diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-06-21 08:55:50 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-11-17 15:48:34 +0100 |
commit | 2ff286c26c29b69b02ca99656d26d2f8cfd54682 (patch) | |
tree | 71a01c51c47d0dd9528ff14357615d71420ba5a1 /apps | |
parent | a6838c8d52087f2b0494bbab8486e10944aff7f7 (diff) | |
download | openssl-2ff286c26c29b69b02ca99656d26d2f8cfd54682.tar.gz |
Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/fipsinstall.c | 6 | ||||
-rw-r--r-- | apps/include/apps.h | 1 | ||||
-rw-r--r-- | apps/lib/apps.c | 28 | ||||
-rw-r--r-- | apps/lib/http_server.c | 17 | ||||
-rw-r--r-- | apps/openssl.c | 6 | ||||
-rw-r--r-- | apps/s_client.c | 4 | ||||
-rw-r--r-- | apps/s_server.c | 24 | ||||
-rw-r--r-- | apps/speed.c | 47 |
8 files changed, 59 insertions, 74 deletions
diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c index d0efdf7643..8152f3956b 100644 --- a/apps/fipsinstall.c +++ b/apps/fipsinstall.c @@ -7,7 +7,7 @@ * https://www.openssl.org/source/license.html */ -#include <string.h> +#include "internal/cryptlib.h" #include <openssl/evp.h> #include <openssl/err.h> #include <openssl/provider.h> @@ -368,9 +368,9 @@ opthelp: case OPT_MACOPT: if (!sk_OPENSSL_STRING_push(opts, opt_arg())) goto opthelp; - if (strncmp(opt_arg(), "hexkey:", 7) == 0) + if (HAS_PREFIX(opt_arg(), "hexkey:")) gotkey = 1; - else if (strncmp(opt_arg(), "digest:", 7) == 0) + else if (HAS_PREFIX(opt_arg(), "digest:")) gotdigest = 1; break; case OPT_VERIFY: diff --git a/apps/include/apps.h b/apps/include/apps.h index 6018a83ca4..7d9b64a3c6 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -11,6 +11,7 @@ # define OSSL_APPS_H # include "e_os.h" /* struct timeval for DTLS */ +# include "internal/cryptlib.h" /* for HAS_PREFIX */ # include "internal/nelem.h" # include "internal/sockets.h" /* for openssl_fdset() */ # include <assert.h> diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 82eeaea249..2c4c292b94 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -260,21 +260,21 @@ static char *app_get_pass(const char *arg, int keepbio) int i; /* PASS_SOURCE_SIZE_MAX = max number of chars before ':' in below strings */ - if (strncmp(arg, "pass:", 5) == 0) - return OPENSSL_strdup(arg + 5); - if (strncmp(arg, "env:", 4) == 0) { - tmp = getenv(arg + 4); + if (CHECK_AND_SKIP_PREFIX(arg, "pass:")) + return OPENSSL_strdup(arg); + if (CHECK_AND_SKIP_PREFIX(arg, "env:")) { + tmp = getenv(arg); if (tmp == NULL) { - BIO_printf(bio_err, "No environment variable %s\n", arg + 4); + BIO_printf(bio_err, "No environment variable %s\n", arg); return NULL; } return OPENSSL_strdup(tmp); } if (!keepbio || pwdbio == NULL) { - if (strncmp(arg, "file:", 5) == 0) { - pwdbio = BIO_new_file(arg + 5, "r"); + if (CHECK_AND_SKIP_PREFIX(arg, "file:")) { + pwdbio = BIO_new_file(arg, "r"); if (pwdbio == NULL) { - BIO_printf(bio_err, "Can't open file %s\n", arg + 5); + BIO_printf(bio_err, "Can't open file %s\n", arg); return NULL; } #if !defined(_WIN32) @@ -286,13 +286,13 @@ static char *app_get_pass(const char *arg, int keepbio) * on real Windows descriptors, such as those obtained * with CreateFile. */ - } else if (strncmp(arg, "fd:", 3) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(arg, "fd:")) { BIO *btmp; - i = atoi(arg + 3); + i = atoi(arg); if (i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); if ((i < 0) || !pwdbio) { - BIO_printf(bio_err, "Can't access file descriptor %s\n", arg + 3); + BIO_printf(bio_err, "Can't access file descriptor %s\n", arg); return NULL; } /* @@ -450,10 +450,8 @@ CONF *app_load_config_modules(const char *configfile) return conf; } -#define IS_HTTP(uri) ((uri) != NULL \ - && strncmp(uri, OSSL_HTTP_PREFIX, strlen(OSSL_HTTP_PREFIX)) == 0) -#define IS_HTTPS(uri) ((uri) != NULL \ - && strncmp(uri, OSSL_HTTPS_PREFIX, strlen(OSSL_HTTPS_PREFIX)) == 0) +#define IS_HTTP(uri) ((uri) != NULL && HAS_PREFIX(uri, OSSL_HTTP_PREFIX)) +#define IS_HTTPS(uri) ((uri) != NULL && HAS_PREFIX(uri, OSSL_HTTPS_PREFIX)) X509 *load_cert_pass(const char *uri, int format, int maybe_stdin, const char *pass, const char *desc) diff --git a/apps/lib/http_server.c b/apps/lib/http_server.c index 03faac7707..8f654660b4 100644 --- a/apps/lib/http_server.c +++ b/apps/lib/http_server.c @@ -17,7 +17,6 @@ # define _POSIX_C_SOURCE 2 #endif -#include <string.h> #include <ctype.h> #include "http_server.h" #include "internal/sockets.h" @@ -37,6 +36,7 @@ static int verbosity = LOG_INFO; #define HTTP_VERSION_PATT "1." /* allow 1.x */ #define HTTP_PREFIX_VERSION HTTP_PREFIX""HTTP_VERSION_PATT #define HTTP_1_0 HTTP_PREFIX_VERSION"0" /* "HTTP/1.0" */ +#define HTTP_VERSION_STR " "HTTP_PREFIX_VERSION #ifdef HTTP_DAEMON @@ -336,15 +336,12 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq, *end = '\0'; log_message(prog, LOG_INFO, "Received request, 1st line: %s", reqbuf); - meth = reqbuf; - url = meth + 3; - if ((accept_get && strncmp(meth, "GET ", 4) == 0) - || (url++, strncmp(meth, "POST ", 5) == 0)) { - static const char http_version_str[] = " "HTTP_PREFIX_VERSION; - static const size_t http_version_str_len = sizeof(http_version_str) - 1; + url = meth = reqbuf; + if ((accept_get && CHECK_AND_SKIP_PREFIX(url, "GET ")) + || CHECK_AND_SKIP_PREFIX(url, "POST ")) { /* Expecting (GET|POST) {sp} /URL {sp} HTTP/1.x */ - *(url++) = '\0'; + url[-1] = '\0'; while (*url == ' ') url++; if (*url != '/') { @@ -360,7 +357,7 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq, for (end = url; *end != '\0'; end++) if (*end == ' ') break; - if (strncmp(end, http_version_str, http_version_str_len) != 0) { + if (!HAS_PREFIX(end, HTTP_VERSION_STR)) { log_message(prog, LOG_WARNING, "Invalid %s -- bad HTTP/version string: %s", meth, end + 1); @@ -370,7 +367,7 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq, *end = '\0'; /* above HTTP 1.0, connection persistence is the default */ if (found_keep_alive != NULL) - *found_keep_alive = end[http_version_str_len] > '0'; + *found_keep_alive = end[sizeof(HTTP_VERSION_STR) - 1] > '0'; /*- * Skip "GET / HTTP..." requests often used by load-balancers. diff --git a/apps/openssl.c b/apps/openssl.c index e20661277e..f347d64417 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -8,8 +8,8 @@ */ #include <stdio.h> -#include <string.h> #include <stdlib.h> +#include "internal/cryptlib.h" #include <openssl/bio.h> #include <openssl/crypto.h> #include <openssl/trace.h> @@ -417,12 +417,12 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) warn_deprecated(fp); return fp->func(argc, argv); } - if ((strncmp(argv[0], "no-", 3)) == 0) { + f.name = argv[0]; + if (CHECK_AND_SKIP_PREFIX(f.name, "no-")) { /* * User is asking if foo is unsupported, by trying to "run" the * no-foo command. Strange. */ - f.name = argv[0] + 3; if (lh_FUNCTION_retrieve(prog, &f) == NULL) { BIO_printf(bio_out, "%s\n", argv[0]); return 0; diff --git a/apps/s_client.c b/apps/s_client.c index 46cecb9a82..d40f7c948f 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2530,7 +2530,7 @@ int s_client_main(int argc, char **argv) */ if (mbuf_len > 1 && mbuf[0] == '"') { make_uppercase(mbuf); - if (strncmp(mbuf, "\"STARTTLS\"", 10) == 0) + if (HAS_PREFIX(mbuf, "\"STARTTLS\"")) foundit = 1; } } while (mbuf_len > 1 && mbuf[0] == '"'); @@ -2558,7 +2558,7 @@ int s_client_main(int argc, char **argv) */ strncpy(sbuf, mbuf, 2); make_uppercase(sbuf); - if (strncmp(sbuf, "OK", 2) != 0) { + if (!HAS_PREFIX(sbuf, "OK")) { BIO_printf(bio_err, "STARTTLS not supported: %s", mbuf); goto shut; } diff --git a/apps/s_server.c b/apps/s_server.c index 27c7db80a7..13d59faf14 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2985,7 +2985,7 @@ static void print_connection_info(SSL *con) static int www_body(int s, int stype, int prot, unsigned char *context) { - char *buf = NULL; + char *buf = NULL, *p; int ret = 1; int i, j, k, dot; SSL *con; @@ -3001,7 +3001,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context) /* Set width for a select call if needed */ width = s + 1; - buf = app_malloc(bufsize, "server www buffer"); + p = buf = app_malloc(bufsize, "server www buffer"); io = BIO_new(BIO_f_buffer()); ssl_bio = BIO_new(BIO_f_ssl()); if ((io == NULL) || (ssl_bio == NULL)) @@ -3093,15 +3093,14 @@ static int www_body(int s, int stype, int prot, unsigned char *context) } /* else we have data */ - if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) || - ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) { - char *p; + if ((www == 1 && HAS_PREFIX(buf, "GET ")) + || (www == 2 && HAS_PREFIX(buf, "GET /stats "))) { X509 *peer = NULL; STACK_OF(SSL_CIPHER) *sk; static const char *space = " "; - if (www == 1 && strncmp("GET /reneg", buf, 10) == 0) { - if (strncmp("GET /renegcert", buf, 14) == 0) + if (www == 1 && HAS_PREFIX(buf, "GET /reneg")) { + if (HAS_PREFIX(buf, "GET /renegcert")) SSL_set_verify(con, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, NULL); @@ -3142,6 +3141,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context) BIO_puts(io, "\n"); for (i = 0; i < local_argc; i++) { const char *myp; + for (myp = local_argv[i]; *myp; myp++) switch (*myp) { case '<': @@ -3221,16 +3221,12 @@ static int www_body(int s, int stype, int prot, unsigned char *context) } BIO_puts(io, "</pre></BODY></HTML>\r\n\r\n"); break; - } else if ((www == 2 || www == 3) - && (strncmp("GET /", buf, 5) == 0)) { + } else if ((www == 2 || www == 3) && HAS_PREFIX(p, "GET /")) { BIO *file; - char *p, *e; + char *e; static const char *text = "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; - /* skip the '/' */ - p = &(buf[5]); - dot = 1; for (e = p; *e != '\0'; e++) { if (e[0] == ' ') @@ -3523,7 +3519,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context) p--; i--; } - if (!s_ign_eof && (i == 5) && (strncmp(buf, "CLOSE", 5) == 0)) { + if (!s_ign_eof && i == 5 && HAS_PREFIX(buf, "CLOSE")) { ret = 1; BIO_printf(bio_err, "CONNECTION CLOSED\n"); goto end; diff --git a/apps/speed.c b/apps/speed.c index ada559228d..0ee7347f5b 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1638,8 +1638,8 @@ int speed_main(int argc, char **argv) if (strcmp(algo, "openssl") == 0) /* just for compatibility */ continue; #endif - if (strncmp(algo, "rsa", 3) == 0) { - if (algo[3] == '\0') { + if (HAS_PREFIX(algo, "rsa")) { + if (algo[sizeof("rsa") - 1] == '\0') { memset(rsa_doit, 1, sizeof(rsa_doit)); continue; } @@ -1649,8 +1649,8 @@ int speed_main(int argc, char **argv) } } #ifndef OPENSSL_NO_DH - if (strncmp(algo, "ffdh", 4) == 0) { - if (algo[4] == '\0') { + if (HAS_PREFIX(algo, "ffdh")) { + if (algo[sizeof("ffdh") - 1] == '\0') { memset(ffdh_doit, 1, sizeof(ffdh_doit)); continue; } @@ -1660,8 +1660,8 @@ int speed_main(int argc, char **argv) } } #endif - if (strncmp(algo, "dsa", 3) == 0) { - if (algo[3] == '\0') { + if (HAS_PREFIX(algo, "dsa")) { + if (algo[sizeof("dsa") - 1] == '\0') { memset(dsa_doit, 1, sizeof(dsa_doit)); continue; } @@ -1678,8 +1678,8 @@ int speed_main(int argc, char **argv) doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1; continue; } - if (strncmp(algo, "ecdsa", 5) == 0) { - if (algo[5] == '\0') { + if (HAS_PREFIX(algo, "ecdsa")) { + if (algo[sizeof("ecdsa") - 1] == '\0') { memset(ecdsa_doit, 1, sizeof(ecdsa_doit)); continue; } @@ -1688,8 +1688,8 @@ int speed_main(int argc, char **argv) continue; } } - if (strncmp(algo, "ecdh", 4) == 0) { - if (algo[4] == '\0') { + if (HAS_PREFIX(algo, "ecdh")) { + if (algo[sizeof("ecdh") - 1] == '\0') { memset(ecdh_doit, 1, sizeof(ecdh_doit)); continue; } @@ -3458,20 +3458,19 @@ static int do_multi(int multi, int size_num) continue; } printf("Got: %s from %d\n", buf, n); - if (strncmp(buf, "+F:", 3) == 0) { + p = buf; + if (CHECK_AND_SKIP_PREFIX(p, "+F:")) { int alg; int j; - p = buf + 3; alg = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); for (j = 0; j < size_num; ++j) results[alg][j] += atof(sstrsep(&p, sep)); - } else if (strncmp(buf, "+F2:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F2:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); @@ -3480,11 +3479,10 @@ static int do_multi(int multi, int size_num) d = atof(sstrsep(&p, sep)); rsa_results[k][1] += d; - } else if (strncmp(buf, "+F3:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F3:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); @@ -3493,11 +3491,10 @@ static int do_multi(int multi, int size_num) d = atof(sstrsep(&p, sep)); dsa_results[k][1] += d; - } else if (strncmp(buf, "+F4:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F4:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); @@ -3506,21 +3503,19 @@ static int do_multi(int multi, int size_num) d = atof(sstrsep(&p, sep)); ecdsa_results[k][1] += d; - } else if (strncmp(buf, "+F5:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F5:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); ecdh_results[k][0] += d; - } else if (strncmp(buf, "+F6:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F6:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); sstrsep(&p, sep); @@ -3531,11 +3526,10 @@ static int do_multi(int multi, int size_num) d = atof(sstrsep(&p, sep)); eddsa_results[k][1] += d; # ifndef OPENSSL_NO_SM2 - } else if (strncmp(buf, "+F7:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F7:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); sstrsep(&p, sep); @@ -3547,18 +3541,17 @@ static int do_multi(int multi, int size_num) sm2_results[k][1] += d; # endif /* OPENSSL_NO_SM2 */ # ifndef OPENSSL_NO_DH - } else if (strncmp(buf, "+F8:", 4) == 0) { + } else if (CHECK_AND_SKIP_PREFIX(p, "+F8:")) { int k; double d; - p = buf + 4; k = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); ffdh_results[k][0] += d; # endif /* OPENSSL_NO_DH */ - } else if (strncmp(buf, "+H:", 3) == 0) { + } else if (HAS_PREFIX(buf, "+H:")) { ; } else { BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf, |