logsig: milestone/verfier: record hashes are verified

author: Rainer Gerhards <rgerhards@adiscon.com> 2013-03-17 13:06:02 +0100
committer: Rainer Gerhards <rgerhards@adiscon.com> 2013-03-17 13:06:02 +0100
commit: d2467c38d42f590deecd807741324fc0e5522a8a (patch)
tree: c9d56cee1e0119ba9bd5f516a68bd7e1269712fe /runtime/lmsig_gt.c
parent: 44b4922825df794f678cd4ad18d940ff114b943f (diff)
download: rsyslog-d2467c38d42f590deecd807741324fc0e5522a8a.tar.gz
rsyslog-d2467c38d42f590deecd807741324fc0e5522a8a.tar.bz2
rsyslog-d2467c38d42f590deecd807741324fc0e5522a8a.zip
1 files changed, 10 insertions, 2 deletions
diff --git a/runtime/lmsig_gt.c b/runtime/lmsig_gt.c
index 021cd9f8..54a795a1 100644
--- a/runtime/lmsig_gt.c
+++ b/runtime/lmsig_gt.c
@@ -130,12 +130,20 @@ dbgprintf("DDDD: onFileOpen: %s\n", fn);
 	RETiRet;
 }
 
+/* Note: we assume that the record is terminated by a \n.
+ * As of the GuardTime paper, \n is not part of the signed
+ * message, so we subtract one from the record size. This
+ * may cause issues with non-standard formats, but let's 
+ * see how things evolve (the verifier will not work in
+ * any case when the records are not \n delimited...).
+ * rgerhards, 2013-03-17
+ */
 static rsRetVal
 OnRecordWrite(void *pF, uchar *rec, rs_size_t lenRec)
 {
 	DEFiRet;
-dbgprintf("DDDD: onRecordWrite (%d): %s\n", lenRec, rec);
-	sigblkAddRecord(pF, rec, lenRec);
+dbgprintf("DDDD: onRecordWrite (%d): %s\n", lenRec-1, rec);
+	sigblkAddRecord(pF, rec, lenRec-1);
 
 	RETiRet;
 }
author	Rainer Gerhards <rgerhards@adiscon.com>	2013-03-17 13:06:02 +0100
committer	Rainer Gerhards <rgerhards@adiscon.com>	2013-03-17 13:06:02 +0100
commit	d2467c38d42f590deecd807741324fc0e5522a8a (patch)
tree	c9d56cee1e0119ba9bd5f516a68bd7e1269712fe /runtime/lmsig_gt.c
parent	44b4922825df794f678cd4ad18d940ff114b943f (diff)
download	rsyslog-d2467c38d42f590deecd807741324fc0e5522a8a.tar.gz rsyslog-d2467c38d42f590deecd807741324fc0e5522a8a.tar.bz2 rsyslog-d2467c38d42f590deecd807741324fc0e5522a8a.zip