void test_main(void) { ASSERT(BASE64_ENCODE_LENGTH(0) == 0); /* At most 4 bits */ ASSERT(BASE64_ENCODE_LENGTH(1) == 2); /* At most 12 bits */ ASSERT(BASE64_ENCODE_LENGTH(2) == 3); /* At most 20 bits */ ASSERT(BASE64_ENCODE_LENGTH(3) == 4); /* At most 28 bits */ ASSERT(BASE64_ENCODE_LENGTH(4) == 6); /* At most 36 bits */ ASSERT(BASE64_ENCODE_LENGTH(5) == 7); /* At most 44 bits */ ASSERT(BASE64_ENCODE_LENGTH(12) == 16); /* At most 100 bits */ ASSERT(BASE64_ENCODE_LENGTH(13) == 18); /* At most 108 bits */ ASSERT(BASE64_DECODE_LENGTH(0) == 0); /* At most 6 bits */ ASSERT(BASE64_DECODE_LENGTH(1) == 1); /* At most 12 bits */ ASSERT(BASE64_DECODE_LENGTH(2) == 2); /* At most 18 bits */ ASSERT(BASE64_DECODE_LENGTH(3) == 3); /* At most 24 bits */ ASSERT(BASE64_DECODE_LENGTH(4) == 3); /* At most 30 bits */ test_armor(&nettle_base64, LDATA(""), ""); test_armor(&nettle_base64, LDATA("H"), "SA=="); test_armor(&nettle_base64, LDATA("He"), "SGU="); test_armor(&nettle_base64, LDATA("Hel"), "SGVs"); test_armor(&nettle_base64, LDATA("Hell"), "SGVsbA=="); test_armor(&nettle_base64, LDATA("Hello"), "SGVsbG8="); test_armor(&nettle_base64, LDATA("Hello\0"), "SGVsbG8A"); test_armor(&nettle_base64, LDATA("Hello?>>>"), "SGVsbG8/Pj4+"); test_armor(&nettle_base64, LDATA("\xff\xff\xff\xff"), "/////w=="); test_armor(&nettle_base64url, LDATA(""), ""); test_armor(&nettle_base64url, LDATA("H"), "SA=="); test_armor(&nettle_base64url, LDATA("He"), "SGU="); test_armor(&nettle_base64url, LDATA("Hel"), "SGVs"); test_armor(&nettle_base64url, LDATA("Hell"), "SGVsbA=="); test_armor(&nettle_base64url, LDATA("Hello"), "SGVsbG8="); test_armor(&nettle_base64url, LDATA("Hello\0"), "SGVsbG8A"); test_armor(&nettle_base64url, LDATA("Hello?>>>"), "SGVsbG8_Pj4-"); test_armor(&nettle_base64url, LDATA("\xff\xff\xff\xff"), "_____w=="); { /* Test overlapping areas */ uint8_t buffer[] = "Helloxxxx"; struct base64_decode_ctx ctx; size_t dst_length; ASSERT(BASE64_ENCODE_RAW_LENGTH(5) == 8); base64_encode_raw(buffer, 5, buffer); ASSERT(MEMEQ(9, buffer, "SGVsbG8=x")); base64_decode_init(&ctx); dst_length = 0; /* Output parameter only. */ ASSERT(base64_decode_update(&ctx, &dst_length, buffer, 8, buffer)); ASSERT(dst_length == 5); ASSERT(MEMEQ(9, buffer, "HelloG8=x")); } test_fuzz (); }
stl_string base64_encode (const char *buff, int bufflen) { stl_string ret; unsigned len = strlen (buff); char *res = (char *) malloc (BASE64_ENCODE_LENGTH (bufflen)); struct base64_encode_ctx str; base64_encode_init (&str); len = base64_encode_update (&str, (uint8_t *) res, len, (uint8_t*) buff); // TODO: args? base64_encode_final (&str, (uint8_t*) res); ret.append (res, len); free (res); return ret; }
static size_t base64url_encode_length(size_t length) { return BASE64_ENCODE_LENGTH(length); }
/***************************************************************************** 函 数 名 : submit_server 功能描述 : 提交主流程 返 回 值 : ERROR_SUCCESS 成功 ----------------------------------------------------------------------------- 最近一次修改记录: 修改作者: 汤永翔 修改目的:配置下发支持8框vsm文件锁判断 修改日期: 2012年9月14日 *****************************************************************************/ int submit_server(const char* path_info) { u_int32_t ret = 0; char tmp_buf[200]; SUB_ROOT *sub_file; struct sub_env_t sub_env; WEBSET_URL_HANDLE url_handle; LONGIN_USER_INFO user_info; s8 * serv_port = NULL; s32 iret = LOGIN_OK; s32 datetime = time(NULL); s8 * sid = web_session_id(); const char * username; const char * password; const s8 * userip; const s8 *servername; s8 * remote_port = NULL; USER user; CONFIG *cfg = NULL; CONFIG * snmp = NULL; const s8* name ="sendtrap"; const s8 *sendTrap; char * path_authorizationg; const char *name_pwd; char username_cgi[USER_NAME_LEN_MAX + 1]; char *password_cgi; char str[USER_NAME_LEN_MAX + USER_PASSWD_LEN_MAX + 2]; int name_pwd_len; int vsm_bitmap = 0; int i, tol_num; u32 bit_map = 0 ; if(!access(CONFIG_LICK_FILE, F_OK)) { submit_util_output_errmsg_c(NULL, UTIL_CONFIG_LOCK); return 0; } if(!access(VSM_CONFIG_LICK_FILE, F_OK)) { /*支持8框vsm。 将异常启动框对应的位图清零, 判断是否所有的框都正常启动, 并将文件锁删除*/ cfg_get_vsm_bitmap(&vsm_bitmap); ifm_syscall_get_vsm_flag_bitmap(&bit_map); for(i = 0, tol_num = 0; i < ifm_syscall_get_max_frame_num(); i++) { if(!(bit_map & (1 << i))) { vsm_bitmap &= ~(1 << i); } } if(!vsm_bitmap) { unlink(VSM_CONFIG_LICK_FILE); } else { cfg_save_vsm_bitmap(vsm_bitmap); /*当某框正在正常启动过程,主框才会在这里弹出错误*/ submit_util_output_errmsg_c(NULL, UTIL_CONFIG_LOCK); return 0; } } serv_port = http_get_env(ENV_SERVER_PORT); if ((strcmp(WEBAUTH_AUTH_SUBMIT_PORT, serv_port))&&(strcmp(IPSEC_MOD_PWD_SUBMIT_PORT, serv_port))) { /* session 检查 */ web_session_start(); //开启SESSION会话 iret = user_overtime_check(); if(LOGIN_ERR == iret) { return ERROR_SUCCESS; } /* 设置日志信息 */ web_log_set_client_type(web_log_client_web); web_log_set_client_addr(http_get_env(ENV_REMOTE_ADDR)); if(iret == LOGIN_ONCE || iret == LOGIN_DPX || iret == LOGIN_CGI_SYNC) { /* 重新生成新的ID */ web_session_regenerate_id(); sid = web_session_id(); if(iret == LOGIN_ONCE) { http_parameter_get("user_name", &username); http_parameter_get("password", &password); user_get_user_by_name(username,&user); userip = http_get_env(ENV_REMOTE_ADDR); } else if(iret == LOGIN_CGI_SYNC) { /*获取含有用户名密码的字符串*/ path_authorizationg = http_get_env((unsigned int)ENV_HTTP_AUTHORIZATION); if(path_authorizationg == NULL) { goto lable; } /*去掉字符串中的前缀 "Basic "*/ name_pwd = path_authorizationg; name_pwd = name_pwd + strlen("Basic") + 1;//跳过 "Basic " name_pwd_len = (int)strlen(name_pwd); if(name_pwd_len > BASE64_ENCODE_LENGTH(USER_NAME_LEN_MAX + USER_PASSWD_LEN_MAX + 1)) { goto lable; } /*将加密的字符串解密*/ if(0 != base64_decode(name_pwd, (unsigned char *)str, &name_pwd_len)) { goto lable; } str[name_pwd_len] = '\0'; /*得到串中的用户名、密码*/ password_cgi = strchr(str, ':'); strncpy(username_cgi, str, (u_int32_t)(password_cgi-str)); username_cgi[password_cgi-str] = '\0'; username = username_cgi; password = password_cgi; user_get_user_by_name(username,&user); userip = http_get_env(ENV_HTTP_WEB_ADDR); web_log_set_client_addr((char*)userip); } else { username = http_get_env(ENV_REMOTE_ORIGIN_USER); password = ""; user.groupid = atoi(http_get_env(ENV_REMOTE_ORIGIN_GROUPID)); user.role = atoi(http_get_env(ENV_REMOTE_ORIGIN_ROLE)); userip = http_get_env(ENV_REMOTE_ADDR); } datetime = time(NULL); servername = http_get_env(ENV_SERVER_NAME); remote_port = http_get_env(ENV_REMOTE_PORT); if(OK != login_addLoginsucceed(sid, username, user.groupid, password, user.role, userip, 1, datetime, servername, remote_port, user.vfw_id)) { return ERROR_SUCCESS; } } // 取当前用户 ret = login_get_current_user_info(&user_info); if(OK != ret) { submit_util_output_errmsg_c(NULL, UTIL_GET_USER_FAIL); return 0; } /*判断用户是否具有下发配置的权限*/ if(0 == strcmp(path_info, SUBMIT_PATH_REBOOT)) { /*重启请求*/ if(!IS_REBOOT_ENABLE(user_info.detail_info)) { /*该用户不具备reboot的权限*/ submit_util_output_errmsg_c(NULL, UTIL_REBOOT_DISABLE); WEB_SEND_EX_OPERLOG_QUICK(5, "Reboot operation is not permitted!"); return 0; } } else { if(!IS_SUBMIT_ENABLE(user_info.detail_info)) { /*该用户不具备submit的权限*/ submit_util_output_errmsg_c(NULL, UTIL_SUBMIT_DISABLE); WEB_SEND_EX_OPERLOG_QUICK(5, "Submit operation is not permitted!"); return 0; } } // 设置用户 web_log_set_client_user(user_info.name); } //检查url的合法性,path_info样例: /log/ShowOperationLog if (NULL == path_info || '\0' == path_info[0]) { //url不符合规范 http_out("The URl of submit is wrong:%s.", path_info); return ERROR_SUCCESS; } // 生成sub文件 sprintf(tmp_buf, "%s%s.xml", SERVER_FILES_ROOT, path_info); // 确保不能越界 tmp_buf[199] = '\0'; /* load时会分配内部空间,退出时需要释放 */ ret = (u32)subdesc_load(tmp_buf, &sub_file); if (ERROR_SUCCESS != ret) { http_output_system_error(WEB_LOGIN_EN, ret, NULL); return ERROR_SUCCESS; } do { /* 只执行一次 */ /* submit环境初始化 */ ret = SubEnv_init(&sub_env); if (ERROR_SUCCESS != ret) break; url_handle = SubEnv_getUrlHandle(&sub_env); /* 按顺序初始化各种标签数据 */ ret = SubPreTreatment__init(&sub_file->pre_treatment, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubPreTreatment__operate(&sub_file->pre_treatment, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllAction__init(&sub_file->action_list, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllAction__operate(&sub_file->action_list, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllFunction__init(&sub_file->function_list, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllFunction__operate(&sub_file->function_list, &sub_env, &sub_file->action_list); if (ERROR_SUCCESS != ret) break; ret = SubAllParameter__init(&sub_file->config_item_list, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllParameter__operate(&sub_file->config_item_list, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllClue__init(&sub_file->execution_list, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubAllClue__operate(&sub_file->execution_list, &sub_env, &sub_file->config_item_list, &sub_file->function_list); if (ERROR_SUCCESS != ret) break; ret = SubOther__init(&sub_file->result, &sub_env); if (ERROR_SUCCESS != ret) break; ret = SubOther__operate(&sub_file->result, &sub_env, &sub_file->action_list); if (ERROR_SUCCESS != ret) break; /* * 检查注册数据 */ ret = webset_check_reg_data(url_handle); if (ERROR_SUCCESS != ret) break; cfg = config_load(CURRENT_WEB_PROTOCOL); sub_env.backup_web_pro = config_getint(cfg, "web_http_srv", 1); if(sub_env.backup_web_pro == 1) { sub_env.backup_web_port = config_getint(cfg, "web_http_port", 80); } else { sub_env.backup_web_port = config_getint(cfg, "web_https_port", 443); } config_free(cfg); /* * 调用配置模块主函数进行设置 * 其内部会自己调用动作 */ ret = webset_Main(SUB_ENV_TO_USERLINKID(&sub_env), url_handle); }while (1 == 0); if (ERROR_SUCCESS != ret) { webset_show_result(); } snmp = config_load(SNMP_CONFIG); if(NULL == snmp) { config_free(snmp); goto lable; } sendTrap = config_get(snmp, name, ""); if(1 == atoi(sendTrap)) { dpLoginManagent_submit(user_info.name, user_info.ipaddr, path_info); } config_free(snmp); /* 清理资源 */ lable: subdesc_free(sub_file); SubEnv_end(&sub_env); if(iret == LOGIN_ONCE || iret == LOGIN_DPX || iret == LOGIN_CGI_SYNC ) { login_userlogoutprocess(sid, datetime, LOGOUT_TYPE_INITIATIVE); /* 注销Session */ session_destroy(); } return ERROR_SUCCESS; }
int pgp_armor(struct nettle_buffer *buffer, const char *tag, unsigned length, const uint8_t *data) { struct base64_encode_ctx ctx; unsigned crc = pgp_crc24(length, data); base64_encode_init(&ctx); if (! (write_string(buffer, "BEGIN PGP ") && write_string(buffer, tag) && write_string(buffer, "\nComment: Nettle\n\n"))) return 0; for (; length >= BINARY_PER_LINE; length -= BINARY_PER_LINE, data += BINARY_PER_LINE) { unsigned done; uint8_t *p = nettle_buffer_space(buffer, TEXT_PER_LINE); if (!p) return 0; done = base64_encode_update(&ctx, p, BINARY_PER_LINE, data); assert(done <= TEXT_PER_LINE); /* FIXME: Create some official way to do this */ buffer->size -= (TEXT_PER_LINE - done); if (!NETTLE_BUFFER_PUTC(buffer, '\n')) return 0; } if (length) { unsigned text_size = BASE64_ENCODE_LENGTH(length) + BASE64_ENCODE_FINAL_LENGTH; unsigned done; uint8_t *p = nettle_buffer_space(buffer, text_size); if (!p) return 0; done = base64_encode_update(&ctx, p, length, data); done += base64_encode_final(&ctx, p + done); /* FIXME: Create some official way to do this */ buffer->size -= (text_size - done); if (!NETTLE_BUFFER_PUTC(buffer, '\n')) return 0; } /* Checksum */ if (!NETTLE_BUFFER_PUTC(buffer, '=')) return 0; { uint8_t *p = nettle_buffer_space(buffer, 4); if (!p) return 0; base64_encode_group(p, crc); } return (write_string(buffer, "\nBEGIN PGP ") && write_string(buffer, tag) && NETTLE_BUFFER_PUTC(buffer, '\n')); }