diff options
Diffstat (limited to 'pki/base')
9 files changed, 108 insertions, 36 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java index 8b764eb97..098be45dd 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java @@ -742,4 +742,29 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe } return p.substitute2("request", attrSet); } + + protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) + { + StringBuffer result = new StringBuffer(); + + // Do we need to escape any characters + for (int i = 0; i < v.length(); i++) { + int c = v.charAt(i); + if (c == ',' || c == '=' || c == '+' || c == '<' || + c == '>' || c == '#' || c == ';' || c == '\r' || + c == '\n' || c == '\\' || c == '"') { + result.append('\\'); + if (doubleEscape) result.append('\\'); + } + if (c == '\r') { + result.append("0D"); + } else if (c == '\n') { + result.append("0A"); + } else { + result.append((char)c); + } + } + return result; + } + } diff --git a/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java index ca33ca6e1..a53b98fa3 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java @@ -415,8 +415,8 @@ ldapInit(); if (la != null) { String[] sla = la.getStringValueArray(); CMS.debug("nsTokenUserKeySubjectNameDefault: getSubjectName(): got attribute: "+mLdapStringAttrs[i]+ - "=" +sla[0]); - request.setExtData(mLdapStringAttrs[i], sla[0]); + "=" + escapeValueRfc1779(sla[0], false).toString()); + request.setExtData(mLdapStringAttrs[i], escapeValueRfc1779(sla[0], false).toString()); } } //cfu diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java index 1f1daec25..dceb44239 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java @@ -2122,5 +2122,30 @@ public abstract class CMSServlet extends HttpServlet { CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", ee.toString())); } } + + protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) + { + StringBuffer result = new StringBuffer(); + + // Do we need to escape any characters + for (int i = 0; i < v.length(); i++) { + int c = v.charAt(i); + if (c == ',' || c == '=' || c == '+' || c == '<' || + c == '>' || c == '#' || c == ';' || c == '\r' || + c == '\n' || c == '\\' || c == '"') { + result.append('\\'); + if (doubleEscape) result.append('\\'); + } + if (c == '\r') { + result.append("0D"); + } else if (c == '\n') { + result.append("0A"); + } else { + result.append((char)c); + } + } + return result; + } + } diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java b/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java index cd51dd659..409a12754 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java @@ -195,29 +195,6 @@ public class SrchCerts extends CMSServlet { } } - private StringBuffer escapeValueRfc1779(String v) - { - StringBuffer result = new StringBuffer(); - - // Do we need to escape any characters - for (int i = 0; i < v.length(); i++) { - int c = v.charAt(i); - if (c == ',' || c == '=' || c == '+' || c == '<' || - c == '>' || c == '#' || c == ';' || c == '\r' || - c == '\n' || c == '\\' || c == '"') { - result.append('\\'); - } - if (c == '\r') { - result.append("0D"); - } else if (c == '\n') { - result.append("0A"); - } else { - result.append((char)c); - } - } - return result; - } - private void buildAVAFilter(HttpServletRequest req, String paramName, String avaName, StringBuffer lf, String match) { @@ -228,12 +205,12 @@ public class SrchCerts extends CMSServlet { lf.append("(x509cert.subject=*"); lf.append(avaName); lf.append("="); - lf.append(escapeValueRfc1779(val)); + lf.append(escapeValueRfc1779(val, true)); lf.append(",*)"); lf.append("(x509cert.subject=*"); lf.append(avaName); lf.append("="); - lf.append(escapeValueRfc1779(val)); + lf.append(escapeValueRfc1779(val, true)); lf.append(")"); lf.append(")"); } else { @@ -241,7 +218,7 @@ public class SrchCerts extends CMSServlet { lf.append(avaName); lf.append("="); lf.append("*"); - lf.append(escapeValueRfc1779(val)); + lf.append(escapeValueRfc1779(val, true)); lf.append("*)"); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java index 8d6166dbd..947ba42a9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java +++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java @@ -372,7 +372,7 @@ public class CMSTemplate extends CMSFile { for (int i = 0; i < l; i++) { char c = in[i]; - if (c > 0x23) { + if ((c > 0x23) && (c!= 0x5c)) { out[j++] = c; continue; } @@ -407,6 +407,7 @@ public class CMSTemplate extends CMSFile { out[j++] = c; } } + String ret = new String(out,0,j); return new String(out, 0, j); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java index ff4c8d7bf..3c13eda56 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java @@ -328,7 +328,8 @@ public class ProfileServlet extends CMSServlet { for (int i = 0; i < l; i++) { char c = in[i]; - if (c > 0x23) { + /* presumably this gives better performance */ + if ((c > 0x23) && (c != 0x5c)) { out[j++] = c; continue; } diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index 894ecd49d..6a5263fcf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -107,9 +107,13 @@ public class ProfileSubmitServlet extends ProfileServlet { while (inputNames.hasMoreElements()) { String inputName = (String) inputNames.nextElement(); - if (request.getParameter(inputName) != null) { - ctx.set(inputName, request.getParameter(inputName)); + // all subject name parameters start with sn_, no other input parameters do + if (inputName.matches("^sn_.*")) { + ctx.set(inputName, escapeValueRfc1779(request.getParameter(inputName), false).toString()); + } else { + ctx.set(inputName, request.getParameter(inputName)); + } } } } @@ -306,7 +310,12 @@ public class ProfileSubmitServlet extends ProfileServlet { String inputName = (String) inputNames.nextElement(); if (request.getParameter(inputName) != null) { - req.setExtData(inputName, request.getParameter(inputName)); + // special characters in subject names parameters must be escaped + if (inputName.matches("^sn_.*")) { + req.setExtData(inputName, escapeValueRfc1779(request.getParameter(inputName), false).toString()); + } else { + req.setExtData(inputName, request.getParameter(inputName)); + } } } } @@ -351,7 +360,6 @@ public class ProfileSubmitServlet extends ProfileServlet { } - private void setOutputIntoArgs(IProfile profile, ArgList outputlist, Locale locale, IRequest req) { Enumeration outputIds = profile.getProfileOutputIds(); diff --git a/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp b/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp index 8ac1fa8db..aa5487948 100644 --- a/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp +++ b/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp @@ -547,6 +547,32 @@ char *getData( char *fileName, char *injection ) return buf; } +/** + * returns string with special characters escaped. Caller must free the contents + */ +char *escapeSpecialChars(char* src) +{ + char *ret; + int i =0; + + if (PL_strlen(src) == 0) { + return PL_strdup(src); + } + ret = (char *)PR_Malloc(PL_strlen(src) * 2 + 1); + + while (*src != '\0') { + if (*src == '"') { + ret[i++] = '\\'; + ret[i++] = '"'; + } else { + ret[i++] = *src; + } + src++; + } + ret[i]='\0'; + return ret; +} + void getCertificateFilter( char *filter, char *query ) { @@ -4119,7 +4145,12 @@ mod_tokendb_handler( request_rec *rq ) PL_strcat( injection, "\"" ); } - PL_strcat( injection, vals[i] ); + // make sure to escape any special characters + char *escaped = escapeSpecialChars(vals[i]); + PL_strcat( injection, escaped ); + if (escaped != NULL) { + PL_strfree(escaped); + } } if( i > v_start ) { diff --git a/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java b/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java index 68deca82f..e75947a8d 100644 --- a/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java +++ b/pki/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java @@ -758,7 +758,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter if (specialChars.indexOf(valueStr.charAt(i)) != -1) { retval.append('\\'); retval.append(valueStr.charAt(i)); - } + } else + if (valueStr.charAt(i) == '"') { + retval.append('\\'); + retval.append(valueStr.charAt(i)); + } else retval.append(valueStr.charAt(i)); } |