From 2061ff77b693f9a86bf956d77a9dedf7eacdaf66 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Fri, 29 Nov 2019 19:01:45 +0000 Subject: [PATCH] perl: Verify database when it is being opened Signed-off-by: Michael Tremer --- Makefile.am | 3 ++- src/perl/Location.xs | 26 +++++++++++++++++++++++++- src/perl/t/Location.t | 3 ++- 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/Makefile.am b/Makefile.am index b181e4c..2c83b3d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -209,7 +209,8 @@ build-perl: .PHONY: check-perl check-perl: testdata.db - cd $(builddir)/src/perl && $(MAKE) LD_LIBRARY_PATH="$(abs_builddir)/src/.libs" test database="../../$<" + cd $(builddir)/src/perl && $(MAKE) LD_LIBRARY_PATH="$(abs_builddir)/src/.libs" test \ + database="../../$<" keyfile="$(abs_srcdir)/examples/public-key.pem" .PHONY: install-perl install-perl: diff --git a/src/perl/Location.xs b/src/perl/Location.xs index b6c4dc5..5071f85 100644 --- a/src/perl/Location.xs +++ b/src/perl/Location.xs @@ -15,8 +15,9 @@ MODULE = Location PACKAGE = Location struct loc_database * -init(file) +init(file, keyfile) char* file; + char* keyfile; CODE: struct loc_ctx* ctx = NULL; @@ -49,6 +50,29 @@ init(file) croak("Could not read database: %s\n", file); } + // Try to open the keyfile + f = fopen(keyfile, "r"); + if (!f) { + loc_database_unref(db); + loc_unref(ctx); + + croak("Could not open keyfile %s: %s\n", + keyfile, strerror(errno)); + } + + // Verify the database + int status = loc_database_verify(db, f); + if (status) { + loc_database_unref(db); + loc_unref(ctx); + fclose(f); + + croak("Could not verify the database signature\n"); + } + + // Close the keyfile + fclose(f); + // Cleanup loc_unref(ctx); diff --git a/src/perl/t/Location.t b/src/perl/t/Location.t index fd43946..71cdce8 100644 --- a/src/perl/t/Location.t +++ b/src/perl/t/Location.t @@ -10,6 +10,7 @@ use warnings; # Where to find the test database. my $testdb = $ENV{'database'}; +my $keyfile = $ENV{'keyfile'}; use Test::More tests => 6; BEGIN { use_ok('Location') }; @@ -23,7 +24,7 @@ BEGIN { use_ok('Location') }; my $address = "2a07:1c44:5800::1"; # Connect to the database. -my $db = &Location::init("$testdb"); +my $db = &Location::init("$testdb", "$keyfile"); my $vendor = &Location::get_vendor($db); ok($vendor eq "IPFire Project", "Test 1 - Get Database Vendor"); -- 2.39.2