haraldwolff
/
collabora-online
mirror of https://github.com/CollaboraOnline/online.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,115 Commits
482 Branches
570 Tags
290 MiB
Commit Graph

30 Commits (master)

Author SHA1 Message Date
Michael Meeks 7183a3d3de spdx: improve machine and human readability of headers. 
Change-Id: Ice934380029bf27054e830fffc07a5d037d1430f
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
 2023-11-14 19:36:31 +00:00
Michael Meeks 47b89b32ef spdx: improve machine and human readability of headers. 
Change-Id: I1b6dcd2ec1fbef6556d70b8af3ccfd5d6a95c59a
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
 2023-10-31 10:33:07 +00:00
Andras Timar fc946198d3 Rewrite coolwsd-generate-proof-key in C++ 
* simplified the tooling a bit: use coolconfig for creating
  RSA key pairs for WOPI Proof headers.
* got rid of a dependency: ssh-keygen, towards leaner docker images

Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: Iaf468b5c8585d45027f512bb0a287ab77afb1ea9
 2023-07-22 00:14:48 +02:00
Ashod Nakashian 5ff5aff95f wsd: build fix with gcc 12 
With gcc-12.1 the following error is observed:

In file included from /usr/include/c++/12/string:50,
                 from wsd/ProofKey.hpp:12,
                 from wsd/ProofKey.cpp:10:
In static member function ‘static _OI std::__copy_move<false, false,
std::random_access_iterator_tag>::__copy_m(_II, _II, _OI) [with _II =
std::reverse_iterator<const unsigned char*>; _OI =
unsigned char*]’,
    inlined from ‘_OI std::__copy_move_a2(_II, _II, _OI) [with bool
_IsMove = false; _II = reverse_iterator<const unsigned char*>; _OI =
unsigned char*]’ at /usr/include/c++/12/bits/stl_algo
base.h:495:30,
    inlined from ‘_OI std::__copy_move_a1(_II, _II, _OI) [with bool
_IsMove = false; _II = reverse_iterator<const unsigned char*>; _OI =
unsigned char*]’ at /usr/include/c++/12/bits/stl_algo
base.h:522:42,
    inlined from ‘_OI std::__copy_move_a(_II, _II, _OI) [with bool
_IsMove = false; _II =
reverse_iterator<__gnu_cxx::__normal_iterator<const unsigned char*,
vector<unsigned char> > >; _OI =
 __gnu_cxx::__normal_iterator<unsigned char*, vector<unsigned char> >]’
at /usr/include/c++/12/bits/stl_algobase.h:529:31,
    inlined from ‘_OI std::copy(_II, _II, _OI) [with _II =
reverse_iterator<__gnu_cxx::__normal_iterator<const unsigned char*,
vector<unsigned char> > >; _OI = __gnu_cxx::__normal_iterator<u
nsigned char*, vector<unsigned char> >]’ at
/usr/include/c++/12/bits/stl_algobase.h:620:7,
    inlined from ‘static std::vector<unsigned char>
Proof::RSA2CapiBlob(const std::vector<unsigned char>&, const
std::vector<unsigned char>&)’ at wsd/ProofKey.cpp:188:14:
/usr/include/c++/12/bits/stl_algobase.h:385:25: error: writing 16 bytes
into a region of size 4 [-Werror=stringop-overflow=]
  385 |               *__result = *__first;
      |               ~~~~~~~~~~^~~~~~~~~~
In file included from
/usr/include/c++/12/x86_64-generic-linux/bits/c++allocator.h:33,
                 from /usr/include/c++/12/bits/allocator.h:46,
                 from /usr/include/c++/12/string:41:
In member function ‘_Tp* std::__new_allocator<_Tp>::allocate(size_type,
const void*) [with _Tp = unsigned char]’,
    inlined from ‘static _Tp*
std::allocator_traits<std::allocator<_CharT>
>::allocate(allocator_type&, size_type) [with _Tp = unsigned char]’ at
/usr/include/c++/12/bits/alloc_traits.h:464:
28,
    inlined from ‘std::_Vector_base<_Tp, _Alloc>::pointer
std::_Vector_base<_Tp, _Alloc>::_M_allocate(std::size_t) [with _Tp =
unsigned char; _Alloc = std::allocator<unsigned char>]’ at /usr
/include/c++/12/bits/stl_vector.h:378:33,
    inlined from ‘void std::_Vector_base<_Tp,
_Alloc>::_M_create_storage(std::size_t) [with _Tp = unsigned char;
_Alloc = std::allocator<unsigned char>]’ at
/usr/include/c++/12/bits/stl_vect
or.h:395:44,
    inlined from ‘std::_Vector_base<_Tp,
_Alloc>::_Vector_base(std::size_t, const allocator_type&) [with _Tp =
unsigned char; _Alloc = std::allocator<unsigned char>]’ at
/usr/include/c++/12/
bits/stl_vector.h:332:26,
    inlined from ‘std::vector<_Tp, _Alloc>::vector(size_type, const
allocator_type&) [with _Tp = unsigned char; _Alloc =
std::allocator<unsigned char>]’ at /usr/include/c++/12/bits/stl_vecto
r.h:552:47,
    inlined from ‘static std::vector<unsigned char>
Proof::RSA2CapiBlob(const std::vector<unsigned char>&, const
std::vector<unsigned char>&)’ at wsd/ProofKey.cpp:187:46:
/usr/include/c++/12/bits/new_allocator.h:137:55: note: destination
object of size 4 allocated by ‘operator new’
  137 |         return static_cast<_Tp*>(_GLIBCXX_OPERATOR_NEW(__n *
      sizeof(_Tp)));
      |                                                       ^
cc1plus: all warnings being treated as errors
make[2]: *** [Makefile:2394: wsd/ProofKey.o] Error 1

Change-Id: I6e5c6ea8187a5a60b177f6642b8b728e60b04688
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
 2022-07-09 21:10:03 -04:00
Andras Timar f07ff8c7e0 rename: remaining lool->cool changes 
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: Ib7d4e804bebe52dead8d53b0e0bbaed0f08bf3d0
 2021-11-18 14:14:11 +01:00
Andras Timar bf5bce7669 rename: loolwsd-generate-proof-key -> coolwsd-generate-proof-key 
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: I3aa30ce4e5f6df2068fa2e0788034e83cb0ae26b
 2021-11-17 22:06:34 +01:00
Henry Castro 8d694bdf97 wsd: log warn if proof keys not found 
"default installs currently don't use proof keys"

Change-Id: I43b6c5ed6633b35e58ec3e1b1cc222756a9a47d8
Signed-off-by: Henry Castro <hcastro@collabora.com>
 2021-08-27 15:01:58 -04:00
Ashod Nakashian 1f978d9b50 wsd: cleanup Poco headers 
Change-Id: I1eec2301576fc2f1cde40389b1f858f80b1204c0
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
 2021-03-22 10:09:22 -04:00
Henry Castro 851c532508 wsd: revisit log messages misc files 
LOG_FTL = abnormal, crash, denied service
LOG_ERR = load, save, session, connection, wrong parameters
other cases LOG_WRN, LOG_INF

Change-Id: Iaddfcf7f0853abfa96948fff28acda606cf88b55
Signed-off-by: Henry Castro <hcastro@collabora.com>
 2021-02-23 23:48:19 -05:00
Andras Timar 0002fdfd6c fix license headers 
Change-Id: I8623770b32d278a45357dc7f757fabfadd2b4af7
 2020-10-01 11:56:43 +02:00
Michael Meeks cd98388653 Avoid contention on RSA Digest engine. 
Change-Id: If9068371c7ab18083d432f8bc582d85c2f85e80e
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/101081
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
 2020-08-20 18:11:12 +02:00
Mike Kaganski 571ef16df8 Implement fake oldvalue/modulus/exponent and X-WOPI-ProofOld 
... since these are required in proof-key element as per [MS-WOPI].

Change-Id: Ie770271ee911e3f7822375c00a83c6a32cd5f2fc
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88743
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Tested-by: Jenkins
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
 2020-07-28 14:46:02 +02:00
Damian f160ccf80d tdf#134041: reset engine before next digest computation 
Change-Id: I68ef078f6f885bebaf29b37d5fd704a9c70c826a
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/96899
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
 2020-06-23 12:32:19 +02:00
Michael Meeks 82fec145eb RequestDetails - move into a single class & simplify flow. 
Change-Id: Ic9148350e04fca7876ec1b5985b467524c6894e1
 2020-05-12 15:29:07 +01:00
Andras Timar 25bc0a1088 Proof: add loolwsd-generate-proof-key helper script 
Change-Id: Ibbd99b6431b1a2992c520d3fad5f52d0770905f6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92788
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
 2020-04-23 19:36:06 +02:00
Andras Timar b0645a647c Proof: SSH private key format matters 
On openSUSE Leap 15.1 the ssh-keygen binary produced a private key
that caused Poco to throw an exception. Apparently Poco expects
the private key in PEM format. Apparently on most distros this is
the default format, but not on openSUSE Leap 15.1 where we need
to specify it explicitely.

Change-Id: Id142735b13887a1347895f121400ed6d5aecc1f4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92736
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
 2020-04-22 23:52:21 +02:00
Miklos Vajna 4992de990d Proof: improve logging 
Tell if the key loading happened due to a Poco vs std exception.

If we show the response headers, show the request headers as well.

Change-Id: Idb32e8c4d9cc5565647b99d6ddae27cd2faba46f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92518
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
 2020-04-20 09:22:59 +02:00
Michael Meeks 668007544b Proof: generate our own key, and verify our own signatures. 
Change-Id: If805c89a3b6618d6e34e7421b20077c4f0a48cb3
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91940
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
 2020-04-08 23:20:55 +02:00
Michael Meeks f4f7b08d44 Proof: implement CAPI blob test. 
Change-Id: Ifa4ddc3c5fa375606eedd932af029e4b30a740de
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91936
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
 2020-04-08 22:19:51 +02:00
Michael Meeks a2b9fc474a Proof: re-factor - publicise some internals to make testing easier. 
Also add dummy, run-every-build test to validate wopi like proofs.

Change-Id: Ic2dc647a8d61693ae87b6523aaa30632979fd5d6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91854
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
 2020-04-08 10:58:49 +02:00
Mike Kaganski 6eda59123a Proof key: make sure public exponent is exactly 4 bytes 
It seems that Poco returns 3-byte public exponent (0x010001) as
3-element vector, and MS CAPI blob must include 4-byte exponent

In Poco code (Crypto/src/RSAKeyImpl.cpp), its convertToByteVec
uses OpenSSL's BN_bn2bin, which returns big-endian byte order
(see OpenSSL's crypto/bn/bn_lib.c). That is returned from Poco's
RSAKey::modulus() and RSAKey::*Exponent() unchanged, so treat
them accordingly.

Change-Id: I37f5fb9a310d42c7f346429c39611b25dd5bba2f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88989
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
 2020-02-19 10:19:55 +01:00
Mike Kaganski 99f0480460 Proof: URI must be absolute and converted to uppercase 
Also access token is already passes decoded to GetProofHeaders,
so don't decode it second time.

Change-Id: I7c4404462a9dd9f53e4e82684b1fcae1aeecee73
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88736
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
 2020-02-18 17:30:19 +01:00
Mike Kaganski 25a1d35467 Read proof key from source directory in debug builds 
Change-Id: I3de5ec1d6993fdba8430f40c6c93327e90a151c2
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88672
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
 2020-02-18 16:29:54 +01:00
Mike Kaganski 2504c88c43 Don't use Poco buffer when creating a proof 
I need this to better control the byte order of values in the proof

Change-Id: I8a21c20af4cc3157c893d870f73cc2afa7910ff4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88076
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
 2020-02-06 20:21:31 +01:00
Mike Kaganski aaa9443eae Only warn on absent proof RSA key, don't log error 
This reimplements commit bfb16d8831

Change-Id: I834a45ba4fcb939093b179f316176df790926c4e
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88096
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
 2020-02-06 16:05:40 +01:00
Mike Kaganski bfb16d8831 Turn some errors to warnings, and drop unneeded stderr output 
Change-Id: I63de580480f983e8179546fae6217641fa370135
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88088
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
 2020-02-06 12:36:55 +01:00
Mike Kaganski 0c0510cccf Implement proper proof-key value attribute 
Change-Id: I3f2ad960ce6d3dad4d0b064492355b5643f345c8
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/87148
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
 2020-01-21 19:28:32 +01:00
Michael Meeks 5d5fb42715 Typo fix. 
Change-Id: I4698a00a8646366bcf30aabd997c31996a58d0e0
 2019-12-14 16:19:48 +00:00
Mike Kaganski c39645bed5 Fix comparison of integer expressions of different signedness 
Change-Id: Idcbaf83cb5f953cb725e5b84c27bc00b2fc267d6
Reviewed-on: https://gerrit.libreoffice.org/83475
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
 2019-11-22 13:03:38 +01:00
Mike Kaganski a986aabeb1 Initial implementation of proof-key 
Change-Id: I7ab79218ca2af268dd4573cb64c6353dc71b5f03
Reviewed-on: https://gerrit.libreoffice.org/82232
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
 2019-11-21 12:56:53 +01:00