Report error details when json_load_file() fails

Resolves rhbz#2008204

.gitignore

@@ -1,3 +1,4 @@
 /tang-7.tar.bz2
 /tang-8.tar.xz
 /tang-10.tar.xz
+/tang-11.tar.xz

0001-Fix-issues-reported-by-shellcheck.patch

@@ -1,155 +0,0 @@
-From 0b0b1ef7244433cde737cd65d07930efd9667ed1 Mon Sep 17 00:00:00 2001
-From: Sergio Correia <scorreia@redhat.com>
-Date: Thu, 20 May 2021 10:21:21 -0300
-Subject: [PATCH 1/2] Fix issues reported by shellcheck
-
-Additionally, improve testing of these scripts.
----
- src/tang-show-keys    |  5 ++---
- src/tangd-keygen      | 17 ++++++++++-------
- src/tangd-rotate-keys |  6 +++---
- tests/adv             | 20 ++++++++++++++++++++
- tests/helpers         | 15 +++++++++++++++
- 5 files changed, 50 insertions(+), 13 deletions(-)
-
-diff --git a/src/tang-show-keys b/src/tang-show-keys
-index 689e4df..0c33c3a 100755
---- a/src/tang-show-keys
-+++ b/src/tang-show-keys
-@@ -27,10 +27,9 @@ fi
- 
- port=${1-80}
- 
--adv=$(curl -sSf localhost:$port/adv)
-+adv=$(curl -sSf "localhost:$port/adv")
- 
- THP_DEFAULT_HASH=S256    # SHA-256.
--echo $adv \
--    | jose fmt -j- -g payload -y -o- \
-+jose fmt --json "${adv}" -g payload -y -o- \
-     | jose jwk use -i- -r -u verify -o- \
-     | jose jwk thp -i- -a "${THP_DEFAULT_HASH}"
-diff --git a/src/tangd-keygen b/src/tangd-keygen
-index 7a9adaf..f37121f 100755
---- a/src/tangd-keygen
-+++ b/src/tangd-keygen
-@@ -18,20 +18,23 @@
- # along with this program.  If not, see <http://www.gnu.org/licenses/>.
- #
- 
--trap 'exit' ERR
-+set -e
- 
--if [ $# -ne 1 -a $# -ne 3 ] || [ ! -d "$1" ]; then
-+usage() {
-     echo "Usage: $0 <jwkdir> [<sig> <exc>]" >&2
-     exit 1
--fi
-+}
-+
-+[ $# -ne 1 ] && [ $# -ne 3 ] && usage
-+[ -d "$1" ] || usage
- 
- [ $# -eq 3 ] && sig=$2 && exc=$3
- 
- THP_DEFAULT_HASH=S256     # SHA-256.
--jwe=`jose jwk gen -i '{"alg":"ES512"}'`
-+jwe=$(jose jwk gen -i '{"alg":"ES512"}')
- [ -z "$sig" ] && sig=$(echo "$jwe" | jose jwk thp -i- -a "${THP_DEFAULT_HASH}")
--echo "$jwe" > $1/$sig.jwk
-+echo "$jwe" > "$1/$sig.jwk"
- 
--jwe=`jose jwk gen -i '{"alg":"ECMR"}'`
-+jwe=$(jose jwk gen -i '{"alg":"ECMR"}')
- [ -z "$exc" ] && exc=$(echo "$jwe" | jose jwk thp -i- -a "${THP_DEFAULT_HASH}")
--echo "$jwe" > $1/$exc.jwk
-+echo "$jwe" > "$1/$exc.jwk"
-diff --git a/src/tangd-rotate-keys b/src/tangd-rotate-keys
-index 9d38bb5..a095a91 100755
---- a/src/tangd-rotate-keys
-+++ b/src/tangd-rotate-keys
-@@ -21,7 +21,7 @@
- SUMMARY="Perform rotation of tang keys"
- 
- usage() {
--    local _ret="${1:-1}"
-+    _ret="${1:-1}"
-     exec >&2
-     echo "Usage: ${0} [-h] [-v] -d <KEYDIR>"
-     echo
-@@ -37,8 +37,8 @@ usage() {
- }
- 
- log() {
--    local _msg="${1}"
--    local _verbose="${2:-}"
-+    _msg="${1}"
-+    _verbose="${2:-}"
-     [ -z "${_verbose}" ] && return 0
-     echo "${_msg}" >&2
- }
-diff --git a/tests/adv b/tests/adv
-index 490d4d1..4c8bc97 100755
---- a/tests/adv
-+++ b/tests/adv
-@@ -93,6 +93,9 @@ fetch /adv
- # Lets's now test with multiple pairs of keys.
- for i in 1 2 3 4 5 6 7 8 9; do
-     tangd-keygen "${TMP}"/db other-sig-${i} other-exc-${i}
-+    # Make sure the requested keys exist and are valid.
-+    validate_sig "${TMP}/db/other-sig-${i}.jwk"
-+    validate_exc "${TMP}/db/other-exc-${i}.jwk"
- done
- 
- # Verify the advertisement is correct.
-@@ -104,3 +107,20 @@ for jwk in "${TMP}"/db/other-sig-*.jwk; do
-         fetch /adv/"$(jose jwk thp -a "${alg}" -i "${jwk}")" | ver "${jwk}"
-     done
- done
-+
-+# Now let's test keys rotation.
-+tangd-rotate-keys -d "${TMP}/db"
-+for i in 1 2 3 4 5 6 7 8 9; do
-+    # Make sure keys were excluded from advertisement.
-+    validate_sig "${TMP}/db/.other-sig-${i}.jwk"
-+    validate_exc "${TMP}/db/.other-exc-${i}.jwk"
-+done
-+
-+# And test also that we have valid keys after rotation.
-+thp=
-+for jwk in "${TMP}"/db/*.jwk; do
-+    validate_sig "${jwk}" && thp="$(jose jwk thp -a "${THP_DEFAULT_HASH}" \
-+                                    -i "${jwk}")"
-+done
-+[ -z "${thp}" ] && die "There should be valid keys after rotation"
-+test "$(tang-show-keys $PORT)" = "${thp}"
-diff --git a/tests/helpers b/tests/helpers
-index af122ab..7ce54d7 100755
---- a/tests/helpers
-+++ b/tests/helpers
-@@ -56,7 +56,22 @@ validate() {
-     fi
- }
- 
-+validate_sig() {
-+    jose fmt --json "${1}" --output=- | jose jwk use --input=- --required \
-+        --use verify 2>/dev/null
-+}
-+
-+validate_exc() {
-+    jose fmt --json "${1}" --output=- | jose jwk use --input=- --required \
-+        --use deriveKey 2>/dev/null
-+}
-+
- sanity_check() {
-     # Skip test if socat is not available.
-     [ -n "${SOCAT}" ] || exit 77
- }
-+
-+die() {
-+    echo "${1}" >&2
-+    exit 1
-+}
--- 
-2.31.1
-

0001-When-json_load_file-fails-report-the-error-details-i.patch

@@ -0,0 +1,36 @@
+From dac0dd6f729ed6cbdd4c92f5a8b2f5e1c66127fb Mon Sep 17 00:00:00 2001
+From: Barry <barry@barrys-emacs.org>
+Date: Fri, 25 Nov 2022 16:36:26 +0000
+Subject: [PATCH] When json_load_file fails report the error details
+ information (#103)
+
+* When json_load_file fails report the error details information returned.
+
+This allows for file I/O issues as well as JSON parsing issues
+to be reported.
+---
+ src/keys.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/keys.c b/src/keys.c
+index 205bbe5..bbfc374 100644
+--- a/src/keys.c
++++ b/src/keys.c
+@@ -369,9 +369,12 @@ load_keys(const char* jwkdir)
+                 continue;
+             }
+             filepath[sizeof(filepath) - 1] = '\0';
+-            json_auto_t* json = json_load_file(filepath, 0, NULL);
++            json_error_t error;
++            json_auto_t* json = json_load_file(filepath, 0, &error);
+             if (!json) {
+-                fprintf(stderr, "Invalid JSON file (%s); skipping\n", filepath);
++                fprintf(stderr, "Cannot load JSON file (%s); skipping\n", filepath);
++                fprintf(stderr, "error text %s, line %d, col %d, pos %d\n",
++                    error.text, error.line, error.column, error.position);
+                 continue;
+             }
+ 
+-- 
+2.38.1
+

0002-Fix-possible-NULL-pointer-dereference-in-find_by_thp.patch

@@ -1,29 +0,0 @@
-From af3b3835bcdb7e2d7a4f14e077fecb5e472f11ba Mon Sep 17 00:00:00 2001
-From: Sergio Correia <scorreia@redhat.com>
-Date: Thu, 20 May 2021 10:31:25 -0300
-Subject: [PATCH 2/2] Fix possible NULL pointer dereference in find_by_thp()
-
-jwk_thumbprint() might return NULL, so let's make sure we handle that
-case.
-
-Issue pointed out by gcc static analyzer.
----
- src/keys.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/keys.c b/src/keys.c
-index 5a8c1ac..55d0cff 100644
---- a/src/keys.c
-+++ b/src/keys.c
-@@ -263,7 +263,7 @@ find_by_thp(struct tang_keys_info* tki, const char* target)
-     json_array_foreach(keys, idx, jwk) {
-         for (int i = 0; hashes[i]; i++) {
-             __attribute__ ((__cleanup__(cleanup_str))) char* thumbprint = jwk_thumbprint(jwk, hashes[i]);
--            if (strcmp(thumbprint, target) != 0) {
-+            if (!thumbprint || strcmp(thumbprint, target) != 0) {
-                 continue;
-             }
- 
--- 
-2.31.1
-

sources

@@ -1 +1 @@
-SHA512 (tang-10.tar.xz) = 9bd438edb77e4f14372a19313abde342d1b111e99e6b2b3aa46714dc0807fc33c62f4c778f83b7c30d00e2c7e0c65724a3b2d3116478ff4e67a408e3faac09ce
+SHA512 (tang-11.tar.xz) = 332ff8bca33afef17cb86a77780f34499659ee0576b36b111a0a57996836b6770d89c5f5fa5da9c6095f17c731db6ad1e261bf6d97b6daa109565e8e294e3b87

tang.spec

@@ -1,14 +1,13 @@
 Name:           tang
-Version:        10
-Release:        3%{?dist}
+Version:        11
+Release:        2%{?dist}
 Summary:        Network Presence Binding Daemon
 
 License:        GPLv3+
 URL:            https://github.com/latchset/%{name}
 Source0:        https://github.com/latchset/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.xz
 
-Patch0001: 0001-Fix-issues-reported-by-shellcheck.patch
-Patch0002: 0002-Fix-possible-NULL-pointer-dereference-in-find_by_thp.patch
+Patch: 0001-When-json_load_file-fails-report-the-error-details-i.patch
 
 BuildRequires:  gcc
 BuildRequires:  meson
@@ -51,7 +50,6 @@ Tang is a small daemon for binding data to the presence of a third party.
 
 %install
 %meson_install
-echo "User=%{name}" >> $RPM_BUILD_ROOT/%{_unitdir}/%{name}d@.service
 %{__mkdir_p} $RPM_BUILD_ROOT/%{_localstatedir}/db/%{name}
 
 %check
@@ -67,6 +65,20 @@ exit 0
 %post
 %systemd_post %{name}d.socket
 
+# Let's make sure any existing keys are readable only
+# by the owner/group.
+if [ -d /var/db/tang ]; then
+    for k in /var/db/tang/*.jwk; do
+        test -e "${k}" || continue
+        chmod 0440 -- "${k}"
+    done
+    for k in /var/db/tang/.*.jwk; do
+        test -e "${k}" || continue
+        chmod 0440 -- "${k}"
+    done
+    chown tang:tang -R /var/db/tang
+fi
+
 %preun
 %systemd_preun %{name}d.socket
 
@@ -84,8 +96,20 @@ exit 0
 %{_mandir}/man8/tang.8*
 %{_bindir}/%{name}-show-keys
 %{_mandir}/man1/tang-show-keys.1*
+%{_mandir}/man1/tangd-rotate-keys.1.*
 
 %changelog
+* Wed Dec 07 2022 Sergio Correia <scorreia@redhat.com> - 11-2
+- Report error details when json_load_file() fails
+
+* Tue Dec 14 2021 Sergio Correia <scorreia@redhat.com> - 11-1
+- New upstream release - v11.
+  Resolves: CVE-2021-4076
+
+* Mon Oct 04 2021 Sergio Arroutbi <sarroutb@redhat.com> - 10-4
+- Keys are created with 0440 mode
+  Resolves rhbz#2008204
+
 * Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 10-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild