diff --git a/pesign-0.106.tar.bz2 b/pesign-0.106.tar.bz2 new file mode 100644 index 0000000..8c272a2 --- /dev/null +++ b/pesign-0.106.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e99e59abfd6bde19c97867105fa0a30ce39f195bb930a44803607c3fd5c34c9c +size 82751 diff --git a/pesign-0.99.tar.bz2 b/pesign-0.99.tar.bz2 deleted file mode 100644 index dfb0aa7..0000000 --- a/pesign-0.99.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:476d2cb79104167fa9147d1fee954e8545fe902931d2e449bf7c410963f2bbb1 -size 72907 diff --git a/pesign-bnc801653-teardown-segfault.patch b/pesign-bnc801653-teardown-segfault.patch deleted file mode 100644 index 1e9ec70..0000000 --- a/pesign-bnc801653-teardown-segfault.patch +++ /dev/null @@ -1,51 +0,0 @@ -commit ed689613e93f3121048d6c922c90aafd6bf10880 -Author: Peter Jones -Date: Tue Nov 27 11:37:05 2012 -0500 - - Hopefully make teardown_digests() work better... - - Freeing nss constructs continues to be weird. - - Signed-off-by: Peter Jones - ---- - src/cms_common.c | 7 ++----- - 1 file changed, 2 insertions(+), 5 deletions(-) - ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -110,8 +110,6 @@ teardown_digests(cms_context *ctx) - PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE); - } - if (digests[i].pe_digest) { -- free_poison(digests[i].pe_digest->data, -- digests[i].pe_digest->len); - /* XXX sure seems like we should be freeing it here, - * but that's segfaulting, and we know it'll get - * cleaned up with PORT_FreeArena a couple of lines -@@ -120,7 +118,7 @@ teardown_digests(cms_context *ctx) - digests[i].pe_digest = NULL; - } - } -- free(digests); -+ PORT_Free(digests); - ctx->digests = NULL; - } - -@@ -184,7 +182,6 @@ cms_context_fini(cms_context *cms) - memset(&cms->newsig, '\0', sizeof (cms->newsig)); - } - -- teardown_digests(cms); - cms->selected_digest = -1; - - if (cms->ci_digest) { -@@ -708,7 +705,7 @@ generate_digest_begin(cms_context *cms) - if (cms->digests) { - digests = cms->digests; - } else { -- digests = calloc(n_digest_params, sizeof (*digests)); -+ digests = PORT_ZAlloc(n_digest_params * sizeof (*digests)); - if (!digests) { - cms->log(cms, LOG_ERR, "cannot allocate memory: %m"); - return -1; diff --git a/pesign-bnc805166-fix-signature-list.patch b/pesign-bnc805166-fix-signature-list.patch deleted file mode 100644 index 4dbb46c..0000000 --- a/pesign-bnc805166-fix-signature-list.patch +++ /dev/null @@ -1,553 +0,0 @@ -From ee3ab396e8bc167d3b63f475c463cd4103b1ca6e Mon Sep 17 00:00:00 2001 -From: Gary Ching-Pang Lin -Date: Wed, 27 Feb 2013 15:48:06 +0800 -Subject: [PATCH] Backport patches to fix signature list - -Get cms_context out of wincert functions. -ee357451be9968cedda57ce13b103eb82c590e67 - -Rework siglist to be somewhat more useful. -a5ec0d2cd06dec0961fc3fed680e7e385dc5bec8 - -Don't allow our signature list iterator to walk off the end of the file. -18980866e7952100d98510297c0e1cc25fca8fc8 - -Include old signatures in new space calculations. -77d334d77435d64e88fcc772b5b58440b394584a - -Make implanting extracted certificates work again. -5ceddd2f80dfea70d211236190943746c2d2f77b - -Fix a casting problem on 32-bit. -9eb2814858270af2d7ecfbfa5ca131e7be2f9f53 ---- - libdpe/pe_addcert.c | 2 +- - libdpe/pe_updatefile.c | 13 +++++++++- - src/actions.c | 12 +-------- - src/actions.h | 2 +- - src/daemon.c | 6 +++-- - src/pesign.c | 35 ++++++++++++++++++++++---- - src/peverify.c | 7 ++++-- - src/siglist.c | 46 ++++++++++++++++++++++++++++------ - src/siglist.h | 3 ++- - src/wincert.c | 65 ++++++++++++++++++++++++++++++++++-------------- - src/wincert.h | 8 +++--- - 11 files changed, 146 insertions(+), 53 deletions(-) - -diff --git a/libdpe/pe_addcert.c b/libdpe/pe_addcert.c -index e391242..b6ba969 100644 ---- a/libdpe/pe_addcert.c -+++ b/libdpe/pe_addcert.c -@@ -59,7 +59,7 @@ pe_alloccert(Pe *pe, size_t size) - memset(addr, '\0', size); - - dd->certs.virtual_address = compute_file_addr(pe, addr); -- dd->certs.size = size; -+ dd->certs.size += size; - - #if 0 - pe_set_image_size(pe); -diff --git a/libdpe/pe_updatefile.c b/libdpe/pe_updatefile.c -index 7a29757..a8fe769 100644 ---- a/libdpe/pe_updatefile.c -+++ b/libdpe/pe_updatefile.c -@@ -24,6 +24,7 @@ - #include - - static struct section_header * -+__attribute__((unused)) - __get_last_section(Pe *pe) - { - Pe_Scn *scn = NULL; -@@ -79,6 +80,7 @@ compare_sections (const void *a, const void *b) - } - - static void -+__attribute__((unused)) - sort_sections (Pe_Scn **scns, Pe_ScnList *list) - { - Pe_Scn **scnp = scns; -@@ -131,7 +133,16 @@ __pe_updatemmap(Pe *pe, size_t shnum) - msync(msync_start, msync_end - msync_start, MS_SYNC); - - #warning this is not done yet. -- struct section_header *sh = __get_last_section(pe); -+ //struct section_header *sh = __get_last_section(pe); -+ -+ size_t dd_size = sizeof (*dd) / sizeof (dd->exports); -+ data_dirent *dde = &dd->exports; -+ for (int i = 0; i < dd_size; i++, dde++) { -+ if (dde->size != 0) { -+ char *addr = compute_mem_addr(pe, dde->virtual_address); -+ msync(addr, dde->size, MS_SYNC); -+ } -+ } - - return 0; - } -diff --git a/src/actions.c b/src/actions.c -index 9e4ac59..5c5dd89 100644 ---- a/src/actions.c -+++ b/src/actions.c -@@ -268,7 +268,7 @@ failure: - return ret; - } - --static void -+void - parse_signature(pesign_context *ctx) - { - int rc; -@@ -396,8 +396,6 @@ generate_sattr_blob(pesign_context *ctx) - void - check_signature_space(pesign_context *ctx) - { -- parse_signature(ctx); -- - ssize_t available = available_cert_space(ctx->outpe); - - if (available < ctx->cms_ctx->newsig.len) { -@@ -406,14 +404,6 @@ check_signature_space(pesign_context *ctx) - } - } - --int --import_signature(pesign_context *ctx) --{ -- insert_signature(ctx->cms_ctx, ctx->signum); -- -- return finalize_signatures(ctx->cms_ctx, ctx->outpe); --} -- - void - allocate_signature_space(Pe *pe, ssize_t sigspace) - { -diff --git a/src/actions.h b/src/actions.h -index 400876f..4ecaad8 100644 ---- a/src/actions.h -+++ b/src/actions.h -@@ -28,12 +28,12 @@ extern int list_signatures(pesign_context *ctx); - extern void check_signature_space(pesign_context *ctx); - extern void allocate_signature_space(Pe *pe, ssize_t sigspace); - extern off_t export_signature(cms_context *cms, int fd, int ascii_armor); --extern int import_signature(pesign_context *ctx); - extern void import_raw_signature(pesign_context *pctx); - extern void remove_signature(pesign_context *ctx); - extern void export_pubkey(pesign_context *ctx); - extern void export_cert(pesign_context *ctx); - extern int generate_sattr_blob(pesign_context *pctx); -+extern void parse_signature(pesign_context *ctx); - extern void insert_signature(cms_context *cms, int signum); - - #endif /* PESIGN_CRYPTO_H */ -diff --git a/src/daemon.c b/src/daemon.c -index 4a9af87..92ae856 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -288,7 +288,8 @@ set_up_inpe(context *ctx, int fd, Pe **pe) - return -1; - } - -- int rc = parse_signatures(ctx->cms, *pe); -+ int rc = parse_signatures(&ctx->cms->signatures, -+ &ctx->cms->num_signatures, *pe); - if (rc < 0) { - ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR, - "pesignd: could not parse signature list"); -@@ -454,7 +455,8 @@ err_attached: - if (rc < 0) - goto err_attached; - insert_signature(ctx->cms, ctx->cms->num_signatures); -- finalize_signatures(ctx->cms, outpe); -+ finalize_signatures(ctx->cms->signatures, -+ ctx->cms->num_signatures, outpe); - pe_end(outpe); - } else { - if (ftruncate(outfd, 0) != 0) { -diff --git a/src/pesign.c b/src/pesign.c -index bfda33b..fcb2dca 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -104,7 +104,8 @@ open_input(pesign_context *ctx) - exit(1); - } - -- int rc = parse_signatures(ctx->cms_ctx, ctx->inpe); -+ int rc = parse_signatures(&ctx->cms_ctx->signatures, -+ &ctx->cms_ctx->num_signatures, ctx->inpe); - if (rc < 0) { - fprintf(stderr, "pesign: could not parse signature data\n"); - exit(1); -@@ -126,7 +127,8 @@ close_output(pesign_context *ctx) - { - Pe_Cmd cmd = ctx->outfd == STDOUT_FILENO ? PE_C_RDWR : PE_C_RDWR_MMAP; - -- finalize_signatures(ctx->cms_ctx, ctx->outpe); -+ finalize_signatures(ctx->cms_ctx->signatures, -+ ctx->cms_ctx->num_signatures, ctx->outpe); - pe_update(ctx->outpe, cmd); - pe_end(ctx->outpe); - ctx->outpe = NULL; -@@ -673,7 +675,9 @@ main(int argc, char *argv[]) - allocate_signature_space(ctxp->outpe, sigspace); - generate_signature(ctxp->cms_ctx); - insert_signature(ctxp->cms_ctx, ctxp->signum); -- finalize_signatures(ctxp->cms_ctx, ctxp->outpe); -+ finalize_signatures(ctxp->cms_ctx->signatures, -+ ctxp->cms_ctx->num_signatures, -+ ctxp->outpe); - close_output(ctxp); - break; - case EXPORT_SATTRS: -@@ -687,12 +691,27 @@ main(int argc, char *argv[]) - /* add a signature from a file */ - case IMPORT_SIGNATURE: - check_inputs(ctxp); -+ if (ctxp->signum > ctxp->cms_ctx->num_signatures + 1) { -+ fprintf(stderr, "Invalid signature number.\n"); -+ exit(1); -+ } - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); - open_sig_input(ctxp); -+ parse_signature(ctxp); -+ sigspace = -+ calculate_signature_overhead( -+ ctxp->cms_ctx->newsig.len) + -+ ctxp->cms_ctx->newsig.len + -+ get_reserved_sig_space(ctxp->cms_ctx, -+ ctxp->outpe); -+ allocate_signature_space(ctxp->outpe, sigspace); - check_signature_space(ctxp); -- import_signature(ctxp); -+ insert_signature(ctxp->cms_ctx, ctxp->signum); -+ finalize_signatures(ctxp->cms_ctx->signatures, -+ ctxp->cms_ctx->num_signatures, -+ ctxp->outpe); - close_sig_input(ctxp); - close_output(ctxp); - break; -@@ -788,6 +807,10 @@ main(int argc, char *argv[]) - ctxp->cms_ctx->certname); - exit(1); - } -+ if (ctxp->signum > ctxp->cms_ctx->num_signatures + 1) { -+ fprintf(stderr, "Invalid signature number.\n"); -+ exit(1); -+ } - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); -@@ -798,7 +821,9 @@ main(int argc, char *argv[]) - generate_digest(ctxp->cms_ctx, ctxp->outpe); - generate_signature(ctxp->cms_ctx); - insert_signature(ctxp->cms_ctx, ctxp->signum); -- finalize_signatures(ctxp->cms_ctx, ctxp->outpe); -+ finalize_signatures(ctxp->cms_ctx->signatures, -+ ctxp->cms_ctx->num_signatures, -+ ctxp->outpe); - close_output(ctxp); - break; - case DAEMONIZE: -diff --git a/src/peverify.c b/src/peverify.c -index 08aad27..e010d87 100644 ---- a/src/peverify.c -+++ b/src/peverify.c -@@ -55,9 +55,12 @@ open_input(peverify_context *ctx) - exit(1); - } - -- int rc = parse_signatures(&ctx->cms_ctx, ctx->inpe); -+ int rc = parse_signatures(&ctx->cms_ctx->signatures, -+ &ctx->cms_ctx->num_signatures, -+ ctx->inpe); - if (rc < 0) { -- fprintf(stderr, "pesign: could not parse signature data\n"); -+ fprintf(stderr, "pesign: could not parse signature list in " -+ "EFI binary\n"); - exit(1); - } - } -diff --git a/src/siglist.c b/src/siglist.c -index 1a933e7..ca097e6 100644 ---- a/src/siglist.c -+++ b/src/siglist.c -@@ -17,11 +17,15 @@ - * Author(s): Peter Jones - */ - -+#include - #include -+#include -+#include - #include - #include - --#include "authvar.h" -+#include "efitypes.h" -+#include "siglist.h" - - struct efi_signature_data { - efi_guid_t SignatureOwner; -@@ -135,7 +139,10 @@ signature_list_add_sig(signature_list *sl, efi_guid_t owner, - if (memcmp(&sl->SignatureType, &x509_guid, sizeof (efi_guid_t)) == 0) { - if (sigsize > sl->SignatureSize) - resize_entries(sl, sigsize); -- } else if (sigsize != sl->SignatureSize) { -+ } else if (sigsize != get_sig_type_size(sl->SignatureType)) { -+ fprintf(stderr, "sigsize: %d sl->SignatureSize: %d\n", -+ sigsize, sl->SignatureSize); -+ errno = EINVAL; - return -1; - } - -@@ -162,11 +169,31 @@ signature_list_add_sig(signature_list *sl, efi_guid_t owner, - return 0; - } - --void * --signature_list_realize(signature_list *sl) -+#if 0 -+int -+signature_list_parse(signature_list *sl, uint8_t *data, size_t len) - { -- if (sl->realized) -- return sl->realized; -+ if (!sl) -+ return -1; -+ -+ if (sl->realized) { -+ free(sl->realized); -+ sl->realized = NULL; -+ } -+ -+ efi_signature_list *esl = data; -+ efi_signature_data *esd = NULL; -+ -+} -+#endif -+ -+int -+signature_list_realize(signature_list *sl, void **out, size_t *outsize) -+{ -+ if (sl->realized) { -+ free(sl->realized); -+ sl->realized = NULL; -+ } - - struct efi_signature_list *esl = NULL; - uint32_t size = sizeof (*esl) + -@@ -174,7 +201,7 @@ signature_list_realize(signature_list *sl) - - void *ret = calloc(1, size); - if (!ret) -- return NULL; -+ return -1; - esl = ret; - - memcpy(esl, sl, sizeof (*esl)); -@@ -186,7 +213,10 @@ signature_list_realize(signature_list *sl) - } - - sl->realized = ret; -- return ret; -+ -+ *out = ret; -+ *outsize = size; -+ return 0; - } - - void -diff --git a/src/siglist.h b/src/siglist.h -index 2961a39..a576ffd 100644 ---- a/src/siglist.h -+++ b/src/siglist.h -@@ -24,7 +24,8 @@ typedef struct signature_list signature_list; - extern signature_list *signature_list_new(efi_guid_t SignatureType); - extern int signature_list_add_sig(signature_list *sl, efi_guid_t owner, - uint8_t *sig, uint32_t sigsize); --extern void *signature_list_realize(signature_list *sl); -+extern int signature_list_realize(signature_list *sl, -+ void **out, size_t *outsize); - extern void signature_list_free(signature_list *sl); - - #endif /* SIGLIST_H */ -diff --git a/src/wincert.c b/src/wincert.c -index 4b5ba45..4197a87 100644 ---- a/src/wincert.c -+++ b/src/wincert.c -@@ -25,13 +25,13 @@ struct cert_list_entry { - }; - - static int --generate_cert_list(cms_context *cms, void **cert_list, -- size_t *cert_list_size) -+generate_cert_list(SECItem **signatures, int num_signatures, -+ void **cert_list, size_t *cert_list_size) - { - size_t cl_size = 0; -- for (int i = 0; i < cms->num_signatures; i++) { -+ for (int i = 0; i < num_signatures; i++) { - cl_size += sizeof (win_certificate); -- cl_size += cms->signatures[i]->len; -+ cl_size += signatures[i]->len; - } - - uint8_t *data = malloc(cl_size); -@@ -41,15 +41,15 @@ generate_cert_list(cms_context *cms, void **cert_list, - *cert_list = (void *)data; - *cert_list_size = cl_size; - -- for (int i = 0; i < cms->num_signatures; i++) { -+ for (int i = 0; i < num_signatures; i++) { - struct cert_list_entry *cle = (struct cert_list_entry *)data; -- cle->wc.length = cms->signatures[i]->len + -+ cle->wc.length = signatures[i]->len + - sizeof (win_certificate); - cle->wc.revision = WIN_CERT_REVISION_2_0; - cle->wc.cert_type = WIN_CERT_TYPE_PKCS_SIGNED_DATA; -- memcpy(&cle->data[0], cms->signatures[i]->data, -- cms->signatures[i]->len); -- data += sizeof (win_certificate) + cms->signatures[i]->len; -+ memcpy(&cle->data[0], signatures[i]->data, -+ signatures[i]->len); -+ data += sizeof (win_certificate) + signatures[i]->len; - } - - return 0; -@@ -62,12 +62,13 @@ implant_cert_list(Pe *pe, void *cert_list, size_t cert_list_size) - } - - int --finalize_signatures(cms_context *cms, Pe *pe) -+finalize_signatures(SECItem **sigs, int num_sigs, Pe *pe) - { - void *clist = NULL; - size_t clist_size = 0; - -- if (generate_cert_list(cms, &clist, &clist_size) < 0) -+ if (generate_cert_list(sigs, num_sigs, -+ &clist, &clist_size) < 0) - return -1; - - if (implant_cert_list(pe, clist, clist_size) < 0) { -@@ -126,6 +127,13 @@ done: - void *certs = iter->certs; - size_t size = iter->size; - -+ void *map = NULL; -+ size_t map_size = 0; -+ -+ map = pe_rawfile(iter->pe, &map_size); -+ if (!map || map_size < 1) -+ return 0; -+ - while (1) { - win_certificate *tmpcert; - if (n + sizeof (*tmpcert) >= size) -@@ -133,6 +141,9 @@ done: - - tmpcert = (win_certificate *)((uint8_t *)certs + n); - -+ if ((intptr_t)tmpcert > (intptr_t)map + map_size) -+ return -1; -+ - /* length _includes_ the size of the structure. */ - uint32_t length = le32_to_cpu(tmpcert->length); - -@@ -193,7 +204,23 @@ available_cert_space(Pe *pe) - return totalsize - foundsize; - } - --ssize_t calculate_signature_space(cms_context *cms, Pe *pe) -+size_t -+get_reserved_sig_space(cms_context *cms, Pe *pe) -+{ -+ size_t ret = 0; -+ for (int i = 0; i < cms->num_signatures; i++) -+ ret += cms->signatures[i]->len + sizeof (win_certificate); -+ return ret; -+} -+ -+ssize_t -+calculate_signature_overhead(ssize_t size) -+{ -+ return sizeof(win_certificate); -+} -+ -+ssize_t -+calculate_signature_space(cms_context *cms, Pe *pe) - { - int rc; - -@@ -209,7 +236,9 @@ err: - if (rc < 0) - goto err; - -- ssize_t ret = sig.len + dd->certs.size + sizeof(win_certificate) - -+ size_t res = get_reserved_sig_space(cms, pe); -+ -+ ssize_t ret = res + sig.len + sizeof(win_certificate) - - available_cert_space(pe); - - //free(sig.data); -@@ -218,7 +247,7 @@ err: - } - - int --parse_signatures(cms_context *cms, Pe *pe) -+parse_signatures(SECItem ***sigs, int *num_sigs, Pe *pe) - { - cert_iter iter; - int rc = cert_iter_init(&iter, pe); -@@ -238,8 +267,8 @@ parse_signatures(cms_context *cms, Pe *pe) - } - - if (nsigs == 0) { -- cms->num_signatures = 0; -- cms->signatures = NULL; -+ *num_sigs = 0; -+ *sigs = NULL; - return 0; - } - -@@ -271,8 +300,8 @@ parse_signatures(cms_context *cms, Pe *pe) - i++; - } - -- cms->num_signatures = nsigs; -- cms->signatures = signatures; -+ *num_sigs = nsigs; -+ *sigs = signatures; - - return 0; - err: -diff --git a/src/wincert.h b/src/wincert.h -index 4309915..ed7e15c 100644 ---- a/src/wincert.h -+++ b/src/wincert.h -@@ -32,8 +32,6 @@ typedef struct win_certificate { - uint16_t cert_type; - } win_certificate; - --extern int finalize_signatures(cms_context *cms, Pe *pe); -- - typedef struct cert_iter { - Pe *pe; - off_t n; -@@ -45,6 +43,10 @@ extern int cert_iter_init(cert_iter *iter, Pe *pe); - extern int next_cert(cert_iter *iter, void **cert, ssize_t *cert_size); - extern ssize_t available_cert_space(Pe *pe); - extern ssize_t calculate_signature_space(cms_context *cms, Pe *pe); --extern int parse_signatures(cms_context *cms, Pe *pe); -+extern int parse_signatures(SECItem ***sigs, int *num_sigs, Pe *pe); -+extern int finalize_signatures(SECItem **sigs, int num_sigs, Pe *pe); -+extern size_t get_reserved_sig_space(cms_context *cms, Pe *pe); -+extern ssize_t calculate_signature_overhead(ssize_t size); -+ - - #endif /* PESIGN_WINCERT_H */ --- -1.7.10.4 - diff --git a/pesign-bnc808594-align-signatures.patch b/pesign-bnc808594-align-signatures.patch deleted file mode 100644 index c712f8f..0000000 --- a/pesign-bnc808594-align-signatures.patch +++ /dev/null @@ -1,598 +0,0 @@ -From 21cec8feac92a8cda788eaf3f9e9aee9d1b92672 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 25 Mar 2013 11:34:45 -0400 -Subject: [PATCH 1/8] If the last hunk of the file isn't 16-byte aligned, pad - before digesting. - -When we (or MS) create a data directory section, we pad it to 16-bytes. -This means that when you add that and then hash, you'll have that -0-extension before the data directory (in this case, the cert list) in -the checksum. - -If we do -h without embedding the signature in the binary, we still need -to take that into account. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 24 +++++++++++++++++++++++- - 1 file changed, 23 insertions(+), 1 deletion(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 9ab2021..306d53e 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -795,6 +795,12 @@ err: - return -1; - } - -+#if 1 -+#define dprintf(fmt, ...) -+#else -+#define dprintf(fmt, args...) printf(fmt, ## args) -+#endif -+ - int - generate_digest(cms_context *cms, Pe *pe) - { -@@ -860,6 +866,8 @@ generate_digest(cms_context *cms, Pe *pe) - cms->log(cms, LOG_ERR, "Pe header is invalid"); - goto error; - } -+ dprintf("beginning of hash\n"); -+ dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); - generate_digest_step(cms, hash_base, hash_size); - - /* 5. Skip over the image checksum -@@ -882,6 +890,7 @@ generate_digest(cms_context *cms, Pe *pe) - goto error; - } - generate_digest_step(cms, hash_base, hash_size); -+ dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); - - /* 8. Skip over the crt dir - * 9. Hash everything up to the end of the image header. */ -@@ -895,6 +904,7 @@ generate_digest(cms_context *cms, Pe *pe) - goto error; - } - generate_digest_step(cms, hash_base, hash_size); -+ dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); - - /* 10. Set SUM_OF_BYTES_HASHED to the size of the header. */ - hashed_bytes = pe32opthdr ? pe32opthdr->header_size -@@ -926,6 +936,7 @@ generate_digest(cms_context *cms, Pe *pe) - } - - generate_digest_step(cms, hash_base, hash_size); -+ dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); - - hashed_bytes += hash_size; - } -@@ -938,8 +949,19 @@ generate_digest(cms_context *cms, Pe *pe) - cms->log(cms, LOG_ERR, "Pe has invalid trailing data"); - goto error_shdrs; - } -- generate_digest_step(cms, hash_base, hash_size); -+ if (hash_size % 16 != 0) { -+ size_t tmp_size = hash_size + (16 - (hash_size % 16)); -+ uint8_t tmp_array[tmp_size]; -+ memset(tmp_array, '\0', tmp_size); -+ memcpy(tmp_array, hash_base, hash_size); -+ generate_digest_step(cms, tmp_array, tmp_size); -+ dprintf("digesting %lx + %lx\n", (unsigned long)tmp_array, tmp_size); -+ } else { -+ generate_digest_step(cms, hash_base, hash_size); -+ dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); -+ } - } -+ dprintf("end of hash\n"); - - rc = generate_digest_finish(cms); - if (rc < 0) --- -1.7.10.4 - - -From d07c91cffaeaaa1b0f0a0dbc684e073d976ee9f3 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 25 Mar 2013 12:53:05 -0400 -Subject: [PATCH 2/8] Pad signatures everywhere /except/ -h. - -If you run -h, you may be using that hash in a db/dbx variable, in which -case the padding isn't appropriate. Everywhere else, it's for -implanting at some stage. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 4 ++-- - src/cms_common.h | 2 +- - src/daemon.c | 6 +++--- - src/pesign.c | 15 ++++++++------- - 4 files changed, 14 insertions(+), 13 deletions(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 306d53e..f2ee684 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -802,7 +802,7 @@ err: - #endif - - int --generate_digest(cms_context *cms, Pe *pe) -+generate_digest(cms_context *cms, Pe *pe, int padded) - { - void *hash_base; - size_t hash_size; -@@ -949,7 +949,7 @@ generate_digest(cms_context *cms, Pe *pe) - cms->log(cms, LOG_ERR, "Pe has invalid trailing data"); - goto error_shdrs; - } -- if (hash_size % 16 != 0) { -+ if (hash_size % 16 != 0 && padded) { - size_t tmp_size = hash_size + (16 - (hash_size % 16)); - uint8_t tmp_array[tmp_size]; - memset(tmp_array, '\0', tmp_size); -diff --git a/src/cms_common.h b/src/cms_common.h -index a3848cd..d819aab 100644 ---- a/src/cms_common.h -+++ b/src/cms_common.h -@@ -105,7 +105,7 @@ extern int generate_spc_link(cms_context *cms, SpcLink *slp, - - extern int generate_spc_string(cms_context *cms, SECItem *ssp, char *str, - int len); --extern int generate_digest(cms_context *cms, Pe *pe); -+extern int generate_digest(cms_context *cms, Pe *pe, int padded); - extern int generate_signature(cms_context *ctx); - extern int unlock_nss_token(cms_context *ctx); - extern int find_certificate(cms_context *ctx); -diff --git a/src/daemon.c b/src/daemon.c -index 92ae856..69821ba 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -433,7 +433,7 @@ malformed: - if (rc < 0) - goto finish; - -- rc = generate_digest(ctx->cms, outpe); -+ rc = generate_digest(ctx->cms, outpe, 1); - if (rc < 0) { - err_attached: - pe_end(outpe); -@@ -448,7 +448,7 @@ err_attached: - if (sigspace < 0) - goto err_attached; - allocate_signature_space(outpe, sigspace); -- rc = generate_digest(ctx->cms, outpe); -+ rc = generate_digest(ctx->cms, outpe, 1); - if (rc < 0) - goto err_attached; - rc = generate_signature(ctx->cms); -@@ -463,7 +463,7 @@ err_attached: - ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR, - "pesignd: could not truncate output file: %m"); - } -- rc = generate_digest(ctx->cms, inpe); -+ rc = generate_digest(ctx->cms, inpe, 1); - if (rc < 0) { - err_detached: - if (ftruncate(outfd, 0) != 0) { -diff --git a/src/pesign.c b/src/pesign.c -index fcb2dca..81515d2 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -473,7 +473,8 @@ main(int argc, char *argv[]) - "force overwriting of output file", NULL }, - {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1, - "create a new signature", NULL }, -- {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL }, -+ {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, -+ "hash binary", NULL }, - {"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT, - &digest_name, 0, "digest type to use for pe hash" }, - {"import-signed-certificate", 'm', -@@ -669,7 +670,7 @@ main(int argc, char *argv[]) - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); -- generate_digest(ctxp->cms_ctx, ctxp->outpe); -+ generate_digest(ctxp->cms_ctx, ctxp->outpe, 1); - sigspace = calculate_signature_space(ctxp->cms_ctx, - ctxp->outpe); - allocate_signature_space(ctxp->outpe, sigspace); -@@ -683,7 +684,7 @@ main(int argc, char *argv[]) - case EXPORT_SATTRS: - open_input(ctxp); - open_sattr_output(ctxp); -- generate_digest(ctxp->cms_ctx, ctxp->inpe); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe, 1); - generate_sattr_blob(ctxp); - close_sattr_output(ctxp); - close_input(ctxp); -@@ -779,7 +780,7 @@ main(int argc, char *argv[]) - break; - case GENERATE_DIGEST|PRINT_DIGEST: - open_input(ctxp); -- generate_digest(ctxp->cms_ctx, ctxp->inpe); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe, 0); - print_digest(ctxp); - break; - /* generate a signature and save it in a separate file */ -@@ -793,7 +794,7 @@ main(int argc, char *argv[]) - } - open_input(ctxp); - open_sig_output(ctxp); -- generate_digest(ctxp->cms_ctx, ctxp->inpe); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe, 1); - generate_signature(ctxp->cms_ctx); - export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii); - break; -@@ -814,11 +815,11 @@ main(int argc, char *argv[]) - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); -- generate_digest(ctxp->cms_ctx, ctxp->outpe); -+ generate_digest(ctxp->cms_ctx, ctxp->outpe, 1); - sigspace = calculate_signature_space(ctxp->cms_ctx, - ctxp->outpe); - allocate_signature_space(ctxp->outpe, sigspace); -- generate_digest(ctxp->cms_ctx, ctxp->outpe); -+ generate_digest(ctxp->cms_ctx, ctxp->outpe, 1); - generate_signature(ctxp->cms_ctx); - insert_signature(ctxp->cms_ctx, ctxp->signum); - finalize_signatures(ctxp->cms_ctx->signatures, --- -1.7.10.4 - - -From 29a593849964bb89c29bb40dd6a1f4bb5a90e675 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 21 Mar 2013 11:02:43 -0400 -Subject: [PATCH 3/8] Deal with PE-COFF 8.2+ alignment restrictions for the - certificate list. - -PE-COFF 8.2 and newer finally specify the certificate list as a proper -array, but they kindly made a new rule that each entry has to be 8-byte -aligned. So align them now :/ - -Signed-off-by: Peter Jones ---- - src/wincert.c | 22 +++++++++++++++++++++- - 1 file changed, 21 insertions(+), 1 deletion(-) - -diff --git a/src/wincert.c b/src/wincert.c -index 4197a87..3686918 100644 ---- a/src/wincert.c -+++ b/src/wincert.c -@@ -42,6 +42,11 @@ generate_cert_list(SECItem **signatures, int num_signatures, - *cert_list_size = cl_size; - - for (int i = 0; i < num_signatures; i++) { -+ /* pe-coff 8.2 adds some text that says each cert list -+ * entry is 8-byte aligned, so that means we need to align -+ * them here. */ -+ if ((intptr_t)data % 8 != 0) -+ data = (uint8_t *)((intptr_t)data + (8 - ((intptr_t)data % 8))); - struct cert_list_entry *cle = (struct cert_list_entry *)data; - cle->wc.length = signatures[i]->len + - sizeof (win_certificate); -@@ -170,6 +175,11 @@ done: - - iter->n += sizeof (*tmpcert) + length; - -+ /* each cert list entry must be aligned to an 8-byte -+ * boundary */ -+ if (iter->n % 8 != 0) -+ iter->n += 8 - (iter->n % 8); -+ - return 1; - } - } -@@ -208,8 +218,13 @@ size_t - get_reserved_sig_space(cms_context *cms, Pe *pe) - { - size_t ret = 0; -- for (int i = 0; i < cms->num_signatures; i++) -+ for (int i = 0; i < cms->num_signatures; i++) { - ret += cms->signatures[i]->len + sizeof (win_certificate); -+ /* each certificate list entry must be 8-byte aligned, -+ * so we need to account for that in our space calculation */ -+ if (ret % 8 != 0) -+ ret += 8 - (ret % 8); -+ } - return ret; - } - -@@ -238,6 +253,11 @@ err: - - size_t res = get_reserved_sig_space(cms, pe); - -+ /* pe-coff 8.2 adds some text that says each cert list entry is -+ * 8-byte aligned, so that means we need alignment space here. */ -+ if (res % 8 != 0) -+ res += 8 - (res % 8); -+ - ssize_t ret = res + sig.len + sizeof(win_certificate) - - available_cert_space(pe); - --- -1.7.10.4 - - -From 731aa2ac9012a39fd4ccee813c77a9e75235606c Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 22 Mar 2013 09:56:23 -0400 -Subject: [PATCH 4/8] More certificate list alignment fixups (based on work by - Gary Lin) - -There was still some chance the first entry wasn't aligned right, and -doing it ad-hoc every time wasn't that great. So fix that. - -This is really all Gary's work, I've just reformatted it a little bit. - -Signed-off-by: Peter Jones ---- - libdpe/common.h | 2 ++ - libdpe/pe_allocspace.c | 4 ++-- - src/wincert.c | 24 ++++++++++-------------- - 3 files changed, 14 insertions(+), 16 deletions(-) - -diff --git a/libdpe/common.h b/libdpe/common.h -index 5d379e8..be42738 100644 ---- a/libdpe/common.h -+++ b/libdpe/common.h -@@ -31,6 +31,8 @@ - - #define is_64_bit(pe) ((pe)->flags & IMAGE_FILE_32BIT_MACHINE) - -+#define ALIGNMENT_PADDING(address, align) ((align - (address % align)) % align) -+ - #define xfree(x) ({if (x) { free(x); x = NULL; }}) - #define xmunmap(addr, size) ({if (addr) { munmap(addr,size); addr = NULL; }}) - -diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c -index 0ae1f5d..716373c 100644 ---- a/libdpe/pe_allocspace.c -+++ b/libdpe/pe_allocspace.c -@@ -86,7 +86,7 @@ pe_extend_file(Pe *pe, size_t size, uint32_t *new_space, int align) - void *new = NULL; - - if (align) -- align = (pe->maximum_size + size) % align; -+ align = ALIGNMENT_PADDING(pe->maximum_size, align); - int extra = size + align; - - int rc = ftruncate(pe->fildes, pe->maximum_size + extra); -@@ -119,7 +119,7 @@ pe_allocspace(Pe *pe, size_t size, uint32_t *offset) - - /* XXX PJFIX TODO: this should try to find space in the already - * mapped regions. */ -- rc = pe_extend_file(pe, size, offset, 0); -+ rc = pe_extend_file(pe, size, offset, 8); - if (rc < 0) - return -1; - return 0; -diff --git a/src/wincert.c b/src/wincert.c -index 3686918..cc612b6 100644 ---- a/src/wincert.c -+++ b/src/wincert.c -@@ -19,6 +19,8 @@ - - #include "pesign.h" - -+#define ALIGNMENT_PADDING(address, align) ((align - (address % align)) % align) -+ - struct cert_list_entry { - win_certificate wc; - uint8_t data[]; -@@ -32,6 +34,7 @@ generate_cert_list(SECItem **signatures, int num_signatures, - for (int i = 0; i < num_signatures; i++) { - cl_size += sizeof (win_certificate); - cl_size += signatures[i]->len; -+ cl_size += ALIGNMENT_PADDING(cl_size, 8); - } - - uint8_t *data = malloc(cl_size); -@@ -45,16 +48,16 @@ generate_cert_list(SECItem **signatures, int num_signatures, - /* pe-coff 8.2 adds some text that says each cert list - * entry is 8-byte aligned, so that means we need to align - * them here. */ -- if ((intptr_t)data % 8 != 0) -- data = (uint8_t *)((intptr_t)data + (8 - ((intptr_t)data % 8))); - struct cert_list_entry *cle = (struct cert_list_entry *)data; - cle->wc.length = signatures[i]->len + -+ ALIGNMENT_PADDING(signatures[i]->len, 8) + - sizeof (win_certificate); - cle->wc.revision = WIN_CERT_REVISION_2_0; - cle->wc.cert_type = WIN_CERT_TYPE_PKCS_SIGNED_DATA; - memcpy(&cle->data[0], signatures[i]->data, - signatures[i]->len); - data += sizeof (win_certificate) + signatures[i]->len; -+ data += ALIGNMENT_PADDING(signatures[i]->len, 8); - } - - return 0; -@@ -175,11 +178,6 @@ done: - - iter->n += sizeof (*tmpcert) + length; - -- /* each cert list entry must be aligned to an 8-byte -- * boundary */ -- if (iter->n % 8 != 0) -- iter->n += 8 - (iter->n % 8); -- - return 1; - } - } -@@ -222,8 +220,7 @@ get_reserved_sig_space(cms_context *cms, Pe *pe) - ret += cms->signatures[i]->len + sizeof (win_certificate); - /* each certificate list entry must be 8-byte aligned, - * so we need to account for that in our space calculation */ -- if (ret % 8 != 0) -- ret += 8 - (ret % 8); -+ ret += ALIGNMENT_PADDING(ret, 8); - } - return ret; - } -@@ -253,14 +250,13 @@ err: - - size_t res = get_reserved_sig_space(cms, pe); - -- /* pe-coff 8.2 adds some text that says each cert list entry is -- * 8-byte aligned, so that means we need alignment space here. */ -- if (res % 8 != 0) -- res += 8 - (res % 8); -- - ssize_t ret = res + sig.len + sizeof(win_certificate) - - available_cert_space(pe); - -+ /* pe-coff 8.2 adds some text that says each cert list entry is -+ * 8-byte aligned, so that means we need alignment space here. */ -+ ret += ALIGNMENT_PADDING(ret, 8); -+ - //free(sig.data); - - return ret; --- -1.7.10.4 - - -From 12595de05a873712a76e6118f00f324fd257d0f6 Mon Sep 17 00:00:00 2001 -From: Gary Ching-Pang Lin -Date: Tue, 26 Mar 2013 11:28:57 +0800 -Subject: [PATCH 5/8] Pad the file to be 16-byte aligned, instead of 8-byte - ---- - libdpe/pe_allocspace.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c -index 716373c..8b09153 100644 ---- a/libdpe/pe_allocspace.c -+++ b/libdpe/pe_allocspace.c -@@ -119,7 +119,7 @@ pe_allocspace(Pe *pe, size_t size, uint32_t *offset) - - /* XXX PJFIX TODO: this should try to find space in the already - * mapped regions. */ -- rc = pe_extend_file(pe, size, offset, 8); -+ rc = pe_extend_file(pe, size, offset, 16); - if (rc < 0) - return -1; - return 0; --- -1.7.10.4 - - -From deb5811f7e718d8d0d9c41ad18d2302876334e7a Mon Sep 17 00:00:00 2001 -From: Gary Ching-Pang Lin -Date: Tue, 26 Mar 2013 11:34:33 +0800 -Subject: [PATCH 6/8] Add an option, -padding, for -h to pad signatures - -We are using "-h" to check the integrity of the file after inserting -a raw signature. Add this option to make the digests consistent. ---- - src/pesign.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/pesign.c b/src/pesign.c -index 81515d2..57fe96e 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -440,6 +440,7 @@ main(int argc, char *argv[]) - int remove = 0; - int daemon = 0; - int fork = 1; -+ int padding = 0; - - char *digest_name = "sha256"; - char *tokenname = "NSS Certificate DB"; -@@ -518,6 +519,8 @@ main(int argc, char *argv[]) - "run as a daemon process", NULL }, - {"nofork", 'N', POPT_ARG_VAL, &fork, 0, - "don't fork when daemonizing", NULL }, -+ {"padding", 'P', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, -+ &padding, 1, "pad data section", NULL }, - POPT_AUTOALIAS - POPT_AUTOHELP - POPT_TABLEEND -@@ -780,7 +783,7 @@ main(int argc, char *argv[]) - break; - case GENERATE_DIGEST|PRINT_DIGEST: - open_input(ctxp); -- generate_digest(ctxp->cms_ctx, ctxp->inpe, 0); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe, padding); - print_digest(ctxp); - break; - /* generate a signature and save it in a separate file */ --- -1.7.10.4 - - -From 63221e01d0a857ce844b4b17798b5da1ea6a6be1 Mon Sep 17 00:00:00 2001 -From: Gary Ching-Pang Lin -Date: Tue, 26 Mar 2013 18:30:58 +0800 -Subject: [PATCH 7/8] Clear the space for the certificate list - -Make sure the aligned bytes are '\0' - -Signed-off-by: Gary Ching-Pang Lin ---- - src/wincert.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/wincert.c b/src/wincert.c -index cc612b6..75fdceb 100644 ---- a/src/wincert.c -+++ b/src/wincert.c -@@ -37,7 +37,7 @@ generate_cert_list(SECItem **signatures, int num_signatures, - cl_size += ALIGNMENT_PADDING(cl_size, 8); - } - -- uint8_t *data = malloc(cl_size); -+ uint8_t *data = calloc(1, cl_size); - if (!data) - return -1; - --- -1.7.10.4 - - -From 18080ba4acb235fd3b2e679f0308992255e6ca52 Mon Sep 17 00:00:00 2001 -From: Gary Ching-Pang Lin -Date: Wed, 27 Mar 2013 10:49:38 +0800 -Subject: [PATCH 8/8] The file should be 8-byte aligned, actually... - ---- - libdpe/pe_allocspace.c | 2 +- - src/cms_common.c | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c -index 8b09153..716373c 100644 ---- a/libdpe/pe_allocspace.c -+++ b/libdpe/pe_allocspace.c -@@ -119,7 +119,7 @@ pe_allocspace(Pe *pe, size_t size, uint32_t *offset) - - /* XXX PJFIX TODO: this should try to find space in the already - * mapped regions. */ -- rc = pe_extend_file(pe, size, offset, 16); -+ rc = pe_extend_file(pe, size, offset, 8); - if (rc < 0) - return -1; - return 0; -diff --git a/src/cms_common.c b/src/cms_common.c -index f2ee684..2c998d9 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -949,8 +949,8 @@ generate_digest(cms_context *cms, Pe *pe, int padded) - cms->log(cms, LOG_ERR, "Pe has invalid trailing data"); - goto error_shdrs; - } -- if (hash_size % 16 != 0 && padded) { -- size_t tmp_size = hash_size + (16 - (hash_size % 16)); -+ if (hash_size % 8 != 0 && padded) { -+ size_t tmp_size = hash_size + (8 - (hash_size % 8)); - uint8_t tmp_array[tmp_size]; - memset(tmp_array, '\0', tmp_size); - memcpy(tmp_array, hash_base, hash_size); --- -1.7.10.4 - diff --git a/pesign-clear-padding-bits.patch b/pesign-clear-padding-bits.patch new file mode 100644 index 0000000..cad6d7c --- /dev/null +++ b/pesign-clear-padding-bits.patch @@ -0,0 +1,28 @@ +From edd9cc0e677b35498e974d9a4137feac5bd4b323 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Tue, 26 Mar 2013 18:30:58 +0800 +Subject: [PATCH] Clear the space for the certificate list + +Make sure the aligned bytes are '\0' + +Signed-off-by: Gary Ching-Pang Lin +--- + src/wincert.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/wincert.c b/src/wincert.c +index 942fa26..5e23b04 100644 +--- a/src/wincert.c ++++ b/src/wincert.c +@@ -37,7 +37,7 @@ generate_cert_list(SECItem **signatures, int num_signatures, + cl_size += ALIGNMENT_PADDING(cl_size, 8); + } + +- uint8_t *data = malloc(cl_size); ++ uint8_t *data = calloc(1, cl_size); + if (!data) + return -1; + +-- +1.8.1.4 + diff --git a/pesign-client-initialize-action.patch b/pesign-client-initialize-action.patch deleted file mode 100644 index 5746461..0000000 --- a/pesign-client-initialize-action.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/src/client.c b/src/client.c -index 1ec582b..dcc5257 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -435,7 +435,7 @@ main(int argc, char *argv[]) - char *certname = NULL; - poptContext optCon; - int rc; -- int action; -+ int action = 0; - char *infile = NULL; - char *outfile = NULL; - char *exportfile = NULL; -@@ -500,6 +500,12 @@ main(int argc, char *argv[]) - exit(1); - } - -+ if (action == NO_FLAGS) { -+ poptPrintUsage(optCon, stdout, 0); -+ poptFreeContext(optCon); -+ exit(0); -+ } -+ - if (action & SIGN_BINARY && (!outfile && !exportfile)) { - fprintf(stderr, "pesign-client: neither --outfile nor --export " - "specified\n"); diff --git a/pesign-client-read-pin-file.patch b/pesign-client-read-pin-file.patch deleted file mode 100644 index 37beca9..0000000 --- a/pesign-client-read-pin-file.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/src/client.c b/src/client.c -index dcc5257..9bcaf3e 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -201,7 +201,8 @@ get_token_pin(int pinfd, char *pinfile, char *envname) - if (!pinf) - return NULL; - -- ssize_t n = getline(&pin, 0, pinf); -+ size_t pin_n; -+ ssize_t n = getline(&pin, &pin_n, pinf); - if (n < 0 || !pin) { - fclose(pinf); - return NULL; diff --git a/pesign-fix-build-errors.patch b/pesign-fix-build-errors.patch index 08778d7..1597fd6 100644 --- a/pesign-fix-build-errors.patch +++ b/pesign-fix-build-errors.patch @@ -1,12 +1,20 @@ ---- - src/daemon.c | 35 ++++++++++++++++++++++++++++------- - src/password.c | 3 ++- - src/pesign.c | 10 ++++++++-- - 3 files changed, 38 insertions(+), 10 deletions(-) +From 4e03c90bb48e6f9c9d9c9aed491fbcc5be684e7b Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Tue, 9 Jul 2013 12:17:31 +0800 +Subject: [PATCH] Fix build errors +--- + src/daemon.c | 36 +++++++++++++++++++++++++++++------- + src/efikeygen.c | 3 ++- + src/password.c | 3 ++- + src/pesign.c | 10 ++++++++-- + 4 files changed, 41 insertions(+), 11 deletions(-) + +diff --git a/src/daemon.c b/src/daemon.c +index b2801b9..832a0ea 100644 --- a/src/daemon.c +++ b/src/daemon.c -@@ -436,7 +436,11 @@ malformed: +@@ -432,7 +432,11 @@ malformed: if (rc < 0) { err_attached: pe_end(outpe); @@ -19,16 +27,17 @@ goto finish; } ssize_t sigspace = calculate_signature_space(ctx->cms, outpe); -@@ -453,21 +457,33 @@ err_attached: - finalize_signatures(ctx->cms, outpe); +@@ -450,21 +454,34 @@ err_attached: + ctx->cms->num_signatures, outpe); pe_end(outpe); } else { - ftruncate(outfd, 0); + if (ftruncate(outfd, 0) != 0) { + ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR, -+ "pesignd: could not truncate output file: %m"); ++ "pesignd: could not truncate output " ++ "file: %m"); + } - rc = generate_digest(ctx->cms, inpe); + rc = generate_digest(ctx->cms, inpe, 1); if (rc < 0) { err_detached: - ftruncate(outfd, 0); @@ -58,7 +67,7 @@ } finish: -@@ -979,7 +995,12 @@ daemonize(cms_context *cms_ctx, int do_f +@@ -996,7 +1013,12 @@ daemonize(cms_context *cms_ctx, char *certdir, int do_fork) exit(1); } @@ -72,9 +81,28 @@ if (getuid() == 0) { /* process is running as root, drop privileges */ +diff --git a/src/efikeygen.c b/src/efikeygen.c +index ac27acc..8c3e814 100644 +--- a/src/efikeygen.c ++++ b/src/efikeygen.c +@@ -330,10 +330,11 @@ populate_extensions(cms_context *cms, CERTCertificate *cert, + { + CERTAttribute *attr = NULL; + SECOidData *oid; ++ int i; + + oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_EXTENSION_REQUEST); + +- for (int i; crq->attributes[i]; i++) { ++ for (i = 0; crq->attributes[i]; i++) { + attr = crq->attributes[i]; + if (attr->attrType.len != oid->oid.len) + continue; +diff --git a/src/password.c b/src/password.c +index 43186df..9a9c911 100644 --- a/src/password.c +++ b/src/password.c -@@ -76,7 +76,8 @@ static char *SEC_GetPassword(FILE *input +@@ -76,7 +76,8 @@ static char *SEC_GetPassword(FILE *input, FILE *output, char *prompt, echoOff(infd); } @@ -84,9 +112,11 @@ if (isTTY) { fprintf(output, "\n"); +diff --git a/src/pesign.c b/src/pesign.c +index 890ebfc..fe77c9d 100644 --- a/src/pesign.c +++ b/src/pesign.c -@@ -161,9 +161,15 @@ open_output(pesign_context *ctx) +@@ -164,9 +164,15 @@ open_output(pesign_context *ctx) addr = pe_rawfile(ctx->inpe, &size); @@ -104,3 +134,6 @@ Pe_Cmd cmd = ctx->outfd == STDOUT_FILENO ? PE_C_RDWR : PE_C_RDWR_MMAP; ctx->outpe = pe_begin(ctx->outfd, cmd, NULL); +-- +1.8.1.4 + diff --git a/pesign-fix-export-attributes.patch b/pesign-fix-export-attributes.patch deleted file mode 100644 index 98fa3df..0000000 --- a/pesign-fix-export-attributes.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 8376d873bf72c06b5efaa9dad812eb783cda5d41 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 25 Jan 2013 10:34:55 -0500 -Subject: [PATCH] Fix up "-E", which apparently broke during some refactoring. - -Signed-off-by: Peter Jones ---- - src/actions.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/src/actions.c b/src/actions.c -index 6c32819..5c5dd89 100644 ---- a/src/actions.c -+++ b/src/actions.c -@@ -373,6 +373,15 @@ generate_sattr_blob(pesign_context *ctx) - { - int rc; - SECItem sa; -+ SpcContentInfo ci; -+ -+ memset(&ci, '\0', sizeof (ci)); -+ rc = generate_spc_content_info(ctx->cms_ctx, &ci); -+ if (rc < 0) { -+ fprintf(stderr, "Could not generate content info: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } - - rc = generate_signed_attributes(ctx->cms_ctx, &sa); - if (rc < 0) { --- -1.7.10.4 - diff --git a/pesign-local-database.patch b/pesign-local-database.patch deleted file mode 100644 index 6af4179..0000000 --- a/pesign-local-database.patch +++ /dev/null @@ -1,85 +0,0 @@ -commit 21439f502b16cd168950cc2e38bfd6b6353ee428 -Author: Matthew Garrett -Date: Tue Nov 27 10:11:36 2012 -0500 - - Add support for local certificate database directories - - Users may wish to use a certificate database other than the systemwide - one. Add an option for that. - ---- - src/daemon.c | 4 ++-- - src/daemon.h | 2 +- - src/pesign.c | 9 +++++++-- - 3 files changed, 10 insertions(+), 5 deletions(-) - ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -877,7 +877,7 @@ err: - } - - int --daemonize(cms_context *cms_ctx, int do_fork) -+daemonize(cms_context *cms_ctx, char *certdir, int do_fork) - { - int rc = 0; - context ctx = { -@@ -913,7 +913,7 @@ daemonize(cms_context *cms_ctx, int do_f - "pesignd starting (pid %d)", ctx.pid); - - -- SECStatus status = NSS_Init("/etc/pki/pesign"); -+ SECStatus status = NSS_Init(certdir); - if (status != SECSuccess) { - fprintf(stderr, "Could not initialize nss: %s\n", - PORT_ErrorToString(PORT_GetError())); ---- a/src/daemon.h -+++ b/src/daemon.h -@@ -19,7 +19,7 @@ - #ifndef DAEMON_H - #define DAEMON_H 1 - --extern int daemonize(cms_context *ctx, int do_fork); -+extern int daemonize(cms_context *ctx, char *certdir, int do_fork); - - typedef struct { - uint32_t version; ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -443,6 +443,7 @@ main(int argc, char *argv[]) - char *tokenname = "NSS Certificate DB"; - char *origtoken = tokenname; - char *certname = NULL; -+ char *certdir = "/etc/pki/pesign"; - - rc = pesign_context_new(&ctxp); - if (rc < 0) { -@@ -460,6 +461,10 @@ main(int argc, char *argv[]) - {"certficate", 'c', POPT_ARG_STRING, &certname, 0, - "specify certificate nickname", - "" }, -+ {"certdir", 'n', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT, -+ &certdir, 0, -+ "specify nss certificate database directory", -+ "" }, - {"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0, - "specify private key file", "" }, - {"force", 'f', POPT_ARG_VAL, &ctxp->force, 1, -@@ -542,7 +547,7 @@ main(int argc, char *argv[]) - poptFreeContext(optCon); - - if (!daemon) { -- SECStatus status = NSS_Init("/etc/pki/pesign"); -+ SECStatus status = NSS_Init(certdir); - if (status != SECSuccess) { - fprintf(stderr, "Could not initialize nss: %s\n", - PORT_ErrorToString(PORT_GetError())); -@@ -796,7 +801,7 @@ main(int argc, char *argv[]) - close_output(ctxp); - break; - case DAEMONIZE: -- rc = daemonize(ctxp->cms_ctx, fork); -+ rc = daemonize(ctxp->cms_ctx, certdir, fork); - break; - default: - fprintf(stderr, "Incompatible flags (0x%08x): ", action); diff --git a/pesign-no-set-image-size.patch b/pesign-no-set-image-size.patch deleted file mode 100644 index 0de8650..0000000 --- a/pesign-no-set-image-size.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/libdpe/pe_addcert.c 2013-02-12 14:30:49.000000000 +0000 -+++ b/libdpe/pe_addcert.c 2013-02-12 14:30:55.000000000 +0000 -@@ -61,7 +61,9 @@ pe_alloccert(Pe *pe, size_t size) - dd->certs.virtual_address = compute_file_addr(pe, addr); - dd->certs.size = size; - -+#if 0 - pe_set_image_size(pe); -+#endif - - return 0; - } diff --git a/pesign-privkey_unneeded.diff b/pesign-privkey_unneeded.diff index 5582203..bd2c693 100644 --- a/pesign-privkey_unneeded.diff +++ b/pesign-privkey_unneeded.diff @@ -1,12 +1,12 @@ --- - src/cms_common.c | 9 ++++++++- + src/cms_common.c | 10 +++++++++- src/cms_common.h | 1 + src/pesign.c | 1 + - 3 files changed, 10 insertions(+), 1 deletion(-) + 3 files changed, 11 insertions(+), 1 deletion(-) --- a/src/cms_common.c +++ b/src/cms_common.c -@@ -276,6 +276,7 @@ struct cbdata { +@@ -272,6 +272,7 @@ struct cbdata { CERTCertificate *cert; PK11SlotListElement *psle; secuPWData *pwdata; @@ -14,10 +14,11 @@ }; static SECStatus -@@ -288,6 +289,11 @@ is_valid_cert(CERTCertificate *cert, voi +@@ -283,6 +284,12 @@ is_valid_cert(CERTCertificate *cert, voi + void *pwdata = cbdata->pwdata; SECKEYPrivateKey *privkey = NULL; - ++ + if (cbdata->privkey_unneeded) { + cbdata->cert = cert; + return SECSuccess; @@ -26,26 +27,26 @@ privkey = PK11_FindPrivateKeyFromCert(slot, cert, pwdata); if (privkey != NULL) { cbdata->cert = cert; -@@ -398,7 +404,7 @@ err_slots: - goto err_slots_errmsg; +@@ -413,7 +420,7 @@ find_certificate(cms_context *cms, int n + } SECStatus status; - if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) { + if (!cms->privkey_unneeded && PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) { status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata); if (status != SECSuccess) { - cms->log(cms, LOG_ERR, "Authentication failed on " -@@ -425,6 +431,7 @@ err_slots: + PK11_DestroySlotListElement(slots, &psle); +@@ -442,6 +449,7 @@ find_certificate(cms_context *cms, int n .cert = NULL, .psle = psle, .pwdata = pwdata, + .privkey_unneeded = cms->privkey_unneeded, }; - status = PK11_TraverseCertsForNicknameInSlot(&nickname, psle->slot, + if (needs_private_key) { --- a/src/cms_common.h +++ b/src/cms_common.h -@@ -37,6 +37,7 @@ typedef int (*cms_common_logger)(struct +@@ -63,6 +63,7 @@ typedef int (*cms_common_logger)(struct typedef struct cms_context { PRArenaPool *arena; void *privkey; @@ -55,11 +56,11 @@ char *certname; --- a/src/pesign.c +++ b/src/pesign.c -@@ -650,6 +650,7 @@ main(int argc, char *argv[]) +@@ -626,6 +626,7 @@ main(int argc, char *argv[]) */ case IMPORT_RAW_SIGNATURE|IMPORT_SATTRS: check_inputs(ctxp); + ctxp->cms_ctx->privkey_unneeded = 1; - rc = find_certificate(ctxp->cms_ctx); + rc = find_certificate(ctxp->cms_ctx, 0); if (rc < 0) { fprintf(stderr, "pesign: Could not find " diff --git a/pesign-suse-build.patch b/pesign-suse-build.patch index aea896d..98a9e38 100644 --- a/pesign-suse-build.patch +++ b/pesign-suse-build.patch @@ -1,16 +1,14 @@ --- Make.defaults | 5 +++-- Make.rules | 4 ++-- - Makefile | 6 +++--- - src/Makefile | 10 +++++----- + Makefile | 4 ++-- + src/Makefile | 9 +++++---- src/pesign.sysvinit | 12 ++++++++---- util/Makefile | 6 +++--- - 6 files changed, 24 insertions(+), 19 deletions(-) + 6 files changed, 23 insertions(+), 17 deletions(-) -Index: pesign-0.99/Make.defaults -=================================================================== ---- pesign-0.99.orig/Make.defaults -+++ pesign-0.99/Make.defaults +--- a/Make.defaults ++++ b/Make.defaults @@ -5,7 +5,8 @@ HOSTARCH = $(shell uname -m | sed s,i[ ARCH := $(shell uname -m | sed s,i[3456789]86,ia32,) INCDIR = -I$(TOPDIR)/include @@ -30,16 +28,14 @@ Index: pesign-0.99/Make.defaults endif ifeq ($(ARCH), ia32) -Index: pesign-0.99/Make.rules -=================================================================== ---- pesign-0.99.orig/Make.rules -+++ pesign-0.99/Make.rules +--- a/Make.rules ++++ b/Make.rules @@ -2,10 +2,10 @@ $(AR) -cvqs $@ $^ % : %.o -- $(CC) $(CCLDFLAGS) -o $@ $^ $(foreach lib,$(LIBS),-l$(lib)) -+ $(CC) -o $@ $^ $(foreach lib,$(LIBS),-l$(lib)) $(CCLDFLAGS) +- $(CC) $(CCLDFLAGS) -o $@ $^ $(foreach lib,$(LIBS),-l$(lib)) $(foreach pklib,$(PKLIBS), $(shell pkg-config --libs-only-l --libs-only-other $(pklib))) -lpthread ++ $(CC) -o $@ $^ $(foreach lib,$(LIBS),-l$(lib)) $(CCLDFLAGS) $(foreach pklib,$(PKLIBS), $(shell pkg-config --libs-only-l --libs-only-other $(pklib))) -lpthread %.so : - $(CC) $(INCDIR) $(CFLAGS) -Wl,-soname,$(SONAME) $(CCLDFLAGS) $^ -o $@ @@ -47,46 +43,17 @@ Index: pesign-0.99/Make.rules %.o: %.c $(CC) $(INCDIR) $(CFLAGS) $(CPPFLAGS) -c $< -o $@ -Index: pesign-0.99/Makefile -=================================================================== ---- pesign-0.99.orig/Makefile -+++ pesign-0.99/Makefile -@@ -2,7 +2,7 @@ TOPDIR = $(shell echo $$PWD) - - include $(TOPDIR)/Make.defaults - --SUBDIRS := include libdpe src util -+SUBDIRS := include libdpe src - DOCDIR := /share/doc/ - VERSION = 0.99 - -@@ -16,8 +16,8 @@ clean : - - install : - @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done -- $(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/ -- $(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/ -+ $(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign/ -+ $(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign/ - - install_systemd: - @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done -Index: pesign-0.99/src/Makefile -=================================================================== ---- pesign-0.99.orig/src/Makefile -+++ pesign-0.99/src/Makefile -@@ -7,8 +7,9 @@ LIBS = popt - STATIC_LIBS = $(TOPDIR)/libdpe/libdpe.a - PKLIBS = nss +--- a/src/Makefile ++++ b/src/Makefile +@@ -9,6 +9,7 @@ STATIC_LIBS = $(TOPDIR)/libdpe/libdpe.a LDFLAGS = --CCLDFLAGS = -L../libdpe $(foreach pklib,$(PKLIBS), $(shell pkg-config --cflags --libs $(pklib))) -+CCLDFLAGS = -L../libdpe $(foreach pklib,$(PKLIBS), $(shell pkg-config --cflags --libs $(pklib))) -lpthread + CCLDFLAGS = -L../libdpe $(foreach pklib,$(PKLIBS), $(shell pkg-config --libs-only-L $(pklib))) CFLAGS += -I../include/ $(foreach pklib,$(PKLIBS), $(shell pkg-config --cflags $(pklib))) -Werror +UNITDIR = /lib/systemd/system - TARGETS = pesign authvar client + TARGETS = pesign authvar client efisiglist efikeygen -@@ -60,12 +61,12 @@ clean : depclean +@@ -70,12 +71,12 @@ clean : depclean install_systemd: $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/ $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf @@ -103,10 +70,8 @@ Index: pesign-0.99/src/Makefile install : $(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/ -Index: pesign-0.99/util/Makefile -=================================================================== ---- pesign-0.99.orig/util/Makefile -+++ pesign-0.99/util/Makefile +--- a/util/Makefile ++++ b/util/Makefile @@ -4,7 +4,7 @@ TOPDIR = $(SRCDIR)/.. include $(TOPDIR)/Make.defaults @@ -127,10 +92,8 @@ Index: pesign-0.99/util/Makefile .PHONY: all clean install -Index: pesign-0.99/src/pesign.sysvinit -=================================================================== ---- pesign-0.99.orig/src/pesign.sysvinit -+++ pesign-0.99/src/pesign.sysvinit +--- a/src/pesign.sysvinit ++++ b/src/pesign.sysvinit @@ -6,21 +6,25 @@ # processname: /usr/bin/pesign # pidfile: /var/run/pesign.pid @@ -161,3 +124,16 @@ Index: pesign-0.99/src/pesign.sysvinit RETVAL=$? echo touch /var/lock/subsys/pesign +--- a/Makefile ++++ b/Makefile +@@ -16,8 +16,8 @@ clean : + + install : + @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done +- $(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/ +- $(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/ ++ $(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign/ ++ $(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign/ + + install_systemd: + @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done diff --git a/pesign-upstream-fixes.patch b/pesign-upstream-fixes.patch deleted file mode 100644 index e233c1f..0000000 --- a/pesign-upstream-fixes.patch +++ /dev/null @@ -1,2482 +0,0 @@ -From 78dce192009bf5ee7511cc9fc848a725603a9099 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 09:53:07 -0400 -Subject: [PATCH 01/30] Use PK11_TraverseCertsForNicknameInSlot after all. - -As of 76bc13c it doesn't appear to be leaky any more, and it does a -better job of disinguishing between certificates with the same nickname -than we did when doing it by hand. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 20 ++++++++++---------- - 1 file changed, 10 insertions(+), 10 deletions(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 644b44c..2d51979 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -465,23 +465,23 @@ err_slots: - goto err_slots_errmsg; - } - -+ SECItem nickname = { -+ .data = (void *)cms->certname, -+ .len = strlen(cms->certname) + 1, -+ .type = siUTF8String, -+ }; - struct cbdata cbdata = { - .cert = NULL, - .psle = psle, - .pwdata = pwdata, - }; - -- CERTCertListNode *node = NULL; -- for (node = CERT_LIST_HEAD(certlist); !CERT_LIST_END(node,certlist); -- node = CERT_LIST_NEXT(node)) { -- if (strcmp(cms->certname, node->cert->nickname)) -- continue; -+ status = PK11_TraverseCertsForNicknameInSlot(&nickname, psle->slot, -+ is_valid_cert, &cbdata); -+ if (cbdata.cert == NULL) -+ goto err_slots; - -- if (is_valid_cert(node->cert, &cbdata) == SECSuccess) { -- cms->cert = CERT_DupCertificate(cbdata.cert); -- break; -- } -- } -+ cms->cert = CERT_DupCertificate(cbdata.cert); - - PK11_DestroySlotListElement(slots, &psle); - PK11_FreeSlotList(slots); --- -1.7.10.4 - - -From 4fa59c775eb083a9df1b417a9eefe4ba01f2fc7f Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 09:54:10 -0400 -Subject: [PATCH 02/30] Remove an unused field. - -Signed-off-by: Peter Jones ---- - src/pesign_context.c | 1 - - src/pesign_context.h | 1 - - 2 files changed, 2 deletions(-) - -diff --git a/src/pesign_context.c b/src/pesign_context.c -index b4b201d..c6afda6 100644 ---- a/src/pesign_context.c -+++ b/src/pesign_context.c -@@ -88,7 +88,6 @@ pesign_context_fini(pesign_context *ctx) - ctx->cms_ctx = NULL; - } - -- xfree(ctx->certname); - xfree(ctx->privkeyfile); - - if (ctx->outpe) { -diff --git a/src/pesign_context.h b/src/pesign_context.h -index cabccf3..8f4e45a 100644 ---- a/src/pesign_context.h -+++ b/src/pesign_context.h -@@ -58,7 +58,6 @@ typedef struct { - Pe *outpe; - - char *privkeyfile; -- char *certname; - cms_context *cms_ctx; - - int flags; --- -1.7.10.4 - - -From 22a46c4c83f73e02c93eac6bfe314e56d5854f2c Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 09:55:02 -0400 -Subject: [PATCH 03/30] Make sure we actually look up the certificate when not - in daemon mode. - -Signed-off-by: Peter Jones ---- - src/pesign.c | 24 +++++++++++++++--------- - 1 file changed, 15 insertions(+), 9 deletions(-) - -diff --git a/src/pesign.c b/src/pesign.c -index 108994e..4ddf636 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -500,12 +500,6 @@ main(int argc, char *argv[]) - POPT_TABLEEND - }; - -- tokenname = strdup(tokenname); -- if (!tokenname) { -- fprintf(stderr, "could not allocate memory: %m\n"); -- exit(1); -- } -- - if (!daemon) { - SECStatus status = NSS_Init("/etc/pki/pesign"); - if (status != SECSuccess) { -@@ -521,8 +515,6 @@ main(int argc, char *argv[]) - exit(1); - } - -- ctx.cms_ctx->certname = certname ? strdup(certname) : NULL; -- - optCon = poptGetContext("pesign", argc, (const char **)argv, options,0); - - rc = poptReadDefaultConfig(optCon, 0); -@@ -559,7 +551,21 @@ main(int argc, char *argv[]) - exit(!is_help); - } - -- ctx.cms_ctx->tokenname = tokenname; -+ ctx.cms_ctx->tokenname = tokenname ? -+ PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL; -+ if (!ctx.cms_ctx->tokenname) { -+ fprintf(stderr, "could not allocate token name: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } -+ -+ ctx.cms_ctx->certname = certname ? -+ PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL; -+ if (!ctx.cms_ctx->certname) { -+ fprintf(stderr, "could not allocate certificate name: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } - - int action = 0; - if (daemon) --- -1.7.10.4 - - -From 830e67df9da53def8086d9854068af01b437a553 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 09:54:37 -0400 -Subject: [PATCH 04/30] Free the certificate list we make once we're done - using it. - -Signed-off-by: Peter Jones ---- - src/wincert.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/wincert.c b/src/wincert.c -index fe666c5..b487dc5 100644 ---- a/src/wincert.c -+++ b/src/wincert.c -@@ -74,6 +74,7 @@ finalize_signatures(cms_context *cms, Pe *pe) - free(clist); - return -1; - } -+ free(clist); - return 0; - } - --- -1.7.10.4 - - -From a588656e3af22e63822c7a8b2afae5f0c3eefe2c Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 10:35:41 -0400 -Subject: [PATCH 05/30] Fix check for allocations on tokenname,certname. - -If we didn't have anything to start with, we won't have anything when -we're done... - -Signed-off-by: Peter Jones ---- - src/pesign.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/pesign.c b/src/pesign.c -index 4ddf636..c7b23cf 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -553,7 +553,7 @@ main(int argc, char *argv[]) - - ctx.cms_ctx->tokenname = tokenname ? - PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL; -- if (!ctx.cms_ctx->tokenname) { -+ if (tokenname && !ctx.cms_ctx->tokenname) { - fprintf(stderr, "could not allocate token name: %s\n", - PORT_ErrorToString(PORT_GetError())); - exit(1); -@@ -561,7 +561,7 @@ main(int argc, char *argv[]) - - ctx.cms_ctx->certname = certname ? - PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL; -- if (!ctx.cms_ctx->certname) { -+ if (certname && !ctx.cms_ctx->certname) { - fprintf(stderr, "could not allocate certificate name: %s\n", - PORT_ErrorToString(PORT_GetError())); - exit(1); --- -1.7.10.4 - - -From f30c6298941f70e9d8b02833b90660ae7a6e4351 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 10:57:20 -0400 -Subject: [PATCH 06/30] Free the pid string once we're done writing it. - -Signed-off-by: Peter Jones ---- - src/daemon.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/daemon.c b/src/daemon.c -index daa2dbf..245491f 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -842,6 +842,7 @@ err: - if (rc < 0) - goto err; - -+ free(pidstr); - close(fd); - } - --- -1.7.10.4 - - -From 87b8175925d217abd1ec91e800cbcd969a3e0786 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 11:26:04 -0400 -Subject: [PATCH 07/30] Only try to register OIDs once. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 2d51979..6219a2a 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -179,11 +179,15 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...) - int - cms_context_init(cms_context *cms) - { -+ static int first_time = 1; - memset(cms, '\0', sizeof (*cms)); - -- SECStatus status = register_oids(cms); -- if (status != SECSuccess) -- return -1; -+ if (first_time) { -+ SECStatus status = register_oids(cms); -+ if (status != SECSuccess) -+ return -1; -+ first_time = 0; -+ } - - cms->log = cms_common_log; - --- -1.7.10.4 - - -From e7a2d0d1fd1f1811fe48ee8b96c2d2fc12238ac7 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 14:33:35 -0400 -Subject: [PATCH 08/30] Don't set up digests in cms_context_init. - -Move digest setup out of cms_context_init, so we can avoid leaking the -reference to the digests by not having them in ctx->backup_cms in the -daemon. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 9 ++------- - src/cms_common.h | 3 +++ - src/daemon.c | 27 +++++++++++++++++++++++++++ - 3 files changed, 32 insertions(+), 7 deletions(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 6219a2a..a8e34dd 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -97,7 +97,7 @@ digest_get_digest_size(cms_context *cms) - } - - --static int -+int - setup_digests(cms_context *cms) - { - struct digest *digests = NULL; -@@ -133,7 +133,7 @@ err: - return -1; - } - --static void -+void - teardown_digests(cms_context *ctx) - { - struct digest *digests = ctx->digests; -@@ -199,11 +199,6 @@ cms_context_init(cms_context *cms) - return -1; - } - -- int rc = setup_digests(cms); -- if (rc < 0) { -- PORT_FreeArena(cms->arena, PR_TRUE); -- return -1; -- } - cms->selected_digest = -1; - - return 0; -diff --git a/src/cms_common.h b/src/cms_common.h -index fc80fa3..830427e 100644 ---- a/src/cms_common.h -+++ b/src/cms_common.h -@@ -86,6 +86,9 @@ extern int cms_context_alloc(cms_context **ctxp); - extern int cms_context_init(cms_context *ctx); - extern void cms_context_fini(cms_context *ctx); - -+extern int setup_digests(cms_context *cms); -+extern void teardown_digests(cms_context *ctx); -+ - extern int generate_octet_string(cms_context *ctx, SECItem *encoded, - SECItem *original); - extern int generate_object_id(cms_context *ctx, SECItem *encoded, -diff --git a/src/daemon.c b/src/daemon.c -index 245491f..645722e 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -143,6 +143,15 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size) - return; - } - -+ rc = setup_digests(ctx->cms); -+ if (rc < 0) { -+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, -+ "Could not initialize digests: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ send_response(ctx, ctx->backup_cms, pollfd, rc); -+ return; -+ } -+ - steal_from_cms(ctx->backup_cms, ctx->cms); - - if (!buffer) { -@@ -491,6 +500,15 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size) - if (rc < 0) - return; - -+ rc = setup_digests(ctx->cms); -+ if (rc < 0) { -+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, -+ "Could not initialize digests: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ send_response(ctx, ctx->backup_cms, pollfd, rc); -+ return; -+ } -+ - steal_from_cms(ctx->backup_cms, ctx->cms); - - handle_signing(ctx, pollfd, size, 1); -@@ -506,6 +524,15 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size) - if (rc < 0) - return; - -+ rc = setup_digests(ctx->cms); -+ if (rc < 0) { -+ ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, -+ "Could not initialize digests: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ send_response(ctx, ctx->backup_cms, pollfd, rc); -+ return; -+ } -+ - steal_from_cms(ctx->backup_cms, ctx->cms); - - handle_signing(ctx, pollfd, size, 0); --- -1.7.10.4 - - -From 1538adb13dc9bf4277fa7fd1b2d2c01a606b516c Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 12:05:29 -0400 -Subject: [PATCH 09/30] Check for NSS_Shutdown() failure. - -Signed-off-by: Peter Jones ---- - src/daemon.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/daemon.c b/src/daemon.c -index 645722e..c4f6fb7 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -994,6 +994,11 @@ daemonize(cms_context *cms_ctx, int do_fork) - - rc = handle_events(&ctx); - -- NSS_Shutdown(); -+ status = NSS_Shutdown(); -+ if (status != SECSuccess) { -+ fprintf(stderr, "NSS_Shutdown failed: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } - return rc; - } --- -1.7.10.4 - - -From 77f0fb3fbfab97ff3e768e2811c6d73ef49472f6 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 12:17:39 -0400 -Subject: [PATCH 10/30] Don't destroy stdin/stdout/stderr if we don't fork. - -I like being able to read my error messages. - -Signed-off-by: Peter Jones ---- - src/daemon.c | 59 ++++++++++++++++++++++++++++++++-------------------------- - 1 file changed, 33 insertions(+), 26 deletions(-) - -diff --git a/src/daemon.c b/src/daemon.c -index c4f6fb7..f44f069 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -917,33 +917,38 @@ daemonize(cms_context *cms_ctx, int do_fork) - exit(1); - } - -- int fd = open("/dev/zero", O_RDONLY); -- close(STDIN_FILENO); -- rc = dup2(fd, STDIN_FILENO); -- if (rc < 0) { -- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR, -- "pesignd: could not set up standard input: %m"); -- exit(1); -- } -- close(fd); -+ if (do_fork) { -+ int fd = open("/dev/zero", O_RDONLY); -+ close(STDIN_FILENO); -+ rc = dup2(fd, STDIN_FILENO); -+ if (rc < 0) { -+ ctx.backup_cms->log(ctx.backup_cms, -+ ctx.priority|LOG_ERR, -+ "pesignd: could not set up standard input: %m"); -+ exit(1); -+ } -+ close(fd); - -- fd = open("/dev/null", O_WRONLY); -- close(STDOUT_FILENO); -- rc = dup2(fd, STDOUT_FILENO); -- if (rc < 0) { -- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR, -- "pesignd: could not set up standard output: %m"); -- exit(1); -- } -+ fd = open("/dev/null", O_WRONLY); -+ close(STDOUT_FILENO); -+ rc = dup2(fd, STDOUT_FILENO); -+ if (rc < 0) { -+ ctx.backup_cms->log(ctx.backup_cms, -+ ctx.priority|LOG_ERR, -+ "pesignd: could not set up standard output: %m"); -+ exit(1); -+ } - -- close(STDERR_FILENO); -- rc = dup2(fd, STDERR_FILENO); -- if (rc < 0) { -- ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR, -- "pesignd: could not set up standard error: %m"); -- exit(1); -+ close(STDERR_FILENO); -+ rc = dup2(fd, STDERR_FILENO); -+ if (rc < 0) { -+ ctx.backup_cms->log(ctx.backup_cms, -+ ctx.priority|LOG_ERR, -+ "pesignd: could not set up standard error: %m"); -+ exit(1); -+ } -+ close(fd); - } -- close(fd); - - prctl(PR_SET_NAME, "pesignd", 0, 0, 0); - -@@ -990,13 +995,15 @@ daemonize(cms_context *cms_ctx, int do_fork) - - cms_set_pw_callback(ctx.backup_cms, get_password_fail); - cms_set_pw_data(ctx.backup_cms, NULL); -- ctx.backup_cms->log = daemon_logger; -+ if (do_fork) -+ ctx.backup_cms->log = daemon_logger; - - rc = handle_events(&ctx); - - status = NSS_Shutdown(); - if (status != SECSuccess) { -- fprintf(stderr, "NSS_Shutdown failed: %s\n", -+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_ERR, -+ "NSS_Shutdown failed: %s\n", - PORT_ErrorToString(PORT_GetError())); - exit(1); - } --- -1.7.10.4 - - -From dc142c3ee418ba55b2d86d39c81c867b8a07447b Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 14:41:18 -0400 -Subject: [PATCH 11/30] Do register_oids() where we're doing NSS_Init() - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 8 -------- - src/daemon.c | 7 +++++++ - 2 files changed, 7 insertions(+), 8 deletions(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index a8e34dd..6188e6e 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -179,16 +179,8 @@ cms_common_log(cms_context *ctx, int priority, char *fmt, ...) - int - cms_context_init(cms_context *cms) - { -- static int first_time = 1; - memset(cms, '\0', sizeof (*cms)); - -- if (first_time) { -- SECStatus status = register_oids(cms); -- if (status != SECSuccess) -- return -1; -- first_time = 0; -- } -- - cms->log = cms_common_log; - - cms->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); -diff --git a/src/daemon.c b/src/daemon.c -index f44f069..085cfec 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -917,6 +917,13 @@ daemonize(cms_context *cms_ctx, int do_fork) - exit(1); - } - -+ status = register_oids(ctx.backup_cms); -+ if (status != SECSuccess) { -+ ctx.backup_cms->log(ctx.backup_cms, ctx.priority|LOG_NOTICE, -+ "Could not register OIDs\n"); -+ exit(1); -+ } -+ - if (do_fork) { - int fd = open("/dev/zero", O_RDONLY); - close(STDIN_FILENO); --- -1.7.10.4 - - -From 02e9940ee774b71ad899222737f58ef435badda3 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 14:43:58 -0400 -Subject: [PATCH 12/30] Make daemon shutdown actually close the NSS databases - and whatnot. - -Signed-off-by: Peter Jones ---- - src/daemon.c | 20 +++++++++++++++++--- - 1 file changed, 17 insertions(+), 3 deletions(-) - -diff --git a/src/daemon.c b/src/daemon.c -index 085cfec..dd215f8 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -125,8 +125,7 @@ handle_kill_daemon(context *ctx, struct pollfd *pollfd, socklen_t size) - ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, - "pesignd exiting (pid %d)", getpid()); - -- cms_context_fini(ctx->backup_cms); -- exit(0); -+ should_exit = 1; - } - - static void -@@ -625,6 +624,16 @@ handle_event(context *ctx, struct pollfd *pollfd) - return 0; - } - -+static void -+do_shutdown(context *ctx, int nsockets, struct pollfd *pollfds) -+{ -+ for (int i = 0; i < nsockets; i++) -+ close(pollfds[i].fd); -+ free(pollfds); -+ -+ xfree(ctx->errstr); -+} -+ - static int - handle_events(context *ctx) - { -@@ -643,9 +652,14 @@ handle_events(context *ctx) - pollfds[0].events = POLLIN|POLLPRI|POLLHUP; - - while (1) { -+ if (should_exit != 0) { -+shutdown: -+ do_shutdown(ctx, nsockets, pollfds); -+ return 0; -+ } - rc = ppoll(pollfds, nsockets, NULL, NULL); - if (should_exit != 0) -- exit(0); -+ goto shutdown; - if (rc < 0) { - ctx->backup_cms->log(ctx->backup_cms, - ctx->priority|LOG_WARNING, --- -1.7.10.4 - - -From 05776781dd3bfb30558803b3fc740f59ab5f546c Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 15:26:23 -0400 -Subject: [PATCH 13/30] Use PORT_ArenaStrdup() where appropriate. - -Signed-off-by: Peter Jones ---- - src/daemon.c | 15 ++++++--------- - src/pesign.c | 12 ++++++------ - 2 files changed, 12 insertions(+), 15 deletions(-) - -diff --git a/src/daemon.c b/src/daemon.c -index dd215f8..794b6b5 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -205,9 +205,8 @@ malformed: - "pesignd: unlocking token \"%s\"", tn->value); - - /* authenticating with nss frees this ... best API ever. */ -- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena, -- strlen((char *)tn->value)); -- strcpy(ctx->cms->tokenname, (char *)tn->value); -+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena, -+ (char *)tn->value); - if (!ctx->cms->tokenname) - goto oom; - -@@ -393,9 +392,8 @@ malformed: - n -= tn->size; - - /* authenticating with nss frees these ... best API ever. */ -- ctx->cms->tokenname = PORT_ArenaZAlloc(ctx->cms->arena, -- strlen((char *)tn->value)); -- strcpy(ctx->cms->tokenname, (char *)tn->value); -+ ctx->cms->tokenname = PORT_ArenaStrdup(ctx->cms->arena, -+ (char *)tn->value); - if (!ctx->cms->tokenname) - goto oom; - -@@ -406,9 +404,8 @@ malformed: - if (n < cn->size) - goto malformed; - -- ctx->cms->certname = PORT_ArenaZAlloc(ctx->cms->arena, -- strlen((char *)cn->value)); -- strcpy(ctx->cms->certname, (char *)cn->value); -+ ctx->cms->certname = PORT_ArenaStrdup(ctx->cms->arena, -+ (char *)cn->value); - if (!ctx->cms->certname) - goto oom; - -diff --git a/src/pesign.c b/src/pesign.c -index c7b23cf..819cee0 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -551,17 +551,17 @@ main(int argc, char *argv[]) - exit(!is_help); - } - -- ctx.cms_ctx->tokenname = tokenname ? -- PORT_ArenaStrdup(ctx.cms_ctx->arena, tokenname) : NULL; -- if (tokenname && !ctx.cms_ctx->tokenname) { -+ ctxp->cms_ctx->tokenname = tokenname ? -+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, tokenname) : NULL; -+ if (tokenname && !ctxp->cms_ctx->tokenname) { - fprintf(stderr, "could not allocate token name: %s\n", - PORT_ErrorToString(PORT_GetError())); - exit(1); - } - -- ctx.cms_ctx->certname = certname ? -- PORT_ArenaStrdup(ctx.cms_ctx->arena, certname) : NULL; -- if (certname && !ctx.cms_ctx->certname) { -+ ctxp->cms_ctx->certname = certname ? -+ PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL; -+ if (certname && !ctxp->cms_ctx->certname) { - fprintf(stderr, "could not allocate certificate name: %s\n", - PORT_ErrorToString(PORT_GetError())); - exit(1); --- -1.7.10.4 - - -From b47c02b5b67b9d66cd67897767a831530594dce4 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 15:27:03 -0400 -Subject: [PATCH 14/30] [daemon] Make sure inpe is initialized before all - error handling. - -find_certificate() and set_up_inpe() errors wind up being at the same -place, which means when find_certificate is called, inpe already must be -NULL. - -Signed-off-by: Peter Jones ---- - src/daemon.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/daemon.c b/src/daemon.c -index 794b6b5..4259a3a 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -358,6 +358,7 @@ handle_signing(context *ctx, struct pollfd *pollfd, socklen_t size, - struct iovec iov; - ssize_t n; - char *buffer = malloc(size); -+ Pe *inpe = NULL; - - if (!buffer) { - oom: -@@ -429,7 +430,6 @@ malformed: - goto finish; - } - -- Pe *inpe = NULL; - rc = set_up_inpe(ctx, infd, &inpe); - if (rc < 0) - goto finish; --- -1.7.10.4 - - -From ed7eeb208562019489a28ec485fa85b5c2e08bfc Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 15:31:15 -0400 -Subject: [PATCH 15/30] Allocate pesign_context rather than having it on the - stack. - -This way it won't try to re-initialize cms_context when it's cleaned up. - -Signed-off-by: Peter Jones ---- - src/pesign.c | 152 +++++++++++++++++++++++++++++----------------------------- - 1 file changed, 77 insertions(+), 75 deletions(-) - -diff --git a/src/pesign.c b/src/pesign.c -index 819cee0..4c18b95 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -426,7 +426,7 @@ main(int argc, char *argv[]) - { - int rc; - -- pesign_context ctx, *ctxp = &ctx; -+ pesign_context *ctxp; - - int list = 0; - int remove = 0; -@@ -437,40 +437,47 @@ main(int argc, char *argv[]) - char *tokenname = "NSS Certificate DB"; - char *certname = NULL; - -+ rc = pesign_context_new(&ctxp); -+ if (rc < 0) { -+ fprintf(stderr, "Could not initialize context: %m\n"); -+ exit(1); -+ } -+ - poptContext optCon; - struct poptOption options[] = { - {NULL, '\0', POPT_ARG_INTL_DOMAIN, "pesign" }, -- {"in", 'i', POPT_ARG_STRING, &ctx.infile, 0, -+ {"in", 'i', POPT_ARG_STRING, &ctxp->infile, 0, - "specify input file", ""}, -- {"out", 'o', POPT_ARG_STRING, &ctx.outfile, 0, -+ {"out", 'o', POPT_ARG_STRING, &ctxp->outfile, 0, - "specify output file", "" }, - {"certficate", 'c', POPT_ARG_STRING, &certname, 0, - "specify certificate nickname", - "" }, -- {"privkey", 'p', POPT_ARG_STRING, &ctx.privkeyfile, 0, -+ {"privkey", 'p', POPT_ARG_STRING, &ctxp->privkeyfile, 0, - "specify private key file", "" }, -- {"force", 'f', POPT_ARG_VAL, &ctx.force, 1, -+ {"force", 'f', POPT_ARG_VAL, &ctxp->force, 1, - "force overwriting of output file", NULL }, -- {"sign", 's', POPT_ARG_VAL, &ctx.sign, 1, -+ {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1, - "create a new signature", NULL }, -- {"hash", 'h', POPT_ARG_VAL, &ctx.hash, 1, "hash binary", NULL }, -+ {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL }, - {"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT, - &digest_name, 0, "digest type to use for pe hash" }, - {"import-signed-certificate", 'm', - POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, -- &ctx.insig, 0,"import signature from file", "" }, -+ &ctxp->insig, 0,"import signature from file", "" }, - {"export-signed-attributes", 'E', - POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, -- &ctx.outsattrs, 0, "export signed attributes to file", -+ &ctxp->outsattrs, 0, "export signed attributes to file", - "" }, - {"import-signed-attributes", 'I', - POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, -- &ctx.insattrs, 0, "import signed attributes from file", -+ &ctxp->insattrs, 0, -+ "import signed attributes from file", - "" }, - {"import-raw-signature", 'R', -- POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctx.rawsig, -+ POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, &ctxp->rawsig, - 0, "import raw signature from file", "" }, -- {"signature-number", 'u', POPT_ARG_INT, &ctx.signum, -1, -+ {"signature-number", 'u', POPT_ARG_INT, &ctxp->signum, -1, - "specify which signature to operate on",""}, - {"list-signatures", 'l', - POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, -@@ -483,13 +490,14 @@ main(int argc, char *argv[]) - "remove signature" }, - {"export-signature", 'e', - POPT_ARG_STRING|POPT_ARGFLAG_DOC_HIDDEN, -- &ctx.outsig, 0,"export signature to file", "" }, -+ &ctxp->outsig, 0, -+ "export signature to file", "" }, - {"export-pubkey", 'K', POPT_ARG_STRING, -- &ctx.outkey, 0, "export pubkey to file", "" }, -+ &ctxp->outkey, 0, "export pubkey to file", "" }, - {"export-cert", 'C', POPT_ARG_STRING, -- &ctx.outcert, 0, "export signing cert to file", -+ &ctxp->outcert, 0, "export signing cert to file", - "" }, -- {"ascii-armor", 'a', POPT_ARG_VAL, &ctx.ascii, 1, -+ {"ascii-armor", 'a', POPT_ARG_VAL, &ctxp->ascii, 1, - "use ascii armoring", NULL }, - {"daemonize", 'D', POPT_ARG_VAL, &daemon, 1, - "run as a daemon process", NULL }, -@@ -509,12 +517,6 @@ main(int argc, char *argv[]) - } - } - -- rc = pesign_context_init(ctxp); -- if (rc < 0) { -- fprintf(stderr, "Could not initialize context: %m\n"); -- exit(1); -- } -- - optCon = poptGetContext("pesign", argc, (const char **)argv, options,0); - - rc = poptReadDefaultConfig(optCon, 0); -@@ -571,25 +573,25 @@ main(int argc, char *argv[]) - if (daemon) - action |= DAEMONIZE; - -- if (ctx.rawsig) -+ if (ctxp->rawsig) - action |= IMPORT_RAW_SIGNATURE; - -- if (ctx.insattrs) -+ if (ctxp->insattrs) - action |= IMPORT_SATTRS; - -- if (ctx.outsattrs) -+ if (ctxp->outsattrs) - action |= EXPORT_SATTRS; -- -- if (ctx.insig) -+ -+ if (ctxp->insig) - action |= IMPORT_SIGNATURE; - -- if (ctx.outkey) -+ if (ctxp->outkey) - action |= EXPORT_PUBKEY; - -- if (ctx.outcert) -+ if (ctxp->outcert) - action |= EXPORT_CERT; - -- if (ctx.outsig) -+ if (ctxp->outsig) - action |= EXPORT_SIGNATURE; - - if (remove != 0) -@@ -598,13 +600,13 @@ main(int argc, char *argv[]) - if (list != 0) - action |= LIST_SIGNATURES; - -- if (ctx.sign) { -+ if (ctxp->sign) { - action |= GENERATE_SIGNATURE; - if (!(action & EXPORT_SIGNATURE)) - action |= IMPORT_SIGNATURE; - } - -- if (ctx.hash) -+ if (ctxp->hash) - action |= GENERATE_DIGEST|PRINT_DIGEST; - - ssize_t sigspace = 0; -@@ -620,11 +622,11 @@ main(int argc, char *argv[]) - */ - case IMPORT_RAW_SIGNATURE|IMPORT_SATTRS: - check_inputs(ctxp); -- rc = find_certificate(ctx.cms_ctx); -+ rc = find_certificate(ctxp->cms_ctx); - if (rc < 0) { - fprintf(stderr, "pesign: Could not find " - "certificate %s\n", -- ctx.cms_ctx->certname); -+ ctxp->cms_ctx->certname); - exit(1); - } - open_rawsig_input(ctxp); -@@ -636,19 +638,19 @@ main(int argc, char *argv[]) - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); -- generate_digest(ctx.cms_ctx, ctx.outpe); -- sigspace = calculate_signature_space(ctx.cms_ctx, -- ctx.outpe); -- allocate_signature_space(ctx.outpe, sigspace); -- generate_signature(ctx.cms_ctx); -- insert_signature(ctx.cms_ctx, ctx.signum); -- finalize_signatures(ctx.cms_ctx, ctx.outpe); -+ generate_digest(ctxp->cms_ctx, ctxp->outpe); -+ sigspace = calculate_signature_space(ctxp->cms_ctx, -+ ctxp->outpe); -+ allocate_signature_space(ctxp->outpe, sigspace); -+ generate_signature(ctxp->cms_ctx); -+ insert_signature(ctxp->cms_ctx, ctxp->signum); -+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe); - close_output(ctxp); - break; - case EXPORT_SATTRS: - open_input(ctxp); - open_sattr_output(ctxp); -- generate_digest(ctx.cms_ctx, ctx.inpe); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe); - generate_sattr_blob(ctxp); - close_sattr_output(ctxp); - close_input(ctxp); -@@ -666,22 +668,22 @@ main(int argc, char *argv[]) - close_output(ctxp); - break; - case EXPORT_PUBKEY: -- rc = find_certificate(ctx.cms_ctx); -+ rc = find_certificate(ctxp->cms_ctx); - if (rc < 0) { - fprintf(stderr, "pesign: Could not find " - "certificate %s\n", -- ctx.cms_ctx->certname); -+ ctxp->cms_ctx->certname); - exit(1); - } - open_pubkey_output(ctxp); - export_pubkey(ctxp); - break; - case EXPORT_CERT: -- rc = find_certificate(ctx.cms_ctx); -+ rc = find_certificate(ctxp->cms_ctx); - if (rc < 0) { - fprintf(stderr, "pesign: Could not find " - "certificate %s\n", -- ctx.cms_ctx->certname); -+ ctxp->cms_ctx->certname); - exit(1); - } - open_cert_output(ctxp); -@@ -691,21 +693,21 @@ main(int argc, char *argv[]) - case EXPORT_SIGNATURE: - open_input(ctxp); - open_sig_output(ctxp); -- if (ctx.signum > ctx.cms_ctx->num_signatures) { -+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) { - fprintf(stderr, "Invalid signature number.\n"); - exit(1); - } -- if (ctx.signum < 0) -- ctx.signum = 0; -- if (ctx.signum >= ctx.cms_ctx->num_signatures) { -+ if (ctxp->signum < 0) -+ ctxp->signum = 0; -+ if (ctxp->signum >= ctxp->cms_ctx->num_signatures) { - fprintf(stderr, "No valid signature #%d.\n", -- ctx.signum); -+ ctxp->signum); - exit(1); - } -- memcpy(&ctx.cms_ctx->newsig, -- ctx.cms_ctx->signatures[ctx.signum], -- sizeof (ctx.cms_ctx->newsig)); -- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii); -+ memcpy(&ctxp->cms_ctx->newsig, -+ ctxp->cms_ctx->signatures[ctxp->signum], -+ sizeof (ctxp->cms_ctx->newsig)); -+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii); - close_input(ctxp); - close_sig_output(ctxp); - break; -@@ -715,11 +717,11 @@ main(int argc, char *argv[]) - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); -- if (ctx.signum > ctx.cms_ctx->num_signatures) { -+ if (ctxp->signum > ctxp->cms_ctx->num_signatures) { - fprintf(stderr, "Invalid signature number.\n"); - exit(1); - } -- remove_signature(&ctx); -+ remove_signature(ctxp); - close_output(ctxp); - break; - /* list signatures in the binary */ -@@ -729,49 +731,49 @@ main(int argc, char *argv[]) - break; - case GENERATE_DIGEST|PRINT_DIGEST: - open_input(ctxp); -- generate_digest(ctx.cms_ctx, ctx.inpe); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe); - print_digest(ctxp); - break; - /* generate a signature and save it in a separate file */ - case EXPORT_SIGNATURE|GENERATE_SIGNATURE: -- rc = find_certificate(ctx.cms_ctx); -+ rc = find_certificate(ctxp->cms_ctx); - if (rc < 0) { - fprintf(stderr, "pesign: Could not find " - "certificate %s\n", -- ctx.cms_ctx->certname); -+ ctxp->cms_ctx->certname); - exit(1); - } - open_input(ctxp); - open_sig_output(ctxp); -- generate_digest(ctx.cms_ctx, ctx.inpe); -- generate_signature(ctx.cms_ctx); -- export_signature(ctx.cms_ctx, ctx.outsigfd, ctx.ascii); -+ generate_digest(ctxp->cms_ctx, ctxp->inpe); -+ generate_signature(ctxp->cms_ctx); -+ export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii); - break; - /* generate a signature and embed it in the binary */ - case IMPORT_SIGNATURE|GENERATE_SIGNATURE: - check_inputs(ctxp); -- rc = find_certificate(ctx.cms_ctx); -+ rc = find_certificate(ctxp->cms_ctx); - if (rc < 0) { - fprintf(stderr, "pesign: Could not find " - "certificate %s\n", -- ctx.cms_ctx->certname); -+ ctxp->cms_ctx->certname); - exit(1); - } - open_input(ctxp); - open_output(ctxp); - close_input(ctxp); -- generate_digest(ctx.cms_ctx, ctx.outpe); -- sigspace = calculate_signature_space(ctx.cms_ctx, -- ctx.outpe); -- allocate_signature_space(ctx.outpe, sigspace); -- generate_digest(ctx.cms_ctx, ctx.outpe); -- generate_signature(ctx.cms_ctx); -- insert_signature(ctx.cms_ctx, ctx.signum); -- finalize_signatures(ctx.cms_ctx, ctx.outpe); -+ generate_digest(ctxp->cms_ctx, ctxp->outpe); -+ sigspace = calculate_signature_space(ctxp->cms_ctx, -+ ctxp->outpe); -+ allocate_signature_space(ctxp->outpe, sigspace); -+ generate_digest(ctxp->cms_ctx, ctxp->outpe); -+ generate_signature(ctxp->cms_ctx); -+ insert_signature(ctxp->cms_ctx, ctxp->signum); -+ finalize_signatures(ctxp->cms_ctx, ctxp->outpe); - close_output(ctxp); - break; - case DAEMONIZE: -- rc = daemonize(ctx.cms_ctx, fork); -+ rc = daemonize(ctxp->cms_ctx, fork); - break; - default: - fprintf(stderr, "Incompatible flags (0x%08x): ", action); -@@ -782,7 +784,7 @@ main(int argc, char *argv[]) - fprintf(stderr, "\n"); - exit(1); - } -- pesign_context_fini(&ctx); -+ pesign_context_free(ctxp); - - NSS_Shutdown(); - return (rc < 0); --- -1.7.10.4 - - -From 0466bb97d6ba8fb55fbeccaef86769c0c2bbd642 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 15:32:57 -0400 -Subject: [PATCH 16/30] [pesign] initialize nss only if we're not a daemon. - -If it's a deamon, NSS_Init, register_oids, and setup_digests will be -done in the daemon code, not in the normal tool code. - -Signed-off-by: Peter Jones ---- - src/pesign.c | 33 +++++++++++++++++++++++---------- - 1 file changed, 23 insertions(+), 10 deletions(-) - -diff --git a/src/pesign.c b/src/pesign.c -index 4c18b95..23aa992 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -508,15 +508,6 @@ main(int argc, char *argv[]) - POPT_TABLEEND - }; - -- if (!daemon) { -- SECStatus status = NSS_Init("/etc/pki/pesign"); -- if (status != SECSuccess) { -- fprintf(stderr, "Could not initialize nss: %s\n", -- PORT_ErrorToString(PORT_GetError())); -- exit(1); -- } -- } -- - optCon = poptGetContext("pesign", argc, (const char **)argv, options,0); - - rc = poptReadDefaultConfig(optCon, 0); -@@ -543,7 +534,29 @@ main(int argc, char *argv[]) - - poptFreeContext(optCon); - -- rc = set_digest_parameters(ctx.cms_ctx, digest_name); -+ if (!daemon) { -+ SECStatus status = NSS_Init("/etc/pki/pesign"); -+ if (status != SECSuccess) { -+ fprintf(stderr, "Could not initialize nss: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } -+ -+ status = register_oids(ctxp->cms_ctx); -+ if (status != SECSuccess) { -+ fprintf(stderr, "Could not register OIDs\n"); -+ exit(1); -+ } -+ -+ rc = setup_digests(ctxp->cms_ctx); -+ if (rc < 0) { -+ fprintf(stderr, "Could not initialize digests: %s\n", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } -+ } -+ -+ rc = set_digest_parameters(ctxp->cms_ctx, digest_name); - int is_help = strcmp(digest_name, "help") ? 0 : 1; - if (rc < 0) { - if (!is_help) { --- -1.7.10.4 - - -From a73cfcd17f4d1bfc2055c973f06142443c072336 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 15:34:00 -0400 -Subject: [PATCH 17/30] Handle errors on pesign_context_init() - -Signed-off-by: Peter Jones ---- - src/pesign_context.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/pesign_context.c b/src/pesign_context.c -index c6afda6..cbd929f 100644 ---- a/src/pesign_context.c -+++ b/src/pesign_context.c -@@ -37,7 +37,9 @@ pesign_context_new(pesign_context **ctx) - if (!context) - return -1; - -- pesign_context_init(context); -+ rc = pesign_context_init(context); -+ if (rc < 0) -+ return rc; - context->flags |= PESIGN_C_ALLOCATED; - - *ctx = context; --- -1.7.10.4 - - -From a80f9aac4458caa32fae745824b2c73161dcd66f Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 16:35:43 -0400 -Subject: [PATCH 18/30] Add sanity checking to make sure we don't emit - uninitialized hashes. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 15 ++++++++++++++- - src/content_info.c | 11 +++++++++++ - src/signer_info.c | 5 +++++ - src/util.h | 13 +++++++++++++ - 4 files changed, 43 insertions(+), 1 deletion(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 6188e6e..0c8ad8c 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -532,6 +532,10 @@ generate_empty_sequence(cms_context *cms, SECItem *encoded) - int - generate_octet_string(cms_context *cms, SECItem *encoded, SECItem *original) - { -+ if (content_is_empty(original->data, original->len)) { -+ cms->log(cms, LOG_ERR, "content is empty, not encoding"); -+ return -1; -+ } - if (SEC_ASN1EncodeItem(cms->arena, encoded, original, - SEC_OctetStringTemplate) == NULL) - return -1; -@@ -942,7 +946,16 @@ generate_signature(cms_context *cms) - { - int rc = 0; - -- assert(cms->digests[cms->selected_digest].pe_digest != NULL); -+ if (cms->digests[cms->selected_digest].pe_digest == NULL) { -+ cms->log(cms, LOG_ERR, "pe digest has not been allocated"); -+ return -1; -+ } -+ -+ if (content_is_empty(cms->digests[cms->selected_digest].pe_digest->data, -+ cms->digests[cms->selected_digest].pe_digest->len)) { -+ cms->log(cms, LOG_ERR, "pe binary has not been digested"); -+ return -1; -+ } - - SECItem sd_der; - memset(&sd_der, '\0', sizeof(sd_der)); -diff --git a/src/content_info.c b/src/content_info.c -index 044e85e..7246d20 100644 ---- a/src/content_info.c -+++ b/src/content_info.c -@@ -197,6 +197,11 @@ generate_spc_digest_info(cms_context *cms, SECItem *dip) - int i = cms->selected_digest; - memcpy(&di.digest, cms->digests[i].pe_digest, sizeof (di.digest)); - -+ if (content_is_empty(di.digest.data, di.digest.len)) { -+ cms->log(cms, LOG_ERR, "got empty digest"); -+ return -1; -+ } -+ - if (SEC_ASN1EncodeItem(cms->arena, dip, &di, - DigestInfoTemplate) == NULL) { - cms->log(cms, LOG_ERR, "could not encode DigestInfo: %s", -@@ -327,6 +332,12 @@ generate_cinfo_digest(cms_context *cms, SpcContentInfo *cip) - &cms->ci_digest->len, - digest_get_digest_size(cms)) != SECSuccess) - goto err; -+ -+ if (content_is_empty(cms->ci_digest->data, cms->ci_digest->len)) { -+ cms->log(cms, LOG_ERR, "generated empty digest"); -+ goto err; -+ } -+ - if (cms->ci_digest->len > digest_get_digest_size(cms)) - goto err; - -diff --git a/src/signer_info.c b/src/signer_info.c -index 7a73c26..932b896 100644 ---- a/src/signer_info.c -+++ b/src/signer_info.c -@@ -207,6 +207,11 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content) - if (!sign_content) - return -1; - -+ if (content_is_empty(sign_content->data, sign_content->len)) { -+ cms->log(cms, LOG_ERR, "not signing empty digest"); -+ return -1; -+ } -+ - SECOidData *oid = SECOID_FindOIDByTag(digest_get_signature_oid(cms)); - if (!oid) - goto err; -diff --git a/src/util.h b/src/util.h -index f495a0b..5e0ea34 100644 ---- a/src/util.h -+++ b/src/util.h -@@ -110,6 +110,19 @@ free_poison(void *addrv, ssize_t len) - addr[x] = poison_pills[x % 2]; - } - -+static int -+__attribute__ ((unused)) -+content_is_empty(uint8_t *data, ssize_t len) -+{ -+ if (len < 1) -+ return 1; -+ -+ for (int i = 0; i < len; i++) -+ if (data[i] != 0) -+ return 0; -+ return 1; -+} -+ - #if defined(DAEMON_H) - static inline uint32_t - __attribute__ ((unused)) --- -1.7.10.4 - - -From 8311bc85a38fd4c9184ba79146662acceeb58909 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 17:47:49 -0400 -Subject: [PATCH 19/30] Make sure we free the token/cert we get from the - command line. - -This probably needs some further examination, but valgrind likes what's -here currently. - -Signed-off-by: Peter Jones ---- - src/pesign.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/pesign.c b/src/pesign.c -index 23aa992..acf0cee 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -435,6 +435,7 @@ main(int argc, char *argv[]) - - char *digest_name = "sha256"; - char *tokenname = "NSS Certificate DB"; -+ char *origtoken = tokenname; - char *certname = NULL; - - rc = pesign_context_new(&ctxp); -@@ -573,6 +574,8 @@ main(int argc, char *argv[]) - PORT_ErrorToString(PORT_GetError())); - exit(1); - } -+ if (tokenname != origtoken) -+ free(tokenname); - - ctxp->cms_ctx->certname = certname ? - PORT_ArenaStrdup(ctxp->cms_ctx->arena, certname) : NULL; -@@ -581,6 +584,8 @@ main(int argc, char *argv[]) - PORT_ErrorToString(PORT_GetError())); - exit(1); - } -+ if (certname) -+ free(certname); - - int action = 0; - if (daemon) --- -1.7.10.4 - - -From eb9ae0e9e00e752f12f622a7b2b55f9e2abbff0c Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 17:48:44 -0400 -Subject: [PATCH 20/30] [pesign] Only shut down nss in pesign.c if we're not - the daemon. - -The daemon does its own init and shutdown. - -Signed-off-by: Peter Jones ---- - src/pesign.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/src/pesign.c b/src/pesign.c -index acf0cee..581c327 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -804,6 +804,14 @@ main(int argc, char *argv[]) - } - pesign_context_free(ctxp); - -- NSS_Shutdown(); -+ if (!daemon) { -+ SECStatus status = NSS_Shutdown(); -+ if (status != SECSuccess) { -+ fprintf(stderr, "could not shut down NSS: %s", -+ PORT_ErrorToString(PORT_GetError())); -+ exit(1); -+ } -+ } -+ - return (rc < 0); - } --- -1.7.10.4 - - -From 93cf7af5ac86adc9ba1345bbf55d6c2e70519627 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 17:49:17 -0400 -Subject: [PATCH 21/30] Rework setup_digests() and teardown_digests() - -This fixes the problem I was seeing with empty content_info digests, and -makes the code a /little/ bit cleaner in some ways. - -Signed-off-by: Peter Jones ---- - src/cms_common.c | 92 ++++++++++++++++++++++++++++++++---------------------- - src/cms_common.h | 1 - - src/daemon.c | 28 +---------------- - src/pesign.c | 7 ----- - 4 files changed, 55 insertions(+), 73 deletions(-) - -diff --git a/src/cms_common.c b/src/cms_common.c -index 0c8ad8c..db134d7 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -96,43 +96,6 @@ digest_get_digest_size(cms_context *cms) - return digest_params[i].size; - } - -- --int --setup_digests(cms_context *cms) --{ -- struct digest *digests = NULL; -- -- digests = calloc(n_digest_params, sizeof (*digests)); -- if (!digests) { -- cms->log(cms, LOG_ERR, "cannot allocate memory: %m"); -- return -1; -- } -- -- for (int i = 0; i < n_digest_params; i++) { -- digests[i].pk11ctx = PK11_CreateDigestContext( -- digest_params[i].digest_tag); -- if (!digests[i].pk11ctx) { -- cms->log(cms, LOG_ERR, "could not create digest " -- "context: %s", -- PORT_ErrorToString(PORT_GetError())); -- goto err; -- } -- -- PK11_DigestBegin(digests[i].pk11ctx); -- } -- -- cms->digests = digests; -- return 0; --err: -- for (int i = 0; i < n_digest_params; i++) { -- if (digests[i].pk11ctx) -- PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE); -- } -- -- free(digests); -- return -1; --} -- - void - teardown_digests(cms_context *ctx) - { -@@ -733,6 +696,46 @@ check_pointer_and_size(Pe *pe, void *ptr, size_t size) - return 1; - } - -+int -+generate_digest_begin(cms_context *cms) -+{ -+ struct digest *digests = NULL; -+ -+ if (cms->digests) { -+ digests = cms->digests; -+ } else { -+ digests = calloc(n_digest_params, sizeof (*digests)); -+ if (!digests) { -+ cms->log(cms, LOG_ERR, "cannot allocate memory: %m"); -+ return -1; -+ } -+ } -+ -+ for (int i = 0; i < n_digest_params; i++) { -+ digests[i].pk11ctx = PK11_CreateDigestContext( -+ digest_params[i].digest_tag); -+ if (!digests[i].pk11ctx) { -+ cms->log(cms, LOG_ERR, "could not create digest " -+ "context: %s", -+ PORT_ErrorToString(PORT_GetError())); -+ goto err; -+ } -+ -+ PK11_DigestBegin(digests[i].pk11ctx); -+ } -+ -+ cms->digests = digests; -+ return 0; -+err: -+ for (int i = 0; i < n_digest_params; i++) { -+ if (digests[i].pk11ctx) -+ PK11_DestroyContext(digests[i].pk11ctx, PR_TRUE); -+ } -+ -+ free(digests); -+ return -1; -+} -+ - void - generate_digest_step(cms_context *cms, void *data, size_t len) - { -@@ -762,6 +765,12 @@ generate_digest_finish(cms_context *cms) - - PK11_DigestFinal(cms->digests[i].pk11ctx, - digest->data, &digest->len, digest_params[i].size); -+ PK11_Finalize(cms->digests[i].pk11ctx); -+ PK11_DestroyContext(cms->digests[i].pk11ctx, PR_TRUE); -+ cms->digests[i].pk11ctx = NULL; -+ if (cms->digests[i].pe_digest) -+ free_poison(cms->digests[i].pe_digest->data, -+ cms->digests[i].pe_digest->len); - cms->digests[i].pe_digest = digest; - } - -@@ -791,7 +800,14 @@ generate_digest(cms_context *cms, Pe *pe) - - if (!pe) { - cms->log(cms, LOG_ERR, "no output pe ready"); -- exit(1); -+ return -1; -+ } -+ -+ rc = generate_digest_begin(cms); -+ if (rc < 0) { -+ cms->log(cms, LOG_ERR, "could not initialize digests: %s", -+ PORT_ErrorToString(PORT_GetError())); -+ return rc; - } - - struct pe_hdr pehdr; -diff --git a/src/cms_common.h b/src/cms_common.h -index 830427e..5cbda62 100644 ---- a/src/cms_common.h -+++ b/src/cms_common.h -@@ -86,7 +86,6 @@ extern int cms_context_alloc(cms_context **ctxp); - extern int cms_context_init(cms_context *ctx); - extern void cms_context_fini(cms_context *ctx); - --extern int setup_digests(cms_context *cms); - extern void teardown_digests(cms_context *ctx); - - extern int generate_octet_string(cms_context *ctx, SECItem *encoded, -diff --git a/src/daemon.c b/src/daemon.c -index 4259a3a..29ac1dd 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -142,15 +142,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size) - return; - } - -- rc = setup_digests(ctx->cms); -- if (rc < 0) { -- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, -- "Could not initialize digests: %s\n", -- PORT_ErrorToString(PORT_GetError())); -- send_response(ctx, ctx->backup_cms, pollfd, rc); -- return; -- } -- - steal_from_cms(ctx->backup_cms, ctx->cms); - - if (!buffer) { -@@ -487,6 +478,7 @@ finish: - close(outfd); - - send_response(ctx, ctx->cms, pollfd, rc); -+ teardown_digests(ctx->cms); - } - - static void -@@ -496,15 +488,6 @@ handle_sign_attached(context *ctx, struct pollfd *pollfd, socklen_t size) - if (rc < 0) - return; - -- rc = setup_digests(ctx->cms); -- if (rc < 0) { -- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, -- "Could not initialize digests: %s\n", -- PORT_ErrorToString(PORT_GetError())); -- send_response(ctx, ctx->backup_cms, pollfd, rc); -- return; -- } -- - steal_from_cms(ctx->backup_cms, ctx->cms); - - handle_signing(ctx, pollfd, size, 1); -@@ -520,15 +503,6 @@ handle_sign_detached(context *ctx, struct pollfd *pollfd, socklen_t size) - if (rc < 0) - return; - -- rc = setup_digests(ctx->cms); -- if (rc < 0) { -- ctx->backup_cms->log(ctx->backup_cms, ctx->priority|LOG_NOTICE, -- "Could not initialize digests: %s\n", -- PORT_ErrorToString(PORT_GetError())); -- send_response(ctx, ctx->backup_cms, pollfd, rc); -- return; -- } -- - steal_from_cms(ctx->backup_cms, ctx->cms); - - handle_signing(ctx, pollfd, size, 0); -diff --git a/src/pesign.c b/src/pesign.c -index 581c327..eed9264 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -548,13 +548,6 @@ main(int argc, char *argv[]) - fprintf(stderr, "Could not register OIDs\n"); - exit(1); - } -- -- rc = setup_digests(ctxp->cms_ctx); -- if (rc < 0) { -- fprintf(stderr, "Could not initialize digests: %s\n", -- PORT_ErrorToString(PORT_GetError())); -- exit(1); -- } - } - - rc = set_digest_parameters(ctxp->cms_ctx, digest_name); --- -1.7.10.4 - - -From 97bd823fd0f557c2cbabe917e4358a57c3e7af1d Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Wed, 17 Oct 2012 19:59:49 -0400 -Subject: [PATCH 22/30] Fix errors found by coverity. - -Signed-off-by: Peter Jones ---- - src/actions.c | 4 ++-- - src/cms_common.c | 17 ++++++++++------- - src/daemon.c | 16 +++++++++++++++- - src/password.c | 1 + - src/pesign_context.c | 4 +++- - src/wincert.c | 2 +- - 6 files changed, 32 insertions(+), 12 deletions(-) - -diff --git a/src/actions.c b/src/actions.c -index 76a311c..9cf4f45 100644 ---- a/src/actions.c -+++ b/src/actions.c -@@ -70,7 +70,7 @@ insert_signature(cms_context *cms, int signum) - if (signum != cms->num_signatures) { - memmove(cms->signatures[signum+1], - cms->signatures[signum], -- sizeof(SECItem *) * (cms->num_signatures - signum)); -+ sizeof(SECItem) * (cms->num_signatures - signum)); - } - cms->signatures[signum] = sig; - cms->num_signatures++; -@@ -430,7 +430,7 @@ remove_signature(pesign_context *p_ctx) - if (p_ctx->signum != ctx->num_signatures - 1) - memmove(ctx->signatures[p_ctx->signum], - ctx->signatures[p_ctx->signum+1], -- sizeof(SECItem *) * -+ sizeof(SECItem) * - (ctx->num_signatures - p_ctx->signum)); - - ctx->num_signatures--; -diff --git a/src/cms_common.c b/src/cms_common.c -index db134d7..e3c647d 100644 ---- a/src/cms_common.c -+++ b/src/cms_common.c -@@ -598,16 +598,19 @@ generate_spc_string(cms_context *cms, SECItem *ssp, char *str, int len) - memset(&ss, '\0', sizeof (ss)); - - SECITEM_AllocItem(cms->arena, &ss.unicode, len); -- if (!ss.unicode.data && len != 0) { -- cms->log(cms, LOG_ERR, "could not allocate memory: %s", -- PORT_ErrorToString(PORT_GetError())); -- return -1; -+ if (len != 0) { -+ if (!ss.unicode.data) { -+ cms->log(cms, LOG_ERR, "could not allocate memory: %s", -+ PORT_ErrorToString(PORT_GetError())); -+ return -1; -+ } -+ -+ memcpy(ss.unicode.data, str, len); - } -- -- memcpy(ss.unicode.data, str, len); - ss.unicode.type = siBMPString; - -- if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate) == NULL) { -+ if (SEC_ASN1EncodeItem(cms->arena, ssp, &ss, SpcStringTemplate) -+ == NULL) { - cms->log(cms, LOG_ERR, "could not encode SpcString: %s", - PORT_ErrorToString(PORT_GetError())); - return -1; -diff --git a/src/daemon.c b/src/daemon.c -index 29ac1dd..6d92136 100644 ---- a/src/daemon.c -+++ b/src/daemon.c -@@ -134,7 +134,6 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size) - struct msghdr msg; - struct iovec iov; - ssize_t n; -- char *buffer = malloc(size); - - int rc = cms_context_alloc(&ctx->cms); - if (rc < 0) { -@@ -144,6 +143,7 @@ handle_unlock_token(context *ctx, struct pollfd *pollfd, socklen_t size) - - steal_from_cms(ctx->backup_cms, ctx->cms); - -+ char *buffer = malloc(size); - if (!buffer) { - oom: - ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR, -@@ -790,6 +790,7 @@ check_socket(context *ctx) - - rc = connect(sd, (struct sockaddr *)&addr_un, len); - if (rc < 0) { -+ close(sd); - unlink(SOCKPATH); - return; - } -@@ -798,6 +799,7 @@ check_socket(context *ctx) - socklen_t size = sizeof(remote); - rc = getpeername(sd, &remote, &size); - if (rc < 0) { -+ close(sd); - return; - } else { - fprintf(stderr, "pesignd: already running"); -@@ -911,6 +913,12 @@ daemonize(cms_context *cms_ctx, int do_fork) - - if (do_fork) { - int fd = open("/dev/zero", O_RDONLY); -+ if (fd < 0) { -+ ctx.backup_cms->log(ctx.backup_cms, -+ ctx.priority|LOG_ERR, -+ "could not open /dev/zero: %m"); -+ exit(1); -+ } - close(STDIN_FILENO); - rc = dup2(fd, STDIN_FILENO); - if (rc < 0) { -@@ -922,6 +930,12 @@ daemonize(cms_context *cms_ctx, int do_fork) - close(fd); - - fd = open("/dev/null", O_WRONLY); -+ if (fd < 0) { -+ ctx.backup_cms->log(ctx.backup_cms, -+ ctx.priority|LOG_ERR, -+ "could not open /dev/null: %m"); -+ exit(1); -+ } - close(STDOUT_FILENO); - rc = dup2(fd, STDOUT_FILENO); - if (rc < 0) { -diff --git a/src/password.c b/src/password.c -index 5ee15f8..100c584 100644 ---- a/src/password.c -+++ b/src/password.c -@@ -114,6 +114,7 @@ SECU_GetPasswordString(void *arg, char *prompt) - - output = fopen(consoleName, "w"); - if (output == NULL) { -+ fclose(input); - fprintf(stderr, "Error opening output terminal for write\n"); - return NULL; - } -diff --git a/src/pesign_context.c b/src/pesign_context.c -index cbd929f..033e8de 100644 ---- a/src/pesign_context.c -+++ b/src/pesign_context.c -@@ -38,8 +38,10 @@ pesign_context_new(pesign_context **ctx) - return -1; - - rc = pesign_context_init(context); -- if (rc < 0) -+ if (rc < 0) { -+ free(context); - return rc; -+ } - context->flags |= PESIGN_C_ALLOCATED; - - *ctx = context; -diff --git a/src/wincert.c b/src/wincert.c -index b487dc5..4b5ba45 100644 ---- a/src/wincert.c -+++ b/src/wincert.c -@@ -257,7 +257,7 @@ parse_signatures(cms_context *cms, Pe *pe) - if (rc <= 0) - break; - -- signatures[i] = calloc(1, sizeof (SECItem *)); -+ signatures[i] = calloc(1, sizeof (SECItem)); - if (!signatures[i]) - goto err; - --- -1.7.10.4 - - -From f4b3b20cc5a8697743f0ed5c24bf04c72e02ba11 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 18 Oct 2012 09:12:25 -0400 -Subject: [PATCH 23/30] Don't keep the DEPS list twice. - -Signed-off-by: Peter Jones ---- - src/Makefile | 12 +++++++++--- - 1 file changed, 9 insertions(+), 3 deletions(-) - -diff --git a/src/Makefile b/src/Makefile -index cd06158..cb74c12 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -39,14 +39,20 @@ client_OBJECTS = $(foreach source,$(client_SOURCES),$(patsubst %.c,%,$(source)). - client_DEPS = $(foreach source,$(client_SOURCES),.$(patsubst %.c,%,$(source)).P) - client : $(client_OBJECTS) $(STATIC_LIBS) - --deps : $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \ -+fuzzsocket_SOURCES = fuzzsocket.c -+fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o) -+fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P) -+fuzzsocket : $(fuzzsocket_OBJECTS) -+ -+DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \ - $(peverify_DEPS) - -+deps : $(DEPS) -+ - depclean : - @rm -fv .*.P - ---include $(generic_DEPS) $(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \ -- $(peverify_DEPS) -+-include $(DEPS) - - clean : depclean - @rm -rfv *.o *.a *.so $(TARGETS) --- -1.7.10.4 - - -From 8308daea94818c7603149a7aefd3df5f0aebbcc9 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 18 Oct 2012 13:09:58 -0400 -Subject: [PATCH 24/30] Make "install_systemd" and "install_sysvinit" separate - targets - -Signed-off-by: Peter Jones ---- - Makefile | 6 ++++ - src/Makefile | 16 ++++++---- - src/pesign.sysvinit | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++ - 3 files changed, 99 insertions(+), 5 deletions(-) - create mode 100644 src/pesign.sysvinit - -diff --git a/Makefile b/Makefile -index 531c865..ddaf4c5 100644 ---- a/Makefile -+++ b/Makefile -@@ -19,6 +19,12 @@ install : - $(INSTALL) -d -m 755 $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/ - $(INSTALL) -m 644 COPYING $(INSTALLROOT)$(PREFIX)$(DOCDIR)/pesign-$(VERSION)/ - -+install_systemd: -+ @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done -+ -+install_sysvinit: -+ @for x in $(SUBDIRS) ; do $(MAKE) -C $${x} TOPDIR=$(TOPDIR) SRCDIR=$(TOPDIR)/$@/ ARCH=$(ARCH) $@ ; done -+ - .PHONY: $(SUBDIRS) clean install - - include $(TOPDIR)/Make.rules -diff --git a/src/Makefile b/src/Makefile -index cb74c12..7e611c8 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -42,7 +42,7 @@ client : $(client_OBJECTS) $(STATIC_LIBS) - fuzzsocket_SOURCES = fuzzsocket.c - fuzzsocket_OBJECTS = $(foreach source,$(fuzzsocket_SOURCES),$(patsubst %.c,%,$(source)).o) - fuzzsocket_DEPS = $(foreach source,$(fuzzsocket_SOURCES),.$(patsubst %.c,%,$(source)).P) --fuzzsocket : $(fuzzsocket_OBJECTS) -+fuzzsocket : $(fuzzsocket_OBJECTS) -lrt - - DEPS = $(generic_DEPS)$(authvar_DEPS) $(pesign_DEPS) $(client_DEPS) \ - $(peverify_DEPS) -@@ -57,6 +57,16 @@ depclean : - clean : depclean - @rm -rfv *.o *.a *.so $(TARGETS) - -+install_systemd: -+ $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/ -+ $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf -+ $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/ -+ $(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/ -+ -+install_sysvinit: -+ $(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rc.d/init.d/ -+ $(INSTALL) -m 755 pesign.sysvinit $(INSTALLROOT)/etc/rc.d/init.d/pesign -+ - install : - $(INSTALL) -d -m 700 $(INSTALLROOT)/etc/pki/pesign/ - $(INSTALL) -d -m 770 $(INSTALLROOT)/var/run/pesign/ -@@ -72,10 +82,6 @@ install : - #$(INSTALL) -m 644 peverify.1 $(INSTALLROOT)/usr/share/man/man1/ - $(INSTALL) -d -m 755 $(INSTALLROOT)/etc/rpm/ - $(INSTALL) -m 644 macros.pesign $(INSTALLROOT)/etc/rpm/ -- $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/tmpfiles.d/ -- $(INSTALL) -m 644 tmpfiles.conf $(INSTALLROOT)/usr/lib/tmpfiles.d/pesign.conf -- $(INSTALL) -d -m 755 $(INSTALLROOT)/usr/lib/systemd/system/ -- $(INSTALL) -m 644 pesign.service $(INSTALLROOT)/usr/lib/systemd/system/ - - .PHONY: all deps clean install - -diff --git a/src/pesign.sysvinit b/src/pesign.sysvinit -new file mode 100644 -index 0000000..f955e01 ---- /dev/null -+++ b/src/pesign.sysvinit -@@ -0,0 +1,82 @@ -+#! /bin/sh -+# -+# pesign This starts the pesign PE signing daemon -+# -+# chkconfig: - 50 50 -+# processname: /usr/bin/pesign -+# pidfile: /var/run/pesign.pid -+### BEGIN INIT INFO -+# Provides: pesign -+# Default-Start: -+# Default-Stop: -+# Short-Description: The pesign PE signing daemon -+# Description: The pesign PE signing daemon -+### END INIT INFO -+ -+. /etc/init.d/functions -+[ -f /usr/bin/pesign ] || exit 1 -+ -+RETVAL=0 -+ -+start(){ -+ echo -n "Starting pesign: " -+ daemon /usr/bin/pesign --daemonize -+ RETVAL=$? -+ echo -+ touch /var/lock/subsys/pesign -+} -+ -+stop(){ -+ echo -n "Stopping pesign: " -+ killproc -p /var/run/pesign.pid pesignd -+ RETVAL=$? -+ echo -+ rm -f /var/lock/subsys/pesign -+} -+ -+restart(){ -+ stop -+ start -+} -+ -+reload(){ -+ stop -+ start -+} -+ -+condrestart(){ -+ [ -e /var/lock/subsys/pesign ] && restart -+} -+ -+# See how we were called. -+case "$1" in -+ start) -+ start -+ ;; -+ stop) -+ stop -+ ;; -+ status) -+ status /usr/bin/pesign -+ ;; -+ restart) -+ restart -+ ;; -+ reload) -+ reload -+ ;; -+ force-reload) -+ reload -+ ;; -+ condrestart) -+ condrestart -+ ;; -+ try-restart) -+ condrestart -+ ;; -+ *) -+ echo "Usage: pesign {start|stop|status|restart|condrestart|reload}" -+ RETVAL=1 -+esac -+ -+exit $RETVAL --- -1.7.10.4 - - -From e23f28bc9e114ab99414023dbe45db4ea057b3a1 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 18 Oct 2012 13:10:28 -0400 -Subject: [PATCH 25/30] Get rid of an unnecessary allocation. - -Signed-off-by: Peter Jones ---- - src/client.c | 32 ++++++++++++++------------------ - 1 file changed, 14 insertions(+), 18 deletions(-) - -diff --git a/src/client.c b/src/client.c -index 8336749..df1c8f2 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -223,25 +223,17 @@ unlock_token(int sd, char *tokenname, char *pin) - { - struct msghdr msg; - struct iovec iov[2]; -- pesignd_msghdr *pm; -+ pesignd_msghdr pm; - - uint32_t size0 = pesignd_string_size(tokenname); - - uint32_t size1 = pesignd_string_size(pin); - -- pm = calloc(1, sizeof(*pm)); -- if (!pm) { --oom: -- fprintf(stderr, "pesign-client: could not allocate memory: " -- "%m\n"); -- exit(1); -- } -- -- pm->version = PESIGND_VERSION; -- pm->command = CMD_UNLOCK_TOKEN; -- pm->size = size0 + size1; -- iov[0].iov_base = pm; -- iov[0].iov_len = sizeof (*pm); -+ pm.version = PESIGND_VERSION; -+ pm.command = CMD_UNLOCK_TOKEN; -+ pm.size = size0 + size1; -+ iov[0].iov_base = ± -+ iov[0].iov_len = sizeof (pm); - - memset(&msg, '\0', sizeof(msg)); - msg.msg_iov = iov; -@@ -257,8 +249,11 @@ oom: - - uint8_t *buffer = NULL; - buffer = calloc(1, size0 + size1); -- if (!buffer) -- goto oom; -+ if (!buffer) { -+ fprintf(stderr, "pesign-client: could not allocate memory: " -+ "%m\n"); -+ exit(1); -+ } - - pesignd_string *tn = (pesignd_string *)buffer; - pesignd_string_set(tn, tokenname); -@@ -478,8 +473,9 @@ main(int argc, char *argv[]) - - rc = poptReadDefaultConfig(optCon, 0); - if (rc < 0) { -- fprintf(stderr, "pesign: poprReadDefaultConfig failed: %s\n", -- poptStrerror(rc)); -+ fprintf(stderr, -+ "pesign-client: poptReadDefaultConfig failed: %s\n", -+ poptStrerror(rc)); - exit(1); - } - --- -1.7.10.4 - - -From 5c6bd285201bb8f574c96d563ddf6e9478c041c6 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 18 Oct 2012 14:28:36 -0400 -Subject: [PATCH 26/30] Allow use of -e from rpm macro. - -Signed-off-by: Peter Jones ---- - src/macros.pesign | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/macros.pesign b/src/macros.pesign -index 703edbb..7706050 100644 ---- a/src/macros.pesign -+++ b/src/macros.pesign -@@ -11,9 +11,9 @@ - - %_pesign /usr/bin/pesign - --%pesign(i:o:C:s) \ -+%pesign(i:o:C:e:s) \ - if [ -x %{_pesign} -a "%{_target_cpu}" == "x86_64" ]; then \ -- %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-s} \ -+ %{_pesign} %{__pesign_token} %{__pesign_cert} %{-i} %{-o} %{-e} %{-s} \ - else \ - if [ -n "%{-i*}" -a -n "%{-o*}" ]; then \ - mv %{-i*} %{-o*} \ --- -1.7.10.4 - - -From 606eeb10b6a5ffb3dd36d362e96a92c8f9fe595f Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Thu, 18 Oct 2012 14:55:07 -0400 -Subject: [PATCH 27/30] Make client use -e like pesign does, rather than - --detached. - -This way we can use the same macros for them. - -Signed-off-by: Peter Jones ---- - src/client.c | 22 ++++++++++++++++++++-- - src/pesign-client.1 | 3 ++- - 2 files changed, 22 insertions(+), 3 deletions(-) - -diff --git a/src/client.c b/src/client.c -index df1c8f2..5e5399d 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -434,6 +434,7 @@ main(int argc, char *argv[]) - int action; - char *infile = NULL; - char *outfile = NULL; -+ char *exportfile = NULL; - int attached = 1; - int pinfd = -1; - char *pinfile = NULL; -@@ -456,8 +457,9 @@ main(int argc, char *argv[]) - &infile, 0, "input filename", "" }, - {"outfile", 'o', POPT_ARG_STRING, - &outfile, 0, "output filename", "" }, -- {"detached", 'd', POPT_ARG_VAL, &attached, 0, -- "create detached signature", NULL }, -+ {"export", 'e', POPT_ARG_STRING, -+ &exportfile, 0, "create detached signature", -+ "" }, - {"pinfd", 'f', POPT_ARG_INT, &pinfd, -1, - "read file descriptor for pin information", - "" }, -@@ -494,6 +496,22 @@ main(int argc, char *argv[]) - exit(1); - } - -+ if (!outfile && !exportfile) { -+ fprintf(stderr, "pesign-client: neither --outfile nor --export " -+ "specified\n"); -+ exit(1); -+ } -+ -+ if (outfile && exportfile) { -+ fprintf(stderr, "pesign-client: both --outfile and --export " -+ "specified\n"); -+ exit(1); -+ } -+ if (exportfile) { -+ outfile = exportfile; -+ attached = 0; -+ } -+ - poptFreeContext(optCon); - - int sd = connect_to_server(); -diff --git a/src/pesign-client.1 b/src/pesign-client.1 -index 686383e..1ccfbb3 100644 ---- a/src/pesign-client.1 -+++ b/src/pesign-client.1 -@@ -5,10 +5,11 @@ pesign-client \- command line tool for signing UEFI applications - .SH SYNOPSIS - \fBpesign\fR [--in=\fIinfile\fR | -i \fIinfile\fR] - [--out=\fIoutfile\fR | -o \fIoutfile\fR] -+ [--export=\fIexportfile\fR | -e \fIexportfile\fR] - [--token=\fItoken\fR | -t \fItoken\fR] - [--certificate=\fInickname\fR | -c \fInickname\fR] - [--unlock | -u] [--kill | -k] [--sign | -s] -- [--detached | -d] [--pinfd=\fIpinfd\fR | -f \fIpinfd\fR] -+ [--pinfd=\fIpinfd\fR | -f \fIpinfd\fR] - [--pinfile=\fIpinfile\fR | -F \fIpinfile\fR] - - .SH DESCRIPTION --- -1.7.10.4 - - -From 2d1816cf43fa04e4454a65bfd0121c037368ead0 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 19 Oct 2012 10:08:26 -0400 -Subject: [PATCH 28/30] Add support to read the pin from stdin in client. - -Signed-off-by: Peter Jones ---- - src/client.c | 10 +++++++--- - src/password.c | 41 +++++++++++++++++++++++++++++++++++++++++ - src/password.h | 1 + - src/signer_info.c | 45 +-------------------------------------------- - 4 files changed, 50 insertions(+), 47 deletions(-) - -diff --git a/src/client.c b/src/client.c -index 5e5399d..561db19 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -212,10 +212,14 @@ get_token_pin(int pinfd, char *pinfile, char *envname) - - fclose(pinf); - return pin; -- } else -- return strdup(getenv(envname)); -+ } else { -+ pin = getenv(envname); -+ if (pin) -+ return strdup(pin); -+ } - -- return NULL; -+ pin = readpw(NULL, PR_FALSE, NULL); -+ return pin; - } - - static void -diff --git a/src/password.c b/src/password.c -index 100c584..c663955 100644 ---- a/src/password.c -+++ b/src/password.c -@@ -17,6 +17,7 @@ - * Author(s): Peter Jones - */ - -+#include - #include - #include - #include -@@ -289,4 +290,44 @@ SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) - return NULL; - } - -+#if 0 -+#warning investigate killing readpw -+#endif -+char * -+readpw(PK11SlotInfo *slot, PRBool retry, void *arg) -+{ -+ struct termios sio, tio; -+ char line[LINE_MAX], *p; - -+ if (tcgetattr(fileno(stdin), &sio) < 0) { -+ fprintf(stderr, "Could not read password from standard input.\n"); -+ return NULL; -+ } -+ tio = sio; -+ tio.c_lflag &= ~ECHO; -+ if (tcsetattr(fileno(stdin), 0, &tio) < 0) { -+ fprintf(stderr, "Could not read password from standard input.\n"); -+ return NULL; -+ } -+ -+ fprintf(stdout, "Enter passphrase for private key: "); -+ if (fgets(line, sizeof(line), stdin) == NULL) { -+ fprintf(stdout, "\n"); -+ tcsetattr(fileno(stdin), 0, &sio); -+ return NULL; -+ } -+ fprintf(stdout, "\n"); -+ tcsetattr(fileno(stdin), 0, &sio); -+ -+ p = line + strcspn(line, "\r\n"); -+ if (p != NULL) -+ *p = '\0'; -+ -+ char *ret = strdup(line); -+ memset(line, '\0', sizeof (line)); -+ if (!ret) { -+ fprintf(stderr, "Could not read passphrase.\n"); -+ return NULL; -+ } -+ return ret; -+} -diff --git a/src/password.h b/src/password.h -index 853bd5a..bcbac44 100644 ---- a/src/password.h -+++ b/src/password.h -@@ -22,5 +22,6 @@ - extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg); - extern char *get_password_passthrough(PK11SlotInfo *slot, PRBool retry, void *arg); - extern char *get_password_fail(PK11SlotInfo *slot, PRBool retry, void *arg); -+extern char *readpw(PK11SlotInfo *slot, PRBool retry, void *arg); - - #endif /* PASSWORD_H */ -diff --git a/src/signer_info.c b/src/signer_info.c -index 932b896..f755bf6 100644 ---- a/src/signer_info.c -+++ b/src/signer_info.c -@@ -19,10 +19,8 @@ - - #include "pesign.h" - --#include - #include - #include --#include - #include - #include - -@@ -159,47 +157,6 @@ err: - return -1; - } - --#if 0 --#warning investigate killing getpw --#endif --static char *getpw(PK11SlotInfo *slot, PRBool retry, void *arg) --{ -- struct termios sio, tio; -- char line[LINE_MAX], *p; -- -- if (tcgetattr(fileno(stdin), &sio) < 0) { -- fprintf(stderr, "Could not read password from standard input.\n"); -- return NULL; -- } -- tio = sio; -- tio.c_lflag &= ~ECHO; -- if (tcsetattr(fileno(stdin), 0, &tio) < 0) { -- fprintf(stderr, "Could not read password from standard input.\n"); -- return NULL; -- } -- -- fprintf(stdout, "Enter passphrase for private key: "); -- if (fgets(line, sizeof(line), stdin) == NULL) { -- fprintf(stdout, "\n"); -- tcsetattr(fileno(stdin), 0, &sio); -- return NULL; -- } -- fprintf(stdout, "\n"); -- tcsetattr(fileno(stdin), 0, &sio); -- -- p = line + strcspn(line, "\r\n"); -- if (p != NULL) -- *p = '\0'; -- -- char *ret = strdup(line); -- memset(line, '\0', sizeof (line)); -- if (!ret) { -- fprintf(stderr, "Could not read passphrase.\n"); -- return NULL; -- } -- return ret; --} -- - static int - sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content) - { -@@ -216,7 +173,7 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content) - if (!oid) - goto err; - -- PK11_SetPasswordFunc(cms->func ? cms->func : getpw); -+ PK11_SetPasswordFunc(cms->func ? cms->func : readpw); - SECKEYPrivateKey *privkey = PK11_FindKeyByAnyCert(cms->cert, - cms->pwdata ? cms->pwdata : NULL); - if (!privkey) { --- -1.7.10.4 - - -From 98ada084e649204ad49bfe1fcccd50eae593196a Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 22 Oct 2012 10:44:30 -0400 -Subject: [PATCH 29/30] Complain if no certname is provided. - -Signed-off-by: Peter Jones ---- - src/pesign.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/pesign.c b/src/pesign.c -index eed9264..a7befb0 100644 ---- a/src/pesign.c -+++ b/src/pesign.c -@@ -615,6 +615,12 @@ main(int argc, char *argv[]) - action |= GENERATE_SIGNATURE; - if (!(action & EXPORT_SIGNATURE)) - action |= IMPORT_SIGNATURE; -+ -+ if (!ctxp->cms_ctx->certname) { -+ fprintf(stderr, "pesign: signing requested but no " -+ "certificate nickname provided\n"); -+ exit(1); -+ } - } - - if (ctxp->hash) --- -1.7.10.4 - - -From c790c5c2b121506e6ac1ba7f4906b8f0eb74051b Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 19 Oct 2012 10:07:40 -0400 -Subject: [PATCH 30/30] Fix command line checking for -s. - -Accidentally applied when not using -s. Woops. - -Signed-off-by: Peter Jones ---- - src/client.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/client.c b/src/client.c -index 561db19..1ec582b 100644 ---- a/src/client.c -+++ b/src/client.c -@@ -500,7 +500,7 @@ main(int argc, char *argv[]) - exit(1); - } - -- if (!outfile && !exportfile) { -+ if (action & SIGN_BINARY && (!outfile && !exportfile)) { - fprintf(stderr, "pesign-client: neither --outfile nor --export " - "specified\n"); - exit(1); --- -1.7.10.4 - diff --git a/pesign.changes b/pesign.changes index 2500fa3..9f064e7 100644 --- a/pesign.changes +++ b/pesign.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Tue Jul 9 04:44:44 UTC 2013 - glin@suse.com + +- Update to 0.106 +- Add pesign-clear-padding-bits.patch to clear the padding bits +- Rebase patches: + + pesign-suse-build.patch + + pesign-fix-build-errors.patch + + pesign-privkey_unneeded.diff +- Drop upstreamed patches + + pesign-client-initialize-action.patch + + pesign-bnc808594-align-signatures.patch + + pesign-upstream-fixes.patch + + pesign-fix-export-attributes.patch + + pesign-no-set-image-size.patch + + pesign-client-read-pin-file.patch + + pesign-local-database.patch + + pesign-bnc801653-teardown-segfault.patch + + pesign-bnc805166-fix-signature-list.patch + ------------------------------------------------------------------- Tue Mar 26 06:21:15 UTC 2013 - glin@suse.com diff --git a/pesign.spec b/pesign.spec index 9885da5..83cd1fe 100644 --- a/pesign.spec +++ b/pesign.spec @@ -17,36 +17,21 @@ Name: pesign -Version: 0.99 +Version: 0.106 Release: 0 Summary: Signing tool for PE-COFF binaries License: GPL-2.0 Group: Productivity/Security Url: https://github.com/vathpela/pesign Source: %{name}-%{version}.tar.bz2 -# PATCH-FIX-UPSTREAM pesign-upstream-fixes.patch glin@suse.com -- fixes from upstream -Patch0: pesign-upstream-fixes.patch # PATCH-FIX-SUSE pesign-suse-build.patch glin@suse.com -- Adjust Makefile for the build service Patch1: pesign-suse-build.patch # PATCH-FIX-UPSTREAM pesign-fix-build-errors.patch glin@suse.com -- Fix gcc warnings Patch2: pesign-fix-build-errors.patch -# PATCH-FIX-UPSTREAM pesign-client-initialize-action.patch glin@suse.com -- Initialize the actions variable -Patch3: pesign-client-initialize-action.patch -# PATCH-FIX-UPSTREAM pesign-client-read-pin-file.patch glin@suse.com -- Fix pin file reading error -Patch4: pesign-client-read-pin-file.patch -# PATCH-FIX-UPSTREAM pesign-local-database.patch glin@suse.com -- Support local certificate database -Patch5: pesign-local-database.patch -# PATCH-FIX-UPSTREAM pesign-bnc801653-teardown-segfault.patch glin@suse.com -- Fix crash when freeing digests -Patch7: pesign-bnc801653-teardown-segfault.patch -# PATCH-FIX-UPSTREAM pesign-fix-export-attributes.patch glin@suse.com -- Fix crash when exporting attributes -Patch9: pesign-fix-export-attributes.patch # PATCH-FIX-UPSTREAM pesign-privkey_unneeded.diff glin@suse.com -- Don't check the private key when importing the raw signature -Patch10: pesign-privkey_unneeded.diff -Patch11: pesign-no-set-image-size.patch -# PATCH-FIX-UPSTREAM pesign-bnc805166-fix-signature-list.patch bnc#805166 glin@suse.com -- Fix the broken signature list when inserting a new signature into a signed EFI binary. -Patch12: pesign-bnc805166-fix-signature-list.patch -# PATCH-FIX-UPSTREAM pesign-bnc808594-align-signatures.patch bnc#808594,bnc#811325 glin@suse.com -- Align the signatures to 8-bytes -Patch13: pesign-bnc808594-align-signatures.patch +Patch3: pesign-privkey_unneeded.diff +# PATCH-FIX-UPSTREAM pesign-clear-padding-bits.patch glin@suse.com -- Clear the allocated space before inserting the certificate list +Patch4: pesign-clear-padding-bits.patch BuildRequires: mozilla-nss-devel BuildRequires: pkg-config BuildRequires: popt-devel @@ -71,18 +56,10 @@ Authors: %prep %setup -q -%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 -%patch5 -p1 -%patch7 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 %build make OPTFLAGS="$RPM_OPT_FLAGS" @@ -140,6 +117,7 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/pesign.conf %doc COPYING %{_bindir}/pesign %{_bindir}/pesign-client +%{_bindir}/efikeygen %dir %{_sysconfdir}/popt.d %config %{_sysconfdir}/popt.d/pesign.popt %{_sysconfdir}/pki/