From 36b9ac14c7649f6611c4221c67f104b5a554e4cd Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu, 23 Jan 2003 09:54:37 +0000
Subject: Some cleanups.

---
 libextra/auth_srp_passwd.c | 37 ++++++++++++++++++++++---------------
 1 file changed, 22 insertions(+), 15 deletions(-)

(limited to 'libextra')

diff --git a/libextra/auth_srp_passwd.c b/libextra/auth_srp_passwd.c
index 46ccfc1ef2..7504df9963 100644
--- a/libextra/auth_srp_passwd.c
+++ b/libextra/auth_srp_passwd.c
@@ -35,6 +35,9 @@
 #include "debug.h"
 #include <gnutls_str.h>
 #include <gnutls_datum.h>
+#include <gnutls_num.h>
+
+static int _randomize_pwd_entry(SRP_PWD_ENTRY* entry);
 
 /* this function parses tpasswd.conf file. Format is:
  * string(username):base64(v):base64(salt):int(index)
@@ -201,7 +204,7 @@ static int pwd_read_conf( const char* pconf_file, SRP_PWD_ENTRY* entry, int inde
 	    while( (line[i]!=':') && (line[i]!='\0') && (i < sizeof(line)) ) {
 	            i++;
 	    }
-	    if (strncmp( indexstr, line, (i>len)?i:len) == 0) {
+	    if (strncmp( indexstr, line, GMAX(i,len)) == 0) {
 			if ((index = pwd_put_values2( entry, line)) >= 0)
 				return 0;
 			else {
@@ -219,7 +222,8 @@ int _gnutls_srp_pwd_read_entry( gnutls_session state, char* username,
 	const gnutls_srp_server_credentials cred;
 	FILE * fd;
 	char line[2*1024];
-	uint i, len, ret;
+	uint i, len;
+	int ret;
 	int index, pwd_index = 0, last_index;
 	SRP_PWD_ENTRY* entry;
 
@@ -308,7 +312,7 @@ int _gnutls_srp_pwd_read_entry( gnutls_session state, char* username,
 	            i++;
 	    }
 	    
-	    if (strncmp( username, line, (i>len)?i:len) == 0) {
+	    if (strncmp( username, line, GMAX(i,len)) == 0) {
 			if ((index = pwd_put_values( entry, line)) >= 0) {
 				/* Keep the last index in memory, so we can retrieve fake parameters (g,n)
 				 * when the user does not exist.
@@ -352,17 +356,22 @@ int _gnutls_srp_pwd_read_entry( gnutls_session state, char* username,
 /* Randomizes the given password entry. It actually sets the verifier
  * and the salt. Returns 0 on success.
  */
-#define RNDUSER "rnd"
-#define RND_SALT_SIZE 17
-int _randomize_pwd_entry(SRP_PWD_ENTRY* entry) {
-	int ret;
-	
+static int _randomize_pwd_entry(SRP_PWD_ENTRY* entry) 
+{
+char rnduser[64];
+unsigned char rndsuffix[5];
+
 	if (entry->g.size == 0 || entry->n.size == 0) {
 		gnutls_assert();
 		return GNUTLS_E_INTERNAL_ERROR;
 	}
+	
+	_gnutls_get_random( rndsuffix, sizeof(rndsuffix), GNUTLS_WEAK_RANDOM);
+	sprintf( rnduser, "__invalid%x%x%x%x", rndsuffix[0], 
+		rndsuffix[1], rndsuffix[2], rndsuffix[3]);
+	entry->salt.size = (rndsuffix[4] % 10) + 7;
 
-	entry->username = gnutls_strdup(RNDUSER);
+	entry->username = gnutls_strdup(rnduser);
 	if (entry->username == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
@@ -375,21 +384,19 @@ int _randomize_pwd_entry(SRP_PWD_ENTRY* entry) {
 		return GNUTLS_E_MEMORY_ERROR;
 	}
 
-	_gnutls_get_random( entry->v.data, 20, GNUTLS_WEAK_RANDOM);
+	_gnutls_get_random( entry->v.data, 20, GNUTLS_STRONG_RANDOM);
 
-	entry->salt.size = RND_SALT_SIZE;
-	
-	entry->salt.data = gnutls_malloc(RND_SALT_SIZE);
+	entry->salt.data = gnutls_malloc( entry->salt.size);
 	if (entry->salt.data==NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
 	
-	if (_gnutls_get_random(entry->salt.data, RND_SALT_SIZE, GNUTLS_WEAK_RANDOM) < 0) {
+	if (_gnutls_get_random(entry->salt.data, entry->salt.size, GNUTLS_WEAK_RANDOM) < 0) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
-	
+
 	return 0;
 }
 
-- 
cgit v1.2.1