diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-12-23 12:28:03 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-12-23 13:12:05 +0200 |
commit | 23d96f1b9613d33a6fb50bf892a7accbab1332ba (patch) | |
tree | 908ab016e8d417030dc2b9f74d671463b691fefd | |
parent | c5791c82c66393bd8dd458718a6d0b2b526aba35 (diff) | |
download | gnutls-23d96f1b9613d33a6fb50bf892a7accbab1332ba.tar.gz |
dropped the sanitize URL approach
-rw-r--r-- | lib/gnutls_privkey.c | 18 | ||||
-rw-r--r-- | lib/pkcs11_privkey.c | 2 | ||||
-rw-r--r-- | lib/urls.c | 68 | ||||
-rw-r--r-- | lib/urls.h | 2 | ||||
-rw-r--r-- | lib/x509/x509.c | 16 |
5 files changed, 12 insertions, 94 deletions
diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c index ba89c2db76..ad715c2d4c 100644 --- a/lib/gnutls_privkey.c +++ b/lib/gnutls_privkey.c @@ -1241,40 +1241,35 @@ gnutls_privkey_import_url(gnutls_privkey_t key, const char *url, unsigned int flags) { unsigned i; - char *xurl = NULL; int ret; - xurl = _gnutls_sanitize_url(url, 1); - if (xurl == NULL) - return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - if (strncmp(url, PKCS11_URL, PKCS11_URL_SIZE) == 0) { #ifdef ENABLE_PKCS11 - ret = gnutls_privkey_import_pkcs11_url(key, xurl); + ret = gnutls_privkey_import_pkcs11_url(key, url); #else ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE); #endif goto cleanup; } - if (strncmp(xurl, TPMKEY_URL, TPMKEY_URL_SIZE) == 0) { + if (strncmp(url, TPMKEY_URL, TPMKEY_URL_SIZE) == 0) { #ifdef HAVE_TROUSERS - ret = gnutls_privkey_import_tpm_url(key, xurl, NULL, NULL, 0); + ret = gnutls_privkey_import_tpm_url(key, url, NULL, NULL, 0); #else ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE); #endif goto cleanup; } - if (strncmp(xurl, SYSTEM_URL, SYSTEM_URL_SIZE) == 0) { - ret = _gnutls_privkey_import_system_url(key, xurl); + if (strncmp(url, SYSTEM_URL, SYSTEM_URL_SIZE) == 0) { + ret = _gnutls_privkey_import_system_url(key, url); goto cleanup; } for (i=0;i<_gnutls_custom_urls_size;i++) { if (strncmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0) { if (_gnutls_custom_urls[i].import_key) { - ret = _gnutls_custom_urls[i].import_key(key, xurl, flags); + ret = _gnutls_custom_urls[i].import_key(key, url, flags); goto cleanup; } break; @@ -1283,7 +1278,6 @@ gnutls_privkey_import_url(gnutls_privkey_t key, const char *url, ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); cleanup: - gnutls_free(xurl); return ret; } diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c index 3d8ba58590..a80f05e4a5 100644 --- a/lib/pkcs11_privkey.c +++ b/lib/pkcs11_privkey.c @@ -403,7 +403,7 @@ gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey, memset(&pkey->sinfo, 0, sizeof(pkey->sinfo)); - pkey->url = _gnutls_sanitize_url(url, 1); + pkey->url = gnutls_strdup(url); if (pkey->url == NULL) return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); diff --git a/lib/urls.c b/lib/urls.c index 71aacfb834..1092cb4c7f 100644 --- a/lib/urls.c +++ b/lib/urls.c @@ -29,74 +29,6 @@ gnutls_custom_url_st _gnutls_custom_urls[MAX_CUSTOM_URLS]; unsigned _gnutls_custom_urls_size = 0; -static const char *_types[] = -{ "object-type=cert", "object-type=private", NULL }; - -static char *append_to_str(const char *str1, const char *str2) -{ - char *str = NULL; - gnutls_buffer_st buf; - int ret; - - _gnutls_buffer_init(&buf); - - ret = _gnutls_buffer_append_str(&buf, str1); - if (ret < 0) { - goto cleanup; - } - - ret = _gnutls_buffer_append_data(&buf, ";", 1); - if (ret < 0) { - goto cleanup; - } - - ret = _gnutls_buffer_append_str(&buf, str2); - if (ret < 0) { - goto cleanup; - } - - ret = _gnutls_buffer_append_data(&buf, "\x00", 1); - if (ret < 0) { - goto cleanup; - } - - str = (void*)buf.data; - ret = 0; -fprintf(stderr, "str: %s\n", str); - cleanup: - if (ret < 0) { - _gnutls_buffer_clear(&buf); - } - return str; - -} - -/* - * @type: 0 for cert, 1 for privkey - * - * This function will make sure that the URL is ok (e.g., - * that it contains type=cert, when it is a certificate, - * or type=privkey for PKCS #11 URLs. That allows to use - * the common URL part as input for keys and certificates. - * - * - */ -char *_gnutls_sanitize_url(const char *url, unsigned type) -{ -#ifdef ENABLE_PKCS11 - if (strncmp(url, "pkcs11:", 7) == 0) { - if (strstr(url, _types[type]) != NULL) { - return gnutls_strdup(url); - } else { - return append_to_str(url, _types[type]); - } - } else -#endif - { - return gnutls_strdup(url); - } -} - /** * gnutls_url_is_supported: * @url: A PKCS 11 url diff --git a/lib/urls.h b/lib/urls.h index 499fd154f2..79ce75c591 100644 --- a/lib/urls.h +++ b/lib/urls.h @@ -18,8 +18,6 @@ * */ -char *_gnutls_sanitize_url(const char *url, unsigned type); - #define PKCS11_URL "pkcs11:" #define SYSTEM_URL "system:" #define TPMKEY_URL "tpmkey:" diff --git a/lib/x509/x509.c b/lib/x509/x509.c index caca5e52d2..4bb5bf2753 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -3700,25 +3700,20 @@ int gnutls_x509_crt_import_url(gnutls_x509_crt_t crt, const char *url, unsigned int flags) { - char *xurl; int ret; - xurl = _gnutls_sanitize_url(url, 0); - if (xurl == NULL) - return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - - if (strncmp(xurl, SYSTEM_URL, SYSTEM_URL_SIZE) == 0) { - ret = _gnutls_x509_crt_import_system_url(crt, xurl); + if (strncmp(url, SYSTEM_URL, SYSTEM_URL_SIZE) == 0) { + ret = _gnutls_x509_crt_import_system_url(crt, url); #ifdef ENABLE_PKCS11 - } else if (strncmp(xurl, PKCS11_URL, PKCS11_URL_SIZE) == 0) { - ret = _gnutls_x509_crt_import_pkcs11_url(crt, xurl, flags); + } else if (strncmp(url, PKCS11_URL, PKCS11_URL_SIZE) == 0) { + ret = _gnutls_x509_crt_import_pkcs11_url(crt, url, flags); #endif } else { unsigned i; for (i=0;i<_gnutls_custom_urls_size;i++) { if (strncmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0) { if (_gnutls_custom_urls[i].import_crt) { - ret = _gnutls_custom_urls[i].import_crt(crt, xurl, flags); + ret = _gnutls_custom_urls[i].import_crt(crt, url, flags); goto cleanup; } } @@ -3727,6 +3722,5 @@ gnutls_x509_crt_import_url(gnutls_x509_crt_t crt, } cleanup: - gnutls_free(xurl); return ret; } |