OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix parsing of percent-encoded URIs. 

git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@886 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
Dag-Erling Smørgrav 2016-01-11 14:07:54 +00:00
parent d040ae3d29
commit 4a77e993a9
1 changed files with 34 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
lib/liboath/oath_key_from_uri.c
View File

@ -42,6 +42,7 @@
#include <security/openpam.h> #include <security/openpam.h>
#include "openpam_strlcmp.h" #include "openpam_strlcmp.h"
#include "openpam_strlcpy.h"
#include <security/oath.h> #include <security/oath.h>
@ -54,6 +55,8 @@
struct oath_key * struct oath_key *
oath_key_from_uri(const char *uri) oath_key_from_uri(const char *uri)
{ {
char name[64], value[256];
size_t namelen, valuelen;
struct oath_key *key; struct oath_key *key;
const char *p, *q, *r; const char *p, *q, *r;
uintmax_t n; uintmax_t n;
@ -83,9 +86,9 @@ oath_key_from_uri(const char *uri)
/* extract label */ /* extract label */
if ((q = strchr(p, '?')) == NULL) if ((q = strchr(p, '?')) == NULL)
goto invalid; goto invalid;
key->labellen = oath_uri_decode(p, q - p, key->label, valuelen = oath_uri_decode(p, q - p, value, sizeof value) - 1;
sizeof key->label); key->labellen = strlcpy(key->label, value, sizeof key->label);
if (key->labellen > sizeof key->label) if (key->labellen >= sizeof key->label)
goto invalid; goto invalid;
p = q + 1; p = q + 1;
@ -93,71 +96,77 @@ oath_key_from_uri(const char *uri)
key->counter = UINT64_MAX; key->counter = UINT64_MAX;
key->lastused = UINT64_MAX; key->lastused = UINT64_MAX;
while (*p != '\0') { while (*p != '\0') {
/* locate name-value separator */
if ((q = strchr(p, '=')) == NULL) if ((q = strchr(p, '=')) == NULL)
goto invalid; goto invalid;
q = q + 1; q = q + 1;
/* locate end of value */
if ((r = strchr(p, '&')) == NULL) if ((r = strchr(p, '&')) == NULL)
r = strchr(p, '\0'); r = strchr(p, '\0');
if (r < q) if (r < q)
/* & before = */ /* & before = */
goto invalid; goto invalid;
/* p points to key, q points to value, r points to & or NUL */ /* decode name and value*/
if (strlcmp("secret=", p, q - p) == 0) { namelen = oath_uri_decode(p, q - p - 1, name, sizeof name) - 1;
if (namelen >= sizeof name)
goto invalid;
valuelen = oath_uri_decode(q, r - q, value, sizeof value) - 1;
if (valuelen >= sizeof value)
goto invalid;
if (strcmp("secret", name) == 0) {
if (key->keylen != 0) if (key->keylen != 0)
/* dupe */ /* dupe */
goto invalid; goto invalid;
key->keylen = sizeof key->key; key->keylen = sizeof key->key;
if (base32_dec(q, r - q, (char *)key->key, &key->keylen) != 0) if (base32_dec(value, valuelen, (char *)key->key, &key->keylen) != 0)
goto invalid; goto invalid;
if (base32_enclen(key->keylen) != (size_t)(r - q)) } else if (strcmp("algorithm", name) == 0) {
goto invalid;
} else if (strlcmp("algorithm=", p, q - p) == 0) {
if (key->hash != oh_undef) if (key->hash != oh_undef)
/* dupe */ /* dupe */
goto invalid; goto invalid;
if (strlcmp("SHA1", q, r - q) == 0) if (strcmp("SHA1", value) == 0)
key->hash = oh_sha1; key->hash = oh_sha1;
else if (strlcmp("SHA256", q, r - q) == 0) else if (strcmp("SHA256", value) == 0)
key->hash = oh_sha256; key->hash = oh_sha256;
else if (strlcmp("SHA512", q, r - q) == 0) else if (strcmp("SHA512", value) == 0)
key->hash = oh_sha512; key->hash = oh_sha512;
else if (strlcmp("MD5", q, r - q) == 0) else if (strcmp("MD5", value) == 0)
key->hash = oh_md5; key->hash = oh_md5;
else else
goto invalid; goto invalid;
} else if (strlcmp("digits=", p, q - p) == 0) { } else if (strcmp("digits", name) == 0) {
if (key->digits != 0) if (key->digits != 0)
/* dupe */ /* dupe */
goto invalid; goto invalid;
/* only 6 or 8 */ /* only 6 or 8 */
if (r - q != 1 || (*q != '6' && *q != '8')) if (valuelen != 1 || (*value != '6' && *value != '8'))
goto invalid; goto invalid;
key->digits = *q - '0'; key->digits = *q - '0';
} else if (strlcmp("counter=", p, q - p) == 0) { } else if (strcmp("counter", name) == 0) {
if (key->counter != UINT64_MAX) if (key->counter != UINT64_MAX)
/* dupe */ /* dupe */
goto invalid; goto invalid;
n = strtoumax(q, &e, 10); n = strtoumax(value, &e, 10);
if (e != r || n >= UINT64_MAX) if (e == value || *e != '\0' || n >= UINT64_MAX)
goto invalid; goto invalid;
key->counter = (uint64_t)n; key->counter = (uint64_t)n;
} else if (strlcmp("lastused=", p, q - p) == 0) { } else if (strcmp("lastused", name) == 0) {
if (key->lastused != UINT64_MAX) if (key->lastused != UINT64_MAX)
/* dupe */ /* dupe */
goto invalid; goto invalid;
n = strtoumax(q, &e, 10); n = strtoumax(value, &e, 10);
if (e != r || n >= UINT64_MAX) if (e == value || *e != '\0' || n >= UINT64_MAX)
goto invalid; goto invalid;
key->lastused = (uint64_t)n; key->lastused = (uint64_t)n;
} else if (strlcmp("period=", p, q - p) == 0) { } else if (strcmp("period", name) == 0) {
if (key->timestep != 0) if (key->timestep != 0)
/* dupe */ /* dupe */
goto invalid; goto invalid;
n = strtoumax(q, &e, 10); n = strtoumax(value, &e, 10);
if (e != r || n > OATH_MAX_TIMESTEP) if (e == value || *e != '\0' || n > OATH_MAX_TIMESTEP)
goto invalid; goto invalid;
key->timestep = n; key->timestep = n;
} else if (strlcmp("issuer=", p, q - p) == 0) { } else if (strcmp("issuer", name) == 0) {
// noop for now // noop for now
} else { } else {
goto invalid; goto invalid;