summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypt.c58
1 files changed, 29 insertions, 29 deletions
diff --git a/crypt.c b/crypt.c
index e6867e1..7dd83f0 100644
--- a/crypt.c
+++ b/crypt.c
@@ -38,7 +38,7 @@ static void suhosin_get_ipv4(char *buf TSRMLS_DC)
38 memset(buf, 0, 4); 38 memset(buf, 0, 4);
39 return; 39 return;
40 } 40 }
41 41
42 for (i=0; i<4; i++) { 42 for (i=0; i<4; i++) {
43 if (raddr[0] == 0) { 43 if (raddr[0] == 0) {
44 buf[i] = 0; 44 buf[i] = 0;
@@ -56,7 +56,7 @@ char *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key
56 int padded_len, i, slen; 56 int padded_len, i, slen;
57 unsigned char *crypted, *tmp; 57 unsigned char *crypted, *tmp;
58 unsigned int check = 0x13579BDF; 58 unsigned int check = 0x13579BDF;
59 59
60 if (str == NULL) { 60 if (str == NULL) {
61 return NULL; 61 return NULL;
62 } 62 }
@@ -83,10 +83,10 @@ char *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key
83 check += check << 1; 83 check += check << 1;
84 check ^= (unsigned char)str[i]; 84 check ^= (unsigned char)str[i];
85 } 85 }
86 86
87 /* store ip value */ 87 /* store ip value */
88 suhosin_get_ipv4((char *)crypted+4 TSRMLS_CC); 88 suhosin_get_ipv4((char *)crypted+4 TSRMLS_CC);
89 89
90 /* store check value */ 90 /* store check value */
91 crypted[8] = check & 0xff; 91 crypted[8] = check & 0xff;
92 crypted[9] = (check >> 8) & 0xff; 92 crypted[9] = (check >> 8) & 0xff;
@@ -98,7 +98,7 @@ char *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key
98 crypted[13] = (len >> 8) & 0xff; 98 crypted[13] = (len >> 8) & 0xff;
99 crypted[14] = (len >> 16) & 0xff; 99 crypted[14] = (len >> 16) & 0xff;
100 crypted[15] = (len >> 24) & 0xff; 100 crypted[15] = (len >> 24) & 0xff;
101 101
102 for (i=0, tmp=crypted; i<padded_len+16; i+=16, tmp+=16) { 102 for (i=0, tmp=crypted; i<padded_len+16; i+=16, tmp+=16) {
103 if (i > 0) { 103 if (i > 0) {
104 int j; 104 int j;
@@ -106,7 +106,7 @@ char *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key
106 } 106 }
107 suhosin_aes_encrypt((char *)tmp TSRMLS_CC); 107 suhosin_aes_encrypt((char *)tmp TSRMLS_CC);
108 } 108 }
109 109
110 tmp = php_base64_encode(crypted, padded_len+16, NULL); 110 tmp = php_base64_encode(crypted, padded_len+16, NULL);
111 efree(crypted); 111 efree(crypted);
112 slen=strlen((char *)tmp); 112 slen=strlen((char *)tmp);
@@ -126,11 +126,11 @@ char *suhosin_decrypt_string(char *str, int padded_len, char *var, int vlen, cha
126 unsigned char *decrypted, *tmp; 126 unsigned char *decrypted, *tmp;
127 unsigned int check = 0x13579BDF; 127 unsigned int check = 0x13579BDF;
128 char buf[4]; 128 char buf[4];
129 129
130 if (str == NULL) { 130 if (str == NULL) {
131 return NULL; 131 return NULL;
132 } 132 }
133 133
134 if (padded_len == 0) { 134 if (padded_len == 0) {
135 if (orig_len) { 135 if (orig_len) {
136 *orig_len = 0; 136 *orig_len = 0;
@@ -146,7 +146,7 @@ char *suhosin_decrypt_string(char *str, int padded_len, char *var, int vlen, cha
146 case '_': str[i]='+'; break; 146 case '_': str[i]='+'; break;
147 } 147 }
148 } 148 }
149 149
150 decrypted = php_base64_decode((unsigned char *)str, padded_len, &len); 150 decrypted = php_base64_decode((unsigned char *)str, padded_len, &len);
151 if (decrypted == NULL || len < 2*16 || (len % 16) != 0) { 151 if (decrypted == NULL || len < 2*16 || (len % 16) != 0) {
152error_out: 152error_out:
@@ -158,7 +158,7 @@ error_out:
158 } 158 }
159 return NULL; 159 return NULL;
160 } 160 }
161 161
162 for (i=len-16, tmp=decrypted+i; i>=0; i-=16, tmp-=16) { 162 for (i=len-16, tmp=decrypted+i; i>=0; i-=16, tmp-=16) {
163 suhosin_aes_decrypt((char *)tmp TSRMLS_CC); 163 suhosin_aes_decrypt((char *)tmp TSRMLS_CC);
164 if (i > 0) { 164 if (i > 0) {
@@ -166,7 +166,7 @@ error_out:
166 for (j=0; j<16; j++) tmp[j] ^= tmp[j-16]; 166 for (j=0; j<16; j++) tmp[j] ^= tmp[j-16];
167 } 167 }
168 } 168 }
169 169
170 /* retrieve orig_len */ 170 /* retrieve orig_len */
171 o_len = decrypted[15]; 171 o_len = decrypted[15];
172 o_len <<= 8; 172 o_len <<= 8;
@@ -175,7 +175,7 @@ error_out:
175 o_len |= decrypted[13]; 175 o_len |= decrypted[13];
176 o_len <<= 8; 176 o_len <<= 8;
177 o_len |= decrypted[12]; 177 o_len |= decrypted[12];
178 178
179 if (o_len < 0 || o_len > len-16) { 179 if (o_len < 0 || o_len > len-16) {
180 goto error_out; 180 goto error_out;
181 } 181 }
@@ -191,13 +191,13 @@ error_out:
191 check += check << 1; 191 check += check << 1;
192 check ^= decrypted[16+i]; 192 check ^= decrypted[16+i];
193 } 193 }
194 194
195 /* check value */ 195 /* check value */
196 invalid = (decrypted[8] != (check & 0xff)) || 196 invalid = (decrypted[8] != (check & 0xff)) ||
197 (decrypted[9] != ((check >> 8) & 0xff)) || 197 (decrypted[9] != ((check >> 8) & 0xff)) ||
198 (decrypted[10] != ((check >> 16) & 0xff)) || 198 (decrypted[10] != ((check >> 16) & 0xff)) ||
199 (decrypted[11] != ((check >> 24) & 0xff)); 199 (decrypted[11] != ((check >> 24) & 0xff));
200 200
201 /* check IP */ 201 /* check IP */
202 if (check_ra > 0) { 202 if (check_ra > 0) {
203 if (check_ra > 4) { 203 if (check_ra > 4) {
@@ -208,19 +208,19 @@ error_out:
208 goto error_out; 208 goto error_out;
209 } 209 }
210 } 210 }
211 211
212 if (invalid) { 212 if (invalid) {
213 goto error_out; 213 goto error_out;
214 } 214 }
215 215
216 if (orig_len) { 216 if (orig_len) {
217 *orig_len = o_len; 217 *orig_len = o_len;
218 } 218 }
219 219
220 memmove(decrypted, decrypted+16, o_len); 220 memmove(decrypted, decrypted+16, o_len);
221 decrypted[o_len] = 0; 221 decrypted[o_len] = 0;
222 /* we do not realloc() here because 16 byte less 222 /* we do not realloc() here because 16 byte less
223 is simply not worth the overhead */ 223 is simply not worth the overhead */
224 return (char *)decrypted; 224 return (char *)decrypted;
225} 225}
226 226
@@ -230,21 +230,21 @@ char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, ch
230 char *_dr = NULL; 230 char *_dr = NULL;
231 char *_ra = NULL; 231 char *_ra = NULL;
232 suhosin_SHA256_CTX ctx; 232 suhosin_SHA256_CTX ctx;
233 233
234 if (ua) { 234 if (ua) {
235 _ua = suhosin_getenv("HTTP_USER_AGENT", sizeof("HTTP_USER_AGENT")-1 TSRMLS_CC); 235 _ua = suhosin_getenv("HTTP_USER_AGENT", sizeof("HTTP_USER_AGENT")-1 TSRMLS_CC);
236 } 236 }
237 237
238 if (dr) { 238 if (dr) {
239 _dr = suhosin_getenv("DOCUMENT_ROOT", sizeof("DOCUMENT_ROOT")-1 TSRMLS_CC); 239 _dr = suhosin_getenv("DOCUMENT_ROOT", sizeof("DOCUMENT_ROOT")-1 TSRMLS_CC);
240 } 240 }
241 241
242 if (raddr > 0) { 242 if (raddr > 0) {
243 _ra = suhosin_getenv("REMOTE_ADDR", sizeof("REMOTE_ADDR")-1 TSRMLS_CC); 243 _ra = suhosin_getenv("REMOTE_ADDR", sizeof("REMOTE_ADDR")-1 TSRMLS_CC);
244 } 244 }
245 245
246 SDEBUG("(suhosin_generate_key) KEY: %s - UA: %s - DR: %s - RA: %s", key,_ua,_dr,_ra); 246 SDEBUG("(suhosin_generate_key) KEY: %s - UA: %s - DR: %s - RA: %s", key,_ua,_dr,_ra);
247 247
248 suhosin_SHA256Init(&ctx); 248 suhosin_SHA256Init(&ctx);
249 if (key == NULL || *key == 0) { 249 if (key == NULL || *key == 0) {
250 suhosin_SHA256Update(&ctx, (unsigned char*)"D3F4UL7", strlen("D3F4UL7")); 250 suhosin_SHA256Update(&ctx, (unsigned char*)"D3F4UL7", strlen("D3F4UL7"));
@@ -263,7 +263,7 @@ char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, ch
263 } else { 263 } else {
264 long dots = 0; 264 long dots = 0;
265 char *tmp = _ra; 265 char *tmp = _ra;
266 266
267 while (*tmp) { 267 while (*tmp) {
268 if (*tmp == '.') { 268 if (*tmp == '.') {
269 dots++; 269 dots++;
@@ -278,6 +278,6 @@ char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, ch
278 } 278 }
279 suhosin_SHA256Final((unsigned char *)cryptkey, &ctx); 279 suhosin_SHA256Final((unsigned char *)cryptkey, &ctx);
280 cryptkey[32] = 0; /* uhmm... not really a string */ 280 cryptkey[32] = 0; /* uhmm... not really a string */
281 281
282 return cryptkey; 282 return cryptkey;
283} 283}