[Spice-commits] 2 commits - server/red-stream.c

Frediano Ziglio fziglio at kemper.freedesktop.org
Tue Jan 2 11:44:04 UTC 2018


 server/red-stream.c |   30 +++++++++---------------------
 1 file changed, 9 insertions(+), 21 deletions(-)

New commits:
commit cb099522bf0e9356f529f1d3da0ea06521d5fe65
Author: Frediano Ziglio <fziglio at redhat.com>
Date:   Tue Dec 12 17:20:39 2017 +0000

    red-stream: Avoid to specify 2 mech names during SASL
    
    Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
    Acked-by: Snir Sheriber <ssheribe at redhat.com>

diff --git a/server/red-stream.c b/server/red-stream.c
index f4637808..a73eeb38 100644
--- a/server/red-stream.c
+++ b/server/red-stream.c
@@ -985,7 +985,7 @@ bool red_sasl_handle_auth_mechname(RedStream *stream, AsyncReadDone read_cb, voi
     char quoted_mechname[SASL_MAX_MECHNAME_LEN + 4];
     sprintf(quoted_mechname, ",%s,", sasl->mechname);
 
-    if (strstr(sasl->mechlist, quoted_mechname) == NULL) {
+    if (strchr(sasl->mechname, ',') || strstr(sasl->mechlist, quoted_mechname) == NULL) {
         return false;
     }
 
commit f3be28fb5e2f41046827af1c2c9e794541c31f30
Author: Frediano Ziglio <fziglio at redhat.com>
Date:   Tue Dec 12 17:20:39 2017 +0000

    red-stream: Simplify mechname matching
    
    Avoid over complicated matching using quoting and a simple strstr
    operation.
    The mech names are separated and quoted with the same chararacter (',')
    making possible to search for ",MECHNAME," instead of manually check for
    prefix and suffix after the search for "MECHNAME".
    
    Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
    Acked-by: Snir Sheriber <ssheribe at redhat.com>

diff --git a/server/red-stream.c b/server/red-stream.c
index 55e2c3e0..f4637808 100644
--- a/server/red-stream.c
+++ b/server/red-stream.c
@@ -744,6 +744,7 @@ static int auth_sasl_check_ssf(RedSASL *sasl, int *runSSF)
  * u8-array serverout-strin
  * u8 continue
  */
+#define SASL_MAX_MECHNAME_LEN 100
 #define SASL_DATA_MAX_LEN (1024 * 1024)
 
 RedSaslError red_sasl_handle_auth_step(RedStream *stream, AsyncReadDone read_cb, void *opaque)
@@ -981,24 +982,11 @@ bool red_sasl_handle_auth_mechname(RedStream *stream, AsyncReadDone read_cb, voi
     spice_debug("Got client mechname '%s' check against '%s'",
                sasl->mechname, sasl->mechlist);
 
-    if (strncmp(sasl->mechlist, sasl->mechname, sasl->len) == 0) {
-        if (sasl->mechlist[sasl->len] != '\0' &&
-            sasl->mechlist[sasl->len] != ',') {
-            spice_debug("One %d", sasl->mechlist[sasl->len]);
-            return false;
-        }
-    } else {
-        char *offset = strstr(sasl->mechlist, sasl->mechname);
-        spice_debug("Two %p", offset);
-        if (!offset) {
-            return false;
-        }
-        spice_debug("Two '%s'", offset);
-        if (offset[-1] != ',' ||
-            (offset[sasl->len] != '\0'&&
-             offset[sasl->len] != ',')) {
-            return false;
-        }
+    char quoted_mechname[SASL_MAX_MECHNAME_LEN + 4];
+    sprintf(quoted_mechname, ",%s,", sasl->mechname);
+
+    if (strstr(sasl->mechlist, quoted_mechname) == NULL) {
+        return false;
     }
 
     spice_debug("Validated mechname '%s'", sasl->mechname);
@@ -1013,7 +1001,7 @@ bool red_sasl_handle_auth_mechlen(RedStream *stream, AsyncReadDone read_cb, void
 {
     RedSASL *sasl = &stream->priv->sasl;
 
-    if (sasl->len < 1 || sasl->len > 100) {
+    if (sasl->len < 1 || sasl->len > SASL_MAX_MECHNAME_LEN) {
         spice_warning("Got bad client mechname len %d", sasl->len);
         return false;
     }
@@ -1106,9 +1094,9 @@ bool red_sasl_start_auth(RedStream *stream, AsyncReadDone read_cb, void *opaque)
 
     err = sasl_listmech(sasl->conn,
                         NULL, /* Don't need to set user */
-                        "", /* Prefix */
+                        ",", /* Prefix */
                         ",", /* Separator */
-                        "", /* Suffix */
+                        ",", /* Suffix */
                         &mechlist,
                         NULL,
                         NULL);


More information about the Spice-commits mailing list