static gboolean search_cb (GtkButton *button, gpointer user_data) { search_dialog *dialog = (search_dialog *)user_data; gchar *sane_str, *url; const gchar *str; gboolean result; str = gtk_entry_get_text(GTK_ENTRY(dialog->search_entry)); if (strlen(str) == 0) return FALSE; gtk_list_store_clear(GTK_LIST_STORE(dialog->result_mdl)); if ((sane_str = sanitize_str(str)) == NULL) return FALSE; url = g_strdup_printf("/search/search?where=%s", sane_str); g_free(sane_str); result = http_get_buffer(url, "xoap.weather.com", dialog->proxy_host, dialog->proxy_port, &dialog->recv_buffer, cb_searchdone, (gpointer)dialog); g_free(url); return result; }
static void read_test(const char *path) { char buf[BUFFER_SIZE]; int fd; ssize_t count; if (exclude && !fnmatch(exclude, path, FNM_EXTMATCH)) { if (verbose) tst_res(TINFO, "Ignoring %s", path); return; } if (verbose) tst_res(TINFO, "%s(%s)", __func__, path); fd = open(path, O_RDONLY | O_NONBLOCK); if (fd < 0) { if (!quiet) tst_res(TINFO | TERRNO, "open(%s)", path); return; } count = read(fd, buf, sizeof(buf) - 1); if (count > 0 && verbose) { sanitize_str(buf, count); tst_res(TINFO, "read(%s, buf) = %zi, buf = %s", path, count, buf); } else if (!count && verbose) { tst_res(TINFO, "read(%s) = EOF", path); } else if (count < 0 && !quiet) { tst_res(TINFO | TERRNO, "read(%s)", path); } SAFE_CLOSE(fd); }
/* * Read and parse the first message from client in the context of a SCRAM * authentication exchange message. * * At this stage, any errors will be reported directly with ereport(ERROR). */ static void read_client_first_message(scram_state *state, char *input) { char *channel_binding_type; input = pstrdup(input); /*------ * The syntax for the client-first-message is: (RFC 5802) * * saslname = 1*(value-safe-char / "=2C" / "=3D") * ;; Conforms to <value>. * * authzid = "a=" saslname * ;; Protocol specific. * * cb-name = 1*(ALPHA / DIGIT / "." / "-") * ;; See RFC 5056, Section 7. * ;; E.g., "tls-server-end-point" or * ;; "tls-unique". * * gs2-cbind-flag = ("p=" cb-name) / "n" / "y" * ;; "n" -> client doesn't support channel binding. * ;; "y" -> client does support channel binding * ;; but thinks the server does not. * ;; "p" -> client requires channel binding. * ;; The selected channel binding follows "p=". * * gs2-header = gs2-cbind-flag "," [ authzid ] "," * ;; GS2 header for SCRAM * ;; (the actual GS2 header includes an optional * ;; flag to indicate that the GSS mechanism is not * ;; "standard", but since SCRAM is "standard", we * ;; don't include that flag). * * username = "******" saslname * ;; Usernames are prepared using SASLprep. * * reserved-mext = "m=" 1*(value-char) * ;; Reserved for signaling mandatory extensions. * ;; The exact syntax will be defined in * ;; the future. * * nonce = "r=" c-nonce [s-nonce] * ;; Second part provided by server. * * c-nonce = printable * * client-first-message-bare = * [reserved-mext ","] * username "," nonce ["," extensions] * * client-first-message = * gs2-header client-first-message-bare * * For example: * n,,n=user,r=fyko+d2lbbFgONRv9qkxdawL * * The "n,," in the beginning means that the client doesn't support * channel binding, and no authzid is given. "n=user" is the username. * However, in PostgreSQL the username is sent in the startup packet, and * the username in the SCRAM exchange is ignored. libpq always sends it * as an empty string. The last part, "r=fyko+d2lbbFgONRv9qkxdawL" is * the client nonce. *------ */ /* * Read gs2-cbind-flag. (For details see also RFC 5802 Section 6 "Channel * Binding".) */ state->cbind_flag = *input; switch (*input) { case 'n': /* * The client does not support channel binding or has simply * decided to not use it. In that case just let it go. */ if (state->channel_binding_in_use) ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("The client selected SCRAM-SHA-256-PLUS, but the SCRAM message does not include channel binding data."))); input++; if (*input != ',') ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("Comma expected, but found character \"%s\".", sanitize_char(*input)))); input++; break; case 'y': /* * The client supports channel binding and thinks that the server * does not. In this case, the server must fail authentication if * it supports channel binding. */ if (state->channel_binding_in_use) ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("The client selected SCRAM-SHA-256-PLUS, but the SCRAM message does not include channel binding data."))); #ifdef HAVE_BE_TLS_GET_CERTIFICATE_HASH if (state->port->ssl_in_use) ereport(ERROR, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("SCRAM channel binding negotiation error"), errdetail("The client supports SCRAM channel binding but thinks the server does not. " "However, this server does support channel binding."))); #endif input++; if (*input != ',') ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("Comma expected, but found character \"%s\".", sanitize_char(*input)))); input++; break; case 'p': /* * The client requires channel binding. Channel binding type * follows, e.g., "p=tls-server-end-point". */ if (!state->channel_binding_in_use) ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("The client selected SCRAM-SHA-256 without channel binding, but the SCRAM message includes channel binding data."))); channel_binding_type = read_attr_value(&input, 'p'); /* * The only channel binding type we support is * tls-server-end-point. */ if (strcmp(channel_binding_type, "tls-server-end-point") != 0) ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), (errmsg("unsupported SCRAM channel-binding type \"%s\"", sanitize_str(channel_binding_type))))); break; default: ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("Unexpected channel-binding flag \"%s\".", sanitize_char(*input)))); } /* * Forbid optional authzid (authorization identity). We don't support it. */ if (*input == 'a') ereport(ERROR, (errcode(ERRCODE_FEATURE_NOT_SUPPORTED), errmsg("client uses authorization identity, but it is not supported"))); if (*input != ',') ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("malformed SCRAM message"), errdetail("Unexpected attribute \"%s\" in client-first-message.", sanitize_char(*input)))); input++; state->client_first_message_bare = pstrdup(input); /* * Any mandatory extensions would go here. We don't support any. * * RFC 5802 specifies error code "e=extensions-not-supported" for this, * but it can only be sent in the server-final message. We prefer to fail * immediately (which the RFC also allows). */ if (*input == 'm') ereport(ERROR, (errcode(ERRCODE_FEATURE_NOT_SUPPORTED), errmsg("client requires an unsupported SCRAM extension"))); /* * Read username. Note: this is ignored. We use the username from the * startup message instead, still it is kept around if provided as it * proves to be useful for debugging purposes. */ state->client_username = read_attr_value(&input, 'n'); /* read nonce and check that it is made of only printable characters */ state->client_nonce = read_attr_value(&input, 'r'); if (!is_scram_printable(state->client_nonce)) ereport(ERROR, (errcode(ERRCODE_PROTOCOL_VIOLATION), errmsg("non-printable characters in SCRAM nonce"))); /* * There can be any number of optional extensions after this. We don't * support any extensions, so ignore them. */ while (*input != '\0') read_any_attr(&input, NULL); /* success! */ }
int fill_context(HWND hwnd,int ctrl,FILE *f) { char buf[512]; int i,len,count; __int64 offset,line; offset=_ftelli64(f); if(binary){ current_line=offset; line=offset-(line_count/2)*16; if(line<0)line=0; _fseeki64(f,line,SEEK_SET); fill_line_col(hwnd,IDC_ROWNUMBER,line); } else{ count=seek_line_relative(f,line_count/2,-1); line=current_line-count; if(line<=0) line=1; if(current_line<=0) current_line=1; fill_line_col(hwnd,IDC_ROWNUMBER,line); } SendDlgItemMessage(hwnd,ctrl,EM_GETSEL,&edit_sel_pos,0); SetDlgItemText(hwnd,ctrl,""); for(i=0;i<line_count;i++){ buf[0]=0; if(binary){ len=fread(buf,1,16,f); if(len<=0) break; buf[16]=0; format_hex_str(buf,len,buf+16,sizeof(buf)-16); strncpy(buf,buf+16,sizeof(buf)); len=strlen(buf); } else{ __int64 pos=0; int buf_size=sizeof(buf); pos=_ftelli64(f); if(fgets(buf,buf_size-1,f)==0) break; buf[buf_size-1]=0; pos=_ftelli64(f)-pos; len=(int)pos; if(len>buf_size-1) len=buf_size-1; sanitize_str(buf,len); if(buf[len-1]!='\n'){ char *s=buf+buf_size-3; purge_string(f,0x10000); if(len>buf_size-3) s=buf+buf_size-3; else s=buf+len-3; s[0]='\r'; s[1]='\n'; s[2]=0; } } add_line(hwnd,ctrl,buf); } SendDlgItemMessage(hwnd,ctrl,EM_SETSEL,edit_sel_pos,edit_sel_pos); _fseeki64(f,offset,SEEK_SET); return TRUE; }