summaryrefslogtreecommitdiff
path: root/cookiecrypt.c
diff options
context:
space:
mode:
authorBen Fuhrmannek2016-10-12 14:57:47 +0200
committerBen Fuhrmannek2016-10-12 14:57:47 +0200
commit1a3fd5eeb9a5859aefedb9302adb6ecd6a1873a7 (patch)
treea8925768de344632ec89e051a3c71a3c7c61ffd3 /cookiecrypt.c
parent2e4fbdbdd8ff3b1d1a0edb579392506ef3ed98e2 (diff)
comments and whitespace cleanup
Diffstat (limited to 'cookiecrypt.c')
-rw-r--r--cookiecrypt.c23
1 files changed, 10 insertions, 13 deletions
diff --git a/cookiecrypt.c b/cookiecrypt.c
index f4f3638..42169f8 100644
--- a/cookiecrypt.c
+++ b/cookiecrypt.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: header.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -35,11 +32,11 @@ zend_string *suhosin_encrypt_single_cookie(char *name, int name_len, char *value
35{ 32{
36 int l; 33 int l;
37 34
38 name = estrndup(name, name_len); 35 name = estrndup(name, name_len);
39 name_len = php_url_decode(name, name_len); 36 name_len = php_url_decode(name, name_len);
40 suhosin_normalize_varname(name); 37 suhosin_normalize_varname(name);
41 name_len = strlen(name); 38 name_len = strlen(name);
42 39
43 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name, name_len)) || 40 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name, name_len)) ||
44 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name, name_len))) { 41 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name, name_len))) {
45 efree(name); 42 efree(name);
@@ -48,7 +45,7 @@ zend_string *suhosin_encrypt_single_cookie(char *name, int name_len, char *value
48 45
49 value = estrndup(value, value_len); 46 value = estrndup(value, value_len);
50 value_len = php_url_decode(value, value_len); 47 value_len = php_url_decode(value, value_len);
51 48
52 zend_string *d = suhosin_encrypt_string(value, value_len, name, name_len, key); 49 zend_string *d = suhosin_encrypt_string(value, value_len, name, name_len, key);
53 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d)); 50 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d));
54 zend_string_release(d); 51 zend_string_release(d);
@@ -63,7 +60,7 @@ char *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int v
63 int name2_len = php_url_decode(name2, name_len); 60 int name2_len = php_url_decode(name2, name_len);
64 suhosin_normalize_varname(name2); 61 suhosin_normalize_varname(name2);
65 name2_len = strlen(name2); 62 name2_len = strlen(name2);
66 63
67 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name2, name2_len)) || 64 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name2, name2_len)) ||
68 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name2, name2_len))) { 65 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name2, name2_len))) {
69 // if (1) { 66 // if (1) {
@@ -75,10 +72,10 @@ char *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int v
75 *out += value_len; 72 *out += value_len;
76 return *out; 73 return *out;
77 } 74 }
78 75
79 value = estrndup(value, value_len); 76 value = estrndup(value, value_len);
80 value_len = php_url_decode(value, value_len); 77 value_len = php_url_decode(value, value_len);
81 78
82 zend_string *d = suhosin_decrypt_string(value, value_len, name2, name2_len, key, SUHOSIN7_G(cookie_checkraddr)); 79 zend_string *d = suhosin_decrypt_string(value, value_len, name2, name2_len, key, SUHOSIN7_G(cookie_checkraddr));
83 if (d) { 80 if (d) {
84 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d)); 81 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d));
@@ -93,7 +90,7 @@ char *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int v
93 90
94 efree(name2); 91 efree(name2);
95 efree(value); 92 efree(value);
96 93
97 return *out; 94 return *out;
98} 95}
99 96
@@ -109,7 +106,7 @@ char *suhosin_cookie_decryptor(char *raw_cookie)
109 // suhosin_generate_key(SUHOSIN7_G(cookie_cryptkey), SUHOSIN7_G(cookie_cryptua), SUHOSIN7_G(cookie_cryptdocroot), SUHOSIN7_G(cookie_cryptraddr), cryptkey); 106 // suhosin_generate_key(SUHOSIN7_G(cookie_cryptkey), SUHOSIN7_G(cookie_cryptua), SUHOSIN7_G(cookie_cryptdocroot), SUHOSIN7_G(cookie_cryptraddr), cryptkey);
110 S7_GENERATE_KEY(cookie, cryptkey); 107 S7_GENERATE_KEY(cookie, cryptkey);
111 // SDEBUG("cryptkey=%02x.%02x.%02x", cryptkey[0], cryptkey[1], cryptkey[2]); 108 // SDEBUG("cryptkey=%02x.%02x.%02x", cryptkey[0], cryptkey[1], cryptkey[2]);
112 109
113 ret = decrypted = emalloc(strlen(raw_cookie)*4+1); 110 ret = decrypted = emalloc(strlen(raw_cookie)*4+1);
114 raw_cookie = estrdup(raw_cookie); 111 raw_cookie = estrdup(raw_cookie);
115 SUHOSIN7_G(raw_cookie) = estrdup(raw_cookie); 112 SUHOSIN7_G(raw_cookie) = estrdup(raw_cookie);
@@ -138,10 +135,10 @@ char *suhosin_cookie_decryptor(char *raw_cookie)
138 135
139 *decrypted++ = 0; 136 *decrypted++ = 0;
140 ret = erealloc(ret, decrypted-ret); 137 ret = erealloc(ret, decrypted-ret);
141 138
142 SUHOSIN7_G(decrypted_cookie) = ret; 139 SUHOSIN7_G(decrypted_cookie) = ret;
143 efree(raw_cookie); 140 efree(raw_cookie);
144 141
145 return ret; 142 return ret;
146} 143}
147/* }}} */ 144/* }}} */