diff options
author | t3sserakt <t3ss@posteo.de> | 2021-11-09 17:54:23 +0100 |
---|---|---|
committer | t3sserakt <t3ss@posteo.de> | 2021-11-09 19:43:13 +0100 |
commit | 7b575e69c8843fd779f72ad8fed7a8360a3ba513 (patch) | |
tree | f88ae0dd8ce1528751da708ee824b13d2f898f21 /src/util | |
parent | 8cd4dadfb9ebd4db232fda79d5c4353eacb15690 (diff) | |
parent | fab39a6089cb6f48af6bdcfa0a4df3559348259e (diff) | |
download | gnunet-7b575e69c8843fd779f72ad8fed7a8360a3ba513.tar.gz gnunet-7b575e69c8843fd779f72ad8fed7a8360a3ba513.zip |
Merge branch 'master' into dev/t3ss/tng
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/configuration.c | 15 | ||||
-rw-r--r-- | src/util/crypto_hkdf.c | 23 | ||||
-rw-r--r-- | src/util/crypto_rsa.c | 23 | ||||
-rw-r--r-- | src/util/os_installation.c | 20 |
4 files changed, 51 insertions, 30 deletions
diff --git a/src/util/configuration.c b/src/util/configuration.c index 09a3a7d93..d9d6721cc 100644 --- a/src/util/configuration.c +++ b/src/util/configuration.c | |||
@@ -2383,31 +2383,34 @@ GNUNET_CONFIGURATION_default (void) | |||
2383 | char *cfgname = NULL; | 2383 | char *cfgname = NULL; |
2384 | struct GNUNET_CONFIGURATION_Handle *cfg; | 2384 | struct GNUNET_CONFIGURATION_Handle *cfg; |
2385 | 2385 | ||
2386 | /* FIXME: Why are we doing this? Needs some commentary! */ | 2386 | /* Makes sure function implicitly looking at the installation directory (for |
2387 | example GNUNET_CONFIGURATION_load further down) use GNUnet's environment | ||
2388 | instead of the caller's. It's done at the start to make sure as many | ||
2389 | functions as possible are directed to the proper paths. */ | ||
2387 | GNUNET_OS_init (dpd); | 2390 | GNUNET_OS_init (dpd); |
2388 | 2391 | ||
2389 | cfg = GNUNET_CONFIGURATION_create (); | 2392 | cfg = GNUNET_CONFIGURATION_create (); |
2390 | 2393 | ||
2391 | /* First, try user configuration. */ | 2394 | /* First, try user configuration. */ |
2392 | if (NULL != xdg) | 2395 | if (NULL != xdg) |
2393 | GNUNET_asprintf (&cfgname, "%s/%s", xdg, pd->config_file); | 2396 | GNUNET_asprintf (&cfgname, "%s/%s", xdg, dpd->config_file); |
2394 | else | 2397 | else |
2395 | cfgname = GNUNET_strdup (pd->user_config_file); | 2398 | cfgname = GNUNET_strdup (dpd->user_config_file); |
2396 | 2399 | ||
2397 | /* If user config doesn't exist, try in | 2400 | /* If user config doesn't exist, try in |
2398 | /etc/<projdir>/<cfgfile> and /etc/<cfgfile> */ | 2401 | /etc/<projdir>/<cfgfile> and /etc/<cfgfile> */ |
2399 | if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) | 2402 | if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) |
2400 | { | 2403 | { |
2401 | GNUNET_free (cfgname); | 2404 | GNUNET_free (cfgname); |
2402 | GNUNET_asprintf (&cfgname, "/etc/%s", pd->config_file); | 2405 | GNUNET_asprintf (&cfgname, "/etc/%s", dpd->config_file); |
2403 | } | 2406 | } |
2404 | if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) | 2407 | if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) |
2405 | { | 2408 | { |
2406 | GNUNET_free (cfgname); | 2409 | GNUNET_free (cfgname); |
2407 | GNUNET_asprintf (&cfgname, | 2410 | GNUNET_asprintf (&cfgname, |
2408 | "/etc/%s/%s", | 2411 | "/etc/%s/%s", |
2409 | pd->project_dirname, | 2412 | dpd->project_dirname, |
2410 | pd->config_file); | 2413 | dpd->config_file); |
2411 | } | 2414 | } |
2412 | if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) | 2415 | if (GNUNET_OK != GNUNET_DISK_file_test (cfgname)) |
2413 | { | 2416 | { |
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c index 7270b87b6..4e4496819 100644 --- a/src/util/crypto_hkdf.c +++ b/src/util/crypto_hkdf.c | |||
@@ -103,11 +103,30 @@ getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len, const void *skm, | |||
103 | size_t skm_len, void *prk) | 103 | size_t skm_len, void *prk) |
104 | { | 104 | { |
105 | const void *ret; | 105 | const void *ret; |
106 | size_t dlen; | ||
106 | 107 | ||
107 | ret = doHMAC (mac, xts, xts_len, skm, skm_len); | 108 | dlen = gcry_md_get_algo_dlen (gcry_md_get_algo (mac)); |
109 | |||
110 | /* sanity check to bound stack allocation */ | ||
111 | GNUNET_assert (dlen <= 512); | ||
112 | |||
113 | /* From RFC 5869: | ||
114 | * salt - optional salt value (a non-secret random value); | ||
115 | * if not provided, it is set to a string of HashLen zeros. */ | ||
116 | |||
117 | if (xts_len == 0) | ||
118 | { | ||
119 | char zero_salt[dlen]; | ||
120 | memset (zero_salt, 0, dlen); | ||
121 | ret = doHMAC (mac, zero_salt, dlen, skm, skm_len); | ||
122 | } | ||
123 | else | ||
124 | { | ||
125 | ret = doHMAC (mac, xts, xts_len, skm, skm_len); | ||
126 | } | ||
108 | if (ret == NULL) | 127 | if (ret == NULL) |
109 | return GNUNET_SYSERR; | 128 | return GNUNET_SYSERR; |
110 | GNUNET_memcpy (prk, ret, gcry_md_get_algo_dlen (gcry_md_get_algo (mac))); | 129 | GNUNET_memcpy (prk, ret, dlen); |
111 | 130 | ||
112 | return GNUNET_YES; | 131 | return GNUNET_YES; |
113 | } | 132 | } |
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 4d3de00bc..f017d1f10 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -310,9 +310,15 @@ GNUNET_CRYPTO_rsa_public_key_encode ( | |||
310 | struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr; | 310 | struct GNUNET_CRYPTO_RsaPublicKeyHeaderP hdr; |
311 | int ret; | 311 | int ret; |
312 | 312 | ||
313 | ret = key_from_sexp (ne, key->sexp, "public-key", "ne"); | 313 | ret = key_from_sexp (ne, |
314 | key->sexp, | ||
315 | "public-key", | ||
316 | "ne"); | ||
314 | if (0 != ret) | 317 | if (0 != ret) |
315 | ret = key_from_sexp (ne, key->sexp, "rsa", "ne"); | 318 | ret = key_from_sexp (ne, |
319 | key->sexp, | ||
320 | "rsa", | ||
321 | "ne"); | ||
316 | if (0 != ret) | 322 | if (0 != ret) |
317 | { | 323 | { |
318 | GNUNET_break (0); | 324 | GNUNET_break (0); |
@@ -333,16 +339,25 @@ GNUNET_CRYPTO_rsa_public_key_encode ( | |||
333 | (n_size > UINT16_MAX) ) | 339 | (n_size > UINT16_MAX) ) |
334 | { | 340 | { |
335 | GNUNET_break (0); | 341 | GNUNET_break (0); |
336 | *buffer = NULL; | 342 | if (NULL != buffer) |
343 | *buffer = NULL; | ||
337 | gcry_mpi_release (ne[0]); | 344 | gcry_mpi_release (ne[0]); |
338 | gcry_mpi_release (ne[1]); | 345 | gcry_mpi_release (ne[1]); |
339 | return 0; | 346 | return 0; |
340 | } | 347 | } |
341 | buf_size = n_size + e_size + sizeof (hdr); | 348 | buf_size = n_size + e_size + sizeof (hdr); |
349 | if (NULL == buffer) | ||
350 | { | ||
351 | gcry_mpi_release (ne[0]); | ||
352 | gcry_mpi_release (ne[1]); | ||
353 | return buf_size; | ||
354 | } | ||
342 | buf = GNUNET_malloc (buf_size); | 355 | buf = GNUNET_malloc (buf_size); |
343 | hdr.modulus_length = htons ((uint16_t) n_size); | 356 | hdr.modulus_length = htons ((uint16_t) n_size); |
344 | hdr.public_exponent_length = htons ((uint16_t) e_size); | 357 | hdr.public_exponent_length = htons ((uint16_t) e_size); |
345 | memcpy (buf, &hdr, sizeof (hdr)); | 358 | memcpy (buf, |
359 | &hdr, | ||
360 | sizeof (hdr)); | ||
346 | GNUNET_assert (0 == | 361 | GNUNET_assert (0 == |
347 | gcry_mpi_print (GCRYMPI_FMT_USG, | 362 | gcry_mpi_print (GCRYMPI_FMT_USG, |
348 | (unsigned char *) &buf[sizeof (hdr)], | 363 | (unsigned char *) &buf[sizeof (hdr)], |
diff --git a/src/util/os_installation.c b/src/util/os_installation.c index f15e1871a..171bb5baa 100644 --- a/src/util/os_installation.c +++ b/src/util/os_installation.c | |||
@@ -754,25 +754,9 @@ GNUNET_OS_get_suid_binary_path (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
754 | } | 754 | } |
755 | 755 | ||
756 | 756 | ||
757 | /** | 757 | enum GNUNET_GenericReturnValue |
758 | * Check whether an executable exists and possibly if the suid bit is | ||
759 | * set on the file. Attempts to find the file using the current PATH | ||
760 | * environment variable as a search path. | ||
761 | * | ||
762 | * @param binary the name of the file to check. | ||
763 | * W32: must not have an .exe suffix. | ||
764 | * @param check_suid input true if the binary should be checked for SUID (*nix) | ||
765 | * W32: checks if the program has sufficient privileges by executing this | ||
766 | * binary with the -d flag. -d omits a programs main loop and only | ||
767 | * executes all privileged operations in an binary. | ||
768 | * @param params parameters used for w32 privilege checking (can be NULL for != w32 ) | ||
769 | * @return #GNUNET_YES if the file is SUID (*nix) or can be executed with current privileges (W32), | ||
770 | * #GNUNET_NO if not SUID (but binary exists), | ||
771 | * #GNUNET_SYSERR on error (no such binary or not executable) | ||
772 | */ | ||
773 | int | ||
774 | GNUNET_OS_check_helper_binary (const char *binary, | 758 | GNUNET_OS_check_helper_binary (const char *binary, |
775 | int check_suid, | 759 | bool check_suid, |
776 | const char *params) | 760 | const char *params) |
777 | { | 761 | { |
778 | struct stat statbuf; | 762 | struct stat statbuf; |