- Extended tlvfile to include CAPF, SRST and TVS

- Update the tlvfile help text - Update TLV Handling. Update index.php error output when no filename is provided. Update gitignore - Use readfile - Add .cache folder Signed-off-by: Diederik de Groot <ddegroot@talon.nl>
2020-03-12 14:55:07 +01:00
parent 4f0043117a
commit e3cea2d17c
5 changed files with 32 additions and 17 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,14 @@
 env/
 *~
 *.bak
+*.enc
+*.sgn
+.requirements_satisfied
 etc/nginx/site-available/nginx.rules
 etc/tftpd-hpa/tftpd.rules
-.requirements_satisfied
+etc/certs/*.pem
+tftpboot/settings/*.cnf.xml
+tftpboot/settings/*.tlv
+tftpboot/settings/authorized_keys
+tftpboot/settings/*.jar
+tftpboot/settings/*.json
--- a/tftpboot/.cache/.git_keep
+++ b/tftpboot/.cache/.git_keep
--- a/tftpboot/index.php
+++ b/tftpboot/index.php
@@ -29,29 +29,24 @@ function send_fallback_html($message) {
 	flush();
 }

-function sendfile($file) {
-	if (file_exists($file)) {
+function sendfile($filename) {
+	if (file_exists($filename)) {
 		while (ob_get_level()) {ob_end_clean();}
 		header('Content-Description: File Transfer');
 		header('Content-Type: application/octet-stream');
-		header('Content-Disposition: attachment; filename=' . basename($file));
+		header('Content-Disposition: attachment; filename=' . basename($filename));
 		header('Content-Transfer-Encoding: binary');
 		header('Expires: 0');
 		header('Cache-Control: must-revalidate');
 		header('Pragma: public');
-		header('Content-Length: ' . filesize($file));
+		header('Content-Length: ' . filesize($filename));

 		/* want to stream out, so don't use file_get_contents() in this case */
-		if ($fd = fopen($file, 'rb')) {
-			while (!feof($fd)) {
-				print fread($fd, 1024);
-			}
-			fclose($fd);
-		}
+		return readfile ($filename, FALSE);
 	}
 }
 if (!$request || empty($request) || !array_key_exists('filename',$request) || empty($request['filename'])) {
-	send_fallback_html("Empty request sent");
+	send_fallback_html("Empty 'filename' request sent");
 	exit();
 }
 try {
@@ -64,4 +59,4 @@ try {
 } catch(Exception $e) {
 	send_fallback_html($e->getMessage());
 }
-?>
+?>
--- a/tools/certutils/TLV/Tags.pm
+++ b/tools/certutils/TLV/Tags.pm
@@ -15,7 +15,7 @@ our %EXPORT_TAGS = (header   => [qw/HEADER_VERSION HEADER_LENGTH HEADER_SIGNER_I
                                    RECORD_SERIAL_NUMBER RECORD_PUBLIC_KEY RECORD_SIGNATURE RECORD_CERTIFICATE
                                    RECORD_IP_ADDRESS RECORD_CERTIFICATE_HASH RECORD_HASH_ALGORITHM/],
                    digest   => [qw/DIGEST_SHA1 DIGEST_SHA256 DIGEST_SHA384 DIGEST_SHA512/],
-                    function => [qw/FUNCTION_SAST FUNCTION_CCM FUNCTION_CCM_TFTP FUNCTION_TFTP FUNCTION_HTTPS/]);
+                    function => [qw/FUNCTION_SAST FUNCTION_CCM FUNCTION_CCM_TFTP FUNCTION_TFTP FUNCTION_CAPF FUNCTION_SRST FUNCTION_HTTPS FUNCTION_TVS/]);

 our @EXPORT_OK = (@{$EXPORT_TAGS{header}}, @{$EXPORT_TAGS{record}}, @{$EXPORT_TAGS{digest}}, @{$EXPORT_TAGS{function}});

--- a/tools/certutils/tlvfile
+++ b/tools/certutils/tlvfile
@@ -176,7 +176,6 @@ sub parse_tlv {
                $record_function = $function;

                print 'Function:                 ';
-
                if ($function == FUNCTION_SAST) {
                    print 'SAST';
                } elsif ($function == FUNCTION_CCM) {
@@ -185,10 +184,17 @@ sub parse_tlv {
                    print 'CCM+TFTP';
                } elsif ($function == FUNCTION_TFTP) {
                    print 'TFTP';
+                } elsif ($function == FUNCTION_CAPF) {
+                    print 'CAPF';
+               } elsif ($function == FUNCTION_SRST) {
+                   print 'SRST';
                } elsif ($function == FUNCTION_HTTPS) {
                    print 'HTTPS';
+               } elsif ($function == FUNCTION_TVS) {
+                   print 'TVS';
+                } else {
+                    print 'Unknown';
                }
-
                print "\n";
            } elsif ($parser->tag == RECORD_ISSUER_NAME) {
                my $issuer_name = unpack ('Z*', $parser->next_value);
@@ -432,8 +438,14 @@ sub build_tlv {
                FUNCTION_CCM_TFTP;
            } elsif ($function eq 'TFTP') {
                FUNCTION_TFTP;
+            } elsif ($function eq 'CAPF') {
+                FUNCTION_CAPF;
+            } elsif ($function eq 'SRST') {
+                FUNCTION_SRST;
            } elsif ($function eq 'HTTPS') {
                FUNCTION_HTTPS;
+            } elsif ($function eq 'TVS') {
+                FUNCTION_TVS;
            } else {
                die 'Unknown record function: ' . $function;
            };
@@ -525,7 +537,7 @@ eval {
              '  -d --digest <name>         signature digest (sha1, sha256)', "\n",
              '  -F --filename <name>       header filename in built .tlv file (optional)', "\n",
              '  -r --record <file>         additional record certificate', "\n",
-              '  -f --function <name>       record function (sast, ccm, ccm+tftp tftp, https)', "\n",
+              '  -f --function <name>       record function (sast, ccm, ccm+tftp, tftp, capf, srst, https, tvs)', "\n",
              '  -h --help                  print this help and exit', "\n",
              "\n";