From: Jeremy Harris Date: Sun, 14 Feb 2016 18:10:20 +0000 (+0000) Subject: Expansions: shortcut hmac expansion during syntax-check phase X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/61fd9a693285fe264aa67ffa0ef042a68c63c5cd Expansions: shortcut hmac expansion during syntax-check phase --- diff --git a/src/src/expand.c b/src/src/expand.c index 66172f378..47ed70747 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -5101,75 +5101,79 @@ while (*s != 0) case 3: goto EXPAND_FAILED; } - if (Ustrcmp(sub[0], "md5") == 0) - { - type = HMAC_MD5; - use_base = &md5_base; - hashlen = 16; - hashblocklen = 64; - } - else if (Ustrcmp(sub[0], "sha1") == 0) - { - type = HMAC_SHA1; - use_base = &sha1_base; - hashlen = 20; - hashblocklen = 64; - } - else - { - expand_string_message = - string_sprintf("hmac algorithm \"%s\" is not recognised", sub[0]); - goto EXPAND_FAILED; - } + if (!skipping) + { + if (Ustrcmp(sub[0], "md5") == 0) + { + type = HMAC_MD5; + use_base = &md5_base; + hashlen = 16; + hashblocklen = 64; + } + else if (Ustrcmp(sub[0], "sha1") == 0) + { + type = HMAC_SHA1; + use_base = &sha1_base; + hashlen = 20; + hashblocklen = 64; + } + else + { + expand_string_message = + string_sprintf("hmac algorithm \"%s\" is not recognised", sub[0]); + goto EXPAND_FAILED; + } - keyptr = sub[1]; - keylen = Ustrlen(keyptr); + keyptr = sub[1]; + keylen = Ustrlen(keyptr); - /* If the key is longer than the hash block length, then hash the key - first */ + /* If the key is longer than the hash block length, then hash the key + first */ - if (keylen > hashblocklen) - { - chash_start(type, use_base); - chash_end(type, use_base, keyptr, keylen, keyhash); - keyptr = keyhash; - keylen = hashlen; - } + if (keylen > hashblocklen) + { + chash_start(type, use_base); + chash_end(type, use_base, keyptr, keylen, keyhash); + keyptr = keyhash; + keylen = hashlen; + } - /* Now make the inner and outer key values */ + /* Now make the inner and outer key values */ - memset(innerkey, 0x36, hashblocklen); - memset(outerkey, 0x5c, hashblocklen); + memset(innerkey, 0x36, hashblocklen); + memset(outerkey, 0x5c, hashblocklen); - for (i = 0; i < keylen; i++) - { - innerkey[i] ^= keyptr[i]; - outerkey[i] ^= keyptr[i]; - } + for (i = 0; i < keylen; i++) + { + innerkey[i] ^= keyptr[i]; + outerkey[i] ^= keyptr[i]; + } - /* Now do the hashes */ + /* Now do the hashes */ - chash_start(type, use_base); - chash_mid(type, use_base, innerkey); - chash_end(type, use_base, sub[2], Ustrlen(sub[2]), innerhash); + chash_start(type, use_base); + chash_mid(type, use_base, innerkey); + chash_end(type, use_base, sub[2], Ustrlen(sub[2]), innerhash); - chash_start(type, use_base); - chash_mid(type, use_base, outerkey); - chash_end(type, use_base, innerhash, hashlen, finalhash); + chash_start(type, use_base); + chash_mid(type, use_base, outerkey); + chash_end(type, use_base, innerhash, hashlen, finalhash); - /* Encode the final hash as a hex string */ + /* Encode the final hash as a hex string */ - p = finalhash_hex; - for (i = 0; i < hashlen; i++) - { - *p++ = hex_digits[(finalhash[i] & 0xf0) >> 4]; - *p++ = hex_digits[finalhash[i] & 0x0f]; - } + p = finalhash_hex; + for (i = 0; i < hashlen; i++) + { + *p++ = hex_digits[(finalhash[i] & 0xf0) >> 4]; + *p++ = hex_digits[finalhash[i] & 0x0f]; + } - DEBUG(D_any) debug_printf("HMAC[%s](%.*s,%.*s)=%.*s\n", sub[0], - (int)keylen, keyptr, Ustrlen(sub[2]), sub[2], hashlen*2, finalhash_hex); + DEBUG(D_any) debug_printf("HMAC[%s](%.*s,%.*s)=%.*s\n", + sub[0], (int)keylen, keyptr, Ustrlen(sub[2]), sub[2], hashlen*2, + finalhash_hex); - yield = string_cat(yield, &size, &ptr, finalhash_hex, hashlen*2); + yield = string_cat(yield, &size, &ptr, finalhash_hex, hashlen*2); + } } continue; diff --git a/src/src/ip.c b/src/src/ip.c index 1e3875aef..4960e3b29 100644 --- a/src/src/ip.c +++ b/src/src/ip.c @@ -292,9 +292,8 @@ namelen = Ustrlen(hostname); if (hostname[0] == '[' && hostname[namelen - 1] == ']') { - uschar * host = string_copy(hostname); - host[namelen - 1] = 0; - host++; + uschar * host = string_copyn(hostname+1, namelen-2); +debug_printf("%s: 1\n", __FUNCTION__); if (string_is_ip_address(host, NULL) == 0) { *errstr = string_sprintf("malformed IP address \"%s\"", hostname); @@ -306,13 +305,17 @@ if (hostname[0] == '[' && /* Otherwise check for an unadorned IP address */ else if (string_is_ip_address(hostname, NULL) != 0) - shost.name = shost.address = string_copy(hostname); + { +debug_printf("%s: 2\n", __FUNCTION__); + shost.name = shost.address = string_copyn(hostname, namelen); + } /* Otherwise lookup IP address(es) from the name */ else { - shost.name = string_copy(hostname); +debug_printf("%s: 3\n", __FUNCTION__); + shost.name = string_copyn(hostname, namelen); if (host_find_byname(&shost, NULL, HOST_FIND_QUALIFY_SINGLE, NULL, FALSE) != HOST_FOUND) { @@ -323,11 +326,12 @@ else /* Try to connect to the server - test each IP till one works */ -for (h = &shost; h != NULL; h = h->next) +for (h = &shost; h; h = h->next) { - fd = (Ustrchr(h->address, ':') != 0) - ? (fd6 < 0) ? (fd6 = ip_socket(type, af = AF_INET6)) : fd6 - : (fd4 < 0) ? (fd4 = ip_socket(type, af = AF_INET )) : fd4; +debug_printf("%s: 4 '%s'\n", __FUNCTION__, h->address); + fd = Ustrchr(h->address, ':') != 0 + ? fd6 < 0 ? (fd6 = ip_socket(type, af = AF_INET6)) : fd6 + : fd4 < 0 ? (fd4 = ip_socket(type, af = AF_INET )) : fd4; if (fd < 0) {