CryptoAPI TLS certificate injection #16
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 tasks
|
It's up to you but I suspect squashing these would be desirable. |
hlandau
reviewed
May 28, 2017
backend/backend.go
Outdated
| // TODO: add callback variable "OnValueReferencedFunc" to backend options so that we don't pollute this function with every hook that we want | ||
| // might need to add the other attributes of tx, and sn, to the callback variable for flexibility's sake | ||
| // This doesn't normally return errors, but any errors during execution will be logged. | ||
| tlshook.DomainValueHookTls(tx.qname, ncv) |
There was a problem hiding this comment.
style: probably want DomainValueHookTLS
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate.go
Outdated
| import "encoding/binary" | ||
| import "fmt" | ||
| import "math/big" | ||
| import "time" |
There was a problem hiding this comment.
for future reference, I wrote imports in this style before learning the preferred style:
import (
"..."
"..."
)
I switch to this new style as I encounter code with it.
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate.go
Outdated
| // TODO: add a version field | ||
| type DehydratedCertificate struct { | ||
| PubkeyB64 string | ||
| NotBeforeScaledInt int64 |
There was a problem hiding this comment.
avoid Hungarian notation: NotBeforeScaled, not NotBeforeScaledInt. Use comments on individual fields to document the format.
hlandau
reviewed
May 28, 2017
| return serialHash.Sum(nil)[0:19], nil | ||
| } | ||
|
|
||
| func (dehydrated DehydratedCertificate) String() string { |
There was a problem hiding this comment.
You could use encoding/json to do this: serialize a []interface{} containing the values. This works, though it could have a vulnerability if bad data gets into the base64 fields somehow. At any rate, there's some whitespace in here you can remove to minimise the size.
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate.go
Outdated
|
|
||
| func ParseDehydratedCert(data interface{}) (*DehydratedCertificate, error) { | ||
| dehydrated, ok := data.([]interface{}) | ||
| if ! ok { |
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate.go
Outdated
| signatureBytes := cert.Signature | ||
| signatureB64 := base64.StdEncoding.EncodeToString(signatureBytes) | ||
|
|
||
| result := DehydratedCertificate { |
There was a problem hiding this comment.
DehydratedCertificate{ (no space) is standard Go style IIRC.
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate.go
Outdated
| } | ||
|
|
||
| return &result, nil | ||
|
|
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate.go
Outdated
| return nil, fmt.Errorf("Dehydrated cert signature must be valid base64: %s", err) | ||
| } | ||
|
|
||
| template := x509.Certificate { |
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate_test.go
Outdated
| "github.com/hlandau/ncdns/certdehydrate" | ||
| ) | ||
|
|
||
| func TestDehydratedCertIdentityOperation(t *testing.T){ |
hlandau
reviewed
May 28, 2017
certdehydrate/certdehydrate_test.go
Outdated
| } | ||
|
|
||
| // Test to make sure that rehydrating and then dehydrating a cert doesn't change it. | ||
| if ! reflect.DeepEqual(dehydrated, dehydrated2) { |
hlandau
reviewed
May 28, 2017
certinject/cryptoapi_windows.go
Outdated
| // Format documentation of Microsoft's "Certificate Registry Blob": | ||
|
|
||
| // 5c 00 00 00 // propid | ||
| // 01 00 00 00 // unknown |
There was a problem hiding this comment.
Irrelevant, but it's probably a version or flags field.
There was a problem hiding this comment.
Quite possibly. None of the reverse-engineered documentation that I found explained what the field was for or what format it used. In any event its value seems to be constant everywhere, so reverse-engineering what it's for doesn't seem necessary.
hlandau
reviewed
May 28, 2017
certinject/cryptoapi_windows.go
Outdated
|
|
||
| // 5c 00 00 00 // propid | ||
| // 01 00 00 00 // unknown | ||
| // 04 00 00 00 // size (little endian because Microsoft engineers suck at their jobs) |
There was a problem hiding this comment.
Eh, little endian is fine. Windows is usually little endian and the adoption of big endian for network order was largely based on the fact that servers at the time (POWER, SPARC, etc.) were largely big endian.
Little endian has won (x86, ARM) and I'd probably use it for a binary network protocol if I were designing one today.
hlandau
reviewed
May 28, 2017
certinject/cryptoapi_windows.go
Outdated
| certLength := len(derBytes) | ||
|
|
||
| // Header for a stripped Windows Certificate Registry Blob | ||
| certBlobHeader := []byte{0x20, 0, 0, 0, 0x01, 0, 0, 0, byte( (certLength >> 0) & 0xFF), byte( (certLength >> 8) & 0xFF), byte( (certLength >> 16) & 0xFF), byte( (certLength >> 24) & 0xFF) } |
There was a problem hiding this comment.
Personally I'd use encoding/binary to store the fields into a fixed-length byte array. This is probably faster but it's less clear. Up to you.
There was a problem hiding this comment.
For this use case, speed is very important. Feel free to create a separate issue for this, and I'll do benchmarking later to see which is faster (and I'll use whatever wins that test).
hlandau
reviewed
May 28, 2017
certinject/cryptoapi_windows.go
Outdated
| // Open up the cert store. | ||
| certStoreKey, err := registry.OpenKey(cryptoApiCertStoreRegistryBase, cryptoApiCertStoreRegistryKey, registry.ALL_ACCESS) | ||
| if err != nil { | ||
| log.Fatal(err) |
There was a problem hiding this comment.
you probably want log.Fatale here with a short message like "couldn't open certificate store" (and again below), otherwise it can be hard to figure out where an error comes from.
There was a problem hiding this comment.
Actually, I'm trying to remember why I used Fatal instead of Error and I suspect I made a mistake. Do you agree that Errore makes more sense than Fatale?
hlandau
reviewed
May 28, 2017
certinject/cryptoapi_windows.go
Outdated
| } | ||
|
|
||
| // for all certs in the cert store | ||
| for _,subKeyName := range subKeys { |
hlandau
reviewed
May 28, 2017
certinject/file.go
Outdated
| pemBytes := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) | ||
| err := ioutil.WriteFile(fileName, pemBytes, 0644) | ||
| if err != nil { | ||
| log.Error("Error writing cert!") |
There was a problem hiding this comment.
log.Errore(err, "Error wrtiting cert")
hlandau
reviewed
May 28, 2017
x509_build/install.sh
Outdated
| @@ -0,0 +1,4 @@ | |||
| #!/bin/bash | |||
There was a problem hiding this comment.
/bin/sh will suffice here, some systems will lack bash or have it at another location.
There was a problem hiding this comment.
The main reason I used bash is that I don't have a mental model of which constructs are bash-specific and which are also present in sh, which makes it risky that I'll accidentally use a bash construct in sh if I habitually use sh. What systems lack Bash? I was under the impression that basically all GNU systems have Bash; are you talking about non-GNU things like Busybox?
|
Made some minor comments, mostly just stylistic comments for now. |
|
AFAICT the Travis CI failure is due to #19 . |
I'll squash this PR before it's merged, but after it passes review. |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Build script uses `go generate` and `go env GOROOT` now.
Remaining TODO's that I'm aware of:
* Update the d/ spec.
* Look into using Errore instead of Fatal.
* Fix the Travis CI failure due to #19.
* Squash commits.
@hlandau anything else needed before we merge?
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZN0BHAAoJELPy0WV4bWVws2IP/icCdtqQ4pHhCDst+Q1R5Z3V
5sm3Cemz/EAJlWpluFETjzrk521225xHwY16ltY6quX766C5cCQ5+QQY1UaE90aU
eqtObqyJUNl7ZGqXJrZOEMn0gFYeO5lxhnW96mJr6cGMaVcJ5QmSarVV471U7Bi6
aiIRN4S+8zD5e2lgoORHI/aJ4uPYS2QRzssxui6YY6Z/7LdplJHwflXJ4s+1dELZ
LYRJi3/O71PGXA5OvE55eG2tDGeJnALq7wLX2GKIGCZ0QXmrRQ1/v6YOSvhhLO02
EaCmp+vUiAjhzVQ1YV3qEmLHBiF9UBqLT0tjW/rmz7RYnBlx1v9/nzvY/i0OwPBJ
ZZWpS59aPOy3Wp7t/05MN95wfHWLvQMQsH+YodtDSrHAyYdnMvlFx51kxYUD9oZS
rkfIylmC7eNu+q4X+w+UJZ8o5DnlnezGQasm6Cqe2SImeT5eKGhlufthBF8M9PoP
/wpZfYMxkCoLbnvsIUGsH/HmXK+zW1aj1C6oujY8l7XrsDNyuIIAYu9c8/Nd1xFA
GjVX1ZdGB+HxWPYZA3dNMW8BvDewoKUA4c/T+qmUhjgSqFy2X9mIZYUcsREJ6TKe
/vZn8GaxLuDcZUiE9lY71B/MsXLe1dgoxL7/z96qWmVQ+8uR9CMm7gq2akgL9bJy
GViXrhXZbtOs4+EhJ9N4
=aRHs
-----END PGP SIGNATURE-----
|
JeremyRand
force-pushed
the
tls-import-certs-go-registry-stable
branch
from
2ce01fb
to
f9adde0
Compare
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Fixed Travis CI failures, and rebased to fix merge conflicts.
Remaining TODO's that I'm aware of:
* Update the d/ spec.
* Look into using Errore instead of Fatal (@hlandau, any comments on
this?).
* Squash commits.
@hlandau anything else needed before we merge?
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZO+WwAAoJELPy0WV4bWVwe5gP/jOPfF+f3auD9qHQLIAqCRZm
tkERjk755VKaEcp5qUhA1mzpNGHkxfL/0fg3K97f2+MPFv2THyRIrC8rcV+oONrL
IAtQGn1VOIV26RrV0TnNehLWN5AhYVWR251TBXVE67DxaiyrInCok6OUVNSzS6wu
XLudkEpvcvvIyf1mGmC6ZSEviJPlX87XztNfzsgl64TN0QHUWiGehRalVQ/UJz1M
mZtVK8XL3dtM3LCFlCsOn+yberAs0CRYvxtps0S83lmrQZdInBWCvZeUn7ZHk9Bg
P2B8/jap5ylTUfdifIqri+CwBxQodpMsKdMQrlK/z/hpqQj7TA0nBoC8PyZzWDLP
80hup/agK8W58+uHvrh7ucG4Ww6oPtQvzEyapU/x6fyjL3x0YWkr5XpR2EwBi1EP
e0O4qvmVaxCzj/3e6bz45w6H8yEayOYuFcmIqmZyMLEod+DLkTjY/iuw9elDvrcF
5dDh0CCoE9V8W5WVWDvgNpCYOA3qPdNB7mX8QIv+LgqvejAeiPg7zPKwDr8kQM39
dOL0zrV2wNUoNiYMD/VnfCJv6YfsunSBH8XLyD4kigi0lzl4SzN11Vi7FnbL0xlw
4oT4VBEx5MIkQvWU5G8SRKPRrpvM6OiyPcQyKt4YPgnzrSC94llQJIrzuDLQm2nz
5wmwbHtXxhZ95pUToT+b
=5s+/
-----END PGP SIGNATURE-----
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
AFAICT I've addressed all feedback as of today. Requesting review
from @hlandau .
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZQOu1AAoJELPy0WV4bWVwwvcQAIF0U/DlQ4jsBFywNeMfA6EZ
Yq7K6FGL2fKDO5JkRxjZYpAeeU3+zLaxjb7DaMLteoo/YkOraXCyBTRq6yUW+J/h
NNNx3Fd3QCJFfdYHk9OGozCthdf3zHdV+8tvnpuOtHYS4GcgwPHd0FTs8CcbbMWx
XymgoQQwD+CMb9z6mhgxkMp5r/3RUSsKYkm6qx82XR7/ohiyOrGRdWSrqFCWa41z
O3U4wegbnK0T79ELWuHAO6YT5LImPYwESB/4JIGbZiXPi/2IHB6VwVa7pkJQzu6n
BKDVcgRWPJfVlazpeWBYtitRnHC1WdetA7d4h2aSFPw4Ejs3TF3o32pTL60TO0xr
gkCFZXooL3PZct5pRAyzvzLwji7FEqreKMsLwS9RcEce1JTGO4vHe9ifaI1tOB2M
PPDGUl3DVDkKYlTsU/2tpxPedI4fiEwPaaKxSHOkaJUenmgsgXvm7pmR5cd9Ry/r
Ko9YbKeHlwFJej/VfcdSZYRn01wE+bcnGVPGnGm2LwHVxF8sNF4Y8E5+l/1fbm/+
AwF4j3+X/tXybwVBbbdRgT+/aaW+iD+jTFLIYoSM1ziAKBFYUZ5BG64UgmadRHMI
kwRJrYCkliS+0mIjfkUjarlMmbdK70G3NQeyTWXd+BVRBAXPqdStygVJD7NiA3N9
wD50zCuL6qZMQNxS6EuG
=XZXb
-----END PGP SIGNATURE-----
|
JeremyRand
changed the title
JeremyRand
force-pushed
the
tls-import-certs-go-registry-stable
branch
from
a101610
to
deffffa
Compare
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hugo Landau:
hlandau approved this pull request.
LGTM. Merge whenever you like.
I've squashed the PR as discussed previously.
I just noticed, upon inspecting the squashed PR, that the `.gitignore`
contents are probably wrong as a result of the refactoring of x509 to
use `go generate`. Should I just delete `.gitignore` for now, or is
there a better fix I should apply? (I'm not incredibly familiar with
how `.gitignore` is usually used.)
@hlandau also btw please specify a commit hash when posting a review
of a PR; that way it's harder for people submitting PR's to
misrepresent what the review applied to.
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZSMcvAAoJELPy0WV4bWVwlwYQAKg3tPlorIsT6Lfqc6gNy6SI
JURhYjSgiqFZg9B7o9wtXBA8oxSxdh84/k75KsWRIHTrBtFe4W0QNEaUPT3SBtCj
CX6lylfSX+jRakpXyTKisLI14pB/LiFgO2QzJ4ytdt+H3dGyR4ew79bE0gb89B4O
Uyy4fKfW4LJjQU8l7EoosNztXcbMBrFmgGUbAAQYd0VPVoX0OlXXrAr+h0nKAqHV
sfKTFyrHbVk8UDR/jvtHs8GM1lD15DjQ0bZ2FNSPEMo7HVFsEPNNkTqMHAe1W+SZ
b/36dFr8VpSYD+K0ZdxQUT3KBHUJYAJSux3HDyl61lknH02p8MblAkZvY2l+lEz8
UeESQztOMGnAauKhmM1JQgRVi/TChVAlXe/vH51k0KgaBHACcQEX9BRUWvAoUcnk
2uS/iEKKe98fmMkQIsfQBU752YLnCyIxDf7moRoVWf5JHrrPFNlKAelVmQRbrbYB
HPIUnN69qQuUZb6X6nddERuOhx1iP8IXi4DaVl2bptLnz7RepnMQHaRliGIM4I/N
36WlCAeD1lRfT00rQOwlaW1qCvxMHL8/DwSSEQvSaQ0ZDN84UYlVgP6yq7aJIjX7
Z0NYAE2zLLryGiK5/7fFW8twj0x9x5X3FUTiAxeuemcDefdYjMxJ+eDW1fSknquc
95bldZLgUk9UzHvUBWNp
=jn3k
-----END PGP SIGNATURE-----
|
|
You'd better remove |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hugo Landau:
You'd better remove `.gitignore`.
Done. Let me know if this passes review, then I'll squash again, and
if that passes review I'll merge.
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZSQnFAAoJELPy0WV4bWVwWxAQAIalYYRukqyPxuuSbWqeuiX2
9mMZoqARWMv9or7XBm1FsvGV2dI2QPlH3aWuo+aBJcECZvxO4qYAy2T+t4mwlIwf
AsZ/MFl2eQxsVILvn71Z+I57hwHN+/n48toU+iq2xasWcloyePT9h6HQ+MZ881lg
O1FlBrQArd0qvU/KCgpm2HIRKL+mpsE5LJ7zC1Sx9U0ZfNg+NulYMHoBxBp3CTy9
8Qt7N/iFjoXJQNE6mvhZqJE6kTzt34P1OTT38OcZ3Wl8JsTEmZATxDQdjsyopM75
F7kW6Zk6TE73EZzXf4VZcYezUEje/ZayAyepcFCJJF4Kx53jherT2ySCiShQ6VT2
1usLGdxIfoZn02kvvZKkJIiEcKZZc89tkbtLuD0xCE6aDeRkRAK4N65Egn+GAIt4
TmKVtq9IBmV08p5fFNqeVVs8Q9bBzbraC55+h/rRCcX3Oj1QK1u4XQcZSQCN1i4W
MAY7nvjwuutX2kVIT6jrcPbqcSzcLMhvPXC3XJuThFWdoazernkd5ZCtwpoTpO82
TZzxaZXoxejHEiVJjH6SkFynZn1HozCbs4cUwncvk7WNDe+yEi5l4tIDODnCTnKO
I29UDeF4iaQOr4TMMW2fILi6pZdQY+sswqyMmr/tGdp4jwA6iATJQuMl3mB5GRLG
iouLG5VxUu+7VFIuBJgX
=jZe0
-----END PGP SIGNATURE-----
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hugo Landau:
hlandau approved this pull request.
ACK
Can you specify the commit hash you're ACKing?
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZSas7AAoJELPy0WV4bWVwvvEP/i8EILLPWcgh2TKBTsgB7phN
P4c8xo1YLZoUFzDCpIZka2s04CINkVOhbmFvdMwrPnNc+2vzKanbJvafU5xM4u94
IvvBmJRsNdU71PLbSceTVnL+rf1qKJQbKQLxC+I07uhPDOIxRmkQp9Pvsyjff3Nz
VnlzZCTkJ+a8dc4W1OvFmpmJQubBYsMm1MVRr9H8PHTh/ohpoORHRKFtrmqSX6Rz
oHyMZ/dHKh3Y2+ffQz59+YJh6DQgcMNRSObP0ROPvwuJG5UEElVFmLj0ijKKAxoK
/v+QfMDWBwf0yojNoqjGVsaPP+NB/xP/9gvt5OKPsKYSgFDyLFJrwIK4V5SGhEBF
cDdHocSygKX6ncV8X0x92N9wKraMrz3blGc8JnkVSEiBgV3WoyWTKLN/gDBAtAX0
xTkW5NHEdPe4vxiNo37w8fVtCwaXZXig5RaJW1YPYnVk9WSRI+v/GGNTOE4xMaMD
C+QptLjXFAnp7Mjk6eM1C8xGBdFEPt1Ow9JeQFDP1X8sCC6VLnvJooyS9LnCZt++
kAnrJbqGL6W+z+V3/ym/yzRwsE9YJ+y0KDZbg2DfNAkZ0CDoKIlj0KsttmoItTpy
Xy9SbwVKkNXZjV9aq2ZnZim+WBca88tXHxrP0qq6yUzn4qqygAtDIgb31hIAV6CQ
wNmtBn54gkS/Kz9WWzBz
=N/pe
-----END PGP SIGNATURE-----
|
|
ACK 2e6ee03 |
JeremyRand
force-pushed
the
tls-import-certs-go-registry-stable
branch
from
2e6ee03
to
d67066b
Compare
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Squashed and rebased. @hlandau can you review?
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZYEHdAAoJELPy0WV4bWVwhWoP/iDfkqFUcbEDakbs1KDR9omB
mfZ5hvXSi94lC+a+Y7WcNdJhqWgAqrxpMckeD59qYplILuavL+pvwgRdZQMLzDmk
wjLGxF3cYMiYCEGP1etyJGXu0l9sWc1gbg2onWSA3/Z1YlZtH4yVDXBY/vS1kqA3
p6vTfAzidFUmtV4t+vkctYk/EeotdnsKbhGISHrg8zsNpmDMYVNmxSSzAsiSPZJc
jPVAWr3rbtwHZ6sKMEwp5cXSJnkXdE8q0i0APVj+8LK9b6m1Q20TulU68Cf3oVuW
Pm5968W12+lWASsyCHoipanjWbNEXiZ8g2WnEswSd7mbDeR2/FhpJhYVwFWKwXu8
aUXcen0FKT+fkgjlm566FNd8s8EosPujAJ23LEy8J4a7h3FPieJZNxBaSx0mrP4x
MoxuNWHR3b5gSWASBeWojsO2LwXFTTzWO8+u1tWztC9F7P5/PEqIjTG2xNdXl1ae
L0m3NnYJ0oCL9sCrfVMvaWLTqwvuFzHijIgHMPRApVbWbdfD0wwVsaNbuKIT0V5V
o9ycVrY6/EB7G2prehQZvTEB6mqT7IWLzvOw4bRTW+cKyAC6GLU5rOPZ6Q3QskgR
eZPptmYpnZVCvQWuvSnTheF1byblURHEFmn7y1jfGwMO9MbkyFhN3pIk3FMuJmWG
+pAbWc7exEMWt7Bv52B7
=EHZW
-----END PGP SIGNATURE-----
|
hlandau
reviewed
Jul 8, 2017
tlshook/tlshook.go
Outdated
| // TODO: test this code. | ||
| // since this code has not been tested yet, it's disabled for safety reasons. | ||
| //if len(port.TLSA) > 0 { | ||
| if false { |
There was a problem hiding this comment.
?
Too much commented out code here. Not in merge condition.
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hugo Landau:
Too much commented out code here. Not in merge condition.
Good point, I agree that that code should be removed prior to merge,
and re-added later as a new PR once it's properly tested.
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZZvT3AAoJELPy0WV4bWVw9RUQAJ1iBQtRL+9hcRN8ooh5TpP1
25IG0aZJiegvcUGxzeNkQzOJ4mWVlv5sofsMg0JfDeFeavHbHO8lbWSFKD/g1EQU
j71V3cwLB4Gulbhkw4JmEitpyn82j0ydaSxH6y3UuGmQMPO8c1YsQHVt+LGXZACs
6MPfVttMahOSYKJlTU4BsnGGi40Kx9fA++3poNTE8T2WvU/PtZkREXTg4QS+bBpL
+n8X+gOvQl0tWfD37cP3BZ7KescVOb4WUSstIgqbfbcLHyCidew154ns1yQPHmaK
Ng38rlHwbyIEVW1BUtctcqv3Xcd5mH+sT6RlNCC4hUE0VlAaHfbd+HOr//NMUWL5
+LBDvhQc4GjbMqoF89lgr5gCamPj9kLpwkVGGlLHSiNoLegJK51B+wndFkqp0uTX
GFyTdcQiZMUbAsI0YYhzvKwc7G4WoH2f9xBsyzJAS2oY0UcFjkftUkZAEa9QU2KQ
SgoyaA4JL8eKv2pYEskARusow0X/nAK1OThF3DiyCG/SVcVddwkXSov+WFMm4JJu
DPIqtKUqj8Oui6Ib6CuMjdgEm+bycQoOY9OTkYBTO1aUw9hwzP8JxkoP9keHFDDQ
PB4WOe3bPwQ4S9s7oTiP+tseu/+bn8kM8Pl01In7CBfOzfsQCiUTs5b/9T2si8Ji
zTCHZjD7kYdzSXIgAzzo
=Xl7m
-----END PGP SIGNATURE-----
|
|
Needs rebasing. |
JeremyRand
force-pushed
the
tls-import-certs-go-registry-stable
branch
from
e092f32
to
3202450
Compare
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hugo Landau:
Needs rebasing.
Rebased.
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZd/G2AAoJELPy0WV4bWVwYIEP/jdaUAs1NTi0rwx4nIfFFgxg
MVFiE9aPrYci6PQkMbyjHfgC3CBEkaWtYA9HpsbRX7rtaQeyHDd5HOSr7seH4uvq
RHAVom2naz4GzzXJmo8jGtrnKKkveWoEgK9QG0ykFLAmyFEeQsJ11PSmp3ZcqVjA
L+xjsfIucn3Lg03/MJ7HO5i7PN3F6eiR1Loo6CfvA2aabIpiEnoJ7IH7q5YBZWS1
sZ8DCSOPs24bKkGATBJYE2LjFEzRgg3d5PuU5vubTEWcsSWgY4hCSIU6RU0OMjlA
jLHX3VFte9Gmxukyq50pRKrFmMaeIhQhZSJwmqkk5W+5td9BL17dct9xS+XZ/2FI
t02SA8i/RfO7wKduGYAR83YiFiCDAab1hk2ZKFOw7+AezsxhltMrOz7nU251mtgC
8TeaKraMki6rLAmlf3dkY3P8n/l8D9JWw2SAL9xrbnzVuORseAF0VDGIALCC4sZ2
JeTFZvNv/LVKEvdV2GxsiuyEwF8uoCikJ3mnCyxQhBfii8WE5GF9I2kfmGUbcGyO
TfwErZACuJIEasDktiAKLdnxLJ6nT9vbfNtkM6bh9sZSUK80SZoHRA2/lsW3FxHf
ldpBHV8av5g8wZX+OmYktegJUXuoZYqUftkHGR/FhaU2ocdwz03KIY9VmMJuBpgu
eAxEOuUviG1zLrIFIqtO
=+AGi
-----END PGP SIGNATURE-----
|
|
ACK 3202450 and the commits on which it builds. |
…ered by hooking DNS lookups).
…I plan to re-add that code once it's properly tested.
JeremyRand
force-pushed
the
tls-import-certs-go-registry-stable
branch
from
3202450
to
aec2cc2
Compare
…copied verbatim from the Go standard library.
JeremyRand
force-pushed
the
tls-import-certs-go-registry-stable
branch
from
aec2cc2
to
978116d
Compare
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Fixed the Travis failures in this PR that were exposed by #28 . This
required rebasing against master. @hlandau can you review the changes
made here? Do you want me to address any of the other gometalinter
warnings prior to merge?
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZerFYAAoJELPy0WV4bWVwZWEQALscifMqeaThFxqobyR5mzGn
vkD46i716UJ5RaZ7gfLxPYkgFSWRwfdk2Xf81NLvIqbjseQO12m6iP220m5m1eVX
pBWdXkDtqgbaeWriTg9/8GLv/jCtwLxZz25028zDrxngNgHDFTAEUw5buA/x6us9
HL0gav1PTDJtcSGDq1b9yLSIl5h1pjfrAnTV75T5NLCIEHoyarX1pjRPh1xYQhUP
jmFCLniZppfX+OwP+onsihnKuFwc2aGNqhKn5PLmsw6Xh3mUc1vQ4JVrJrCG1aDz
wB1av4Vw8xgRff1uPMY2L+I9980SKtdF15xa1L8PCfOnt6PQcCphIf1VNV5/zsj0
erZvLPzaz0JGwFT0aVYk7LkQC4QClqH+94m2GxJvtWOyaxEzqex0t7JHK5/pEuKn
6XOQV1bde4kDwy53GR83QOLl6JXkLuLMjg5H4XG9VP19SwCRBxhwAQyH6vb2HsN5
r/hFb/k7RwqnU9UvsgsftFVtzIbP4rdERvNjdY2xj8cL4elR5dbGiktUBL7kDxYC
WXl8N416G/B+NHFWqfevYnWFr6VakY0q0x3iGupuBMzKQvKZovnVM4FdEotumbdY
TPa4LvXSyS9CCPMUpC6FQH7c43QNSGtPGJwy345bfite9PZA5q3CBGn1pKZ/Pse3
VGQTHFLlJfMy7Tgh8tE3
=/qnu
-----END PGP SIGNATURE-----
|
|
ACK 271a0c7 |
JeremyRand
added a commit
that referenced
this pull request
Jul 30, 2017
271a0c7 tlshook: Fix linter warning about shadowed variable. (JeremyRand) 978116d Travis: Disable gometalinter warnings on the portion of x509 that is copied verbatim from the Go standard library. (JeremyRand) 05afcd4 tlshook: Remove unused imports. (JeremyRand) 81fb477 tlshook: Removed commented-out code for non-dehydrated certificates; I plan to re-add that code once it's properly tested. (JeremyRand) e16ad6f TLS dehydrated certificate injection for CryptoAPI trust store (triggered by hooking DNS lookups). (JeremyRand) Pull request description: Add the ability to inject TLS certs into CryptoAPI's trust store before replying to DNS queries. Please review but do not merge yet. TODO before merging: - [x] Make the x509 build script use `go generate`. - [x] Make the x509 build script source `go env` and use `$GOROOT` from it. - [x] Update the `d/` spec to match the current dehydrated certificate format. (It's changed slightly since I submitted the spec.) - [x] Look into using Errore instead of Fatal. - [x] Fix `.gitignore`. - [x] Squash commits. Tree-SHA512: 1ce4e650e142aa1630f51b09497d85ad0626ae46ccc63c2e72fafa97d99bf340b3583db5ac76b5cc339228e56be8e9db673348d2d8f1f6173f1bca5306971629
JeremyRand
added a commit
that referenced
this pull request
Mar 12, 2018
375ff45 certinject: NSS: Add an internal test. (JeremyRand) ead7a20 certinject: NSS: Improve error handling. (JeremyRand) 145d1e3 certinject: Fix various issues found by static analysis. (JeremyRand) 2c8b5fe certinject: NSS improvements, now works on arbitrary NSS cert store directories. (JeremyRand) e5c7c09 certinject: add support for the shared NSS trust store on GNU/Linux systems. (JeremyRand) Pull request description: Extend #16 to support the user's shared NSS trust store on GNU/Linux systems. Please review but do not merge yet. TODO before merging: - [x] Get #16 merged. - [x] Figure out what to do in the case where ncdns isn't run by the same user as the owner of the NSS database. Presumably it makes sense to run ncdns under its own user. Should we require a config option that lists the users whose NSS databases are written to? Other issue to discuss: Writing to the NSS database with `certutil` is really slow, I'm seeing ~700ms latency added by this. Is there a faster way to do it? If we try to handle multiple NSS databases (one per user), this could easily cause DNS timeouts. Using the system NSS database should be possible, but it would be unsafe for users who haven't installed the HPKP pin into Chromium. Tree-SHA512: d35fcb44e6c09d6654140de8cf378b0b7523ac19d63d007064db14d5c84cd2178cad95d348baa3234843d215fb563185b98ced33c3e876876d8d42a01ba4e6a7
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add the ability to inject TLS certs into CryptoAPI's trust store before replying to DNS queries.
Please review but do not merge yet.
TODO before merging:
go generate.go envand use$GOROOTfrom it.d/spec to match the current dehydrated certificate format. (It's changed slightly since I submitted the spec.).gitignore.