From c9fce72e17b7afa389205d946e5ca7bef997be60 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 29 Apr 2020 13:26:14 -0400 Subject: [PATCH] Ensure that files read in have a trailing new-line In SCEP when retrieving the CA chain the certificates passed in on the command-line (RA agent and CA cert) area printed along with the contents of what was retrieved remotely. If one of the filesystem certificates lacks a newline then the output will be jumbled like: -----END CERTIFICATE----------BEGIN CERTIFICATE-----\n https://bugzilla.redhat.com/show_bug.cgi?id=1814976 --- src/submit-u.c | 11 +++++++ tests/039-fromfile/expected.out | 4 +++ tests/039-fromfile/run.sh | 55 +++++++++++++++++++++++++++++++++ tests/Makefile.am | 10 ++++-- tests/tools/Makefile.am | 6 +++- tests/tools/fromfile.c | 52 +++++++++++++++++++++++++++++++ 6 files changed, 134 insertions(+), 4 deletions(-) create mode 100644 tests/039-fromfile/expected.out create mode 100755 tests/039-fromfile/run.sh create mode 100644 tests/tools/fromfile.c diff --git a/src/submit-u.c b/src/submit-u.c index b0b45ba..dca23a7 100644 --- a/src/submit-u.c +++ b/src/submit-u.c @@ -100,6 +100,17 @@ cm_submit_u_from_file(const char *filename) } if (csr == NULL) { csr = strdup(""); + } else { + int length = strlen(csr); + if (csr[length-1] != '\n') { + length += 1; + csr = realloc(csr, length + 1); + if (csr == NULL) { + return NULL; + } + csr[length - 1] = '\n'; + csr[length] = '\0'; + } } return csr; } diff --git a/tests/039-fromfile/expected.out b/tests/039-fromfile/expected.out new file mode 100644 index 0000000..9191a57 --- /dev/null +++ b/tests/039-fromfile/expected.out @@ -0,0 +1,4 @@ +[trailing_nl] +Ok +[no_trailing_nl] +Ok diff --git a/tests/039-fromfile/run.sh b/tests/039-fromfile/run.sh new file mode 100755 index 0000000..8bae773 --- /dev/null +++ b/tests/039-fromfile/run.sh @@ -0,0 +1,55 @@ +#!/bin/bash -e + +cd $tmpdir + +cat > $tmpdir/trailing_nl <<- EOF +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIRAO1VmyXYM0f7pbXVdEGtRPMwDQYJKoZIhvcNAQELBQAw +UDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRob3JpdHkxLDAqBgNVBAMMI2Vk +NTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0NGYzMB4XDTE1MDQyODE3MDk0 +OFoXDTE2MDQyODE3MDk0OFowUDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRo +b3JpdHkxLDAqBgNVBAMMI2VkNTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0 +NGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c/LhlyBs0UUiDSy +nrC+Q0WJkWZeQ/kqwniru+GlXgb3g+7VvyAfdZ45NiBdo/6xXyCLphK0g8oZLyi8 +OwQQoUyVMn9gsGXbjlwSzjXKx3wdUM+lFpenx8iQS9aCfVQJ4tzFgM1pQBQ2AiHs +jvU18xSFSZApjT5UIK35kyH22D8LhCGGYLaU3xFEfHvd0AOuXwm5Nsiu/HTsSV4N +peUdFEmFzQwUEUdV2jKOPcXnOArV82vfpdp1nSCX3kruEb9G93VsmQ+9ebKXQRQE +Ltd65e/EYtXvihuTtElLYuyYZlYJdbTZeLXB4YLvElgNkS9JK7RKHlCm0KYQmcmd +GZSh8QIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQEBMB0GA1UdDgQWBBRLxeFy3+RS +FloygyjlXa6YEv8ltzAfBgNVHSMEGDAWgBRLxeFy3+RSFloygyjlXa6YEv8ltzAO +BgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAH9A9ePIqZGF4VEo5D4j +MuOJ1J4uTRxHoEGXCDRcuCn3RvT0civWEPpRNo1YVgAWFODpt/HSi3lCVtTb7FwJ +hfHkxCpAuHmv3sfT8jcCwTTAXL1BLpCO6d0zz0RrFMNK+vGyZu/7LXhaYVu590Q5 +1DMybHmln7i+Tw/eYb4Avk1FWGOEpNdf3ZjUazcDlkO4EwA6BnZUC8gFvz0OI73D +AJsGq/UsJvMH30ga1rZ/9LiHEMSEys5amk98yMRvi/R1qI02kjANdZ0ID/7cJSw2 +rVCCs61jgYppWv3JHVKYmm6+cVPAUcuRdsUzDpAQDdvGAaZJENE6suulRVEaBEdS +8gM= +-----END CERTIFICATE----- +EOF +cat > $tmpdir/no_trailing_nl <<- EOF +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIRAO1VmyXYM0f7pbXVdEGtRPMwDQYJKoZIhvcNAQELBQAw +UDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRob3JpdHkxLDAqBgNVBAMMI2Vk +NTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0NGYzMB4XDTE1MDQyODE3MDk0 +OFoXDTE2MDQyODE3MDk0OFowUDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRo +b3JpdHkxLDAqBgNVBAMMI2VkNTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0 +NGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c/LhlyBs0UUiDSy +nrC+Q0WJkWZeQ/kqwniru+GlXgb3g+7VvyAfdZ45NiBdo/6xXyCLphK0g8oZLyi8 +OwQQoUyVMn9gsGXbjlwSzjXKx3wdUM+lFpenx8iQS9aCfVQJ4tzFgM1pQBQ2AiHs +jvU18xSFSZApjT5UIK35kyH22D8LhCGGYLaU3xFEfHvd0AOuXwm5Nsiu/HTsSV4N +peUdFEmFzQwUEUdV2jKOPcXnOArV82vfpdp1nSCX3kruEb9G93VsmQ+9ebKXQRQE +Ltd65e/EYtXvihuTtElLYuyYZlYJdbTZeLXB4YLvElgNkS9JK7RKHlCm0KYQmcmd +GZSh8QIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQEBMB0GA1UdDgQWBBRLxeFy3+RS +FloygyjlXa6YEv8ltzAfBgNVHSMEGDAWgBRLxeFy3+RSFloygyjlXa6YEv8ltzAO +BgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAH9A9ePIqZGF4VEo5D4j +MuOJ1J4uTRxHoEGXCDRcuCn3RvT0civWEPpRNo1YVgAWFODpt/HSi3lCVtTb7FwJ +hfHkxCpAuHmv3sfT8jcCwTTAXL1BLpCO6d0zz0RrFMNK+vGyZu/7LXhaYVu590Q5 +1DMybHmln7i+Tw/eYb4Avk1FWGOEpNdf3ZjUazcDlkO4EwA6BnZUC8gFvz0OI73D +AJsGq/UsJvMH30ga1rZ/9LiHEMSEys5amk98yMRvi/R1qI02kjANdZ0ID/7cJSw2 +rVCCs61jgYppWv3JHVKYmm6+cVPAUcuRdsUzDpAQDdvGAaZJENE6suulRVEaBEdS +8gM= +EOF +echo -n "-----END CERTIFICATE-----" >> $tmpdir/no_trailing_nl + +$toolsdir/fromfile trailing_nl +$toolsdir/fromfile no_trailing_nl diff --git a/tests/Makefile.am b/tests/Makefile.am index fe368dc..1552c48 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -127,7 +127,9 @@ CLEANFILES = \ 037-rekey2/actual.out \ 037-rekey2/actual.err \ 038-ms-v2-template/actual.out \ - 038-ms-v2-template/actual.err + 038-ms-v2-template/actual.err \ + 039-fromfile/actual.out \ + 039-fromfile/actual.err EXTRA_DIST = \ run-tests.sh functions certmonger.conf tools/cachain.sh \ 001-keyiread/run.sh \ @@ -349,7 +351,8 @@ EXTRA_DIST = \ 037-rekey2/run.sh \ 038-ms-v2-template/expected.out \ 038-ms-v2-template/extract-extdata.py \ - 038-ms-v2-template/run.sh + 038-ms-v2-template/run.sh \ + 039-fromfile/run.sh subdirs = \ 001-keyiread \ @@ -392,7 +395,8 @@ subdirs = \ 035-json \ 036-getcert \ 037-rekey2 \ - 038-ms-v2-template + 038-ms-v2-template \ + 039-fromfile if HAVE_DBM_NSSDB subdirs += \ diff --git a/tests/tools/Makefile.am b/tests/tools/Makefile.am index 39fa954..e0d2f08 100644 --- a/tests/tools/Makefile.am +++ b/tests/tools/Makefile.am @@ -16,7 +16,7 @@ endif noinst_PROGRAMS = keyiread keygen csrgen submit certread certsave oid2name \ name2oid iterate prefs dates listnicks pem2base base2pem \ dparse payload checksig base64 cadata citerate casave hooks \ - libexecdir canon srv addcinfo ls json json-utf8 printenv + libexecdir canon srv addcinfo ls json json-utf8 printenv fromfile noinst_LIBRARIES = libtools.a if HAVE_OPENSSL noinst_PROGRAMS += pk7parse pk7env scepgen pk7verify pk7decrypt @@ -38,3 +38,7 @@ citerate_LDADD = $(top_srcdir)/src/store-gen.c $(LDADD) srv_SOURCES = srv.c srv_LDADD = $(top_srcdir)/src/srvloc.c $(LDADD) + +fromfile_CFLAGS = $(AM_CFLAGS) $(CURL_CFLAGS) +fromfile_SOURCES = fromfile.c +fromfile_LDADD = $(LDADD) $(UUID_LIBS) $(CURL_LIBS) diff --git a/tests/tools/fromfile.c b/tests/tools/fromfile.c new file mode 100644 index 0000000..bb70507 --- /dev/null +++ b/tests/tools/fromfile.c @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2020 Red Hat, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include "../../src/config.h" + +#include +#include +#include +#include + +#include + +#include "../../src/submit-u.h" +#include "../../src/submit-u.c" + +int +main(int argc, char **argv) +{ + int i, result = 0; + char *cert; + + for (i = 1; i < argc; i++) { + printf("[%s]\n", argv[i]); + cert = cm_submit_u_from_file(argv[i]); + if (cert == NULL) { + printf("OOM error\n"); + result = 1; + } + else if (cert[strlen(cert) - 1] != '\n') { + printf("Missing trailing newline\n"); + result = 1; + } else { + printf("Ok\n"); + } + free(cert); + } + return result; +} -- 2.18.4