From patchwork Sat Jan 28 22:34:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 3019 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp2226845dyk; Sat, 28 Jan 2023 14:35:07 -0800 (PST) X-Google-Smtp-Source: AK7set/luAWO0/26f2nDyB6UTaN/EhyFioWryfxbknmoKwAYuVZQ8ed3jUcrrGmVf3kCLEUnjEPi X-Received: by 2002:a17:902:ec82:b0:196:125a:e4b8 with SMTP id x2-20020a170902ec8200b00196125ae4b8mr24678911plg.12.1674945307775; Sat, 28 Jan 2023 14:35:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674945307; cv=none; d=google.com; s=arc-20160816; b=wbRLoZ+l9v3ys8UMevFqhtTHmgAg76RChkEcUzkAfXxlROx+kNKroBVWtE8acVXYJK 6Fm7febAASj1UWolK6rrOHRv+q8sM6EmIG+JOIcQUXJtF6JwyKdns9MAX3QUvA4lLZWl TiGsIdhwYNDUu6vFhRj46fsLHtvMwaO472k60ParATZWY8mS4mt7s/yfBxKDf27xLq+g UPmR5Kl8WakXGHNSpkFdLsE5CebCfEiBzbcGeyKGgfyh7zvX9uAXuYqJTMkKbGAB6Yhf pgXb9u1HokikB0W6hJYcXQpmi9GRJIbnq1cCAqplhvZsRHRSmxOhDOpY06ESxWrGrxIu ZUgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=D0le9hT0NOi1WX5SFo6mKa54C7jgg2wI7NnHSKXJgkU=; b=NiYYzxm1OQRaifBdFHQXYXwIPlbQ2TpXhCE0unsXeX6Ts/cze4F6kd3XjmnpU1ihL0 /slZNMEQL5qqUsfuRJaMuitGrrqUECu5doAt//kz0opHbO+ch7VaVAEeLN+kL/tFUQ7O vri4pCf5zQTC3Wh3KqEIogLiuWF01CGafbdu5r8exgS0LmyJGqjLfVC0BmwVqwgf/66k Rq8cOAE72nZDgrmRXZ1msCoTU9wwRHZ4yRFFJj0NwL42+Jl+yyN2wQOHysUBMbXk3blJ q12vWD2IaH4zmothv22a+J8tCmzc6lcHjbUp+EhYNAm5cVIefI8Mt3o5w4rl2jL9gaJh PVJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=Jl3IHgVJ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=MTqo1Yts; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=KdZeAOsv; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id j8-20020a170903024800b00195f4f578fasi9519511plh.564.2023.01.28.14.35.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 28 Jan 2023 14:35:07 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=Jl3IHgVJ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=MTqo1Yts; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=KdZeAOsv; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pLtmc-0000oJ-PJ; Sat, 28 Jan 2023 22:34:49 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pLtmb-0000o9-BT for openvpn-devel@lists.sourceforge.net; Sat, 28 Jan 2023 22:34:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gVUd4i6/87rT/WLSigg4fCZ9T4LLIWkOI0GFHCYp6Pw=; b=Jl3IHgVJfp+7aRePiO97B/Zd55 cmwJEKYX/XFcLQp1nh4HF/pTUmuYGhOYtp/dJuSnwCyNSjn2vmoKRvUVYJpnf6VFGV293AezUDohA 8ZGmhbkpY+6/qUNInvon/dl5gxEFjQqydcP3Zb/VTmhedCDlEGTfn5B0IRWGEPiwrJIk=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=gVUd4i6/87rT/WLSigg4fCZ9T4LLIWkOI0GFHCYp6Pw=; b=MTqo1YtsZCuZ0Hpoe9Mp8EQi/S 9I5dSWovAyuw8hgrkU17PM2qUd5xnwzQ3bVk945gkWz232hF/YSPen5EE4DaAYYcH6T2BNwQ/eMFn j7v3v+3k2vzOAhmJWd+6HFiMFsOU0x8fncicU+Mmo6FPr9w/l6DcLktDp4H7k/523hMc=; Received: from mail-io1-f41.google.com ([209.85.166.41]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1pLtmY-00059b-2e for openvpn-devel@lists.sourceforge.net; Sat, 28 Jan 2023 22:34:48 +0000 Received: by mail-io1-f41.google.com with SMTP id e2so522198iot.11 for ; Sat, 28 Jan 2023 14:34:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gVUd4i6/87rT/WLSigg4fCZ9T4LLIWkOI0GFHCYp6Pw=; b=KdZeAOsvIuy8WWgP3/AFlTWDdJLW7QIwXWr98E8ZXRRL+R30wSm62P4WTVRLMqrfxe UR3detQc/FrTPIs3OqSqAt++o6Dh6d3S2dK/FDpwEGDlFb6KntbXw/S7OYV+GUoHwMRL JS1xdTTSgSGjkcAdCYYCki5SRFfbdQSX/uqEcdU3wQLMjMrA6UbD6+U6u46NfpLpGlMo 6vuZ7V63unxqxFEwRojTJsSXAwJkk0rqLPobWMqByec3gcz1+F9TLzPSTPi18IHadM4p bQYk92YOl8sqWsKdyBSDN1WW4903stkrh9B6NnT+41K3QiGtT3dO7FHhEHF4SCoYWVi4 OeIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=gVUd4i6/87rT/WLSigg4fCZ9T4LLIWkOI0GFHCYp6Pw=; b=qnmsPSnxOY/VK8BmU470hoCRUOvpPATjcOkere0QSUyGwMjwGenrzXQyp9P01PTcPz Zq2cC3FOD1w9O+TRk6e4HSkNWm0Ke4jWF15LAsc6wOQ/i9M5+1xCK7xgKXw1WfH+5I9N 32PlCsdIVV5Vm+xpPoNIPXWwsFyDVn3PvucZqsZHttm/wRhjCcjTCCgGY3nuwCxK3dzA Dw9cmJzFYaysMfA1uETf5h1o6fMOB67uXpQ5NPA73LqwZYRxrKKSAXqJatmK/ecU2i40 6+k9fjiHhCKx9MZglSlgjetZ9CCoePLIFkunyd/LxM2tb106rHoeyLcIwKmGv7l4/ugV iI8A== X-Gm-Message-State: AFqh2krnq7QNyYv/wrcDBAn8Ovrnm29vQuVDDdfAIFOPxhzjFr7J5mkI 10ngnMUVYC6IzvSUoWnckTgw35K3zmU= X-Received: by 2002:a6b:7a4c:0:b0:704:eeae:67c7 with SMTP id k12-20020a6b7a4c000000b00704eeae67c7mr5976527iop.2.1674945281086; Sat, 28 Jan 2023 14:34:41 -0800 (PST) Received: from uranus.sansel.ca (bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66]) by smtp.gmail.com with ESMTPSA id ay25-20020a5d9d99000000b006bba42f7822sm103930iob.52.2023.01.28.14.34.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 28 Jan 2023 14:34:40 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Sat, 28 Jan 2023 17:34:21 -0500 Message-Id: <20230128223421.2207802-5-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230128223421.2207802-1-selva.nair@gmail.com> References: <20230128223421.2207802-1-selva.nair@gmail.com> MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Signed-off-by: Selva Nair --- src/openvpn/cryptoapi.c | 44 +++++++++++ 1 file changed, 12 insertions(+), 32 deletions(-) diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index 6ff4fcb5..9fd5aea9 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -210, 49 +210,29 @@ find_certificate_in_sto [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.166.41 listed in list.dnswl.org] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.166.41 listed in wl.mailspike.net] X-Headers-End: 1pLtmY-00059b-2e Subject: [Openvpn-devel] [PATCH 4/4] cryptoapi.c: simplify parsing of thumbprint hex string X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756307451283930813?= X-GMAIL-MSGID: =?utf-8?q?1756307451283930813?= From: Selva Nair Signed-off-by: Selva Nair --- src/openvpn/cryptoapi.c | 44 +++++++++++------------------------------ 1 file changed, 12 insertions(+), 32 deletions(-) diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index 6ff4fcb5..9fd5aea9 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -210,49 +210,29 @@ find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store) } else if (!strncmp(cert_prop, "THUMB:", 6)) { - const char *p; - int i, x = 0; find_type = CERT_FIND_HASH; find_param = &blob; - /* skip the tag */ - cert_prop += 6; - for (p = cert_prop, i = 0; *p && i < sizeof(hash); i++) + int i = 0; + + for (const char *p = cert_prop + 6; *p && i < sizeof(hash); p += 2) { - if (*p >= '0' && *p <= '9') - { - x = (*p - '0') << 4; - } - else if (*p >= 'A' && *p <= 'F') + /* skip spaces */ + while (*p == ' ') { - x = (*p - 'A' + 10) << 4; + p++; } - else if (*p >= 'a' && *p <= 'f') + if (!*p) /* ending with spaces is not an error */ { - x = (*p - 'a' + 10) << 4; + break; } - if (!*++p) /* unexpected end of string */ + + if (!isxdigit(p[0]) || !isxdigit(p[1]) + || sscanf(p, "%2hhx", &hash[i++]) != 1) { - msg(M_WARN|M_INFO, "WARNING: cryptoapicert: error parsing .", cert_prop); + msg(M_WARN|M_INFO, "WARNING: cryptoapicert: error parsing <%s>.", cert_prop); goto out; } - if (*p >= '0' && *p <= '9') - { - x += *p - '0'; - } - else if (*p >= 'A' && *p <= 'F') - { - x += *p - 'A' + 10; - } - else if (*p >= 'a' && *p <= 'f') - { - x += *p - 'a' + 10; - } - hash[i] = x; - /* skip any space(s) between hex numbers */ - for (p++; *p && *p == ' '; p++) - { - } } blob.cbData = i; }