aboutsummaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authort3sserakt <t3ss@posteo.de>2021-11-09 17:54:23 +0100
committert3sserakt <t3ss@posteo.de>2021-11-09 19:43:13 +0100
commit7b575e69c8843fd779f72ad8fed7a8360a3ba513 (patch)
treef88ae0dd8ce1528751da708ee824b13d2f898f21 /src/util
parent8cd4dadfb9ebd4db232fda79d5c4353eacb15690 (diff)
parentfab39a6089cb6f48af6bdcfa0a4df3559348259e (diff)
downloadgnunet-7b575e69c8843fd779f72ad8fed7a8360a3ba513.tar.gz
gnunet-7b575e69c8843fd779f72ad8fed7a8360a3ba513.zip
Merge branch 'master' into dev/t3ss/tng
Diffstat (limited to 'src/util')
-rw-r--r--src/util/configuration.c15
-rw-r--r--src/util/crypto_hkdf.c23
-rw-r--r--src/util/crypto_rsa.c23
-rw-r--r--src/util/os_installation.c20
4 files changed, 51 insertions, 30 deletions
diff --git a/src/util/configuration.c b/src/util/configuration.c
index 09a3a7d93..d9d6721cc 100644
--- a/src/util/configuration.c
+++ b/src/util/configuration.c
@@ -2383,31 +2383,34 @@ GNUNET_CONFIGURATION_default (void)
2383 char *cfgname = NULL; 2383 char *cfgname = NULL;
2384 struct GNUNET_CONFIGURATION_Handle *cfg; 2384 struct GNUNET_CONFIGURATION_Handle *cfg;
2385 2385
2386 /* FIXME: Why are we doing this? Needs some commentary! */ 2386 /* Makes sure function implicitly looking at the installation directory (for
2387 example GNUNET_CONFIGURATION_load further down) use GNUnet's environment
2388 instead of the caller's. It's done at the start to make sure as many
2389 functions as possible are directed to the proper paths. */
2387 GNUNET_OS_init (dpd); 2390 GNUNET_OS_init (dpd);
2388 2391
2389 cfg = GNUNET_CONFIGURATION_create (); 2392 cfg = GNUNET_CONFIGURATION_create ();
2390 2393
2391 /* First, try user configuration. */ 2394 /* First, try user configuration. */
2392 if (NULL != xdg) 2395 if (NULL != xdg)
2393 GNUNET_asprintf (&cfgname, "%s/%s", xdg, pd->config_file); 2396 GNUNET_asprintf (&cfgname, "%s/%s", xdg, dpd->config_file);
2394 else 2397 else
2395 cfgname = GNUNET_strdup (pd->user_config_file); 2398 cfgname = GNUNET_strdup (dpd->user_config_file);
2396 2399
2397 /* If user config doesn't exist, try in 2400 /* If user config doesn't exist, try in
2398 /etc/<projdir>/<cfgfile> and /etc/<cfgfile> */ 2401 /etc/<projdir>/<cfgfile> and /etc/<cfgfile> */
2399 if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) 2402 if (GNUNET_OK != GNUNET_DISK_file_test (cfgname))
2400 { 2403 {
2401 GNUNET_free (cfgname); 2404 GNUNET_free (cfgname);
2402 GNUNET_asprintf (&cfgname, "/etc/%s", pd->config_file); 2405 GNUNET_asprintf (&cfgname, "/etc/%s", dpd->config_file);
2403 } 2406 }
2404 if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) 2407 if (GNUNET_OK != GNUNET_DISK_file_test (cfgname))
2405 { 2408 {
2406 GNUNET_free (cfgname); 2409 GNUNET_free (cfgname);
2407 GNUNET_asprintf (&cfgname, 2410 GNUNET_asprintf (&cfgname,
2408 "/etc/%s/%s", 2411 "/etc/%s/%s",
2409 pd->project_dirname, 2412 dpd->project_dirname,
2410 pd->config_file); 2413 dpd->config_file);
2411 } 2414 }
2412 if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) 2415 if (GNUNET_OK != GNUNET_DISK_file_test (cfgname))
2413 { 2416 {
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c
index 7270b87b6..4e4496819 100644
--- a/src/util/crypto_hkdf.c
+++ b/src/util/crypto_hkdf.c
@@ -103,11 +103,30 @@ getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len, const void *skm,
103 size_t skm_len, void *prk) 103 size_t skm_len, void *prk)
104{ 104{
105 const void *ret; 105 const void *ret;
106 size_t dlen;
106 107
107 ret = doHMAC (mac, xts, xts_len, skm, skm_len); 108 dlen = gcry_md_get_algo_dlen (gcry_md_get_algo (mac));
109
110 /* sanity check to bound stack allocation */
111 GNUNET_assert (dlen <= 512);
112
113 /* From RFC 5869:
114 * salt - optional salt value (a non-secret random value);
115 * if not provided, it is set to a string of HashLen zeros. */
116
117 if (xts_len == 0)
118 {
119 char zero_salt[dlen];
120 memset (zero_salt, 0, dlen);
121 ret = doHMAC (mac, zero_salt, dlen, skm, skm_len);
122 }
123 else
124 {
125 ret = doHMAC (mac, xts, xts_len, skm, skm_len);
126 }
108 if (ret == NULL) 127 if (ret == NULL)
109 return GNUNET_SYSERR; 128 return GNUNET_SYSERR;
110 GNUNET_memcpy (prk, ret, gcry_md_get_algo_dlen (gcry_md_get_algo (mac))); 129 GNUNET_memcpy (prk, ret, dlen);
111 130
112 return GNUNET_YES; 131 return GNUNET_YES;
113} 132}
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 4d3de00bc..f017d1f10 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -310,9 +310,15 @@ GNUNET_CRYPTO_rsa_public_key_encode (
310 struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr; 310 struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr;
311 int ret; 311 int ret;
312 312
313 ret = key_from_sexp (ne, key->sexp, "public-key", "ne"); 313 ret = key_from_sexp (ne,
314 key->sexp,
315 "public-key",
316 "ne");
314 if (0 != ret) 317 if (0 != ret)
315 ret = key_from_sexp (ne, key->sexp, "rsa", "ne"); 318 ret = key_from_sexp (ne,
319 key->sexp,
320 "rsa",
321 "ne");
316 if (0 != ret) 322 if (0 != ret)
317 { 323 {
318 GNUNET_break (0); 324 GNUNET_break (0);
@@ -333,16 +339,25 @@ GNUNET_CRYPTO_rsa_public_key_encode (
333 (n_size > UINT16_MAX) ) 339 (n_size > UINT16_MAX) )
334 { 340 {
335 GNUNET_break (0); 341 GNUNET_break (0);
336 *buffer = NULL; 342 if (NULL != buffer)
343 *buffer = NULL;
337 gcry_mpi_release (ne[0]); 344 gcry_mpi_release (ne[0]);
338 gcry_mpi_release (ne[1]); 345 gcry_mpi_release (ne[1]);
339 return 0; 346 return 0;
340 } 347 }
341 buf_size = n_size + e_size + sizeof (hdr); 348 buf_size = n_size + e_size + sizeof (hdr);
349 if (NULL == buffer)
350 {
351 gcry_mpi_release (ne[0]);
352 gcry_mpi_release (ne[1]);
353 return buf_size;
354 }
342 buf = GNUNET_malloc (buf_size); 355 buf = GNUNET_malloc (buf_size);
343 hdr.modulus_length = htons ((uint16_t) n_size); 356 hdr.modulus_length = htons ((uint16_t) n_size);
344 hdr.public_exponent_length = htons ((uint16_t) e_size); 357 hdr.public_exponent_length = htons ((uint16_t) e_size);
345 memcpy (buf, &hdr, sizeof (hdr)); 358 memcpy (buf,
359 &hdr,
360 sizeof (hdr));
346 GNUNET_assert (0 == 361 GNUNET_assert (0 ==
347 gcry_mpi_print (GCRYMPI_FMT_USG, 362 gcry_mpi_print (GCRYMPI_FMT_USG,
348 (unsigned char *) &buf[sizeof (hdr)], 363 (unsigned char *) &buf[sizeof (hdr)],
diff --git a/src/util/os_installation.c b/src/util/os_installation.c
index f15e1871a..171bb5baa 100644
--- a/src/util/os_installation.c
+++ b/src/util/os_installation.c
@@ -754,25 +754,9 @@ GNUNET_OS_get_suid_binary_path (const struct GNUNET_CONFIGURATION_Handle *cfg,
754} 754}
755 755
756 756
757/** 757enum GNUNET_GenericReturnValue
758 * Check whether an executable exists and possibly if the suid bit is
759 * set on the file. Attempts to find the file using the current PATH
760 * environment variable as a search path.
761 *
762 * @param binary the name of the file to check.
763 * W32: must not have an .exe suffix.
764 * @param check_suid input true if the binary should be checked for SUID (*nix)
765 * W32: checks if the program has sufficient privileges by executing this
766 * binary with the -d flag. -d omits a programs main loop and only
767 * executes all privileged operations in an binary.
768 * @param params parameters used for w32 privilege checking (can be NULL for != w32 )
769 * @return #GNUNET_YES if the file is SUID (*nix) or can be executed with current privileges (W32),
770 * #GNUNET_NO if not SUID (but binary exists),
771 * #GNUNET_SYSERR on error (no such binary or not executable)
772 */
773int
774GNUNET_OS_check_helper_binary (const char *binary, 758GNUNET_OS_check_helper_binary (const char *binary,
775 int check_suid, 759 bool check_suid,
776 const char *params) 760 const char *params)
777{ 761{
778 struct stat statbuf; 762 struct stat statbuf;