Fix insertion of signatures from a file.

This commit is contained in:
Peter Jones 2012-11-30 17:09:31 -05:00
parent 47e695fb59
commit 5aca172458
45 changed files with 6 additions and 4238 deletions

View File

@ -1,55 +0,0 @@
From 406a08cc45a2d0761294002d946ee3381a4706ee Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:53:07 -0400
Subject: [PATCH 01/42] Use PK11_TraverseCertsForNicknameInSlot after all.
As of 76bc13c it doesn't appear to be leaky any more, and it does a
better job of disinguishing between certificates with the same nickname
than we did when doing it by hand.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 644b44c..2d51979 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -465,23 +465,23 @@ err_slots:
goto err_slots_errmsg;
}
+ SECItem nickname = {
+ .data = (void *)cms->certname,
+ .len = strlen(cms->certname) + 1,
+ .type = siUTF8String,
+ };
struct cbdata cbdata = {
.cert = NULL,
.psle = psle,
.pwdata = pwdata,
};
- CERTCertListNode *node = NULL;
- for (node = CERT_LIST_HEAD(certlist); !CERT_LIST_END(node,certlist);
- node = CERT_LIST_NEXT(node)) {
- if (strcmp(cms->certname, node->cert->nickname))
- continue;
+ status = PK11_TraverseCertsForNicknameInSlot(&nickname, psle->slot,
+ is_valid_cert, &cbdata);
+ if (cbdata.cert == NULL)
+ goto err_slots;
- if (is_valid_cert(node->cert, &cbdata) == SECSuccess) {
- cms->cert = CERT_DupCertificate(cbdata.cert);
- break;
- }
- }
+ cms->cert = CERT_DupCertificate(cbdata.cert);
PK11_DestroySlotListElement(slots, &psle);
PK11_FreeSlotList(slots);
--
1.7.12.1

View File

@ -1,38 +0,0 @@
From e4aa0a2755d7b00e31760a7f90561b0566445fa4 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:54:10 -0400
Subject: [PATCH 02/42] Remove an unused field.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign_context.c | 1 -
src/pesign_context.h | 1 -
2 files changed, 2 deletions(-)
diff --git a/src/pesign_context.c b/src/pesign_context.c
index b4b201d..c6afda6 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -88,7 +88,6 @@ pesign_context_fini(pesign_context *ctx)
ctx->cms_ctx = NULL;
}
- xfree(ctx->certname);
xfree(ctx->privkeyfile);
if (ctx->outpe) {
diff --git a/src/pesign_context.h b/src/pesign_context.h
index cabccf3..8f4e45a 100644
--- a/src/pesign_context.h
+++ b/src/pesign_context.h
@@ -58,7 +58,6 @@ typedef struct {
Pe *outpe;
char *privkeyfile;
- char *certname;
cms_context *cms_ctx;
int flags;
--
1.7.12.1

View File

@ -1,26 +0,0 @@
From df5afd0e6d92f31a804f5f1631b6fae3b8ef4d8b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:54:37 -0400
Subject: [PATCH 03/42] Free the certificate list we make once we're done
using it.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/wincert.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/wincert.c b/src/wincert.c
index fe666c5..b487dc5 100644
--- a/src/wincert.c
+++ b/src/wincert.c
@@ -74,6 +74,7 @@ finalize_signatures(cms_context *cms, Pe *pe)
free(clist);
return -1;
}
+ free(clist);
return 0;
}
--
1.7.12.1

View File

@ -1,63 +0,0 @@
From c13cc0b03dcae9a743cc49aaa62c3923a3e7d8f9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:55:02 -0400
Subject: [PATCH 04/42] Make sure we actually look up the certificate when not
in daemon mode.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 108994e..4ddf636 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -500,12 +500,6 @@ main(int argc, char *argv[])
POPT_TABLEEND
};
- tokenname = strdup(tokenname);
- if (!tokenname) {
- fprintf(stderr, "could not allocate memory: %m\n");
- exit(1);
- }
-
if (!daemon) {
SECStatus status = NSS_Init("/etc/pki/pesign");
if (status != SECSuccess) {
@@ -521,8 +515,6 @@ main(int argc, char *argv[])
exit(1);
}
- ctx.cms_ctx->certname = certname ? strdup(certname) : NULL;
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -559,7 +551,21 @@ main(int argc, char *argv[])
exit(!is_help);
}
- ctx.cms_ctx->tokenname = tokenname;
+ ctx.cms_ctx->tokenname = tokenname ?
+ PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
+ if (!ctx.cms_ctx->tokenname) {
+ fprintf(stderr, "could not allocate token name: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+
+ ctx.cms_ctx->certname = certname ?
+ PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
+ if (!ctx.cms_ctx->certname) {
+ fprintf(stderr, "could not allocate certificate name: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
int action = 0;
if (daemon)
--
1.7.12.1

View File

@ -1,38 +0,0 @@
From 844138e07535a8aa2be80496378c9929acaa1687 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:35:41 -0400
Subject: [PATCH 05/42] Fix check for allocations on tokenname,certname.
If we didn't have anything to start with, we won't have anything when
we're done...
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 4ddf636..c7b23cf 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -553,7 +553,7 @@ main(int argc, char *argv[])
ctx.cms_ctx->tokenname = tokenname ?
PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
- if (!ctx.cms_ctx->tokenname) {
+ if (tokenname && !ctx.cms_ctx->tokenname) {
fprintf(stderr, "could not allocate token name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
@@ -561,7 +561,7 @@ main(int argc, char *argv[])
ctx.cms_ctx->certname = certname ?
PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
- if (!ctx.cms_ctx->certname) {
+ if (certname && !ctx.cms_ctx->certname) {
fprintf(stderr, "could not allocate certificate name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
--
1.7.12.1

View File

@ -1,812 +0,0 @@
From 682233d107460b49071017b4d88c0430373dbd35 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:55:25 -0400
Subject: [PATCH 06/42] Update valgrind.supp for newer codepaths.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 361 ++++++++++++++++++++++++++++++++++++------------------
1 file changed, 245 insertions(+), 116 deletions(-)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 3a51293..0a8edd9 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1,23 +1,43 @@
{
<insert_a_suppression_name_here>
- Memcheck:Leak
- fun:malloc
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
- fun:nss_Init
- fun:NSS_Init
- fun:main
+ Memcheck:Param
+ socketcall.sendto(msg)
+ fun:send
+ fun:MessageSend
+ fun:MessageSendWithHeader
+ fun:SCardConnect
+ fun:CKYCardConnection_Connect
+ fun:_ZN4Slot14connectToTokenEv
+ fun:_ZN4Slot17refreshTokenStateEv
+ fun:_ZN4Slot14isTokenPresentEv
+ fun:_ZN8SlotList11getSlotListEhPmS0_
+ fun:C_GetSlotList
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
}
{
<insert_a_suppression_name_here>
- Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
+ Memcheck:Cond
+ fun:SCardStatus
+ fun:CKYCardConnection_GetStatus
+ fun:_ZN4Slot23cardStateMayHaveChangedEv
+ fun:_ZN4Slot17refreshTokenStateEv
+ fun:_ZN4Slot14isTokenPresentEv
+ fun:_ZN8SlotList11getSlotListEhPmS0_
+ fun:C_GetSlotList
fun:secmod_LoadPKCS11Module
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -25,12 +45,15 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
+ fun:malloc
+ fun:PORT_Alloc_Util
+ fun:PK11_ReadMechanismList
+ fun:PK11_InitToken
+ fun:PK11_InitSlot
fun:secmod_LoadPKCS11Module
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -223,12 +246,10 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
- fun:secmod_LoadPKCS11Module
- fun:SECMOD_LoadModule
- fun:SECMOD_LoadModule
+ fun:calloc
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -237,10 +258,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PKIX_PL_Malloc
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PR_NewCondVar
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -249,18 +270,7 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PKIX_PL_Malloc
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
+ fun:PR_NewCondVar
fun:NSSRWLock_New_Util
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -272,10 +282,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PR_NewCondVar
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:PKIX_PL_Malloc
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
fun:nss_Init
fun:NSS_Init
fun:main
@@ -284,10 +294,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PR_NewCondVar
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:PKIX_PL_Malloc
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
fun:nss_Init
fun:NSS_Init
fun:main
@@ -357,8 +367,10 @@
fun:calloc
fun:PORT_ZAlloc_Util
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -368,8 +380,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -382,8 +396,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -396,8 +412,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -410,8 +428,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -424,28 +444,32 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
@@ -466,6 +490,7 @@
fun:calloc
fun:nss_ZAlloc
fun:nssArena_Create
+ fun:NSSArena_Create
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -505,7 +530,10 @@
fun:calloc
fun:nss_ZAlloc
fun:nssArena_Create
+ fun:NSSArena_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -514,14 +542,12 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:malloc
- obj:*
- obj:*
- obj:*
- fun:secmod_ModuleInit
- fun:secmod_LoadPKCS11Module
- fun:SECMOD_LoadModule
- fun:SECMOD_LoadModule
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssTokenObjectCache_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -531,28 +557,32 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
@@ -560,35 +590,11 @@
fun:calloc
fun:PORT_ZAlloc_Util
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:nss_ZAlloc
- fun:nssArena_Create
- fun:nssToken_CreateFromPK11SlotInfo
- fun:STAN_InitTokenForSlotInfo
- fun:STAN_LoadDefaultNSS3TrustDomain
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:nss_ZAlloc
- fun:nssArena_Create
- fun:nssToken_CreateFromPK11SlotInfo
- fun:STAN_InitTokenForSlotInfo
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -599,8 +605,10 @@
fun:calloc
fun:PR_NewLock
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -610,8 +618,10 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -621,22 +631,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_Mutex_Create
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -646,9 +645,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Mutex_Create
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -658,9 +659,10 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:nssArena_Create
+ fun:NSSArena_Create
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -670,7 +672,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssArena_Create
+ fun:NSSRWLock_New_Util
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -682,7 +684,8 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:NSSRWLock_New_Util
+ fun:nssArena_Create
+ fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -694,7 +697,6 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssArena_Create
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -707,6 +709,8 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -720,6 +724,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -733,6 +738,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -746,6 +752,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -758,9 +765,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssHash_Create
- fun:nssTrustDomain_InitializeCache
- fun:NSSTrustDomain_Create
+ fun:nssList_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -771,7 +776,9 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssList_Create
+ fun:nssTokenObjectCache_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -821,7 +828,10 @@
fun:calloc
fun:PR_NewLock
fun:nssArena_Create
+ fun:NSSArena_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -834,6 +844,8 @@
fun:PR_NewLock
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -845,8 +857,11 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -858,8 +873,11 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -871,6 +889,55 @@
fun:calloc
fun:PR_NewLock
fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_Mutex_Create
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Mutex_Create
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
fun:PKIX_PL_Mutex_Create
fun:PKIX_PL_HashTable_Create
fun:PKIX_Initialize
@@ -1064,6 +1131,33 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssSlot_CreateFromPK11SlotInfo
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
fun:malloc
fun:PKIX_PL_Malloc
fun:pkix_pl_PrimHashTable_Create
@@ -1126,8 +1220,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1140,8 +1236,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1154,8 +1252,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1168,8 +1268,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1183,9 +1285,11 @@
fun:calloc
fun:PR_NewLock
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1195,9 +1299,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1233,6 +1339,7 @@
fun:calloc
fun:PR_NewLock
fun:nssArena_Create
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1245,6 +1352,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1258,8 +1366,24 @@
fun:malloc
fun:PL_ArenaAllocate
fun:PORT_ArenaAlloc_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ fun:PORT_Alloc_Util
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1273,7 +1397,9 @@
fun:legacy_ReadSecmodDB
fun:sftkdb_ReadSecmodDB
fun:NSC_ModuleDBFunc
+ fun:SECMOD_GetModuleSpecList
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1349,6 +1475,8 @@
fun:nss_zalloc_arena_locked
fun:nss_ZAlloc
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -1375,6 +1503,7 @@
fun:PL_ArenaAllocate
fun:nss_zalloc_arena_locked
fun:nss_ZAlloc
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
--
1.7.12.1

View File

@ -1,25 +0,0 @@
From 81bf0e36a82a3d746a01aee50d8ee460dc794b19 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:57:20 -0400
Subject: [PATCH 07/42] Free the pid string once we're done writing it.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/daemon.c b/src/daemon.c
index daa2dbf..245491f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -842,6 +842,7 @@ err:
if (rc < 0)
goto err;
+ free(pidstr);
close(fd);
}
--
1.7.12.1

View File

@ -1,38 +0,0 @@
From 50c50c8fbebab3d8b5efff35dc1a7ca4b44d6b19 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 11:08:30 -0400
Subject: [PATCH 08/42] [valgrind] Don't complain about unlocking a key and
keeping the handle.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 0a8edd9..62934e8 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1511,3 +1511,19 @@
fun:NSS_Init
fun:main
}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssList_Create
+ fun:nssTrustDomain_UpdateCachedTokenCerts
+ fun:PK11_DoPassword
+ fun:PK11_Authenticate
+ fun:unlock_nss_token
+ fun:handle_unlock_token
+ fun:handle_event
+ fun:handle_events
+ fun:daemonize
+}
--
1.7.12.1

View File

@ -1,36 +0,0 @@
From b71f1d2e8f7ad6853e5e68134a66baf9dea2471b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 11:26:04 -0400
Subject: [PATCH 09/42] Only try to register OIDs once.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 2d51979..6219a2a 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -179,11 +179,15 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...)
int
cms_context_init(cms_context *cms)
{
+ static int first_time = 1;
memset(cms, '\0', sizeof (*cms));
- SECStatus status = register_oids(cms);
- if (status != SECSuccess)
- return -1;
+ if (first_time) {
+ SECStatus status = register_oids(cms);
+ if (status != SECSuccess)
+ return -1;
+ first_time = 0;
+ }
cms->log = cms_common_log;
--
1.7.12.1

View File

@ -1,30 +0,0 @@
From f966137c17f74fc3e343dfb6e04300a9d179de03 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 12:05:29 -0400
Subject: [PATCH 10/42] Check for NSS_Shutdown() failure.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index 245491f..77fff90 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -967,6 +967,11 @@ daemonize(cms_context *cms_ctx, int do_fork)
rc = handle_events(&ctx);
- NSS_Shutdown();
+ status = NSS_Shutdown();
+ if (status != SECSuccess) {
+ fprintf(stderr, "NSS_Shutdown failed: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
return rc;
}
--
1.7.12.1

View File

@ -1,100 +0,0 @@
From 0dddfd5e738232403220b0d18888f94fa0032a59 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 12:17:39 -0400
Subject: [PATCH 11/42] Don't destroy stdin/stdout/stderr if we don't fork.
I like being able to read my error messages.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 59 +++++++++++++++++++++++++++++++++--------------------------
1 file changed, 33 insertions(+), 26 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 77fff90..a31c063 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -890,33 +890,38 @@ daemonize(cms_context *cms_ctx, int do_fork)
exit(1);
}
- int fd = open("/dev/zero", O_RDONLY);
- close(STDIN_FILENO);
- rc = dup2(fd, STDIN_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard input: %m");
- exit(1);
- }
- close(fd);
+ if (do_fork) {
+ int fd = open("/dev/zero", O_RDONLY);
+ close(STDIN_FILENO);
+ rc = dup2(fd, STDIN_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard input: %m");
+ exit(1);
+ }
+ close(fd);
- fd = open("/dev/null", O_WRONLY);
- close(STDOUT_FILENO);
- rc = dup2(fd, STDOUT_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard output: %m");
- exit(1);
- }
+ fd = open("/dev/null", O_WRONLY);
+ close(STDOUT_FILENO);
+ rc = dup2(fd, STDOUT_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard output: %m");
+ exit(1);
+ }
- close(STDERR_FILENO);
- rc = dup2(fd, STDERR_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard error: %m");
- exit(1);
+ close(STDERR_FILENO);
+ rc = dup2(fd, STDERR_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard error: %m");
+ exit(1);
+ }
+ close(fd);
}
- close(fd);
prctl(PR_SET_NAME, "pesignd", 0, 0, 0);
@@ -963,13 +968,15 @@ daemonize(cms_context *cms_ctx, int do_fork)
cms_set_pw_callback(ctx.backup_cms, get_password_fail);
cms_set_pw_data(ctx.backup_cms, NULL);
- ctx.backup_cms->log = daemon_logger;
+ if (do_fork)
+ ctx.backup_cms->log = daemon_logger;
rc = handle_events(&ctx);
status = NSS_Shutdown();
if (status != SECSuccess) {
- fprintf(stderr, "NSS_Shutdown failed: %s\n",
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
+ "NSS_Shutdown failed: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
--
1.7.12.1

View File

@ -1,54 +0,0 @@
From 19c8e797d092e17f2882d249d5446728a76db050 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:29:30 -0400
Subject: [PATCH 12/42] [valgrind] Add SECMOD_LoadModule codepath.
This is called once when we initialize the database.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 62934e8..783bdad 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1527,3 +1527,34 @@
fun:handle_events
fun:daemonize
}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:_Znwm
+ obj:*
+ fun:secmod_ModuleInit
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:daemonize
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ obj:*
+ obj:*
+ obj:*
+ fun:secmod_ModuleInit
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:daemonize
+}
--
1.7.12.1

View File

@ -1,119 +0,0 @@
From 186b6d5d39a1feeaa5f9493d28dc4f53015d551d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:33:35 -0400
Subject: [PATCH 13/42] Don't set up digests in cms_context_init.
Move digest setup out of cms_context_init, so we can avoid leaking the
reference to the digests by not having them in ctx->backup_cms in the
daemon.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 9 ++-------
src/cms_common.h | 3 +++
src/daemon.c | 27 +++++++++++++++++++++++++++
3 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 6219a2a..a8e34dd 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -97,7 +97,7 @@ digest_get_digest_size(cms_context *cms)
}
-static int
+int
setup_digests(cms_context *cms)
{
struct digest *digests = NULL;
@@ -133,7 +133,7 @@ err:
return -1;
}
-static void
+void
teardown_digests(cms_context *ctx)
{
struct digest *digests = ctx->digests;
@@ -199,11 +199,6 @@ cms_context_init(cms_context *cms)
return -1;
}
- int rc = setup_digests(cms);
- if (rc < 0) {
- PORT_FreeArena(cms->arena, PR_TRUE);
- return -1;
- }
cms->selected_digest = -1;
return 0;
diff --git a/src/cms_common.h b/src/cms_common.h
index fc80fa3..830427e 100644
--- a/src/cms_common.h
+++ b/src/cms_common.h
@@ -86,6 +86,9 @@ extern int cms_context_alloc(cms_context **ctxp);
extern int cms_context_init(cms_context *ctx);
extern void cms_context_fini(cms_context *ctx);
+extern int setup_digests(cms_context *cms);
+extern void teardown_digests(cms_context *ctx);
+
extern int generate_octet_string(cms_context *ctx, SECItem *encoded,
SECItem *original);
extern int generate_object_id(cms_context *ctx, SECItem *encoded,
diff --git a/src/daemon.c b/src/daemon.c
index a31c063..f44f069 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -143,6 +143,15 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
return;
}
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
if (!buffer) {
@@ -491,6 +500,15 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 1);
@@ -506,6 +524,15 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 0);
--
1.7.12.1

View File

@ -1,53 +0,0 @@
From e1f8d4e38f4ad08fb407691a3f59edc19a1f15e2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:41:18 -0400
Subject: [PATCH 14/42] Do register_oids() where we're doing NSS_Init()
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 8 --------
src/daemon.c | 7 +++++++
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index a8e34dd..6188e6e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -179,16 +179,8 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...)
int
cms_context_init(cms_context *cms)
{
- static int first_time = 1;
memset(cms, '\0', sizeof (*cms));
- if (first_time) {
- SECStatus status = register_oids(cms);
- if (status != SECSuccess)
- return -1;
- first_time = 0;
- }
-
cms->log = cms_common_log;
cms->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
diff --git a/src/daemon.c b/src/daemon.c
index f44f069..085cfec 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -917,6 +917,13 @@ daemonize(cms_context *cms_ctx, int do_fork)
exit(1);
}
+ status = register_oids(ctx.backup_cms);
+ if (status != SECSuccess) {
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
+ "Could not register OIDs\n");
+ exit(1);
+ }
+
if (do_fork) {
int fd = open("/dev/zero", O_RDONLY);
close(STDIN_FILENO);
--
1.7.12.1

View File

@ -1,61 +0,0 @@
From 092e3f81233655849156b0948a53f3b5f51b8c97 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:43:58 -0400
Subject: [PATCH 15/42] Make daemon shutdown actually close the NSS databases
and whatnot.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 085cfec..dd215f8 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -125,8 +125,7 @@ handle_kill_daemon(context *ctx, struct pollfd *pollfd, socklen_t size)
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
"pesignd exiting (pid %d)", getpid());
- cms_context_fini(ctx->backup_cms);
- exit(0);
+ should_exit = 1;
}
static void
@@ -625,6 +624,16 @@ handle_event(context *ctx, struct pollfd *pollfd)
return 0;
}
+static void
+do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
+{
+ for (int i = 0; i < nsockets; i++)
+ close(pollfds[i].fd);
+ free(pollfds);
+
+ xfree(ctx->errstr);
+}
+
static int
handle_events(context *ctx)
{
@@ -643,9 +652,14 @@ handle_events(context *ctx)
pollfds[0].events = POLLIN|POLLPRI|POLLHUP;
while (1) {
+ if (should_exit != 0) {
+shutdown:
+ do_shutdown(ctx, nsockets, pollfds);
+ return 0;
+ }
rc = ppoll(pollfds, nsockets, NULL, NULL);
if (should_exit != 0)
- exit(0);
+ goto shutdown;
if (rc < 0) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_WARNING,
--
1.7.12.1

View File

@ -1,425 +0,0 @@
From b6ff405da1bf4627a40fc104457a539788c9f470 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:18:08 -0400
Subject: [PATCH 16/42] Reformat a bunch of error messages to be vaguely
consistent.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 6 ++--
src/daemon.c | 102 ++++++++++++++++++++++++++++---------------------------
2 files changed, 55 insertions(+), 53 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 6188e6e..a1ed460 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -410,7 +410,7 @@ find_certificate(cms_context *cms)
PK11SlotList *slots = NULL;
slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
if (!slots) {
- cms->log(cms, LOG_ERR, "Could not find certificate \"%s:%s\"",
+ cms->log(cms, LOG_ERR, "could not find certificate \"%s:%s\"",
cms->tokenname, cms->certname);
err:
return -1;
@@ -420,7 +420,7 @@ err:
psle = PK11_GetFirstSafe(slots);
if (!psle) {
err_slots_errmsg:
- cms->log(cms, LOG_ERR, "Could not find certificate \"%s:%s\"",
+ cms->log(cms, LOG_ERR, "could not find certificate \"%s:%s\"",
cms->tokenname, cms->certname);
err_slots:
PK11_FreeSlotList(slots);
@@ -441,7 +441,7 @@ err_slots:
if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata);
if (status != SECSuccess) {
- cms->log(cms, LOG_ERR, "Authentication failed on "
+ cms->log(cms, LOG_ERR, "authentication failed for "
"certificate \"%s:%s\"", cms->tokenname,
cms->certname);
PK11_DestroySlotListElement(slots, &psle);
diff --git a/src/daemon.c b/src/daemon.c
index dd215f8..07aaf6c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -82,7 +82,7 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
void *buffer = calloc(1, iov.iov_len);
if (!buffer) {
cms->log(cms, ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: %m");
+ "could not allocate memory: %m");
exit(1);
}
@@ -108,7 +108,7 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
n = sendmsg(pollfd->fd, &msg, 0);
if (n < 0)
cms->log(cms, ctx->priority|LOG_WARNING,
- "pesignd: could not send response to client: %m");
+ "could not send response to client: %m");
free(buffer);
}
@@ -156,7 +156,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -173,9 +173,9 @@ oom:
if (n < sizeof(tn->size)) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return;
}
@@ -202,7 +202,7 @@ malformed:
goto malformed;
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
- "pesignd: unlocking token \"%s\"", tn->value);
+ "unlocking token \"%s\"", tn->value);
/* authenticating with nss frees this ... best API ever. */
ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
@@ -223,9 +223,13 @@ malformed:
cms_set_pw_callback(ctx->cms, get_password_fail);
cms_set_pw_data(ctx->cms, NULL);
- if (rc == 0)
- ctx->cms->log(ctx->cms, LOG_NOTICE, "pesignd: Authentication "
- "succeeded for token \"%s\"", tn->value);
+ if (rc < 0)
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+ "could not find token \"%s\"", tn->value);
+ else
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
+ "authentication succeeded for token \"%s\"",
+ tn->value);
send_response(ctx, ctx->cms, pollfd, rc);
free(buffer);
@@ -245,7 +249,7 @@ socket_get_fd(context *ctx, int sd, int *fd)
struct cmsghdr *cm = malloc(controllen);
if (!cm) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -262,9 +266,9 @@ socket_get_fd(context *ctx, int sd, int *fd)
if (n < 0) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(sd);
return;
}
@@ -293,7 +297,7 @@ set_up_inpe(context *ctx, int fd, Pe **pe)
*pe = pe_begin(fd, PE_C_READ, NULL);
if (!*pe) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not parse PE binary: %s",
+ "could not parse PE binary: %s",
pe_errmsg(pe_errno()));
return -1;
}
@@ -301,7 +305,7 @@ set_up_inpe(context *ctx, int fd, Pe **pe)
int rc = parse_signatures(ctx->cms, *pe);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not parse signature list");
+ "could not parse signature list");
pe_end(*pe);
*pe = NULL;
return -1;
@@ -320,20 +324,20 @@ set_up_outpe(context *ctx, int fd, Pe *inpe, Pe **outpe)
off_t offset = lseek(fd, 0, SEEK_SET);
if (offset < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not read output file: %m");
+ "could not read output file: %m");
return -1;
}
int rc = ftruncate(fd, size);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not extend output file: %m");
+ "could not extend output file: %m");
return -1;
}
rc = write(fd, addr, size);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not write to output file: %m");
+ "could not write to output file: %m");
return -1;
}
@@ -342,7 +346,7 @@ set_up_outpe(context *ctx, int fd, Pe *inpe, Pe **outpe)
*outpe = pe_begin(fd, PE_C_RDWR, NULL);
if (!*outpe) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not set up output: %s",
+ "could not set up output: %s",
pe_errmsg(pe_errno()));
return -1;
}
@@ -363,7 +367,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size,
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -380,9 +384,9 @@ oom:
if (n < sizeof(tn->size)) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return;
}
@@ -423,7 +427,7 @@ malformed:
socket_get_fd(ctx, pollfd->fd, &outfd);
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
- "pesignd: attempting to sign with key \"%s:%s\"",
+ "attempting to sign with key \"%s:%s\"",
tn->value, cn->value);
free(buffer);
@@ -548,9 +552,9 @@ handle_invalid_input(pesignd_cmd cmd, context *ctx, struct pollfd *pollfd,
socklen_t size)
{
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: got unexpected command 0x%x", cmd);
+ "got unexpected command 0x%x", cmd);
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt");
+ "possible exploit attempt");
}
typedef void (*cmd_handler)(context *ctx, struct pollfd *pollfd,
@@ -593,16 +597,16 @@ handle_event(context *ctx, struct pollfd *pollfd)
n = recvmsg(pollfd->fd, &msg, MSG_WAITALL);
if (n < 0) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_WARNING,
- "pesignd: recvmsg failed: %m");
+ "recvmsg failed: %m");
return n;
}
if (pm.version != PESIGND_VERSION) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: got version %d, expected version %d",
+ "got version %d, expected version %d",
pm.version, PESIGND_VERSION);
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return -1;
}
@@ -644,7 +648,7 @@ handle_events(context *ctx)
if (!pollfds) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: %m");
+ "could not allocate memory: %m");
exit(1);
}
@@ -663,7 +667,7 @@ shutdown:
if (rc < 0) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_WARNING,
- "pesignd: ppoll: %m");
+ "ppoll: %m");
continue;
}
@@ -675,8 +679,7 @@ shutdown:
if (!newpollfds) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: "
- "%m");
+ "could not allocate memory: %m");
exit(1);
}
pollfds = newpollfds;
@@ -729,8 +732,8 @@ get_uid_and_gid(context *ctx, char **homedir)
if (ctx->uid == 0 || ctx->gid == 0) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: cowardly refusing to start with uid = %d "
- "and gid = %d", ctx->uid, ctx->gid);
+ "cowardly refusing to start with uid = %d and gid = %d",
+ ctx->uid, ctx->gid);
errno = EINVAL;
return -1;
}
@@ -752,7 +755,7 @@ set_up_socket(context *ctx)
int sd = socket(AF_UNIX, SOCK_STREAM, 0);
if (sd < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to create socket: %m");
+ "unable to create socket: %m");
exit(1);
}
@@ -760,7 +763,7 @@ set_up_socket(context *ctx)
int rc = setsockopt(sd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to set socket options: %m");
+ "unable to set socket options: %m");
exit(1);
}
@@ -772,14 +775,14 @@ set_up_socket(context *ctx)
rc = bind(sd, &addr_un, sizeof(addr_un));
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to bind to \"%s\": %m",
+ "unable to bind to \"%s\": %m",
addr_un.sun_path);
exit(1);
}
rc = chmod(SOCKPATH, 0660);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not set permissions for \"%s\": %m",
+ "could not set permissions for \"%s\": %m",
SOCKPATH);
exit(1);
}
@@ -787,7 +790,7 @@ set_up_socket(context *ctx)
rc = listen(sd, 5);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to listen on socket: %m");
+ "unable to listen on socket: %m");
exit(1);
}
@@ -809,8 +812,7 @@ check_socket(context *ctx)
int sd = socket(AF_UNIX, SOCK_SEQPACKET, 0);
if (sd < 0) {
- fprintf(stderr, "pesignd: unable to create socket: "
- "%m");
+ fprintf(stderr, "unable to create socket: %m");
exit(1);
}
@@ -829,7 +831,7 @@ check_socket(context *ctx)
if (rc < 0) {
return;
} else {
- fprintf(stderr, "pesignd: already running");
+ fprintf(stderr, "already running");
exit(1);
}
} else {
@@ -871,7 +873,7 @@ write_pid_file(int pid)
int fd = open("/var/run/pesign.pid", O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (fd < 0) {
err:
- fprintf(stderr, "pesignd: couldn't open pidfile: %m\n");
+ fprintf(stderr, "couldn't open pidfile: %m\n");
exit(1);
}
char *pidstr = NULL;
@@ -923,10 +925,10 @@ daemonize(cms_context *cms_ctx, int do_fork)
daemon_logger(ctx.backup_cms, ctx.priority|LOG_NOTICE,
"pesignd starting (pid %d)", ctx.pid);
-
SECStatus status = NSS_Init("/etc/pki/pesign");
if (status != SECSuccess) {
- fprintf(stderr, "Could not initialize nss: %s\n",
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
+ "Could not initialize nss: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
@@ -945,7 +947,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard input: %m");
+ "could not set up standard input: %m");
exit(1);
}
close(fd);
@@ -956,7 +958,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard output: %m");
+ "could not set up standard output: %m");
exit(1);
}
@@ -965,7 +967,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard error: %m");
+ "could not set up standard error: %m");
exit(1);
}
close(fd);
@@ -989,7 +991,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
rc = get_uid_and_gid(&ctx, &homedir);
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not get group and user information "
+ "could not get group and user information "
"for pesign: %m");
exit(1);
}
@@ -1001,13 +1003,13 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (setgid(ctx.gid) != 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: unable to drop group privileges: %m");
+ "unable to drop group privileges: %m");
exit(1);
}
if (setuid(ctx.uid) != 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: unable to drop user privileges: %m");
+ "unable to drop user privileges: %m");
exit(1);
}
}
--
1.7.12.1

View File

@ -1,82 +0,0 @@
From 8ffe6943f04d42314f81eb8b5e3350d4ccc41895 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:26:23 -0400
Subject: [PATCH 17/42] Use PORT_ArenaStrdup() where appropriate.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 15 ++++++---------
src/pesign.c | 12 ++++++------
2 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 07aaf6c..73fd924 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -205,9 +205,8 @@ malformed:
"unlocking token \"%s\"", tn->value);
/* authenticating with nss frees this ... best API ever. */
- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)tn->value));
- strcpy(ctx->cms->tokenname, (char *)tn->value);
+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)tn->value);
if (!ctx->cms->tokenname)
goto oom;
@@ -397,9 +396,8 @@ malformed:
n -= tn->size;
/* authenticating with nss frees these ... best API ever. */
- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)tn->value));
- strcpy(ctx->cms->tokenname, (char *)tn->value);
+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)tn->value);
if (!ctx->cms->tokenname)
goto oom;
@@ -410,9 +408,8 @@ malformed:
if (n < cn->size)
goto malformed;
- ctx->cms->certname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)cn->value));
- strcpy(ctx->cms->certname, (char *)cn->value);
+ ctx->cms->certname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)cn->value);
if (!ctx->cms->certname)
goto oom;
diff --git a/src/pesign.c b/src/pesign.c
index c7b23cf..819cee0 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -551,17 +551,17 @@ main(int argc, char *argv[])
exit(!is_help);
}
- ctx.cms_ctx->tokenname = tokenname ?
- PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
- if (tokenname && !ctx.cms_ctx->tokenname) {
+ ctxp->cms_ctx->tokenname = tokenname ?
+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, tokenname) : NULL;
+ if (tokenname && !ctxp->cms_ctx->tokenname) {
fprintf(stderr, "could not allocate token name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
- ctx.cms_ctx->certname = certname ?
- PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
- if (certname && !ctx.cms_ctx->certname) {
+ ctxp->cms_ctx->certname = certname ?
+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL;
+ if (certname && !ctxp->cms_ctx->certname) {
fprintf(stderr, "could not allocate certificate name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
--
1.7.12.1

View File

@ -1,58 +0,0 @@
From c196b462ad5267e8ed20c0b855b9921268b22a7b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:26:47 -0400
Subject: [PATCH 18/42] Minor whitespace fixes.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 6 +++---
src/pesign.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 73fd924..69aea4b 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -70,7 +70,7 @@ hide_stolen_goods_from_cms(cms_context *new, cms_context *old)
static void
send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
-{
+{
struct msghdr msg;
struct iovec iov;
ssize_t n;
@@ -890,7 +890,7 @@ int
daemonize(cms_context *cms_ctx, int do_fork)
{
int rc = 0;
- context ctx = {
+ context ctx = {
.backup_cms = cms_ctx,
.priority = do_fork ? LOG_PID
: LOG_PID|LOG_PERROR,
@@ -904,7 +904,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
fprintf(stderr, "pesignd must be started as root");
exit(1);
}
-
+
check_socket(&ctx);
openlog("pesignd", LOG_PID, LOG_DAEMON);
diff --git a/src/pesign.c b/src/pesign.c
index 819cee0..2ba5ef1 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -88,7 +88,7 @@ open_input(pesign_context *ctx)
struct stat statbuf;
ctx->infd = open(ctx->infile, O_RDONLY|O_CLOEXEC);
- stat(ctx->infile, &statbuf);
+ stat(ctx->infile, &statbuf);
ctx->outmode = statbuf.st_mode;
if (ctx->infd < 0) {
--
1.7.12.1

View File

@ -1,38 +0,0 @@
From 7a8c50f620c7484af9d750f484df8a6837e6b2a5 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:27:03 -0400
Subject: [PATCH 19/42] [daemon] Make sure inpe is initialized before all
error handling.
find_certificate() and set_up_inpe() errors wind up being at the same
place, which means when find_certificate is called, inpe already must be
NULL.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index 69aea4b..534fb23 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -362,6 +362,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size,
struct iovec iov;
ssize_t n;
char *buffer = malloc(size);
+ Pe *inpe = NULL;
if (!buffer) {
oom:
@@ -433,7 +434,6 @@ malformed:
goto finish;
}
- Pe *inpe = NULL;
rc = set_up_inpe(ctx, infd, &inpe);
if (rc < 0)
goto finish;
--
1.7.12.1

View File

@ -1,360 +0,0 @@
From 66d3353e6d24c9e69ce71735c5aa4741717a6d68 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:31:15 -0400
Subject: [PATCH 20/42] Allocate pesign_context rather than having it on the
stack.
This way it won't try to re-initialize cms_context when it's cleaned up.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 152 ++++++++++++++++++++++++++++++-----------------------------
1 file changed, 77 insertions(+), 75 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 2ba5ef1..e22e814 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -426,7 +426,7 @@ main(int argc, char *argv[])
{
int rc;
- pesign_context ctx, *ctxp = &ctx;
+ pesign_context *ctxp;
int list = 0;
int remove = 0;
@@ -437,40 +437,47 @@ main(int argc, char *argv[])
char *tokenname = "NSS Certificate DB";
char *certname = NULL;
+ rc = pesign_context_new(&ctxp);
+ if (rc < 0) {
+ fprintf(stderr, "Could not initialize context: %m\n");
+ exit(1);
+ }
+
poptContext optCon;
struct poptOption options[] = {
{NULL, '\0', POPT_ARG_INTL_DOMAIN, "pesign" },
- {"in", 'i', POPT_ARG_STRING, &ctx.infile, 0,
+ {"in", 'i', POPT_ARG_STRING, &ctxp->infile, 0,
"specify input file", "<infile>"},
- {"out", 'o', POPT_ARG_STRING, &ctx.outfile, 0,
+ {"out", 'o', POPT_ARG_STRING, &ctxp->outfile, 0,
"specify output file", "<outfile>" },
{"certficate", 'c', POPT_ARG_STRING, &certname, 0,
"specify certificate nickname",
"<certificate nickname>" },
- {"privkey", 'p', POPT_ARG_STRING, &ctx.privkeyfile, 0,
+ {"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0,
"specify private key file", "<privkey>" },
- {"force", 'f', POPT_ARG_VAL, &ctx.force, 1,
+ {"force", 'f', POPT_ARG_VAL, &ctxp->force, 1,
"force overwriting of output file", NULL },
- {"sign", 's', POPT_ARG_VAL, &ctx.sign, 1,
+ {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1,
"create a new signature", NULL },
- {"hash", 'h', POPT_ARG_VAL, &ctx.hash, 1, "hash binary", NULL },
+ {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL },
{"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT,
&digest_name, 0, "digest type to use for pe hash" },
{"import-signed-certificate", 'm',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.insig, 0,"import signature from file", "<insig>" },
+ &ctxp->insig, 0,"import signature from file", "<insig>" },
{"export-signed-attributes", 'E',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.outsattrs, 0, "export signed attributes to file",
+ &ctxp->outsattrs, 0, "export signed attributes to file",
"<signed_attributes_file>" },
{"import-signed-attributes", 'I',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.insattrs, 0, "import signed attributes from file",
+ &ctxp->insattrs, 0,
+ "import signed attributes from file",
"<signed_attributes_file>" },
{"import-raw-signature", 'R',
- POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctx.rawsig,
+ POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctxp->rawsig,
0, "import raw signature from file", "<inraw>" },
- {"signature-number", 'u', POPT_ARG_INT, &ctx.signum, -1,
+ {"signature-number", 'u', POPT_ARG_INT, &ctxp->signum, -1,
"specify which signature to operate on","<sig-number>"},
{"list-signatures", 'l',
POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN,
@@ -483,13 +490,14 @@ main(int argc, char *argv[])
"remove signature" },
{"export-signature", 'e',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.outsig, 0,"export signature to file", "<outsig>" },
+ &ctxp->outsig, 0,
+ "export signature to file", "<outsig>" },
{"export-pubkey", 'K', POPT_ARG_STRING,
- &ctx.outkey, 0, "export pubkey to file", "<outkey>" },
+ &ctxp->outkey, 0, "export pubkey to file", "<outkey>" },
{"export-cert", 'C', POPT_ARG_STRING,
- &ctx.outcert, 0, "export signing cert to file",
+ &ctxp->outcert, 0, "export signing cert to file",
"<outcert>" },
- {"ascii-armor", 'a', POPT_ARG_VAL, &ctx.ascii, 1,
+ {"ascii-armor", 'a', POPT_ARG_VAL, &ctxp->ascii, 1,
"use ascii armoring", NULL },
{"daemonize", 'D', POPT_ARG_VAL, &daemon, 1,
"run as a daemon process", NULL },
@@ -509,12 +517,6 @@ main(int argc, char *argv[])
}
}
- rc = pesign_context_init(ctxp);
- if (rc < 0) {
- fprintf(stderr, "Could not initialize context: %m\n");
- exit(1);
- }
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -571,25 +573,25 @@ main(int argc, char *argv[])
if (daemon)
action |= DAEMONIZE;
- if (ctx.rawsig)
+ if (ctxp->rawsig)
action |= IMPORT_RAW_SIGNATURE;
- if (ctx.insattrs)
+ if (ctxp->insattrs)
action |= IMPORT_SATTRS;
- if (ctx.outsattrs)
+ if (ctxp->outsattrs)
action |= EXPORT_SATTRS;
-
- if (ctx.insig)
+
+ if (ctxp->insig)
action |= IMPORT_SIGNATURE;
- if (ctx.outkey)
+ if (ctxp->outkey)
action |= EXPORT_PUBKEY;
- if (ctx.outcert)
+ if (ctxp->outcert)
action |= EXPORT_CERT;
- if (ctx.outsig)
+ if (ctxp->outsig)
action |= EXPORT_SIGNATURE;
if (remove != 0)
@@ -598,13 +600,13 @@ main(int argc, char *argv[])
if (list != 0)
action |= LIST_SIGNATURES;
- if (ctx.sign) {
+ if (ctxp->sign) {
action |= GENERATE_SIGNATURE;
if (!(action & EXPORT_SIGNATURE))
action |= IMPORT_SIGNATURE;
}
- if (ctx.hash)
+ if (ctxp->hash)
action |= GENERATE_DIGEST|PRINT_DIGEST;
ssize_t sigspace = 0;
@@ -620,11 +622,11 @@ main(int argc, char *argv[])
*/
case IMPORT_RAW_SIGNATURE|IMPORT_SATTRS:
check_inputs(ctxp);
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_rawsig_input(ctxp);
@@ -636,19 +638,19 @@ main(int argc, char *argv[])
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- sigspace = calculate_signature_space(ctx.cms_ctx,
- ctx.outpe);
- allocate_signature_space(ctx.outpe, sigspace);
- generate_signature(ctx.cms_ctx);
- insert_signature(ctx.cms_ctx, ctx.signum);
- finalize_signatures(ctx.cms_ctx, ctx.outpe);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ sigspace = calculate_signature_space(ctxp->cms_ctx,
+ ctxp->outpe);
+ allocate_signature_space(ctxp->outpe, sigspace);
+ generate_signature(ctxp->cms_ctx);
+ insert_signature(ctxp->cms_ctx, ctxp->signum);
+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe);
close_output(ctxp);
break;
case EXPORT_SATTRS:
open_input(ctxp);
open_sattr_output(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
generate_sattr_blob(ctxp);
close_sattr_output(ctxp);
close_input(ctxp);
@@ -666,22 +668,22 @@ main(int argc, char *argv[])
close_output(ctxp);
break;
case EXPORT_PUBKEY:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_pubkey_output(ctxp);
export_pubkey(ctxp);
break;
case EXPORT_CERT:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_cert_output(ctxp);
@@ -691,21 +693,21 @@ main(int argc, char *argv[])
case EXPORT_SIGNATURE:
open_input(ctxp);
open_sig_output(ctxp);
- if (ctx.signum > ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "Invalid signature number.\n");
exit(1);
}
- if (ctx.signum < 0)
- ctx.signum = 0;
- if (ctx.signum >= ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum < 0)
+ ctxp->signum = 0;
+ if (ctxp->signum >= ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "No valid signature #%d.\n",
- ctx.signum);
+ ctxp->signum);
exit(1);
}
- memcpy(&ctx.cms_ctx->newsig,
- ctx.cms_ctx->signatures[ctx.signum],
- sizeof (ctx.cms_ctx->newsig));
- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii);
+ memcpy(&ctxp->cms_ctx->newsig,
+ ctxp->cms_ctx->signatures[ctxp->signum],
+ sizeof (ctxp->cms_ctx->newsig));
+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii);
close_input(ctxp);
close_sig_output(ctxp);
break;
@@ -715,11 +717,11 @@ main(int argc, char *argv[])
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- if (ctx.signum > ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "Invalid signature number.\n");
exit(1);
}
- remove_signature(&ctx);
+ remove_signature(ctxp);
close_output(ctxp);
break;
/* list signatures in the binary */
@@ -729,49 +731,49 @@ main(int argc, char *argv[])
break;
case GENERATE_DIGEST|PRINT_DIGEST:
open_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
print_digest(ctxp);
break;
/* generate a signature and save it in a separate file */
case EXPORT_SIGNATURE|GENERATE_SIGNATURE:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_input(ctxp);
open_sig_output(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
- generate_signature(ctx.cms_ctx);
- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
+ generate_signature(ctxp->cms_ctx);
+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii);
break;
/* generate a signature and embed it in the binary */
case IMPORT_SIGNATURE|GENERATE_SIGNATURE:
check_inputs(ctxp);
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- sigspace = calculate_signature_space(ctx.cms_ctx,
- ctx.outpe);
- allocate_signature_space(ctx.outpe, sigspace);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- generate_signature(ctx.cms_ctx);
- insert_signature(ctx.cms_ctx, ctx.signum);
- finalize_signatures(ctx.cms_ctx, ctx.outpe);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ sigspace = calculate_signature_space(ctxp->cms_ctx,
+ ctxp->outpe);
+ allocate_signature_space(ctxp->outpe, sigspace);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ generate_signature(ctxp->cms_ctx);
+ insert_signature(ctxp->cms_ctx, ctxp->signum);
+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe);
close_output(ctxp);
break;
case DAEMONIZE:
- rc = daemonize(ctx.cms_ctx, fork);
+ rc = daemonize(ctxp->cms_ctx, fork);
break;
default:
fprintf(stderr, "Incompatible flags (0x%08x): ", action);
@@ -782,7 +784,7 @@ main(int argc, char *argv[])
fprintf(stderr, "\n");
exit(1);
}
- pesign_context_fini(&ctx);
+ pesign_context_free(ctxp);
NSS_Shutdown();
return (rc < 0);
--
1.7.12.1

View File

@ -1,67 +0,0 @@
From 444a514e1a7c9a27953f914cf416d559ef5be083 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:32:57 -0400
Subject: [PATCH 21/42] [pesign] initialize nss only if we're not a daemon.
If it's a deamon, NSS_Init, register_oids, and setup_digests will be
done in the daemon code, not in the normal tool code.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 33 +++++++++++++++++++++++----------
1 file changed, 23 insertions(+), 10 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index e22e814..aa09bf5 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -508,15 +508,6 @@ main(int argc, char *argv[])
POPT_TABLEEND
};
- if (!daemon) {
- SECStatus status = NSS_Init("/etc/pki/pesign");
- if (status != SECSuccess) {
- fprintf(stderr, "Could not initialize nss: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- exit(1);
- }
- }
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -543,7 +534,29 @@ main(int argc, char *argv[])
poptFreeContext(optCon);
- rc = set_digest_parameters(ctx.cms_ctx, digest_name);
+ if (!daemon) {
+ SECStatus status = NSS_Init("/etc/pki/pesign");
+ if (status != SECSuccess) {
+ fprintf(stderr, "Could not initialize nss: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+
+ status = register_oids(ctxp->cms_ctx);
+ if (status != SECSuccess) {
+ fprintf(stderr, "Could not register OIDs\n");
+ exit(1);
+ }
+
+ rc = setup_digests(ctxp->cms_ctx);
+ if (rc < 0) {
+ fprintf(stderr, "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+ }
+
+ rc = set_digest_parameters(ctxp->cms_ctx, digest_name);
int is_help = strcmp(digest_name, "help") ? 0 : 1;
if (rc < 0) {
if (!is_help) {
--
1.7.12.1

View File

@ -1,28 +0,0 @@
From a1ce809e199c7fbbd6f5c0e75f27a4234fcbd2bc Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:34:00 -0400
Subject: [PATCH 22/42] Handle errors on pesign_context_init()
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign_context.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/pesign_context.c b/src/pesign_context.c
index c6afda6..cbd929f 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -37,7 +37,9 @@ pesign_context_new(pesign_context **ctx)
if (!context)
return -1;
- pesign_context_init(context);
+ rc = pesign_context_init(context);
+ if (rc < 0)
+ return rc;
context->flags |= PESIGN_C_ALLOCATED;
*ctx = context;
--
1.7.12.1

View File

@ -1,119 +0,0 @@
From 4ed91a1bb65769401c0fd6c1c5b2a3c64c0c1266 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 16:35:43 -0400
Subject: [PATCH 23/42] Add sanity checking to make sure we don't emit
uninitialized hashes.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 15 ++++++++++++++-
src/content_info.c | 11 +++++++++++
src/signer_info.c | 5 +++++
src/util.h | 13 +++++++++++++
4 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index a1ed460..ab5a066 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -532,6 +532,10 @@ generate_empty_sequence(cms_context *cms, SECItem *encoded)
int
generate_octet_string(cms_context *cms, SECItem *encoded, SECItem *original)
{
+ if (content_is_empty(original->data, original->len)) {
+ cms->log(cms, LOG_ERR, "content is empty, not encoding");
+ return -1;
+ }
if (SEC_ASN1EncodeItem(cms->arena, encoded, original,
SEC_OctetStringTemplate) == NULL)
return -1;
@@ -942,7 +946,16 @@ generate_signature(cms_context *cms)
{
int rc = 0;
- assert(cms->digests[cms->selected_digest].pe_digest != NULL);
+ if (cms->digests[cms->selected_digest].pe_digest == NULL) {
+ cms->log(cms, LOG_ERR, "pe digest has not been allocated");
+ return -1;
+ }
+
+ if (content_is_empty(cms->digests[cms->selected_digest].pe_digest->data,
+ cms->digests[cms->selected_digest].pe_digest->len)) {
+ cms->log(cms, LOG_ERR, "pe binary has not been digested");
+ return -1;
+ }
SECItem sd_der;
memset(&sd_der, '\0', sizeof(sd_der));
diff --git a/src/content_info.c b/src/content_info.c
index 044e85e..7246d20 100644
--- a/src/content_info.c
+++ b/src/content_info.c
@@ -197,6 +197,11 @@ generate_spc_digest_info(cms_context *cms, SECItem *dip)
int i = cms->selected_digest;
memcpy(&di.digest, cms->digests[i].pe_digest, sizeof (di.digest));
+ if (content_is_empty(di.digest.data, di.digest.len)) {
+ cms->log(cms, LOG_ERR, "got empty digest");
+ return -1;
+ }
+
if (SEC_ASN1EncodeItem(cms->arena, dip, &di,
DigestInfoTemplate) == NULL) {
cms->log(cms, LOG_ERR, "could not encode DigestInfo: %s",
@@ -327,6 +332,12 @@ generate_cinfo_digest(cms_context *cms, SpcContentInfo *cip)
&cms->ci_digest->len,
digest_get_digest_size(cms)) != SECSuccess)
goto err;
+
+ if (content_is_empty(cms->ci_digest->data, cms->ci_digest->len)) {
+ cms->log(cms, LOG_ERR, "generated empty digest");
+ goto err;
+ }
+
if (cms->ci_digest->len > digest_get_digest_size(cms))
goto err;
diff --git a/src/signer_info.c b/src/signer_info.c
index 7a73c26..932b896 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -207,6 +207,11 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
if (!sign_content)
return -1;
+ if (content_is_empty(sign_content->data, sign_content->len)) {
+ cms->log(cms, LOG_ERR, "not signing empty digest");
+ return -1;
+ }
+
SECOidData *oid = SECOID_FindOIDByTag(digest_get_signature_oid(cms));
if (!oid)
goto err;
diff --git a/src/util.h b/src/util.h
index f495a0b..5e0ea34 100644
--- a/src/util.h
+++ b/src/util.h
@@ -110,6 +110,19 @@ free_poison(void *addrv, ssize_t len)
addr[x] = poison_pills[x % 2];
}
+static int
+__attribute__ ((unused))
+content_is_empty(uint8_t *data, ssize_t len)
+{
+ if (len < 1)
+ return 1;
+
+ for (int i = 0; i < len; i++)
+ if (data[i] != 0)
+ return 0;
+ return 1;
+}
+
#if defined(DAEMON_H)
static inline uint32_t
__attribute__ ((unused))
--
1.7.12.1

View File

@ -1,47 +0,0 @@
From d8ead122f34375a496d280bcc803f730542ca78d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:47:49 -0400
Subject: [PATCH 24/42] Make sure we free the token/cert we get from the
command line.
This probably needs some further examination, but valgrind likes what's
here currently.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/pesign.c b/src/pesign.c
index aa09bf5..be6494e 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -435,6 +435,7 @@ main(int argc, char *argv[])
char *digest_name = "sha256";
char *tokenname = "NSS Certificate DB";
+ char *origtoken = tokenname;
char *certname = NULL;
rc = pesign_context_new(&ctxp);
@@ -573,6 +574,8 @@ main(int argc, char *argv[])
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
+ if (tokenname != origtoken)
+ free(tokenname);
ctxp->cms_ctx->certname = certname ?
PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL;
@@ -581,6 +584,8 @@ main(int argc, char *argv[])
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
+ if (certname)
+ free(certname);
int action = 0;
if (daemon)
--
1.7.12.1

View File

@ -1,36 +0,0 @@
From 2030d382b49a1b957de829a67f74d9cc127c55ee Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:48:44 -0400
Subject: [PATCH 25/42] [pesign] Only shut down nss in pesign.c if we're not
the daemon.
The daemon does its own init and shutdown.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/pesign.c b/src/pesign.c
index be6494e..6c10b6d 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -804,6 +804,14 @@ main(int argc, char *argv[])
}
pesign_context_free(ctxp);
- NSS_Shutdown();
+ if (!daemon) {
+ SECStatus status = NSS_Shutdown();
+ if (status != SECSuccess) {
+ fprintf(stderr, "could not shut down NSS: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+ }
+
return (rc < 0);
}
--
1.7.12.1

View File

@ -1,233 +0,0 @@
From 4efe979d6b781e064fe1afa946753ead9e3bbb9d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:49:17 -0400
Subject: [PATCH 26/42] Rework setup_digests() and teardown_digests()
This fixes the problem I was seeing with empty content_info digests, and
makes the code a /little/ bit cleaner in some ways.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 92 +++++++++++++++++++++++++++++++++-----------------------
src/cms_common.h | 1 -
src/daemon.c | 28 +----------------
src/pesign.c | 7 -----
4 files changed, 55 insertions(+), 73 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index ab5a066..6b3f5ec 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -96,43 +96,6 @@ digest_get_digest_size(cms_context *cms)
return digest_params[i].size;
}
-
-int
-setup_digests(cms_context *cms)
-{
- struct digest *digests = NULL;
-
- digests = calloc(n_digest_params, sizeof (*digests));
- if (!digests) {
- cms->log(cms, LOG_ERR, "cannot allocate memory: %m");
- return -1;
- }
-
- for (int i = 0; i < n_digest_params; i++) {
- digests[i].pk11ctx = PK11_CreateDigestContext(
- digest_params[i].digest_tag);
- if (!digests[i].pk11ctx) {
- cms->log(cms, LOG_ERR, "could not create digest "
- "context: %s",
- PORT_ErrorToString(PORT_GetError()));
- goto err;
- }
-
- PK11_DigestBegin(digests[i].pk11ctx);
- }
-
- cms->digests = digests;
- return 0;
-err:
- for (int i = 0; i < n_digest_params; i++) {
- if (digests[i].pk11ctx)
- PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE);
- }
-
- free(digests);
- return -1;
-}
-
void
teardown_digests(cms_context *ctx)
{
@@ -733,6 +696,46 @@ check_pointer_and_size(Pe *pe, void *ptr, size_t size)
return 1;
}
+int
+generate_digest_begin(cms_context *cms)
+{
+ struct digest *digests = NULL;
+
+ if (cms->digests) {
+ digests = cms->digests;
+ } else {
+ digests = calloc(n_digest_params, sizeof (*digests));
+ if (!digests) {
+ cms->log(cms, LOG_ERR, "cannot allocate memory: %m");
+ return -1;
+ }
+ }
+
+ for (int i = 0; i < n_digest_params; i++) {
+ digests[i].pk11ctx = PK11_CreateDigestContext(
+ digest_params[i].digest_tag);
+ if (!digests[i].pk11ctx) {
+ cms->log(cms, LOG_ERR, "could not create digest "
+ "context: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ goto err;
+ }
+
+ PK11_DigestBegin(digests[i].pk11ctx);
+ }
+
+ cms->digests = digests;
+ return 0;
+err:
+ for (int i = 0; i < n_digest_params; i++) {
+ if (digests[i].pk11ctx)
+ PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE);
+ }
+
+ free(digests);
+ return -1;
+}
+
void
generate_digest_step(cms_context *cms, void *data, size_t len)
{
@@ -762,6 +765,12 @@ generate_digest_finish(cms_context *cms)
PK11_DigestFinal(cms->digests[i].pk11ctx,
digest->data, &digest->len, digest_params[i].size);
+ PK11_Finalize(cms->digests[i].pk11ctx);
+ PK11_DestroyContext(cms->digests[i].pk11ctx, PR_TRUE);
+ cms->digests[i].pk11ctx = NULL;
+ if (cms->digests[i].pe_digest)
+ free_poison(cms->digests[i].pe_digest->data,
+ cms->digests[i].pe_digest->len);
cms->digests[i].pe_digest = digest;
}
@@ -791,7 +800,14 @@ generate_digest(cms_context *cms, Pe *pe)
if (!pe) {
cms->log(cms, LOG_ERR, "no output pe ready");
- exit(1);
+ return -1;
+ }
+
+ rc = generate_digest_begin(cms);
+ if (rc < 0) {
+ cms->log(cms, LOG_ERR, "could not initialize digests: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ return rc;
}
struct pe_hdr pehdr;
diff --git a/src/cms_common.h b/src/cms_common.h
index 830427e..5cbda62 100644
--- a/src/cms_common.h
+++ b/src/cms_common.h
@@ -86,7 +86,6 @@ extern int cms_context_alloc(cms_context **ctxp);
extern int cms_context_init(cms_context *ctx);
extern void cms_context_fini(cms_context *ctx);
-extern int setup_digests(cms_context *cms);
extern void teardown_digests(cms_context *ctx);
extern int generate_octet_string(cms_context *ctx, SECItem *encoded,
diff --git a/src/daemon.c b/src/daemon.c
index 534fb23..df20763 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -142,15 +142,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
return;
}
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
if (!buffer) {
@@ -491,6 +482,7 @@ finish:
close(outfd);
send_response(ctx, ctx->cms, pollfd, rc);
+ teardown_digests(ctx->cms);
}
static void
@@ -500,15 +492,6 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 1);
@@ -524,15 +507,6 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 0);
diff --git a/src/pesign.c b/src/pesign.c
index 6c10b6d..2c98600 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -548,13 +548,6 @@ main(int argc, char *argv[])
fprintf(stderr, "Could not register OIDs\n");
exit(1);
}
-
- rc = setup_digests(ctxp->cms_ctx);
- if (rc < 0) {
- fprintf(stderr, "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- exit(1);
- }
}
rc = set_digest_parameters(ctxp->cms_ctx, digest_name);
--
1.7.12.1

View File

@ -1,25 +0,0 @@
From 15cd554d35c5ea8d31671b346dffd84e27e7c6ec Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:52:57 -0400
Subject: [PATCH 27/42] We shouldn't need
Environment=NSS_STRICT_NOFORK=DISABLED any more.
Since NSS_Init is called from the daemon now, we should get past its
checking.
---
src/pesign.service | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/pesign.service b/src/pesign.service
index 4f6d63f..75a73c3 100644
--- a/src/pesign.service
+++ b/src/pesign.service
@@ -5,5 +5,4 @@ Description=Pesign signing daemon
PrivateTmp=true
Type=forking
PIDFile=/var/run/pesign.pid
-Environment=NSS_STRICT_NOFORK=DISABLED
ExecStart=/usr/bin/pesign --daemonize
--
1.7.12.1

View File

@ -1,174 +0,0 @@
From 1b94dd90f5a1c65df16ffe3b0619ce5dc0ca1f06 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 19:59:49 -0400
Subject: [PATCH 28/42] Fix errors found by coverity.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/actions.c | 4 ++--
src/cms_common.c | 17 ++++++++++-------
src/daemon.c | 16 +++++++++++++++-
src/password.c | 1 +
src/pesign_context.c | 4 +++-
src/wincert.c | 2 +-
6 files changed, 32 insertions(+), 12 deletions(-)
diff --git a/src/actions.c b/src/actions.c
index 76a311c..9cf4f45 100644
--- a/src/actions.c
+++ b/src/actions.c
@@ -70,7 +70,7 @@ insert_signature(cms_context *cms, int signum)
if (signum != cms->num_signatures) {
memmove(cms->signatures[signum+1],
cms->signatures[signum],
- sizeof(SECItem *) * (cms->num_signatures - signum));
+ sizeof(SECItem) * (cms->num_signatures - signum));
}
cms->signatures[signum] = sig;
cms->num_signatures++;
@@ -430,7 +430,7 @@ remove_signature(pesign_context *p_ctx)
if (p_ctx->signum != ctx->num_signatures - 1)
memmove(ctx->signatures[p_ctx->signum],
ctx->signatures[p_ctx->signum+1],
- sizeof(SECItem *) *
+ sizeof(SECItem) *
(ctx->num_signatures - p_ctx->signum));
ctx->num_signatures--;
diff --git a/src/cms_common.c b/src/cms_common.c
index 6b3f5ec..898ddfb 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -598,16 +598,19 @@ generate_spc_string(cms_context *cms, SECItem *ssp, char *str, int len)
memset(&ss, '\0', sizeof (ss));
SECITEM_AllocItem(cms->arena, &ss.unicode, len);
- if (!ss.unicode.data && len != 0) {
- cms->log(cms, LOG_ERR, "could not allocate memory: %s",
- PORT_ErrorToString(PORT_GetError()));
- return -1;
+ if (len != 0) {
+ if (!ss.unicode.data) {
+ cms->log(cms, LOG_ERR, "could not allocate memory: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ return -1;
+ }
+
+ memcpy(ss.unicode.data, str, len);
}
-
- memcpy(ss.unicode.data, str, len);
ss.unicode.type = siBMPString;
- if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate) == NULL) {
+ if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate)
+ == NULL) {
cms->log(cms, LOG_ERR, "could not encode SpcString: %s",
PORT_ErrorToString(PORT_GetError()));
return -1;
diff --git a/src/daemon.c b/src/daemon.c
index df20763..7ad036c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -134,7 +134,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
struct msghdr msg;
struct iovec iov;
ssize_t n;
- char *buffer = malloc(size);
int rc = cms_context_alloc(&ctx->cms);
if (rc < 0) {
@@ -144,6 +143,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
steal_from_cms(ctx->backup_cms, ctx->cms);
+ char *buffer = malloc(size);
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
@@ -792,6 +792,7 @@ check_socket(context *ctx)
rc = connect(sd, (struct sockaddr *)&addr_un, len);
if (rc < 0) {
+ close(sd);
unlink(SOCKPATH);
return;
}
@@ -800,6 +801,7 @@ check_socket(context *ctx)
socklen_t size = sizeof(remote);
rc = getpeername(sd, &remote, &size);
if (rc < 0) {
+ close(sd);
return;
} else {
fprintf(stderr, "already running");
@@ -913,6 +915,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (do_fork) {
int fd = open("/dev/zero", O_RDONLY);
+ if (fd < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "could not open /dev/zero: %m");
+ exit(1);
+ }
close(STDIN_FILENO);
rc = dup2(fd, STDIN_FILENO);
if (rc < 0) {
@@ -924,6 +932,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
close(fd);
fd = open("/dev/null", O_WRONLY);
+ if (fd < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "could not open /dev/null: %m");
+ exit(1);
+ }
close(STDOUT_FILENO);
rc = dup2(fd, STDOUT_FILENO);
if (rc < 0) {
diff --git a/src/password.c b/src/password.c
index 5ee15f8..100c584 100644
--- a/src/password.c
+++ b/src/password.c
@@ -114,6 +114,7 @@ SECU_GetPasswordString(void *arg, char *prompt)
output = fopen(consoleName, "w");
if (output == NULL) {
+ fclose(input);
fprintf(stderr, "Error opening output terminal for write\n");
return NULL;
}
diff --git a/src/pesign_context.c b/src/pesign_context.c
index cbd929f..033e8de 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -38,8 +38,10 @@ pesign_context_new(pesign_context **ctx)
return -1;
rc = pesign_context_init(context);
- if (rc < 0)
+ if (rc < 0) {
+ free(context);
return rc;
+ }
context->flags |= PESIGN_C_ALLOCATED;
*ctx = context;
diff --git a/src/wincert.c b/src/wincert.c
index b487dc5..4b5ba45 100644
--- a/src/wincert.c
+++ b/src/wincert.c
@@ -257,7 +257,7 @@ parse_signatures(cms_context *cms, Pe *pe)
if (rc <= 0)
break;
- signatures[i] = calloc(1, sizeof (SECItem *));
+ signatures[i] = calloc(1, sizeof (SECItem));
if (!signatures[i])
goto err;
--
1.7.12.1

View File

@ -1,41 +0,0 @@
From 95c0fe1d512fcdf3b397359fb0f54dc44e5947c2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 09:12:25 -0400
Subject: [PATCH 29/42] Don't keep the DEPS list twice.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/Makefile | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/Makefile b/src/Makefile
index cd06158..cb74c12 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -39,14 +39,20 @@ client_OBJECTS = $(foreach source,$(client_SOURCES),$(patsubst %.c,%,$(source)).
client_DEPS = $(foreach source,$(client_SOURCES),.$(patsubst %.c,%,$(source)).P)
client : $(client_OBJECTS) $(STATIC_LIBS)
-deps : $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
+fuzzsocket_SOURCES = fuzzsocket.c
+fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o)
+fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P)
+fuzzsocket : $(fuzzsocket_OBJECTS)
+
+DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
$(peverify_DEPS)
+deps : $(DEPS)
+
depclean :
@rm -fv .*.P
--include $(generic_DEPS) $(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
- $(peverify_DEPS)
+-include $(DEPS)
clean : depclean
@rm -rfv *.o *.a *.so $(TARGETS)
--
1.7.12.1

View File

@ -1,26 +0,0 @@
From 44aad110fd3f0a12e1817d95047f882c4d8b0fce Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 11:36:10 -0400
Subject: [PATCH 30/42] Don't build util/ right now.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 531c865..5e9bd31 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ TOPDIR = $(shell echo $$PWD)
include $(TOPDIR)/Make.defaults
-SUBDIRS := include libdpe src util
+SUBDIRS := include libdpe src
DOCDIR := /share/doc/
VERSION = 0.99
--
1.7.12.1

View File

@ -1,163 +0,0 @@
From 4c13f6d393db0aa5ff5b327cb5e842ee21522236 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 13:09:58 -0400
Subject: [PATCH 31/42] Make "install_systemd" and "install_sysvinit" separate
targets
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Makefile | 6 ++++
src/Makefile | 16 +++++++----
src/pesign.sysvinit | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 99 insertions(+), 5 deletions(-)
create mode 100644 src/pesign.sysvinit
diff --git a/Makefile b/Makefile
index 5e9bd31..12e0dbb 100644
--- a/Makefile
+++ b/Makefile
@@ -19,6 +19,12 @@ install :
$(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/
$(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/
+install_systemd:
+ @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done
+
+install_sysvinit:
+ @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done
+
.PHONY: $(SUBDIRS) clean install
include $(TOPDIR)/Make.rules
diff --git a/src/Makefile b/src/Makefile
index cb74c12..7e611c8 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -42,7 +42,7 @@ client : $(client_OBJECTS) $(STATIC_LIBS)
fuzzsocket_SOURCES = fuzzsocket.c
fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o)
fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P)
-fuzzsocket : $(fuzzsocket_OBJECTS)
+fuzzsocket : $(fuzzsocket_OBJECTS) -lrt
DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
$(peverify_DEPS)
@@ -57,6 +57,16 @@ depclean :
clean : depclean
@rm -rfv *.o *.a *.so $(TARGETS)
+install_systemd:
+ $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/
+ $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf
+ $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/
+ $(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/
+
+install_sysvinit:
+ $(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rc.d/init.d/
+ $(INSTALL) -m 755 pesign.sysvinit $(INSTALLROOT)/etc/rc.d/init.d/pesign
+
install :
$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/
$(INSTALL) -d -m 770 $(INSTALLROOT)/var/run/pesign/
@@ -72,10 +82,6 @@ install :
#$(INSTALL) -m 644 peverify.1 $(INSTALLROOT)/usr/share/man/man1/
$(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rpm/
$(INSTALL) -m 644 macros.pesign $(INSTALLROOT)/etc/rpm/
- $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/
- $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf
- $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/
- $(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/
.PHONY: all deps clean install
diff --git a/src/pesign.sysvinit b/src/pesign.sysvinit
new file mode 100644
index 0000000..f955e01
--- /dev/null
+++ b/src/pesign.sysvinit
@@ -0,0 +1,82 @@
+#! /bin/sh
+#
+# pesign This starts the pesign PE signing daemon
+#
+# chkconfig: - 50 50
+# processname: /usr/bin/pesign
+# pidfile: /var/run/pesign.pid
+### BEGIN INIT INFO
+# Provides: pesign
+# Default-Start:
+# Default-Stop:
+# Short-Description: The pesign PE signing daemon
+# Description: The pesign PE signing daemon
+### END INIT INFO
+
+. /etc/init.d/functions
+[ -f /usr/bin/pesign ] || exit 1
+
+RETVAL=0
+
+start(){
+ echo -n "Starting pesign: "
+ daemon /usr/bin/pesign --daemonize
+ RETVAL=$?
+ echo
+ touch /var/lock/subsys/pesign
+}
+
+stop(){
+ echo -n "Stopping pesign: "
+ killproc -p /var/run/pesign.pid pesignd
+ RETVAL=$?
+ echo
+ rm -f /var/lock/subsys/pesign
+}
+
+restart(){
+ stop
+ start
+}
+
+reload(){
+ stop
+ start
+}
+
+condrestart(){
+ [ -e /var/lock/subsys/pesign ] && restart
+}
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ status)
+ status /usr/bin/pesign
+ ;;
+ restart)
+ restart
+ ;;
+ reload)
+ reload
+ ;;
+ force-reload)
+ reload
+ ;;
+ condrestart)
+ condrestart
+ ;;
+ try-restart)
+ condrestart
+ ;;
+ *)
+ echo "Usage: pesign {start|stop|status|restart|condrestart|reload}"
+ RETVAL=1
+esac
+
+exit $RETVAL
--
1.7.12.1

View File

@ -1,75 +0,0 @@
From df1b69e304f2a7eb82e2f94e50f07099afbf4578 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 13:10:28 -0400
Subject: [PATCH 32/42] Get rid of an unnecessary allocation.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 32 ++++++++++++++------------------
1 file changed, 14 insertions(+), 18 deletions(-)
diff --git a/src/client.c b/src/client.c
index 8336749..df1c8f2 100644
--- a/src/client.c
+++ b/src/client.c
@@ -223,25 +223,17 @@ unlock_token(int sd, char *tokenname, char *pin)
{
struct msghdr msg;
struct iovec iov[2];
- pesignd_msghdr *pm;
+ pesignd_msghdr pm;
uint32_t size0 = pesignd_string_size(tokenname);
uint32_t size1 = pesignd_string_size(pin);
- pm = calloc(1, sizeof(*pm));
- if (!pm) {
-oom:
- fprintf(stderr, "pesign-client: could not allocate memory: "
- "%m\n");
- exit(1);
- }
-
- pm->version = PESIGND_VERSION;
- pm->command = CMD_UNLOCK_TOKEN;
- pm->size = size0 + size1;
- iov[0].iov_base = pm;
- iov[0].iov_len = sizeof (*pm);
+ pm.version = PESIGND_VERSION;
+ pm.command = CMD_UNLOCK_TOKEN;
+ pm.size = size0 + size1;
+ iov[0].iov_base = &pm;
+ iov[0].iov_len = sizeof (pm);
memset(&msg, '\0', sizeof(msg));
msg.msg_iov = iov;
@@ -257,8 +249,11 @@ oom:
uint8_t *buffer = NULL;
buffer = calloc(1, size0 + size1);
- if (!buffer)
- goto oom;
+ if (!buffer) {
+ fprintf(stderr, "pesign-client: could not allocate memory: "
+ "%m\n");
+ exit(1);
+ }
pesignd_string *tn = (pesignd_string *)buffer;
pesignd_string_set(tn, tokenname);
@@ -478,8 +473,9 @@ main(int argc, char *argv[])
rc = poptReadDefaultConfig(optCon, 0);
if (rc < 0) {
- fprintf(stderr, "pesign: poprReadDefaultConfig failed: %s\n",
- poptStrerror(rc));
+ fprintf(stderr,
+ "pesign-client: poptReadDefaultConfig failed: %s\n",
+ poptStrerror(rc));
exit(1);
}
--
1.7.12.1

View File

@ -1,29 +0,0 @@
From 24a63eab7ddbe2be3ab6b25b04602d8e3fe5d775 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 14:28:36 -0400
Subject: [PATCH 33/42] Allow use of -e from rpm macro.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index 703edbb..7706050 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -11,9 +11,9 @@
%_pesign /usr/bin/pesign
-%pesign(i:o:C:s) \
+%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
- %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-s} \
+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
else \
if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \
mv %{-i*} %{-o*} \
--
1.7.12.1

View File

@ -1,81 +0,0 @@
From e5c632516a2a31f3e184d0ca9d8ac5ceba1f9015 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 14:55:07 -0400
Subject: [PATCH 34/42] Make client use -e like pesign does, rather than
--detached.
This way we can use the same macros for them.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 22 ++++++++++++++++++++--
src/pesign-client.1 | 3 ++-
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/src/client.c b/src/client.c
index df1c8f2..5e5399d 100644
--- a/src/client.c
+++ b/src/client.c
@@ -434,6 +434,7 @@ main(int argc, char *argv[])
int action;
char *infile = NULL;
char *outfile = NULL;
+ char *exportfile = NULL;
int attached = 1;
int pinfd = -1;
char *pinfile = NULL;
@@ -456,8 +457,9 @@ main(int argc, char *argv[])
&infile, 0, "input filename", "<infile>" },
{"outfile", 'o', POPT_ARG_STRING,
&outfile, 0, "output filename", "<outfile>" },
- {"detached", 'd', POPT_ARG_VAL, &attached, 0,
- "create detached signature", NULL },
+ {"export", 'e', POPT_ARG_STRING,
+ &exportfile, 0, "create detached signature",
+ "<outfile>" },
{"pinfd", 'f', POPT_ARG_INT, &pinfd, -1,
"read file descriptor for pin information",
"<file descriptor>" },
@@ -494,6 +496,22 @@ main(int argc, char *argv[])
exit(1);
}
+ if (!outfile && !exportfile) {
+ fprintf(stderr, "pesign-client: neither --outfile nor --export "
+ "specified\n");
+ exit(1);
+ }
+
+ if (outfile && exportfile) {
+ fprintf(stderr, "pesign-client: both --outfile and --export "
+ "specified\n");
+ exit(1);
+ }
+ if (exportfile) {
+ outfile = exportfile;
+ attached = 0;
+ }
+
poptFreeContext(optCon);
int sd = connect_to_server();
diff --git a/src/pesign-client.1 b/src/pesign-client.1
index 686383e..1ccfbb3 100644
--- a/src/pesign-client.1
+++ b/src/pesign-client.1
@@ -5,10 +5,11 @@ pesign-client \- command line tool for signing UEFI applications
.SH SYNOPSIS
\fBpesign\fR [--in=\fIinfile\fR | -i \fIinfile\fR]
[--out=\fIoutfile\fR | -o \fIoutfile\fR]
+ [--export=\fIexportfile\fR | -e \fIexportfile\fR]
[--token=\fItoken\fR | -t \fItoken\fR]
[--certificate=\fInickname\fR | -c \fInickname\fR]
[--unlock | -u] [--kill | -k] [--sign | -s]
- [--detached | -d] [--pinfd=\fIpinfd\fR | -f \fIpinfd\fR]
+ [--pinfd=\fIpinfd\fR | -f \fIpinfd\fR]
[--pinfile=\fIpinfile\fR | -F \fIpinfile\fR]
.SH DESCRIPTION
--
1.7.12.1

View File

@ -1,93 +0,0 @@
From f1a2f097cfb290951702251703abcd34ca0bf9e6 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 15:13:11 -0400
Subject: [PATCH 35/42] Fix shutdown by systemd to remove socket and pidfile.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 33 +++++++++++++++------------------
src/daemon.h | 1 +
2 files changed, 16 insertions(+), 18 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 7ad036c..974a559 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -116,15 +116,6 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
static void
handle_kill_daemon(context *ctx, struct pollfd *pollfd, socklen_t size)
{
- if (ctx->sd >= 0) {
- close(ctx->sd);
- unlink(SOCKPATH);
- }
- xfree(ctx->errstr);
-
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "pesignd exiting (pid %d)", getpid());
-
should_exit = 1;
}
@@ -602,11 +593,17 @@ handle_event(context *ctx, struct pollfd *pollfd)
static void
do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
{
+ unlink(SOCKPATH);
+ unlink(PIDFILE);
+
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "pesignd exiting (pid %d)", getpid());
+
+ xfree(ctx->errstr);
+
for (int i = 0; i < nsockets; i++)
close(pollfds[i].fd);
free(pollfds);
-
- xfree(ctx->errstr);
}
static int
@@ -843,7 +840,7 @@ daemon_logger(cms_context *cms, int priority, char *fmt, ...)
static void
write_pid_file(int pid)
{
- int fd = open("/var/run/pesign.pid", O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ int fd = open(PIDFILE, O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (fd < 0) {
err:
fprintf(stderr, "couldn't open pidfile: %m\n");
@@ -963,12 +960,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
setsid();
if (do_fork) {
- signal(SIGTTOU, SIG_IGN);
- signal(SIGTTIN, SIG_IGN);
- signal(SIGTSTP, SIG_IGN);
- signal(SIGQUIT, quit_handler);
- signal(SIGINT, quit_handler);
- signal(SIGTERM, quit_handler);
+ struct sigaction sa = {
+ .sa_handler = quit_handler,
+ };
+ sigaction(SIGQUIT, &sa, NULL);
+ sigaction(SIGINT, &sa, NULL);
+ sigaction(SIGTERM, &sa, NULL);
}
char *homedir = NULL;
diff --git a/src/daemon.h b/src/daemon.h
index 56cef17..5485e60 100644
--- a/src/daemon.h
+++ b/src/daemon.h
@@ -48,5 +48,6 @@ typedef enum {
#define PESIGND_VERSION 0xa3cf41cb
#define SOCKPATH "/var/run/pesign/socket"
+#define PIDFILE "/var/run/pesign.pid"
#endif /* DAEMON_H */
--
1.7.12.1

View File

@ -1,42 +0,0 @@
From 22308fbfb540b5215efb9ce96a4dfdce08ef9165 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 15:16:05 -0400
Subject: [PATCH 36/42] Make the macros use the default (fedora) signer if
there's a daemon running.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index 7706050..fb9d21e 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -10,13 +10,22 @@
%__pesign_cert %{!?pe_signing_cert:-c "Red Hat Test Certificate"}%{?pe_signing_cert:-c "%{pe_signing_cert}"}
%_pesign /usr/bin/pesign
+%_pesign_client /usr/bin/pesign-client
%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
- %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
+ if [ -e /var/run/pesign/socket ]; then \
+ %{_pesign_client} -t "OpenSC Card (Fedora Signing CA)" \\\
+ -c "/CN=Fedora Secure Boot Signer" \\\
+ %{-i} %{-o} %{-e} %{-s} \
+ else \
+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
+ fi \
else \
if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \
mv %{-i*} %{-o*} \
+ elif [ -n "%{-i*}" -a -n "%{-e*}" ]; then \
+ touch %{-e*} \
fi \
fi ;
--
1.7.12.1

View File

@ -1,28 +0,0 @@
From abe7981ba049b23ae9c42da92559576c6e0cc53b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:07:40 -0400
Subject: [PATCH 37/42] Fix command line checking for -s.
Accidentally applied when not using -s. Woops.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/client.c b/src/client.c
index 5e5399d..777197a 100644
--- a/src/client.c
+++ b/src/client.c
@@ -496,7 +496,7 @@ main(int argc, char *argv[])
exit(1);
}
- if (!outfile && !exportfile) {
+ if (action & SIGN_BINARY && (!outfile && !exportfile)) {
fprintf(stderr, "pesign-client: neither --outfile nor --export "
"specified\n");
exit(1);
--
1.7.12.1

View File

@ -1,178 +0,0 @@
From 8067d9bace148a254528fdf752f083d2a0debada Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:26 -0400
Subject: [PATCH 38/42] Add support to read the pin from stdin in client.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 10 +++++++---
src/password.c | 41 +++++++++++++++++++++++++++++++++++++++++
src/password.h | 1 +
src/signer_info.c | 45 +--------------------------------------------
4 files changed, 50 insertions(+), 47 deletions(-)
diff --git a/src/client.c b/src/client.c
index 777197a..1ec582b 100644
--- a/src/client.c
+++ b/src/client.c
@@ -212,10 +212,14 @@ get_token_pin(int pinfd, char *pinfile, char *envname)
fclose(pinf);
return pin;
- } else
- return strdup(getenv(envname));
+ } else {
+ pin = getenv(envname);
+ if (pin)
+ return strdup(pin);
+ }
- return NULL;
+ pin = readpw(NULL, PR_FALSE, NULL);
+ return pin;
}
static void
diff --git a/src/password.c b/src/password.c
index 100c584..c663955 100644
--- a/src/password.c
+++ b/src/password.c
@@ -17,6 +17,7 @@
* Author(s): Peter Jones <pjones@redhat.com>
*/
+#include <limits.h>
#include <stdlib.h>
#include <termios.h>
#include <unistd.h>
@@ -289,4 +290,44 @@ SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
return NULL;
}
+#if 0
+#warning investigate killing readpw
+#endif
+char *
+readpw(PK11SlotInfo *slot, PRBool retry, void *arg)
+{
+ struct termios sio, tio;
+ char line[LINE_MAX], *p;
+ if (tcgetattr(fileno(stdin), &sio) < 0) {
+ fprintf(stderr, "Could not read password from standard input.\n");
+ return NULL;
+ }
+ tio = sio;
+ tio.c_lflag &= ~ECHO;
+ if (tcsetattr(fileno(stdin), 0, &tio) < 0) {
+ fprintf(stderr, "Could not read password from standard input.\n");
+ return NULL;
+ }
+
+ fprintf(stdout, "Enter passphrase for private key: ");
+ if (fgets(line, sizeof(line), stdin) == NULL) {
+ fprintf(stdout, "\n");
+ tcsetattr(fileno(stdin), 0, &sio);
+ return NULL;
+ }
+ fprintf(stdout, "\n");
+ tcsetattr(fileno(stdin), 0, &sio);
+
+ p = line + strcspn(line, "\r\n");
+ if (p != NULL)
+ *p = '\0';
+
+ char *ret = strdup(line);
+ memset(line, '\0', sizeof (line));
+ if (!ret) {
+ fprintf(stderr, "Could not read passphrase.\n");
+ return NULL;
+ }
+ return ret;
+}
diff --git a/src/password.h b/src/password.h
index 853bd5a..bcbac44 100644
--- a/src/password.h
+++ b/src/password.h
@@ -22,5 +22,6 @@
extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
extern char *get_password_passthrough(PK11SlotInfo *slot, PRBool retry, void *arg);
extern char *get_password_fail(PK11SlotInfo *slot, PRBool retry, void *arg);
+extern char *readpw(PK11SlotInfo *slot, PRBool retry, void *arg);
#endif /* PASSWORD_H */
diff --git a/src/signer_info.c b/src/signer_info.c
index 932b896..f755bf6 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -19,10 +19,8 @@
#include "pesign.h"
-#include <limits.h>
#include <string.h>
#include <syslog.h>
-#include <termios.h>
#include <time.h>
#include <unistd.h>
@@ -159,47 +157,6 @@ err:
return -1;
}
-#if 0
-#warning investigate killing getpw
-#endif
-static char *getpw(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- struct termios sio, tio;
- char line[LINE_MAX], *p;
-
- if (tcgetattr(fileno(stdin), &sio) < 0) {
- fprintf(stderr, "Could not read password from standard input.\n");
- return NULL;
- }
- tio = sio;
- tio.c_lflag &= ~ECHO;
- if (tcsetattr(fileno(stdin), 0, &tio) < 0) {
- fprintf(stderr, "Could not read password from standard input.\n");
- return NULL;
- }
-
- fprintf(stdout, "Enter passphrase for private key: ");
- if (fgets(line, sizeof(line), stdin) == NULL) {
- fprintf(stdout, "\n");
- tcsetattr(fileno(stdin), 0, &sio);
- return NULL;
- }
- fprintf(stdout, "\n");
- tcsetattr(fileno(stdin), 0, &sio);
-
- p = line + strcspn(line, "\r\n");
- if (p != NULL)
- *p = '\0';
-
- char *ret = strdup(line);
- memset(line, '\0', sizeof (line));
- if (!ret) {
- fprintf(stderr, "Could not read passphrase.\n");
- return NULL;
- }
- return ret;
-}
-
static int
sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
{
@@ -216,7 +173,7 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
if (!oid)
goto err;
- PK11_SetPasswordFunc(cms->func ? cms->func : getpw);
+ PK11_SetPasswordFunc(cms->func ? cms->func : readpw);
SECKEYPrivateKey *privkey = PK11_FindKeyByAnyCert(cms->cert,
cms->pwdata ? cms->pwdata : NULL);
if (!privkey) {
--
1.7.12.1

View File

@ -1,60 +0,0 @@
From 3ceb3eb5b1c36ead2a862bcec5e527f74dc91381 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:49 -0400
Subject: [PATCH 39/42] Fix token auth authentication failure error reporting.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 4 +++-
src/daemon.c | 4 ++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 898ddfb..2f3683e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -316,6 +316,7 @@ unlock_nss_token(cms_context *cms)
secuPWData pwdata_val = { 0, 0 };
void *pwdata = cms->pwdata ? cms->pwdata : &pwdata_val;
PK11_SetPasswordFunc(cms->func ? cms->func : SECU_GetModulePassword);
+ int rc = -1;
PK11SlotList *slots = NULL;
slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
@@ -323,7 +324,7 @@ unlock_nss_token(cms_context *cms)
cms->log(cms, LOG_ERR, "Could not find certificate \"%s\"",
cms->tokenname);
err:
- return -1;
+ return rc;
}
PK11SlotListElement *psle = NULL;
@@ -351,6 +352,7 @@ err_slots:
cms->log(cms, LOG_ERR, "Authentication failed for "
"token \"%s\"", cms->tokenname);
PK11_DestroySlotListElement(slots, &psle);
+ rc = -2;
goto err_slots;
}
}
diff --git a/src/daemon.c b/src/daemon.c
index 974a559..bf7485f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -204,10 +204,10 @@ malformed:
cms_set_pw_callback(ctx->cms, get_password_fail);
cms_set_pw_data(ctx->cms, NULL);
- if (rc < 0)
+ if (rc == -1)
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
"could not find token \"%s\"", tn->value);
- else
+ else if (rc == 0)
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
"authentication succeeded for token \"%s\"",
tn->value);
--
1.7.12.1

View File

@ -1,28 +0,0 @@
From 9c2daa8d3761b49961498cb9a9bbc8a37e05b0da Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:19:39 -0400
Subject: [PATCH 40/42] Use setfacl in sysvinit script to allow kojibuilder
access.
---
src/pesign.sysvinit | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/pesign.sysvinit b/src/pesign.sysvinit
index f955e01..ea37c58 100644
--- a/src/pesign.sysvinit
+++ b/src/pesign.sysvinit
@@ -24,6 +24,10 @@ start(){
RETVAL=$?
echo
touch /var/lock/subsys/pesign
+ setfacl -m u:kojibuilder:x /var/run/pesign
+ setfacl -m u:kojibuilder:rw /var/run/pesign/socket
+ setfacl -m g:kojibuilder:x /var/run/pesign
+ setfacl -m g:kojibuilder:rw /var/run/pesign/socket
}
stop(){
--
1.7.12.1

View File

@ -1,33 +0,0 @@
From 2bd84dcfbdf084bcfb3e6d7c26756ca3783cdae4 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:20:40 -0400
Subject: [PATCH 41/42] Don't return quite so immediately if we're the parent
pid when daemonizing.
Long term we probably want to look for the socket and/or sigchld instead
of this.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index bf7485f..6951f0a 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -885,8 +885,10 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (do_fork) {
pid_t pid;
- if ((pid = fork()))
+ if ((pid = fork())) {
+ sleep(2);
return 0;
+ }
}
ctx.pid = getpid();
write_pid_file(ctx.pid);
--
1.7.12.1

View File

@ -1,28 +0,0 @@
From b699c67004807c53d7c22328ba15304c4f9748a9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 19:16:52 -0400
Subject: [PATCH 42/42] Get the Fedora signing token name right.
Because, you know, we're not signing with the CA token.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index fb9d21e..4996d7c 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -15,7 +15,7 @@
%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
if [ -e /var/run/pesign/socket ]; then \
- %{_pesign_client} -t "OpenSC Card (Fedora Signing CA)" \\\
+ %{_pesign_client} -t "OpenSC Card (Fedora Signer)" \\\
-c "/CN=Fedora Secure Boot Signer" \\\
%{-i} %{-o} %{-e} %{-s} \
else \
--
1.7.12.1

View File

@ -1,46 +0,0 @@
From 3e257e96c9b48e07e0885f391f1e50fd69b52408 Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <pesign-owner@fedoraproject.org>
Date: Mon, 26 Nov 2012 19:05:54 -0500
Subject: [PATCH] Add support for local certificate database directories
Users may wish to use a certificate database other than the systemwide one.
Add an option for that.
---
src/pesign.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/pesign.c b/src/pesign.c
index 2c98600..cd3031c 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -437,6 +437,7 @@ main(int argc, char *argv[])
char *tokenname = "NSS Certificate DB";
char *origtoken = tokenname;
char *certname = NULL;
+ char *certdir = "/etc/pki/pesign";
rc = pesign_context_new(&ctxp);
if (rc < 0) {
@@ -454,6 +455,10 @@ main(int argc, char *argv[])
{"certficate", 'c', POPT_ARG_STRING, &certname, 0,
"specify certificate nickname",
"<certificate nickname>" },
+ {"certdir", 'n', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT,
+ &certdir, 0,
+ "specify nss certificate database directory",
+ "<certificate directory path>" },
{"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0,
"specify private key file", "<privkey>" },
{"force", 'f', POPT_ARG_VAL, &ctxp->force, 1,
@@ -536,7 +541,7 @@ main(int argc, char *argv[])
poptFreeContext(optCon);
if (!daemon) {
- SECStatus status = NSS_Init("/etc/pki/pesign");
+ SECStatus status = NSS_Init(certdir);
if (status != SECSuccess) {
fprintf(stderr, "Could not initialize nss: %s\n",
PORT_ErrorToString(PORT_GetError()));
--
1.8.0

View File

@ -1,7 +1,7 @@
Summary: Signing utility for UEFI binaries
Name: pesign
Version: 0.99
Release: 9%{?dist}
Version: 0.100
Release: 1%{?dist}
Group: Development/System
License: GPLv2
URL: https://github.com/vathpela/pesign
@ -20,50 +20,6 @@ ExclusiveArch: i686 x86_64 ia64
Source0: pesign-%{version}.tar.bz2
Source1: rh-test-certs.tar.bz2
Patch1: 0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch
Patch2: 0002-Remove-an-unused-field.patch
Patch3: 0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
Patch4: 0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
Patch5: 0005-Fix-check-for-allocations-on-tokenname-certname.patch
Patch6: 0006-Update-valgrind.supp-for-newer-codepaths.patch
Patch7: 0007-Free-the-pid-string-once-we-re-done-writing-it.patch
Patch8: 0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch
Patch9: 0009-Only-try-to-register-OIDs-once.patch
Patch10: 0010-Check-for-NSS_Shutdown-failure.patch
Patch11: 0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch
Patch12: 0012-valgrind-Add-SECMOD_LoadModule-codepath.patch
Patch13: 0013-Don-t-set-up-digests-in-cms_context_init.patch
Patch14: 0014-Do-register_oids-where-we-re-doing-NSS_Init.patch
Patch15: 0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch
Patch16: 0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch
Patch17: 0017-Use-PORT_ArenaStrdup-where-appropriate.patch
Patch18: 0018-Minor-whitespace-fixes.patch
Patch19: 0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch
Patch20: 0020-Allocate-pesign_context-rather-than-having-it-on-the.patch
Patch21: 0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch
Patch22: 0022-Handle-errors-on-pesign_context_init.patch
Patch23: 0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch
Patch24: 0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch
Patch25: 0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch
Patch26: 0026-Rework-setup_digests-and-teardown_digests.patch
Patch27: 0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch
Patch28: 0028-Fix-errors-found-by-coverity.patch
Patch29: 0029-Don-t-keep-the-DEPS-list-twice.patch
Patch30: 0030-Don-t-build-util-right-now.patch
Patch31: 0031-Make-install_systemd-and-install_sysvinit-separate-t.patch
Patch32: 0032-Get-rid-of-an-unnecessary-allocation.patch
Patch33: 0033-Allow-use-of-e-from-rpm-macro.patch
Patch34: 0034-Make-client-use-e-like-pesign-does-rather-than-detac.patch
Patch35: 0035-Fix-shutdown-by-systemd-to-remove-socket-and-pidfile.patch
Patch36: 0036-Make-the-macros-use-the-default-fedora-signer-if-the.patch
Patch37: 0037-Fix-command-line-checking-for-s.patch
Patch38: 0038-Add-support-to-read-the-pin-from-stdin-in-client.patch
Patch39: 0039-Fix-token-auth-authentication-failure-error-reportin.patch
Patch40: 0040-Use-setfacl-in-sysvinit-script-to-allow-kojibuilder-.patch
Patch41: 0041-Don-t-return-quite-so-immediately-if-we-re-the-paren.patch
Patch42: 0042-Get-the-Fedora-signing-token-name-right.patch
Patch43: 0043-Add-support-for-local-certificate-database-directori.patch
%description
This package contains the pesign utility for signing UEFI binaries as
well as other associated tools.
@ -132,6 +88,9 @@ exit 0
%ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/pesign.pid
%changelog
* Fri Nov 30 2012 Peter Jones <pjones@redhat.com> - 0.100-1
- Fix insertion of signatures from a file.
* Mon Nov 26 2012 Matthew Garrett <mjg59@srcf.ucam.org> - 0.99-9
- Add a patch needed for new shim builds

View File

@ -1,2 +1,2 @@
328db7cb27847cb610b7cf8f9c470455 rh-test-certs.tar.bz2
99a5e8d3c9e7ac103595afec1160838b pesign-0.99.tar.bz2
ce4d253db06351c3de9d9334c327f93c pesign-0.100.tar.bz2