From a3299298ad8b75ffa294529e217882f2755821f6 Mon Sep 17 00:00:00 2001 From: Alan Antonuk Date: Thu, 8 Apr 2021 06:36:50 +0000 Subject: ssl: remove obsolete amqp_hostcheck This is dead code, obsoleted by #673 (setting minimum OpenSSL v1.1.1). Signed-off-by: GitHub --- librabbitmq/CMakeLists.txt | 2 - librabbitmq/amqp_hostcheck.c | 195 ------------------------------------------- librabbitmq/amqp_hostcheck.h | 48 ----------- tests/CMakeLists.txt | 5 -- tests/test_hostcheck.c | 71 ---------------- 5 files changed, 321 deletions(-) delete mode 100644 librabbitmq/amqp_hostcheck.c delete mode 100644 librabbitmq/amqp_hostcheck.h delete mode 100644 tests/test_hostcheck.c diff --git a/librabbitmq/CMakeLists.txt b/librabbitmq/CMakeLists.txt index daecc02..bf44ed7 100644 --- a/librabbitmq/CMakeLists.txt +++ b/librabbitmq/CMakeLists.txt @@ -70,8 +70,6 @@ if (ENABLE_SSL_SUPPORT) ${AMQP_SSL_SOCKET_SHIM_PATH} ${AMQP_SSL_SOCKET_H_PATH} amqp_openssl.c - amqp_hostcheck.c - amqp_hostcheck.h amqp_openssl_bio.c amqp_openssl_bio.h ) diff --git a/librabbitmq/amqp_hostcheck.c b/librabbitmq/amqp_hostcheck.c deleted file mode 100644 index 5a4f733..0000000 --- a/librabbitmq/amqp_hostcheck.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - * Copyright 1996-2014 Daniel Stenberg . - * Copyright 2014 Michael Steinert - * - * All rights reserved. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. - * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR - * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE - * USE OR OTHER DEALINGS IN THE SOFTWARE. - * - * Except as contained in this notice, the name of a copyright holder shall - * not be used in advertising or otherwise to promote the sale, use or other - * dealings in this Software without prior written authorization of the - * copyright holder. - */ - -#include "amqp_hostcheck.h" - -#include - -/* Portable, consistent toupper (remember EBCDIC). Do not use toupper() - * because its behavior is altered by the current locale. - */ - -static char amqp_raw_toupper(char in) { - switch (in) { - case 'a': - return 'A'; - case 'b': - return 'B'; - case 'c': - return 'C'; - case 'd': - return 'D'; - case 'e': - return 'E'; - case 'f': - return 'F'; - case 'g': - return 'G'; - case 'h': - return 'H'; - case 'i': - return 'I'; - case 'j': - return 'J'; - case 'k': - return 'K'; - case 'l': - return 'L'; - case 'm': - return 'M'; - case 'n': - return 'N'; - case 'o': - return 'O'; - case 'p': - return 'P'; - case 'q': - return 'Q'; - case 'r': - return 'R'; - case 's': - return 'S'; - case 't': - return 'T'; - case 'u': - return 'U'; - case 'v': - return 'V'; - case 'w': - return 'W'; - case 'x': - return 'X'; - case 'y': - return 'Y'; - case 'z': - return 'Z'; - } - return in; -} - -/* - * amqp_raw_equal() is for doing "raw" case insensitive strings. This is meant - * to be locale independent and only compare strings we know are safe for - * this. See http://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/ for - * some further explanation to why this function is necessary. - * - * The function is capable of comparing a-z case insensitively even for - * non-ascii. - */ - -static int amqp_raw_equal(const char *first, const char *second) { - while (*first && *second) { - if (amqp_raw_toupper(*first) != amqp_raw_toupper(*second)) { - /* get out of the loop as soon as they don't match */ - break; - } - first++; - second++; - } - /* we do the comparison here (possibly again), just to make sure that if - * the loop above is skipped because one of the strings reached zero, we - * must not return this as a successful match - */ - return (amqp_raw_toupper(*first) == amqp_raw_toupper(*second)); -} - -static int amqp_raw_nequal(const char *first, const char *second, size_t max) { - while (*first && *second && max) { - if (amqp_raw_toupper(*first) != amqp_raw_toupper(*second)) { - break; - } - max--; - first++; - second++; - } - if (0 == max) { - return 1; /* they are equal this far */ - } - return amqp_raw_toupper(*first) == amqp_raw_toupper(*second); -} - -/* - * Match a hostname against a wildcard pattern. - * E.g. - * "foo.host.com" matches "*.host.com". - * - * We use the matching rule described in RFC6125, section 6.4.3. - * http://tools.ietf.org/html/rfc6125#section-6.4.3 - */ - -static amqp_hostcheck_result amqp_hostmatch(const char *hostname, - const char *pattern) { - const char *pattern_label_end, *pattern_wildcard, *hostname_label_end; - int wildcard_enabled; - size_t prefixlen, suffixlen; - pattern_wildcard = strchr(pattern, '*'); - if (pattern_wildcard == NULL) { - return amqp_raw_equal(pattern, hostname) ? AMQP_HCR_MATCH - : AMQP_HCR_NO_MATCH; - } - /* We require at least 2 dots in pattern to avoid too wide wildcard match. */ - wildcard_enabled = 1; - pattern_label_end = strchr(pattern, '.'); - if (pattern_label_end == NULL || strchr(pattern_label_end + 1, '.') == NULL || - pattern_wildcard > pattern_label_end || - amqp_raw_nequal(pattern, "xn--", 4)) { - wildcard_enabled = 0; - } - if (!wildcard_enabled) { - return amqp_raw_equal(pattern, hostname) ? AMQP_HCR_MATCH - : AMQP_HCR_NO_MATCH; - } - hostname_label_end = strchr(hostname, '.'); - if (hostname_label_end == NULL || - !amqp_raw_equal(pattern_label_end, hostname_label_end)) { - return AMQP_HCR_NO_MATCH; - } - /* The wildcard must match at least one character, so the left-most - * label of the hostname is at least as large as the left-most label - * of the pattern. - */ - if (hostname_label_end - hostname < pattern_label_end - pattern) { - return AMQP_HCR_NO_MATCH; - } - prefixlen = pattern_wildcard - pattern; - suffixlen = pattern_label_end - (pattern_wildcard + 1); - return amqp_raw_nequal(pattern, hostname, prefixlen) && - amqp_raw_nequal(pattern_wildcard + 1, - hostname_label_end - suffixlen, suffixlen) - ? AMQP_HCR_MATCH - : AMQP_HCR_NO_MATCH; -} - -amqp_hostcheck_result amqp_hostcheck(const char *match_pattern, - const char *hostname) { - /* sanity check */ - if (!match_pattern || !*match_pattern || !hostname || !*hostname) { - return AMQP_HCR_NO_MATCH; - } - /* trivial case */ - if (amqp_raw_equal(hostname, match_pattern)) { - return AMQP_HCR_MATCH; - } - return amqp_hostmatch(hostname, match_pattern); -} diff --git a/librabbitmq/amqp_hostcheck.h b/librabbitmq/amqp_hostcheck.h deleted file mode 100644 index 7ab5c26..0000000 --- a/librabbitmq/amqp_hostcheck.h +++ /dev/null @@ -1,48 +0,0 @@ -#ifndef librabbitmq_amqp_hostcheck_h -#define librabbitmq_amqp_hostcheck_h - -/* - * Copyright 1996-2014 Daniel Stenberg . - * Copyright 2014 Michael Steinert - * - * All rights reserved. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. - * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR - * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE - * USE OR OTHER DEALINGS IN THE SOFTWARE. - * - * Except as contained in this notice, the name of a copyright holder shall - * not be used in advertising or otherwise to promote the sale, use or other - * dealings in this Software without prior written authorization of the - * copyright holder. - */ - -typedef enum { - AMQP_HCR_NO_MATCH = 0, - AMQP_HCR_MATCH = 1 -} amqp_hostcheck_result; - -/** - * Determine whether hostname matches match_pattern. - * - * match_pattern may include wildcards. - * - * Match is performed based on the rules set forth in RFC6125 section 6.4.3. - * http://tools.ietf.org/html/rfc6125#section-6.4.3 - * - * \param match_pattern RFC6125 compliant pattern - * \param hostname to match against - * \returns AMQP_HCR_MATCH if its a match, AMQP_HCR_NO_MATCH otherwise. - */ -amqp_hostcheck_result amqp_hostcheck(const char *match_pattern, - const char *hostname); - -#endif diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index f745e3f..d365b0a 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -22,11 +22,6 @@ target_link_libraries(test_tables rabbitmq-static) add_test(tables test_tables) configure_file(test_tables.expected ${CMAKE_CURRENT_BINARY_DIR}/tests/test_tables.expected COPYONLY) -add_executable(test_hostcheck - test_hostcheck.c - ../librabbitmq/amqp_hostcheck.c) -add_test(hostcheck test_hostcheck) - add_executable(test_status_enum test_status_enum.c) target_link_libraries(test_status_enum rabbitmq-static) diff --git a/tests/test_hostcheck.c b/tests/test_hostcheck.c deleted file mode 100644 index 24c0d6c..0000000 --- a/tests/test_hostcheck.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright 2014 Michael Steinert - * - * Permission is hereby granted, free of charge, to any person - * obtaining a copy of this software and associated documentation - * files (the "Software"), to deal in the Software without - * restriction, including without limitation the rights to use, copy, - * modify, merge, publish, distribute, sublicense, and/or sell copies - * of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be - * included in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS - * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN - * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include "amqp_hostcheck.h" - -#include -#include - -static void hostcheck_success(const char *match_pattern, const char *url) { - int ok; - - ok = amqp_hostcheck(match_pattern, url); - if (!ok) { - fprintf(stderr, "Expected hostname check to pass, but didn't: %s (%s)\n", - url, match_pattern); - abort(); - } - - fprintf(stdout, "ok: [success] %s, %s\n", url, match_pattern); -} - -static void hostcheck_fail(const char *match_pattern, const char *url) { - int ok; - - ok = amqp_hostcheck(match_pattern, url); - if (ok) { - fprintf(stderr, "Expected hostname check to fail, but didn't: %s (%s)\n", - url, match_pattern); - abort(); - } - - fprintf(stdout, "ok: [fail] %s, %s\n", url, match_pattern); -} - -int main(void) { - hostcheck_success("www.rabbitmq.com", "www.rabbitmq.com"); - hostcheck_success("www.rabbitmq.com", "wWw.RaBbItMq.CoM"); - hostcheck_success("*.rabbitmq.com", "wWw.RaBbItMq.CoM"); - hostcheck_fail("rabbitmq.com", "www.rabbitmq.com"); - hostcheck_success("*.rabbitmq.com", "www.rabbitmq.com"); - hostcheck_fail("*.com", "www.rabbitmq.com"); - hostcheck_fail("*.rabbitmq.com", "long.url.rabbitmq.com"); - hostcheck_success("*.url.rabbitmq.com", "long.url.rabbitmq.com"); - - return 0; -} -- cgit v1.2.1