void
test_main(void)
{
ASSERT(BASE64_ENCODE_LENGTH(0) == 0); /* At most 4 bits */
ASSERT(BASE64_ENCODE_LENGTH(1) == 2); /* At most 12 bits */
ASSERT(BASE64_ENCODE_LENGTH(2) == 3); /* At most 20 bits */
ASSERT(BASE64_ENCODE_LENGTH(3) == 4); /* At most 28 bits */
ASSERT(BASE64_ENCODE_LENGTH(4) == 6); /* At most 36 bits */
ASSERT(BASE64_ENCODE_LENGTH(5) == 7); /* At most 44 bits */
ASSERT(BASE64_ENCODE_LENGTH(12) == 16); /* At most 100 bits */
ASSERT(BASE64_ENCODE_LENGTH(13) == 18); /* At most 108 bits */
ASSERT(BASE64_DECODE_LENGTH(0) == 0); /* At most 6 bits */
ASSERT(BASE64_DECODE_LENGTH(1) == 1); /* At most 12 bits */
ASSERT(BASE64_DECODE_LENGTH(2) == 2); /* At most 18 bits */
ASSERT(BASE64_DECODE_LENGTH(3) == 3); /* At most 24 bits */
ASSERT(BASE64_DECODE_LENGTH(4) == 3); /* At most 30 bits */
test_armor(&nettle_base64, LDATA(""), "");
test_armor(&nettle_base64, LDATA("H"), "SA==");
test_armor(&nettle_base64, LDATA("He"), "SGU=");
test_armor(&nettle_base64, LDATA("Hel"), "SGVs");
test_armor(&nettle_base64, LDATA("Hell"), "SGVsbA==");
test_armor(&nettle_base64, LDATA("Hello"), "SGVsbG8=");
test_armor(&nettle_base64, LDATA("Hello\0"), "SGVsbG8A");
test_armor(&nettle_base64, LDATA("Hello?>>>"), "SGVsbG8/Pj4+");
test_armor(&nettle_base64, LDATA("\xff\xff\xff\xff"), "/////w==");
test_armor(&nettle_base64url, LDATA(""), "");
test_armor(&nettle_base64url, LDATA("H"), "SA==");
test_armor(&nettle_base64url, LDATA("He"), "SGU=");
test_armor(&nettle_base64url, LDATA("Hel"), "SGVs");
test_armor(&nettle_base64url, LDATA("Hell"), "SGVsbA==");
test_armor(&nettle_base64url, LDATA("Hello"), "SGVsbG8=");
test_armor(&nettle_base64url, LDATA("Hello\0"), "SGVsbG8A");
test_armor(&nettle_base64url, LDATA("Hello?>>>"), "SGVsbG8_Pj4-");
test_armor(&nettle_base64url, LDATA("\xff\xff\xff\xff"), "_____w==");
{
/* Test overlapping areas */
uint8_t buffer[] = "Helloxxxx";
struct base64_decode_ctx ctx;
size_t dst_length;
ASSERT(BASE64_ENCODE_RAW_LENGTH(5) == 8);
base64_encode_raw(buffer, 5, buffer);
ASSERT(MEMEQ(9, buffer, "SGVsbG8=x"));
base64_decode_init(&ctx);
dst_length = 0; /* Output parameter only. */
ASSERT(base64_decode_update(&ctx, &dst_length, buffer, 8, buffer));
ASSERT(dst_length == 5);
ASSERT(MEMEQ(9, buffer, "HelloG8=x"));
}
test_fuzz ();
}
stl_string base64_encode (const char *buff, int bufflen) {
stl_string ret;
unsigned len = strlen (buff);
char *res = (char *) malloc (BASE64_ENCODE_LENGTH (bufflen));
struct base64_encode_ctx str;
base64_encode_init (&str);
len = base64_encode_update (&str, (uint8_t *) res, len, (uint8_t*) buff); // TODO: args?
base64_encode_final (&str, (uint8_t*) res);
ret.append (res, len);
free (res);
return ret;
}
static size_t
base64url_encode_length(size_t length)
{
return BASE64_ENCODE_LENGTH(length);
}
/*****************************************************************************
函 数 名 : submit_server
功能描述 : 提交主流程
返 回 值 : ERROR_SUCCESS 成功
-----------------------------------------------------------------------------
最近一次修改记录:
修改作者: 汤永翔
修改目的:配置下发支持8框vsm文件锁判断
修改日期: 2012年9月14日
*****************************************************************************/
int submit_server(const char* path_info)
{
u_int32_t ret = 0;
char tmp_buf[200];
SUB_ROOT *sub_file;
struct sub_env_t sub_env;
WEBSET_URL_HANDLE url_handle;
LONGIN_USER_INFO user_info;
s8 * serv_port = NULL;
s32 iret = LOGIN_OK;
s32 datetime = time(NULL);
s8 * sid = web_session_id();
const char * username;
const char * password;
const s8 * userip;
const s8 *servername;
s8 * remote_port = NULL;
USER user;
CONFIG *cfg = NULL;
CONFIG * snmp = NULL;
const s8* name ="sendtrap";
const s8 *sendTrap;
char * path_authorizationg;
const char *name_pwd;
char username_cgi[USER_NAME_LEN_MAX + 1];
char *password_cgi;
char str[USER_NAME_LEN_MAX + USER_PASSWD_LEN_MAX + 2];
int name_pwd_len;
int vsm_bitmap = 0;
int i, tol_num;
u32 bit_map = 0 ;
if(!access(CONFIG_LICK_FILE, F_OK))
{
submit_util_output_errmsg_c(NULL, UTIL_CONFIG_LOCK);
return 0;
}
if(!access(VSM_CONFIG_LICK_FILE, F_OK))
{
/*支持8框vsm。
将异常启动框对应的位图清零,
判断是否所有的框都正常启动,
并将文件锁删除*/
cfg_get_vsm_bitmap(&vsm_bitmap);
ifm_syscall_get_vsm_flag_bitmap(&bit_map);
for(i = 0, tol_num = 0; i < ifm_syscall_get_max_frame_num(); i++)
{
if(!(bit_map & (1 << i)))
{
vsm_bitmap &= ~(1 << i);
}
}
if(!vsm_bitmap)
{
unlink(VSM_CONFIG_LICK_FILE);
}
else
{
cfg_save_vsm_bitmap(vsm_bitmap);
/*当某框正在正常启动过程,主框才会在这里弹出错误*/
submit_util_output_errmsg_c(NULL, UTIL_CONFIG_LOCK);
return 0;
}
}
serv_port = http_get_env(ENV_SERVER_PORT);
if ((strcmp(WEBAUTH_AUTH_SUBMIT_PORT, serv_port))&&(strcmp(IPSEC_MOD_PWD_SUBMIT_PORT, serv_port)))
{
/* session 检查 */
web_session_start(); //开启SESSION会话
iret = user_overtime_check();
if(LOGIN_ERR == iret)
{
return ERROR_SUCCESS;
}
/* 设置日志信息 */
web_log_set_client_type(web_log_client_web);
web_log_set_client_addr(http_get_env(ENV_REMOTE_ADDR));
if(iret == LOGIN_ONCE || iret == LOGIN_DPX || iret == LOGIN_CGI_SYNC)
{
/* 重新生成新的ID */
web_session_regenerate_id();
sid = web_session_id();
if(iret == LOGIN_ONCE)
{
http_parameter_get("user_name", &username);
http_parameter_get("password", &password);
user_get_user_by_name(username,&user);
userip = http_get_env(ENV_REMOTE_ADDR);
}
else if(iret == LOGIN_CGI_SYNC)
{
/*获取含有用户名密码的字符串*/
path_authorizationg = http_get_env((unsigned int)ENV_HTTP_AUTHORIZATION);
if(path_authorizationg == NULL)
{
goto lable;
}
/*去掉字符串中的前缀 "Basic "*/
name_pwd = path_authorizationg;
name_pwd = name_pwd + strlen("Basic") + 1;//跳过 "Basic "
name_pwd_len = (int)strlen(name_pwd);
if(name_pwd_len > BASE64_ENCODE_LENGTH(USER_NAME_LEN_MAX + USER_PASSWD_LEN_MAX + 1))
{
goto lable;
}
/*将加密的字符串解密*/
if(0 != base64_decode(name_pwd, (unsigned char *)str, &name_pwd_len))
{
goto lable;
}
str[name_pwd_len] = '\0';
/*得到串中的用户名、密码*/
password_cgi = strchr(str, ':');
strncpy(username_cgi, str, (u_int32_t)(password_cgi-str));
username_cgi[password_cgi-str] = '\0';
username = username_cgi;
password = password_cgi;
user_get_user_by_name(username,&user);
userip = http_get_env(ENV_HTTP_WEB_ADDR);
web_log_set_client_addr((char*)userip);
}
else
{
username = http_get_env(ENV_REMOTE_ORIGIN_USER);
password = "";
user.groupid = atoi(http_get_env(ENV_REMOTE_ORIGIN_GROUPID));
user.role = atoi(http_get_env(ENV_REMOTE_ORIGIN_ROLE));
userip = http_get_env(ENV_REMOTE_ADDR);
}
datetime = time(NULL);
servername = http_get_env(ENV_SERVER_NAME);
remote_port = http_get_env(ENV_REMOTE_PORT);
if(OK != login_addLoginsucceed(sid, username, user.groupid,
password, user.role, userip, 1, datetime, servername, remote_port, user.vfw_id))
{
return ERROR_SUCCESS;
}
}
// 取当前用户
ret = login_get_current_user_info(&user_info);
if(OK != ret)
{
submit_util_output_errmsg_c(NULL, UTIL_GET_USER_FAIL);
return 0;
}
/*判断用户是否具有下发配置的权限*/
if(0 == strcmp(path_info, SUBMIT_PATH_REBOOT))
{
/*重启请求*/
if(!IS_REBOOT_ENABLE(user_info.detail_info))
{
/*该用户不具备reboot的权限*/
submit_util_output_errmsg_c(NULL, UTIL_REBOOT_DISABLE);
WEB_SEND_EX_OPERLOG_QUICK(5, "Reboot operation is not permitted!");
return 0;
}
}
else
{
if(!IS_SUBMIT_ENABLE(user_info.detail_info))
{
/*该用户不具备submit的权限*/
submit_util_output_errmsg_c(NULL, UTIL_SUBMIT_DISABLE);
WEB_SEND_EX_OPERLOG_QUICK(5, "Submit operation is not permitted!");
return 0;
}
}
// 设置用户
web_log_set_client_user(user_info.name);
}
//检查url的合法性,path_info样例: /log/ShowOperationLog
if (NULL == path_info || '\0' == path_info[0])
{
//url不符合规范
http_out("The URl of submit is wrong:%s.", path_info);
return ERROR_SUCCESS;
}
// 生成sub文件
sprintf(tmp_buf, "%s%s.xml", SERVER_FILES_ROOT, path_info);
// 确保不能越界
tmp_buf[199] = '\0';
/* load时会分配内部空间,退出时需要释放 */
ret = (u32)subdesc_load(tmp_buf, &sub_file);
if (ERROR_SUCCESS != ret)
{
http_output_system_error(WEB_LOGIN_EN, ret, NULL);
return ERROR_SUCCESS;
}
do
{
/* 只执行一次 */
/* submit环境初始化 */
ret = SubEnv_init(&sub_env);
if (ERROR_SUCCESS != ret)
break;
url_handle = SubEnv_getUrlHandle(&sub_env);
/* 按顺序初始化各种标签数据 */
ret = SubPreTreatment__init(&sub_file->pre_treatment, &sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubPreTreatment__operate(&sub_file->pre_treatment,
&sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllAction__init(&sub_file->action_list, &sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllAction__operate(&sub_file->action_list,
&sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllFunction__init(&sub_file->function_list, &sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllFunction__operate(&sub_file->function_list,
&sub_env, &sub_file->action_list);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllParameter__init(&sub_file->config_item_list, &sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllParameter__operate(&sub_file->config_item_list,
&sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllClue__init(&sub_file->execution_list, &sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubAllClue__operate(&sub_file->execution_list,
&sub_env,
&sub_file->config_item_list, &sub_file->function_list);
if (ERROR_SUCCESS != ret)
break;
ret = SubOther__init(&sub_file->result, &sub_env);
if (ERROR_SUCCESS != ret)
break;
ret = SubOther__operate(&sub_file->result, &sub_env,
&sub_file->action_list);
if (ERROR_SUCCESS != ret)
break;
/*
* 检查注册数据
*/
ret = webset_check_reg_data(url_handle);
if (ERROR_SUCCESS != ret)
break;
cfg = config_load(CURRENT_WEB_PROTOCOL);
sub_env.backup_web_pro = config_getint(cfg, "web_http_srv", 1);
if(sub_env.backup_web_pro == 1)
{
sub_env.backup_web_port = config_getint(cfg, "web_http_port", 80);
}
else
{
sub_env.backup_web_port = config_getint(cfg, "web_https_port", 443);
}
config_free(cfg);
/*
* 调用配置模块主函数进行设置
* 其内部会自己调用动作
*/
ret = webset_Main(SUB_ENV_TO_USERLINKID(&sub_env),
url_handle);
}while (1 == 0);
if (ERROR_SUCCESS != ret)
{
webset_show_result();
}
snmp = config_load(SNMP_CONFIG);
if(NULL == snmp)
{
config_free(snmp);
goto lable;
}
sendTrap = config_get(snmp, name, "");
if(1 == atoi(sendTrap))
{
dpLoginManagent_submit(user_info.name, user_info.ipaddr, path_info);
}
config_free(snmp);
/* 清理资源 */
lable: subdesc_free(sub_file);
SubEnv_end(&sub_env);
if(iret == LOGIN_ONCE || iret == LOGIN_DPX || iret == LOGIN_CGI_SYNC )
{
login_userlogoutprocess(sid, datetime, LOGOUT_TYPE_INITIATIVE);
/* 注销Session */
session_destroy();
}
return ERROR_SUCCESS;
}
int
pgp_armor(struct nettle_buffer *buffer,
const char *tag,
unsigned length,
const uint8_t *data)
{
struct base64_encode_ctx ctx;
unsigned crc = pgp_crc24(length, data);
base64_encode_init(&ctx);
if (! (write_string(buffer, "BEGIN PGP ")
&& write_string(buffer, tag)
&& write_string(buffer, "\nComment: Nettle\n\n")))
return 0;
for (;
length >= BINARY_PER_LINE;
length -= BINARY_PER_LINE, data += BINARY_PER_LINE)
{
unsigned done;
uint8_t *p
= nettle_buffer_space(buffer, TEXT_PER_LINE);
if (!p)
return 0;
done = base64_encode_update(&ctx, p, BINARY_PER_LINE, data);
assert(done <= TEXT_PER_LINE);
/* FIXME: Create some official way to do this */
buffer->size -= (TEXT_PER_LINE - done);
if (!NETTLE_BUFFER_PUTC(buffer, '\n'))
return 0;
}
if (length)
{
unsigned text_size = BASE64_ENCODE_LENGTH(length)
+ BASE64_ENCODE_FINAL_LENGTH;
unsigned done;
uint8_t *p
= nettle_buffer_space(buffer, text_size);
if (!p)
return 0;
done = base64_encode_update(&ctx, p, length, data);
done += base64_encode_final(&ctx, p + done);
/* FIXME: Create some official way to do this */
buffer->size -= (text_size - done);
if (!NETTLE_BUFFER_PUTC(buffer, '\n'))
return 0;
}
/* Checksum */
if (!NETTLE_BUFFER_PUTC(buffer, '='))
return 0;
{
uint8_t *p = nettle_buffer_space(buffer, 4);
if (!p)
return 0;
base64_encode_group(p, crc);
}
return (write_string(buffer, "\nBEGIN PGP ")
&& write_string(buffer, tag)
&& NETTLE_BUFFER_PUTC(buffer, '\n'));
}
