static bool init_params(int *argc, char ***argv, struct main_params *params, struct audio_params **p_audio) { struct audio_params *audio = NULL; if (!get_opt_str(argc, argv, ¶ms->file, "file name")) return false; if (!get_opt_int(argc, argv, ¶ms->has_video, "video track count")) return false; if (!get_opt_int(argc, argv, ¶ms->tracks, "audio track count")) return false; if (params->has_video > 1 || params->has_video < 0) { puts("Invalid number of video tracks\n"); return false; } if (params->tracks < 0) { puts("Invalid number of audio tracks\n"); return false; } if (params->has_video == 0 && params->tracks == 0) { puts("Must have at least 1 audio track or 1 video track\n"); return false; } if (params->has_video) { if (!get_opt_str(argc, argv, ¶ms->vcodec, "video codec")) return false; if (!get_opt_int(argc, argv, ¶ms->vbitrate,"video bitrate")) return false; if (!get_opt_int(argc, argv, ¶ms->width, "video width")) return false; if (!get_opt_int(argc, argv, ¶ms->height, "video height")) return false; if (!get_opt_int(argc, argv, ¶ms->fps_num, "video fps num")) return false; if (!get_opt_int(argc, argv, ¶ms->fps_den, "video fps den")) return false; } if (params->tracks) { if (!get_opt_str(argc, argv, ¶ms->acodec, "audio codec")) return false; audio = calloc(1, sizeof(*audio) * params->tracks); for (int i = 0; i < params->tracks; i++) { if (!get_audio_params(&audio[i], argc, argv)) { free(audio); return false; } } } *p_audio = audio; get_opt_str(argc, argv, ¶ms->muxer_settings, "muxer settings"); return true; }
int unionfs_opt_proc(void *data, const char *arg, int key, struct fuse_args *outargs) { (void)data; int res = 0; // for general purposes switch (key) { case FUSE_OPT_KEY_NONOPT: res = parse_branches(arg); if (res > 0) return 0; uopt.retval = 1; return 1; case KEY_DIRS: // skip the "dirs=" res = parse_branches(arg+5); if (res > 0) return 0; uopt.retval = 1; return 1; case KEY_CHROOT: uopt.chroot = get_opt_str(arg, "chroot"); return 0; case KEY_COW: uopt.cow_enabled = true; return 0; case KEY_DEBUG_FILE: uopt.dbgpath = get_opt_str(arg, "debug_file"); uopt.debug = true; return 0; case KEY_HELP: print_help(outargs->argv[0]); fuse_opt_add_arg(outargs, "-ho"); uopt.doexit = 1; return 0; case KEY_HIDE_META_FILES: case KEY_HIDE_METADIR: uopt.hide_meta_files = true; return 0; case KEY_MAX_FILES: set_max_open_files(arg); return 0; case KEY_NOINITGROUPS: // option only for compatibility with older versions return 0; case KEY_STATFS_OMIT_RO: uopt.statfs_omit_ro = true; return 0; case KEY_RELAXED_PERMISSIONS: uopt.relaxed_permissions = true; return 0; case KEY_VERSION: printf("unionfs-fuse version: "VERSION"\n"); #ifdef HAVE_XATTR printf("(compiled with xattr support)\n"); #endif uopt.doexit = 1; return 1; default: uopt.retval = 1; return 1; } }
NONSTATIC_INLINE void copy_opt(struct document_options *o1, struct document_options *o2) { copy_struct(o1, o2); o1->framename = stracpy(o2->framename); o1->image_link.prefix = stracpy(get_opt_str("document.browse.images.image_link_prefix", NULL)); o1->image_link.suffix = stracpy(get_opt_str("document.browse.images.image_link_suffix", NULL)); }
Test::Result PK_Signature_Generation_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> message = get_req_bin(vars, "Msg"); const std::vector<uint8_t> signature = get_req_bin(vars, "Signature"); const std::string padding = get_opt_str(vars, "Padding", default_padding(vars)); std::unique_ptr<Botan::RandomNumberGenerator> rng; if(vars.count("Nonce")) { rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce"))); } Test::Result result(algo_name() + "/" + padding + " signature generation"); std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars); std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey))); Botan::PK_Signer signer(*privkey, padding); Botan::PK_Verifier verifier(*pubkey, padding); const std::vector<uint8_t> generated_signature = signer.sign_message(message, rng ? *rng : Test::rng()); result.test_eq("generated signature matches KAT", generated_signature, signature); result.test_eq("generated signature valid", verifier.verify_message(message, generated_signature), true); check_invalid_signatures(result, verifier, message, signature); result.test_eq("correct signature valid", verifier.verify_message(message, signature), true); return result; }
Test::Result PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> plaintext = get_req_bin(vars, "Msg"); const std::vector<uint8_t> ciphertext = get_req_bin(vars, "Ciphertext"); const std::string padding = get_opt_str(vars, "Padding", default_padding(vars)); std::unique_ptr<Botan::RandomNumberGenerator> kat_rng; if(vars.count("Nonce")) { kat_rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce"))); } Test::Result result(algo_name() + "/" + padding + " decryption"); std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars); // instead slice the private key to work around elgamal test inputs //std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey))); Botan::PK_Encryptor_EME encryptor(*privkey, padding); result.test_eq("encryption", encryptor.encrypt(plaintext, kat_rng ? *kat_rng : Test::rng()), ciphertext); Botan::PK_Decryptor_EME decryptor(*privkey, padding); result.test_eq("decryption", decryptor.decrypt(ciphertext), plaintext); check_invalid_ciphertexts(result, decryptor, plaintext, ciphertext); return result; }
static void init_gnutls(struct module *module) { int ret = gnutls_global_init(); unsigned char *ca_file = get_opt_str("connection.ssl.trusted_ca_file", NULL); if (ret < 0) INTERNAL("GNUTLS init failed: %s", gnutls_strerror(ret)); ret = gnutls_anon_allocate_client_credentials(&anon_cred); if (ret < 0) INTERNAL("GNUTLS anon credentials alloc failed: %s", gnutls_strerror(ret)); ret = gnutls_certificate_allocate_credentials(&xcred); if (ret < 0) INTERNAL("GNUTLS X509 credentials alloc failed: %s", gnutls_strerror(ret)); /* Here, we should load certificate files etc. */ if (*ca_file) { /* FIXME: check returned values. --witekfl */ gnutls_certificate_set_x509_trust_file(xcred, ca_file, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_verify_flags(xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); } }
std::string PK_Test::choose_padding(const VarMap& vars, const std::string& pad_hdr) { if(pad_hdr != "") return pad_hdr; return get_opt_str(vars, "Padding", this->default_padding(vars)); }
/* Timer callback for @countdown. As explained in @install_timer, * this function must erase the expired timer ID from all variables. */ static void count_down(void *xxx) { struct keybinding *keybinding; timer_duration--; if (timer_duration) { install_timer(&countdown, COUNT_DOWN_DELAY, count_down, NULL); return; } else { countdown = TIMER_ID_UNDEF; } /* The expired timer ID has now been erased. */ keybinding = kbd_nm_lookup(KEYMAP_MAIN, get_opt_str((const unsigned char *)"ui.timer.action", NULL)); if (keybinding) { struct terminal *terminal; struct term_event ev; set_kbd_term_event(&ev, keybinding->kbd.key, keybinding->kbd.modifier); foreach (terminal, terminals) { term_send_event(terminal, &ev); } }
Overlay* overlay_new() { Overlay *ov = malloc(sizeof(Overlay)); memset(ov, 0, sizeof(Overlay)); ov->nc_st = newwin(1,1,0,0); ov->nc_sep = newwin(1,1,0,0); ov->col_lbl = opt_color(OVERLAY_ACTIVE); ov->col_text = opt_color(OVERLAY_LINE); ov->col_ln = opt_color(OVERLAY_LINE); ov->col_sep = opt_color(OVERLAY_SEP); ov->col_arg = opt_color(OVERLAY_ARGS); ov->col_bufno = opt_color(OVERLAY_BUFNO); ov->col_prog = opt_color(OVERLAY_PROGRESS); ov->col_fil = opt_color(OVERLAY_FILTER); sep_char = get_opt_str("sepchar"); ov->arg = strdup(" "); overlay_bufno(ov, 0); memset(ov->name, ' ', SZ_LBL); memset(ov->lineno, ' ', SZ_LN); return ov; }
Test::Result PK_Key_Agreement_Test::run_one_test(const std::string& header, const VarMap& vars) { const std::vector<uint8_t> shared = get_req_bin(vars, "K"); const std::string kdf = get_opt_str(vars, "KDF", default_kdf(vars)); Test::Result result(algo_name() + "/" + kdf + (header.empty() ? header : " " + header) + " key agreement"); std::unique_ptr<Botan::Private_Key> privkey = load_our_key(header, vars); const std::vector<uint8_t> pubkey = load_their_key(header, vars); const size_t key_len = get_opt_sz(vars, "OutLen", 0); for(auto&& provider : possible_pk_providers()) { std::unique_ptr<Botan::PK_Key_Agreement> kas; try { kas.reset(new Botan::PK_Key_Agreement(*privkey, kdf, provider)); result.test_eq(provider, "agreement", kas->derive_key(key_len, pubkey).bits_of(), shared); } catch(Botan::Lookup_Error&) { //result.test_note("Skipping key agreement with with " + provider); } } return result; }
Test::Result PK_Signature_Verification_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> message = get_req_bin(vars, "Msg"); const std::vector<uint8_t> signature = get_req_bin(vars, "Signature"); const std::string padding = get_opt_str(vars, "Padding", default_padding(vars)); std::unique_ptr<Botan::Public_Key> pubkey = load_public_key(vars); Test::Result result(algo_name() + "/" + padding + " signature verification"); for(auto&& verify_provider : possible_pk_providers()) { std::unique_ptr<Botan::PK_Verifier> verifier; try { verifier.reset(new Botan::PK_Verifier(*pubkey, padding, Botan::IEEE_1363, verify_provider)); result.test_eq("correct signature valid", verifier->verify_message(message, signature), true); check_invalid_signatures(result, *verifier, message, signature); } catch(Botan::Lookup_Error&) { result.test_note("Skipping verifying with " + verify_provider); } } return result; }
static bool get_opt_int(int *p_argc, char ***p_argv, int *i, const char *opt) { char *str; if (!get_opt_str(p_argc, p_argv, &str, opt)) { return false; } *i = atoi(str); return true; }
static bool get_audio_params(struct audio_params *audio, int *argc, char ***argv) { if (!get_opt_str(argc, argv, &audio->name, "audio track name")) return false; if (!get_opt_int(argc, argv, &audio->abitrate, "audio bitrate")) return false; if (!get_opt_int(argc, argv, &audio->sample_rate, "audio sample rate")) return false; if (!get_opt_int(argc, argv, &audio->channels, "audio channels")) return false; return true; }
void Options::restore_window_position( MainWindow *wmain_p ) { bool restore_pos = get_opt_bool( "RESTORE_WINDOW_POSITION", true ); if ( !restore_pos ) return ; long nb_widget = get_opt_long( "WIDGET_NB_WIDGET", 0 ); for ( int i = 0; i < nb_widget; i++ ) { QString name = "WORKSPACE" + QString::number( i ); QString type = get_opt_str( "TYPE_" + name, QString() ); if ( type == "SOURCEVIEW" ) { QString source = get_opt_str( "SOURCE_" + name, QString::null ).toLatin1(); bool from_user_loaded = get_opt_bool( "SOURCE_USER_LOADED_" + name, false ); QMdiSubWindow *widget_p = wmain_p->openOCamlSource( source , from_user_loaded ); if ( widget_p ) { restore_window_position( name, widget_p ); } } } }
static enum evhook_status goto_url_hook(va_list ap, void *data) { unsigned char **url = va_arg(ap, unsigned char **); struct session *ses = va_arg(ap, struct session *); unsigned char *uu = NULL; unsigned char *arg = ""; unsigned char *argstart = *url + strcspn(*url, " :"); if (get_smart_enable() && *argstart) { unsigned char bucket = *argstart; *argstart = '\0'; uu = get_uri_rewrite_prefix(URI_REWRITE_SMART, *url); *argstart = bucket; arg = argstart + 1; } if (get_dumb_enable() && !uu && !*argstart) uu = get_uri_rewrite_prefix(URI_REWRITE_DUMB, *url); if (!uu && !strchr((const char *)*url, ':') && !strchr((const char *)*url, '.') && !strchr((const char *)*url, '/')) { uu = get_opt_str("protocol.rewrite.default_template", NULL); if (uu && *uu) { arg = *url; } else { uu = NULL; } } if (uu) { struct uri *uri = ses && have_location(ses) ? cur_loc(ses)->vs.uri : NULL; uu = rewrite_uri(uu, uri, arg); if (uu) { mem_free(*url); *url = uu; } } return EVENT_HOOK_STATUS_NEXT; }
/* TODO: We could of course significantly simplify the calling convention by * autogenerating most of the parameters from protocol name. Having a function * exported by protocol/protocol.* dedicated to that would be nice too. * --pasky */ static unsigned char * get_protocol_proxy(unsigned char *opt, unsigned char *env1, unsigned char *env2, unsigned char *strip1, unsigned char *strip2) { unsigned char *proxy; proxy = get_opt_str(opt, NULL); if (!*proxy) proxy = (unsigned char *)getenv((const char *)env1); if (!proxy || !*proxy) proxy = (unsigned char *)getenv((const char *)env2); if (proxy && *proxy) { proxy = strip_proxy_protocol(proxy, strip1, strip2); } return proxy; }
Test::Result PK_Key_Agreement_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> shared = get_req_bin(vars, "K"); const std::string kdf = get_opt_str(vars, "KDF", default_kdf(vars)); Test::Result result(algo_name() + "/" + kdf + " key agreement"); std::unique_ptr<Botan::Private_Key> privkey = load_our_key(vars); const std::vector<uint8_t> pubkey = load_their_key(vars); const size_t key_len = get_opt_sz(vars, "OutLen", 0); Botan::PK_Key_Agreement kas(*privkey, kdf); result.test_eq("agreement", kas.derive_key(key_len, pubkey).bits_of(), shared); return result; }
Test::Result PK_Signature_Verification_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> message = get_req_bin(vars, "Msg"); const std::vector<uint8_t> signature = get_req_bin(vars, "Signature"); const std::string padding = get_opt_str(vars, "Padding", default_padding(vars)); std::unique_ptr<Botan::Public_Key> pubkey = load_public_key(vars); Test::Result result(algo_name() + "/" + padding + " signature verification"); Botan::PK_Verifier verifier(*pubkey, padding); result.test_eq("correct signature valid", verifier.verify_message(message, signature), true); check_invalid_signatures(result, verifier, message, signature); return result; }
static void add_cookie_info_to_string(struct string *string, struct cookie *cookie, struct terminal *term) { add_format_to_string(string, "\n%s: %s", _("Name", term), cookie->name); add_format_to_string(string, "\n%s: %s", _("Value", term), cookie->value); add_format_to_string(string, "\n%s: %s", _("Domain", term), cookie->domain); add_format_to_string(string, "\n%s: %s", _("Path", term), cookie->path); if (!cookie->expires) { add_format_to_string(string, "\n%s: ", _("Expires", term)); add_to_string(string, _("at quit time", term)); #ifdef HAVE_STRFTIME } else { add_format_to_string(string, "\n%s: ", _("Expires", term)); add_date_to_string(string, get_opt_str((const unsigned char *)"ui.date_format", NULL), &cookie->expires); #endif } add_format_to_string(string, "\n%s: %s", _("Secure", term), _(cookie->secure ? N_("yes") : N_("no"), term)); }
static unsigned char * get_cache_entry_info(struct listbox_item *item, struct terminal *term) { struct cache_entry *cached = item->udata; struct string msg; if (item->type == BI_FOLDER) return NULL; if (!init_string(&msg)) return NULL; add_to_string(&msg, _("URL", term)); add_to_string(&msg, ": "); add_uri_to_string(&msg, cached->uri, URI_PUBLIC); /* No need to use compare_uri() here we only want to check whether they * point to the same URI. */ if (cached->proxy_uri != cached->uri) { add_format_to_string(&msg, "\n%s: ", _("Proxy URL", term)); add_uri_to_string(&msg, cached->proxy_uri, URI_PUBLIC); } if (cached->redirect) { add_format_to_string(&msg, "\n%s: ", _("Redirect", term)); add_uri_to_string(&msg, cached->redirect, URI_PUBLIC); if (cached->redirect_get) { add_to_string(&msg, " (GET)"); } } add_format_to_string(&msg, "\n%s: %" OFF_T_FORMAT, _("Size", term), cached->length); add_format_to_string(&msg, "\n%s: %" OFF_T_FORMAT, _("Loaded size", term), cached->data_size); if (cached->content_type) { add_format_to_string(&msg, "\n%s: %s", _("Content type", term), cached->content_type); } if (cached->last_modified) { add_format_to_string(&msg, "\n%s: %s", _("Last modified", term), cached->last_modified); } if (cached->etag) { add_format_to_string(&msg, "\n%s: %s", "ETag", cached->etag); } if (cached->ssl_info) { add_format_to_string(&msg, "\n%s: %s", _("SSL Cipher", term), cached->ssl_info); } if (cached->encoding_info) { add_format_to_string(&msg, "\n%s: %s", _("Encoding", term), cached->encoding_info); } if (cached->incomplete || !cached->valid) { add_char_to_string(&msg, '\n'); add_to_string(&msg, _("Flags", term)); add_to_string(&msg, ": "); if (cached->incomplete) { add_to_string(&msg, _("incomplete", term)); add_char_to_string(&msg, ' '); } if (!cached->valid) add_to_string(&msg, _("invalid", term)); } #ifdef HAVE_STRFTIME if (cached->expire) { time_t expires = timeval_to_seconds(&cached->max_age); add_format_to_string(&msg, "\n%s: ", _("Expires", term)); add_date_to_string(&msg, get_opt_str("ui.date_format"), &expires); } #endif #ifdef CONFIG_DEBUG add_format_to_string(&msg, "\n%s: %d", "Refcount", get_object_refcount(cached)); add_format_to_string(&msg, "\n%s: %u", _("ID", term), cached->id); if (cached->head && *cached->head) { add_format_to_string(&msg, "\n%s:\n\n%s", _("Header", term), cached->head); } #endif return msg.source; }
static struct uri * get_proxy_worker(struct uri *uri, unsigned char *proxy, struct connection_state *error_state) { unsigned char *protocol_proxy = NULL; if (proxy) { if (*proxy) { proxy = strip_proxy_protocol(proxy, (unsigned char *)"http://", (unsigned char *)"ftp://"); return proxy_uri(uri, proxy, error_state); } /* "" from script_hook_get_proxy() */ return get_composed_uri(uri, URI_BASE); } switch (uri->protocol) { case PROTOCOL_HTTP: protocol_proxy = get_protocol_proxy((unsigned char *)"protocol.http.proxy.host", (unsigned char *)"HTTP_PROXY", (unsigned char *)"http_proxy", (unsigned char *)"http://", NULL); break; case PROTOCOL_HTTPS: /* As Timo Lindfors explains, the communication between ELinks * and the proxy server is never encrypted, altho the proxy * might be used to transfer encrypted data between Web client * and Web server. (Some proxy servers might allow encrypted * communication between the Web client and the proxy * but ELinks does not support that.) */ /* So, don't check whether the URI for the proxy begins * with "https://" but rather check for "http://". * Maybe we should allow either -- ELinks uses HTTP * to communicate with the proxy when we use it for FTP, but we * check for "ftp://" below; and what about 'be liberal in what * you accept' (altho that is usually applied to data received * from remote systems, not to user input)? -- Miciah */ protocol_proxy = get_protocol_proxy((unsigned char *)"protocol.https.proxy.host", (unsigned char *)"HTTPS_PROXY", (unsigned char *)"https_proxy", (unsigned char *)"http://", NULL); break; case PROTOCOL_FTP: protocol_proxy = get_protocol_proxy((unsigned char *)"protocol.ftp.proxy.host", (unsigned char *)"FTP_PROXY", (unsigned char *)"ftp_proxy", (unsigned char *)"ftp://", (unsigned char *)"http://"); break; } if (protocol_proxy && *protocol_proxy) { unsigned char *no_proxy; unsigned char *slash = (unsigned char *)strchr((char *)protocol_proxy, '/'); if (slash) *slash = 0; no_proxy = get_opt_str((const unsigned char *)"protocol.no_proxy", NULL); if (!*no_proxy) no_proxy = (unsigned char *)getenv("NO_PROXY"); if (!no_proxy || !*no_proxy) no_proxy = (unsigned char *)getenv("no_proxy"); if (!proxy_probe_no_proxy(uri->host, no_proxy)) return proxy_uri(uri, protocol_proxy, error_state); } return get_composed_uri(uri, URI_BASE); }
Test::Result PK_Signature_Generation_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> message = get_req_bin(vars, "Msg"); const std::vector<uint8_t> signature = get_req_bin(vars, "Signature"); const std::string padding = get_opt_str(vars, "Padding", default_padding(vars)); Test::Result result(algo_name() + "/" + padding + " signature generation"); std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars); std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey))); for(auto&& sign_provider : possible_pk_providers()) { std::unique_ptr<Botan::PK_Signer> signer; try { signer.reset(new Botan::PK_Signer(*privkey, padding, Botan::IEEE_1363, sign_provider)); } catch(Botan::Lookup_Error&) { //result.test_note("Skipping signing with " + sign_provider); continue; } std::unique_ptr<Botan::RandomNumberGenerator> rng; if(vars.count("Nonce")) { rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce"))); } const std::vector<uint8_t> generated_signature = signer->sign_message(message, rng ? *rng : Test::rng()); if(sign_provider == "base") { result.test_eq("generated signature matches KAT", generated_signature, signature); } for(auto&& verify_provider : possible_pk_providers()) { std::unique_ptr<Botan::PK_Verifier> verifier; try { verifier.reset(new Botan::PK_Verifier(*pubkey, padding, Botan::IEEE_1363, verify_provider)); } catch(Botan::Lookup_Error&) { //result.test_note("Skipping verifying with " + verify_provider); continue; } if(!result.test_eq("generated signature valid", verifier->verify_message(message, generated_signature), true)) { result.test_failure("generated signature", generated_signature); } check_invalid_signatures(result, *verifier, message, signature); result.test_eq("KAT signature valid", verifier->verify_message(message, signature), true); } } return result; }
/* Return -1 on error, 0 or success. */ int ssl_connect(struct socket *socket) { int ret; unsigned char *server_name; struct connection *conn = (struct connection *)socket->conn; /* TODO: Recode server_name to UTF-8. */ server_name = get_uri_string(conn->proxied_uri, URI_HOST); if (!server_name) { socket->ops->done(socket, connection_state(S_OUT_OF_MEM)); return -1; } /* RFC 3546 says literal IPv4 and IPv6 addresses are not allowed. */ if (is_ip_address(server_name, strlen((const char *)server_name))) mem_free_set(&server_name, NULL); if (init_ssl_connection(socket, server_name) == S_SSL_ERROR) { mem_free_if(server_name); socket->ops->done(socket, connection_state(S_SSL_ERROR)); return -1; } mem_free_if(server_name); if (socket->no_tls) ssl_set_no_tls(socket); #ifdef USE_OPENSSL SSL_set_fd((SSL *)socket->ssl, socket->fd); if (get_opt_bool((const unsigned char *)"connection.ssl.cert_verify", NULL)) SSL_set_verify((SSL *)socket->ssl, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback); if (get_opt_bool((const unsigned char *)"connection.ssl.client_cert.enable", NULL)) { unsigned char *client_cert; #ifdef CONFIG_NSS_COMPAT_OSSL client_cert = get_opt_str( (const unsigned char *)"connection.ssl.client_cert.nickname", NULL); #else client_cert = get_opt_str( (const unsigned char *)"connection.ssl.client_cert.file", NULL); #endif if (!*client_cert) { client_cert = (unsigned char *)getenv("X509_CLIENT_CERT"); if (client_cert && !*client_cert) client_cert = NULL; } if (client_cert) { #ifdef CONFIG_NSS_COMPAT_OSSL SSL_CTX_use_certificate_chain_file( (SSL *) socket->ssl, (const char *)client_cert); #else SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx; SSL_CTX_use_certificate_chain_file(ctx, (const char *)client_cert); SSL_CTX_use_PrivateKey_file(ctx, (const char *)client_cert, SSL_FILETYPE_PEM); #endif } } #elif defined(CONFIG_GNUTLS) /* GnuTLS uses function pointers for network I/O. The default * functions take a file descriptor, but it must be passed in * as a pointer. GnuTLS uses the GNUTLS_INT_TO_POINTER and * GNUTLS_POINTER_TO_INT macros for these conversions, but * those are unfortunately not in any public header. So * ELinks must just cast the pointer the best it can and hope * that the conversions match. */ gnutls_transport_set_ptr(*((ssl_t *) socket->ssl), (gnutls_transport_ptr_t) (longptr_T) socket->fd); /* TODO: Some certificates fuss. --pasky */ #endif ret = ssl_do_connect(socket); switch (ret) { case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_READ2: socket->ops->set_state(socket, connection_state(S_SSL_NEG)); set_handlers(socket->fd, (select_handler_T) ssl_want_read, NULL, (select_handler_T) dns_exception, socket); return -1; case SSL_ERROR_NONE: #ifdef CONFIG_GNUTLS if (!get_opt_bool((const unsigned char *)"connection.ssl.cert_verify", NULL)) break; if (!verify_certificates(socket)) #endif break; default: if (ret != SSL_ERROR_NONE) { /* DBG("sslerr %s", gnutls_strerror(ret)); */ socket->no_tls = !socket->no_tls; } connect_socket(socket, connection_state(S_SSL_ERROR)); return -1; } return 0; }
Test::Result PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> plaintext = get_req_bin(vars, "Msg"); const std::vector<uint8_t> ciphertext = get_req_bin(vars, "Ciphertext"); const std::string padding = get_opt_str(vars, "Padding", default_padding(vars)); Test::Result result(algo_name() + "/" + padding + " decryption"); std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars); // instead slice the private key to work around elgamal test inputs //std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey))); Botan::Public_Key* pubkey = privkey.get(); for(auto&& enc_provider : possible_pk_providers()) { std::unique_ptr<Botan::PK_Encryptor> encryptor; try { encryptor.reset(new Botan::PK_Encryptor_EME(*pubkey, padding, enc_provider)); } catch(Botan::Lookup_Error&) { //result.test_note("Skipping encryption with provider " + enc_provider); continue; } std::unique_ptr<Botan::RandomNumberGenerator> kat_rng; if(vars.count("Nonce")) { kat_rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce"))); } const std::vector<uint8_t> generated_ciphertext = encryptor->encrypt(plaintext, kat_rng ? *kat_rng : Test::rng()); if(enc_provider == "base") { result.test_eq("generated ciphertext matches KAT", generated_ciphertext, ciphertext); } for(auto&& dec_provider : possible_pk_providers()) { std::unique_ptr<Botan::PK_Decryptor> decryptor; try { decryptor.reset(new Botan::PK_Decryptor_EME(*privkey, padding, dec_provider)); } catch(Botan::Lookup_Error&) { //result.test_note("Skipping decryption with provider " + dec_provider); continue; } result.test_eq("decryption of KAT", decryptor->decrypt(ciphertext), plaintext); check_invalid_ciphertexts(result, *decryptor, plaintext, ciphertext); result.test_eq("decryption of generated ciphertext", decryptor->decrypt(generated_ciphertext), plaintext); } } return result; }
void textarea_edit(int op, struct terminal *term_, struct form_state *fs_, struct document_view *doc_view_, struct link *link_) { struct textarea_data *td = NULL; assert ((op == 0 || op == 1) && term_); if_assert_failed return; if (op == 0 && get_cmd_opt_bool("anonymous")) { info_box(term_, 0, N_("Error"), ALIGN_CENTER, N_("You cannot launch an external" " editor in the anonymous mode.")); return; } if (op == 0) { unsigned char *ed; unsigned char *ex; assert(fs_ && doc_view_ && link_ && term_); td = init_textarea_data(term_, fs_, doc_view_, link_); if (!td) return; ed = get_opt_str("document.browse.forms.editor", doc_view_->session); if (!ed || !*ed) { ed = getenv("EDITOR"); if (!ed || !*ed) ed = "vi"; } ex = straconcat(ed, " ", td->fn, (unsigned char *) NULL); if (!ex) { unlink(td->fn); done_textarea_data(td); return; } td->term->textarea_data = td; exec_on_terminal(td->term, ex, "", TERM_EXEC_FG); mem_free(ex); return; } else if (op == 1) { struct string file; td = term_->textarea_data; term_->textarea_data = NULL; assert(td); if (!td->fs || !init_string(&file) || !add_file_to_string(&file, td->fn)) { done_textarea_data(td); return; } if (file.length > td->fc_maxlength) { file.source[td->fc_maxlength] = '\0'; /* Casting size_t fc_maxlength to unsigned int * and formatting it with "%u" is safe, * because fc_maxlength is smaller than * file.length, which is an int. */ info_box(td->term, MSGBOX_FREE_TEXT, N_("Warning"), ALIGN_CENTER, msg_text(td->term, N_("You have exceeded the textarea's" " size limit: your input is %d" " bytes, but the maximum is %u" " bytes.\n\n" "Your input has been truncated," " but you can still recover the" " text that you entered from" " this file: %s"), file.length, (unsigned int) td->fc_maxlength, td->fn)); } else { unlink(td->fn); } mem_free(td->fs->value); td->fs->value = file.source; td->fs->state = file.length; if (td->doc_view && td->link) draw_form_entry(td->term, td->doc_view, td->link); } done_textarea_data(td); }
static unsigned char * get_cache_entry_info(struct listbox_item *item, struct terminal *term) { struct cache_entry *cached = item->udata; struct string msg; if (item->type == BI_FOLDER) return NULL; if (!init_string(&msg)) return NULL; add_to_string(&msg, _("URL", term)); add_to_string(&msg, ": "); add_uri_to_string(&msg, cached->uri, URI_PUBLIC); /* No need to use compare_uri() here we only want to check whether they * point to the same URI. */ if (cached->proxy_uri != cached->uri) { add_format_to_string(&msg, "\n%s: ", _("Proxy URL", term)); add_uri_to_string(&msg, cached->proxy_uri, URI_PUBLIC); } if (cached->redirect) { add_format_to_string(&msg, "\n%s: ", _("Redirect", term)); add_uri_to_string(&msg, cached->redirect, URI_PUBLIC); if (cached->redirect_get) { add_to_string(&msg, " (GET)"); } } add_format_to_string(&msg, "\n%s: %" OFF_PRINT_FORMAT, _("Size", term), (off_print_T) cached->length); add_format_to_string(&msg, "\n%s: %" OFF_PRINT_FORMAT, _("Loaded size", term), (off_print_T) cached->data_size); if (cached->content_type) { add_format_to_string(&msg, "\n%s: %s", _("Content type", term), cached->content_type); } if (cached->last_modified) { add_format_to_string(&msg, "\n%s: %s", _("Last modified", term), cached->last_modified); } if (cached->etag) { add_format_to_string(&msg, "\n%s: %s", "ETag", cached->etag); } if (cached->ssl_info) { add_format_to_string(&msg, "\n%s: %s", _("SSL Cipher", term), cached->ssl_info); } if (cached->encoding_info) { add_format_to_string(&msg, "\n%s: %s", _("Encoding", term), cached->encoding_info); } if (cached->incomplete || !cached->valid) { add_char_to_string(&msg, '\n'); add_to_string(&msg, _("Flags", term)); add_to_string(&msg, ": "); if (cached->incomplete) { add_to_string(&msg, _("incomplete", term)); add_char_to_string(&msg, ' '); } if (!cached->valid) add_to_string(&msg, _("invalid", term)); } #ifdef HAVE_STRFTIME if (cached->expire) { time_t expires = timeval_to_seconds(&cached->max_age); add_format_to_string(&msg, "\n%s: ", _("Expires", term)); add_date_to_string(&msg, get_opt_str("ui.date_format", NULL), &expires); } #endif add_format_to_string(&msg, "\n%s: ", _("Cache mode", term)); switch (cached->cache_mode) { case CACHE_MODE_NEVER: add_to_string(&msg, _("never use cache entry", term)); break; case CACHE_MODE_ALWAYS: add_to_string(&msg, _("always use cache entry", term)); break; case CACHE_MODE_INCREMENT: case CACHE_MODE_NORMAL: case CACHE_MODE_CHECK_IF_MODIFIED: case CACHE_MODE_FORCE_RELOAD: /* Cache entries only use two values of enum cache_mode. */ INTERNAL("cached->cache_mode = %d", cached->cache_mode); break; } #ifdef CONFIG_DEBUG add_format_to_string(&msg, "\n%s: %d", "Refcount", get_object_refcount(cached)); add_format_to_string(&msg, "\n%s: %u", _("ID", term), cached->cache_id); if (cached->head && *cached->head) { add_format_to_string(&msg, "\n%s:\n\n%s", _("Header", term), cached->head); } #endif return msg.source; }