From: Guido Serassio Date: Thu, 13 Aug 2009 21:08:35 +0000 (+0200) Subject: Windows port: fix mswin_negotiate_auth.exe crash when executing a LocalCall authentic... X-Git-Tag: SQUID_3_2_0_1~796 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=766743af0e72dc241510f65bc660dbd2eaca9420;p=thirdparty%2Fsquid.git Windows port: fix mswin_negotiate_auth.exe crash when executing a LocalCall authentication with verbose debug enabled - Also ran indent --- diff --git a/helpers/negotiate_auth/mswin_sspi/libnegotiatessp.c b/helpers/negotiate_auth/mswin_sspi/libnegotiatessp.c index 35f6f6b3dd..b5b367ebdc 100644 --- a/helpers/negotiate_auth/mswin_sspi/libnegotiatessp.c +++ b/helpers/negotiate_auth/mswin_sspi/libnegotiatessp.c @@ -8,7 +8,7 @@ * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - + * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -22,7 +22,8 @@ typedef unsigned char uchar; #include #endif -void hex_dump(void *data, int size) +void +hex_dump(void *data, int size) { /* dumps size bytes of *data to stdout. Looks like: * [0000] 75 6E 6B 6E 6F 77 6E 20 @@ -31,53 +32,54 @@ void hex_dump(void *data, int size) */ if (!data) - return; + return; if (debug_enabled) { - unsigned char *p = data; - unsigned char c; - int n; - char bytestr[4] = {0}; - char addrstr[10] = {0}; - char hexstr[ 16*3 + 5] = {0}; - char charstr[16*1 + 5] = {0}; - for (n=1;n<=size;n++) { - if (n%16 == 1) { - /* store address for this line */ - snprintf(addrstr, sizeof(addrstr), "%.4x", - ((unsigned int)p-(unsigned int)data) ); - } - - c = *p; - if (xisalnum(c) == 0) { - c = '.'; - } + unsigned char *p = data; + unsigned char c; + int n; + char bytestr[4] = + {0}; + char addrstr[10] = + {0}; + char hexstr[16 * 3 + 5] = + {0}; + char charstr[16 * 1 + 5] = + {0}; + for (n = 1; n <= size; n++) { + if (n % 16 == 1) { + /* store address for this line */ + snprintf(addrstr, sizeof(addrstr), "%.4x", + ((unsigned int) p - (unsigned int) data)); + } + c = *p; + if (xisalnum(c) == 0) { + c = '.'; + } + /* store hex str (for left side) */ + snprintf(bytestr, sizeof(bytestr), "%02X ", *p); + strncat(hexstr, bytestr, sizeof(hexstr) - strlen(hexstr) - 1); - /* store hex str (for left side) */ - snprintf(bytestr, sizeof(bytestr), "%02X ", *p); - strncat(hexstr, bytestr, sizeof(hexstr)-strlen(hexstr)-1); + /* store char str (for right side) */ + snprintf(bytestr, sizeof(bytestr), "%c", c); + strncat(charstr, bytestr, sizeof(charstr) - strlen(charstr) - 1); - /* store char str (for right side) */ - snprintf(bytestr, sizeof(bytestr), "%c", c); - strncat(charstr, bytestr, sizeof(charstr)-strlen(charstr)-1); + if (n % 16 == 0) { + /* line completed */ + fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr); + hexstr[0] = 0; + charstr[0] = 0; + } else if (n % 8 == 0) { + /* half line: add whitespaces */ + strncat(hexstr, " ", sizeof(hexstr) - strlen(hexstr) - 1); + strncat(charstr, " ", sizeof(charstr) - strlen(charstr) - 1); + } + p++; /* next byte */ + } - if (n%16 == 0) { - /* line completed */ - fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr); - hexstr[0] = 0; - charstr[0] = 0; - } else if (n%8 == 0) { - /* half line: add whitespaces */ - strncat(hexstr, " ", sizeof(hexstr)-strlen(hexstr)-1); - strncat(charstr, " ", sizeof(charstr)-strlen(charstr)-1); - } - p++; /* next byte */ - } - - if (strlen(hexstr) > 0) { - /* print rest of buffer if not empty */ - fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr); - } + if (strlen(hexstr) > 0) { + /* print rest of buffer if not empty */ + fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr); + } } } - diff --git a/helpers/negotiate_auth/mswin_sspi/negotiate_auth.c b/helpers/negotiate_auth/mswin_sspi/negotiate_auth.c index 548f445306..80756d0bf0 100644 --- a/helpers/negotiate_auth/mswin_sspi/negotiate_auth.c +++ b/helpers/negotiate_auth/mswin_sspi/negotiate_auth.c @@ -1,3 +1,4 @@ + /* * mswin_negotiate_auth: helper for Negotiate Authentication for Squid Cache * @@ -59,8 +60,8 @@ uc(char *string) { char *p = string, c; while ((c = *p)) { - *p = xtoupper(c); - p++; + *p = xtoupper(c); + p++; } } @@ -70,8 +71,8 @@ lc(char *string) { char *p = string, c; while ((c = *p)) { - *p = xtolower(c); - p++; + *p = xtolower(c); + p++; } } @@ -79,15 +80,15 @@ void helperfail(const char *reason) { #if FAIL_DEBUG - fail_debug_enabled =1; + fail_debug_enabled = 1; #endif SEND2("BH %s", reason); } /* - options: - -d enable debugging. - -v enable verbose Negotiate packet debugging. + * options: + * -d enable debugging. + * -v enable verbose Negotiate packet debugging. */ char *my_program_name = NULL; @@ -95,11 +96,11 @@ void usage() { fprintf(stderr, - "Usage: %s [-d] [-v] [-h]\n" - " -d enable debugging.\n" - " -v enable verbose Negotiate packet debugging.\n" - " -h this message\n\n", - my_program_name); + "Usage: %s [-d] [-v] [-h]\n" + " -d enable debugging.\n" + " -v enable verbose Negotiate packet debugging.\n" + " -h this message\n\n", + my_program_name); } @@ -108,30 +109,30 @@ process_options(int argc, char *argv[]) { int opt, had_error = 0; - opterr =0; + opterr = 0; while (-1 != (opt = getopt(argc, argv, "hdv"))) { - switch (opt) { - case 'd': - debug_enabled = 1; - break; - case 'v': - debug_enabled = 1; - Negotiate_packet_debug_enabled = 1; - break; - case 'h': - usage(); - exit(0); - case '?': - opt = optopt; - /* fall thru to default */ - default: - fprintf(stderr, "unknown option: -%c. Exiting\n", opt); - usage(); - had_error = 1; - } + switch (opt) { + case 'd': + debug_enabled = 1; + break; + case 'v': + debug_enabled = 1; + Negotiate_packet_debug_enabled = 1; + break; + case 'h': + usage(); + exit(0); + case '?': + opt = optopt; + /* fall thru to default */ + default: + fprintf(stderr, "unknown option: -%c. Exiting\n", opt); + usage(); + had_error = 1; + } } if (had_error) - exit(1); + exit(1); } int @@ -142,150 +143,153 @@ manage_request() char *c, *decoded; int plen, status; int oversized = 0; - char * ErrorMessage; - static char cred[SSP_MAX_CRED_LEN+1]; + char *ErrorMessage; + static char cred[SSP_MAX_CRED_LEN + 1]; BOOL Done = FALSE; -try_again: + try_again: if (fgets(buf, BUFFER_SIZE, stdin) == NULL) - return 0; + return 0; - c = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */ + c = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */ if (c) { - if (oversized) { - helperfail("illegal request received"); - fprintf(stderr, "Illegal request received: '%s'\n", buf); - return 1; - } - *c = '\0'; + if (oversized) { + helperfail("illegal request received"); + fprintf(stderr, "Illegal request received: '%s'\n", buf); + return 1; + } + *c = '\0'; } else { - fprintf(stderr, "No newline in '%s'\n", buf); - oversized = 1; - goto try_again; + fprintf(stderr, "No newline in '%s'\n", buf); + oversized = 1; + goto try_again; } if ((strlen(buf) > 3) && Negotiate_packet_debug_enabled) { - decoded = base64_decode(buf + 3); - strncpy(helper_command, buf, 2); - debug("Got '%s' from Squid with data:\n", helper_command); - hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4); + decoded = base64_decode(buf + 3); + strncpy(helper_command, buf, 2); + debug("Got '%s' from Squid with data:\n", helper_command); + hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4); } else - debug("Got '%s' from Squid\n", buf); + debug("Got '%s' from Squid\n", buf); if (memcmp(buf, "YR ", 3) == 0) { /* refresh-request */ - /* figure out what we got */ - decoded = base64_decode(buf + 3); - /* Note: we don't need to manage memory at this point, since - * base64_decode returns a pointer to static storage. - */ - if (!decoded) { /* decoding failure, return error */ - SEND("NA * Packet format error, couldn't base64-decode"); - return 1; - } - /* Obtain server blob against SSPI */ - plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */ - c = (char *) SSP_MakeNegotiateBlob(decoded, plen, &Done, &status, cred); + /* figure out what we got */ + decoded = base64_decode(buf + 3); + /* Note: we don't need to manage memory at this point, since + * base64_decode returns a pointer to static storage. + */ + if (!decoded) { /* decoding failure, return error */ + SEND("NA * Packet format error, couldn't base64-decode"); + return 1; + } + /* Obtain server blob against SSPI */ + plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */ + c = (char *) SSP_MakeNegotiateBlob(decoded, plen, &Done, &status, cred); - if (status == SSP_OK) { - if (Done) { - lc(cred); /* let's lowercase them for our convenience */ - have_serverblob = 0; - Done = FALSE; - if (Negotiate_packet_debug_enabled) { - printf("AF %s %s\n",c,cred); - decoded = base64_decode(c); - debug("sending 'AF' %s to squid with data:\n", cred); - hex_dump(decoded, (strlen(c) * 3) / 4); - } else - SEND3("AF %s %s", c, cred); - } else { - if (Negotiate_packet_debug_enabled) { - printf("TT %s\n",c); - decoded = base64_decode(c); - debug("sending 'TT' to squid with data:\n"); - hex_dump(decoded, (strlen(c) * 3) / 4); - } else { - SEND2("TT %s", c); - } - have_serverblob = 1; - } - } else - helperfail("can't obtain server blob"); - return 1; + if (status == SSP_OK) { + if (Done) { + lc(cred); /* let's lowercase them for our convenience */ + have_serverblob = 0; + Done = FALSE; + if (Negotiate_packet_debug_enabled) { + decoded = base64_decode(c); + debug("sending 'AF' %s to squid with data:\n", cred); + if (c != NULL) + hex_dump(decoded, (strlen(c) * 3) / 4); + else + fprintf(stderr, "No data available.\n"); + printf("AF %s %s\n", c, cred); + } else + SEND3("AF %s %s", c, cred); + } else { + if (Negotiate_packet_debug_enabled) { + decoded = base64_decode(c); + debug("sending 'TT' to squid with data:\n"); + hex_dump(decoded, (strlen(c) * 3) / 4); + printf("TT %s\n", c); + } else { + SEND2("TT %s", c); + } + have_serverblob = 1; + } + } else + helperfail("can't obtain server blob"); + return 1; } - if (memcmp(buf, "KK ", 3) == 0) { /* authenticate-request */ - if (!have_serverblob) { - helperfail("invalid server blob"); - return 1; - } - /* figure out what we got */ - decoded = base64_decode(buf + 3); - /* Note: we don't need to manage memory at this point, since - * base64_decode returns a pointer to static storage. - */ - if (!decoded) { /* decoding failure, return error */ - SEND("NA * Packet format error, couldn't base64-decode"); - return 1; - } + if (!have_serverblob) { + helperfail("invalid server blob"); + return 1; + } + /* figure out what we got */ + decoded = base64_decode(buf + 3); + /* Note: we don't need to manage memory at this point, since + * base64_decode returns a pointer to static storage. + */ + if (!decoded) { /* decoding failure, return error */ + SEND("NA * Packet format error, couldn't base64-decode"); + return 1; + } + /* check against SSPI */ + plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */ + c = (char *) SSP_ValidateNegotiateCredentials(decoded, plen, &Done, &status, cred); - /* check against SSPI */ - plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */ - c = (char *) SSP_ValidateNegotiateCredentials(decoded, plen, &Done, &status, cred); - - if (status == SSP_ERROR) { + if (status == SSP_ERROR) { #if FAIL_DEBUG - fail_debug_enabled = 1; + fail_debug_enabled = 1; #endif - FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - GetLastError(), - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ - (LPTSTR) &ErrorMessage, - 0, - NULL); - if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n') - ErrorMessage[strlen(ErrorMessage) - 1] = '\0'; - if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r') - ErrorMessage[strlen(ErrorMessage) - 1] = '\0'; - SEND2("NA * %s", ErrorMessage); - LocalFree(ErrorMessage); - return 1; - } - - if (Done) { - lc(cred); /* let's lowercase them for our convenience */ - have_serverblob = 0; - Done = FALSE; - if (Negotiate_packet_debug_enabled) { - printf("AF %s %s\n",c,cred); - decoded = base64_decode(c); - debug("sending 'AF' %s to squid with data:\n", cred); - hex_dump(decoded, (strlen(c) * 3) / 4); - } else { - SEND3("AF %s %s", c, cred); - } - return 1; - } else { - if (Negotiate_packet_debug_enabled) { - printf("TT %s\n",c); - decoded = base64_decode(c); - debug("sending 'TT' to squid with data:\n"); - hex_dump(decoded, (strlen(c) * 3) / 4); - } else - SEND2("TT %s", c); - return 1; - } + FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | + FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + GetLastError(), + MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ + (LPTSTR) & ErrorMessage, + 0, + NULL); + if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n') + ErrorMessage[strlen(ErrorMessage) - 1] = '\0'; + if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r') + ErrorMessage[strlen(ErrorMessage) - 1] = '\0'; + SEND2("NA * %s", ErrorMessage); + LocalFree(ErrorMessage); + return 1; + } + if (Done) { + lc(cred); /* let's lowercase them for our convenience */ + have_serverblob = 0; + Done = FALSE; + if (Negotiate_packet_debug_enabled) { + decoded = base64_decode(c); + debug("sending 'AF' %s to squid with data:\n", cred); + if (c != NULL) + hex_dump(decoded, (strlen(c) * 3) / 4); + else + fprintf(stderr, "No data available.\n"); + printf("AF %s %s\n", c, cred); + } else { + SEND3("AF %s %s", c, cred); + } + return 1; + } else { + if (Negotiate_packet_debug_enabled) { + decoded = base64_decode(c); + debug("sending 'TT' to squid with data:\n"); + hex_dump(decoded, (strlen(c) * 3) / 4); + printf("TT %s\n", c); + } else + SEND2("TT %s", c); + return 1; + } - } else { /* not an auth-request */ - helperfail("illegal request received"); - fprintf(stderr, "Illegal request received: '%s'\n", buf); - return 1; + } else { /* not an auth-request */ + helperfail("illegal request received"); + fprintf(stderr, "Illegal request received: '%s'\n", buf); + return 1; } helperfail("detected protocol error"); return 1; - /********* END ********/ +/********* END ********/ } int @@ -298,8 +302,8 @@ main(int argc, char *argv[]) debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name); if (LoadSecurityDll(SSP_NTLM, NEGOTIATE_PACKAGE_NAME) == NULL) { - fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n"); - exit(1); + fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n"); + exit(1); } debug("SSPI initialized OK\n"); @@ -310,7 +314,7 @@ main(int argc, char *argv[]) setbuf(stderr, NULL); while (manage_request()) { - /* everything is done within manage_request */ + /* everything is done within manage_request */ } exit(0); }