[Git][NTPsec/ntpsec][master] Inline keytype_from_text()
Matt Selsky
gitlab at mg.gitlab.com
Tue Jan 31 04:39:19 UTC 2017
Matt Selsky pushed to branch master at NTPsec / ntpsec
Commits:
a75b5584 by Matt Selsky at 2017-01-30T23:38:25-05:00
Inline keytype_from_text()
- - - - -
5 changed files:
- libntp/authreadkeys.c
- libntp/ssl_init.c
- tests/common/tests_main.c
- − tests/libntp/ssl_init.c
- tests/wscript
Changes:
=====================================
libntp/authreadkeys.c
=====================================
--- a/libntp/authreadkeys.c
+++ b/libntp/authreadkeys.c
@@ -9,6 +9,7 @@
#include "ntp.h"
#include "ntp_syslog.h"
#include "ntp_stdlib.h"
+#include "lib_strbuf.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
@@ -135,8 +136,22 @@ msyslog(LOG_ERR, "authreadkeys: reading %s", file);
* algorithm. There are a number of inconsistencies in
* the OpenSSL database. We attempt to discover them
* here and prevent use of inconsistent data later.
+ *
+ * OpenSSL digest short names are capitalized, so uppercase the
+ * digest name before passing to OBJ_sn2nid(). If it is not
+ * recognized but begins with 'M' use NID_md5 to be consistent
+ * with past behavior.
*/
- keytype = keytype_from_text(token);
+ char *upcased;
+ char *pch;
+ LIB_GETBUF(upcased);
+ strlcpy(upcased, token, LIB_BUFLENGTH);
+ for (pch = upcased; '\0' != *pch; pch++)
+ *pch = (char)toupper((unsigned char)*pch);
+
+ keytype = OBJ_sn2nid(upcased);
+ if (!keytype && 'm' == tolower((unsigned char)token[0]))
+ keytype = NID_md5;
if (keytype == 0) {
msyslog(LOG_ERR,
"authreadkeys: invalid type for key %d", keyno);
=====================================
libntp/ssl_init.c
=====================================
--- a/libntp/ssl_init.c
+++ b/libntp/ssl_init.c
@@ -11,7 +11,6 @@
#include <ctype.h>
#include <ntp.h>
#include <ntp_debug.h>
-#include <lib_strbuf.h>
#include <openssl/err.h>
#include <openssl/evp.h>
@@ -46,41 +45,3 @@ atexit_ssl_cleanup(void)
EVP_cleanup();
ERR_free_strings();
}
-
-
-/*
- * keytype_from_text returns OpenSSL NID for digest by name, and
- * optionally the associated digest length.
- *
- * Used by ntpd authreadkeys()
- */
-int
-keytype_from_text(
- const char *text
- )
-{
- int key_type;
- char * upcased;
- char * pch;
-
- /*
- * OpenSSL digest short names are capitalized, so uppercase the
- * digest name before passing to OBJ_sn2nid(). If it is not
- * recognized but begins with 'M' use NID_md5 to be consistent
- * with past behavior.
- */
- ssl_init();
- LIB_GETBUF(upcased);
- strlcpy(upcased, text, LIB_BUFLENGTH);
- for (pch = upcased; '\0' != *pch; pch++)
- *pch = (char)toupper((unsigned char)*pch);
- key_type = OBJ_sn2nid(upcased);
-
- if (!key_type && 'm' == tolower((unsigned char)text[0]))
- key_type = NID_md5;
-
- if (!key_type)
- return 0;
-
- return key_type;
-}
=====================================
tests/common/tests_main.c
=====================================
--- a/tests/common/tests_main.c
+++ b/tests/common/tests_main.c
@@ -56,7 +56,6 @@ static void RunAllTests(void)
RUN_TEST_GROUP(refidsmear);
RUN_TEST_GROUP(sfptostr);
RUN_TEST_GROUP(socktoa);
- RUN_TEST_GROUP(ssl_init);
RUN_TEST_GROUP(statestr);
RUN_TEST_GROUP(strtolfp);
RUN_TEST_GROUP(timespecops);
=====================================
tests/libntp/ssl_init.c deleted
=====================================
--- a/tests/libntp/ssl_init.c
+++ /dev/null
@@ -1,39 +0,0 @@
-#include "config.h"
-
-#include "ntp_stdlib.h"
-
-#include "unity.h"
-#include "unity_fixture.h"
-
-TEST_GROUP(ssl_init);
-
-TEST_SETUP(ssl_init) {}
-
-TEST_TEAR_DOWN(ssl_init) {}
-
-
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-
-#include "ntp.h"
-
-// keytype_from_text()
-TEST(ssl_init, MD5KeyType) {
- TEST_ASSERT_EQUAL(KEY_TYPE_MD5, keytype_from_text("MD5"));
-}
-
-TEST(ssl_init, MD5KeyTypeLegacy) {
- TEST_ASSERT_EQUAL(KEY_TYPE_MD5, keytype_from_text("M"));
-}
-
-TEST(ssl_init, SHA1KeyType) {
- TEST_ASSERT_EQUAL(NID_sha1, keytype_from_text("SHA1"));
-}
-
-TEST_GROUP_RUNNER(ssl_init) {
- RUN_TEST_CASE(ssl_init, MD5KeyType);
- RUN_TEST_CASE(ssl_init, MD5KeyTypeLegacy);
-
- RUN_TEST_CASE(ssl_init, SHA1KeyType);
-}
=====================================
tests/wscript
=====================================
--- a/tests/wscript
+++ b/tests/wscript
@@ -43,7 +43,6 @@ def build(ctx):
"libntp/refidsmear.c",
"libntp/sfptostr.c",
"libntp/socktoa.c",
- "libntp/ssl_init.c",
"libntp/statestr.c",
"libntp/strtolfp.c",
"libntp/timespecops.c",
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/a75b5584aaaf6b0d395d586f8a360c5c5196c205
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170131/e70fc0b7/attachment.html>
More information about the vc
mailing list