Commit c17f2983 authored by Kel Modderman's avatar Kel Modderman Committed by Ben Hutchings

Revert accidental commit of patch to upstream.

parent 2f53b58b
......@@ -16,6 +16,13 @@ UDEV_LEVEL=$(CRDA_UDEV_LEVEL)-
# a different location.
UDEV_RULE_DIR?=/lib/udev/rules.d/
# If your distribution requires a custom pubkeys dir
# you must update this variable to reflect where the
# keys are put when building. For example you can run
# with make PUBKEY_DIR=/usr/lib/crda/pubkeys
PUBKEY_DIR?=pubkeys
RUNTIME_PUBKEY_DIR?=/etc/wireless-regdb/pubkeys
CFLAGS += -Wall -g
all: all_noverify verify
......@@ -23,12 +30,12 @@ all: all_noverify verify
all_noverify: crda intersect regdbdump
ifeq ($(USE_OPENSSL),1)
PUBKEY_DIR?=$(PREFIX)/lib/crda/pubkeys
CFLAGS += -DUSE_OPENSSL -DPUBKEY_DIR=\"$(PUBKEY_DIR)\" `pkg-config --cflags openssl`
CFLAGS += -DUSE_OPENSSL -DPUBKEY_DIR=\"$(RUNTIME_PUBKEY_DIR)\" `pkg-config --cflags openssl`
LDLIBS += `pkg-config --libs openssl`
reglib.o: keys-ssl.c
else
PUBKEY_DIR?=pubkeys
CFLAGS += -DUSE_GCRYPT
LDLIBS += -lgcrypt
......@@ -75,13 +82,7 @@ $(REG_BIN):
$(NQ) $(REG_GIT)
$(NQ)
$(NQ) "Once cloned (no need to build) cp regulatory.bin to $(REG_BIN)"
$(NQ)
$(NQ) "If your distribution requires a custom pubkeys dir you must set"
$(NQ) "PUBKEY_DIR to path where the keys are installed by wireless-regdb."
$(NQ) "For example:"
$(NQ) " make PUBKEY_DIR=/usr/lib/crda/pubkeys"
$(NQ)
$(NQ) "Use \"make all_noverify\" to disable verification"
$(NQ) "Use \"make noverify\" to disable verification"
$(NQ)
$(Q) exit 1
......
......@@ -18,6 +18,10 @@
#include "reglib.h"
#ifdef USE_OPENSSL
#include "keys-ssl.c"
#endif
#ifdef USE_GCRYPT
#include "keys-gcrypt.c"
#endif
......@@ -45,6 +49,7 @@ int crda_verify_db_signature(__u8 *db, int dblen, int siglen)
#ifdef USE_OPENSSL
RSA *rsa;
__u8 hash[SHA_DIGEST_LENGTH];
unsigned int i;
int ok = 0;
DIR *pubkey_dir;
struct dirent *nextfile;
......@@ -56,7 +61,24 @@ int crda_verify_db_signature(__u8 *db, int dblen, int siglen)
goto out;
}
if ((pubkey_dir = opendir(PUBKEY_DIR))) {
for (i = 0; (i < sizeof(keys)/sizeof(keys[0])) && (!ok); i++) {
rsa = RSA_new();
if (!rsa) {
fprintf(stderr, "Failed to create RSA key.\n");
goto out;
}
rsa->e = &keys[i].e;
rsa->n = &keys[i].n;
ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH,
db + dblen, siglen, rsa) == 1;
rsa->e = NULL;
rsa->n = NULL;
RSA_free(rsa);
}
if (!ok && (pubkey_dir = opendir(PUBKEY_DIR))) {
while (!ok && (nextfile = readdir(pubkey_dir))) {
snprintf(filename, PATH_MAX, "%s/%s", PUBKEY_DIR,
nextfile->d_name);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment