From 8d59d69449c2a86c478699a50d920541aa106201 Mon Sep 17 00:00:00 2001 From: Julien Chaffraix Date: Sat, 13 Nov 2010 12:01:33 -0800 Subject: security: tighten enum protection_level usage. While changing Curl_sec_read_msg to accept an enum protection_level instead of an int, I went ahead and fixed the usage of the associated fields. Some code was assuming that prot_clear == 0. Fixed those to use the proper value. Added assertions prior to any code that would set the protection level. --- lib/security.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) (limited to 'lib/security.c') diff --git a/lib/security.c b/lib/security.c index d22ff9a32..88c6541d9 100644 --- a/lib/security.c +++ b/lib/security.c @@ -85,7 +85,7 @@ name_to_level(const char *name) for(i = 0; i < (int)sizeof(level_names)/(int)sizeof(level_names[0]); i++) if(checkprefix(name, level_names[i].name)) return level_names[i].level; - return (enum protection_level)-1; + return prot_none; } /* Convert a protocol |level| to its char representation. @@ -290,6 +290,8 @@ static void do_sec_send(struct connectdata *conn, curl_socket_t fd, enum protection_level prot_level = conn->data_prot; bool iscmd = prot_level == prot_cmd; + DEBUGASSERT(prot_level > prot_none && prot_level < prot_last); + if(iscmd) { if(!strncmp(from, "PASS ", 5) || !strncmp(from, "ACCT ", 5)) prot_level = prot_private; @@ -355,8 +357,8 @@ static ssize_t sec_send(struct connectdata *conn, int sockindex, return sec_write(conn, fd, buffer, len); } -/* FIXME: |level| should not be an int but a struct protection_level */ -int Curl_sec_read_msg(struct connectdata *conn, char *buffer, int level) +int Curl_sec_read_msg(struct connectdata *conn, char *buffer, + enum protection_level level) { /* decoded_len should be size_t or ssize_t but conn->mech->decode returns an int */ @@ -364,6 +366,8 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, int level) char *buf; int ret_code; + DEBUGASSERT(level > prot_none && level < prot_last); + decoded_len = Curl_base64_decode(buffer + 4, (unsigned char **)&buf); if(decoded_len <= 0) { free(buf); @@ -407,6 +411,8 @@ static int sec_set_protection_level(struct connectdata *conn) static unsigned int buffer_size = 1 << 20; /* 1048576 */ enum protection_level level = conn->request_data_prot; + DEBUGASSERT(level > prot_none && level < prot_last); + if(!conn->sec_complete) { infof(conn->data, "Trying to change the protection level after the" "completion of the data exchange.\n"); @@ -458,10 +464,11 @@ static int sec_set_protection_level(struct connectdata *conn) int Curl_sec_request_prot(struct connectdata *conn, const char *level) { - int l = name_to_level(level); - if(l == -1) + enum protection_level l = name_to_level(level); + if(l == prot_none) return -1; - conn->request_data_prot = (enum protection_level)l; + DEBUGASSERT(l > prot_none && l < prot_last); + conn->request_data_prot = l; return 0; } @@ -575,7 +582,7 @@ Curl_sec_end(struct connectdata *conn) conn->in_buffer.eof_flag = 0; } conn->sec_complete = 0; - conn->data_prot = (enum protection_level)0; + conn->data_prot = prot_clear; conn->mech = NULL; } -- cgit v1.2.3