From f2f54d5d26a878e51d1cb19927750b0978bf3f38 Mon Sep 17 00:00:00 2001 From: Andy Green Date: Mon, 15 Nov 2010 22:08:00 +0000 Subject: [PATCH] fix-md5-problem.patch Signed-off-by: Andy Green --- lib/handshake.c | 14 +++++--- lib/libwebsockets.c | 2 +- lib/md5.c | 96 +++++++++++++++++++++-------------------------------- libwebsockets.spec | 2 +- 4 files changed, 50 insertions(+), 64 deletions(-) diff --git a/lib/handshake.c b/lib/handshake.c index 67e7892..35059d0 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -22,12 +22,13 @@ #include "private-libwebsockets.h" -static int interpret_key(const char *key, unsigned int *result) +static int interpret_key(const char *key, unsigned long *result) { char digits[20]; int digit_pos = 0; const char *p = key; - int spaces = 0; + unsigned int spaces = 0; + unsigned long long acc; while (*p) { if (isdigit(*p)) { @@ -50,7 +51,12 @@ static int interpret_key(const char *key, unsigned int *result) if (!spaces) return -3; - *result = atol(digits) / spaces; + /* + * long long is absolutely needed since "digits" can be a multiple + * of a 32-bit range number + */ + acc = atoll(digits); + *result = acc / spaces; return 0; } @@ -67,7 +73,7 @@ libwebsocket_read(struct libwebsocket *wsi, unsigned char * buf, size_t len) { size_t n; char *p; - unsigned int key1, key2; + unsigned long key1, key2; unsigned char sum[16]; char *response; diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c index ee950b6..fe6408d 100644 --- a/lib/libwebsockets.c +++ b/lib/libwebsockets.c @@ -168,7 +168,7 @@ int libwebsocket_create_server(int port, int opt = 1; #ifdef LWS_OPENSSL_SUPPORT - const SSL_METHOD *method; + SSL_METHOD *method; char ssl_err_buf[512]; use_ssl = ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL; diff --git a/lib/md5.c b/lib/md5.c index a01ab0d..e99bfd0 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -1,57 +1,39 @@ /* - * Loosely based from GPL2+later Polarssl MD5 available here in its - * original form: - * + * Modified from Polarssl here * http://polarssl.org/show_source?file=md5 + * under GPL2 or later */ #include #include -#include - -#ifdef htobe16 -#else -/* Conversion interfaces. */ -# include - -# if __BYTE_ORDER == __LITTLE_ENDIAN -# define htobe16(x) __bswap_16 (x) -# define htole16(x) (x) -# define be16toh(x) __bswap_16 (x) -# define le16toh(x) (x) - -# define htobe32(x) __bswap_32 (x) -# define htole32(x) (x) -# define be32toh(x) __bswap_32 (x) -# define le32toh(x) (x) - -# define htobe64(x) __bswap_64 (x) -# define htole64(x) (x) -# define be64toh(x) __bswap_64 (x) -# define le64toh(x) (x) -# else -# define htobe16(x) (x) -# define htole16(x) __bswap_16 (x) -# define be16toh(x) (x) -# define le16toh(x) __bswap_16 (x) - -# define htobe32(x) (x) -# define htole32(x) __bswap_32 (x) -# define be32toh(x) (x) -# define le32toh(x) __bswap_32 (x) - -# define htobe64(x) (x) -# define htole64(x) __bswap_64 (x) -# define be64toh(x) (x) -# define le64toh(x) __bswap_64 (x) -# endif -#endif +#define GET_ULONG_LE(n, b, i) \ +{ \ + (n) = ((unsigned long)(b)[i]) \ + | ((unsigned long)(b)[(i) + 1] << 8) \ + | ((unsigned long)(b)[(i) + 2] << 16) \ + | ((unsigned long)(b)[(i) + 3] << 24); \ +} + +#define PUT_ULONG_LE(n, b, i) \ +{ \ + (b)[i] = (unsigned char)(n); \ + (b)[(i) + 1] = (unsigned char)((n) >> 8); \ + (b)[(i) + 2] = (unsigned char)((n) >> 16); \ + (b)[(i) + 3] = (unsigned char)((n) >> 24); \ +} static const unsigned char md5_padding[64] = { - 0x80 + 0x80, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, }; static const unsigned long state_init[] = { @@ -61,11 +43,11 @@ static const unsigned long state_init[] = { static void md5_process(unsigned long *state, const unsigned char *data) { - unsigned long X[16], A, B, C, D; - int n; - - for (n = 0; n < 16; n++) - X[n] = htole32(*(unsigned long *)(&data[n << 2])); + unsigned long X[16], A, B, C, D; + int v; + + for (v = 0; v < 16; v++) + GET_ULONG_LE(X[v], data, v << 2); #define S(x, n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) @@ -186,7 +168,7 @@ void md5_update(unsigned long * state, unsigned char * buffer, state[1]++; if (left && ilen >= fill) { - memcpy((void *)(buffer + left), (void *)input, fill); + memcpy(buffer + left, input, fill); md5_process(&state[2], buffer); input += fill; ilen -= fill; @@ -200,7 +182,7 @@ void md5_update(unsigned long * state, unsigned char * buffer, } if (ilen > 0) - memcpy((void *)(buffer + left), (void *) input, ilen); + memcpy(buffer + left, input, ilen); } void @@ -211,7 +193,6 @@ libwebsockets_md5(const unsigned char *input, int ilen, unsigned char *output) unsigned char msglen[8]; unsigned long state[6]; unsigned char buffer[64]; - unsigned long *p = (unsigned long *)&msglen[0]; memcpy(&state[0], &state_init[0], sizeof(state_init)); @@ -220,8 +201,8 @@ libwebsockets_md5(const unsigned char *input, int ilen, unsigned char *output) high = (state[0] >> 29) | (state[1] << 3); low = state[0] << 3; - *p++ = le32toh(low); - *p = le32toh(high); + PUT_ULONG_LE(low, msglen, 0); + PUT_ULONG_LE(high, msglen, 4); last = state[0] & 0x3F; padn = (last < 56) ? (56 - last) : (120 - last); @@ -229,11 +210,10 @@ libwebsockets_md5(const unsigned char *input, int ilen, unsigned char *output) md5_update(state, buffer, md5_padding, padn); md5_update(state, buffer, msglen, 8); - p = (unsigned long *)&output[0]; - *p++ = le32toh(state[2]); - *p++ = le32toh(state[3]); - *p++ = le32toh(state[4]); - *p++ = le32toh(state[5]); + PUT_ULONG_LE(state[2], output, 0); + PUT_ULONG_LE(state[3], output, 4); + PUT_ULONG_LE(state[4], output, 8); + PUT_ULONG_LE(state[5], output, 12); } diff --git a/libwebsockets.spec b/libwebsockets.spec index 3aa4f22..79056e7 100644 --- a/libwebsockets.spec +++ b/libwebsockets.spec @@ -1,6 +1,6 @@ Name: libwebsockets Version: 0.1 -Release: 17.gmaster_523a3971%{?dist} +Release: 26.gmaster_6d972248%{?dist} Summary: Websocket Server Library Group: System -- 2.7.4