \n" "#include \n" - "#include \n", - orig_filename); + "#include <%s>\n", + orig_filename, + type_file_string); fprintf (codefile, - "#include <%s>\n" - "#include <%s>\n", + "#include \"%s\"\n" + "#include \"%s\"\n", header, privheader); fprintf (codefile, "#include \n" "#include \n" - "#include \n" - "#include \n" - "#include \n\n"); + "#include \n\n"); + + if (parse_units_flag) + fprintf (codefile, + "#include \n\n"); } @@ -403,8 +406,9 @@ generate_constant (const Symbol *s) case booleanvalue: break; case integervalue: - fprintf(headerfile, "enum { %s = %lld };\n\n", s->gen_name, - (long long)s->value->u.integervalue); + fprintf (headerfile, "enum { %s = %lld };\n\n", + s->gen_name, + (long long)s->value->u.integervalue); break; case nullvalue: break; @@ -412,7 +416,7 @@ generate_constant (const Symbol *s) break; case objectidentifiervalue: { struct objid *o, **list; - unsigned int i, len; + size_t i, len; char *gen_upper; if (!one_code_file) @@ -439,16 +443,16 @@ generate_constant (const Symbol *s) o->label ? o->label : "label-less", o->value); } - fprintf (codefile, "static unsigned oid_%s_variable_num[%d] = {", - s->gen_name, len); + fprintf (codefile, "static unsigned oid_%s_variable_num[%lu] = {", + s->gen_name, (unsigned long)len); for (i = len ; i > 0; i--) { fprintf(codefile, "%d%s ", list[i - 1]->value, i > 1 ? "," : ""); } fprintf(codefile, "};\n"); fprintf (codefile, "const heim_oid asn1_oid_%s = " - "{ %d, oid_%s_variable_num };\n\n", - s->gen_name, len, s->gen_name); + "{ %lu, oid_%s_variable_num };\n\n", + s->gen_name, (unsigned long)len, s->gen_name); free(list); @@ -545,10 +549,10 @@ define_asn1 (int level, Type *t) case TInteger: if(t->members == NULL) { fprintf (headerfile, "INTEGER"); - if (t->range) { - fprintf(headerfile, " (%lld..%lld)", - (long long)t->range->min, (long long)t->range->max); - } + if (t->range) + fprintf (headerfile, " (%lld..%lld)", + (long long)t->range->min, + (long long)t->range->max); } else { Member *m; fprintf (headerfile, "INTEGER {\n"); @@ -589,7 +593,7 @@ define_asn1 (int level, Type *t) case TSet: case TSequence: { Member *m; - int max_width = 0; + size_t max_width = 0; if(t->type == TChoice) fprintf(headerfile, "CHOICE {\n"); @@ -604,13 +608,13 @@ define_asn1 (int level, Type *t) max_width += 3; if(max_width < 16) max_width = 16; ASN1_TAILQ_FOREACH(m, t->members, members) { - int width = max_width; + size_t width = max_width; space(level + 1); if (m->ellipsis) { fprintf (headerfile, "..."); } else { width -= fprintf(headerfile, "%s", m->name); - fprintf(headerfile, "%*s", width, ""); + fprintf(headerfile, "%*s", (int)width, ""); define_asn1(level + 1, m->type); if(m->optional) fprintf(headerfile, " OPTIONAL"); @@ -693,14 +697,14 @@ define_asn1 (int level, Type *t) } static void -getnewbasename(char **newbasename, int typedefp, const char *base, const char *name) +getnewbasename(char **newbasename, int typedefp, const char *basename, const char *name) { if (typedefp) *newbasename = strdup(name); else { if (name[0] == '*') name++; - if (asprintf(newbasename, "%s_%s", base, name) < 0) + if (asprintf(newbasename, "%s_%s", basename, name) < 0) errx(1, "malloc"); } if (*newbasename == NULL) @@ -708,7 +712,7 @@ getnewbasename(char **newbasename, int typedefp, const char *base, const char *n } static void -define_type (int level, const char *name, const char *base, Type *t, int typedefp, int preservep) +define_type (int level, const char *name, const char *basename, Type *t, int typedefp, int preservep) { char *newbasename = NULL; @@ -738,10 +742,9 @@ define_type (int level, const char *name, const char *base, Type *t, int typedef fprintf (headerfile, "int %s;\n", name); } else if (t->range->min >= 0 && t->range->max <= UINT_MAX) { fprintf (headerfile, "unsigned int %s;\n", name); - } else { + } else errx(1, "%s: unsupported range %lld -> %lld", name, (long long)t->range->min, (long long)t->range->max); - } break; case TBoolean: space(level); @@ -766,7 +769,7 @@ define_type (int level, const char *name, const char *base, Type *t, int typedef fprintf (headerfile, "heim_bit_string %s;\n", name); else { int pos = 0; - getnewbasename(&newbasename, typedefp, base, name); + getnewbasename(&newbasename, typedefp, basename, name); fprintf (headerfile, "struct %s {\n", newbasename); ASN1_TAILQ_FOREACH(m, t->members, members) { @@ -825,7 +828,7 @@ define_type (int level, const char *name, const char *base, Type *t, int typedef case TSequence: { Member *m; - getnewbasename(&newbasename, typedefp, base, name); + getnewbasename(&newbasename, typedefp, basename, name); space(level); fprintf (headerfile, "struct %s {\n", newbasename); @@ -855,7 +858,7 @@ define_type (int level, const char *name, const char *base, Type *t, int typedef Type i; struct range range = { 0, UINT_MAX }; - getnewbasename(&newbasename, typedefp, base, name); + getnewbasename(&newbasename, typedefp, basename, name); i.type = TInteger; i.range = ⦥ @@ -883,13 +886,13 @@ define_type (int level, const char *name, const char *base, Type *t, int typedef fprintf (headerfile, "heim_general_string %s;\n", name); break; case TTag: - define_type (level, name, base, t->subtype, typedefp, preservep); + define_type (level, name, basename, t->subtype, typedefp, preservep); break; case TChoice: { int first = 1; Member *m; - getnewbasename(&newbasename, typedefp, base, name); + getnewbasename(&newbasename, typedefp, basename, name); space(level); fprintf (headerfile, "struct %s {\n", newbasename); diff --git a/lib/asn1/gen_decode.c b/lib/asn1/gen_decode.c index 336b18b40..650017fa6 100644 --- a/lib/asn1/gen_decode.c +++ b/lib/asn1/gen_decode.c @@ -242,6 +242,14 @@ decode_type (const char *name, const Type *t, int optional, } case TInteger: if(t->members) { + /* + * This will produce a worning, how its hard to fix since: + * if its enum to an NameType, we can add appriate + * type-cast. If its not though, we have to figure out if + * there is negative enum enum and use appropriate + * signness and size on the intertype we cast the result + * too. + */ fprintf(codefile, "{\n" "int enumint;\n"); diff --git a/lib/asn1/gen_encode.c b/lib/asn1/gen_encode.c index f043f6097..60433a00e 100644 --- a/lib/asn1/gen_encode.c +++ b/lib/asn1/gen_encode.c @@ -33,8 +33,6 @@ #include "gen_locl.h" -RCSID("$Id$"); - static void encode_primitive (const char *typename, const char *name) { @@ -50,7 +48,7 @@ classname(Der_class class) { const char *cn[] = { "ASN1_C_UNIV", "ASN1_C_APPL", "ASN1_C_CONTEXT", "ASN1_C_PRIV" }; - if(class > ASN1_C_PRIVATE) + if ((int)class >= sizeof(cn) / sizeof(cn[0])) return "???"; return cn[class]; } @@ -140,6 +138,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) } else errx(1, "%s: unsupported range %lld -> %lld", name, (long long)t->range->min, (long long)t->range->max); + constructed = 0; break; case TBoolean: @@ -289,7 +288,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) fprintf(codefile, "{\n" - "struct heim_octet_string *val;\n" + "heim_octet_string *val;\n" "size_t elen = 0, totallen = 0;\n" "int eret = 0;\n"); diff --git a/lib/asn1/gen_glue.c b/lib/asn1/gen_glue.c index 5ab93305a..773ce787d 100644 --- a/lib/asn1/gen_glue.c +++ b/lib/asn1/gen_glue.c @@ -147,7 +147,8 @@ generate_glue (const Type *t, const char *gen_name) if (!ASN1_TAILQ_EMPTY(t->members)) { generate_2int (t, gen_name); generate_int2 (t, gen_name); - generate_units (t, gen_name); + if (parse_units_flag) + generate_units (t, gen_name); } break; default : diff --git a/lib/asn1/gen_length.c b/lib/asn1/gen_length.c index 883919d26..7a8a725a0 100644 --- a/lib/asn1/gen_length.c +++ b/lib/asn1/gen_length.c @@ -91,7 +91,6 @@ length_type (const char *name, const Type *t, } else errx(1, "%s: unsupported range %lld -> %lld", name, (long long)t->range->min, (long long)t->range->max); - break; case TBoolean: fprintf (codefile, "%s += 1;\n", variable); @@ -190,14 +189,15 @@ length_type (const char *name, const Type *t, fprintf (codefile, "{\n" "size_t %s_oldret = %s;\n" - "int i;\n" + "unsigned int n_%s;\n" "%s = 0;\n", - tmpstr, variable, variable); + tmpstr, variable, tmpstr, variable); - fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name); + fprintf (codefile, "for(n_%s = (%s)->len; n_%s > 0; --n_%s){\n", + tmpstr, name, tmpstr, tmpstr); fprintf (codefile, "size_t %s_for_oldret = %s;\n" "%s = 0;\n", tmpstr, variable, variable); - if (asprintf (&n, "&(%s)->val[i]", name) < 0 || n == NULL) + if (asprintf (&n, "&(%s)->val[n_%s - 1]", name, tmpstr) < 0 || n == NULL) errx(1, "malloc"); if (asprintf (&sname, "%s_S_Of", tmpstr) < 0 || sname == NULL) errx(1, "malloc"); diff --git a/lib/asn1/gen_locl.h b/lib/asn1/gen_locl.h index 9e87b0c57..0fd9b2cd2 100644 --- a/lib/asn1/gen_locl.h +++ b/lib/asn1/gen_locl.h @@ -92,10 +92,13 @@ void gen_template_import(const Symbol *); extern FILE *privheaderfile, *headerfile, *codefile, *logfile, *templatefile; +const char *fuzzer_string; extern int support_ber; extern int template_flag; extern int rfc1510_bitstring; extern int one_code_file; +extern int parse_units_flag; +extern char *type_file_string; extern int error_flag; diff --git a/lib/asn1/gen_template.c b/lib/asn1/gen_template.c index 77f2c35f8..c6ef733c2 100644 --- a/lib/asn1/gen_template.c +++ b/lib/asn1/gen_template.c @@ -3,7 +3,7 @@ * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * - * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * Portions Copyright (c) 2009 - 2010 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -40,13 +40,13 @@ static void generate_template_type(const char *, const char **, const char *, co Type *, int, int, int); static const char * -ttype_symbol(const char *base, const Type *t) +ttype_symbol(const char *basename, const Type *t) { return t->symbol->gen_name; } static const char * -integer_symbol(const char *base, const Type *t) +integer_symbol(const char *basename, const Type *t) { if (t->members) return "int"; /* XXX enum foo */ @@ -67,89 +67,95 @@ integer_symbol(const char *base, const Type *t) } static const char * -boolean_symbol(const char *base, const Type *t) +boolean_symbol(const char *basename, const Type *t) { return "int"; } static const char * -octetstring_symbol(const char *base, const Type *t) +octetstring_symbol(const char *basename, const Type *t) { return "heim_octet_string"; } static const char * -sequence_symbol(const char *base, const Type *t) +sequence_symbol(const char *basename, const Type *t) { - return base; + return basename; } static const char * -time_symbol(const char *base, const Type *t) +time_symbol(const char *basename, const Type *t) { return "time_t"; } static const char * -tag_symbol(const char *base, const Type *t) +tag_symbol(const char *basename, const Type *t) { - return symbol_name(base, t->subtype); + return symbol_name(basename, t->subtype); } static const char * -generalstring_symbol(const char *base, const Type *t) +generalstring_symbol(const char *basename, const Type *t) { return "heim_general_string"; } static const char * -printablestring_symbol(const char *base, const Type *t) +printablestring_symbol(const char *basename, const Type *t) { return "heim_printable_string"; } static const char * -ia5string_symbol(const char *base, const Type *t) +ia5string_symbol(const char *basename, const Type *t) { return "heim_ia5_string"; } static const char * -visiblestring_symbol(const char *base, const Type *t) +teletexstring_symbol(const char *basename, const Type *t) +{ + return "heim_teletex_string"; +} + +static const char * +visiblestring_symbol(const char *basename, const Type *t) { return "heim_visible_string"; } static const char * -utf8string_symbol(const char *base, const Type *t) +utf8string_symbol(const char *basename, const Type *t) { return "heim_utf8_string"; } static const char * -bmpstring_symbol(const char *base, const Type *t) +bmpstring_symbol(const char *basename, const Type *t) { return "heim_bmp_string"; } static const char * -universalstring_symbol(const char *base, const Type *t) +universalstring_symbol(const char *basename, const Type *t) { return "heim_universal_string"; } static const char * -oid_symbol(const char *base, const Type *t) +oid_symbol(const char *basename, const Type *t) { return "heim_oid"; } static const char * -bitstring_symbol(const char *base, const Type *t) +bitstring_symbol(const char *basename, const Type *t) { if (t->members) - return base; + return basename; return "heim_bit_string"; } @@ -166,6 +172,7 @@ struct { { TGeneralString, generalstring_symbol, 0 }, { TGeneralizedTime, time_symbol, 0 }, { TIA5String, ia5string_symbol, 0 }, + { TTeletexString, generalstring_symbol, 0 }, { TInteger, integer_symbol, 0 }, { TOID, oid_symbol, 0 }, { TOctetString, octetstring_symbol, 0 }, @@ -177,6 +184,7 @@ struct { { TType, ttype_symbol, 1 }, { TUTCTime, time_symbol, 0 }, { TUniversalString, universalstring_symbol, 0 }, + { TTeletexString, teletexstring_symbol, 0 }, { TVisibleString, visiblestring_symbol, 0 }, { TUTF8String, utf8string_symbol, 0 }, { TChoice, sequence_symbol, 1 }, @@ -210,25 +218,25 @@ is_template_compat (const Symbol *s) } static const char * -symbol_name(const char *base, const Type *t) +symbol_name(const char *basename, const Type *t) { size_t i; for (i = 0; i < sizeof(types)/sizeof(types[0]); i++) if (t->type == types[i].type) - return (types[i].symbol_name)(base, t); + return (types[i].symbol_name)(basename, t); printf("unknown der type: %d\n", t->type); exit(1); } static char * -partial_offset(const char *basetype, const char *name, int need_offset) +partial_offset(const char *basetype, const char *name, int need_offset, int isstruct) { char *str; if (name == NULL || need_offset == 0) return strdup("0"); - if (asprintf(&str, "offsetof(struct %s, %s)", basetype, name) < 0 || str == NULL) + if (asprintf(&str, "offsetof(%s%s, %s)", isstruct ? "struct " : "", basetype, name) < 0 || str == NULL) errx(1, "malloc"); return str; } @@ -308,7 +316,7 @@ tlist_print(struct tlist *tl) unsigned int i = 1; FILE *f = get_code_file(); - fprintf(f, "static const struct asn1_template asn1_%s[] = {\n", tl->name); + fprintf(f, "const struct asn1_template asn1_%s[] = {\n", tl->name); fprintf(f, "/* 0 */ %s,\n", tl->header); ASN1_TAILQ_FOREACH(q, &tl->template, members) { int last = (ASN1_TAILQ_LAST(&tl->template, templatehead) == q); @@ -333,6 +341,10 @@ tlist_cmp_name(const char *tname, const char *qname) { struct tlist *tl = tlist_find_by_name(tname); struct tlist *ql = tlist_find_by_name(qname); + if (tl == NULL) + return 1; + if (ql == NULL) + return -1; return tlist_cmp(tl, ql); } @@ -433,7 +445,7 @@ use_extern(const Symbol *s) } static int -is_struct(Type *t, int isstruct) +is_struct(const Type *t, int isstruct) { size_t i; @@ -465,24 +477,28 @@ compact_tag(const Type *t) } static void -template_members(struct templatehead *temp, const char *basetype, const char *name, const Type *t, int optional, int isstruct, int need_offset) +template_members(struct templatehead *temp, const char *basetype, const char *name, const Type *t, int optional, int implicit, int isstruct, int need_offset) { char *poffset = NULL; if (optional && t->type != TTag && t->type != TType) errx(1, "%s...%s is optional and not a (TTag or TType)", basetype, name); - poffset = partial_offset(basetype, name, need_offset); + poffset = partial_offset(basetype, name, need_offset, isstruct); switch (t->type) { case TType: if (use_extern(t->symbol)) { - add_line(temp, "{ A1_OP_TYPE_EXTERN %s, %s, &asn1_extern_%s}", + add_line(temp, "{ A1_OP_TYPE_EXTERN %s%s, %s, &asn1_extern_%s}", optional ? "|A1_FLAG_OPTIONAL" : "", + implicit ? "|A1_FLAG_IMPLICIT" : "", poffset, t->symbol->gen_name); } else { add_line_pointer(temp, t->symbol->gen_name, poffset, - "A1_OP_TYPE %s", optional ? "|A1_FLAG_OPTIONAL" : ""); + "A1_OP_TYPE %s%s", + optional ? "|A1_FLAG_OPTIONAL" : "", + implicit ? "|A1_FLAG_IMPLICIT" : ""); + } break; case TInteger: { @@ -555,6 +571,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na size_t count = 0, i; char *bname = NULL; FILE *f = get_code_file(); + static unsigned long bmember_counter = 0; ASN1_TAILQ_INIT(&template); @@ -563,7 +580,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na break; } - if (asprintf(&bname, "bmember_%s_%p", name ? name : "", t) < 0 || bname == NULL) + if (asprintf(&bname, "bmember_%s_%lu", name ? name : "", bmember_counter++) < 0 || bname == NULL) errx(1, "malloc"); output_name(bname); @@ -595,6 +612,8 @@ template_members(struct templatehead *temp, const char *basetype, const char *na case TSequence: { Member *m; + fprintf(get_code_file(), "/* tsequence: members isstruct: %d */\n", isstruct); + ASN1_TAILQ_FOREACH(m, t->members, members) { char *newbasename = NULL; @@ -609,7 +628,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na if (newbasename == NULL) errx(1, "malloc"); - template_members(temp, newbasename, m->gen_name, m->type, m->optional, isstruct, 1); + template_members(temp, newbasename, m->gen_name, m->type, m->optional, 0, isstruct, 1); free(newbasename); } @@ -620,13 +639,47 @@ template_members(struct templatehead *temp, const char *basetype, const char *na char *tname = NULL, *elname = NULL; const char *sename, *dupname; int subtype_is_struct = is_struct(t->subtype, isstruct); + static unsigned long tag_counter = 0; + int tagimplicit = (t->tag.tagenv == TE_IMPLICIT); + struct type *subtype; + + fprintf(get_code_file(), "/* template_members: %s %s %s */\n", basetype, implicit ? "imp" : "exp", tagimplicit ? "imp" : "exp"); + + if (tagimplicit) { + + struct type *type = t->subtype; + int have_tag = 0; + + while (!have_tag) { + if (type->type == TTag) { + fprintf(get_code_file(), "/* template_members: imp skip tag */\n"); + type = type->subtype; + have_tag = 1; + } else if(type->type == TType && type->symbol && type->symbol->type) { + /* XXX really, we should stop here and find a + * pointer to where this is encoded instead of + * generated an new structure and hope that the + * optimizer catch it later. + */ + subtype_is_struct = is_struct(type, isstruct); + fprintf(get_code_file(), "/* template_members: imp skip type %s isstruct: %d */\n", + type->symbol->name, subtype_is_struct); + type = type->symbol->type; + } else { + have_tag = 1; + } + } + subtype = type; + } else { + subtype = t->subtype; + } if (subtype_is_struct) sename = basetype; else - sename = symbol_name(basetype, t->subtype); + sename = symbol_name(basetype, subtype); - if (asprintf(&tname, "tag_%s_%p", name ? name : "", t) < 0 || tname == NULL) + if (asprintf(&tname, "tag_%s_%lu", name ? name : "", tag_counter++) < 0 || tname == NULL) errx(1, "malloc"); output_name(tname); @@ -634,14 +687,15 @@ template_members(struct templatehead *temp, const char *basetype, const char *na errx(1, "malloc"); generate_template_type(elname, &dupname, NULL, sename, name, - t->subtype, 0, subtype_is_struct, 0); + subtype, 0, subtype_is_struct, 0); add_line_pointer(temp, dupname, poffset, - "A1_TAG_T(%s,%s,%s)%s", + "A1_TAG_T(%s,%s,%s)%s%s", classname(t->tag.tagclass), - is_primitive_type(t->subtype->type) ? "PRIM" : "CONS", + is_primitive_type(subtype->type) ? "PRIM" : "CONS", valuename(t->tag.tagclass, t->tag.tagvalue), - optional ? "|A1_FLAG_OPTIONAL" : ""); + optional ? "|A1_FLAG_OPTIONAL" : "", + tagimplicit ? "|A1_FLAG_IMPLICIT" : ""); free(tname); free(elname); @@ -653,6 +707,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na const char *type = NULL, *tname, *dupname; char *sename = NULL, *elname = NULL; int subtype_is_struct = is_struct(t->subtype, 0); + static unsigned long seof_counter = 0; if (name && subtype_is_struct) { tname = "seofTstruct"; @@ -676,7 +731,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na else if (t->type == TSequenceOf) type = "A1_OP_SEQOF"; else abort(); - if (asprintf(&elname, "%s_%s_%p", basetype, tname, t) < 0 || elname == NULL) + if (asprintf(&elname, "%s_%s_%lu", basetype, tname, seof_counter++) < 0 || elname == NULL) errx(1, "malloc"); generate_template_type(elname, &dupname, NULL, sename, NULL, t->subtype, @@ -695,11 +750,12 @@ template_members(struct templatehead *temp, const char *basetype, const char *na Member *m; int ellipsis = 0; char *e; + static unsigned long choice_counter = 0; ASN1_TAILQ_INIT(&template); - if (asprintf(&tname, "asn1_choice_%s_%s%x", - basetype, name ? name : "", (unsigned int)(uintptr_t)t) < 0 || tname == NULL) + if (asprintf(&tname, "asn1_choice_%s_%s%lu", + basetype, name ? name : "", choice_counter++) < 0 || tname == NULL) errx(1, "malloc"); ASN1_TAILQ_FOREACH(m, t->members, members) { @@ -811,14 +867,18 @@ generate_template_type(const char *varname, int optional, int isstruct, int need_offset) { struct tlist *tl; - const char *d; - char *szt = NULL; + const char *dup; int have_ellipsis = 0; - int n; + int implicit = 0; tl = tlist_new(varname); - template_members(&tl->template, basetype, name, type, optional, isstruct, need_offset); + if (type->type == TTag) + implicit = (type->tag.tagenv == TE_IMPLICIT); + + fprintf(get_code_file(), "extern const struct asn1_template asn1_%s[];\n", tl->name); + + template_members(&tl->template, basetype, name, type, optional, implicit, isstruct, need_offset); /* if its a sequence or set type, check if there is a ellipsis */ if (type->type == TSequence || type->type == TSet) { @@ -829,30 +889,23 @@ generate_template_type(const char *varname, } } - if (isstruct) - if (name) - n = asprintf(&szt, "struct %s_%s", basetype, name); - else - n = asprintf(&szt, "struct %s", basetype); - else - n = asprintf(&szt, "%s", basetype); - if (n < 0 || szt == NULL) - errx(1, "malloc"); - if (ASN1_TAILQ_EMPTY(&tl->template) && compact_tag(type)->type != TNull) errx(1, "Tag %s...%s with no content ?", basetype, name ? name : ""); - tlist_header(tl, "{ 0%s%s, sizeof(%s), ((void *)%lu) }", + fprintf(get_code_file(), "/* generate_template_type: %s */\n", tl->name); + + tlist_header(tl, "{ 0%s%s, sizeof(%s%s), ((void *)%lu) }", (symname && preserve_type(symname)) ? "|A1_HF_PRESERVE" : "", - have_ellipsis ? "|A1_HF_ELLIPSIS" : "", szt, tlist_count(tl)); + have_ellipsis ? "|A1_HF_ELLIPSIS" : "", + isstruct ? "struct " : "", basetype, tlist_count(tl)); - free(szt); - - d = tlist_find_dup(tl); - if (d) { - if (strcmp(d, tl->name) == 0) - errx(1, "found dup of ourself"); - *dupname = d; + dup = tlist_find_dup(tl); + if (dup) { +#if 0 + if (strcmp(dup, tl->name) == 0) + errx(1, "found dup of ourself: %s", dup); +#endif + *dupname = dup; } else { *dupname = tl->name; tlist_print(tl); @@ -892,11 +945,12 @@ generate_template(const Symbol *s) "int\n" "encode_%s(unsigned char *p, size_t len, const %s *data, size_t *size)\n" "{\n" - " return _asn1_encode(asn1_%s, p, len, data, size);\n" + " return _asn1_encode%s(asn1_%s, p, len, data, size);\n" "}\n" "\n", s->gen_name, s->gen_name, + fuzzer_string, dupname); fprintf(f, @@ -904,11 +958,12 @@ generate_template(const Symbol *s) "size_t\n" "length_%s(const %s *data)\n" "{\n" - " return _asn1_length(asn1_%s, data);\n" + " return _asn1_length%s(asn1_%s, data);\n" "}\n" "\n", s->gen_name, s->gen_name, + fuzzer_string, dupname); @@ -917,7 +972,7 @@ generate_template(const Symbol *s) "void\n" "free_%s(%s *data)\n" "{\n" - " _asn1_free(asn1_%s, data);\n" + " _asn1_free_top(asn1_%s, data);\n" "}\n" "\n", s->gen_name, diff --git a/lib/asn1/heim_asn1.h b/lib/asn1/heim_asn1.h index 23041251b..4eeafc20f 100644 --- a/lib/asn1/heim_asn1.h +++ b/lib/asn1/heim_asn1.h @@ -34,8 +34,6 @@ #ifndef __HEIM_ANY_H__ #define __HEIM_ANY_H__ 1 -#include - int encode_heim_any(unsigned char *, size_t, const heim_any *, size_t *); int decode_heim_any(const unsigned char *, size_t, heim_any *, size_t *); void free_heim_any(heim_any *); diff --git a/lib/asn1/krb5.asn1 b/lib/asn1/krb5.asn1 index 728fa2488..7915428fd 100644 --- a/lib/asn1/krb5.asn1 +++ b/lib/asn1/krb5.asn1 @@ -97,7 +97,10 @@ NAME-TYPE ::= INTEGER { KRB5_NT_ENT_PRINCIPAL_AND_ID(-130), -- Windows 2000 UPN and SID KRB5_NT_MS_PRINCIPAL(-128), -- NT 4 style name KRB5_NT_MS_PRINCIPAL_AND_ID(-129), -- NT style name and SID - KRB5_NT_NTLM(-1200), -- NTLM name, realm is domain + KRB5_NT_NTLM(-1200), -- NTLM name, realm is domain + KRB5_NT_X509_GENERAL_NAME(-1201), -- x509 general name (base64 encoded) + KRB5_NT_GSS_HOSTBASED_SERVICE(-1202), + KRB5_NT_CACHE_UUID(-1203), -- name is actually a uuid pointing to ccache, use client name in cache, KRB5_NT_SRV_HST_NEEDS_CANON (-195894762) -- -(0x0bad1dea) } @@ -278,10 +281,10 @@ PrincipalName ::= SEQUENCE { Principal ::= SEQUENCE { name[0] PrincipalName, realm[1] Realm - -- Note that while it'd be nice to be able to add OPTIONAL - -- fields at the end here there are issues regarding - -- applications that allocate krb5_principal_data's on the - -- stack. + -- Note that while it'd be nice to be able to add OPTIONAL + -- fields at the end here there are issues regarding + -- applications that allocate krb5_principal_data's on the + -- stack. } Principals ::= SEQUENCE OF Principal @@ -374,7 +377,7 @@ LastReq ::= SEQUENCE OF SEQUENCE { EncryptedData ::= SEQUENCE { etype[0] ENCTYPE, -- EncryptionType - kvno[1] krb5uint32 OPTIONAL, + kvno[1] krb5int32 OPTIONAL, cipher[2] OCTET STRING -- ciphertext } @@ -853,6 +856,64 @@ KDCFastCookie ::= SEQUENCE { cookie [1] EncryptedData } +KDC-PROXY-MESSAGE ::= SEQUENCE { + kerb-message [0] OCTET STRING, + target-domain [1] Realm OPTIONAL, + dclocator-hint [2] INTEGER OPTIONAL +} + +-- these messages are used in the GSSCred communication and is not part of Kerberos propper + +KERB-TIMES ::= SEQUENCE { + authtime [0] KerberosTime, + starttime [1] KerberosTime, + endtime [2] KerberosTime, + renew_till [3] KerberosTime +} + +KERB-CRED ::= SEQUENCE { + client [0] Principal, + server [1] Principal, + keyblock [2] EncryptionKey, + times [3] KERB-TIMES, + ticket [4] OCTET STRING, + authdata [5] OCTET STRING, + addresses [6] HostAddresses, + flags [7] TicketFlags +} + +KERB-TGS-REQ-IN ::= SEQUENCE { + cache [0] OCTET STRING SIZE (16), + addrs [1] HostAddresses, + flags [2] krb5uint32, + imp [3] Principal OPTIONAL, + ticket [4] OCTET STRING OPTIONAL, + in_cred [5] KERB-CRED, + krbtgt [6] KERB-CRED, + padata [7] METHOD-DATA +} + +KERB-TGS-REQ-OUT ::= SEQUENCE { + subkey [0] EncryptionKey OPTIONAL, + t [1] TGS-REQ +} + + + +KERB-TGS-REP-IN ::= SEQUENCE { + cache [0] OCTET STRING SIZE (16), + subkey [1] EncryptionKey OPTIONAL, + in_cred [2] KERB-CRED, + t [3] TGS-REP +} + +KERB-TGS-REP-OUT ::= SEQUENCE { + cache [0] OCTET STRING SIZE (16), + cred [1] KERB-CRED, + subkey [2] EncryptionKey +} + + END -- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' k5.asn1 diff --git a/lib/asn1/libasn1-exports.def b/lib/asn1/libasn1-exports.def index dc3b5b09a..dd39b0faf 100644 --- a/lib/asn1/libasn1-exports.def +++ b/lib/asn1/libasn1-exports.def @@ -738,7 +738,6 @@ EXPORTS der_get_heim_integer der_get_ia5_string der_get_integer - der_get_integer64 der_get_length der_get_octet_string der_get_octet_string_ber @@ -751,7 +750,7 @@ EXPORTS der_get_type_num der_get_universal_string der_get_unsigned - der_get_unsigned64 + der_get_unsigned64 der_get_utctime der_get_utf8string der_get_visible_string @@ -779,7 +778,7 @@ EXPORTS der_length_tag der_length_universal_string der_length_unsigned - der_length_unsigned64 + der_length_unsigned64 der_length_utctime der_length_utf8string der_length_visible_string @@ -800,7 +799,6 @@ EXPORTS der_put_ia5_string der_put_integer der_put_integer64 - der_put_integer64 der_put_length der_put_length_and_tag der_put_octet_string @@ -809,7 +807,7 @@ EXPORTS der_put_tag der_put_universal_string der_put_unsigned - der_put_unsigned64 + der_put_unsigned64 der_put_utctime der_put_utf8string der_put_visible_string @@ -924,8 +922,6 @@ EXPORTS encode_IssuerAndSerialNumber encode_KDCDHKeyInfo encode_KDCDHKeyInfo_Win2k - encode_KDCFastCookie - encode_KDCFastState encode_KDCOptions encode_KDC_REP encode_KDC_REQ @@ -1178,8 +1174,6 @@ EXPORTS free_IssuerAndSerialNumber free_KDCDHKeyInfo free_KDCDHKeyInfo_Win2k - free_KDCFastCookie - free_KDCFastState free_KDCOptions free_KDC_REP free_KDC_REQ diff --git a/lib/asn1/main.c b/lib/asn1/main.c index 2c20013c1..80038cd37 100644 --- a/lib/asn1/main.c +++ b/lib/asn1/main.c @@ -35,8 +35,6 @@ #include #include "lex.h" -RCSID("$Id$"); - extern FILE *yyin; static getarg_strings preserve; @@ -62,22 +60,29 @@ seq_type(const char *p) return 0; } +const char *fuzzer_string = ""; +int fuzzer_flag; int support_ber; int template_flag; int rfc1510_bitstring; int one_code_file; char *option_file; +int parse_units_flag = 1; +char *type_file_string = "krb5-types.h"; int version_flag; int help_flag; struct getargs args[] = { + { "fuzzer", 0, arg_flag, &fuzzer_flag, NULL, NULL }, { "template", 0, arg_flag, &template_flag, NULL, NULL }, - { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring, NULL, NULL}, + { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring, NULL, NULL }, { "decode-dce-ber", 0, arg_flag, &support_ber, NULL, NULL }, { "support-ber", 0, arg_flag, &support_ber, NULL, NULL }, { "preserve-binary", 0, arg_strings, &preserve, NULL, NULL }, { "sequence", 0, arg_strings, &seq, NULL, NULL }, { "one-code-file", 0, arg_flag, &one_code_file, NULL, NULL }, { "option-file", 0, arg_string, &option_file, NULL, NULL }, + { "parse-units", 0, arg_negative_flag, &parse_units_flag, NULL, NULL }, + { "type-file", 0, arg_string, &type_file_string, NULL, NULL }, { "version", 0, arg_flag, &version_flag, NULL, NULL }, { "help", 0, arg_flag, &help_flag, NULL, NULL } }; @@ -100,7 +105,7 @@ main(int argc, char **argv) const char *name = NULL; int optidx = 0; char **arg = NULL; - size_t len = 0, i; + int len = 0, i; setprogname(argv[0]); if(getarg(args, num_args, argc, argv, &optidx)) @@ -180,6 +185,16 @@ main(int argc, char **argv) } } + if (fuzzer_flag) { + if (!template_flag) { + printf("can't do fuzzer w/o --template"); + exit(1); + } +#ifdef ASN1_FUZZER + fuzzer_string = "_fuzzer"; +#endif + } + init_generate (file, name); diff --git a/lib/asn1/pkinit.asn1 b/lib/asn1/pkinit.asn1 index f36ebf0b3..325752f41 100644 --- a/lib/asn1/pkinit.asn1 +++ b/lib/asn1/pkinit.asn1 @@ -17,6 +17,8 @@ id-pkrkeydata OBJECT IDENTIFIER ::= { id-pkinit 3 } id-pkekuoid OBJECT IDENTIFIER ::= { id-pkinit 4 } id-pkkdcekuoid OBJECT IDENTIFIER ::= { id-pkinit 5 } +id-apple-system-id OBJECT IDENTIFIER ::= { 1 2 840 113635 100 4 4 } + id-pkinit-kdf OBJECT IDENTIFIER ::= { id-pkinit 6 } id-pkinit-kdf-ah-sha1 OBJECT IDENTIFIER ::= { id-pkinit-kdf 1 } id-pkinit-kdf-ah-sha256 OBJECT IDENTIFIER ::= { id-pkinit-kdf 2 } diff --git a/lib/asn1/rfc2459.asn1 b/lib/asn1/rfc2459.asn1 index d6c273d0e..a3a7d47e2 100644 --- a/lib/asn1/rfc2459.asn1 +++ b/lib/asn1/rfc2459.asn1 @@ -128,6 +128,8 @@ id-at-stateOrProvinceName OBJECT IDENTIFIER ::= { id-x520-at 8 } id-at-streetAddress OBJECT IDENTIFIER ::= { id-x520-at 9 } id-at-organizationName OBJECT IDENTIFIER ::= { id-x520-at 10 } id-at-organizationalUnitName OBJECT IDENTIFIER ::= { id-x520-at 11 } +id-at-title OBJECT IDENTIFIER ::= { id-x520-at 12 } +id-at-description OBJECT IDENTIFIER ::= { id-x520-at 13 } id-at-name OBJECT IDENTIFIER ::= { id-x520-at 41 } id-at-givenName OBJECT IDENTIFIER ::= { id-x520-at 42 } id-at-initials OBJECT IDENTIFIER ::= { id-x520-at 43 } diff --git a/lib/asn1/symbol.c b/lib/asn1/symbol.c index b05f68fa7..a090ee95c 100644 --- a/lib/asn1/symbol.c +++ b/lib/asn1/symbol.c @@ -78,7 +78,7 @@ addsym(char *name) key.name = name; s = (Symbol *) hashtabsearch(htab, (void *) &key); if (s == NULL) { - s = (Symbol *) emalloc(sizeof(*s)); + s = (Symbol *) ecalloc(1, sizeof(*s)); s->name = name; s->gen_name = estrdup(name); output_name(s->gen_name); diff --git a/lib/asn1/symbol.h b/lib/asn1/symbol.h index a00331617..97b4db726 100644 --- a/lib/asn1/symbol.h +++ b/lib/asn1/symbol.h @@ -37,7 +37,6 @@ #define _SYMBOL_H #include "asn1_queue.h" -#include enum typetype { TBitString, @@ -130,6 +129,7 @@ struct type { struct tagtype tag; struct range *range; struct constraint_spec *constraint; + unsigned long id; }; typedef struct type Type; diff --git a/lib/asn1/template.c b/lib/asn1/template.c index d3b2c07f0..0d3df69b9 100644 --- a/lib/asn1/template.c +++ b/lib/asn1/template.c @@ -3,7 +3,7 @@ * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * - * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * Portions Copyright (c) 2009 - 2010 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -36,17 +36,7 @@ #include "der_locl.h" #include -#if 0 -#define ABORT_ON_ERROR() abort() -#else -#define ABORT_ON_ERROR() do { } while(0) -#endif - -#define DPOC(data,offset) ((const void *)(((const unsigned char *)data) + offset)) -#define DPO(data,offset) ((void *)(((unsigned char *)data) + offset)) - - -static struct asn1_type_func prim[] = { +struct asn1_type_func asn1_template_prim[A1T_NUM_ENTRY] = { #define el(name, type) { \ (asn1_type_encode)der_put_##name, \ (asn1_type_decode)der_get_##name, \ @@ -91,8 +81,8 @@ static struct asn1_type_func prim[] = { #undef elber }; -static size_t -sizeofType(const struct asn1_template *t) +size_t +_asn1_sizeofType(const struct asn1_template *t) { return t->offset; } @@ -108,8 +98,8 @@ sizeofType(const struct asn1_template *t) */ static void -bmember_get_bit(const unsigned char *p, void *data, - unsigned int bit, size_t size) +_asn1_bmember_get_bit(const unsigned char *p, void *data, + unsigned int bit, size_t size) { unsigned int localbit = bit % 8; if ((*p >> (7 - localbit)) & 1) { @@ -121,8 +111,8 @@ bmember_get_bit(const unsigned char *p, void *data, } } -static int -bmember_isset_bit(const void *data, unsigned int bit, size_t size) +int +_asn1_bmember_isset_bit(const void *data, unsigned int bit, size_t size) { #ifdef WORDS_BIGENDIAN if ((*(unsigned int *)data) & (1 << ((size * 8) - bit - 1))) @@ -135,13 +125,13 @@ bmember_isset_bit(const void *data, unsigned int bit, size_t size) #endif } -static void -bmember_put_bit(unsigned char *p, const void *data, unsigned int bit, - size_t size, unsigned int *bitset) +void +_asn1_bmember_put_bit(unsigned char *p, const void *data, unsigned int bit, + size_t size, unsigned int *bitset) { unsigned int localbit = bit % 8; - if (bmember_isset_bit(data, bit, size)) { + if (_asn1_bmember_isset_bit(data, bit, size)) { *p |= (1 << (7 - localbit)); if (*bitset == 0) *bitset = (7 - localbit) + 1; @@ -150,7 +140,7 @@ bmember_put_bit(unsigned char *p, const void *data, unsigned int bit, int _asn1_decode(const struct asn1_template *t, unsigned flags, - const unsigned char *p, size_t len, void *data, size_t *retsize) + const unsigned char *p, size_t len, void *data, size_t *size) { size_t elements = A1_HEADER_LEN(t); size_t oldlen = len; @@ -168,19 +158,19 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, switch (t->tt & A1_OP_MASK) { case A1_OP_TYPE: case A1_OP_TYPE_EXTERN: { - size_t newsize, size; + size_t newsize, elsize; void *el = DPO(data, t->offset); void **pel = (void **)el; if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { - size = sizeofType(t->ptr); + elsize = _asn1_sizeofType(t->ptr); } else { const struct asn1_type_func *f = t->ptr; - size = f->size; + elsize = f->size; } if (t->tt & A1_FLAG_OPTIONAL) { - *pel = calloc(1, size); + *pel = calloc(1, elsize); if (*pel == NULL) return ENOMEM; el = *pel; @@ -252,7 +242,7 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, if (t->tt & A1_FLAG_OPTIONAL) { void **el = (void **)data; - size_t ellen = sizeofType(t->ptr); + size_t ellen = _asn1_sizeofType(t->ptr); *el = calloc(1, ellen); if (*el == NULL) @@ -264,8 +254,13 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, if (ret) return ret; - if (newsize != datalen) + if (is_indefinite) { + /* If we use indefinite encoding, the newsize is the datasize. */ + datalen = newsize; + } else if (newsize != datalen) { + /* Check for hidden data that might be after the real tag */ return ASN1_EXTRA_DATA; + } len -= datalen; p += datalen; @@ -302,12 +297,12 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, if (flags & A1_PF_INDEFINTE) type++; - if (type >= sizeof(prim)/sizeof(prim[0])) { + if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) { ABORT_ON_ERROR(); return ASN1_PARSE_ERROR; } - ret = (prim[type].decode)(p, len, el, &newsize); + ret = (asn1_template_prim[type].decode)(p, len, el, &newsize); if (ret) return ret; p += newsize; len -= newsize; @@ -318,7 +313,7 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, case A1_OP_SEQOF: { struct template_of *el = DPO(data, t->offset); size_t newsize; - size_t ellen = sizeofType(t->ptr); + size_t ellen = _asn1_sizeofType(t->ptr); size_t vallength = 0; while (len > 0) { @@ -347,19 +342,19 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, } case A1_OP_BMEMBER: { const struct asn1_template *bmember = t->ptr; - size_t size = bmember->offset; - size_t els = A1_HEADER_LEN(bmember); + size_t bsize = bmember->offset; + size_t belements = A1_HEADER_LEN(bmember); size_t pos = 0; bmember++; - memset(data, 0, size); + memset(data, 0, bsize); if (len < 1) return ASN1_OVERRUN; p++; len--; - while (els && len) { + while (belements && len) { while (bmember->offset / 8 > pos / 8) { if (len < 1) break; @@ -367,8 +362,8 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, pos += 8; } if (len) { - bmember_get_bit(p, data, bmember->offset, size); - els--; bmember++; + _asn1_bmember_get_bit(p, data, bmember->offset, bsize); + belements--; bmember++; } } len = 0; @@ -380,6 +375,9 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, size_t datalen; unsigned int i; + /* provide a saner value as default, we should have a NO element value */ + *element = 1; + for (i = 1; i < A1_HEADER_LEN(choice) + 1; i++) { /* should match first tag instead, store it in choice.tt */ ret = _asn1_decode(choice[i].ptr, 0, p, len, @@ -419,8 +417,8 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, oldlen -= len; - if (retsize) - *retsize = oldlen; + if (size) + *size = oldlen; /* * saved the raw bits if asked for it, useful for signature @@ -441,8 +439,7 @@ _asn1_decode(const struct asn1_template *t, unsigned flags, } int -_asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, - const void *data, size_t *retsize) +_asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, const void *data, size_t *size) { size_t elements = A1_HEADER_LEN(t); int ret = 0; @@ -516,12 +513,12 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, size_t newsize; const void *el = DPOC(data, t->offset); - if (type > sizeof(prim)/sizeof(prim[0])) { + if (type > sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) { ABORT_ON_ERROR(); return ASN1_PARSE_ERROR; } - ret = (prim[type].encode)(p, len, el, &newsize); + ret = (asn1_template_prim[type].encode)(p, len, el, &newsize); if (ret) return ret; p -= newsize; len -= newsize; @@ -530,8 +527,8 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, } case A1_OP_SETOF: { const struct template_of *el = DPOC(data, t->offset); - size_t ellen = sizeofType(t->ptr); - struct heim_octet_string *val; + size_t ellen = _asn1_sizeofType(t->ptr); + heim_octet_string *val; unsigned char *elptr = el->val; size_t i, totallen; @@ -541,7 +538,7 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, if (el->len > UINT_MAX/sizeof(val[0])) return ERANGE; - val = malloc(sizeof(val[0]) * el->len); + val = calloc(el->len, sizeof(val[0])); if (val == NULL) return ENOMEM; @@ -550,7 +547,13 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, size_t l; val[i].length = _asn1_length(t->ptr, elptr); - val[i].data = malloc(val[i].length); + if (val[i].length) { + val[i].data = malloc(val[i].length); + if (val[i].data == NULL) { + ret = ENOMEM; + break; + } + } ret = _asn1_encode(t->ptr, DPO(val[i].data, val[i].length - 1), val[i].length, elptr, &l); @@ -568,9 +571,8 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, if (ret == 0 && totallen > len) ret = ASN1_OVERFLOW; if (ret) { - do { + for (i = 0; i < el->len; i++) free(val[i].data); - } while(i-- > 0); free(val); return ret; } @@ -592,7 +594,7 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, } case A1_OP_SEQOF: { struct template_of *el = DPO(data, t->offset); - size_t ellen = sizeofType(t->ptr); + size_t ellen = _asn1_sizeofType(t->ptr); size_t newsize; unsigned int i; unsigned char *elptr = el->val; @@ -616,21 +618,21 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, } case A1_OP_BMEMBER: { const struct asn1_template *bmember = t->ptr; - size_t size = bmember->offset; - size_t els = A1_HEADER_LEN(bmember); + size_t bsize = bmember->offset; + size_t belements = A1_HEADER_LEN(bmember); size_t pos; unsigned char c = 0; unsigned int bitset = 0; int rfc1510 = (bmember->tt & A1_HBF_RFC1510); - bmember += els; + bmember += belements; if (rfc1510) pos = 31; else pos = bmember->offset; - while (els && len) { + while (belements && len) { while (bmember->offset / 8 < pos / 8) { if (rfc1510 || bitset || c) { if (len < 1) @@ -640,8 +642,8 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, c = 0; pos -= 8; } - bmember_put_bit(&c, data, bmember->offset, size, &bitset); - els--; bmember--; + _asn1_bmember_put_bit(&c, data, bmember->offset, bsize, &bitset); + belements--; bmember--; } if (rfc1510 || bitset) { if (len < 1) @@ -691,8 +693,8 @@ _asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, t--; elements--; } - if (retsize) - *retsize = oldlen - len; + if (size) + *size = oldlen - len; return 0; } @@ -750,17 +752,17 @@ _asn1_length(const struct asn1_template *t, const void *data) unsigned int type = A1_PARSE_TYPE(t->tt); const void *el = DPOC(data, t->offset); - if (type > sizeof(prim)/sizeof(prim[0])) { + if (type > sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) { ABORT_ON_ERROR(); break; } - ret += (prim[type].length)(el); + ret += (asn1_template_prim[type].length)(el); break; } case A1_OP_SETOF: case A1_OP_SEQOF: { const struct template_of *el = DPOC(data, t->offset); - size_t ellen = sizeofType(t->ptr); + size_t ellen = _asn1_sizeofType(t->ptr); const unsigned char *element = el->val; unsigned int i; @@ -774,7 +776,7 @@ _asn1_length(const struct asn1_template *t, const void *data) case A1_OP_BMEMBER: { const struct asn1_template *bmember = t->ptr; size_t size = bmember->offset; - size_t els = A1_HEADER_LEN(bmember); + size_t belements = A1_HEADER_LEN(bmember); int rfc1510 = (bmember->tt & A1_HBF_RFC1510); if (rfc1510) { @@ -783,14 +785,14 @@ _asn1_length(const struct asn1_template *t, const void *data) ret += 1; - bmember += els; + bmember += belements; - while (els) { - if (bmember_isset_bit(data, bmember->offset, size)) { + while (belements) { + if (_asn1_bmember_isset_bit(data, bmember->offset, size)) { ret += (bmember->offset / 8) + 1; break; } - els--; bmember--; + belements--; bmember--; } } break; @@ -858,11 +860,11 @@ _asn1_free(const struct asn1_template *t, void *data) unsigned int type = A1_PARSE_TYPE(t->tt); void *el = DPO(data, t->offset); - if (type > sizeof(prim)/sizeof(prim[0])) { + if (type > sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) { ABORT_ON_ERROR(); break; } - (prim[type].release)(el); + (asn1_template_prim[type].release)(el); break; } case A1_OP_TAG: { @@ -885,7 +887,7 @@ _asn1_free(const struct asn1_template *t, void *data) case A1_OP_SETOF: case A1_OP_SEQOF: { struct template_of *el = DPO(data, t->offset); - size_t ellen = sizeofType(t->ptr); + size_t ellen = _asn1_sizeofType(t->ptr); unsigned char *element = el->val; unsigned int i; @@ -950,7 +952,7 @@ _asn1_copy(const struct asn1_template *t, const void *from, void *to) size_t size; if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { - size = sizeofType(t->ptr); + size = _asn1_sizeofType(t->ptr); } else { const struct asn1_type_func *f = t->ptr; size = f->size; @@ -988,11 +990,11 @@ _asn1_copy(const struct asn1_template *t, const void *from, void *to) const void *fel = DPOC(from, t->offset); void *tel = DPO(to, t->offset); - if (type > sizeof(prim)/sizeof(prim[0])) { + if (type > sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) { ABORT_ON_ERROR(); return ASN1_PARSE_ERROR; } - ret = (prim[type].copy)(fel, tel); + ret = (asn1_template_prim[type].copy)(fel, tel); if (ret) return ret; break; @@ -1015,14 +1017,14 @@ _asn1_copy(const struct asn1_template *t, const void *from, void *to) } from = *fel; - to = *tel = calloc(1, sizeofType(t->ptr)); + to = *tel = calloc(1, _asn1_sizeofType(t->ptr)); if (to == NULL) return ENOMEM; } ret = _asn1_copy(t->ptr, from, to); if (ret) { - if (t->tt & A1_FLAG_OPTIONAL) { + if (tel) { free(*tel); *tel = NULL; } @@ -1038,7 +1040,7 @@ _asn1_copy(const struct asn1_template *t, const void *from, void *to) case A1_OP_SEQOF: { const struct template_of *fel = DPOC(from, t->offset); struct template_of *tel = DPO(to, t->offset); - size_t ellen = sizeofType(t->ptr); + size_t ellen = _asn1_sizeofType(t->ptr); unsigned int i; tel->val = calloc(fel->len, ellen); @@ -1100,10 +1102,8 @@ _asn1_decode_top(const struct asn1_template *t, unsigned flags, const unsigned c int ret; memset(data, 0, t->offset); ret = _asn1_decode(t, flags, p, len, data, size); - if (ret) { - _asn1_free(t, data); - memset(data, 0, t->offset); - } + if (ret) + _asn1_free_top(t, data); return ret; } @@ -1114,9 +1114,15 @@ _asn1_copy_top(const struct asn1_template *t, const void *from, void *to) int ret; memset(to, 0, t->offset); ret = _asn1_copy(t, from, to); - if (ret) { - _asn1_free(t, to); - memset(to, 0, t->offset); - } + if (ret) + _asn1_free_top(t, to); + return ret; } + +void +_asn1_free_top(const struct asn1_template *t, void *data) +{ + _asn1_free(t, data); + memset(data, 0, t->offset); +} diff --git a/lib/asn1/test.asn1 b/lib/asn1/test.asn1 index c4fdb816f..e4fc99a1f 100644 --- a/lib/asn1/test.asn1 +++ b/lib/asn1/test.asn1 @@ -48,7 +48,7 @@ TESTImplicit ::= SEQUENCE { TESTImplicit2 ::= SEQUENCE { ti1[0] IMPLICIT TESTInteger, - ti2[1] IMPLICIT TESTLargeTag, +-- ti2[1] IMPLICIT TESTLargeTag, this is disabled since the IMPLICT encoder does't get the types right when stepping inside an structure -- ti3[2] IMPLICIT TESTInteger3 } diff --git a/lib/asn1/timegm.c b/lib/asn1/timegm.c index d9f4adbd5..4746fa80b 100644 --- a/lib/asn1/timegm.c +++ b/lib/asn1/timegm.c @@ -102,7 +102,7 @@ _der_gmtime(time_t t, struct tm *tm) tm->tm_sec = secday % 60; tm->tm_min = (secday % 3600) / 60; - tm->tm_hour = secday / 3600; + tm->tm_hour = (int)(secday / 3600); /* * Refuse to calculate time ~ 2000 years into the future, this is @@ -130,7 +130,7 @@ _der_gmtime(time_t t, struct tm *tm) days -= daysinmonth; tm->tm_mon++; } - tm->tm_mday = days + 1; + tm->tm_mday = (int)(days + 1); return tm; } diff --git a/lib/base/heimbase.h b/lib/base/heimbase.h index 23a4550f6..e56c77b02 100644 --- a/lib/base/heimbase.h +++ b/lib/base/heimbase.h @@ -233,15 +233,16 @@ void heim_path_delete(heim_object_t ptr, heim_error_t *error, ...); * Data (octet strings) */ -#ifndef __HEIM_OCTET_STRING__ -#define __HEIM_OCTET_STRING__ -typedef struct heim_octet_string { +#ifndef __HEIM_BASE_DATA__ +#define __HEIM_BASE_DATA__ +struct heim_base_data { size_t length; void *data; -} heim_octet_string; +}; +typedef struct heim_base_data heim_octet_string; #endif -typedef struct heim_data * heim_data_t; +typedef struct heim_base_data * heim_data_t; typedef void (*heim_data_free_f_t)(void *); heim_data_t heim_data_create(const void *, size_t); diff --git a/lib/gssapi/ntlm/kdc.c b/lib/gssapi/ntlm/kdc.c index 7d56c7510..06d738206 100644 --- a/lib/gssapi/ntlm/kdc.c +++ b/lib/gssapi/ntlm/kdc.c @@ -251,7 +251,7 @@ kdc_type2(OM_uint32 *minor_status, struct ntlmkrb5 *c = ctx; krb5_error_code ret; struct ntlm_type2 type2; - krb5_data challange; + krb5_data challenge; struct ntlm_buf data; krb5_data ti; @@ -293,18 +293,18 @@ kdc_type2(OM_uint32 *minor_status, } *ret_flags = type2.flags; - ret = krb5_ntlm_init_get_challange(c->context, c->ntlm, &challange); + ret = krb5_ntlm_init_get_challenge(c->context, c->ntlm, &challenge); if (ret) { *minor_status = ret; return GSS_S_FAILURE; } - if (challange.length != sizeof(type2.challenge)) { + if (challenge.length != sizeof(type2.challenge)) { *minor_status = EINVAL; return GSS_S_FAILURE; } - memcpy(type2.challenge, challange.data, sizeof(type2.challenge)); - krb5_data_free(&challange); + memcpy(type2.challenge, challenge.data, sizeof(type2.challenge)); + krb5_data_free(&challenge); ret = krb5_ntlm_init_get_targetname(c->context, c->ntlm, &type2.targetname); diff --git a/lib/hx509/crypto.c b/lib/hx509/crypto.c index 491923acb..b308ee2e6 100644 --- a/lib/hx509/crypto.c +++ b/lib/hx509/crypto.c @@ -620,6 +620,9 @@ rsa_verify_signature(hx509_context context, &di.digestAlgorithm, data, &di.digest); + if (ret) + goto out; + } else { if ((size_t)retsize != data->length || ct_memcmp(to, data->data, retsize) != 0) @@ -629,8 +632,8 @@ rsa_verify_signature(hx509_context context, goto out; } free(to); + ret = 0; } - ret = 0; out: free_DigestInfo(&di); diff --git a/lib/ipc/heim-ipc.h b/lib/ipc/heim-ipc.h index 6fbf309f7..b5b919b64 100644 --- a/lib/ipc/heim-ipc.h +++ b/lib/ipc/heim-ipc.h @@ -39,7 +39,7 @@ typedef struct heim_ipc *heim_ipc; typedef struct heim_sipc *heim_sipc; typedef struct heim_icred *heim_icred; typedef struct heim_isemaphore *heim_isemaphore; -typedef struct heim_octet_string heim_idata; +typedef struct heim_base_data heim_idata; typedef struct heim_sipc_call *heim_sipc_call; /* common */ diff --git a/lib/krb5/digest.c b/lib/krb5/digest.c index 4cb3e2504..7be249253 100644 --- a/lib/krb5/digest.c +++ b/lib/krb5/digest.c @@ -889,13 +889,13 @@ krb5_ntlm_init_get_flags(krb5_context context, } KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL -krb5_ntlm_init_get_challange(krb5_context context, +krb5_ntlm_init_get_challenge(krb5_context context, krb5_ntlm ntlm, - krb5_data *challange) + krb5_data *challenge) { krb5_error_code ret; - ret = der_copy_octet_string(&ntlm->initReply.challange, challange); + ret = der_copy_octet_string(&ntlm->initReply.challenge, challenge); if (ret) krb5_clear_error_message(context); diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index 9fba42ae5..7e09a5a5d 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -283,9 +283,9 @@ typedef enum krb5_key_usage { KRB5_KU_FAST_FINISHED = 53, /* FAST finished checksum */ KRB5_KU_ENC_CHALLENGE_CLIENT = 54, - /* fast challange from client */ + /* fast challenge from client */ KRB5_KU_ENC_CHALLENGE_KDC = 55, - /* fast challange from kdc */ + /* fast challenge from kdc */ KRB5_KU_DIGEST_ENCRYPT = -18, /* Encryption key usage used in the digest encryption field */ KRB5_KU_DIGEST_OPAQUE = -19, diff --git a/lib/krb5/libkrb5-exports.def.in b/lib/krb5/libkrb5-exports.def.in index b032f3594..e18172d0a 100644 --- a/lib/krb5/libkrb5-exports.def.in +++ b/lib/krb5/libkrb5-exports.def.in @@ -451,7 +451,7 @@ EXPORTS krb5_net_write_block krb5_ntlm_alloc krb5_ntlm_free - krb5_ntlm_init_get_challange + krb5_ntlm_init_get_challenge krb5_ntlm_init_get_flags krb5_ntlm_init_get_opaque krb5_ntlm_init_get_targetinfo diff --git a/lib/krb5/version-script.map b/lib/krb5/version-script.map index 0c11ca0b2..3cb6852f4 100644 --- a/lib/krb5/version-script.map +++ b/lib/krb5/version-script.map @@ -444,7 +444,7 @@ HEIMDAL_KRB5_2.0 { krb5_net_write_block; krb5_ntlm_alloc; krb5_ntlm_free; - krb5_ntlm_init_get_challange; + krb5_ntlm_init_get_challenge; krb5_ntlm_init_get_flags; krb5_ntlm_init_get_opaque; krb5_ntlm_init_get_targetinfo;