micahmoore/pserv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

changed header parsing to avoid cutting up space-contained values

Browse Source 
- also fixes and updates to JWT examples
This commit is contained in:
Godmar Back 2021-04-23 13:16:31 -04:00
parent beffc8ad32
commit f6389fb4b6
3 changed files with 80 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/http.c
View File

@ -98,17 +98,23 @@ http_process_headers(struct http_transaction *ta)
*/ */
char *endptr; char *endptr;
char *field_name = strtok_r(header, ":", &endptr); char *field_name = strtok_r(header, ":", &endptr);
char *field_value = strtok_r(NULL, " \t", &endptr); // skip leading & trailing OWS if (field_name == NULL)
if (field_name == NULL || field_value == NULL)
return false; return false;
// skip white space
char *field_value = endptr;
while (*field_value == ' ' || *field_value == '\t')
field_value++;
// you may print the header like so
// printf("Header: %s: %s\n", field_name, field_value); // printf("Header: %s: %s\n", field_name, field_value);
if (!strcasecmp(field_name, "Content-Length")) { if (!strcasecmp(field_name, "Content-Length")) {
ta->req_content_len = atoi(field_value); ta->req_content_len = atoi(field_value);
} }
/* Handle other headers here. */ /* Handle other headers here. Both field_value and field_name
* are zero-terminated strings.
*/
} }
} }

55
src/jwt_demo_hs256.c
View File

@ -1,56 +1,73 @@
/* /*
* Quick demo of how to use libjwt using a HS256. * Quick demo of how to use libjwt using a HS256.
* *
* @author gback, CS 3214, Spring 2018 * @author gback, CS 3214, Spring 2018, updated Spring 2021
*/ */
#include <jwt.h> #include <jwt.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#include <errno.h>
static const char * NEVER_EMBED_A_SECRET_IN_CODE = "supa secret"; static const char * NEVER_EMBED_A_SECRET_IN_CODE = "supa secret";
static void
die(const char *msg, int error)
{
fprintf(stderr, "%s: %s\n", msg, strerror(error));
exit(EXIT_FAILURE);
}
int int
main() main()
{ {
jwt_t *mytoken; jwt_t *mytoken;
if (jwt_new(&mytoken)) int rc = jwt_new(&mytoken);
perror("jwt_new"), exit(-1); if (rc)
die("jwt_new", rc);
if (jwt_add_grant(mytoken, "sub", "user0")) rc = jwt_add_grant(mytoken, "sub", "user0");
perror("jwt_add_grant sub"), exit(-1); if (rc)
die("jwt_add_grant sub", rc);
time_t now = time(NULL); time_t now = time(NULL);
if (jwt_add_grant_int(mytoken, "iat", now)) rc = jwt_add_grant_int(mytoken, "iat", now);
perror("jwt_add_grant iat"), exit(-1); if (rc)
die("jwt_add_grant iat", rc);
if (jwt_add_grant_int(mytoken, "exp", now + 3600 * 24)) rc = jwt_add_grant_int(mytoken, "exp", now + 3600 * 24);
perror("jwt_add_grant exp"), exit(-1); if (rc)
die("jwt_add_grant exp", rc);
if (jwt_set_alg(mytoken, JWT_ALG_HS256, rc = jwt_set_alg(mytoken, JWT_ALG_HS256,
(unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE, strlen(NEVER_EMBED_A_SECRET_IN_CODE))) (unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE,
perror("jwt_set_alg"), exit(-1); strlen(NEVER_EMBED_A_SECRET_IN_CODE));
if (rc)
die("jwt_set_alg", rc);
printf("dump:\n"); printf("dump:\n");
if (jwt_dump_fp(mytoken, stdout, 1)) rc = jwt_dump_fp(mytoken, stdout, 1);
perror("jwt_dump_fp"), exit(-1); if (rc)
die("jwt_dump_fp", rc);
char *encoded = jwt_encode_str(mytoken); char *encoded = jwt_encode_str(mytoken);
if (encoded == NULL) if (encoded == NULL)
perror("jwt_encode_str"), exit(-1); die("jwt_encode_str", ENOMEM);
printf("encoded as %s\nTry entering this at jwt.io\n", encoded); printf("encoded as %s\nTry entering this at jwt.io\n", encoded);
jwt_t *ymtoken; jwt_t *ymtoken;
if (jwt_decode(&ymtoken, encoded, rc = jwt_decode(&ymtoken, encoded,
(unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE, strlen(NEVER_EMBED_A_SECRET_IN_CODE))) (unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE,
perror("jwt_decode"), exit(-1); strlen(NEVER_EMBED_A_SECRET_IN_CODE));
if (rc)
die("jwt_decode", rc);
char *grants = jwt_get_grants_json(ymtoken, NULL); // NULL means all char *grants = jwt_get_grants_json(ymtoken, NULL); // NULL means all
if (grants == NULL) if (grants == NULL)
perror("jwt_get_grants_json"), exit(-1); die("jwt_get_grants_json", ENOMEM);
printf("redecoded: %s\n", grants); printf("redecoded: %s\n", grants);
} }

52
src/jwt_demo_rs256.c
View File

@ -5,17 +5,25 @@
* openssl genpkey -algorithm RSA -out myprivatekey.pem -pkeyopt rsa_keygen_bits:2048 * openssl genpkey -algorithm RSA -out myprivatekey.pem -pkeyopt rsa_keygen_bits:2048
* openssl rsa -in myprivatekey.pem -pubout > mykey.pub * openssl rsa -in myprivatekey.pem -pubout > mykey.pub
* *
* @author gback, CS 3214, Spring 2018 * @author gback, CS 3214, Spring 2018, updated Spring 2021
*/ */
#include <jwt.h> #include <jwt.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#include <errno.h>
unsigned char private_key[16384]; unsigned char private_key[16384];
unsigned char public_key[16384]; unsigned char public_key[16384];
static void
die(const char *msg, int error)
{
fprintf(stderr, "%s: %s\n", msg, strerror(error));
exit(EXIT_FAILURE);
}
static void static void
read_key(unsigned char *key, const char *name) read_key(unsigned char *key, const char *name)
{ {
@ -33,42 +41,50 @@ main()
read_key(private_key, "myprivatekey.pem"); read_key(private_key, "myprivatekey.pem");
read_key(public_key, "mykey.pub"); read_key(public_key, "mykey.pub");
int rc;
jwt_t *mytoken; jwt_t *mytoken;
if (jwt_new(&mytoken)) rc = jwt_new(&mytoken);
perror("jwt_new"), exit(-1); if (rc)
die("jwt_new", rc);
if (jwt_add_grant(mytoken, "sub", "user0")) rc = jwt_add_grant(mytoken, "sub", "user0");
perror("jwt_add_grant sub"), exit(-1); if (rc)
die("jwt_add_grant sub", rc);
time_t now = time(NULL); time_t now = time(NULL);
if (jwt_add_grant_int(mytoken, "iat", now)) rc = jwt_add_grant_int(mytoken, "iat", now);
perror("jwt_add_grant iat"), exit(-1); if (rc)
die("jwt_add_grant iat", rc);
if (jwt_add_grant_int(mytoken, "exp", now + 3600 * 24)) rc = jwt_add_grant_int(mytoken, "exp", now + 3600 * 24);
perror("jwt_add_grant exp"), exit(-1); if (rc)
die("jwt_add_grant exp", rc);
if (jwt_set_alg(mytoken, JWT_ALG_RS256, rc = jwt_set_alg(mytoken, JWT_ALG_RS256,
private_key, strlen((char *)private_key))) private_key, strlen((char *)private_key));
perror("jwt_set_alg"), exit(-1); if (rc)
die("jwt_set_alg", rc);
printf("dump:\n"); printf("dump:\n");
if (jwt_dump_fp(mytoken, stdout, 1)) rc = jwt_dump_fp(mytoken, stdout, 1);
perror("jwt_dump_fp"), exit(-1); if (rc)
die("jwt_dump_fp", rc);
char *encoded = jwt_encode_str(mytoken); char *encoded = jwt_encode_str(mytoken);
if (encoded == NULL) if (encoded == NULL)
perror("jwt_encode_str"), exit(-1); die("jwt_encode_str", ENOMEM);
printf("encoded as %s\nTry entering this at jwt.io\n", encoded); printf("encoded as %s\nTry entering this at jwt.io\n", encoded);
jwt_t *ymtoken; jwt_t *ymtoken;
if (jwt_decode(&ymtoken, encoded, public_key, strlen((char *)public_key))) rc = jwt_decode(&ymtoken, encoded, public_key, strlen((char *)public_key));
perror("jwt_decode"), exit(-1); if (rc)
die("jwt_decode", rc);
char *grants = jwt_get_grants_json(ymtoken, NULL); // NULL means all char *grants = jwt_get_grants_json(ymtoken, NULL); // NULL means all
if (grants == NULL) if (grants == NULL)
perror("jwt_get_grants_json"), exit(-1); die("jwt_get_grants_json", ENOMEM);
printf("redecoded: %s\n", grants); printf("redecoded: %s\n", grants);
} }