httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Finch <...@dotat.at>
Subject [PATCH] signedness fixes
Date Fri, 02 Apr 1999 19:29:18 GMT
Apache 1.3.6 compiles with a few gripes about signedness on my FreeBSD
box, so I made this patch. It's not really as clean as it could be
because I'm a bit reluctant to go into the guts of all the MD5 stuff.
IMO most of the unsignedness should be reserved for the guts of the
algorithm allowing everything else to pass around unadorned const char
*s and therefore getting rid of loads of casting.

Tony.
-- 
f.a.n.finch  dot@dotat.at  fanf@demon.net


Index: ap_md5c.c
===================================================================
RCS file: /a/cvsroot/src/www/apache_1-3_fanf/src/ap/ap_md5c.c,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.2.2
diff -u -r1.1.1.1 -r1.1.1.1.2.2
--- ap_md5c.c	1999/03/26 11:57:32	1.1.1.1
+++ ap_md5c.c	1999/04/02 19:03:39	1.1.1.1.2.2
@@ -429,7 +429,8 @@
     }
 }
 
-API_EXPORT(void) ap_MD5Encode(const char *pw, const char *salt,
+API_EXPORT(void) ap_MD5Encode(const unsigned char *pw,
+			      const unsigned char *salt,
 			      char *result, size_t nbytes)
 {
     /*
@@ -439,7 +440,7 @@
      */
 
     char passwd[120], *p;
-    const char *sp, *ep;
+    const unsigned char *sp, *ep;
     unsigned char final[16];
     int sl, pl, i;
     AP_MD5_CTX ctx, ctx1;
@@ -455,7 +456,7 @@
     /*
      * If it starts with the magic string, then skip that.
      */
-    if (!strncmp(sp, apr1_id, strlen(apr1_id))) {
+    if (!strncmp((const char *)sp, apr1_id, strlen(apr1_id))) {
 	sp += strlen(apr1_id);
     }
 
@@ -467,9 +468,10 @@
     }
 
     /*
-     * Get the length of the true salt
+     * Get the length of the true salt & password
      */
     sl = ep - sp;
+    pl = strlen((const char *)pw);
 
     /*
      * 'Time to make the doughnuts..'
@@ -479,12 +481,12 @@
     /*
      * The password first, since that is what is most unknown
      */
-    ap_MD5Update(&ctx, pw, strlen(pw));
+    ap_MD5Update(&ctx, pw, pl);
 
     /*
      * Then our magic string
      */
-    ap_MD5Update(&ctx, apr1_id, strlen(apr1_id));
+    ap_MD5Update(&ctx, (const unsigned char *)apr1_id, strlen(apr1_id));
 
     /*
      * Then the raw salt
@@ -495,12 +497,12 @@
      * Then just as many characters of the MD5(pw, salt, pw)
      */
     ap_MD5Init(&ctx1);
-    ap_MD5Update(&ctx1, pw, strlen(pw));
+    ap_MD5Update(&ctx1, pw, pl);
     ap_MD5Update(&ctx1, sp, sl);
-    ap_MD5Update(&ctx1, pw, strlen(pw));
+    ap_MD5Update(&ctx1, pw, pl);
     ap_MD5Final(final, &ctx1);
-    for(pl = strlen(pw); pl > 0; pl -= 16) {
-	ap_MD5Update(&ctx, final, (pl > 16) ? 16 : pl);
+    for(i = pl; i > 0; i -= 16) {
+	ap_MD5Update(&ctx, final, (i > 16) ? 16 : i);
     }
 
     /*
@@ -511,7 +513,7 @@
     /*
      * Then something really weird...
      */
-    for (i = strlen(pw); i != 0; i >>= 1) {
+    for (i = pl; i != 0; i >>= 1) {
 	if (i & 1) {
 	    ap_MD5Update(&ctx, final, 1);
 	}
@@ -525,7 +527,7 @@
      * can use the string routines without bounds checking.
      */
     strcpy(passwd, apr1_id);
-    strncat(passwd, sp, sl);
+    strncat(passwd, (const char *)sp, sl);
     strcat(passwd, "$");
 
     ap_MD5Final(final, &ctx);
@@ -538,7 +540,7 @@
     for (i = 0; i < 1000; i++) {
 	ap_MD5Init(&ctx1);
 	if (i & 1) {
-	    ap_MD5Update(&ctx1, pw, strlen(pw));
+	    ap_MD5Update(&ctx1, pw, pl);
 	}
 	else {
 	    ap_MD5Update(&ctx1, final, 16);
@@ -548,14 +550,14 @@
 	}
 
 	if (i % 7) {
-	    ap_MD5Update(&ctx1, pw, strlen(pw));
+	    ap_MD5Update(&ctx1, pw, pl);
 	}
 
 	if (i & 1) {
 	    ap_MD5Update(&ctx1, final, 16);
 	}
 	else {
-	    ap_MD5Update(&ctx1, pw, strlen(pw));
+	    ap_MD5Update(&ctx1, pw, pl);
 	}
 	ap_MD5Final(final,&ctx1);
     }
@@ -594,7 +596,8 @@
 	/*
 	 * The hash was created using our custom algorithm.
 	 */
-	ap_MD5Encode(passwd, hash, sample, sizeof(sample));
+	ap_MD5Encode((const unsigned char *)passwd, (const unsigned char *)hash,
+		     sample, sizeof(sample));
     }
     else {
 	/*
Index: ap_md5.h
===================================================================
RCS file: /a/cvsroot/src/www/apache_1-3_fanf/src/include/ap_md5.h,v
retrieving revision 1.1.1.3
retrieving revision 1.1.1.3.2.1
diff -u -r1.1.1.3 -r1.1.1.3.2.1
--- ap_md5.h	1999/03/26 11:57:52	1.1.1.3
+++ ap_md5.h	1999/04/02 18:56:26	1.1.1.3.2.1
@@ -108,7 +108,8 @@
 API_EXPORT(void) ap_MD5Update(AP_MD5_CTX * context, const unsigned char *input,
 			   unsigned int inputLen);
 API_EXPORT(void) ap_MD5Final(unsigned char digest[16], AP_MD5_CTX * context);
-API_EXPORT(void) ap_MD5Encode(const char *password, const char *salt,
+API_EXPORT(void) ap_MD5Encode(const unsigned char *password,
+			      const unsigned char *salt,
 			      char *result, size_t nbytes);
 API_EXPORT(char *) ap_validate_password(const char *passwd, const char *hash);
 
Index: util.c
===================================================================
RCS file: /a/cvsroot/src/www/apache_1-3_fanf/src/main/util.c,v
retrieving revision 1.12
retrieving revision 1.12.2.1
diff -u -r1.12 -r1.12.2.1
--- util.c	1999/03/26 12:42:34	1.12
+++ util.c	1999/04/02 18:56:28	1.12.2.1
@@ -1034,8 +1034,8 @@
  */
 API_EXPORT(const char *) ap_size_list_item(const char **field, int *len)
 {
-    const unsigned char *ptr = (const unsigned char *)*field;
-    const unsigned char *token;
+    const char *ptr = *field;
+    const char *token;
     int in_qpair, in_qstr, in_com;
 
     /* Find first non-comma, non-whitespace byte */
@@ -1083,7 +1083,7 @@
 	++ptr;
 
     *field = ptr;
-    return (const char *)token;
+    return token;
 }
 
 /* Retrieve an HTTP header field list item, as separated by a comma,
Index: util_md5.c
===================================================================
RCS file: /a/cvsroot/src/www/apache_1-3_fanf/src/main/util_md5.c,v
retrieving revision 1.1.1.2
retrieving revision 1.1.1.2.2.1
diff -u -r1.1.1.2 -r1.1.1.2.2.1
--- util_md5.c	1999/01/12 13:01:17	1.1.1.2
+++ util_md5.c	1999/04/02 18:56:29	1.1.1.2.2.1
@@ -114,7 +114,7 @@
 
 API_EXPORT(char *) ap_md5(pool *p, const unsigned char *string)
 {
-    return ap_md5_binary(p, string, strlen(string));
+    return ap_md5_binary(p, string, strlen((const char *)string));
 }
 
 /* these portions extracted from mpack, John G. Myers - jgm+@cmu.edu */
Index: htpasswd.c
===================================================================
RCS file: /a/cvsroot/src/www/apache_1-3_fanf/src/support/htpasswd.c,v
retrieving revision 1.1.1.2
retrieving revision 1.1.1.2.2.1
diff -u -r1.1.1.2 -r1.1.1.2.2.1
--- htpasswd.c	1999/03/26 12:00:03	1.1.1.2
+++ htpasswd.c	1999/04/02 18:56:30	1.1.1.2.2.1
@@ -247,7 +247,8 @@
 
     switch (alg) {
     case ALG_APMD5:
-	ap_MD5Encode(pw, salt, cpw, sizeof(cpw));
+	ap_MD5Encode((const unsigned char *)pw, (const unsigned char *)salt,
+		     cpw, sizeof(cpw));
 	break;
     case ALG_CRYPT:
 	ap_cpystrn(cpw, (char *)crypt(pw, salt), sizeof(cpw) - 1);

Mime
View raw message