summaryrefslogtreecommitdiffabout
path: root/lib
authorMichael Krelin <hacker@klever.net>2007-06-18 21:38:12 (UTC)
committer Michael Krelin <hacker@klever.net>2007-06-18 21:38:12 (UTC)
commit3b404dd029a2aba05efc2edadcc7f67c59746cf7 (patch) (unidiff)
treea972e6f7ab320927409cf773977b4ee58ce5cf68 /lib
parente4873a10430d012943d2712b5b9c3363e8c74cb5 (diff)
downloadlibopkele-3b404dd029a2aba05efc2edadcc7f67c59746cf7.zip
libopkele-3b404dd029a2aba05efc2edadcc7f67c59746cf7.tar.gz
libopkele-3b404dd029a2aba05efc2edadcc7f67c59746cf7.tar.bz2
Adhere to Postel's Law.
That is, be liberal when parsing key/value parameters from remote. Along with configure switch to disable it.
Diffstat (limited to 'lib') (more/less context) (ignore whitespace changes)
-rw-r--r--lib/params.cc16
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/params.cc b/lib/params.cc
index b181811..ea86d3a 100644
--- a/lib/params.cc
+++ b/lib/params.cc
@@ -1,62 +1,78 @@
1#include <opkele/types.h> 1#include <opkele/types.h>
2#include <opkele/exception.h> 2#include <opkele/exception.h>
3#include <opkele/util.h> 3#include <opkele/util.h>
4#include <openssl/sha.h> 4#include <openssl/sha.h>
5#include <openssl/hmac.h> 5#include <openssl/hmac.h>
6 6
7#include "config.h"
8
7namespace opkele { 9namespace opkele {
8 using namespace std; 10 using namespace std;
9 11
10 bool params_t::has_param(const string& n) const { 12 bool params_t::has_param(const string& n) const {
11 return find(n)!=end(); 13 return find(n)!=end();
12 } 14 }
13 const string& params_t::get_param(const string& n) const { 15 const string& params_t::get_param(const string& n) const {
14 const_iterator i = find(n); 16 const_iterator i = find(n);
15 if(i==end()) 17 if(i==end())
16 throw failed_lookup(OPKELE_CP_ n+": no such parameter"); 18 throw failed_lookup(OPKELE_CP_ n+": no such parameter");
17 return i->second; 19 return i->second;
18 } 20 }
19 string& params_t::get_param(const string& n) { 21 string& params_t::get_param(const string& n) {
20 iterator i = find(n); 22 iterator i = find(n);
21 if(i==end()) 23 if(i==end())
22 throw failed_lookup(OPKELE_CP_ n+": no such parameter"); 24 throw failed_lookup(OPKELE_CP_ n+": no such parameter");
23 return i->second; 25 return i->second;
24 } 26 }
25 27
26 void params_t::parse_keyvalues(const string& kv) { 28 void params_t::parse_keyvalues(const string& kv) {
27 clear(); 29 clear();
28 string::size_type p = 0; 30 string::size_type p = 0;
29 while(true) { 31 while(true) {
30 string::size_type co = kv.find(':',p); 32 string::size_type co = kv.find(':',p);
31 if(co==string::npos) 33 if(co==string::npos)
32 break; 34 break;
35#ifndef POSTELS_LAW
33 string::size_type nl = kv.find('\n',co+1); 36 string::size_type nl = kv.find('\n',co+1);
34 if(nl==string::npos) 37 if(nl==string::npos)
35 throw bad_input(OPKELE_CP_ "malformed input"); 38 throw bad_input(OPKELE_CP_ "malformed input");
36 if(nl>co) 39 if(nl>co)
37 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1))); 40 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1)));
38 p = nl+1; 41 p = nl+1;
42#else /* POSTELS_LAW */
43 string::size_type lb = kv.find_first_of("\r\n",co+1);
44 if(lb==string::npos) {
45 insert(value_type(kv.substr(p,co-p),kv.substr(co+1)));
46 break;
47 }
48 if(lb>co)
49 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,lb-co-1)));
50 string::size_type nolb = kv.find_first_not_of("\r\n",lb);
51 if(nolb==string::npos)
52 break;
53 p = nolb;
54#endif /* POSTELS_LAW */
39 } 55 }
40 } 56 }
41 57
42 void params_t::sign(secret_t secret,string& sig,const string& slist,const char *prefix) const { 58 void params_t::sign(secret_t secret,string& sig,const string& slist,const char *prefix) const {
43 string kv; 59 string kv;
44 string::size_type p = 0; 60 string::size_type p = 0;
45 while(true) { 61 while(true) {
46 string::size_type co = slist.find(',',p); 62 string::size_type co = slist.find(',',p);
47 string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p); 63 string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
48 kv += f; 64 kv += f;
49 kv += ':'; 65 kv += ':';
50 if(prefix) f.insert(0,prefix); 66 if(prefix) f.insert(0,prefix);
51 kv += get_param(f); 67 kv += get_param(f);
52 kv += '\n'; 68 kv += '\n';
53 if(co==string::npos) 69 if(co==string::npos)
54 break; 70 break;
55 p = co+1; 71 p = co+1;
56 } 72 }
57 unsigned int md_len = 0; 73 unsigned int md_len = 0;
58 unsigned char *md = HMAC( 74 unsigned char *md = HMAC(
59 EVP_sha1(), 75 EVP_sha1(),
60 &(secret.front()),secret.size(), 76 &(secret.front()),secret.size(),
61 (const unsigned char *)kv.data(),kv.length(), 77 (const unsigned char *)kv.data(),kv.length(),
62 0,&md_len); 78 0,&md_len);