Nettle crypto library v3.4 changes the Base64 coder API to require less casting between uint8_t and char types.
AC_CHECK_HEADERS(nettle/md5.h)
],[with_nettle=no])
if test "x$with_nettle" != "xno" ; then
- # Base64 uses the nettle 3.0 API
+ # Base64 uses the nettle 3.4 API
# which matters on 64-bit systems
AC_CHECK_HEADERS(nettle/base64.h)
- AC_MSG_CHECKING([for Nettle 3.0 API compatibility])
+ AC_MSG_CHECKING([for Nettle 3.4 API compatibility])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
# include <cstddef>
# include <cstdint>
# include <nettle/base64.h>
]],[[
- uint8_t inData[10]; inData[0] = '\0';
+ char inData[10]; inData[0] = '\0';
size_t srcLen = 0;
struct base64_decode_ctx ctx;
base64_decode_init(&ctx);
return 1;
}
]])],[AC_MSG_RESULT(yes)
- AC_DEFINE(HAVE_NETTLE30_BASE64,1,[set to 1 if Nettle 3.0 API will link])
+ AC_DEFINE(HAVE_NETTLE34_BASE64,1,[set to 1 if Nettle 3.4 API will link])
],[AC_MSG_RESULT(no)])
fi
fi
#ifndef _SQUID_BASE64_H
#define _SQUID_BASE64_H
-#if HAVE_NETTLE_BASE64_H && HAVE_NETTLE30_BASE64
+#if HAVE_NETTLE_BASE64_H && HAVE_NETTLE34_BASE64
#include <nettle/base64.h>
-#else /* Base64 functions copied from Nettle 3.0 under GPLv2, with adjustments */
+#else /* Base64 functions copied from Nettle 3.4 under GPLv2, with adjustments */
-#ifdef __cplusplus
-extern "C" {
-#endif
+/* base64.h
-// Decoding functions
+ Base-64 encoding and decoding.
-/// Maximum length of output for base64_decode_update.
-/// We have at most 6 buffered bits, and a total of (length + 1) * 6 bits.
-# define BASE64_DECODE_LENGTH(length) ((((length) + 1) * 6) / 8)
+ Copyright (C) 2002 Niels Möller, Dan Egnor
-struct base64_decode_ctx
-{
- unsigned word; /* Leftover bits */
- unsigned bits; /* Number buffered bits */
+ This file is part of GNU Nettle.
- /* Number of padding characters encountered */
- unsigned padding;
-};
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
-void base64_decode_init(struct base64_decode_ctx *ctx);
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
-/* Returns 1 on success, 0 on error. DST should point to an area of
- * size at least BASE64_DECODE_LENGTH(length). The amount of data
- * generated is returned in *DST_LENGTH.
- */
-int base64_decode_update(struct base64_decode_ctx *ctx,
- size_t *dst_length,
- uint8_t *dst,
- size_t src_length,
- const uint8_t *src);
+ or
-/* Returns 1 on success. */
-int base64_decode_final(struct base64_decode_ctx *ctx);
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
+
+#ifdef __cplusplus
+extern "C" {
+#endif
-// Encoding functions
+/* Base64 encoding */
/* Maximum length of output for base64_encode_update. NOTE: Doesn't
* include any padding that base64_encode_final may add. */
/* We have at most 4 buffered bits, and a total of (4 + length * 8) bits. */
-# define BASE64_ENCODE_LENGTH(length) (((length) * 8 + 4)/6)
+#define BASE64_ENCODE_LENGTH(length) (((length) * 8 + 4)/6)
/* Maximum length of output generated by base64_encode_final. */
-# define BASE64_ENCODE_FINAL_LENGTH 3
+#define BASE64_ENCODE_FINAL_LENGTH 3
/* Exact length of output generated by base64_encode_raw, including
- * padding.
- */
-# define BASE64_ENCODE_RAW_LENGTH(length) ((((length) + 2)/3)*4)
+ * padding. */
+#define BASE64_ENCODE_RAW_LENGTH(length) ((((length) + 2)/3)*4)
struct base64_encode_ctx
{
- unsigned word; /* Leftover bits */
- unsigned bits; /* Number of bits, always 0, 2, or 4. */
+ const char *alphabet; /* Alphabet to use for encoding */
+ unsigned short word; /* Leftover bits */
+ unsigned char bits; /* Number of bits, always 0, 2, or 4. */
};
-void base64_encode_init(struct base64_encode_ctx *ctx);
+/* Initialize encoding context for base-64 */
+void
+base64_encode_init(struct base64_encode_ctx *ctx);
+
+/* Initialize encoding context for URL safe alphabet, RFC 4648. */
+void
+base64url_encode_init(struct base64_encode_ctx *ctx);
-/// Encodes a single byte. Returns amount of output (always 1 or 2).
-size_t base64_encode_single(struct base64_encode_ctx *ctx, uint8_t *dst, uint8_t src);
+/* Encodes a single byte. Returns amount of output (always 1 or 2). */
+size_t
+base64_encode_single(struct base64_encode_ctx *ctx,
+ char *dst,
+ uint8_t src);
/* Returns the number of output characters. DST should point to an
- * area of size at least BASE64_ENCODE_LENGTH(length).
- */
-size_t base64_encode_update(struct base64_encode_ctx *ctx, uint8_t *dst, size_t length, const uint8_t *src);
+ * area of size at least BASE64_ENCODE_LENGTH(length). */
+size_t
+base64_encode_update(struct base64_encode_ctx *ctx,
+ char *dst,
+ size_t length,
+ const uint8_t *src);
+
+/* DST should point to an area of size at least
+ * BASE64_ENCODE_FINAL_LENGTH */
+size_t
+base64_encode_final(struct base64_encode_ctx *ctx,
+ char *dst);
+
+/* Lower level functions */
+
+/* Encodes a string in one go, including any padding at the end.
+ * Generates exactly BASE64_ENCODE_RAW_LENGTH(length) bytes of output.
+ * Supports overlapped operation, if src <= dst. FIXME: Use of overlap
+ * is deprecated, if needed there should be a separate public fucntion
+ * to do that.*/
+void
+base64_encode_raw(char *dst, size_t length, const uint8_t *src);
+
+void
+base64_encode_group(char *dst, uint32_t group);
+
+/* Base64 decoding */
+
+/* Maximum length of output for base64_decode_update. */
+/* We have at most 6 buffered bits, and a total of (length + 1) * 6 bits. */
+#define BASE64_DECODE_LENGTH(length) ((((length) + 1) * 6) / 8)
-/// DST should point to an area of size at least BASE64_ENCODE_FINAL_LENGTH
-size_t base64_encode_final(struct base64_encode_ctx *ctx, uint8_t *dst);
+struct base64_decode_ctx
+{
+ const signed char *table; /* Decoding table */
+ unsigned short word; /* Leftover bits */
+ unsigned char bits; /* Number buffered bits */
+
+ /* Number of padding characters encountered */
+ unsigned char padding;
+};
+
+/* Initialize decoding context for base-64 */
+void
+base64_decode_init(struct base64_decode_ctx *ctx);
+
+/* Initialize encoding context for URL safe alphabet, RFC 4648. */
+void
+base64url_decode_init(struct base64_decode_ctx *ctx);
+
+/* Decodes a single byte. Returns amount of output (0 or 1), or -1 on
+ * errors. */
+int
+base64_decode_single(struct base64_decode_ctx *ctx,
+ uint8_t *dst,
+ char src);
+
+/* Returns 1 on success, 0 on error. DST should point to an area of
+ * size at least BASE64_DECODE_LENGTH(length). The amount of data
+ * generated is returned in *DST_LENGTH. */
+int
+base64_decode_update(struct base64_decode_ctx *ctx,
+ size_t *dst_length,
+ uint8_t *dst,
+ size_t src_length,
+ const char *src);
+
+/* Returns 1 on success. */
+int
+base64_decode_final(struct base64_decode_ctx *ctx);
#ifdef __cplusplus
}
#endif
-#endif /* HAVE_NETTLE_BASE64_H */
+#endif /* HAVE_NETTLE_BASE64_H && HAVE_NETTLE34_BASE64 */
/// Calculate the buffer size required to hold the encoded form of
/// a string of length 'decodedLen' including all terminator bytes.
*/
/*
-* Copied from Nettle 3.0 under GPLv2, with adjustments
+ * Copied from Nettle 3.4 under GPLv2, with adjustments
*/
#include "squid.h"
#include "base64.h"
-#if !HAVE_NETTLE_BASE64_H || !HAVE_NETTLE30_BASE64
+#if !HAVE_NETTLE_BASE64_H || !HAVE_NETTLE34_BASE64
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
+/* base64-encode.c
-static const uint8_t encode_table[64] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "abcdefghijklmnopqrstuvwxyz"
- "0123456789+/";
+ Copyright (C) 2002 Niels Möller
-#define ENCODE(x) (encode_table[0x3F & (x)])
+ This file is part of GNU Nettle.
-static const signed char decode_table[0x100] =
-{
- /* White space is HT, VT, FF, CR, LF and SPC */
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -2, -2, -2, -2, -2, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -2, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
- 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -3, -1, -1,
- -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
- 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
- -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
- 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-};
+ GNU Nettle is free software: you can redistribute it and/or
+ modify it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ or
+
+ * the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+
+ or both in parallel, as here.
+
+ GNU Nettle is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received copies of the GNU General Public License and
+ the GNU Lesser General Public License along with this program. If
+ not, see http://www.gnu.org/licenses/.
+*/
#define TABLE_INVALID -1
#define TABLE_SPACE -2
#define TABLE_END -3
-#define BASE64_VALUE_SZ 256
-int base64_value[BASE64_VALUE_SZ];
-
void
base64_decode_init(struct base64_decode_ctx *ctx)
{
+ static const signed char base64_decode_table[0x100] =
+ {
+ /* White space is HT, VT, FF, CR, LF and SPC */
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -2, -2, -2, -2, -2, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -2, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
+ 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -3, -1, -1,
+ -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
+ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
+ -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
+ 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ };
+
ctx->word = ctx->bits = ctx->padding = 0;
+ ctx->table = base64_decode_table;
}
-static int
-base64_decode_single(struct base64_decode_ctx *ctx, uint8_t *dst, uint8_t src)
+int
+base64_decode_single(struct base64_decode_ctx *ctx,
+ uint8_t *dst,
+ char src)
{
- int data = decode_table[src];
+ int data = ctx->table[(uint8_t) src];
- switch(data) {
+ switch(data)
+ {
default:
assert(data >= 0 && data < 0x40);
ctx->word = ctx->word << 6 | data;
ctx->bits += 6;
- if (ctx->bits >= 8) {
+ if (ctx->bits >= 8)
+ {
ctx->bits -= 8;
dst[0] = ctx->word >> ctx->bits;
return 1;
- } else
- return 0;
+ }
+ else return 0;
case TABLE_INVALID:
return -1;
size_t *dst_length,
uint8_t *dst,
size_t src_length,
- const uint8_t *src)
+ const char *src)
{
size_t done;
size_t i;
- for (i = 0, done = 0; i < src_length; i++) {
- switch(base64_decode_single(ctx, dst + done, src[i])) {
+ for (i = 0, done = 0; i<src_length; i++)
+ switch(base64_decode_single(ctx, dst + done, src[i]))
+ {
case -1:
return 0;
case 1:
default:
abort();
}
- }
assert(done <= BASE64_DECODE_LENGTH(src_length));
return ctx->bits == 0;
}
+/* base64-encode.c */
+
+#define ENCODE(alphabet,x) ((alphabet)[0x3F & (x)])
+
static void
-base64_encode_raw(uint8_t *dst, size_t length, const uint8_t *src)
+encode_raw(const char *alphabet,
+ char *dst, size_t length, const uint8_t *src)
{
const uint8_t *in = src + length;
- uint8_t *out = dst + BASE64_ENCODE_RAW_LENGTH(length);
+ char *out = dst + BASE64_ENCODE_RAW_LENGTH(length);
unsigned left_over = length % 3;
- if (left_over) {
+ if (left_over)
+ {
in -= left_over;
*--out = '=';
- switch(left_over) {
+ switch(left_over)
+ {
case 1:
*--out = '=';
- *--out = ENCODE(in[0] << 4);
+ *--out = ENCODE(alphabet, (in[0] << 4));
break;
case 2:
- *--out = ENCODE( in[1] << 2);
- *--out = ENCODE((in[0] << 4) | (in[1] >> 4));
+ *--out = ENCODE(alphabet, (in[1] << 2));
+ *--out = ENCODE(alphabet, ((in[0] << 4) | (in[1] >> 4)));
break;
default:
abort();
}
- *--out = ENCODE(in[0] >> 2);
+ *--out = ENCODE(alphabet, (in[0] >> 2));
}
- while (in > src) {
+ while (in > src)
+ {
in -= 3;
- *--out = ENCODE( in[2]);
- *--out = ENCODE((in[1] << 2) | (in[2] >> 6));
- *--out = ENCODE((in[0] << 4) | (in[1] >> 4));
- *--out = ENCODE( in[0] >> 2);
+ *--out = ENCODE(alphabet, (in[2]));
+ *--out = ENCODE(alphabet, ((in[1] << 2) | (in[2] >> 6)));
+ *--out = ENCODE(alphabet, ((in[0] << 4) | (in[1] >> 4)));
+ *--out = ENCODE(alphabet, (in[0] >> 2));
}
assert(in == src);
assert(out == dst);
}
+static const char base64_encode_table[64] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz"
+ "0123456789+/";
+
+void
+base64_encode_raw(char *dst, size_t length, const uint8_t *src)
+{
+ encode_raw(base64_encode_table, dst, length, src);
+}
+
+void
+base64_encode_group(char *dst, uint32_t group)
+{
+ *dst++ = ENCODE(base64_encode_table, (group >> 18));
+ *dst++ = ENCODE(base64_encode_table, (group >> 12));
+ *dst++ = ENCODE(base64_encode_table, (group >> 6));
+ *dst++ = ENCODE(base64_encode_table, group);
+}
+
void
base64_encode_init(struct base64_encode_ctx *ctx)
{
ctx->word = ctx->bits = 0;
+ ctx->alphabet = base64_encode_table;
}
/* Encodes a single byte. */
size_t
base64_encode_single(struct base64_encode_ctx *ctx,
- uint8_t *dst,
+ char *dst,
uint8_t src)
{
unsigned done = 0;
unsigned word = ctx->word << 8 | src;
unsigned bits = ctx->bits + 8;
- while (bits >= 6) {
+ while (bits >= 6)
+ {
bits -= 6;
- dst[done++] = ENCODE(word >> bits);
+ dst[done++] = ENCODE(ctx->alphabet, (word >> bits));
}
ctx->bits = bits;
* area of size at least BASE64_ENCODE_LENGTH(length). */
size_t
base64_encode_update(struct base64_encode_ctx *ctx,
- uint8_t *dst,
+ char *dst,
size_t length,
const uint8_t *src)
{
unsigned left_over;
size_t bulk;
- while (ctx->bits && left) {
+ while (ctx->bits && left)
+ {
left--;
done += base64_encode_single(ctx, dst + done, *src++);
}
left_over = left % 3;
bulk = left - left_over;
- if (bulk) {
+ if (bulk)
+ {
assert(!(bulk % 3));
- base64_encode_raw(dst + done, bulk, src);
+ encode_raw(ctx->alphabet, dst + done, bulk, src);
done += BASE64_ENCODE_RAW_LENGTH(bulk);
src += bulk;
left = left_over;
}
- while (left) {
+ while (left)
+ {
left--;
done += base64_encode_single(ctx, dst + done, *src++);
}
* BASE64_ENCODE_FINAL_SIZE */
size_t
base64_encode_final(struct base64_encode_ctx *ctx,
- uint8_t *dst)
+ char *dst)
{
unsigned done = 0;
unsigned bits = ctx->bits;
- if (bits) {
- dst[done++] = ENCODE(ctx->word << (6 - ctx->bits));
+ if (bits)
+ {
+ dst[done++] = ENCODE(ctx->alphabet, (ctx->word << (6 - ctx->bits)));
for (; bits < 6; bits += 2)
dst[done++] = '=';
return done;
}
-#endif /* !HAVE_NETTLE_BASE64_H || !HAVE_NETTLE30_BASE64 */
+#endif /* !HAVE_NETTLE_BASE64_H || !HAVE_NETTLE34_BASE64 */
struct base64_decode_ctx ctx;
base64_decode_init(&ctx);
size_t decodedLen = 0;
- if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), strlen(field), reinterpret_cast<const uint8_t*>(field)) ||
+ if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), strlen(field), field) ||
!base64_decode_final(&ctx)) {
return NULL;
}
} else if (request->extacl_user.size() > 0 && request->extacl_passwd.size() > 0) {
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
- uint8_t base64buf[base64_encode_len(MAX_LOGIN_SZ)];
+ char base64buf[base64_encode_len(MAX_LOGIN_SZ)];
size_t resultLen = base64_encode_update(&ctx, base64buf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf()));
resultLen += base64_encode_update(&ctx, base64buf+resultLen, 1, reinterpret_cast<const uint8_t*>(":"));
resultLen += base64_encode_update(&ctx, base64buf+resultLen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf()));
if (value) {
if (TheConfig.client_username_encode) {
- uint8_t base64buf[base64_encode_len(MAX_LOGIN_SZ)];
+ char base64buf[base64_encode_len(MAX_LOGIN_SZ)];
size_t resultLen = base64_encode_update(&ctx, base64buf, strlen(value), reinterpret_cast<const uint8_t*>(value));
resultLen += base64_encode_final(&ctx, base64buf+resultLen);
buf.appendf("%s: %.*s\r\n", TheConfig.client_username_header, (int)resultLen, base64buf);
nonce->key = xcalloc(base64_encode_len(sizeof(digest_nonce_data)), 1);
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
- size_t blen = base64_encode_update(&ctx, reinterpret_cast<uint8_t*>(nonce->key), sizeof(digest_nonce_data), reinterpret_cast<const uint8_t*>(&(nonce->noncedata)));
- blen += base64_encode_final(&ctx, reinterpret_cast<uint8_t*>(nonce->key)+blen);
+ size_t blen = base64_encode_update(&ctx, reinterpret_cast<char*>(nonce->key), sizeof(digest_nonce_data), reinterpret_cast<const uint8_t*>(&(nonce->noncedata)));
+ blen += base64_encode_final(&ctx, reinterpret_cast<char*>(nonce->key)+blen);
}
digest_nonce_h *
fprintf(stdout, "BH Invalid negotiate request\n");
continue;
}
- const uint8_t *b64Token = reinterpret_cast<const uint8_t*>(buf+3);
+ const char *b64Token = buf+3;
const size_t srcLen = strlen(buf+3);
input_token.length = BASE64_DECODE_LENGTH(srcLen);
debug((char *) "%s| %s: DEBUG: Decode '%s' (decoded length estimate: %d).\n",
}
struct base64_encode_ctx tokCtx;
base64_encode_init(&tokCtx);
- size_t blen = base64_encode_update(&tokCtx, reinterpret_cast<uint8_t*>(token), spnegoTokenLength, reinterpret_cast<const uint8_t*>(spnegoToken));
- blen += base64_encode_final(&tokCtx, reinterpret_cast<uint8_t*>(token)+blen);
+ size_t blen = base64_encode_update(&tokCtx, token, spnegoTokenLength, reinterpret_cast<const uint8_t*>(spnegoToken));
+ blen += base64_encode_final(&tokCtx, token+blen);
token[blen] = '\0';
if (check_gss_err(major_status, minor_status, "gss_accept_sec_context()", log, 1))
token = (char *) xcalloc(base64_encode_len(output_token.length), 1);
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
- size_t blen = base64_encode_update(&ctx, reinterpret_cast<uint8_t*>(token), output_token.length, reinterpret_cast<const uint8_t*>(output_token.value));
- blen += base64_encode_final(&ctx, reinterpret_cast<uint8_t*>(token)+blen);
+ size_t blen = base64_encode_update(&ctx, token, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value));
+ blen += base64_encode_final(&ctx, token+blen);
}
}
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
const uint32_t expectedSz = base64_encode_len(length+4) +1 /* terminator */;
- uint8_t *b64buf = (uint8_t *)xcalloc(expectedSz, 1);
+ char *b64buf = static_cast<char *>(xcalloc(expectedSz, 1));
size_t blen = base64_encode_update(&ctx, b64buf, length+4, reinterpret_cast<uint8_t*>(ag));
blen += base64_encode_final(&ctx, b64buf+blen);
b64buf[expectedSz-1] = '\0';
- if (!pstrcat(ad_groups, reinterpret_cast<char*>(b64buf))) {
+ if (!pstrcat(ad_groups, b64buf)) {
debug((char *) "%s| %s: WARN: Too many groups ! size > %d : %s\n",
LogTime(), PROGRAM, MAX_PAC_GROUP_SIZE, ad_groups);
}
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
const uint32_t expectedSz = base64_encode_len(length) +1 /* terminator */;
- uint8_t *b64buf = (uint8_t *)xcalloc(expectedSz, 1);
+ char *b64buf = static_cast<char *>(xcalloc(expectedSz, 1));
size_t blen = base64_encode_update(&ctx, b64buf, length, reinterpret_cast<uint8_t*>(ag));
blen += base64_encode_final(&ctx, b64buf+blen);
b64buf[expectedSz-1] = '\0';
struct base64_decode_ctx ctx;
base64_decode_init(&ctx);
size_t dstLen = 0;
- if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), reinterpret_cast<const uint8_t*>(buf+3)) ||
+ if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), buf+3) ||
!base64_decode_final(&ctx)) {
if (debug_enabled)
fprintf(stderr, "%s| %s: Invalid base64 token [%s]\n", LogTime(), PROGRAM, buf+3);
size_t len = sizeof(chal) - sizeof(chal.payload) + le16toh(chal.target.maxlen);
// for lack of a good NTLM token size limit, allow up to what the helper input can be
// validations later will expect to be limited to that size.
- static uint8_t b64buf[HELPER_INPUT_BUFFER-10]; /* 10 for other line fields, delimiters and terminator */
+ static char b64buf[HELPER_INPUT_BUFFER-10]; /* 10 for other line fields, delimiters and terminator */
if (base64_encode_len(len) < sizeof(b64buf)-1) {
debug("base64 encoding of the token challenge will exceed %" PRIuSIZE " bytes", sizeof(b64buf));
return NULL;
size_t blen = base64_encode_update(&ctx, b64buf, len, reinterpret_cast<const uint8_t *>(&chal));
blen += base64_encode_final(&ctx, b64buf+blen);
b64buf[blen] = '\0';
- return reinterpret_cast<const char*>(b64buf);
+ return b64buf;
}
/* returns NULL on failure, or a pointer to
base64_decode_init(&ctx);
size_t dstLen = 0;
int decodedLen = 0;
- if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, reinterpret_cast<const uint8_t*>(buf+3)) ||
+ if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, buf+3) ||
!base64_decode_final(&ctx)) {
SEND("NA Packet format error, couldn't base64-decode");
return;
base64_decode_init(&ctx);
size_t dstLen = 0;
if (buflen > 3 &&
- base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, reinterpret_cast<const uint8_t*>(buf+3)) &&
+ base64_decode_update(&ctx, &dstLen, decodedBuf, buflen-3, buf+3) &&
base64_decode_final(&ctx)) {
decodedLen = dstLen;
packet = (ntlmhdr*)decodedBuf;
struct base64_encode_ctx eCtx;
base64_encode_init(&eCtx);
- uint8_t *data = (uint8_t*)xcalloc(base64_encode_len(len), 1);
- size_t blen = base64_encode_update(&eCtx, data, len, reinterpret_cast<uint8_t*>(&chal));
+ char *data = static_cast<char *>(xcalloc(base64_encode_len(len), 1));
+ size_t blen = base64_encode_update(&eCtx, data, len, reinterpret_cast<const uint8_t *>(&chal));
blen += base64_encode_final(&eCtx, data+blen);
if (NTLM_packet_debug_enabled) {
printf("TT %.*s\n", (int)blen, data);
}
}
- uint8_t loginbuf[base64_encode_len(MAX_LOGIN_SZ)];
+ char loginbuf[base64_encode_len(MAX_LOGIN_SZ)];
size_t blen;
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
/* append Authorization if known in URL, not in header and going direct */
if (!hdr_out->has(Http::HdrType::AUTHORIZATION)) {
if (!request->flags.proxying && !request->url.userInfo().isEmpty()) {
- static uint8_t result[base64_encode_len(MAX_URL*2)]; // should be big enough for a single URI segment
+ static char result[base64_encode_len(MAX_URL*2)]; // should be big enough for a single URI segment
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
size_t blen = base64_encode_update(&ctx, result, request->url.userInfo().length(), reinterpret_cast<const uint8_t*>(request->url.userInfo().rawContent()));
debugs(11, 5, HERE << "Got token with length " << output_token.length);
if (output_token.length) {
- static uint8_t b64buf[8192]; // XXX: 8KB only because base64_encode_bin() used to.
+ static char b64buf[8192]; // XXX: 8KB only because base64_encode_bin() used to.
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
size_t blen = base64_encode_update(&ctx, b64buf, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value));
--without-aio \
--without-dl \
--without-large-files \
+ --without-nettle \
--without-valgrind-debug \
--without-ipv6-split-stack \
--without-dns-cname \
req->pub_auth = (char *) xmalloc(encodedLen);
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
- size_t blen = base64_encode_update(&ctx, reinterpret_cast<uint8_t*>(req->pub_auth), bufLen, reinterpret_cast<uint8_t*>(buf));
- blen += base64_encode_final(&ctx, reinterpret_cast<uint8_t*>(req->pub_auth)+blen);
+ size_t blen = base64_encode_update(&ctx, req->pub_auth, bufLen, reinterpret_cast<uint8_t*>(buf));
+ blen += base64_encode_final(&ctx, req->pub_auth + blen);
req->pub_auth[blen] = '\0';
debug("cmgr: encoded: '%s'\n", req->pub_auth);
}
buf = (char*)xmalloc(decodedLen);
struct base64_decode_ctx ctx;
base64_decode_init(&ctx);
- if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), reinterpret_cast<const uint8_t*>(req->pub_auth)) ||
+ if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), req->pub_auth) ||
!base64_decode_final(&ctx)) {
debug("cmgr: base64 decode failure. Incomplete auth token string.\n");
xfree(buf);
if (encodedLen <= 0)
return "";
- uint8_t *str64 = static_cast<uint8_t*>(xmalloc(encodedLen));
+ char *str64 = static_cast<char *>(xmalloc(encodedLen));
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
size_t blen = base64_encode_update(&ctx, str64, bufLen, reinterpret_cast<uint8_t*>(buf));
NULL);
if (!check_gss_err(major_status, minor_status, "gss_init_sec_context()") && output_token.length) {
- uint8_t *b64buf = new uint8_t[base64_encode_len(output_token.length)];
+ token = new char[base64_encode_len(output_token.length)];
struct base64_encode_ctx ctx;
base64_encode_init(&ctx);
- size_t blen = base64_encode_update(&ctx, b64buf, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value));
- blen += base64_encode_final(&ctx, b64buf+blen);
- b64buf[blen] = '\0';
-
- token = reinterpret_cast<char*>(b64buf);
+ size_t blen = base64_encode_update(&ctx, token, output_token.length, reinterpret_cast<const uint8_t*>(output_token.value));
+ blen += base64_encode_final(&ctx, token+blen);
+ token[blen] = '\0';
}
}
std::cerr << "ERROR: Proxy password missing" << std::endl;
exit(1);
}
- uint8_t *pwdBuf = new uint8_t[base64_encode_len(strlen(user)+1+strlen(password))];
+ char *pwdBuf = new char[base64_encode_len(strlen(user)+1+strlen(password))];
blen = base64_encode_update(&ctx, pwdBuf, strlen(user), reinterpret_cast<const uint8_t*>(user));
blen += base64_encode_update(&ctx, pwdBuf+blen, 1, reinterpret_cast<const uint8_t*>(":"));
blen += base64_encode_update(&ctx, pwdBuf+blen, strlen(password), reinterpret_cast<const uint8_t*>(password));
blen += base64_encode_final(&ctx, pwdBuf+blen);
- snprintf(buf, BUFSIZ, "Proxy-Authorization: Basic %.*s\r\n", (int)blen, reinterpret_cast<char*>(pwdBuf));
+ snprintf(buf, BUFSIZ, "Proxy-Authorization: Basic %.*s\r\n", static_cast<int>(blen), pwdBuf);
strcat(msg, buf);
delete[] pwdBuf;
}
std::cerr << "ERROR: WWW password missing" << std::endl;
exit(1);
}
- uint8_t *pwdBuf = new uint8_t[base64_encode_len(strlen(user)+1+strlen(password))];
+ char *pwdBuf = new char[base64_encode_len(strlen(user)+1+strlen(password))];
blen = base64_encode_update(&ctx, pwdBuf, strlen(user), reinterpret_cast<const uint8_t*>(user));
blen += base64_encode_update(&ctx, pwdBuf+blen, 1, reinterpret_cast<const uint8_t*>(":"));
blen += base64_encode_update(&ctx, pwdBuf+blen, strlen(password), reinterpret_cast<const uint8_t*>(password));
blen += base64_encode_final(&ctx, pwdBuf+blen);
- snprintf(buf, BUFSIZ, "Authorization: Basic %.*s\r\n", (int)blen, reinterpret_cast<char*>(pwdBuf));
+ snprintf(buf, BUFSIZ, "Authorization: Basic %.*s\r\n", static_cast<int>(blen), pwdBuf);
strcat(msg, buf);
delete[] pwdBuf;
}
projects / thirdparty / squid.git / commitdiff
