summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Petr Štetiar [Mon, 16 Dec 2019 13:49:40 +0000 (14:49 +0100)]
fix leaking memory in cert_dump_blob
Fixes following valgrind reported memory leak:
189 bytes in 1 blocks are definitely lost in loss record 3 of 4
at realloc
by blobmsg_format_json_with_cb
by blobmsg_format_json_indent
by cert_dump_blob (ucert.c:386)
by cert_dump (ucert.c:405)
by main (ucert.c:728)
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:34:20 +0000 (14:34 +0100)]
fix possibly garbage value returned in cert_process_revoker
Fixes following warning reported by clang-9 scan-build analyzer:
ucert.c:585:2: warning: Undefined or garbage value returned to caller
return ret;
^~~~~~~~~~
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:43:19 +0000 (14:43 +0100)]
add cram based unit tests
For improved QA etc. for the start with initial test case for dump
command.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:29:57 +0000 (14:29 +0100)]
cmake: split usign bits into static library
So it could be reused easily in unit tests for example.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 13:23:26 +0000 (14:23 +0100)]
cmake: reindent the file
In order to make the indentation consistent within the file.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Mon, 16 Dec 2019 12:56:29 +0000 (13:56 +0100)]
cmake: enable hardening compiler flags and fix the reported issues
Lets enable some useful flags in order to spot possible issues during
QA on CI (GCC version 6 and higher). Fix warnings uncovered by this new
flags as reported by clang-9 on x86/64:
ucert.c:158:33: error: comparison of integers of different signs: 'unsigned long' and 'int' [-Werror,-Wsign-compare]
ucert.c:176:14: error: comparison of integers of different signs: 'int' and 'unsigned long' [-Werror,-Wsign-compare]
ucert.c:314:18: error: comparison of integers of different signs: '__time_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ucert.c:315:18: error: comparison of integers of different signs: '__time_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
ucert.c:557:17: error: comparison of integers of different signs: '__time_t' (aka 'long') and 'uint64_t' (aka 'unsigned long') [-Werror,-Wsign-compare]
Ref: https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 28 Nov 2019 21:44:08 +0000 (22:44 +0100)]
add initial GitLab CI support
Uses currently proof-of-concept openwrt-ci[1] in order to:
* improve the quality of the codebase in various areas
* decrease code review time and help merging contributions faster
* get automagic feedback loop on various platforms and tools
- out of tree build with OpenWrt SDK on following targets:
* ath79-generic
* imx6-generic
* malta-be
* mvebu-cortexa53
- out of tree native build on x86/64 with GCC (versions 7, 8, 9) and Clang 10
- out of tree native x86/64 static code analysis with cppcheck and
scan-build from Clang 10
1. https://gitlab.com/ynezz/openwrt-ci/
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Tue, 17 Sep 2019 13:31:08 +0000 (15:31 +0200)]
cmake: add proper include and library dependencies
Otherwise it's not possible to compile it properly if the dependencies
are not installed in the standard include/libraries paths.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Rosen Penev [Thu, 28 Nov 2019 19:17:20 +0000 (11:17 -0800)]
cast ucert_argv to proper type when passing to execv
Fixes warnings:
warning: passing argument 2 of 'execv' from incompatible pointer type
[-Wincompatible-pointer-types]
254 | execv(usign_argv[0], usign_argv)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Daniel Golle [Tue, 18 Sep 2018 11:29:10 +0000 (13:29 +0200)]
be more tolerant when reading key fingerprint
usign occasionally writes 16 characters then exits without writing a LF,
leaving ucert hanging waiting for more input. Accept 16 characters
or more rather than 17 to work around the short read.
Signed-off-by: Mike McCormack <mike@atratus.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Damien Mascord [Wed, 8 Aug 2018 13:54:53 +0000 (23:54 +1000)]
Change the sigb buffer to be the same size as the fread
Signed-off-by: Damien Mascord <tusker@tusker.org>
Daniel Golle [Tue, 7 Aug 2018 16:07:56 +0000 (18:07 +0200)]
blob_buf needs to be zero'd
Fixes weird segfaults when compiling libubox with GCC 8.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 6 Aug 2018 15:23:46 +0000 (17:23 +0200)]
set rpath to make bundle-libraries.sh happy
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 10 Jun 2018 17:03:00 +0000 (19:03 +0200)]
don't ever set pointer outside of buffer
even if it's not going to be used.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Sun, 10 Jun 2018 16:44:36 +0000 (18:44 +0200)]
fix host build
use execvp in host builds instead of hardcoding /usr/bin/usign path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 16:16:00 +0000 (18:16 +0200)]
harden reading fingerprint from usign process
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 03:30:44 +0000 (05:30 +0200)]
add light build variant without -C, -A and -D
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:56:22 +0000 (02:56 +0200)]
remove unused stat variable and gettimeofday only once while verifying
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:50:00 +0000 (02:50 +0200)]
README.md...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:49:18 +0000 (02:49 +0200)]
allow issue to append existing cert and be strictly quiet
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Fri, 8 Jun 2018 00:07:46 +0000 (02:07 +0200)]
don't be crazily strickt on position of '-q' parameter
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 23:15:26 +0000 (01:15 +0200)]
fix memory corruption caused by use-after-free
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 22:01:35 +0000 (00:01 +0200)]
README.md: add a line about context and dependencies
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 21:52:16 +0000 (23:52 +0200)]
output error message in case of revoked key
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 21:44:57 +0000 (23:44 +0200)]
add README.md
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 20:53:46 +0000 (22:53 +0200)]
add comments in usign-exec
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 20:22:26 +0000 (22:22 +0200)]
harden cmdline options
make all options single-set, only accept options after command and only
those needed for the specific command.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 20:12:06 +0000 (22:12 +0200)]
add comments and license headers
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 19:28:50 +0000 (21:28 +0200)]
take care of revokers in verify path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 17:14:18 +0000 (19:14 +0200)]
improve usage message and start working on revoker logic
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 13:16:41 +0000 (15:16 +0200)]
allow append also on non-existing certfile
Just in case someone just wants a single plain signature without any
chain.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 12:39:06 +0000 (14:39 +0200)]
enumerate chain elements in dump output
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 10:32:21 +0000 (12:32 +0200)]
always include complete signature file including trailing newline
just to harmonize things
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 10:09:57 +0000 (12:09 +0200)]
add forgotten usign_v sigfile parameter
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 09:38:42 +0000 (11:38 +0200)]
read more than one cert from file
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Thu, 7 Jun 2018 00:17:28 +0000 (02:17 +0200)]
implement chain and message verify
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 20:48:31 +0000 (22:48 +0200)]
use list to model certificate chain
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 20:21:23 +0000 (22:21 +0200)]
implement cert issue
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 19:12:50 +0000 (21:12 +0200)]
add usign-exec.c
create C function wrappers calling the /usr/bin/usign executable and
processing the results.
usign_v() : usign -V ...
usign_s() : usign -S ...
usign_f_*() : usign -F ...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Wed, 6 Jun 2018 18:37:50 +0000 (20:37 +0200)]
start implementing loading cert from filesystem, add validity times
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 22:02:00 +0000 (00:02 +0200)]
add external blob and internal blobmsg data structures
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 21:54:09 +0000 (23:54 +0200)]
add shim executable and CMakeLists
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 21:40:28 +0000 (23:40 +0200)]
add COPYING license file
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
Daniel Golle [Mon, 4 Jun 2018 21:36:24 +0000 (23:36 +0200)]
add .gitignore
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)