From f2715ed85d43b7c7fa4f86e3c3b4118c4cd5ce4d Mon Sep 17 00:00:00 2001 From: David Walter Seikel Date: Sun, 11 Mar 2012 04:31:18 +1000 Subject: Fix http://redmine.kokuaviewer.org/issues/1126 and as a bonus, now using blowfish to encrypt passwords. --- linden/indra/llmessage/llblowfishcipher.cpp | 69 +++++++++++++++++++++++++---- 1 file changed, 61 insertions(+), 8 deletions(-) (limited to 'linden/indra/llmessage') diff --git a/linden/indra/llmessage/llblowfishcipher.cpp b/linden/indra/llmessage/llblowfishcipher.cpp index f24d103..e9d4a7c 100644 --- a/linden/indra/llmessage/llblowfishcipher.cpp +++ b/linden/indra/llmessage/llblowfishcipher.cpp @@ -73,13 +73,13 @@ U32 LLBlowfishCipher::encrypt(const U8* src, U32 src_len, U8* dst, U32 dst_len) unsigned char initial_vector[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; EVP_EncryptInit_ex(&context, NULL, NULL, mSecret, initial_vector); - int blocksize = EVP_CIPHER_CTX_block_size(&context); - int keylen = EVP_CIPHER_CTX_key_length(&context); - int iv_length = EVP_CIPHER_CTX_iv_length(&context); - lldebugs << "LLBlowfishCipher blocksize " << blocksize - << " keylen " << keylen - << " iv_len " << iv_length - << llendl; +// int blocksize = EVP_CIPHER_CTX_block_size(&context); +// int keylen = EVP_CIPHER_CTX_key_length(&context); +// int iv_length = EVP_CIPHER_CTX_iv_length(&context); +// lldebugs << "LLBlowfishCipher blocksize " << blocksize +// << " keylen " << keylen +// << " iv_len " << iv_length +// << llendl; int output_len = 0; int temp_len = 0; @@ -113,7 +113,60 @@ ERROR: // virtual U32 LLBlowfishCipher::decrypt(const U8* src, U32 src_len, U8* dst, U32 dst_len) { - llerrs << "LLBlowfishCipher decrypt unsupported" << llendl; + if (!src || !src_len || !dst || !dst_len) return 0; + if (src_len > dst_len) return 0; + + // OpenSSL uses "cipher contexts" to hold encryption parameters. + EVP_CIPHER_CTX context; + EVP_CIPHER_CTX_init(&context); + + // We want a blowfish cyclic block chain cipher, but need to set + // the key length before we pass in a key, so call EncryptInit + // first with NULLs. + EVP_DecryptInit_ex(&context, EVP_bf_cbc(), NULL, NULL, NULL); + EVP_CIPHER_CTX_set_key_length(&context, (int)mSecretSize); + + // Complete initialization. Per EVP_EncryptInit man page, the + // cipher pointer must be NULL. Apparently initial_vector must + // be 8 bytes for blowfish, as this is the block size. + unsigned char initial_vector[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; + EVP_DecryptInit_ex(&context, NULL, NULL, mSecret, initial_vector); + +// int blocksize = EVP_CIPHER_CTX_block_size(&context); +// int keylen = EVP_CIPHER_CTX_key_length(&context); +// int iv_length = EVP_CIPHER_CTX_iv_length(&context); +// lldebugs << "LLBlowfishCipher blocksize " << blocksize +// << " keylen " << keylen +// << " iv_len " << iv_length +// << llendl; + + int output_len = 0; + int temp_len = 0; + if (!EVP_DecryptUpdate(&context, + dst, + &output_len, + src, + src_len)) + { + llwarns << "LLBlowfishCipher::decrypt EVP_DecryptUpdate failure" << llendl; + goto ERROR; + } + + // There may be some final data left to decrypt if the input is + // not an exact multiple of the block size. + if (!EVP_DecryptFinal_ex(&context, (unsigned char*)(dst + output_len), &temp_len)) + { + llwarns << "LLBlowfishCipher::decrypt EVP_DecryptFinal failure" << llendl; + goto ERROR; + } + output_len += temp_len; + + EVP_CIPHER_CTX_cleanup(&context); + return output_len; + +ERROR: + EVP_CIPHER_CTX_cleanup(&context); + return 0; return 0; } -- cgit v1.1 From 23e81a5276878e5f3cad03750b4c0a24a1aaa4d6 Mon Sep 17 00:00:00 2001 From: David Walter Seikel Date: Tue, 20 Mar 2012 22:27:09 +1000 Subject: Remove a duplicate return statement. Thanks to Nicky Perian for pointing this out. --- linden/indra/llmessage/llblowfishcipher.cpp | 1 - 1 file changed, 1 deletion(-) (limited to 'linden/indra/llmessage') diff --git a/linden/indra/llmessage/llblowfishcipher.cpp b/linden/indra/llmessage/llblowfishcipher.cpp index e9d4a7c..3eebfad 100644 --- a/linden/indra/llmessage/llblowfishcipher.cpp +++ b/linden/indra/llmessage/llblowfishcipher.cpp @@ -167,7 +167,6 @@ U32 LLBlowfishCipher::decrypt(const U8* src, U32 src_len, U8* dst, U32 dst_len) ERROR: EVP_CIPHER_CTX_cleanup(&context); return 0; - return 0; } // virtual -- cgit v1.1 From ba982c0575515a8524d5044f928cd336303f807c Mon Sep 17 00:00:00 2001 From: David Walter Seikel Date: Sat, 6 Apr 2013 21:47:13 +1000 Subject: Clean up some compiler warnings. More to come. --- linden/indra/llmessage/llhttpassetstorage.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'linden/indra/llmessage') diff --git a/linden/indra/llmessage/llhttpassetstorage.cpp b/linden/indra/llmessage/llhttpassetstorage.cpp index 49dbdbd..fcdb354 100644 --- a/linden/indra/llmessage/llhttpassetstorage.cpp +++ b/linden/indra/llmessage/llhttpassetstorage.cpp @@ -743,7 +743,8 @@ LLAssetRequest* LLHTTPAssetStorage::findNextRequest(LLAssetStorage::request_list request_list_t::iterator running_end = running.end(); request_list_t::iterator pending_iter = pending.begin(); - request_list_t::iterator pending_end = pending.end(); + // FIXME onefang - I assume this was being used to speed up the for(), but this is just a quick pass to get rid of warnings. Try to understand it later. + //request_list_t::iterator pending_end = pending.end(); // Loop over all pending requests until we miss finding it in the running list. for (; pending_iter != pending.end(); ++pending_iter) { -- cgit v1.1