From 5081b5ef7c6338ff5b19520ef828a8a1aaf7631d Mon Sep 17 00:00:00 2001

From: Rob Crittenden <rcritten@redhat.com>

Date: Fri, 1 May 2020 16:22:20 -0400

Subject: [PATCH] Ensure that files read in have a trailing new-line

In SCEP when retrieving the CA chain the certificates passed in

on the command-line (RA agent and CA cert) area printed along with

the contents of what was retrieved remotely.

If one of the filesystem certificates lacks a newline then the

output will be jumbled like:

-----END CERTIFICATE----------BEGIN CERTIFICATE-----\n

https://bugzilla.redhat.com/show_bug.cgi?id=1814976

---

 src/submit-u.c                  |  8 +++++

 tests/039-fromfile/expected.out |  4 +++

 tests/039-fromfile/run.sh       | 55 +++++++++++++++++++++++++++++++++

 tests/Makefile.am               |  6 ++--

 tests/tools/Makefile.am         |  6 +++-

 tests/tools/fromfile.c          | 52 +++++++++++++++++++++++++++++++

 6 files changed, 128 insertions(+), 3 deletions(-)

 create mode 100644 tests/039-fromfile/expected.out

 create mode 100755 tests/039-fromfile/run.sh

 create mode 100644 tests/tools/fromfile.c

diff --git a/src/submit-u.c b/src/submit-u.c

index dda2edb..191526b 100644

--- a/src/submit-u.c

+++ b/src/submit-u.c

@@ -100,6 +100,14 @@ cm_submit_u_from_file(const char *filename)

 	}

 	if (csr == NULL) {

 		csr = strdup("");

+	} else {

+		int length = strlen(csr);

+		if (csr[length-1] != '\n') {

+			length += 1;

+			csr = realloc(csr, length + 1);

+			csr[length - 1] = '\n';

+			csr[length] = '\0';

+		}

 	}

 	return csr;

 }

diff --git a/tests/039-fromfile/expected.out b/tests/039-fromfile/expected.out

new file mode 100644

index 0000000..9191a57

--- /dev/null

+++ b/tests/039-fromfile/expected.out

@@ -0,0 +1,4 @@

+[trailing_nl]

+Ok

+[no_trailing_nl]

+Ok

diff --git a/tests/039-fromfile/run.sh b/tests/039-fromfile/run.sh

new file mode 100755

index 0000000..8bae773

--- /dev/null

+++ b/tests/039-fromfile/run.sh

@@ -0,0 +1,55 @@

+#!/bin/bash -e

+

+cd $tmpdir

+

+cat > $tmpdir/trailing_nl <<- EOF

+-----BEGIN CERTIFICATE-----

+MIIDjjCCAnagAwIBAgIRAO1VmyXYM0f7pbXVdEGtRPMwDQYJKoZIhvcNAQELBQAw

+UDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRob3JpdHkxLDAqBgNVBAMMI2Vk

+NTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0NGYzMB4XDTE1MDQyODE3MDk0

+OFoXDTE2MDQyODE3MDk0OFowUDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRo

+b3JpdHkxLDAqBgNVBAMMI2VkNTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0

+NGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c/LhlyBs0UUiDSy

+nrC+Q0WJkWZeQ/kqwniru+GlXgb3g+7VvyAfdZ45NiBdo/6xXyCLphK0g8oZLyi8

+OwQQoUyVMn9gsGXbjlwSzjXKx3wdUM+lFpenx8iQS9aCfVQJ4tzFgM1pQBQ2AiHs

+jvU18xSFSZApjT5UIK35kyH22D8LhCGGYLaU3xFEfHvd0AOuXwm5Nsiu/HTsSV4N

+peUdFEmFzQwUEUdV2jKOPcXnOArV82vfpdp1nSCX3kruEb9G93VsmQ+9ebKXQRQE

+Ltd65e/EYtXvihuTtElLYuyYZlYJdbTZeLXB4YLvElgNkS9JK7RKHlCm0KYQmcmd

+GZSh8QIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQEBMB0GA1UdDgQWBBRLxeFy3+RS

+FloygyjlXa6YEv8ltzAfBgNVHSMEGDAWgBRLxeFy3+RSFloygyjlXa6YEv8ltzAO

+BgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAH9A9ePIqZGF4VEo5D4j

+MuOJ1J4uTRxHoEGXCDRcuCn3RvT0civWEPpRNo1YVgAWFODpt/HSi3lCVtTb7FwJ

+hfHkxCpAuHmv3sfT8jcCwTTAXL1BLpCO6d0zz0RrFMNK+vGyZu/7LXhaYVu590Q5

+1DMybHmln7i+Tw/eYb4Avk1FWGOEpNdf3ZjUazcDlkO4EwA6BnZUC8gFvz0OI73D

+AJsGq/UsJvMH30ga1rZ/9LiHEMSEys5amk98yMRvi/R1qI02kjANdZ0ID/7cJSw2

+rVCCs61jgYppWv3JHVKYmm6+cVPAUcuRdsUzDpAQDdvGAaZJENE6suulRVEaBEdS

+8gM=

+-----END CERTIFICATE-----

+EOF

+cat > $tmpdir/no_trailing_nl <<- EOF

+-----BEGIN CERTIFICATE-----

+MIIDjjCCAnagAwIBAgIRAO1VmyXYM0f7pbXVdEGtRPMwDQYJKoZIhvcNAQELBQAw

+UDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRob3JpdHkxLDAqBgNVBAMMI2Vk

+NTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0NGYzMB4XDTE1MDQyODE3MDk0

+OFoXDTE2MDQyODE3MDk0OFowUDEgMB4GA1UEAwwXTG9jYWwgU2lnbmluZyBBdXRo

+b3JpdHkxLDAqBgNVBAMMI2VkNTU5YjI1LWQ4MzM0N2ZiLWE1YjVkNTc0LTQxYWQ0

+NGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c/LhlyBs0UUiDSy

+nrC+Q0WJkWZeQ/kqwniru+GlXgb3g+7VvyAfdZ45NiBdo/6xXyCLphK0g8oZLyi8

+OwQQoUyVMn9gsGXbjlwSzjXKx3wdUM+lFpenx8iQS9aCfVQJ4tzFgM1pQBQ2AiHs

+jvU18xSFSZApjT5UIK35kyH22D8LhCGGYLaU3xFEfHvd0AOuXwm5Nsiu/HTsSV4N

+peUdFEmFzQwUEUdV2jKOPcXnOArV82vfpdp1nSCX3kruEb9G93VsmQ+9ebKXQRQE

+Ltd65e/EYtXvihuTtElLYuyYZlYJdbTZeLXB4YLvElgNkS9JK7RKHlCm0KYQmcmd

+GZSh8QIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQEBMB0GA1UdDgQWBBRLxeFy3+RS

+FloygyjlXa6YEv8ltzAfBgNVHSMEGDAWgBRLxeFy3+RSFloygyjlXa6YEv8ltzAO

+BgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAH9A9ePIqZGF4VEo5D4j

+MuOJ1J4uTRxHoEGXCDRcuCn3RvT0civWEPpRNo1YVgAWFODpt/HSi3lCVtTb7FwJ

+hfHkxCpAuHmv3sfT8jcCwTTAXL1BLpCO6d0zz0RrFMNK+vGyZu/7LXhaYVu590Q5

+1DMybHmln7i+Tw/eYb4Avk1FWGOEpNdf3ZjUazcDlkO4EwA6BnZUC8gFvz0OI73D

+AJsGq/UsJvMH30ga1rZ/9LiHEMSEys5amk98yMRvi/R1qI02kjANdZ0ID/7cJSw2

+rVCCs61jgYppWv3JHVKYmm6+cVPAUcuRdsUzDpAQDdvGAaZJENE6suulRVEaBEdS

+8gM=

+EOF

+echo -n "-----END CERTIFICATE-----" >> $tmpdir/no_trailing_nl

+

+$toolsdir/fromfile trailing_nl

+$toolsdir/fromfile no_trailing_nl

diff --git a/tests/Makefile.am b/tests/Makefile.am

index 562b027..1fe7e55 100644

--- a/tests/Makefile.am

+++ b/tests/Makefile.am

@@ -151,7 +151,8 @@ EXTRA_DIST = \

 	037-rekey2/run.sh \

 	038-ms-v2-template/expected.out \

 	038-ms-v2-template/extract-extdata.py \

-	038-ms-v2-template/run.sh

+	038-ms-v2-template/run.sh \

+	039-fromfile/run.sh

 subdirs = \

 	001-keyiread \

@@ -193,7 +194,8 @@ subdirs = \

 	035-json \

 	036-getcert \

 	037-rekey2 \

-	038-ms-v2-template

+	038-ms-v2-template \

+	039-fromfile

 if HAVE_DBM_NSSDB

 subdirs += \

diff --git a/tests/tools/Makefile.am b/tests/tools/Makefile.am

index 9988b8c..d927e9b 100644

--- a/tests/tools/Makefile.am

+++ b/tests/tools/Makefile.am

@@ -15,7 +15,7 @@ endif

 noinst_PROGRAMS = keyiread keygen csrgen submit certread certsave oid2name \

 		  name2oid iterate prefs dates listnicks pem2base base2pem \

 		  dparse payload checksig base64 cadata citerate casave hooks \

-		  libexecdir canon srv addcinfo ls json json-utf8 printenv

+		  libexecdir canon srv addcinfo ls json json-utf8 printenv fromfile

 noinst_LIBRARIES = libtools.a

 if HAVE_OPENSSL

 noinst_PROGRAMS += pk7parse pk7env scepgen pk7verify pk7decrypt

@@ -36,3 +36,7 @@ citerate_SOURCES = citerate.c ../../src/store-gen.c

 srv_SOURCES = srv.c ../../src/srvloc.c

 srv_LDADD = $(LDADD)

+

+fromfile_CFLAGS = $(AM_CFLAGS)

+fromfile_SOURCES = fromfile.c

+fromfile_LDADD = $(top_srcdir)/src/submit-u.c $(LDADD) $(UUID_LIBS)

diff --git a/tests/tools/fromfile.c b/tests/tools/fromfile.c

new file mode 100644

index 0000000..c1d2694

--- /dev/null

+++ b/tests/tools/fromfile.c

@@ -0,0 +1,52 @@

+/*

+ * Copyright (C) 2020 Red Hat, Inc.

+ * 

+ * This program is free software: you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation, either version 3 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.

+ */

+

+#include <sys/types.h>

+#include <errno.h>

+#include <stdlib.h>

+#include <stdio.h>

+#include <string.h>

+

+#include <time.h>

+#include <krb5.h>

+

+#include "../../src/config.h"

+#include "../../src/submit-u.h"

+

+int

+main(int argc, char **argv)

+{

+	int i, result = 0;

+	char *cert;

+

+	for (i = 1; i < argc; i++) {

+		printf("[%s]\n", argv[i]);

+		cert = cm_submit_u_from_file(argv[i]);

+		if (cert == NULL) {

+			printf("OOM error\n");

+			result = 1;

+		}

+		else if (cert[strlen(cert) - 1] != '\n') {

+			printf("Missing trailing newline\n");

+			result = 1;

+		} else {

+			printf("Ok\n");

+		}

+		free(cert);

+	}

+	return result;

+}

-- 

2.21.1