From bc295549b73078166352a7eacb70f98fccea6754 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 17:51:49 +0200 Subject: [PATCH 001/113] Update login.c --- login.c | 40 +++++++++++++++++----------------------- 1 file changed, 17 insertions(+), 23 deletions(-) diff --git a/login.c b/login.c index 4a8b2ee..d33f1f8 100644 --- a/login.c +++ b/login.c @@ -29,30 +29,24 @@ static int callback (void* logindata, /* sql_exec passes its forth argument in h char** Db_entries, /* array of strings which represent the indiviual entries of this row ![REMEMBER the callback gets called for every ROW] */ char** azColName) /* the matching row name for the above strings eg.: azColname[0] = "username", Db_entries[0] = "man" in the last call */ { - bool usr1 = false; - bool pw1 = false; - login_data_t userdata = (login_data_t)logindata; - /* basically iterate over the data we get - check for match - * thats why we gotta return 0 if we have no match - * the callback wouldnt get called again for the next row - */ - for (int i = 0 ; i < numArgs; i++) { - if (Db_entries[i] != NULL) { - if (strcmp(Db_entries[i], userdata->username) == 0) { - usr1 = true; - isRegistered = true; /* username found in db (as we got a callback) -> search for matching pw */ - } - if (strcmp(Db_entries[i], userdata->hash) == 0) - pw1 = true; - } - } - if (usr1 && pw1) { /* successfully logged in */ - isLoggedOn = true; - return 0; /* ABORT match found */ - } else { - fprintf(stderr, "No match found!\n"); - return 0; /* no match found */ + login_data_t userdata = (login_data_t)logindata; + /* basically iterate over the data we get - check for match + * thats why we gotta return 0 if we have no match + * the callback wouldnt get called again for the next row + */ + for (int i = 0 ; i < numArgs; i++) { + if (/*Db_entries[i] != NULL &&*/ !strcmp(azColName[0], "username")) { + if (!strcmp(Db_entries[0], userdata->username)) { + isRegistered = true; /* username found in db (if check) -> search for matching pw */ + } + } if (/*Db_entries[i] != NULL &&*/ !strcmp(azColName[1], "password")) { + if (isRegistered && !strcmp(Db_entries[1], userdata->hash)) { + isLoggedOn = true; + return 0; + } + } } + return 0; } /* in this function im trying to handle the login event and interface with sqlite From b38cd1a2aa0609c5dc6207bc103e47f7f2c12623 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 17:55:37 +0200 Subject: [PATCH 002/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 5cb37da..0c261a3 100644 --- a/hash.c +++ b/hash.c @@ -82,7 +82,7 @@ void hash_func(const char* value, char* dest, int algo, unsigned int flags) { for holding the digest value\n"); abort(); } - memset((void*)dest, 0, sizeof(dest)); /* clear memory where hash is to be written */ + memset((void*)dest, 0, 48); /* clear memory where hash is to be written */ /* format the raw string to hex notation and From 2ae7ab186218c2dc2801544ee0979b8a0a13ebd6 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:00:37 +0200 Subject: [PATCH 003/113] Update hash.c --- hash.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/hash.c b/hash.c index 0c261a3..66484da 100644 --- a/hash.c +++ b/hash.c @@ -66,8 +66,8 @@ void hash_func(const char* value, char* dest, int algo, unsigned int flags) { unsigned char* byte_result = gcry_malloc_secure(gcry_md_get_algo_dlen(algo)*4); // NOTE: we actually ran out of space here once /* helpers to make them human readable and comparable */ unsigned char* helper = gcry_malloc_secure(16); /* actually only need 1 char */ - - if ( !gcry_is_secure(helper)|| !gcry_is_secure(byte_result)) { + unsigned char* final = gcry_malloc_secure(gcry_md_get_algo_dlen(algo)*4); + if ( !gcry_is_secure(helper)|| !gcry_is_secure(byte_result) || !gcry_is_secure(final)) { fprintf(stderr, "Could not allocate in secure memory!\n"); abort(); } @@ -76,12 +76,13 @@ void hash_func(const char* value, char* dest, int algo, unsigned int flags) { /* copy hash into a RAW string */ memcpy(byte_result, gcry_md_read(Crypto_handle, algo), gcry_md_get_algo_dlen(algo)*2); /* read in the raw byte string - size times two for hex notation */ - if (dest == NULL) { /* the caller has to allocate the destination memory */ - fprintf(stderr, "\t Hashing-Function: destination memory adress is not valid!\n\ - The caller of this function is responsible for allocating a destination buffer that is large enough\n\ - for holding the digest value\n"); - abort(); - } + if (dest == NULL) { /* the caller has to allocate the destination memory */ + fprintf(stderr, " ---- [%s] ----\n\t Hashing-Function: destination memory adress is not valid!\n\ + The caller of this function is responsible\n\t for allocating a destination buffer that is large enough\n\ + for holding the digest value.\n\t Returning as function return variable ...\n\t This can lead to security problems\n\t or memory leaks.\n", program_invocation_short_name); + errno = -EINVAL; + return (char*)final; + } memset((void*)dest, 0, 48); /* clear memory where hash is to be written */ From f8b8f5361fbd9d54253c9a0505d6062210735d57 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:05:52 +0200 Subject: [PATCH 004/113] Update optimizers.txt --- optimizers.txt | 384 ++++++++++++++++++++++++++++--------------------- 1 file changed, 220 insertions(+), 164 deletions(-) diff --git a/optimizers.txt b/optimizers.txt index d0177da..85f420c 100644 --- a/optimizers.txt +++ b/optimizers.txt @@ -1,166 +1,222 @@ The following options control optimizations: - -O - -Os - -falign-functions [enabled] - -falign-jumps [enabled] - -falign-labels [enabled] - -falign-loops [disabled] - -fargument-alias [enabled] - -fargument-noalias [disabled] - -fargument-noalias-anything [disabled] - -fargument-noalias-global [disabled] - -fasynchronous-unwind-tables [enabled] - -fbranch-count-reg [enabled] - -fbranch-probabilities [disabled] - -fbranch-target-load-optimize [disabled] - -fbranch-target-load-optimize2 [disabled] - -fbtr-bb-exclusive [disabled] - -fcaller-saves [enabled] - -fcommon [enabled] - -fconserve-stack [disabled] - -fcprop-registers [enabled] - -fcrossjumping [enabled] - -fcse-follow-jumps [enabled] - -fcse-skip-blocks [disabled] - -fcx-fortran-rules [disabled] - -fcx-limited-range [disabled] - -fdata-sections [disabled] - -fdce [enabled] - -fdefer-pop [enabled] - -fdelayed-branch [disabled] - -fdelete-null-pointer-checks [enabled] - -fdse [enabled] - -fearly-inlining [enabled] - -fexceptions [disabled] - -fexpensive-optimizations [enabled] - -ffinite-math-only [disabled] - -ffloat-store [disabled] - -fforward-propagate [enabled] - -fgcse [enabled] - -fgcse-after-reload [enabled] - -fgcse-las [disabled] - -fgcse-lm [enabled] - -fgcse-sm [disabled] - -fgraphite-identity [disabled] - -fguess-branch-probability [enabled] - -fhandle-exceptions - -fif-conversion [enabled] - -fif-conversion2 [enabled] - -finline-functions [enabled] - -finline-functions-called-once [enabled] - -finline-small-functions [enabled] - -fipa-cp [enabled] - -fipa-cp-clone [enabled] - -fipa-matrix-reorg [disabled] - -fipa-pta [disabled] - -fipa-pure-const [enabled] - -fipa-reference [enabled] - -fipa-type-escape [disabled] - -fivopts [enabled] - -fjump-tables [enabled] - -floop-block [disabled] - -floop-interchange [disabled] - -floop-strip-mine [disabled] - -fmath-errno [enabled] - -fmerge-all-constants [disabled] - -fmerge-constants [enabled] - -fmodulo-sched [disabled] - -fmove-loop-invariants [enabled] - -fnon-call-exceptions [disabled] - -fomit-frame-pointer [enabled] - -foptimize-register-move [enabled] - -foptimize-sibling-calls [enabled] - -fpack-struct [disabled] - -fpack-struct= - -fpeel-loops [disabled] - -fpeephole [enabled] - -fpeephole2 [enabled] - -fpredictive-commoning [enabled] - -fprefetch-loop-arrays [disabled] - -fpromote-loop-indices [disabled] - -freg-struct-return [disabled] - -fregmove [enabled] - -fremove-local-statics [disabled] - -frename-registers [enabled] - -freorder-blocks [enabled] - -freorder-blocks-and-partition [disabled] - -freorder-functions [enabled] - -frerun-cse-after-loop [enabled] - -freschedule-modulo-scheduled-loops [disabled] - -frounding-math [disabled] - -frtl-abstract-sequences [disabled] - -frtti - -fsched-interblock [enabled] - -fsched-spec [enabled] - -fsched-spec-load [disabled] - -fsched-spec-load-dangerous [disabled] - -fsched-stalled-insns [disabled] - -fsched-stalled-insns-dep [enabled] - -fsched2-use-superblocks [disabled] - -fsched2-use-traces [disabled] - -fschedule-insns [disabled] - -fschedule-insns2 [enabled] - -fsection-anchors [disabled] - -fsel-sched-pipelining [disabled] - -fsel-sched-pipelining-outer-loops [disabled] - -fsel-sched-reschedule-pipelined [disabled] - -fselective-scheduling [disabled] - -fselective-scheduling2 [disabled] - -fshort-double - -fshort-enums - -fshort-wchar - -fsignaling-nans [disabled] - -fsigned-zeros [enabled] - -fsingle-precision-constant [disabled] - -fsplit-ivs-in-unroller [enabled] - -fsplit-wide-types [enabled] - -fstrict-aliasing [enabled] - -fthread-jumps [enabled] - -fno-threadsafe-statics - -ftoplevel-reorder [enabled] - -ftrapping-math [enabled] - -ftrapv [disabled] - -ftree-builtin-call-dce [enabled] - -ftree-ccp [enabled] - -ftree-ch [enabled] - -ftree-copy-prop [enabled] - -ftree-copyrename [enabled] - -ftree-cselim [enabled] - -ftree-dce [enabled] - -ftree-dominator-opts [enabled] - -ftree-dse [enabled] - -ftree-fre [enabled] - -ftree-loop-distribution [disabled] - -ftree-loop-im [enabled] - -ftree-loop-ivcanon [enabled] - -ftree-loop-linear [disabled] - -ftree-loop-optimize [enabled] - -ftree-lrs [disabled] - -ftree-pre [enabled] - -ftree-pre-partial-partial [enabled] - -ftree-pre-partial-partial-obliviously [disabled] - -ftree-reassoc [enabled] - -ftree-scev-cprop [enabled] - -ftree-sink [enabled] - -ftree-sra [enabled] - -ftree-switch-conversion [enabled] - -ftree-ter [enabled] - -ftree-vect-loop-version [enabled] - -ftree-vectorize [enabled] - -ftree-vrp [enabled] - -funit-at-a-time [enabled] - -funroll-all-loops [disabled] - -funroll-loops [disabled] - -funsafe-loop-optimizations [disabled] - -funsafe-math-optimizations [disabled] - -funswitch-loops [enabled] - -funwind-tables [disabled] - -fvar-tracking [enabled] - -fvar-tracking-uninit [disabled] - -fvariable-expansion-in-unroller [disabled] - -fvect-cost-model [enabled] - -fvpt [disabled] - -fweb [enabled] - -fwhole-program [disabled] - -fwrapv [disabled] + -O + -Ofast + -Og + -Os + -faggressive-loop-optimizations [enabled] + -falign-functions [disabled] + -falign-jumps [disabled] + -falign-labels [disabled] + -falign-loops [disabled] + -fassociative-math [disabled] + -fasynchronous-unwind-tables [enabled] + -fauto-inc-dec [enabled] + -fbranch-count-reg [disabled] + -fbranch-probabilities [disabled] + -fbranch-target-load-optimize [disabled] + -fbranch-target-load-optimize2 [disabled] + -fbtr-bb-exclusive [disabled] + -fcaller-saves [disabled] + -fcombine-stack-adjustments [disabled] + -fcompare-elim [disabled] + -fconserve-stack [disabled] + -fcprop-registers [disabled] + -fcrossjumping [disabled] + -fcse-follow-jumps [disabled] + -fcx-fortran-rules [disabled] + -fcx-limited-range [disabled] + -fdce [enabled] + -fdefer-pop [disabled] + -fdelayed-branch [disabled] + -fdelete-dead-exceptions [disabled] + -fdelete-null-pointer-checks [enabled] + -fdevirtualize [disabled] + -fdevirtualize-speculatively [disabled] + -fdse [enabled] + -fearly-inlining [enabled] + -fexceptions [disabled] + -fexpensive-optimizations [disabled] + -ffinite-math-only [disabled] + -ffloat-store [disabled] + -fforward-propagate [disabled] + -ffp-contract= fast + -ffunction-cse [enabled] + -fgcse [disabled] + -fgcse-after-reload [disabled] + -fgcse-las [disabled] + -fgcse-lm [enabled] + -fgcse-sm [disabled] + -fgraphite [disabled] + -fgraphite-identity [disabled] + -fguess-branch-probability [disabled] + -fhandle-exceptions + -fhoist-adjacent-loads [disabled] + -fif-conversion [disabled] + -fif-conversion2 [disabled] + -findirect-inlining [disabled] + -finline [enabled] + -finline-atomics [enabled] + -finline-functions [disabled] + -finline-functions-called-once [disabled] + -finline-small-functions [disabled] + -fipa-cp [disabled] + -fipa-cp-alignment [disabled] + -fipa-cp-clone [disabled] + -fipa-icf [disabled] + -fipa-icf-functions [disabled] + -fipa-profile [disabled] + -fipa-pta [disabled] + -fipa-pure-const [disabled] + -fipa-ra [disabled] + -fipa-reference [disabled] + -fipa-sra [disabled] + -fira-algorithm= CB + -fira-hoist-pressure [enabled] + -fira-loop-pressure [disabled] + -fira-region= [default] + -fira-share-save-slots [enabled] + -fira-share-spill-slots [enabled] + -fisolate-erroneous-paths-attribute [disabled] + -fisolate-erroneous-paths-dereference [disabled] + -fivopts [enabled] + -fjump-tables [enabled] + -flifetime-dse [enabled] + -flive-range-shrinkage [disabled] + -floop-block [disabled] + -floop-interchange [disabled] + -floop-nest-optimize [disabled] + -floop-parallelize-all [disabled] + -floop-strip-mine [disabled] + -floop-unroll-and-jam [disabled] + -flra-remat [disabled] + -fmath-errno [enabled] + -fmodulo-sched [disabled] + -fmodulo-sched-allow-regmoves [disabled] + -fmove-loop-invariants [disabled] + -fnon-call-exceptions [disabled] + -fnothrow-opt [disabled] + -fomit-frame-pointer [disabled] + -fopt-info [disabled] + -foptimize-sibling-calls [disabled] + -foptimize-strlen [disabled] + -fpack-struct [disabled] + -fpack-struct= + -fpartial-inlining [disabled] + -fpeel-loops [disabled] + -fpeephole [enabled] + -fpeephole2 [disabled] + -fpredictive-commoning [disabled] + -fprefetch-loop-arrays [enabled] + -freciprocal-math [disabled] + -freg-struct-return [disabled] + -frename-registers [enabled] + -freorder-blocks [disabled] + -freorder-blocks-and-partition [disabled] + -freorder-functions [disabled] + -frerun-cse-after-loop [disabled] + -freschedule-modulo-scheduled-loops [disabled] + -frounding-math [disabled] + -frtti [enabled] + -fsched-critical-path-heuristic [enabled] + -fsched-dep-count-heuristic [enabled] + -fsched-group-heuristic [enabled] + -fsched-interblock [enabled] + -fsched-last-insn-heuristic [enabled] + -fsched-pressure [disabled] + -fsched-rank-heuristic [enabled] + -fsched-spec [enabled] + -fsched-spec-insn-heuristic [enabled] + -fsched-spec-load [disabled] + -fsched-spec-load-dangerous [disabled] + -fsched-stalled-insns [disabled] + -fsched-stalled-insns-dep [enabled] + -fsched-stalled-insns-dep= + -fsched-stalled-insns= + -fsched2-use-superblocks [disabled] + -fschedule-fusion [enabled] + -fschedule-insns [disabled] + -fschedule-insns2 [disabled] + -fsection-anchors [disabled] + -fsel-sched-pipelining [disabled] + -fsel-sched-pipelining-outer-loops [disabled] + -fsel-sched-reschedule-pipelined [disabled] + -fselective-scheduling [disabled] + -fselective-scheduling2 [disabled] + -fshort-double [disabled] + -fshort-enums [enabled] + -fshort-wchar [disabled] + -fshrink-wrap [disabled] + -fsignaling-nans [disabled] + -fsigned-zeros [enabled] + -fsimd-cost-model= unlimited + -fsingle-precision-constant [disabled] + -fsplit-ivs-in-unroller [enabled] + -fsplit-wide-types [disabled] + -fssa-phiopt [disabled] + -fstack-reuse= all + -fstdarg-opt [enabled] + -fstrict-aliasing [disabled] + -fstrict-enums [disabled] + -fstrict-overflow [disabled] + -fstrict-volatile-bitfields [enabled] + -fthread-jumps [disabled] + -fno-threadsafe-statics [enabled] + -ftracer [disabled] + -ftrapping-math [enabled] + -ftrapv [disabled] + -ftree-bit-ccp [disabled] + -ftree-builtin-call-dce [disabled] + -ftree-ccp [disabled] + -ftree-ch [disabled] + -ftree-coalesce-inlined-vars [disabled] + -ftree-coalesce-vars [enabled] + -ftree-copy-prop [disabled] + -ftree-copyrename [disabled] + -ftree-cselim [enabled] + -ftree-dce [disabled] + -ftree-dominator-opts [disabled] + -ftree-dse [disabled] + -ftree-forwprop [enabled] + -ftree-fre [disabled] + -ftree-loop-distribute-patterns [disabled] + -ftree-loop-distribution [disabled] + -ftree-loop-if-convert [enabled] + -ftree-loop-if-convert-stores [disabled] + -ftree-loop-im [enabled] + -ftree-loop-ivcanon [enabled] + -ftree-loop-optimize [enabled] + -ftree-loop-vectorize [disabled] + -ftree-lrs [disabled] + -ftree-parallelize-loops= 0x1 + -ftree-partial-pre [disabled] + -ftree-phiprop [enabled] + -ftree-pre [disabled] + -ftree-pta [disabled] + -ftree-reassoc [enabled] + -ftree-scev-cprop [enabled] + -ftree-sink [disabled] + -ftree-slp-vectorize [disabled] + -ftree-slsr [disabled] + -ftree-sra [disabled] + -ftree-switch-conversion [disabled] + -ftree-tail-merge [disabled] + -ftree-ter [disabled] + -ftree-vectorize [disabled] + -ftree-vrp [disabled] + -funroll-all-loops [disabled] + -funroll-loops [disabled] + -funsafe-loop-optimizations [disabled] + -funsafe-math-optimizations [disabled] + -funswitch-loops [disabled] + -funwind-tables [disabled] + -fvar-tracking [enabled] + -fvar-tracking-assignments [enabled] + -fvar-tracking-assignments-toggle [disabled] + -fvar-tracking-uninit [disabled] + -fvariable-expansion-in-unroller [disabled] + -fvect-cost-model= [default] + -fvpt [disabled] + -fweb [enabled] + -fwrapv [disabled] + From e885dc0db4a2107135da68d94be4061a1a7d9e7b Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:06:57 +0200 Subject: [PATCH 005/113] Update README --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 3dbcca5..75703c6 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -Written by omen23 -- David Schuster in 2012 (david [dot] schuster [at] kdemail [dot] net) +Written by omen23 -- David Schuster © in 2012-2016 (david [dot] schuster [at] kdemail [dot] net) Open and free! (but please give me some credit =) This is an interface to a sqlite3 database which stores its keys hashed or in plain From 6fe8fb19a775a404636db5fea422c5d6e0b12df6 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:21:53 +0200 Subject: [PATCH 006/113] Update login.h --- login.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/login.h b/login.h index c0d7ebd..fa1b136 100644 --- a/login.h +++ b/login.h @@ -45,12 +45,12 @@ change login.h." #define USERBUF (1 << 8) // 256 /* user data definitions - mostly hidden - only in use in the interior of the login func */ -typedef struct { +typedef struct login_data { char* username; char* password; char* hash; -} login_data; -typedef login_data* login_data_t; +} *login_data_t; + /* function prototypes */ /* in this function im trying to handle the login event and interface with sqlite @@ -66,6 +66,6 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons void build_sql_string(const char* username, char* destination); /* this function calculates a string which represents * the hash of the user's password */ -void hash_func(const char* value, char* destination, int algo, unsigned int flags); +char* hash_func(const char* value, char* destination, int algo, unsigned int flags); void gcrypt_init( void ); #endif // _LOGIN_H_ From 44b06bb75567bc374abb6bb82dc045f4a28f05a3 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:26:02 +0200 Subject: [PATCH 007/113] Update hash.c --- hash.c | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/hash.c b/hash.c index 66484da..5822aad 100644 --- a/hash.c +++ b/hash.c @@ -76,23 +76,30 @@ void hash_func(const char* value, char* dest, int algo, unsigned int flags) { /* copy hash into a RAW string */ memcpy(byte_result, gcry_md_read(Crypto_handle, algo), gcry_md_get_algo_dlen(algo)*2); /* read in the raw byte string - size times two for hex notation */ - if (dest == NULL) { /* the caller has to allocate the destination memory */ - fprintf(stderr, " ---- [%s] ----\n\t Hashing-Function: destination memory adress is not valid!\n\ - The caller of this function is responsible\n\t for allocating a destination buffer that is large enough\n\ - for holding the digest value.\n\t Returning as function return variable ...\n\t This can lead to security problems\n\t or memory leaks.\n", program_invocation_short_name); - errno = -EINVAL; - return (char*)final; - } - memset((void*)dest, 0, 48); /* clear memory where hash is to be written */ + + /* format the raw string to hex notation and * pass it piece by piece into our char *dest * and concatenate */ for (int i = 0; i < gcry_md_get_algo_dlen(algo); i++) { - sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); - stringconcat(dest, (const char*)helper); + sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); + stringconcat((char*)final, (const char*)helper); + } } + + if (dest == NULL) { /* the caller has to allocate the destination memory */ + fprintf(stderr, " ---- [%s] ----\n\t Hashing-Function: destination memory adress is not valid!\n\ + The caller of this function is responsible\n\t for allocating a destination buffer that is large enough\n\ + for holding the digest value.\n\t Returning as function return variable ...\n\t This can lead to security problems\n\t or memory leaks.\n", program_invocation_short_name); + errno = -EINVAL; + return (char*)final; + } + + + memset((void*)dest, 0, 48); /* clear memory where hash is to be written */ + strncpy((void*)dest, (char*)final, strlen((char*)final)); dest[ strlen( dest ) ] = '\0'; /* generally clean up after ourselves ... */ gcry_md_close(Crypto_handle); /* releases all security relevant information */ From b1470e66e8d143838b3c82c1e1785fb00f266d18 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:27:17 +0200 Subject: [PATCH 008/113] Update hash.c --- hash.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 5822aad..0d76531 100644 --- a/hash.c +++ b/hash.c @@ -25,7 +25,7 @@ * GCRY_MGCRY_MD_FLAG_SECURE = 1, Allocate all buffers in "secure" memory. * GCRY_MD_FLAG_HMAC = 2, Make an HMAC out of this algorithm. */ -void hash_func(const char* value, char* dest, int algo, unsigned int flags) { +char* hash_func(const char* value, char* dest, int algo, unsigned int flags) { gcrypt_init(); gcry_md_hd_t Crypto_handle; /* crypto context handle */ @@ -106,10 +106,13 @@ void hash_func(const char* value, char* dest, int algo, unsigned int flags) { gcry_free(Crypto_handle); gcry_free(byte_result); gcry_free(helper); + gcry_free(final); + final = NULL; Crypto_error = 0; Crypto_handle = NULL; byte_result = NULL; helper = NULL; + return dest; } else /* if the hash mechanism isnt working abort */ abort(); From 42d3d4772f71209e2ba91466df25c7fdea0c68c3 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 9 Oct 2016 18:28:54 +0200 Subject: [PATCH 009/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 0d76531..d7253e8 100644 --- a/hash.c +++ b/hash.c @@ -86,8 +86,8 @@ char* hash_func(const char* value, char* dest, int algo, unsigned int flags) { for (int i = 0; i < gcry_md_get_algo_dlen(algo); i++) { sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); stringconcat((char*)final, (const char*)helper); - } } + if (dest == NULL) { /* the caller has to allocate the destination memory */ fprintf(stderr, " ---- [%s] ----\n\t Hashing-Function: destination memory adress is not valid!\n\ From 2894aa2717f2a60ec8666c2c81fdabfdbaaf956d Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 17:20:25 +0200 Subject: [PATCH 010/113] Update hash.c --- hash.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/hash.c b/hash.c index d7253e8..c4fa760 100644 --- a/hash.c +++ b/hash.c @@ -60,13 +60,14 @@ char* hash_func(const char* value, char* dest, int algo, unsigned int flags) { for (int x = 0 ; x < text_length; x++) { gcry_md_putc(Crypto_handle, (unsigned char)value[x]); } + size_t algolen = gcry_md_get_algo_dlen(algo); /* finalize calculation */ gcry_md_final(Crypto_handle); /* allocate (secure) heap memory for the hash */ - unsigned char* byte_result = gcry_malloc_secure(gcry_md_get_algo_dlen(algo)*4); // NOTE: we actually ran out of space here once + unsigned char* byte_result = gcry_malloc_secure(algolen*4); // NOTE: we actually ran out of space here once /* helpers to make them human readable and comparable */ unsigned char* helper = gcry_malloc_secure(16); /* actually only need 1 char */ - unsigned char* final = gcry_malloc_secure(gcry_md_get_algo_dlen(algo)*4); + unsigned char* final = gcry_malloc_secure(algolen*4); if ( !gcry_is_secure(helper)|| !gcry_is_secure(byte_result) || !gcry_is_secure(final)) { fprintf(stderr, "Could not allocate in secure memory!\n"); abort(); @@ -74,7 +75,7 @@ char* hash_func(const char* value, char* dest, int algo, unsigned int flags) { // NOTE: 10.6.2012 fixed a strcpy issue - where digests with a value of zer0 [00] in the middle would be // cut off - using memcpy instead /* copy hash into a RAW string */ - memcpy(byte_result, gcry_md_read(Crypto_handle, algo), gcry_md_get_algo_dlen(algo)*2); /* read in the raw byte string - size times two for hex notation */ + memcpy(byte_result, gcry_md_read(Crypto_handle, algo), algolen); /* read in the raw byte string - size times two for hex notation */ @@ -83,24 +84,24 @@ char* hash_func(const char* value, char* dest, int algo, unsigned int flags) { /* format the raw string to hex notation and * pass it piece by piece into our char *dest * and concatenate */ - for (int i = 0; i < gcry_md_get_algo_dlen(algo); i++) { + for (int i = 0; i < algolen; i++) { sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); stringconcat((char*)final, (const char*)helper); } if (dest == NULL) { /* the caller has to allocate the destination memory */ - fprintf(stderr, " ---- [%s] ----\n\t Hashing-Function: destination memory adress is not valid!\n\ - The caller of this function is responsible\n\t for allocating a destination buffer that is large enough\n\ - for holding the digest value.\n\t Returning as function return variable ...\n\t This can lead to security problems\n\t or memory leaks.\n", program_invocation_short_name); + fprintf(stderr, " ---- [%s] ----\n Hashing-Function: destination memory adress is NULL!\n", program_invocation_short_name); + fprintf(stderr, " The caller of this function is responsible\n for allocating a destination buffer that is large enough for\n"); + fprintf(stderr, " holding the digest value.\n Returning as function return variable ...\n This can lead to security problems\n and memory leaks.\n"); errno = -EINVAL; - return (char*)final; + return (char*)final; } - memset((void*)dest, 0, 48); /* clear memory where hash is to be written */ + memset((void*)dest, 0, algolen*2); /* clear memory where hash is to be written */ strncpy((void*)dest, (char*)final, strlen((char*)final)); - dest[ strlen( dest ) ] = '\0'; + dest[ algolen*2 ] = '\0'; /* generally clean up after ourselves ... */ gcry_md_close(Crypto_handle); /* releases all security relevant information */ gcry_free(Crypto_handle); From b4a1bf5d3f369f37bb61356b2491e2da538e30c2 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 17:25:48 +0200 Subject: [PATCH 011/113] Update hashit.c --- hashit.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/hashit.c b/hashit.c index 75d5e41..a039fe2 100644 --- a/hashit.c +++ b/hashit.c @@ -13,13 +13,13 @@ int main(int argc, char** argv) { time_t thetime = time(NULL); - printf("hashit v0.1 - %s", ctime(&thetime)); + printf("hashit v0.2 - %s", ctime(&thetime)); clock_t start, end; start = clock(); int algo; char buffer[1<<12]; - char final[1<<12]; - gcrypt_init(); + +start: printf("These are the available algorithms: \n\ GCRY_MD_MD5 = 1,\n\ GCRY_MD_SHA1 = 2,\n\ @@ -45,22 +45,24 @@ int main(int argc, char** argv) if (!rangeOk) { printf("Select a valid algorithm please\n"); - abort(); + goto start; } - + char* final = gcry_malloc_secure((gcry_md_get_algo_dlen(algo)*2)+1); char* ptr = buffer; getchar(); // fall thru without this call printf("What value do you want to hash? "); fgets(ptr, sizeof buffer, stdin); ptr[strlen(ptr)-1] = '\0'; // remove '\n' of fgets - char* hash = final; - hash_func(ptr, hash, algo, GCRY_MD_FLAG_SECURE); + + hash_func(final, ptr, algo, GCRY_MD_FLAG_SECURE); printf("\"%s\" hashed is:\n%s\n", ptr, hash); + gcry_free(final); + final = NULL; end = clock(); double execution_time = (double) ((end - start) / CLOCKS_PER_SEC); printf("Execution of the program took %.12lf secs\n",execution_time); //(double) ((end - start) / CLOCKS_PER_SEC) ); return 0; -} \ No newline at end of file +} From 2753f3df78bd50a19e2f1d09703a470715ae43b1 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 17:28:31 +0200 Subject: [PATCH 012/113] Update hashit.c --- hashit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hashit.c b/hashit.c index a039fe2..322a691 100644 --- a/hashit.c +++ b/hashit.c @@ -56,7 +56,7 @@ int main(int argc, char** argv) hash_func(final, ptr, algo, GCRY_MD_FLAG_SECURE); - printf("\"%s\" hashed is:\n%s\n", ptr, hash); + printf("\"%s\" hashed is:\n%s\n", ptr, final); gcry_free(final); final = NULL; end = clock(); From e5350ce041dcedc985fba21bd1f2531862d47e62 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 17:47:12 +0200 Subject: [PATCH 013/113] Update hashit.c --- hashit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hashit.c b/hashit.c index 322a691..6a1e88b 100644 --- a/hashit.c +++ b/hashit.c @@ -13,9 +13,9 @@ int main(int argc, char** argv) { time_t thetime = time(NULL); + clock_t start = clock(), end; printf("hashit v0.2 - %s", ctime(&thetime)); - clock_t start, end; - start = clock(); + gcrypt_init(); int algo; char buffer[1<<12]; @@ -61,7 +61,7 @@ int main(int argc, char** argv) final = NULL; end = clock(); double execution_time = (double) ((end - start) / CLOCKS_PER_SEC); - printf("Execution of the program took %.12lf secs\n",execution_time); //(double) ((end - start) / CLOCKS_PER_SEC) ); + printf("Execution of the program took %.16Lf secs\n",execution_time); //(double) ((end - start) / CLOCKS_PER_SEC) ); return 0; From 072536ffd5643e21578f89fa65d31e7d6b7414fb Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 17:51:13 +0200 Subject: [PATCH 014/113] Update hashit.c --- hashit.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hashit.c b/hashit.c index 6a1e88b..46c0314 100644 --- a/hashit.c +++ b/hashit.c @@ -13,7 +13,7 @@ int main(int argc, char** argv) { time_t thetime = time(NULL); - clock_t start = clock(), end; + //clock_t start = clock(), end; printf("hashit v0.2 - %s", ctime(&thetime)); gcrypt_init(); int algo; @@ -59,9 +59,11 @@ int main(int argc, char** argv) printf("\"%s\" hashed is:\n%s\n", ptr, final); gcry_free(final); final = NULL; + /* end = clock(); double execution_time = (double) ((end - start) / CLOCKS_PER_SEC); printf("Execution of the program took %.16Lf secs\n",execution_time); //(double) ((end - start) / CLOCKS_PER_SEC) ); + */ return 0; From ed17e71be4aa8861455ce4a130d7cbd1f1f7f9b9 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 23:49:46 +0200 Subject: [PATCH 015/113] complete rewrite --- hash.c | 131 ++++++++++----------------------------------------------- 1 file changed, 22 insertions(+), 109 deletions(-) diff --git a/hash.c b/hash.c index c4fa760..b2ba9cc 100644 --- a/hash.c +++ b/hash.c @@ -1,10 +1,10 @@ -/* C to sqlite DB interface (for logins) - * with hashing mechanisms using gcrypt - * written by oMeN23 in 2011-2012 - * If you think this is useful, use it! - * copyleft, open and free! - * file: hash.c (hashing) +/* + * new modular hash function for the sqlite3 interface + * by David Schuster © 2016 * + * */ + +#define _GNU_SOURCE #include #include #include @@ -15,111 +15,24 @@ #include #include "login.h" -/* this function calculates a hex-string which represents - * the hash of the user's password or any value - * arg1 = the value - * arg2 = the destination (caller has to allocate dynamic or automatic memory and free it eventually after) - min. (gcry_md_get_algo_dlen(algo)*4) for hex notation - * arg3 = the algorithm (see libgcrypt docs) - * arg4 = some flags (see below) - * 0 = none, - * GCRY_MGCRY_MD_FLAG_SECURE = 1, Allocate all buffers in "secure" memory. - * GCRY_MD_FLAG_HMAC = 2, Make an HMAC out of this algorithm. - */ -char* hash_func(const char* value, char* dest, int algo, unsigned int flags) { - - gcrypt_init(); - gcry_md_hd_t Crypto_handle; /* crypto context handle */ - gcry_error_t Crypto_error = 0; - - /* determine pw length + 1 (macro handles it), max USERBUF , not overflowable MACRO USED */ - size_t text_length = stringlength(value) + 1; /* terminating null, shouldnt make a diff, sys dependend, this is correct */ - /* check if the library is working as it should .. */ - Crypto_error = gcry_md_open(&Crypto_handle, algo, flags); - if (Crypto_error || Crypto_handle == NULL) - fprintf(stderr, "Failure: %s\t/\t%s\n", - gcry_strsource(Crypto_error), - gcry_strerror(Crypto_error) - ); - Crypto_error = gcry_md_enable(Crypto_handle, algo); - if (Crypto_error) - fprintf(stderr, "Failure: %s\t/\t%s\n", - gcry_strsource(Crypto_error), - gcry_strerror(Crypto_error) - ); - if (Crypto_error || !gcry_md_is_enabled(Crypto_handle, algo)) { - fprintf(stderr, "Failure: %s\t/\t%s\n", - gcry_strsource(Crypto_error), - gcry_strerror(Crypto_error) - ); - abort(); - } - /* if algo works start the hashing */ - if (gcry_md_test_algo(algo) == GPG_ERR_NO_ERROR) { - - /* pass pw into hash function bytewise (unsigned char) */ - for (int x = 0 ; x < text_length; x++) { - gcry_md_putc(Crypto_handle, (unsigned char)value[x]); - } - size_t algolen = gcry_md_get_algo_dlen(algo); - /* finalize calculation */ - gcry_md_final(Crypto_handle); - /* allocate (secure) heap memory for the hash */ - unsigned char* byte_result = gcry_malloc_secure(algolen*4); // NOTE: we actually ran out of space here once - /* helpers to make them human readable and comparable */ - unsigned char* helper = gcry_malloc_secure(16); /* actually only need 1 char */ - unsigned char* final = gcry_malloc_secure(algolen*4); - if ( !gcry_is_secure(helper)|| !gcry_is_secure(byte_result) || !gcry_is_secure(final)) { - fprintf(stderr, "Could not allocate in secure memory!\n"); - abort(); - } - // NOTE: 10.6.2012 fixed a strcpy issue - where digests with a value of zer0 [00] in the middle would be - // cut off - using memcpy instead - /* copy hash into a RAW string */ - memcpy(byte_result, gcry_md_read(Crypto_handle, algo), algolen); /* read in the raw byte string - size times two for hex notation */ - - - - - /* format the raw string to hex notation and - * pass it piece by piece into our char *dest - * and concatenate */ - for (int i = 0; i < algolen; i++) { - sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); - stringconcat((char*)final, (const char*)helper); - } - - - if (dest == NULL) { /* the caller has to allocate the destination memory */ - fprintf(stderr, " ---- [%s] ----\n Hashing-Function: destination memory adress is NULL!\n", program_invocation_short_name); - fprintf(stderr, " The caller of this function is responsible\n for allocating a destination buffer that is large enough for\n"); - fprintf(stderr, " holding the digest value.\n Returning as function return variable ...\n This can lead to security problems\n and memory leaks.\n"); - errno = -EINVAL; - return (char*)final; - } - - - memset((void*)dest, 0, algolen*2); /* clear memory where hash is to be written */ - strncpy((void*)dest, (char*)final, strlen((char*)final)); - dest[ algolen*2 ] = '\0'; - /* generally clean up after ourselves ... */ - gcry_md_close(Crypto_handle); /* releases all security relevant information */ - gcry_free(Crypto_handle); - gcry_free(byte_result); - gcry_free(helper); - gcry_free(final); - final = NULL; - Crypto_error = 0; - Crypto_handle = NULL; - byte_result = NULL; - helper = NULL; - return dest; - - } else /* if the hash mechanism isnt working abort */ - abort(); +void hash_func(int algo, void* digest, const void* value, size_t len) +{ + size_t algolen = gcry_md_get_algo_dlen(algo); + char* helper = gcry_malloc_secure(16); + char* byte_result = gcry_malloc_secure(algolen); + + gcry_md_hash_buffer(algo, byte_result, value, len); + + for (int i = 0; i < algolen; i++) { + sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); + stringconcat((char*)digest, (char*)helper); + } + } -void gcrypt_init() { +void gcrypt_init() +{ static bool initialized = false; if (gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P) || initialized) return; @@ -131,7 +44,7 @@ void gcrypt_init() { /* this is the actual library initialization * with a sec mem starting pool of 64k */ gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN), - gcry_control(GCRYCTL_INIT_SECMEM, 16384*4, 0), + gcry_control(GCRYCTL_INIT_SECMEM, 65536, 0), gcry_control(GCRYCTL_RESUME_SECMEM_WARN), gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); initialized = true; From 825f325b605bdad9598240ef1b03745ab9869ca0 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 23:54:36 +0200 Subject: [PATCH 016/113] overhaul --- hashit.c | 73 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 37 insertions(+), 36 deletions(-) diff --git a/hashit.c b/hashit.c index 46c0314..9020bf3 100644 --- a/hashit.c +++ b/hashit.c @@ -1,70 +1,71 @@ +/* C to sqlite DB interface (for logins) + * with hashing mechanisms using gcrypt + * written by oMeN23 in 2011-2012 + * If you think this is useful, use it! + * copyleft, open and free! + * file: hashit.c (hashing-utility) + */ + #include #include #include #include - #include #include #include #include - #include "login.h" int main(int argc, char** argv) { time_t thetime = time(NULL); - //clock_t start = clock(), end; - printf("hashit v0.2 - %s", ctime(&thetime)); + + printf("hashit v0.25 - %s", ctime(&thetime)); gcrypt_init(); int algo; char buffer[1<<12]; -start: +start: printf("These are the available algorithms: \n\ - GCRY_MD_MD5 = 1,\n\ - GCRY_MD_SHA1 = 2,\n\ - GCRY_MD_RMD160 = 3,\n\ - GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */\n\ - GCRY_MD_SHA256 = 8,\n\ - GCRY_MD_SHA384 = 9,\n\ - GCRY_MD_SHA512 = 10,\n\ - GCRY_MD_SHA224 = 11,\n\ - GCRY_MD_MD4 = 301,\n\ - GCRY_MD_CRC32 = 302,\n\ - GCRY_MD_CRC32_RFC1510 = 303,\n\ - GCRY_MD_CRC24_RFC2440 = 304,\n\ - GCRY_MD_WHIRLPOOL = 305,\n\ - GCRY_MD_TIGER1 = 306, /* TIGER fixed. */\n\ - GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */\n"); + GCRY_MD_MD5 = 1,\n\ + GCRY_MD_SHA1 = 2,\n\ + GCRY_MD_RMD160 = 3,\n\ + GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */\n\ + GCRY_MD_SHA256 = 8,\n\ + GCRY_MD_SHA384 = 9,\n\ + GCRY_MD_SHA512 = 10,\n\ + GCRY_MD_SHA224 = 11,\n\ + GCRY_MD_MD4 = 301,\n\ + GCRY_MD_CRC32 = 302,\n\ + GCRY_MD_CRC32_RFC1510 = 303,\n\ + GCRY_MD_CRC24_RFC2440 = 304,\n\ + GCRY_MD_WHIRLPOOL = 305,\n\ + GCRY_MD_TIGER1 = 306, /* TIGER fixed. */\n\ + GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */\n"); printf("Please enter the number of the desired algorithm: "); - scanf("%i", &algo); + scanf("%i", &algo), + getchar(); // fall thru without this call bool rangeOk = false; if ((algo > 0 && algo < 12 && (algo != 4 && algo != 5 && algo != 7)) || (algo > 300 && algo < 308)) rangeOk = true; if (!rangeOk) { - printf("Select a valid algorithm please\n"); + printf("Select a valid algorithm please.\n"); goto start; } char* final = gcry_malloc_secure((gcry_md_get_algo_dlen(algo)*2)+1); char* ptr = buffer; - getchar(); // fall thru without this call + printf("What value do you want to hash? "); fgets(ptr, sizeof buffer, stdin); - ptr[strlen(ptr)-1] = '\0'; // remove '\n' of fgets - - - hash_func(final, ptr, algo, GCRY_MD_FLAG_SECURE); - printf("\"%s\" hashed is:\n%s\n", ptr, final); + ptr[ strlen(ptr) - 1 ] = '\0'; // remove '\n' of fgets + + hash_func(algo, final, ptr, strlen(ptr)); + printf("%s\n", final); + gcry_free(final); - final = NULL; - /* - end = clock(); - double execution_time = (double) ((end - start) / CLOCKS_PER_SEC); - printf("Execution of the program took %.16Lf secs\n",execution_time); //(double) ((end - start) / CLOCKS_PER_SEC) ); - */ + final = NULL; - return 0; - + return 0; } From 1071d3137efc7231ffac1fdca458a79122a16e3f Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 13 Oct 2016 23:57:45 +0200 Subject: [PATCH 017/113] small change so hash.c rewrite plugs in --- login.c | 331 +++++++++++++++++++++++++++----------------------------- 1 file changed, 161 insertions(+), 170 deletions(-) diff --git a/login.c b/login.c index d33f1f8..27ba585 100644 --- a/login.c +++ b/login.c @@ -1,19 +1,10 @@ /* C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 in 2011 - * If you think this is useful, use it! - * copyleft, open and free! + * written by oMeN23 aka David Schuster © 2011 - 2016 + * If you think this is useful, use it! * * file: login.c (main) */ -#include -#include -#include -#include -#include -#include -#include -#include -#include + #include "login.h" /* does the user exist in the db */ @@ -57,144 +48,144 @@ bool login(const char* username, /* username */ bool own_sql, /* indicates if you want your own sql statement executed against the DB */ const char* sql_statement) /* the sql statement to be executed against the Database or NULL */ { - /* check for user overflow attempts */ - if (stringlength(username) > USERBUF - 6 || stringlength(password) > USERBUF - 6) { - fprintf(stderr, "Username and/or password too long! Max. %d characters.\n", USERBUF - 6); - fprintf(stderr, "Make a different choice, please.\n"); - abort(); - } - else if (stringlength(username) < 2 || stringlength(password) < 4) { - fprintf(stderr, "Username min. 3 characters and password min. 4 characters.\n"); /* TODO ADJUST THIS IS FOR THE FINAL */ - abort(); - } - - /* PREREQUESITES AND MEM ALLOC */ - sqlite3* Db_object = NULL; - char* errormsg; - gcrypt_init(); /* initialize mem manager and stuff so lib doesnt complain */ - - login_data_t container = gcry_malloc_secure(sizeof *container); - - if (container == NULL) { - fprintf(stderr, "Could not allocate memory!\n"); - abort(); - } - container->username = gcry_malloc_secure(USERBUF); - container->password = gcry_malloc_secure(USERBUF); - container->hash = gcry_malloc_secure(USERBUF * 2); - - if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->password)) { - fprintf(stderr, "Could not allocate in secure memory!\n"); - abort(); - } - - strcpy(container->username, username); /* copy userdata in secure mem */ - strcpy(container->password, password); + /* check for user overflow attempts */ + if (stringlength(username) > USERBUF - 6 || stringlength(password) > USERBUF - 6) { + fprintf(stderr, "Username and/or password too long! Max. %d characters.\n", USERBUF - 6); + fprintf(stderr, "Make a different choice, please.\n"); + abort(); + } + else if (stringlength(username) < 2 || stringlength(password) < 4) { + fprintf(stderr, "Username min. 3 characters and password min. 4 characters.\n"); /* TODO ADJUST THIS IS FOR THE FINAL */ + abort(); + } + + /* PREREQUESITES AND MEM ALLOC */ + sqlite3* Db_object = NULL; + char* errormsg; + // gcrypt_init(); /* initialize mem manager and stuff so lib doesnt complain */ + + login_data_t container = gcry_malloc_secure(sizeof *container); + + if (container == NULL) { + fprintf(stderr, "Could not allocate memory!\n"); + abort(); + } + container->username = gcry_malloc_secure(USERBUF); + container->password = gcry_malloc_secure(USERBUF); + container->hash = gcry_malloc_secure(USERBUF * 2); + + if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->password)) { + fprintf(stderr, "Could not allocate in secure memory!\n"); + abort(); + } + + strcpy(container->username, username); /* copy userdata in secure mem */ + strcpy(container->password, password); #ifndef HASH - strcpy(container->hash, password); /* SO IF SOMEBODY TURNS OFF HASHING IT WILL STILL WORK */ + strcpy(container->hash, password); /* SO IF SOMEBODY TURNS OFF HASHING IT WILL STILL WORK */ #endif - memset((void*)password, 0, stringlength(password)); /* fill the parameter with zeroes - its not secure - then it is */ - - int err = sqlite3_open(DATABASE, /* const char *filename - Database filename (UTF-8), defined in the header MACRO USED */ - &Db_object); /* sqlite3 **ppDb - OUT: SQLite db handle */ - - if (err != SQLITE_OK) { - fprintf(stderr, "Database connection failed, something went wrong.\n"); - abort(); - } - -#ifdef HASH /* call of the hashing function -> hash.c */ - hash_func(container->password, container->hash, GCRY_MD_TIGER, GCRY_MD_FLAG_SECURE); // TODO XXX change 6 with 306 - fprintf(stderr, "Trying to log in as \n'%s' \nwith hashed-pw \n'%s'\n", container->username, container->hash); + memset((void*)password, 0, stringlength(password)); /* fill the parameter with zeroes - its not secure - then it is */ + + int err = sqlite3_open(DATABASE, /* const char *filename - Database filename (UTF-8), defined in the header MACRO USED */ + &Db_object); /* sqlite3 **ppDb - OUT: SQLite db handle */ + + if (err != SQLITE_OK) { + fprintf(stderr, "Database connection failed, something went wrong.\n"); + abort(); + } + +#ifdef HASH /* call of the hashing function -> hash.c .. change to GCRY_MD_TIGER1 */ + hash_func(GCRY_MD_TIGER, container->hash, container->password, strlen(container->password)); // TODO XXX change 6 with 306 see above for enum decl + fprintf(stderr, "Trying to log in as \n'%s' \nwith hashed-pw \n'%s'\n", container->username, container->hash); #else - fprintf(stderr, "Trying to log in as '%s'\n", container->username); + fprintf(stderr, "Trying to log in as '%s'\n", container->username); #endif - /* turn off self-supplied SQL if a null ptr or empty string is supplied */ - - /* SQL STUFF AND BUILDER */ - char sql[LARGEBUF]; - if (own_sql) { - if (longstringlength(sql_statement) >= LARGEBUF) { /* FUNC MACRO USED */ - fprintf(stderr, "SQL statement too long. Max. %d characters.\n", LARGEBUF); - abort(); - } - if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { - own_sql = false; - fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - } - - /*if (sql_statement == NULL) { - fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); - abort(); not possible as for convenience, this is turned off if a null ptr is supplied - }*/ - if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ - fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); - abort(); - } - /* SQL OK copy it into our string - dest array should be clean so string isnt garbage */ - memset((void*)sql, 0, sizeof(sql)); - strcpy(sql, sql_statement); + /* turn off self-supplied SQL if a null ptr or empty string is supplied */ + + /* SQL STUFF AND BUILDER */ + char sql[LARGEBUF]; + if (own_sql) { + if (longstringlength(sql_statement) >= LARGEBUF) { /* FUNC MACRO USED */ + fprintf(stderr, "SQL statement too long. Max. %d characters.\n", LARGEBUF); + abort(); + } + if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { + own_sql = false; + fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); } - else /* use default sql string builder mechanism (fast and convenient and safe) 1 call per login/username */ - build_sql_string((const char*)container->username, sql); - - /* DATABASE CALL */ - err = sqlite3_exec(Db_object, /* An open database ![IMPORTANT -> callback is called for every ROW]! */ - sql, /* SQL to be evaluated */ - callback, /* Callback function */ - /* int (*callback)(void* freeSlot, int numDbEntries, char** DBEntries, char** ColumnName) - - * arg1 is a free pointer specified by the sqlite3 calling convention interface - - * I put the data to compare against in here (could be unused too) - * arg2 NumDbEntries retrieves the count of entries in that row, - * arg3 DBEntries is an array of strings of the data in that row and - * arg4 ColumnName is an array of strings representing the column. */ - (void*)container, /* 1st argument to callback */ - &errormsg); /* Error msg written here */ - - if (err != SQLITE_OK) { + /*if (sql_statement == NULL) { + * fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); + * abort(); not possible as for convenience, this is turned off if a null ptr is supplied + }*/ + if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ + fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); + abort(); + } + /* SQL OK copy it into our string - dest array should be clean so string isnt garbage */ + memset((void*)sql, 0, sizeof sql); + strcpy(sql, sql_statement); + } + else /* use default sql string builder mechanism (fast and convenient and safe) 1 call per login/username */ + build_sql_string(sql, container->username); + + /* DATABASE CALL */ + err = sqlite3_exec(Db_object, /* An open database ![IMPORTANT -> callback is called for every ROW]! */ + sql, /* SQL to be evaluated */ + callback, /* Callback function */ + /* int (*callback)(void* freeSlot, int numDbEntries, char** DBEntries, char** ColumnName) - + * arg1 is a free pointer specified by the sqlite3 calling convention interface - + * I put the data to compare against in here (could be unused too) + * arg2 NumDbEntries retrieves the count of entries in that row, + * arg3 DBEntries is an array of strings of the data in that row and + * arg4 ColumnName is an array of strings representing the column. */ + (void*)container, /* 1st argument to callback */ + &errormsg); /* Error msg written here */ + + + if (err != SQLITE_OK) { // ^^ er == 4 ? callback returned 1 (or any nonzero value) // fprintf(stderr, "SQL notice: callback requested query abort because a match was found.\n"); old logic part - fprintf(stderr, "SQL error: %s\n", errormsg ); // sqlite3_errmsg(Db_object) - sqlite3_free(errormsg); - } - /* clean up the DB connection */ - sqlite3_close(Db_object); - - /* BUFFER FLUSH */ - memset(container->hash, 0, USERBUF * 2); - memset(container->password, 0, USERBUF); - memset(container->username, 0, USERBUF); - /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, - * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ - - /* release the memory - no data left in RAM */ - gcry_free(container->hash); - gcry_free(container->password); - gcry_free(container->username); - gcry_free(container); - container->password = NULL; - container->hash = NULL; - container->username = NULL; - container = NULL; - /* set ptrs null, username is the only variable left intact -> see above - * the whole login_data_t container is now overwritten - also the passed password argument (around line 104) */ - - /* print messages concerning status */ - if (!isRegistered) - fprintf(stderr, "Username '%s' not found in DB.\n", username); - /* if someone is found in the DB, but not logged in he can only have supplied a wrong password */ - if (isRegistered && !isLoggedOn) - fprintf(stderr, "Wrong password for user '%s'.\n", username); - /* msg for logon for logfile and display, watch the supplied stream args */ - if (isLoggedOn) { - fprintf(stderr, "User '%s' logged on succesful!\n", username); - fprintf(stdout, "Welcome %s!\n", username); - fprintf(stdout, "Have a nice stay.\n"); - } - - /* magic global indicating our successful login (gets set in the callback) */ - return isLoggedOn; + fprintf(stderr, "SQL error: %s\n", errormsg ); // sqlite3_errmsg(Db_object) + sqlite3_free(errormsg); + } + /* clean up the DB connection */ + sqlite3_close(Db_object); + + /* BUFFER FLUSH */ + memset(container->hash, 0, USERBUF * 2); + memset(container->password, 0, USERBUF); + memset(container->username, 0, USERBUF); + /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, + * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ + + /* release the memory - no data left in RAM */ + gcry_free(container->hash); + gcry_free(container->password); + gcry_free(container->username); + gcry_free(container); + container->password = NULL; + container->hash = NULL; + container->username = NULL; + container = NULL; + /* set ptrs null, username is the only variable left intact -> see above + * the whole login_data_t container is now overwritten - also the passed password argument (around line 104) */ + + /* print messages concerning status */ + if (!isRegistered) + fprintf(stderr, "Username '%s' not found in DB.\n", username); + /* if someone is found in the DB, but not logged in he can only have supplied a wrong password */ + if (isRegistered && !isLoggedOn) + fprintf(stderr, "Wrong password for user '%s'.\n", username); + /* msg for logon for logfile and display, watch the supplied stream args */ + if (isLoggedOn) { + fprintf(stderr, "User '%s' logged on succesful!\n", username); + fprintf(stdout, "Welcome %s!\n", username); + fprintf(stdout, "Have a nice stay.\n"); + } + + /* magic global indicating our successful login (gets set in the callback) */ + return isLoggedOn; } /* small function to build the matching @@ -203,14 +194,14 @@ bool login(const char* username, /* username */ * arg2 is to where to write the string * already in auto use of the login function if third param is false (of the login func) */ -void build_sql_string(const char* username, char* dest) +void build_sql_string(char* dest, const char* username) { - char sql_string[LARGEBUF] = ""; - strcpy(sql_string, "select * from users where username = '"); /* users is the name of the SQL table */ - stringconcat(sql_string, username); /* FUNC MACRO USED */ - stringconcat(sql_string, "';"); - memset((void*)dest, 0, sizeof(dest)); /* clear mem where sql string is to be written - so theres no garbage */ - strcpy(dest, sql_string); + char sql_string[LARGEBUF] = ""; + strcpy(sql_string, "select * from users where username = '"); /* users is the name of the SQL table */ + stringconcat(sql_string, username); /* FUNC MACRO USED */ + stringconcat(sql_string, "';"); + memset(dest, 0, LARGEBUF-1); /* clear mem where sql string is to be written - so theres no garbage */ + strcpy(dest, sql_string); } /* Example main ... this is intented to be a "library" - only a glue code @@ -219,27 +210,27 @@ void build_sql_string(const char* username, char* dest) int main(int argc, char* argv[]) { - /* get user data - change this so it suits your needs - try to use secure storage */ - if (!argv[1] || !argv[2]) { printf("please supply two args\n"); abort(); } - char* user = argv[1]; - char* pass = argv[2]; - - /* login -> returns a bool indicating success */ - bool logged_on = login(user, /* self expl this variable will come back unchanged */ - pass, /* this variable will be garbage after the login */ - false, /* own sql statement suppplied as arg4(true) or default func(false), I'd go with this setting */ - NULL); /* sql string like "select * from users;" or NULL pointer for default func */ + /* get user data - change this so it suits your needs - try to use secure storage */ + if (!argv[1] || !argv[2]) { printf("please supply two args\n"); abort(); } + char* user = argv[1]; + char* pass = argv[2]; + + /* login -> returns a bool indicating success */ + bool logged_on = login(user, /* self expl this variable will come back unchanged */ + pass, /* this variable will be garbage after the login */ + false, /* own sql statement suppplied as arg4(true) or default func(false), I'd go with this setting */ + NULL); /* sql string like "select * from users;" or NULL pointer for default func */ + + if (logged_on) + { + /* log-in succeeded - do what you like here */ + return 0; + } + else + { + /* log-in didnt succeed, handle it how you like ... (call main again whatever) */ + return 1; - if (logged_on) - { - /* log-in succeeded - do what you like here */ - return 0; - } - else - { - /* log-in didnt succeed, handle it how you like ... (call main again whatever) */ - return 1; - - } + } } From 18389926b2425507ce980b836607f617f0b3a82b Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:01:04 +0200 Subject: [PATCH 018/113] Update hash.c --- hash.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/hash.c b/hash.c index b2ba9cc..555322c 100644 --- a/hash.c +++ b/hash.c @@ -1,18 +1,9 @@ /* * new modular hash function for the sqlite3 interface - * by David Schuster © 2016 * - * + * by David Schuster © 2016 */ #define _GNU_SOURCE -#include -#include -#include -#include -#include -#include -#include -#include #include "login.h" From 56b006814a3421cc1e72b931df997ba8d30b998b Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:02:08 +0200 Subject: [PATCH 019/113] Update hashit.c --- hashit.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/hashit.c b/hashit.c index 9020bf3..af93f6b 100644 --- a/hashit.c +++ b/hashit.c @@ -6,14 +6,7 @@ * file: hashit.c (hashing-utility) */ -#include -#include -#include -#include -#include -#include -#include -#include +#define _GNU_SOURCE #include "login.h" int main(int argc, char** argv) From 8469acb3962482aa02a98ae4a66ec72f62828f7a Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:03:39 +0200 Subject: [PATCH 020/113] Update login.h --- login.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/login.h b/login.h index fa1b136..3df1594 100644 --- a/login.h +++ b/login.h @@ -66,6 +66,6 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons void build_sql_string(const char* username, char* destination); /* this function calculates a string which represents * the hash of the user's password */ -char* hash_func(const char* value, char* destination, int algo, unsigned int flags); -void gcrypt_init( void ); +void hash_func(int algo, void* digest, const void* value, size_t len); +void gcrypt_init(void); #endif // _LOGIN_H_ From 07e1ad1a0c4a4b5d1b6dd48189e28561d9afed30 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:05:02 +0200 Subject: [PATCH 021/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 3df1594..b3c8cc7 100644 --- a/login.h +++ b/login.h @@ -63,7 +63,7 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons * sql string for our purposes * arg1 is the username * arg2 is to where to write the string */ -void build_sql_string(const char* username, char* destination); +void build_sql_string(char* dest, const char* username); /* this function calculates a string which represents * the hash of the user's password */ void hash_func(int algo, void* digest, const void* value, size_t len); From 1ff7a9b6a1e5c446e6bb3f835412f379324c60a6 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:10:16 +0200 Subject: [PATCH 022/113] Update README --- README | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README b/README index 75703c6..04b5887 100644 --- a/README +++ b/README @@ -35,7 +35,8 @@ all this is fixed now If you have problems setting this up - contact me! I cannot promise that I will answer because my inbox is always really full. The string macros supplied use GNU extensions or BSD versions of the standard implementation. (strlen, strcat, strcpy) - --Wno-pointer-sign -funsigned-char were used tho compile this with gcc before version -4.5 I guess - the code was fixed or the compiler or both. -(This code is under development since quite a while) + + Friday, 14.10.2016 - COMPLETE REWRITE OF MODULAR HASHING SYSTEM + +This software now produces the right digests. Sorry there is no test database but everything should be working now. +Thanks, David From 420a4b2de45545204b395131096b1093c12d4b37 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:15:22 +0200 Subject: [PATCH 023/113] Delete ex1.db --- ex1.db | Bin 3072 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 ex1.db diff --git a/ex1.db b/ex1.db deleted file mode 100644 index 156d4e220f0f1dddfdabb0c2430551fc5e34fcb9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeH|%}xR_5XZZW(SX4VF&pHviW&%-(B19=H_>pz#1A}pFs8emMj{Kc3mCm|@m+ib zAHhfP>d6PtyM;&uF2*CtHf=Ni>9o`Sl1a}`>&+e-vJ?2cXINy3Xc{>%3_?go4Nzm! z;>yq_V$Pm&&zKpq|GtrgClUijfWh<3Y9t~83rOH3wyYNl+GUTsEeyLYRY2DvcKg`& z<|Q1R)vAq}(WoBQYsOq`uFZYiQ#h3TxeJ*q?*_eF z3}{hu%Mq@N98E55l*nvmmzi{#S2l&Tgyk`hIXjT@ecqN-uo9)rv4m^UG8NK86CGPP zjJa-w+a*hKSu9h;60M-Kwhek(@Ih1f52MOn%g*ZL7Obc5F~ENNQT4 Date: Fri, 14 Oct 2016 00:15:37 +0200 Subject: [PATCH 024/113] Delete ex2.db --- ex2.db | Bin 2048 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 ex2.db diff --git a/ex2.db b/ex2.db deleted file mode 100644 index d303d3ea747608553438d37764d11074c609a487..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2048 zcmWFz^vNtqRY=P(%1ta$FlJz3U}R))P*7lC05TaEn1C1t7=a8Bh5=+YObnf7VbFaf z#S0W=WM07lM5ACd1V%%Ej1UN8WEU3~XKdsyNleN~EiFzhDh3lw&Oxq@A+8D`j!r(V z3Sc1(E)bQMn479lmROXWkyxZ*YM`mZRghR*T%KQ)f-I^D%A3s0=NXvaGd~7WqhK@y zMnhoehJX+=v$$d|FxTg+Bo?J6<`k5hS#mKkiwY-JrIr{P8S^tTi%X{@mSv`tWTb)$ F1ORmJHH-iN From f70854bcbeae009b95e1e8e4a612ab57e49003b3 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:15:54 +0200 Subject: [PATCH 025/113] Delete ex1.db --- build/debug/ex1.db | Bin 3072 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 build/debug/ex1.db diff --git a/build/debug/ex1.db b/build/debug/ex1.db deleted file mode 100644 index 156d4e220f0f1dddfdabb0c2430551fc5e34fcb9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeH|%}xR_5XZZW(SX4VF&pHviW&%-(B19=H_>pz#1A}pFs8emMj{Kc3mCm|@m+ib zAHhfP>d6PtyM;&uF2*CtHf=Ni>9o`Sl1a}`>&+e-vJ?2cXINy3Xc{>%3_?go4Nzm! z;>yq_V$Pm&&zKpq|GtrgClUijfWh<3Y9t~83rOH3wyYNl+GUTsEeyLYRY2DvcKg`& z<|Q1R)vAq}(WoBQYsOq`uFZYiQ#h3TxeJ*q?*_eF z3}{hu%Mq@N98E55l*nvmmzi{#S2l&Tgyk`hIXjT@ecqN-uo9)rv4m^UG8NK86CGPP zjJa-w+a*hKSu9h;60M-Kwhek(@Ih1f52MOn%g*ZL7Obc5F~ENNQT4 Date: Fri, 14 Oct 2016 00:17:05 +0200 Subject: [PATCH 026/113] d --- build/debug/test | 1 + 1 file changed, 1 insertion(+) create mode 100644 build/debug/test diff --git a/build/debug/test b/build/debug/test new file mode 100644 index 0000000..7898192 --- /dev/null +++ b/build/debug/test @@ -0,0 +1 @@ +a From d2dde3c118d40ea3da68dde34ea1473f7b817d3d Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:20:10 +0200 Subject: [PATCH 027/113] added new database --- ex1.db | Bin 0 -> 3072 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 ex1.db diff --git a/ex1.db b/ex1.db new file mode 100644 index 0000000000000000000000000000000000000000..156d4e220f0f1dddfdabb0c2430551fc5e34fcb9 GIT binary patch literal 3072 zcmeH|%}xR_5XZZW(SX4VF&pHviW&%-(B19=H_>pz#1A}pFs8emMj{Kc3mCm|@m+ib zAHhfP>d6PtyM;&uF2*CtHf=Ni>9o`Sl1a}`>&+e-vJ?2cXINy3Xc{>%3_?go4Nzm! z;>yq_V$Pm&&zKpq|GtrgClUijfWh<3Y9t~83rOH3wyYNl+GUTsEeyLYRY2DvcKg`& z<|Q1R)vAq}(WoBQYsOq`uFZYiQ#h3TxeJ*q?*_eF z3}{hu%Mq@N98E55l*nvmmzi{#S2l&Tgyk`hIXjT@ecqN-uo9)rv4m^UG8NK86CGPP zjJa-w+a*hKSu9h;60M-Kwhek(@Ih1f52MOn%g*ZL7Obc5F~ENNQT4 Date: Fri, 14 Oct 2016 00:20:54 +0200 Subject: [PATCH 028/113] added new database --- build/debug/ex1.db | Bin 0 -> 3072 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 build/debug/ex1.db diff --git a/build/debug/ex1.db b/build/debug/ex1.db new file mode 100644 index 0000000000000000000000000000000000000000..2c12f2f12d96b1a826d1e2cb27c48b0957a8c65a GIT binary patch literal 3072 zcmeHI%}x|S5boI`%1@RHZYBf{BZ%$>Os1!MdU|gn*&8N`c<^9M|5OJev%t(Q1a4e- z7v4Z0!AI~7yqf6Uo(%+cFP_a#r>pW+^-ra~&X<1wZufA2kvlGOHHa9QAwfW1MG+xn z)f;%b8*?56cfkaHkRF4p3_jIGu|&A@-iz}v>7aC0;GI8gcs%hMw- zpwA_q4zX`0L)h8tZSVJ@{q5Jgy=Y=@yRUNG@+UiFj?PqJ4ph-jcn4n0l;9TpjN;Bq^ zizP+OXcxueGYFThIy|#_l@^R8 literal 0 HcmV?d00001 From 98bfb8b403f0bc1fc992a5d5fb7f4a64e02d0489 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:21:22 +0200 Subject: [PATCH 029/113] Delete ex1.db --- build/release/ex1.db | Bin 3072 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 build/release/ex1.db diff --git a/build/release/ex1.db b/build/release/ex1.db deleted file mode 100644 index 156d4e220f0f1dddfdabb0c2430551fc5e34fcb9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeH|%}xR_5XZZW(SX4VF&pHviW&%-(B19=H_>pz#1A}pFs8emMj{Kc3mCm|@m+ib zAHhfP>d6PtyM;&uF2*CtHf=Ni>9o`Sl1a}`>&+e-vJ?2cXINy3Xc{>%3_?go4Nzm! z;>yq_V$Pm&&zKpq|GtrgClUijfWh<3Y9t~83rOH3wyYNl+GUTsEeyLYRY2DvcKg`& z<|Q1R)vAq}(WoBQYsOq`uFZYiQ#h3TxeJ*q?*_eF z3}{hu%Mq@N98E55l*nvmmzi{#S2l&Tgyk`hIXjT@ecqN-uo9)rv4m^UG8NK86CGPP zjJa-w+a*hKSu9h;60M-Kwhek(@Ih1f52MOn%g*ZL7Obc5F~ENNQT4 Date: Fri, 14 Oct 2016 00:21:52 +0200 Subject: [PATCH 030/113] Delete ex1.db --- ex1.db | Bin 3072 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 ex1.db diff --git a/ex1.db b/ex1.db deleted file mode 100644 index 156d4e220f0f1dddfdabb0c2430551fc5e34fcb9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeH|%}xR_5XZZW(SX4VF&pHviW&%-(B19=H_>pz#1A}pFs8emMj{Kc3mCm|@m+ib zAHhfP>d6PtyM;&uF2*CtHf=Ni>9o`Sl1a}`>&+e-vJ?2cXINy3Xc{>%3_?go4Nzm! z;>yq_V$Pm&&zKpq|GtrgClUijfWh<3Y9t~83rOH3wyYNl+GUTsEeyLYRY2DvcKg`& z<|Q1R)vAq}(WoBQYsOq`uFZYiQ#h3TxeJ*q?*_eF z3}{hu%Mq@N98E55l*nvmmzi{#S2l&Tgyk`hIXjT@ecqN-uo9)rv4m^UG8NK86CGPP zjJa-w+a*hKSu9h;60M-Kwhek(@Ih1f52MOn%g*ZL7Obc5F~ENNQT4 Date: Fri, 14 Oct 2016 00:22:54 +0200 Subject: [PATCH 031/113] added new database --- ex1.db | Bin 0 -> 3072 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 ex1.db diff --git a/ex1.db b/ex1.db new file mode 100644 index 0000000000000000000000000000000000000000..2c12f2f12d96b1a826d1e2cb27c48b0957a8c65a GIT binary patch literal 3072 zcmeHI%}x|S5boI`%1@RHZYBf{BZ%$>Os1!MdU|gn*&8N`c<^9M|5OJev%t(Q1a4e- z7v4Z0!AI~7yqf6Uo(%+cFP_a#r>pW+^-ra~&X<1wZufA2kvlGOHHa9QAwfW1MG+xn z)f;%b8*?56cfkaHkRF4p3_jIGu|&A@-iz}v>7aC0;GI8gcs%hMw- zpwA_q4zX`0L)h8tZSVJ@{q5Jgy=Y=@yRUNG@+UiFj?PqJ4ph-jcn4n0l;9TpjN;Bq^ zizP+OXcxueGYFThIy|#_l@^R8 literal 0 HcmV?d00001 From f2c15f0567ef3d3a85beab0356c5e1cbf6fa7b0c Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:24:28 +0200 Subject: [PATCH 032/113] Update README --- README | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README b/README index 04b5887..0b712ad 100644 --- a/README +++ b/README @@ -40,3 +40,5 @@ or BSD versions of the standard implementation. (strlen, strcat, strcpy) This software now produces the right digests. Sorry there is no test database but everything should be working now. Thanks, David + +p.s.: maybe try "user" as first program parameter and "test" as second - it should work (= From 34ec087c0ef43419b60d1cc73d05ee774565372c Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:24:46 +0200 Subject: [PATCH 033/113] Delete test --- build/debug/test | 1 - 1 file changed, 1 deletion(-) delete mode 100644 build/debug/test diff --git a/build/debug/test b/build/debug/test deleted file mode 100644 index 7898192..0000000 --- a/build/debug/test +++ /dev/null @@ -1 +0,0 @@ -a From 5dbd7f1edc3200a5fb60d5943a1ef8ecb53463a7 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:28:34 +0200 Subject: [PATCH 034/113] Delete c-app.rls.tar.gz --- c-app.rls.tar.gz | Bin 61477 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 c-app.rls.tar.gz diff --git a/c-app.rls.tar.gz b/c-app.rls.tar.gz deleted file mode 100644 index ceef027394be47eabaca1554c53b1b5b1271d5ed..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 61477 zcmZ@q}f4ZuB zX3h}Dz=5I4p(=qvUIxIs6AU+7FG;5YxmF#z03pxONG$^Fcn-n+MH#7r9Ck=HU=)YDj7DI$M8aj|gl9lQHTO3#(I7P7z+50LN1cYDjsr^;N zB@FcqK|Yk!-ecJqBUbLjSH4KXzx2rA^JoHdl?{j2>!bDE=aLqMOwMkBaZ}8&Rln-} z+m3v8vsqQbIP5_AkGAGnmhPqZa>}yW#Nkmf>OyxCXr%&CP1Z4#)x(~lg}5;RT^8tq zBk|=GAB1D@z4bF+&fdnRV*eYUprA0NQ2OnJ!Ugz#;fBuKe)|6A{$iTnCnSI-VVHL670IM=b0 z!$uGyFHz+i(*!iPJVp%Z9BILan7N3cwsm(OV zzOrf>Jns*gn(AKybXUT_MgUuC*SFWZDtK3w>A0ZM6{B~dgGOGF`KQtNW~jPQNj~G! zuD=Xk2O2ZNq~M$L5wA5U&x zpJ$mb!e2c#;jK3THohAZepo^u6WFC%l`kbEw>a3KgCW8lz3|=|gs*El*XgnW;_89C z+R$&kAD|13Tj8ouW{tU%ak^Lhirrpq=x+es>qNz=o6?W3jf!0>46`u4$0{;mZRjAm zAD~ORBbbWaCAxR}8nW+DI@caU=zq%w%KQKcMRVzj{QCBX!9Vz9jW&BI8La)7ZoT`~ z*uD7l1QA!zRWV#z2^tASlo;ZM*!3TXcgPVmg!y9{Mzo zoKq`@CHC;I5R9R{z5Z*}a%HkmqZ?d?R0IiP93q;mwt;7{c=-RM5C*Acxpl#gg?2~S z-YQ^X9zWnA-qD6!hl#q?PeT&q^L?K}{utt1ZwqLja;j_rK7Z0Q)mod9;QV)}>eIx+ zr%S*o^BK-IGs_Rx!NQ<6l<$NOeI);D<(H^(T@?ZxQ-5Z;)IK9>=1f%~OyAS6?6dJ_ zCj8+Q?wY79c~M>V86+aW#gA#$uSGxq#RC-yLpv!pbxhf$OdU)-)sJ);C@@&Y8mvqT z^X#4`L%hqV)_CFe%on@tB+H3U?Z+3Hp=;PK zjKGXZ=8*++)2Z@UqX9pPF0ws43Xng%5&fP9JTp-43BxcB+aDvaAD~sFf;7t&#jcq>jNcd4kIuoERFgN9bQ;`z$xuEI&6n>&r0@{o}%kgt2Xtv zkphH_5f~TND>E>Ya?36E>Vxs62`_9ku*0;6E&b|8339>sGJ)?^9w1J*1Zd9DdK?P!?!asu(Lh#?yJT8m^q+QT5k+}j$ zK@&BiIGvyZNTePNlgsnSYl~Y-I5TWvcY1&qS**dwtO63zPn^!jf=XPFVOTvq@%r%Y z6kO4Iq$G|%*TAX=YR=3q(!i<(Y6-4C*1)O;YPE$k|G?@`)HfV|x`91k+oOv%6OH zg%pUp$NO*kq91V6`NRcDg`L#@i)e+Lv3jz)WkxgXJD=GlCi7>g6b9T#z4H8v+=;ps z(+mp!oB@smedV6M5*Kym1+wPET=l;6-Py^we+Ss$=`@8iPKTw9Jg6t}~j< z5@ie1w)CC}g!($hm+p;(_`c+^aJ{P6prI4%J-o{69)s=q!D9_Um;PbbevMQeA3Asr zeqBvXP9st1m+mj~r?15VEQGnAfHwg-YD*hG|HpV#1=}#G=;0iF7?M9 z&K}GH0)|%q$txu24xgEiK*3QS(4h~ibB+k5kvnJraA2k+1$>B?0%F1v&2Lko+C&zR zTp7FT`?>T+h;sXQ+Q&cpK1Q4dC@o9aH35tK()-*(E{0EuNC7?eBQ;AFleHd z&ewhzCmdP7-+ef}h%Wvh{C>+>MP{9+qDd5^XI+*eGUn`gZHFW(-Xsh!EIioJK^%Jx zIej%G7SMNDJG*sqa#y-)@J%)H+X`}WpRpMAo6#k`6aIq6_3GX3xYEwAN}&}-ORl!s zLjP&-EWchw)cbIeMO- zx5N^E{Sb!~WJwC*(0P66^I?e|cri+aK`&c+ak(Y1m%u$p%ZYDU3*e?QM;aD%Cc}Pd zLi5UIxK^XN&T}FV0tKia?IO~6g94S~qj0r&-d$k%u0Fq*hITH7=tmB6n-QXgK~&FC z_hVGRFTjk;qCm_-%&8GOhuSMn0Sj*;eb=PsH+TJ)6U)IpXjXIO9;Ls-BzvyL;3IV? z^e4-{ZSI`q2XVKFdT2qEND#`LU&imE1Jr;ZUK%%N#@!KSe5l3i&O0Mj$pG#=lJ~k< zZjy^mn5XW&ygzK@e-gXANOp2OLf`yujWLR_@?2+9F?I6%ue=##ABU&%r)oOuSCVkk zOk-g{JQ&yQYlFkxVZ$};aQW2}H*HaJuPD-OZfU^n$`e2_ptft8FD`z`t|Ni-fXnr) z+w8Bv5DfM)F@LVsb8y)uUwea%qhX%?c7ISqjbN0=6;`62hR?Oy(Izk-OT3o7G2Xe6 z{pnhsJz|AqkbX`t-$A8kY;fI!{Lt64V3G3KkY1(NV9 z?D%AEeQNy9N=`KaSm2~5ke7~qe^hMAvKMG%^>mG4;1BI|-2@i&(Xsi%M1L~~HIC?d z9T?Q}L5tUYnRuT}FEF?Dval6Ygmfahx!B_(;p_Q5HJH#Go49A|^w_Th$c7X}4NeOGFO2q&k4(#)i?Chox0O2C_l(WZr_Q-Xq}E!{tvl}U z`^*>yOy2>8^S5q`M7_u`%srT~FyPi@#33n8Sd+5Ts5os~&(IYJcN4(Otjw5alup1Mo?99%0EBSmyVIJ5%k_hoxZMu8;2%5 z8`l1M`wyI+fGErT_9`u-7_y67e04PM2NH3S--zLm@;!>ByqO_ExMrsq|KxuAm_S07 zJHLf!CN8~GNZ+F+&3EY?h#H8=E%9O(>(cv7&>G>{$SX)uN5`PPe7%*_YofHDG}pa; zwb`%(b~Ms_;%W3sfSU!;?kJU$^NN5}YJBSRYIf>Y~1~7+Wt|zb4L#i5KXd zGdJ>$S|Y~j^1D}(@(V<-9@`N(;7VV@K$Y@Csp>8iP+Q9ydHphhyYjSC62JW72z&i& z^Acwm4=ux|fWek!Xt{0*dL+YnFkCj&o^JCDKInyh%_BZczTiD_S?&h=nvi3F8~S?X z8Hn#Tmkeq=aZa1-7^Qso1Aj%yeJU*C_3EM_0>5k>45Ur@fIcl!{N!HbJR;lXb}Y{S&Q8k6&6v616gAtzakqXR9EK zFDA25XC{B>M>x5(J~Dga8MG&Haelu7YQ3lnzh&b6k-+Eq^htFcx4}O zF7PT?n)syI-x-mC3N;srVfmetPpIwj?$!Hdp1R0SD?m;~#{Z_F))?XyaCdhL~=5+H_Ie zu%5ZL`iZmY(|;Dxba?Ox+H3DFS6fQ>BHZIG7mp&gn?iHa|0+;f%Isl_kj|4l>8D3o z=Vs&2EBZL(7bdpW*ZY!zQ|A|D(JP{B0|NpLsSddkhhY`}yOJ^#tjG`S@~G=8(+A4La)htS6wVeA%mmR^T zQ9syK7EEt`eH+L@x*ea^HiV5&#6+obu|Ja zrpIL1=s`NiLTq2HijsZhkZ!{w$H7c{{BT?RAEUpoMZ|D_&&B_APg^XfW~9$4RPACXzesxX_76vJ(89r^y+KpJzb2AA$PeHp!i|U-r1TeumIXVK ztT$CA%&JHrH1Wi7t>~ySU+uS-()9XoiVs7VVje{vKcmpn?OD{uEFrwUD7FhcpYWr= z*Z6y0TS=*4k(&!H+>rt4S%h6A3QXeesoc>6hwnez7D%XM1i-BA`IzmFwac$4rt*yz zkrlHU`9{ujnZx3RuuuMchc$Y^30XBwB^^yRyyMaLDK;Zx{@9!YTg5>)!))i=5Bedk zgzb0G-k_G~yAIBmQOKij`b!Yf8LAP#KhBoYf0~?9Ax41^SZ$)xu;2f>qxMBUw|su~ zFh{LZ7b%5jL*&a!%&{VqQ&VgV=( z9X+!~{~Dgy;KYZB!iDerg**S-tU;pI$AyiJgwSiAC>X6Far_a+c2*enTM*%?eU>VS zKPlc<2<{uYAXjTy`f+cIlQSc;yzjq(DXl|s{>?By2pX$TjU=Ypg}=31f^UPls7sgC zPwom*euaX!Rm+H;e`e&iKmA^AwtBt3|F3Z#6gh0fx%yh9G0zI?-{Q@(ea5 zd3`-ad9KmTPyF=Fk?tj#-;j7ukS6|dmiP0$Li!@^_)I^M3EQSonqQ(rv^aol>;Gd8 zc_F&}?9eZs?wxjiRc{vR^|5agXyFrL*%Z`O2Ov)&e`z?FA+5EA4w_T4>c+PU=9=yA zJZbby?SZ(LaY05peQ&i@E+^mGIkb6SnBJ!+;J(qi&|3|ChR{mFUk{ZFdpmeH<{+k` z2;Vf*{R{#KaL(qWA|##GY*OkR*zD%!B$$Ya1e1A6l6Cetf4@lOSumkMIAUs_i>?(k zD#ss(*)CMD!wg*j~GK@tDSyFGcBI1z;<_)JqWFpag&I-tRs@xbQZYXu)_`^Tt#@oWs5S1=5tSNN+CG=)&Pwdi{VH=%R2qqa0z1Eg) zpCk&))|%fUFMfE1nL+eK`R+)(GJx;McY}wmz`tsqKbgL{oLk*qEq>4p$dm?5{qZaJ zg1!HHCSC=CrOj~VrMtZ<_Ys+_?Z#AKyJ8-7!)`_4Q4Q+>{yxZg#$5b1bVLeY^oayB zI{C!ulQO~X_azMAyNL5Jyd*~YC=1DfUZn<0pYBNVnh#$+IR|4sQ>yLjWxq`nI}rrP zbVsu;Io62olH@0|*FSbdtj9yx9%DQ2PJ#$6Goosn{VaRJa4m&`?=6p6R^&IuvIH8T zW(=RXPLeZDz)u!4Hg3k+v_fKZuS#AkR!vCipL~ zvxAMb3P_O3gI7P>mGvPJq_Fo!{Y)}DRxMU z%V0gHhgarpgfDJCa#wj=L-Sy3oVe0KL4eh@58pxQN_2R$AwQYT&r9K z83f|gwxI&B=zi~J$7wmj*ih4O_YE9M9Fg~x)A8ao#w6#7x5uPNjy6lIMN_kmU)5>r zmil9sO{BnLp}GEmJqw6&|yO=CAspSE>v-dck3o2_pMcQ3FIVj9qB3Wmyg$` zVY+7C8_*oNQ~F_$+9e|`ej*)hki5xL@*;jV-us~W5~~QoKXvBOM2cL&l1Qfirj{8e z!8wMNz=d`oCL1>*T~kVq7tbN08c&IV_X(qE#M<{t7?-4ZmXdfwY#NA!)dCLf=Pr#=Kz*(W(Vkthcb2oz0r3Q0D?IN~V-*8Z9YrynrFw7_3{Rw?v{ zl@OLpMpnB;R4wTWOV~j>k}O+uigLvX`;4PW1HXqa>;fNo6;x3#yCMG70G9tvGVYcS zN|KoCt5ZTh!X$Z*myihw`IbmtAlX@vctc7*z=e|zezqz^3IYEXOBVRgFM$S_9c)BM zBMbuo{kVkC@JXdv@w+>eZ-;IWMjc&yohmC7?ZN)_2kP`^p#XTQcN9$?K5R(_1V60v2_;ED#cXo9j z=2;=Rlz6e{pugh?)+sY8M`Q{2J{2IMSP*mtXfY;llFkUyYzs*PTrVh!PB>ULD1#0= zn5k8{gs|xgK_d`xOsl*BtRd((U8Uvz--7Wa>ix9iai#o7e*hhA*%f!WEA=P{OT!Wn zx>GtH6fD>)p2FF9yP;!2yLj5E{)XWGyis79KToKPM)QrP(F0rfqIM*MTlRM7u3e^)O@%KWzpgJiX zU>~7IA9o-D1dy3W>ly$9E2J(-O1T7tevB>UmKau`cZnDSf?S(84Sz&QNlF@2$r-u^4c4^SU8x9 zFtQ0Tx)WnwNcu&@SNPTd+6Jep8+%?(nLZiu$RB5(Sgf@RZ~mZQ;R^6bRyN3)@P&9w z9MXh8A1~%hdFsbl93%RDK|%=rbwMf!JC9EifaLoIBxU$*5QE*u|(~wI4*q#896%5sz*pFGSLL5T8A$XS#JW-K$@-OfRAx1g|%d zk43viM8Qqqr>J7%3p&t#Fx)-#ppEOkqKWgk6-A;4t?Kd z(l=22AgBx2qwoLbg#lZEFlUvs%&5k~5PshT^Od68%p`=6A0Ui*l+(!GPkHB(mhu;BRI|V|@H`H}`d&$3OPoH3=UqZ6KgBKy6 z{4wTV#CrbLk&7bh9%!ht>^KznjRwP@2HLqN3vp-{9dSkb-M@Y%%A4w z$EDS->{py8;2i`x|3i7ZGT}Ub#cuVc|Ee41jIHiQxIRxbC;$?OyZE4RNlbELM1y+% zfK~hrHcix*>@gkbvFeB38J-Z#JaRpav+wZaF(E+}D^sQmB&<9$rJ)}{Xs*&N1!+TkJu>{gx_qxtt>19mU{kwS@i zu>iX>MB$>hJ?%J9LGCax{ljMeLcIhcdLQBjZeI%ioo=U9SwP)AD1$rVQf9CGR$LLi z#M)tdH{p$}picwFh+e0L+ZR~Gf6kRTQjnJX$Ze|=ctkHV1MqgmD00s!kT;^&;eiG8 z35yuyH9dUWYV!|3RUE#3`TU0(9Q`wnFzMjsYsi&eSzo~mh;-5xMTBP}9F=UmIrQ5KiY`F;jzVDXvFK2`CH4i()F zFh9E1AMQeLHVdY+uy(0`Y!;@$Q1oXX zq)vY%S@x0R5Mdr>3dAhS=W!vkDHMYF#vfx)4O=#cZk6Idn7pRPE+n|D&snOBdjD5a zuk%aT7d>i97a6pWhM6pEhIN~RGF7>_j*zK?`WnvDWu+o_UIjB=lIyN+kF{*)Kv-y{ z#D@5=Ysz5_c>;0T+~>1Ea}0ICHOn6FirE@`250!GoiSKQY&9nQK(iQ75ZlN0b&}qz z*-&G;>VK@?h+_@rH#o_csi#)PvSHoJd)<<0=alL5T$KA6wUZsl0g`+Bffsf!M+nPRdwp}J)7{;y9kfW18Num{b^7G% zH`I4Q2H8lR5%TQzdhMPvA+Pa*)mQYg=;IKc)?;cD-C=o%qxwduwzsygcD^7UNv*&-Y?PN=hP<7{Xnl$Iqg?KD*f%TZLfC z9@S4tr&AE!RWQP^{ti}vo8^DX-FMy*5ytL8-a)~ZP4(-P`tadQXM5l6OF-)>D#n(S zf`yf}C~7h+BbwpnLOL}pu&d{&GhmK`<6?j}O6OwR^V_vF$%+{kHPro<{-%4znet8F={eA%9_e7wqPN%PQ8t}^WA<#ba9P^A`BI-Y?X{_}IU&%9B-(mi=#8~#N5 z0rw8_ld?#EyQVTCy4wsOW>dE4Joj~4Pt?6^mh;4;BTzHo1jmE4Jz_@ixk#YY{dut* z;GE}`WA#?$p(jW^Rk7xRb+$H>w{QXK7W-op@=erTQ zq5sul96a5<#Q(AI>*?7K*rmr?T|4b|&mfX}@LBOfG(+3iO)R>cS=1r$)F^-q6oNR_ zYD-sI668A8=?ISE1Nx=Cuy5D;t)$q-JsaMm&-~E|dW$(BcgOm;!Q-3h#QSPJ&9KV# zxx|n6Nu9KO>s5`6H-a_ajJD0Y|G`|F=QR_x~0CLEBP;*ZEtPA7*h&(Fq`G3 zU2tuAw7z^m@=xD+_d!n?E85%|{FQk1_$zgsL;z5Hmi^9aCtKs)0L^#Cjqd#_K0^rj zQ%_Zvq0l|p+3Lgm^o;n@II|$I(pgIU^#kr!bINVz?#nFCS&%2a+rVDhPcfHvbESGa zt4ptYh2`{!?@|3EROyutFyV1R%6#FCXrhY3eO(3Zce3#PH zm#omLs9IHy!iXzHx{gXzO8HQ^@p^t zhSN;hM$VsjuE8EKTi6G&Rl6w&MxJI*gb!xXhP4VmB|kSC zp}ZM3kl}15Lg!s9AiLUaGZLv33qvnJm<60nm5~5V2|X0H_VizWVa!E#NHNpIrfOq# zMa5|VG&C#Nta$~v{=*ALx)=1MJl2plXE%okN2F{|Rrmr^jn3LZ6r5{=M-dh_+sS9e zXGI+K0ZH88;)fRq^Kfy&D;-;R!#17b9uvX4@79EJCtp4YP|^q7XI*&GuX z9`RoA_koFJjAz@pOej<;&C~9GYb@CEofYG)aSh}m)X*7C_r=$$h)^g8b@jy}%+6?T zBldG>G1HVRAI{wAk`~DHr5V<2Fq++|Qsj=fN;olp$T@=bOl$vX)#JflA+NVD6RZKJ z{cG{3pp8f=d}YkEL03!H301T=I)bf$#kn1eSke4R{X<8yMPW?8OwQCGP2NFX>?HQc zy_!C)X%VRjNKw*Hm6)y}QKlw$Y))6HPUo-(7CH?fD{Z;7Q0~ouG(|KXUZi=gjp6EL z*<`;wWa3~kK`oNuPnWlpR1iib2lcQY{-<7Dbta-ncc8&oiXmqSb2iv_edwQBk7!zF zX*FGjlK;tLok}n-oG!z=$&POa1xoMlFUolr8i-5^)96d6!~%P^AC1boe>e@qZYCqy zG%3@g2FlxdNK>ODl`YDZtTV!(!_~&jB`-#;jsjDo*t1IaF%%~baa`5t@|rj`#bSo; z;nj+iT`?bvwVAM@fzy^hi&Tm|qbNzWn9MY^VnhIcU4IY`FH5yWrQ5h>_;XR0UqlSv znTB&;8L1f)kCO zXD=|PNJ%&hu5ZwcoaNK5P3xF|VO+=^A92mH&w*rQJ|nW5iD2X$aIGvN%@^c1%?KM5 z=*n7knGQt7iV1=24@_Hl?jmk>l$;!E#`c1q-vef`;Rg{yWV3sCiF2{JsVD5=ZCL$( z@Mivoi>>acFDUEOKUz}D^)K7zNf-YC>n5Zxjj&md9AiaxH4`%t*n`|}Cy z8vs+Db;Bqv>-}8iPtE!;K~{r8YN42rDLGsmR2*XqRWovNFy;>O7RzH)mczrvw*1H3 zIE6aL3dl*vjW&$9{mL{2l#jm)eHCLEjvr`M}T9&=0S(ExBh0R9-yEROpUcRP)!3WI`JxF zt=V4@5zwbovelYlXUqQ+n^wIULfV-x%gF-9UF?{we$0};g&nqTJm_RWj+Y+sMgEz0 zM^X1lxHmb#q4~;Jm-33QEa9VoUSOpSg%rk2qOv?rY-mS0d+mK zE?HBJ_A(J;HKNt0f-jB35+C}6rAk@ASIBBPJItI)xS3puTT2KyC6G(na<70^l4@7I z8Vu?^qYRYROTyNIS1bvvJST2-=km@AoHu^Dcv7th?_y!tj&aSIEI~OCczA)K92O1 z_c53p8>*K^rm6D?bZt3}N07Ifq^%_*1#T+iq~AEecShN1OcRNQXr&mA9Kn#59@<-5 z3KkWm+`g-!Ip2v|OlG2Mb+|;44wzryd2DWBPG(}qw2(GV&TWQ|H@}&JC<85$m=C1- z<<>Y|VR;yivM+{f?-%G$Aa;+p0IoQlk{llzX*EWdXo% zV95}3u(F)DYN}GhoaJ^TgE{zs^JqOGHsTH`V>rQMN!TN6VPX{ici5u6I_5B`{^|Mp z3hsQMT%Ia##1N2!4GQ11N%w=GR&E#GPq%6ECb5ZeaCU&{@1lfXDNgj%X?^4a*2t<3 zT2vC%x6p9e7I^UC@6O9-##nObBedwLA$#&$$4JmM!keY)r|vSpofU=8uNto{=S_;5 zvK#vO=UfhuN}SJD*q7A7&uS`cERv&&r?Hwc^3g#`GcMvr%gF9lF+i89n%n8Mu8P?c zaZHe5oTV4*Z`%uI%n)GkY^+B@U89LQxnB|-C2{d2Mjswz#RIFh_E+aM8jwDa zMO(6Lk$2+!1$xR|!}I&WDwHc5{Bh#ZD8_0AS4&es-&C{&itD-(mv-q7)_n1T`t#ac zh3VpEV<@zzU_0n>>z=>F=A*SP2F}L-(%Ug6S(g7KoY@oO4wsucP{P{vHA<0eX!zrP zNeOdUY)8htQ_oWS^>qS-o-*60W&@tUX*gM>VKTDO7EX>G<PO)gWyE~ z$i%Luq7vlB!zRACTQ&!MW7~Ag2Az^0lS^2tj7%l6 zCi906Tt`uI7u2Zb;oC@oil3A$0;bDCp9|WMDU;R7$p*3zti8j*PmV8qow(oZ)63Qi zxzHqF(g*2{yj;(qDNFIebsk#J;*vKKlX$Rvjmw0lyTl}J5gjBOd}URy=1BapU(2{I zj*fiTyQX)Ms+V(i;o??uv_xf5KdKK2>y!1LkP$c48c`kEQE@*$a6+VA5*$p-5W~1j z@9(5L8?#PUW0{A~TP*hjR?xrera0x$&0_g=`q0Oy;>qI4x1~!5bm+I|?FUCP^X%s| zwpoLUaI+~NTD&Abo*UVFUXv{=iXC9LdmJJl$Xmd%`>Tbuf0-8t_`>BK4oaPn0L3}8 zN`_S`*4iC__;`+5q6F56kmPSoCQ0K4d}|0eF?FwmSh#U-90&m{jyL%!cc?MqhZ)dT z_hE-2+Erd$JaqaIo=rP^iPJnN1+LyCP4?_bLK`#V>|`_wyiI)i$&Bqgsl;jw+JtZRMO z39FXlc|6pOHr^?hReBE$tm@LJJFCs(W73VT5x44awb+w1`AyAX??9b#If5XVs~=H7 z??8<|P6FR+c4OSR-}}w?d`I|A0F3xMP}Tp^q171QMjq&_jsu@O#xgf!@+FdU4rNiBUGAG8^ zKReDJ{S}|uz~WKNck8{jD4OqF2&-=gJ^j1yc?}FVA#wLz{Dy{PaW)hfkXmO}&S zoSP-e=I;E48CId-GVOGXX^u?Gjf1ST#cg<#H$xg^yDl3BVm%f-2Mnbv|MfC{ld)MJ z^W1!5(@#63cc0I7?vN;6K#eACcq>d}pQJGlnWxI0dvwn8hW${>F1Xqo1eI&CTZVL1 z(cp;rEEgL9K04~3gtQI8Mg%ZBuA#jhu9--T_{fbfz{IS8C;vO7f^RoMnkG$lXh3mE z6ricr@>o-m&x@GapffBZjf1#Ex2{`|qocfCQXI{9=wQ+Dhp?oR6Iy2ELGp^YoBx6O6lyl9#aaKqE@3H77~M=g`41QU zK4N?L7A`JW-Vk0tMH@sYJbXQfo{{6_Qe!zewaQvb$Ga{_GyQv~8fbV`q#UnLI{pi~ zrQQM8Z~|nr)_OvXINaeIWF} z#u$P8S-(~$t0z|N$g*ZMQ~WIqE;XCAsEl;*x$Ux^OuFmlH;7e?S~TQs3sGLM*fwwY z^(Jq7rAB?s371M!?HxM}ZAx~@GEB|UzCkL`+e7uv6mzynQn3W@c09MBt~ zzZH6xMM!4X=MU{{>}ae0@HV@1VJX31w*=QR&LWgPH3yGU5rckcHoHql_n)(v$fCZ3 zLRyxM*%|ahtG}>_n`HCr=vK`wenm7$QkgAT<(pkP3~ZJn47~fxPn^m0=*41?a>qqY9SKUvAS@oXfHUoBAwR}>rQm2p>hj5DB2ksWG_x1cG`;02jMvKRO zv^(ex5wQQx?Vg&serUdBmH4+%aWulSLi}Ev-#i4EL_+L)<~Yax%XZK#Ouu9=G0czHzGD$LlN5jsk$=y! zF&LjcA`&G|P`@#GER%I7SJc+B=Wpa$-7l`$k)3tC;Iqy(Y-`&gvP_UFQ5si_mP3>G zlP2UtolKv73l=UTr>dTFI3r*V&S4sfL`QFF`M)#gI!HTl{Evn8Ob7Kb{dGEi+AJp^ zUqmd-Eoc72J+G`Wdy)=hy$boQ>JL0UNP2sn4te6O!_fit5OBOG9yaY}mT!*Ja4sRe z0FVNgZVEz1(6p(EVd4dqX9iNJdb?%NYz5(rg*vLV!nFP7@@zc0ixpKGo#vNK0=M;y zU8QG{_$~iZ=lx6#agSEsFd;)A7A%H0MTph;opL8uD<+?6hJKY<(zKGY1Vdko;98&! z!`QYcI}Etr&T2$|TE+mcVDjXMJb~WX(b`{#dqX>(SfgaSOM*Y$K4|0C39N-y+!6B~ z-=nJ#QX^ObY%QA9_&oy);EAqM@~9S=p_$WRe3+zl_E1Q$9zawCarmh^5iSRv!Ogkh zQg_GF=q-`0diseM$Q*4qJr(X2vd&1~sQ~k5d#s6@vpR69t5D5{{vk>XgVb>yg+P>5 zID7gH$!3#(SLp7ZbCFRd2_SpbkqFopxp*qW7_U*GR0YwidN|KXsEz*TBs|a-G_xQ| zr#VB36ne8WLQavF_2thm263Mb9p)9YHTAaY-`-qu#+Y}H&MZ0OBOSl~YK1}!sU?V{ ztCDPzfM z0O0!X5VwIGXMqJ+?-jjP$(&mV2^kV*6?TBOs76Sr!x*{x;$rWIwTOQ-vxdwHCQBea z)L^nt>qe4%un**cn-2DFxj%`GAXW)Yqs(GTZaDrV~{Bkbr=oSr{IpPzk!pkcrUbfpKizRG=@-@1 zf$-C~cEN~jRdqb)tjw=pA7z^wb@`ucrSPmfFKy~*ni`y_-lg+zWoX`zmp)K@rOv5! ztG2eb2U|V`kYl|w`v*0tLWiuQYyS%%I>LPUf4<`8nhHD3_)3f0JIrzif$Wdz>|es8y1nqtOj50 zRd~r$)!UMxMx-x=LpX!#gOAhl-^%7*?E-vtK2`e0tnD?Z*b{n^F|)&UIK-3u?bZQC zNiL?LkGbFpLwo!nNR`7ajXB->zg+=ma3$u!$Fyd!-tIlvCw@uuy87;T=7= zK`R}zl?|kPT=pT@tm1V_6yP1nWOn65%BvLKA@V-P+WH-Z2h@~w^O_Zo;-^S0Ha@u6 zdwy29Lc2W>ZLJ>hp=^Qx`JEK;lCK}OCVuTKe3ST*pGcm9LVUjPo*0w-U{f##Fzlwa z9jd=16e9!*_5Db&{bY`WE8&9%fBx|%l)l7gu)iT9)R^IopLJ4>-6N}y#hSi@kd%x$ z+8@8}4{<#0mFF4Eznn*lo@doGL6`Z&n1*q6N;<5&d&o;IiFT1aC0wLfdAW5oBZEj^ zp&ZvQcU2U-X>x@h$(@b=UY)`o;Q1d2CCA9VHkF^>EW_0ahxztxnoM zwp$Q)7#dsM${F?f4{0D@|M=oa6>LNGk*%GuKP85}f8Fz`S zrzj=)!r-*txSQ-ao$cg9VH6|JWUEa;_xB#c7>$*$z{&3t@|q2SkeD)xD%M@v*NW5 z`HdS~)f;H@r3#4-ZZs=i^56(u;~NP3TNp59W^paU-XCLh>opEs_uFY^UW*B0@a+10 zs3J24;TGN{BP^k_Zl%IvIzM5FJB7-&8vdKm)xDPQhb-b{7D*5+1o8&frJRe{(v_3( zLekzsAF0_*XV}^lnvAzAJpuQ1Ht777H&w1Zp(o-IXGEe2H3<&OPIt;8JUmTF6kAge zx|q>Xf435s==_2;7s0SP#l6jS5={~dtJW0TjuW)3quAw)E*G1XiaiO|pmKGxW~ngE zXX3F$_4=&f4Am-hvW}l%huIcl71d5LSgL8aQrA1OPAN`3R#{BdbZJ1Aj#zv`Ijb$E zYI0!3@80%)ShwRxOV#Td(E0bdRT&!DDh0n!&AOEk)bTDRC*3Ke3HmgC@#EH@%{YF+ zPSta_=y=Pj%XDF!@+X` z=bffrNa*Rf(Q6kai8&L*;004T=A+qRajoY8YIy{3&dY?e$6Z8~4GaeA2BM8W!SbeW z06mMJcuteD5E|C?N*2u~hR~SU4Ti?b>M^{EL<=QgzFt=g9tZHoUNNar6_`kjo1I~n z1D`b2Iq6TgPx>=F|D_2I!y5(;ZDtqyVi7g7XX5^niIMBp?PMpOizip&E-`T1aMmtE zIdh<1q7Fh$aGZb=INf+cui42jK2?niP{C1l8h53t)~%`FAv^VvfnJ7WDSF0EeN3Rn zIBFT7*!|dm6e%`!r_fCmDuUzdWS1K^2UVV6ckSdGhV7|T99!cI0};w;U9lXZ&NNWw z4kBXL%Giw|&Kd$FerJm<9?Ep`Nv9oM=k_1DXXQEC^Bod#1#XLW;>{lbsjdFD0HIyF z*k$CB^2rF)Eu6||_+HW`Aa2O9PnP&z5uUj7kMGbbX9Jn!=Qy+Q?Ijf^ z`>kbtF`?(WGr&BeG8RJ52M*{T*?RaV9?RxdsNw;}(PC_akzxsZc&FaSo^T`pwyy%c z)Ijr*(`i2AsK6V3#o#lBCXNe4OL&8D5)#C)>@>z@y+9h`&5^l+Y01Z7r!h89M&y`* z6r=MLL=J$*+se`65odaIinbx-98);cn@m;@sO%It-vgs)ce4lJ3=e2?^mSSz&&Tej z<_^Mi6>QEGuHDE)YMPGmEOw$<7{$(bHiUF+IatAYTBO2o0+ow)4E#9%xHVhP7RziY zoi?6vuODZVBz}Dw(a*{!(yTYJ-iHUW`1%cS4d7hEFWo}Qdl|?-j>IFF3m6>2qd+{) z9pqpd?{>sf+#v?D3m@3o@GygusW41lIZeekaf$+!(bDlyn6HCI7_L2*3 zkraO1A5Ue$H*633*dZWLF%pN8ecM|BwVR>vPL)u2T|UiZ``9@I=hT?u%x|)z1;FNF z?ADnaI$b6hD3>!zIG@RA$y|IBl5@E0jD-OCgS-@@!8pawEOdoILPu?u1%z=%;J0qF z`UM&KN@|)E<2hb}j~!^Dx5xWZ0_IG!S4QIPAneK>H2OZ7!lZ4)!ok+pGfH+{EWI(S z;#_e9w}sXLwS}A?V_+uM83h*K?7)@<#4`Ev|TYuU_vJa;)Ctz>lwFfI^!i<+2@iP*0mI(mlXE`z)<6nMfuF!);B5}n^70HBton`4S zlza5CVf-P4LT^1xU@O#mE(!|;aMc;|&jqkUU2*(>X{f5_6-)daSruV_2hcn z$2broS7Zj6r3M8LMZ@ z%BmWgzl`Bf(fp|n(`3c1l7=f)yGAIyXUhsSW(DD7x8hDYMO`EEfZC5RwfhRiK1pq^ zb3K26?7WYIwIrXtLS3|mowxo_NMMJRM<_$McvHr&m<-`a#S{rcD4)!U7IwAUs!Frr zk0s!lo7GpifXc4J^Ah?eu0A4hJacwJpXO-JEfb#Mg!1SPC*{wK(lc1-9v&NkuF*eG z9LDv`Xc;(q$}0uiU)em${9B3YilN+WgYD8CA`jqE;pYsIH{#yqTI!?f5F>O;l;$yQP5kca8%-FR_JGH z(Xm*qgOJfCKdQxXWDOrK|jd&jO*v-pHd0$NbuOKcp$2YjvHGs&uL4>hWwy1kx3%b6UA#vK>(y9RrUw{3 zVvr4rD?e@_2y_@j{YW*oxWyLHHdNzE8|duDiP&-mnqS=lJ+m6;d&GN=MkOGo+$>OC z;k=A480d5-dt0~9f*TR;x8NXOLva{im_&F;!0bvfM7+;<#WESyWByjQtx^`axYij8 zZ^HAVAJKVq4nKk54V6mgc+1Tfh_h1d_}W)4!?&G|6X-0&b`d=m$@0?*j!b7_cme4q zcHw>`AIHT2M2fAfMHd-4HzmW-Oe%@Lj)40>Cc{#}(19El`Xqr)-~xkRVVbq5CmU2P z!PX2WVU?Yrvzy{Avd<#pC9c*Tau!RYU8U53>pKZ| z={OpXTKIaE&^5y7um+6dPBh<>v*W}av&@)bLCZ!Hd`FFoG&oH4VuE14UaEIMiR}7F z%y*V8AGBA8CNY>&5_Yx;TQF_s#hV;)XDiJ2I!v}~H8$M*x7apRmJBXCszLD<)7dUe zqOB~Zg3+^Z%Q2eD$o*rBX(eH4c9VHr;|74(@s4ao7C-Jf z*oHzyCof^f=Ac{FtxTr*Vltw(32qy5yFl{A8=F5w{i8UA8C^Qneim3ss^|xd{tPiC z_Cvm>V6(48x|Euh>(si^e4??8i8q3JA%9*EZlKHqbwF zBFmk2x-qPgbeEkJPjxc%Jtlfny0Qftp7;Qe^WKbwAV=EzBGpG!(z%i^F4p(}{<7|LJGAU%z z8kwSOCgCLUjEB!C0|zBk�Fvnf5yqYH4_7!j#X1fIeIDx={iUg3=1g_pMTeSTLo z9v}+>wn!zr4U3V2frno1!YyO*v`^p}j@>1tR-*8z4^0#Yha_(Kh;cqU3gZrD<%F#h zN-&=G0VZJJxP2@TgY0Y=Pm6eN>lu&Vve-Fd@rX$?A&e^!#>0Q`qS7;=cpIjk#7hJ5 z#zT=)f-x2cjJX1r0gN!R_(dL`ahp^N#Pc>lwxh94Mm!vunofK zKO3$LJlv3Y(3TCmMqgF%xR5|~`3z`1;`?0La7B3Gg2Oe2CEEy8Dp43iWy2L=y9*9i zC4lAeyZM9xR5ol6-<=2ys1PNBcpspHSnrR!Obje4|WWb&9NgUF<@*cJW>)!nSoJ0U_i{nMYMP>WMi_U*^yEf z*S_)4CjL5%!E8sdgCw-Wdi$V~U=|v36e~nxF<^FRlnq;Jck7v*3Sl1uD|7EA0qkT* zz`6@{52I#sc&Cq1tO>C=lednZgnulDVZ-1Spn>E+E+w;>72WHOhDVP{O} zUQ_Y7zEQ(tF3U(xBnxx_udUC=Ht?(dOWE(#WMk(@0$4~bV73utJrnvZ zLBcPzB&q?jpxVMfsH56JLcc2*jBO?fV6ioWrOhQf%wDF(aS@BDBIPepvq!xvXQJ_$ zy+AEMzHm_OAb*jXWB5_0#9|=$`_vo#;?=i6LVwH{;L&Vc@yy<)b|@w$^a_Oqp3no8St6Yow;T*j=r81o!mtpYTt?u^ z!-k7Hnc~RwsEsLM<4CYCuFzZ9YMQg^`UEG7Z6E2Gt!PZpxwBK1LgjE zZbPV|maYu!qcMvIf9TLE%#I`UIh#3gr-}#3E=WTECNql`af+7EguWbPD@n^p>MHlNr6sf z*ssrW2kAr-dbol)m5e7Vm=Q_n#U3^~qnolk-caozp}QGFXoG`AMi6=#XJT(;TH%-p zvcokN(MXeN+MGqNWJLRkK?Q~#teHsp6u}kC&e}`@J1ww-?2ygG@Z$pq%+A$z)NPtYw6|IayrHs>%TS5YvQ>tO6kPK1R&j%FSElKETPcdGn@y zf53^x#jUChB6L3|+qBACYWBazlhtnvAi~~vNZ(Nw$W1TMC zfF<;I7CXDToqgh?y5I=?z08XDnmZ-SSoWruIU>a&rV{~?i^OCex>ceeYH?w-1zheV zLjS_uyln@+0z>E_#%7*H$N-_w3Sw4MjR!)X=U#$!5aXvK)k+khFSs!385dR^LW!3+ zv*Sp@1xM&BoK+kHNza7-!y`@1GKU>S@U!JCTPnrEnz2)4LhJ)%3xU7t!Cqi=!LiSW zE778w6#(>ak4rAW-U`H|C9CjufBiAikUsudWBTqHI; zcwDDCV2ECX^%MA8JXQ!|!4Sc47Phk>dKiC(=tU}k{c1aZwc8Cz=)H`2LvzK{Yex}! ze+8p4IXZBJK4`Eyrd%6_(1$EG$8_t!u{UC~{KsGHi**}@&>!)h#?FS#CqjQ>q3!3x z?r1`PCS|ZKIb{r?KbP3>@Yn{i7uo>9E=}_5u`vD`smkh8XONCu>Fg&4; zyJW$A%qry=Btm~HXN=&DSZ%rJCS%!~#ZH1l zGaH({NbICk>gA-cmx&ExqpMntHnk2`vOCmjw5#>k$_$liIVprbXJrezsui@U^|wlP zhgw0qS}#^+s8q{IA@uJo8+&)ecp&suKCMb`jyPZl%D7u-sq{!Kc8~OC1*7RdS{xqf zErZqRky>mX>9ED-^hhlZk90{b^SStYsOh-00ySZX$!eYc#lF$#LVy@e%H+asF^)@& zS$RuQ#z2%Nv9XDf7ij0U6A1kf%Oo~Sq$$RRfq<-5iZ(K-_B{T|U6pM*7czur)daX~ z+PRPk{dlb&&aziURO106EQW+RWMeFni%PG6=vs0^R-K4Q=%=_u{zm10PQ+)J2yxk? zw0Go!gqTcbPK&y_WO0xP{Q|FL(?lv(Aws++*YZCn;>*1JmWeV~AwqN~m;av=@iis_ zUsDXT@9R`MNa(F5Lp);V5HO+Nv{+*85B#i_}==W?44y|Myq2Fh$&J7e<#VRyH?{m*8D_)IA=mS+U8`W{85c-2^ z+2l%AClk8gMF2YNsui|~5MNfwT)oN?6~B$C!r)$Mg9MRj)r{4vZKFf1YKgF>vWi+) zkRW<>%~(<6N*bZRbkAz5t%E@5ud8ILsHq#3(8uKL)=cbD(+VP?zp0YhrM8t+LVs5+ zyQ9Vq5~07Zn$e}!Zghx+?GsX!u{;4C;^XQfWCKjZ05S6fLJTuhr9$jHQFhrF6SF{6 zT}6GP@PQZ%T)!qTExvS z{Jpw}3TssOhgT=a>}m;jKk>R#jJvOxh=I^ICJ<7^8g72$UlWOOu}FpgczZ$tRjlIf zM=qXZ3%MrtBW`p;cUKqTViZ>fSQSkm#9@+3Dy)wt%I;#2DlD*msv^j}pSUu>>S_WZ z6Pv`=PxekErn*tAe)8c71x#!fM?cwT7d4?DaUsK^uBrf6i@5obYpaW>uttR+xqgDo zu9k53BOh~$nb428G7$QS34~O!hMOO`aUwA;7OC(fpPo=a6|1=WkDx^c;CJ@5)Xz=Hek3K6 z6c=EFE&?4&#~@ROfFfEtqv4SVO71jsrnO8Ae_=cX4NQjx+Sut>+}P04(6SgbwG*I0 z6YW|?ZS?tC;Qxe<2s;10BfK7Lalq&Iuktmo3N)(zwo`*`rv?IQu(2h$xuwwBSm^e3 zH}-ArX>4xu_qFx-dfFPB11*8p=0IO#pf9i(k7|WT_5~C@Y=BxOlVbNY?5YtM^Y)zp z9@q+G8ebi1B=iyk5o*Vi@*p1H3QT)GyGd;#^il(XhmT;LW<0kQsAMXkCGa=NE;lf^ z-GjeEkGBPV(56BrpU&a0Dqdk?Q-DqJwU0uBsJ=7y1FHejj3p)){L+=Ynd6xtTr~rW?ut@ z@B=~;9@)dbgW1jUdoLtm3t@klm^DE7B>{ftd+xne_f}PF#=sxU$8Oa<%U#dC_uTEA zn#*nlU#MX1Mgx1P@QnAOD35g-6kHrm<;T&nCA?PgYi_$V%~mj8qCq>p$Byk@8WpHI z={to24suoXciO~ArFnT+KK4Y!9x-1LR<3x0O$GTQt#aJ*gi{#7sjebx%sFg4=~W6s zO#-`_l!><(wa?AvWQ_)Sij&P>am5&n8@$yd_NVziL@G-`vb@b?;e+iYbx~5k-J})| zUlPfF-iWO zSlyS?$;T!6dt=3A!(}Orm6P=EGwCN}e@!x|=6%1(AUboBTs7?nOmbIP%Sh6z#{Hm4 z&*!%-kB{|xlsvCm`a>pb4{FuQx5pA<(_2Y$)y5xAicv2X)zBY_cZ3=bG)V^4)E`YS z@WE4(K{fWr5)A2uE~wW2c!B|T-IDaGu|E-`_q?>&Ra<}39Q5V=VLmJixukq)G zu521gx-p!A>vZ0HsoL=?vk?tu;D0q}Xf|rlyg46b8gtrL44O`>5@KPv@81k;&4oXz z2}QxP(N_%$G_*#+cKyC)QnaA!;&?A2V?%#mPbT#QQmoj*pde$zir+}4XOao~fZsI8 z{LX|)Bn*AI8JRI;_Bm-pMJ-3L0(xs2(MXgfmhIb2 zB7Qg|4Y2A0{@fUucen!sl#$@Fd_T{mf*E7#+iYccZkn2q$3tDxU#=MVHfkNp9zkDW zK;_#I*z7dmYDUKL;FShOStBjt#9Bv0L&y+L5|#c88v??Ktm-_zEoj*Y*%xD&Xquo3_)-cIMgI>4Cxt*Mq(uG`9W3lTS@utLpp*})h@a`; zsI4il&$y?C5pfgr@9q<=j3z5n@`|iD`A6D+AH(xiTZyJz{6n0bR@`nCFXGWyZ;3Or z)dghptuf3LZtgRZ8tiTHNJ}kVn^AMUJ%+-|BQa=FW4$AWoc2hmqB6cSo(-=CS?u^& z(Y`BDK#b=Q;diIxQ6Q;a-Wx+!8;u#)uarGr*1j*EO_4{eZQq}aRbi>$u^B_g$)nPx) zey;*lreJ*<0`ZRuBy^sjLgOEsX!~3Y!9yZA{wa>YTrb$*iZl%?c&Re~B^4_(P1X7N zH2iGEn}aNUA&!)MRIOi(p_qjv=}S=!@OqBq=gT3e)lm6nrObef97AxvV#1@sVuR%0 zl1Rx(Rq@pnq-r0ki?1cooNb8J*G-(_qDuINfe{Q;0pAQ;woYBT&6_CSQZV7%nm16s ztzcq6fQF2z^F`j zg><+KHWMk0N@IpL5o~av z>@|rCQ*@lG*2GSnY8a~4cbXKlL^aF@!w(0wt#HN%oC?iw4M#h;i&W25f@0m0JxM zlE3YOP!4&6_PGXyuv#Q^i!VMxi4@IMq}6A$+t;qH>~xF4Qdjum+1LtT+7!nT_LmfO zxbWJ8f!z{3^OCUssFP?rqk(rA<+-6JeoE{$_rzCO-*{GUe4B@!n|dc8{2JWclR)g% z;{NP+_DdR`nuAHw3elbJG{G&e)M>FI1ohLziRzWhLRLW2@gDEF-_;9QU^O%q%PK!% zzn_Y2wn$AUN%%o3w%Y2T!~L)qvVcDKqx6X7_Wt`0gaYojOYIi4+?LO(@%s}fGfX_s~mvQh05o{h&s_;+t$OPl5vhPUG06*b^+`j%` zs8vgfP&W@N^bH9bvpWAYffpxTf`DrBjY)!btsPe6pY4%{=?ahIf4&Dvt>XJ(jsC^y z2ziHqs`gC@Lfri)#McjoHCAg&6qx*yi#z@v+gbfa3XzZVO)Bj-Q*hYt43`UUE-Hm9 zd~hbLna%R9%3r3S#aX0f|5XYOBb_Uf{^-!6j_?4n*HL6wkoncGnLrN!c zD^=w2Mg>s*dZ=z+Kcub>wAwAtd4+aqd8^X7PX1i6c!1txY4s6;Xz+ppWVHno%?Z6;^ zfyT{N@P&t31NI{2hjw#kYiR{Ou-NYXi-jv%Ew;?-)SZryGQ|B=OZXlGv1A1IvkaZ^_| zh%EbM5fV+IE?Z=!7p}nB@9;LcbHI_HTBS~cClL|2iLsX7c?H1$Kf8%a7N(ct0DW;| zJydqtgpNpc_=@*jZT<7o~30A;OWyvlM6%-cQ(*oYi-eeL<$A!{JY3GLRAJ&MSQ*3Co@f zqKI_5K!Z!t#Xx04C%neYp_O^M2H4*0E>d56aopr_-%ISw@A&utzu`2@)q|aEeGpEF z2bB9{_QHz)FTS`=|FfUXcvoOap-*PyO9m9(Zm$S+H_r}J-L1GkB(geY2-D{XI8kX! z(O0fb0(61z5$fpbHH+})r*ZsT(zhdRIKl&--qv>(hs z*w$mn1rGH?_Vu7Zc2={)Cmhq#kQ|qiNBoWpNniFNxUA=rg*9L$+~M?H@H<`(IMd#y z&c51RHyVDB?Nm!chuXJgU&bL}&oKJ5?7S~b^jU%FO43vt^zF_UhM{XV0dLMj&p!-svx&pV>I`(w z76FK*)u=%?_bD{ds+6aA?b8NvyVjg7VWrcd5F(^S&8$plgcsa%6l&qh0+!bE6exS8 z_3jQYrjLl|C%jID*Uwir;W4b#fz3T$GG9diK7*jVJW&wClr}GgujYt5Z7!okSoV`B zAS)g#;sBZSr+MZ32lNdW+@4s+E{Od5vnAe?K8onzK7_Klh<=(}BMmUwgc$*9C?$7?ql*n_3i zu0aZ&(kyRits)!qEf7Ka&){*!$=f6m)Z2;$a-dL`XA0Bdwl;|cWTA6f; zRP<|6zUq`yq@r)pHx^h$%FV7D3Q{OimVLri0u@QjNjH)!VF~Y)8;O;0n0=iqrAjus zW&fcoWlPGKWnb?K2@`^5*-vqGG1FzvvY+aP5*NyzWk1agB`=gg%YM2WN?<69Fy!nC zQ4|shA0Dm}NF|xjVO%MfQa+)?xS@20atcMpjifXZSa<|=HF4EM7uKC!A-F<*;Tgn@ zq*s^MTSPvj81n~=JiDP3hw==^A+C^SA=Fq!xuHmh!j09G8;W))Ld1onV_D@2 zITzxNb(JfHT?##xR<06xCHq)gxsl{YodByVS9Af<6JY+?75zYT2g`mb0Nfd5r=ax! zKv9>_`v+W^xUzT1UIHhjuIeMIv%rwFE4zy9GH`a{h8-sCIzMsQ#1%1$IZ z6AVndqAQ6W1t+Gi=ue_s!L6uI%Wq64h2ddXdq$81h=<#eJp7&j0;w#F6kz8WLD|BE zks=(30zyqi!6Dds<{)l$k5Ghf;-DCYMo4=9lERcQwYPBI+xIv2KKr531P=?TLVvk9 zhybNVt=6b#w-vYdHUV#Q6yMcB_x!`NON4>SU(0bVWU~@9I^l5_j0)DmPHC7@}QF~(8^DxXhzI> z`ybOiA#{`!?Hiiz%u(LK!-Czutp3(NjTz&K4FKLiq@d-3Gv$b!S7)FpZVn_akAz^&_M+Aue!elUK z7N_#9nxlQgP%whn$(Mg&_Loy`wb)3zqX%H<7vXwC*adU+01W#gT*J1$`hf9XmE*}q z3m22jAe3^>5&uZFCk~+gkl`@y2xS-7wvWM&C;vT2YhHW=OA9*-@J%ZS>+|jDax1%b zd}(V?&`YxQQ#%B61jb<$tcR9F{ZR!dHl!fb*#SXKNg;y8jrE_s!xoN6_R(_!QukN)fC2d94*Z-(K`;s&~JhfxVc2-mcxl?1~xV>|a zC=vFc5>TAyA)|hoy??fOxpF=@T;DJ8O-#!A1ps(n zO8_YMj}UpQHs)M$W9C9p012RsIf8->74pL5B0(Vml&?ntAXQC%ScEI4B{#e=bBT`k z>b#GSiy3_E&*u#*KA$gOWcM|t_p z<%fYNzD|>a7*I)sgkf=%$IuXgbUZJ~`2u9K&8iO8Ps1`w$~&)~Mr56HnDRWT$3XIm zrP7#@1_4bP%YKZHO&%&WR#8{zSiT@jB{^h70cecMvLEL+qSt6xbv>R%8~4|F;WdGl zoj)8jW+$u8P>#A#=9zta4~16dhCVHDQ%`bVQrz691)h^m9(8*wb8DX-dR}h^9y+Yd z^ZT^Gi}oNF4VZaxpB{SI=@_UjGB58l!>{bkE5_pWW@6h5tEEtw@1A`POiva0Tgj%2ggLC^LZDx5X*zS@#b(yx>ScW6# z?P~@=njIpjPo9@pbIu8MDD>@?As z8FDT<1XZ@bZ{Gpzu2-gf?w(kdZ9}-vSFk!u1YR;0hNy0{W7={qu`nFq1>~b>nYVI` zvS94`%lbVE-T#1T%qck&;2BUsJkqxDNRIWs}g?}LV=&loRE2dor;S{1wLYR_{f+! z9;I;%z-M776Im%G_=ANRNq=y3We4y24+{|&);EJFVA)qo;a^@FB>L{o=0He*{xj%E zsAWG%%66QRU@^)_a^tiNjZy!BHoQcX?7BgLsCgDD!Yvt$**n^|WiQFlY^BxiL`WI5 z?BfzZbN{5HeRG@R8pRo$1y4yoB9E8XEGm(%y z&0FejZgm$Ic3_DDaxoucZgyH;3ft!HR#z}QF~%V8q@|o2F04}L6il0fi5Wse2R*Zm zZQV1ha5gT=-gcQm+Ocd19a!93$q< zovm0VRCE-T;M6F4Wr2qN^{`>iI1eJ?Sn^?1vGkF)W#63HLv&KJwz9rLkqKoYOeh;+ z2Ao5OoJqIpd)WNyZf&h^kjj(mRnj%;&8M_To&Ebaw^mLJNX3r$okQS`Xi?WxWCDxs zA1P%T%>Wf|g+Ld9bU;Sqv0Vd+AP^D}n0QW@OAs<`@!PTZ9Tk=Y?82D?__(- zIZsK&s2PQ{yD_X`j2=Ij)?*VuDX$5*kfc=E7&IGjFjmon@wsX+F)<9rNAAJII4VR~ z{9@F5YmZTngS|#RuIsxoTxs;tkd=)g_79{CVmiUyAIK8<6xGa~__sSsX({y@siI2h zL7%J;HLRr$a%Ys8y~dn0%HDZ6T}pe8Z|SsWklGn`avr?)=;*9Ko>^xX{iBDdry>%4 zJyxx$2-WAK?sz7@=(68EYi)Cd7Ro2H>jNTY6?Om_z*B!fXxWT)M4WJ2r@V_P<&2YE zko!m>Z8#MXidqE(hd3Xx?V6u(G;FeNK}(7O%tbUmm6_Vfo*dlO^Ft6Pdy;BCyUT<> zQ-s0pN|F{pgZw{5+H0HH-N6%j;sgN=5uRYepDRK{k)RdvYUKaL?q+oik~ii)>vF_V$PkVl@r-(2e$?n3{HZA@mi2?;b%cG4)U?~&CI%dcUk$h z>9a*CHQbQuM^|ynCpDAW1KwI{EWM^5ZMVj;FIo zjL!A~W?Q7uZ!0C85U#VlP-96?%fRWZFJjiM?c*!U%rm&CaS3opKA2qu%Zr(1HJxQO zmF1;jRcvf7T)W#%uxY5ULFs3aTlHmOt47?hhK=)r?GyLlDYsNH-mz+TvkrTTSQa`EN90*}iUlF(neJP(6~;YBcmCO?6rdj$?!Fco1NrbDS3&sQe%pIQUpv z?{02vV^tpku;g(DLT+C0NrteU9cW-7$5lpb2M%0~looO2DR*jlIn>WsJ$rwc+vSz@ zh1F<8UXntpmwB>M=Vw{EeBB;KkgPre-tFr9WEdaDjfL%XS~T!*w4N5J5hrY0xqiJ- zDXZ~`FHZgMFh;iJOgj0|-DCO~wIn-$9v44C4a%KbQ^u7;=KfiWYGdZ$TdT{di8nD=TnRAW#KU%sE{G%)EbF7gB}{3q5cK3h=v*Hrveqb)$_ zzh6luskuicJV`{I`8zrhm&o@@EgU?B^>J5{1de!JWSid=MwRp3`-^g~Y;KD;Qwxhb zD<`^C?u#z!QSwUD5AduiXtGfEegFQ0_QTYZT|#uK9$y!`gfk%lm9jjzz%wTM(J3hL z$bTp|J`8K+4>)L_FU+Tj1OG=}nt6yJ3;cp_;#k=eJ61y5?-JQg8DOvU_@! z1}=`>%d5}R7tLt*_6jiTJZjnZ0W0pD(!hCNZ^A84;_}!1ywY@~TIOqC_xIc>+|a>| zuLp=N7{2WFK#wi2@lCG>$@3uG@%lZYX-`yV_)W_1du;O*SG^wWv1K>D<#moXU-oAC ze%C{YoWCjAbHNJZr?}R2o>%eto6>zKl?8V#aC_@vUR{{EqjVqc)x-2apRZ5t^J@GC0avFk_Lu^9 z<{pWL<(qPk5>1M`RQ*)l)YHpUSlpsI+ru@kcB29B?|f70o|Im-G{YC9?uE3E_Q-LM$jJBA}%-&jiNcKb>?q+MMxw(XSjg&pwE^wTtsus^NW8x2cYI?xOI}RVKfIw4woEgP3I%vBOYAq6ZOP} z5;cYfn3!z9ydXCKRSrq(2)6)9gxhwV5pDwZ5;DXOyxqi~tcjFts^?fM2RRW0Z?g1n`JrjPfvsfas`{iE%N$IAfHD z$9T%Z!Wd=YayZ;$sU5>jJ=`#D`OX+F=pl1Hn=GU}JeHb)xXR^L3-M4!9_LZ1_c|AI`~HFIAz8~Ed$bk5qrwegdm_Mk+vJgDPJ@mPy%fYNEs}9jV6*NkV6Bf?Rm{f zje@c{>A52j9eHIoV#wouQ8WpKk=IX-K`x6lC)LR~Go3W+$ z89;;;ojfl6R`L9&&UXHB*%X(4YYb8}l-D{HbD}c|Q#h2<1`R>t2??(GHc^2xNLf7W z;bxr70A;a-o?mn8M_L~9Qx<&|-g2V@gZ`AqwoGnPm?pu9+VS8FS;T@-b(X_nIWV}+ zkuHHvOd3WpzRuHFNL4@8g7NV@2H7KMNj8l~xxCWrl&YSK=qQs{Ai#D z{_+@Yucp#53Zw0lWY3}bA&(I^@XCif4Vd(yOfB%RU#@gOOgTF0i4aRi9)s_qS90qm zuZm(}0A3;vewT;=xa-lUH{Y!AC0~rg%Yd}J*~Sb*C~LByVkD=eX71_rSC5d%==qr7kRZ+&7>!O5@}5x&%QUz&=02 z;JH%Ss5eZ{8s|;pff|jWp(po!-BbBXmyYhEX$yBJ*N=&l>MWig?QE@6D0^zqK}ROZ zBz5Q!xCyogWz}s>dAR<4fMyh;zfjPUl0+rUZs!NL3xZw-o$Z1i{eh5w1QXJr#9*xL z@3(A=4V9F{19TNoZa)Y(K0cnyS0fa}S-n@c!V5V=Q9xbA8HqspH5|zorLb@4(veH^ z`xpw%6(+mf_H@AZ$pdJy7W)R0jO->T%q$IW4Losdhk1}7OxXk*OTf|)!Vg3MeJcX8 zxx9F^)c0YMFD>E_l^-$U#>LQf$WfYhTm1ZA0VZI>kC$4spoU|XD24|06;e?v?RFLG z>T<>97AX{mH1q^pCY89MVj-{Ln&oDMD-PvF`C#`;65x7iYAT{NxCU^S@r=l2fu*Hj zqmK9`1VQ-Dqi$4zDMH&c8j-@yafL}t2tYjV($}15#h;RnW0S?!tsRDJdn&&@s|XMaNQ4 zYl?v8E`QG=3yM7oE(lVKFHn0_LM-|8sz}d4YKh}{*@NgzDrfR^bu(#X%qX5hN0~`Q z?^QXIXHYjOIY=*bN?v*so$PRWvp1ZkO+xcib7Qm6=;bH_1(~7rlM^A0SM-qIhGnS`$NY zN}&mwM!ZK|z-4I)$LXs`lq^kT%#!HUXB4HAEQ?vIW??$X(xlaPSRR(b1#}lzh_8!W`b&DORsJ-U#BUvnYA+^K10E7wp(XXiim8F=q9V}?43i9 zCQ+A$3t!o`ZFbqVZM)0tF56a@ZQHiZF1zY0n?3cfCSo?TnC&d{MrKCljdL?jp8K5l z1-b4G%vjB_PhOq?mtZit5s}()o=ouqS8>_fDh z)eEPKwV|f<_rHJB2?~WDhE`~=S)yJfJ#q@lfo39@z!tPn)U>AW)%dh{iiq$EeXPLXxVJTP71=Bq5GT=)T!oO0x zft96C6Qfg5du-`1DGi1d^5r63#G}%TzYiKXtxm#Qc2vGUG@GPzToP!nr`9eExGRK& z$_b(W2_)3NL_B0Fej~(TI*t-GB?~d}^xg;RShTxv0WD2<=Q z8jWmsviT82W5XH5BB@W#$*zE+RM1}kcg^wH$XD!uErZ#Npu^Rhnv<1}m7PxlZaP0< zFF*f-n!K2~=(eP(1dK{Yl_arRJLbp9m=YirgQo=L96<(*Nw+Cup-5D1o`=ImZ6A*n zg#?cUV@WB$*_y;*!Q~knkBH$oY{Z%ow|E4f0B1(IRTQAkrg&O7oFJ03VN{krt6Ew> z$fbgPMi`B9k0nhR)g85AuSdqYQR7L|tl^vGoJ532H}}AwNC%IV zFyv@(AZ^`fGb>T~WdEarFb6PTfw$bRLl%RCfDK=PGI9Wq-ss`z-NuJQMztV2`kKor zU}DsKeutPr-OEOj#ZQy{s@~m4HBc5KPHE7ILwS{a^vEWQ zrZ{}ukMI`pPnSe}RDHOj=GCDfn;(Ni#lY1~27^Q5iATP4`29Xitqmz9UbVaVUHAqK zrYNYx?>pae<~9`fz+YsD0istby4dmGkl>lyxd3kubiOCZ*zvFRBTPXKhkk1b?wgap z7V&~?4Fi7?5VCRBwX&-CPFg6XRdcF#t8`65Jn$>DjjzxVtJXzAt3Z2kmL=K>qe`M3 zN+!1Yh+F9Bp1=?0#&}vbBK5R%VV@ITdF7s#)})XN#E6IV*)V;B>vVn!Of+1d?LdI{ z>#jqt_~YyDAZTc=cqoP-BcAP$Sa|pxB|qT|be|UqjNGBKE7Qn^O-7$L0(*Yv{1n6| zEw}5<@l$-yGFoui%uZ$R&(b!cNuwgsI4;A)Z()rh9jiI3o=U`|)%sI|Sws`Egh1D5 zH(&+U$T|wJBm5GqnsQk%_9y<-dhtJ+`TCApj7_HtH(x{d*?InuC!m6vq4 zMf{DH%Bu}Kcgjun+7fM04g_53&&#q_8xF!APH(!V`bRX)5|l+mYWQGd~_*}UrcR?8Clt^ zA5L?ug^^b3)Re~zJO0^H1y-uEqGyxsxnWi`)QTNhBZrU?DUG&i4VRD*Yv0=!KD@s4 zJi>R?!H>Og&Ns-lJ|Q3FR1bSvdS~35a?l*6A|)bqlP3@@a&|;mEB=$rA3zhK{`X`c zuL2x@?aKvPzFKU&X0-rim~iohF6~lCCvKhZJk`H-IF(x8gW^;?V zA?7Z>oau~o4~^l@8h1~#lL{a0?0nZ^&I}{d6+BS>oPKa&5{>!|IIvQG2@2Jl%0GC9 zlSio=MALo=EbqU7#9vc#t!V@fng~=X?!n*ht9m-eVGRWQ(zRMAz+K^3iGwg%_dn@b z>%$5Yh%%Zwu-gV0Uo?9 zF9G$9K%w290$$8mc|?Ne`7vrJjjEwqcymIHd0+*y>Gp>P&h0gEqXawZvyVJhGDuDf z6|Wet>ej9K@;3un(#^1b(L3mDlNXF-3n1d-?uaZ=VYN`RMO9|)2)B@~@i#AS>0rfx zm;FNhDFqV@=%QP)BWE=VR@4^x$x9b1ptg*&q#=u8zr$=?_^>fk-rr%_50ys82F~cd1G+W5P5;zus)}Z2R}I z;l$mLtMkNriJYyEZh{5|yDLA>3Pm7ny?!0p2B&S@>B<}}{=iFBDVNO(#v$~Gt5!m( z5(>HnJA8sbX}mxhLeb!M`(4`dz>{E8!3KcA8**Z=a3;saE!|3!^uOo_DRV9)4B)oz z-LeIFd70Y&G^WY}jUm5K+n6g;}%@dLIm9;Ehzeo+=?;g5Yy?nbkeG=8*> z2h#9oar-6AkLVy5n~@bb0yM~lvcqpvKPRKPjdBG@m5L=-cAl$x-k%MR)6J=9qVfxg#JYJ{ zZIktZV;EVUe21eHq$XC}!EK)TzZ`(wl}zYPnt%0GM2u}-5T6!UODAt7-l)b3jB6}d zHGWcDFT=|`a@}RNts{~G1h@X*Q5O?~AHXQ~XRO%eRwlA3Q??9F`P~7EE-VUoW0x^w z4|+QfMWcESPeDCXr*tqPB~ZyKVUZrBaxNjaPRBS5Pyu|ClwJ%lUvfn9HAw`8m={xA zr}BxMVTSjEiKA3{Jlu1%fgO$XdPP`?nGwqY8%LF_=&W|xgs&dSCz^|s1gPSk`|A-$ z5wvcmTDMb9`??Cv-J)`r$r9tGZ`Tk2h^;pSvxD(m@|h{a;PWUpk^Vtn$Iejknk*H; zU%|glXj4i9WS+2O4Edi;YSt`U>uke<$=Vz;p50Tnzi4tr=N(`Rgy-AmK?~M+xXoNsoy*)*Ceij#iB@SmdvPL@Ze%-C`(2l zf*LB}tD@}fzEIcDce|cO>Dp%2yrWK2lg-Z?_pG7UdNU^DuAHh`igzoWp!4C|K{e|P z2X(sU?IRpyKsRhtE@r^;A5;gDr?CxC@dY}MAYtaSQPYT%10%5|I;ONhvj&wdwwy`Q z0)yMRNWt#Qd(h~)G>czp&B)NdtNCFfyJYg0{niy_jl;PTUp&bN$rtU!IEsZO=lsfZ ze!0Y%ykAJ+UZ>L=c9ca&HH4H`$VZGizE6PmNM_Wjok`Bi98gX;(lG#QY4xT@#%lT` zYH?C9rw?3h6BY(Fj@@~2QG!{N2!XE*=pOKhkg&{*J+5roX}0u03MT1&oOvyG@heDG z(^uhQl5S~jAGS~SeKp)YgZkwYK7YzY8oo(g18#{%d|>t{)#rO=(ib>u?>qqNF*L|l z(pXMn4c7MtyuKG*2tFCUK!G~oWdNF+LJyi}A%$3Cgl6yeT!H{J3%&x4he@n6orF9;#r^RZ{X!pS zh(|pynP}__xKlPNUZ`VW#A1V&ZBm4b7GWOC3puiahf)b^2+I;_V!G%5~}L(!A!3N&j)=xjS+znScknd(T3! z_XSjO5h{+IJyJd-?igfMpak^xEY%Jdtfvu76l6RfQ!uRj4&u^Jm5v3}QV~#fznilb%O8vHK zLcSf;v9EL*Rvw_`qU1@!bq3iiPz5EVRj+X!Su5)ICicJ)m&^Y3XF?;8DKX2Oh=knx zN`t>$GZ^i;LNnLKWm8|;s$OwD=W5Ba?Wi`gG5nGujPf0gw_kumGebh?K75co^%F`= z_-@bgtW@WA6Fl}K&$kKbXI*MI<7K;9(G4H<^kLst0>UU#5U#eI2AgfD0v zq-MAzI7#PG@_CvzjM{t{zl*;M&D&n`dFDIlUv;5%UL=q<5wdL<(A3=YGZt!Ged_H} z=EX3v1OWNBI~YI8ggX)i2peC(;5H}5V;4TMvp;kgY>vy(Tupja&mNTd({O*4#4XNj z6<*$v6+{}&GU_0pf{Nhc#c^-R+157|YqBfZzQO_cXv$HpNlC|^%9pQd+rVD`uqTAM z>JV-N;ez0{YY_&OOXX5GZ%roW?1vDhj}NiW<)IG9bkvDc{rdwEj!29P&)~$dTe)Do zk|F2GUMk+1BF4UJye=Y=oyLjQh$>Ar1r-4!3C$koL_&+0y~3RPIz-E(fV|ERn-xZ~ zKe*5j%)^J6ase{~dH7dk8Qja^jm`kWt14*4pnSOQlX6R`be~@3LWvFT;DA5zht1eM zbL3va9-AHHKw>S(zSj;Lj@DBJp(KhRQnxmKP1)DivRgDVoC~>T)ZN zuRp=H2~XjK4R$@_o_5eLN3IkcOhi~8H8Fkwe>@dY7Ofdy9W;2ZUzJZ+_g7!F^yJGj zb8t_M1qee~O@857aIb7>C%c1m%4%oy?I!sbiWH#py=Vc}t#*%RFp0oM`?ek_vZlG? zf)v`iI-FFLxZ<3iEMrEwfVOlvCjsD&I>YVj_J?jXzQClXl-v_jArp09IE6v!J&+T!n}-L zBOAN_ZfUJFFx+Kf5DhV!W!cE$HKxQtzbCOm3RLk8avdTQjofm_iXs*{M;0+ImA9J1 zm9A{|n>7>YuZ`U9t&(Y@ppc78-sn7Wiamjf`C%TWe#(PlF7fQ^g4H*=>Eqx39O?7k zc)OyE7^zQ*aWg&%qsH`rq*(taPgZz519=paLQrs8y57E!o|W!;sHT^_8-dB@kSze0 zPLo23L93pQn|Idu9D>j1?;K9aeA6QooTr0c)w8(;%ynjb*nHZq@igKT|?wCc9#QIq`)gMt)erY{r{^VAQ z5M=LrHZ_XSfg)L^^mu6OuBdx2%NaJ|{kHhsvAnu{|NLgXe>o1U{%}We!&*VSCODUU zib|Aqe_!W9LWl2C_micZW8Ax~FNRmyU4a)Cj~8hTA%W%N+%KHF7hy#Hu8ID>!aamQ zG1v_BGX^`q$tv{cqW5%?xEiaJGnM_Kz`4B=r}DNAZ9OaG>z0etzr3+Da5%o?ya#M6 zPGV=6Ri?ny4{hfSpDawkm{NgnPFG5wvRz`<=rz#WAXVG9)c-}I+>*iAroNl&!`}BW znj8%q+p$=sB)*xF1D_>z&suk1-IzCW@}SewAmvA{dA>!b`;nCD0tCWFb% z)loAbQ`KA7gBunLMF2A-YzS8-c-`ZNoYfe!ZWYL`j@xj90D;<_X;*avnX$UV1Oq|; z>pa1eD9~jHCfKS>Lba`D;3q#MUp`BKt>I;m>0q7%Ba5h|Wr}{U8p9{n>Wegv*f%9#I1gL$QpWk3T+Oc) zqZ#2hhdqN+e6=t_I^*y~{%WbqBPtZ$e3F@Qq+K|eKqgd3EqU=2`7$vHRp>SnT zVS6tbB;`mTkEpPXKiTz{NKeLEe{e7`dexGV-~Ud45&RQr$MJ_1VSSO1f(S+bj|llD zE$KP!_(1A`Yhm%^=xtr9nLM0gFYfS zn=;FF<7s)XdwG_5u@smn;;smim2(}|)(vC#E*o{mWpmn_>-G8jhk^Ju?ebC6U(&&@ zCrz=h&ivm>`ZqEm>5jV9kpXX}yucd)JiHJ=dC?9-+fnoCfLFB@8?om%W=fkbju=x4 zr;o#M_2w#5LYH7VVN<17IPtwyOFDs#i05X}k4%i7g)D-IK0gADZeFTxF`JNgUf!&2 zE$aaJe&pBGGE6+rZk+LnQL7R;T!JZxc16H`Q%$G76#KJpf*hTN6cbe|_1 zSb%9%hn@PF5~#c;&XC){MBOmTqA*Vb4CDG&X6=~bVUqlxcg)S)C~xP4PZDkVjm5CfDU1fXNpe$2YHOINvJ)F(K_IwLg(0ks8PE-8jQ_PrUE!na4wwI?RyiNQqBUL~k{^Xet`~3t zYK1LeaJU!EJ0u~T)rykmW4^>2O`MDbcKYT(9}UhfhEp*h0lm>{C__tVErj3nTC8?i z355>_W2QOfKTmb#@>(4HD*43hE^KcmAW@sX;almD+O8Y^m-2qox0bo;@SxW zoz}kywbnS)WMy$_d!kZQyjwCcQLkJdL24@0?Ce;FY0vn_}Qd1G0qj8SV z8~&j6HC);q8$6hd0%i#Y`<@+R9|iGBNk3=|aG#JE*X*#&Pg*lbZGtugC0!OaXi>T_ zP=yPNOjVFj#!Q6!nt-KvnW-2;Y^pYC;<^at%}PEf4Ew|}(y~!^R+xw&T4foz0(1U= zhJXzT(DjGqy3pXw5yljG!G`IZSlWv%Rka4uP*z`!3XLyg{TDuuMqzxbjbddiV2b+P zPE(>fMr>OHwr|=fOa%k#JwtB%K|YiROX58eyw|K;4e3G{+g>0O39da)(dN;n`llG> z5097>UeGNLTHpP&hEkaMV7yY;4QP@fs$^WG2!s~faRLjqM~3o6sIXmeq}Sljh~yY2 zUYHhOuSsYiNoa@^@;`}!<(ULbqZFM`FEZ-47NB1|b=TZN9qpKm8-PT8lqD$j(_K2R zS-TXI%29f^wvUIVaaIplu&A4^d_Jp3#dyg%oON;pEExu2>lF!Yxu zj++Cx+4>G9H5neU7NuI!@4ptPRk1H&E6B+j+44+np&ST&6|;mj1YvM%tkNC~|dF#yg> zq05y7Y~fJ6b&Mci;~9d(4}!GPXV*lOJoDlKw>X)#4n}w+lfL2-GevtG>hyN&wQA(` z*1C(th78g?^0P3#Qcw#Q5Tn!<@l8ZYc~+?C(g!Rsp>l!W*O*G2;c~G#J@}jd^9o*S zMxAeQScrGFQwE*%Wg{!rR+N0FB%lcEWJ1MzTItdJVpF`mM&IFVNaUC~Hn-DYGE+~2NU@H$Vu z(8{?tVL>v@+Vr~w3d-((u;;$}<3-^8=*yKRzf{C#N;Y33;*!7`fqu)<#;bgUjfh8? z2F7v8Vd+jF-#b3ao~NmRgq1`QD{8$n>dCKOlXOn^8#Ls}o}}@CMreMc^?!^BJtt*I zlV3U56k0-HM{;B^4M3tIWXNjt1%I^&BAETP1TomDhJT{*6Q;zMn+<*$^OP3Z0|0H$ z7T~=~xys#=f-?3#)EJ6Cfy5q|DQt8u5>!wR}1y` zKlTZ6h!5XE+AB9QeiAuPRStzRkp77PT@FnODqsNLE5#5W65FCZxV5}GM!$#6^3ecX zm8tVOPWhh9)ko`soRNgs1|VlRds}(XoUs&abW;?&3e6P^^%)+i?75seQhX0dymgp$ zH*!(fL&R&$h6=Erx1RZo%n9|6Aou{Mg%7pGG|bL-=+Z^>1?cYoj*&Ut7g|tZH?i|= z;-^9+mKP^W%xqNv6Um5@2n`y=p~9rR6kqX0i0vZ9AcswYB$M*A6qZSU`5u+^*FTS_ z+_L^&iy&yTvE(HN-|tN%gIqDr0@(;eqFY!?wiTj(FGSI{>xk)pk*H$I>P?Sw12Rs8Uh9Y&0u50y0Gq{jTziboRsxZN;I zs*mOnM{-6r37PJWV&Z7S4>OC4FzHaUmVNBWFPO&LEtE&&bwRYn3U?QBOv++8c(}rG z6ze7YgfCuU>{z10dXzJ)NOl3z7+kW2TGED>aCTh01pCtymNX0OTJ2?xJmYlNhOd_w z6MOa&;_q}RU1f}H;KVApr>D3~R7!Sn%+mxNCS!?mpdoiw&bd)6(*z!x#_ThrW!^^4 z^}~JkX9qfaxn(!0)OwSwu&pw-%C%iD*i=DXG8MZE9j}%6Al05lAS$k>7RrWdrH#oR-^X)A|524 zO|AmSFBKI3eIM6y!|JKh-@fyVelPr;P{4A7G|6D<=QE15xyYbq9&wMj=*nh2Hu_M* zPRZD=?qD7)XzC|o40UQIw8{GQ!gv$@_;<9A5{DnjglRv$|6%V5D6p)DnrRSBpQ*6y z!dhr>xbCltOp2@r#yyxU!mZ=|Tqlx^00DQO1(TFoVEWDc%-9e*yqQi2I1ACBUXc6E z`o!20K&Ag9k~CuiwOAof>bJbPTryY0_t!?w@`ntbsMeF!#|cdw5!_(Qn=d<4nP8Nnc^bUxeBW|DHHX?p@laq zrl(}sGhva7QbLsCNoiWp>YAr;vuj$G!$Ys%;)|Usq}*QpIVeDV1{Q9w1f1oZ11Z=H zOgDZqsp^C#r$h7ZLa8MQ6MU~>!m08f2?DWQtc26w=gT_9ba zFvNAY!B2LoOm}uLb}^e+X{Zy*Jzr}6?@ZgdACvTD@%;L_bJpugboofpci!t)VRi4k zOWIe@yTH;m)=OArN{gl$)`bt2;8+hcD@!PS-7FpiNg{iYc-nj#GnS)?;|~ja?m%7l z*nv7MM^XtgqttAy<3Fk<%1V=rDppRW_Z`56UH52eK;zi}TY;{+MCy&F4_QN-nL|kU zDZ#rvG}`r|Vu-rG$J3{~ff@y`wDoc^sNF;qpmQ3QMSdcFFVC0u(C$|?EMIizQr}Yt zpfWqwXINH}iC{~T`v=NWUNcPX5xPse^4n|!CxyWaZ=hG5Pl%p?A2X+Oos#R_K^zXQ zpIrVfJceXgY^?ie|b#mGe|Y~oBf|MjdPuAEZULFFcal0sZAUPr%z>)<;w$McYn}_0 z=)oBPcQzU{2Ns*$%*kN@<|ty-&DWYM_}{=J){Aru2D1k#DCo z17Qz&Ss3{vubd6G*mXY(J@>Y?^Gzc+Cxa+i;-3C3d~-Ph>QZ6i+ZLr;>C7|Yx9@u5 z2Y-DBQ)yD1?A`N716z0ewZjAnG;r4??R%_=pVZ0-U~5_2(@B9N0l|rf%v-Dsk;)U0>PqRm6Qd`9A2ah3PE)x-b&O z`_K-4O^wG+LI{K7DKS4Lh(XlOk}*Ff$AEel9Mm!Le75G=Psv4w$Q@<{pBpi&Fy0k% zpE~mNjnO%qHbu>poL}8X%Io{0p|`6}xD=TCkqDDQPQ;h^H`-@QY}mlVSn0eZ3KNHh zN$9V$C%c+*fv=u*y{a@HXj+irPWAn>nVYj)%JXs&m|#C{s>No{)}R;~aNOy|S<8U) zQ$vdkv@EQ}MYpnw3A}vsnJ%&tULC$Q5E}{o>dBEihbhvk4-pm~3B~A5keek(djjpX zj(^RDNs?NF`_Q15esZ%$g#{1X;efW5x@N({F$TcF+ZKxp7j*<%Ul&KJZ7$k?+vZpPql-b4pKj<84WdH2V!SQeuk zS;7Z&)5Mf8f6ER{TeFL@h1Lo1##q>mAg}1E+_SNojsaa3!XtHJjUXOY*b5S7!O5qwULwvNeuwFYtK~j_To4@+zNJFrVEVZsr-27$#K@u0%QPiu)a`SVECz(I6 zXTX1=mE;=_=v$7CKI*4Kh;ES38H#9*4G)bc$s(uy#Nhx0qiHX@N%gbURW-utp^QfH zAY$DYIH68^pJ>ZqFwU3JT?w?XK&#;NR642}WU}z-)dyh7JnmquC>qghb)vV(Y+=Kd z`~rt~&H01BGm#sbs(AkNEUyQHSupH|vC!#fMEYt$yQ5l&LCiquiyeg(LV;pqS}YCr zFQjo9)&G&ELQiL|0i}Uygn6D_7~`fGojmf32vz|$Kt(FzgNjFM&8q>JdoDynq=q86 z*srXsYLM%sh(NYadAhSjrGq1{QF4f(?Q|E{^iLr4q_PE7zWpVPi?_OMi`HPMuznlW z(xMV>>{!<{o#yXfOY$FUoBIi=I$a!v$G?8VhoniG%oUCNl7#2JOi&Rw_qOE2GeBrq zyR9$q(Jb)Co+TN$Rv0f7Qt9sE46Wk8Wvely`Q26JW5}0D8mG0{BZyNupfWEQAMPHB z)j<^9&k|r-{|*Piq)5&-fY!%^hHj88SvZb!4Q*A1;kO)BvQ;4`@1=E8INN(79641v z=$r9r08u8_|Hcm3C&G|AY>BSahfsLT zA@*gWXmf1yPTS@tYTCCgaQY`(lsZl5F|TU#*AXdo ztl+;%f7+Q=pej%Iezz#eETs9@|x|{w>@poZPoS*2NFN$qk_=OkG6KI zfVIlu&-H6y8av+)sH7r{0^Tj_KwX3KMH6x8^U?^kWxBMGD*uuL{%x1uO00%H8!OsW zb>9JBL5xkigbanmn;f+`DqVDHycv#qA(v~#rzj3T<|pQ{C~L9)a0gkf2u&Upn7xRglU%A zlP-@NWv~!DK`#%3vE%x`efn{rN0EbDr!?EIm}Ds8eA|jbtl1Riv_7vxn{7 zIsA1b{mv#$>x!2rz+Q&HLtxmQaQ-rIb8*SyTILG}Td{-mT-29JfH3KDYC;sDJf0Y? zRaPUo0Zud`{NtN^0@ z?(^BNRGEsNZ%?RkiigT>;r3+>#-z{z09`)BO9EW#@K%ipZjvD_Vi1o0^F~V48Gatb z{ft^fxkCh1zsy7pZhKb@uO))Fty)Q?W`3o>^7!CyX?%-8CnY+`RNHVU*{$2bVZ_?j zQ-jrf*_G2`%RJIg>6H_XYWz;?E79>Kcr?jBe};rImd%Qv=d+66(uptHs8!zZ4yI0p zB`fS}RE!&DEM; z7jkz;p)(p7Xl-2;c()USh=a)W%^4Y2R<5gm=ez&-fi6KbEq47iSBzYf|F1&ye^4P3 z_$v@cBq<&nXt4uVQEXI;%jXM=8q`dy(>ap_qu*j&(nU}_(4zF+Mk`-0(} z-t{-)EMz3==W$>N#y>-Er|d6F!OYv5zC@ASsj)P8>W(b~lymzWf|3qhCqF4Ow<+Y3 zSro^Dh17yty-dI<*bdp!{IV_P-mK!m3rav*t17af`Ow{j4gCC0>p!snRv{uX7EBMQ zs~(MqV=VF=>mfuRo3U|!2{zTiO*~M!3*T`fIh*8h)Sjh)v+a{<8$9dW_2|NPEa{fd z_G#|4Xa6AHEKdzZY<8IJi54BmF@CUK_cBZ$$#z)^GshaX)K*ytGmi^j>l&0#V-U>{ zo+Ly|NR^SN`mQX|z35shKTsg1R3JEP({cX-;lwyPBisQxMaP>9=5tH4K~}X3MP=qA z*KQIQs!OOJ6F?M!<_f&>(St3YHG(as6qR$FZe}yVi>}&%ZD)n$_+jr_poJwY&8@W?Fx4st&-~qG))NWh4Jqv9RX`j{^V0y4*ct7!sbc)B=#$O++kNo;!?dEpSyMD$*FG38$Ly!;TG}U>8*qU&H=r4&ZBdI{`UALNjYLUcGaG}4obFM zKM0+tSbKX;N1WqWm$>9%#s6;7tyF5fn(Wqk#xFr-6J+MTt6q;pkna$kW?o*QiS-P< z{B*Uzdzq$GN_?llfxa#>Ia8k#y-2Bu{yn%7K%1DJWKXU+fVxe?iAuM}{LZ5(lVayO z`6a43k($gh*|Uv-N(q>5$lX6TDVfYN7hFc5U`*zp^v%GNF`)k5VQ}S4?o+}v9$UvK zpe9EZ;M1dsmtoBxY*S$@_7;h75_;)gze}DXWik7EM6>)>NnAM88xTt1oj735Sy&ZJ5At zW*j28pw)!!ME^x!tw(Vu^HksBOg0|J1FE4}a|%{K)%Vdz_ZD!9nEI&#(#AHXAbbJp zU%;6EjMT>JWPTmr4N#ELUzSv}3?Q-AbjMgX-vtgK@XD>Z87Xf3;EA1&+3i_M$(C}b z#7=h?|0XJ773B2ibH!Q%b(M2dchVJL2M6n(qKRRUky^>TUid))D%#jIeKTx<4Iyx3 z;#|lO!5NW(qIHi`!hg>R^PzW!gjwKY;vc>!LTHR_9QL|euN{Ck3ox+?g189y`t1G@AyK^UZ0~-_PZjO&NeMPe{#Cme0?ZX<1m>D3Hr%Ggh1$yd- zH;zG$&pa9>6O4>g;*|)=rk&hOKe5MxV=UTThQ7jfCihBoF=>Lwf)rYW=mb*=a9A!< zJl1~r(OR)n;=iso2u|lwG749G*S6`wCxMwD1T)b6xGW$Pd*Nhn!2~9;K}=I2hN++8 zkdlXqZ*52;M+4I6yi6yq;HZw zYogUA_6b3>AKHY<@GE59P@#RlTHc0Z8A+SxsCu+gdtV4cxdb zt`-(%8edVoM4m#y4pXip)Ioie#K>EV4^*;*0{ox|fyU%q@o3@DkRA+fRHtw?>GVG^ z-5wnl244QaLC~wFgmJ=tUL{rZPERXdS_7y3$B$f0dmna*d6G!|(PW1UA^z4%s*($d zsVIS4ykBmW`d0~|Kd3^l8d^_*57isFSMhRC52op8$K(=U z3=Qt%$u8{cOb&SuX**r^&}ept`}EIgE;~R2*0h>S#WHy!(Y5e?>lUt+?=PN=4n;M= zYx$$7p*P=z^;JtlyZ@;|G$!z_Z0+f3Gn#l=RR-%^Ix^z)`-DQW!@2w295BX&Q@ zUns&Bew_Z>+HIIQ!|JLUBg>e5{qHC>wWwr0ya1j{VpDpqr0Y#7%lsda-E9Hy4i9g| zwkA<>1cQCkVJE|05)WD$tmk{Yjd(fjHbGEI9fVfBfe5tXe;{BlkF4IP2|DjWLwXr0 zh?7L<`&L~v5o~)qa5Uu6i61_J)1C%NLmsKuhkWTEo*!f!>h((8qn4xhUCpymDPb=$ zb6{Ldnlq2<419*+bl+-rZ$RB7rM=XH$MlcP2u^ z4DM6M<&%J&c^V|%LyTEusuNV@hMFfQdl>M?jPaZ>A9<<81sr0?7PF8cfMu|!eqs}4 z@~PQW71Yetdkd$^IFE&c&0(jQ3(h!*)y~(Q|Kf|{xT?J$umxk__2aUdQqaiG$9K!0 zVtaoggsq-J@X^^V$vNyPYHL@7Ab=-P(obJhBD@@yS|bt%k<%Y488 zJ=(CyqNHnPux%M?xSlzV_3Ei^h<@5S`gx|1iOCiFVY{Aozp6Kx;5VNER%-Op0Hl%M z9A=>8ZZ{saHil94K(^byJ z4KG`-o&EELqZtj4duPjBG}&F2nI6%o_c|l32?ThRJbJJqSrnT9F!-6vsHQ(h#YUa7 z=S$`rHl{eSS*^7=AU|`gn1opcn40ku_9~q_X6 z4%%pY66zPlOfAORPm$Huzj}P$>pKnp+_nEU(QZN56EN&Qr$_M|*TOF7n2xocZ2vBC z`D4Y$6_{^NuuKHj&vpv>Ubzxe9+NKx^=1>AIY1a!y|JjsjPj(PYNb)~YV_*okzU$+ zSbJ-2tjMN#$ssRMO#%g3T-vJ~>0Cl8Yz3Z^00mbKWhLw=Db+F`+RzZbj4mR_pzgGc zq!=&Z%X?&|$DYX}EFifd`Eq8($-79H7UZA(^C<*f7lQO+dRja11^(uS3?Y7A*72vE zyqVx6pl`EzWcjI|P#ZU>$_*Eg5CzBDWzel=%of*HJE`5| zqKzpUooFQHa}9B_Ak&{ou}{-KV{Oqb9WnVRKEwG83_771kPn#%de|ik%|wSDborSb zB%K=4@TbK@?${m5JKLA__0|F?V8@2NqubZ5y=d$*J9YK@Z-%ggx{^|z?c3^PvQ?RX z!ctm5BM>}HakRM2)(xz;QUBgFhqNATAaOMsP8wuXhb5f)Xd^+0m>h+`FDf~B!SqH6 z%ct>NZsK-lOC}UnD*sWbv?x8E7vVUcQ1d(6G)i|BB9nL28d3K$@h-r4KpRUR^gg4} zFUq%YPMU1#D1J$INvVa12(NSLqPA4q-O|H$YaVTPOuUGc6(z!CKx~aJjtWb|okKG< zi{6mY@zf*!ar(b%cJlZMXxH*I;TgA$seV8Wwk)nLSPC6?%V2MDE9$hc)00!nDX#~~2Gas+d}T`-R0Hy%p4RdH>6U)kB*+#^h@SfeSuTE>~XK5!dwSBBJXIOt)mL{m>avW9%J!r*LLSEOIi6DHUQ zRG(vF)^6#qtIQ+u6lor?`|hsVtZqHB$-75EMuuG0sg)`+uqfEMVWo@FPCqzP8nTH<1+2ONwf6gsut3vxc7mJp71d4^`FJJob04 zsEdo2Y>Ogki=liPM3(AOdB(DpEuL^)7N~!p?77lh^7j-k<_OzZu8n)$Y!ntYf_YhF z>p#R17UV=qJv?ePmyoLE#&sP0`6!t5eXeSr#?bk;A+13QPgh?9H3L!n1kE>RTS0Le z_?dmjSdz@9;4XYc7Sgn*CPr<8fsDWJJ=9|BJ1}22-T}ct1Idgv|Dk4KL-pI)QF9ha zI14CU@d{)_`;tR}?4*;{0YSL?hi+Z_)4~Hv@iYPrz%J$)2;)}+jUpbXF;toG4=X7t zhq}?2S&I1%l+c7E_MZm6^`S!aiy!)JMjoLa+u167Xg?4)-It`o;@L_k2f&px!-OG= z>y!1O8Og<<3Q}r*j`IxS{?p?JgDM!l;>jNp+5F!&Y$-6|T$>1y3^8O1-i4$JbZ~vv z=3ba=Kkc&si}U?8{eZf{;A?8%ju&lHr}hYLk5ml>vs!|`xO&W7Ft8)G!aX6m5dBbCjK+QOY6?7b^aKazcoo)u8Ip;?kV;g zg+-Yzhu%7ttK%J8L+9Nd0@p!MDt99@mfS5bH&>awE+;cn*}NWCQ*-u1?)Wb%L&7$xT^~_nzW~F-Zy9tmiQAF z^p&~|?}!^q#?c_h!G1{**=A6OCJnl@cXwdl2%}q2PbgUtRfYn)7&ZKkW*D}yrnlC* zDX(3i95zG{qGGwX*k-x^Nxg~)Yrdx`DD}Yd{m0jSgP=2i7%}|CSf3oyQ zv#V{FAbd1dJUO?d4>#A-t(GkCpk8Uz4>6hmkKle3QmO2q)k9?-?&vLYz7K;DdsqV? z2&gkEl+yt?r)~Uq+Lj?`(K$DhJocH3sauw)Yj4}<;e4E~| zpxI*;HK9#VJj66Ju|S}^^xzv;W?G_~EIA+F2OkiEO_ozWV%7iq6)E7S9d`_N_I0aZ za`dfaVrX^_Y*HVP3wC!CXDdv9k{rO^qv z40zuK<9P4oF+*>9E$7cNcAzBVa(TL;F!+{?Kpa{&Mur{n{rziC0F-f$E+<3QGA~Hh zU7bLPJeoj2-ua(=$P(t6Un;!rK>TAhp|sNcW))rUy3gs6gqj!C}k ziMbYfkN02F6mt^-AO@W8UqZ!U&Z4b0%+|zCYH%`3Nt8K1F$~AdRHbQh$DGb9X~lUa zaa`|;j~jF)FvOu8OT{yl?#GAMxf529QJ;78r2jnH%G2`{FbeHIWy%`fsgask{3&HElUkGpvzEKQl(9)1C|dI zGgjGP#XVOM}Vih^IQ5;IHVN^lxnLR++Eb z+re*C|Ko+dXV=dv@18)1l^5^)Z*B1c+{R%33^*=E1eI44USko3?Bty$L%ut;iSdWk7ixjsiFmG=l6}mVa0+l#9!W*N0ivk zPaCE4z!KeOl}G?M$fCeHM$QF-L39{I16(L^0Z>w0^gVd86VWIMPI6Iz;5X2NhmCOQSH>wjVqVU;_dI`DYXmoOD9f|gH$)>{pbQY zKJ{q)pjRLl9iMK{@P=4)d4f7Pon1^P`3@(}d8`g#`@%^!62t09C85?whOsshGkEaH z$OzU(I+mfcphrfrKGMT8P#+^>SRd(ObZ{OS$LdID2x9{4V=+TVz>FNn3dv*>3n?}_ zgf)_mA@XPxYXq8v#ztdUAMkUYjSgdVoS_~6xE%nhBOA{^`x?dSz$gzV7-~&-;mZQ1 zgKmACPgE$*F|2^8=`0>ENEHCgfz~=kH2^Ilo{O_Fssg$te2l69;y@ItgADCjK!=+9 z;P>3AlMJ^39MR^rS>PM(T4`Q*fGR7hAAx)j8F%H>Bv04{1sfXD(7dgx&~zrZHYK@W*rpd$-`h6kY<04tfCpT~57 zkaufPD)LV_4wOuCc92KvaUdp+Tt-M153vV=rg#LX5^;9Jai9z20c4PK0fE4zmYu__ z0mMLXc4*q%v?~UXIjzOr5Fqv>`Ne{`T!8F>+!=buv)&)U6CjQQy(y52P%Ec1{HXVb z@O3dWui@Edbkh4Ngz!^zqUiLS#_c~DI_DpqP0{IhmOwHN(3*i_PAyL3Q8++p7DN!= zLV|9-bI3sP3M4+Pp=X>R07#t2owt0Y&_aqO?5+rK3+MZQmn$4vY^`l(=~<`S4;EkMseebQ1f?)FMU( zik39~My(@?!ndF$;+ce&#$urWE&>MaOGE)|Xz)`zGnXPKUzEcogv@J?WKR(UNL%I* zyhfZrK;L^c;EFb%q*F9eG@r-9h=Z%eiGDz76*}Ol6y1dYq?+2y>A7rbAqxxuX}xXR zHa;*w<6=%bgbv9U*TP5hdHRLMTOAk3Ss4ARIu8r?B(193E1_*&`(hp4c#>o)!%y(I zF%Nkpjvp895&+ptcYdnZ{X*HuWW6_Q9GJlkY9K?^P42zMS~OBz>V;toeJ5+ne5E>! z+mGx<4c@|Q{R}%Yv`kQk?nY0r4PvI_^CvZQ|2_sI3dFyM#|0$`N*K1H{Z@>}7q85U zxsyMp@W*gK>K9*7)^6Jt3Pr5-s;w`<({AwRiu_fs*+!!tiquToh{UH-1Gc^_-j-|4 z2<~1k4wQ=_dRx)0l~AO(UW4@b({AuD7mS7l72$cw!?%V}(J`XO;a>;*>lE)3 zos;6p-|zCp@9@3f3;%Yy@N)t`CjiVBf1B?;>ch7MzAXTUHo;HAzaL$_YD)Z13;a(D zz@&h07tdWj{0#iN!Il3dfqzK=KHJ5gJ3_qd690gBJ_7%`T=-Azm=sU`zE6G-!Oy?< zz`v_5`k&i1DV`2}Zu&cY&-3u_4Hy1pfqz-x&xIWNJ43DIeCd9p+1f1}9%MsGYB{Plm)hd(Fq=LG&`AH(K+&w9t{C&?R^gkc+_P?;e4-5PgUEcWq`unU8zj$y`Jo$Ti zll=dk5C3xl|8oMr-^V|H{x1rAN#?G|90`u^ zfB#yD*PX;468J*`|8t`JvVJALr0W~L{4WnaE}k3bFQ4D^;a?H>R|LLaVEFOBz>f3*W8AOD}wn8V9}by=r{(!uP3h%L~6r zjYnSi&1#(S!f#RIhZlaU8W+6q+myWb!r!6fxEH=($!9P8fRejj`0Yxbdf|7pz&QNQ zHgLZdF5&NN1HZcs{GK*&)&_pC1;+d9?$BetdPh01E%bw{{`hwhPHTM~C3tInO%S}b zzBG~VQ@(u9QvBOP`vjk5|9-E49}sXUH`YWtuU;el&j|YW`RMrs!EXv(>h-4c_uA0^ zPes0$-|3D2g*N$qNyNW(FOUCc0{&mx#Q!?|y*aeamoL{3THE=bw~4=l#)H;&epd&^ z-W~dipkK=DeuB4#cejD-9ms2^U&wlCcHmsGwI4mzCY?{Uf&Ys(@R!@bFSmhzUzGQs z-9Ab09}$DhUv!`j^nblHF%OokS>G}Aqrrt0c`P<2*pmM30%jFsni{)6-3+F>Pu$Bo}4_HPE959 zu}Ca38uGYmpi@S%V$>$(rpss~7P9Q3+4NzdrBvi>*^NSdJvh-q#k34hV)6_6N(X*0 z>;CM;bsWZ;Q6SdjOU)W^#~^F1{EBEi4RoguOqtwnJYP6d_~tUZVKf?M!}}eJSU8_A ztenr6^m4^16v8|Mu0WKyFQVp`o#n5eCob_~?-PNns3kaz~@1v7zD7;gR7e8;ZjB;SlrNUfz<>#AXGg z6!iz?` zz_;$$-SweRXV*xmYozNR{}f5z3R~f466QL0>_2v_<53%j20pyNi1xmwQ7iagyTmou z{H{FT$8ZgF%zk+53-JZpjlyEr&i(uMcYLs$a)q(BVbPyXPYwhM<6lghUC}YJbr^ES;{U41WT|fL;GjA(wg{|;*g&V}P zWau{TG{?O`Z&h9}9~vJYZ8!gm4UG(sqIc`iFo?RbkujM64Ua^}x8{FuNBEmsdb+d2 znaXvB9;Aug^V=rreNw>B+~nX)h9+P#I2pPdrg!Lnv)vVMGBoLVzAloMPifc1i6z?J zr9Y$N-^ibGWmP`i{uR>aP3Gu+CPfBGWk6;M4`~ex$FK07$34$of{p{7Uc63$Hz)As zM11*tP7wB-uYB9YKk0Aj_+JV-MZBadKBfC@8%^+`x>y&g@0|2J`$fEdAKt@&Cw-x= zB}h8wMSku0a!Hg+K4m=&R?16bBZHOVK&4!3t_`eBj17#9L@YBBBbxS!xF<7<6kqaj zub}zX5N`wc{qwK=_#DJ&%tZ-`>Bgxeb3CrZ_PaYr?1ZCQZK)V9yl{Ef8o{b_;~plcwG4%i1^xb&mm1S z&u;IA1ZIBiMZ5FrSBRwN++lI%;F;*T9KU28D($@|iG_QyW9H)a?O3>5|I-9V`HLPvIew|}t>54Nzk2W{LdfpyxtB_% zQe^Kv&j>y}aCsNxgZbJwzd#_MZP&Ta&p;YiFQ0pf(*z{#yZGdfXD&8h{rqJp;gy%( zxO(-4*WuTHDDUeE&0Kt$aIgFxfIq(4_P z^Xy}Xpeibd_NAXK9y*YQUo8EseJGrM_5+88fK3xG?Y-wIB=66?)#KC;u=m3|fxS<^ ze$~GHcTpUPdid@xsMlw^@I&(lg5$jIuiS&QVU=T>=dC+Gmt9Dmk=r=L8MF>O;rntw zJ6tKIdqQ-*st+l@@JOl^7|-F3#TM{%c0QMyezYayjyt+pOE zYYO`!H0KvYKf6^tJD!*ib*$~{xbw!HyKt;Qd4^--bC3r4lJD6!z30F~dv93X^;GEH zcbqsne5f}h;@}wbnV(#}N@o7}o_!zcOzf6p1*U`ixB}m44g2AbZvW7Z{GQ3Dcm77_ z$GbkZt@F&DU4o8}!oNA7F~~1)D{O_Wuobq#FK4(aLc4bvq^>FTRk7VCG$H1byT$t# zg&*|~-?&Pf<)k0B)G=qe_`4jZUJ&1f+j&TA15kDh>34pcj~=!ELg>kI?0Q^0<@hS5 zTOqkE;gZN-!e12cL4NM;cii)Z&*w$_tKwbqc4<%7A7sT^J;`z75 z(;rSI68E$4;!?9_HwV+@n%*$kNMtM$9XQ@3;BX&*|7*Up^sgFz+4p}+`mc5Wr|kc7 z-{Nxuey#gIr97Dt0zt|T88+MhDf{au1-_JP*Sh~x%7fVvp{@cBS^w;B(;@E#@Sz3>~9{Px0c zRC3u1->u}W7rsZyQ7?S2l8;{aJ|*|O@SBu8^TKada>@(8Mads8{8lAbyztus^K|yf6Fsx!JxvKOf}2JU<`gzC1r4>$s zmqL7>oxeSNvrYWhLSmntuRZjLeP?q2uM|Ibi2ZT?c5=AQzO!+$PtD(c9_--z%l!Q- z*(M#_zm5C3CVli9ZQ?)E!S`+X>HI`T@H*G?9elr4*cbnwckumFvcF5c<@W@CUKQ;` z?uYuaDDR{%ov(`cemQfg4S)Vr#D7MlFJ0DOX+!@{+VEj-C*POUA`gGj_ZgM!>RYp` z$hF-BS22CtNccV-9y55K$+ho%@oa6`XoHGx&&hRd9SPbZf=jeMQYfLn27x!5w>E6D z|06a!Iwt*pMu($gwErVEw&nlxc7(yBEVoj&SY2N>7(E*{GfPa~9x@z>jpMt$Vz4xN zda$Zq8^G8Qw_(25DA*Ck;;d*`g+`gKr0Zcv5ra@oSHr!f>Yv9?Zw|C9`QW zyv^2Z*yY+XV@u6t3!)Zu___qxC9{cGx{YbB*mnK?!NJwl)yR3HQ8OwLv#~r_Gz)`@ zq`?S89PGKbTq{(XMT5NyrGyz-dC&!F)}Zefy)XcP2tim+56G|{loWI~mflz{^fUC9 zXGh`pg|p}SdfpF+rJ_+{p0(v3#;~*~0mHq4tIm(rdizfF+zY~~TrKu7wUr6}7y(&0P6yt^Tb&VtNpv|VcoPWl zTnJ9VhdJgpK@DhRus8WQrGpSsDVG)nj#_E2uXLEV{b_cN={VfffjQ``~(Gh3-AB(~G z9~&AQ-5USjjsW9-g4w3nn#Ph-jMnB#dI4{EG#iX|!drbf0I!zq6^0E4$Lgv9qaqBY zRf{z(1mGU%It|pgo!T~PY-ydDvqmO13~90$Xmx||Cx$UnCAMxhK|?6l&f{MTRS(eR zOU+6@K3Um5i1F|evWii%@wQt?5LF1=#!cT!<%)4Xd4{6{4sr9c35vO4H~UFL=cszup)R1%Udk zS>-3A$a4MZxF%BApvlQ`Y}$M3n&lKHtlysnVsE)(sL zCU9X8x*S--scX1*MlWJxZx{pkxvW?4>K2Z`p#BU{3q!z6uC!c zAg_t(P9UzFn5ql*pcs^>NzKhzvzdqhX{aRVL<%PfdZlYOc{YQ{IcSts7+_d^Ror*X zj@|0jDC1^?79V%Lw_y8|NTt$ z?}FKA;1$jyf8-HvmBR|hCMNk0F`XveTtplyn*urYeF`@jd7ugZCy_lbsvO^xdcyan~M z-f0jf%?8M-!`5T=;A1vCKp|A|W$>OM;mNhHeQf&fjqHyr8gU!0@dGZx0c;a^eir=v zmo%u-4z?a@5?E#~ihjP!hk?%e347!dmz`J&>OdAFtCtex*r8mlI^a?$EI+pAlXEBW zZW=u59v<0wMW6S+El*yqBq1R> zqesW9u=#m5eQd?h>nKc2kYiX(HH^BF_YixOIEHu7H7mC2mF~lTR7H7?aN?EaC1=H` z)QyIP102a?$h^u{npM5V@H{3O22g`Sd$iu5*Y;%b#IBnnHppUqC!E&e4Cd<8pRlXM zeNNYOzVod6{4JoRHzsIUz>!W>1n8MO5m5;T`NYhfjHl!9w&7+XYMi{vsCDaXK7Lv% zN@syVCZxTpH)`+>YE{Do4jTY!)@;xivARWEemlcCHb6jRIjE}*P@yXoRyCnYxbcfH zi0?H6I+d$F_`zG@FjYsNi)VPNBf;EAn0w2}-Qy=jBozgEv>-@oZL;(8 zgKjW#LtmA(g>uYT!?wh6fs0O~5dsf1k$TyHX%S2-_z!9!AmfF75HojU@xF%500tb} z2o!;3e$RRtB%nw2a%%E#LXTZN-I)k-!N-hrTp93G0T^|r`IS8`{|=X~A6bGHbu zbPp|}a|Vf4jC~dpKxsg4tdE`J8m+4amW`UxfLdFphErqBI@3!y`2tQ_M&$x1v=K+w z!{9k@&M%NLNnxzEurY7}P`1|zdO=4fyNu3|Y_QJm%?)Rn9zhlKUGXA7h41#tb)H4H zlB(jJkKS}|eK#Mz)rg_y*U*ok3`!-&&fsQ_l4ozux+IS$d@IAo_Mg~TbjVr%85$o! z`%i3SYyIbK3BTy}AJKksN?fjOS%3W2pP~s;Q5ta2C~etN1t>0IxiA~%KG6__Q%MJT zbOO=2mw_|_QOb_4?_kSQG9BC&%hLdkKy=guR<$sjV;zwO#ChN}y?z{RAs!8`;^0(a z?r2~g!&gu~Ev^bsGNS!fOuYyIYN;spxr&B)P|Id`d%50NW|cCI)ldQpNBjbrqEtp) z<>AFekA!}d&3K?D9#Trm02y5@9L6CZNUw=L|Cl~$KLeoXWX`mf3O-;pV3MqE64))t zJpl=-HLLN)vPId$?k&oxL_1{$&*uq3lFDL zIc=DQ5s`=|hEj+Z7o3Z6L91@#>W919wCNvs>s%$Js z-odl;+N?G^rOhi%jyUeFOcXj$08riLv!~B(Mx*{j!mMO;C{4Fe4`HA$kc7ev=@c|M z6N91hf}yB4mLvCbbc}R%2sM>nd2$+PO-|{>H<(EE%Fa{KE#6>|KCX;mU+8XHji}QL z6u7<`WnM5fF7EGQJFVgYT+wwt^rN=$18@2!Q&rirNP-sb>1oT(z|-tbUl0s5E_9N6{b{ zT|q(c%2-Bys-*+Fz1=f(LYZeMH8->9bnpuTpJC@EpNpp*Q zZ}PG=5sT<@PF`HWC6Nf%c{j4PWlT4oZz8WU=_c7|24(>oF%CmgJgRZ43 zB)}QoK=j~B1y!h&+ccbTan2V<&_<0jd7TacMAJtDK~3 zJT;W!1zII4b4_g(=TYl8978;01sWG^gN8jE6`Qsc0+ua@TOZM`Lh{3@1-=s8-c-5i zAUJJk_e2x-s zR>rvEcC;I0uDOKnYaSy3wc+k=n(SAtWe#-yct&=bZ-A=X#*)g7Y3!(qCT*u!5iZ=; zvF}=}p@BBgfT~v+IYVVIx$;uk6Mi&Rf7gdbhK`L;K-k9IEb*I)eQ5=nlO5h}_|+-I z#%n;=Z*}%@oHsFU-3{P;zmodU?3G1YX^5V@RD*3vO$`pJYoUKqxl}_3C%mz^4IXmQ zje`U%WLat&{?2Ms+2o@vw>Y0!VA<(uN+*>$$x=CX8ZT^K$l>49+4)m6W9Hsan2*<# z?9hhh3AYo>A58JpNqG%HXK7;wfJ1q(0crUxea`qczhOb1pBn07V-7TMc``;=tqJ0T{Q zG*vu$v|djxLDt#D-2F_P%??_n<2|6d0+tDMVm`aeXHRX|XjMs|q&0)9L3rhb0hM5x zz*^EqS8?1}ZNPA}`EUV5%j%zA%p}ksL(UbT5@D|ISTbQGr^#~Js1#M4#xiQA_0>Vr zm|Wl(fE`OZfrbG@ix;5VR7}vRnssD6w}%WA&4MfL2u`zbwI3r(_z(bVW)1q5grG-B zewP1D=BLx~llcWLu{f_m%xFJEiObH7bG)S{j;b`%?&WQ*S9J9V^Cc+~n}MbPNyRWJ zJ~Y=D!En(>&WN#0pq8yvBaEAvN}k^7ajj|X*e$(Q5|B%s)aLtHK;fWU^#rz$oYIG3 z^ul6-?)q5m$YJXUJe1kbC=S4cg~LfV2^3#`nT&ps70bBxj5kW&@v;<+khE^IR00`L zDGgZ7dc9JHehJ-z7Q@L=h1Kl_>WZlUt;;1J;J=E^JF83*aTjunAmC6tm|9GwliIxO z&?F?FyPlP|s-JUw4ulHb$9xmnmiyhk`Y(I%0d>ba`Z1xC3UsLrq)7`Kkz}{(%$3SW zTcuKEx9Qrb`bMgun{KI<2(1w3sGjdYR0JWG#y!xZAV1+qMXsFE#5mX+7g*o)hLfXs#aKZ?ND@BURl5 z;YbVdWIe2z*1Pw9;%+|`0h zeqId(=ee%6Z0xfxdW2R)k-Q9SnJ@7`NwGgzX4j<7Kru4TM%32laAQJ7acf3@@y z%&(%{oQTVV)C&fKCjb7soxJPBf#Mho=XexKwTC6*X*FT;sz*5G4lDhH+XLb?z5r8{ zdc?uA&f+}`w8}JCZezwhxPd~%tq$Fy^2NL#)dJmi9Pt8z%#@RukR-U*C)!|=g~Mjy zqsl-hO#ZmIv`{gHyK1djO)hD|0@tKB4pAuus{j6#%Pl6w0M? z>uLxRCtOL;CPk(zXDMNWj8d#FTuW%mKwhZm@?$6~id?CH<|BGgvxZwKap-8ZB6^At zV;L7)(C*d1^#)7$xio8}-$>&>>Bl-5gIhh{Jn0TQoFyjJTGt!IGL)PL$%MV$8bN7~ zxaz1~;%XU#^bslxqC_@mMnamXZbx&8D2XSrB804$?XrD3_eoPiAGc>}O385eEgc3E*&k$AaD0FG(jRyE8o(6+ zk`m}UfTChPKI?J4r+ROlsI>j=GNQDNzhiL;^I%w=C}F^~m*bD8P_zI&i(VK8h| zAuZv#uaL`JaFdhZ1-(%ww@|@0@|2*JE3tMeD-|(TSImmh&e&N-yUePm%0O|ifP%)& zIkX6^3a`XvSZ~k@P6f9-M2AND+!al26{^^>X!9|;s2SvkN!n)9W7t3FUbEZ4VO^P} zX{w7Fu3F1WPDMNo-sv@v0oqK^rLt@}2wY0^gN|lXO3uO=t)135k7;#PO+0lmwNb2a zmBF*@c;9{OptI<Y7M}x9GHX;j93!G_D1s&wMHt|4a2nRhTTlG1!wVBa7HWdgjBDGl1QCG|_`?t?t&kxCnP#^v6*_ycb|b@?k( zyb5{}uagy~32|`T4)**ZKgDvR$PKg93uuKi+!DRd*(ugCcL`kfbnO}I6N`G%Q!>+rl5<#II;zw)QVO(qj$5R;eFu65sGi&dh31Uh z9*quQ=cxgalR@-Z^hqIsN8>-b!RWPRgOh8Sw4JPp)@WMGt{FxVO-eQ> z4Whw|r3A}18!q$C3zDaF}U>%v*#XbMg`cpRZt2(OO$};ZHYo1P?MQ)*6D7GpskZtR;3y-8Npjj738Tr6Y<$w-Le_CgqpzQ( zjudfEAGIi6--d0wc0IKTWB`<_FtYnp%IA$h338%Wc^$|Je91?UXPHLT4 z{>k0BkP_^UeE|eSmG?SIh@Z6=^HzAXL3j(lrFm>}{=?|daLhUXVO044Z{7d)wuD~} z|Nj*h=1cGhd`ou$a1V-nI(sse$#y@gQJ1%d&zb%+Oe~akU4u_I@z~u*iwP0tBIEiQ0(tid9;)>jV^3 zl@!;g=W@8wIH}FeYl(PHORA5!5RSugYMT3d<+7)=40?SnW|G?UktBOGy9kjU(O6vA zKv^o2)8?n+360IoXHTNl=X5GJlU>XyXN5$3E~Q6(6E>A5`^_5XbGSdAM7(aDpleOS00K>P7Kr!?!{z; z6N%@%BylVQ=pi-SN9S>y6jKEerK+z%3{*X3Av|k;Ykl1^ku}Hm=R|HmqH<8^!XFwFj`xMsiLHCJNXku}nw1qm) zPb<&O3+;Mk>L4lf_ZO}wuBIw$rh9B;NC5?(x&cUd&K!s$lyTmUQ=O`5*=U9;7mGA0 zq$wJ-ViLMFv4sP~VA*W6PX3V!d%bR8e+HVHAVS~ooA}@a*gxe#OOzXiLkLVPUB<%` zDp?11)MH%aTZ)tg0>qhZA`Wrp=he%bwi-q0V~nJ%nv&@?-9}S&n2a-II>Hqgn8Bcf zkf;bKB+mExdgKaOS-d-g(p7WBtCC4sZ@2N|IqD>B8g0AI^){Y+Y lv(`+v!dBP{TVX3~g{`m^w!&7}3P0`e{{i^&C29cp0sso$f3N@m From 2c42df5ed2bd51d776562c29c199b4d527131026 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:36:31 +0200 Subject: [PATCH 035/113] login.h fixed --- login.h | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/login.h b/login.h index b3c8cc7..4531043 100644 --- a/login.h +++ b/login.h @@ -10,9 +10,20 @@ #pragma once // NOTE: does this work on our compiler (gcc) ? (back of my mind tells me only msvc supports this) /* This code conforms to the ISO C99 standard and makes heavy use of GNU extensions */ -#define _ISOC99_SOURCE #define _GNU_SOURCE + +#include +#include +#include +#include +#include +#include +#include +#include +#include + + #ifndef _GNU_SOURCE #warning "Using GNU EXTENSIONS highly improves security \ of this program, the other features are deprecated! \ @@ -65,7 +76,9 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons * arg2 is to where to write the string */ void build_sql_string(char* dest, const char* username); /* this function calculates a string which represents - * the hash of the user's password */ + * the hash of the user's password + * dest has to be min. gcry_md_get_algo_dlen(algo)*4 + */ void hash_func(int algo, void* digest, const void* value, size_t len); void gcrypt_init(void); #endif // _LOGIN_H_ From a4e75f73f6cecfeeccda42786b7930648b041f52 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:38:04 +0200 Subject: [PATCH 036/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 4531043..1a72c1e 100644 --- a/login.h +++ b/login.h @@ -77,7 +77,7 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons void build_sql_string(char* dest, const char* username); /* this function calculates a string which represents * the hash of the user's password - * dest has to be min. gcry_md_get_algo_dlen(algo)*4 + * dest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) */ void hash_func(int algo, void* digest, const void* value, size_t len); void gcrypt_init(void); From 94c7d243c64a8b8094e2dad5a6a6a73275f60b66 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:38:50 +0200 Subject: [PATCH 037/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 1a72c1e..962b371 100644 --- a/login.h +++ b/login.h @@ -1,6 +1,6 @@ /* C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 in 2011 + * written by oMeN23 aka David Schuster © 2011-2016 * If you think this is useful, use it! * copyleft, open and free! * file: login.h (headerfile) From ca050cdc90f271efe7a8e7d5142ef1e55b9c5a85 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:39:15 +0200 Subject: [PATCH 038/113] Update hashit.c --- hashit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hashit.c b/hashit.c index af93f6b..21240ee 100644 --- a/hashit.c +++ b/hashit.c @@ -1,6 +1,6 @@ /* C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 in 2011-2012 + * written by oMeN23 in 2011-2016 * If you think this is useful, use it! * copyleft, open and free! * file: hashit.c (hashing-utility) From ff4695a184bc8020a0ec626a18b83c4b367fa2fe Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:39:43 +0200 Subject: [PATCH 039/113] Update login.c --- login.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.c b/login.c index 27ba585..48c92f0 100644 --- a/login.c +++ b/login.c @@ -1,6 +1,6 @@ /* C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 aka David Schuster © 2011 - 2016 + * written by oMeN23 aka David Schuster © 2011-2016 * If you think this is useful, use it! * * file: login.c (main) */ From 7ee26c660147c66d039da7a67c6f2e76da110ad7 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:40:17 +0200 Subject: [PATCH 040/113] update --- login.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.c b/login.c index 48c92f0..fc3310a 100644 --- a/login.c +++ b/login.c @@ -1,7 +1,7 @@ /* C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt * written by oMeN23 aka David Schuster © 2011-2016 - * If you think this is useful, use it! * + * If you think this is useful, use it! * file: login.c (main) */ From f45ed05114b80c38d91904211be7355862794717 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:42:38 +0200 Subject: [PATCH 041/113] Update hash.c --- hash.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 555322c..efcd39d 100644 --- a/hash.c +++ b/hash.c @@ -18,7 +18,9 @@ void hash_func(int algo, void* digest, const void* value, size_t len) for (int i = 0; i < algolen; i++) { sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); stringconcat((char*)digest, (char*)helper); - } + } + gcry_free(helper); + gcry_free(byte_result); } From 5987ef230fbaf0517fb437c621e527ec30c6bd74 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 00:43:44 +0200 Subject: [PATCH 042/113] Update hash.c --- hash.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/hash.c b/hash.c index efcd39d..f9dd68a 100644 --- a/hash.c +++ b/hash.c @@ -6,7 +6,6 @@ #define _GNU_SOURCE #include "login.h" - void hash_func(int algo, void* digest, const void* value, size_t len) { size_t algolen = gcry_md_get_algo_dlen(algo); @@ -20,8 +19,7 @@ void hash_func(int algo, void* digest, const void* value, size_t len) stringconcat((char*)digest, (char*)helper); } gcry_free(helper); - gcry_free(byte_result); - + gcry_free(byte_result); } void gcrypt_init() From 11cd5638aaa97d891872b65e4a5af594800b9961 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 01:24:11 +0200 Subject: [PATCH 043/113] Update login.c --- login.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/login.c b/login.c index fc3310a..a2efb92 100644 --- a/login.c +++ b/login.c @@ -52,17 +52,17 @@ bool login(const char* username, /* username */ if (stringlength(username) > USERBUF - 6 || stringlength(password) > USERBUF - 6) { fprintf(stderr, "Username and/or password too long! Max. %d characters.\n", USERBUF - 6); fprintf(stderr, "Make a different choice, please.\n"); - abort(); + exit(1); } else if (stringlength(username) < 2 || stringlength(password) < 4) { fprintf(stderr, "Username min. 3 characters and password min. 4 characters.\n"); /* TODO ADJUST THIS IS FOR THE FINAL */ - abort(); + exit(1); } /* PREREQUESITES AND MEM ALLOC */ sqlite3* Db_object = NULL; char* errormsg; - // gcrypt_init(); /* initialize mem manager and stuff so lib doesnt complain */ + gcrypt_init(); /* initialize mem manager and stuff so lib doesnt complain */ login_data_t container = gcry_malloc_secure(sizeof *container); @@ -76,7 +76,7 @@ bool login(const char* username, /* username */ if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->password)) { fprintf(stderr, "Could not allocate in secure memory!\n"); - abort(); + exit(2); } strcpy(container->username, username); /* copy userdata in secure mem */ @@ -91,7 +91,7 @@ bool login(const char* username, /* username */ if (err != SQLITE_OK) { fprintf(stderr, "Database connection failed, something went wrong.\n"); - abort(); + exit(3); } #ifdef HASH /* call of the hashing function -> hash.c .. change to GCRY_MD_TIGER1 */ @@ -107,7 +107,7 @@ bool login(const char* username, /* username */ if (own_sql) { if (longstringlength(sql_statement) >= LARGEBUF) { /* FUNC MACRO USED */ fprintf(stderr, "SQL statement too long. Max. %d characters.\n", LARGEBUF); - abort(); + exit(4); } if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; @@ -120,7 +120,7 @@ bool login(const char* username, /* username */ }*/ if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); - abort(); + exit(5); } /* SQL OK copy it into our string - dest array should be clean so string isnt garbage */ memset((void*)sql, 0, sizeof sql); From 5acaf426a809b6e4e0b4f1edca0a6f58f5d27b8b Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 01:25:18 +0200 Subject: [PATCH 044/113] Update login.c --- login.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.c b/login.c index a2efb92..7beb6b3 100644 --- a/login.c +++ b/login.c @@ -211,7 +211,7 @@ int main(int argc, char* argv[]) { /* get user data - change this so it suits your needs - try to use secure storage */ - if (!argv[1] || !argv[2]) { printf("please supply two args\n"); abort(); } + if (!argv[1] || !argv[2]) { printf("please supply two args\n"); exit(-1); } char* user = argv[1]; char* pass = argv[2]; From a4398bd29304738d2b476e610add34e572634f17 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 14 Oct 2016 12:31:40 +0200 Subject: [PATCH 045/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 962b371..945959c 100644 --- a/login.h +++ b/login.h @@ -77,7 +77,7 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons void build_sql_string(char* dest, const char* username); /* this function calculates a string which represents * the hash of the user's password - * dest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) + * digest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) */ void hash_func(int algo, void* digest, const void* value, size_t len); void gcrypt_init(void); From 05d12e9ff1f5e9238c010cde7d7fe831cf775e5f Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 21:49:07 +0200 Subject: [PATCH 046/113] Update hash.c --- hash.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/hash.c b/hash.c index f9dd68a..83782f1 100644 --- a/hash.c +++ b/hash.c @@ -1,25 +1,23 @@ /* * new modular hash function for the sqlite3 interface - * by David Schuster © 2016 + * by David Schuster © 2016 * */ #define _GNU_SOURCE #include "login.h" -void hash_func(int algo, void* digest, const void* value, size_t len) + +void hash_func(int algo, char* digest, const void* value, size_t len) { size_t algolen = gcry_md_get_algo_dlen(algo); - char* helper = gcry_malloc_secure(16); char* byte_result = gcry_malloc_secure(algolen); gcry_md_hash_buffer(algo, byte_result, value, len); for (int i = 0; i < algolen; i++) { - sprintf((char*)helper, "%02x", (unsigned char)byte_result[i]); - stringconcat((char*)digest, (char*)helper); - } - gcry_free(helper); - gcry_free(byte_result); + sprintf(digest+(i*2), "%02x", (unsigned char)byte_result[i]); + } + } void gcrypt_init() From 99409c312a132c5a73b2d7ffd5115acf4a7ae655 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 21:51:58 +0200 Subject: [PATCH 047/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 945959c..5ff2067 100644 --- a/login.h +++ b/login.h @@ -79,6 +79,6 @@ void build_sql_string(char* dest, const char* username); * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) */ -void hash_func(int algo, void* digest, const void* value, size_t len); +void hash_func(int algo, char* digest, const void* value, size_t len); void gcrypt_init(void); #endif // _LOGIN_H_ From c73f1c74ec8f4bcb5773e3df0924ab7de23bda12 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 21:59:12 +0200 Subject: [PATCH 048/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 83782f1..3a153b9 100644 --- a/hash.c +++ b/hash.c @@ -15,7 +15,7 @@ void hash_func(int algo, char* digest, const void* value, size_t len) gcry_md_hash_buffer(algo, byte_result, value, len); for (int i = 0; i < algolen; i++) { - sprintf(digest+(i*2), "%02x", (unsigned char)byte_result[i]); + sprintf(digest+(i*2), "%02x", (unsigned char)byte_result[i]); // some pointer magic *dancing on the glass of undefined behavior* } } From c3213cfdbab4fcf1deb3e040749792823b58766c Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:09:35 +0200 Subject: [PATCH 049/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 3a153b9..e760526 100644 --- a/hash.c +++ b/hash.c @@ -7,7 +7,7 @@ #include "login.h" -void hash_func(int algo, char* digest, const void* value, size_t len) +void hash_func(int algo, char* digest, const char* value, size_t len) { size_t algolen = gcry_md_get_algo_dlen(algo); char* byte_result = gcry_malloc_secure(algolen); From 87840af9309632cfd023ec649c57409257dfc534 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:10:05 +0200 Subject: [PATCH 050/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 5ff2067..f499ec2 100644 --- a/login.h +++ b/login.h @@ -79,6 +79,6 @@ void build_sql_string(char* dest, const char* username); * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) */ -void hash_func(int algo, char* digest, const void* value, size_t len); +void hash_func(int algo, char* digest, const char* value, size_t len); void gcrypt_init(void); #endif // _LOGIN_H_ From 7dc3c16fd9783b7ff8c69ec7bf62426852a27104 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:11:47 +0200 Subject: [PATCH 051/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index f499ec2..5ff2067 100644 --- a/login.h +++ b/login.h @@ -79,6 +79,6 @@ void build_sql_string(char* dest, const char* username); * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) */ -void hash_func(int algo, char* digest, const char* value, size_t len); +void hash_func(int algo, char* digest, const void* value, size_t len); void gcrypt_init(void); #endif // _LOGIN_H_ From a857dda8582cd20630cd845f78f0133491f4e6c7 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:12:19 +0200 Subject: [PATCH 052/113] Update --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index e760526..3a153b9 100644 --- a/hash.c +++ b/hash.c @@ -7,7 +7,7 @@ #include "login.h" -void hash_func(int algo, char* digest, const char* value, size_t len) +void hash_func(int algo, char* digest, const void* value, size_t len) { size_t algolen = gcry_md_get_algo_dlen(algo); char* byte_result = gcry_malloc_secure(algolen); From b58d4585b220163c07313337d7658c3cf8af50de Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:29:48 +0200 Subject: [PATCH 053/113] Update ftm.c --- ftm.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ftm.c b/ftm.c index 61c8a26..b4aa866 100644 --- a/ftm.c +++ b/ftm.c @@ -1,10 +1,12 @@ -#include -#include -#include +/* + * feature testing software + */ +#define _GNU_SOURCE +#include "login.h" int -main(int argc, char *argv[]) +main(int argc, char* argv[]) { #ifdef _POSIX_SOURCE printf("_POSIX_SOURCE defined\n"); From 802e47af0d164eeb895128f4e5971cda88a234be Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:46:48 +0200 Subject: [PATCH 054/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 3a153b9..4f7bdf6 100644 --- a/hash.c +++ b/hash.c @@ -17,7 +17,7 @@ void hash_func(int algo, char* digest, const void* value, size_t len) for (int i = 0; i < algolen; i++) { sprintf(digest+(i*2), "%02x", (unsigned char)byte_result[i]); // some pointer magic *dancing on the glass of undefined behavior* } - + gcry_free(byte_result); } void gcrypt_init() From 34e836ba094a4603adda927ccf0c9da9bc5e7637 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:52:07 +0200 Subject: [PATCH 055/113] Update ftm.c --- ftm.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ftm.c b/ftm.c index b4aa866..16a2729 100644 --- a/ftm.c +++ b/ftm.c @@ -1,5 +1,14 @@ /* * feature testing software + * _POSIX_SOURCE defined + * _POSIX_C_SOURCE defined: 200809L + * _ISOC99_SOURCE defined + * _XOPEN_SOURCE defined: 700 + * _XOPEN_SOURCE_EXTENDED defined + * _LARGEFILE64_SOURCE defined + * _ATFILE_SOURCE defined + * _GNU_SOURCE defined + * _FORTIFY_SOURCE defined */ #define _GNU_SOURCE From c7aa1d27bf52cda03ad41dd7467e32669f5dcd17 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 22:58:06 +0200 Subject: [PATCH 056/113] Update ftm.c --- ftm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ftm.c b/ftm.c index 16a2729..16ec1dd 100644 --- a/ftm.c +++ b/ftm.c @@ -15,7 +15,7 @@ #include "login.h" int -main(int argc, char* argv[]) +main(int argc, char *argv[]) { #ifdef _POSIX_SOURCE printf("_POSIX_SOURCE defined\n"); @@ -68,9 +68,9 @@ main(int argc, char* argv[]) #ifdef _THREAD_SAFE printf("_THREAD_SAFE defined\n"); #endif + #ifdef _FORTIFY_SOURCE printf("_FORTIFY_SOURCE defined\n"); #endif - exit(EXIT_SUCCESS); } From 6761ef4f714961919fdf7e15170c142aad8eab40 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 23:02:25 +0200 Subject: [PATCH 057/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 4f7bdf6..26b1c28 100644 --- a/hash.c +++ b/hash.c @@ -1,6 +1,6 @@ /* * new modular hash function for the sqlite3 interface - * by David Schuster © 2016 * + * by David Schuster © 2016 */ #define _GNU_SOURCE From a17996fab59d5a8770493ec1f55e6ba7c9575818 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 23:04:43 +0200 Subject: [PATCH 058/113] Update hash.c --- hash.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/hash.c b/hash.c index 26b1c28..806c789 100644 --- a/hash.c +++ b/hash.c @@ -10,14 +10,14 @@ void hash_func(int algo, char* digest, const void* value, size_t len) { size_t algolen = gcry_md_get_algo_dlen(algo); - char* byte_result = gcry_malloc_secure(algolen); + char* rawResult = gcry_malloc_secure(algolen); - gcry_md_hash_buffer(algo, byte_result, value, len); + gcry_md_hash_buffer(algo, rawResult, value, len); for (int i = 0; i < algolen; i++) { - sprintf(digest+(i*2), "%02x", (unsigned char)byte_result[i]); // some pointer magic *dancing on the glass of undefined behavior* - } - gcry_free(byte_result); + sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); + } + gcry_free(rawResult); } void gcrypt_init() From 68473bc624f6109148291c5cefe91c783329cfc6 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 19 Oct 2016 23:11:14 +0200 Subject: [PATCH 059/113] Update hashit.c --- hashit.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/hashit.c b/hashit.c index 21240ee..3bb2356 100644 --- a/hashit.c +++ b/hashit.c @@ -16,7 +16,6 @@ int main(int argc, char** argv) printf("hashit v0.25 - %s", ctime(&thetime)); gcrypt_init(); int algo; - char buffer[1<<12]; start: printf("These are the available algorithms: \n\ @@ -48,17 +47,17 @@ int main(int argc, char** argv) goto start; } char* final = gcry_malloc_secure((gcry_md_get_algo_dlen(algo)*2)+1); - char* ptr = buffer; + char* ptr = gcry_malloc_secure(4096); printf("What value do you want to hash? "); - fgets(ptr, sizeof buffer, stdin); + fgets(ptr, 4096, stdin); ptr[ strlen(ptr) - 1 ] = '\0'; // remove '\n' of fgets hash_func(algo, final, ptr, strlen(ptr)); printf("%s\n", final); gcry_free(final); - final = NULL; + gcry_free(ptr); return 0; } From a14f067d9c0f8ae49184f93a0e064759653220aa Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 00:01:07 +0200 Subject: [PATCH 060/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 806c789..2ed8e0b 100644 --- a/hash.c +++ b/hash.c @@ -15,7 +15,7 @@ void hash_func(int algo, char* digest, const void* value, size_t len) gcry_md_hash_buffer(algo, rawResult, value, len); for (int i = 0; i < algolen; i++) { - sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); + sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); // pointer magic *dancing on broken glass of undefined behavior* } gcry_free(rawResult); } From f27391c4eb176765c6cff6f4b73c7b349afa86fb Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 16:32:10 +0200 Subject: [PATCH 061/113] Update login.c --- login.c | 66 +++++++++++++++++++++++++-------------------------------- 1 file changed, 29 insertions(+), 37 deletions(-) diff --git a/login.c b/login.c index 7beb6b3..d8272e8 100644 --- a/login.c +++ b/login.c @@ -1,7 +1,8 @@ /* C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 aka David Schuster © 2011-2016 - * If you think this is useful, use it! + * written by oMeN23 in 2011 + * If you think this is useful, use it! + * copyleft, open and free! * file: login.c (main) */ @@ -26,17 +27,18 @@ static int callback (void* logindata, /* sql_exec passes its forth argument in h * the callback wouldnt get called again for the next row */ for (int i = 0 ; i < numArgs; i++) { - if (/*Db_entries[i] != NULL &&*/ !strcmp(azColName[0], "username")) { + if (!strcmp(azColName[0], "username")) { if (!strcmp(Db_entries[0], userdata->username)) { isRegistered = true; /* username found in db (if check) -> search for matching pw */ } - } if (/*Db_entries[i] != NULL &&*/ !strcmp(azColName[1], "password")) { - if (isRegistered && !strcmp(Db_entries[1], userdata->hash)) { - isLoggedOn = true; - return 0; - } - } } + if (!strcmp(azColName[1], "password")) { + if (isRegistered && !strcmp(Db_entries[1], userdata->hash)) { + isLoggedOn = true; + return 0; + } + } + } return 0; } @@ -68,35 +70,37 @@ bool login(const char* username, /* username */ if (container == NULL) { fprintf(stderr, "Could not allocate memory!\n"); - abort(); + exit(-1); } - container->username = gcry_malloc_secure(USERBUF); - container->password = gcry_malloc_secure(USERBUF); + container->username = gcry_malloc_secure(USERBUF); container->hash = gcry_malloc_secure(USERBUF * 2); - if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->password)) { + if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->username)) { fprintf(stderr, "Could not allocate in secure memory!\n"); exit(2); } strcpy(container->username, username); /* copy userdata in secure mem */ - strcpy(container->password, password); + #ifndef HASH strcpy(container->hash, password); /* SO IF SOMEBODY TURNS OFF HASHING IT WILL STILL WORK */ #endif - memset((void*)password, 0, stringlength(password)); /* fill the parameter with zeroes - its not secure - then it is */ - + int err = sqlite3_open(DATABASE, /* const char *filename - Database filename (UTF-8), defined in the header MACRO USED */ &Db_object); /* sqlite3 **ppDb - OUT: SQLite db handle */ if (err != SQLITE_OK) { fprintf(stderr, "Database connection failed, something went wrong.\n"); exit(3); - } - + } + int x; + for (x = 0; password[x] != NULL ; x++) + ; + #ifdef HASH /* call of the hashing function -> hash.c .. change to GCRY_MD_TIGER1 */ - hash_func(GCRY_MD_TIGER, container->hash, container->password, strlen(container->password)); // TODO XXX change 6 with 306 see above for enum decl + hash_func(GCRY_MD_TIGER, container->hash, password, x); // TODO XXX change 6 with 306 see above for enum decl fprintf(stderr, "Trying to log in as \n'%s' \nwith hashed-pw \n'%s'\n", container->username, container->hash); + memset(password, 0, x); #else fprintf(stderr, "Trying to log in as '%s'\n", container->username); #endif @@ -112,12 +116,7 @@ bool login(const char* username, /* username */ if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - } - - /*if (sql_statement == NULL) { - * fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); - * abort(); not possible as for convenience, this is turned off if a null ptr is supplied - }*/ + } if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); exit(5); @@ -152,22 +151,15 @@ bool login(const char* username, /* username */ /* clean up the DB connection */ sqlite3_close(Db_object); - /* BUFFER FLUSH */ - memset(container->hash, 0, USERBUF * 2); - memset(container->password, 0, USERBUF); - memset(container->username, 0, USERBUF); - /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, - * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ + memset(container->hash, 0, USERBUF * 2); + memset(container->username, 0, USERBUF); + /* release the memory - no data left in RAM */ - gcry_free(container->hash); - gcry_free(container->password); + gcry_free(container->hash); gcry_free(container->username); gcry_free(container); - container->password = NULL; - container->hash = NULL; - container->username = NULL; - container = NULL; + memset(container, 0, sizeof *container); /* set ptrs null, username is the only variable left intact -> see above * the whole login_data_t container is now overwritten - also the passed password argument (around line 104) */ From f0dd795c223800b411cab2ed37d8f1db1b59da37 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 16:35:18 +0200 Subject: [PATCH 062/113] Update login.h --- login.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/login.h b/login.h index 5ff2067..f0998da 100644 --- a/login.h +++ b/login.h @@ -57,8 +57,7 @@ change login.h." /* user data definitions - mostly hidden - only in use in the interior of the login func */ typedef struct login_data { - char* username; - char* password; + char* username; char* hash; } *login_data_t; From ff35b90357a9ff2be733df8084d9ad0c42343ed7 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 16:35:43 +0200 Subject: [PATCH 063/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index f0998da..ce75e9c 100644 --- a/login.h +++ b/login.h @@ -29,7 +29,7 @@ of this program, the other features are deprecated! \ Tried to define GNU extensions, if this fails \ change login.h." -#endif // ifndef _GNU_SOURCE +#endif #define GCRYPT_NO_DEPRECATED // we dont want to use old library routines #define HASH /* IF THIS TOKEN IS UNDEF'D YOU HAVE A SQLITE INTERFACE PROGRAM WITHOUT HASHING CAPABILITIES (pass match is done plain-text - so dont undef this) */ From acb5d183527844249e61ee15f34636bef216772c Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 16:44:28 +0200 Subject: [PATCH 064/113] Update login.c --- login.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/login.c b/login.c index d8272e8..ebdc301 100644 --- a/login.c +++ b/login.c @@ -26,18 +26,15 @@ static int callback (void* logindata, /* sql_exec passes its forth argument in h * thats why we gotta return 0 if we have no match * the callback wouldnt get called again for the next row */ - for (int i = 0 ; i < numArgs; i++) { - if (!strcmp(azColName[0], "username")) { - if (!strcmp(Db_entries[0], userdata->username)) { - isRegistered = true; /* username found in db (if check) -> search for matching pw */ - } - } - if (!strcmp(azColName[1], "password")) { + for (int i = 0 ; i < numArgs; i++) { + if (!strcmp(Db_entries[0], userdata->username)) { + isRegistered = true; /* username found in db (if check) -> search for matching pw */ + if (isRegistered && !strcmp(Db_entries[1], userdata->hash)) { isLoggedOn = true; return 0; - } - } + } + } } return 0; } From 65430d0fb817dc2187194526a95836a3aa999475 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 16:45:25 +0200 Subject: [PATCH 065/113] Update login.c --- login.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.c b/login.c index ebdc301..70b92ff 100644 --- a/login.c +++ b/login.c @@ -26,7 +26,7 @@ static int callback (void* logindata, /* sql_exec passes its forth argument in h * thats why we gotta return 0 if we have no match * the callback wouldnt get called again for the next row */ - for (int i = 0 ; i < numArgs; i++) { + for (int i = 0; i < numArgs; i++) { if (!strcmp(Db_entries[0], userdata->username)) { isRegistered = true; /* username found in db (if check) -> search for matching pw */ From 1cae94d01f5a75738f744894a764065aaaf52944 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 20 Oct 2016 16:46:19 +0200 Subject: [PATCH 066/113] Update login.c --- login.c | 1 + 1 file changed, 1 insertion(+) diff --git a/login.c b/login.c index 70b92ff..fba817d 100644 --- a/login.c +++ b/login.c @@ -6,6 +6,7 @@ * file: login.c (main) */ +#define _GNU_SOURCE #include "login.h" /* does the user exist in the db */ From 7ce1f7f54ab7a8a110cb36964c79d5b11492a338 Mon Sep 17 00:00:00 2001 From: omen23 Date: Mon, 24 Oct 2016 21:53:15 +0200 Subject: [PATCH 067/113] Update login.c --- login.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/login.c b/login.c index fba817d..87f74a2 100644 --- a/login.c +++ b/login.c @@ -1,4 +1,5 @@ -/* C to sqlite DB interface (for logins) +/* + * C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt * written by oMeN23 in 2011 * If you think this is useful, use it! @@ -68,7 +69,7 @@ bool login(const char* username, /* username */ if (container == NULL) { fprintf(stderr, "Could not allocate memory!\n"); - exit(-1); + abort(); } container->username = gcry_malloc_secure(USERBUF); container->hash = gcry_malloc_secure(USERBUF * 2); @@ -91,14 +92,11 @@ bool login(const char* username, /* username */ fprintf(stderr, "Database connection failed, something went wrong.\n"); exit(3); } - int x; - for (x = 0; password[x] != NULL ; x++) - ; - + #ifdef HASH /* call of the hashing function -> hash.c .. change to GCRY_MD_TIGER1 */ - hash_func(GCRY_MD_TIGER, container->hash, password, x); // TODO XXX change 6 with 306 see above for enum decl + hash_func(GCRY_MD_TIGER, container->hash, password, stringlength(password)); // TODO XXX change 6 with 306 see above for enum decl fprintf(stderr, "Trying to log in as \n'%s' \nwith hashed-pw \n'%s'\n", container->username, container->hash); - memset(password, 0, x); + memset(password, 0, stringlength(password)); #else fprintf(stderr, "Trying to log in as '%s'\n", container->username); #endif @@ -114,7 +112,12 @@ bool login(const char* username, /* username */ if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - } + } + + /*if (sql_statement == NULL) { + * fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); + * abort(); not possible as for convenience, this is turned off if a null ptr is supplied + }*/ if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); exit(5); @@ -152,7 +155,9 @@ bool login(const char* username, /* username */ memset(container->hash, 0, USERBUF * 2); memset(container->username, 0, USERBUF); - + /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, + * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ + /* release the memory - no data left in RAM */ gcry_free(container->hash); gcry_free(container->username); From 674e65a6598d5638ec62cca4f067092cbf04148a Mon Sep 17 00:00:00 2001 From: omen23 Date: Mon, 24 Oct 2016 21:56:43 +0200 Subject: [PATCH 068/113] Update login.c --- login.c | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/login.c b/login.c index 87f74a2..253fc9a 100644 --- a/login.c +++ b/login.c @@ -1,7 +1,7 @@ /* * C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 in 2011 + * written by oMeN23 in 2012-2016 © * If you think this is useful, use it! * copyleft, open and free! * file: login.c (main) @@ -112,12 +112,8 @@ bool login(const char* username, /* username */ if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - } - - /*if (sql_statement == NULL) { - * fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); - * abort(); not possible as for convenience, this is turned off if a null ptr is supplied - }*/ + } + if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); exit(5); @@ -143,21 +139,15 @@ bool login(const char* username, /* username */ &errormsg); /* Error msg written here */ - if (err != SQLITE_OK) { - // ^^ er == 4 ? callback returned 1 (or any nonzero value) - // fprintf(stderr, "SQL notice: callback requested query abort because a match was found.\n"); old logic part + if (err != SQLITE_OK) { fprintf(stderr, "SQL error: %s\n", errormsg ); // sqlite3_errmsg(Db_object) sqlite3_free(errormsg); } /* clean up the DB connection */ sqlite3_close(Db_object); - - + memset(container->hash, 0, USERBUF * 2); - memset(container->username, 0, USERBUF); - /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, - * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ - + memset(container->username, 0, USERBUF); /* release the memory - no data left in RAM */ gcry_free(container->hash); gcry_free(container->username); @@ -224,8 +214,6 @@ int main(int argc, char* argv[]) else { /* log-in didnt succeed, handle it how you like ... (call main again whatever) */ - return 1; - + return 1; } } - From db9bcf9d4a4927eb3f7261018be33bbe125231f6 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 27 Oct 2016 16:11:52 +0200 Subject: [PATCH 069/113] Update login.c --- login.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/login.c b/login.c index 253fc9a..869ac3d 100644 --- a/login.c +++ b/login.c @@ -1,7 +1,7 @@ /* * C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 in 2012-2016 © + * written by oMeN23 © in 2011-2016 * If you think this is useful, use it! * copyleft, open and free! * file: login.c (main) @@ -29,10 +29,10 @@ static int callback (void* logindata, /* sql_exec passes its forth argument in h * the callback wouldnt get called again for the next row */ for (int i = 0; i < numArgs; i++) { - if (!strcmp(Db_entries[0], userdata->username)) { + if (!stringcompare(Db_entries[0], userdata->username)) { isRegistered = true; /* username found in db (if check) -> search for matching pw */ - if (isRegistered && !strcmp(Db_entries[1], userdata->hash)) { + if (isRegistered && !stringcompare(Db_entries[1], userdata->hash)) { isLoggedOn = true; return 0; } @@ -112,8 +112,12 @@ bool login(const char* username, /* username */ if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - } - + } + + /*if (sql_statement == NULL) { + * fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); + * abort(); not possible as for convenience, this is turned off if a null ptr is supplied + }*/ if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); exit(5); @@ -139,15 +143,21 @@ bool login(const char* username, /* username */ &errormsg); /* Error msg written here */ - if (err != SQLITE_OK) { + if (err != SQLITE_OK) { + // ^^ er == 4 ? callback returned 1 (or any nonzero value) + // fprintf(stderr, "SQL notice: callback requested query abort because a match was found.\n"); old logic part fprintf(stderr, "SQL error: %s\n", errormsg ); // sqlite3_errmsg(Db_object) sqlite3_free(errormsg); } /* clean up the DB connection */ sqlite3_close(Db_object); - + + memset(container->hash, 0, USERBUF * 2); - memset(container->username, 0, USERBUF); + memset(container->username, 0, USERBUF); + /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, + * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ + /* release the memory - no data left in RAM */ gcry_free(container->hash); gcry_free(container->username); @@ -214,6 +224,8 @@ int main(int argc, char* argv[]) else { /* log-in didnt succeed, handle it how you like ... (call main again whatever) */ - return 1; + return 1; + } } + From 7e3ea2dcd78267295f89d26d475fdcb27b8ee92a Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 27 Oct 2016 16:12:48 +0200 Subject: [PATCH 070/113] Update login.h --- login.h | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/login.h b/login.h index ce75e9c..70c936a 100644 --- a/login.h +++ b/login.h @@ -1,6 +1,7 @@ -/* C to sqlite DB interface (for logins) +/* + * C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 aka David Schuster © 2011-2016 + * written by oMeN23 in 2011 * If you think this is useful, use it! * copyleft, open and free! * file: login.h (headerfile) @@ -29,7 +30,7 @@ of this program, the other features are deprecated! \ Tried to define GNU extensions, if this fails \ change login.h." -#endif +#endif // ifndef _GNU_SOURCE #define GCRYPT_NO_DEPRECATED // we dont want to use old library routines #define HASH /* IF THIS TOKEN IS UNDEF'D YOU HAVE A SQLITE INTERFACE PROGRAM WITHOUT HASHING CAPABILITIES (pass match is done plain-text - so dont undef this) */ @@ -40,11 +41,13 @@ change login.h." size_t strnlen(const char* string, size_t maxlen); #define stringlength(x) strnlen(x, USERBUF) #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #elif _BSD_SOURCE #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define longstringlength(x) strlen(x) #define stringlength(x) strlen(x) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ #define longstringlength(x) strlen(x) #define stringlength(x) strlen(x) @@ -76,7 +79,7 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons void build_sql_string(char* dest, const char* username); /* this function calculates a string which represents * the hash of the user's password - * digest has to be min. gcry_md_get_algo_dlen(algo)*2 (+1) + * digest has to be min. gcry_md_get_algo_dlen(algo)*2 */ void hash_func(int algo, char* digest, const void* value, size_t len); void gcrypt_init(void); From 06971efa6ddc4660c38960968cb770dbc9f34254 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 27 Oct 2016 18:55:49 +0200 Subject: [PATCH 071/113] Update login.h --- login.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/login.h b/login.h index 70c936a..30dc443 100644 --- a/login.h +++ b/login.h @@ -39,19 +39,20 @@ change login.h." /* multi-platform string routines */ #if defined _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) + #define stringlength(x) strnlen(x, USERBUF) #define longstringlength(x) strnlen(x, LARGEBUF + 40) #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #elif _BSD_SOURCE #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) + #define stringlength(x) strlen(x) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringconcat(s1, s2) strcat(s1, s2) + #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strcat(s1, s2) +#define stringcompare(s1, s2) strcmp(s1, s2) #endif /* buffers */ From 98485cd92e9aae4a9d35c5711f50187d45a42401 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 09:49:37 +0200 Subject: [PATCH 072/113] Update login.h --- login.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/login.h b/login.h index 30dc443..a22376e 100644 --- a/login.h +++ b/login.h @@ -39,20 +39,20 @@ change login.h." /* multi-platform string routines */ #if defined _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringlength(x) strnlen(x, USERBUF) + #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #elif _BSD_SOURCE - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringconcat(s1, s2) strcat(s1, s2) -#define stringcompare(s1, s2) strcmp(s1, s2) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strcat(s1, s2) + #define stringcompare(s1, s2) strcmp(s1, s2) #endif /* buffers */ From f4c73c905c6b70345f993c84fb5382601b07eade Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 09:52:07 +0200 Subject: [PATCH 073/113] Update login.h --- login.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/login.h b/login.h index a22376e..676f47b 100644 --- a/login.h +++ b/login.h @@ -39,10 +39,10 @@ change login.h." /* multi-platform string routines */ #if defined _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) + #define stringlength(x) strnlen(x, USERBUF) + #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #elif _BSD_SOURCE #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define longstringlength(x) strlen(x) From c925a2a83fad987bb1bbf51d986808ebde40765c Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 09:53:32 +0200 Subject: [PATCH 074/113] Update login.h --- login.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/login.h b/login.h index 676f47b..1cfd96c 100644 --- a/login.h +++ b/login.h @@ -39,19 +39,19 @@ change login.h." /* multi-platform string routines */ #if defined _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) + #define stringlength(x) strnlen(x, USERBUF) + #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #elif _BSD_SOURCE - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringconcat(s1, s2) strcat(s1, s2) + #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strcat(s1, s2) #define stringcompare(s1, s2) strcmp(s1, s2) #endif From 11449462622864e020810073f477a34caa8be756 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:36:21 +0200 Subject: [PATCH 075/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 1cfd96c..4cd65b7 100644 --- a/login.h +++ b/login.h @@ -34,7 +34,7 @@ change login.h." #define GCRYPT_NO_DEPRECATED // we dont want to use old library routines #define HASH /* IF THIS TOKEN IS UNDEF'D YOU HAVE A SQLITE INTERFACE PROGRAM WITHOUT HASHING CAPABILITIES (pass match is done plain-text - so dont undef this) */ -#define DATABASE "ex1.db" /* path to a sqlite3 database - specify full db path if db is not in binary's folder or launch binary from db's folder */ +#define DATABASE "ex1.sql" /* path to a sqlite3 database - specify full db path if db is not in binary's folder or launch binary from db's folder */ /* multi-platform string routines */ #if defined _GNU_SOURCE From d906ab149d5cc0e6a440481d1c0aef57dfd2de98 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:37:27 +0200 Subject: [PATCH 076/113] Delete ex1.db --- ex1.db | Bin 3072 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 ex1.db diff --git a/ex1.db b/ex1.db deleted file mode 100644 index 2c12f2f12d96b1a826d1e2cb27c48b0957a8c65a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeHI%}x|S5boI`%1@RHZYBf{BZ%$>Os1!MdU|gn*&8N`c<^9M|5OJev%t(Q1a4e- z7v4Z0!AI~7yqf6Uo(%+cFP_a#r>pW+^-ra~&X<1wZufA2kvlGOHHa9QAwfW1MG+xn z)f;%b8*?56cfkaHkRF4p3_jIGu|&A@-iz}v>7aC0;GI8gcs%hMw- zpwA_q4zX`0L)h8tZSVJ@{q5Jgy=Y=@yRUNG@+UiFj?PqJ4ph-jcn4n0l;9TpjN;Bq^ zizP+OXcxueGYFThIy|#_l@^R8 From ce5b7c7cf416d2f0011f5bd1fbee2a170f1e7559 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:38:55 +0200 Subject: [PATCH 077/113] Add files via upload --- ex1.sql | Bin 0 -> 3072 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 ex1.sql diff --git a/ex1.sql b/ex1.sql new file mode 100644 index 0000000000000000000000000000000000000000..2c12f2f12d96b1a826d1e2cb27c48b0957a8c65a GIT binary patch literal 3072 zcmeHI%}x|S5boI`%1@RHZYBf{BZ%$>Os1!MdU|gn*&8N`c<^9M|5OJev%t(Q1a4e- z7v4Z0!AI~7yqf6Uo(%+cFP_a#r>pW+^-ra~&X<1wZufA2kvlGOHHa9QAwfW1MG+xn z)f;%b8*?56cfkaHkRF4p3_jIGu|&A@-iz}v>7aC0;GI8gcs%hMw- zpwA_q4zX`0L)h8tZSVJ@{q5Jgy=Y=@yRUNG@+UiFj?PqJ4ph-jcn4n0l;9TpjN;Bq^ zizP+OXcxueGYFThIy|#_l@^R8 literal 0 HcmV?d00001 From e6334b3e9961ff2b9c6c91b444e82431ed01610c Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:39:20 +0200 Subject: [PATCH 078/113] Delete ex1.db --- build/debug/ex1.db | Bin 3072 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 build/debug/ex1.db diff --git a/build/debug/ex1.db b/build/debug/ex1.db deleted file mode 100644 index 2c12f2f12d96b1a826d1e2cb27c48b0957a8c65a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeHI%}x|S5boI`%1@RHZYBf{BZ%$>Os1!MdU|gn*&8N`c<^9M|5OJev%t(Q1a4e- z7v4Z0!AI~7yqf6Uo(%+cFP_a#r>pW+^-ra~&X<1wZufA2kvlGOHHa9QAwfW1MG+xn z)f;%b8*?56cfkaHkRF4p3_jIGu|&A@-iz}v>7aC0;GI8gcs%hMw- zpwA_q4zX`0L)h8tZSVJ@{q5Jgy=Y=@yRUNG@+UiFj?PqJ4ph-jcn4n0l;9TpjN;Bq^ zizP+OXcxueGYFThIy|#_l@^R8 From 3494652407ec8ebbef6e9e079595a9523f139c56 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:40:01 +0200 Subject: [PATCH 079/113] Create test --- build/debug/test | 1 + 1 file changed, 1 insertion(+) create mode 100644 build/debug/test diff --git a/build/debug/test b/build/debug/test new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/build/debug/test @@ -0,0 +1 @@ + From dbbbc91de2a8f321763fef1f791d137e31dd244d Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:40:14 +0200 Subject: [PATCH 080/113] Add files via upload --- build/debug/ex1.sql | Bin 0 -> 3072 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 build/debug/ex1.sql diff --git a/build/debug/ex1.sql b/build/debug/ex1.sql new file mode 100644 index 0000000000000000000000000000000000000000..2c12f2f12d96b1a826d1e2cb27c48b0957a8c65a GIT binary patch literal 3072 zcmeHI%}x|S5boI`%1@RHZYBf{BZ%$>Os1!MdU|gn*&8N`c<^9M|5OJev%t(Q1a4e- z7v4Z0!AI~7yqf6Uo(%+cFP_a#r>pW+^-ra~&X<1wZufA2kvlGOHHa9QAwfW1MG+xn z)f;%b8*?56cfkaHkRF4p3_jIGu|&A@-iz}v>7aC0;GI8gcs%hMw- zpwA_q4zX`0L)h8tZSVJ@{q5Jgy=Y=@yRUNG@+UiFj?PqJ4ph-jcn4n0l;9TpjN;Bq^ zizP+OXcxueGYFThIy|#_l@^R8 literal 0 HcmV?d00001 From 7043d94e8e5f8a61f2315c64645f471eef56e81e Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:40:35 +0200 Subject: [PATCH 081/113] Delete test --- build/debug/test | 1 - 1 file changed, 1 deletion(-) delete mode 100644 build/debug/test diff --git a/build/debug/test b/build/debug/test deleted file mode 100644 index 8b13789..0000000 --- a/build/debug/test +++ /dev/null @@ -1 +0,0 @@ - From d01befb31886a93d5310bfaeebc69b677928730c Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 11:46:20 +0200 Subject: [PATCH 082/113] Update hash.c --- hash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hash.c b/hash.c index 2ed8e0b..5ad6d90 100644 --- a/hash.c +++ b/hash.c @@ -14,8 +14,8 @@ void hash_func(int algo, char* digest, const void* value, size_t len) gcry_md_hash_buffer(algo, rawResult, value, len); - for (int i = 0; i < algolen; i++) { - sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); // pointer magic *dancing on broken glass of undefined behavior* + for (int i = 0; i < algolen; i++) { + sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); // pointer magic *dancing on broken glass of undefined behavior* } gcry_free(rawResult); } From cc276e09872516c6be278ffc9ec8eeecaf34f20a Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 12:06:26 +0200 Subject: [PATCH 083/113] Update hash.c --- hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash.c b/hash.c index 5ad6d90..623a34b 100644 --- a/hash.c +++ b/hash.c @@ -9,7 +9,7 @@ void hash_func(int algo, char* digest, const void* value, size_t len) { - size_t algolen = gcry_md_get_algo_dlen(algo); + size_t algolen = gcry_md_get_algo_dlen(algo); char* rawResult = gcry_malloc_secure(algolen); gcry_md_hash_buffer(algo, rawResult, value, len); From e3fd24cbfe8ec26168c2419b97c96cec12491fb8 Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 12:08:47 +0200 Subject: [PATCH 084/113] Update login.h --- login.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/login.h b/login.h index 4cd65b7..2520d8b 100644 --- a/login.h +++ b/login.h @@ -6,8 +6,7 @@ * copyleft, open and free! * file: login.h (headerfile) */ -#ifndef _LOGIN_H_ -#define _LOGIN_H_ + #pragma once // NOTE: does this work on our compiler (gcc) ? (back of my mind tells me only msvc supports this) /* This code conforms to the ISO C99 standard and makes heavy use of GNU extensions */ @@ -84,4 +83,4 @@ void build_sql_string(char* dest, const char* username); */ void hash_func(int algo, char* digest, const void* value, size_t len); void gcrypt_init(void); -#endif // _LOGIN_H_ + From 8e5899e5cd4c63f9a340cf6d7a54638285693c5c Mon Sep 17 00:00:00 2001 From: omen23 Date: Fri, 28 Oct 2016 12:32:34 +0200 Subject: [PATCH 085/113] Update hashit.c --- hashit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hashit.c b/hashit.c index 3bb2356..5511ee1 100644 --- a/hashit.c +++ b/hashit.c @@ -9,7 +9,7 @@ #define _GNU_SOURCE #include "login.h" -int main(int argc, char** argv) +int main(int argc, char* argv[]) { time_t thetime = time(NULL); From bcae61bfb6f05edd9201e4f0ec9d28e83c1bc2e8 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:23:22 +0100 Subject: [PATCH 086/113] Update login.h --- login.h | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/login.h b/login.h index 2520d8b..f9d3bb7 100644 --- a/login.h +++ b/login.h @@ -1,7 +1,7 @@ /* * C to sqlite DB interface (for logins) * with hashing mechanisms using gcrypt - * written by oMeN23 in 2011 + * written by oMeN23 in 2011-2016 © * If you think this is useful, use it! * copyleft, open and free! * file: login.h (headerfile) @@ -12,7 +12,6 @@ /* This code conforms to the ISO C99 standard and makes heavy use of GNU extensions */ #define _GNU_SOURCE - #include #include #include @@ -36,27 +35,30 @@ change login.h." #define DATABASE "ex1.sql" /* path to a sqlite3 database - specify full db path if db is not in binary's folder or launch binary from db's folder */ /* multi-platform string routines */ -#if defined _GNU_SOURCE +#ifdef _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) + #define stringlength(x) strnlen(x, USERBUF) + #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) +#define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) #elif _BSD_SOURCE - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF*2) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) + #define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringconcat(s1, s2) strcat(s1, s2) - #define stringcompare(s1, s2) strcmp(s1, s2) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strcat(s1, s2) + #define stringcompare(s1, s2) strcmp(s1, s2) +#define stringcopy(s1, s2) strcpy(s1, s2) #endif /* buffers */ -#define LARGEBUF (1 << 12) // 4096 -#define USERBUF (1 << 8) // 256 +#define LARGEBUF (1 << 12) +#define USERBUF (1 << 8) /* user data definitions - mostly hidden - only in use in the interior of the login func */ typedef struct login_data { From 3105a600cc631084534de1a4918881a4b11b6006 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:25:13 +0100 Subject: [PATCH 087/113] Update login.h --- login.h | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/login.h b/login.h index f9d3bb7..d6071d3 100644 --- a/login.h +++ b/login.h @@ -37,23 +37,23 @@ change login.h." /* multi-platform string routines */ #ifdef _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) -#define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) + #define stringlength(x) strnlen(x, USERBUF) + #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) + #define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) #elif _BSD_SOURCE - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) + #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) #define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringconcat(s1, s2) strcat(s1, s2) - #define stringcompare(s1, s2) strcmp(s1, s2) -#define stringcopy(s1, s2) strcpy(s1, s2) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strcat(s1, s2) + #define stringcompare(s1, s2) strcmp(s1, s2) + #define stringcopy(s1, s2) strcpy(s1, s2) #endif /* buffers */ From 56fbc8152562a22b85a69197eda4ac0699a0ca40 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:26:02 +0100 Subject: [PATCH 088/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index d6071d3..a634df6 100644 --- a/login.h +++ b/login.h @@ -28,7 +28,7 @@ of this program, the other features are deprecated! \ Tried to define GNU extensions, if this fails \ change login.h." -#endif // ifndef _GNU_SOURCE +#endif /* !_GNU_SOURCE */ #define GCRYPT_NO_DEPRECATED // we dont want to use old library routines #define HASH /* IF THIS TOKEN IS UNDEF'D YOU HAVE A SQLITE INTERFACE PROGRAM WITHOUT HASHING CAPABILITIES (pass match is done plain-text - so dont undef this) */ From deb171fae0d46fac72248a8845c6ecddd1aea1c8 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:29:36 +0100 Subject: [PATCH 089/113] Update login.h --- login.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/login.h b/login.h index a634df6..6ec809e 100644 --- a/login.h +++ b/login.h @@ -37,21 +37,21 @@ change login.h." /* multi-platform string routines */ #ifdef _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); - #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define stringlength(x) strnlen(x, USERBUF) + #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) #define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) #elif _BSD_SOURCE - #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) #define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) #else /* !_GNU_SOURCE && !_BSD_SOURCE */ - #define longstringlength(x) strlen(x) - #define stringlength(x) strlen(x) - #define stringconcat(s1, s2) strcat(s1, s2) + #define longstringlength(x) strlen(x) + #define stringlength(x) strlen(x) + #define stringconcat(s1, s2) strcat(s1, s2) #define stringcompare(s1, s2) strcmp(s1, s2) #define stringcopy(s1, s2) strcpy(s1, s2) #endif From 0c28ec0234463ca9c79f947bed7818e86a1ef961 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:30:36 +0100 Subject: [PATCH 090/113] Update login.c --- login.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.c b/login.c index 869ac3d..416cd91 100644 --- a/login.c +++ b/login.c @@ -72,7 +72,7 @@ bool login(const char* username, /* username */ abort(); } container->username = gcry_malloc_secure(USERBUF); - container->hash = gcry_malloc_secure(USERBUF * 2); + container->hash = gcry_malloc_secure(USERBUF); if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->username)) { fprintf(stderr, "Could not allocate in secure memory!\n"); From 138ff15c0c59a77387888a40b1c8e81a17e83f59 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:31:38 +0100 Subject: [PATCH 091/113] Update login.h --- login.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/login.h b/login.h index 6ec809e..78e01ab 100644 --- a/login.h +++ b/login.h @@ -22,7 +22,6 @@ #include #include - #ifndef _GNU_SOURCE #warning "Using GNU EXTENSIONS highly improves security \ of this program, the other features are deprecated! \ @@ -58,7 +57,7 @@ change login.h." /* buffers */ #define LARGEBUF (1 << 12) -#define USERBUF (1 << 8) +#define USERBUF (1 << 9) /* user data definitions - mostly hidden - only in use in the interior of the login func */ typedef struct login_data { From 25e9560d2eecc41e1cf82b8e555ab762ba68f309 Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:35:46 +0100 Subject: [PATCH 092/113] Update login.c --- login.c | 30 ++++++++++-------------------- 1 file changed, 10 insertions(+), 20 deletions(-) diff --git a/login.c b/login.c index 416cd91..437aea1 100644 --- a/login.c +++ b/login.c @@ -79,10 +79,10 @@ bool login(const char* username, /* username */ exit(2); } - strcpy(container->username, username); /* copy userdata in secure mem */ + stringcopy(container->username, username); /* copy userdata in secure mem */ #ifndef HASH - strcpy(container->hash, password); /* SO IF SOMEBODY TURNS OFF HASHING IT WILL STILL WORK */ + stringcopy(container->hash, password); /* SO IF SOMEBODY TURNS OFF HASHING IT WILL STILL WORK */ #endif int err = sqlite3_open(DATABASE, /* const char *filename - Database filename (UTF-8), defined in the header MACRO USED */ @@ -113,11 +113,7 @@ bool login(const char* username, /* username */ own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); } - - /*if (sql_statement == NULL) { - * fprintf(stderr, "Cannot pass NULL Pointer as SQL statement!\n"); - * abort(); not possible as for convenience, this is turned off if a null ptr is supplied - }*/ + if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); exit(5); @@ -143,21 +139,16 @@ bool login(const char* username, /* username */ &errormsg); /* Error msg written here */ - if (err != SQLITE_OK) { - // ^^ er == 4 ? callback returned 1 (or any nonzero value) - // fprintf(stderr, "SQL notice: callback requested query abort because a match was found.\n"); old logic part - fprintf(stderr, "SQL error: %s\n", errormsg ); // sqlite3_errmsg(Db_object) + if (err != SQLITE_OK) { + fprintf(stderr, "SQL error: %s\n", errormsg); /* sqlite3_errmsg(Db_object) */ sqlite3_free(errormsg); } /* clean up the DB connection */ - sqlite3_close(Db_object); - + sqlite3_close(Db_object); - memset(container->hash, 0, USERBUF * 2); + memset(container->hash, 0, USERBUF); memset(container->username, 0, USERBUF); - /* fprintf(stderr, "VAR TEST usr1: %s %s %s %s %s\n", username, password, container->username, - * container->password, container->hash); // MEM TEST FUNC to see if mem was overwritten */ - + /* release the memory - no data left in RAM */ gcry_free(container->hash); gcry_free(container->username); @@ -191,12 +182,11 @@ bool login(const char* username, /* username */ */ void build_sql_string(char* dest, const char* username) { - char sql_string[LARGEBUF] = ""; - strcpy(sql_string, "select * from users where username = '"); /* users is the name of the SQL table */ + char sql_string[LARGEBUF] = "select * from users where username = '"; /* users is the name of the SQL table */ stringconcat(sql_string, username); /* FUNC MACRO USED */ stringconcat(sql_string, "';"); memset(dest, 0, LARGEBUF-1); /* clear mem where sql string is to be written - so theres no garbage */ - strcpy(dest, sql_string); + stringcopy(dest, sql_string); } /* Example main ... this is intented to be a "library" - only a glue code From 07c6fa828fc26d53f0c2f4de0a1040b3af4f1bac Mon Sep 17 00:00:00 2001 From: omen23 Date: Sun, 30 Oct 2016 09:37:45 +0100 Subject: [PATCH 093/113] Update login.c --- login.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/login.c b/login.c index 437aea1..48115a5 100644 --- a/login.c +++ b/login.c @@ -77,10 +77,8 @@ bool login(const char* username, /* username */ if (!gcry_is_secure(container->hash) || !gcry_is_secure(container) || !gcry_is_secure(container->username)) { fprintf(stderr, "Could not allocate in secure memory!\n"); exit(2); - } - + } stringcopy(container->username, username); /* copy userdata in secure mem */ - #ifndef HASH stringcopy(container->hash, password); /* SO IF SOMEBODY TURNS OFF HASHING IT WILL STILL WORK */ #endif @@ -120,7 +118,7 @@ bool login(const char* username, /* username */ } /* SQL OK copy it into our string - dest array should be clean so string isnt garbage */ memset((void*)sql, 0, sizeof sql); - strcpy(sql, sql_statement); + stringcopy(sql, sql_statement); } else /* use default sql string builder mechanism (fast and convenient and safe) 1 call per login/username */ build_sql_string(sql, container->username); From b37f05294afe7ccb98377ff862a4b06e46f72f36 Mon Sep 17 00:00:00 2001 From: omen23 Date: Mon, 7 Nov 2016 18:08:16 +0100 Subject: [PATCH 094/113] Update login.c --- login.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/login.c b/login.c index 48115a5..69d0cad 100644 --- a/login.c +++ b/login.c @@ -180,10 +180,10 @@ bool login(const char* username, /* username */ */ void build_sql_string(char* dest, const char* username) { - char sql_string[LARGEBUF] = "select * from users where username = '"; /* users is the name of the SQL table */ + char sql_string[USERBUF] = "select * from users where username = '"; /* users is the name of the SQL table */ stringconcat(sql_string, username); /* FUNC MACRO USED */ stringconcat(sql_string, "';"); - memset(dest, 0, LARGEBUF-1); /* clear mem where sql string is to be written - so theres no garbage */ + memset(dest, 0, USERBUF-1); /* clear mem where sql string is to be written - so theres no garbage */ stringcopy(dest, sql_string); } From ec2ca8cdbd66ebffdb7c5787d04142d0cbb3caa0 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 9 Nov 2016 00:36:32 +0100 Subject: [PATCH 095/113] Update login.c --- login.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/login.c b/login.c index 69d0cad..ce7515c 100644 --- a/login.c +++ b/login.c @@ -178,13 +178,9 @@ bool login(const char* username, /* username */ * arg2 is to where to write the string * already in auto use of the login function if third param is false (of the login func) */ -void build_sql_string(char* dest, const char* username) +inline void build_sql_string(char* dest, const char* username) { - char sql_string[USERBUF] = "select * from users where username = '"; /* users is the name of the SQL table */ - stringconcat(sql_string, username); /* FUNC MACRO USED */ - stringconcat(sql_string, "';"); - memset(dest, 0, USERBUF-1); /* clear mem where sql string is to be written - so theres no garbage */ - stringcopy(dest, sql_string); + sprintf(dest, "select * from users where username = '%s';", username); } /* Example main ... this is intented to be a "library" - only a glue code From eb93ce6c64f9b929b29ad77ef3b802858c7c6c17 Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 9 Nov 2016 00:41:34 +0100 Subject: [PATCH 096/113] Update login.c --- login.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/login.c b/login.c index ce7515c..c71cda1 100644 --- a/login.c +++ b/login.c @@ -98,9 +98,8 @@ bool login(const char* username, /* username */ #else fprintf(stderr, "Trying to log in as '%s'\n", container->username); #endif - /* turn off self-supplied SQL if a null ptr or empty string is supplied */ + /* turn off self-supplied SQL if a null ptr or empty string is supplied */ - /* SQL STUFF AND BUILDER */ char sql[LARGEBUF]; if (own_sql) { if (longstringlength(sql_statement) >= LARGEBUF) { /* FUNC MACRO USED */ @@ -110,6 +109,7 @@ bool login(const char* username, /* username */ if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); + build_sql_string(sql, container->username); } if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ @@ -117,7 +117,7 @@ bool login(const char* username, /* username */ exit(5); } /* SQL OK copy it into our string - dest array should be clean so string isnt garbage */ - memset((void*)sql, 0, sizeof sql); + memset(sql, 0, sizeof sql); stringcopy(sql, sql_statement); } else /* use default sql string builder mechanism (fast and convenient and safe) 1 call per login/username */ @@ -126,24 +126,16 @@ bool login(const char* username, /* username */ /* DATABASE CALL */ err = sqlite3_exec(Db_object, /* An open database ![IMPORTANT -> callback is called for every ROW]! */ sql, /* SQL to be evaluated */ - callback, /* Callback function */ - /* int (*callback)(void* freeSlot, int numDbEntries, char** DBEntries, char** ColumnName) - - * arg1 is a free pointer specified by the sqlite3 calling convention interface - - * I put the data to compare against in here (could be unused too) - * arg2 NumDbEntries retrieves the count of entries in that row, - * arg3 DBEntries is an array of strings of the data in that row and - * arg4 ColumnName is an array of strings representing the column. */ + callback, /* Callback function */ (void*)container, /* 1st argument to callback */ &errormsg); /* Error msg written here */ - - + if (err != SQLITE_OK) { fprintf(stderr, "SQL error: %s\n", errormsg); /* sqlite3_errmsg(Db_object) */ sqlite3_free(errormsg); } /* clean up the DB connection */ - sqlite3_close(Db_object); - + sqlite3_close(Db_object); memset(container->hash, 0, USERBUF); memset(container->username, 0, USERBUF); From 207110a7422dad06234208ad457cf48b3836294f Mon Sep 17 00:00:00 2001 From: omen23 Date: Wed, 9 Nov 2016 00:44:03 +0100 Subject: [PATCH 097/113] Update login.c --- login.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.c b/login.c index c71cda1..eccb85b 100644 --- a/login.c +++ b/login.c @@ -109,7 +109,7 @@ bool login(const char* username, /* username */ if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { own_sql = false; fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - build_sql_string(sql, container->username); + exit(5); } if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ From adb5bcbb8ad14bff8b66035dc44f4ca1275883ed Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:26:28 +0100 Subject: [PATCH 098/113] Update login.h --- login.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/login.h b/login.h index 78e01ab..fa688fe 100644 --- a/login.h +++ b/login.h @@ -77,7 +77,9 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons * sql string for our purposes * arg1 is the username * arg2 is to where to write the string */ -void build_sql_string(char* dest, const char* username); +inline void build_sql_string(char* dest, const char* username) { + sprintf(dest, "select * from users where username = '%s';", username); +} /* this function calculates a string which represents * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 From 99db6b16c3eb807ff3df6d892a221e335d823482 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:27:45 +0100 Subject: [PATCH 099/113] Update login.c --- login.c | 1 + 1 file changed, 1 insertion(+) diff --git a/login.c b/login.c index eccb85b..7e951ec 100644 --- a/login.c +++ b/login.c @@ -9,6 +9,7 @@ #define _GNU_SOURCE #include "login.h" +extern inline void build_sql_string(char*, const char*); /* does the user exist in the db */ bool isRegistered = false; From 0114c99acb6db2f48a9c28efcd91694e8d95219e Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:33:37 +0100 Subject: [PATCH 100/113] Update login.c --- login.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/login.c b/login.c index 7e951ec..6f0dcc1 100644 --- a/login.c +++ b/login.c @@ -9,7 +9,10 @@ #define _GNU_SOURCE #include "login.h" -extern inline void build_sql_string(char*, const char*); +static inline void build_sql_string(char* dest, const char* username) +{ + sprintf(dest, "select * from users where username = '%s';", username); +} /* does the user exist in the db */ bool isRegistered = false; From c29178c797590ea023425bcc2257d9dcd7aebb6c Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:35:57 +0100 Subject: [PATCH 101/113] Update login.h --- login.h | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/login.h b/login.h index fa688fe..91f5bdc 100644 --- a/login.h +++ b/login.h @@ -77,9 +77,7 @@ bool login(const char* username, char* password, bool own_sql_statement_on, cons * sql string for our purposes * arg1 is the username * arg2 is to where to write the string */ -inline void build_sql_string(char* dest, const char* username) { - sprintf(dest, "select * from users where username = '%s';", username); -} + /* this function calculates a string which represents * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 From e65c4baceecd43720fc3935660623e2f80903c02 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:36:47 +0100 Subject: [PATCH 102/113] Update login.h --- login.h | 5 ----- 1 file changed, 5 deletions(-) diff --git a/login.h b/login.h index 91f5bdc..1f2114f 100644 --- a/login.h +++ b/login.h @@ -73,11 +73,6 @@ typedef struct login_data { * arg3 is a bool asking if you want to supply your own SQL * if arg3 is true supply your SQL statement as arg4 else NULL */ bool login(const char* username, char* password, bool own_sql_statement_on, const char* sql_statement); -/* small function to build the matching - * sql string for our purposes - * arg1 is the username - * arg2 is to where to write the string */ - /* this function calculates a string which represents * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 From 7b76f8f53e9495935112b7e7225d2d8311df8cb9 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:38:20 +0100 Subject: [PATCH 103/113] Update login.c --- login.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/login.c b/login.c index 6f0dcc1..3817a00 100644 --- a/login.c +++ b/login.c @@ -9,6 +9,10 @@ #define _GNU_SOURCE #include "login.h" +/* small function to build the matching + * sql string for our purposes + * arg1 is the destination memory + * arg2 is the username */ static inline void build_sql_string(char* dest, const char* username) { sprintf(dest, "select * from users where username = '%s';", username); From 4d2bd35f7b9fe7dbd9a4ec0bf267f3748e384ed1 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:41:41 +0100 Subject: [PATCH 104/113] Update login.c --- login.c | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/login.c b/login.c index 3817a00..730f8fb 100644 --- a/login.c +++ b/login.c @@ -172,17 +172,6 @@ bool login(const char* username, /* username */ return isLoggedOn; } -/* small function to build the matching - * sql string for our purposes - * arg1 is the username - * arg2 is to where to write the string - * already in auto use of the login function if third param is false (of the login func) - */ -inline void build_sql_string(char* dest, const char* username) -{ - sprintf(dest, "select * from users where username = '%s';", username); -} - /* Example main ... this is intented to be a "library" - only a glue code * main will exit with retval 0 if everything is ok */ From 569c23559fd552226ed827d68736f2ba3f8330be Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:46:10 +0100 Subject: [PATCH 105/113] Update login.h --- login.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/login.h b/login.h index 1f2114f..423b917 100644 --- a/login.h +++ b/login.h @@ -37,7 +37,7 @@ change login.h." #ifdef _GNU_SOURCE size_t strnlen(const char* string, size_t maxlen); #define stringlength(x) strnlen(x, USERBUF) - #define longstringlength(x) strnlen(x, LARGEBUF + 40) + #define longstringlength(x) strnlen(x, LARGEBUF) #define stringconcat(s1, s2) strncat(s1, s2, USERBUF) #define stringcompare(s1, s2) strncmp(s1, s2, USERBUF) #define stringcopy(s1, s2) strncpy(s1, s2, USERBUF) From fa0a810cf9f0d666be1c84de6a9626c2825a21a5 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:54:05 +0100 Subject: [PATCH 106/113] Update login.h --- login.h | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/login.h b/login.h index 423b917..96686f4 100644 --- a/login.h +++ b/login.h @@ -67,12 +67,7 @@ typedef struct login_data { /* function prototypes */ -/* in this function im trying to handle the login event and interface with sqlite - * this will result in return values true as ok and false otherwise - * arg 1 and 2 are self explanatory (arg2 gets zero'd out in the process) - * arg3 is a bool asking if you want to supply your own SQL - * if arg3 is true supply your SQL statement as arg4 else NULL */ -bool login(const char* username, char* password, bool own_sql_statement_on, const char* sql_statement); + /* this function calculates a string which represents * the hash of the user's password * digest has to be min. gcry_md_get_algo_dlen(algo)*2 From 72d3870a73c643143a0505212a4f2f1e6e4ab0ec Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 00:56:56 +0100 Subject: [PATCH 107/113] Update login.c --- login.c | 37 ++++++------------------------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/login.c b/login.c index 730f8fb..3814477 100644 --- a/login.c +++ b/login.c @@ -53,9 +53,7 @@ static int callback (void* logindata, /* sql_exec passes its forth argument in h * this will result in return values true as ok and false otherwise */ bool login(const char* username, /* username */ - char* password, /* password -> gets deleted for security reasons */ - bool own_sql, /* indicates if you want your own sql statement executed against the DB */ - const char* sql_statement) /* the sql statement to be executed against the Database or NULL */ + char* password) /* password -> gets deleted for security reasons */ { /* check for user overflow attempts */ if (stringlength(username) > USERBUF - 6 || stringlength(password) > USERBUF - 6) { @@ -108,28 +106,8 @@ bool login(const char* username, /* username */ #endif /* turn off self-supplied SQL if a null ptr or empty string is supplied */ - char sql[LARGEBUF]; - if (own_sql) { - if (longstringlength(sql_statement) >= LARGEBUF) { /* FUNC MACRO USED */ - fprintf(stderr, "SQL statement too long. Max. %d characters.\n", LARGEBUF); - exit(4); - } - if (sql_statement == NULL || strcmp(sql_statement, "") == 0) { - own_sql = false; - fprintf(stderr, "login(...) called with wrong args - arg3 is true and arg4 is NULL or empty!\n"); - exit(5); - } - - if (stringlength(sql_statement) < 6) { /* FUNC MACRO USED */ - fprintf(stderr, "Cannot pass empty or nonsensical string as SQL statement!\n"); - exit(5); - } - /* SQL OK copy it into our string - dest array should be clean so string isnt garbage */ - memset(sql, 0, sizeof sql); - stringcopy(sql, sql_statement); - } - else /* use default sql string builder mechanism (fast and convenient and safe) 1 call per login/username */ - build_sql_string(sql, container->username); + char sql[LARGEBUF]; + build_sql_string(sql, container->username); /* DATABASE CALL */ err = sqlite3_exec(Db_object, /* An open database ![IMPORTANT -> callback is called for every ROW]! */ @@ -185,10 +163,8 @@ int main(int argc, char* argv[]) /* login -> returns a bool indicating success */ bool logged_on = login(user, /* self expl this variable will come back unchanged */ - pass, /* this variable will be garbage after the login */ - false, /* own sql statement suppplied as arg4(true) or default func(false), I'd go with this setting */ - NULL); /* sql string like "select * from users;" or NULL pointer for default func */ - + pass); /* this variable will be garbage after the login */ + if (logged_on) { /* log-in succeeded - do what you like here */ @@ -197,8 +173,7 @@ int main(int argc, char* argv[]) else { /* log-in didnt succeed, handle it how you like ... (call main again whatever) */ - return 1; - + return 1; } } From 111ab1742d84aa34411c144a63e1a9dcb3ceefda Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 01:01:32 +0100 Subject: [PATCH 108/113] Update login.c --- login.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/login.c b/login.c index 3814477..9f6c457 100644 --- a/login.c +++ b/login.c @@ -104,16 +104,14 @@ bool login(const char* username, /* username */ #else fprintf(stderr, "Trying to log in as '%s'\n", container->username); #endif - /* turn off self-supplied SQL if a null ptr or empty string is supplied */ - - char sql[LARGEBUF]; - build_sql_string(sql, container->username); - + + char sql[USERBUF]; + build_sql_string(sql, container->username); /* DATABASE CALL */ err = sqlite3_exec(Db_object, /* An open database ![IMPORTANT -> callback is called for every ROW]! */ sql, /* SQL to be evaluated */ callback, /* Callback function */ - (void*)container, /* 1st argument to callback */ + container, /* 1st argument to callback */ &errormsg); /* Error msg written here */ if (err != SQLITE_OK) { From 333c56398b165b3d68b1f58dd18447e27c511f42 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 01:09:50 +0100 Subject: [PATCH 109/113] Update README --- README | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/README b/README index 0b712ad..a552055 100644 --- a/README +++ b/README @@ -6,6 +6,16 @@ text. So it is designed for a login-procedure and was thought to be useful for CGI login handling. The hashing capabilities can be turnt off in case you are lazy enough to check your passwords or keys plain-text. + Friday, 14.10.2016 - COMPLETE REWRITE OF MODULAR HASHING SYSTEM + - ongoing rewrite of static functions that are only needed for one reason, made the login function easier (no more self supplied sql) + - this is a login interface, thats what it does - no more cost for database call than needed (rewrite of callback code) + - future hopes: cgi interface to get this running on a web-server (reading the book atm) + +This software now produces the right digests. Sorry there is no test database but everything should be working now. +Thanks, David + +p.s.: maybe try "user" as first program parameter and "test" as second - it should work (= + OK enough -- this is what this package provides: login.c - login routine and sqlite3 callback (with an example main function) hash.c - the hashing function which is used in the login program @@ -13,7 +23,7 @@ hash.c - the hashing function which is used in the login program hashit.c - a small utility that can generate digests of all implemented gcrypt hashing algorithms (e.g. for generation of your keys) ftm.c - feature test macros -login.h - a header file where all the fun is defined :) +login.h - a header file where all crossover fun is defined :) There is a Makefile for convenience - just type "make" and if you have a debian based system with "libgcrypt-dev" and "libsqlite3-dev" installed everything should work OOB. @@ -36,9 +46,3 @@ If you have problems setting this up - contact me! I cannot promise that I will because my inbox is always really full. The string macros supplied use GNU extensions or BSD versions of the standard implementation. (strlen, strcat, strcpy) - Friday, 14.10.2016 - COMPLETE REWRITE OF MODULAR HASHING SYSTEM - -This software now produces the right digests. Sorry there is no test database but everything should be working now. -Thanks, David - -p.s.: maybe try "user" as first program parameter and "test" as second - it should work (= From 9f97d639f7c14bcbf6b7fd4c939f726cadf02f9a Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 01:10:30 +0100 Subject: [PATCH 110/113] Update README --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index a552055..2caf15c 100644 --- a/README +++ b/README @@ -8,7 +8,7 @@ are lazy enough to check your passwords or keys plain-text. Friday, 14.10.2016 - COMPLETE REWRITE OF MODULAR HASHING SYSTEM - ongoing rewrite of static functions that are only needed for one reason, made the login function easier (no more self supplied sql) - - this is a login interface, thats what it does - no more cost for database call than needed (rewrite of callback code) + - this is a login interface, thats what it does - no more cost for database calls than needed (rewrite of callback code) - future hopes: cgi interface to get this running on a web-server (reading the book atm) This software now produces the right digests. Sorry there is no test database but everything should be working now. From 3eb3ae7c8d8f7a42ee892257462d7fdc683d4e5d Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 10 Nov 2016 13:22:11 +0100 Subject: [PATCH 111/113] Update ftm.c --- ftm.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ftm.c b/ftm.c index 16ec1dd..19a917b 100644 --- a/ftm.c +++ b/ftm.c @@ -3,9 +3,11 @@ * _POSIX_SOURCE defined * _POSIX_C_SOURCE defined: 200809L * _ISOC99_SOURCE defined + * _ISOC11_SOURCE defined * _XOPEN_SOURCE defined: 700 * _XOPEN_SOURCE_EXTENDED defined * _LARGEFILE64_SOURCE defined + * _DEFAULT_SOURCE defined * _ATFILE_SOURCE defined * _GNU_SOURCE defined * _FORTIFY_SOURCE defined @@ -29,6 +31,10 @@ main(int argc, char *argv[]) printf("_ISOC99_SOURCE defined\n"); #endif +#ifdef _ISOC11_SOURCE + printf("_ISOC11_SOURCE defined\n"); +#endif + #ifdef _XOPEN_SOURCE printf("_XOPEN_SOURCE defined: %d\n", _XOPEN_SOURCE); #endif @@ -52,6 +58,10 @@ main(int argc, char *argv[]) #ifdef _SVID_SOURCE printf("_SVID_SOURCE defined\n"); #endif + +#ifdef _DEFAULT_SOURCE + printf("_DEFAULT_SOURCE defined\n"); +#endif #ifdef _ATFILE_SOURCE printf("_ATFILE_SOURCE defined\n"); @@ -74,3 +84,4 @@ main(int argc, char *argv[]) #endif exit(EXIT_SUCCESS); } + From 1f03288e0ae2d70c457e96f39339ea0ec1cf5c0a Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 17 Nov 2016 20:56:03 +0100 Subject: [PATCH 112/113] Update hash.c --- hash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hash.c b/hash.c index 623a34b..3d71790 100644 --- a/hash.c +++ b/hash.c @@ -15,7 +15,7 @@ void hash_func(int algo, char* digest, const void* value, size_t len) gcry_md_hash_buffer(algo, rawResult, value, len); for (int i = 0; i < algolen; i++) { - sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); // pointer magic *dancing on broken glass of undefined behavior* + sprintf(digest+(i*2), "%02x", (unsigned char)rawResult[i]); /* pointer magic */ } gcry_free(rawResult); } @@ -35,6 +35,6 @@ void gcrypt_init() gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN), gcry_control(GCRYCTL_INIT_SECMEM, 65536, 0), gcry_control(GCRYCTL_RESUME_SECMEM_WARN), - gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0), initialized = true; } From 14d0f182241272b4029c21af079f848ac19556b6 Mon Sep 17 00:00:00 2001 From: omen23 Date: Thu, 17 Nov 2016 21:04:26 +0100 Subject: [PATCH 113/113] Update hash.c --- hash.c | 1 - 1 file changed, 1 deletion(-) diff --git a/hash.c b/hash.c index 3d71790..a99318e 100644 --- a/hash.c +++ b/hash.c @@ -6,7 +6,6 @@ #define _GNU_SOURCE #include "login.h" - void hash_func(int algo, char* digest, const void* value, size_t len) { size_t algolen = gcry_md_get_algo_dlen(algo);