sssd.git/src/util/crypto, branch subdomfo sssd with jhrozek's patches CRYPTO: Use unprefixed version of function stpncpy 2014-05-18T03:40:57+00:00 Lukas Slebodnik lslebodn@redhat.com 2014-05-17T16:34:23+00:00 83e1ea9e24aabe6ade180649ecfc9c253ad19395 glibc contains two versions of finction stpncpy sh-4.2$ nm --dynamic --defined-only /lib64/libc.so.6 | grep stpncpy 0000003ce1c89b00 i stpncpy 0000003ce1c89b00 i __stpncpy 0000003ce1d040a0 T __stpncpy_chk We should use more portable version of stpncpy without prefix with underscores. The function __stpncpy was used in initial veersion e65c65fc710fa030bfb8319efc43fcdc9ce5a26f, which was based on http://people.redhat.com/drepper/SHA-crypt.txt Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
glibc contains two versions of finction stpncpy
sh-4.2$ nm --dynamic --defined-only /lib64/libc.so.6 | grep stpncpy
0000003ce1c89b00 i stpncpy
0000003ce1c89b00 i __stpncpy
0000003ce1d040a0 T __stpncpy_chk

We should use more portable version of stpncpy without prefix with underscores.

The function __stpncpy was used in initial veersion
e65c65fc710fa030bfb8319efc43fcdc9ce5a26f, which was based on
http://people.redhat.com/drepper/SHA-crypt.txt

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
CRYPTO: Fix access to uninitialized data 2014-04-28T20:14:23+00:00 Lukas Slebodnik lslebodn@redhat.com 2014-03-18T17:29:43+00:00 9faab6d48145d3a0d7b9a225ed35bdcaa32eca2c The size of output buffer(obufsize) was longer than initialised data. In calculation, uint32_t was used for length of the cryptotext, but uint16_t was written into buffer. The end of buffer was not initialised and it caused valgrind warning. Use of uninitialised value of size 8 at 0x37AE40F363: pl_base64_encode_buffer (nssb64e.c:180) by 0x37AE40F6ED: NSSBase64_EncodeItem_Util (nssb64e.c:482) by 0x37AE40F87A: BTOA_DataToAscii_Util (nssb64e.c:721) by 0x40208A: sss_base64_encode (nss_base64.c:47) by 0x403305: sss_password_encrypt (nss_obfuscate.c:358) Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
The size of output buffer(obufsize) was longer than initialised data.
In calculation, uint32_t was used for length of the cryptotext,
but uint16_t was written into buffer. The end of buffer was not initialised
and it caused valgrind warning.

 Use of uninitialised value of size 8
    at 0x37AE40F363: pl_base64_encode_buffer (nssb64e.c:180)
    by 0x37AE40F6ED: NSSBase64_EncodeItem_Util (nssb64e.c:482)
    by 0x37AE40F87A: BTOA_DataToAscii_Util (nssb64e.c:721)
    by 0x40208A: sss_base64_encode (nss_base64.c:47)
    by 0x403305: sss_password_encrypt (nss_obfuscate.c:358)

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Update DEBUG* invocations to use new levels 2014-02-12T21:31:02+00:00 Nikolai Kondrashov Nikolai.Kondrashov@redhat.com 2014-02-12T15:12:59+00:00 83bf46f4066e3d5e838a32357c201de9bd6ecdfd Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Use a script to update DEBUG* macro invocations, which use literal
numbers for levels, to use bitmask macros instead:

grep -rl --include '*.[hc]' DEBUG . |
    while read f; do
        mv "$f"{,.orig}
        perl -e 'use strict;
                 use File::Slurp;
                 my @map=qw"
                    SSSDBG_FATAL_FAILURE
                    SSSDBG_CRIT_FAILURE
                    SSSDBG_OP_FAILURE
                    SSSDBG_MINOR_FAILURE
                    SSSDBG_CONF_SETTINGS
                    SSSDBG_FUNC_DATA
                    SSSDBG_TRACE_FUNC
                    SSSDBG_TRACE_LIBS
                    SSSDBG_TRACE_INTERNAL
                    SSSDBG_TRACE_ALL
                 ";
                 my $text=read_file(\*STDIN);
                 my $repl;
                 $text=~s/
                            ^
                            (
                                .*
                                \b
                                (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM)
                                \s*
                                \(\s*
                            )(
                                [0-9]
                            )(
                                \s*,
                            )
                            (
                                \s*
                            )
                            (
                                .*
                            )
                            $
                         /
                            $repl = $1.$map[$3].$4.$5.$6,
                            length($repl) <= 80
                                ? $repl
                                : $1.$map[$3].$4."\n".(" " x length($1)).$6
                         /xmge;
                 print $text;
        ' < "$f.orig" > "$f"
        rm "$f.orig"
    done

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Make DEBUG macro invocations variadic 2014-02-12T21:30:55+00:00 Nikolai Kondrashov Nikolai.Kondrashov@redhat.com 2014-02-12T15:12:04+00:00 a3c8390d19593b1e5277d95bfb4ab206d4785150 Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code: grep -rwl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\*STDIN); $text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Use a script to update DEBUG macro invocations to use it as a variadic
macro, supplying format string and its arguments directly, instead of
wrapping them in parens.

This script was used to update the code:

grep -rwl --include '*.[hc]' DEBUG . |
    while read f; do
        mv "$f"{,.orig}
        perl -e \
            'use strict;
             use File::Slurp;
             my $text=read_file(\*STDIN);
             $text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs;
             print $text;' < "$f.orig" > "$f"
        rm "$f.orig"
    done

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Include header file in implementation module. 2013-09-24T13:15:41+00:00 Lukas Slebodnik lslebodn@redhat.com 2013-09-21T17:10:13+00:00 5cd4414fce1e0eb4133dfc6fc828bf25c8a959f9 Declarations of public functions was in header files, but header files was not included in implementation file. 
Declarations of public functions was in header files,
but header files was not included in implementation file.
UTIL: Create new wraper header file sss_endian.h 2013-08-28T20:02:49+00:00 Lukas Slebodnik lslebodn@redhat.com 2013-08-28T06:31:17+00:00 1658c567191c35beaddffafdb079abe33248037b Some platform have header file endian.h and anothers have sys/endian.h. We nedd to use conditional build to handle it correctly, therefore new header file sss_endian.h was created. 
Some platform have header file endian.h and anothers have sys/endian.h.
We nedd to use conditional build to handle it correctly, therefore new header
file sss_endian.h was created.
Check for correct variable name 2013-04-03T11:26:41+00:00 Jakub Hrozek jhrozek@redhat.com 2013-04-03T09:18:31+00:00 274fe6a4f8bcb23e31929430110c0b52e9ce233a https://fedorahosted.org/sssd/ticket/1864 
https://fedorahosted.org/sssd/ticket/1864
Out-of-bounds read fix in hmac-sha-1 2012-09-07T12:06:52+00:00 Ondrej Kos okos@redhat.com 2012-09-07T08:47:03+00:00 73505920a70e33977e84c69b4c3c598f683b7526 






libcrypto fully implemented
2012-06-26T13:01:26+00:00

George McCollister
George.McCollister@gmail.com

2012-06-19T17:36:28+00:00

e07a94a66985b674c5df11ca466792902164c4e2

Implemented working versions of the following functions for libcrypto:
 sss_base64_encode
 sss_base64_decode
 sss_hmac_sha1
 sss_password_encrypt
 sss_password_decrypt

test_encrypt_decrypt now expects EOK from libcrypto.
test_hmac_sha1 now expects EOK from libcrypto.
Added test_base64_encode to test base64 encoding implementation.
Added test_base64_decode to test base64 decoding implementation.

Signed-off-by: George McCollister <George.McCollister@gmail.com>





Implemented working versions of the following functions for libcrypto:
 sss_base64_encode
 sss_base64_decode
 sss_hmac_sha1
 sss_password_encrypt
 sss_password_decrypt

test_encrypt_decrypt now expects EOK from libcrypto.
test_hmac_sha1 now expects EOK from libcrypto.
Added test_base64_encode to test base64 encoding implementation.
Added test_base64_decode to test base64 decoding implementation.

Signed-off-by: George McCollister <George.McCollister@gmail.com>







UTIL: Add HMAC-SHA-1 function
2012-04-24T13:50:56+00:00

Jan Cholasta
jcholast@redhat.com

2012-04-17T15:03:23+00:00

b35f20cd8ecdc8308a3201e55752fb0443ec6ae4