diff options
-rw-r--r-- | usr.sbin/rpki-client/extern.h | 7 | ||||
-rw-r--r-- | usr.sbin/rpki-client/mft.c | 67 | ||||
-rw-r--r-- | usr.sbin/rpki-client/parser.c | 4 | ||||
-rw-r--r-- | usr.sbin/rpki-client/validate.c | 59 |
4 files changed, 69 insertions, 68 deletions
diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index e6f9b0018ee..8fb008fa7fe 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.111 2022/01/21 18:49:44 tb Exp $ */ +/* $OpenBSD: extern.h,v 1.112 2022/01/22 09:18:48 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -421,6 +421,8 @@ void mft_free(struct mft *); struct mft *mft_parse(X509 **, const char *, const unsigned char *, size_t); struct mft *mft_read(struct ibuf *); +enum rtype rtype_from_file_extension(const char *); +enum rtype rtype_from_mftfile(const char *); void roa_buffer(struct ibuf *, const struct roa *); void roa_free(struct roa *); @@ -447,13 +449,10 @@ int valid_ta(const char *, struct auth_tree *, int valid_cert(const char *, struct auth_tree *, const struct cert *); int valid_roa(const char *, struct auth_tree *, struct roa *); -int valid_filename(const char *); int valid_filehash(int, const char *, size_t); int valid_uri(const char *, size_t, const char *); int valid_origin(const char *, const char *); -enum rtype rtype_from_file_extension(const char *); - /* Working with CMS. */ unsigned char *cms_parse_validate(X509 **, const char *, const unsigned char *, size_t, diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c index 779cd240977..39feafd8931 100644 --- a/usr.sbin/rpki-client/mft.c +++ b/usr.sbin/rpki-client/mft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mft.c,v 1.49 2022/01/21 18:49:44 tb Exp $ */ +/* $OpenBSD: mft.c,v 1.50 2022/01/22 09:18:48 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -16,6 +16,7 @@ */ #include <assert.h> +#include <ctype.h> #include <err.h> #include <limits.h> #include <stdarg.h> @@ -121,6 +122,66 @@ check_validity(const ASN1_GENERALIZEDTIME *from, } /* + * Determine rtype corresponding to file extension. Returns RTYPE_INVALID + * on error or unkown extension. + */ +enum rtype +rtype_from_file_extension(const char *fn) +{ + size_t sz; + + sz = strlen(fn); + if (sz < 5) + return RTYPE_INVALID; + + if (strcasecmp(fn + sz - 4, ".tal") == 0) + return RTYPE_TAL; + if (strcasecmp(fn + sz - 4, ".cer") == 0) + return RTYPE_CER; + if (strcasecmp(fn + sz - 4, ".crl") == 0) + return RTYPE_CRL; + if (strcasecmp(fn + sz - 4, ".mft") == 0) + return RTYPE_MFT; + if (strcasecmp(fn + sz - 4, ".roa") == 0) + return RTYPE_ROA; + if (strcasecmp(fn + sz - 4, ".gbr") == 0) + return RTYPE_GBR; + + return RTYPE_INVALID; +} + +/* + * Validate that a filename listed on a Manifest only contains characters + * permitted in draft-ietf-sidrops-6486bis section 4.2.2 and check that + * it's a CER, CRL, GBR or a ROA. + * Returns corresponding rtype or RTYPE_INVALID on error. + */ +enum rtype +rtype_from_mftfile(const char *fn) +{ + const unsigned char *c; + enum rtype type; + + for (c = fn; *c != '\0'; ++c) + if (!isalnum(*c) && *c != '-' && *c != '_' && *c != '.') + return RTYPE_INVALID; + + if (strchr(fn, '.') != strrchr(fn, '.')) + return RTYPE_INVALID; + + type = rtype_from_file_extension(fn); + switch (type) { + case RTYPE_CER: + case RTYPE_CRL: + case RTYPE_GBR: + case RTYPE_ROA: + return type; + default: + return RTYPE_INVALID; + } +} + +/* * Parse an individual "FileAndHash", RFC 6486, sec. 4.2. * Return zero on failure, non-zero on success. */ @@ -161,13 +222,11 @@ mft_parse_filehash(struct parse *p, const ASN1_OCTET_STRING *os) if (fn == NULL) err(1, NULL); - if (!valid_filename(fn)) { + if ((type = rtype_from_mftfile(fn)) == RTYPE_INVALID) { warnx("%s: invalid filename: %s", p->fn, fn); goto out; } - type = rtype_from_file_extension(fn); - /* Now hash value. */ hash = sk_ASN1_TYPE_value(seq, 1); diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index c6d0e5c0cfe..64ccfd6c2a0 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.49 2022/01/21 18:49:44 tb Exp $ */ +/* $OpenBSD: parser.c,v 1.50 2022/01/22 09:18:48 tb Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -307,7 +307,7 @@ proc_parser_mft_check(const char *fn, struct mft *p) for (i = 0; i < p->filesz; i++) { const struct mftfile *m = &p->files[i]; - if (!valid_filename(m->file)) { + if (rtype_from_mftfile(m->file) == RTYPE_INVALID) { if (base64_encode(m->hash, sizeof(m->hash), &h) == -1) errx(1, "base64_encode failed in %s", __func__); warnx("%s: unsupported filename for %s", fn, h); diff --git a/usr.sbin/rpki-client/validate.c b/usr.sbin/rpki-client/validate.c index 9f696d5ae88..f3b6646672e 100644 --- a/usr.sbin/rpki-client/validate.c +++ b/usr.sbin/rpki-client/validate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: validate.c,v 1.25 2022/01/21 18:49:44 tb Exp $ */ +/* $OpenBSD: validate.c,v 1.26 2022/01/22 09:18:48 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -234,63 +234,6 @@ valid_roa(const char *fn, struct auth_tree *auths, struct roa *roa) } /* - * Determine rtype corresponding to file extension. Returns RTYPE_INVALID - * on error or unkown extension. - */ -enum rtype -rtype_from_file_extension(const char *fn) -{ - size_t sz; - - sz = strlen(fn); - if (sz < 5) - return RTYPE_INVALID; - - if (strcasecmp(fn + sz - 4, ".tal") == 0) - return RTYPE_TAL; - if (strcasecmp(fn + sz - 4, ".cer") == 0) - return RTYPE_CER; - if (strcasecmp(fn + sz - 4, ".crl") == 0) - return RTYPE_CRL; - if (strcasecmp(fn + sz - 4, ".mft") == 0) - return RTYPE_MFT; - if (strcasecmp(fn + sz - 4, ".roa") == 0) - return RTYPE_ROA; - if (strcasecmp(fn + sz - 4, ".gbr") == 0) - return RTYPE_GBR; - - return RTYPE_INVALID; -} - -/* - * Validate a filename listed on a Manifest. - * draft-ietf-sidrops-6486bis section 4.2.2 - * Returns 1 if filename is valid, otherwise 0. - */ -int -valid_filename(const char *fn) -{ - const unsigned char *c; - - for (c = fn; *c != '\0'; ++c) - if (!isalnum(*c) && *c != '-' && *c != '_' && *c != '.') - return 0; - - if (strchr(fn, '.') != strrchr(fn, '.')) - return 0; - - switch (rtype_from_file_extension(fn)) { - case RTYPE_CER: - case RTYPE_CRL: - case RTYPE_GBR: - case RTYPE_ROA: - return 1; - default: - return 0; - } -} - -/* * Validate a file by verifying the SHA256 hash of that file. * The file to check is passed as a file descriptor. * Returns 1 if hash matched, 0 otherwise. Closes fd when done. |