| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Ragel still produces a wrong state machine if `const char *` is used
for characters representation that are actually utf8.
This PR changes all types to `unsigned char *` for consistency.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signing of ARC-Seal headers was recently broken; the created signatures
failed to validate. Most likely, this was caused by commit 1e661a2fc6e3,
which changed the way signatures are created in lua_rsa_sign_memory
without adding the calls to EVP_PKEY_CTX_set_rsa_padding and
EVP_PKEY_CTX_set_signature_md needed with the new interface.
After fixing this, some existing tests failed, because the test values
passed to the hash parameter did not have the correct size for a sha256
hash. I fixed these by adjusting the length of the test values.
Additionally, I extended the "RSA sign" unit test to compare the created
signature against the expected one. This is possible because RSA signing
is deterministic, and should prevent the same bug from occuring again.
Fixes: https://github.com/rspamd/rspamd/issues/5173
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* [Minor] Small fix for error messages
* [Feature] Create rspamadm util to decrypt header
* [Feature] Create python example to encrypt/decrypt header
* [Minor] Small clean up
* [Minor] Change c-rspamadm util to lua-rspamadm util
* [Minor] Small clean up
* [Minor] Add some debug
* [Feature] Add secretbox command
* [Minor] Debug
* [Minor] Add additional return for encrypted string(noce + encrypted string
* [Minor] Small debug
* [Minor] Add a way to provide encrypted text concatenated with nonce
* [Minor] Add nonce to encrypt text
* [Minor] Clean up
* [Minor] Clean up unused variable
* [Minor] Small fix
* [Minor] Fix return issue
* [Minor] Add blake2b for key derivation
* [Minor] Small upgrade to debug
* [Minor] Small clean up
* [Minor] Change return to more convenient form
* [Minor] Change print to test form
* [Test] Provide tests for encrypt/decrypt with rspamadm util and python script
* [Minor] Change python to python3
* [Minor] Add stderr check
* [Minor] Make the function return nonce+text
* [Minor] Change unit tests to new return format
* [Minor] Add flag to manage encodings
* [Minor] Add --encoding argument to manage encodings
* [Minor] Change tests for new input format
* [Minor] Fix lua format
* [Minor] Small fix
* [Minor] Provide full support for new return format of maybe_encrypt_header
* [Test] Test small fix
* [Test] Small fix
* [Minor] Clean up
* [Minor] Small fix for name of variable
* [Minor] Small clean up
* [Minor] Change format of command to a mre convenient
* [Minor] Change tests to be same as a format of a command
* [Minor] Change description of flags
* [Minor] Small fix
---------
Co-authored-by: Ivan Stakhov <50211739+LeftTry@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* [Fix] Provide support for OpenSSL 3.0
* [Feature] Provide function to encode header with configured public key
* [Feature] Provide function to decode header with configured public key
* [Test] Add tests for maybe encode/decode header
* [Minor] Fix tests for encode/decode header
* [Minor] Small clean up
* [Minor] Small clean up
* [Minor] Small fix for OpenSSL 3.0 support
* [Minor] Provide logging
* [Minor] Small fix
* [Fix] Fix typo error
* [Fix] Another typo
* [Minor] Little clean up
* [Minor] Little fix
* [Minor] Small fix
* [Minor] Small fix
* [Minor] Rewrite the arguments of secretbox:encrypt/decrypt functions to a more understandable format
* [Fix] Fix problem with nonce was not provided
* [Test] Add test for nonce
* [Minor] Little clean up
* [Minor] Little clean up
* [Test] Test
* [Test] Test
* [Test] Test
* [Minor] Little fix
* [Minor] Small fix
* [Minor] Small fix
* [Test] Small fix
* [Test] Test
* [Test] Test
* [Test] Test
* [Test] Test
* [Minor] Small fix for fips provider
* [Minor] Change provider apply logic
* [Test] Little fix for provider
* [Minor] Provide OpenSSL <3.0 support
* [Test] Possible provider fix
* [Test] Possible provider fix
* [Test] Little fix
* [Minor] Fix provider issue
* [Minor] Small clean up
* [Minor] Change logging errors
* Update lualib/lua_util.lua
---------
Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* [Fix] Provide OSSL 3.0 support for lua_rsa (not working)
* [Fix] Provide full OpenSSL 3.0 for lua_rsa
* [Minor] Little clean up
* [Minor] Clean up code from debug
* [Test] Replace for fixed size fstring allocation
* [Test] Add rsa padding and signature md for pctx
* [Test] Little changes
* [Fix] Little fix for rsa_sign_memory work correctly
* [Minor] Little clean up
* [Minor] Small fix
* [Minor] Little clean up
* [Test] Add signature verification test for rsa2048
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Issue: #4754
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Removed test case does not work with luajit-2.1 anymore as it depends on
internal behavior of lujait-2.0.
The order of URL list returned by `extract_specific_urls` function from
`lualib/lua_util` depends on order of keys in table of TLDs. The test
case incorrectly expects "net" and "com" being in front of the table,
however, "org" can appear there as well.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Use find to check string suffix instead of sub (which involves string
interning of a returned string). Benchmarks with LuaJIT 2.1.0 shows
that an option with find is significantly faster.
While here added unit test for this function.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
