Add pubkey loading method for rcl parser.

author: Vsevolod Stakhov <vsevolod@highsecure.ru> 2013-08-19 17:08:29 +0100
committer: Vsevolod Stakhov <vsevolod@highsecure.ru> 2013-08-19 17:08:29 +0100
commit: fcebd3d701e2bcbdc62586c56a74714f0f7c236f (patch)
tree: 2351bf8b272446ea34ca5177ee0f0e14062a84fd /src
parent: 48ca1ed78660a6ba4dbf8ea1890f00c57ed5fd03 (diff)
download: rspamd-fcebd3d701e2bcbdc62586c56a74714f0f7c236f.tar.gz
rspamd-fcebd3d701e2bcbdc62586c56a74714f0f7c236f.zip
4 files changed, 117 insertions, 29 deletions
diff --git a/src/rcl/rcl.h b/src/rcl/rcl.h
index 53ee2f20d..61ce88add 100644
--- a/src/rcl/rcl.h
+++ b/src/rcl/rcl.h
@@ -41,7 +41,9 @@ enum rspamd_cl_error {
 	RSPAMD_CL_ESTATE,
 	RSPAMD_CL_ENESTED,
 	RSPAMD_CL_EMACRO,
-	RSPAMD_CL_ERECURSION
+	RSPAMD_CL_ERECURSION,
+	RSPAMD_CL_EINTERNAL,
+	RSPAMD_CL_ESSL
 };
 
 enum rspamd_cl_type {
@@ -299,4 +301,14 @@ void rspamd_cl_obj_free (rspamd_cl_object_t *obj);
  */
 guchar *rspamd_cl_object_emit (rspamd_cl_object_t *obj, enum rspamd_cl_emitter emit_type);
 
+/**
+ * Add new public key to parser for signatures check
+ * @param parser parser object
+ * @param key PEM representation of a key
+ * @param len length of the key
+ * @param err if *err is NULL it is set to parser error
+ * @return TRUE if a key has been successfully added
+ */
+gboolean rspamd_cl_pubkey_add (struct rspamd_cl_parser *parser, const guchar *key, gsize len, GError **err);
+
 #endif /* RCL_H_ */
diff --git a/src/rcl/rcl_internal.h b/src/rcl/rcl_internal.h
index 0db1d86b5..114ff823d 100644
--- a/src/rcl/rcl_internal.h
+++ b/src/rcl/rcl_internal.h
@@ -26,6 +26,9 @@
 
 #include "rcl.h"
 #include "utlist.h"
+#ifdef HAVE_OPENSSL
+#include <openssl/evp.h>
+#endif
 
 /**
  * @file rcl_internal.h
@@ -76,6 +79,17 @@ struct rspamd_cl_chunk {
 	struct rspamd_cl_chunk *next;
 };
 
+#ifdef HAVE_OPENSSL
+struct rspamd_cl_pubkey {
+	EVP_PKEY *key;
+	struct rspamd_cl_pubkey *next;
+};
+#else
+struct rspamd_cl_pubkey {
+	struct rspamd_cl_pubkey *next;
+};
+#endif
+
 struct rspamd_cl_parser {
 	enum rspamd_cl_parser_state state;
 	enum rspamd_cl_parser_state prev_state;
@@ -85,6 +99,7 @@ struct rspamd_cl_parser {
 	struct rspamd_cl_stack *stack;
 	struct rspamd_cl_chunk *chunks;
 	guint recursion;
+	struct rspamd_cl_pubkey *keys;
 };
 
 /**
@@ -93,4 +108,24 @@ struct rspamd_cl_parser {
  */
 void rspamd_cl_unescape_json_string (gchar *str);
 
+/**
+ * Handle include macro
+ * @param data include data
+ * @param len length of data
+ * @param ud user data
+ * @param err error ptr
+ * @return
+ */
+gboolean rspamd_cl_include_handler (const guchar *data, gsize len, gpointer ud, GError **err);
+
+/**
+ * Handle includes macro
+ * @param data include data
+ * @param len length of data
+ * @param ud user data
+ * @param err error ptr
+ * @return
+ */
+gboolean rspamd_cl_includes_handler (const guchar *data, gsize len, gpointer ud, GError **err);
+
 #endif /* RCL_INTERNAL_H_ */
diff --git a/src/rcl/rcl_parser.c b/src/rcl/rcl_parser.c
index c38edb943..76bd81232 100644
--- a/src/rcl/rcl_parser.c
+++ b/src/rcl/rcl_parser.c
@@ -138,34 +138,6 @@ rspamd_cl_skip_comments (struct rspamd_cl_parser *parser, GError **err)
 }
 
 /**
- * Handle include macro
- * @param data include data
- * @param len length of data
- * @param ud user data
- * @param err error ptr
- * @return
- */
-static gboolean
-rspamd_cl_include_handler (const guchar *data, gsize len, gpointer ud, GError **err)
-{
-	return TRUE;
-}
-
-/**
- * Handle includes macro
- * @param data include data
- * @param len length of data
- * @param ud user data
- * @param err error ptr
- * @return
- */
-static gboolean
-rspamd_cl_includes_handler (const guchar *data, gsize len, gpointer ud, GError **err)
-{
-	return TRUE;
-}
-
-/**
  * Return multiplier for a character
  * @param c multiplier character
  * @param is_bytes if TRUE use 1024 multiplier
diff --git a/src/rcl/rcl_util.c b/src/rcl/rcl_util.c
index 1c9d6a652..2cb35a199 100644
--- a/src/rcl/rcl_util.c
+++ b/src/rcl/rcl_util.c
@@ -25,6 +25,14 @@
 #include "rcl.h"
 #include "rcl_internal.h"
 
+#ifdef HAVE_OPENSSL
+#include <openssl/err.h>
+#include <openssl/sha.h>
+#include <openssl/rsa.h>
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+#endif
+
 /**
  * @file rcl_util.c
  * Utilities for rcl parsing
@@ -178,6 +186,7 @@ rspamd_cl_parser_free (struct rspamd_cl_parser *parser)
 	struct rspamd_cl_stack *stack, *stmp;
 	struct rspamd_cl_macro *macro, *mtmp;
 	struct rspamd_cl_chunk *chunk, *ctmp;
+	struct rspamd_cl_pubkey *key, *ktmp;
 
 	if (parser->top_obj != NULL) {
 		rspamd_cl_obj_free (parser->top_obj);
@@ -192,6 +201,66 @@ rspamd_cl_parser_free (struct rspamd_cl_parser *parser)
 	LL_FOREACH_SAFE (parser->chunks, chunk, ctmp) {
 		g_slice_free1 (sizeof (struct rspamd_cl_chunk), chunk);
 	}
+	LL_FOREACH_SAFE (parser->keys, key, ktmp) {
+		g_slice_free1 (sizeof (struct rspamd_cl_pubkey), key);
+	}
 
 	g_slice_free1 (sizeof (struct rspamd_cl_parser), parser);
 }
+
+gboolean
+rspamd_cl_pubkey_add (struct rspamd_cl_parser *parser, const guchar *key, gsize len, GError **err)
+{
+	struct rspamd_cl_pubkey *nkey;
+#ifndef HAVE_OPENSSL
+	g_set_error (err, RCL_ERROR, RSPAMD_CL_EINTERNAL, "cannot check signatures without openssl");
+	return FALSE;
+#else
+	BIO *mem;
+
+	mem = BIO_new_mem_buf ((void *)key, len);
+	nkey = g_slice_alloc0 (sizeof (struct rspamd_cl_pubkey));
+	nkey->key = PEM_read_bio_PUBKEY (mem, &nkey->key, NULL, NULL);
+	BIO_free (mem);
+	if (nkey->key == NULL) {
+		g_slice_free1 (sizeof (struct rspamd_cl_pubkey), nkey);
+		g_set_error (err, RCL_ERROR, RSPAMD_CL_ESSL, "%s",
+				ERR_error_string (ERR_get_error (), NULL));
+		return FALSE;
+	}
+	LL_PREPEND (parser->keys, nkey);
+#endif
+	return TRUE;
+}
+
+/**
+ * Handle include macro
+ * @param data include data
+ * @param len length of data
+ * @param ud user data
+ * @param err error ptr
+ * @return
+ */
+gboolean
+rspamd_cl_include_handler (const guchar *data, gsize len, gpointer ud, GError **err)
+{
+	struct rspamd_cl_parser *parser = ud;
+
+	return TRUE;
+}
+
+/**
+ * Handle includes macro
+ * @param data include data
+ * @param len length of data
+ * @param ud user data
+ * @param err error ptr
+ * @return
+ */
+gboolean
+rspamd_cl_includes_handler (const guchar *data, gsize len, gpointer ud, GError **err)
+{
+	struct rspamd_cl_parser *parser = ud;
+
+	return TRUE;
+}
author	Vsevolod Stakhov <vsevolod@highsecure.ru>	2013-08-19 17:08:29 +0100
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>	2013-08-19 17:08:29 +0100
commit	fcebd3d701e2bcbdc62586c56a74714f0f7c236f (patch)
tree	2351bf8b272446ea34ca5177ee0f0e14062a84fd /src
parent	48ca1ed78660a6ba4dbf8ea1890f00c57ed5fd03 (diff)
download	rspamd-fcebd3d701e2bcbdc62586c56a74714f0f7c236f.tar.gz rspamd-fcebd3d701e2bcbdc62586c56a74714f0f7c236f.zip