From: Fred Morcos Date: Tue, 11 Oct 2022 11:32:15 +0000 (+0200) Subject: Formatting of various files like ipcipher and opensslsigners X-Git-Tag: dnsdist-1.8.0-rc1~124^2~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=44677590be8bf0b0b1c5cca69349f04d28c5c8ab;p=thirdparty%2Fpdns.git Formatting of various files like ipcipher and opensslsigners --- diff --git a/.not-formatted b/.not-formatted index e4c9ad9bc1..e0055fbfd2 100644 --- a/.not-formatted +++ b/.not-formatted @@ -165,7 +165,6 @@ ./pdns/gettime.hh ./pdns/histog.hh ./pdns/inflighter.cc -./pdns/ipcipher.cc ./pdns/iputils.cc ./pdns/iputils.hh ./pdns/ixfr.cc @@ -284,7 +283,6 @@ ./pdns/test-dnsrecordcontent.cc ./pdns/test-dnsrecords_cc.cc ./pdns/test-dnswriter_cc.cc -./pdns/test-ipcrypt_cc.cc ./pdns/test-iputils_hh.cc ./pdns/test-ixfr_cc.cc ./pdns/test-lock_hh.cc @@ -304,7 +302,6 @@ ./pdns/test-tsig.cc ./pdns/test-ueberbackend_cc.cc ./pdns/test-zoneparser_tng_cc.cc -./pdns/testrunner.cc ./pdns/threadname.cc ./pdns/tkey.cc ./pdns/trusted-notification-proxy.cc diff --git a/pdns/ipcipher.cc b/pdns/ipcipher.cc index 90a2bcc655..8f00647241 100644 --- a/pdns/ipcipher.cc +++ b/pdns/ipcipher.cc @@ -11,49 +11,50 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, */ std::string makeIPCipherKey(const std::string& password) { - static const char salt[]="ipcipheripcipher"; + static const char salt[] = "ipcipheripcipher"; unsigned char out[16]; - PKCS5_PBKDF2_HMAC_SHA1(password.c_str(), password.size(), (const unsigned char*)salt, sizeof(salt)-1, 50000, sizeof(out), out); + PKCS5_PBKDF2_HMAC_SHA1(password.c_str(), password.size(), (const unsigned char*)salt, sizeof(salt) - 1, 50000, sizeof(out), out); return std::string((const char*)out, (const char*)out + sizeof(out)); } -static ComboAddress encryptCA4(const ComboAddress& ca, const std::string &key) +static ComboAddress encryptCA4(const ComboAddress& ca, const std::string& key) { - if(key.size() != 16) + if (key.size() != 16) throw std::runtime_error("Need 128 bits of key for ipcrypt"); - ComboAddress ret=ca; + ComboAddress ret = ca; // always returns 0, has no failure mode - ipcrypt_encrypt( (unsigned char*)&ret.sin4.sin_addr.s_addr, - (const unsigned char*) &ca.sin4.sin_addr.s_addr, - (const unsigned char*)key.c_str()); + ipcrypt_encrypt((unsigned char*)&ret.sin4.sin_addr.s_addr, + (const unsigned char*)&ca.sin4.sin_addr.s_addr, + (const unsigned char*)key.c_str()); + return ret; } -static ComboAddress decryptCA4(const ComboAddress& ca, const std::string &key) +static ComboAddress decryptCA4(const ComboAddress& ca, const std::string& key) { - if(key.size() != 16) + if (key.size() != 16) throw std::runtime_error("Need 128 bits of key for ipcrypt"); - ComboAddress ret=ca; + ComboAddress ret = ca; // always returns 0, has no failure mode - ipcrypt_decrypt( (unsigned char*)&ret.sin4.sin_addr.s_addr, - (const unsigned char*) &ca.sin4.sin_addr.s_addr, - (const unsigned char*)key.c_str()); + ipcrypt_decrypt((unsigned char*)&ret.sin4.sin_addr.s_addr, + (const unsigned char*)&ca.sin4.sin_addr.s_addr, + (const unsigned char*)key.c_str()); + return ret; } - -static ComboAddress encryptCA6(const ComboAddress& ca, const std::string &key) +static ComboAddress encryptCA6(const ComboAddress& ca, const std::string& key) { - if(key.size() != 16) + if (key.size() != 16) throw std::runtime_error("Need 128 bits of key for ipcrypt"); - ComboAddress ret=ca; + ComboAddress ret = ca; AES_KEY wctx; AES_set_encrypt_key((const unsigned char*)key.c_str(), 128, &wctx); @@ -63,12 +64,12 @@ static ComboAddress encryptCA6(const ComboAddress& ca, const std::string &key) return ret; } -static ComboAddress decryptCA6(const ComboAddress& ca, const std::string &key) +static ComboAddress decryptCA6(const ComboAddress& ca, const std::string& key) { - if(key.size() != 16) + if (key.size() != 16) throw std::runtime_error("Need 128 bits of key for ipcrypt"); - ComboAddress ret=ca; + ComboAddress ret = ca; AES_KEY wctx; AES_set_decrypt_key((const unsigned char*)key.c_str(), 128, &wctx); AES_decrypt((const unsigned char*)&ca.sin6.sin6_addr.s6_addr, @@ -77,12 +78,11 @@ static ComboAddress decryptCA6(const ComboAddress& ca, const std::string &key) return ret; } - ComboAddress encryptCA(const ComboAddress& ca, const std::string& key) { - if(ca.sin4.sin_family == AF_INET) + if (ca.sin4.sin_family == AF_INET) return encryptCA4(ca, key); - else if(ca.sin4.sin_family == AF_INET6) + else if (ca.sin4.sin_family == AF_INET6) return encryptCA6(ca, key); else throw std::runtime_error("ipcrypt can't encrypt non-IP addresses"); @@ -90,13 +90,12 @@ ComboAddress encryptCA(const ComboAddress& ca, const std::string& key) ComboAddress decryptCA(const ComboAddress& ca, const std::string& key) { - if(ca.sin4.sin_family == AF_INET) + if (ca.sin4.sin_family == AF_INET) return decryptCA4(ca, key); - else if(ca.sin4.sin_family == AF_INET6) + else if (ca.sin4.sin_family == AF_INET6) return decryptCA6(ca, key); else throw std::runtime_error("ipcrypt can't decrypt non-IP addresses"); - } #endif /* HAVE_IPCIPHER */ diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc index ad95a1d696..d91b9fd5f2 100644 --- a/pdns/opensslsigners.cc +++ b/pdns/opensslsigners.cc @@ -169,7 +169,6 @@ void openssl_seed() RAND_seed((const unsigned char*)entropy.c_str(), 1024); } - class OpenSSLRSADNSCryptoKeyEngine : public DNSCryptoKeyEngine { public: @@ -177,7 +176,7 @@ public: { int ret = RAND_status(); if (ret != 1) { - throw runtime_error(getName()+" insufficient entropy"); + throw runtime_error(getName() + " insufficient entropy"); } } @@ -225,10 +224,10 @@ public: bool verify(const std::string& hash, const std::string& signature) const override; std::string getPubKeyHash() const override; std::string getPublicKeyString() const override; - std::unique_ptrparse(std::map& stormap, const std::string& key) const; + std::unique_ptr parse(std::map& stormap, const std::string& key) const; void fromISCMap(DNSKEYRecordContent& drc, std::map& stormap) override; void fromPublicKeyString(const std::string& content) override; - bool checkKey(vector *errorMessages) const override; + bool checkKey(vector* errorMessages) const override; static std::unique_ptr maker(unsigned int algorithm) { @@ -238,10 +237,9 @@ public: private: static int hashSizeToKind(size_t hashSize); - std::unique_ptr d_key; + std::unique_ptr d_key; }; - void OpenSSLRSADNSCryptoKeyEngine::create(unsigned int bits) { // When changing the bitsizes, also edit them in ::checkKey @@ -370,17 +368,17 @@ std::string OpenSSLRSADNSCryptoKeyEngine::hash(const std::string& orig) const int OpenSSLRSADNSCryptoKeyEngine::hashSizeToKind(const size_t hashSize) { - switch(hashSize) { - case SHA_DIGEST_LENGTH: - return NID_sha1; - case SHA256_DIGEST_LENGTH: - return NID_sha256; - case SHA384_DIGEST_LENGTH: - return NID_sha384; - case SHA512_DIGEST_LENGTH: - return NID_sha512; - default: - throw runtime_error("OpenSSL RSA does not handle hash of size " + std::to_string(hashSize)); + switch (hashSize) { + case SHA_DIGEST_LENGTH: + return NID_sha1; + case SHA256_DIGEST_LENGTH: + return NID_sha256; + case SHA384_DIGEST_LENGTH: + return NID_sha384; + case SHA512_DIGEST_LENGTH: + return NID_sha512; + default: + throw runtime_error("OpenSSL RSA does not handle hash of size " + std::to_string(hashSize)); } } @@ -597,35 +595,37 @@ void OpenSSLRSADNSCryptoKeyEngine::fromPublicKeyString(const std::string& input) class OpenSSLECDSADNSCryptoKeyEngine : public DNSCryptoKeyEngine { public: - explicit OpenSSLECDSADNSCryptoKeyEngine(unsigned int algo) : DNSCryptoKeyEngine(algo), d_eckey(std::unique_ptr(EC_KEY_new(), EC_KEY_free)), d_ecgroup(std::unique_ptr(nullptr, EC_GROUP_clear_free)) + explicit OpenSSLECDSADNSCryptoKeyEngine(unsigned int algo) : + DNSCryptoKeyEngine(algo), d_eckey(std::unique_ptr(EC_KEY_new(), EC_KEY_free)), d_ecgroup(std::unique_ptr(nullptr, EC_GROUP_clear_free)) { - int ret = RAND_status(); if (ret != 1) { - throw runtime_error(getName()+" insufficient entropy"); + throw runtime_error(getName() + " insufficient entropy"); } if (!d_eckey) { - throw runtime_error(getName()+" allocation of key structure failed"); + throw runtime_error(getName() + " allocation of key structure failed"); } - if(d_algorithm == 13) { - d_ecgroup = std::unique_ptr(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1), EC_GROUP_clear_free); + if (d_algorithm == 13) { + d_ecgroup = std::unique_ptr(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1), EC_GROUP_clear_free); d_len = 32; - } else if (d_algorithm == 14) { - d_ecgroup = std::unique_ptr(EC_GROUP_new_by_curve_name(NID_secp384r1), EC_GROUP_clear_free); + } + else if (d_algorithm == 14) { + d_ecgroup = std::unique_ptr(EC_GROUP_new_by_curve_name(NID_secp384r1), EC_GROUP_clear_free); d_len = 48; - } else { - throw runtime_error(getName()+" unknown algorithm "+std::to_string(d_algorithm)); + } + else { + throw runtime_error(getName() + " unknown algorithm " + std::to_string(d_algorithm)); } if (!d_ecgroup) { - throw runtime_error(getName()+" allocation of group structure failed"); + throw runtime_error(getName() + " allocation of group structure failed"); } ret = EC_KEY_set_group(d_eckey.get(), d_ecgroup.get()); if (ret != 1) { - throw runtime_error(getName()+" setting key group failed"); + throw runtime_error(getName() + " setting key group failed"); } } @@ -691,7 +691,6 @@ private: std::unique_ptr d_ecgroup; }; - void OpenSSLECDSADNSCryptoKeyEngine::create(unsigned int bits) { if (bits >> 3 != d_len) { @@ -856,7 +855,6 @@ bool OpenSSLECDSADNSCryptoKeyEngine::verify(const std::string& msg, const std::s return (ret == 1); } - std::string OpenSSLECDSADNSCryptoKeyEngine::getPubKeyHash() const { string pubKey = getPublicKeyString(); @@ -865,7 +863,6 @@ std::string OpenSSLECDSADNSCryptoKeyEngine::getPubKeyHash() const return string((char*) l_hash, sizeof(l_hash)); } - std::string OpenSSLECDSADNSCryptoKeyEngine::getPublicKeyString() const { std::string binaryPoint; diff --git a/pdns/test-ipcrypt_cc.cc b/pdns/test-ipcrypt_cc.cc index 7c55af0348..fe3897ad5a 100644 --- a/pdns/test-ipcrypt_cc.cc +++ b/pdns/test-ipcrypt_cc.cc @@ -16,24 +16,24 @@ BOOST_AUTO_TEST_SUITE(test_ipcrypt_hh) BOOST_AUTO_TEST_CASE(test_ipcrypt4) { - ComboAddress ca("127.0.0.1"); - std::string key="0123456789ABCDEF"; - auto encrypted = encryptCA(ca, key); + ComboAddress address("127.0.0.1"); + std::string key = "0123456789ABCDEF"; + auto encrypted = encryptCA(address, key); auto decrypted = decryptCA(encrypted, key); - BOOST_CHECK_EQUAL(ca.toString(), decrypted.toString()); + BOOST_CHECK_EQUAL(address.toString(), decrypted.toString()); } BOOST_AUTO_TEST_CASE(test_ipcrypt4_vector) { - vector> tests{ // test vector from https://github.com/veorq/ipcrypt - {{"127.0.0.1"},{"114.62.227.59"}}, - {{"8.8.8.8"}, {"46.48.51.50"}}, - {{"1.2.3.4"}, {"171.238.15.199"}}}; + // test vector from https://github.com/veorq/ipcrypt + vector> tests{{{"127.0.0.1"}, {"114.62.227.59"}}, + {{"8.8.8.8"}, {"46.48.51.50"}}, + {{"1.2.3.4"}, {"171.238.15.199"}}}; - std::string key="some 16-byte key"; + std::string key = "some 16-byte key"; - for(const auto& p : tests) { + for (const auto& p : tests) { auto encrypted = encryptCA(ComboAddress(p.first), key); BOOST_CHECK_EQUAL(encrypted.toString(), p.second); auto decrypted = decryptCA(encrypted, key); @@ -41,32 +41,34 @@ BOOST_AUTO_TEST_CASE(test_ipcrypt4_vector) } // test from Frank Denis' test.cc - ComboAddress ip("192.168.69.42"), out, dec; + ComboAddress address("192.168.69.42"); + ComboAddress out; + ComboAddress dec; string key2; - for(int n=0; n<16; ++n) - key2.append(1, (char)n+1); + for (int n = 0; n < 16; ++n) { + key2.append(1, (char)n + 1); + } for (unsigned int i = 0; i < 100000000UL; i++) { - out=encryptCA(ip, key2); + out = encryptCA(address, key2); // dec=decryptCA(out, key2); // BOOST_CHECK(ip==dec); - ip=out; + address = out; } ComboAddress expected("93.155.197.186"); - BOOST_CHECK_EQUAL(ip.toString(), expected.toString()); + BOOST_CHECK_EQUAL(address.toString(), expected.toString()); } - BOOST_AUTO_TEST_CASE(test_ipcrypt6) { - ComboAddress ca("::1"); - std::string key="0123456789ABCDEF"; - auto encrypted = encryptCA(ca, key); + ComboAddress address("::1"); + std::string key = "0123456789ABCDEF"; + auto encrypted = encryptCA(address, key); auto decrypted = decryptCA(encrypted, key); - BOOST_CHECK_EQUAL(ca.toString(), decrypted.toString()); + BOOST_CHECK_EQUAL(address.toString(), decrypted.toString()); } BOOST_AUTO_TEST_SUITE_END() diff --git a/pdns/testrunner.cc b/pdns/testrunner.cc index 4f24cb4d65..0a7255e1c6 100644 --- a/pdns/testrunner.cc +++ b/pdns/testrunner.cc @@ -3,26 +3,28 @@ #ifdef HAVE_CONFIG_H #include "config.h" #endif + #include #include "arguments.hh" #include "auth-packetcache.hh" #include "auth-querycache.hh" #include "auth-zonecache.hh" #include "statbag.hh" + StatBag S; AuthPacketCache PC; AuthQueryCache QC; AuthZoneCache g_zoneCache; uint16_t g_maxNSEC3Iterations{0}; -ArgvMap &arg() +ArgvMap& arg() { static ArgvMap theArg; return theArg; } - -static bool init_unit_test() { +static bool init_unit_test() +{ reportAllTypes(); return true; } @@ -31,5 +33,5 @@ static bool init_unit_test() { int main(int argc, char* argv[]) { S.d_allowRedeclare = true; - return boost::unit_test::unit_test_main( &init_unit_test, argc, argv ); + return boost::unit_test::unit_test_main(&init_unit_test, argc, argv); }