[Openvas-commits] r6222 - in trunk/gsa: . src src/html/src

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon Dec 21 14:20:19 CET 2009


Author: mattm
Date: 2009-12-21 14:20:16 +0100 (Mon, 21 Dec 2009)
New Revision: 6222

Modified:
   trunk/gsa/ChangeLog
   trunk/gsa/src/gsad.c
   trunk/gsa/src/html/src/omp.xsl
Log:
	* src/gsad.c (append_chunk_binary): New function.
	(serve_post): Use append_chunk_binary for binary keys.
	(request_handler): Move authentication check down into GET and POST cases.
	Only authentication for the first chunk of a POST request.

	* src/html/src/omp.xsl (html-create-agent-form): Comment out the HOWTOs.

Modified: trunk/gsa/ChangeLog
===================================================================
--- trunk/gsa/ChangeLog	2009-12-21 13:10:57 UTC (rev 6221)
+++ trunk/gsa/ChangeLog	2009-12-21 13:20:16 UTC (rev 6222)
@@ -18,6 +18,15 @@
 
 2009-12-18  Matthew Mundell <matthew.mundell at intevation.de>
 
+	* src/gsad.c (append_chunk_binary): New function.
+	(serve_post): Use append_chunk_binary for binary keys.
+	(request_handler): Move authentication check down into GET and POST cases.
+	Only authentication for the first chunk of a POST request.
+
+	* src/html/src/omp.xsl (html-create-agent-form): Comment out the HOWTOs.
+
+2009-12-18  Matthew Mundell <matthew.mundell at intevation.de>
+
 	Enable agent download button.
 
 	* src/gsad.c (init_validator): Add "agent_format".

Modified: trunk/gsa/src/gsad.c
===================================================================
--- trunk/gsa/src/gsad.c	2009-12-21 13:10:57 UTC (rev 6221)
+++ trunk/gsa/src/gsad.c	2009-12-21 13:20:16 UTC (rev 6222)
@@ -588,6 +588,51 @@
 }
 
 /**
+ * @brief Append a chunk to a binary parameter.
+ *
+ * @param[in]   chunk         Incoming chunk data.
+ * @param[out]  chunk_size    Size of chunk.
+ * @param[out]  chunk_offset  Offset into all data.
+ * @param[out]  param         Parameter.
+ * @param[out]  param_size    Parameter size.
+ *
+ * @return 0 on success, -1 on error.
+ */
+static int
+append_chunk_binary (const char *chunk_data,
+                     int chunk_size,
+                     int chunk_offset,
+                     char **param,
+                     int *param_size)
+{
+  if (chunk_size)
+    {
+      if (chunk_offset == 0)
+        {
+          if (*param)
+            return -1;
+          *param = malloc (chunk_size);
+          *param_size = chunk_size;
+        }
+      else
+        {
+          void *new_param;
+          if (*param == NULL)
+            return -1;
+          new_param = realloc (*param, *param_size + chunk_size);
+          if (new_param == NULL)
+            return -1;
+          *param = new_param;
+          *param_size += chunk_size;
+        }
+      memcpy (*param + chunk_offset,
+              chunk_data,
+              chunk_size);
+    }
+  return 0;
+}
+
+/**
  * @brief Called once the post request handler has collected the multiple
  * @brief parts of a post request. Fills the req_params of an
  * @brief gsad_connection_info.
@@ -852,29 +897,34 @@
         }
       if (!strcmp (key, "installer"))
         {
-          con_info->req_parms.installer = malloc (size + 1);
-          memcpy ((char *) con_info->req_parms.installer, (char *) data, size);
-          con_info->req_parms.installer_size = size;
+          if (append_chunk_binary (data,
+                                   size,
+                                   off,
+                                   &con_info->req_parms.installer,
+                                   &con_info->req_parms.installer_size))
+            return MHD_NO;
           con_info->answercode = MHD_HTTP_OK;
           return MHD_YES;
         }
       if (!strcmp (key, "howto_install"))
         {
-          con_info->req_parms.howto_install = malloc (size + 1);
-          memcpy ((char *) con_info->req_parms.howto_install,
-                  (char *) data,
-                  size);
-          con_info->req_parms.howto_install_size = size;
+          if (append_chunk_binary (data,
+                                   size,
+                                   off,
+                                   &con_info->req_parms.howto_install,
+                                   &con_info->req_parms.howto_install_size))
+            return MHD_NO;
           con_info->answercode = MHD_HTTP_OK;
           return MHD_YES;
         }
       if (!strcmp (key, "howto_use"))
         {
-          con_info->req_parms.howto_use = malloc (size + 1);
-          memcpy ((char *) con_info->req_parms.howto_use,
-                  (char *) data,
-                  size);
-          con_info->req_parms.howto_use_size = size;
+          if (append_chunk_binary (data,
+                                   size,
+                                   off,
+                                   &con_info->req_parms.howto_use,
+                                   &con_info->req_parms.howto_use_size))
+            return MHD_NO;
           con_info->answercode = MHD_HTTP_OK;
           return MHD_YES;
         }
@@ -1998,12 +2048,6 @@
       return MHD_YES;
     }
 
-  /* Check for authentication. */
-  if ((!is_http_authenticated (connection))
-      && (strncmp (&url[0], "/login/", strlen ("/login/")))) /* flawfinder: ignore,
-                                                                it is a const str */
-    return send_http_authenticate_header (connection, REALM);
-
   credentials = get_header_credentials (connection);
 
   /* Set HTTP Header values. */
@@ -2013,6 +2057,12 @@
     {
       /* This is a GET request. */
 
+      /* Check for authentication. */
+      if ((!is_http_authenticated (connection))
+          && (strncmp (&url[0], "/login/", strlen ("/login/")))) /* flawfinder: ignore,
+                                                                    it is a const str */
+        return send_http_authenticate_header (connection, REALM);
+
       if (!strncmp (&url[0], omp_cgi_base, strlen (omp_cgi_base))
           || !strncmp (&url[0], oap_cgi_base, strlen (oap_cgi_base)))
         {
@@ -2131,6 +2181,12 @@
         {
           struct gsad_connection_info *con_info;
 
+          /* Check for authentication. */
+          if ((!is_http_authenticated (connection))
+              && (strncmp (&url[0], "/login/", strlen ("/login/")))) /* flawfinder: ignore,
+                                                                        it is a const str */
+            return send_http_authenticate_header (connection, REALM);
+
           // @todo what frees this?
           con_info = calloc (1, sizeof (struct gsad_connection_info));
           if (NULL == con_info)

Modified: trunk/gsa/src/html/src/omp.xsl
===================================================================
--- trunk/gsa/src/html/src/omp.xsl	2009-12-21 13:10:57 UTC (rev 6221)
+++ trunk/gsa/src/html/src/omp.xsl	2009-12-21 13:20:16 UTC (rev 6222)
@@ -1509,6 +1509,7 @@
             <td valign="top" width="125">Installer</td>
             <td><input type="file" name="installer"/></td>
           </tr>
+          <!--
           <tr>
             <td valign="top" width="125">Howto Install</td>
             <td><input type="file" name="howto_install"/></td>
@@ -1517,6 +1518,7 @@
             <td valign="top" width="125">Howto Use</td>
             <td><input type="file" name="howto_use"/></td>
           </tr>
+          -->
           <tr>
             <td colspan="2" style="text-align:right;">
               <input type="submit" name="submit" value="Create Agent"/>



More information about the Openvas-commits mailing list