Use macros to extract values via get_env()

This has two purposes.  To make the code more readable and to use the
same maximum length of the data being retrieved from the environment table.

4 files changed, 97 insertions, 42 deletions

diff --git a/plugin/environment.h b/plugin/environment.h
index a8355cb..7f1041f 100644
--- a/plugin/environment.h
+++ b/plugin/environment.h
@@ -44,4 +44,56 @@
  */
 char *get_env(eurephiaCTX *ctx, int logmasking, size_t len, const char *envp[], const char *fmt, ... );
 
+
+#define MAXLEN_TLSID 2048
+#define GETENV_TLSID(ctx, env, id) get_env(ctx, 0, MAXLEN_TLSID, env, "tls_id_%i", id)
+
+#define MAXLEN_TLSDIGEST 60
+#define GETENV_TLSDIGEST(ctx, env, id) get_env(ctx, 0, MAXLEN_TLSDIGEST, env, "tls_digest_%i", id)
+
+#define MAXLEN_UNTRUSTEDIP 34
+#define GETENV_UNTRUSTEDIP(ctx, env) get_env(ctx, 0, MAXLEN_UNTRUSTEDIP, env, "untrusted_ip")
+
+#define MAXLEN_USERNAME 34
+#define GETENV_USERNAME(ctx, env) get_env(ctx, 0, MAXLEN_USERNAME, env, "username")
+
+#define MAXLEN_PASSWORD 64
+#define GETENV_PASSWORD(ctx, env) get_env(ctx, 1, MAXLEN_PASSWORD, env, "password")
+
+#define MAXLEN_BYTESRECEIVED 21
+#define GETENV_BYTESRECEIVED(ctx, env) get_env(ctx, 0, MAXLEN_BYTESRECEIVED, env, "bytes_received");
+
+#define MAXLEN_BYTESSENT 21
+#define GETENV_BYTESSENT(ctx, env) get_env(ctx, 0, MAXLEN_BYTESSENT, env, "bytes_sent");
+
+#define MAXLEN_TIMEDURATION 21
+#define GETENV_TIMEDURATION(ctx, env) get_env(ctx, 0, MAXLEN_TIMEDURATION, env, "time_duration");
+
+#define MAXLEN_POOLNETMASK 34
+#define GETENV_POOLNETMASK(ctx, env) get_env(ctx, 0, MAXLEN_POOLNETMASK, env, "ifconfig_pool_netmask");
+
+#define MAXLEN_POOLIPADDR 34
+#define GETENV_POOLIPADDR(ctx, env) get_env(ctx, 0, MAXLEN_POOLIPADDR, env, "ifconfig_pool_remote_ip");
+
+#define MAXLEN_TRUSTEDIP 34
+#define GETENV_TRUSTEDIP(ctx, env) get_env(ctx, 0, MAXLEN_TRUSTEDIP, env, "trusted_ip");
+
+#define MAXLEN_PROTO1 4
+#define GETENV_PROTO1(ctx, env) get_env(ctx, 0, MAXLEN_PROTO1, env, "proto_1");
+
+#define MAXLEN_CNAME 64
+#define GETENV_CNAME(ctx, env) get_env(ctx, 0, MAXLEN_CNAME, env, "common_name");
+
+#define MAXLEN_TRUSTEDPORT 6
+#define GETENV_TRUSTEDPORT(ctx, env) get_env(ctx, 0, MAXLEN_TRUSTEDPORT, env, "trusted_port");
+
+#define MAXLEN_UNTRUSTEDPORT 6
+#define GETENV_UNTRUSTEDPORT(ctx, env) get_env(ctx, 0, MAXLEN_UNTRUSTEDPORT, env, "untrusted_port");
+
+#define MAXLEN_DAEMON 32
+#define GETENV_DAEMON(env) get_env(NULL, 0, MAXLEN_DAEMON, env, "daemon");
+
+#define MAXLEN_DAEMONLOGREDIR 32
+#define GETENV_DAEMONLOGREDIR(env) get_env(NULL, 0, MAXLEN_DAEMONLOGREDIR, env, "daemon_log_redirect");
+
 #endif
diff --git a/plugin/eurephia-auth.c b/plugin/eurephia-auth.c
index 14ef79b..81a9d10 100644
--- a/plugin/eurephia-auth.c
+++ b/plugin/eurephia-auth.c
@@ -40,6 +40,7 @@
 #include <eurephiadb.h>
 #include <eurephia.h>
 #include <eurephia_nullsafe.h>
+#include <environment.h>
 
 #ifdef ENABLE_DEBUG  /* To avoid compiler warnings when ENABLE_DEBUG is not defined */
 
@@ -110,9 +111,9 @@ static void dump_env(FILE *f, const char *prefix, const char *envp[]) {
  */
 static void daemonize(const char *envp[])
 {
-        char *daemon_string = get_env(NULL, 0, 32, envp, "daemon");
+        char *daemon_string = GETENV_DAEMON(envp);
         if( daemon_string && daemon_string[0] == '1' ) {
-                char *log_redirect = get_env(NULL, 0, 32, envp, "daemon_log_redirect");
+                char *log_redirect = GETENV_DAEMONLOGREDIR(envp);
                 int fd = -1;
                 if( log_redirect && log_redirect[0] == '1' ) {
                         fd = dup (2);
diff --git a/plugin/eurephia.c b/plugin/eurephia.c
index 74b4785..f86b6cb 100644
--- a/plugin/eurephia.c
+++ b/plugin/eurephia.c
@@ -249,7 +249,7 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth)
         DEBUG(ctx, 10, "** Function call: eurephia_tlsverify(...)");
 
         // Check if IP address is blacklisted
-        ipaddr = (char *) get_env(ctx, 0, 34, env, "untrusted_ip");
+        ipaddr = GETENV_UNTRUSTEDIP(ctx, env);
         if( eDBblacklist_check(ctx, attempt_IPADDR, ipaddr) == 1 ) {
                 eDBregister_attempt(ctx, attempt_IPADDR, ATTEMPT_REGISTER, ipaddr);
 
@@ -262,7 +262,7 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth)
         }
 
         // Check if certificate digest is blacklisted
-        tls_digest = (char *) get_env(ctx, 0, 60, env, "tls_digest_%i", atoi_nullsafe(depth));
+        tls_digest = GETENV_TLSDIGEST(ctx, env, atoi_nullsafe(depth));
         if( eDBblacklist_check(ctx, attempt_CERTIFICATE, tls_digest) == 1 ) {
                 eDBregister_attempt(ctx, attempt_IPADDR, ATTEMPT_REGISTER, ipaddr);
                 eDBregister_attempt(ctx, attempt_CERTIFICATE, ATTEMPT_REGISTER, tls_digest);
@@ -272,7 +272,7 @@ int eurephia_tlsverify(eurephiaCTX *ctx, const char **env, const char *depth)
         }
 
         // Check if certificate is registered and allowed
-        tls_id = (char *) get_env(ctx, 0, 2048, env, "tls_id_%s", depth);
+        tls_id = GETENV_TLSID(ctx, env, atoi_nullsafe(depth));
         ci = parse_tlsid(tls_id);
         result = eDBauth_TLS(ctx, ci->org, ci->common_name, ci->email, tls_digest, depth);
         if( result < 1 ) {
@@ -321,7 +321,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env)
 
 
         // Check if IP address is blacklisted
-        ipaddr = (char *) get_env(ctx, 0, 34, env, "untrusted_ip");
+        ipaddr = GETENV_UNTRUSTEDIP(ctx, env);
         if( eDBblacklist_check(ctx, attempt_IPADDR, ipaddr) == 1 ) {
                 eDBregister_attempt(ctx, attempt_IPADDR, ATTEMPT_REGISTER, ipaddr);
 
@@ -335,7 +335,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env)
         }
 
         // Check if certificate digest is blacklisted
-        tls_digest = (char *) get_env(ctx, 0, 60, env, "tls_digest_0");
+        tls_digest = GETENV_TLSDIGEST(ctx, env, 0);
         if( eDBblacklist_check(ctx, attempt_CERTIFICATE, tls_digest) == 1 ) {
                 eDBregister_attempt(ctx, attempt_IPADDR, ATTEMPT_REGISTER, ipaddr);
                 eDBregister_attempt(ctx, attempt_CERTIFICATE, ATTEMPT_REGISTER, tls_digest);
@@ -345,7 +345,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env)
         }
 
         // Check if username is blacklisted
-        username = (char *) get_env(ctx, 0, 34, env, "username");
+        username = GETENV_USERNAME(ctx, env);
         if( eDBblacklist_check(ctx, attempt_USERNAME, username) == 1 ) {
                 eDBregister_attempt(ctx, attempt_IPADDR, ATTEMPT_REGISTER, ipaddr);
                 eDBregister_attempt(ctx, attempt_CERTIFICATE, ATTEMPT_REGISTER, tls_digest);
@@ -357,7 +357,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env)
         }
 
         // Get certificate ID
-        tls_id = (char *) get_env(ctx, 0, 2048, env, "tls_id_0");
+        tls_id = GETENV_TLSID(ctx, env, 0);
         ci = parse_tlsid(tls_id);
         certid = eDBauth_TLS(ctx, ci->org, ci->common_name, ci->email, tls_digest, "0");
         if( certid < 1 ) {
@@ -374,7 +374,7 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env)
         free_certinfo(ci);
 
         // Do username/password/certificate authentication
-        passwd = (char *)get_env(ctx, 1, 64, env, "password");
+        passwd = GETENV_PASSWORD(ctx, env);
         if( (passwd == NULL) || (strlen_nullsafe(passwd) == 0) ) {
                 eurephia_log(ctx, LOG_WARNING, 0, "eurephia-auth: No password received.  Action aborted");
                 free_nullsafe(ctx, passwd);
@@ -390,8 +390,8 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env)
 
         // Get an authentication session, which is not a real session ticket
         // but it uses almost the same system
-        cname     = get_env(ctx, 0, 64, env, "common_name");
-        remport   = get_env(ctx, 0, 6, env, "untrusted_port");
+        cname     = GETENV_CNAME(ctx, env);
+        remport   = GETENV_UNTRUSTEDPORT(ctx, env);
 
         // an authentication session do not use assigned VPN address
         authsess = eDBopen_session_seed(ctx, tls_digest, cname, username, NULL, NULL,
@@ -468,15 +468,15 @@ int eurephia_connect(eurephiaCTX *ctx, const char **env) {
         DEBUG(ctx, 10, "** Function call: eurephia_connect(...)");
 
         // Fetch needed info
-        digest    = get_env(ctx, 0, 60, env, "tls_digest_0");
-        tlsid     = get_env(ctx, 0, 2048, env, "tls_id_0");
-        cname     = get_env(ctx, 0, 64, env, "common_name");
-        uname     = get_env(ctx, 0, 34, env, "username");
-        vpnipaddr = get_env(ctx, 0, 34, env, "ifconfig_pool_remote_ip");
-        vpnipmask = get_env(ctx, 0, 34, env, "ifconfig_pool_netmask");
-        remipaddr = get_env(ctx, 0, 34, env, "trusted_ip");
-        remport   = get_env(ctx, 0, 6, env, "trusted_port");
-        proto     = get_env(ctx, 0, 4, env, "proto_1");
+        digest    = GETENV_TLSDIGEST(ctx, env, 0);
+        tlsid     = GETENV_TLSID(ctx, env, 0);
+        cname     = GETENV_CNAME(ctx, env);
+        uname     = GETENV_USERNAME(ctx, env);
+        vpnipaddr = GETENV_POOLIPADDR(ctx, env);
+        vpnipmask = GETENV_POOLNETMASK(ctx, env);
+        remipaddr = GETENV_TRUSTEDIP(ctx, env);
+        remport   = GETENV_TRUSTEDPORT(ctx, env);
+        proto     = GETENV_PROTO1(ctx, env);
 
         // Get a session ticket
         session = eDBopen_session_seed(ctx, digest, cname, uname, vpnipaddr, vpnipmask,
@@ -541,16 +541,16 @@ int eurephia_disconnect(eurephiaCTX *ctx, const char **env) {
         DEBUG(ctx, 10, "** Function call: eurephia_disconnect(...)");
 
         // Fetch needed info
-        digest    = get_env(ctx, 0, 60, env, "tls_digest_0");
-        cname     = get_env(ctx, 0, 64, env, "common_name");
-        uname     = get_env(ctx, 0, 34, env, "username");
-        vpnipaddr = get_env(ctx, 0, 34, env, "ifconfig_pool_remote_ip");
-        vpnipmask = get_env(ctx, 0, 34, env, "ifconfig_pool_netmask");
-        remipaddr = get_env(ctx, 0, 34, env, "trusted_ip");
-        remport   = get_env(ctx, 0, 6,  env, "trusted_port");
-        bytes_sent= get_env(ctx, 0, 21, env, "bytes_sent");
-        bytes_rec = get_env(ctx, 0, 21, env, "bytes_received");
-        duration  = get_env(ctx, 0, 21, env, "time_duration");
+        digest    = GETENV_TLSDIGEST(ctx, env, 0);
+        cname     = GETENV_CNAME(ctx, env);
+        uname     = GETENV_USERNAME(ctx, env);
+        vpnipaddr = GETENV_POOLIPADDR(ctx, env);
+        vpnipmask = GETENV_POOLNETMASK(ctx, env);
+        remipaddr = GETENV_TRUSTEDIP(ctx, env);
+        remport   = GETENV_TRUSTEDPORT(ctx, env);
+        bytes_sent= GETENV_BYTESSENT(ctx, env);
+        bytes_rec = GETENV_BYTESRECEIVED(ctx, env);
+        duration  = GETENV_TIMEDURATION(ctx, env);
 
         // Get a session ticket
         session = eDBopen_session_seed(ctx, digest, cname, uname, vpnipaddr, vpnipmask,
@@ -628,13 +628,13 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *macad
 
         if( strncmp(mode, "add", 3) == 0 ) {
                 // Fetch needed info
-                digest    = get_env(ctx, 0, 60, env, "tls_digest_0");
-                cname     = get_env(ctx, 0, 64, env, "common_name");
-                uname     = get_env(ctx, 0, 34, env, "username");
-                vpnipaddr = get_env(ctx, 0, 34, env, "ifconfig_pool_remote_ip");
-                vpnipmask = get_env(ctx, 0, 34, env, "ifconfig_pool_netmask");
-                remipaddr = get_env(ctx, 0, 34, env, "trusted_ip");
-                remport   = get_env(ctx, 0,  6, env, "trusted_port");
+                digest    = GETENV_TLSDIGEST(ctx, env, 0);
+                cname     = GETENV_CNAME(ctx, env);
+                uname     = GETENV_USERNAME(ctx, env);
+                vpnipaddr = GETENV_POOLIPADDR(ctx, env);
+                vpnipmask = GETENV_POOLNETMASK(ctx, env);
+                remipaddr = GETENV_TRUSTEDIP(ctx, env);
+                remport   = GETENV_TRUSTEDPORT(ctx, env);
 
                 // Get a session ticket
                 session = eDBopen_session_seed(ctx, digest, cname, uname, vpnipaddr, vpnipmask,
diff --git a/plugin/eurephiadb_session.c b/plugin/eurephiadb_session.c
index f717fd8..14370f2 100644
--- a/plugin/eurephiadb_session.c
+++ b/plugin/eurephiadb_session.c
@@ -41,8 +41,9 @@
 #include "eurephia_log.h"
 #include "eurephiadb_session.h"
 #include <eurephiadb_session_common.h>
+#include <environment.h>
 #include <randstr.h>
-#include "sha512.h"
+#include <sha512.h>
 
 
 // Also defined in the eurephiadb_driver.h, but not as extern.
@@ -93,9 +94,10 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest,
         new_session->type = ((vpnipaddr == NULL) && (vpnipmask == NULL) ? stAUTHENTICATION : stSESSION);
 
         // Build up a string containing all elements for the session seed
-        totlen = 60 + 64 + 34 + 34 + 34 + 34 + 6 + 5 + 15;
-        // max length of: digest + cname + username + vpnipaddr + vpnipmask + remipaddr + remport + pid
-        //                + extra buffer
+        totlen = MAXLEN_TLSDIGEST + MAXLEN_CNAME + MAXLEN_USERNAME + MAXLEN_POOLIPADDR + MAXLEN_POOLNETMASK
+                + MAXLEN_TRUSTEDIP + MAXLEN_TRUSTEDPORT + 5 + 15;
+        // max length of: digest + cname + username + vpnipaddr + vpnipmask
+        //                + remipaddr + remport + pid + extra buffer
 
         seeddata = (char *) malloc_nullsafe(ctx, totlen);
         if( seeddata == NULL ) {