3 files changed, 3 insertions, 0 deletions

diff --git a/lib/consumer.cc b/lib/consumer.cc
index f9212ea..d578546 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -1,50 +1,51 @@
 #include <algorithm>
 #include <cassert>
+#include <cstring>
 #include <opkele/util.h>
 #include <opkele/exception.h>
 #include <opkele/data.h>
 #include <opkele/consumer.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <curl/curl.h>
 
 #include <iostream>
 
 #include "config.h"
 
 #include <pcre.h>
 
 namespace opkele {
     using namespace std;
 
     class pcre_matches_t {
         public:
             int *_ov;
             int _s;
 
             pcre_matches_t() : _ov(0), _s(0) { }
             pcre_matches_t(int s) : _ov(0), _s(s) {
                 if(_s&1) ++_s;
                 _s += _s>>1;
                 _ov = new int[_s];
             }
             ~pcre_matches_t() throw() { if(_ov) delete[] _ov; }
 
             int begin(int i) const { return _ov[i<<1]; }
             int end(int i) const { return _ov[(i<<1)+1]; }
             int length(int i) const { int t=i<<1; return _ov[t+1]-_ov[t]; }
     };
 
     class pcre_t {
         public:
             pcre *_p;
 
             pcre_t() : _p(0) { }
             pcre_t(pcre *p) : _p(p) { }
             pcre_t(const char *re,int opts) : _p(0) {
                 static const char *errptr; static int erroffset;
                 _p = pcre_compile(re,opts,&errptr,&erroffset,NULL);
                 if(!_p)
                     throw internal_error(OPKELE_CP_ string("Failed to compile regexp: ")+errptr);
             }
             ~pcre_t() throw() { if(_p) (*pcre_free)(_p); }
diff --git a/lib/server.cc b/lib/server.cc
index b1c5c3a..aa61035 100644
--- a/lib/server.cc
+++ b/lib/server.cc
@@ -1,48 +1,49 @@
+#include <cstring>
 #include <vector>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <opkele/util.h>
 #include <opkele/exception.h>
 #include <opkele/server.h>
 #include <opkele/data.h>
 
 namespace opkele {
     using namespace std;
 
     void server_t::associate(const params_t& pin,params_t& pout) {
         util::dh_t dh;
         util::bignum_t c_pub;
         unsigned char key_sha1[SHA_DIGEST_LENGTH];
         enum {
             sess_cleartext,
             sess_dh_sha1
         } st = sess_cleartext;
         if(
                 pin.has_param("openid.session_type")
                 && pin.get_param("openid.session_type")=="DH-SHA1" ) {
             /* TODO: fallback to cleartext in case of exceptions here? */
             if(!(dh = DH_new()))
                 throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
             c_pub = util::base64_to_bignum(pin.get_param("openid.dh_consumer_public"));
             if(pin.has_param("openid.dh_modulus"))
                 dh->p = util::base64_to_bignum(pin.get_param("openid.dh_modulus"));
             else
                 dh->p = util::dec_to_bignum(data::_default_p);
             if(pin.has_param("openid.dh_gen"))
                 dh->g = util::base64_to_bignum(pin.get_param("openid.dh_gen"));
             else
                 dh->g = util::dec_to_bignum(data::_default_g);
             if(!DH_generate_key(dh))
                 throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
             vector<unsigned char> ck(DH_size(dh)+1);
             unsigned char *ckptr = &(ck.front())+1;
             int cklen = DH_compute_key(ckptr,c_pub,dh);
             if(cklen<0)
                 throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
             if(cklen && (*ckptr)&0x80) {
                 (*(--ckptr)) = 0; ++cklen;
             }
             SHA1(ckptr,cklen,key_sha1);
             st = sess_dh_sha1;
         }
         assoc_t assoc = alloc_assoc(mode_associate);
diff --git a/lib/util.cc b/lib/util.cc
index 94e09ed..26be66a 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -1,50 +1,51 @@
 #include <errno.h>
 #include <cassert>
+#include <cstring>
 #include <vector>
 #include <string>
 #include <openssl/bio.h>
 #include <openssl/evp.h>
 #include <curl/curl.h>
 #include "opkele/util.h"
 #include "opkele/exception.h"
 
 namespace opkele {
     using namespace std;
 
     namespace util {
 
         /*
          * base64
          */
         string encode_base64(const void *data,size_t length) {
             BIO *b64 = 0, *bmem = 0;
             try {
                 b64 = BIO_new(BIO_f_base64());
                 if(!b64)
                     throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 encoder");
                 BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
                 bmem = BIO_new(BIO_s_mem());
                 BIO_set_flags(b64,BIO_CLOSE);
                 if(!bmem)
                     throw exception_openssl(OPKELE_CP_ "failed to BIO_new() memory buffer");
                 BIO_push(b64,bmem);
                 if(((size_t)BIO_write(b64,data,length))!=length)
                     throw exception_openssl(OPKELE_CP_ "failed to BIO_write()");
                 if(BIO_flush(b64)!=1)
                     throw exception_openssl(OPKELE_CP_ "failed to BIO_flush()");
                 char *rvd;
                 long rvl = BIO_get_mem_data(bmem,&rvd);
                 string rv(rvd,rvl);
                 BIO_free_all(b64);
                 return rv;
             }catch(...) {
                 if(b64) BIO_free_all(b64);
                 throw;
             }
         }
 
         void decode_base64(const string& data,vector<unsigned char>& rv) {
             BIO *b64 = 0, *bmem = 0;
             rv.clear();
             try {
                 bmem = BIO_new_mem_buf((void*)data.data(),data.size());