From: Kevin Wasserman <krwasserman@painless-security.com>
Date: Wed, 25 Mar 2015 16:07:13 +0000 (-0400)
Subject: Allow whitespace in cacerts
X-Git-Tag: upstream/0.9.5~6
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=commitdiff_plain;h=6dbf073f937c5dd74a1fe05533e41bb56310a90c

Allow whitespace in cacerts

Makes base64Decode generally more tolerant of whitespace
---

diff --git a/mech_eap/util_base64.c b/mech_eap/util_base64.c
index aaa1ea8..0ec1cdc 100644
--- a/mech_eap/util_base64.c
+++ b/mech_eap/util_base64.c
@@ -124,9 +124,15 @@ base64Decode(const char *str, void *data)
     q = data;
     p = str;
 
-    while (*p && *p && (*p == '=' || strchr(base64_chars, *p))) {
-	unsigned int val = token_decode(p);
-	unsigned int marker = (val >> 24) & 0xff;
+    while (*p && (*p == '=' || strchr(base64_chars, *p) || isspace(*p))) {
+	unsigned int val; 
+	unsigned int marker; 
+	if (isspace(*p)) {
+            p++;
+            continue;
+        }
+        val = token_decode(p);
+        marker = (val >> 24) & 0xff;
 	if (val == DECODE_ERROR)
 	    return -1;
 	*q++ = (val >> 16) & 0xff;
@@ -135,8 +141,6 @@ base64Decode(const char *str, void *data)
 	if (marker < 1)
 	    *q++ = val & 0xff;
 	p += 4;
-	if (*p == '\n')
-	    p++;
     }
     return q - (unsigned char *) data;
 }
diff --git a/mech_eap/util_moonshot.c b/mech_eap/util_moonshot.c
index ce05322..68537a3 100644
--- a/mech_eap/util_moonshot.c
+++ b/mech_eap/util_moonshot.c
@@ -241,8 +241,7 @@ libMoonshotResolveInitiatorCred(OM_uint32 *minor,
 
         blobLength = base64Decode(caCertificate, blobData);
 
-        if ((blobLength <= 0) ||
-            (blobLength < maxLength - 2)) {
+        if (blobLength <= 0) {
             major = GSS_S_DEFECTIVE_CREDENTIAL;
             *minor = GSSEAP_BAD_CACERTIFICATE;
             GSSEAP_FREE(blobData);