OpenCoverage

krl.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/krl.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright (c) 2012 Damien Miller <djm@mindrot.org>-
3 *-
4 * Permission to use, copy, modify, and distribute this software for any-
5 * purpose with or without fee is hereby granted, provided that the above-
6 * copyright notice and this permission notice appear in all copies.-
7 *-
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES-
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF-
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR-
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES-
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN-
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF-
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.-
15 */-
16-
17/* $OpenBSD: krl.c,v 1.42 2018/09/12 01:21:34 djm Exp $ */-
18-
19#include "includes.h"-
20-
21#include <sys/types.h>-
22#include <openbsd-compat/sys-tree.h>-
23#include <openbsd-compat/sys-queue.h>-
24-
25#include <errno.h>-
26#include <fcntl.h>-
27#include <limits.h>-
28#include <string.h>-
29#include <time.h>-
30#include <unistd.h>-
31-
32#include "sshbuf.h"-
33#include "ssherr.h"-
34#include "sshkey.h"-
35#include "authfile.h"-
36#include "misc.h"-
37#include "log.h"-
38#include "digest.h"-
39#include "bitmap.h"-
40-
41#include "krl.h"-
42-
43/* #define DEBUG_KRL */-
44#ifdef DEBUG_KRL-
45# define KRL_DBG(x) debug3 x-
46#else-
47# define KRL_DBG(x)-
48#endif-
49-
50/*-
51 * Trees of revoked serial numbers, key IDs and keys. This allows-
52 * quick searching, querying and producing lists in canonical order.-
53 */-
54-
55/* Tree of serial numbers. XXX make smarter: really need a real sparse bitmap */-
56struct revoked_serial {-
57 u_int64_t lo, hi;-
58 RB_ENTRY(revoked_serial) tree_entry;-
59};-
60static int serial_cmp(struct revoked_serial *a, struct revoked_serial *b);-
61RB_HEAD(revoked_serial_tree, revoked_serial);-
62RB_GENERATE_STATIC(revoked_serial_tree, revoked_serial, tree_entry, serial_cmp);
never executed: end of block
never executed: end of block
never executed: continue;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: continue;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: (oleft)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_left = (oleft);
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_right = (oleft);
never executed: (head)->rbh_root = (oleft);
never executed: end of block
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_right)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: break;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: (oright)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_left = (oright);
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_right = (oright);
never executed: (head)->rbh_root = (oright);
never executed: end of block
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_left)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: break;
never executed: (elm)->tree_entry.rbe_color = 0;
never executed: child = (elm)->tree_entry.rbe_right;
never executed: child = (elm)->tree_entry.rbe_left;
never executed: elm = left;
never executed: (child)->tree_entry.rbe_parent = parent;
never executed: (parent)->tree_entry.rbe_left = child;
never executed: (parent)->tree_entry.rbe_right = child;
never executed: end of block
never executed: (head)->rbh_root = child;
never executed: parent = elm;
never executed: ((old)->tree_entry.rbe_parent)->tree_entry.rbe_left = elm;
never executed: ((old)->tree_entry.rbe_parent)->tree_entry.rbe_right = elm;
never executed: end of block
never executed: (head)->rbh_root = elm;
never executed: ((old)->tree_entry.rbe_right)->tree_entry.rbe_parent = elm;
never executed: end of block
never executed: end of block
never executed: goto color;
never executed: (child)->tree_entry.rbe_parent = parent;
never executed: (parent)->tree_entry.rbe_left = child;
never executed: (parent)->tree_entry.rbe_right = child;
never executed: end of block
never executed: (head)->rbh_root = child;
never executed: revoked_serial_tree_RB_REMOVE_COLOR(head, parent, child);
never executed: return (old);
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: (parent)->tree_entry.rbe_left = elm;
never executed: (parent)->tree_entry.rbe_right = elm;
never executed: end of block
never executed: (head)->rbh_root = elm;
never executed: return ( ((void *)0) );
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: return ( ((void *)0) );
never executed: end of block
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: return (res);
never executed: elm = (elm)->tree_entry.rbe_left;
never executed: end of block
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: end of block
never executed: return (elm);
never executed: elm = (elm)->tree_entry.rbe_right;
never executed: end of block
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: end of block
never executed: return (elm);
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (parent);
(parent)->tree...e_right == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
((gparent)->tr...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
((gparent)->tr...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(oleft = (tmp)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((oleft)->tree...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(oright = (tmp...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((oright)->tre...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
elmDescription
TRUEnever evaluated
FALSEnever evaluated
childDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en..._parent == oldDescription
TRUEnever evaluated
FALSEnever evaluated
(old)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
childDescription
TRUEnever evaluated
FALSEnever evaluated
color == 0Description
TRUEnever evaluated
FALSEnever evaluated
parent == (gpa...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(gparent) == (...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(gparent) == (...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((oleft)->tree...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp) == ((tmp...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((oright)->tre...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp) == ((tmp...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
(old)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
((old)->tree_e...be_left == oldDescription
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
parent != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
val < 0Description
TRUEnever evaluated
FALSEnever evaluated
(left = (left)...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(left = (elm)-...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
code before this statement never executed: color:
(parent = (elm...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
elm == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
elm != (head)->rbh_rootDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
0
63-
64/* Tree of key IDs */-
65struct revoked_key_id {-
66 char *key_id;-
67 RB_ENTRY(revoked_key_id) tree_entry;-
68};-
69static int key_id_cmp(struct revoked_key_id *a, struct revoked_key_id *b);-
70RB_HEAD(revoked_key_id_tree, revoked_key_id);-
71RB_GENERATE_STATIC(revoked_key_id_tree, revoked_key_id, tree_entry, key_id_cmp);
never executed: end of block
never executed: end of block
never executed: continue;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: continue;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: (oleft)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_left = (oleft);
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_right = (oleft);
never executed: (head)->rbh_root = (oleft);
never executed: end of block
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_right)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: break;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: (oright)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_left = (oright);
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_right = (oright);
never executed: (head)->rbh_root = (oright);
never executed: end of block
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_left)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: break;
never executed: (elm)->tree_entry.rbe_color = 0;
never executed: child = (elm)->tree_entry.rbe_right;
never executed: child = (elm)->tree_entry.rbe_left;
never executed: elm = left;
never executed: (child)->tree_entry.rbe_parent = parent;
never executed: (parent)->tree_entry.rbe_left = child;
never executed: (parent)->tree_entry.rbe_right = child;
never executed: end of block
never executed: (head)->rbh_root = child;
never executed: parent = elm;
never executed: ((old)->tree_entry.rbe_parent)->tree_entry.rbe_left = elm;
never executed: ((old)->tree_entry.rbe_parent)->tree_entry.rbe_right = elm;
never executed: end of block
never executed: (head)->rbh_root = elm;
never executed: ((old)->tree_entry.rbe_right)->tree_entry.rbe_parent = elm;
never executed: end of block
never executed: end of block
never executed: goto color;
never executed: (child)->tree_entry.rbe_parent = parent;
never executed: (parent)->tree_entry.rbe_left = child;
never executed: (parent)->tree_entry.rbe_right = child;
never executed: end of block
never executed: (head)->rbh_root = child;
never executed: revoked_key_id_tree_RB_REMOVE_COLOR(head, parent, child);
never executed: return (old);
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: (parent)->tree_entry.rbe_left = elm;
never executed: (parent)->tree_entry.rbe_right = elm;
never executed: end of block
never executed: (head)->rbh_root = elm;
never executed: return ( ((void *)0) );
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: return ( ((void *)0) );
never executed: end of block
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: return (res);
never executed: elm = (elm)->tree_entry.rbe_left;
never executed: end of block
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: end of block
never executed: return (elm);
never executed: elm = (elm)->tree_entry.rbe_right;
never executed: end of block
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: end of block
never executed: return (elm);
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (parent);
(parent)->tree...e_right == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
((gparent)->tr...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
((gparent)->tr...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(oleft = (tmp)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((oleft)->tree...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(oright = (tmp...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((oright)->tre...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
elmDescription
TRUEnever evaluated
FALSEnever evaluated
childDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en..._parent == oldDescription
TRUEnever evaluated
FALSEnever evaluated
(old)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
childDescription
TRUEnever evaluated
FALSEnever evaluated
color == 0Description
TRUEnever evaluated
FALSEnever evaluated
parent == (gpa...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(gparent) == (...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(gparent) == (...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((oleft)->tree...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp) == ((tmp...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((oright)->tre...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp) == ((tmp...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
(old)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
((old)->tree_e...be_left == oldDescription
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
parent != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
val < 0Description
TRUEnever evaluated
FALSEnever evaluated
(left = (left)...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(left = (elm)-...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
code before this statement never executed: color:
(parent = (elm...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
elm == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
elm != (head)->rbh_rootDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
0
72-
73/* Tree of blobs (used for keys and fingerprints) */-
74struct revoked_blob {-
75 u_char *blob;-
76 size_t len;-
77 RB_ENTRY(revoked_blob) tree_entry;-
78};-
79static int blob_cmp(struct revoked_blob *a, struct revoked_blob *b);-
80RB_HEAD(revoked_blob_tree, revoked_blob);-
81RB_GENERATE_STATIC(revoked_blob_tree, revoked_blob, tree_entry, blob_cmp);
never executed: end of block
never executed: end of block
never executed: continue;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: continue;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((gparent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: (oleft)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_left = (oleft);
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_right = (oleft);
never executed: (head)->rbh_root = (oleft);
never executed: end of block
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_right)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: break;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: end of block
never executed: end of block
never executed: (oright)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_left = (oright);
never executed: ((tmp)->tree_entry.rbe_parent)->tree_entry.rbe_right = (oright);
never executed: (head)->rbh_root = (oright);
never executed: end of block
never executed: end of block
never executed: ((tmp)->tree_entry.rbe_left)->tree_entry.rbe_color = 0;
never executed: end of block
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_left = (tmp);
never executed: ((parent)->tree_entry.rbe_parent)->tree_entry.rbe_right = (tmp);
never executed: (head)->rbh_root = (tmp);
never executed: end of block
never executed: break;
never executed: (elm)->tree_entry.rbe_color = 0;
never executed: child = (elm)->tree_entry.rbe_right;
never executed: child = (elm)->tree_entry.rbe_left;
never executed: elm = left;
never executed: (child)->tree_entry.rbe_parent = parent;
never executed: (parent)->tree_entry.rbe_left = child;
never executed: (parent)->tree_entry.rbe_right = child;
never executed: end of block
never executed: (head)->rbh_root = child;
never executed: parent = elm;
never executed: ((old)->tree_entry.rbe_parent)->tree_entry.rbe_left = elm;
never executed: ((old)->tree_entry.rbe_parent)->tree_entry.rbe_right = elm;
never executed: end of block
never executed: (head)->rbh_root = elm;
never executed: ((old)->tree_entry.rbe_right)->tree_entry.rbe_parent = elm;
never executed: end of block
never executed: end of block
never executed: goto color;
never executed: (child)->tree_entry.rbe_parent = parent;
never executed: (parent)->tree_entry.rbe_left = child;
never executed: (parent)->tree_entry.rbe_right = child;
never executed: end of block
never executed: (head)->rbh_root = child;
never executed: revoked_blob_tree_RB_REMOVE_COLOR(head, parent, child);
never executed: return (old);
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: (parent)->tree_entry.rbe_left = elm;
never executed: (parent)->tree_entry.rbe_right = elm;
never executed: end of block
never executed: (head)->rbh_root = elm;
never executed: return ( ((void *)0) );
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: return ( ((void *)0) );
never executed: end of block
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (tmp);
never executed: return (res);
never executed: elm = (elm)->tree_entry.rbe_left;
never executed: end of block
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: end of block
never executed: return (elm);
never executed: elm = (elm)->tree_entry.rbe_right;
never executed: end of block
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: elm = (elm)->tree_entry.rbe_parent;
never executed: end of block
never executed: return (elm);
never executed: tmp = (tmp)->tree_entry.rbe_left;
never executed: tmp = (tmp)->tree_entry.rbe_right;
never executed: return (parent);
(parent)->tree...e_right == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
((gparent)->tr...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
((gparent)->tr...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(oleft = (tmp)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((oleft)->tree...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(oright = (tmp...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
((oright)->tre...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((parent)->tre...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_entry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
elmDescription
TRUEnever evaluated
FALSEnever evaluated
childDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en..._parent == oldDescription
TRUEnever evaluated
FALSEnever evaluated
(old)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
childDescription
TRUEnever evaluated
FALSEnever evaluated
color == 0Description
TRUEnever evaluated
FALSEnever evaluated
parent == (gpa...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(gparent) == (...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(gparent) == (...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((oleft)->tree...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp) == ((tmp...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((oright)->tre...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp) == ((tmp...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent) == ((...entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
(old)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
((old)->tree_e...be_left == oldDescription
TRUEnever evaluated
FALSEnever evaluated
parentDescription
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...be_left == elmDescription
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
parent != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
comp < 0Description
TRUEnever evaluated
FALSEnever evaluated
comp > 0Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
val < 0Description
TRUEnever evaluated
FALSEnever evaluated
(left = (left)...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(left = (elm)-...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_leftDescription
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_rightDescription
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
code before this statement never executed: color:
(parent = (elm...ry.rbe_parent)Description
TRUEnever evaluated
FALSEnever evaluated
(parent)->tree...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
tmpDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...rbe_color == 1Description
TRUEnever evaluated
FALSEnever evaluated
elm == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_en...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
elm != (head)->rbh_rootDescription
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(tmp)->tree_en...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((tmp)->tree_e...rbe_color == 0Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...try.rbe_right)Description
TRUEnever evaluated
FALSEnever evaluated
(elm)->tree_entry.rbe_parentDescription
TRUEnever evaluated
FALSEnever evaluated
(elm == ((elm)...ntry.rbe_left)Description
TRUEnever evaluated
FALSEnever evaluated
0
82-
83/* Tracks revoked certs for a single CA */-
84struct revoked_certs {-
85 struct sshkey *ca_key;-
86 struct revoked_serial_tree revoked_serials;-
87 struct revoked_key_id_tree revoked_key_ids;-
88 TAILQ_ENTRY(revoked_certs) entry;-
89};-
90TAILQ_HEAD(revoked_certs_list, revoked_certs);-
91-
92struct ssh_krl {-
93 u_int64_t krl_version;-
94 u_int64_t generated_date;-
95 u_int64_t flags;-
96 char *comment;-
97 struct revoked_blob_tree revoked_keys;-
98 struct revoked_blob_tree revoked_sha1s;-
99 struct revoked_blob_tree revoked_sha256s;-
100 struct revoked_certs_list revoked_certs;-
101};-
102-
103/* Return equal if a and b overlap */-
104static int-
105serial_cmp(struct revoked_serial *a, struct revoked_serial *b)-
106{-
107 if (a->hi >= b->lo && a->lo <= b->hi)
a->hi >= b->loDescription
TRUEnever evaluated
FALSEnever evaluated
a->lo <= b->hiDescription
TRUEnever evaluated
FALSEnever evaluated
0
108 return 0;
never executed: return 0;
0
109 return a->lo < b->lo ? -1 : 1;
never executed: return a->lo < b->lo ? -1 : 1;
a->lo < b->loDescription
TRUEnever evaluated
FALSEnever evaluated
0
110}-
111-
112static int-
113key_id_cmp(struct revoked_key_id *a, struct revoked_key_id *b)-
114{-
115 return strcmp(a->key_id, b->key_id);
never executed: return __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p ( a->key_id ) && __builtin_constant_p ( b->key_id ) && (__s1_len = __builtin_strlen ( a->key_id ), __s2_len = __builtin_strlen ( b->key_id ), (!((size_t)(const void *)(( a->key_id ) ...nst unsigned char *) (const char *) ( b->key_id ))[2] - __s2[2]); if (__s2_len > 2 && __result == 0) __result = (((const unsigned char *) (const char *) ( b->key_id ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp ( a->key_id , b->key_id )))); }) ;
never executed: __result = (((const unsigned char *) (const char *) ( a->key_id ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( b->key_id ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
116}-
117-
118static int-
119blob_cmp(struct revoked_blob *a, struct revoked_blob *b)-
120{-
121 int r;-
122-
123 if (a->len != b->len) {
a->len != b->lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
124 if ((r = memcmp(a->blob, b->blob, MINIMUM(a->len, b->len))) != 0)
(r = memcmp(a-...->len)))) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
125 return r;
never executed: return r;
0
126 return a->len > b->len ? 1 : -1;
never executed: return a->len > b->len ? 1 : -1;
a->len > b->lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
127 } else-
128 return memcmp(a->blob, b->blob, a->len);
never executed: return memcmp(a->blob, b->blob, a->len);
0
129}-
130-
131struct ssh_krl *-
132ssh_krl_init(void)-
133{-
134 struct ssh_krl *krl;-
135-
136 if ((krl = calloc(1, sizeof(*krl))) == NULL)
(krl = calloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
137 return NULL;
never executed: return ((void *)0) ;
0
138 RB_INIT(&krl->revoked_keys);-
139 RB_INIT(&krl->revoked_sha1s);-
140 RB_INIT(&krl->revoked_sha256s);-
141 TAILQ_INIT(&krl->revoked_certs);-
142 return krl;
never executed: return krl;
0
143}-
144-
145static void-
146revoked_certs_free(struct revoked_certs *rc)-
147{-
148 struct revoked_serial *rs, *trs;-
149 struct revoked_key_id *rki, *trki;-
150-
151 RB_FOREACH_SAFE(rs, revoked_serial_tree, &rc->revoked_serials, trs) {
((rs) != ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
152 RB_REMOVE(revoked_serial_tree, &rc->revoked_serials, rs);-
153 free(rs);-
154 }
never executed: end of block
0
155 RB_FOREACH_SAFE(rki, revoked_key_id_tree, &rc->revoked_key_ids, trki) {
((rki) != ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
156 RB_REMOVE(revoked_key_id_tree, &rc->revoked_key_ids, rki);-
157 free(rki->key_id);-
158 free(rki);-
159 }
never executed: end of block
0
160 sshkey_free(rc->ca_key);-
161}
never executed: end of block
0
162-
163void-
164ssh_krl_free(struct ssh_krl *krl)-
165{-
166 struct revoked_blob *rb, *trb;-
167 struct revoked_certs *rc, *trc;-
168-
169 if (krl == NULL)
krl == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
170 return;
never executed: return;
0
171-
172 free(krl->comment);-
173 RB_FOREACH_SAFE(rb, revoked_blob_tree, &krl->revoked_keys, trb) {
((rb) != ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
174 RB_REMOVE(revoked_blob_tree, &krl->revoked_keys, rb);-
175 free(rb->blob);-
176 free(rb);-
177 }
never executed: end of block
0
178 RB_FOREACH_SAFE(rb, revoked_blob_tree, &krl->revoked_sha1s, trb) {
((rb) != ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
179 RB_REMOVE(revoked_blob_tree, &krl->revoked_sha1s, rb);-
180 free(rb->blob);-
181 free(rb);-
182 }
never executed: end of block
0
183 RB_FOREACH_SAFE(rb, revoked_blob_tree, &krl->revoked_sha256s, trb) {
((rb) != ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
184 RB_REMOVE(revoked_blob_tree, &krl->revoked_sha256s, rb);-
185 free(rb->blob);-
186 free(rb);-
187 }
never executed: end of block
0
188 TAILQ_FOREACH_SAFE(rc, &krl->revoked_certs, entry, trc) {
(rc) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
189 TAILQ_REMOVE(&krl->revoked_certs, rc, entry);
never executed: (rc)->entry.tqe_next->entry.tqe_prev = (rc)->entry.tqe_prev;
never executed: (&krl->revoked_certs)->tqh_last = (rc)->entry.tqe_prev;
((rc)->entry.t...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
190 revoked_certs_free(rc);-
191 }
never executed: end of block
0
192}
never executed: end of block
0
193-
194void-
195ssh_krl_set_version(struct ssh_krl *krl, u_int64_t version)-
196{-
197 krl->krl_version = version;-
198}
never executed: end of block
0
199-
200int-
201ssh_krl_set_comment(struct ssh_krl *krl, const char *comment)-
202{-
203 free(krl->comment);-
204 if ((krl->comment = strdup(comment)) == NULL)
never executed: __retval = (char *) memcpy (__retval, comment , __len);
(krl->comment ...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons..._p ( comment )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons...omment ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
205 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
206 return 0;
never executed: return 0;
0
207}-
208-
209/*-
210 * Find the revoked_certs struct for a CA key. If allow_create is set then-
211 * create a new one in the tree if one did not exist already.-
212 */-
213static int-
214revoked_certs_for_ca_key(struct ssh_krl *krl, const struct sshkey *ca_key,-
215 struct revoked_certs **rcp, int allow_create)-
216{-
217 struct revoked_certs *rc;-
218 int r;-
219-
220 *rcp = NULL;-
221 TAILQ_FOREACH(rc, &krl->revoked_certs, entry) {
(rc) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
222 if ((ca_key == NULL && rc->ca_key == NULL) ||
ca_key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
rc->ca_key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
223 sshkey_equal(rc->ca_key, ca_key)) {
sshkey_equal(r...a_key, ca_key)Description
TRUEnever evaluated
FALSEnever evaluated
0
224 *rcp = rc;-
225 return 0;
never executed: return 0;
0
226 }-
227 }
never executed: end of block
0
228 if (!allow_create)
!allow_createDescription
TRUEnever evaluated
FALSEnever evaluated
0
229 return 0;
never executed: return 0;
0
230 /* If this CA doesn't exist in the list then add it now */-
231 if ((rc = calloc(1, sizeof(*rc))) == NULL)
(rc = calloc(1...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
232 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
233 if (ca_key == NULL)
ca_key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
234 rc->ca_key = NULL;
never executed: rc->ca_key = ((void *)0) ;
0
235 else if ((r = sshkey_from_private(ca_key, &rc->ca_key)) != 0) {
(r = sshkey_fr...>ca_key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
236 free(rc);-
237 return r;
never executed: return r;
0
238 }-
239 RB_INIT(&rc->revoked_serials);-
240 RB_INIT(&rc->revoked_key_ids);-
241 TAILQ_INSERT_TAIL(&krl->revoked_certs, rc, entry);-
242 KRL_DBG(("%s: new CA %s", __func__,-
243 ca_key == NULL ? "*" : sshkey_type(ca_key)));-
244 *rcp = rc;-
245 return 0;
never executed: return 0;
0
246}-
247-
248static int-
249insert_serial_range(struct revoked_serial_tree *rt, u_int64_t lo, u_int64_t hi)-
250{-
251 struct revoked_serial rs, *ers, *crs, *irs;-
252-
253 KRL_DBG(("%s: insert %llu:%llu", __func__, lo, hi));-
254 memset(&rs, 0, sizeof(rs));-
255 rs.lo = lo;-
256 rs.hi = hi;-
257 ers = RB_NFIND(revoked_serial_tree, rt, &rs);-
258 if (ers == NULL || serial_cmp(ers, &rs) != 0) {
ers == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
serial_cmp(ers, &rs) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
259 /* No entry matches. Just insert */-
260 if ((irs = malloc(sizeof(rs))) == NULL)
(irs = malloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
261 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
262 memcpy(irs, &rs, sizeof(*irs));-
263 ers = RB_INSERT(revoked_serial_tree, rt, irs);-
264 if (ers != NULL) {
ers != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
265 KRL_DBG(("%s: bad: ers != NULL", __func__));-
266 /* Shouldn't happen */-
267 free(irs);-
268 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
269 }-
270 ers = irs;-
271 } else {
never executed: end of block
0
272 KRL_DBG(("%s: overlap found %llu:%llu", __func__,-
273 ers->lo, ers->hi));-
274 /*-
275 * The inserted entry overlaps an existing one. Grow the-
276 * existing entry.-
277 */-
278 if (ers->lo > lo)
ers->lo > loDescription
TRUEnever evaluated
FALSEnever evaluated
0
279 ers->lo = lo;
never executed: ers->lo = lo;
0
280 if (ers->hi < hi)
ers->hi < hiDescription
TRUEnever evaluated
FALSEnever evaluated
0
281 ers->hi = hi;
never executed: ers->hi = hi;
0
282 }
never executed: end of block
0
283-
284 /*-
285 * The inserted or revised range might overlap or abut adjacent ones;-
286 * coalesce as necessary.-
287 */-
288-
289 /* Check predecessors */-
290 while ((crs = RB_PREV(revoked_serial_tree, rt, ers)) != NULL) {
(crs = revoked...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
291 KRL_DBG(("%s: pred %llu:%llu", __func__, crs->lo, crs->hi));-
292 if (ers->lo != 0 && crs->hi < ers->lo - 1)
ers->lo != 0Description
TRUEnever evaluated
FALSEnever evaluated
crs->hi < ers->lo - 1Description
TRUEnever evaluated
FALSEnever evaluated
0
293 break;
never executed: break;
0
294 /* This entry overlaps. */-
295 if (crs->lo < ers->lo) {
crs->lo < ers->loDescription
TRUEnever evaluated
FALSEnever evaluated
0
296 ers->lo = crs->lo;-
297 KRL_DBG(("%s: pred extend %llu:%llu", __func__,-
298 ers->lo, ers->hi));-
299 }
never executed: end of block
0
300 RB_REMOVE(revoked_serial_tree, rt, crs);-
301 free(crs);-
302 }
never executed: end of block
0
303 /* Check successors */-
304 while ((crs = RB_NEXT(revoked_serial_tree, rt, ers)) != NULL) {
(crs = revoked...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
305 KRL_DBG(("%s: succ %llu:%llu", __func__, crs->lo, crs->hi));-
306 if (ers->hi != (u_int64_t)-1 && crs->lo > ers->hi + 1)
ers->hi != (u_int64_t)-1Description
TRUEnever evaluated
FALSEnever evaluated
crs->lo > ers->hi + 1Description
TRUEnever evaluated
FALSEnever evaluated
0
307 break;
never executed: break;
0
308 /* This entry overlaps. */-
309 if (crs->hi > ers->hi) {
crs->hi > ers->hiDescription
TRUEnever evaluated
FALSEnever evaluated
0
310 ers->hi = crs->hi;-
311 KRL_DBG(("%s: succ extend %llu:%llu", __func__,-
312 ers->lo, ers->hi));-
313 }
never executed: end of block
0
314 RB_REMOVE(revoked_serial_tree, rt, crs);-
315 free(crs);-
316 }
never executed: end of block
0
317 KRL_DBG(("%s: done, final %llu:%llu", __func__, ers->lo, ers->hi));-
318 return 0;
never executed: return 0;
0
319}-
320-
321int-
322ssh_krl_revoke_cert_by_serial(struct ssh_krl *krl, const struct sshkey *ca_key,-
323 u_int64_t serial)-
324{-
325 return ssh_krl_revoke_cert_by_serial_range(krl, ca_key, serial, serial);
never executed: return ssh_krl_revoke_cert_by_serial_range(krl, ca_key, serial, serial);
0
326}-
327-
328int-
329ssh_krl_revoke_cert_by_serial_range(struct ssh_krl *krl,-
330 const struct sshkey *ca_key, u_int64_t lo, u_int64_t hi)-
331{-
332 struct revoked_certs *rc;-
333 int r;-
334-
335 if (lo > hi || lo == 0)
lo > hiDescription
TRUEnever evaluated
FALSEnever evaluated
lo == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
336 return SSH_ERR_INVALID_ARGUMENT;
never executed: return -10;
0
337 if ((r = revoked_certs_for_ca_key(krl, ca_key, &rc, 1)) != 0)
(r = revoked_c... &rc, 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
338 return r;
never executed: return r;
0
339 return insert_serial_range(&rc->revoked_serials, lo, hi);
never executed: return insert_serial_range(&rc->revoked_serials, lo, hi);
0
340}-
341-
342int-
343ssh_krl_revoke_cert_by_key_id(struct ssh_krl *krl, const struct sshkey *ca_key,-
344 const char *key_id)-
345{-
346 struct revoked_key_id *rki, *erki;-
347 struct revoked_certs *rc;-
348 int r;-
349-
350 if ((r = revoked_certs_for_ca_key(krl, ca_key, &rc, 1)) != 0)
(r = revoked_c... &rc, 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
351 return r;
never executed: return r;
0
352-
353 KRL_DBG(("%s: revoke %s", __func__, key_id));-
354 if ((rki = calloc(1, sizeof(*rki))) == NULL ||
(rki = calloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
355 (rki->key_id = strdup(key_id)) == NULL) {
never executed: __retval = (char *) memcpy (__retval, key_id , __len);
__retval != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((const char *... ))[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
(rki->key_id =...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...t_p ( key_id )Description
TRUEnever evaluated
FALSEnever evaluated
((size_t)(cons...key_id ) == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
356 free(rki);-
357 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
358 }-
359 erki = RB_INSERT(revoked_key_id_tree, &rc->revoked_key_ids, rki);-
360 if (erki != NULL) {
erki != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
361 free(rki->key_id);-
362 free(rki);-
363 }
never executed: end of block
0
364 return 0;
never executed: return 0;
0
365}-
366-
367/* Convert "key" to a public key blob without any certificate information */-
368static int-
369plain_key_blob(const struct sshkey *key, u_char **blob, size_t *blen)-
370{-
371 struct sshkey *kcopy;-
372 int r;-
373-
374 if ((r = sshkey_from_private(key, &kcopy)) != 0)
(r = sshkey_fr... &kcopy)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
375 return r;
never executed: return r;
0
376 if (sshkey_is_cert(kcopy)) {
sshkey_is_cert(kcopy)Description
TRUEnever evaluated
FALSEnever evaluated
0
377 if ((r = sshkey_drop_cert(kcopy)) != 0) {
(r = sshkey_dr...t(kcopy)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
378 sshkey_free(kcopy);-
379 return r;
never executed: return r;
0
380 }-
381 }
never executed: end of block
0
382 r = sshkey_to_blob(kcopy, blob, blen);-
383 sshkey_free(kcopy);-
384 return r;
never executed: return r;
0
385}-
386-
387/* Revoke a key blob. Ownership of blob is transferred to the tree */-
388static int-
389revoke_blob(struct revoked_blob_tree *rbt, u_char *blob, size_t len)-
390{-
391 struct revoked_blob *rb, *erb;-
392-
393 if ((rb = calloc(1, sizeof(*rb))) == NULL)
(rb = calloc(1...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
394 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
395 rb->blob = blob;-
396 rb->len = len;-
397 erb = RB_INSERT(revoked_blob_tree, rbt, rb);-
398 if (erb != NULL) {
erb != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
399 free(rb->blob);-
400 free(rb);-
401 }
never executed: end of block
0
402 return 0;
never executed: return 0;
0
403}-
404-
405int-
406ssh_krl_revoke_key_explicit(struct ssh_krl *krl, const struct sshkey *key)-
407{-
408 u_char *blob;-
409 size_t len;-
410 int r;-
411-
412 debug3("%s: revoke type %s", __func__, sshkey_type(key));-
413 if ((r = plain_key_blob(key, &blob, &len)) != 0)
(r = plain_key...b, &len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
414 return r;
never executed: return r;
0
415 return revoke_blob(&krl->revoked_keys, blob, len);
never executed: return revoke_blob(&krl->revoked_keys, blob, len);
0
416}-
417-
418static int-
419revoke_by_hash(struct revoked_blob_tree *target, const u_char *p, size_t len)-
420{-
421 u_char *blob;-
422 int r;-
423-
424 /* need to copy hash, as revoke_blob steals ownership */-
425 if ((blob = malloc(len)) == NULL)
(blob = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
426 return SSH_ERR_SYSTEM_ERROR;
never executed: return -24;
0
427 memcpy(blob, p, len);-
428 if ((r = revoke_blob(target, blob, len)) != 0) {
(r = revoke_bl...ob, len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
429 free(blob);-
430 return r;
never executed: return r;
0
431 }-
432 return 0;
never executed: return 0;
0
433}-
434-
435int-
436ssh_krl_revoke_key_sha1(struct ssh_krl *krl, const u_char *p, size_t len)-
437{-
438 debug3("%s: revoke by sha1", __func__);-
439 if (len != 20)
len != 20Description
TRUEnever evaluated
FALSEnever evaluated
0
440 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
441 return revoke_by_hash(&krl->revoked_sha1s, p, len);
never executed: return revoke_by_hash(&krl->revoked_sha1s, p, len);
0
442}-
443-
444int-
445ssh_krl_revoke_key_sha256(struct ssh_krl *krl, const u_char *p, size_t len)-
446{-
447 debug3("%s: revoke by sha256", __func__);-
448 if (len != 32)
len != 32Description
TRUEnever evaluated
FALSEnever evaluated
0
449 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
450 return revoke_by_hash(&krl->revoked_sha256s, p, len);
never executed: return revoke_by_hash(&krl->revoked_sha256s, p, len);
0
451}-
452-
453int-
454ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key)-
455{-
456 /* XXX replace with SHA256? */-
457 if (!sshkey_is_cert(key))
!sshkey_is_cert(key)Description
TRUEnever evaluated
FALSEnever evaluated
0
458 return ssh_krl_revoke_key_explicit(krl, key);
never executed: return ssh_krl_revoke_key_explicit(krl, key);
0
459-
460 if (key->cert->serial == 0) {
key->cert->serial == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
461 return ssh_krl_revoke_cert_by_key_id(krl,
never executed: return ssh_krl_revoke_cert_by_key_id(krl, key->cert->signature_key, key->cert->key_id);
0
462 key->cert->signature_key,
never executed: return ssh_krl_revoke_cert_by_key_id(krl, key->cert->signature_key, key->cert->key_id);
0
463 key->cert->key_id);
never executed: return ssh_krl_revoke_cert_by_key_id(krl, key->cert->signature_key, key->cert->key_id);
0
464 } else {-
465 return ssh_krl_revoke_cert_by_serial(krl,
never executed: return ssh_krl_revoke_cert_by_serial(krl, key->cert->signature_key, key->cert->serial);
0
466 key->cert->signature_key,
never executed: return ssh_krl_revoke_cert_by_serial(krl, key->cert->signature_key, key->cert->serial);
0
467 key->cert->serial);
never executed: return ssh_krl_revoke_cert_by_serial(krl, key->cert->signature_key, key->cert->serial);
0
468 }-
469}-
470-
471/*-
472 * Select the most compact section type to emit next in a KRL based on-
473 * the current section type, the run length of contiguous revoked serial-
474 * numbers and the gaps from the last and to the next revoked serial.-
475 * Applies a mostly-accurate bit cost model to select the section type-
476 * that will minimise the size of the resultant KRL.-
477 */-
478static int-
479choose_next_state(int current_state, u_int64_t contig, int final,-
480 u_int64_t last_gap, u_int64_t next_gap, int *force_new_section)-
481{-
482 int new_state;-
483 u_int64_t cost, cost_list, cost_range, cost_bitmap, cost_bitmap_restart;-
484-
485 /*-
486 * Avoid unsigned overflows.-
487 * The limits are high enough to avoid confusing the calculations.-
488 */-
489 contig = MINIMUM(contig, 1ULL<<31);
((contig) < (1ULL<<31))Description
TRUEnever evaluated
FALSEnever evaluated
0
490 last_gap = MINIMUM(last_gap, 1ULL<<31);
((last_gap) < (1ULL<<31))Description
TRUEnever evaluated
FALSEnever evaluated
0
491 next_gap = MINIMUM(next_gap, 1ULL<<31);
((next_gap) < (1ULL<<31))Description
TRUEnever evaluated
FALSEnever evaluated
0
492-
493 /*-
494 * Calculate the cost to switch from the current state to candidates.-
495 * NB. range sections only ever contain a single range, so their-
496 * switching cost is independent of the current_state.-
497 */-
498 cost_list = cost_bitmap = cost_bitmap_restart = 0;-
499 cost_range = 8;-
500 switch (current_state) {-
501 case KRL_SECTION_CERT_SERIAL_LIST:
never executed: case 0x20:
0
502 cost_bitmap_restart = cost_bitmap = 8 + 64;-
503 break;
never executed: break;
0
504 case KRL_SECTION_CERT_SERIAL_BITMAP:
never executed: case 0x22:
0
505 cost_list = 8;-
506 cost_bitmap_restart = 8 + 64;-
507 break;
never executed: break;
0
508 case KRL_SECTION_CERT_SERIAL_RANGE:
never executed: case 0x21:
0
509 case 0:
never executed: case 0:
0
510 cost_bitmap_restart = cost_bitmap = 8 + 64;-
511 cost_list = 8;-
512 }
never executed: end of block
0
513-
514 /* Estimate base cost in bits of each section type */-
515 cost_list += 64 * contig + (final ? 0 : 8+64);
finalDescription
TRUEnever evaluated
FALSEnever evaluated
0
516 cost_range += (2 * 64) + (final ? 0 : 8+64);
finalDescription
TRUEnever evaluated
FALSEnever evaluated
0
517 cost_bitmap += last_gap + contig + (final ? 0 : MINIMUM(next_gap, 8+64));
finalDescription
TRUEnever evaluated
FALSEnever evaluated
((next_gap) < (8+64))Description
TRUEnever evaluated
FALSEnever evaluated
0
518 cost_bitmap_restart += contig + (final ? 0 : MINIMUM(next_gap, 8+64));
finalDescription
TRUEnever evaluated
FALSEnever evaluated
((next_gap) < (8+64))Description
TRUEnever evaluated
FALSEnever evaluated
0
519-
520 /* Convert to byte costs for actual comparison */-
521 cost_list = (cost_list + 7) / 8;-
522 cost_bitmap = (cost_bitmap + 7) / 8;-
523 cost_bitmap_restart = (cost_bitmap_restart + 7) / 8;-
524 cost_range = (cost_range + 7) / 8;-
525-
526 /* Now pick the best choice */-
527 *force_new_section = 0;-
528 new_state = KRL_SECTION_CERT_SERIAL_BITMAP;-
529 cost = cost_bitmap;-
530 if (cost_range < cost) {
cost_range < costDescription
TRUEnever evaluated
FALSEnever evaluated
0
531 new_state = KRL_SECTION_CERT_SERIAL_RANGE;-
532 cost = cost_range;-
533 }
never executed: end of block
0
534 if (cost_list < cost) {
cost_list < costDescription
TRUEnever evaluated
FALSEnever evaluated
0
535 new_state = KRL_SECTION_CERT_SERIAL_LIST;-
536 cost = cost_list;-
537 }
never executed: end of block
0
538 if (cost_bitmap_restart < cost) {
cost_bitmap_restart < costDescription
TRUEnever evaluated
FALSEnever evaluated
0
539 new_state = KRL_SECTION_CERT_SERIAL_BITMAP;-
540 *force_new_section = 1;-
541 cost = cost_bitmap_restart;-
542 }
never executed: end of block
0
543 KRL_DBG(("%s: contig %llu last_gap %llu next_gap %llu final %d, costs:"-
544 "list %llu range %llu bitmap %llu new bitmap %llu, "-
545 "selected 0x%02x%s", __func__, (long long unsigned)contig,-
546 (long long unsigned)last_gap, (long long unsigned)next_gap, final,-
547 (long long unsigned)cost_list, (long long unsigned)cost_range,-
548 (long long unsigned)cost_bitmap,-
549 (long long unsigned)cost_bitmap_restart, new_state,-
550 *force_new_section ? " restart" : ""));-
551 return new_state;
never executed: return new_state;
0
552}-
553-
554static int-
555put_bitmap(struct sshbuf *buf, struct bitmap *bitmap)-
556{-
557 size_t len;-
558 u_char *blob;-
559 int r;-
560-
561 len = bitmap_nbytes(bitmap);-
562 if ((blob = malloc(len)) == NULL)
(blob = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
563 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
564 if (bitmap_to_string(bitmap, blob, len) != 0) {
bitmap_to_stri...lob, len) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
565 free(blob);-
566 return SSH_ERR_INTERNAL_ERROR;
never executed: return -1;
0
567 }-
568 r = sshbuf_put_bignum2_bytes(buf, blob, len);-
569 free(blob);-
570 return r;
never executed: return r;
0
571}-
572-
573/* Generate a KRL_SECTION_CERTIFICATES KRL section */-
574static int-
575revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf)-
576{-
577 int final, force_new_sect, r = SSH_ERR_INTERNAL_ERROR;-
578 u_int64_t i, contig, gap, last = 0, bitmap_start = 0;-
579 struct revoked_serial *rs, *nrs;-
580 struct revoked_key_id *rki;-
581 int next_state, state = 0;-
582 struct sshbuf *sect;-
583 struct bitmap *bitmap = NULL;-
584-
585 if ((sect = sshbuf_new()) == NULL)
(sect = sshbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
586 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
587-
588 /* Store the header: optional CA scope key, reserved */-
589 if (rc->ca_key == NULL) {
rc->ca_key == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
590 if ((r = sshbuf_put_string(buf, NULL, 0)) != 0)
(r = sshbuf_pu...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
591 goto out;
never executed: goto out;
0
592 } else {
never executed: end of block
0
593 if ((r = sshkey_puts(rc->ca_key, buf)) != 0)
(r = sshkey_pu...ey, buf)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
594 goto out;
never executed: goto out;
0
595 }
never executed: end of block
0
596 if ((r = sshbuf_put_string(buf, NULL, 0)) != 0)
(r = sshbuf_pu...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
597 goto out;
never executed: goto out;
0
598-
599 /* Store the revoked serials. */-
600 for (rs = RB_MIN(revoked_serial_tree, &rc->revoked_serials);-
601 rs != NULL;
rs != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
602 rs = RB_NEXT(revoked_serial_tree, &rc->revoked_serials, rs)) {-
603 KRL_DBG(("%s: serial %llu:%llu state 0x%02x", __func__,-
604 (long long unsigned)rs->lo, (long long unsigned)rs->hi,-
605 state));-
606-
607 /* Check contiguous length and gap to next section (if any) */-
608 nrs = RB_NEXT(revoked_serial_tree, &rc->revoked_serials, rs);-
609 final = nrs == NULL;-
610 gap = nrs == NULL ? 0 : nrs->lo - rs->hi;
nrs == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
611 contig = 1 + (rs->hi - rs->lo);-
612-
613 /* Choose next state based on these */-
614 next_state = choose_next_state(state, contig, final,-
615 state == 0 ? 0 : rs->lo - last, gap, &force_new_sect);-
616-
617 /*-
618 * If the current section is a range section or has a different-
619 * type to the next section, then finish it off now.-
620 */-
621 if (state != 0 && (force_new_sect || next_state != state ||
state != 0Description
TRUEnever evaluated
FALSEnever evaluated
force_new_sectDescription
TRUEnever evaluated
FALSEnever evaluated
next_state != stateDescription
TRUEnever evaluated
FALSEnever evaluated
0
622 state == KRL_SECTION_CERT_SERIAL_RANGE)) {
state == 0x21Description
TRUEnever evaluated
FALSEnever evaluated
0
623 KRL_DBG(("%s: finish state 0x%02x", __func__, state));-
624 switch (state) {-
625 case KRL_SECTION_CERT_SERIAL_LIST:
never executed: case 0x20:
0
626 case KRL_SECTION_CERT_SERIAL_RANGE:
never executed: case 0x21:
0
627 break;
never executed: break;
0
628 case KRL_SECTION_CERT_SERIAL_BITMAP:
never executed: case 0x22:
0
629 if ((r = put_bitmap(sect, bitmap)) != 0)
(r = put_bitma... bitmap)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
630 goto out;
never executed: goto out;
0
631 bitmap_free(bitmap);-
632 bitmap = NULL;-
633 break;
never executed: break;
0
634 }-
635 if ((r = sshbuf_put_u8(buf, state)) != 0 ||
(r = sshbuf_pu..., state)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
636 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
637 goto out;
never executed: goto out;
0
638 sshbuf_reset(sect);-
639 }
never executed: end of block
0
640-
641 /* If we are starting a new section then prepare it now */-
642 if (next_state != state || force_new_sect) {
next_state != stateDescription
TRUEnever evaluated
FALSEnever evaluated
force_new_sectDescription
TRUEnever evaluated
FALSEnever evaluated
0
643 KRL_DBG(("%s: start state 0x%02x", __func__,-
644 next_state));-
645 state = next_state;-
646 sshbuf_reset(sect);-
647 switch (state) {-
648 case KRL_SECTION_CERT_SERIAL_LIST:
never executed: case 0x20:
0
649 case KRL_SECTION_CERT_SERIAL_RANGE:
never executed: case 0x21:
0
650 break;
never executed: break;
0
651 case KRL_SECTION_CERT_SERIAL_BITMAP:
never executed: case 0x22:
0
652 if ((bitmap = bitmap_new()) == NULL) {
(bitmap = bitm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
653 r = SSH_ERR_ALLOC_FAIL;-
654 goto out;
never executed: goto out;
0
655 }-
656 bitmap_start = rs->lo;-
657 if ((r = sshbuf_put_u64(sect,
(r = sshbuf_pu...p_start)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
658 bitmap_start)) != 0)
(r = sshbuf_pu...p_start)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
659 goto out;
never executed: goto out;
0
660 break;
never executed: break;
0
661 }-
662 }
never executed: end of block
0
663-
664 /* Perform section-specific processing */-
665 switch (state) {-
666 case KRL_SECTION_CERT_SERIAL_LIST:
never executed: case 0x20:
0
667 for (i = 0; i < contig; i++) {
i < contigDescription
TRUEnever evaluated
FALSEnever evaluated
0
668 if ((r = sshbuf_put_u64(sect, rs->lo + i)) != 0)
(r = sshbuf_pu...>lo + i)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
669 goto out;
never executed: goto out;
0
670 }
never executed: end of block
0
671 break;
never executed: break;
0
672 case KRL_SECTION_CERT_SERIAL_RANGE:
never executed: case 0x21:
0
673 if ((r = sshbuf_put_u64(sect, rs->lo)) != 0 ||
(r = sshbuf_pu... rs->lo)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
674 (r = sshbuf_put_u64(sect, rs->hi)) != 0)
(r = sshbuf_pu... rs->hi)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
675 goto out;
never executed: goto out;
0
676 break;
never executed: break;
0
677 case KRL_SECTION_CERT_SERIAL_BITMAP:
never executed: case 0x22:
0
678 if (rs->lo - bitmap_start > INT_MAX) {
rs->lo - bitma...t > 0x7fffffffDescription
TRUEnever evaluated
FALSEnever evaluated
0
679 error("%s: insane bitmap gap", __func__);-
680 goto out;
never executed: goto out;
0
681 }-
682 for (i = 0; i < contig; i++) {
i < contigDescription
TRUEnever evaluated
FALSEnever evaluated
0
683 if (bitmap_set_bit(bitmap,
bitmap_set_bit...ap_start) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
684 rs->lo + i - bitmap_start) != 0) {
bitmap_set_bit...ap_start) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
685 r = SSH_ERR_ALLOC_FAIL;-
686 goto out;
never executed: goto out;
0
687 }-
688 }
never executed: end of block
0
689 break;
never executed: break;
0
690 }-
691 last = rs->hi;-
692 }
never executed: end of block
0
693 /* Flush the remaining section, if any */-
694 if (state != 0) {
state != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
695 KRL_DBG(("%s: serial final flush for state 0x%02x",-
696 __func__, state));-
697 switch (state) {-
698 case KRL_SECTION_CERT_SERIAL_LIST:
never executed: case 0x20:
0
699 case KRL_SECTION_CERT_SERIAL_RANGE:
never executed: case 0x21:
0
700 break;
never executed: break;
0
701 case KRL_SECTION_CERT_SERIAL_BITMAP:
never executed: case 0x22:
0
702 if ((r = put_bitmap(sect, bitmap)) != 0)
(r = put_bitma... bitmap)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
703 goto out;
never executed: goto out;
0
704 bitmap_free(bitmap);-
705 bitmap = NULL;-
706 break;
never executed: break;
0
707 }-
708 if ((r = sshbuf_put_u8(buf, state)) != 0 ||
(r = sshbuf_pu..., state)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
709 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
710 goto out;
never executed: goto out;
0
711 }
never executed: end of block
0
712 KRL_DBG(("%s: serial done ", __func__));-
713-
714 /* Now output a section for any revocations by key ID */-
715 sshbuf_reset(sect);-
716 RB_FOREACH(rki, revoked_key_id_tree, &rc->revoked_key_ids) {
(rki) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
717 KRL_DBG(("%s: key ID %s", __func__, rki->key_id));-
718 if ((r = sshbuf_put_cstring(sect, rki->key_id)) != 0)
(r = sshbuf_pu...>key_id)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
719 goto out;
never executed: goto out;
0
720 }
never executed: end of block
0
721 if (sshbuf_len(sect) != 0) {
sshbuf_len(sect) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
722 if ((r = sshbuf_put_u8(buf, KRL_SECTION_CERT_KEY_ID)) != 0 ||
(r = sshbuf_pu...f, 0x23)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
723 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
724 goto out;
never executed: goto out;
0
725 }
never executed: end of block
0
726 r = 0;-
727 out:
code before this statement never executed: out:
0
728 bitmap_free(bitmap);-
729 sshbuf_free(sect);-
730 return r;
never executed: return r;
0
731}-
732-
733int-
734ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf,-
735 const struct sshkey **sign_keys, u_int nsign_keys)-
736{-
737 int r = SSH_ERR_INTERNAL_ERROR;-
738 struct revoked_certs *rc;-
739 struct revoked_blob *rb;-
740 struct sshbuf *sect;-
741 u_char *sblob = NULL;-
742 size_t slen, i;-
743-
744 if (krl->generated_date == 0)
krl->generated_date == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
745 krl->generated_date = time(NULL);
never executed: krl->generated_date = time( ((void *)0) );
0
746-
747 if ((sect = sshbuf_new()) == NULL)
(sect = sshbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
748 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
749-
750 /* Store the header */-
751 if ((r = sshbuf_put(buf, KRL_MAGIC, sizeof(KRL_MAGIC) - 1)) != 0 ||
(r = sshbuf_pu...0") - 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
752 (r = sshbuf_put_u32(buf, KRL_FORMAT_VERSION)) != 0 ||
(r = sshbuf_pu...(buf, 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
753 (r = sshbuf_put_u64(buf, krl->krl_version)) != 0 ||
(r = sshbuf_pu...version)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
754 (r = sshbuf_put_u64(buf, krl->generated_date)) != 0 ||
(r = sshbuf_pu...ed_date)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
755 (r = sshbuf_put_u64(buf, krl->flags)) != 0 ||
(r = sshbuf_pu...->flags)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
756 (r = sshbuf_put_string(buf, NULL, 0)) != 0 ||
(r = sshbuf_pu...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
757 (r = sshbuf_put_cstring(buf, krl->comment)) != 0)
(r = sshbuf_pu...comment)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
758 goto out;
never executed: goto out;
0
759-
760 /* Store sections for revoked certificates */-
761 TAILQ_FOREACH(rc, &krl->revoked_certs, entry) {
(rc) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
762 sshbuf_reset(sect);-
763 if ((r = revoked_certs_generate(rc, sect)) != 0)
(r = revoked_c...c, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
764 goto out;
never executed: goto out;
0
765 if ((r = sshbuf_put_u8(buf, KRL_SECTION_CERTIFICATES)) != 0 ||
(r = sshbuf_pu...(buf, 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
766 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
767 goto out;
never executed: goto out;
0
768 }
never executed: end of block
0
769-
770 /* Finally, output sections for revocations by public key/hash */-
771 sshbuf_reset(sect);-
772 RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_keys) {
(rb) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
773 KRL_DBG(("%s: key len %zu ", __func__, rb->len));-
774 if ((r = sshbuf_put_string(sect, rb->blob, rb->len)) != 0)
(r = sshbuf_pu...rb->len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
775 goto out;
never executed: goto out;
0
776 }
never executed: end of block
0
777 if (sshbuf_len(sect) != 0) {
sshbuf_len(sect) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
778 if ((r = sshbuf_put_u8(buf, KRL_SECTION_EXPLICIT_KEY)) != 0 ||
(r = sshbuf_pu...(buf, 2)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
779 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
780 goto out;
never executed: goto out;
0
781 }
never executed: end of block
0
782 sshbuf_reset(sect);-
783 RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_sha1s) {
(rb) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
784 KRL_DBG(("%s: hash len %zu ", __func__, rb->len));-
785 if ((r = sshbuf_put_string(sect, rb->blob, rb->len)) != 0)
(r = sshbuf_pu...rb->len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
786 goto out;
never executed: goto out;
0
787 }
never executed: end of block
0
788 if (sshbuf_len(sect) != 0) {
sshbuf_len(sect) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
789 if ((r = sshbuf_put_u8(buf,
(r = sshbuf_pu...(buf, 3)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
790 KRL_SECTION_FINGERPRINT_SHA1)) != 0 ||
(r = sshbuf_pu...(buf, 3)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
791 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
792 goto out;
never executed: goto out;
0
793 }
never executed: end of block
0
794 sshbuf_reset(sect);-
795 RB_FOREACH(rb, revoked_blob_tree, &krl->revoked_sha256s) {
(rb) != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
796 KRL_DBG(("%s: hash len %zu ", __func__, rb->len));-
797 if ((r = sshbuf_put_string(sect, rb->blob, rb->len)) != 0)
(r = sshbuf_pu...rb->len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
798 goto out;
never executed: goto out;
0
799 }
never executed: end of block
0
800 if (sshbuf_len(sect) != 0) {
sshbuf_len(sect) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
801 if ((r = sshbuf_put_u8(buf,
(r = sshbuf_pu...(buf, 5)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
802 KRL_SECTION_FINGERPRINT_SHA256)) != 0 ||
(r = sshbuf_pu...(buf, 5)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
803 (r = sshbuf_put_stringb(buf, sect)) != 0)
(r = sshbuf_pu...f, sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
804 goto out;
never executed: goto out;
0
805 }
never executed: end of block
0
806-
807 for (i = 0; i < nsign_keys; i++) {
i < nsign_keysDescription
TRUEnever evaluated
FALSEnever evaluated
0
808 KRL_DBG(("%s: signature key %s", __func__,-
809 sshkey_ssh_name(sign_keys[i])));-
810 if ((r = sshbuf_put_u8(buf, KRL_SECTION_SIGNATURE)) != 0 ||
(r = sshbuf_pu...(buf, 4)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
811 (r = sshkey_puts(sign_keys[i], buf)) != 0)
(r = sshkey_pu...i], buf)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
812 goto out;
never executed: goto out;
0
813-
814 if ((r = sshkey_sign(sign_keys[i], &sblob, &slen,
(r = sshkey_si...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
815 sshbuf_ptr(buf), sshbuf_len(buf), NULL, 0)) != 0)
(r = sshkey_si...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
816 goto out;
never executed: goto out;
0
817 KRL_DBG(("%s: signature sig len %zu", __func__, slen));-
818 if ((r = sshbuf_put_string(buf, sblob, slen)) != 0)
(r = sshbuf_pu...b, slen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
819 goto out;
never executed: goto out;
0
820 }
never executed: end of block
0
821-
822 r = 0;-
823 out:
code before this statement never executed: out:
0
824 free(sblob);-
825 sshbuf_free(sect);-
826 return r;
never executed: return r;
0
827}-
828-
829static void-
830format_timestamp(u_int64_t timestamp, char *ts, size_t nts)-
831{-
832 time_t t;-
833 struct tm *tm;-
834-
835 t = timestamp;-
836 tm = localtime(&t);-
837 if (tm == NULL)
tm == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
838 strlcpy(ts, "<INVALID>", nts);
never executed: strlcpy(ts, "<INVALID>", nts);
0
839 else {-
840 *ts = '\0';-
841 strftime(ts, nts, "%Y%m%dT%H%M%S", tm);-
842 }
never executed: end of block
0
843}-
844-
845static int-
846parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl)-
847{-
848 int r = SSH_ERR_INTERNAL_ERROR;-
849 u_char type;-
850 const u_char *blob;-
851 size_t blen, nbits;-
852 struct sshbuf *subsect = NULL;-
853 u_int64_t serial, serial_lo, serial_hi;-
854 struct bitmap *bitmap = NULL;-
855 char *key_id = NULL;-
856 struct sshkey *ca_key = NULL;-
857-
858 if ((subsect = sshbuf_new()) == NULL)
(subsect = ssh...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
859 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
860-
861 /* Header: key, reserved */-
862 if ((r = sshbuf_get_string_direct(buf, &blob, &blen)) != 0 ||
(r = sshbuf_ge..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
863 (r = sshbuf_skip_string(buf)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
864 goto out;
never executed: goto out;
0
865 if (blen != 0 && (r = sshkey_from_blob(blob, blen, &ca_key)) != 0)
blen != 0Description
TRUEnever evaluated
FALSEnever evaluated
(r = sshkey_fr...&ca_key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
866 goto out;
never executed: goto out;
0
867-
868 while (sshbuf_len(buf) > 0) {
sshbuf_len(buf) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
869 sshbuf_free(subsect);-
870 subsect = NULL;-
871 if ((r = sshbuf_get_u8(buf, &type)) != 0 ||
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
872 (r = sshbuf_froms(buf, &subsect)) != 0)
(r = sshbuf_fr...subsect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
873 goto out;
never executed: goto out;
0
874 KRL_DBG(("%s: subsection type 0x%02x", __func__, type));-
875 /* sshbuf_dump(subsect, stderr); */-
876-
877 switch (type) {-
878 case KRL_SECTION_CERT_SERIAL_LIST:
never executed: case 0x20:
0
879 while (sshbuf_len(subsect) > 0) {
sshbuf_len(subsect) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
880 if ((r = sshbuf_get_u64(subsect, &serial)) != 0)
(r = sshbuf_ge...&serial)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
881 goto out;
never executed: goto out;
0
882 if ((r = ssh_krl_revoke_cert_by_serial(krl,
(r = ssh_krl_r... serial)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
883 ca_key, serial)) != 0)
(r = ssh_krl_r... serial)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
884 goto out;
never executed: goto out;
0
885 }
never executed: end of block
0
886 break;
never executed: break;
0
887 case KRL_SECTION_CERT_SERIAL_RANGE:
never executed: case 0x21:
0
888 if ((r = sshbuf_get_u64(subsect, &serial_lo)) != 0 ||
(r = sshbuf_ge...rial_lo)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
889 (r = sshbuf_get_u64(subsect, &serial_hi)) != 0)
(r = sshbuf_ge...rial_hi)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
890 goto out;
never executed: goto out;
0
891 if ((r = ssh_krl_revoke_cert_by_serial_range(krl,
(r = ssh_krl_r...rial_hi)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
892 ca_key, serial_lo, serial_hi)) != 0)
(r = ssh_krl_r...rial_hi)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
893 goto out;
never executed: goto out;
0
894 break;
never executed: break;
0
895 case KRL_SECTION_CERT_SERIAL_BITMAP:
never executed: case 0x22:
0
896 if ((bitmap = bitmap_new()) == NULL) {
(bitmap = bitm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
897 r = SSH_ERR_ALLOC_FAIL;-
898 goto out;
never executed: goto out;
0
899 }-
900 if ((r = sshbuf_get_u64(subsect, &serial_lo)) != 0 ||
(r = sshbuf_ge...rial_lo)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
901 (r = sshbuf_get_bignum2_bytes_direct(subsect,
(r = sshbuf_ge..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
902 &blob, &blen)) != 0)
(r = sshbuf_ge..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
903 goto out;
never executed: goto out;
0
904 if (bitmap_from_string(bitmap, blob, blen) != 0) {
bitmap_from_st...ob, blen) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
905 r = SSH_ERR_INVALID_FORMAT;-
906 goto out;
never executed: goto out;
0
907 }-
908 nbits = bitmap_nbits(bitmap);-
909 for (serial = 0; serial < (u_int64_t)nbits; serial++) {
serial < (u_int64_t)nbitsDescription
TRUEnever evaluated
FALSEnever evaluated
0
910 if (serial > 0 && serial_lo + serial == 0) {
serial > 0Description
TRUEnever evaluated
FALSEnever evaluated
serial_lo + serial == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
911 error("%s: bitmap wraps u64", __func__);-
912 r = SSH_ERR_INVALID_FORMAT;-
913 goto out;
never executed: goto out;
0
914 }-
915 if (!bitmap_test_bit(bitmap, serial))
!bitmap_test_b...itmap, serial)Description
TRUEnever evaluated
FALSEnever evaluated
0
916 continue;
never executed: continue;
0
917 if ((r = ssh_krl_revoke_cert_by_serial(krl,
(r = ssh_krl_r... serial)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
918 ca_key, serial_lo + serial)) != 0)
(r = ssh_krl_r... serial)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
919 goto out;
never executed: goto out;
0
920 }
never executed: end of block
0
921 bitmap_free(bitmap);-
922 bitmap = NULL;-
923 break;
never executed: break;
0
924 case KRL_SECTION_CERT_KEY_ID:
never executed: case 0x23:
0
925 while (sshbuf_len(subsect) > 0) {
sshbuf_len(subsect) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
926 if ((r = sshbuf_get_cstring(subsect,
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
927 &key_id, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
928 goto out;
never executed: goto out;
0
929 if ((r = ssh_krl_revoke_cert_by_key_id(krl,
(r = ssh_krl_r... key_id)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
930 ca_key, key_id)) != 0)
(r = ssh_krl_r... key_id)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
931 goto out;
never executed: goto out;
0
932 free(key_id);-
933 key_id = NULL;-
934 }
never executed: end of block
0
935 break;
never executed: break;
0
936 default:
never executed: default:
0
937 error("Unsupported KRL certificate section %u", type);-
938 r = SSH_ERR_INVALID_FORMAT;-
939 goto out;
never executed: goto out;
0
940 }-
941 if (sshbuf_len(subsect) > 0) {
sshbuf_len(subsect) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
942 error("KRL certificate section contains unparsed data");-
943 r = SSH_ERR_INVALID_FORMAT;-
944 goto out;
never executed: goto out;
0
945 }-
946 }
never executed: end of block
0
947-
948 r = 0;-
949 out:
code before this statement never executed: out:
0
950 if (bitmap != NULL)
bitmap != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
951 bitmap_free(bitmap);
never executed: bitmap_free(bitmap);
0
952 free(key_id);-
953 sshkey_free(ca_key);-
954 sshbuf_free(subsect);-
955 return r;
never executed: return r;
0
956}-
957-
958static int-
959blob_section(struct sshbuf *sect, struct revoked_blob_tree *target_tree,-
960 size_t expected_len)-
961{-
962 u_char *rdata = NULL;-
963 size_t rlen = 0;-
964 int r;-
965-
966 while (sshbuf_len(sect) > 0) {
sshbuf_len(sect) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
967 if ((r = sshbuf_get_string(sect, &rdata, &rlen)) != 0)
(r = sshbuf_ge..., &rlen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
968 return r;
never executed: return r;
0
969 if (expected_len != 0 && rlen != expected_len) {
expected_len != 0Description
TRUEnever evaluated
FALSEnever evaluated
rlen != expected_lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
970 error("%s: bad length", __func__);-
971 free(rdata);-
972 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
973 }-
974 if ((r = revoke_blob(target_tree, rdata, rlen)) != 0) {
(r = revoke_bl...a, rlen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
975 free(rdata);-
976 return r;
never executed: return r;
0
977 }-
978 }
never executed: end of block
0
979 return 0;
never executed: return 0;
0
980}-
981-
982/* Attempt to parse a KRL, checking its signature (if any) with sign_ca_keys. */-
983int-
984ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,-
985 const struct sshkey **sign_ca_keys, size_t nsign_ca_keys)-
986{-
987 struct sshbuf *copy = NULL, *sect = NULL;-
988 struct ssh_krl *krl = NULL;-
989 char timestamp[64];-
990 int r = SSH_ERR_INTERNAL_ERROR, sig_seen;-
991 struct sshkey *key = NULL, **ca_used = NULL, **tmp_ca_used;-
992 u_char type;-
993 const u_char *blob;-
994 size_t i, j, sig_off, sects_off, blen, nca_used;-
995 u_int format_version;-
996-
997 nca_used = 0;-
998 *krlp = NULL;-
999 if (sshbuf_len(buf) < sizeof(KRL_MAGIC) - 1 ||
sshbuf_len(buf...HKRL\n\0") - 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1000 memcmp(sshbuf_ptr(buf), KRL_MAGIC, sizeof(KRL_MAGIC) - 1) != 0) {
memcmp(sshbuf_...\0") - 1) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1001 debug3("%s: not a KRL", __func__);-
1002 return SSH_ERR_KRL_BAD_MAGIC;
never executed: return -50;
0
1003 }-
1004-
1005 /* Take a copy of the KRL buffer so we can verify its signature later */-
1006 if ((copy = sshbuf_fromb(buf)) == NULL) {
(copy = sshbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1007 r = SSH_ERR_ALLOC_FAIL;-
1008 goto out;
never executed: goto out;
0
1009 }-
1010 if ((r = sshbuf_consume(copy, sizeof(KRL_MAGIC) - 1)) != 0)
(r = sshbuf_co...0") - 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1011 goto out;
never executed: goto out;
0
1012-
1013 if ((krl = ssh_krl_init()) == NULL) {
(krl = ssh_krl...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1014 error("%s: alloc failed", __func__);-
1015 goto out;
never executed: goto out;
0
1016 }-
1017-
1018 if ((r = sshbuf_get_u32(copy, &format_version)) != 0)
(r = sshbuf_ge...version)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1019 goto out;
never executed: goto out;
0
1020 if (format_version != KRL_FORMAT_VERSION) {
format_version != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1021 r = SSH_ERR_INVALID_FORMAT;-
1022 goto out;
never executed: goto out;
0
1023 }-
1024 if ((r = sshbuf_get_u64(copy, &krl->krl_version)) != 0 ||
(r = sshbuf_ge...version)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1025 (r = sshbuf_get_u64(copy, &krl->generated_date)) != 0 ||
(r = sshbuf_ge...ed_date)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1026 (r = sshbuf_get_u64(copy, &krl->flags)) != 0 ||
(r = sshbuf_ge...->flags)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1027 (r = sshbuf_skip_string(copy)) != 0 ||
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1028 (r = sshbuf_get_cstring(copy, &krl->comment, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1029 goto out;
never executed: goto out;
0
1030-
1031 format_timestamp(krl->generated_date, timestamp, sizeof(timestamp));-
1032 debug("KRL version %llu generated at %s%s%s",-
1033 (long long unsigned)krl->krl_version, timestamp,-
1034 *krl->comment ? ": " : "", krl->comment);-
1035-
1036 /*-
1037 * 1st pass: verify signatures, if any. This is done to avoid-
1038 * detailed parsing of data whose provenance is unverified.-
1039 */-
1040 sig_seen = 0;-
1041 if (sshbuf_len(buf) < sshbuf_len(copy)) {
sshbuf_len(buf...hbuf_len(copy)Description
TRUEnever evaluated
FALSEnever evaluated
0
1042 /* Shouldn't happen */-
1043 r = SSH_ERR_INTERNAL_ERROR;-
1044 goto out;
never executed: goto out;
0
1045 }-
1046 sects_off = sshbuf_len(buf) - sshbuf_len(copy);-
1047 while (sshbuf_len(copy) > 0) {
sshbuf_len(copy) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1048 if ((r = sshbuf_get_u8(copy, &type)) != 0 ||
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1049 (r = sshbuf_get_string_direct(copy, &blob, &blen)) != 0)
(r = sshbuf_ge..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1050 goto out;
never executed: goto out;
0
1051 KRL_DBG(("%s: first pass, section 0x%02x", __func__, type));-
1052 if (type != KRL_SECTION_SIGNATURE) {
type != 4Description
TRUEnever evaluated
FALSEnever evaluated
0
1053 if (sig_seen) {
sig_seenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1054 error("KRL contains non-signature section "-
1055 "after signature");-
1056 r = SSH_ERR_INVALID_FORMAT;-
1057 goto out;
never executed: goto out;
0
1058 }-
1059 /* Not interested for now. */-
1060 continue;
never executed: continue;
0
1061 }-
1062 sig_seen = 1;-
1063 /* First string component is the signing key */-
1064 if ((r = sshkey_from_blob(blob, blen, &key)) != 0) {
(r = sshkey_fr...n, &key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1065 r = SSH_ERR_INVALID_FORMAT;-
1066 goto out;
never executed: goto out;
0
1067 }-
1068 if (sshbuf_len(buf) < sshbuf_len(copy)) {
sshbuf_len(buf...hbuf_len(copy)Description
TRUEnever evaluated
FALSEnever evaluated
0
1069 /* Shouldn't happen */-
1070 r = SSH_ERR_INTERNAL_ERROR;-
1071 goto out;
never executed: goto out;
0
1072 }-
1073 sig_off = sshbuf_len(buf) - sshbuf_len(copy);-
1074 /* Second string component is the signature itself */-
1075 if ((r = sshbuf_get_string_direct(copy, &blob, &blen)) != 0) {
(r = sshbuf_ge..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1076 r = SSH_ERR_INVALID_FORMAT;-
1077 goto out;
never executed: goto out;
0
1078 }-
1079 /* Check signature over entire KRL up to this point */-
1080 if ((r = sshkey_verify(key, blob, blen,
(r = sshkey_ve...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1081 sshbuf_ptr(buf), sig_off, NULL, 0)) != 0)
(r = sshkey_ve...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1082 goto out;
never executed: goto out;
0
1083 /* Check if this key has already signed this KRL */-
1084 for (i = 0; i < nca_used; i++) {
i < nca_usedDescription
TRUEnever evaluated
FALSEnever evaluated
0
1085 if (sshkey_equal(ca_used[i], key)) {
sshkey_equal(ca_used[i], key)Description
TRUEnever evaluated
FALSEnever evaluated
0
1086 error("KRL signed more than once with "-
1087 "the same key");-
1088 r = SSH_ERR_INVALID_FORMAT;-
1089 goto out;
never executed: goto out;
0
1090 }-
1091 }
never executed: end of block
0
1092 /* Record keys used to sign the KRL */-
1093 tmp_ca_used = recallocarray(ca_used, nca_used, nca_used + 1,-
1094 sizeof(*ca_used));-
1095 if (tmp_ca_used == NULL) {
tmp_ca_used == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1096 r = SSH_ERR_ALLOC_FAIL;-
1097 goto out;
never executed: goto out;
0
1098 }-
1099 ca_used = tmp_ca_used;-
1100 ca_used[nca_used++] = key;-
1101 key = NULL;-
1102 }
never executed: end of block
0
1103-
1104 if (sshbuf_len(copy) != 0) {
sshbuf_len(copy) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1105 /* Shouldn't happen */-
1106 r = SSH_ERR_INTERNAL_ERROR;-
1107 goto out;
never executed: goto out;
0
1108 }-
1109-
1110 /*-
1111 * 2nd pass: parse and load the KRL, skipping the header to the point-
1112 * where the section start.-
1113 */-
1114 sshbuf_free(copy);-
1115 if ((copy = sshbuf_fromb(buf)) == NULL) {
(copy = sshbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1116 r = SSH_ERR_ALLOC_FAIL;-
1117 goto out;
never executed: goto out;
0
1118 }-
1119 if ((r = sshbuf_consume(copy, sects_off)) != 0)
(r = sshbuf_co...cts_off)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1120 goto out;
never executed: goto out;
0
1121 while (sshbuf_len(copy) > 0) {
sshbuf_len(copy) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1122 sshbuf_free(sect);-
1123 sect = NULL;-
1124 if ((r = sshbuf_get_u8(copy, &type)) != 0 ||
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1125 (r = sshbuf_froms(copy, &sect)) != 0)
(r = sshbuf_fr..., &sect)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1126 goto out;
never executed: goto out;
0
1127 KRL_DBG(("%s: second pass, section 0x%02x", __func__, type));-
1128-
1129 switch (type) {-
1130 case KRL_SECTION_CERTIFICATES:
never executed: case 1:
0
1131 if ((r = parse_revoked_certs(sect, krl)) != 0)
(r = parse_rev...ct, krl)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1132 goto out;
never executed: goto out;
0
1133 break;
never executed: break;
0
1134 case KRL_SECTION_EXPLICIT_KEY:
never executed: case 2:
0
1135 if ((r = blob_section(sect,
(r = blob_sect...keys, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1136 &krl->revoked_keys, 0)) != 0)
(r = blob_sect...keys, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1137 goto out;
never executed: goto out;
0
1138 break;
never executed: break;
0
1139 case KRL_SECTION_FINGERPRINT_SHA1:
never executed: case 3:
0
1140 if ((r = blob_section(sect,
(r = blob_sect...a1s, 20)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1141 &krl->revoked_sha1s, 20)) != 0)
(r = blob_sect...a1s, 20)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1142 goto out;
never executed: goto out;
0
1143 break;
never executed: break;
0
1144 case KRL_SECTION_FINGERPRINT_SHA256:
never executed: case 5:
0
1145 if ((r = blob_section(sect,
(r = blob_sect...56s, 32)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1146 &krl->revoked_sha256s, 32)) != 0)
(r = blob_sect...56s, 32)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1147 goto out;
never executed: goto out;
0
1148 break;
never executed: break;
0
1149 case KRL_SECTION_SIGNATURE:
never executed: case 4:
0
1150 /* Handled above, but still need to stay in synch */-
1151 sshbuf_free(sect);-
1152 sect = NULL;-
1153 if ((r = sshbuf_skip_string(copy)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1154 goto out;
never executed: goto out;
0
1155 break;
never executed: break;
0
1156 default:
never executed: default:
0
1157 error("Unsupported KRL section %u", type);-
1158 r = SSH_ERR_INVALID_FORMAT;-
1159 goto out;
never executed: goto out;
0
1160 }-
1161 if (sect != NULL && sshbuf_len(sect) > 0) {
sect != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
sshbuf_len(sect) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1162 error("KRL section contains unparsed data");-
1163 r = SSH_ERR_INVALID_FORMAT;-
1164 goto out;
never executed: goto out;
0
1165 }-
1166 }
never executed: end of block
0
1167-
1168 /* Check that the key(s) used to sign the KRL weren't revoked */-
1169 sig_seen = 0;-
1170 for (i = 0; i < nca_used; i++) {
i < nca_usedDescription
TRUEnever evaluated
FALSEnever evaluated
0
1171 if (ssh_krl_check_key(krl, ca_used[i]) == 0)
ssh_krl_check_..._used[i]) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1172 sig_seen = 1;
never executed: sig_seen = 1;
0
1173 else {-
1174 sshkey_free(ca_used[i]);-
1175 ca_used[i] = NULL;-
1176 }
never executed: end of block
0
1177 }-
1178 if (nca_used && !sig_seen) {
nca_usedDescription
TRUEnever evaluated
FALSEnever evaluated
!sig_seenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1179 error("All keys used to sign KRL were revoked");-
1180 r = SSH_ERR_KEY_REVOKED;-
1181 goto out;
never executed: goto out;
0
1182 }-
1183-
1184 /* If we have CA keys, then verify that one was used to sign the KRL */-
1185 if (sig_seen && nsign_ca_keys != 0) {
sig_seenDescription
TRUEnever evaluated
FALSEnever evaluated
nsign_ca_keys != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1186 sig_seen = 0;-
1187 for (i = 0; !sig_seen && i < nsign_ca_keys; i++) {
!sig_seenDescription
TRUEnever evaluated
FALSEnever evaluated
i < nsign_ca_keysDescription
TRUEnever evaluated
FALSEnever evaluated
0
1188 for (j = 0; j < nca_used; j++) {
j < nca_usedDescription
TRUEnever evaluated
FALSEnever evaluated
0
1189 if (ca_used[j] == NULL)
ca_used[j] == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1190 continue;
never executed: continue;
0
1191 if (sshkey_equal(ca_used[j], sign_ca_keys[i])) {
sshkey_equal(c...gn_ca_keys[i])Description
TRUEnever evaluated
FALSEnever evaluated
0
1192 sig_seen = 1;-
1193 break;
never executed: break;
0
1194 }-
1195 }
never executed: end of block
0
1196 }
never executed: end of block
0
1197 if (!sig_seen) {
!sig_seenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1198 r = SSH_ERR_SIGNATURE_INVALID;-
1199 error("KRL not signed with any trusted key");-
1200 goto out;
never executed: goto out;
0
1201 }-
1202 }
never executed: end of block
0
1203-
1204 *krlp = krl;-
1205 r = 0;-
1206 out:
code before this statement never executed: out:
0
1207 if (r != 0)
r != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1208 ssh_krl_free(krl);
never executed: ssh_krl_free(krl);
0
1209 for (i = 0; i < nca_used; i++)
i < nca_usedDescription
TRUEnever evaluated
FALSEnever evaluated
0
1210 sshkey_free(ca_used[i]);
never executed: sshkey_free(ca_used[i]);
0
1211 free(ca_used);-
1212 sshkey_free(key);-
1213 sshbuf_free(copy);-
1214 sshbuf_free(sect);-
1215 return r;
never executed: return r;
0
1216}-
1217-
1218/* Checks certificate serial number and key ID revocation */-
1219static int-
1220is_cert_revoked(const struct sshkey *key, struct revoked_certs *rc)-
1221{-
1222 struct revoked_serial rs, *ers;-
1223 struct revoked_key_id rki, *erki;-
1224-
1225 /* Check revocation by cert key ID */-
1226 memset(&rki, 0, sizeof(rki));-
1227 rki.key_id = key->cert->key_id;-
1228 erki = RB_FIND(revoked_key_id_tree, &rc->revoked_key_ids, &rki);-
1229 if (erki != NULL) {
erki != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1230 KRL_DBG(("%s: revoked by key ID", __func__));-
1231 return SSH_ERR_KEY_REVOKED;
never executed: return -51;
0
1232 }-
1233-
1234 /*-
1235 * Zero serials numbers are ignored (it's the default when the-
1236 * CA doesn't specify one).-
1237 */-
1238 if (key->cert->serial == 0)
key->cert->serial == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1239 return 0;
never executed: return 0;
0
1240-
1241 memset(&rs, 0, sizeof(rs));-
1242 rs.lo = rs.hi = key->cert->serial;-
1243 ers = RB_FIND(revoked_serial_tree, &rc->revoked_serials, &rs);-
1244 if (ers != NULL) {
ers != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1245 KRL_DBG(("%s: revoked serial %llu matched %llu:%llu", __func__,-
1246 key->cert->serial, ers->lo, ers->hi));-
1247 return SSH_ERR_KEY_REVOKED;
never executed: return -51;
0
1248 }-
1249 return 0;
never executed: return 0;
0
1250}-
1251-
1252/* Checks whether a given key/cert is revoked. Does not check its CA */-
1253static int-
1254is_key_revoked(struct ssh_krl *krl, const struct sshkey *key)-
1255{-
1256 struct revoked_blob rb, *erb;-
1257 struct revoked_certs *rc;-
1258 int r;-
1259-
1260 /* Check explicitly revoked hashes first */-
1261 memset(&rb, 0, sizeof(rb));-
1262 if ((r = sshkey_fingerprint_raw(key, SSH_DIGEST_SHA1,
(r = sshkey_fi...&rb.len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1263 &rb.blob, &rb.len)) != 0)
(r = sshkey_fi...&rb.len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1264 return r;
never executed: return r;
0
1265 erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb);-
1266 free(rb.blob);-
1267 if (erb != NULL) {
erb != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1268 KRL_DBG(("%s: revoked by key SHA1", __func__));-
1269 return SSH_ERR_KEY_REVOKED;
never executed: return -51;
0
1270 }-
1271 memset(&rb, 0, sizeof(rb));-
1272 if ((r = sshkey_fingerprint_raw(key, SSH_DIGEST_SHA256,
(r = sshkey_fi...&rb.len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1273 &rb.blob, &rb.len)) != 0)
(r = sshkey_fi...&rb.len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1274 return r;
never executed: return r;
0
1275 erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha256s, &rb);-
1276 free(rb.blob);-
1277 if (erb != NULL) {
erb != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1278 KRL_DBG(("%s: revoked by key SHA256", __func__));-
1279 return SSH_ERR_KEY_REVOKED;
never executed: return -51;
0
1280 }-
1281-
1282 /* Next, explicit keys */-
1283 memset(&rb, 0, sizeof(rb));-
1284 if ((r = plain_key_blob(key, &rb.blob, &rb.len)) != 0)
(r = plain_key...&rb.len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1285 return r;
never executed: return r;
0
1286 erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb);-
1287 free(rb.blob);-
1288 if (erb != NULL) {
erb != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1289 KRL_DBG(("%s: revoked by explicit key", __func__));-
1290 return SSH_ERR_KEY_REVOKED;
never executed: return -51;
0
1291 }-
1292-
1293 if (!sshkey_is_cert(key))
!sshkey_is_cert(key)Description
TRUEnever evaluated
FALSEnever evaluated
0
1294 return 0;
never executed: return 0;
0
1295-
1296 /* Check cert revocation for the specified CA */-
1297 if ((r = revoked_certs_for_ca_key(krl, key->cert->signature_key,
(r = revoked_c... &rc, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1298 &rc, 0)) != 0)
(r = revoked_c... &rc, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1299 return r;
never executed: return r;
0
1300 if (rc != NULL) {
rc != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1301 if ((r = is_cert_revoked(key, rc)) != 0)
(r = is_cert_r...key, rc)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1302 return r;
never executed: return r;
0
1303 }
never executed: end of block
0
1304 /* Check cert revocation for the wildcard CA */-
1305 if ((r = revoked_certs_for_ca_key(krl, NULL, &rc, 0)) != 0)
(r = revoked_c... &rc, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1306 return r;
never executed: return r;
0
1307 if (rc != NULL) {
rc != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1308 if ((r = is_cert_revoked(key, rc)) != 0)
(r = is_cert_r...key, rc)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1309 return r;
never executed: return r;
0
1310 }
never executed: end of block
0
1311-
1312 KRL_DBG(("%s: %llu no match", __func__, key->cert->serial));-
1313 return 0;
never executed: return 0;
0
1314}-
1315-
1316int-
1317ssh_krl_check_key(struct ssh_krl *krl, const struct sshkey *key)-
1318{-
1319 int r;-
1320-
1321 KRL_DBG(("%s: checking key", __func__));-
1322 if ((r = is_key_revoked(krl, key)) != 0)
(r = is_key_re...rl, key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1323 return r;
never executed: return r;
0
1324 if (sshkey_is_cert(key)) {
sshkey_is_cert(key)Description
TRUEnever evaluated
FALSEnever evaluated
0
1325 debug2("%s: checking CA key", __func__);-
1326 if ((r = is_key_revoked(krl, key->cert->signature_key)) != 0)
(r = is_key_re...ure_key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1327 return r;
never executed: return r;
0
1328 }
never executed: end of block
0
1329 KRL_DBG(("%s: key okay", __func__));-
1330 return 0;
never executed: return 0;
0
1331}-
1332-
1333int-
1334ssh_krl_file_contains_key(const char *path, const struct sshkey *key)-
1335{-
1336 struct sshbuf *krlbuf = NULL;-
1337 struct ssh_krl *krl = NULL;-
1338 int oerrno = 0, r, fd;-
1339-
1340 if (path == NULL)
path == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1341 return 0;
never executed: return 0;
0
1342-
1343 if ((krlbuf = sshbuf_new()) == NULL)
(krlbuf = sshb...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1344 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
1345 if ((fd = open(path, O_RDONLY)) == -1) {
(fd = open(path, 00 )) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1346 r = SSH_ERR_SYSTEM_ERROR;-
1347 oerrno = errno;-
1348 goto out;
never executed: goto out;
0
1349 }-
1350 if ((r = sshkey_load_file(fd, krlbuf)) != 0) {
(r = sshkey_lo... krlbuf)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1351 oerrno = errno;-
1352 goto out;
never executed: goto out;
0
1353 }-
1354 if ((r = ssh_krl_from_blob(krlbuf, &krl, NULL, 0)) != 0)
(r = ssh_krl_f...)0) , 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1355 goto out;
never executed: goto out;
0
1356 debug2("%s: checking KRL %s", __func__, path);-
1357 r = ssh_krl_check_key(krl, key);-
1358 out:
code before this statement never executed: out:
0
1359 if (fd != -1)
fd != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1360 close(fd);
never executed: close(fd);
0
1361 sshbuf_free(krlbuf);-
1362 ssh_krl_free(krl);-
1363 if (r != 0)
r != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1364 errno = oerrno;
never executed: (*__errno_location ()) = oerrno;
0
1365 return r;
never executed: return r;
0
1366}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2