sssd.git/src/util/crypto, branch sudo Unnamed repository; edit this file 'description' to name the repository. CRYPTO: Do not call NSS_Shutdown after every operation 2017-07-24T19:39:38+00:00 Jakub Hrozek jhrozek@redhat.com 2017-06-07T13:55:39+00:00 a6f606117e5cfe64c4b49f94e514bf82054716d3 Calling setup and teardown on every encryption cases issues like the one described in https://bugzilla.redhat.com/show_bug.cgi?id=1456151 eventually. Similarly to other crypto functions, don't tear down NSS by calling NSS_Shutdown. Let the OS reclaim the resources. Resolves: https://pagure.io/SSSD/sssd/issue/3424 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
Calling setup and teardown on every encryption cases issues like the one
described in https://bugzilla.redhat.com/show_bug.cgi?id=1456151
eventually.

Similarly to other crypto functions, don't tear down NSS by calling
NSS_Shutdown. Let the OS reclaim the resources.

Resolves:
https://pagure.io/SSSD/sssd/issue/3424

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
UTIL: Remove fcntl.h from util/util.h 2017-06-08T15:09:36+00:00 Lukas Slebodnik lslebodn@redhat.com 2017-05-27T17:07:41+00:00 8890a30f5d054187fd7d5b50503f82a49cd025f0 fcntl.h is not used directly by util/util.h. The header file fcntl.h must be included in 49 files and after removing it from util.h it had to be added only to 7 missing file which were using either directly syscall fcntl or syscall open. Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com> 
fcntl.h is not used directly by util/util.h. The header file fcntl.h
must be included in 49 files and after removing it from util.h it had to be
added only to 7 missing file which were using either directly syscall fcntl
or syscall open.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
sss_crypto.h: include required headers 2016-12-19T22:22:26+00:00 Pavel Březina pbrezina@redhat.com 2016-11-16T13:56:29+00:00 35d1617655ca7270a23a716f60e7a4497cbba4ba So we do not depend on #include order. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
So we do not depend on #include order.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
libcrypto: Check right value of CRYPTO_memcmp 2016-10-21T16:03:54+00:00 Lukas Slebodnik lslebodn@redhat.com 2016-10-19T14:46:44+00:00 0c2be9700d3b54db33c1a3dd5d230b34bfaceb50 sss_decrypt failed even though should pass because we were checking wrong value of CRYPTO_memcmp. Nobody noticed that because there was not a unit test :-) Reviewed-by: Christian Heimes <cheimes@redhat.com> 
sss_decrypt failed even though should pass because
we were checking wrong value of CRYPTO_memcmp.
Nobody noticed that because there was not a unit test :-)

Reviewed-by: Christian Heimes <cheimes@redhat.com>
crypto: Port libcrypto code to openssl-1.1 2016-10-20T12:51:42+00:00 Lukas Slebodnik lslebodn@redhat.com 2016-10-17T13:44:20+00:00 8f1316a0c677f211eaaa1346e21a03446b8c4fb1 EVP_MD_CTX and EVP_CIPHER_CTX are opaque in openssl-1.1 Reviewed-by: Tomas Mraz <tmraz@redhat.com> 
EVP_MD_CTX and EVP_CIPHER_CTX are opaque in openssl-1.1

Reviewed-by: Tomas Mraz <tmraz@redhat.com>
UTIL: Use sss_atomic_read_s in generate_csprng_buffer 2016-08-17T14:55:15+00:00 Jakub Hrozek jhrozek@redhat.com 2016-08-08T12:07:04+00:00 b3a22ee1d91aa4ed1544475be16ec2b7cf886180 There was a bug in generate_csprng_buffer() where if we read the exact amount of bytes from /dev/urandom, we would always return EIO. Instead, let's reuse the existing code from sss_atomic_read_s() which fixes this bug and reduces code duplication. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Fabiano Fidêncio <fabiano@fidencio.org> 
There was a bug in generate_csprng_buffer() where if we read the exact
amount of bytes from /dev/urandom, we would always return EIO. Instead,
let's reuse the existing code from sss_atomic_read_s() which fixes this
bug and reduces code duplication.

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Fabiano Fidêncio <fabiano@fidencio.org>
Secrets: Add encryption at rest 2016-06-29T19:46:52+00:00 Simo Sorce simo@redhat.com 2016-05-09T15:34:49+00:00 625bb2ddf15e8f305a53afa44e87f2146fa930af Generates a master key file if it doesn't exist and encrypts secrets using the master key contained in the file. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
Generates a master key file if it doesn't exist and encrypts secrets
using the master key contained in the file.

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
CRYPTO: Use unprefixed version of function stpncpy 2014-05-18T03:40:57+00:00 Lukas Slebodnik lslebodn@redhat.com 2014-05-17T16:34:23+00:00 83e1ea9e24aabe6ade180649ecfc9c253ad19395 glibc contains two versions of finction stpncpy sh-4.2$ nm --dynamic --defined-only /lib64/libc.so.6 | grep stpncpy 0000003ce1c89b00 i stpncpy 0000003ce1c89b00 i __stpncpy 0000003ce1d040a0 T __stpncpy_chk We should use more portable version of stpncpy without prefix with underscores. The function __stpncpy was used in initial veersion e65c65fc710fa030bfb8319efc43fcdc9ce5a26f, which was based on http://people.redhat.com/drepper/SHA-crypt.txt Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
glibc contains two versions of finction stpncpy
sh-4.2$ nm --dynamic --defined-only /lib64/libc.so.6 | grep stpncpy
0000003ce1c89b00 i stpncpy
0000003ce1c89b00 i __stpncpy
0000003ce1d040a0 T __stpncpy_chk

We should use more portable version of stpncpy without prefix with underscores.

The function __stpncpy was used in initial veersion
e65c65fc710fa030bfb8319efc43fcdc9ce5a26f, which was based on
http://people.redhat.com/drepper/SHA-crypt.txt

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
CRYPTO: Fix access to uninitialized data 2014-04-28T20:14:23+00:00 Lukas Slebodnik lslebodn@redhat.com 2014-03-18T17:29:43+00:00 9faab6d48145d3a0d7b9a225ed35bdcaa32eca2c The size of output buffer(obufsize) was longer than initialised data. In calculation, uint32_t was used for length of the cryptotext, but uint16_t was written into buffer. The end of buffer was not initialised and it caused valgrind warning. Use of uninitialised value of size 8 at 0x37AE40F363: pl_base64_encode_buffer (nssb64e.c:180) by 0x37AE40F6ED: NSSBase64_EncodeItem_Util (nssb64e.c:482) by 0x37AE40F87A: BTOA_DataToAscii_Util (nssb64e.c:721) by 0x40208A: sss_base64_encode (nss_base64.c:47) by 0x403305: sss_password_encrypt (nss_obfuscate.c:358) Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
The size of output buffer(obufsize) was longer than initialised data.
In calculation, uint32_t was used for length of the cryptotext,
but uint16_t was written into buffer. The end of buffer was not initialised
and it caused valgrind warning.

 Use of uninitialised value of size 8
    at 0x37AE40F363: pl_base64_encode_buffer (nssb64e.c:180)
    by 0x37AE40F6ED: NSSBase64_EncodeItem_Util (nssb64e.c:482)
    by 0x37AE40F87A: BTOA_DataToAscii_Util (nssb64e.c:721)
    by 0x40208A: sss_base64_encode (nss_base64.c:47)
    by 0x403305: sss_password_encrypt (nss_obfuscate.c:358)

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Update DEBUG* invocations to use new levels 2014-02-12T21:31:02+00:00 Nikolai Kondrashov Nikolai.Kondrashov@redhat.com 2014-02-12T15:12:59+00:00 83bf46f4066e3d5e838a32357c201de9bd6ecdfd Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Use a script to update DEBUG* macro invocations, which use literal
numbers for levels, to use bitmask macros instead:

grep -rl --include '*.[hc]' DEBUG . |
    while read f; do
        mv "$f"{,.orig}
        perl -e 'use strict;
                 use File::Slurp;
                 my @map=qw"
                    SSSDBG_FATAL_FAILURE
                    SSSDBG_CRIT_FAILURE
                    SSSDBG_OP_FAILURE
                    SSSDBG_MINOR_FAILURE
                    SSSDBG_CONF_SETTINGS
                    SSSDBG_FUNC_DATA
                    SSSDBG_TRACE_FUNC
                    SSSDBG_TRACE_LIBS
                    SSSDBG_TRACE_INTERNAL
                    SSSDBG_TRACE_ALL
                 ";
                 my $text=read_file(\*STDIN);
                 my $repl;
                 $text=~s/
                            ^
                            (
                                .*
                                \b
                                (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM)
                                \s*
                                \(\s*
                            )(
                                [0-9]
                            )(
                                \s*,
                            )
                            (
                                \s*
                            )
                            (
                                .*
                            )
                            $
                         /
                            $repl = $1.$map[$3].$4.$5.$6,
                            length($repl) <= 80
                                ? $repl
                                : $1.$map[$3].$4."\n".(" " x length($1)).$6
                         /xmge;
                 print $text;
        ' < "$f.orig" > "$f"
        rm "$f.orig"
    done

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>