diff options
Diffstat (limited to 'src/pki')
-rw-r--r-- | src/pki/Makefile.in | 12 | ||||
-rw-r--r-- | src/pki/command.c | 27 | ||||
-rw-r--r-- | src/pki/command.h | 6 | ||||
-rw-r--r-- | src/pki/commands/issue.c | 16 | ||||
-rw-r--r-- | src/pki/commands/keyid.c | 9 | ||||
-rw-r--r-- | src/pki/commands/print.c | 7 | ||||
-rw-r--r-- | src/pki/commands/pub.c | 9 | ||||
-rw-r--r-- | src/pki/commands/req.c | 8 | ||||
-rw-r--r-- | src/pki/commands/self.c | 8 | ||||
-rw-r--r-- | src/pki/commands/verify.c | 8 | ||||
-rw-r--r-- | src/pki/man/Makefile.in | 12 | ||||
-rw-r--r-- | src/pki/man/pki---issue.1.in | 2 | ||||
-rw-r--r-- | src/pki/pki.c | 2 |
13 files changed, 99 insertions, 27 deletions
diff --git a/src/pki/Makefile.in b/src/pki/Makefile.in index 1101366d1..461d958da 100644 --- a/src/pki/Makefile.in +++ b/src/pki/Makefile.in @@ -231,8 +231,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -300,6 +298,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -388,12 +391,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -408,6 +415,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/pki/command.c b/src/pki/command.c index 984da59b4..b6966ee0b 100644 --- a/src/pki/command.c +++ b/src/pki/command.c @@ -29,7 +29,7 @@ /** * Registered commands. */ -command_t cmds[MAX_COMMANDS]; +static command_t cmds[MAX_COMMANDS]; /** * active command. @@ -55,12 +55,12 @@ static options_t *options; /** * Global options used by all subcommands */ -static struct option command_opts[MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS]; +static struct option command_opts[MAX_COMMANDS > MAX_OPTIONS ? MAX_COMMANDS : MAX_OPTIONS]; /** * Global optstring used by all subcommands */ -static char command_optstring[(MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS) * 3]; +static char command_optstring[(MAX_COMMANDS > MAX_OPTIONS ? MAX_COMMANDS : MAX_OPTIONS) * 3]; /** * Build command_opts/command_optstr for the active command @@ -140,23 +140,37 @@ void command_register(command_t command) { int i; + if (registered == MAX_COMMANDS) + { + fprintf(stderr, "unable to register command, please increase " + "MAX_COMMANDS\n"); + return; + } + cmds[registered] = command; /* append default options, but not to --help */ if (!active) { for (i = 0; i < countof(cmds[registered].options) - 1; i++) { - if (cmds[registered].options[i].name) + if (!cmds[registered].options[i].name) { - continue; + break; } + } + if (i > countof(cmds[registered].options) - 3) + { + fprintf(stderr, "command '%s' registered too many options, please " + "increase MAX_OPTIONS\n", command.cmd); + } + else + { cmds[registered].options[i++] = (command_option_t) { "debug", 'v', 1, "set debug level, default: 1" }; cmds[registered].options[i++] = (command_option_t) { "options", '+', 1, "read command line options from file" }; - break; } } registered++; @@ -260,4 +274,3 @@ int command_dispatch(int c, char *v[]) } return command_usage(c > 1 ? "invalid operation" : NULL); } - diff --git a/src/pki/command.h b/src/pki/command.h index 1a884fb73..737f4658d 100644 --- a/src/pki/command.h +++ b/src/pki/command.h @@ -22,12 +22,12 @@ #define COMMAND_H_ /** - * Maximum number of commands. + * Maximum number of commands (+1). */ -#define MAX_COMMANDS 10 +#define MAX_COMMANDS 11 /** - * Maximum number of options in a command (+1) + * Maximum number of options in a command (+3) */ #define MAX_OPTIONS 32 diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c index 000f63d1a..d5c33b89f 100644 --- a/src/pki/commands/issue.c +++ b/src/pki/commands/issue.c @@ -14,6 +14,7 @@ */ #include <time.h> +#include <errno.h> #include "pki.h" @@ -382,7 +383,12 @@ static int issue() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "%s: ", strerror(errno)); + error = "reading certificate request failed"; + goto end; + } cert_req = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_PKCS10_REQUEST, BUILD_BLOB, chunk, BUILD_END); @@ -425,7 +431,12 @@ static int issue() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "%s: ", strerror(errno)); + error = "reading public key failed"; + goto end; + } public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); @@ -562,4 +573,3 @@ static void __attribute__ ((constructor))reg() } }); } - diff --git a/src/pki/commands/keyid.c b/src/pki/commands/keyid.c index 353670e32..64bb3cc2c 100644 --- a/src/pki/commands/keyid.c +++ b/src/pki/commands/keyid.c @@ -13,6 +13,8 @@ * for more details. */ +#include <errno.h> + #include "pki.h" #include <credentials/certificates/certificate.h> @@ -89,7 +91,11 @@ static int keyid() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "reading input failed: %s\n", strerror(errno)); + return 1; + } cred = lib->creds->create(lib->creds, type, subtype, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); @@ -165,4 +171,3 @@ static void __attribute__ ((constructor))reg() } }); } - diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c index 2261e44ff..077c1ef3e 100644 --- a/src/pki/commands/print.c +++ b/src/pki/commands/print.c @@ -22,6 +22,7 @@ #include <selectors/traffic_selector.h> #include <time.h> +#include <errno.h> /** * Print public key information @@ -510,7 +511,11 @@ static int print() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "reading input failed: %s\n", strerror(errno)); + return 1; + } cred = lib->creds->create(lib->creds, type, subtype, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c index 7f88055ef..260044c4e 100644 --- a/src/pki/commands/pub.c +++ b/src/pki/commands/pub.c @@ -13,6 +13,8 @@ * for more details. */ +#include <errno.h> + #include "pki.h" #include <credentials/certificates/certificate.h> @@ -108,7 +110,11 @@ static int pub() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "reading input failed: %s\n", strerror(errno)); + return 1; + } cred = lib->creds->create(lib->creds, type, subtype, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); @@ -186,4 +192,3 @@ static void __attribute__ ((constructor))reg() } }); } - diff --git a/src/pki/commands/req.c b/src/pki/commands/req.c index 628463e7b..5b2c128b7 100644 --- a/src/pki/commands/req.c +++ b/src/pki/commands/req.c @@ -16,6 +16,7 @@ */ #include <time.h> +#include <errno.h> #include "pki.h" @@ -118,7 +119,12 @@ static int req() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "reading private key failed: %s\n", strerror(errno)); + error = ""; + goto end; + } private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c index 6bf0b1353..c28c9c291 100644 --- a/src/pki/commands/self.c +++ b/src/pki/commands/self.c @@ -14,6 +14,7 @@ */ #include <time.h> +#include <errno.h> #include "pki.h" @@ -273,7 +274,12 @@ static int self() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "%s: ", strerror(errno)); + error = "reading private key failed"; + goto end; + } private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); diff --git a/src/pki/commands/verify.c b/src/pki/commands/verify.c index 96b2b5065..f30dda94d 100644 --- a/src/pki/commands/verify.c +++ b/src/pki/commands/verify.c @@ -13,6 +13,8 @@ * for more details. */ +#include <errno.h> + #include "pki.h" #include <credentials/certificates/certificate.h> @@ -57,7 +59,11 @@ static int verify() { chunk_t chunk; - chunk = chunk_from_fd(0); + if (!chunk_from_fd(0, &chunk)) + { + fprintf(stderr, "reading certificate failed: %s\n", strerror(errno)); + return 1; + } cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, BUILD_BLOB, chunk, BUILD_END); free(chunk.ptr); diff --git a/src/pki/man/Makefile.in b/src/pki/man/Makefile.in index ecba4a9b3..edbde85b5 100644 --- a/src/pki/man/Makefile.in +++ b/src/pki/man/Makefile.in @@ -170,8 +170,6 @@ BTLIB = @BTLIB@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ -CHECK_CFLAGS = @CHECK_CFLAGS@ -CHECK_LIBS = @CHECK_LIBS@ COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ @@ -239,6 +237,11 @@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -327,12 +330,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ pki_plugins = @pki_plugins@ plugindir = @plugindir@ pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ @@ -347,6 +354,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ starter_plugins = @starter_plugins@ strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ sysconfdir = @sysconfdir@ systemdsystemunitdir = @systemdsystemunitdir@ t_plugins = @t_plugins@ diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in index 9effd9b15..3fad1ae8a 100644 --- a/src/pki/man/pki---issue.1.in +++ b/src/pki/man/pki---issue.1.in @@ -1,4 +1,4 @@ -.TH "PKI \-\-ISSUE" 8 "2013-08-12" "@PACKAGE_VERSION@" "strongSwan" +.TH "PKI \-\-ISSUE" 1 "2013-08-12" "@PACKAGE_VERSION@" "strongSwan" . .SH "NAME" . diff --git a/src/pki/pki.c b/src/pki/pki.c index ecc0702cd..eb614dd7f 100644 --- a/src/pki/pki.c +++ b/src/pki/pki.c @@ -168,7 +168,7 @@ static void remove_callback() int main(int argc, char *argv[]) { atexit(library_deinit); - if (!library_init(NULL)) + if (!library_init(NULL, "pki")) { exit(SS_RC_LIBSTRONGSWAN_INTEGRITY); } |