diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/credential/credential.h | 10 | ||||
-rw-r--r-- | src/credential/credential_api.c | 6 | ||||
-rw-r--r-- | src/credential/gnunet-service-credential.c | 32 |
3 files changed, 28 insertions, 20 deletions
diff --git a/src/credential/credential.h b/src/credential/credential.h index 2acaf73a5..8b5cf6db9 100644 --- a/src/credential/credential.h +++ b/src/credential/credential.h | |||
@@ -50,6 +50,16 @@ struct VerifyMessage | |||
50 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; | 50 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; |
51 | 51 | ||
52 | /** | 52 | /** |
53 | * Length of the issuer attribute | ||
54 | */ | ||
55 | uint16_t issuer_attribute_len; | ||
56 | |||
57 | /** | ||
58 | * Length of the subject attribute | ||
59 | */ | ||
60 | uint16_t subject_attribute_len; | ||
61 | |||
62 | /** | ||
53 | * Unique identifier for this request (for key collisions). | 63 | * Unique identifier for this request (for key collisions). |
54 | */ | 64 | */ |
55 | uint32_t id GNUNET_PACKED; | 65 | uint32_t id GNUNET_PACKED; |
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index 344bb6e63..b6c585c72 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c | |||
@@ -378,7 +378,7 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, | |||
378 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 378 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
379 | "Trying to verify `%s' in CREDENTIAL\n", | 379 | "Trying to verify `%s' in CREDENTIAL\n", |
380 | issuer_attribute); | 380 | issuer_attribute); |
381 | nlen = strlen (issuer_attribute) + 1 + strlen (subject_attribute) + 1; | 381 | nlen = strlen (issuer_attribute) + strlen (subject_attribute) + 1; |
382 | if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr)) | 382 | if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr)) |
383 | { | 383 | { |
384 | GNUNET_break (0); | 384 | GNUNET_break (0); |
@@ -395,10 +395,12 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, | |||
395 | v_msg->id = htonl (vr->r_id); | 395 | v_msg->id = htonl (vr->r_id); |
396 | v_msg->subject_key = *subject_key; | 396 | v_msg->subject_key = *subject_key; |
397 | v_msg->issuer_key = *issuer_key; | 397 | v_msg->issuer_key = *issuer_key; |
398 | v_msg->issuer_attribute_len = htons(strlen(issuer_attribute)); | ||
399 | v_msg->subject_attribute_len = htons(strlen(subject_attribute)); | ||
398 | GNUNET_memcpy (&v_msg[1], | 400 | GNUNET_memcpy (&v_msg[1], |
399 | issuer_attribute, | 401 | issuer_attribute, |
400 | strlen (issuer_attribute)); | 402 | strlen (issuer_attribute)); |
401 | GNUNET_memcpy (((char*)&v_msg[1]) + strlen (issuer_attribute) + 1, | 403 | GNUNET_memcpy (((char*)&v_msg[1]) + strlen (issuer_attribute), |
402 | subject_attribute, | 404 | subject_attribute, |
403 | strlen (subject_attribute)); | 405 | strlen (subject_attribute)); |
404 | GNUNET_CONTAINER_DLL_insert (handle->verify_head, | 406 | GNUNET_CONTAINER_DLL_insert (handle->verify_head, |
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index aa3c02003..117156379 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c | |||
@@ -217,9 +217,7 @@ check_verify (void *cls, | |||
217 | const struct VerifyMessage *v_msg) | 217 | const struct VerifyMessage *v_msg) |
218 | { | 218 | { |
219 | size_t msg_size; | 219 | size_t msg_size; |
220 | size_t attr_len; | 220 | const char* attrs; |
221 | const char* s_attr; | ||
222 | const char* i_attr; | ||
223 | 221 | ||
224 | msg_size = ntohs (v_msg->header.size); | 222 | msg_size = ntohs (v_msg->header.size); |
225 | if (msg_size < sizeof (struct VerifyMessage)) | 223 | if (msg_size < sizeof (struct VerifyMessage)) |
@@ -227,17 +225,16 @@ check_verify (void *cls, | |||
227 | GNUNET_break (0); | 225 | GNUNET_break (0); |
228 | return GNUNET_SYSERR; | 226 | return GNUNET_SYSERR; |
229 | } | 227 | } |
230 | i_attr = (const char *) &v_msg[1]; | 228 | if ((ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) || |
231 | if ( ('\0' != i_attr[v_msg->header.size - sizeof (struct VerifyMessage) - 1]) || | 229 | (ntohs (v_msg->subject_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)) |
232 | (strlen (i_attr) > GNUNET_CREDENTIAL_MAX_LENGTH) ) | ||
233 | { | 230 | { |
234 | GNUNET_break (0); | 231 | GNUNET_break (0); |
235 | return GNUNET_SYSERR; | 232 | return GNUNET_SYSERR; |
236 | } | 233 | } |
237 | attr_len = strlen (i_attr); | 234 | attrs = (const char *) &v_msg[1]; |
238 | s_attr = ((const char *) &v_msg[1]) + attr_len + 1; | 235 | |
239 | if ( ('\0' != s_attr[v_msg->header.size - sizeof (struct VerifyMessage) - 1]) || | 236 | if ( ('\0' != attrs[ntohs(v_msg->header.size) - sizeof (struct VerifyMessage) - 1]) || |
240 | (strlen (s_attr) > GNUNET_CREDENTIAL_MAX_LENGTH) ) | 237 | (strlen (attrs) > GNUNET_CREDENTIAL_MAX_LENGTH * 2) ) |
241 | { | 238 | { |
242 | GNUNET_break (0); | 239 | GNUNET_break (0); |
243 | return GNUNET_SYSERR; | 240 | return GNUNET_SYSERR; |
@@ -266,7 +263,6 @@ send_lookup_response (void* cls, | |||
266 | struct VerifyResultMessage *rmsg; | 263 | struct VerifyResultMessage *rmsg; |
267 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; | 264 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; |
268 | struct CredentialRecordEntry *cr_entry; | 265 | struct CredentialRecordEntry *cr_entry; |
269 | int cred_verified; | ||
270 | 266 | ||
271 | cred_record_count = 0; | 267 | cred_record_count = 0; |
272 | for (i=0; i < rd_count; i++) | 268 | for (i=0; i < rd_count; i++) |
@@ -293,7 +289,6 @@ send_lookup_response (void* cls, | |||
293 | &crd->purpose, | 289 | &crd->purpose, |
294 | &crd->sig, &crd->issuer_key)) | 290 | &crd->sig, &crd->issuer_key)) |
295 | { | 291 | { |
296 | cred_verified = GNUNET_YES; | ||
297 | break; | 292 | break; |
298 | } | 293 | } |
299 | 294 | ||
@@ -372,12 +367,12 @@ static void | |||
372 | handle_verify (void *cls, | 367 | handle_verify (void *cls, |
373 | const struct VerifyMessage *v_msg) | 368 | const struct VerifyMessage *v_msg) |
374 | { | 369 | { |
370 | char attrs[GNUNET_CREDENTIAL_MAX_LENGTH*2 + 1]; | ||
375 | char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; | 371 | char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; |
376 | char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; | 372 | char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; |
377 | size_t issuer_attribute_len; | ||
378 | struct VerifyRequestHandle *vrh; | 373 | struct VerifyRequestHandle *vrh; |
379 | struct GNUNET_SERVICE_Client *client = cls; | 374 | struct GNUNET_SERVICE_Client *client = cls; |
380 | char *attrptr = issuer_attribute; | 375 | char *attrptr = attrs; |
381 | const char *utf_in; | 376 | const char *utf_in; |
382 | 377 | ||
383 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 378 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -385,10 +380,11 @@ handle_verify (void *cls, | |||
385 | 380 | ||
386 | utf_in = (const char *) &v_msg[1]; | 381 | utf_in = (const char *) &v_msg[1]; |
387 | GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); | 382 | GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); |
388 | issuer_attribute_len = strlen (utf_in); | 383 | |
389 | utf_in = (const char *) (&v_msg[1] + issuer_attribute_len + 1); | 384 | GNUNET_memcpy (issuer_attribute, attrs, ntohs (v_msg->issuer_attribute_len)); |
390 | attrptr = subject_attribute; | 385 | issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; |
391 | GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); | 386 | GNUNET_memcpy (subject_attribute, attrs+strlen(issuer_attribute), ntohs (v_msg->subject_attribute_len)); |
387 | subject_attribute[ntohs (v_msg->subject_attribute_len)] = '\0'; | ||
392 | vrh = GNUNET_new (struct VerifyRequestHandle); | 388 | vrh = GNUNET_new (struct VerifyRequestHandle); |
393 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); | 389 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); |
394 | vrh->client = client; | 390 | vrh->client = client; |