arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-21 10:26:06 +03:00
Code

v1.1.9-2 changes

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@150 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich 2008-05-13 11:32:33 +00:00
parent d02abde904
commit bc1e70c101
12 changed files with 116 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/bigint_impl.h
View File

@ -44,7 +44,7 @@
/* Architecture specific functions for big ints */ /* Architecture specific functions for big ints */
#ifdef WIN32 #ifdef WIN32
#define COMP_RADIX 4294967296i64 #define COMP_RADIX 4294967296i64
#define COMP_MAX 0xFFFFFFFFFFFFFFFFi64 #define COMP_MAX 0xFFFFFFFFFFFFFFFFui64
#else #else
#define COMP_RADIX 4294967296ULL /**< Max component + 1 */ #define COMP_RADIX 4294967296ULL /**< Max component + 1 */
#define COMP_MAX 0xFFFFFFFFFFFFFFFFULL/**< (Max dbl comp -1) */ #define COMP_MAX 0xFFFFFFFFFFFFFFFFULL/**< (Max dbl comp -1) */

2
crypto/crypto_misc.c
View File

@ -127,7 +127,7 @@ EXP_FUNC void STDCALL RNG_initialize(const uint8_t *seed_buf, int size)
for (i = 0; i < size/(int)sizeof(uint64_t); i++) for (i = 0; i < size/(int)sizeof(uint64_t); i++)
rng_num ^= *((uint64_t *)&seed_buf[i*sizeof(uint64_t)]); rng_num ^= *((uint64_t *)&seed_buf[i*sizeof(uint64_t)]);
srand((long)seed_buf); /* use the stack ptr as another rnd seed */ srand((long)&seed_buf); /* use the stack ptr as another rnd seed */
#endif #endif
} }

14
httpd/Config.in
View File

@ -129,6 +129,20 @@ config CONFIG_HTTP_HAS_IPV6
Does not work under Win32 Does not work under Win32
config CONFIG_HTTP_ENABLE_DIFFERENT_USER
bool "Enable different user"
default n
depends on !CONFIG_PLATFORM_WIN32
help
Allow the web server to be run as a different user
config CONFIG_HTTP_USER
string "As User"
default "nobody"
depends on CONFIG_HTTP_ENABLE_DIFFERENT_USER
help
The user name that will be used to run axhttpd.
config CONFIG_HTTP_VERBOSE config CONFIG_HTTP_VERBOSE
bool "Verbose Mode" bool "Verbose Mode"
default y if CONFIG_SSL_FULL_MODE default y if CONFIG_SSL_FULL_MODE

23
httpd/axhttpd.c
View File

@ -34,6 +34,7 @@
#include <signal.h> #include <signal.h>
#include <stdlib.h> #include <stdlib.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <pwd.h>
#include "axhttp.h" #include "axhttp.h"
struct serverstruct *servers; struct serverstruct *servers;
@ -186,6 +187,28 @@ int main(int argc, char *argv[])
ax_chdir(); ax_chdir();
#ifdef CONFIG_HTTP_ENABLE_DIFFERENT_USER
{
struct passwd *pd = getpwnam(CONFIG_HTTP_USER);
if (pd != NULL)
{
int res = setuid(pd->pw_uid);
res |= setgid(pd->pw_gid);
#if defined(CONFIG_HTTP_VERBOSE)
if (res == 0)
{
printf("change to '%s' successful\n", CONFIG_HTTP_USER);
TTY_FLUSH();
}
#endif
}
}
#endif
#ifndef WIN32 #ifndef WIN32
#ifdef CONFIG_HTTP_IS_DAEMON #ifdef CONFIG_HTTP_IS_DAEMON
if (fork() > 0) /* parent will die */ if (fork() > 0) /* parent will die */

58
ssl/asn1.c
View File

@ -40,7 +40,8 @@
#include "crypto.h" #include "crypto.h"
#include "crypto_misc.h" #include "crypto_misc.h"
#define SIG_OID_PREFIX_SIZE 8 #define SIG_OID_PREFIX_SIZE 8
#define SIG_IIS6_OID_SIZE 5
/* Must be an RSA algorithm with either SHA1 or MD5 for verifying to work */ /* Must be an RSA algorithm with either SHA1 or MD5 for verifying to work */
static const uint8_t sig_oid_prefix[SIG_OID_PREFIX_SIZE] = static const uint8_t sig_oid_prefix[SIG_OID_PREFIX_SIZE] =
@ -48,6 +49,11 @@ static const uint8_t sig_oid_prefix[SIG_OID_PREFIX_SIZE] =
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01
}; };
static const uint8_t sig_iis6_oid[SIG_IIS6_OID_SIZE] =
{
0x2b, 0x0e, 0x03, 0x02, 0x1d
};
/* CN, O, OU */ /* CN, O, OU */
static const uint8_t g_dn_types[] = { 3, 10, 11 }; static const uint8_t g_dn_types[] = { 3, 10, 11 };
@ -277,16 +283,34 @@ static int asn1_get_printable_str(const uint8_t *buf, int *offset, char **str)
int len = X509_NOT_OK; int len = X509_NOT_OK;
/* some certs have this awful crud in them for some reason */ /* some certs have this awful crud in them for some reason */
if (buf[*offset] != ASN1_PRINTABLE_STR && if (buf[*offset] != ASN1_PRINTABLE_STR &&
buf[*offset] != ASN1_TELETEX_STR && buf[*offset] != ASN1_IA5_STR) buf[*offset] != ASN1_TELETEX_STR &&
buf[*offset] != ASN1_IA5_STR &&
buf[*offset] != ASN1_UNICODE_STR)
goto end_pnt_str; goto end_pnt_str;
(*offset)++; (*offset)++;
len = get_asn1_length(buf, offset); len = get_asn1_length(buf, offset);
*str = (char *)malloc(len+1); /* allow for null */
memcpy(*str, &buf[*offset], len); if (buf[*offset - 1] == ASN1_UNICODE_STR)
(*str)[len] = 0; /* null terminate */ {
*offset += len; int i;
*str = (char *)malloc(len/2+1); /* allow for null */
for (i = 0; i < len; i += 2)
(*str)[i/2] = buf[*offset + i + 1];
(*str)[len/2] = 0; /* null terminate */
}
else
{
*str = (char *)malloc(len+1); /* allow for null */
memcpy(*str, &buf[*offset], len);
(*str)[len] = 0; /* null terminate */
}
*offset += len;
end_pnt_str: end_pnt_str:
return len; return len;
} }
@ -424,7 +448,7 @@ void remove_ca_certs(CA_CERT_CTX *ca_cert_ctx)
while (i < CONFIG_X509_MAX_CA_CERTS && ca_cert_ctx->cert[i]) while (i < CONFIG_X509_MAX_CA_CERTS && ca_cert_ctx->cert[i])
{ {
x509_free(ca_cert_ctx->cert[i]); x509_free(ca_cert_ctx->cert[i]);
ca_cert_ctx->cert[i] = NULL; ca_cert_ctx->cert[i++] = NULL;
} }
free(ca_cert_ctx); free(ca_cert_ctx);
@ -463,10 +487,18 @@ int asn1_signature_type(const uint8_t *cert,
len = get_asn1_length(cert, offset); len = get_asn1_length(cert, offset);
if (memcmp(sig_oid_prefix, &cert[*offset], SIG_OID_PREFIX_SIZE)) if (len == 5 && memcmp(sig_iis6_oid, &cert[*offset],
goto end_check_sig; /* unrecognised cert type */ SIG_IIS6_OID_SIZE) == 0)
{
x509_ctx->sig_type = SIG_TYPE_SHA1;
}
else
{
if (memcmp(sig_oid_prefix, &cert[*offset], SIG_OID_PREFIX_SIZE))
goto end_check_sig; /* unrecognised cert type */
x509_ctx->sig_type = cert[*offset + SIG_OID_PREFIX_SIZE]; x509_ctx->sig_type = cert[*offset + SIG_OID_PREFIX_SIZE];
}
*offset += len; *offset += len;
asn1_skip_obj(cert, offset, ASN1_NULL); /* if it's there */ asn1_skip_obj(cert, offset, ASN1_NULL); /* if it's there */

1
ssl/crypto_misc.h
View File

@ -109,6 +109,7 @@ const char * x509_display_error(int error);
#define ASN1_TELETEX_STR 0x14 #define ASN1_TELETEX_STR 0x14
#define ASN1_IA5_STR 0x16 #define ASN1_IA5_STR 0x16
#define ASN1_UTC_TIME 0x17 #define ASN1_UTC_TIME 0x17
#define ASN1_UNICODE_STR 0x1e
#define ASN1_SEQUENCE 0x30 #define ASN1_SEQUENCE 0x30
#define ASN1_SET 0x31 #define ASN1_SET 0x31
#define ASN1_IMPLICIT_TAG 0x80 #define ASN1_IMPLICIT_TAG 0x80

2
ssl/gen_cert.c
View File

@ -178,7 +178,7 @@ static int gen_issuer(const char * dn[], uint8_t *buf, int *offset)
if (dn[X509_ORGANIZATION] != NULL && strlen(dn[X509_ORGANIZATION]) > 0) if (dn[X509_ORGANIZATION] != NULL && strlen(dn[X509_ORGANIZATION]) > 0)
{ {
if ((ret = gen_dn(dn[X509_ORGANIZATIONAL_UNIT], 10, buf, offset))) if ((ret = gen_dn(dn[X509_ORGANIZATION], 10, buf, offset)))
goto error; goto error;
} }

3
ssl/loader.c
View File

@ -69,8 +69,7 @@ EXP_FUNC int STDCALL ssl_obj_load(SSL_CTX *ssl_ctx, int obj_type,
} }
ssl_obj = (SSLObjLoader *)calloc(1, sizeof(SSLObjLoader)); ssl_obj = (SSLObjLoader *)calloc(1, sizeof(SSLObjLoader));
ssl_obj->len = get_file(filename, &ssl_obj->buf); ssl_obj->len = get_file(filename, &ssl_obj->buf);
if (ssl_obj->len <= 0) if (ssl_obj->len <= 0)
{ {
ret = SSL_ERROR_INVALID_KEY; ret = SSL_ERROR_INVALID_KEY;

13
ssl/test/ms_iis.cer Executable file
View File

@ -0,0 +1,13 @@
-----BEGIN CERTIFICATE-----
MIIB5jCCAVOgAwIBAgIQWPe7KyA+U7lLUohulwW2HDAJBgUrDgMCHQUAMCExHzAd
BgNVBAMTFmF4dGxzLmNlcm9jY2x1Yi5jb20uYXUwHhcNMDgwMzE3MTAyMTA2WhcN
MDkwMzE3MTAyMTA2WjAhMR8wHQYDVQQDExZheHRscy5jZXJvY2NsdWIuY29tLmF1
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9JqHlQjrQMt3JW8yxcGhFagDa
D4QiIY8+KItTt13fIBt5g1AG4VXniaylSqKKYNPwVzqSWl7WhxMmoFU73veF8o4M
G0Zc5qbVB6ukrSV4WaTgHrIO6pWkyiaQ4L/eYfCo/2pByhl0IUKkf/TMN346/rFg
JgrElx01l6QHNQrzVQIDAQABoycwJTATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNV
HQ8EBwMFALAAAAAwCQYFKw4DAh0FAAOBgQAbH94H1fryngROJ//Oa0D3vvTO8CJ3
8VW+3gQEwrPBOWmN6RV8OM0dE6pf8wD3s7PTCcM5+/HI1Qk53nUGrNiOmKM1s0JB
bvsO9RT+UF8mtdbo/n30M0MHMWPCC76baW3R+ANBp/V/z4l1ytpUTt+MHvz0VlUs
J4uJA3s3uh23Tg==
-----END CERTIFICATE-----

10
ssl/test/ssltest.c
View File

@ -638,6 +638,16 @@ static int cert_tests(void)
x509_free(x509_ctx); x509_free(x509_ctx);
free(buf); free(buf);
ssl_ctx = ssl_ctx_new(0, 0);
if ((res = ssl_obj_load(ssl_ctx,
SSL_OBJ_X509_CERT, "../ssl/test/ms_iis.cer", NULL)) != SSL_OK)
{
ssl_display_error(res);
goto bad_cert;
}
ssl_ctx_free(ssl_ctx);
res = 0; /* all ok */ res = 0; /* all ok */
printf("All Certificate tests passed\n"); printf("All Certificate tests passed\n");

2
ssl/x509.c
View File

@ -292,7 +292,7 @@ int x509_verify(const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert)
} }
/* trusted cert not found */ /* trusted cert not found */
if (i >= CONFIG_X509_MAX_CA_CERTS) if (match_ca_cert == 0)
{ {
ret = X509_VFY_ERROR_NO_TRUSTED_CERT; ret = X509_VFY_ERROR_NO_TRUSTED_CERT;
goto end_verify; goto end_verify;

9
www/index.html
View File

File diff suppressed because one or more lines are too long