Re: [hobbit] Preparing a 4.2.1 release

[Christoph Berg <cb (at) df7cb.de>]

Re: Henrik Størner 2008-11-12 <20081112141507.GA24140 (at) osiris.hswn.dk>
> Anything else ? New feature stuff will not be accepted, this
> is purely a maintenance version until 4.3/5.0 arrives.

I had sent two bug fixes that apply to 4.2 and 4.3 to the list a while
back. It would be nice to see them go in.

Christoph
-- 
cb (at) df7cb.de | http://www.df7cb.de/

--- Begin Message ---

• To: Hobbit <hobbit (at) hswn.dk>
• Subject: [patch] bbnet/contest.c: Do not crash on long-living SSL certs
• From: Christoph Berg <cb (at) df7cb.de>
• Date: Sat, 25 Oct 2008 15:33:53 +0200
• User-agent: Mutt/1.5.18 (2008-05-17)

Hi,

bbgen_ASN1_UTCTIME in bbnet/contest.c doesn't like SSL certificates
that are valid longer than 2050. The passed tm->data string will
include the full year then and fail to be parsed. The patch below
fixes the issue.


--- a/bbnet/contest.c
+++ b/bbnet/contest.c
@@ -390,20 +390,25 @@ static char *bbgen_ASN1_UTCTIME(ASN1_UTC
 	static char result[256];
 	char *asn1_string;
 	int gmt=0;
-	int i;
-	int year=0,month=0,day=0,hour=0,minute=0,second=0;
+	int len, i;
+	int century=0,year=0,month=0,day=0,hour=0,minute=0,second=0;
 
-	i=tm->length;
+	len=tm->length;
 	asn1_string=(char *)tm->data;
 
-	if (i < 10) return NULL;
-	if (asn1_string[i-1] == 'Z') gmt=1;
-	for (i=0; i<10; i++) {
+	if (len < 10) return NULL;
+	if (asn1_string[len-1] == 'Z') gmt=1;
+	for (i=0; i<len-1; i++) {
 		if ((asn1_string[i] > '9') || (asn1_string[i] < '0')) return NULL;
 	}
 
+	if (len >= 15) { /* 20541024111745Z format */
+		century = 100 * ((asn1_string[0]-'0')*10+(asn1_string[1]-'0'));
+		asn1_string += 2;
+	}
+
 	year=(asn1_string[0]-'0')*10+(asn1_string[1]-'0');
-	if (year < 50) year+=100;
+	if (century == 0 && year < 50) year+=100;
 
 	month=(asn1_string[2]-'0')*10+(asn1_string[3]-'0');
 	if ((month > 12) || (month < 1)) return NULL;
@@ -417,7 +422,7 @@ static char *bbgen_ASN1_UTCTIME(ASN1_UTC
 	}
 
 	sprintf(result, "%04d-%02d-%02d %02d:%02d:%02d %s",
-		year+1900, month, day, hour, minute, second, (gmt?"GMT":""));
+		year+(century?century:1900), month, day, hour, minute, second, (gmt?"GMT":""));
 
 	return result;
 }

Christoph
-- 
cb (at) df7cb.de | http://www.df7cb.de/

--- End Message ---

--- Begin Message ---

• To: Hobbit <hobbit (at) hswn.dk>
• Subject: [patch] lib/url.c: monitor urls that contain "/http" in the path
• From: Christoph Berg <cb (at) df7cb.de>
• Date: Sat, 25 Oct 2008 15:44:57 +0200
• User-agent: Mutt/1.5.18 (2008-05-17)

Hi,

hobbit fails to monitor URLs that contain "/http" in the path,
thinking it would be a proxy request. The patch below make the match
more clever: (written for 4.2.0, but applies to 4.3 as well)


--- a/lib/url.c
+++ b/lib/url.c
@@ -563,7 +563,9 @@ char *decode_url(char *testspec, bburl_t
 	if (poststart) getescapestring(poststart, &bburl->postdata, NULL);
 	if (expstart)  getescapestring(expstart, &bburl->expdata, NULL);
 
-	p = strstr(urlstart, "/http");
+	p = strstr(urlstart, "/http://";);
+	if (!p)
+		p = strstr(urlstart, "/https://";);
 	if (p) {
 		proxystart = urlstart;
 		urlstart = (p+1);

Christoph
-- 
cb (at) df7cb.de | http://www.df7cb.de/

--- End Message ---