From: pcarana Date: Thu, 26 Mar 2020 01:16:15 +0000 (-0600) Subject: Add new incidences docs, and missing dot and comma (related to #28) X-Git-Tag: v1.2.1~12 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1cf44651a507f2d36e8fe621398e8ddc4fe5109a;p=thirdparty%2FFORT-validator.git Add new incidences docs, and missing dot and comma (related to #28) --- diff --git a/docs/incidence.md b/docs/incidence.md index e086baf6..16e8aaaf 100644 --- a/docs/incidence.md +++ b/docs/incidence.md @@ -11,6 +11,8 @@ title: Incidence 3. [Incidence types](#incidence-types) 1. [Signed Object's hash algorithm has NULL object as parameters](#signed-objects-hash-algorithm-has-null-object-as-parameters) 2. [Object isn't DER encoded](#object-isnt-der-encoded) + 3. [File listed at manifest doesn't exist](#file-listed-at-manifest-doesnt-exist) + 4. [File hash listed at manifest doesn't match the actual file hash](#file-hash-listed-at-manifest-doesnt-match-the-actual-file-hash) ## Introduction @@ -43,7 +45,7 @@ Some incidences are `ignore`d by default, because they stem from bad practices ( ## Incidence types -Presently, there is only a pair of incidence types defined. This list might evolve further over time, depending on the state of the global RPKI and user demand. +Presently, there are a few incidences defined. This list might evolve further over time, depending on the state of the global RPKI and user demand. ### Signed Object's hash algorithm has NULL object as parameters @@ -107,3 +109,50 @@ If not `ignore`d, Fort will report this incidence with the following error messa ``` : : '' isn't DER encoded ``` + +### File listed at manifest doesn't exist + +- **Name:** `incid-file-at_mft-not-found` +- **Default action:** `error` + +[RFC 6486 section 6.1](https://tools.ietf.org/html/rfc6486#section-6.1) considers this scenario: + +``` + 2. {..} If there exist files at the publication point that do not appear + on any manifest, or files listed in a manifest that do not appear + at the publication point, then see Section 6.5, but still continue + with the following test. +``` + +If there's a missing file, it could be a publisher error or even an attack against the publication point (see [section 6.5](https://tools.ietf.org/html/rfc6486#section-6.5)). + +By default, Fort validator will handle this as an error, thus discarding the manifest file. + +When the incidence is not `ignore`d, Fort will report it with the following message: + +``` +: : File '' listed at manifest doesn't exist. +``` + +### File hash listed at manifest doesn't match the actual file hash + +- **Name:** `incid-file-at-mft-hash-not-match` +- **Default action:** `error` + +[RFC 6486 section 6.1](https://tools.ietf.org/html/rfc6486#section-6.1) considers this scenario: + +``` + 4. {..} If the computed hash value of a file listed on the manifest does + not match the hash value contained in the manifest, then see + Section 6.6. +``` + +It's up to a local policy to discard these files (and the rest of the manifest files) or trust in them (see [section 6.6](https://tools.ietf.org/html/rfc6486#section-6.6)). + +By default, Fort validator will discard such files and the manifest as well. + +When the incidence is not `ignore`d, Fort will report it with the following message: + +``` +: : File '' does not match its manifest hash. +``` diff --git a/examples/config.json b/examples/config.json index 75e27500..7de9eacf 100644 --- a/examples/config.json +++ b/examples/config.json @@ -73,6 +73,14 @@ { "name": "incid-obj-not-der-encoded", "action": "ignore" + }, + { + "name": "incid-file-at_mft-not-found", + "action": "error" + }, + { + "name": "incid-file-at-mft-hash-not-match", + "action": "error" } ], "output": { diff --git a/man/fort.8 b/man/fort.8 index 3b308636..f9d87ba0 100644 --- a/man/fort.8 +++ b/man/fort.8 @@ -155,14 +155,21 @@ nothing happened. happened. .RE .P -By default, all the incidences have an action of \fIignore\fR. Currently there -are two registered incidences: +Currently these are the registered incidences, each with a distinct +\fBaction\fR configured by default. .RS 4 .br \fIincid-hashalg-has-params\fR (Signed Object's hash algorithm has NULL object -as parameters). +as parameters). [Default action: \fBignore\fR] .br -\fIincid-obj-not-der-encoded\fR (Object isn't DER encoded). +\fIincid-obj-not-der-encoded\fR (Object isn't DER encoded). [Default action: +\fBignore\fR] +.br +\fIincid-file-at_mft-not-found\fR (File listed at manifest doesn't exist). +[Default action: \fBerror\fR] +.br +\fIincid-file-at-mft-hash-not-match\fR (File hash listed at manifest doesn't +match the actual file hash). [Default action: \fBerror\fR] .RE .P More information about incidences can be consulted at FORT's web docs. diff --git a/src/crypto/hash.c b/src/crypto/hash.c index 6a8366b2..53ec81ed 100644 --- a/src/crypto/hash.c +++ b/src/crypto/hash.c @@ -129,7 +129,7 @@ hash_validate_mft_file(char const *algorithm, struct rpki_uri *uri, if (error == EACCES || error == ENOENT) { if (incidence(INID_MFT_FILE_NOT_FOUND, - "File '%s' listed at manifest doesn't exist", + "File '%s' listed at manifest doesn't exist.", uri_get_printable(uri))) return -EINVAL; diff --git a/src/incidence/incidence.c b/src/incidence/incidence.c index b916395a..fe71afa3 100644 --- a/src/incidence/incidence.c +++ b/src/incidence/incidence.c @@ -33,13 +33,13 @@ static struct incidence incidences[__INID_MAX] = { INID_MFT_FILE_NOT_FOUND, "incid-file-at_mft-not-found", "File listed at manifest doesn't exist", - INAC_ERROR + INAC_ERROR, }, { INID_MFT_FILE_HASH_NOT_MATCH, "incid-file-at-mft-hash-not-match", "File hash listed at manifest doesn't match the actual file hash", - INAC_ERROR + INAC_ERROR, }, };