summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2007-06-18 21:38:12 (UTC)
committer Michael Krelin <hacker@klever.net>2007-06-18 21:38:12 (UTC)
commit3b404dd029a2aba05efc2edadcc7f67c59746cf7 (patch) (unidiff)
treea972e6f7ab320927409cf773977b4ee58ce5cf68
parente4873a10430d012943d2712b5b9c3363e8c74cb5 (diff)
downloadlibopkele-3b404dd029a2aba05efc2edadcc7f67c59746cf7.zip
libopkele-3b404dd029a2aba05efc2edadcc7f67c59746cf7.tar.gz
libopkele-3b404dd029a2aba05efc2edadcc7f67c59746cf7.tar.bz2
Adhere to Postel's Law.
That is, be liberal when parsing key/value parameters from remote. Along with configure switch to disable it.
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--configure.ac7
-rw-r--r--lib/params.cc16
2 files changed, 23 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index 8397914..19e7832 100644
--- a/configure.ac
+++ b/configure.ac
@@ -30,56 +30,63 @@ if test "${WANT_KONFORKA}" = "yes" ; then
30 AC_SUBST([KONFORKA_LIBS]) 30 AC_SUBST([KONFORKA_LIBS])
31 AC_DEFINE([HAVE_KONFORKA],,[defined in presence of konforka library]) 31 AC_DEFINE([HAVE_KONFORKA],,[defined in presence of konforka library])
32 AC_DEFINE([OPKELE_HAVE_KONFORKA],,[defined in presence of konforka library]) 32 AC_DEFINE([OPKELE_HAVE_KONFORKA],,[defined in presence of konforka library])
33 AC_SUBST([KONFORKA_KONFORKA],[konforka]) 33 AC_SUBST([KONFORKA_KONFORKA],[konforka])
34 ],[true]) 34 ],[true])
35fi 35fi
36 36
37WANT_DOXYGEN="yes" 37WANT_DOXYGEN="yes"
38AC_ARG_ENABLE([doxygen], 38AC_ARG_ENABLE([doxygen],
39 AC_HELP_STRING([--disable-doxygen],[do not generate documentation]), 39 AC_HELP_STRING([--disable-doxygen],[do not generate documentation]),
40 [ 40 [
41 test "${enableval}" = "no" && WANT_DOXYGEN="no" 41 test "${enableval}" = "no" && WANT_DOXYGEN="no"
42 ] 42 ]
43) 43)
44if test "${WANT_DOXYGEN}" = "yes" ; then 44if test "${WANT_DOXYGEN}" = "yes" ; then
45 AC_WITH_DOXYGEN 45 AC_WITH_DOXYGEN
46 AC_WITH_DOT 46 AC_WITH_DOT
47else 47else
48 AM_CONDITIONAL([HAVE_DOXYGEN],[false]) 48 AM_CONDITIONAL([HAVE_DOXYGEN],[false])
49 AM_CONDITIONAL([HAVE_DOT],[false]) 49 AM_CONDITIONAL([HAVE_DOT],[false])
50fi 50fi
51 51
52LIBCURL_CHECK_CONFIG(,,,[ 52LIBCURL_CHECK_CONFIG(,,,[
53 AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/]) 53 AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/])
54]) 54])
55AC_WITH_PCRE([ 55AC_WITH_PCRE([
56 AC_WITH_PCREPP(,[ 56 AC_WITH_PCREPP(,[
57 AC_MSG_ERROR([no pcre++ library found. get one at http://www.daemon.de/PCRE]) 57 AC_MSG_ERROR([no pcre++ library found. get one at http://www.daemon.de/PCRE])
58 ]) 58 ])
59 ],[ 59 ],[
60 AC_MSG_ERROR([no pcre library found. get one at http://www.pcre.org/]) 60 AC_MSG_ERROR([no pcre library found. get one at http://www.pcre.org/])
61 ] 61 ]
62) 62)
63 63
64curl_ssl_verify_host="true" 64curl_ssl_verify_host="true"
65AC_ARG_ENABLE([ssl-verify-host], 65AC_ARG_ENABLE([ssl-verify-host],
66 AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]), 66 AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]),
67 [ test "${enableval}" = "no" && curl_ssl_verify_host="false" ] 67 [ test "${enableval}" = "no" && curl_ssl_verify_host="false" ]
68) 68)
69${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host]) 69${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host])
70 70
71curl_ssl_verify_peer="true" 71curl_ssl_verify_peer="true"
72AC_ARG_ENABLE([ssl-verify-peer], 72AC_ARG_ENABLE([ssl-verify-peer],
73 AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]), 73 AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]),
74 [ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ] 74 [ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ]
75) 75)
76${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity]) 76${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity])
77 77
78postels_law=true
79AC_ARG_ENABLE([postels-law],
80 AC_HELP_STRING([--disable-postels-law],[Be strict, do not adhere to Postel's Law ("be conservative in what you do, be liberal in what you accept from others", RFC 793)]),
81 [ test "${enableval}" = "no" && postels_law=false ]
82)
83$postels_law && AC_DEFINE([POSTELS_LAW],,[defined if we want to adhere to Postel's Law])
84
78AC_CONFIG_FILES([ 85AC_CONFIG_FILES([
79 Makefile 86 Makefile
80 libopkele.pc 87 libopkele.pc
81 Doxyfile 88 Doxyfile
82 include/Makefile 89 include/Makefile
83 lib/Makefile 90 lib/Makefile
84]) 91])
85AC_OUTPUT 92AC_OUTPUT
diff --git a/lib/params.cc b/lib/params.cc
index b181811..ea86d3a 100644
--- a/lib/params.cc
+++ b/lib/params.cc
@@ -1,86 +1,102 @@
1#include <opkele/types.h> 1#include <opkele/types.h>
2#include <opkele/exception.h> 2#include <opkele/exception.h>
3#include <opkele/util.h> 3#include <opkele/util.h>
4#include <openssl/sha.h> 4#include <openssl/sha.h>
5#include <openssl/hmac.h> 5#include <openssl/hmac.h>
6 6
7#include "config.h"
8
7namespace opkele { 9namespace opkele {
8 using namespace std; 10 using namespace std;
9 11
10 bool params_t::has_param(const string& n) const { 12 bool params_t::has_param(const string& n) const {
11 return find(n)!=end(); 13 return find(n)!=end();
12 } 14 }
13 const string& params_t::get_param(const string& n) const { 15 const string& params_t::get_param(const string& n) const {
14 const_iterator i = find(n); 16 const_iterator i = find(n);
15 if(i==end()) 17 if(i==end())
16 throw failed_lookup(OPKELE_CP_ n+": no such parameter"); 18 throw failed_lookup(OPKELE_CP_ n+": no such parameter");
17 return i->second; 19 return i->second;
18 } 20 }
19 string& params_t::get_param(const string& n) { 21 string& params_t::get_param(const string& n) {
20 iterator i = find(n); 22 iterator i = find(n);
21 if(i==end()) 23 if(i==end())
22 throw failed_lookup(OPKELE_CP_ n+": no such parameter"); 24 throw failed_lookup(OPKELE_CP_ n+": no such parameter");
23 return i->second; 25 return i->second;
24 } 26 }
25 27
26 void params_t::parse_keyvalues(const string& kv) { 28 void params_t::parse_keyvalues(const string& kv) {
27 clear(); 29 clear();
28 string::size_type p = 0; 30 string::size_type p = 0;
29 while(true) { 31 while(true) {
30 string::size_type co = kv.find(':',p); 32 string::size_type co = kv.find(':',p);
31 if(co==string::npos) 33 if(co==string::npos)
32 break; 34 break;
35#ifndef POSTELS_LAW
33 string::size_type nl = kv.find('\n',co+1); 36 string::size_type nl = kv.find('\n',co+1);
34 if(nl==string::npos) 37 if(nl==string::npos)
35 throw bad_input(OPKELE_CP_ "malformed input"); 38 throw bad_input(OPKELE_CP_ "malformed input");
36 if(nl>co) 39 if(nl>co)
37 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1))); 40 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1)));
38 p = nl+1; 41 p = nl+1;
42#else /* POSTELS_LAW */
43 string::size_type lb = kv.find_first_of("\r\n",co+1);
44 if(lb==string::npos) {
45 insert(value_type(kv.substr(p,co-p),kv.substr(co+1)));
46 break;
47 }
48 if(lb>co)
49 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,lb-co-1)));
50 string::size_type nolb = kv.find_first_not_of("\r\n",lb);
51 if(nolb==string::npos)
52 break;
53 p = nolb;
54#endif /* POSTELS_LAW */
39 } 55 }
40 } 56 }
41 57
42 void params_t::sign(secret_t secret,string& sig,const string& slist,const char *prefix) const { 58 void params_t::sign(secret_t secret,string& sig,const string& slist,const char *prefix) const {
43 string kv; 59 string kv;
44 string::size_type p = 0; 60 string::size_type p = 0;
45 while(true) { 61 while(true) {
46 string::size_type co = slist.find(',',p); 62 string::size_type co = slist.find(',',p);
47 string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p); 63 string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
48 kv += f; 64 kv += f;
49 kv += ':'; 65 kv += ':';
50 if(prefix) f.insert(0,prefix); 66 if(prefix) f.insert(0,prefix);
51 kv += get_param(f); 67 kv += get_param(f);
52 kv += '\n'; 68 kv += '\n';
53 if(co==string::npos) 69 if(co==string::npos)
54 break; 70 break;
55 p = co+1; 71 p = co+1;
56 } 72 }
57 unsigned int md_len = 0; 73 unsigned int md_len = 0;
58 unsigned char *md = HMAC( 74 unsigned char *md = HMAC(
59 EVP_sha1(), 75 EVP_sha1(),
60 &(secret.front()),secret.size(), 76 &(secret.front()),secret.size(),
61 (const unsigned char *)kv.data(),kv.length(), 77 (const unsigned char *)kv.data(),kv.length(),
62 0,&md_len); 78 0,&md_len);
63 sig = util::encode_base64(md,md_len); 79 sig = util::encode_base64(md,md_len);
64 } 80 }
65 81
66 string params_t::append_query(const string& url,const char *prefix) const { 82 string params_t::append_query(const string& url,const char *prefix) const {
67 string rv = url; 83 string rv = url;
68 bool p = true; 84 bool p = true;
69 if(rv.find('?')==string::npos) { 85 if(rv.find('?')==string::npos) {
70 rv += '?'; 86 rv += '?';
71 p = false; 87 p = false;
72 } 88 }
73 for(const_iterator i=begin();i!=end();++i) { 89 for(const_iterator i=begin();i!=end();++i) {
74 if(p) 90 if(p)
75 rv += '&'; 91 rv += '&';
76 else 92 else
77 p = true; 93 p = true;
78 rv += prefix; 94 rv += prefix;
79 rv += i->first; 95 rv += i->first;
80 rv += '='; 96 rv += '=';
81 rv += util::url_encode(i->second); 97 rv += util::url_encode(i->second);
82 } 98 }
83 return rv; 99 return rv;
84 } 100 }
85 101
86 ostream& operator << (ostream& o,const params_t& p) { 102 ostream& operator << (ostream& o,const params_t& p) {