geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changes to address issues brought up by the security review.

Browse Source
This commit is contained in:
Juan Carlos Luciani 2007-02-06 22:52:44 +00:00
parent 51ffdf0702
commit 44ee58ef5f
28 changed files with 386 additions and 344 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CASA-auth-token/server/ApacheSupport/2.2/mod_authn_casa.c
View File

@ -207,7 +207,7 @@ check_password(
&pPrincipalIf); &pPrincipalIf);
if (CASA_SUCCESS(casaStatus)) if (CASA_SUCCESS(casaStatus))
{ {
int buffLen = 0; size_t buffLen = 0;
apr_table_t *e = r->subprocess_env; apr_table_t *e = r->subprocess_env;
// Associate necessary environment variables with the request block // Associate necessary environment variables with the request block
@ -335,9 +335,9 @@ check_password(
if (retStatus == AUTH_GRANTED) if (retStatus == AUTH_GRANTED)
{ {
char *pAttribNameBuff, *pAttribValueBuff; char *pAttribNameBuff, *pAttribValueBuff;
int enumHandle = 0; unsigned int enumHandle = 0;
int attribNameBuffLen, attribValueBuffLen; size_t attribNameBuffLen, attribValueBuffLen;
while (retStatus == AUTH_GRANTED) while (retStatus == AUTH_GRANTED)
{ {

4
CASA-auth-token/server/AuthTokenValidate/Svc/linux/server.cpp
View File

@ -130,8 +130,8 @@ ServiceRequests(void)
{ {
// Helper class found, now get the id of the method that we invoke // Helper class found, now get the id of the method that we invoke
jmethodID mId = g_env->GetStaticMethodID(helperClass, jmethodID mId = g_env->GetStaticMethodID(helperClass,
authTokenClassValidateMethodName, authTokenClassValidateMethodName,
"(Ljava/lang/String;)Ljava/lang/String;"); "(Ljava/lang/String;)Ljava/lang/String;");
if (mId) if (mId)
{ {
// Loop until told to terminate // Loop until told to terminate

58
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identoken.c
View File

@ -73,9 +73,9 @@ typedef struct _Attribute
{ {
LIST_ENTRY listEntry; LIST_ENTRY listEntry;
char *pAttribName; char *pAttribName;
int attribNameLen; size_t attribNameLen;
char *pAttribValue; char *pAttribValue;
int attribValueLen; size_t attribValueLen;
} Attribute, *PAttribute; } Attribute, *PAttribute;
@ -87,15 +87,15 @@ typedef struct _IdenTokenIfInstance
{ {
int refCount; int refCount;
char *pIdentId; char *pIdentId;
int identIdLen; size_t identIdLen;
char *pIdentSourceName; char *pIdentSourceName;
int identSourceNameLen; size_t identSourceNameLen;
char *pIdentSourceUrl; char *pIdentSourceUrl;
int identSourceUrlLen; size_t identSourceUrlLen;
char *pTargetService; char *pTargetService;
int targetServiceLen; size_t targetServiceLen;
char *pTargetHost; char *pTargetHost;
int targetHostLen; size_t targetHostLen;
LIST_ENTRY attributeListHead; LIST_ENTRY attributeListHead;
IdenTokenIf idenTokenIf; IdenTokenIf idenTokenIf;
@ -109,7 +109,7 @@ typedef struct _IdenTokenParse
{ {
XML_Parser p; XML_Parser p;
int state; int state;
int elementDataProcessed; size_t elementDataProcessed;
IdenTokenIfInstance *pIdenTokenIfInstance; IdenTokenIfInstance *pIdenTokenIfInstance;
CasaStatus status; CasaStatus status;
@ -377,7 +377,7 @@ ConsumeElementData(
IN const XML_Char *s, IN const XML_Char *s,
IN int len, IN int len,
INOUT char **ppElementData, INOUT char **ppElementData,
INOUT int *pElementDataLen) INOUT size_t *pElementDataLen)
// //
// Arguments: // Arguments:
// //
@ -424,7 +424,7 @@ ConsumeElementData(
char *pNewBuf; char *pNewBuf;
// We have already received token data, append this data to it. // We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pIdenTokenParse->elementDataProcessed + len + 1); pNewBuf = (char*) malloc((size_t)(pIdenTokenParse->elementDataProcessed + len + 1));
if (pNewBuf) if (pNewBuf)
{ {
memset(pNewBuf, memset(pNewBuf,
@ -860,7 +860,7 @@ CasaStatus SSCS_CALL
GetIdentityId( GetIdentityId(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pIdentIdBuf, INOUT char *pIdentIdBuf,
INOUT int *pIdentIdLen) INOUT size_t *pIdentIdLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -935,7 +935,7 @@ CasaStatus SSCS_CALL
GetSourceName( GetSourceName(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceNameBuf, INOUT char *pSourceNameBuf,
INOUT int *pSourceNameLen) INOUT size_t *pSourceNameLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -1011,7 +1011,7 @@ CasaStatus SSCS_CALL
GetSourceUrl( GetSourceUrl(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceUrlBuf, INOUT char *pSourceUrlBuf,
INOUT int *pSourceUrlLen) INOUT size_t *pSourceUrlLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -1085,12 +1085,12 @@ exit:
static static
CasaStatus SSCS_CALL CasaStatus SSCS_CALL
AttributeEnumerate( AttributeEnumerate(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT int *pEnumHandle, INOUT unsigned int *pEnumHandle,
INOUT char *pAttribNameBuf, INOUT char *pAttribNameBuf,
INOUT int *pAttribNameLen, INOUT size_t *pAttribNameLen,
INOUT char *pAttribValueBuf, INOUT char *pAttribValueBuf,
INOUT int *pAttribValueLen) INOUT size_t *pAttribValueLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -1231,9 +1231,9 @@ exit:
//++======================================================================= //++=======================================================================
CasaStatus CasaStatus
GetIdenTokenInterface( GetIdenTokenInterface(
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenLen, IN const size_t tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf) INOUT IdenTokenIf **ppIdenTokenIf)
// //
// Arguments: // Arguments:
// //
@ -1252,6 +1252,16 @@ GetIdenTokenInterface(
DbgTrace(2, "-GetIdenTokenInterface- Start\n", 0); DbgTrace(2, "-GetIdenTokenInterface- Start\n", 0);
// Verify that the token is not too large for the parser
if (tokenLen > INT32_MAX)
{
DbgTrace(0, "-GetIdenTokenInterface- Token too large\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
goto exit;
}
// Create a IdenTokenIfInstance object for it. // Create a IdenTokenIfInstance object for it.
pIdenTokenIfInstance = malloc(sizeof(*pIdenTokenIfInstance)); pIdenTokenIfInstance = malloc(sizeof(*pIdenTokenIfInstance));
if (pIdenTokenIfInstance) if (pIdenTokenIfInstance)
@ -1314,7 +1324,7 @@ GetIdenTokenInterface(
XML_SetUserData(p, &idenTokenParse); XML_SetUserData(p, &idenTokenParse);
// Parse the document // Parse the document
if (XML_Parse(p, pTokenBuf, tokenLen, 1) == XML_STATUS_OK) if (XML_Parse(p, pTokenBuf, (int) tokenLen, 1) == XML_STATUS_OK)
{ {
// Verify that the parse operation completed successfully // Verify that the parse operation completed successfully
if (idenTokenParse.state == DONE_PARSING) if (idenTokenParse.state == DONE_PARSING)
@ -1385,6 +1395,8 @@ GetIdenTokenInterface(
CASA_STATUS_INSUFFICIENT_RESOURCES); CASA_STATUS_INSUFFICIENT_RESOURCES);
} }
exit:
DbgTrace(2, "-GetIdenTokenInterface- End, retStatus = %0X\n", retStatus); DbgTrace(2, "-GetIdenTokenInterface- End, retStatus = %0X\n", retStatus);
return retStatus; return retStatus;

5
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identokenprovider.c
View File

@ -147,7 +147,7 @@ CasaStatus
GetIdentityTokenIf( GetIdentityTokenIf(
IN const void *pIfInstance, IN const void *pIfInstance,
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenLen, IN const size_t tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf) INOUT IdenTokenIf **ppIdenTokenIf)
// //
// Arguments: // Arguments:
@ -175,13 +175,14 @@ GetIdentityTokenIf(
{ {
CasaStatus retStatus; CasaStatus retStatus;
char *pDecodedTokenBuf; char *pDecodedTokenBuf;
int decodedTokenBufLen; uint32_t decodedTokenBufLen;
DbgTrace(2, "-GetIdentityTokenIf- Start\n", 0); DbgTrace(2, "-GetIdentityTokenIf- Start\n", 0);
// Validate input parameters // Validate input parameters
if (pIfInstance == NULL if (pIfInstance == NULL
|| pTokenBuf == NULL || pTokenBuf == NULL
|| tokenLen > UINT32_MAX
|| tokenLen == 0 || tokenLen == 0
|| ppIdenTokenIf == NULL) || ppIdenTokenIf == NULL)
{ {

14
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/internal.h
View File

@ -57,9 +57,9 @@ extern int DebugLevel;
extern extern
CasaStatus CasaStatus
GetIdenTokenInterface( GetIdenTokenInterface(
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenLen, IN const uint32_t tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf); INOUT IdenTokenIf **ppIdenTokenIf);
extern extern
CasaStatus CasaStatus
@ -77,17 +77,17 @@ extern
CasaStatus CasaStatus
EncodeData( EncodeData(
IN const void *pData, IN const void *pData,
IN const int32_t dataLen, IN const uint32_t dataLen,
INOUT char **ppEncodedData, INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen); INOUT uint32_t *pEncodedDataLen);
extern extern
CasaStatus CasaStatus
DecodeData( DecodeData(
IN const char *pEncodedData, IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData, INOUT void **ppData,
INOUT int32_t *pDataLen); INOUT uint32_t *pDataLen);
extern extern
int int

180
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/util.c
View File

@ -62,9 +62,9 @@ static const uint8_t g_Expand64[256] =
CasaStatus CasaStatus
EncodeData( EncodeData(
IN const void *pData, IN const void *pData,
IN const int32_t dataLen, IN const uint32_t dataLen,
INOUT char **ppEncodedData, INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen) INOUT uint32_t *pEncodedDataLen)
// //
// Arguments: // Arguments:
// //
@ -88,7 +88,7 @@ EncodeData(
if (*ppEncodedData) if (*ppEncodedData)
{ {
uint8_t *pOut, *pIn; uint8_t *pOut, *pIn;
int i; uint32_t i;
// Setup pointers to move through the buffers // Setup pointers to move through the buffers
pIn = (uint8_t*) pData; pIn = (uint8_t*) pData;
@ -147,9 +147,9 @@ EncodeData(
CasaStatus CasaStatus
DecodeData( DecodeData(
IN const char *pEncodedData, IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData, INOUT void **ppData,
INOUT int32_t *pDataLen) INOUT uint32_t *pDataLen)
// //
// Arguments: // Arguments:
// //
@ -161,8 +161,8 @@ DecodeData(
//=======================================================================-- //=======================================================================--
{ {
CasaStatus retStatus; CasaStatus retStatus;
int i, j; uint32_t i, j;
int decodedSize; size_t decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0); DbgTrace(3, "-DecodeData- Start\n", 0);
@ -172,98 +172,110 @@ DecodeData(
j++; j++;
decodedSize = (j * 3 + 3) / 4; decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data // Verify that we are not going to overflow the uint32
*ppData = malloc(decodedSize); if (decodedSize <= UINT32_MAX)
if (*ppData)
{ {
bool endReached = false; // Allocate buffer to hold the decoded data
uint8_t c0, c1, c2, c3; *ppData = malloc(decodedSize);
uint8_t *p, *q; if (*ppData)
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{ {
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) bool endReached = false;
p++; uint8_t c0, c1, c2, c3;
if (64 == g_Expand64[*p]) uint8_t *p, *q;
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) // Initialize parameters that will be used during the decode operation
p++; c0 = c1 = c2 = c3 = 0;
if (64 == g_Expand64[*p]) p = (uint8_t*) pEncodedData;
{ q = (uint8_t*) *ppData;
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) // Decode the data
p++; //
if (64 == g_Expand64[*p]) // Loop through the data, piecing back information. Any newlines, and/or
{ // carriage returns need to be skipped.
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); while (j > 4)
*(q++) = (uint8_t)(g_Expand64[c1] << 4); {
j -= 2; while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
endReached = true; p++;
break; if (64 == g_Expand64[*p])
} {
c2 = *(p++); endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++; p++;
if (64 == g_Expand64[*p]) if (64 == g_Expand64[*p])
{ {
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); *(q++) = (uint8_t)(g_Expand64[c0] << 2);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); j--;
*(q++) = (uint8_t)(g_Expand64[c2] << 6); endReached = true;
j -= 3; break;
endReached = true; }
break; c1 = *(p++);
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); p++;
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); if (64 == g_Expand64[*p])
j -= 4; {
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
} }
if (!endReached) else
{ {
if (j > 1) DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2) retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); CASA_FACILITY_AUTHTOKEN,
if (j > 3) CASA_STATUS_INSUFFICIENT_RESOURCES);
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
} }
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
} }
else else
{ {
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN, CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES); CASA_STATUS_UNSUCCESSFUL);
} }
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus); DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);

20
CASA-auth-token/server/AuthTokenValidate/iden_token_provider_if.h
View File

@ -89,7 +89,7 @@ CasaStatus
(SSCS_CALL *PFNIdenTokenIf_GetIdentityId)( (SSCS_CALL *PFNIdenTokenIf_GetIdentityId)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pIdentIdBuf, INOUT char *pIdentIdBuf,
INOUT int *pIdentIdLen); INOUT size_t *pIdentIdLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -119,7 +119,7 @@ CasaStatus
(SSCS_CALL *PFNIdenTokenIf_GetSourceName)( (SSCS_CALL *PFNIdenTokenIf_GetSourceName)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceNameBuf, INOUT char *pSourceNameBuf,
INOUT int *pSourceNameLen); INOUT size_t *pSourceNameLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -150,7 +150,7 @@ CasaStatus
(SSCS_CALL *PFNIdenTokenIf_GetSourceUrl)( (SSCS_CALL *PFNIdenTokenIf_GetSourceUrl)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceUrlBuf, INOUT char *pSourceUrlBuf,
INOUT int *pSourceUrlLen); INOUT size_t *pSourceUrlLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -179,12 +179,12 @@ CasaStatus
typedef typedef
CasaStatus CasaStatus
(SSCS_CALL *PFNIdenTokenIf_AttributeEnumerate)( (SSCS_CALL *PFNIdenTokenIf_AttributeEnumerate)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT int *pEnumHandle, INOUT unsigned int *pEnumHandle,
INOUT char *pAttribNameBuf, INOUT char *pAttribNameBuf,
INOUT int *pAttribNameLen, INOUT size_t *pAttribNameLen,
INOUT char *pAttribValueBuf, INOUT char *pAttribValueBuf,
INOUT int *pAttribValueLen); INOUT size_t *pAttribValueLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -289,7 +289,7 @@ CasaStatus
(SSCS_CALL *PFNIdenTokenProviderIf_GetIdentityTokenIf)( (SSCS_CALL *PFNIdenTokenProviderIf_GetIdentityTokenIf)(
IN const void *pIfInstance, IN const void *pIfInstance,
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenLen, IN const size_t tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf); INOUT IdenTokenIf **ppIdenTokenIf);
// //
// Arguments: // Arguments:

16
CASA-auth-token/server/AuthTokenValidate/internal.h
View File

@ -166,10 +166,10 @@ PrincipalIfUninit(void);
extern extern
CasaStatus SSCS_CALL CasaStatus SSCS_CALL
ValidateAuthToken( ValidateAuthToken(
IN const char *pServiceName, IN const char *pServiceName,
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenBufLen, IN const size_t tokenBufLen,
INOUT PrincipalIf **ppPrincipalIf); INOUT PrincipalIf **ppPrincipalIf);
// //
// Functions exported by authtoken.c // Functions exported by authtoken.c
@ -201,17 +201,17 @@ extern
CasaStatus CasaStatus
EncodeData( EncodeData(
IN const void *pData, IN const void *pData,
IN const int32_t dataLen, IN const uint32_t dataLen,
INOUT char **ppEncodedData, INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen); INOUT uint32_t *pEncodedDataLen);
extern extern
CasaStatus CasaStatus
DecodeData( DecodeData(
IN const char *pEncodedData, IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData, INOUT void **ppData,
INOUT int32_t *pDataLen); INOUT uint32_t *pDataLen);
extern extern
int int

22
CASA-auth-token/server/AuthTokenValidate/principal.c
View File

@ -164,7 +164,7 @@ CasaStatus SSCS_CALL
GetIdentityId( GetIdentityId(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pIdentIdBuf, INOUT char *pIdentIdBuf,
INOUT int *pIdentIdLen) INOUT size_t *pIdentIdLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -225,7 +225,7 @@ CasaStatus SSCS_CALL
GetSourceName( GetSourceName(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceNameBuf, INOUT char *pSourceNameBuf,
INOUT int *pSourceNameLen) INOUT size_t *pSourceNameLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -287,7 +287,7 @@ CasaStatus SSCS_CALL
GetSourceUrl( GetSourceUrl(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceUrlBuf, INOUT char *pSourceUrlBuf,
INOUT int *pSourceUrlLen) INOUT size_t *pSourceUrlLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -347,12 +347,12 @@ exit:
static static
CasaStatus SSCS_CALL CasaStatus SSCS_CALL
AttributeEnumerate( AttributeEnumerate(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT int *pEnumHandle, INOUT unsigned int *pEnumHandle,
INOUT char *pAttribNameBuf, INOUT char *pAttribNameBuf,
INOUT int *pAttribNameLen, INOUT size_t *pAttribNameLen,
INOUT char *pAttribValueBuf, INOUT char *pAttribValueBuf,
INOUT int *pAttribValueLen) INOUT size_t *pAttribValueLen)
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -399,9 +399,9 @@ AttributeEnumerate(
if (pIfInstance == NULL if (pIfInstance == NULL
|| pEnumHandle == NULL || pEnumHandle == NULL
|| pAttribNameLen == NULL || pAttribNameLen == NULL
|| (*pAttribNameLen != 0 && pAttribNameBuf == NULL || (*pAttribNameLen != 0 && pAttribNameBuf == NULL)
|| pAttribValueLen == NULL || pAttribValueLen == NULL
|| (*pAttribValueLen != 0 && pAttribValueBuf == NULL))) || (*pAttribValueLen != 0 && pAttribValueBuf == NULL))
{ {
DbgTrace(0, "-AttributeEnumerate- Invalid parameter\n", 0); DbgTrace(0, "-AttributeEnumerate- Invalid parameter\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,

182
CASA-auth-token/server/AuthTokenValidate/util.c
View File

@ -62,9 +62,9 @@ static const uint8_t g_Expand64[256] =
CasaStatus CasaStatus
EncodeData( EncodeData(
IN const void *pData, IN const void *pData,
IN const int32_t dataLen, IN const uint32_t dataLen,
INOUT char **ppEncodedData, INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen) INOUT uint32_t *pEncodedDataLen)
// //
// Arguments: // Arguments:
// //
@ -76,7 +76,7 @@ EncodeData(
//=======================================================================-- //=======================================================================--
{ {
CasaStatus retStatus; CasaStatus retStatus;
int encodedSize; uint32_t encodedSize;
char *pTmp; char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0); DbgTrace(3, "-EncodeData- Start\n", 0);
@ -88,7 +88,7 @@ EncodeData(
if (*ppEncodedData) if (*ppEncodedData)
{ {
uint8_t *pOut, *pIn; uint8_t *pOut, *pIn;
int i; uint32_t i;
// Setup pointers to move through the buffers // Setup pointers to move through the buffers
pIn = (uint8_t*) pData; pIn = (uint8_t*) pData;
@ -147,9 +147,9 @@ EncodeData(
CasaStatus CasaStatus
DecodeData( DecodeData(
IN const char *pEncodedData, IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator IN const uint32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData, INOUT void **ppData,
INOUT int32_t *pDataLen) INOUT uint32_t *pDataLen)
// //
// Arguments: // Arguments:
// //
@ -161,8 +161,8 @@ DecodeData(
//=======================================================================-- //=======================================================================--
{ {
CasaStatus retStatus; CasaStatus retStatus;
int i, j; uint32_t i, j;
int decodedSize; size_t decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0); DbgTrace(3, "-DecodeData- Start\n", 0);
@ -172,98 +172,110 @@ DecodeData(
j++; j++;
decodedSize = (j * 3 + 3) / 4; decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data // Verify that we are not going to overflow the uint32
*ppData = malloc(decodedSize); if (decodedSize <= UINT32_MAX)
if (*ppData)
{ {
bool endReached = false; // Allocate buffer to hold the decoded data
uint8_t c0, c1, c2, c3; *ppData = malloc(decodedSize);
uint8_t *p, *q; if (*ppData)
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{ {
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) bool endReached = false;
p++; uint8_t c0, c1, c2, c3;
if (64 == g_Expand64[*p]) uint8_t *p, *q;
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) // Initialize parameters that will be used during the decode operation
p++; c0 = c1 = c2 = c3 = 0;
if (64 == g_Expand64[*p]) p = (uint8_t*) pEncodedData;
{ q = (uint8_t*) *ppData;
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) // Decode the data
p++; //
if (64 == g_Expand64[*p]) // Loop through the data, piecing back information. Any newlines, and/or
{ // carriage returns need to be skipped.
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); while (j > 4)
*(q++) = (uint8_t)(g_Expand64[c1] << 4); {
j -= 2; while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
endReached = true; p++;
break; if (64 == g_Expand64[*p])
} {
c2 = *(p++); endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++; p++;
if (64 == g_Expand64[*p]) if (64 == g_Expand64[*p])
{ {
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); *(q++) = (uint8_t)(g_Expand64[c0] << 2);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); j--;
*(q++) = (uint8_t)(g_Expand64[c2] << 6); endReached = true;
j -= 3; break;
endReached = true; }
break; c1 = *(p++);
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); p++;
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); if (64 == g_Expand64[*p])
j -= 4; {
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
} }
if (!endReached) else
{ {
if (j > 1) DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2) retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); CASA_FACILITY_AUTHTOKEN,
if (j > 3) CASA_STATUS_INSUFFICIENT_RESOURCES);
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
} }
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
} }
else else
{ {
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); DbgTrace(0, "-DecodeData- Prevented uint32 overflow\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN, CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES); CASA_STATUS_UNSUCCESSFUL);
} }
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus); DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);

15
CASA-auth-token/server/AuthTokenValidate/validate.c
View File

@ -73,7 +73,7 @@ CasaStatus SSCS_CALL
ValidateAuthToken( ValidateAuthToken(
IN const char *pServiceName, IN const char *pServiceName,
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenBufLen, IN const size_t tokenBufLen,
INOUT PrincipalIf **ppPrincipalIf) INOUT PrincipalIf **ppPrincipalIf)
// //
// Arguments: // Arguments:
@ -108,7 +108,7 @@ ValidateAuthToken(
{ {
CasaStatus retStatus; CasaStatus retStatus;
char *pDecodedTokenBuf; char *pDecodedTokenBuf;
int32_t decodedTokenBufLen; uint32_t decodedTokenBufLen;
PrincipalIf *pPrincipalIf; PrincipalIf *pPrincipalIf;
DbgTrace(1, "-ValidateAuthToken- Start\n", 0); DbgTrace(1, "-ValidateAuthToken- Start\n", 0);
@ -117,7 +117,8 @@ ValidateAuthToken(
if (pServiceName == NULL if (pServiceName == NULL
|| pTokenBuf == NULL || pTokenBuf == NULL
|| tokenBufLen == 0 || tokenBufLen == 0
|| tokenBufLen > INT32_MAX || tokenBufLen > UINT32_MAX
|| tokenBufLen == 0
|| ppPrincipalIf == NULL) || ppPrincipalIf == NULL)
{ {
DbgTrace(0, "-ValidateAuthToken- Invalid input parameter\n", 0); DbgTrace(0, "-ValidateAuthToken- Invalid input parameter\n", 0);
@ -263,8 +264,8 @@ ValidateAuthToken(
&decodedTokenBufLen); &decodedTokenBufLen);
if (CASA_SUCCESS(retStatus)) if (CASA_SUCCESS(retStatus))
{ {
char *pIdenTokenData; char *pIdenTokenData;
int32_t idenTokenDataLen; uint32_t idenTokenDataLen;
// Assume failure // Assume failure
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
@ -289,7 +290,9 @@ ValidateAuthToken(
// The authentication token was validated, now obtain // The authentication token was validated, now obtain
// Identity Token Provider interface. // Identity Token Provider interface.
retStatus = GetIdenTokenProviderInterface("CasaIdentityToken", // tbd - Hard code until we enhance the protocol with the atvs to also return this information. retStatus = GetIdenTokenProviderInterface("CasaIdentityToken", // tbd - Hard code until we enhance the protocol with the atvs to also return this information.
&pIdenTokenProviderIf); &pIdenTokenProviderIf); // IMPORTANT: Protect against invalid token type names when this is implemented. Invalid token
// names would contain something like "../" as part of the string to try to get us to open an
// malicious token provider library.
if (CASA_SUCCESS(retStatus)) if (CASA_SUCCESS(retStatus))
{ {
IdenTokenIf *pIdenTokenIf; IdenTokenIf *pIdenTokenIf;

8
CASA-auth-token/server/PamSupport/pam_authtoken.c
View File

@ -280,7 +280,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
&pPrincipalIf); &pPrincipalIf);
if (CASA_SUCCESS(casaStatus)) if (CASA_SUCCESS(casaStatus))
{ {
int buffLen; size_t buffLen;
// Assume success // Assume success
retStatus = PAM_SUCCESS; retStatus = PAM_SUCCESS;
@ -444,9 +444,9 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (retStatus == PAM_SUCCESS) if (retStatus == PAM_SUCCESS)
{ {
char *pBuff; char *pBuff;
int enumHandle = 0; unsigned int enumHandle = 0;
int buff2Len; size_t buff2Len;
while (retStatus == PAM_SUCCESS) while (retStatus == PAM_SUCCESS)
{ {

9
CASA-auth-token/server/include/casa_c_ipc.h
View File

@ -75,7 +75,6 @@ IpcClientOpenUnixRemoteEndPoint(
// this procedure. // this procedure.
// //
//=======================================================================-- //=======================================================================--
typedef typedef
int int
(*PFN_IpcClientOpenUnixRemoteEndPoint)( (*PFN_IpcClientOpenUnixRemoteEndPoint)(
@ -160,9 +159,9 @@ int
IpcClientSubmitReq( IpcClientSubmitReq(
IN uint32_t endPointHandle, IN uint32_t endPointHandle,
IN char *pClientData, IN char *pClientData,
IN int32_t clientDataLen, IN uint32_t clientDataLen,
INOUT char **ppServerData, INOUT char **ppServerData,
INOUT int32_t *pServerDataLen); INOUT uint32_t *pServerDataLen);
// //
// Arguments In: endPointHandle - Handle of the remote endpoint that will // Arguments In: endPointHandle - Handle of the remote endpoint that will
// be the target of the request. // be the target of the request.
@ -202,9 +201,9 @@ int
(*PFN_IpcClientSubmitReq)( (*PFN_IpcClientSubmitReq)(
IN uint32_t endPointHandle, IN uint32_t endPointHandle,
IN char *pClientData, IN char *pClientData,
IN int32_t clientDataLen, IN uint32_t clientDataLen,
INOUT char **ppServerData, INOUT char **ppServerData,
INOUT int32_t *pServerDataLen); INOUT uint32_t *pServerDataLen);
//++======================================================================= //++=======================================================================

26
CASA-auth-token/server/include/casa_s_authtoken.h
View File

@ -102,7 +102,7 @@ CasaStatus
(SSCS_CALL *PFNPrincipalIf_GetIdentityId)( (SSCS_CALL *PFNPrincipalIf_GetIdentityId)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pIdentIdBuf, INOUT char *pIdentIdBuf,
INOUT int *pIdentIdLen); INOUT size_t *pIdentIdLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -132,7 +132,7 @@ CasaStatus
(SSCS_CALL *PFNPrincipalIf_GetSourceName)( (SSCS_CALL *PFNPrincipalIf_GetSourceName)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceNameBuf, INOUT char *pSourceNameBuf,
INOUT int *pSourceNameLen); INOUT size_t *pSourceNameLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -163,7 +163,7 @@ CasaStatus
(SSCS_CALL *PFNPrincipalIf_GetSourceUrl)( (SSCS_CALL *PFNPrincipalIf_GetSourceUrl)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT char *pSourceUrlBuf, INOUT char *pSourceUrlBuf,
INOUT int *pSourceUrlLen); INOUT size_t *pSourceUrlLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -192,12 +192,12 @@ CasaStatus
typedef typedef
CasaStatus CasaStatus
(SSCS_CALL *PFNPrincipalIf_AttributeEnumerate)( (SSCS_CALL *PFNPrincipalIf_AttributeEnumerate)(
IN const void *pIfInstance, IN const void *pIfInstance,
INOUT int *pEnumHandle, INOUT unsigned int *pEnumHandle,
INOUT char *pAttribNameBuf, INOUT char *pAttribNameBuf,
INOUT int *pAttribNameLen, INOUT size_t *pAttribNameLen,
INOUT char *pAttribValueBuf, INOUT char *pAttribValueBuf,
INOUT int *pAttribValueLen); INOUT size_t *pAttribValueLen);
// //
// Arguments: // Arguments:
// pIfInstance - // pIfInstance -
@ -262,10 +262,10 @@ typedef struct _PrincipalIf
//++======================================================================= //++=======================================================================
extern CasaStatus SSCS_CALL extern CasaStatus SSCS_CALL
ValidateAuthToken( ValidateAuthToken(
IN const char *pServiceName, IN const char *pServiceName,
IN const char *pTokenBuf, IN const char *pTokenBuf,
IN const int tokenBufLen, IN const size_t tokenBufLen,
INOUT PrincipalIf **ppPrincipalIf); INOUT PrincipalIf **ppPrincipalIf);
// //
// Arguments: // Arguments:
// pServiceName - // pServiceName -

6
CASA-auth-token/server/utilities/IpcLibs/linux/client/cchannel.cpp
View File

@ -390,9 +390,9 @@ CChannel::connectionThread(
{ {
CChannel *pCChannel = *pSmartCChannel; CChannel *pCChannel = *pSmartCChannel;
bool doneReceivingData = false; bool doneReceivingData = false;
int32_t bytesReceived; size_t bytesReceived;
uint32_t reqId; uint32_t reqId;
int32_t payloadLength; uint32_t payloadLength;
unsigned long totalPayloadBytesReceived = 0; unsigned long totalPayloadBytesReceived = 0;
char reqDataPktHdr[ReqDataPktHdrTemplate.length()]; char reqDataPktHdr[ReqDataPktHdrTemplate.length()];
char *pRecvBuff; char *pRecvBuff;
@ -747,7 +747,7 @@ CChannel::submitReq(
uint32_t reqId, uint32_t reqId,
ClientReq &clientReq, ClientReq &clientReq,
char *pClientData, char *pClientData,
int32_t clientDataLen) uint32_t clientDataLen)
// //
// Arguments: // Arguments:
// //

26
CASA-auth-token/server/utilities/IpcLibs/linux/client/cchannel.h
View File

@ -222,7 +222,7 @@ public:
int submitReq(uint32_t reqId, int submitReq(uint32_t reqId,
ClientReq &clientReq, ClientReq &clientReq,
char *pClientData, char *pClientData,
int32_t clientDataLen); uint32_t clientDataLen);
// //
// Remove Request routine // Remove Request routine
@ -237,30 +237,6 @@ public:
// //
void removeReq(uint32_t reqId); void removeReq(uint32_t reqId);
//
// Send Data routine
//
// Parameters:
// reqId (input) -
// Id of the Request.
//
// pClientData (input) -
// Pointer to client data that must be sent to
// the server. Buffer is NEVER released
// by the procedure.
//
// clientDataLen (input) -
// Length of the client data.
//
//
// Abstract: Sends data to the server for a previously
// submitted Request.
//
// Returns: 0 if successful.
//
int sendData(uint32_t reqId,
char *pClientData,
int clientDataLen);
}; };
typedef SmartPtr<CChannel> SmartCChannel; typedef SmartPtr<CChannel> SmartCChannel;

75
CASA-auth-token/server/utilities/IpcLibs/linux/client/client.cpp
View File

@ -152,22 +152,36 @@ IpcClientOpenUnixRemoteEndPoint(
pSocketFileName)); pSocketFileName));
// Allocate a handle for the endpoint // Allocate a handle for the endpoint
uint32_t handle = remoteEndPointHandleAllocator ++; uint32_t handle = remoteEndPointHandleAllocator + 1;
// Insert the new RemoteEndPoint into the REP map // Protect against wrap-around
REPIterBoolPair insertResult; if (handle != 0)
insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
if (!insertResult.second)
{ {
// Insertion failed // Insert the new RemoteEndPoint into the REP map
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0); REPIterBoolPair insertResult;
delete pSmartRemoteEndPoint; insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
if (!insertResult.second)
{
// Insertion failed
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0);
delete pSmartRemoteEndPoint;
}
else
{
// RemoteEndPoint inserted in the REP map, success.
//
// Consume the allocated handle
remoteEndPointHandleAllocator ++;
*pEndPointHandle = handle;
retStatus = 0;
}
} }
else else
{ {
// RemoteEndPoint inserted in the REP map, success. // Handle allocator wrap-around prevented
*pEndPointHandle = handle; DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Handle allocator wrap-around prevented\n", 0);
retStatus = 0; delete pSmartRemoteEndPoint;
} }
} catch (...) { } catch (...) {
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Exception caught\n", 0); DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Exception caught\n", 0);
@ -254,22 +268,35 @@ IpcClientOpenInetRemoteEndPoint(
address)); address));
// Allocate a handle for the endpoint // Allocate a handle for the endpoint
uint32_t handle = remoteEndPointHandleAllocator ++; uint32_t handle = remoteEndPointHandleAllocator + 1;
// Insert the new RemoteEndPoint into the REP map // Protect against wrap-around
REPIterBoolPair insertResult; if (handle != 0)
insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
if (!insertResult.second)
{ {
// Insertion failed // Insert the new RemoteEndPoint into the REP map
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0); REPIterBoolPair insertResult;
delete pSmartRemoteEndPoint; insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
if (!insertResult.second)
{
// Insertion failed
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0);
delete pSmartRemoteEndPoint;
}
else
{
// RemoteEndPoint inserted in the REP map, success.
//
// Consume the allocated handle
remoteEndPointHandleAllocator ++;
*pEndPointHandle = handle;
retStatus = 0;
}
} }
else else
{ {
// RemoteEndPoint inserted in the REP map, success. // Handle allocator wrap-around prevented
*pEndPointHandle = handle; DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Handle allocator wrap-around prevented\n", 0);
retStatus = 0; delete pSmartRemoteEndPoint;
} }
} catch (...) { } catch (...) {
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Exception caught\n", 0); DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Exception caught\n", 0);
@ -366,9 +393,9 @@ int
IpcClientSubmitReq( IpcClientSubmitReq(
IN uint32_t endPointHandle, IN uint32_t endPointHandle,
IN char *pClientData, IN char *pClientData,
IN int32_t clientDataLen, IN uint32_t clientDataLen,
INOUT char **ppServerData, INOUT char **ppServerData,
INOUT int32_t *pServerDataLen) INOUT uint32_t *pServerDataLen)
// //
// Arguments In: endPointHandle - Handle of the remote endpoint that will // Arguments In: endPointHandle - Handle of the remote endpoint that will
// be the target of the request. // be the target of the request.

4
CASA-auth-token/server/utilities/IpcLibs/linux/client/clientreq.cpp
View File

@ -142,7 +142,7 @@ ClientReq::~ClientReq(void)
void void
ClientReq::processServerData( ClientReq::processServerData(
char *pServerData, char *pServerData,
int32_t serverDataLength) uint32_t serverDataLength)
// //
// Arguments: // Arguments:
// //
@ -230,7 +230,7 @@ ClientReq::processError(void)
int int
ClientReq::waitForCompletion( ClientReq::waitForCompletion(
char **ppResponseData, char **ppResponseData,
int32_t *pResponseDataLength) uint32_t *pResponseDataLength)
// //
// Arguments: // Arguments:
// //

6
CASA-auth-token/server/utilities/IpcLibs/linux/client/clientreq.h
View File

@ -52,7 +52,7 @@ class ClientReq
// Server Data // Server Data
char *m_pServerData; char *m_pServerData;
int32_t m_serverDataLen; uint32_t m_serverDataLen;
// Flag indicating the state of the submitting // Flag indicating the state of the submitting
// thread. // thread.
@ -114,7 +114,7 @@ public:
// Returns: Nothing. // Returns: Nothing.
// //
void processServerData(char *pServerData, void processServerData(char *pServerData,
int32_t serverDataLength); uint32_t serverDataLength);
// //
// Process Error routine // Process Error routine
@ -147,7 +147,7 @@ public:
// -1 == Request did not complete gracefully // -1 == Request did not complete gracefully
// //
int waitForCompletion(char **ppResponseData, int waitForCompletion(char **ppResponseData,
int32_t *pResponseDataLength); uint32_t *pResponseDataLength);
// //
// Completion status // Completion status

4
CASA-auth-token/server/utilities/IpcLibs/linux/client/remoteendpoint.cpp
View File

@ -336,9 +336,9 @@ RemoteEndPoint::getCChannel(void)
int int
RemoteEndPoint::submitReq( RemoteEndPoint::submitReq(
char *pClientData, char *pClientData,
int32_t clientDataLen, uint32_t clientDataLen,
char **ppServerData, char **ppServerData,
int32_t *pServerDataLen) uint32_t *pServerDataLen)
// //
// Arguments: // Arguments:
// //

4
CASA-auth-token/server/utilities/IpcLibs/linux/client/remoteendpoint.h
View File

@ -186,9 +186,9 @@ public:
// Note: The routine blocks until the request completes. // Note: The routine blocks until the request completes.
// //
int submitReq(char *pClientData, int submitReq(char *pClientData,
int32_t clientDataLen, uint32_t clientDataLen,
char **ppServerData, char **ppServerData,
int32_t *pServerDataLen); uint32_t *pServerDataLen);
}; };
typedef SmartPtr<RemoteEndPoint> SmartRemoteEndPoint; typedef SmartPtr<RemoteEndPoint> SmartRemoteEndPoint;

12
CASA-auth-token/server/utilities/IpcLibs/linux/common/channelproto.cpp
View File

@ -60,7 +60,7 @@ string ReqErrorPktHdrTemplate = "Type02\r\nReqIdHdr =XXXXXXXX\r\nPayloadLength
int int
ChannelProto::buildReqDataPktHdr( ChannelProto::buildReqDataPktHdr(
uint32_t reqId, uint32_t reqId,
int32_t payloadLength, uint32_t payloadLength,
char *pPktHdr) char *pPktHdr)
// //
// Arguments: // Arguments:
@ -133,7 +133,7 @@ ChannelProto::buildReqDataPktHdr(
int int
ChannelProto::buildReqErrorPktHdr( ChannelProto::buildReqErrorPktHdr(
uint32_t reqId, uint32_t reqId,
int32_t payloadLength, uint32_t payloadLength,
char *pPktHdr) char *pPktHdr)
// //
// Arguments: // Arguments:
@ -281,7 +281,7 @@ ChannelProto::getReqIdAndPayloadLength(
char *pBuff, char *pBuff,
int hdrLength, int hdrLength,
uint32_t *pReqId, uint32_t *pReqId,
int32_t *pPayloadLength) uint32_t *pPayloadLength)
// //
// Arguments: // Arguments:
// //
@ -385,16 +385,16 @@ ChannelProto::getReqIdAndPayloadLength(
// Convert the value to hex // Convert the value to hex
errno = 0; errno = 0;
long int value = strtol(pValue, NULL, 16); unsigned long int value = strtoul(pValue, NULL, 16);
if (errno != 0 if (errno != 0
|| value > INT32_MAX) || value > UINT32_MAX)
{ {
DbgTrace(0, "ChannelProto::getReqIdAndPayloadLength- Invalid payloadLength value, %s\n", pValue); DbgTrace(0, "ChannelProto::getReqIdAndPayloadLength- Invalid payloadLength value, %s\n", pValue);
break; break;
} }
// Use the value // Use the value
*pPayloadLength = (int32_t) value; *pPayloadLength = (uint32_t) value;
// Undo the damage that we did // Undo the damage that we did
*(pCurr-2) = '\r'; *(pCurr-2) = '\r';

6
CASA-auth-token/server/utilities/IpcLibs/linux/common/channelproto.h
View File

@ -80,7 +80,7 @@ public:
// Returns: 0 if successful. // Returns: 0 if successful.
// //
static int buildReqDataPktHdr(uint32_t reqId, static int buildReqDataPktHdr(uint32_t reqId,
int32_t payloadLength, uint32_t payloadLength,
char *pPktHdr); char *pPktHdr);
// //
@ -104,7 +104,7 @@ public:
// Returns: 0 if successful. // Returns: 0 if successful.
// //
static int buildReqErrorPktHdr(uint32_t reqId, static int buildReqErrorPktHdr(uint32_t reqId,
int32_t payloadLength, uint32_t payloadLength,
char *pPktHdr); char *pPktHdr);
// //
@ -148,7 +148,7 @@ public:
static bool getReqIdAndPayloadLength(char *pBuff, static bool getReqIdAndPayloadLength(char *pBuff,
int hdrLength, int hdrLength,
uint32_t *pReqId, uint32_t *pReqId,
int32_t *pPayloadLength); uint32_t *pPayloadLength);
}; };

6
CASA-auth-token/server/utilities/IpcLibs/linux/server/schannel.cpp
View File

@ -234,10 +234,10 @@ SChannel::connectionThread(
{ {
SChannel *pSChannel = *pSmartSChannel; SChannel *pSChannel = *pSmartSChannel;
bool doneReceivingData = false; bool doneReceivingData = false;
int32_t bytesReceived; size_t bytesReceived;
unsigned long bytesSent; unsigned long bytesSent;
uint32_t reqId; uint32_t reqId;
int32_t payloadLength; uint32_t payloadLength;
unsigned long totalPayloadBytesReceived = 0; unsigned long totalPayloadBytesReceived = 0;
char reqDataPktHdr[ReqDataPktHdrTemplate.length()]; char reqDataPktHdr[ReqDataPktHdrTemplate.length()];
char reqErrorPktHdr[ReqErrorPktHdrTemplate.length()]; char reqErrorPktHdr[ReqErrorPktHdrTemplate.length()];
@ -520,7 +520,7 @@ int
SChannel::sendReplyData( SChannel::sendReplyData(
uint32_t reqId, uint32_t reqId,
char *pServerData, char *pServerData,
int32_t serverDataLen) uint32_t serverDataLen)
// //
// Arguments: // Arguments:
// //

2
CASA-auth-token/server/utilities/IpcLibs/linux/server/schannel.h
View File

@ -150,7 +150,7 @@ public:
// //
int sendReplyData(uint32_t reqId, int sendReplyData(uint32_t reqId,
char *pServerData, char *pServerData,
int32_t serverDataLen); uint32_t serverDataLen);
// //
// Send Reply Error routine // Send Reply Error routine

2
CASA-auth-token/server/utilities/IpcLibs/linux/server/server.cpp
View File

@ -847,7 +847,7 @@ IpcServerGetRequestData(
// L2 // L2
//=======================================================================-- //=======================================================================--
{ {
int32_t reqDataLen = 0; uint32_t reqDataLen = 0;
DbgTrace(1, "IpcServerGetRequestData- Start, requestId = %0X\n", requestId); DbgTrace(1, "IpcServerGetRequestData- Start, requestId = %0X\n", requestId);

4
CASA-auth-token/server/utilities/IpcLibs/linux/server/serverreq.cpp
View File

@ -61,7 +61,7 @@ ServerReq::ServerReq(
SChannel *pSChannel, SChannel *pSChannel,
uint32_t reqId, uint32_t reqId,
char *pClientData, char *pClientData,
int32_t clientDataLength) : uint32_t clientDataLength) :
m_signature (SERVER_REQ_SIGNATURE), m_signature (SERVER_REQ_SIGNATURE),
m_reqId (reqId), m_reqId (reqId),
@ -125,7 +125,7 @@ ServerReq::~ServerReq(void)
//++======================================================================= //++=======================================================================
int uint32_t
ServerReq::getReqData( ServerReq::getReqData(
char **ppClientData) char **ppClientData)
// //

6
CASA-auth-token/server/utilities/IpcLibs/linux/server/serverreq.h
View File

@ -58,7 +58,7 @@ class ServerReq
// Request Client Data // Request Client Data
char *m_pClientData; char *m_pClientData;
int32_t m_clientDataLength; uint32_t m_clientDataLength;
public: public:
@ -90,7 +90,7 @@ public:
ServerReq(SChannel *pSChannel, ServerReq(SChannel *pSChannel,
uint32_t reqId, uint32_t reqId,
char *pClientData, char *pClientData,
int32_t clientDataLength); uint32_t clientDataLength);
// //
// Get request Data routine // Get request Data routine
@ -105,7 +105,7 @@ public:
// //
// Returns: The length of the client request data. 0 if not successful. // Returns: The length of the client request data. 0 if not successful.
// //
int getReqData(char **ppClientData); uint32_t getReqData(char **ppClientData);
// //
// Complete Request routine // Complete Request routine