| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Undo the ancient broken fix for RhBug:71996 from commit
9e06e3b8ca76ae55eaf2c4e37ba9cac729789014: instead of disabling
the check, pass in the correct upper range which is entirely
different from everything else for the region trailer tag.
- Fixes CVE-2012-0815
|
|
- Non-existent region tag is very different from existing but invalid
one - the former is not an error but the latter one is, and needs
to be handled as such. Previously an invalid region tag would cause
us to treat it like rpm v3 package on entry, skipping all the region
sanity checks and then crashing and burning later on when the immutable
tag is fetched.
- Refer to REGION_TAG_TYPE instead of RPM_BIN_TYPE wrt the expected
type of region tag for consistency and clarity, they are the same
exact thing though.
- Should unify these damn copy-slop check one of these days, sigh...
For now, settling for the easily backportable approach.
- Fixes the other half of CVE-2012-0060
|
|
- Pass size where possible, this is a bit redundant in places since
its already checked in various places but wont hurt anyway.
|
|
- We haven't been able to sign V3 packages in the last decade or so,
might as well spit out an error on it instead of silently failing.
|
|
- Change rpmVerifySignature() to take just the signature parameters
instead of the whole dig (this is an internal API so we're free
to mess with it) from which it only needed the signature params.
- The internal low-level verifySignature() is thus reduced to
to a call to rpmKeyringVerifySig() and spitting some silly
strings to msg.
- With this, keyring can now use and reuse the its internally stored
pgp key parameters instead of having to parse the same PGP packets
over and over. As a result, signature checking is faster now. Not
dramatically so but measurably nevertheless.
|
|
- Only call pgpDigGetParams() on the public key once we've at least
tried to fetch it via rpmKeyringLookup(). This way we dont assume
things about how pgpDig internal allocation is done - currently
it does return what's essentially a static pointer into pgpDig,
but this is not a reasonable assumption for an opaque type.
No functional changes.
|
|
- Tedious but straightforward conversion to use the API instead
of going to the struct directly.
- Remove digest.h includes where no longer necessary
|
|
|
|
- pgpVerifySig() is now just a dumb wrapper around pgpVerifySignature()
which does the real work.
- Update the sole caller to use the new interface instead, deprecate
the old dig interface.
- First steps towards getting rig of pgpDig which always was a
strange creature and now is nothing but a nuisance and obfuscation.
Yes keys and signatures walk hand in hand much of the time, but
they come from different sources and want to be handled as
separate data really.
|
|
|
|
- Offset being within the data area doesn't help if the actual data doesn't
fit. Since the trailer size is well known, we can just as easily
make the check accurate to prevent reading beyond end of data in case
the offset is subtly wrong.
- In headerLoad(), region offset of zero doesn't need sanity checking,
only validate if its something else and do so accurately there too.
|
|
- sigtd->data and dig checking (where needed) is done at
rpmVerifySignature() level, dont bother double-checking
- Hash context is dup'ed, which CAN fail, so while we dont need
to check the argument for non-null, the dup result needs to
be checked for digests. For actual signatures the dup happens
elsewhere, we dont need to check the argument for non-null here.
|
|
- Hash context is required for everything, require non-NULL ctx
in rpmVerifySignature() already
- pgpDig is only relevant for true signature, digest checking doesn't
need it - dont require dummy dig to be passed for digests.
- Treat unknown signatures as a case of bad parameters: we're the
only caller of rpmVerifySignature() so it'd be us screwing up if
we ask for unknown signature to be verified.
- Treat bad parameters as a hard failure instead of "not found",
bad parameters mean we cannot verify the signature which really
equals FAIL.
|
|
- Fixes a regression originating all the way back from commit
c7fc09d585ff3831924f72f61d990aa791f2c3f2 (ie rpm >= 4.8.0)
where a package with a bogus signature can slip through undetected
if we dont have a key for it.
- This additional sanity check on the signature prevents is enough
to prevent the fuzzed package in RhBug:721225 from crashing us
by stopping the bad package at the front door. That we don't have
proper tag data validation is another, much wider issue...
|
|
- Remove NULL-assignments of local variables at the end of scope
in package+signature manipulation code
|
|
- string comparison notices different length anyway, avoid going
through the same data twice
|
|
- it is to be removed in the next soname bump
|
|
- Some of these might actually be "correct" but about one case from
librpmbuild cascades down here ... just not worth the trouble to
keep the as rpmSigTags.
|
|
|
|
- No need to separately free this stuff (at least anymore), it
gets done on exit anyway.
|
|
- signature.c is now entirely free of all actual signing activities,
which requires stuff that like gpg that nothing else needs.
|
|
- Avoids having to expose this in the ABI in the next steps
|
|
- Similar in spirit to commit 825691afb2a8e2c0b3c6a031950f3c7855dc4c6e,
these have fairly little in common really.
- Change the function names to force breakage on users (these are exported
in ABI but not in public headers so "users" are internal uses in
practise): the automatically generated bits in signature header are
not signatures, but digests (even size is a checksum of sorts) ...
and fix the couple of internal uses.
|
|
- These have fairly little in common in reality: one is always
automatically created on package generation, the other is optional
extra step requiring passphrases and all sorts of other things.
- The switch-cases are now fairly hysterical but leaving them for
later spring-clean to keep changes minimal for this step.
- No functional changes (supposedly ;)
|
|
- dumb thinko/typo from commit 0e143cfe9f11abc42733d2265dc6d61cb716e5a4
|
|
- makeGPGSignature() figures the signature type by parsing the
created signature, use that instead of the rather bogus tag
based on %_signature macro value passed from the cli level.
|
|
|
|
- GPG supports all sorts of algorithms NSS doesn't, do some basic tests
to verify the generated signature is something we can actually use.
|
|
|
|
- no point conditionalizing what we cant live without
|
|
- only signature.c needs, no need to pollute system.h
|
|
- Execve() failure wasn't returning an error code, causing rpm to
think the password was ok when we couldn't even try verifying
- Stricter return code checking from the password checking child:
the password can only be ok if the child exits with WIFEXITED() *and*
WIFEXITCODE() of 0. Also WIFEXITCODE() should only be called if
WIFEXITED() returns true.
|
|
|
|
- requiring every caller to handle this separately, violating header type
opaqueness in the process, doesn't seem that bright an idea
- also fix a memleak on signature header read in case of failure
|
|
|
|
- rpm itself hasn't used this for anything in ages, its broken too for
quite some time and nobody noticed -> nobody's going to miss this
|
|
- the last freeware PGP version (6.5.8) is from year 2000 and doesn't
come close to compiling on modern distros, commercial versions we're
not interested in
- "PGP" signatures in rpm mean RSA, gpg can handle that just fine since
forever
- the code's been unused for years, unlikely to be functional anyway...
|
|
- verifyRSA/DSA were just the same already, differences are in key/sig
parameters which dont matter on this level
- these dont need sigtd for anything, the data has been parsed into pgpDig
before we get here
- add extra flag for header-only vs header+payload signatures,
we know which is it in rpmVerifySignature()
|
|
- size, md5 and sha1 aren't really signatures
|
|
- move retval msg last everywhere
|
|
- retrieve names from pgp tables instead of manually duplicated strings
|
|
- if this stuff doesn't match, pgpVerifySig() will fail anyway, dont
bother checking for same things over and over
|
|
- new pgpVerifySig() call to perform the lowlevel verify, use for
verifying DSA/RSA signatures
- librpm is now free of NSS specifics (apart from what still leaks through
including rpmio/digest.h), remove linkage
|
|
|
|
|
|
- in reality makePGPSignature() never gets called here due to other fun...
|
|
- allocate+free digests locally where needed, pass around in separate argument
- use digest bundles to handle rpmVerifySignatures() needs
- kill-kill-kill fdStealDigest(), dup the contexts from bundles as needed
|
|
|
|
- key/signature can't be both DSA and RSA at the same time
|
|
- we dont even recognize rpm 2.x packages as rpms...
|
