Allow whitespace in cacerts

Makes base64Decode generally more tolerant of whitespace

diff --git a/mech_eap/util_base64.c b/mech_eap/util_base64.c
index aaa1ea8..0ec1cdc 100644 (file)
--- a/mech_eap/util_base64.c
+++ b/mech_eap/util_base64.c
@@ -124,9 +124,15 @@ base64Decode(const char *str, void *data)
     q = data;
     p = str;
 
-    while (*p && *p && (*p == '=' || strchr(base64_chars, *p))) {
-       unsigned int val = token_decode(p);
-       unsigned int marker = (val >> 24) & 0xff;
+    while (*p && (*p == '=' || strchr(base64_chars, *p) || isspace(*p))) {
+       unsigned int val; 
+       unsigned int marker; 
+       if (isspace(*p)) {
+            p++;
+            continue;
+        }
+        val = token_decode(p);
+        marker = (val >> 24) & 0xff;
        if (val == DECODE_ERROR)
            return -1;
        *q++ = (val >> 16) & 0xff;
@@ -135,8 +141,6 @@ base64Decode(const char *str, void *data)
        if (marker < 1)
            *q++ = val & 0xff;
        p += 4;
-       if (*p == '\n')
-           p++;
     }
     return q - (unsigned char *) data;
 }

diff --git a/mech_eap/util_moonshot.c b/mech_eap/util_moonshot.c
index ce05322..68537a3 100644 (file)
--- a/mech_eap/util_moonshot.c
+++ b/mech_eap/util_moonshot.c
@@ -241,8 +241,7 @@ libMoonshotResolveInitiatorCred(OM_uint32 *minor,
 
         blobLength = base64Decode(caCertificate, blobData);
 
-        if ((blobLength <= 0) ||
-            (blobLength < maxLength - 2)) {
+        if (blobLength <= 0) {
             major = GSS_S_DEFECTIVE_CREDENTIAL;
             *minor = GSSEAP_BAD_CACERTIFICATE;
             GSSEAP_FREE(blobData);