rpms/pesign
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix insertion of signatures from a file.

Browse Source
This commit is contained in:
Peter Jones 2012-11-30 17:09:31 -05:00
parent 47e695fb59
commit 5aca172458
45 changed files with 6 additions and 4238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch
View File

@ -1,55 +0,0 @@
From 406a08cc45a2d0761294002d946ee3381a4706ee Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:53:07 -0400
Subject: [PATCH 01/42] Use PK11_TraverseCertsForNicknameInSlot after all.
As of 76bc13c it doesn't appear to be leaky any more, and it does a
better job of disinguishing between certificates with the same nickname
than we did when doing it by hand.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 644b44c..2d51979 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -465,23 +465,23 @@ err_slots:
goto err_slots_errmsg;
}
+ SECItem nickname = {
+ .data = (void *)cms->certname,
+ .len = strlen(cms->certname) + 1,
+ .type = siUTF8String,
+ };
struct cbdata cbdata = {
.cert = NULL,
.psle = psle,
.pwdata = pwdata,
};
- CERTCertListNode *node = NULL;
- for (node = CERT_LIST_HEAD(certlist); !CERT_LIST_END(node,certlist);
- node = CERT_LIST_NEXT(node)) {
- if (strcmp(cms->certname, node->cert->nickname))
- continue;
+ status = PK11_TraverseCertsForNicknameInSlot(&nickname, psle->slot,
+ is_valid_cert, &cbdata);
+ if (cbdata.cert == NULL)
+ goto err_slots;
- if (is_valid_cert(node->cert, &cbdata) == SECSuccess) {
- cms->cert = CERT_DupCertificate(cbdata.cert);
- break;
- }
- }
+ cms->cert = CERT_DupCertificate(cbdata.cert);
PK11_DestroySlotListElement(slots, &psle);
PK11_FreeSlotList(slots);
--
1.7.12.1

38
0002-Remove-an-unused-field.patch
View File

@ -1,38 +0,0 @@
From e4aa0a2755d7b00e31760a7f90561b0566445fa4 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:54:10 -0400
Subject: [PATCH 02/42] Remove an unused field.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign_context.c | 1 -
src/pesign_context.h | 1 -
2 files changed, 2 deletions(-)
diff --git a/src/pesign_context.c b/src/pesign_context.c
index b4b201d..c6afda6 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -88,7 +88,6 @@ pesign_context_fini(pesign_context *ctx)
ctx->cms_ctx = NULL;
}
- xfree(ctx->certname);
xfree(ctx->privkeyfile);
if (ctx->outpe) {
diff --git a/src/pesign_context.h b/src/pesign_context.h
index cabccf3..8f4e45a 100644
--- a/src/pesign_context.h
+++ b/src/pesign_context.h
@@ -58,7 +58,6 @@ typedef struct {
Pe *outpe;
char *privkeyfile;
- char *certname;
cms_context *cms_ctx;
int flags;
--
1.7.12.1

26
0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
View File

@ -1,26 +0,0 @@
From df5afd0e6d92f31a804f5f1631b6fae3b8ef4d8b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:54:37 -0400
Subject: [PATCH 03/42] Free the certificate list we make once we're done
using it.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/wincert.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/wincert.c b/src/wincert.c
index fe666c5..b487dc5 100644
--- a/src/wincert.c
+++ b/src/wincert.c
@@ -74,6 +74,7 @@ finalize_signatures(cms_context *cms, Pe *pe)
free(clist);
return -1;
}
+ free(clist);
return 0;
}
--
1.7.12.1

63
0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
View File

@ -1,63 +0,0 @@
From c13cc0b03dcae9a743cc49aaa62c3923a3e7d8f9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 09:55:02 -0400
Subject: [PATCH 04/42] Make sure we actually look up the certificate when not
in daemon mode.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 108994e..4ddf636 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -500,12 +500,6 @@ main(int argc, char *argv[])
POPT_TABLEEND
};
- tokenname = strdup(tokenname);
- if (!tokenname) {
- fprintf(stderr, "could not allocate memory: %m\n");
- exit(1);
- }
-
if (!daemon) {
SECStatus status = NSS_Init("/etc/pki/pesign");
if (status != SECSuccess) {
@@ -521,8 +515,6 @@ main(int argc, char *argv[])
exit(1);
}
- ctx.cms_ctx->certname = certname ? strdup(certname) : NULL;
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -559,7 +551,21 @@ main(int argc, char *argv[])
exit(!is_help);
}
- ctx.cms_ctx->tokenname = tokenname;
+ ctx.cms_ctx->tokenname = tokenname ?
+ PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
+ if (!ctx.cms_ctx->tokenname) {
+ fprintf(stderr, "could not allocate token name: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+
+ ctx.cms_ctx->certname = certname ?
+ PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
+ if (!ctx.cms_ctx->certname) {
+ fprintf(stderr, "could not allocate certificate name: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
int action = 0;
if (daemon)
--
1.7.12.1

38
0005-Fix-check-for-allocations-on-tokenname-certname.patch
View File

@ -1,38 +0,0 @@
From 844138e07535a8aa2be80496378c9929acaa1687 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:35:41 -0400
Subject: [PATCH 05/42] Fix check for allocations on tokenname,certname.
If we didn't have anything to start with, we won't have anything when
we're done...
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 4ddf636..c7b23cf 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -553,7 +553,7 @@ main(int argc, char *argv[])
ctx.cms_ctx->tokenname = tokenname ?
PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
- if (!ctx.cms_ctx->tokenname) {
+ if (tokenname && !ctx.cms_ctx->tokenname) {
fprintf(stderr, "could not allocate token name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
@@ -561,7 +561,7 @@ main(int argc, char *argv[])
ctx.cms_ctx->certname = certname ?
PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
- if (!ctx.cms_ctx->certname) {
+ if (certname && !ctx.cms_ctx->certname) {
fprintf(stderr, "could not allocate certificate name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
--
1.7.12.1

812
0006-Update-valgrind.supp-for-newer-codepaths.patch
View File

@ -1,812 +0,0 @@
From 682233d107460b49071017b4d88c0430373dbd35 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:55:25 -0400
Subject: [PATCH 06/42] Update valgrind.supp for newer codepaths.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 361 ++++++++++++++++++++++++++++++++++++------------------
1 file changed, 245 insertions(+), 116 deletions(-)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 3a51293..0a8edd9 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1,23 +1,43 @@
{
<insert_a_suppression_name_here>
- Memcheck:Leak
- fun:malloc
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
- fun:nss_Init
- fun:NSS_Init
- fun:main
+ Memcheck:Param
+ socketcall.sendto(msg)
+ fun:send
+ fun:MessageSend
+ fun:MessageSendWithHeader
+ fun:SCardConnect
+ fun:CKYCardConnection_Connect
+ fun:_ZN4Slot14connectToTokenEv
+ fun:_ZN4Slot17refreshTokenStateEv
+ fun:_ZN4Slot14isTokenPresentEv
+ fun:_ZN8SlotList11getSlotListEhPmS0_
+ fun:C_GetSlotList
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
}
{
<insert_a_suppression_name_here>
- Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
+ Memcheck:Cond
+ fun:SCardStatus
+ fun:CKYCardConnection_GetStatus
+ fun:_ZN4Slot23cardStateMayHaveChangedEv
+ fun:_ZN4Slot17refreshTokenStateEv
+ fun:_ZN4Slot14isTokenPresentEv
+ fun:_ZN8SlotList11getSlotListEhPmS0_
+ fun:C_GetSlotList
fun:secmod_LoadPKCS11Module
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -25,12 +45,15 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
+ fun:malloc
+ fun:PORT_Alloc_Util
+ fun:PK11_ReadMechanismList
+ fun:PK11_InitToken
+ fun:PK11_InitSlot
fun:secmod_LoadPKCS11Module
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -223,12 +246,10 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:_Znwm
- obj:*
- fun:secmod_ModuleInit
- fun:secmod_LoadPKCS11Module
- fun:SECMOD_LoadModule
- fun:SECMOD_LoadModule
+ fun:calloc
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -237,10 +258,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PKIX_PL_Malloc
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PR_NewCondVar
+ fun:NSSRWLock_New_Util
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -249,18 +270,7 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PKIX_PL_Malloc
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
+ fun:PR_NewCondVar
fun:NSSRWLock_New_Util
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -272,10 +282,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PR_NewCondVar
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:PKIX_PL_Malloc
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
fun:nss_Init
fun:NSS_Init
fun:main
@@ -284,10 +294,10 @@
<insert_a_suppression_name_here>
Memcheck:Leak
fun:malloc
- fun:PR_NewCondVar
- fun:NSSRWLock_New_Util
- fun:NSSTrustDomain_Create
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:PKIX_PL_Malloc
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
fun:nss_Init
fun:NSS_Init
fun:main
@@ -357,8 +367,10 @@
fun:calloc
fun:PORT_ZAlloc_Util
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -368,8 +380,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -382,8 +396,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -396,8 +412,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -410,8 +428,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -424,28 +444,32 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
@@ -466,6 +490,7 @@
fun:calloc
fun:nss_ZAlloc
fun:nssArena_Create
+ fun:NSSArena_Create
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -505,7 +530,10 @@
fun:calloc
fun:nss_ZAlloc
fun:nssArena_Create
+ fun:NSSArena_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -514,14 +542,12 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
- fun:malloc
- obj:*
- obj:*
- obj:*
- fun:secmod_ModuleInit
- fun:secmod_LoadPKCS11Module
- fun:SECMOD_LoadModule
- fun:SECMOD_LoadModule
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssTokenObjectCache_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -531,28 +557,32 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
- fun:NSS_Init
- fun:main
}
{
<insert_a_suppression_name_here>
@@ -560,35 +590,11 @@
fun:calloc
fun:PORT_ZAlloc_Util
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:nss_ZAlloc
- fun:nssArena_Create
- fun:nssToken_CreateFromPK11SlotInfo
- fun:STAN_InitTokenForSlotInfo
- fun:STAN_LoadDefaultNSS3TrustDomain
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:nss_ZAlloc
- fun:nssArena_Create
- fun:nssToken_CreateFromPK11SlotInfo
- fun:STAN_InitTokenForSlotInfo
- fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -599,8 +605,10 @@
fun:calloc
fun:PR_NewLock
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -610,8 +618,10 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -621,22 +631,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
- fun:nss_Init
- fun:NSS_Init
- fun:main
-}
-{
- <insert_a_suppression_name_here>
- Memcheck:Leak
- fun:calloc
- fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_Mutex_Create
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -646,9 +645,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Mutex_Create
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -658,9 +659,10 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:PKIX_PL_Object_Alloc
- fun:PKIX_PL_HashTable_Create
- fun:PKIX_Initialize
+ fun:nssArena_Create
+ fun:NSSArena_Create
+ fun:NSSTrustDomain_Create
+ fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
fun:main
@@ -670,7 +672,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssArena_Create
+ fun:NSSRWLock_New_Util
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -682,7 +684,8 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:NSSRWLock_New_Util
+ fun:nssArena_Create
+ fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
@@ -694,7 +697,6 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssArena_Create
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -707,6 +709,8 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -720,6 +724,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -733,6 +738,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -746,6 +752,7 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -758,9 +765,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssHash_Create
- fun:nssTrustDomain_InitializeCache
- fun:NSSTrustDomain_Create
+ fun:nssList_Create
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -771,7 +776,9 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
- fun:nssList_Create
+ fun:nssTokenObjectCache_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -821,7 +828,10 @@
fun:calloc
fun:PR_NewLock
fun:nssArena_Create
+ fun:NSSArena_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -834,6 +844,8 @@
fun:PR_NewLock
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -845,8 +857,11 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -858,8 +873,11 @@
fun:calloc
fun:PR_NewLock
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssCertificateStore_Create
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -871,6 +889,55 @@
fun:calloc
fun:PR_NewLock
fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_Mutex_Create
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Mutex_Create
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
+ fun:PKIX_PL_HashTable_Create
+ fun:PKIX_Initialize
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:PR_NewLock
+ fun:PKIX_PL_Object_Alloc
fun:PKIX_PL_Mutex_Create
fun:PKIX_PL_HashTable_Create
fun:PKIX_Initialize
@@ -1064,6 +1131,33 @@
{
<insert_a_suppression_name_here>
Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssSlot_CreateFromPK11SlotInfo
+ fun:nssToken_CreateFromPK11SlotInfo
+ fun:STAN_InitTokenForSlotInfo
+ fun:STAN_LoadDefaultNSS3TrustDomain
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
fun:malloc
fun:PKIX_PL_Malloc
fun:pkix_pl_PrimHashTable_Create
@@ -1126,8 +1220,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateCertificate
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1140,8 +1236,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateItem
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1154,8 +1252,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1168,8 +1268,10 @@
Memcheck:Leak
fun:calloc
fun:nss_ZAlloc
+ fun:nss_arena_hash_alloc_table
fun:PL_NewHashTable
fun:nssHash_Create
+ fun:nssHash_CreateString
fun:nssTrustDomain_InitializeCache
fun:NSSTrustDomain_Create
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1183,9 +1285,11 @@
fun:calloc
fun:PR_NewLock
fun:PORT_NewArena_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1195,9 +1299,11 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1233,6 +1339,7 @@
fun:calloc
fun:PR_NewLock
fun:nssArena_Create
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1245,6 +1352,7 @@
Memcheck:Leak
fun:calloc
fun:PR_NewLock
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
@@ -1258,8 +1366,24 @@
fun:malloc
fun:PL_ArenaAllocate
fun:PORT_ArenaAlloc_Util
+ fun:secmod_NewModule
fun:SECMOD_CreateModule
fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ fun:PORT_Alloc_Util
+ fun:PK11_NewSlotInfo
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1273,7 +1397,9 @@
fun:legacy_ReadSecmodDB
fun:sftkdb_ReadSecmodDB
fun:NSC_ModuleDBFunc
+ fun:SECMOD_GetModuleSpecList
fun:SECMOD_LoadModule
+ fun:nss_InitModules
fun:nss_Init
fun:NSS_Init
fun:main
@@ -1349,6 +1475,8 @@
fun:nss_zalloc_arena_locked
fun:nss_ZAlloc
fun:nssCryptoContext_Create
+ fun:nssTrustDomain_CreateCryptoContext
+ fun:NSSTrustDomain_CreateCryptoContext
fun:STAN_LoadDefaultNSS3TrustDomain
fun:nss_Init
fun:NSS_Init
@@ -1375,6 +1503,7 @@
fun:PL_ArenaAllocate
fun:nss_zalloc_arena_locked
fun:nss_ZAlloc
+ fun:nssSlot_CreateFromPK11SlotInfo
fun:nssToken_CreateFromPK11SlotInfo
fun:STAN_InitTokenForSlotInfo
fun:STAN_LoadDefaultNSS3TrustDomain
--
1.7.12.1

25
0007-Free-the-pid-string-once-we-re-done-writing-it.patch
View File

@ -1,25 +0,0 @@
From 81bf0e36a82a3d746a01aee50d8ee460dc794b19 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 10:57:20 -0400
Subject: [PATCH 07/42] Free the pid string once we're done writing it.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/daemon.c b/src/daemon.c
index daa2dbf..245491f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -842,6 +842,7 @@ err:
if (rc < 0)
goto err;
+ free(pidstr);
close(fd);
}
--
1.7.12.1

38
0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch
View File

@ -1,38 +0,0 @@
From 50c50c8fbebab3d8b5efff35dc1a7ca4b44d6b19 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 11:08:30 -0400
Subject: [PATCH 08/42] [valgrind] Don't complain about unlocking a key and
keeping the handle.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 0a8edd9..62934e8 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1511,3 +1511,19 @@
fun:NSS_Init
fun:main
}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:calloc
+ fun:nss_ZAlloc
+ fun:nssArena_Create
+ fun:nssList_Create
+ fun:nssTrustDomain_UpdateCachedTokenCerts
+ fun:PK11_DoPassword
+ fun:PK11_Authenticate
+ fun:unlock_nss_token
+ fun:handle_unlock_token
+ fun:handle_event
+ fun:handle_events
+ fun:daemonize
+}
--
1.7.12.1

36
0009-Only-try-to-register-OIDs-once.patch
View File

@ -1,36 +0,0 @@
From b71f1d2e8f7ad6853e5e68134a66baf9dea2471b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 11:26:04 -0400
Subject: [PATCH 09/42] Only try to register OIDs once.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 2d51979..6219a2a 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -179,11 +179,15 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...)
int
cms_context_init(cms_context *cms)
{
+ static int first_time = 1;
memset(cms, '\0', sizeof (*cms));
- SECStatus status = register_oids(cms);
- if (status != SECSuccess)
- return -1;
+ if (first_time) {
+ SECStatus status = register_oids(cms);
+ if (status != SECSuccess)
+ return -1;
+ first_time = 0;
+ }
cms->log = cms_common_log;
--
1.7.12.1

30
0010-Check-for-NSS_Shutdown-failure.patch
View File

@ -1,30 +0,0 @@
From f966137c17f74fc3e343dfb6e04300a9d179de03 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 12:05:29 -0400
Subject: [PATCH 10/42] Check for NSS_Shutdown() failure.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index 245491f..77fff90 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -967,6 +967,11 @@ daemonize(cms_context *cms_ctx, int do_fork)
rc = handle_events(&ctx);
- NSS_Shutdown();
+ status = NSS_Shutdown();
+ if (status != SECSuccess) {
+ fprintf(stderr, "NSS_Shutdown failed: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
return rc;
}
--
1.7.12.1

100
0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch
View File

@ -1,100 +0,0 @@
From 0dddfd5e738232403220b0d18888f94fa0032a59 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 12:17:39 -0400
Subject: [PATCH 11/42] Don't destroy stdin/stdout/stderr if we don't fork.
I like being able to read my error messages.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 59 +++++++++++++++++++++++++++++++++--------------------------
1 file changed, 33 insertions(+), 26 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 77fff90..a31c063 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -890,33 +890,38 @@ daemonize(cms_context *cms_ctx, int do_fork)
exit(1);
}
- int fd = open("/dev/zero", O_RDONLY);
- close(STDIN_FILENO);
- rc = dup2(fd, STDIN_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard input: %m");
- exit(1);
- }
- close(fd);
+ if (do_fork) {
+ int fd = open("/dev/zero", O_RDONLY);
+ close(STDIN_FILENO);
+ rc = dup2(fd, STDIN_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard input: %m");
+ exit(1);
+ }
+ close(fd);
- fd = open("/dev/null", O_WRONLY);
- close(STDOUT_FILENO);
- rc = dup2(fd, STDOUT_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard output: %m");
- exit(1);
- }
+ fd = open("/dev/null", O_WRONLY);
+ close(STDOUT_FILENO);
+ rc = dup2(fd, STDOUT_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard output: %m");
+ exit(1);
+ }
- close(STDERR_FILENO);
- rc = dup2(fd, STDERR_FILENO);
- if (rc < 0) {
- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not set up standard error: %m");
- exit(1);
+ close(STDERR_FILENO);
+ rc = dup2(fd, STDERR_FILENO);
+ if (rc < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "pesignd: could not set up standard error: %m");
+ exit(1);
+ }
+ close(fd);
}
- close(fd);
prctl(PR_SET_NAME, "pesignd", 0, 0, 0);
@@ -963,13 +968,15 @@ daemonize(cms_context *cms_ctx, int do_fork)
cms_set_pw_callback(ctx.backup_cms, get_password_fail);
cms_set_pw_data(ctx.backup_cms, NULL);
- ctx.backup_cms->log = daemon_logger;
+ if (do_fork)
+ ctx.backup_cms->log = daemon_logger;
rc = handle_events(&ctx);
status = NSS_Shutdown();
if (status != SECSuccess) {
- fprintf(stderr, "NSS_Shutdown failed: %s\n",
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
+ "NSS_Shutdown failed: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
--
1.7.12.1

54
0012-valgrind-Add-SECMOD_LoadModule-codepath.patch
View File

@ -1,54 +0,0 @@
From 19c8e797d092e17f2882d249d5446728a76db050 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:29:30 -0400
Subject: [PATCH 12/42] [valgrind] Add SECMOD_LoadModule codepath.
This is called once when we initialize the database.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/valgrind.supp | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/src/valgrind.supp b/src/valgrind.supp
index 62934e8..783bdad 100644
--- a/src/valgrind.supp
+++ b/src/valgrind.supp
@@ -1527,3 +1527,34 @@
fun:handle_events
fun:daemonize
}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:_Znwm
+ obj:*
+ fun:secmod_ModuleInit
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:daemonize
+ fun:main
+}
+{
+ <insert_a_suppression_name_here>
+ Memcheck:Leak
+ fun:malloc
+ obj:*
+ obj:*
+ obj:*
+ fun:secmod_ModuleInit
+ fun:secmod_LoadPKCS11Module
+ fun:SECMOD_LoadModule
+ fun:SECMOD_LoadModule
+ fun:nss_InitModules
+ fun:nss_Init
+ fun:NSS_Init
+ fun:daemonize
+}
--
1.7.12.1

119
0013-Don-t-set-up-digests-in-cms_context_init.patch
View File

@ -1,119 +0,0 @@
From 186b6d5d39a1feeaa5f9493d28dc4f53015d551d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:33:35 -0400
Subject: [PATCH 13/42] Don't set up digests in cms_context_init.
Move digest setup out of cms_context_init, so we can avoid leaking the
reference to the digests by not having them in ctx->backup_cms in the
daemon.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 9 ++-------
src/cms_common.h | 3 +++
src/daemon.c | 27 +++++++++++++++++++++++++++
3 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 6219a2a..a8e34dd 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -97,7 +97,7 @@ digest_get_digest_size(cms_context *cms)
}
-static int
+int
setup_digests(cms_context *cms)
{
struct digest *digests = NULL;
@@ -133,7 +133,7 @@ err:
return -1;
}
-static void
+void
teardown_digests(cms_context *ctx)
{
struct digest *digests = ctx->digests;
@@ -199,11 +199,6 @@ cms_context_init(cms_context *cms)
return -1;
}
- int rc = setup_digests(cms);
- if (rc < 0) {
- PORT_FreeArena(cms->arena, PR_TRUE);
- return -1;
- }
cms->selected_digest = -1;
return 0;
diff --git a/src/cms_common.h b/src/cms_common.h
index fc80fa3..830427e 100644
--- a/src/cms_common.h
+++ b/src/cms_common.h
@@ -86,6 +86,9 @@ extern int cms_context_alloc(cms_context **ctxp);
extern int cms_context_init(cms_context *ctx);
extern void cms_context_fini(cms_context *ctx);
+extern int setup_digests(cms_context *cms);
+extern void teardown_digests(cms_context *ctx);
+
extern int generate_octet_string(cms_context *ctx, SECItem *encoded,
SECItem *original);
extern int generate_object_id(cms_context *ctx, SECItem *encoded,
diff --git a/src/daemon.c b/src/daemon.c
index a31c063..f44f069 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -143,6 +143,15 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
return;
}
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
if (!buffer) {
@@ -491,6 +500,15 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 1);
@@ -506,6 +524,15 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
+ rc = setup_digests(ctx->cms);
+ if (rc < 0) {
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ send_response(ctx, ctx->backup_cms, pollfd, rc);
+ return;
+ }
+
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 0);
--
1.7.12.1

53
0014-Do-register_oids-where-we-re-doing-NSS_Init.patch
View File

@ -1,53 +0,0 @@
From e1f8d4e38f4ad08fb407691a3f59edc19a1f15e2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:41:18 -0400
Subject: [PATCH 14/42] Do register_oids() where we're doing NSS_Init()
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 8 --------
src/daemon.c | 7 +++++++
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index a8e34dd..6188e6e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -179,16 +179,8 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...)
int
cms_context_init(cms_context *cms)
{
- static int first_time = 1;
memset(cms, '\0', sizeof (*cms));
- if (first_time) {
- SECStatus status = register_oids(cms);
- if (status != SECSuccess)
- return -1;
- first_time = 0;
- }
-
cms->log = cms_common_log;
cms->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
diff --git a/src/daemon.c b/src/daemon.c
index f44f069..085cfec 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -917,6 +917,13 @@ daemonize(cms_context *cms_ctx, int do_fork)
exit(1);
}
+ status = register_oids(ctx.backup_cms);
+ if (status != SECSuccess) {
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
+ "Could not register OIDs\n");
+ exit(1);
+ }
+
if (do_fork) {
int fd = open("/dev/zero", O_RDONLY);
close(STDIN_FILENO);
--
1.7.12.1

61
0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch
View File

@ -1,61 +0,0 @@
From 092e3f81233655849156b0948a53f3b5f51b8c97 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 14:43:58 -0400
Subject: [PATCH 15/42] Make daemon shutdown actually close the NSS databases
and whatnot.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 085cfec..dd215f8 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -125,8 +125,7 @@ handle_kill_daemon(context *ctx, struct pollfd *pollfd, socklen_t size)
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
"pesignd exiting (pid %d)", getpid());
- cms_context_fini(ctx->backup_cms);
- exit(0);
+ should_exit = 1;
}
static void
@@ -625,6 +624,16 @@ handle_event(context *ctx, struct pollfd *pollfd)
return 0;
}
+static void
+do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
+{
+ for (int i = 0; i < nsockets; i++)
+ close(pollfds[i].fd);
+ free(pollfds);
+
+ xfree(ctx->errstr);
+}
+
static int
handle_events(context *ctx)
{
@@ -643,9 +652,14 @@ handle_events(context *ctx)
pollfds[0].events = POLLIN|POLLPRI|POLLHUP;
while (1) {
+ if (should_exit != 0) {
+shutdown:
+ do_shutdown(ctx, nsockets, pollfds);
+ return 0;
+ }
rc = ppoll(pollfds, nsockets, NULL, NULL);
if (should_exit != 0)
- exit(0);
+ goto shutdown;
if (rc < 0) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_WARNING,
--
1.7.12.1

425
0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch
View File

@ -1,425 +0,0 @@
From b6ff405da1bf4627a40fc104457a539788c9f470 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:18:08 -0400
Subject: [PATCH 16/42] Reformat a bunch of error messages to be vaguely
consistent.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 6 ++--
src/daemon.c | 102 ++++++++++++++++++++++++++++---------------------------
2 files changed, 55 insertions(+), 53 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 6188e6e..a1ed460 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -410,7 +410,7 @@ find_certificate(cms_context *cms)
PK11SlotList *slots = NULL;
slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
if (!slots) {
- cms->log(cms, LOG_ERR, "Could not find certificate \"%s:%s\"",
+ cms->log(cms, LOG_ERR, "could not find certificate \"%s:%s\"",
cms->tokenname, cms->certname);
err:
return -1;
@@ -420,7 +420,7 @@ err:
psle = PK11_GetFirstSafe(slots);
if (!psle) {
err_slots_errmsg:
- cms->log(cms, LOG_ERR, "Could not find certificate \"%s:%s\"",
+ cms->log(cms, LOG_ERR, "could not find certificate \"%s:%s\"",
cms->tokenname, cms->certname);
err_slots:
PK11_FreeSlotList(slots);
@@ -441,7 +441,7 @@ err_slots:
if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata);
if (status != SECSuccess) {
- cms->log(cms, LOG_ERR, "Authentication failed on "
+ cms->log(cms, LOG_ERR, "authentication failed for "
"certificate \"%s:%s\"", cms->tokenname,
cms->certname);
PK11_DestroySlotListElement(slots, &psle);
diff --git a/src/daemon.c b/src/daemon.c
index dd215f8..07aaf6c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -82,7 +82,7 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
void *buffer = calloc(1, iov.iov_len);
if (!buffer) {
cms->log(cms, ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: %m");
+ "could not allocate memory: %m");
exit(1);
}
@@ -108,7 +108,7 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
n = sendmsg(pollfd->fd, &msg, 0);
if (n < 0)
cms->log(cms, ctx->priority|LOG_WARNING,
- "pesignd: could not send response to client: %m");
+ "could not send response to client: %m");
free(buffer);
}
@@ -156,7 +156,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -173,9 +173,9 @@ oom:
if (n < sizeof(tn->size)) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return;
}
@@ -202,7 +202,7 @@ malformed:
goto malformed;
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
- "pesignd: unlocking token \"%s\"", tn->value);
+ "unlocking token \"%s\"", tn->value);
/* authenticating with nss frees this ... best API ever. */
ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
@@ -223,9 +223,13 @@ malformed:
cms_set_pw_callback(ctx->cms, get_password_fail);
cms_set_pw_data(ctx->cms, NULL);
- if (rc == 0)
- ctx->cms->log(ctx->cms, LOG_NOTICE, "pesignd: Authentication "
- "succeeded for token \"%s\"", tn->value);
+ if (rc < 0)
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
+ "could not find token \"%s\"", tn->value);
+ else
+ ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
+ "authentication succeeded for token \"%s\"",
+ tn->value);
send_response(ctx, ctx->cms, pollfd, rc);
free(buffer);
@@ -245,7 +249,7 @@ socket_get_fd(context *ctx, int sd, int *fd)
struct cmsghdr *cm = malloc(controllen);
if (!cm) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -262,9 +266,9 @@ socket_get_fd(context *ctx, int sd, int *fd)
if (n < 0) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(sd);
return;
}
@@ -293,7 +297,7 @@ set_up_inpe(context *ctx, int fd, Pe **pe)
*pe = pe_begin(fd, PE_C_READ, NULL);
if (!*pe) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not parse PE binary: %s",
+ "could not parse PE binary: %s",
pe_errmsg(pe_errno()));
return -1;
}
@@ -301,7 +305,7 @@ set_up_inpe(context *ctx, int fd, Pe **pe)
int rc = parse_signatures(ctx->cms, *pe);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not parse signature list");
+ "could not parse signature list");
pe_end(*pe);
*pe = NULL;
return -1;
@@ -320,20 +324,20 @@ set_up_outpe(context *ctx, int fd, Pe *inpe, Pe **outpe)
off_t offset = lseek(fd, 0, SEEK_SET);
if (offset < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not read output file: %m");
+ "could not read output file: %m");
return -1;
}
int rc = ftruncate(fd, size);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not extend output file: %m");
+ "could not extend output file: %m");
return -1;
}
rc = write(fd, addr, size);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not write to output file: %m");
+ "could not write to output file: %m");
return -1;
}
@@ -342,7 +346,7 @@ set_up_outpe(context *ctx, int fd, Pe *inpe, Pe **outpe)
*outpe = pe_begin(fd, PE_C_RDWR, NULL);
if (!*outpe) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not set up output: %s",
+ "could not set up output: %s",
pe_errmsg(pe_errno()));
return -1;
}
@@ -363,7 +367,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size,
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to allocate memory: %m");
+ "unable to allocate memory: %m");
exit(1);
}
@@ -380,9 +384,9 @@ oom:
if (n < sizeof(tn->size)) {
malformed:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unlock-token: invalid data");
+ "unlock-token: invalid data");
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return;
}
@@ -423,7 +427,7 @@ malformed:
socket_get_fd(ctx, pollfd->fd, &outfd);
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
- "pesignd: attempting to sign with key \"%s:%s\"",
+ "attempting to sign with key \"%s:%s\"",
tn->value, cn->value);
free(buffer);
@@ -548,9 +552,9 @@ handle_invalid_input(pesignd_cmd cmd, context *ctx, struct pollfd *pollfd,
socklen_t size)
{
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: got unexpected command 0x%x", cmd);
+ "got unexpected command 0x%x", cmd);
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt");
+ "possible exploit attempt");
}
typedef void (*cmd_handler)(context *ctx, struct pollfd *pollfd,
@@ -593,16 +597,16 @@ handle_event(context *ctx, struct pollfd *pollfd)
n = recvmsg(pollfd->fd, &msg, MSG_WAITALL);
if (n < 0) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_WARNING,
- "pesignd: recvmsg failed: %m");
+ "recvmsg failed: %m");
return n;
}
if (pm.version != PESIGND_VERSION) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: got version %d, expected version %d",
+ "got version %d, expected version %d",
pm.version, PESIGND_VERSION);
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: possible exploit attempt. closing.");
+ "possible exploit attempt. closing.");
close(pollfd->fd);
return -1;
}
@@ -644,7 +648,7 @@ handle_events(context *ctx)
if (!pollfds) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: %m");
+ "could not allocate memory: %m");
exit(1);
}
@@ -663,7 +667,7 @@ shutdown:
if (rc < 0) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_WARNING,
- "pesignd: ppoll: %m");
+ "ppoll: %m");
continue;
}
@@ -675,8 +679,7 @@ shutdown:
if (!newpollfds) {
ctx->backup_cms->log(ctx->backup_cms,
ctx->priority|LOG_ERR,
- "pesignd: could not allocate memory: "
- "%m");
+ "could not allocate memory: %m");
exit(1);
}
pollfds = newpollfds;
@@ -729,8 +732,8 @@ get_uid_and_gid(context *ctx, char **homedir)
if (ctx->uid == 0 || ctx->gid == 0) {
ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_ERR,
- "pesignd: cowardly refusing to start with uid = %d "
- "and gid = %d", ctx->uid, ctx->gid);
+ "cowardly refusing to start with uid = %d and gid = %d",
+ ctx->uid, ctx->gid);
errno = EINVAL;
return -1;
}
@@ -752,7 +755,7 @@ set_up_socket(context *ctx)
int sd = socket(AF_UNIX, SOCK_STREAM, 0);
if (sd < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to create socket: %m");
+ "unable to create socket: %m");
exit(1);
}
@@ -760,7 +763,7 @@ set_up_socket(context *ctx)
int rc = setsockopt(sd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to set socket options: %m");
+ "unable to set socket options: %m");
exit(1);
}
@@ -772,14 +775,14 @@ set_up_socket(context *ctx)
rc = bind(sd, &addr_un, sizeof(addr_un));
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to bind to \"%s\": %m",
+ "unable to bind to \"%s\": %m",
addr_un.sun_path);
exit(1);
}
rc = chmod(SOCKPATH, 0660);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: could not set permissions for \"%s\": %m",
+ "could not set permissions for \"%s\": %m",
SOCKPATH);
exit(1);
}
@@ -787,7 +790,7 @@ set_up_socket(context *ctx)
rc = listen(sd, 5);
if (rc < 0) {
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
- "pesignd: unable to listen on socket: %m");
+ "unable to listen on socket: %m");
exit(1);
}
@@ -809,8 +812,7 @@ check_socket(context *ctx)
int sd = socket(AF_UNIX, SOCK_SEQPACKET, 0);
if (sd < 0) {
- fprintf(stderr, "pesignd: unable to create socket: "
- "%m");
+ fprintf(stderr, "unable to create socket: %m");
exit(1);
}
@@ -829,7 +831,7 @@ check_socket(context *ctx)
if (rc < 0) {
return;
} else {
- fprintf(stderr, "pesignd: already running");
+ fprintf(stderr, "already running");
exit(1);
}
} else {
@@ -871,7 +873,7 @@ write_pid_file(int pid)
int fd = open("/var/run/pesign.pid", O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (fd < 0) {
err:
- fprintf(stderr, "pesignd: couldn't open pidfile: %m\n");
+ fprintf(stderr, "couldn't open pidfile: %m\n");
exit(1);
}
char *pidstr = NULL;
@@ -923,10 +925,10 @@ daemonize(cms_context *cms_ctx, int do_fork)
daemon_logger(ctx.backup_cms, ctx.priority|LOG_NOTICE,
"pesignd starting (pid %d)", ctx.pid);
-
SECStatus status = NSS_Init("/etc/pki/pesign");
if (status != SECSuccess) {
- fprintf(stderr, "Could not initialize nss: %s\n",
+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE,
+ "Could not initialize nss: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
@@ -945,7 +947,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard input: %m");
+ "could not set up standard input: %m");
exit(1);
}
close(fd);
@@ -956,7 +958,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard output: %m");
+ "could not set up standard output: %m");
exit(1);
}
@@ -965,7 +967,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: could not set up standard error: %m");
+ "could not set up standard error: %m");
exit(1);
}
close(fd);
@@ -989,7 +991,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
rc = get_uid_and_gid(&ctx, &homedir);
if (rc < 0) {
ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR,
- "pesignd: could not get group and user information "
+ "could not get group and user information "
"for pesign: %m");
exit(1);
}
@@ -1001,13 +1003,13 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (setgid(ctx.gid) != 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: unable to drop group privileges: %m");
+ "unable to drop group privileges: %m");
exit(1);
}
if (setuid(ctx.uid) != 0) {
ctx.backup_cms->log(ctx.backup_cms,
ctx.priority|LOG_ERR,
- "pesignd: unable to drop user privileges: %m");
+ "unable to drop user privileges: %m");
exit(1);
}
}
--
1.7.12.1

82
0017-Use-PORT_ArenaStrdup-where-appropriate.patch
View File

@ -1,82 +0,0 @@
From 8ffe6943f04d42314f81eb8b5e3350d4ccc41895 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:26:23 -0400
Subject: [PATCH 17/42] Use PORT_ArenaStrdup() where appropriate.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 15 ++++++---------
src/pesign.c | 12 ++++++------
2 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 07aaf6c..73fd924 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -205,9 +205,8 @@ malformed:
"unlocking token \"%s\"", tn->value);
/* authenticating with nss frees this ... best API ever. */
- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)tn->value));
- strcpy(ctx->cms->tokenname, (char *)tn->value);
+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)tn->value);
if (!ctx->cms->tokenname)
goto oom;
@@ -397,9 +396,8 @@ malformed:
n -= tn->size;
/* authenticating with nss frees these ... best API ever. */
- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)tn->value));
- strcpy(ctx->cms->tokenname, (char *)tn->value);
+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)tn->value);
if (!ctx->cms->tokenname)
goto oom;
@@ -410,9 +408,8 @@ malformed:
if (n < cn->size)
goto malformed;
- ctx->cms->certname = PORT_ArenaZAlloc(ctx->cms->arena,
- strlen((char *)cn->value));
- strcpy(ctx->cms->certname, (char *)cn->value);
+ ctx->cms->certname = PORT_ArenaStrdup(ctx->cms->arena,
+ (char *)cn->value);
if (!ctx->cms->certname)
goto oom;
diff --git a/src/pesign.c b/src/pesign.c
index c7b23cf..819cee0 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -551,17 +551,17 @@ main(int argc, char *argv[])
exit(!is_help);
}
- ctx.cms_ctx->tokenname = tokenname ?
- PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL;
- if (tokenname && !ctx.cms_ctx->tokenname) {
+ ctxp->cms_ctx->tokenname = tokenname ?
+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, tokenname) : NULL;
+ if (tokenname && !ctxp->cms_ctx->tokenname) {
fprintf(stderr, "could not allocate token name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
- ctx.cms_ctx->certname = certname ?
- PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL;
- if (certname && !ctx.cms_ctx->certname) {
+ ctxp->cms_ctx->certname = certname ?
+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL;
+ if (certname && !ctxp->cms_ctx->certname) {
fprintf(stderr, "could not allocate certificate name: %s\n",
PORT_ErrorToString(PORT_GetError()));
exit(1);
--
1.7.12.1

58
0018-Minor-whitespace-fixes.patch
View File

@ -1,58 +0,0 @@
From c196b462ad5267e8ed20c0b855b9921268b22a7b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:26:47 -0400
Subject: [PATCH 18/42] Minor whitespace fixes.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 6 +++---
src/pesign.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 73fd924..69aea4b 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -70,7 +70,7 @@ hide_stolen_goods_from_cms(cms_context *new, cms_context *old)
static void
send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
-{
+{
struct msghdr msg;
struct iovec iov;
ssize_t n;
@@ -890,7 +890,7 @@ int
daemonize(cms_context *cms_ctx, int do_fork)
{
int rc = 0;
- context ctx = {
+ context ctx = {
.backup_cms = cms_ctx,
.priority = do_fork ? LOG_PID
: LOG_PID|LOG_PERROR,
@@ -904,7 +904,7 @@ daemonize(cms_context *cms_ctx, int do_fork)
fprintf(stderr, "pesignd must be started as root");
exit(1);
}
-
+
check_socket(&ctx);
openlog("pesignd", LOG_PID, LOG_DAEMON);
diff --git a/src/pesign.c b/src/pesign.c
index 819cee0..2ba5ef1 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -88,7 +88,7 @@ open_input(pesign_context *ctx)
struct stat statbuf;
ctx->infd = open(ctx->infile, O_RDONLY|O_CLOEXEC);
- stat(ctx->infile, &statbuf);
+ stat(ctx->infile, &statbuf);
ctx->outmode = statbuf.st_mode;
if (ctx->infd < 0) {
--
1.7.12.1

38
0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch
View File

@ -1,38 +0,0 @@
From 7a8c50f620c7484af9d750f484df8a6837e6b2a5 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:27:03 -0400
Subject: [PATCH 19/42] [daemon] Make sure inpe is initialized before all
error handling.
find_certificate() and set_up_inpe() errors wind up being at the same
place, which means when find_certificate is called, inpe already must be
NULL.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index 69aea4b..534fb23 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -362,6 +362,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size,
struct iovec iov;
ssize_t n;
char *buffer = malloc(size);
+ Pe *inpe = NULL;
if (!buffer) {
oom:
@@ -433,7 +434,6 @@ malformed:
goto finish;
}
- Pe *inpe = NULL;
rc = set_up_inpe(ctx, infd, &inpe);
if (rc < 0)
goto finish;
--
1.7.12.1

360
0020-Allocate-pesign_context-rather-than-having-it-on-the.patch
View File

@ -1,360 +0,0 @@
From 66d3353e6d24c9e69ce71735c5aa4741717a6d68 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:31:15 -0400
Subject: [PATCH 20/42] Allocate pesign_context rather than having it on the
stack.
This way it won't try to re-initialize cms_context when it's cleaned up.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 152 ++++++++++++++++++++++++++++++-----------------------------
1 file changed, 77 insertions(+), 75 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index 2ba5ef1..e22e814 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -426,7 +426,7 @@ main(int argc, char *argv[])
{
int rc;
- pesign_context ctx, *ctxp = &ctx;
+ pesign_context *ctxp;
int list = 0;
int remove = 0;
@@ -437,40 +437,47 @@ main(int argc, char *argv[])
char *tokenname = "NSS Certificate DB";
char *certname = NULL;
+ rc = pesign_context_new(&ctxp);
+ if (rc < 0) {
+ fprintf(stderr, "Could not initialize context: %m\n");
+ exit(1);
+ }
+
poptContext optCon;
struct poptOption options[] = {
{NULL, '\0', POPT_ARG_INTL_DOMAIN, "pesign" },
- {"in", 'i', POPT_ARG_STRING, &ctx.infile, 0,
+ {"in", 'i', POPT_ARG_STRING, &ctxp->infile, 0,
"specify input file", "<infile>"},
- {"out", 'o', POPT_ARG_STRING, &ctx.outfile, 0,
+ {"out", 'o', POPT_ARG_STRING, &ctxp->outfile, 0,
"specify output file", "<outfile>" },
{"certficate", 'c', POPT_ARG_STRING, &certname, 0,
"specify certificate nickname",
"<certificate nickname>" },
- {"privkey", 'p', POPT_ARG_STRING, &ctx.privkeyfile, 0,
+ {"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0,
"specify private key file", "<privkey>" },
- {"force", 'f', POPT_ARG_VAL, &ctx.force, 1,
+ {"force", 'f', POPT_ARG_VAL, &ctxp->force, 1,
"force overwriting of output file", NULL },
- {"sign", 's', POPT_ARG_VAL, &ctx.sign, 1,
+ {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1,
"create a new signature", NULL },
- {"hash", 'h', POPT_ARG_VAL, &ctx.hash, 1, "hash binary", NULL },
+ {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL },
{"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT,
&digest_name, 0, "digest type to use for pe hash" },
{"import-signed-certificate", 'm',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.insig, 0,"import signature from file", "<insig>" },
+ &ctxp->insig, 0,"import signature from file", "<insig>" },
{"export-signed-attributes", 'E',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.outsattrs, 0, "export signed attributes to file",
+ &ctxp->outsattrs, 0, "export signed attributes to file",
"<signed_attributes_file>" },
{"import-signed-attributes", 'I',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.insattrs, 0, "import signed attributes from file",
+ &ctxp->insattrs, 0,
+ "import signed attributes from file",
"<signed_attributes_file>" },
{"import-raw-signature", 'R',
- POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctx.rawsig,
+ POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctxp->rawsig,
0, "import raw signature from file", "<inraw>" },
- {"signature-number", 'u', POPT_ARG_INT, &ctx.signum, -1,
+ {"signature-number", 'u', POPT_ARG_INT, &ctxp->signum, -1,
"specify which signature to operate on","<sig-number>"},
{"list-signatures", 'l',
POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN,
@@ -483,13 +490,14 @@ main(int argc, char *argv[])
"remove signature" },
{"export-signature", 'e',
POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN,
- &ctx.outsig, 0,"export signature to file", "<outsig>" },
+ &ctxp->outsig, 0,
+ "export signature to file", "<outsig>" },
{"export-pubkey", 'K', POPT_ARG_STRING,
- &ctx.outkey, 0, "export pubkey to file", "<outkey>" },
+ &ctxp->outkey, 0, "export pubkey to file", "<outkey>" },
{"export-cert", 'C', POPT_ARG_STRING,
- &ctx.outcert, 0, "export signing cert to file",
+ &ctxp->outcert, 0, "export signing cert to file",
"<outcert>" },
- {"ascii-armor", 'a', POPT_ARG_VAL, &ctx.ascii, 1,
+ {"ascii-armor", 'a', POPT_ARG_VAL, &ctxp->ascii, 1,
"use ascii armoring", NULL },
{"daemonize", 'D', POPT_ARG_VAL, &daemon, 1,
"run as a daemon process", NULL },
@@ -509,12 +517,6 @@ main(int argc, char *argv[])
}
}
- rc = pesign_context_init(ctxp);
- if (rc < 0) {
- fprintf(stderr, "Could not initialize context: %m\n");
- exit(1);
- }
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -571,25 +573,25 @@ main(int argc, char *argv[])
if (daemon)
action |= DAEMONIZE;
- if (ctx.rawsig)
+ if (ctxp->rawsig)
action |= IMPORT_RAW_SIGNATURE;
- if (ctx.insattrs)
+ if (ctxp->insattrs)
action |= IMPORT_SATTRS;
- if (ctx.outsattrs)
+ if (ctxp->outsattrs)
action |= EXPORT_SATTRS;
-
- if (ctx.insig)
+
+ if (ctxp->insig)
action |= IMPORT_SIGNATURE;
- if (ctx.outkey)
+ if (ctxp->outkey)
action |= EXPORT_PUBKEY;
- if (ctx.outcert)
+ if (ctxp->outcert)
action |= EXPORT_CERT;
- if (ctx.outsig)
+ if (ctxp->outsig)
action |= EXPORT_SIGNATURE;
if (remove != 0)
@@ -598,13 +600,13 @@ main(int argc, char *argv[])
if (list != 0)
action |= LIST_SIGNATURES;
- if (ctx.sign) {
+ if (ctxp->sign) {
action |= GENERATE_SIGNATURE;
if (!(action & EXPORT_SIGNATURE))
action |= IMPORT_SIGNATURE;
}
- if (ctx.hash)
+ if (ctxp->hash)
action |= GENERATE_DIGEST|PRINT_DIGEST;
ssize_t sigspace = 0;
@@ -620,11 +622,11 @@ main(int argc, char *argv[])
*/
case IMPORT_RAW_SIGNATURE|IMPORT_SATTRS:
check_inputs(ctxp);
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_rawsig_input(ctxp);
@@ -636,19 +638,19 @@ main(int argc, char *argv[])
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- sigspace = calculate_signature_space(ctx.cms_ctx,
- ctx.outpe);
- allocate_signature_space(ctx.outpe, sigspace);
- generate_signature(ctx.cms_ctx);
- insert_signature(ctx.cms_ctx, ctx.signum);
- finalize_signatures(ctx.cms_ctx, ctx.outpe);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ sigspace = calculate_signature_space(ctxp->cms_ctx,
+ ctxp->outpe);
+ allocate_signature_space(ctxp->outpe, sigspace);
+ generate_signature(ctxp->cms_ctx);
+ insert_signature(ctxp->cms_ctx, ctxp->signum);
+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe);
close_output(ctxp);
break;
case EXPORT_SATTRS:
open_input(ctxp);
open_sattr_output(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
generate_sattr_blob(ctxp);
close_sattr_output(ctxp);
close_input(ctxp);
@@ -666,22 +668,22 @@ main(int argc, char *argv[])
close_output(ctxp);
break;
case EXPORT_PUBKEY:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_pubkey_output(ctxp);
export_pubkey(ctxp);
break;
case EXPORT_CERT:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_cert_output(ctxp);
@@ -691,21 +693,21 @@ main(int argc, char *argv[])
case EXPORT_SIGNATURE:
open_input(ctxp);
open_sig_output(ctxp);
- if (ctx.signum > ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "Invalid signature number.\n");
exit(1);
}
- if (ctx.signum < 0)
- ctx.signum = 0;
- if (ctx.signum >= ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum < 0)
+ ctxp->signum = 0;
+ if (ctxp->signum >= ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "No valid signature #%d.\n",
- ctx.signum);
+ ctxp->signum);
exit(1);
}
- memcpy(&ctx.cms_ctx->newsig,
- ctx.cms_ctx->signatures[ctx.signum],
- sizeof (ctx.cms_ctx->newsig));
- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii);
+ memcpy(&ctxp->cms_ctx->newsig,
+ ctxp->cms_ctx->signatures[ctxp->signum],
+ sizeof (ctxp->cms_ctx->newsig));
+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii);
close_input(ctxp);
close_sig_output(ctxp);
break;
@@ -715,11 +717,11 @@ main(int argc, char *argv[])
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- if (ctx.signum > ctx.cms_ctx->num_signatures) {
+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) {
fprintf(stderr, "Invalid signature number.\n");
exit(1);
}
- remove_signature(&ctx);
+ remove_signature(ctxp);
close_output(ctxp);
break;
/* list signatures in the binary */
@@ -729,49 +731,49 @@ main(int argc, char *argv[])
break;
case GENERATE_DIGEST|PRINT_DIGEST:
open_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
print_digest(ctxp);
break;
/* generate a signature and save it in a separate file */
case EXPORT_SIGNATURE|GENERATE_SIGNATURE:
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_input(ctxp);
open_sig_output(ctxp);
- generate_digest(ctx.cms_ctx, ctx.inpe);
- generate_signature(ctx.cms_ctx);
- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii);
+ generate_digest(ctxp->cms_ctx, ctxp->inpe);
+ generate_signature(ctxp->cms_ctx);
+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii);
break;
/* generate a signature and embed it in the binary */
case IMPORT_SIGNATURE|GENERATE_SIGNATURE:
check_inputs(ctxp);
- rc = find_certificate(ctx.cms_ctx);
+ rc = find_certificate(ctxp->cms_ctx);
if (rc < 0) {
fprintf(stderr, "pesign: Could not find "
"certificate %s\n",
- ctx.cms_ctx->certname);
+ ctxp->cms_ctx->certname);
exit(1);
}
open_input(ctxp);
open_output(ctxp);
close_input(ctxp);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- sigspace = calculate_signature_space(ctx.cms_ctx,
- ctx.outpe);
- allocate_signature_space(ctx.outpe, sigspace);
- generate_digest(ctx.cms_ctx, ctx.outpe);
- generate_signature(ctx.cms_ctx);
- insert_signature(ctx.cms_ctx, ctx.signum);
- finalize_signatures(ctx.cms_ctx, ctx.outpe);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ sigspace = calculate_signature_space(ctxp->cms_ctx,
+ ctxp->outpe);
+ allocate_signature_space(ctxp->outpe, sigspace);
+ generate_digest(ctxp->cms_ctx, ctxp->outpe);
+ generate_signature(ctxp->cms_ctx);
+ insert_signature(ctxp->cms_ctx, ctxp->signum);
+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe);
close_output(ctxp);
break;
case DAEMONIZE:
- rc = daemonize(ctx.cms_ctx, fork);
+ rc = daemonize(ctxp->cms_ctx, fork);
break;
default:
fprintf(stderr, "Incompatible flags (0x%08x): ", action);
@@ -782,7 +784,7 @@ main(int argc, char *argv[])
fprintf(stderr, "\n");
exit(1);
}
- pesign_context_fini(&ctx);
+ pesign_context_free(ctxp);
NSS_Shutdown();
return (rc < 0);
--
1.7.12.1

67
0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch
View File

@ -1,67 +0,0 @@
From 444a514e1a7c9a27953f914cf416d559ef5be083 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:32:57 -0400
Subject: [PATCH 21/42] [pesign] initialize nss only if we're not a daemon.
If it's a deamon, NSS_Init, register_oids, and setup_digests will be
done in the daemon code, not in the normal tool code.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 33 +++++++++++++++++++++++----------
1 file changed, 23 insertions(+), 10 deletions(-)
diff --git a/src/pesign.c b/src/pesign.c
index e22e814..aa09bf5 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -508,15 +508,6 @@ main(int argc, char *argv[])
POPT_TABLEEND
};
- if (!daemon) {
- SECStatus status = NSS_Init("/etc/pki/pesign");
- if (status != SECSuccess) {
- fprintf(stderr, "Could not initialize nss: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- exit(1);
- }
- }
-
optCon = poptGetContext("pesign", argc, (const char **)argv, options,0);
rc = poptReadDefaultConfig(optCon, 0);
@@ -543,7 +534,29 @@ main(int argc, char *argv[])
poptFreeContext(optCon);
- rc = set_digest_parameters(ctx.cms_ctx, digest_name);
+ if (!daemon) {
+ SECStatus status = NSS_Init("/etc/pki/pesign");
+ if (status != SECSuccess) {
+ fprintf(stderr, "Could not initialize nss: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+
+ status = register_oids(ctxp->cms_ctx);
+ if (status != SECSuccess) {
+ fprintf(stderr, "Could not register OIDs\n");
+ exit(1);
+ }
+
+ rc = setup_digests(ctxp->cms_ctx);
+ if (rc < 0) {
+ fprintf(stderr, "Could not initialize digests: %s\n",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+ }
+
+ rc = set_digest_parameters(ctxp->cms_ctx, digest_name);
int is_help = strcmp(digest_name, "help") ? 0 : 1;
if (rc < 0) {
if (!is_help) {
--
1.7.12.1

28
0022-Handle-errors-on-pesign_context_init.patch
View File

@ -1,28 +0,0 @@
From a1ce809e199c7fbbd6f5c0e75f27a4234fcbd2bc Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 15:34:00 -0400
Subject: [PATCH 22/42] Handle errors on pesign_context_init()
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign_context.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/pesign_context.c b/src/pesign_context.c
index c6afda6..cbd929f 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -37,7 +37,9 @@ pesign_context_new(pesign_context **ctx)
if (!context)
return -1;
- pesign_context_init(context);
+ rc = pesign_context_init(context);
+ if (rc < 0)
+ return rc;
context->flags |= PESIGN_C_ALLOCATED;
*ctx = context;
--
1.7.12.1

119
0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch
View File

@ -1,119 +0,0 @@
From 4ed91a1bb65769401c0fd6c1c5b2a3c64c0c1266 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 16:35:43 -0400
Subject: [PATCH 23/42] Add sanity checking to make sure we don't emit
uninitialized hashes.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 15 ++++++++++++++-
src/content_info.c | 11 +++++++++++
src/signer_info.c | 5 +++++
src/util.h | 13 +++++++++++++
4 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index a1ed460..ab5a066 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -532,6 +532,10 @@ generate_empty_sequence(cms_context *cms, SECItem *encoded)
int
generate_octet_string(cms_context *cms, SECItem *encoded, SECItem *original)
{
+ if (content_is_empty(original->data, original->len)) {
+ cms->log(cms, LOG_ERR, "content is empty, not encoding");
+ return -1;
+ }
if (SEC_ASN1EncodeItem(cms->arena, encoded, original,
SEC_OctetStringTemplate) == NULL)
return -1;
@@ -942,7 +946,16 @@ generate_signature(cms_context *cms)
{
int rc = 0;
- assert(cms->digests[cms->selected_digest].pe_digest != NULL);
+ if (cms->digests[cms->selected_digest].pe_digest == NULL) {
+ cms->log(cms, LOG_ERR, "pe digest has not been allocated");
+ return -1;
+ }
+
+ if (content_is_empty(cms->digests[cms->selected_digest].pe_digest->data,
+ cms->digests[cms->selected_digest].pe_digest->len)) {
+ cms->log(cms, LOG_ERR, "pe binary has not been digested");
+ return -1;
+ }
SECItem sd_der;
memset(&sd_der, '\0', sizeof(sd_der));
diff --git a/src/content_info.c b/src/content_info.c
index 044e85e..7246d20 100644
--- a/src/content_info.c
+++ b/src/content_info.c
@@ -197,6 +197,11 @@ generate_spc_digest_info(cms_context *cms, SECItem *dip)
int i = cms->selected_digest;
memcpy(&di.digest, cms->digests[i].pe_digest, sizeof (di.digest));
+ if (content_is_empty(di.digest.data, di.digest.len)) {
+ cms->log(cms, LOG_ERR, "got empty digest");
+ return -1;
+ }
+
if (SEC_ASN1EncodeItem(cms->arena, dip, &di,
DigestInfoTemplate) == NULL) {
cms->log(cms, LOG_ERR, "could not encode DigestInfo: %s",
@@ -327,6 +332,12 @@ generate_cinfo_digest(cms_context *cms, SpcContentInfo *cip)
&cms->ci_digest->len,
digest_get_digest_size(cms)) != SECSuccess)
goto err;
+
+ if (content_is_empty(cms->ci_digest->data, cms->ci_digest->len)) {
+ cms->log(cms, LOG_ERR, "generated empty digest");
+ goto err;
+ }
+
if (cms->ci_digest->len > digest_get_digest_size(cms))
goto err;
diff --git a/src/signer_info.c b/src/signer_info.c
index 7a73c26..932b896 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -207,6 +207,11 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
if (!sign_content)
return -1;
+ if (content_is_empty(sign_content->data, sign_content->len)) {
+ cms->log(cms, LOG_ERR, "not signing empty digest");
+ return -1;
+ }
+
SECOidData *oid = SECOID_FindOIDByTag(digest_get_signature_oid(cms));
if (!oid)
goto err;
diff --git a/src/util.h b/src/util.h
index f495a0b..5e0ea34 100644
--- a/src/util.h
+++ b/src/util.h
@@ -110,6 +110,19 @@ free_poison(void *addrv, ssize_t len)
addr[x] = poison_pills[x % 2];
}
+static int
+__attribute__ ((unused))
+content_is_empty(uint8_t *data, ssize_t len)
+{
+ if (len < 1)
+ return 1;
+
+ for (int i = 0; i < len; i++)
+ if (data[i] != 0)
+ return 0;
+ return 1;
+}
+
#if defined(DAEMON_H)
static inline uint32_t
__attribute__ ((unused))
--
1.7.12.1

47
0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch
View File

@ -1,47 +0,0 @@
From d8ead122f34375a496d280bcc803f730542ca78d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:47:49 -0400
Subject: [PATCH 24/42] Make sure we free the token/cert we get from the
command line.
This probably needs some further examination, but valgrind likes what's
here currently.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/pesign.c b/src/pesign.c
index aa09bf5..be6494e 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -435,6 +435,7 @@ main(int argc, char *argv[])
char *digest_name = "sha256";
char *tokenname = "NSS Certificate DB";
+ char *origtoken = tokenname;
char *certname = NULL;
rc = pesign_context_new(&ctxp);
@@ -573,6 +574,8 @@ main(int argc, char *argv[])
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
+ if (tokenname != origtoken)
+ free(tokenname);
ctxp->cms_ctx->certname = certname ?
PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL;
@@ -581,6 +584,8 @@ main(int argc, char *argv[])
PORT_ErrorToString(PORT_GetError()));
exit(1);
}
+ if (certname)
+ free(certname);
int action = 0;
if (daemon)
--
1.7.12.1

36
0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch
View File

@ -1,36 +0,0 @@
From 2030d382b49a1b957de829a67f74d9cc127c55ee Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:48:44 -0400
Subject: [PATCH 25/42] [pesign] Only shut down nss in pesign.c if we're not
the daemon.
The daemon does its own init and shutdown.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/pesign.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/pesign.c b/src/pesign.c
index be6494e..6c10b6d 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -804,6 +804,14 @@ main(int argc, char *argv[])
}
pesign_context_free(ctxp);
- NSS_Shutdown();
+ if (!daemon) {
+ SECStatus status = NSS_Shutdown();
+ if (status != SECSuccess) {
+ fprintf(stderr, "could not shut down NSS: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ exit(1);
+ }
+ }
+
return (rc < 0);
}
--
1.7.12.1

233
0026-Rework-setup_digests-and-teardown_digests.patch
View File

@ -1,233 +0,0 @@
From 4efe979d6b781e064fe1afa946753ead9e3bbb9d Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:49:17 -0400
Subject: [PATCH 26/42] Rework setup_digests() and teardown_digests()
This fixes the problem I was seeing with empty content_info digests, and
makes the code a /little/ bit cleaner in some ways.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 92 +++++++++++++++++++++++++++++++++-----------------------
src/cms_common.h | 1 -
src/daemon.c | 28 +----------------
src/pesign.c | 7 -----
4 files changed, 55 insertions(+), 73 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index ab5a066..6b3f5ec 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -96,43 +96,6 @@ digest_get_digest_size(cms_context *cms)
return digest_params[i].size;
}
-
-int
-setup_digests(cms_context *cms)
-{
- struct digest *digests = NULL;
-
- digests = calloc(n_digest_params, sizeof (*digests));
- if (!digests) {
- cms->log(cms, LOG_ERR, "cannot allocate memory: %m");
- return -1;
- }
-
- for (int i = 0; i < n_digest_params; i++) {
- digests[i].pk11ctx = PK11_CreateDigestContext(
- digest_params[i].digest_tag);
- if (!digests[i].pk11ctx) {
- cms->log(cms, LOG_ERR, "could not create digest "
- "context: %s",
- PORT_ErrorToString(PORT_GetError()));
- goto err;
- }
-
- PK11_DigestBegin(digests[i].pk11ctx);
- }
-
- cms->digests = digests;
- return 0;
-err:
- for (int i = 0; i < n_digest_params; i++) {
- if (digests[i].pk11ctx)
- PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE);
- }
-
- free(digests);
- return -1;
-}
-
void
teardown_digests(cms_context *ctx)
{
@@ -733,6 +696,46 @@ check_pointer_and_size(Pe *pe, void *ptr, size_t size)
return 1;
}
+int
+generate_digest_begin(cms_context *cms)
+{
+ struct digest *digests = NULL;
+
+ if (cms->digests) {
+ digests = cms->digests;
+ } else {
+ digests = calloc(n_digest_params, sizeof (*digests));
+ if (!digests) {
+ cms->log(cms, LOG_ERR, "cannot allocate memory: %m");
+ return -1;
+ }
+ }
+
+ for (int i = 0; i < n_digest_params; i++) {
+ digests[i].pk11ctx = PK11_CreateDigestContext(
+ digest_params[i].digest_tag);
+ if (!digests[i].pk11ctx) {
+ cms->log(cms, LOG_ERR, "could not create digest "
+ "context: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ goto err;
+ }
+
+ PK11_DigestBegin(digests[i].pk11ctx);
+ }
+
+ cms->digests = digests;
+ return 0;
+err:
+ for (int i = 0; i < n_digest_params; i++) {
+ if (digests[i].pk11ctx)
+ PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE);
+ }
+
+ free(digests);
+ return -1;
+}
+
void
generate_digest_step(cms_context *cms, void *data, size_t len)
{
@@ -762,6 +765,12 @@ generate_digest_finish(cms_context *cms)
PK11_DigestFinal(cms->digests[i].pk11ctx,
digest->data, &digest->len, digest_params[i].size);
+ PK11_Finalize(cms->digests[i].pk11ctx);
+ PK11_DestroyContext(cms->digests[i].pk11ctx, PR_TRUE);
+ cms->digests[i].pk11ctx = NULL;
+ if (cms->digests[i].pe_digest)
+ free_poison(cms->digests[i].pe_digest->data,
+ cms->digests[i].pe_digest->len);
cms->digests[i].pe_digest = digest;
}
@@ -791,7 +800,14 @@ generate_digest(cms_context *cms, Pe *pe)
if (!pe) {
cms->log(cms, LOG_ERR, "no output pe ready");
- exit(1);
+ return -1;
+ }
+
+ rc = generate_digest_begin(cms);
+ if (rc < 0) {
+ cms->log(cms, LOG_ERR, "could not initialize digests: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ return rc;
}
struct pe_hdr pehdr;
diff --git a/src/cms_common.h b/src/cms_common.h
index 830427e..5cbda62 100644
--- a/src/cms_common.h
+++ b/src/cms_common.h
@@ -86,7 +86,6 @@ extern int cms_context_alloc(cms_context **ctxp);
extern int cms_context_init(cms_context *ctx);
extern void cms_context_fini(cms_context *ctx);
-extern int setup_digests(cms_context *cms);
extern void teardown_digests(cms_context *ctx);
extern int generate_octet_string(cms_context *ctx, SECItem *encoded,
diff --git a/src/daemon.c b/src/daemon.c
index 534fb23..df20763 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -142,15 +142,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
return;
}
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
if (!buffer) {
@@ -491,6 +482,7 @@ finish:
close(outfd);
send_response(ctx, ctx->cms, pollfd, rc);
+ teardown_digests(ctx->cms);
}
static void
@@ -500,15 +492,6 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 1);
@@ -524,15 +507,6 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size)
if (rc < 0)
return;
- rc = setup_digests(ctx->cms);
- if (rc < 0) {
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- send_response(ctx, ctx->backup_cms, pollfd, rc);
- return;
- }
-
steal_from_cms(ctx->backup_cms, ctx->cms);
handle_signing(ctx, pollfd, size, 0);
diff --git a/src/pesign.c b/src/pesign.c
index 6c10b6d..2c98600 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -548,13 +548,6 @@ main(int argc, char *argv[])
fprintf(stderr, "Could not register OIDs\n");
exit(1);
}
-
- rc = setup_digests(ctxp->cms_ctx);
- if (rc < 0) {
- fprintf(stderr, "Could not initialize digests: %s\n",
- PORT_ErrorToString(PORT_GetError()));
- exit(1);
- }
}
rc = set_digest_parameters(ctxp->cms_ctx, digest_name);
--
1.7.12.1

25
0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch
View File

@ -1,25 +0,0 @@
From 15cd554d35c5ea8d31671b346dffd84e27e7c6ec Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 17:52:57 -0400
Subject: [PATCH 27/42] We shouldn't need
Environment=NSS_STRICT_NOFORK=DISABLED any more.
Since NSS_Init is called from the daemon now, we should get past its
checking.
---
src/pesign.service | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/pesign.service b/src/pesign.service
index 4f6d63f..75a73c3 100644
--- a/src/pesign.service
+++ b/src/pesign.service
@@ -5,5 +5,4 @@ Description=Pesign signing daemon
PrivateTmp=true
Type=forking
PIDFile=/var/run/pesign.pid
-Environment=NSS_STRICT_NOFORK=DISABLED
ExecStart=/usr/bin/pesign --daemonize
--
1.7.12.1

174
0028-Fix-errors-found-by-coverity.patch
View File

@ -1,174 +0,0 @@
From 1b94dd90f5a1c65df16ffe3b0619ce5dc0ca1f06 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 19:59:49 -0400
Subject: [PATCH 28/42] Fix errors found by coverity.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/actions.c | 4 ++--
src/cms_common.c | 17 ++++++++++-------
src/daemon.c | 16 +++++++++++++++-
src/password.c | 1 +
src/pesign_context.c | 4 +++-
src/wincert.c | 2 +-
6 files changed, 32 insertions(+), 12 deletions(-)
diff --git a/src/actions.c b/src/actions.c
index 76a311c..9cf4f45 100644
--- a/src/actions.c
+++ b/src/actions.c
@@ -70,7 +70,7 @@ insert_signature(cms_context *cms, int signum)
if (signum != cms->num_signatures) {
memmove(cms->signatures[signum+1],
cms->signatures[signum],
- sizeof(SECItem *) * (cms->num_signatures - signum));
+ sizeof(SECItem) * (cms->num_signatures - signum));
}
cms->signatures[signum] = sig;
cms->num_signatures++;
@@ -430,7 +430,7 @@ remove_signature(pesign_context *p_ctx)
if (p_ctx->signum != ctx->num_signatures - 1)
memmove(ctx->signatures[p_ctx->signum],
ctx->signatures[p_ctx->signum+1],
- sizeof(SECItem *) *
+ sizeof(SECItem) *
(ctx->num_signatures - p_ctx->signum));
ctx->num_signatures--;
diff --git a/src/cms_common.c b/src/cms_common.c
index 6b3f5ec..898ddfb 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -598,16 +598,19 @@ generate_spc_string(cms_context *cms, SECItem *ssp, char *str, int len)
memset(&ss, '\0', sizeof (ss));
SECITEM_AllocItem(cms->arena, &ss.unicode, len);
- if (!ss.unicode.data && len != 0) {
- cms->log(cms, LOG_ERR, "could not allocate memory: %s",
- PORT_ErrorToString(PORT_GetError()));
- return -1;
+ if (len != 0) {
+ if (!ss.unicode.data) {
+ cms->log(cms, LOG_ERR, "could not allocate memory: %s",
+ PORT_ErrorToString(PORT_GetError()));
+ return -1;
+ }
+
+ memcpy(ss.unicode.data, str, len);
}
-
- memcpy(ss.unicode.data, str, len);
ss.unicode.type = siBMPString;
- if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate) == NULL) {
+ if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate)
+ == NULL) {
cms->log(cms, LOG_ERR, "could not encode SpcString: %s",
PORT_ErrorToString(PORT_GetError()));
return -1;
diff --git a/src/daemon.c b/src/daemon.c
index df20763..7ad036c 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -134,7 +134,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
struct msghdr msg;
struct iovec iov;
ssize_t n;
- char *buffer = malloc(size);
int rc = cms_context_alloc(&ctx->cms);
if (rc < 0) {
@@ -144,6 +143,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size)
steal_from_cms(ctx->backup_cms, ctx->cms);
+ char *buffer = malloc(size);
if (!buffer) {
oom:
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
@@ -792,6 +792,7 @@ check_socket(context *ctx)
rc = connect(sd, (struct sockaddr *)&addr_un, len);
if (rc < 0) {
+ close(sd);
unlink(SOCKPATH);
return;
}
@@ -800,6 +801,7 @@ check_socket(context *ctx)
socklen_t size = sizeof(remote);
rc = getpeername(sd, &remote, &size);
if (rc < 0) {
+ close(sd);
return;
} else {
fprintf(stderr, "already running");
@@ -913,6 +915,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (do_fork) {
int fd = open("/dev/zero", O_RDONLY);
+ if (fd < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "could not open /dev/zero: %m");
+ exit(1);
+ }
close(STDIN_FILENO);
rc = dup2(fd, STDIN_FILENO);
if (rc < 0) {
@@ -924,6 +932,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
close(fd);
fd = open("/dev/null", O_WRONLY);
+ if (fd < 0) {
+ ctx.backup_cms->log(ctx.backup_cms,
+ ctx.priority|LOG_ERR,
+ "could not open /dev/null: %m");
+ exit(1);
+ }
close(STDOUT_FILENO);
rc = dup2(fd, STDOUT_FILENO);
if (rc < 0) {
diff --git a/src/password.c b/src/password.c
index 5ee15f8..100c584 100644
--- a/src/password.c
+++ b/src/password.c
@@ -114,6 +114,7 @@ SECU_GetPasswordString(void *arg, char *prompt)
output = fopen(consoleName, "w");
if (output == NULL) {
+ fclose(input);
fprintf(stderr, "Error opening output terminal for write\n");
return NULL;
}
diff --git a/src/pesign_context.c b/src/pesign_context.c
index cbd929f..033e8de 100644
--- a/src/pesign_context.c
+++ b/src/pesign_context.c
@@ -38,8 +38,10 @@ pesign_context_new(pesign_context **ctx)
return -1;
rc = pesign_context_init(context);
- if (rc < 0)
+ if (rc < 0) {
+ free(context);
return rc;
+ }
context->flags |= PESIGN_C_ALLOCATED;
*ctx = context;
diff --git a/src/wincert.c b/src/wincert.c
index b487dc5..4b5ba45 100644
--- a/src/wincert.c
+++ b/src/wincert.c
@@ -257,7 +257,7 @@ parse_signatures(cms_context *cms, Pe *pe)
if (rc <= 0)
break;
- signatures[i] = calloc(1, sizeof (SECItem *));
+ signatures[i] = calloc(1, sizeof (SECItem));
if (!signatures[i])
goto err;
--
1.7.12.1

41
0029-Don-t-keep-the-DEPS-list-twice.patch
View File

@ -1,41 +0,0 @@
From 95c0fe1d512fcdf3b397359fb0f54dc44e5947c2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 09:12:25 -0400
Subject: [PATCH 29/42] Don't keep the DEPS list twice.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/Makefile | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/Makefile b/src/Makefile
index cd06158..cb74c12 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -39,14 +39,20 @@ client_OBJECTS = $(foreach source,$(client_SOURCES),$(patsubst %.c,%,$(source)).
client_DEPS = $(foreach source,$(client_SOURCES),.$(patsubst %.c,%,$(source)).P)
client : $(client_OBJECTS) $(STATIC_LIBS)
-deps : $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
+fuzzsocket_SOURCES = fuzzsocket.c
+fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o)
+fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P)
+fuzzsocket : $(fuzzsocket_OBJECTS)
+
+DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
$(peverify_DEPS)
+deps : $(DEPS)
+
depclean :
@rm -fv .*.P
--include $(generic_DEPS) $(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
- $(peverify_DEPS)
+-include $(DEPS)
clean : depclean
@rm -rfv *.o *.a *.so $(TARGETS)
--
1.7.12.1

26
0030-Don-t-build-util-right-now.patch
View File

@ -1,26 +0,0 @@
From 44aad110fd3f0a12e1817d95047f882c4d8b0fce Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 11:36:10 -0400
Subject: [PATCH 30/42] Don't build util/ right now.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 531c865..5e9bd31 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ TOPDIR = $(shell echo $$PWD)
include $(TOPDIR)/Make.defaults
-SUBDIRS := include libdpe src util
+SUBDIRS := include libdpe src
DOCDIR := /share/doc/
VERSION = 0.99
--
1.7.12.1

163
0031-Make-install_systemd-and-install_sysvinit-separate-t.patch
View File

@ -1,163 +0,0 @@
From 4c13f6d393db0aa5ff5b327cb5e842ee21522236 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 13:09:58 -0400
Subject: [PATCH 31/42] Make "install_systemd" and "install_sysvinit" separate
targets
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Makefile | 6 ++++
src/Makefile | 16 +++++++----
src/pesign.sysvinit | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 99 insertions(+), 5 deletions(-)
create mode 100644 src/pesign.sysvinit
diff --git a/Makefile b/Makefile
index 5e9bd31..12e0dbb 100644
--- a/Makefile
+++ b/Makefile
@@ -19,6 +19,12 @@ install :
$(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/
$(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/
+install_systemd:
+ @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done
+
+install_sysvinit:
+ @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done
+
.PHONY: $(SUBDIRS) clean install
include $(TOPDIR)/Make.rules
diff --git a/src/Makefile b/src/Makefile
index cb74c12..7e611c8 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -42,7 +42,7 @@ client : $(client_OBJECTS) $(STATIC_LIBS)
fuzzsocket_SOURCES = fuzzsocket.c
fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o)
fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P)
-fuzzsocket : $(fuzzsocket_OBJECTS)
+fuzzsocket : $(fuzzsocket_OBJECTS) -lrt
DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \
$(peverify_DEPS)
@@ -57,6 +57,16 @@ depclean :
clean : depclean
@rm -rfv *.o *.a *.so $(TARGETS)
+install_systemd:
+ $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/
+ $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf
+ $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/
+ $(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/
+
+install_sysvinit:
+ $(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rc.d/init.d/
+ $(INSTALL) -m 755 pesign.sysvinit $(INSTALLROOT)/etc/rc.d/init.d/pesign
+
install :
$(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/
$(INSTALL) -d -m 770 $(INSTALLROOT)/var/run/pesign/
@@ -72,10 +82,6 @@ install :
#$(INSTALL) -m 644 peverify.1 $(INSTALLROOT)/usr/share/man/man1/
$(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rpm/
$(INSTALL) -m 644 macros.pesign $(INSTALLROOT)/etc/rpm/
- $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/
- $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf
- $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/
- $(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/
.PHONY: all deps clean install
diff --git a/src/pesign.sysvinit b/src/pesign.sysvinit
new file mode 100644
index 0000000..f955e01
--- /dev/null
+++ b/src/pesign.sysvinit
@@ -0,0 +1,82 @@
+#! /bin/sh
+#
+# pesign This starts the pesign PE signing daemon
+#
+# chkconfig: - 50 50
+# processname: /usr/bin/pesign
+# pidfile: /var/run/pesign.pid
+### BEGIN INIT INFO
+# Provides: pesign
+# Default-Start:
+# Default-Stop:
+# Short-Description: The pesign PE signing daemon
+# Description: The pesign PE signing daemon
+### END INIT INFO
+
+. /etc/init.d/functions
+[ -f /usr/bin/pesign ] || exit 1
+
+RETVAL=0
+
+start(){
+ echo -n "Starting pesign: "
+ daemon /usr/bin/pesign --daemonize
+ RETVAL=$?
+ echo
+ touch /var/lock/subsys/pesign
+}
+
+stop(){
+ echo -n "Stopping pesign: "
+ killproc -p /var/run/pesign.pid pesignd
+ RETVAL=$?
+ echo
+ rm -f /var/lock/subsys/pesign
+}
+
+restart(){
+ stop
+ start
+}
+
+reload(){
+ stop
+ start
+}
+
+condrestart(){
+ [ -e /var/lock/subsys/pesign ] && restart
+}
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ status)
+ status /usr/bin/pesign
+ ;;
+ restart)
+ restart
+ ;;
+ reload)
+ reload
+ ;;
+ force-reload)
+ reload
+ ;;
+ condrestart)
+ condrestart
+ ;;
+ try-restart)
+ condrestart
+ ;;
+ *)
+ echo "Usage: pesign {start|stop|status|restart|condrestart|reload}"
+ RETVAL=1
+esac
+
+exit $RETVAL
--
1.7.12.1

75
0032-Get-rid-of-an-unnecessary-allocation.patch
View File

@ -1,75 +0,0 @@
From df1b69e304f2a7eb82e2f94e50f07099afbf4578 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 13:10:28 -0400
Subject: [PATCH 32/42] Get rid of an unnecessary allocation.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 32 ++++++++++++++------------------
1 file changed, 14 insertions(+), 18 deletions(-)
diff --git a/src/client.c b/src/client.c
index 8336749..df1c8f2 100644
--- a/src/client.c
+++ b/src/client.c
@@ -223,25 +223,17 @@ unlock_token(int sd, char *tokenname, char *pin)
{
struct msghdr msg;
struct iovec iov[2];
- pesignd_msghdr *pm;
+ pesignd_msghdr pm;
uint32_t size0 = pesignd_string_size(tokenname);
uint32_t size1 = pesignd_string_size(pin);
- pm = calloc(1, sizeof(*pm));
- if (!pm) {
-oom:
- fprintf(stderr, "pesign-client: could not allocate memory: "
- "%m\n");
- exit(1);
- }
-
- pm->version = PESIGND_VERSION;
- pm->command = CMD_UNLOCK_TOKEN;
- pm->size = size0 + size1;
- iov[0].iov_base = pm;
- iov[0].iov_len = sizeof (*pm);
+ pm.version = PESIGND_VERSION;
+ pm.command = CMD_UNLOCK_TOKEN;
+ pm.size = size0 + size1;
+ iov[0].iov_base = &pm;
+ iov[0].iov_len = sizeof (pm);
memset(&msg, '\0', sizeof(msg));
msg.msg_iov = iov;
@@ -257,8 +249,11 @@ oom:
uint8_t *buffer = NULL;
buffer = calloc(1, size0 + size1);
- if (!buffer)
- goto oom;
+ if (!buffer) {
+ fprintf(stderr, "pesign-client: could not allocate memory: "
+ "%m\n");
+ exit(1);
+ }
pesignd_string *tn = (pesignd_string *)buffer;
pesignd_string_set(tn, tokenname);
@@ -478,8 +473,9 @@ main(int argc, char *argv[])
rc = poptReadDefaultConfig(optCon, 0);
if (rc < 0) {
- fprintf(stderr, "pesign: poprReadDefaultConfig failed: %s\n",
- poptStrerror(rc));
+ fprintf(stderr,
+ "pesign-client: poptReadDefaultConfig failed: %s\n",
+ poptStrerror(rc));
exit(1);
}
--
1.7.12.1

29
0033-Allow-use-of-e-from-rpm-macro.patch
View File

@ -1,29 +0,0 @@
From 24a63eab7ddbe2be3ab6b25b04602d8e3fe5d775 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 14:28:36 -0400
Subject: [PATCH 33/42] Allow use of -e from rpm macro.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index 703edbb..7706050 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -11,9 +11,9 @@
%_pesign /usr/bin/pesign
-%pesign(i:o:C:s) \
+%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
- %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-s} \
+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
else \
if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \
mv %{-i*} %{-o*} \
--
1.7.12.1

81
0034-Make-client-use-e-like-pesign-does-rather-than-detac.patch
View File

@ -1,81 +0,0 @@
From e5c632516a2a31f3e184d0ca9d8ac5ceba1f9015 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 14:55:07 -0400
Subject: [PATCH 34/42] Make client use -e like pesign does, rather than
--detached.
This way we can use the same macros for them.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 22 ++++++++++++++++++++--
src/pesign-client.1 | 3 ++-
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/src/client.c b/src/client.c
index df1c8f2..5e5399d 100644
--- a/src/client.c
+++ b/src/client.c
@@ -434,6 +434,7 @@ main(int argc, char *argv[])
int action;
char *infile = NULL;
char *outfile = NULL;
+ char *exportfile = NULL;
int attached = 1;
int pinfd = -1;
char *pinfile = NULL;
@@ -456,8 +457,9 @@ main(int argc, char *argv[])
&infile, 0, "input filename", "<infile>" },
{"outfile", 'o', POPT_ARG_STRING,
&outfile, 0, "output filename", "<outfile>" },
- {"detached", 'd', POPT_ARG_VAL, &attached, 0,
- "create detached signature", NULL },
+ {"export", 'e', POPT_ARG_STRING,
+ &exportfile, 0, "create detached signature",
+ "<outfile>" },
{"pinfd", 'f', POPT_ARG_INT, &pinfd, -1,
"read file descriptor for pin information",
"<file descriptor>" },
@@ -494,6 +496,22 @@ main(int argc, char *argv[])
exit(1);
}
+ if (!outfile && !exportfile) {
+ fprintf(stderr, "pesign-client: neither --outfile nor --export "
+ "specified\n");
+ exit(1);
+ }
+
+ if (outfile && exportfile) {
+ fprintf(stderr, "pesign-client: both --outfile and --export "
+ "specified\n");
+ exit(1);
+ }
+ if (exportfile) {
+ outfile = exportfile;
+ attached = 0;
+ }
+
poptFreeContext(optCon);
int sd = connect_to_server();
diff --git a/src/pesign-client.1 b/src/pesign-client.1
index 686383e..1ccfbb3 100644
--- a/src/pesign-client.1
+++ b/src/pesign-client.1
@@ -5,10 +5,11 @@ pesign-client \- command line tool for signing UEFI applications
.SH SYNOPSIS
\fBpesign\fR [--in=\fIinfile\fR | -i \fIinfile\fR]
[--out=\fIoutfile\fR | -o \fIoutfile\fR]
+ [--export=\fIexportfile\fR | -e \fIexportfile\fR]
[--token=\fItoken\fR | -t \fItoken\fR]
[--certificate=\fInickname\fR | -c \fInickname\fR]
[--unlock | -u] [--kill | -k] [--sign | -s]
- [--detached | -d] [--pinfd=\fIpinfd\fR | -f \fIpinfd\fR]
+ [--pinfd=\fIpinfd\fR | -f \fIpinfd\fR]
[--pinfile=\fIpinfile\fR | -F \fIpinfile\fR]
.SH DESCRIPTION
--
1.7.12.1

93
0035-Fix-shutdown-by-systemd-to-remove-socket-and-pidfile.patch
View File

@ -1,93 +0,0 @@
From f1a2f097cfb290951702251703abcd34ca0bf9e6 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 15:13:11 -0400
Subject: [PATCH 35/42] Fix shutdown by systemd to remove socket and pidfile.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 33 +++++++++++++++------------------
src/daemon.h | 1 +
2 files changed, 16 insertions(+), 18 deletions(-)
diff --git a/src/daemon.c b/src/daemon.c
index 7ad036c..974a559 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -116,15 +116,6 @@ send_response(context *ctx, cms_context *cms, struct pollfd *pollfd, int rc)
static void
handle_kill_daemon(context *ctx, struct pollfd *pollfd, socklen_t size)
{
- if (ctx->sd >= 0) {
- close(ctx->sd);
- unlink(SOCKPATH);
- }
- xfree(ctx->errstr);
-
- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
- "pesignd exiting (pid %d)", getpid());
-
should_exit = 1;
}
@@ -602,11 +593,17 @@ handle_event(context *ctx, struct pollfd *pollfd)
static void
do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds)
{
+ unlink(SOCKPATH);
+ unlink(PIDFILE);
+
+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE,
+ "pesignd exiting (pid %d)", getpid());
+
+ xfree(ctx->errstr);
+
for (int i = 0; i < nsockets; i++)
close(pollfds[i].fd);
free(pollfds);
-
- xfree(ctx->errstr);
}
static int
@@ -843,7 +840,7 @@ daemon_logger(cms_context *cms, int priority, char *fmt, ...)
static void
write_pid_file(int pid)
{
- int fd = open("/var/run/pesign.pid", O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ int fd = open(PIDFILE, O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (fd < 0) {
err:
fprintf(stderr, "couldn't open pidfile: %m\n");
@@ -963,12 +960,12 @@ daemonize(cms_context *cms_ctx, int do_fork)
setsid();
if (do_fork) {
- signal(SIGTTOU, SIG_IGN);
- signal(SIGTTIN, SIG_IGN);
- signal(SIGTSTP, SIG_IGN);
- signal(SIGQUIT, quit_handler);
- signal(SIGINT, quit_handler);
- signal(SIGTERM, quit_handler);
+ struct sigaction sa = {
+ .sa_handler = quit_handler,
+ };
+ sigaction(SIGQUIT, &sa, NULL);
+ sigaction(SIGINT, &sa, NULL);
+ sigaction(SIGTERM, &sa, NULL);
}
char *homedir = NULL;
diff --git a/src/daemon.h b/src/daemon.h
index 56cef17..5485e60 100644
--- a/src/daemon.h
+++ b/src/daemon.h
@@ -48,5 +48,6 @@ typedef enum {
#define PESIGND_VERSION 0xa3cf41cb
#define SOCKPATH "/var/run/pesign/socket"
+#define PIDFILE "/var/run/pesign.pid"
#endif /* DAEMON_H */
--
1.7.12.1

42
0036-Make-the-macros-use-the-default-fedora-signer-if-the.patch
View File

@ -1,42 +0,0 @@
From 22308fbfb540b5215efb9ce96a4dfdce08ef9165 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 18 Oct 2012 15:16:05 -0400
Subject: [PATCH 36/42] Make the macros use the default (fedora) signer if
there's a daemon running.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index 7706050..fb9d21e 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -10,13 +10,22 @@
%__pesign_cert %{!?pe_signing_cert:-c "Red Hat Test Certificate"}%{?pe_signing_cert:-c "%{pe_signing_cert}"}
%_pesign /usr/bin/pesign
+%_pesign_client /usr/bin/pesign-client
%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
- %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
+ if [ -e /var/run/pesign/socket ]; then \
+ %{_pesign_client} -t "OpenSC Card (Fedora Signing CA)" \\\
+ -c "/CN=Fedora Secure Boot Signer" \\\
+ %{-i} %{-o} %{-e} %{-s} \
+ else \
+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \
+ fi \
else \
if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \
mv %{-i*} %{-o*} \
+ elif [ -n "%{-i*}" -a -n "%{-e*}" ]; then \
+ touch %{-e*} \
fi \
fi ;
--
1.7.12.1

28
0037-Fix-command-line-checking-for-s.patch
View File

@ -1,28 +0,0 @@
From abe7981ba049b23ae9c42da92559576c6e0cc53b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:07:40 -0400
Subject: [PATCH 37/42] Fix command line checking for -s.
Accidentally applied when not using -s. Woops.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/client.c b/src/client.c
index 5e5399d..777197a 100644
--- a/src/client.c
+++ b/src/client.c
@@ -496,7 +496,7 @@ main(int argc, char *argv[])
exit(1);
}
- if (!outfile && !exportfile) {
+ if (action & SIGN_BINARY && (!outfile && !exportfile)) {
fprintf(stderr, "pesign-client: neither --outfile nor --export "
"specified\n");
exit(1);
--
1.7.12.1

178
0038-Add-support-to-read-the-pin-from-stdin-in-client.patch
View File

@ -1,178 +0,0 @@
From 8067d9bace148a254528fdf752f083d2a0debada Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:26 -0400
Subject: [PATCH 38/42] Add support to read the pin from stdin in client.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/client.c | 10 +++++++---
src/password.c | 41 +++++++++++++++++++++++++++++++++++++++++
src/password.h | 1 +
src/signer_info.c | 45 +--------------------------------------------
4 files changed, 50 insertions(+), 47 deletions(-)
diff --git a/src/client.c b/src/client.c
index 777197a..1ec582b 100644
--- a/src/client.c
+++ b/src/client.c
@@ -212,10 +212,14 @@ get_token_pin(int pinfd, char *pinfile, char *envname)
fclose(pinf);
return pin;
- } else
- return strdup(getenv(envname));
+ } else {
+ pin = getenv(envname);
+ if (pin)
+ return strdup(pin);
+ }
- return NULL;
+ pin = readpw(NULL, PR_FALSE, NULL);
+ return pin;
}
static void
diff --git a/src/password.c b/src/password.c
index 100c584..c663955 100644
--- a/src/password.c
+++ b/src/password.c
@@ -17,6 +17,7 @@
* Author(s): Peter Jones <pjones@redhat.com>
*/
+#include <limits.h>
#include <stdlib.h>
#include <termios.h>
#include <unistd.h>
@@ -289,4 +290,44 @@ SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
return NULL;
}
+#if 0
+#warning investigate killing readpw
+#endif
+char *
+readpw(PK11SlotInfo *slot, PRBool retry, void *arg)
+{
+ struct termios sio, tio;
+ char line[LINE_MAX], *p;
+ if (tcgetattr(fileno(stdin), &sio) < 0) {
+ fprintf(stderr, "Could not read password from standard input.\n");
+ return NULL;
+ }
+ tio = sio;
+ tio.c_lflag &= ~ECHO;
+ if (tcsetattr(fileno(stdin), 0, &tio) < 0) {
+ fprintf(stderr, "Could not read password from standard input.\n");
+ return NULL;
+ }
+
+ fprintf(stdout, "Enter passphrase for private key: ");
+ if (fgets(line, sizeof(line), stdin) == NULL) {
+ fprintf(stdout, "\n");
+ tcsetattr(fileno(stdin), 0, &sio);
+ return NULL;
+ }
+ fprintf(stdout, "\n");
+ tcsetattr(fileno(stdin), 0, &sio);
+
+ p = line + strcspn(line, "\r\n");
+ if (p != NULL)
+ *p = '\0';
+
+ char *ret = strdup(line);
+ memset(line, '\0', sizeof (line));
+ if (!ret) {
+ fprintf(stderr, "Could not read passphrase.\n");
+ return NULL;
+ }
+ return ret;
+}
diff --git a/src/password.h b/src/password.h
index 853bd5a..bcbac44 100644
--- a/src/password.h
+++ b/src/password.h
@@ -22,5 +22,6 @@
extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
extern char *get_password_passthrough(PK11SlotInfo *slot, PRBool retry, void *arg);
extern char *get_password_fail(PK11SlotInfo *slot, PRBool retry, void *arg);
+extern char *readpw(PK11SlotInfo *slot, PRBool retry, void *arg);
#endif /* PASSWORD_H */
diff --git a/src/signer_info.c b/src/signer_info.c
index 932b896..f755bf6 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -19,10 +19,8 @@
#include "pesign.h"
-#include <limits.h>
#include <string.h>
#include <syslog.h>
-#include <termios.h>
#include <time.h>
#include <unistd.h>
@@ -159,47 +157,6 @@ err:
return -1;
}
-#if 0
-#warning investigate killing getpw
-#endif
-static char *getpw(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- struct termios sio, tio;
- char line[LINE_MAX], *p;
-
- if (tcgetattr(fileno(stdin), &sio) < 0) {
- fprintf(stderr, "Could not read password from standard input.\n");
- return NULL;
- }
- tio = sio;
- tio.c_lflag &= ~ECHO;
- if (tcsetattr(fileno(stdin), 0, &tio) < 0) {
- fprintf(stderr, "Could not read password from standard input.\n");
- return NULL;
- }
-
- fprintf(stdout, "Enter passphrase for private key: ");
- if (fgets(line, sizeof(line), stdin) == NULL) {
- fprintf(stdout, "\n");
- tcsetattr(fileno(stdin), 0, &sio);
- return NULL;
- }
- fprintf(stdout, "\n");
- tcsetattr(fileno(stdin), 0, &sio);
-
- p = line + strcspn(line, "\r\n");
- if (p != NULL)
- *p = '\0';
-
- char *ret = strdup(line);
- memset(line, '\0', sizeof (line));
- if (!ret) {
- fprintf(stderr, "Could not read passphrase.\n");
- return NULL;
- }
- return ret;
-}
-
static int
sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
{
@@ -216,7 +173,7 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
if (!oid)
goto err;
- PK11_SetPasswordFunc(cms->func ? cms->func : getpw);
+ PK11_SetPasswordFunc(cms->func ? cms->func : readpw);
SECKEYPrivateKey *privkey = PK11_FindKeyByAnyCert(cms->cert,
cms->pwdata ? cms->pwdata : NULL);
if (!privkey) {
--
1.7.12.1

60
0039-Fix-token-auth-authentication-failure-error-reportin.patch
View File

@ -1,60 +0,0 @@
From 3ceb3eb5b1c36ead2a862bcec5e527f74dc91381 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:08:49 -0400
Subject: [PATCH 39/42] Fix token auth authentication failure error reporting.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/cms_common.c | 4 +++-
src/daemon.c | 4 ++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 898ddfb..2f3683e 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -316,6 +316,7 @@ unlock_nss_token(cms_context *cms)
secuPWData pwdata_val = { 0, 0 };
void *pwdata = cms->pwdata ? cms->pwdata : &pwdata_val;
PK11_SetPasswordFunc(cms->func ? cms->func : SECU_GetModulePassword);
+ int rc = -1;
PK11SlotList *slots = NULL;
slots = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_TRUE, pwdata);
@@ -323,7 +324,7 @@ unlock_nss_token(cms_context *cms)
cms->log(cms, LOG_ERR, "Could not find certificate \"%s\"",
cms->tokenname);
err:
- return -1;
+ return rc;
}
PK11SlotListElement *psle = NULL;
@@ -351,6 +352,7 @@ err_slots:
cms->log(cms, LOG_ERR, "Authentication failed for "
"token \"%s\"", cms->tokenname);
PK11_DestroySlotListElement(slots, &psle);
+ rc = -2;
goto err_slots;
}
}
diff --git a/src/daemon.c b/src/daemon.c
index 974a559..bf7485f 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -204,10 +204,10 @@ malformed:
cms_set_pw_callback(ctx->cms, get_password_fail);
cms_set_pw_data(ctx->cms, NULL);
- if (rc < 0)
+ if (rc == -1)
ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR,
"could not find token \"%s\"", tn->value);
- else
+ else if (rc == 0)
ctx->cms->log(ctx->cms, ctx->priority|LOG_NOTICE,
"authentication succeeded for token \"%s\"",
tn->value);
--
1.7.12.1

28
0040-Use-setfacl-in-sysvinit-script-to-allow-kojibuilder-.patch
View File

@ -1,28 +0,0 @@
From 9c2daa8d3761b49961498cb9a9bbc8a37e05b0da Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:19:39 -0400
Subject: [PATCH 40/42] Use setfacl in sysvinit script to allow kojibuilder
access.
---
src/pesign.sysvinit | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/pesign.sysvinit b/src/pesign.sysvinit
index f955e01..ea37c58 100644
--- a/src/pesign.sysvinit
+++ b/src/pesign.sysvinit
@@ -24,6 +24,10 @@ start(){
RETVAL=$?
echo
touch /var/lock/subsys/pesign
+ setfacl -m u:kojibuilder:x /var/run/pesign
+ setfacl -m u:kojibuilder:rw /var/run/pesign/socket
+ setfacl -m g:kojibuilder:x /var/run/pesign
+ setfacl -m g:kojibuilder:rw /var/run/pesign/socket
}
stop(){
--
1.7.12.1

33
0041-Don-t-return-quite-so-immediately-if-we-re-the-paren.patch
View File

@ -1,33 +0,0 @@
From 2bd84dcfbdf084bcfb3e6d7c26756ca3783cdae4 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 10:20:40 -0400
Subject: [PATCH 41/42] Don't return quite so immediately if we're the parent
pid when daemonizing.
Long term we probably want to look for the socket and/or sigchld instead
of this.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/daemon.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/daemon.c b/src/daemon.c
index bf7485f..6951f0a 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -885,8 +885,10 @@ daemonize(cms_context *cms_ctx, int do_fork)
if (do_fork) {
pid_t pid;
- if ((pid = fork()))
+ if ((pid = fork())) {
+ sleep(2);
return 0;
+ }
}
ctx.pid = getpid();
write_pid_file(ctx.pid);
--
1.7.12.1

28
0042-Get-the-Fedora-signing-token-name-right.patch
View File

@ -1,28 +0,0 @@
From b699c67004807c53d7c22328ba15304c4f9748a9 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 19 Oct 2012 19:16:52 -0400
Subject: [PATCH 42/42] Get the Fedora signing token name right.
Because, you know, we're not signing with the CA token.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index fb9d21e..4996d7c 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -15,7 +15,7 @@
%pesign(i:o:C:e:s) \
if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \
if [ -e /var/run/pesign/socket ]; then \
- %{_pesign_client} -t "OpenSC Card (Fedora Signing CA)" \\\
+ %{_pesign_client} -t "OpenSC Card (Fedora Signer)" \\\
-c "/CN=Fedora Secure Boot Signer" \\\
%{-i} %{-o} %{-e} %{-s} \
else \
--
1.7.12.1

46
0043-Add-support-for-local-certificate-database-directori.patch
View File

@ -1,46 +0,0 @@
From 3e257e96c9b48e07e0885f391f1e50fd69b52408 Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <pesign-owner@fedoraproject.org>
Date: Mon, 26 Nov 2012 19:05:54 -0500
Subject: [PATCH] Add support for local certificate database directories
Users may wish to use a certificate database other than the systemwide one.
Add an option for that.
---
src/pesign.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/pesign.c b/src/pesign.c
index 2c98600..cd3031c 100644
--- a/src/pesign.c
+++ b/src/pesign.c
@@ -437,6 +437,7 @@ main(int argc, char *argv[])
char *tokenname = "NSS Certificate DB";
char *origtoken = tokenname;
char *certname = NULL;
+ char *certdir = "/etc/pki/pesign";
rc = pesign_context_new(&ctxp);
if (rc < 0) {
@@ -454,6 +455,10 @@ main(int argc, char *argv[])
{"certficate", 'c', POPT_ARG_STRING, &certname, 0,
"specify certificate nickname",
"<certificate nickname>" },
+ {"certdir", 'n', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT,
+ &certdir, 0,
+ "specify nss certificate database directory",
+ "<certificate directory path>" },
{"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0,
"specify private key file", "<privkey>" },
{"force", 'f', POPT_ARG_VAL, &ctxp->force, 1,
@@ -536,7 +541,7 @@ main(int argc, char *argv[])
poptFreeContext(optCon);
if (!daemon) {
- SECStatus status = NSS_Init("/etc/pki/pesign");
+ SECStatus status = NSS_Init(certdir);
if (status != SECSuccess) {
fprintf(stderr, "Could not initialize nss: %s\n",
PORT_ErrorToString(PORT_GetError()));
--
1.8.0

51
pesign.spec
View File

@ -1,7 +1,7 @@
Summary: Signing utility for UEFI binaries Summary: Signing utility for UEFI binaries
Name: pesign Name: pesign
Version: 0.99 Version: 0.100
Release: 9%{?dist} Release: 1%{?dist}
Group: Development/System Group: Development/System
License: GPLv2 License: GPLv2
URL: https://github.com/vathpela/pesign URL: https://github.com/vathpela/pesign
@ -20,50 +20,6 @@ ExclusiveArch: i686 x86_64 ia64
Source0: pesign-%{version}.tar.bz2 Source0: pesign-%{version}.tar.bz2
Source1: rh-test-certs.tar.bz2 Source1: rh-test-certs.tar.bz2
Patch1: 0001-Use-PK11_TraverseCertsForNicknameInSlot-after-all.patch
Patch2: 0002-Remove-an-unused-field.patch
Patch3: 0003-Free-the-certificate-list-we-make-once-we-re-done-us.patch
Patch4: 0004-Make-sure-we-actually-look-up-the-certificate-when-n.patch
Patch5: 0005-Fix-check-for-allocations-on-tokenname-certname.patch
Patch6: 0006-Update-valgrind.supp-for-newer-codepaths.patch
Patch7: 0007-Free-the-pid-string-once-we-re-done-writing-it.patch
Patch8: 0008-valgrind-Don-t-complain-about-unlocking-a-key-and-ke.patch
Patch9: 0009-Only-try-to-register-OIDs-once.patch
Patch10: 0010-Check-for-NSS_Shutdown-failure.patch
Patch11: 0011-Don-t-destroy-stdin-stdout-stderr-if-we-don-t-fork.patch
Patch12: 0012-valgrind-Add-SECMOD_LoadModule-codepath.patch
Patch13: 0013-Don-t-set-up-digests-in-cms_context_init.patch
Patch14: 0014-Do-register_oids-where-we-re-doing-NSS_Init.patch
Patch15: 0015-Make-daemon-shutdown-actually-close-the-NSS-database.patch
Patch16: 0016-Reformat-a-bunch-of-error-messages-to-be-vaguely-con.patch
Patch17: 0017-Use-PORT_ArenaStrdup-where-appropriate.patch
Patch18: 0018-Minor-whitespace-fixes.patch
Patch19: 0019-daemon-Make-sure-inpe-is-initialized-before-all-erro.patch
Patch20: 0020-Allocate-pesign_context-rather-than-having-it-on-the.patch
Patch21: 0021-pesign-initialize-nss-only-if-we-re-not-a-daemon.patch
Patch22: 0022-Handle-errors-on-pesign_context_init.patch
Patch23: 0023-Add-sanity-checking-to-make-sure-we-don-t-emit-unini.patch
Patch24: 0024-Make-sure-we-free-the-token-cert-we-get-from-the-com.patch
Patch25: 0025-pesign-Only-shut-down-nss-in-pesign.c-if-we-re-not-t.patch
Patch26: 0026-Rework-setup_digests-and-teardown_digests.patch
Patch27: 0027-We-shouldn-t-need-Environment-NSS_STRICT_NOFORK-DISA.patch
Patch28: 0028-Fix-errors-found-by-coverity.patch
Patch29: 0029-Don-t-keep-the-DEPS-list-twice.patch
Patch30: 0030-Don-t-build-util-right-now.patch
Patch31: 0031-Make-install_systemd-and-install_sysvinit-separate-t.patch
Patch32: 0032-Get-rid-of-an-unnecessary-allocation.patch
Patch33: 0033-Allow-use-of-e-from-rpm-macro.patch
Patch34: 0034-Make-client-use-e-like-pesign-does-rather-than-detac.patch
Patch35: 0035-Fix-shutdown-by-systemd-to-remove-socket-and-pidfile.patch
Patch36: 0036-Make-the-macros-use-the-default-fedora-signer-if-the.patch
Patch37: 0037-Fix-command-line-checking-for-s.patch
Patch38: 0038-Add-support-to-read-the-pin-from-stdin-in-client.patch
Patch39: 0039-Fix-token-auth-authentication-failure-error-reportin.patch
Patch40: 0040-Use-setfacl-in-sysvinit-script-to-allow-kojibuilder-.patch
Patch41: 0041-Don-t-return-quite-so-immediately-if-we-re-the-paren.patch
Patch42: 0042-Get-the-Fedora-signing-token-name-right.patch
Patch43: 0043-Add-support-for-local-certificate-database-directori.patch
%description %description
This package contains the pesign utility for signing UEFI binaries as This package contains the pesign utility for signing UEFI binaries as
well as other associated tools. well as other associated tools.
@ -132,6 +88,9 @@ exit 0
%ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/pesign.pid %ghost %attr(0660, -, -) %{_localstatedir}/run/%{name}/pesign.pid
%changelog %changelog
* Fri Nov 30 2012 Peter Jones <pjones@redhat.com> - 0.100-1
- Fix insertion of signatures from a file.
* Mon Nov 26 2012 Matthew Garrett <mjg59@srcf.ucam.org> - 0.99-9 * Mon Nov 26 2012 Matthew Garrett <mjg59@srcf.ucam.org> - 0.99-9
- Add a patch needed for new shim builds - Add a patch needed for new shim builds

2
sources
View File

@ -1,2 +1,2 @@
328db7cb27847cb610b7cf8f9c470455 rh-test-certs.tar.bz2 328db7cb27847cb610b7cf8f9c470455 rh-test-certs.tar.bz2
99a5e8d3c9e7ac103595afec1160838b pesign-0.99.tar.bz2 ce4d253db06351c3de9d9334c327f93c pesign-0.100.tar.bz2