lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
4,294 Commits 9 Branches 87 Tags 16 MiB
Commit Graph

20 Commits

Author SHA1 Message Date
Glenn Strauss bed08f1292 [core] base64url pad char is '='; change from '.' 
RFC4648 base64url pad char is '='; change from '.' in lighttpd
The base64url encoding was introduced in lighttpd 1.4.38 in 2015,
but at the time, does not appear to have been used in base64url
decoding where padding might be present.

In lighttpd 1.4.50, base64url decoding was possible with %{decb64u:...}
potentially used in mod_redirect and mod_rewrite rules.  However, this
is not believed to be widely used, and even if used, it is strongly
recommended that the URLs contain a base64url-encoded string WITHOUT
padding, since padding of '=' might be %-encoded and require decoding
before base64url-decoding.

Note: this change may affect %{decb64u:...} substitution in
mod_redirect and mod_rewrite, but *ONLY* in case where URL contains
a base64url-encoded string *WITH* padding, and that padding had been
created specifically for use with lighttpd, using '.' as padding char

x-ref:
  RFC4648 https://datatracker.ietf.org/doc/html/rfc4648#section-5
 2021-09-08 15:06:07 -04:00
Glenn Strauss 396a923066 [core] li_base64_dec() 
(make public in base64.h, like li_base64_enc())
 2021-08-27 02:16:53 -04:00
Glenn Strauss f2aacad079 [core] load padding char from base64_table 
(triggers preload-access of table)
 2021-05-20 17:56:51 -04:00
Glenn Strauss 3301fe0455 [core] li_base64_dec() on 4 bytes at a time 2021-05-20 17:56:47 -04:00
Glenn Strauss 0dfe9f7b76 [core] merge base64 encoding to li_base64_enc() 
single func with option to add padding or not
 2021-05-19 04:09:58 -04:00
Glenn Strauss 235c0dca84 [core] base64 encode w/ reduced data dependencies 2021-05-19 02:24:44 -04:00
Glenn Strauss e7805dbf93 [core] base64 encode round-up for required space 
no need for extra work for precision allocation to avoid 0-3 extra chars

note: callers passing precise buffer size for without padding will need
  to be modified to pass a slightly larger buffer, e.g. mod_secdownload
 2021-05-18 21:07:24 -04:00
Glenn Strauss a473d48c43 [core] consolidate overflow checks in li_to_base64 2021-05-06 17:35:00 -04:00
Glenn Strauss bc572e1c56 [core] base64_charset enum supports only 2 tables 2021-05-06 17:35:00 -04:00
Glenn Strauss 6de4c809c9 [core] buffer_append_base64_encode_opt() 
with option to include or omit padding

single func to handle both:
- buffer_append_base64_encode_no_padding
- buffer_append_base64_encode
 2021-05-06 17:35:00 -04:00
Glenn Strauss 6f942adfe0 [core] li_to_base64 alt code to add padding 2021-05-06 17:35:00 -04:00
Glenn Strauss 5e39c81ff2 [core] li_base64_decode mark cold code path 2021-05-06 17:35:00 -04:00
Glenn Strauss 099dc83fbe [core] li_base64_decode similar to li_to_base64 2021-05-06 17:35:00 -04:00
Glenn Strauss c752d4696e [multiple] correct misspellings in comments 
x-ref:
  "Script for fixing spelling errors with codespell"
  https://redmine.lighttpd.net/boards/3/topics/8947
 2020-07-08 19:54:30 -04:00
Glenn Strauss d4083effab [core] fix base64 decode when char is unsigned (fixes #2848) 
thx, codehero

x-ref:
  "buffer_append_base64_decode() broken on compilers where char is assumed unsigned"
  https://redmine.lighttpd.net/issues/2848
 2017-12-21 17:41:17 -05:00
Glenn Strauss 7aff5046ac [unittests] consolidate base64 test code 
consolidate base64 test code

use char type for tables to reduce memory use
  (potentially increase cache hits)
 2017-10-03 22:21:53 -04:00
Stefan Bühler 82bee8d5c3 [base64] fix another crash due to broken force_assert conditions 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3119 152afb58-edef-0310-8abb-c4023f1b3aa9
 2016-03-25 16:58:14 +00:00
Andrey Mnatsakanov 7b983ae054 [base64] fix crash due to broken force_assert 
if the input to `li_to_base64_no_padding` has length 3*n,
`out_tuple_remainder` = `in_tuple_remainder` = 0, and `4*full_tuples
== 4*full_tuples + out_tuple_remainder`

From: Andrey Mnatsakanov <andrey.mnatsakanov@gmail.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3117 152afb58-edef-0310-8abb-c4023f1b3aa9
 2016-03-23 20:25:29 +00:00
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073) 
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3113 152afb58-edef-0310-8abb-c4023f1b3aa9
 2016-03-19 15:14:35 +00:00
Stefan Bühler b0a4421272 [core] refactor base64 functions into separate file 
Differential Revision: https://review.lighttpd.net/D6

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3053 152afb58-edef-0310-8abb-c4023f1b3aa9
 2015-11-22 22:22:20 +00:00