From a7f031ba55ac4a69263000357eb7f6d7fb88101a Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Thu, 1 Oct 2015 07:40:26 -0500 Subject: add b64_ntop checking and fallback for nc(1) --- apps/nc/Makefile.am | 4 + apps/nc/compat/base64.c | 315 ++++++++++++++++++++++++++++++++++++++++ configure.ac | 1 + include/Makefile.am | 1 + include/compat/readpassphrase.h | 4 - include/compat/resolv.h | 24 +++ m4/check-libc.m4 | 22 ++- m4/check-os-options.m4 | 2 - 8 files changed, 366 insertions(+), 7 deletions(-) create mode 100644 apps/nc/compat/base64.c create mode 100644 include/compat/resolv.h diff --git a/apps/nc/Makefile.am b/apps/nc/Makefile.am index d0f6c0c..4e6f41d 100644 --- a/apps/nc/Makefile.am +++ b/apps/nc/Makefile.am @@ -21,6 +21,10 @@ noinst_HEADERS += compat/sys/socket.h nc_SOURCES += compat/socket.c +if !HAVE_B64_NTOP +nc_SOURCES += compat/base64.c +endif + if !HAVE_ACCEPT4 nc_SOURCES += compat/accept4.c endif diff --git a/apps/nc/compat/base64.c b/apps/nc/compat/base64.c new file mode 100644 index 0000000..e90696d --- /dev/null +++ b/apps/nc/compat/base64.c @@ -0,0 +1,315 @@ +/* $OpenBSD: base64.c,v 1.8 2015/01/16 16:48:51 deraadt Exp $ */ + +/* + * Copyright (c) 1996 by Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + */ + +/* + * Portions Copyright (c) 1995 by International Business Machines, Inc. + * + * International Business Machines, Inc. (hereinafter called IBM) grants + * permission under its copyrights to use, copy, modify, and distribute this + * Software with or without fee, provided that the above copyright notice and + * all paragraphs of this notice appear in all copies, and that the name of IBM + * not be used in connection with the marketing of any product incorporating + * the Software or modifications thereof, without specific, written prior + * permission. + * + * To the extent it has a right to do so, IBM grants an immunity from suit + * under its patents, if any, for the use, sale or manufacture of products to + * the extent that such products are used for performing Domain Name System + * dynamic updates in TCP/IP networks by means of the Software. No immunity is + * granted for any product per se or for any other function of any product. + * + * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, + * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, + * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN + * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include +#include + +static const char Base64[] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; +static const char Pad64 = '='; + +/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt) + The following encoding technique is taken from RFC 1521 by Borenstein + and Freed. It is reproduced here in a slightly edited form for + convenience. + + A 65-character subset of US-ASCII is used, enabling 6 bits to be + represented per printable character. (The extra 65th character, "=", + is used to signify a special processing function.) + + The encoding process represents 24-bit groups of input bits as output + strings of 4 encoded characters. Proceeding from left to right, a + 24-bit input group is formed by concatenating 3 8-bit input groups. + These 24 bits are then treated as 4 concatenated 6-bit groups, each + of which is translated into a single digit in the base64 alphabet. + + Each 6-bit group is used as an index into an array of 64 printable + characters. The character referenced by the index is placed in the + output string. + + Table 1: The Base64 Alphabet + + Value Encoding Value Encoding Value Encoding Value Encoding + 0 A 17 R 34 i 51 z + 1 B 18 S 35 j 52 0 + 2 C 19 T 36 k 53 1 + 3 D 20 U 37 l 54 2 + 4 E 21 V 38 m 55 3 + 5 F 22 W 39 n 56 4 + 6 G 23 X 40 o 57 5 + 7 H 24 Y 41 p 58 6 + 8 I 25 Z 42 q 59 7 + 9 J 26 a 43 r 60 8 + 10 K 27 b 44 s 61 9 + 11 L 28 c 45 t 62 + + 12 M 29 d 46 u 63 / + 13 N 30 e 47 v + 14 O 31 f 48 w (pad) = + 15 P 32 g 49 x + 16 Q 33 h 50 y + + Special processing is performed if fewer than 24 bits are available + at the end of the data being encoded. A full encoding quantum is + always completed at the end of a quantity. When fewer than 24 input + bits are available in an input group, zero bits are added (on the + right) to form an integral number of 6-bit groups. Padding at the + end of the data is performed using the '=' character. + + Since all base64 input is an integral number of octets, only the + ------------------------------------------------- + following cases can arise: + + (1) the final quantum of encoding input is an integral + multiple of 24 bits; here, the final unit of encoded + output will be an integral multiple of 4 characters + with no "=" padding, + (2) the final quantum of encoding input is exactly 8 bits; + here, the final unit of encoded output will be two + characters followed by two "=" padding characters, or + (3) the final quantum of encoding input is exactly 16 bits; + here, the final unit of encoded output will be three + characters followed by one "=" padding character. + */ + +int +b64_ntop(src, srclength, target, targsize) + u_char const *src; + size_t srclength; + char *target; + size_t targsize; +{ + size_t datalength = 0; + u_char input[3]; + u_char output[4]; + int i; + + while (2 < srclength) { + input[0] = *src++; + input[1] = *src++; + input[2] = *src++; + srclength -= 3; + + output[0] = input[0] >> 2; + output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); + output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); + output[3] = input[2] & 0x3f; + + if (datalength + 4 > targsize) + return (-1); + target[datalength++] = Base64[output[0]]; + target[datalength++] = Base64[output[1]]; + target[datalength++] = Base64[output[2]]; + target[datalength++] = Base64[output[3]]; + } + + /* Now we worry about padding. */ + if (0 != srclength) { + /* Get what's left. */ + input[0] = input[1] = input[2] = '\0'; + for (i = 0; i < srclength; i++) + input[i] = *src++; + + output[0] = input[0] >> 2; + output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); + output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); + + if (datalength + 4 > targsize) + return (-1); + target[datalength++] = Base64[output[0]]; + target[datalength++] = Base64[output[1]]; + if (srclength == 1) + target[datalength++] = Pad64; + else + target[datalength++] = Base64[output[2]]; + target[datalength++] = Pad64; + } + if (datalength >= targsize) + return (-1); + target[datalength] = '\0'; /* Returned value doesn't count \0. */ + return (datalength); +} + +/* skips all whitespace anywhere. + converts characters, four at a time, starting at (or after) + src from base - 64 numbers into three 8 bit bytes in the target area. + it returns the number of data bytes stored at the target, or -1 on error. + */ + +int +b64_pton(src, target, targsize) + char const *src; + u_char *target; + size_t targsize; +{ + int tarindex, state, ch; + u_char nextbyte; + char *pos; + + state = 0; + tarindex = 0; + + while ((ch = (unsigned char)*src++) != '\0') { + if (isspace(ch)) /* Skip whitespace anywhere. */ + continue; + + if (ch == Pad64) + break; + + pos = strchr(Base64, ch); + if (pos == 0) /* A non-base64 character. */ + return (-1); + + switch (state) { + case 0: + if (target) { + if (tarindex >= targsize) + return (-1); + target[tarindex] = (pos - Base64) << 2; + } + state = 1; + break; + case 1: + if (target) { + if (tarindex >= targsize) + return (-1); + target[tarindex] |= (pos - Base64) >> 4; + nextbyte = ((pos - Base64) & 0x0f) << 4; + if (tarindex + 1 < targsize) + target[tarindex+1] = nextbyte; + else if (nextbyte) + return (-1); + } + tarindex++; + state = 2; + break; + case 2: + if (target) { + if (tarindex >= targsize) + return (-1); + target[tarindex] |= (pos - Base64) >> 2; + nextbyte = ((pos - Base64) & 0x03) << 6; + if (tarindex + 1 < targsize) + target[tarindex+1] = nextbyte; + else if (nextbyte) + return (-1); + } + tarindex++; + state = 3; + break; + case 3: + if (target) { + if (tarindex >= targsize) + return (-1); + target[tarindex] |= (pos - Base64); + } + tarindex++; + state = 0; + break; + } + } + + /* + * We are done decoding Base-64 chars. Let's see if we ended + * on a byte boundary, and/or with erroneous trailing characters. + */ + + if (ch == Pad64) { /* We got a pad char. */ + ch = (unsigned char)*src++; /* Skip it, get next. */ + switch (state) { + case 0: /* Invalid = in first position */ + case 1: /* Invalid = in second position */ + return (-1); + + case 2: /* Valid, means one byte of info */ + /* Skip any number of spaces. */ + for (; ch != '\0'; ch = (unsigned char)*src++) + if (!isspace(ch)) + break; + /* Make sure there is another trailing = sign. */ + if (ch != Pad64) + return (-1); + ch = (unsigned char)*src++; /* Skip the = */ + /* Fall through to "single trailing =" case. */ + /* FALLTHROUGH */ + + case 3: /* Valid, means two bytes of info */ + /* + * We know this char is an =. Is there anything but + * whitespace after it? + */ + for (; ch != '\0'; ch = (unsigned char)*src++) + if (!isspace(ch)) + return (-1); + + /* + * Now make sure for cases 2 and 3 that the "extra" + * bits that slopped past the last full byte were + * zeros. If we don't check them, they become a + * subliminal channel. + */ + if (target && tarindex < targsize && + target[tarindex] != 0) + return (-1); + } + } else { + /* + * We ended by seeing the end of the string. Make sure we + * have no partial bytes lying around. + */ + if (state != 0) + return (-1); + } + + return (tarindex); +} diff --git a/configure.ac b/configure.ac index f5dcb77..d02b3d4 100644 --- a/configure.ac +++ b/configure.ac @@ -51,6 +51,7 @@ AC_CHECK_FUNC([funopen]) CHECK_LIBC_COMPAT CHECK_LIBC_CRYPTO_COMPAT CHECK_VA_COPY +CHECK_B64_NTOP AC_ARG_WITH([openssldir], AS_HELP_STRING([--with-openssldir], diff --git a/include/Makefile.am b/include/Makefile.am index 522d375..b3c3549 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -11,6 +11,7 @@ noinst_HEADERS += compat/err.h noinst_HEADERS += compat/netdb.h noinst_HEADERS += compat/poll.h noinst_HEADERS += compat/readpassphrase.h +noinst_HEADERS += compat/resolv.h noinst_HEADERS += compat/stdio.h noinst_HEADERS += compat/stdlib.h noinst_HEADERS += compat/string.h diff --git a/include/compat/readpassphrase.h b/include/compat/readpassphrase.h index aedf16c..3416919 100644 --- a/include/compat/readpassphrase.h +++ b/include/compat/readpassphrase.h @@ -37,11 +37,7 @@ #define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ #define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */ -#include - -__BEGIN_DECLS char * readpassphrase(const char *, char *, size_t, int); -__END_DECLS #endif /* !_READPASSPHRASE_H_ */ diff --git a/include/compat/resolv.h b/include/compat/resolv.h new file mode 100644 index 0000000..42dec07 --- /dev/null +++ b/include/compat/resolv.h @@ -0,0 +1,24 @@ +/* + * Public domain + * resolv.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_RESOLV_H +#define LIBCRYPTOCOMPAT_RESOLV_H + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/resolv.h> +#else +#include <../include/resolv.h> +#endif +#else +#include_next +#endif + +#ifndef HAVE_B64_NTOP +int b64_ntop(unsigned char const *, size_t, char *, size_t); +int b64_pton(char const *, unsigned char *, size_t); +#endif + +#endif diff --git a/m4/check-libc.m4 b/m4/check-libc.m4 index c189ac9..63fd893 100644 --- a/m4/check-libc.m4 +++ b/m4/check-libc.m4 @@ -2,7 +2,8 @@ AC_DEFUN([CHECK_LIBC_COMPAT], [ # Check for libc headers AC_CHECK_HEADERS([err.h readpassphrase.h]) # Check for general libc functions -AC_CHECK_FUNCS([accept4 asprintf inet_pton memmem poll readpassphrase reallocarray]) +AC_CHECK_FUNCS([accept4 asprintf inet_pton memmem poll]) +AC_CHECK_FUNCS([readpassphrase reallocarray]) AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum]) AM_CONDITIONAL([HAVE_ACCEPT4], [test "x$ac_cv_func_accept4" = xyes]) AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes]) @@ -19,6 +20,25 @@ AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes]) AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes]) ]) +AC_DEFUN([CHECK_B64_NTOP], [ +AC_SEARCH_LIBS([b64_ntop],[resolv]) +AC_SEARCH_LIBS([__b64_ntop],[resolv]) +AC_CACHE_CHECK([for b64_ntop], ac_cv_have_b64_ntop_arg, [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ +#include +#include +#include +#include +#include + ]], [[ b64_ntop(NULL, 0, NULL, 0); ]])], + [ ac_cv_have_b64_ntop_arg="yes" ], + [ ac_cv_have_b64_ntop_arg="no" + ]) +]) +AM_CONDITIONAL([HAVE_B64_NTOP], [test "x$ac_cv_func_b64_ntop" = xyes]) +]) + + AC_DEFUN([CHECK_LIBC_CRYPTO_COMPAT], [ # Check crypto-related libc functions AC_CHECK_FUNCS([arc4random_buf explicit_bzero getauxval getentropy]) diff --git a/m4/check-os-options.m4 b/m4/check-os-options.m4 index a71e529..6c28ab8 100644 --- a/m4/check-os-options.m4 +++ b/m4/check-os-options.m4 @@ -17,7 +17,6 @@ case $host_os in BUILD_NC=yes HOST_OS=darwin HOST_ABI=macosx - AC_SUBST([PROG_LDADD], ['-lresolv']) ;; *freebsd*) HOST_OS=freebsd @@ -39,7 +38,6 @@ case $host_os in HOST_OS=linux HOST_ABI=elf CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE" - AC_SUBST([PROG_LDADD], ['-lresolv']) ;; *netbsd*) HOST_OS=netbsd -- cgit v1.2.3-55-g6feb