The multicert support will want to use this.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
if (openconnect_random(&cnonce_random, sizeof(cnonce_random)))
goto err;
cnonce = buf_alloc();
- buf_append_base64(cnonce, cnonce_random, sizeof(cnonce_random));
+ buf_append_base64(cnonce, cnonce_random, sizeof(cnonce_random), 0);
if (buf_error(cnonce))
goto err;
buf = buf_alloc();
if (prefix)
buf_append(buf, "%s", prefix);
- buf_append_base64(buf, data, len);
+ buf_append_base64(buf, data, len, 0);
if (!buf_error(buf)) {
p = buf->data;
buf_truncate(reqbuf);
buf_append(reqbuf, "GET /myvpn?sess=%s&hdlc_framing=%s&ipv4=%s&ipv6=%s&Z=%s&hostname=",
sid, hdlc?"yes":"no", ipv4?"yes":"no", ipv6?"yes":"no", ur_z);
- buf_append_base64(reqbuf, vpninfo->localname, strlen(vpninfo->localname));
+ buf_append_base64(reqbuf, vpninfo->localname, strlen(vpninfo->localname), 0);
buf_append(reqbuf, " HTTP/1.1\r\n");
struct oc_vpn_option *saved_cookies = vpninfo->cookies;
vpninfo->cookies = NULL; /* hide cookies */
return in.value ? -EAGAIN : -ENOENT;
}
buf_append(hdrbuf, "%sAuthorization: Negotiate ", proxy ? "Proxy-" : "");
- buf_append_base64(hdrbuf, out.value, out.length);
+ buf_append_base64(hdrbuf, out.value, out.length, 0);
buf_append(hdrbuf, "\r\n");
gss_release_buffer(&minor, &out);
'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
};
-void buf_append_base64(struct oc_text_buf *buf, const void *bytes, int len)
+void buf_append_base64(struct oc_text_buf *buf, const void *bytes, int len,
+ int line_len)
{
const unsigned char *in = bytes;
int hibits;
if (!buf || buf->error)
return;
- if (buf_ensure_space(buf, (4 * (len + 2) / 3) + 1))
+ unsigned int needed = (4 * (len + 2) / 3) + 1;
+ if (line_len)
+ needed += needed / line_len;
+
+ if (needed >= (unsigned)(INT_MAX - buf->pos)) {
+ buf->error = -E2BIG;
+ return;
+ }
+
+ if (buf_ensure_space(buf, needed))
return;
+ int ll = 0;
while (len > 0) {
+ if (line_len) {
+ ll += 4;
+ if (ll >= line_len) {
+ ll = 0;
+ buf->data[buf->pos++] = '\n';
+ }
+ }
+
buf->data[buf->pos++] = b64_table[in[0] >> 2];
hibits = (in[0] << 4) & 0x30;
if (len == 1) {
return buf_free(text);
buf_append(hdrbuf, "%sAuthorization: Basic ", proxy ? "Proxy-" : "");
- buf_append_base64(hdrbuf, text->data, text->pos);
+ buf_append_base64(hdrbuf, text->data, text->pos, 0);
buf_append(hdrbuf, "\r\n");
memset(text->data, 0, text->pos);
}
buf_append(buf, "%sAuthorization: NTLM ", proxy ? "Proxy-" : "");
- buf_append_base64(buf, out_token.pvBuffer, out_token.cbBuffer);
+ buf_append_base64(buf, out_token.pvBuffer, out_token.cbBuffer, 0);
buf_append(buf, "\r\n");
FreeContextBuffer(out_token.pvBuffer);
return buf_free(resp);
buf_append(hdrbuf, "%sAuthorization: NTLM ", proxy ? "Proxy-" : "");
- buf_append_base64(hdrbuf, resp->data, resp->pos);
+ buf_append_base64(hdrbuf, resp->data, resp->pos, 0);
buf_append(hdrbuf, "\r\n");
buf_free(resp);
void http_common_headers(struct openconnect_info *vpninfo, struct oc_text_buf *buf);
/* http-auth.c */
-void buf_append_base64(struct oc_text_buf *buf, const void *bytes, int len);
+void buf_append_base64(struct oc_text_buf *buf, const void *bytes, int len, int line_len);
void *openconnect_base64_decode(int *len, const char *in);
void clear_auth_states(struct openconnect_info *vpninfo,
struct http_auth_state *auth_states, int reset);
}
buf_append(hdrbuf, "%sAuthorization: Negotiate ", proxy ? "Proxy-" : "");
- buf_append_base64(hdrbuf, out_token.pvBuffer, out_token.cbBuffer);
+ buf_append_base64(hdrbuf, out_token.pvBuffer, out_token.cbBuffer, 0);
buf_append(hdrbuf, "\r\n");
FreeContextBuffer(out_token.pvBuffer);
projects / users / dwmw2 / openconnect.git / commitdiff