Patches sent by India based on Security review.

2006-04-06 20:09:26 +00:00 · 2006-04-06 20:09:26 +00:00 · b2b5903126
commit b2b5903126
parent 861619e231
7 changed files with 816 additions and 686 deletions
--- a/c_micasacache/sscs_ipc.c
+++ b/c_micasacache/sscs_ipc.c
@ -181,13 +181,19 @@ int ipc_unx_read(int fd, Byte *pData, int bytes)
    for(bytesToRead = bytes; bytesToRead;)
    {
-        bytesRead = read(fd, pData, bytesToRead);
+        if ((bytesRead = read(fd, pData, bytesToRead)) == 0) 
-        if(bytesRead < 0)
+		{
-        {
+			break;
-            return -1;
+		} 
-        }
+		else 
-        bytesToRead -= bytesRead;
+		{
-        pData += bytesRead;
+	        if(bytesRead < 0)
 	        {
        	    return -1;
 	        }
        	bytesToRead -= bytesRead;
 	        pData += bytesRead;
 		}
    }
    return bytesRead;
 }
--- a/c_micasad/communication/UnixCommunication.cs
+++ b/c_micasad/communication/UnixCommunication.cs
@ -24,6 +24,7 @@
 using System;
 using System.Net;
 using System.Net.Sockets;
 using Mono.Unix;
 using Mono.Unix.Native;
 using System.IO;
 using System.Text;
@ -52,8 +53,10 @@ namespace sscs.communication
        {
            CSSSLogger.ExecutionTrace(this);
            Syscall.umask(0);
-            if(File.Exists(socketFileName))
+			if(File.Exists(socketFileName))
-                File.Delete(socketFileName);
+			{
 				File.Delete(socketFileName);
 			}
            listeningSocket = new Socket( AddressFamily.Unix,
                                          SocketType.Stream,
                                          ProtocolType.IP );
@ -76,6 +79,15 @@ namespace sscs.communication
            CSSSLogger.ExecutionTrace(this);
            try
            {
            	UnixFileSystemInfo sockFileInfo = new UnixFileInfo(socketFileName);
                UnixUserInfo sockFileOwner = sockFileInfo.OwnerUser;
 				// check if ROOT is the owner of the file: /tmp/.novellCASA
 				if (sockFileOwner.UserId != 0)
 				{
 					File.Delete(socketFileName);
 				}
                listeningSocket.Bind(sockEndPoint);
                listeningSocket.Listen(50);
            }
--- a/c_micasad/init/Main.cs
+++ b/c_micasad/init/Main.cs
@ -49,7 +49,10 @@ class SecretStoreClientService
            }
            RegisterSignals();
-
+			Mono.Unix.Native.Syscall.umask( Mono.Unix.Native.FilePermissions.S_IRGRP | 
 											Mono.Unix.Native.FilePermissions.S_IWGRP | 
 											Mono.Unix.Native.FilePermissions.S_IROTH | 
 											Mono.Unix.Native.FilePermissions.S_IWOTH);
            CSSSLogger.DbgLog("Client Side SecretStore Service has started.");
            server = CommunicationFactory.CreateCommunicationEndPoint();
--- a/c_micasad/lib/communication/UnixIPCClientChannel.cs
+++ b/c_micasad/lib/communication/UnixIPCClientChannel.cs
@ -48,9 +48,25 @@ namespace Novell.CASA.MiCasa.Communication
                            SocketType.Stream,
                            ProtocolType.IP );
-            if (mSocket == null) throw new Exception("could not get socket");
+			if (mSocket == null)
-            sockEndPoint = new UnixEndPoint(socketFileName);
+			{
-            mSocket.Connect(sockEndPoint);	 
+				throw new Exception("could not get socket");
 			}
 			sockEndPoint = new UnixEndPoint(socketFileName);            
 			UnixFileSystemInfo sockFileInfo = new UnixFileInfo(socketFileName);
            UnixUserInfo sockFileOwner = sockFileInfo.OwnerUser;
            // root is the owner of the file "/tmp/.novellCASA"
 			if (sockFileOwner.UserId == 0)
 			{
 				mSocket.Connect(sockEndPoint);
 			}
 			else
 			{
 				throw new Exception("not a valid miCASA service");
 			}
        }
        public int Read(byte[] buf)
--- a/c_micasad/lss/CASACrypto.cs
+++ b/c_micasad/lss/CASACrypto.cs
@ -24,6 +24,9 @@ using System;
 using System.IO;
 using System.Text;
 using System.Security.Cryptography;
 #if LINUX
 using Mono.Unix;
 #endif
 using sscs.common;
 using sscs.constants;
@ -69,9 +72,7 @@ namespace sscs.crypto
                //Encrypt the data to a file            
                fsEncrypt = new FileStream(fileName, FileMode.Create);
-#if LINUX
+
                Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
 #endif                      
 				// make hidden
 				File.SetAttributes(fileName, FileAttributes.Hidden);
@ -107,9 +108,15 @@ namespace sscs.crypto
            byte[] baSavedKey = null;
            FileStream fsDecrypt = null;
            CryptoStream csDecrypt = null;
            try
            {
 #if LINUX
 				UnixFileInfo fsTest = new UnixFileInfo (fileName);
                if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
 #else
                if(!File.Exists(fileName))
 #endif
                {
                    return null;
                }
@ -180,9 +187,7 @@ namespace sscs.crypto
                //Encrypt the data to a file            
                fsEncrypt = new FileStream(fileName, FileMode.Create);
-#if LINUX
+
                Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
 #endif                                
 				// make hidden
 				File.SetAttributes(fileName, FileAttributes.Hidden);
@ -224,8 +229,13 @@ namespace sscs.crypto
                //Get a decryptor that uses the same key and IV as the encryptor.
                RijndaelManaged myRijndael = new RijndaelManaged();
                ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);
-                if(!File.Exists(fileName))
+#if LINUX
-                {
+				UnixFileInfo fsTest = new UnixFileInfo (fileName);
                if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
 #else
 				if(!File.Exists(fileName))
 #endif
 				{
                    return null;
                }
@ -235,14 +245,15 @@ namespace sscs.crypto
                fsDecrypt.Read(storedHash,0,storedHash.Length);
                csDecrypt = new CryptoStream(fsDecrypt, decryptor, CryptoStreamMode.Read);            
-		if(fsDecrypt.Length  < HASH_SIZE )
+				if(fsDecrypt.Length  < HASH_SIZE )
-		{
+				{
-			csDecrypt.Close();
+					csDecrypt.Close();
-                        fsDecrypt.Close();                        
+								fsDecrypt.Close();                        
-                        return null;
+								return null;
-		}
+				}
-		ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
+
-		byte[] fromEncrypt = new byte[fileLen];
+				ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
 				byte[] fromEncrypt = new byte[fileLen];
                //Read the data out of the crypto stream.
                int bytesRead = csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
@ -393,9 +404,7 @@ namespace sscs.crypto
                //Encrypt the data to a file
                fsEncrypt = new FileStream(fileName,FileMode.Create);
-#if LINUX
+
                Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
 #endif                                
 				// make hidden
 				File.SetAttributes(fileName, FileAttributes.Hidden);
@ -441,6 +450,16 @@ namespace sscs.crypto
                ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey,
                    baKey);
                //Now decrypt
 #if LINUX
 				UnixFileInfo fsTest = new UnixFileInfo (fileName);
                if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
 #else
 				if(!File.Exists(fileName))
 #endif
 				{
                    return null;
                }
                fsDecrypt = new FileStream(fileName, FileMode.Open);
                csDecrypt = new CryptoStream(fsDecrypt, decryptor,
                    CryptoStreamMode.Read);
--- a/c_micasad/lss/LocalStorage.cs
+++ b/c_micasad/lss/LocalStorage.cs
@ -27,6 +27,9 @@ using System.Collections;
 using System.Threading;
 using System.Security.Cryptography;
 using System.Xml;
 #if LINUX
 using Mono.Unix.Native;
 #endif
 using sscs.cache;
 using sscs.crypto;
 using sscs.common;
@ -62,6 +65,11 @@ namespace sscs.lss
        private int persistThreadSleepTime = 1000 * 60 * 5; //1000 * 30; 
        private Thread persistThread = null;       
 #if LINUX
 		Mono.Unix.UnixFileSystemInfo sockFileInfo;
 		Mono.Unix.UnixUserInfo sockFileOwner;
 #endif
        private static string LINUXID = "Unix";         
 		internal LocalStorage(SecretStore store,byte[] baMasterPasscode)
@ -120,23 +128,59 @@ namespace sscs.lss
 			}
 			return true;
 		}
 		public bool IsOwnedByRoot(string fileName)		
 		{
 #if LINUX
 			sockFileInfo = new Mono.Unix.UnixFileInfo(fileName);
 		    sockFileOwner = sockFileInfo.OwnerUser;
 			if(0==sockFileOwner.UserId)
 			    return true;
 		    else
 		        return false;
 #else
 			return true;
 #endif
 		}
        private string GetDecryptedXml()
        {
            try
            {
-                string fileName = userStore.GetPersistenceFilePath();
+				string fileName = userStore.GetPersistenceFilePath();
 				string tempFile = fileName;
 				int count = 0;
 				if(!File.Exists(fileName))
 				{
-					// check for tmp file
+					while(true)
-					if (File.Exists(fileName+".tmp"))
+					{
-						File.Move(fileName+".tmp", fileName);
+						// check for tmp file
-					else
+						if (File.Exists(tempFile+".tmp"))
-						return null;
+						{
-				}
+							if(IsOwnedByRoot(tempFile+".tmp"))
 							{
 								File.Move(tempFile+".tmp", fileName);
 								break;
 							}
 							else
 							{
 								count++;
 								tempFile = fileName + count.ToString();
 							}
 						}
 						else
 							return null;
-				// delete tmp file if there
+					}
-				if (File.Exists(fileName+".tmp"))
+
-					File.Delete(fileName+".tmp");
+					// delete tmp file if there
 					if (File.Exists(tempFile+".tmp"))
 					{
 						if(IsOwnedByRoot(tempFile+".tmp"))
 							File.Delete(tempFile+".tmp");
 					}
 				}
 				byte[] baPasscode = null;
 				if (null != m_baGeneratedKey)
@ -427,28 +471,46 @@ namespace sscs.lss
 				byte[] key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetKeyFilePath());
 				string fileName = userStore.GetPersistenceFilePath();
 				string tempFile = fileName;
 				int count=0;
 				// rename existing file
 				if(File.Exists(fileName))
 				{
-					if (File.Exists(fileName+".tmp"))
+					while(true)
-						File.Delete(fileName+".tmp");
+					{
-
+						if (File.Exists(tempFile+".tmp"))
-					File.Move(fileName, fileName+".tmp");
+						{
 							if(IsOwnedByRoot(tempFile+".tmp"))
 							{
 								File.Delete(tempFile+".tmp");
 								break;
 							}
 							else
 							{
 								count++;
 								tempFile = fileName + count.ToString();
 							}
 						}
 						else
 							break;
 					}
 					File.Move(fileName, tempFile+".tmp");
 				}
-                CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
+				CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
 				//remove temp
-				if(File.Exists(fileName+".tmp"))
+				if(File.Exists(tempFile+".tmp"))
 				{
-					File.Delete(fileName+".tmp");
+					if(IsOwnedByRoot(tempFile+".tmp"))
 						File.Delete(tempFile+".tmp");
 				}
-            }
+			}
-            catch(Exception e)
+			catch(Exception e)
-            {
+			{
-                CSSSLogger.ExpLog(e.ToString());
+				CSSSLogger.ExpLog(e.ToString());
-            }
+			}
        }
    }
 }
--- a/c_micasadk/sscs_ndk.c
+++ b/c_micasadk/sscs_ndk.c
@ -221,42 +221,50 @@ static int32_t sscsshs_GetNextSHSEntry
 *	 Internal function that escapes delimited characters in a string.
 *
 */
-static void sscsshs_ChkEscapeString(SS_UTF8_T	*entryBuf)
+static void sscsshs_ChkEscapeString(SS_UTF8_T	**entryBuf)
 { /* beginning of the call */
 /* ########################## DECLARATIONS START HERE ######################### */
-	int 			len = 0, i, k = 0;
+	int 			len = 0, i, k = 0, tmplen = 0, escaped = 0;
 	SS_UTF8_T	 	*tempBuf = NULL;
 /* ############################## CODE STARTS HERE ############################ */
-	if(!(tempBuf = (SS_UTF8_T *)malloc(NSSCS_MAX_SECRET_BUF_LEN - SSCS_CRED_SET_LEN)))
+	len = sscs_Utf8Strlen(*entryBuf) + 1;
 	if (len > (NSSCS_MAX_SECRET_BUF_LEN - SSCS_CRED_SET_LEN))
 		return;
 	/* We assume that all the chars in entryBuf might need escaping */
 	if(!(tempBuf = (SS_UTF8_T *)malloc(2 * (NSSCS_MAX_SECRET_BUF_LEN - SSCS_CRED_SET_LEN))))
 	{
 		return;
 	}
-	memset(tempBuf, 0, NSSCS_MAX_SECRET_BUF_LEN - SSCS_CRED_SET_LEN);
+	memset(tempBuf, 0, 2 * (NSSCS_MAX_SECRET_BUF_LEN - SSCS_CRED_SET_LEN));
 	len = sscs_Utf8Strlen(entryBuf) + 1;
 	for(i = 0; i < len; i++)
 	{
-		SS_UTF8_T c = entryBuf[i];
+		SS_UTF8_T c = *((*entryBuf)+i);
 		switch(c)
 		{
 			case (SS_UTF8_T)'\\':
 				tempBuf[k++] = (SS_UTF8_T)'\\';
 				tempBuf[k++] = (SS_UTF8_T)'\\';
 				escaped = 1;
 				break;
 			 case (SS_UTF8_T)':':
 				tempBuf[k++] = (SS_UTF8_T)'\\';
 				tempBuf[k++] = (SS_UTF8_T)':';
 				escaped = 1;
 				break;
 			 case (SS_UTF8_T)'=':
 				tempBuf[k++] = (SS_UTF8_T)'\\';
 				tempBuf[k++] = (SS_UTF8_T)'=';
 				escaped = 1;
 				break;
 			 default:
@ -264,7 +272,11 @@ static void sscsshs_ChkEscapeString(SS_UTF8_T	*entryBuf)
 		}
 	}
-	sscs_Utf8Strcpy(entryBuf, tempBuf);
+	if (escaped) {
 		free (*entryBuf);
 		*entryBuf = tempBuf;
 		return;
 	}
 /* ############################### CODE EXITS HERE ############################# */
@ -310,7 +322,7 @@ static int32_t sscsshs_PopulateSecretBuf
 		retBuffer[sscs_Utf8Strlen(retBuffer)] = (SS_UTF8_T)0x0A; // add a line feed delimiter
 	}
-	sscsshs_ChkEscapeString(key);
+	sscsshs_ChkEscapeString(&key);
 	if(sscs_Utf8Strcmp(key, SSCS_CRED_SET))
 	{
@ -328,7 +340,7 @@ static int32_t sscsshs_PopulateSecretBuf
 		sscs_Utf8Strcat(retBuffer, APP_DELIMITER);
 	}
-	sscsshs_ChkEscapeString(val);
+	sscsshs_ChkEscapeString(&val);
 	if((*bufLen + (sscs_Utf8StrSize(val))) < NSSCS_MAX_SECRET_BUF_LEN)
 	{
 		sscs_Utf8Strcat(retBuffer, val);
@ -385,7 +397,7 @@ static int32_t sscsshs_PopulateBinarySecretBuf
 			return(NSSCS_E_PARSER_FAILURE);  // create error stating non-binary buffer
 		}		
-		sscsshs_ChkEscapeString(key);	
+		sscsshs_ChkEscapeString(&key);	
 		sscs_Utf8Strcpy((SS_UTF8_T *)retBuffer, key);
 		sscs_Utf8Strcat((SS_UTF8_T *)retBuffer, BINARY_DELIMITER);
 		len = sscs_Utf8StrSize((SS_UTF8_T *)retBuffer);
@ -1057,7 +1069,7 @@ miCASAReadSecret
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->name, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->name));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
@ -1227,7 +1239,7 @@ miCASARemoveSecret
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->name, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->name));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
@ -1373,7 +1385,7 @@ miCASAWriteSecret
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->name, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->name));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
@ -1575,13 +1587,13 @@ miCASAWriteKey
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->id, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->id));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	memcpy(escapedSHSKey, key, keyLen);
-	sscsshs_ChkEscapeString(escapedSHSKey);
+	sscsshs_ChkEscapeString(&escapedSHSKey);
 	memcpy(escapedSHSValue, val, valLen);
-	sscsshs_ChkEscapeString(escapedSHSValue);
+	sscsshs_ChkEscapeString(&escapedSHSValue);
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
@ -1701,10 +1713,10 @@ miCASAWriteBinaryKey
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->id, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->id));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	memcpy(escapedSHSKey, key, keyLen);
-	sscsshs_ChkEscapeString(escapedSHSKey);
+	sscsshs_ChkEscapeString(&escapedSHSKey);
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
@ -1821,10 +1833,10 @@ miCASAReadKey
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->id, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->id));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	memcpy(escapedSHSKey, key, keyLen);
-	sscsshs_ChkEscapeString(escapedSHSKey);	
+	sscsshs_ChkEscapeString(&escapedSHSKey);	
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
@ -1939,10 +1951,10 @@ miCASAReadBinaryKey
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->id, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->id));
-	sscsshs_ChkEscapeString(escapedSHSName);
+	sscsshs_ChkEscapeString(&escapedSHSName);
 	memcpy(escapedSHSKey, key, keyLen);
-	sscsshs_ChkEscapeString(escapedSHSKey);	
+	sscsshs_ChkEscapeString(&escapedSHSKey);	
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{