diff options
author | Ivan Stakhov <50211739+left-try@users.noreply.github.com> | 2024-10-23 17:09:53 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-10-23 17:09:53 +0300 |
commit | 1e72912cfbb2cceb0f7572f2e07c432e8ec2ed24 (patch) | |
tree | 5d83cecd306d5c22b55e1456bb9da2495dc41a23 | |
parent | 7ca76b8768adcdd1205b7bc8c7000be3bbc281fe (diff) | |
parent | 1ad4dba75b5db1e8f3e6677ad68f09706be15a48 (diff) | |
download | rspamd-1e72912cfbb2cceb0f7572f2e07c432e8ec2ed24.tar.gz rspamd-1e72912cfbb2cceb0f7572f2e07c432e8ec2ed24.zip |
Merge branch 'rspamd:master' into master
-rw-r--r-- | src/libserver/protocol.c | 1 | ||||
-rw-r--r-- | src/lua/lua_rsa.c | 4 | ||||
-rw-r--r-- | src/rspamd_proxy.c | 1 | ||||
-rw-r--r-- | test/lua/unit/rsa.lua | 24 | ||||
-rw-r--r-- | test/lua/unit/test.sig | 5 |
5 files changed, 25 insertions, 10 deletions
diff --git a/src/libserver/protocol.c b/src/libserver/protocol.c index 7d007370b..2dc641dfe 100644 --- a/src/libserver/protocol.c +++ b/src/libserver/protocol.c @@ -2092,6 +2092,7 @@ void rspamd_protocol_write_reply(struct rspamd_task *task, ev_tstamp timeout, st memcpy(&stat_copy, srv->stat, sizeof(stat_copy)); output = rspamd_metrics_to_prometheus_string( rspamd_worker_metrics_object(srv->cfg, &stat_copy, now - srv->start_time)); + rspamd_printf_fstring(&output, "# EOF\n"); rspamd_http_message_set_body_from_fstring_steal(msg, output); ctype = "application/openmetrics-text; version=1.0.0; charset=utf-8"; break; diff --git a/src/lua/lua_rsa.c b/src/lua/lua_rsa.c index 4b9aa0354..5f7db606f 100644 --- a/src/lua/lua_rsa.c +++ b/src/lua/lua_rsa.c @@ -716,6 +716,8 @@ lua_rsa_verify_memory(lua_State *L) EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL); g_assert(pctx != NULL); g_assert(EVP_PKEY_verify_init(pctx) == 1); + g_assert(EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PADDING) == 1); + g_assert(EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha256()) == 1); ret = EVP_PKEY_verify(pctx, signature->str, signature->len, data, sz); @@ -766,6 +768,8 @@ lua_rsa_sign_memory(lua_State *L) g_assert(pctx != NULL); g_assert(EVP_PKEY_sign_init(pctx) == 1); + g_assert(EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PADDING) == 1); + g_assert(EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha256()) == 1); size_t slen = signature->allocated; ret = EVP_PKEY_sign(pctx, signature->str, &slen, data, sz); diff --git a/src/rspamd_proxy.c b/src/rspamd_proxy.c index e2a866178..694e87c12 100644 --- a/src/rspamd_proxy.c +++ b/src/rspamd_proxy.c @@ -1768,6 +1768,7 @@ rspamd_proxy_scan_self_reply(struct rspamd_task *task) memcpy(&stat_copy, session->ctx->srv->stat, sizeof(stat_copy)); output = rspamd_metrics_to_prometheus_string( rspamd_worker_metrics_object(task->cfg, &stat_copy, ev_time() - session->ctx->srv->start_time)); + rspamd_printf_fstring(&output, "# EOF\n"); rspamd_http_message_set_body_from_fstring_steal(msg, output); ctype = "application/openmetrics-text; version=1.0.0; charset=utf-8"; break; diff --git a/test/lua/unit/rsa.lua b/test/lua/unit/rsa.lua index 019212df4..bc4113ae4 100644 --- a/test/lua/unit/rsa.lua +++ b/test/lua/unit/rsa.lua @@ -10,6 +10,7 @@ context("RSA signature verification test", function() local privkey = 'testkey.sec' local data = 'test.data' local signature = 'test.sig' + local signature_bytes = 'test.sig_bytes' local test_dir = string.gsub(debug.getinfo(1).source, "^@(.+/)[^/]+$", "%1") local rsa_key, rsa_sig @@ -23,7 +24,10 @@ context("RSA signature verification test", function() h:update(d) local sig = rsa.sign_memory(rsa_key, h:bin()) assert_not_nil(sig) - sig:save(string.format('%s/%s', test_dir, signature), true) + sig:save(string.format('%s/%s', test_dir, signature_bytes), true) + local sig_actual = string.format('%s\n', sig:base64(80, 'lf')) + local sig_expected = io.open(string.format('%s/%s', test_dir, signature), "rb"):read "*a" + assert_equal(sig_actual, sig_expected) end) test("RSA verify", function() @@ -33,28 +37,28 @@ context("RSA signature verification test", function() h:update(d) rsa_key = rsa_pubkey.load(string.format('%s/%s', test_dir, pubkey)) assert_not_nil(rsa_key) - rsa_sig = rsa_signature.load(string.format('%s/%s', test_dir, signature)) + rsa_sig = rsa_signature.load(string.format('%s/%s', test_dir, signature_bytes)) assert_not_nil(rsa_sig) assert_true(rsa.verify_memory(rsa_key, rsa_sig, h:bin())) end) test("RSA keypair + sign + verify", function() local sk, pk = rsa.keypair() - local sig = rsa.sign_memory(sk, "test") - assert_true(rsa.verify_memory(pk, sig, "test")) - assert_false(rsa.verify_memory(pk, sig, "test1")) + local sig = rsa.sign_memory(sk, "test_012345678901234567890123456") + assert_true(rsa.verify_memory(pk, sig, "test_012345678901234567890123456")) + assert_false(rsa.verify_memory(pk, sig, "blah_012345678901234567890123456")) -- Overwrite sk, pk = rsa.keypair() - assert_false(rsa.verify_memory(pk, sig, "test")) + assert_false(rsa.verify_memory(pk, sig, "test_012345678901234567890123456")) end) test("RSA-2048 keypair + sign + verify", function() local sk, pk = rsa.keypair(2048) - local sig = rsa.sign_memory(sk, "test") - assert_true(rsa.verify_memory(pk, sig, "test")) - assert_false(rsa.verify_memory(pk, sig, "test1")) + local sig = rsa.sign_memory(sk, "test_012345678901234567890123456") + assert_true(rsa.verify_memory(pk, sig, "test_012345678901234567890123456")) + assert_false(rsa.verify_memory(pk, sig, "blah_012345678901234567890123456")) -- Overwrite sk, pk = rsa.keypair(2048) - assert_false(rsa.verify_memory(pk, sig, "test")) + assert_false(rsa.verify_memory(pk, sig, "test_012345678901234567890123456")) end) end) diff --git a/test/lua/unit/test.sig b/test/lua/unit/test.sig new file mode 100644 index 000000000..6bf4f48a3 --- /dev/null +++ b/test/lua/unit/test.sig @@ -0,0 +1,5 @@ +D3IZyIpD0dzfEG0JCZ53BWQLgkRkek7V6JxeGRod3QqNzbGFbbisOkRUW3m3tYL4J7m29taRPT8Ki+RN + NdaPPylijID3E7vdjSY2+c3eajUvlgOCGjEl5kkpYEZeBsO/wJGrS+lucsx/QC/nWJFDGFbiMhbb5HJ/ + fKguRXIqnIh6Dbp3VonP9k7DjgP0yRz6B9BBUBE/z01SeSfM7Knx83ZUsiAN3U8JEudVO9ahLArwFXST + pZDfS3Mn3zbghdXfmwmEFbtaN/SrmBvnEbhvsUfrbChy4Rk4d6wMYa3M83/DcVgxh4yaydlCHhctYBcP + gDQg2BrLzVkPCeWOyLicHg== |