rpms/pesign
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix some more bugs found by valgrind and coverity.

Browse Source 
- Don't build utils/ ; we're not using them and they're not ready anyway.
This commit is contained in:
Peter Jones 2012-10-18 11:38:53 -04:00
parent 0d40135ec1
commit 18bcd8bfc2
31 changed files with 3123 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch
View File

@ -1,7 +1,7 @@
From 406a08cc45a2d0761294002d946ee3381a4706ee Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:53:07 -0400
Subject: [PATCH 1/4] Use PK11_TraverseCertsForNicknameInSlot after all.
Subject: [PATCH 01/30] Use PK11_TraverseCertsForNicknameInSlot after all.
As of 76bc13c it doesn't appear to be leaky any more, and it does a
better job of disinguishing between certificates with the same nickname

2
0002-Remove-an-unused-field.patch
View File

@ -1,7 +1,7 @@
From e4aa0a2755d7b00e31760a7f90561b0566445fa4 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:54:10 -0400
Subject: [PATCH 2/4] Remove an unused field.
Subject: [PATCH 02/30] Remove an unused field.
Signed-off-by: Peter Jones <pjones@redhat.com>
---

4
0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
View File

@ -1,8 +1,8 @@
From df5afd0e6d92f31a804f5f1631b6fae3b8ef4d8b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:54:37 -0400
Subject: [PATCH 3/4] Free the certificate list we make once we're done using
it.
Subject: [PATCH 03/30] Free the certificate list we make once we're done
using it.
Signed-off-by: Peter Jones <pjones@redhat.com>
---

2
0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
View File

@ -1,7 +1,7 @@
From c13cc0b03dcae9a743cc49aaa62c3923a3e7d8f9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:55:02 -0400
Subject: [PATCH 4/4] Make sure we actually look up the certificate when not
Subject: [PATCH 04/30] Make sure we actually look up the certificate when not
in daemon mode.
Signed-off-by: Peter Jones <pjones@redhat.com>

2
0005-Fix-check-for-allocations-on-tokenname-certname.patch
View File

@ -1,7 +1,7 @@
From 844138e07535a8aa2be80496378c9929acaa1687 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:35:41 -0400
Subject: [PATCH 5/5] Fix check for allocations on tokenname,certname.
Subject: [PATCH 05/30] Fix check for allocations on tokenname,certname.
If we didn't have anything to start with, we won't have anything when
we're done...

812
0006-Update-valgrind.supp-for-newer-codepaths.patch Normal file
View File

@ -0,0 +1,812 @@
From 682233d107460b49071017b4d88c0430373dbd35 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:55:25 -0400
Subject: [PATCH 06/30] Update valgrind.supp for newer codepaths.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 361 ++++++++++++++++++++++++++++++++++++------------------
1 file changed, 245 insertions(+), 116 deletions(-)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 3a51293..0a8edd9 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1,23 +1,43 @@
{
<insert_a_suppression_name_here>
- Memcheck:Leak
- fun:malloc
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
- fun:nss_Init
- fun:NSS_Init
- fun:main
+ Memcheck:Param
+ socketcall.sendto(msg)
+ fun:send
+ fun:MessageSend
+ fun:MessageSendWithHeader
+ fun:SCardConnect
+ fun:CKYCardConnection_Connect
+ fun:_ZN4Slot14connectToTokenEv
+ fun:_ZN4Slot17refreshTokenStateEv
+ fun:_ZN4Slot14isTokenPresentEv
+ fun:_ZN8SlotList11getSlotListEhPmS0_
+ fun:C_GetSlotList
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
}
{
<insert_a_suppression_name_here>
- Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
+ Memcheck:Cond
+ fun:SCardStatus
+ fun:CKYCardConnection_GetStatus
+ fun:_ZN4Slot23cardStateMayHaveChangedEv
+ fun:_ZN4Slot17refreshTokenStateEv
+ fun:_ZN4Slot14isTokenPresentEv
+ fun:_ZN8SlotList11getSlotListEhPmS0_
+ fun:C_GetSlotList
fun:secmod_LoadPKCS11Module
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -25,12 +45,15 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
+ fun:malloc
+ fun:PORT_Alloc_Util
+ fun:PK11_ReadMechanismList
+ fun:PK11_InitToken
+ fun:PK11_InitSlot
fun:secmod_LoadPKCS11Module
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -223,12 +246,10 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
- fun:secmod_LoadPKCS11Module
- fun:SECMOD_LoadModule
- fun:SECMOD_LoadModule
+ fun:calloc
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -237,10 +258,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PKIX_PL_Malloc
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PR_NewCondVar
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -249,18 +270,7 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PKIX_PL_Malloc
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
+ fun:PR_NewCondVar
fun:NSSRWLock_New_Util
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -272,10 +282,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PR_NewCondVar
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:PKIX_PL_Malloc
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
fun:nss_Init
fun:NSS_Init
fun:main
@@ -284,10 +294,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PR_NewCondVar
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:PKIX_PL_Malloc
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
fun:nss_Init
fun:NSS_Init
fun:main
@@ -357,8 +367,10 @@
fun:calloc
fun:PORT_ZAlloc_Util
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -368,8 +380,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -382,8 +396,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -396,8 +412,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -410,8 +428,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -424,28 +444,32 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
@@ -466,6 +490,7 @@
fun:calloc
fun:nss_ZAlloc
fun:nssArena_Create
+ fun:NSSArena_Create
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -505,7 +530,10 @@
fun:calloc
fun:nss_ZAlloc
fun:nssArena_Create
+ fun:NSSArena_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -514,14 +542,12 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:malloc
- obj:*
- obj:*
- obj:*
- fun:secmod_ModuleInit
- fun:secmod_LoadPKCS11Module
- fun:SECMOD_LoadModule
- fun:SECMOD_LoadModule
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssTokenObjectCache_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -531,28 +557,32 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
@@ -560,35 +590,11 @@
fun:calloc
fun:PORT_ZAlloc_Util
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:nss_ZAlloc
- fun:nssArena_Create
- fun:nssToken_CreateFromPK11SlotInfo
- fun:STAN_InitTokenForSlotInfo
- fun:STAN_LoadDefaultNSS3TrustDomain
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:nss_ZAlloc
- fun:nssArena_Create
- fun:nssToken_CreateFromPK11SlotInfo
- fun:STAN_InitTokenForSlotInfo
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -599,8 +605,10 @@
fun:calloc
fun:PR_NewLock
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -610,8 +618,10 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -621,22 +631,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_Mutex_Create
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -646,9 +645,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Mutex_Create
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -658,9 +659,10 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:nssArena_Create
+ fun:NSSArena_Create
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -670,7 +672,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssArena_Create
+ fun:NSSRWLock_New_Util
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -682,7 +684,8 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:NSSRWLock_New_Util
+ fun:nssArena_Create
+ fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -694,7 +697,6 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssArena_Create
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -707,6 +709,8 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -720,6 +724,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -733,6 +738,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -746,6 +752,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -758,9 +765,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssHash_Create
- fun:nssTrustDomain_InitializeCache
- fun:NSSTrustDomain_Create
+ fun:nssList_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -771,7 +776,9 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssList_Create
+ fun:nssTokenObjectCache_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -821,7 +828,10 @@
fun:calloc
fun:PR_NewLock
fun:nssArena_Create
+ fun:NSSArena_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -834,6 +844,8 @@
fun:PR_NewLock
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -845,8 +857,11 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -858,8 +873,11 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -871,6 +889,55 @@
fun:calloc
fun:PR_NewLock
fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_Mutex_Create
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Mutex_Create
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
fun:PKIX_PL_Mutex_Create
fun:PKIX_PL_HashTable_Create
fun:PKIX_Initialize
@@ -1064,6 +1131,33 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssSlot_CreateFromPK11SlotInfo
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
fun:malloc
fun:PKIX_PL_Malloc
fun:pkix_pl_PrimHashTable_Create
@@ -1126,8 +1220,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1140,8 +1236,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1154,8 +1252,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1168,8 +1268,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1183,9 +1285,11 @@
fun:calloc
fun:PR_NewLock
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1195,9 +1299,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1233,6 +1339,7 @@
fun:calloc
fun:PR_NewLock
fun:nssArena_Create
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1245,6 +1352,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1258,8 +1366,24 @@
fun:malloc
fun:PL_ArenaAllocate
fun:PORT_ArenaAlloc_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ fun:PORT_Alloc_Util
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1273,7 +1397,9 @@
fun:legacy_ReadSecmodDB
fun:sftkdb_ReadSecmodDB
fun:NSC_ModuleDBFunc
+ fun:SECMOD_GetModuleSpecList
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1349,6 +1475,8 @@
fun:nss_zalloc_arena_locked
fun:nss_ZAlloc
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -1375,6 +1503,7 @@
fun:PL_ArenaAllocate
fun:nss_zalloc_arena_locked
fun:nss_ZAlloc
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
--
1.7.12.1

25
0007-Free-the-pid-string-once-we-re-done-writing-it.patch Normal file
View File

@ -0,0 +1,25 @@
From 81bf0e36a82a3d746a01aee50d8ee460dc794b19 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:57:20 -0400
Subject: [PATCH 07/30] Free the pid string once we're done writing it.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/daemon.c b/src/daemon.c
index daa2dbf..245491f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -842,6 +842,7 @@ err:
if (rc < 0)
goto err;
+ free(pidstr);
close(fd);
}
--
1.7.12.1

38
0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch Normal file
View File

@ -0,0 +1,38 @@
From 50c50c8fbebab3d8b5efff35dc1a7ca4b44d6b19 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 11:08:30 -0400
Subject: [PATCH 08/30] [valgrind] Don't complain about unlocking a key and
keeping the handle.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 0a8edd9..62934e8 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1511,3 +1511,19 @@
fun:NSS_Init
fun:main
}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssList_Create
+ fun:nssTrustDomain_UpdateCachedTokenCerts
+ fun:PK11_DoPassword
+ fun:PK11_Authenticate
+ fun:unlock_nss_token
+ fun:handle_unlock_token
+ fun:handle_event
+ fun:handle_events
+ fun:daemonize
+}
--
1.7.12.1

36
0009-Only-try-to-register-OIDs-once.patch Normal file
View File

@ -0,0 +1,36 @@
From b71f1d2e8f7ad6853e5e68134a66baf9dea2471b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 11:26:04 -0400
Subject: [PATCH 09/30] Only try to register OIDs once.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 2d51979..6219a2a 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -179,11 +179,15 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...)
int
cms_context_init(cms_context *cms)
{
+ static int first_time = 1;
memset(cms, '\0', sizeof (*cms));
- SECStatus status = register_oids(cms);
- if (status != SECSuccess)
- return -1;
+ if (first_time) {
+ SECStatus status = register_oids(cms);
+ if (status != SECSuccess)
+ return -1;
+ first_time = 0;
+ }
cms->log = cms_common_log;
--
1.7.12.1

30
0010-Check-for-NSS_Shutdown-failure.patch Normal file
View File

@ -0,0 +1,30 @@
From f966137c17f74fc3e343dfb6e04300a9d179de03 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 12:05:29 -0400
Subject: [PATCH 10/30] Check for NSS_Shutdown() failure.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index 245491f..77fff90 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -967,6 +967,11 @@ daemonize(cms_context *cms_ctx, int do_fork)
rc = handle_events(&ctx);
- NSS_Shutdown();
+ status = NSS_Shutdown();
+ if (status != SECSuccess) {
+ fprintf(stderr, "NSS_Shutdown failed: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
return rc;
}
--
1.7.12.1

100
0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch Normal file
View File

@ -0,0 +1,100 @@
From 0dddfd5e738232403220b0d18888f94fa0032a59 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 12:17:39 -0400
Subject: [PATCH 11/30] Don't destroy stdin/stdout/stderr if we don't fork.
I like being able to read my error messages.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 59 +++++++++++++++++++++++++++++++++--------------------------
1 file changed, 33 insertions(+), 26 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 77fff90..a31c063 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -890,33 +890,38 @@ daemonize(cms_context *cms_ctx, int do_fork)
exit(1);
}
- int fd = open("/dev/zero", O_RDONLY);
- close(STDIN_FILENO);
- rc = dup2(fd, STDIN_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard input: %m");
- exit(1);
- }
- close(fd);
+ if (do_fork) {
+ int fd = open("/dev/zero", O_RDONLY);
+ close(STDIN_FILENO);
+ rc = dup2(fd, STDIN_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard input: %m");
+ exit(1);
+ }
+ close(fd);
- fd = open("/dev/null", O_WRONLY);
- close(STDOUT_FILENO);
- rc = dup2(fd, STDOUT_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard output: %m");
- exit(1);
- }
+ fd = open("/dev/null", O_WRONLY);
+ close(STDOUT_FILENO);
+ rc = dup2(fd, STDOUT_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard output: %m");
+ exit(1);
+ }
- close(STDERR_FILENO);
- rc = dup2(fd, STDERR_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard error: %m");
- exit(1);
+ close(STDERR_FILENO);
+ rc = dup2(fd, STDERR_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard error: %m");
+ exit(1);
+ }
+ close(fd);
}
- close(fd);
prctl(PR_SET_NAME, "pesignd", 0, 0, 0);
@@ -963,13 +968,15 @@ daemonize(cms_context *cms_ctx, int do_fork)
cms_set_pw_callback(ctx.backup_cms, get_password_fail);
cms_set_pw_data(ctx.backup_cms, NULL);
- ctx.backup_cms->log = daemon_logger;
+ if (do_fork)
+ ctx.backup_cms->log = daemon_logger;
rc = handle_events(&ctx);
status = NSS_Shutdown();
if (status != SECSuccess) {
- fprintf(stderr, "NSS_Shutdown failed: %s\n",
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
+ "NSS_Shutdown failed: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
--
1.7.12.1

54
0012-valgrind-Add-SECMOD_LoadModule-codepath.patch Normal file
View File

@ -0,0 +1,54 @@
From 19c8e797d092e17f2882d249d5446728a76db050 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:29:30 -0400
Subject: [PATCH 12/30] [valgrind] Add SECMOD_LoadModule codepath.
This is called once when we initialize the database.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 62934e8..783bdad 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1527,3 +1527,34 @@
fun:handle_events
fun:daemonize
}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:_Znwm
+ obj:*
+ fun:secmod_ModuleInit
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:daemonize
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ obj:*
+ obj:*
+ obj:*
+ fun:secmod_ModuleInit
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:daemonize
+}
--
1.7.12.1

119
0013-Don-t-set-up-digests-in-cms_context_init.patch Normal file
View File

@ -0,0 +1,119 @@
From 186b6d5d39a1feeaa5f9493d28dc4f53015d551d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:33:35 -0400
Subject: [PATCH 13/30] Don't set up digests in cms_context_init.
Move digest setup out of cms_context_init, so we can avoid leaking the
reference to the digests by not having them in ctx->backup_cms in the
daemon.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 9 ++-------
src/cms_common.h | 3 +++
src/daemon.c | 27 +++++++++++++++++++++++++++
3 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 6219a2a..a8e34dd 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -97,7 +97,7 @@ digest_get_digest_size(cms_context *cms)
}
-static int
+int
setup_digests(cms_context *cms)
{
struct digest *digests = NULL;
@@ -133,7 +133,7 @@ err:
return -1;
}
-static void
+void
teardown_digests(cms_context *ctx)
{
struct digest *digests = ctx->digests;
@@ -199,11 +199,6 @@ cms_context_init(cms_context *cms)
return -1;
}
- int rc = setup_digests(cms);
- if (rc < 0) {
- PORT_FreeArena(cms->arena, PR_TRUE);
- return -1;
- }
cms->selected_digest = -1;
return 0;
diff --git a/src/cms_common.h b/src/cms_common.h
index fc80fa3..830427e 100644
--- a/src/cms_common.h
+++ b/src/cms_common.h
@@ -86,6 +86,9 @@ extern int cms_context_alloc(cms_context **ctxp);
extern int cms_context_init(cms_context *ctx);
extern void cms_context_fini(cms_context *ctx);
+extern int setup_digests(cms_context *cms);
+extern void teardown_digests(cms_context *ctx);
+
extern int generate_octet_string(cms_context *ctx, SECItem *encoded,
SECItem *original);
extern int generate_object_id(cms_context *ctx, SECItem *encoded,
diff --git a/src/daemon.c b/src/daemon.c
index a31c063..f44f069 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -143,6 +143,15 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
return;
}
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
if (!buffer) {
@@ -491,6 +500,15 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 1);
@@ -506,6 +524,15 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 0);
--
1.7.12.1

53
0014-Do-register_oids-where-we-re-doing-NSS_Init.patch Normal file
View File

@ -0,0 +1,53 @@
From e1f8d4e38f4ad08fb407691a3f59edc19a1f15e2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:41:18 -0400
Subject: [PATCH 14/30] Do register_oids() where we're doing NSS_Init()
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 8 --------
src/daemon.c | 7 +++++++
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index a8e34dd..6188e6e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -179,16 +179,8 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...)
int
cms_context_init(cms_context *cms)
{
- static int first_time = 1;
memset(cms, '\0', sizeof (*cms));
- if (first_time) {
- SECStatus status = register_oids(cms);
- if (status != SECSuccess)
- return -1;
- first_time = 0;
- }
-
cms->log = cms_common_log;
cms->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
diff --git a/src/daemon.c b/src/daemon.c
index f44f069..085cfec 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -917,6 +917,13 @@ daemonize(cms_context *cms_ctx, int do_fork)
exit(1);
}
+ status = register_oids(ctx.backup_cms);
+ if (status != SECSuccess) {
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
+ "Could not register OIDs\n");
+ exit(1);
+ }
+
if (do_fork) {
int fd = open("/dev/zero", O_RDONLY);
close(STDIN_FILENO);
--
1.7.12.1

61
0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch Normal file
View File

@ -0,0 +1,61 @@
From 092e3f81233655849156b0948a53f3b5f51b8c97 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:43:58 -0400
Subject: [PATCH 15/30] Make daemon shutdown actually close the NSS databases
and whatnot.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 085cfec..dd215f8 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -125,8 +125,7 @@ handle_kill_daemon(context *ctx, struct pollfd *pollfd, socklen_t size)
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
"pesignd exiting (pid %d)", getpid());
- cms_context_fini(ctx->backup_cms);
- exit(0);
+ should_exit = 1;
}
static void
@@ -625,6 +624,16 @@ handle_event(context *ctx, struct pollfd *pollfd)
return 0;
}
+static void
+do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
+{
+ for (int i = 0; i < nsockets; i++)
+ close(pollfds[i].fd);
+ free(pollfds);
+
+ xfree(ctx->errstr);
+}
+
static int
handle_events(context *ctx)
{
@@ -643,9 +652,14 @@ handle_events(context *ctx)
pollfds[0].events = POLLIN|POLLPRI|POLLHUP;
while (1) {
+ if (should_exit != 0) {
+shutdown:
+ do_shutdown(ctx, nsockets, pollfds);
+ return 0;
+ }
rc = ppoll(pollfds, nsockets, NULL, NULL);
if (should_exit != 0)
- exit(0);
+ goto shutdown;
if (rc < 0) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_WARNING,
--
1.7.12.1

425
0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch Normal file
View File

@ -0,0 +1,425 @@
From b6ff405da1bf4627a40fc104457a539788c9f470 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:18:08 -0400
Subject: [PATCH 16/30] Reformat a bunch of error messages to be vaguely
consistent.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 6 ++--
src/daemon.c | 102 ++++++++++++++++++++++++++++---------------------------
2 files changed, 55 insertions(+), 53 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 6188e6e..a1ed460 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -410,7 +410,7 @@ find_certificate(cms_context *cms)
PK11SlotList *slots = NULL;
slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
if (!slots) {
- cms->log(cms, LOG_ERR, "Could not find certificate \"%s:%s\"",
+ cms->log(cms, LOG_ERR, "could not find certificate \"%s:%s\"",
cms->tokenname, cms->certname);
err:
return -1;
@@ -420,7 +420,7 @@ err:
psle = PK11_GetFirstSafe(slots);
if (!psle) {
err_slots_errmsg:
- cms->log(cms, LOG_ERR, "Could not find certificate \"%s:%s\"",
+ cms->log(cms, LOG_ERR, "could not find certificate \"%s:%s\"",
cms->tokenname, cms->certname);
err_slots:
PK11_FreeSlotList(slots);
@@ -441,7 +441,7 @@ err_slots:
if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata);
if (status != SECSuccess) {
- cms->log(cms, LOG_ERR, "Authentication failed on "
+ cms->log(cms, LOG_ERR, "authentication failed for "
"certificate \"%s:%s\"", cms->tokenname,
cms->certname);
PK11_DestroySlotListElement(slots, &psle);
diff --git a/src/daemon.c b/src/daemon.c
index dd215f8..07aaf6c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -82,7 +82,7 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
void *buffer = calloc(1, iov.iov_len);
if (!buffer) {
cms->log(cms, ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: %m");
+ "could not allocate memory: %m");
exit(1);
}
@@ -108,7 +108,7 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
n = sendmsg(pollfd->fd, &msg, 0);
if (n < 0)
cms->log(cms, ctx->priority|LOG_WARNING,
- "pesignd: could not send response to client: %m");
+ "could not send response to client: %m");
free(buffer);
}
@@ -156,7 +156,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -173,9 +173,9 @@ oom:
if (n < sizeof(tn->size)) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return;
}
@@ -202,7 +202,7 @@ malformed:
goto malformed;
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
- "pesignd: unlocking token \"%s\"", tn->value);
+ "unlocking token \"%s\"", tn->value);
/* authenticating with nss frees this ... best API ever. */
ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
@@ -223,9 +223,13 @@ malformed:
cms_set_pw_callback(ctx->cms, get_password_fail);
cms_set_pw_data(ctx->cms, NULL);
- if (rc == 0)
- ctx->cms->log(ctx->cms, LOG_NOTICE, "pesignd: Authentication "
- "succeeded for token \"%s\"", tn->value);
+ if (rc < 0)
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+ "could not find token \"%s\"", tn->value);
+ else
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
+ "authentication succeeded for token \"%s\"",
+ tn->value);
send_response(ctx, ctx->cms, pollfd, rc);
free(buffer);
@@ -245,7 +249,7 @@ socket_get_fd(context *ctx, int sd, int *fd)
struct cmsghdr *cm = malloc(controllen);
if (!cm) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -262,9 +266,9 @@ socket_get_fd(context *ctx, int sd, int *fd)
if (n < 0) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(sd);
return;
}
@@ -293,7 +297,7 @@ set_up_inpe(context *ctx, int fd, Pe **pe)
*pe = pe_begin(fd, PE_C_READ, NULL);
if (!*pe) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not parse PE binary: %s",
+ "could not parse PE binary: %s",
pe_errmsg(pe_errno()));
return -1;
}
@@ -301,7 +305,7 @@ set_up_inpe(context *ctx, int fd, Pe **pe)
int rc = parse_signatures(ctx->cms, *pe);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not parse signature list");
+ "could not parse signature list");
pe_end(*pe);
*pe = NULL;
return -1;
@@ -320,20 +324,20 @@ set_up_outpe(context *ctx, int fd, Pe *inpe, Pe **outpe)
off_t offset = lseek(fd, 0, SEEK_SET);
if (offset < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not read output file: %m");
+ "could not read output file: %m");
return -1;
}
int rc = ftruncate(fd, size);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not extend output file: %m");
+ "could not extend output file: %m");
return -1;
}
rc = write(fd, addr, size);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not write to output file: %m");
+ "could not write to output file: %m");
return -1;
}
@@ -342,7 +346,7 @@ set_up_outpe(context *ctx, int fd, Pe *inpe, Pe **outpe)
*outpe = pe_begin(fd, PE_C_RDWR, NULL);
if (!*outpe) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not set up output: %s",
+ "could not set up output: %s",
pe_errmsg(pe_errno()));
return -1;
}
@@ -363,7 +367,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size,
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -380,9 +384,9 @@ oom:
if (n < sizeof(tn->size)) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return;
}
@@ -423,7 +427,7 @@ malformed:
socket_get_fd(ctx, pollfd->fd, &outfd);
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
- "pesignd: attempting to sign with key \"%s:%s\"",
+ "attempting to sign with key \"%s:%s\"",
tn->value, cn->value);
free(buffer);
@@ -548,9 +552,9 @@ handle_invalid_input(pesignd_cmd cmd, context *ctx, struct pollfd *pollfd,
socklen_t size)
{
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: got unexpected command 0x%x", cmd);
+ "got unexpected command 0x%x", cmd);
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt");
+ "possible exploit attempt");
}
typedef void (*cmd_handler)(context *ctx, struct pollfd *pollfd,
@@ -593,16 +597,16 @@ handle_event(context *ctx, struct pollfd *pollfd)
n = recvmsg(pollfd->fd, &msg, MSG_WAITALL);
if (n < 0) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_WARNING,
- "pesignd: recvmsg failed: %m");
+ "recvmsg failed: %m");
return n;
}
if (pm.version != PESIGND_VERSION) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: got version %d, expected version %d",
+ "got version %d, expected version %d",
pm.version, PESIGND_VERSION);
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return -1;
}
@@ -644,7 +648,7 @@ handle_events(context *ctx)
if (!pollfds) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: %m");
+ "could not allocate memory: %m");
exit(1);
}
@@ -663,7 +667,7 @@ shutdown:
if (rc < 0) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_WARNING,
- "pesignd: ppoll: %m");
+ "ppoll: %m");
continue;
}
@@ -675,8 +679,7 @@ shutdown:
if (!newpollfds) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: "
- "%m");
+ "could not allocate memory: %m");
exit(1);
}
pollfds = newpollfds;
@@ -729,8 +732,8 @@ get_uid_and_gid(context *ctx, char **homedir)
if (ctx->uid == 0 || ctx->gid == 0) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: cowardly refusing to start with uid = %d "
- "and gid = %d", ctx->uid, ctx->gid);
+ "cowardly refusing to start with uid = %d and gid = %d",
+ ctx->uid, ctx->gid);
errno = EINVAL;
return -1;
}
@@ -752,7 +755,7 @@ set_up_socket(context *ctx)
int sd = socket(AF_UNIX, SOCK_STREAM, 0);
if (sd < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to create socket: %m");
+ "unable to create socket: %m");
exit(1);
}
@@ -760,7 +763,7 @@ set_up_socket(context *ctx)
int rc = setsockopt(sd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to set socket options: %m");
+ "unable to set socket options: %m");
exit(1);
}
@@ -772,14 +775,14 @@ set_up_socket(context *ctx)
rc = bind(sd, &addr_un, sizeof(addr_un));
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to bind to \"%s\": %m",
+ "unable to bind to \"%s\": %m",
addr_un.sun_path);
exit(1);
}
rc = chmod(SOCKPATH, 0660);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not set permissions for \"%s\": %m",
+ "could not set permissions for \"%s\": %m",
SOCKPATH);
exit(1);
}
@@ -787,7 +790,7 @@ set_up_socket(context *ctx)
rc = listen(sd, 5);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to listen on socket: %m");
+ "unable to listen on socket: %m");
exit(1);
}
@@ -809,8 +812,7 @@ check_socket(context *ctx)
int sd = socket(AF_UNIX, SOCK_SEQPACKET, 0);
if (sd < 0) {
- fprintf(stderr, "pesignd: unable to create socket: "
- "%m");
+ fprintf(stderr, "unable to create socket: %m");
exit(1);
}
@@ -829,7 +831,7 @@ check_socket(context *ctx)
if (rc < 0) {
return;
} else {
- fprintf(stderr, "pesignd: already running");
+ fprintf(stderr, "already running");
exit(1);
}
} else {
@@ -871,7 +873,7 @@ write_pid_file(int pid)
int fd = open("/var/run/pesign.pid", O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (fd < 0) {
err:
- fprintf(stderr, "pesignd: couldn't open pidfile: %m\n");
+ fprintf(stderr, "couldn't open pidfile: %m\n");
exit(1);
}
char *pidstr = NULL;
@@ -923,10 +925,10 @@ daemonize(cms_context *cms_ctx, int do_fork)
daemon_logger(ctx.backup_cms, ctx.priority|LOG_NOTICE,
"pesignd starting (pid %d)", ctx.pid);
-
SECStatus status = NSS_Init("/etc/pki/pesign");
if (status != SECSuccess) {
- fprintf(stderr, "Could not initialize nss: %s\n",
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
+ "Could not initialize nss: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
@@ -945,7 +947,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard input: %m");
+ "could not set up standard input: %m");
exit(1);
}
close(fd);
@@ -956,7 +958,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard output: %m");
+ "could not set up standard output: %m");
exit(1);
}
@@ -965,7 +967,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard error: %m");
+ "could not set up standard error: %m");
exit(1);
}
close(fd);
@@ -989,7 +991,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
rc = get_uid_and_gid(&ctx, &homedir);
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not get group and user information "
+ "could not get group and user information "
"for pesign: %m");
exit(1);
}
@@ -1001,13 +1003,13 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (setgid(ctx.gid) != 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: unable to drop group privileges: %m");
+ "unable to drop group privileges: %m");
exit(1);
}
if (setuid(ctx.uid) != 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: unable to drop user privileges: %m");
+ "unable to drop user privileges: %m");
exit(1);
}
}
--
1.7.12.1

82
0017-Use-PORT_ArenaStrdup-where-appropriate.patch Normal file
View File

@ -0,0 +1,82 @@
From 8ffe6943f04d42314f81eb8b5e3350d4ccc41895 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:26:23 -0400
Subject: [PATCH 17/30] Use PORT_ArenaStrdup() where appropriate.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 15 ++++++---------
src/pesign.c | 12 ++++++------
2 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 07aaf6c..73fd924 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -205,9 +205,8 @@ malformed:
"unlocking token \"%s\"", tn->value);
/* authenticating with nss frees this ... best API ever. */
- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)tn->value));
- strcpy(ctx->cms->tokenname, (char *)tn->value);
+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)tn->value);
if (!ctx->cms->tokenname)
goto oom;
@@ -397,9 +396,8 @@ malformed:
n -= tn->size;
/* authenticating with nss frees these ... best API ever. */
- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)tn->value));
- strcpy(ctx->cms->tokenname, (char *)tn->value);
+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)tn->value);
if (!ctx->cms->tokenname)
goto oom;
@@ -410,9 +408,8 @@ malformed:
if (n < cn->size)
goto malformed;
- ctx->cms->certname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)cn->value));
- strcpy(ctx->cms->certname, (char *)cn->value);
+ ctx->cms->certname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)cn->value);
if (!ctx->cms->certname)
goto oom;
diff --git a/src/pesign.c b/src/pesign.c
index c7b23cf..819cee0 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -551,17 +551,17 @@ main(int argc, char *argv[])
exit(!is_help);
}
- ctx.cms_ctx->tokenname = tokenname ?
- PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
- if (tokenname && !ctx.cms_ctx->tokenname) {
+ ctxp->cms_ctx->tokenname = tokenname ?
+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, tokenname) : NULL;
+ if (tokenname && !ctxp->cms_ctx->tokenname) {
fprintf(stderr, "could not allocate token name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
- ctx.cms_ctx->certname = certname ?
- PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
- if (certname && !ctx.cms_ctx->certname) {
+ ctxp->cms_ctx->certname = certname ?
+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL;
+ if (certname && !ctxp->cms_ctx->certname) {
fprintf(stderr, "could not allocate certificate name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
--
1.7.12.1

58
0018-Minor-whitespace-fixes.patch Normal file
View File

@ -0,0 +1,58 @@
From c196b462ad5267e8ed20c0b855b9921268b22a7b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:26:47 -0400
Subject: [PATCH 18/30] Minor whitespace fixes.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 6 +++---
src/pesign.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 73fd924..69aea4b 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -70,7 +70,7 @@ hide_stolen_goods_from_cms(cms_context *new, cms_context *old)
static void
send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
-{
+{
struct msghdr msg;
struct iovec iov;
ssize_t n;
@@ -890,7 +890,7 @@ int
daemonize(cms_context *cms_ctx, int do_fork)
{
int rc = 0;
- context ctx = {
+ context ctx = {
.backup_cms = cms_ctx,
.priority = do_fork ? LOG_PID
: LOG_PID|LOG_PERROR,
@@ -904,7 +904,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
fprintf(stderr, "pesignd must be started as root");
exit(1);
}
-
+
check_socket(&ctx);
openlog("pesignd", LOG_PID, LOG_DAEMON);
diff --git a/src/pesign.c b/src/pesign.c
index 819cee0..2ba5ef1 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -88,7 +88,7 @@ open_input(pesign_context *ctx)
struct stat statbuf;
ctx->infd = open(ctx->infile, O_RDONLY|O_CLOEXEC);
- stat(ctx->infile, &statbuf);
+ stat(ctx->infile, &statbuf);
ctx->outmode = statbuf.st_mode;
if (ctx->infd < 0) {
--
1.7.12.1

38
0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch Normal file
View File

@ -0,0 +1,38 @@
From 7a8c50f620c7484af9d750f484df8a6837e6b2a5 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:27:03 -0400
Subject: [PATCH 19/30] [daemon] Make sure inpe is initialized before all
error handling.
find_certificate() and set_up_inpe() errors wind up being at the same
place, which means when find_certificate is called, inpe already must be
NULL.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index 69aea4b..534fb23 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -362,6 +362,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size,
struct iovec iov;
ssize_t n;
char *buffer = malloc(size);
+ Pe *inpe = NULL;
if (!buffer) {
oom:
@@ -433,7 +434,6 @@ malformed:
goto finish;
}
- Pe *inpe = NULL;
rc = set_up_inpe(ctx, infd, &inpe);
if (rc < 0)
goto finish;
--
1.7.12.1

360
0020-Allocate-pesign_context-rather-than-having-it-on-the.patch Normal file
View File

@ -0,0 +1,360 @@
From 66d3353e6d24c9e69ce71735c5aa4741717a6d68 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:31:15 -0400
Subject: [PATCH 20/30] Allocate pesign_context rather than having it on the
stack.
This way it won't try to re-initialize cms_context when it's cleaned up.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 152 ++++++++++++++++++++++++++++++-----------------------------
1 file changed, 77 insertions(+), 75 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 2ba5ef1..e22e814 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -426,7 +426,7 @@ main(int argc, char *argv[])
{
int rc;
- pesign_context ctx, *ctxp = &ctx;
+ pesign_context *ctxp;
int list = 0;
int remove = 0;
@@ -437,40 +437,47 @@ main(int argc, char *argv[])
char *tokenname = "NSS Certificate DB";
char *certname = NULL;
+ rc = pesign_context_new(&ctxp);
+ if (rc < 0) {
+ fprintf(stderr, "Could not initialize context: %m\n");
+ exit(1);
+ }
+
poptContext optCon;
struct poptOption options[] = {
{NULL, '\0', POPT_ARG_INTL_DOMAIN, "pesign" },
- {"in", 'i', POPT_ARG_STRING, &ctx.infile, 0,
+ {"in", 'i', POPT_ARG_STRING, &ctxp->infile, 0,
"specify input file", "<infile>"},
- {"out", 'o', POPT_ARG_STRING, &ctx.outfile, 0,
+ {"out", 'o', POPT_ARG_STRING, &ctxp->outfile, 0,
"specify output file", "<outfile>" },
{"certficate", 'c', POPT_ARG_STRING, &certname, 0,
"specify certificate nickname",
"<certificate nickname>" },
- {"privkey", 'p', POPT_ARG_STRING, &ctx.privkeyfile, 0,
+ {"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0,
"specify private key file", "<privkey>" },
- {"force", 'f', POPT_ARG_VAL, &ctx.force, 1,
+ {"force", 'f', POPT_ARG_VAL, &ctxp->force, 1,
"force overwriting of output file", NULL },
- {"sign", 's', POPT_ARG_VAL, &ctx.sign, 1,
+ {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1,
"create a new signature", NULL },
- {"hash", 'h', POPT_ARG_VAL, &ctx.hash, 1, "hash binary", NULL },
+ {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL },
{"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT,
&digest_name, 0, "digest type to use for pe hash" },
{"import-signed-certificate", 'm',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.insig, 0,"import signature from file", "<insig>" },
+ &ctxp->insig, 0,"import signature from file", "<insig>" },
{"export-signed-attributes", 'E',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.outsattrs, 0, "export signed attributes to file",
+ &ctxp->outsattrs, 0, "export signed attributes to file",
"<signed_attributes_file>" },
{"import-signed-attributes", 'I',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.insattrs, 0, "import signed attributes from file",
+ &ctxp->insattrs, 0,
+ "import signed attributes from file",
"<signed_attributes_file>" },
{"import-raw-signature", 'R',
- POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctx.rawsig,
+ POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctxp->rawsig,
0, "import raw signature from file", "<inraw>" },
- {"signature-number", 'u', POPT_ARG_INT, &ctx.signum, -1,
+ {"signature-number", 'u', POPT_ARG_INT, &ctxp->signum, -1,
"specify which signature to operate on","<sig-number>"},
{"list-signatures", 'l',
POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN,
@@ -483,13 +490,14 @@ main(int argc, char *argv[])
"remove signature" },
{"export-signature", 'e',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.outsig, 0,"export signature to file", "<outsig>" },
+ &ctxp->outsig, 0,
+ "export signature to file", "<outsig>" },
{"export-pubkey", 'K', POPT_ARG_STRING,
- &ctx.outkey, 0, "export pubkey to file", "<outkey>" },
+ &ctxp->outkey, 0, "export pubkey to file", "<outkey>" },
{"export-cert", 'C', POPT_ARG_STRING,
- &ctx.outcert, 0, "export signing cert to file",
+ &ctxp->outcert, 0, "export signing cert to file",
"<outcert>" },
- {"ascii-armor", 'a', POPT_ARG_VAL, &ctx.ascii, 1,
+ {"ascii-armor", 'a', POPT_ARG_VAL, &ctxp->ascii, 1,
"use ascii armoring", NULL },
{"daemonize", 'D', POPT_ARG_VAL, &daemon, 1,
"run as a daemon process", NULL },
@@ -509,12 +517,6 @@ main(int argc, char *argv[])
}
}
- rc = pesign_context_init(ctxp);
- if (rc < 0) {
- fprintf(stderr, "Could not initialize context: %m\n");
- exit(1);
- }
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -571,25 +573,25 @@ main(int argc, char *argv[])
if (daemon)
action |= DAEMONIZE;
- if (ctx.rawsig)
+ if (ctxp->rawsig)
action |= IMPORT_RAW_SIGNATURE;
- if (ctx.insattrs)
+ if (ctxp->insattrs)
action |= IMPORT_SATTRS;
- if (ctx.outsattrs)
+ if (ctxp->outsattrs)
action |= EXPORT_SATTRS;
-
- if (ctx.insig)
+
+ if (ctxp->insig)
action |= IMPORT_SIGNATURE;
- if (ctx.outkey)
+ if (ctxp->outkey)
action |= EXPORT_PUBKEY;
- if (ctx.outcert)
+ if (ctxp->outcert)
action |= EXPORT_CERT;
- if (ctx.outsig)
+ if (ctxp->outsig)
action |= EXPORT_SIGNATURE;
if (remove != 0)
@@ -598,13 +600,13 @@ main(int argc, char *argv[])
if (list != 0)
action |= LIST_SIGNATURES;
- if (ctx.sign) {
+ if (ctxp->sign) {
action |= GENERATE_SIGNATURE;
if (!(action & EXPORT_SIGNATURE))
action |= IMPORT_SIGNATURE;
}
- if (ctx.hash)
+ if (ctxp->hash)
action |= GENERATE_DIGEST|PRINT_DIGEST;
ssize_t sigspace = 0;
@@ -620,11 +622,11 @@ main(int argc, char *argv[])
*/
case IMPORT_RAW_SIGNATURE|IMPORT_SATTRS:
check_inputs(ctxp);
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_rawsig_input(ctxp);
@@ -636,19 +638,19 @@ main(int argc, char *argv[])
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- sigspace = calculate_signature_space(ctx.cms_ctx,
- ctx.outpe);
- allocate_signature_space(ctx.outpe, sigspace);
- generate_signature(ctx.cms_ctx);
- insert_signature(ctx.cms_ctx, ctx.signum);
- finalize_signatures(ctx.cms_ctx, ctx.outpe);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ sigspace = calculate_signature_space(ctxp->cms_ctx,
+ ctxp->outpe);
+ allocate_signature_space(ctxp->outpe, sigspace);
+ generate_signature(ctxp->cms_ctx);
+ insert_signature(ctxp->cms_ctx, ctxp->signum);
+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe);
close_output(ctxp);
break;
case EXPORT_SATTRS:
open_input(ctxp);
open_sattr_output(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
generate_sattr_blob(ctxp);
close_sattr_output(ctxp);
close_input(ctxp);
@@ -666,22 +668,22 @@ main(int argc, char *argv[])
close_output(ctxp);
break;
case EXPORT_PUBKEY:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_pubkey_output(ctxp);
export_pubkey(ctxp);
break;
case EXPORT_CERT:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_cert_output(ctxp);
@@ -691,21 +693,21 @@ main(int argc, char *argv[])
case EXPORT_SIGNATURE:
open_input(ctxp);
open_sig_output(ctxp);
- if (ctx.signum > ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "Invalid signature number.\n");
exit(1);
}
- if (ctx.signum < 0)
- ctx.signum = 0;
- if (ctx.signum >= ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum < 0)
+ ctxp->signum = 0;
+ if (ctxp->signum >= ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "No valid signature #%d.\n",
- ctx.signum);
+ ctxp->signum);
exit(1);
}
- memcpy(&ctx.cms_ctx->newsig,
- ctx.cms_ctx->signatures[ctx.signum],
- sizeof (ctx.cms_ctx->newsig));
- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii);
+ memcpy(&ctxp->cms_ctx->newsig,
+ ctxp->cms_ctx->signatures[ctxp->signum],
+ sizeof (ctxp->cms_ctx->newsig));
+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii);
close_input(ctxp);
close_sig_output(ctxp);
break;
@@ -715,11 +717,11 @@ main(int argc, char *argv[])
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- if (ctx.signum > ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "Invalid signature number.\n");
exit(1);
}
- remove_signature(&ctx);
+ remove_signature(ctxp);
close_output(ctxp);
break;
/* list signatures in the binary */
@@ -729,49 +731,49 @@ main(int argc, char *argv[])
break;
case GENERATE_DIGEST|PRINT_DIGEST:
open_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
print_digest(ctxp);
break;
/* generate a signature and save it in a separate file */
case EXPORT_SIGNATURE|GENERATE_SIGNATURE:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_input(ctxp);
open_sig_output(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
- generate_signature(ctx.cms_ctx);
- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
+ generate_signature(ctxp->cms_ctx);
+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii);
break;
/* generate a signature and embed it in the binary */
case IMPORT_SIGNATURE|GENERATE_SIGNATURE:
check_inputs(ctxp);
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- sigspace = calculate_signature_space(ctx.cms_ctx,
- ctx.outpe);
- allocate_signature_space(ctx.outpe, sigspace);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- generate_signature(ctx.cms_ctx);
- insert_signature(ctx.cms_ctx, ctx.signum);
- finalize_signatures(ctx.cms_ctx, ctx.outpe);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ sigspace = calculate_signature_space(ctxp->cms_ctx,
+ ctxp->outpe);
+ allocate_signature_space(ctxp->outpe, sigspace);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ generate_signature(ctxp->cms_ctx);
+ insert_signature(ctxp->cms_ctx, ctxp->signum);
+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe);
close_output(ctxp);
break;
case DAEMONIZE:
- rc = daemonize(ctx.cms_ctx, fork);
+ rc = daemonize(ctxp->cms_ctx, fork);
break;
default:
fprintf(stderr, "Incompatible flags (0x%08x): ", action);
@@ -782,7 +784,7 @@ main(int argc, char *argv[])
fprintf(stderr, "\n");
exit(1);
}
- pesign_context_fini(&ctx);
+ pesign_context_free(ctxp);
NSS_Shutdown();
return (rc < 0);
--
1.7.12.1

67
0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch Normal file
View File

@ -0,0 +1,67 @@
From 444a514e1a7c9a27953f914cf416d559ef5be083 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:32:57 -0400
Subject: [PATCH 21/30] [pesign] initialize nss only if we're not a daemon.
If it's a deamon, NSS_Init, register_oids, and setup_digests will be
done in the daemon code, not in the normal tool code.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 33 +++++++++++++++++++++++----------
1 file changed, 23 insertions(+), 10 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index e22e814..aa09bf5 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -508,15 +508,6 @@ main(int argc, char *argv[])
POPT_TABLEEND
};
- if (!daemon) {
- SECStatus status = NSS_Init("/etc/pki/pesign");
- if (status != SECSuccess) {
- fprintf(stderr, "Could not initialize nss: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- exit(1);
- }
- }
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -543,7 +534,29 @@ main(int argc, char *argv[])
poptFreeContext(optCon);
- rc = set_digest_parameters(ctx.cms_ctx, digest_name);
+ if (!daemon) {
+ SECStatus status = NSS_Init("/etc/pki/pesign");
+ if (status != SECSuccess) {
+ fprintf(stderr, "Could not initialize nss: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+
+ status = register_oids(ctxp->cms_ctx);
+ if (status != SECSuccess) {
+ fprintf(stderr, "Could not register OIDs\n");
+ exit(1);
+ }
+
+ rc = setup_digests(ctxp->cms_ctx);
+ if (rc < 0) {
+ fprintf(stderr, "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+ }
+
+ rc = set_digest_parameters(ctxp->cms_ctx, digest_name);
int is_help = strcmp(digest_name, "help") ? 0 : 1;
if (rc < 0) {
if (!is_help) {
--
1.7.12.1

28
0022-Handle-errors-on-pesign_context_init.patch Normal file
View File

@ -0,0 +1,28 @@
From a1ce809e199c7fbbd6f5c0e75f27a4234fcbd2bc Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:34:00 -0400
Subject: [PATCH 22/30] Handle errors on pesign_context_init()
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign_context.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/pesign_context.c b/src/pesign_context.c
index c6afda6..cbd929f 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -37,7 +37,9 @@ pesign_context_new(pesign_context **ctx)
if (!context)
return -1;
- pesign_context_init(context);
+ rc = pesign_context_init(context);
+ if (rc < 0)
+ return rc;
context->flags |= PESIGN_C_ALLOCATED;
*ctx = context;
--
1.7.12.1

119
0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch Normal file
View File

@ -0,0 +1,119 @@
From 4ed91a1bb65769401c0fd6c1c5b2a3c64c0c1266 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 16:35:43 -0400
Subject: [PATCH 23/30] Add sanity checking to make sure we don't emit
uninitialized hashes.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 15 ++++++++++++++-
src/content_info.c | 11 +++++++++++
src/signer_info.c | 5 +++++
src/util.h | 13 +++++++++++++
4 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index a1ed460..ab5a066 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -532,6 +532,10 @@ generate_empty_sequence(cms_context *cms, SECItem *encoded)
int
generate_octet_string(cms_context *cms, SECItem *encoded, SECItem *original)
{
+ if (content_is_empty(original->data, original->len)) {
+ cms->log(cms, LOG_ERR, "content is empty, not encoding");
+ return -1;
+ }
if (SEC_ASN1EncodeItem(cms->arena, encoded, original,
SEC_OctetStringTemplate) == NULL)
return -1;
@@ -942,7 +946,16 @@ generate_signature(cms_context *cms)
{
int rc = 0;
- assert(cms->digests[cms->selected_digest].pe_digest != NULL);
+ if (cms->digests[cms->selected_digest].pe_digest == NULL) {
+ cms->log(cms, LOG_ERR, "pe digest has not been allocated");
+ return -1;
+ }
+
+ if (content_is_empty(cms->digests[cms->selected_digest].pe_digest->data,
+ cms->digests[cms->selected_digest].pe_digest->len)) {
+ cms->log(cms, LOG_ERR, "pe binary has not been digested");
+ return -1;
+ }
SECItem sd_der;
memset(&sd_der, '\0', sizeof(sd_der));
diff --git a/src/content_info.c b/src/content_info.c
index 044e85e..7246d20 100644
--- a/src/content_info.c
+++ b/src/content_info.c
@@ -197,6 +197,11 @@ generate_spc_digest_info(cms_context *cms, SECItem *dip)
int i = cms->selected_digest;
memcpy(&di.digest, cms->digests[i].pe_digest, sizeof (di.digest));
+ if (content_is_empty(di.digest.data, di.digest.len)) {
+ cms->log(cms, LOG_ERR, "got empty digest");
+ return -1;
+ }
+
if (SEC_ASN1EncodeItem(cms->arena, dip, &di,
DigestInfoTemplate) == NULL) {
cms->log(cms, LOG_ERR, "could not encode DigestInfo: %s",
@@ -327,6 +332,12 @@ generate_cinfo_digest(cms_context *cms, SpcContentInfo *cip)
&cms->ci_digest->len,
digest_get_digest_size(cms)) != SECSuccess)
goto err;
+
+ if (content_is_empty(cms->ci_digest->data, cms->ci_digest->len)) {
+ cms->log(cms, LOG_ERR, "generated empty digest");
+ goto err;
+ }
+
if (cms->ci_digest->len > digest_get_digest_size(cms))
goto err;
diff --git a/src/signer_info.c b/src/signer_info.c
index 7a73c26..932b896 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -207,6 +207,11 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
if (!sign_content)
return -1;
+ if (content_is_empty(sign_content->data, sign_content->len)) {
+ cms->log(cms, LOG_ERR, "not signing empty digest");
+ return -1;
+ }
+
SECOidData *oid = SECOID_FindOIDByTag(digest_get_signature_oid(cms));
if (!oid)
goto err;
diff --git a/src/util.h b/src/util.h
index f495a0b..5e0ea34 100644
--- a/src/util.h
+++ b/src/util.h
@@ -110,6 +110,19 @@ free_poison(void *addrv, ssize_t len)
addr[x] = poison_pills[x % 2];
}
+static int
+__attribute__ ((unused))
+content_is_empty(uint8_t *data, ssize_t len)
+{
+ if (len < 1)
+ return 1;
+
+ for (int i = 0; i < len; i++)
+ if (data[i] != 0)
+ return 0;
+ return 1;
+}
+
#if defined(DAEMON_H)
static inline uint32_t
__attribute__ ((unused))
--
1.7.12.1

47
0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch Normal file
View File

@ -0,0 +1,47 @@
From d8ead122f34375a496d280bcc803f730542ca78d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:47:49 -0400
Subject: [PATCH 24/30] Make sure we free the token/cert we get from the
command line.
This probably needs some further examination, but valgrind likes what's
here currently.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/pesign.c b/src/pesign.c
index aa09bf5..be6494e 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -435,6 +435,7 @@ main(int argc, char *argv[])
char *digest_name = "sha256";
char *tokenname = "NSS Certificate DB";
+ char *origtoken = tokenname;
char *certname = NULL;
rc = pesign_context_new(&ctxp);
@@ -573,6 +574,8 @@ main(int argc, char *argv[])
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
+ if (tokenname != origtoken)
+ free(tokenname);
ctxp->cms_ctx->certname = certname ?
PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL;
@@ -581,6 +584,8 @@ main(int argc, char *argv[])
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
+ if (certname)
+ free(certname);
int action = 0;
if (daemon)
--
1.7.12.1

36
0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch Normal file
View File

@ -0,0 +1,36 @@
From 2030d382b49a1b957de829a67f74d9cc127c55ee Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:48:44 -0400
Subject: [PATCH 25/30] [pesign] Only shut down nss in pesign.c if we're not
the daemon.
The daemon does its own init and shutdown.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/pesign.c b/src/pesign.c
index be6494e..6c10b6d 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -804,6 +804,14 @@ main(int argc, char *argv[])
}
pesign_context_free(ctxp);
- NSS_Shutdown();
+ if (!daemon) {
+ SECStatus status = NSS_Shutdown();
+ if (status != SECSuccess) {
+ fprintf(stderr, "could not shut down NSS: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+ }
+
return (rc < 0);
}
--
1.7.12.1

233
0026-Rework-setup_digests-and-teardown_digests.patch Normal file
View File

@ -0,0 +1,233 @@
From 4efe979d6b781e064fe1afa946753ead9e3bbb9d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:49:17 -0400
Subject: [PATCH 26/30] Rework setup_digests() and teardown_digests()
This fixes the problem I was seeing with empty content_info digests, and
makes the code a /little/ bit cleaner in some ways.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 92 +++++++++++++++++++++++++++++++++-----------------------
src/cms_common.h | 1 -
src/daemon.c | 28 +----------------
src/pesign.c | 7 -----
4 files changed, 55 insertions(+), 73 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index ab5a066..6b3f5ec 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -96,43 +96,6 @@ digest_get_digest_size(cms_context *cms)
return digest_params[i].size;
}
-
-int
-setup_digests(cms_context *cms)
-{
- struct digest *digests = NULL;
-
- digests = calloc(n_digest_params, sizeof (*digests));
- if (!digests) {
- cms->log(cms, LOG_ERR, "cannot allocate memory: %m");
- return -1;
- }
-
- for (int i = 0; i < n_digest_params; i++) {
- digests[i].pk11ctx = PK11_CreateDigestContext(
- digest_params[i].digest_tag);
- if (!digests[i].pk11ctx) {
- cms->log(cms, LOG_ERR, "could not create digest "
- "context: %s",
- PORT_ErrorToString(PORT_GetError()));
- goto err;
- }
-
- PK11_DigestBegin(digests[i].pk11ctx);
- }
-
- cms->digests = digests;
- return 0;
-err:
- for (int i = 0; i < n_digest_params; i++) {
- if (digests[i].pk11ctx)
- PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE);
- }
-
- free(digests);
- return -1;
-}
-
void
teardown_digests(cms_context *ctx)
{
@@ -733,6 +696,46 @@ check_pointer_and_size(Pe *pe, void *ptr, size_t size)
return 1;
}
+int
+generate_digest_begin(cms_context *cms)
+{
+ struct digest *digests = NULL;
+
+ if (cms->digests) {
+ digests = cms->digests;
+ } else {
+ digests = calloc(n_digest_params, sizeof (*digests));
+ if (!digests) {
+ cms->log(cms, LOG_ERR, "cannot allocate memory: %m");
+ return -1;
+ }
+ }
+
+ for (int i = 0; i < n_digest_params; i++) {
+ digests[i].pk11ctx = PK11_CreateDigestContext(
+ digest_params[i].digest_tag);
+ if (!digests[i].pk11ctx) {
+ cms->log(cms, LOG_ERR, "could not create digest "
+ "context: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ goto err;
+ }
+
+ PK11_DigestBegin(digests[i].pk11ctx);
+ }
+
+ cms->digests = digests;
+ return 0;
+err:
+ for (int i = 0; i < n_digest_params; i++) {
+ if (digests[i].pk11ctx)
+ PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE);
+ }
+
+ free(digests);
+ return -1;
+}
+
void
generate_digest_step(cms_context *cms, void *data, size_t len)
{
@@ -762,6 +765,12 @@ generate_digest_finish(cms_context *cms)
PK11_DigestFinal(cms->digests[i].pk11ctx,
digest->data, &digest->len, digest_params[i].size);
+ PK11_Finalize(cms->digests[i].pk11ctx);
+ PK11_DestroyContext(cms->digests[i].pk11ctx, PR_TRUE);
+ cms->digests[i].pk11ctx = NULL;
+ if (cms->digests[i].pe_digest)
+ free_poison(cms->digests[i].pe_digest->data,
+ cms->digests[i].pe_digest->len);
cms->digests[i].pe_digest = digest;
}
@@ -791,7 +800,14 @@ generate_digest(cms_context *cms, Pe *pe)
if (!pe) {
cms->log(cms, LOG_ERR, "no output pe ready");
- exit(1);
+ return -1;
+ }
+
+ rc = generate_digest_begin(cms);
+ if (rc < 0) {
+ cms->log(cms, LOG_ERR, "could not initialize digests: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ return rc;
}
struct pe_hdr pehdr;
diff --git a/src/cms_common.h b/src/cms_common.h
index 830427e..5cbda62 100644
--- a/src/cms_common.h
+++ b/src/cms_common.h
@@ -86,7 +86,6 @@ extern int cms_context_alloc(cms_context **ctxp);
extern int cms_context_init(cms_context *ctx);
extern void cms_context_fini(cms_context *ctx);
-extern int setup_digests(cms_context *cms);
extern void teardown_digests(cms_context *ctx);
extern int generate_octet_string(cms_context *ctx, SECItem *encoded,
diff --git a/src/daemon.c b/src/daemon.c
index 534fb23..df20763 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -142,15 +142,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
return;
}
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
if (!buffer) {
@@ -491,6 +482,7 @@ finish:
close(outfd);
send_response(ctx, ctx->cms, pollfd, rc);
+ teardown_digests(ctx->cms);
}
static void
@@ -500,15 +492,6 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 1);
@@ -524,15 +507,6 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 0);
diff --git a/src/pesign.c b/src/pesign.c
index 6c10b6d..2c98600 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -548,13 +548,6 @@ main(int argc, char *argv[])
fprintf(stderr, "Could not register OIDs\n");
exit(1);
}
-
- rc = setup_digests(ctxp->cms_ctx);
- if (rc < 0) {
- fprintf(stderr, "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- exit(1);
- }
}
rc = set_digest_parameters(ctxp->cms_ctx, digest_name);
--
1.7.12.1

25
0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch Normal file
View File

@ -0,0 +1,25 @@
From 15cd554d35c5ea8d31671b346dffd84e27e7c6ec Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:52:57 -0400
Subject: [PATCH 27/30] We shouldn't need
Environment=NSS_STRICT_NOFORK=DISABLED any more.
Since NSS_Init is called from the daemon now, we should get past its
checking.
---
src/pesign.service | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/pesign.service b/src/pesign.service
index 4f6d63f..75a73c3 100644
--- a/src/pesign.service
+++ b/src/pesign.service
@@ -5,5 +5,4 @@ Description=Pesign signing daemon
PrivateTmp=true
Type=forking
PIDFile=/var/run/pesign.pid
-Environment=NSS_STRICT_NOFORK=DISABLED
ExecStart=/usr/bin/pesign --daemonize
--
1.7.12.1

174
0028-Fix-errors-found-by-coverity.patch Normal file
View File

@ -0,0 +1,174 @@
From 1b94dd90f5a1c65df16ffe3b0619ce5dc0ca1f06 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 19:59:49 -0400
Subject: [PATCH 28/30] Fix errors found by coverity.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/actions.c | 4 ++--
src/cms_common.c | 17 ++++++++++-------
src/daemon.c | 16 +++++++++++++++-
src/password.c | 1 +
src/pesign_context.c | 4 +++-
src/wincert.c | 2 +-
6 files changed, 32 insertions(+), 12 deletions(-)
diff --git a/src/actions.c b/src/actions.c
index 76a311c..9cf4f45 100644
--- a/src/actions.c
+++ b/src/actions.c
@@ -70,7 +70,7 @@ insert_signature(cms_context *cms, int signum)
if (signum != cms->num_signatures) {
memmove(cms->signatures[signum+1],
cms->signatures[signum],
- sizeof(SECItem *) * (cms->num_signatures - signum));
+ sizeof(SECItem) * (cms->num_signatures - signum));
}
cms->signatures[signum] = sig;
cms->num_signatures++;
@@ -430,7 +430,7 @@ remove_signature(pesign_context *p_ctx)
if (p_ctx->signum != ctx->num_signatures - 1)
memmove(ctx->signatures[p_ctx->signum],
ctx->signatures[p_ctx->signum+1],
- sizeof(SECItem *) *
+ sizeof(SECItem) *
(ctx->num_signatures - p_ctx->signum));
ctx->num_signatures--;
diff --git a/src/cms_common.c b/src/cms_common.c
index 6b3f5ec..898ddfb 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -598,16 +598,19 @@ generate_spc_string(cms_context *cms, SECItem *ssp, char *str, int len)
memset(&ss, '\0', sizeof (ss));
SECITEM_AllocItem(cms->arena, &ss.unicode, len);
- if (!ss.unicode.data && len != 0) {
- cms->log(cms, LOG_ERR, "could not allocate memory: %s",
- PORT_ErrorToString(PORT_GetError()));
- return -1;
+ if (len != 0) {
+ if (!ss.unicode.data) {
+ cms->log(cms, LOG_ERR, "could not allocate memory: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ return -1;
+ }
+
+ memcpy(ss.unicode.data, str, len);
}
-
- memcpy(ss.unicode.data, str, len);
ss.unicode.type = siBMPString;
- if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate) == NULL) {
+ if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate)
+ == NULL) {
cms->log(cms, LOG_ERR, "could not encode SpcString: %s",
PORT_ErrorToString(PORT_GetError()));
return -1;
diff --git a/src/daemon.c b/src/daemon.c
index df20763..7ad036c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -134,7 +134,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
struct msghdr msg;
struct iovec iov;
ssize_t n;
- char *buffer = malloc(size);
int rc = cms_context_alloc(&ctx->cms);
if (rc < 0) {
@@ -144,6 +143,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
steal_from_cms(ctx->backup_cms, ctx->cms);
+ char *buffer = malloc(size);
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
@@ -792,6 +792,7 @@ check_socket(context *ctx)
rc = connect(sd, (struct sockaddr *)&addr_un, len);
if (rc < 0) {
+ close(sd);
unlink(SOCKPATH);
return;
}
@@ -800,6 +801,7 @@ check_socket(context *ctx)
socklen_t size = sizeof(remote);
rc = getpeername(sd, &remote, &size);
if (rc < 0) {
+ close(sd);
return;
} else {
fprintf(stderr, "already running");
@@ -913,6 +915,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (do_fork) {
int fd = open("/dev/zero", O_RDONLY);
+ if (fd < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "could not open /dev/zero: %m");
+ exit(1);
+ }
close(STDIN_FILENO);
rc = dup2(fd, STDIN_FILENO);
if (rc < 0) {
@@ -924,6 +932,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
close(fd);
fd = open("/dev/null", O_WRONLY);
+ if (fd < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "could not open /dev/null: %m");
+ exit(1);
+ }
close(STDOUT_FILENO);
rc = dup2(fd, STDOUT_FILENO);
if (rc < 0) {
diff --git a/src/password.c b/src/password.c
index 5ee15f8..100c584 100644
--- a/src/password.c
+++ b/src/password.c
@@ -114,6 +114,7 @@ SECU_GetPasswordString(void *arg, char *prompt)
output = fopen(consoleName, "w");
if (output == NULL) {
+ fclose(input);
fprintf(stderr, "Error opening output terminal for write\n");
return NULL;
}
diff --git a/src/pesign_context.c b/src/pesign_context.c
index cbd929f..033e8de 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -38,8 +38,10 @@ pesign_context_new(pesign_context **ctx)
return -1;
rc = pesign_context_init(context);
- if (rc < 0)
+ if (rc < 0) {
+ free(context);
return rc;
+ }
context->flags |= PESIGN_C_ALLOCATED;
*ctx = context;
diff --git a/src/wincert.c b/src/wincert.c
index b487dc5..4b5ba45 100644
--- a/src/wincert.c
+++ b/src/wincert.c
@@ -257,7 +257,7 @@ parse_signatures(cms_context *cms, Pe *pe)
if (rc <= 0)
break;
- signatures[i] = calloc(1, sizeof (SECItem *));
+ signatures[i] = calloc(1, sizeof (SECItem));
if (!signatures[i])
goto err;
--
1.7.12.1

41
0029-Don-t-keep-the-DEPS-list-twice.patch Normal file
View File

@ -0,0 +1,41 @@
From 95c0fe1d512fcdf3b397359fb0f54dc44e5947c2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 09:12:25 -0400
Subject: [PATCH 29/30] Don't keep the DEPS list twice.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/Makefile | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/Makefile b/src/Makefile
index cd06158..cb74c12 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -39,14 +39,20 @@ client_OBJECTS = $(foreach source,$(client_SOURCES),$(patsubst %.c,%,$(source)).
client_DEPS = $(foreach source,$(client_SOURCES),.$(patsubst %.c,%,$(source)).P)
client : $(client_OBJECTS) $(STATIC_LIBS)
-deps : $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
+fuzzsocket_SOURCES = fuzzsocket.c
+fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o)
+fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P)
+fuzzsocket : $(fuzzsocket_OBJECTS)
+
+DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
$(peverify_DEPS)
+deps : $(DEPS)
+
depclean :
@rm -fv .*.P
--include $(generic_DEPS) $(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
- $(peverify_DEPS)
+-include $(DEPS)
clean : depclean
@rm -rfv *.o *.a *.so $(TARGETS)
--
1.7.12.1

26
0030-Don-t-build-util-right-now.patch Normal file
View File

@ -0,0 +1,26 @@
From 44aad110fd3f0a12e1817d95047f882c4d8b0fce Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 11:36:10 -0400
Subject: [PATCH 30/30] Don't build util/ right now.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 531c865..5e9bd31 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ TOPDIR = $(shell echo $$PWD)
include $(TOPDIR)/Make.defaults
-SUBDIRS := include libdpe src util
+SUBDIRS := include libdpe src
DOCDIR := /share/doc/
VERSION = 0.99
--
1.7.12.1

31
pesign.spec
View File

@ -1,7 +1,7 @@
Summary: Signing utility for UEFI binaries
Name: pesign
Version: 0.99
Release: 3%{?dist}
Release: 4%{?dist}
Group: Development/System
License: GPLv2
URL: https://github.com/vathpela/pesign
@ -22,6 +22,31 @@ Patch1: 0002-Remove-an-unused-field.patch
Patch2: 0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
Patch3: 0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
Patch4: 0005-Fix-check-for-allocations-on-tokenname-certname.patch
Patch5: 0006-Update-valgrind.supp-for-newer-codepaths.patch
Patch6: 0007-Free-the-pid-string-once-we-re-done-writing-it.patch
Patch7: 0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch
Patch8: 0009-Only-try-to-register-OIDs-once.patch
Patch9: 0010-Check-for-NSS_Shutdown-failure.patch
Patch10: 0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch
Patch11: 0012-valgrind-Add-SECMOD_LoadModule-codepath.patch
Patch12: 0013-Don-t-set-up-digests-in-cms_context_init.patch
Patch13: 0014-Do-register_oids-where-we-re-doing-NSS_Init.patch
Patch14: 0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch
Patch15: 0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch
Patch16: 0017-Use-PORT_ArenaStrdup-where-appropriate.patch
Patch17: 0018-Minor-whitespace-fixes.patch
Patch18: 0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch
Patch19: 0020-Allocate-pesign_context-rather-than-having-it-on-the.patch
Patch20: 0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch
Patch21: 0022-Handle-errors-on-pesign_context_init.patch
Patch22: 0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch
Patch23: 0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch
Patch24: 0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch
Patch25: 0026-Rework-setup_digests-and-teardown_digests.patch
Patch26: 0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch
Patch27: 0028-Fix-errors-found-by-coverity.patch
Patch28: 0029-Don-t-keep-the-DEPS-list-twice.patch
Patch30: 0030-Don-t-build-util-right-now.patch
%description
This package contains the pesign utility for signing UEFI binaries as
@ -85,6 +110,10 @@ exit 0
%ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/pesign.pid
%changelog
* Wed Oct 17 2012 Peter Jones <pjones@redhat.com> - 0.99-4
- Fix some more bugs found by valgrind and coverity.
- Don't build utils/ ; we're not using them and they're not ready anyway.
* Wed Oct 17 2012 Peter Jones <pjones@redhat.com> - 0.99-3
- Fix daemon startup bug from 0.99-2