Also improve related documentation.
- The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only
leading and trailing, but not internal, whitespace was supported:
$ echo 'AA AA' | openssl base64 -A -d | wc -c
0
- Switching from ignored leading input to valid base64 input misbehaved
when the length of the skipped input was one more than the length of
the second and subsequent valid base64 lines in the internal 1k
buffer:
$ printf '#foo\n#bar\nA\nAAA\nAAAA\n' | openssl base64 -d | wc -c
0
- When the underlying BIO is retriable, and a read returns less than
1k of data, some of the already buffered input lines that could have
been decoded and returned were retained internally for a retry by the
caller. This is somewhat surprising, and the new code decodes as many
of the buffered lines as possible. Issue reported by Michał Trojnara.
- After all valid data has been read, the next BIO_read(3) should
return 0 when the input was all valid or -1 if an error was detected.
This now occurs in more consistently, but further tests and code
refactoring may be needed to ensure this always happens.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25253)
Commit 8bfb7506d2 updated
`BIO_f_base64(3)` to improve the documentation of the
`BIO_FLAGS_BASE64_NO_NL` flag. In particular, the updated text
states that when this flag is used, all newlines in the input are
ignored. This is incorrect, as the following program proves:
```c
unsigned char *in_buf =
"IlRoZSBxdWljayBicm93biBmb3gganVt\ncHMgb3ZlciBhIGxhenkgZG9nLiI=\n";
int main(int argc, char **argv) {
BIO *b64 = BIO_new(BIO_f_base64());
if (b64 == NULL) return 1;
BIO_set_flags(b64, BIO_get_flags(b64) | BIO_FLAGS_BASE64_NO_NL);
int in_len = strlen(in_buf);
BIO *in = BIO_new_mem_buf(in_buf, in_len);
if (in == NULL) return 2;
in = BIO_push(b64, in);
unsigned char *out_buf = calloc(in_len, sizeof(unsigned char));
if (out_buf == NULL) return 3;
size_t out_len;
int r = BIO_read_ex(in, out_buf, in_len, &out_len);
printf("rv = %d\n", r);
printf("decoded = %s\n", out_buf);
return 0;
}
```
Update the text of `BIO_f_base64(3)` to clarify that when the flag
is set, the data must be all on one line (with or without a trailing
newline character).
Signed-off-by: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18568)
OpenSSL uses some POD directives masquerading as 'comment'
('=for comment' etc). This is abusive and confusing. Instead, we use
our own keyword.
=for openssl whatever
=begin openssl
whatever
=end openssl
(we have never used the multiline form, but might start one day)
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10048)
Move manpages to manX directories
Add Windows/VMS install fix from Richard Levitte
Update README
Fix typo's
Remove some duplicates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Tomas Mraz
Viktor Dukhovni
Dr. David von Oheimb
Fraser Tweedale
Matt Caswell
Daniel
Richard Levitte
Beat Bolli
Rich Salz