[Pkg-openssl-changes] r348 - in openssl-blacklist/trunk: . debian
James Strandboge
jamie-guest at alioth.debian.org
Wed Apr 8 17:53:59 UTC 2009
Author: jamie-guest
Date: 2009-04-08 17:53:59 +0000 (Wed, 08 Apr 2009)
New Revision: 348
Modified:
openssl-blacklist/trunk/debian/changelog
openssl-blacklist/trunk/openssl-vulnkey
openssl-blacklist/trunk/test.sh
Log:
* test.sh: add non-existent file and permission denied tests, as well
as small cleanups
* openssl-vulnkey:
- exit with status '2' when errors are encountered (ie leave '1' for when
a bad modulus is found)
- be consistent with error reporting
Modified: openssl-blacklist/trunk/debian/changelog
===================================================================
--- openssl-blacklist/trunk/debian/changelog 2009-04-08 17:05:10 UTC (rev 347)
+++ openssl-blacklist/trunk/debian/changelog 2009-04-08 17:53:59 UTC (rev 348)
@@ -1,9 +1,5 @@
-openssl-blacklist (0.5-1) jaunty; urgency=low
+openssl-blacklist (0.5-1) UNRELEASED; urgency=low
- [ Jamie Strandboge ]
- * update openssl-vulnkey to use GPL version 3 as specified in
- debian/copyright.
-
[ Kees Cook ]
* openssl-vulnkey:
- replace sha with hashlib Python module to silence Python 2.6 warnings.
@@ -13,8 +9,18 @@
are static, to save space in the archive.
* test.sh: added mixed good/bad testing.
- -- Kees Cook <kees at debian.org> Wed, 08 Apr 2009 08:12:11 -0700
+ [ Jamie Strandboge ]
+ * update openssl-vulnkey to use GPL version 3 as specified in
+ debian/copyright.
+ * test.sh: add non-existent file and permission denied tests, as well
+ as small cleanups
+ * openssl-vulnkey:
+ - exit with status '2' when errors are encountered (ie leave '1' for when
+ a bad modulus is found)
+ - be consistent with error reporting
+ -- Jamie Strandboge <jamie at ubuntu.com> Wed, 08 Apr 2009 12:47:31 -0500
+
openssl-blacklist (0.4.2) unstable; urgency=low
* Add openssl to the Build-Deps, since it is required for the tests.
Modified: openssl-blacklist/trunk/openssl-vulnkey
===================================================================
--- openssl-blacklist/trunk/openssl-vulnkey 2009-04-08 17:05:10 UTC (rev 347)
+++ openssl-blacklist/trunk/openssl-vulnkey 2009-04-08 17:53:59 UTC (rev 348)
@@ -147,10 +147,11 @@
last_bits = ""
found = False
+error = False
if options.bits and options.modulus:
- found = check_db(options.bits, last_bits, "Modulus=" + options.modulus + \
- "\n")
+ found = check_db(options.bits, last_bits, \
+ "Modulus=%s\n" % (options.modulus))
else:
# Check each file
for f in args:
@@ -168,28 +169,27 @@
except IOError, e:
if not options.quiet:
print >> sys.stderr, "ERROR: %s: %s" % (realname, e.strerror)
- found = True
+ error = True
continue
(type, contents) = get_contents(f)
if type == "":
if not options.quiet:
- print >> sys.stderr, "Skipped: %s: is not x509, req or rsa" \
- % (realname)
+ print >> sys.stderr, "Skipped: '%s' is unsupported type " + \
+ "(not x509, req or rsa)" % (realname)
continue
exp = get_exponent(contents)
if exp == "":
if not options.quiet:
- print >> sys.stderr, "ERROR: %s: unsupported exponent" % \
+ print >> sys.stderr, "Skipped: '%s' has unsupported exponent" % \
(realname)
- found = True
continue
bits = get_bits(contents, type)
if bits == "":
if not options.quiet:
- print >> sys.stderr, "Skipped: %s: unsupported bit size" % \
+ print >> sys.stderr, "Skipped: '%s' has unsupported bit size" % \
(realname)
continue
@@ -198,7 +198,7 @@
if not options.quiet:
print >> sys.stderr, "ERROR: %s: problem finding modulus" % \
(realname)
- found = True
+ error = True
continue
if check_db(bits, last_bits, modulus, realname):
@@ -207,3 +207,5 @@
if found:
sys.exit(1)
+elif error:
+ sys.exit(2)
Modified: openssl-blacklist/trunk/test.sh
===================================================================
--- openssl-blacklist/trunk/test.sh 2009-04-08 17:05:10 UTC (rev 347)
+++ openssl-blacklist/trunk/test.sh 2009-04-08 17:53:59 UTC (rev 348)
@@ -24,6 +24,7 @@
error=
tmpdir=`mktemp -d`
+trap "rm -rf $tmpdir" EXIT HUP INT QUIT TERM
# setup files
cp -a ./openssl-vulnkey ./examples $tmpdir
@@ -150,9 +151,29 @@
error="yes"
fi
+echo ""
+echo "Non-existent file:"
+if ./openssl-vulnkey ./nonexistent 2>/dev/null || [ "$?" != "2" ]; then
+ echo "FAIL"
+ error="yes"
+else
+ echo "PASS"
+fi
+
+echo ""
+echo "Permission denied:"
+noperms="$tmpdir/unreadable"
+touch "$noperms"
+chmod 0 "$noperms"
+if ./openssl-vulnkey "$noperms" 2>/dev/null || [ "$?" != "2" ]; then
+ echo "FAIL"
+ error="yes"
+else
+ echo "PASS"
+fi
+
# cleanup and report
cd - >/dev/null
-rm -rf $tmpdir
echo ""
echo "----------------------"
More information about the Pkg-openssl-changes
mailing list