commit c235103: [Feature] Support multiple base32 alphabets

Vsevolod Stakhov vsevolod at highsecure.ru
Thu Apr 9 16:49:07 UTC 2020


Author: Vsevolod Stakhov
Date: 2020-04-09 17:13:12 +0100
URL: https://github.com/rspamd/rspamd/commit/c2351037b581724ce6d6cbcf4da5a0115b87c8de

[Feature] Support multiple base32 alphabets

---
 cmake/Toolset.cmake                               |  2 +-
 src/libcryptobox/keypair.c                        |  2 +-
 src/libserver/cfg_rcl.c                           |  2 +-
 src/libserver/fuzzy_backend/fuzzy_backend_redis.c |  2 +-
 src/libserver/maps/map.c                          |  2 +-
 src/libserver/monitored.c                         |  2 +-
 src/libstat/backends/sqlite3_backend.c            |  2 +-
 src/libstat/learn_cache/redis_cache.c             |  2 +-
 src/libstat/stat_process.c                        |  2 +-
 src/libutil/printf.c                              |  2 +-
 src/libutil/rrd.c                                 |  2 +-
 src/libutil/str_util.c                            | 24 +++++++++++++++++-----
 src/libutil/str_util.h                            | 25 +++++++++++++++--------
 src/libutil/upstream.c                            |  4 ++--
 src/lua/lua_cryptobox.c                           |  8 ++++----
 src/lua/lua_util.c                                |  2 +-
 src/rspamadm/pw.c                                 |  4 ++--
 17 files changed, 55 insertions(+), 34 deletions(-)

diff --git a/cmake/Toolset.cmake b/cmake/Toolset.cmake
index 9a2cb751e..638dca9e1 100644
--- a/cmake/Toolset.cmake
+++ b/cmake/Toolset.cmake
@@ -143,7 +143,7 @@ if (COMPILER_GCC)
             CHECK_C_COMPILER_FLAG(-fanalyzer SUPPORT_FANALYZER)
             if (SUPPORT_FANALYZER)
                 set (CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fanalyzer")
-                set (CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -fanalyzer")
+                #set (CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -fanalyzer")
             endif()
         endif ()
         set (CMAKE_C_FLAGS_DEBUG           "${CMAKE_C_FLAGS_DEBUG} -O0 ${COMPILER_DEBUG_FLAGS}")
diff --git a/src/libcryptobox/keypair.c b/src/libcryptobox/keypair.c
index a2f2aab12..49daba06c 100644
--- a/src/libcryptobox/keypair.c
+++ b/src/libcryptobox/keypair.c
@@ -546,7 +546,7 @@ rspamd_keypair_print_component (guchar *data, gsize datalen,
 		g_string_set_size (res, res->len + b32_len);
 		res->len -= b32_len;
 		olen = rspamd_encode_base32_buf (data, datalen, res->str + res->len,
-				res->len + b32_len - 1);
+				res->len + b32_len - 1, RSPAMD_BASE32_DEFAULT);
 
 		if (olen > 0) {
 			res->len += olen;
diff --git a/src/libserver/cfg_rcl.c b/src/libserver/cfg_rcl.c
index 22af95d80..ff256c413 100644
--- a/src/libserver/cfg_rcl.c
+++ b/src/libserver/cfg_rcl.c
@@ -3783,7 +3783,7 @@ rspamd_config_calculate_cksum (struct rspamd_config *cfg)
 	ucl_object_emit_full (cfg->rcl_obj, UCL_EMIT_MSGPACK,
 			&f, cfg->config_comments);
 	rspamd_cryptobox_hash_final (&hs, cksumbuf);
-	cfg->checksum = rspamd_encode_base32 (cksumbuf, sizeof (cksumbuf));
+	cfg->checksum = rspamd_encode_base32 (cksumbuf, sizeof (cksumbuf), RSPAMD_BASE32_DEFAULT);
 	/* Also change the tag of cfg pool to be equal to the checksum */
 	rspamd_strlcpy (cfg->cfg_pool->tag.uid, cfg->checksum,
 			MIN (sizeof (cfg->cfg_pool->tag.uid), strlen (cfg->checksum)));
diff --git a/src/libserver/fuzzy_backend/fuzzy_backend_redis.c b/src/libserver/fuzzy_backend/fuzzy_backend_redis.c
index 6a51831a7..d1e3e7532 100644
--- a/src/libserver/fuzzy_backend/fuzzy_backend_redis.c
+++ b/src/libserver/fuzzy_backend/fuzzy_backend_redis.c
@@ -283,7 +283,7 @@ rspamd_fuzzy_backend_init_redis (struct rspamd_fuzzy_backend *bk,
 	}
 
 	rspamd_cryptobox_hash_final (&st, id_hash);
-	backend->id = rspamd_encode_base32 (id_hash, sizeof (id_hash));
+	backend->id = rspamd_encode_base32 (id_hash, sizeof (id_hash), RSPAMD_BASE32_DEFAULT);
 
 	return backend;
 }
diff --git a/src/libserver/maps/map.c b/src/libserver/maps/map.c
index a832adc4f..b0801cbf3 100644
--- a/src/libserver/maps/map.c
+++ b/src/libserver/maps/map.c
@@ -2582,7 +2582,7 @@ rspamd_map_calculate_hash (struct rspamd_map *map)
 	}
 
 	rspamd_cryptobox_hash_final (&st, cksum);
-	cksum_encoded = rspamd_encode_base32 (cksum, sizeof (cksum));
+	cksum_encoded = rspamd_encode_base32 (cksum, sizeof (cksum), RSPAMD_BASE32_DEFAULT);
 	rspamd_strlcpy (map->tag, cksum_encoded, sizeof (map->tag));
 	g_free (cksum_encoded);
 }
diff --git a/src/libserver/monitored.c b/src/libserver/monitored.c
index 256651129..54bf5c508 100644
--- a/src/libserver/monitored.c
+++ b/src/libserver/monitored.c
@@ -558,7 +558,7 @@ rspamd_monitored_create_ (struct rspamd_monitored_ctx *ctx,
 	rspamd_cryptobox_hash_update (&st, m->url, strlen (m->url));
 	rspamd_cryptobox_hash_update (&st, loc, strlen (loc));
 	rspamd_cryptobox_hash_final (&st, cksum);
-	cksum_encoded = rspamd_encode_base32 (cksum, sizeof (cksum));
+	cksum_encoded = rspamd_encode_base32 (cksum, sizeof (cksum), RSPAMD_BASE32_DEFAULT);
 	rspamd_strlcpy (m->tag, cksum_encoded, sizeof (m->tag));
 
 	if (g_hash_table_lookup (ctx->helts, m->tag) != NULL) {
diff --git a/src/libstat/backends/sqlite3_backend.c b/src/libstat/backends/sqlite3_backend.c
index 38f296177..1ddfa6f17 100644
--- a/src/libstat/backends/sqlite3_backend.c
+++ b/src/libstat/backends/sqlite3_backend.c
@@ -502,7 +502,7 @@ rspamd_sqlite3_opendb (rspamd_mempool_t *pool,
 		tk_conf = tokenizer->get_config (pool, stcf->clcf->tokenizer, &sz);
 
 		/* Encode to base32 */
-		tok_conf_encoded = rspamd_encode_base32 (tk_conf, sz);
+		tok_conf_encoded = rspamd_encode_base32 (tk_conf, sz, RSPAMD_BASE32_DEFAULT);
 
 		if (rspamd_sqlite3_run_prstmt (pool, bk->sqlite, bk->prstmt,
 				RSPAMD_STAT_BACKEND_SAVE_TOKENIZER,
diff --git a/src/libstat/learn_cache/redis_cache.c b/src/libstat/learn_cache/redis_cache.c
index bdf83f858..73a72a614 100644
--- a/src/libstat/learn_cache/redis_cache.c
+++ b/src/libstat/learn_cache/redis_cache.c
@@ -225,7 +225,7 @@ rspamd_stat_cache_redis_generate_id (struct rspamd_task *task)
 	b32out = rspamd_mempool_alloc (task->task_pool,
 			sizeof (out) * 8 / 5 + 3);
 	i = rspamd_encode_base32_buf (out, sizeof (out), b32out,
-			sizeof (out) * 8 / 5 + 2);
+			sizeof (out) * 8 / 5 + 2, RSPAMD_BASE32_DEFAULT);
 
 	if (i > 0) {
 		/* Zero terminate */
diff --git a/src/libstat/stat_process.c b/src/libstat/stat_process.c
index 93287dc68..aed588073 100644
--- a/src/libstat/stat_process.c
+++ b/src/libstat/stat_process.c
@@ -180,7 +180,7 @@ rspamd_stat_process_tokenize (struct rspamd_stat_ctx *st_ctx,
 	}
 
 	rspamd_cryptobox_hash_final (&hst, hout);
-	b32_hout = rspamd_encode_base32 (hout, sizeof (hout));
+	b32_hout = rspamd_encode_base32 (hout, sizeof (hout), RSPAMD_BASE32_DEFAULT);
 	/*
 	 * We need to strip it to 32 characters providing ~160 bits of
 	 * hash distribution
diff --git a/src/libutil/printf.c b/src/libutil/printf.c
index 972d34e82..ed15d1389 100644
--- a/src/libutil/printf.c
+++ b/src/libutil/printf.c
@@ -815,7 +815,7 @@ rspamd_vprintf_common (rspamd_printf_append_func func,
 						}
 					}
 
-					b32buf = rspamd_encode_base32 (p, slen);
+					b32buf = rspamd_encode_base32 (p, slen, RSPAMD_BASE32_DEFAULT);
 
 					if (b32buf) {
 						RSPAMD_PRINTF_APPEND (b32buf, strlen (b32buf));
diff --git a/src/libutil/rrd.c b/src/libutil/rrd.c
index 9208c71da..a270d87c6 100644
--- a/src/libutil/rrd.c
+++ b/src/libutil/rrd.c
@@ -346,7 +346,7 @@ rspamd_rrd_calculate_checksum (struct rspamd_rrd_file *file)
 
 		rspamd_cryptobox_hash_final (&st, sigbuf);
 
-		file->id = rspamd_encode_base32 (sigbuf, sizeof (sigbuf));
+		file->id = rspamd_encode_base32 (sigbuf, sizeof (sigbuf), RSPAMD_BASE32_DEFAULT);
 	}
 }
 
diff --git a/src/libutil/str_util.c b/src/libutil/str_util.c
index 4c16cb685..473e68782 100644
--- a/src/libutil/str_util.c
+++ b/src/libutil/str_util.c
@@ -539,10 +539,11 @@ rspamd_str_pool_copy (gconstpointer data, gpointer ud)
  */
 
 gint
-rspamd_encode_base32_buf (const guchar *in, gsize inlen, gchar *out,
-		gsize outlen)
+rspamd_encode_base32_buf (const guchar *in, gsize inlen, gchar *out, gsize outlen,
+		enum rspamd_base32_type type)
 {
-	static const char b32[]="ybndrfg8ejkmcpqxot1uwisza345h769";
+	static const char b32_default[] = "ybndrfg8ejkmcpqxot1uwisza345h769",
+		b32_bleach[] = "qpzry9x8gf2tvdw0s3jn54khce6mua7l", *b32;
 	gchar *o, *end;
 	gsize i;
 	gint remain = -1, x;
@@ -550,6 +551,18 @@ rspamd_encode_base32_buf (const guchar *in, gsize inlen, gchar *out,
 	end = out + outlen;
 	o = out;
 
+	switch (type) {
+	case RSPAMD_BASE32_DEFAULT:
+		b32 = b32_default;
+		break;
+	case RSPAMD_BASE32_BLEACH:
+		b32 = b32_bleach;
+		break;
+	default:
+		g_assert_not_reached ();
+		abort ();
+	}
+
 	for (i = 0; i < inlen && o < end - 1; i++) {
 		switch (i % 5) {
 		case 0:
@@ -603,14 +616,15 @@ rspamd_encode_base32_buf (const guchar *in, gsize inlen, gchar *out,
 }
 
 gchar *
-rspamd_encode_base32 (const guchar *in, gsize inlen)
+rspamd_encode_base32 (const guchar *in, gsize inlen, enum rspamd_base32_type type)
 {
 	gsize allocated_len = inlen * 8 / 5 + 2;
 	gchar *out;
 	gint outlen;
 
 	out = g_malloc (allocated_len);
-	outlen = rspamd_encode_base32_buf (in, inlen, out, allocated_len - 1);
+	outlen = rspamd_encode_base32_buf (in, inlen, out,
+			allocated_len - 1, type);
 
 	if (outlen >= 0) {
 		out[outlen] = 0;
diff --git a/src/libutil/str_util.h b/src/libutil/str_util.h
index 22643176b..e7e5532c3 100644
--- a/src/libutil/str_util.h
+++ b/src/libutil/str_util.h
@@ -143,36 +143,43 @@ gboolean rspamd_strtoul (const gchar *s, gsize len, gulong *value);
 gpointer rspamd_str_pool_copy (gconstpointer data, gpointer ud);
 
 /**
- * Encode string using base32 encoding
+ * Encode string using hex encoding
  * @param in input
  * @param inlen input length
  * @return freshly allocated base32 encoding of a specified string
  */
-gchar *rspamd_encode_base32 (const guchar *in, gsize inlen);
+gchar *rspamd_encode_hex (const guchar *in, gsize inlen);
 
 /**
- * Decode string using base32 encoding
+ * Decode string using hex encoding
  * @param in input
  * @param inlen input length
  * @return freshly allocated base32 decoded value or NULL if input is invalid
  */
-guchar *rspamd_decode_base32 (const gchar *in, gsize inlen, gsize *outlen);
+guchar *rspamd_decode_hex (const gchar *in, gsize inlen);
+
+enum rspamd_base32_type {
+	RSPAMD_BASE32_DEFAULT = 0,
+	RSPAMD_BASE32_ZBASE = 0,
+	RSPAMD_BASE32_BLEACH
+};
 
 /**
- * Encode string using hex encoding
+ * Encode string using base32 encoding
  * @param in input
  * @param inlen input length
  * @return freshly allocated base32 encoding of a specified string
  */
-gchar *rspamd_encode_hex (const guchar *in, gsize inlen);
+gchar *rspamd_encode_base32 (const guchar *in, gsize inlen,
+		enum rspamd_base32_type type);
 
 /**
- * Decode string using hex encoding
+ * Decode string using base32 encoding
  * @param in input
  * @param inlen input length
  * @return freshly allocated base32 decoded value or NULL if input is invalid
  */
-guchar *rspamd_decode_hex (const gchar *in, gsize inlen);
+guchar *rspamd_decode_base32 (const gchar *in, gsize inlen, gsize *outlen);
 
 /**
  * Encode string using base32 encoding
@@ -183,7 +190,7 @@ guchar *rspamd_decode_hex (const gchar *in, gsize inlen);
  * @return encoded len if `outlen` is enough to encode `inlen`
  */
 gint rspamd_encode_base32_buf (const guchar *in, gsize inlen, gchar *out,
-							   gsize outlen);
+		gsize outlen, enum rspamd_base32_type type);
 
 /**
  * Decode string using base32 encoding
diff --git a/src/libutil/upstream.c b/src/libutil/upstream.c
index 65cbca105..6acf420ea 100644
--- a/src/libutil/upstream.c
+++ b/src/libutil/upstream.c
@@ -1130,8 +1130,8 @@ rspamd_upstreams_add_upstream (struct upstream_list *ups, const gchar *str,
 	guint h = rspamd_cryptobox_fast_hash (upstream->name,
 			strlen (upstream->name), 0);
 	memset (upstream->uid, 0, sizeof (upstream->uid));
-	rspamd_encode_base32_buf ((const guchar *)&h, sizeof (h),
-			upstream->uid, sizeof (upstream->uid) - 1);
+	rspamd_encode_base32_buf ((const guchar *) &h, sizeof (h),
+			upstream->uid, sizeof (upstream->uid) - 1, RSPAMD_BASE32_DEFAULT);
 
 	msg_debug_upstream ("added upstream %s (%s)", upstream->name,
 			upstream->flags & RSPAMD_UPSTREAM_FLAG_NORESOLVE ? "numeric ip" : "DNS name");
diff --git a/src/lua/lua_cryptobox.c b/src/lua/lua_cryptobox.c
index 48d66895c..71c4655f4 100644
--- a/src/lua/lua_cryptobox.c
+++ b/src/lua/lua_cryptobox.c
@@ -839,7 +839,7 @@ lua_cryptobox_signature_base32 (lua_State *L)
 	gchar *encoded;
 
 	if (sig) {
-		encoded = rspamd_encode_base32 (sig->str, sig->len);
+		encoded = rspamd_encode_base32 (sig->str, sig->len, RSPAMD_BASE32_DEFAULT);
 		lua_pushstring (L, encoded);
 		g_free (encoded);
 	}
@@ -1392,7 +1392,7 @@ lua_cryptobox_hash_base32 (lua_State *L)
 			}
 		}
 
-		rspamd_encode_base32_buf (r, dlen, out_b32, sizeof (out_b32));
+		rspamd_encode_base32_buf (r, dlen, out_b32, sizeof (out_b32), RSPAMD_BASE32_DEFAULT);
 		lua_pushstring (L, out_b32);
 		h->is_finished = TRUE;
 	}
@@ -2247,8 +2247,8 @@ lua_cryptobox_pbkdf (lua_State *L)
 			salt, pbkdf->salt_len, key, pbkdf->key_len, pbkdf->complexity,
 			pbkdf->type);
 
-	encoded_salt = rspamd_encode_base32 (salt, pbkdf->salt_len);
-	encoded_key = rspamd_encode_base32 (key, pbkdf->key_len);
+	encoded_salt = rspamd_encode_base32 (salt, pbkdf->salt_len, RSPAMD_BASE32_DEFAULT);
+	encoded_key = rspamd_encode_base32 (key, pbkdf->key_len, RSPAMD_BASE32_DEFAULT);
 
 	result = g_string_new ("");
 	rspamd_printf_gstring (result, "$%d$%s$%s", pbkdf->id, encoded_salt,
diff --git a/src/lua/lua_util.c b/src/lua/lua_util.c
index 91cc18800..e18bc3efb 100644
--- a/src/lua/lua_util.c
+++ b/src/lua/lua_util.c
@@ -1175,7 +1175,7 @@ lua_util_encode_base32 (lua_State *L)
 		lua_pushnil (L);
 	}
 	else {
-		out = rspamd_encode_base32 (s, inlen);
+		out = rspamd_encode_base32 (s, inlen, RSPAMD_BASE32_DEFAULT);
 
 		if (out != NULL) {
 			t = lua_newuserdata (L, sizeof (*t));
diff --git a/src/rspamadm/pw.c b/src/rspamadm/pw.c
index 0fea5c359..7fe9d4a33 100644
--- a/src/rspamadm/pw.c
+++ b/src/rspamadm/pw.c
@@ -134,8 +134,8 @@ rspamadm_pw_encrypt (char *password)
 			salt, pbkdf->salt_len, key, pbkdf->key_len, pbkdf->complexity,
 			pbkdf->type);
 
-	encoded_salt = rspamd_encode_base32 (salt, pbkdf->salt_len);
-	encoded_key = rspamd_encode_base32 (key, pbkdf->key_len);
+	encoded_salt = rspamd_encode_base32 (salt, pbkdf->salt_len, RSPAMD_BASE32_DEFAULT);
+	encoded_key = rspamd_encode_base32 (key, pbkdf->key_len, RSPAMD_BASE32_DEFAULT);
 
 	result = g_string_new ("");
 	rspamd_printf_gstring (result, "$%d$%s$%s", pbkdf->id, encoded_salt,


More information about the Commits mailing list