summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Petr Štetiar [Mon, 16 Dec 2019 13:58:50 +0000 (14:58 +0100)]
fix certificate blob parsing vulnerability by using blob_parse_untrusted
blob_parse expects blobs from trusted inputs, but in this case it can be
supplied with possibly malicious certificates from untrusted inputs as
well, so in order to prevent such conditions, switch to
blob_parse_untrusted which should hopefully handle such inputs
appropriately.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:49:40 +0000 (14:49 +0100)]
fix leaking memory in cert_dump_blob
Fixes following valgrind reported memory leak:
189 bytes in 1 blocks are definitely lost in loss record 3 of 4
at realloc
by blobmsg_format_json_with_cb
by blobmsg_format_json_indent
by cert_dump_blob (ucert.c:386)
by cert_dump (ucert.c:405)
by main (ucert.c:728)
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:34:20 +0000 (14:34 +0100)]
fix possibly garbage value returned in cert_process_revoker
Fixes following warning reported by clang-9 scan-build analyzer:
ucert.c:585:2: warning: Undefined or garbage value returned to caller
return ret;
^~~~~~~~~~
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:43:19 +0000 (14:43 +0100)]
add cram based unit tests
For improved QA etc. for the start with initial test case for dump
command.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:29:57 +0000 (14:29 +0100)]
cmake: split usign bits into static library
So it could be reused easily in unit tests for example.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:23:26 +0000 (14:23 +0100)]
cmake: reindent the file
In order to make the indentation consistent within the file.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 12:56:29 +0000 (13:56 +0100)]
cmake: enable hardening compiler flags and fix the reported issues
Lets enable some useful flags in order to spot possible issues during
QA on CI (GCC version 6 and higher). Fix warnings uncovered by this new
flags as reported by clang-9 on x86/64:
ucert.c:158:33: error: comparison of integers of different signs: 'unsigned long' and 'int' [-Werror,-Wsign-compare]
ucert.c:176:14: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
ucert.c:314:18: error: comparison of integers of different signs: '__time_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ucert.c:315:18: error: comparison of integers of different signs: '__time_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ucert.c:557:17: error: comparison of integers of different signs: '__time_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
Ref: https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 28 Nov 2019 21:44:08 +0000 (22:44 +0100)]
add initial GitLab CI support
Uses currently proof-of-concept openwrt-ci[1] in order to:
* improve the quality of the codebase in various areas
* decrease code review time and help merging contributions faster
* get automagic feedback loop on various platforms and tools
- out of tree build with OpenWrt SDK on following targets:
* ath79-generic
* imx6-generic
* malta-be
* mvebu-cortexa53
- out of tree native build on x86/64 with GCC (versions 7, 8, 9) and Clang 10
- out of tree native x86/64 static code analysis with cppcheck and
scan-build from Clang 10
1. https://gitlab.com/ynezz/openwrt-ci/
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Tue, 17 Sep 2019 13:31:08 +0000 (15:31 +0200)]
cmake: add proper include and library dependencies
Otherwise it's not possible to compile it properly if the dependencies
are not installed in the standard include/libraries paths.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Rosen Penev [Thu, 28 Nov 2019 19:17:20 +0000 (11:17 -0800)]
cast ucert_argv to proper type when passing to execv
Fixes warnings:
warning: passing argument 2 of 'execv' from incompatible pointer type
[-Wincompatible-pointer-types]
254 | execv(usign_argv[0], usign_argv)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Daniel Golle [Tue, 18 Sep 2018 11:29:10 +0000 (13:29 +0200)]
be more tolerant when reading key fingerprint
usign occasionally writes 16 characters then exits without writing a LF,
leaving ucert hanging waiting for more input. Accept 16 characters
or more rather than 17 to work around the short read.
Signed-off-by: Mike McCormack <mike@atratus.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Damien Mascord [Wed, 8 Aug 2018 13:54:53 +0000 (23:54 +1000)]
Change the sigb buffer to be the same size as the fread
Signed-off-by: Damien Mascord <tusker@tusker.org>
Daniel Golle [Tue, 7 Aug 2018 16:07:56 +0000 (18:07 +0200)]
blob_buf needs to be zero'd
Fixes weird segfaults when compiling libubox with GCC 8.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 6 Aug 2018 15:23:46 +0000 (17:23 +0200)]
set rpath to make bundle-libraries.sh happy
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 10 Jun 2018 17:03:00 +0000 (19:03 +0200)]
don't ever set pointer outside of buffer
even if it's not going to be used.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Sun, 10 Jun 2018 16:44:36 +0000 (18:44 +0200)]
fix host build
use execvp in host builds instead of hardcoding /usr/bin/usign path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 16:16:00 +0000 (18:16 +0200)]
harden reading fingerprint from usign process
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 03:30:44 +0000 (05:30 +0200)]
add light build variant without -C, -A and -D
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:56:22 +0000 (02:56 +0200)]
remove unused stat variable and gettimeofday only once while verifying
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:50:00 +0000 (02:50 +0200)]
README.md...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:49:18 +0000 (02:49 +0200)]
allow issue to append existing cert and be strictly quiet
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:07:46 +0000 (02:07 +0200)]
don't be crazily strickt on position of '-q' parameter
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 23:15:26 +0000 (01:15 +0200)]
fix memory corruption caused by use-after-free
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 22:01:35 +0000 (00:01 +0200)]
README.md: add a line about context and dependencies
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 21:52:16 +0000 (23:52 +0200)]
output error message in case of revoked key
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 21:44:57 +0000 (23:44 +0200)]
add README.md
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 20:53:46 +0000 (22:53 +0200)]
add comments in usign-exec
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 20:22:26 +0000 (22:22 +0200)]
harden cmdline options
make all options single-set, only accept options after command and only
those needed for the specific command.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 20:12:06 +0000 (22:12 +0200)]
add comments and license headers
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 19:28:50 +0000 (21:28 +0200)]
take care of revokers in verify path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 17:14:18 +0000 (19:14 +0200)]
improve usage message and start working on revoker logic
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 13:16:41 +0000 (15:16 +0200)]
allow append also on non-existing certfile
Just in case someone just wants a single plain signature without any
chain.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 12:39:06 +0000 (14:39 +0200)]
enumerate chain elements in dump output
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 10:32:21 +0000 (12:32 +0200)]
always include complete signature file including trailing newline
just to harmonize things
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 10:09:57 +0000 (12:09 +0200)]
add forgotten usign_v sigfile parameter
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 09:38:42 +0000 (11:38 +0200)]
read more than one cert from file
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 00:17:28 +0000 (02:17 +0200)]
implement chain and message verify
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 20:48:31 +0000 (22:48 +0200)]
use list to model certificate chain
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 20:21:23 +0000 (22:21 +0200)]
implement cert issue
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 19:12:50 +0000 (21:12 +0200)]
add usign-exec.c
create C function wrappers calling the /usr/bin/usign executable and
processing the results.
usign_v() : usign -V ...
usign_s() : usign -S ...
usign_f_*() : usign -F ...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 18:37:50 +0000 (20:37 +0200)]
start implementing loading cert from filesystem, add validity times
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 22:02:00 +0000 (00:02 +0200)]
add external blob and internal blobmsg data structures
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 21:54:09 +0000 (23:54 +0200)]
add shim executable and CMakeLists
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 21:40:28 +0000 (23:40 +0200)]
add COPYING license file
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 21:36:24 +0000 (23:36 +0200)]
add .gitignore
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)