From 1458c9dd8963b34a892b99a6ffce65ca5493a488 Mon Sep 17 00:00:00 2001 From: Matthias Fechner Date: Mon, 4 Nov 2024 19:20:48 +0100 Subject: [PATCH 1/3] Allow compilation on FreeBSD. Fixes error descriped here: https://github.com/toniebox-reverse-engineering/teddycloud/issues/237 --- src/cyclone/common/compiler_port.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cyclone/common/compiler_port.h b/src/cyclone/common/compiler_port.h index f52aa7d7..87d74ad0 100644 --- a/src/cyclone/common/compiler_port.h +++ b/src/cyclone/common/compiler_port.h @@ -106,7 +106,7 @@ typedef unsigned int uint_t; #define PRIXSIZE "X" #define PRIuTIME "lu" //Linux GCC compiler -#elif defined(__linux__) +#elif defined(__linux__) || defined(__unix__) #define PRIuSIZE "zu" #define PRIXSIZE "zX" #define PRIuTIME "lu" From eaa07bbd5e3cf4c5c330f8224876787f102f5054 Mon Sep 17 00:00:00 2001 From: 0xbadbee Date: Mon, 4 Nov 2024 19:49:39 +0100 Subject: [PATCH 2/3] Revert "Allow compilation on FreeBSD and maybe other UNIX systems" --- src/cyclone/common/compiler_port.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cyclone/common/compiler_port.h b/src/cyclone/common/compiler_port.h index 87d74ad0..f52aa7d7 100644 --- a/src/cyclone/common/compiler_port.h +++ b/src/cyclone/common/compiler_port.h @@ -106,7 +106,7 @@ typedef unsigned int uint_t; #define PRIXSIZE "X" #define PRIuTIME "lu" //Linux GCC compiler -#elif defined(__linux__) || defined(__unix__) +#elif defined(__linux__) #define PRIuSIZE "zu" #define PRIXSIZE "zX" #define PRIuTIME "lu" From 939283e95e1d33cef33fbd15f74773e8f21a19a4 Mon Sep 17 00:00:00 2001 From: marco79cgn Date: Sat, 21 Dec 2024 14:08:32 +0100 Subject: [PATCH 3/3] added script to check and verifiy all server and client certificates --- contrib/verify-tc-certificates.sh | 45 +++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 contrib/verify-tc-certificates.sh diff --git a/contrib/verify-tc-certificates.sh b/contrib/verify-tc-certificates.sh new file mode 100644 index 00000000..4b9b2015 --- /dev/null +++ b/contrib/verify-tc-certificates.sh @@ -0,0 +1,45 @@ +certs_path="/teddycloud/certs" +echo "-----------------------------------" +echo "Checking teddyCloud certificates..." +echo "-----------------------------------" + +# check server and default client certs +files=( "server/ca.der" "server/ca-key.pem" "server/ca-root.pem" "client/ca.der" "client/client.der" "client/private.der" ) +for file in "${files[@]}" +do + filename=$(echo -en "$file: ") + status=$([ -f "$certs_path/$file" ] && echo -e "\e[32mOK\e[0m" || echo -e "\e[31mFile not found!\e[0m") + # TeddyCloud CA validation + if [[ $file == "server/ca.der" ]]; then + if [ -f "$certs_path/$file" ] && [ $(cat "$certs_path/$file" | grep -c "Teddy.* CA") -eq 0 ]; then + status=$(echo -e "\e[31mWrong server CA, not from Teddycloud!\e[0m") + fi + fi + # Boxine CA validation + if [[ $file == "client/ca.der" ]]; then + if [ -f "$certs_path/$file" ] && [ $(cat "$certs_path/$file" | grep -c "Boxine CA") -eq 0 ]; then + status=$(echo -e "\e[31mWrong client CA, not from Boxine!\e[0m") + fi + fi + printf "%-26s %-10s\n" "$filename" "$status" +done + +# check client certs for each box +client_files=( "ca.der" "client.der" "private.der" ) +for dir in $certs_path/client/*/ +do + box_path=${dir%*/} + box_id=${box_path##*/} + for file in "${client_files[@]}" + do + filename=$(echo -en "$box_id/$file: ") + status=$([ -f "$box_path/$file" ] && echo -e "\e[32mOK\e[0m" || echo -e "\e[31mFile not found!\e[0m") + # Boxine CA validation + if [[ $file == "ca.der" ]]; then + if [ -f "$box_path/$file" ] && [ $(cat "$box_path/$file" | grep -c "Boxine CA") -eq 0 ]; then + status=$(echo -e "\e[31mWrong client CA, not from Boxine!\e[0m") + fi + fi + printf "%-26s %-10s\n" "$filename" "$status" + done +done