summaryrefslogtreecommitdiff
path: root/src/pki
diff options
context:
space:
mode:
Diffstat (limited to 'src/pki')
-rw-r--r--src/pki/Makefile.in12
-rw-r--r--src/pki/command.c27
-rw-r--r--src/pki/command.h6
-rw-r--r--src/pki/commands/issue.c16
-rw-r--r--src/pki/commands/keyid.c9
-rw-r--r--src/pki/commands/print.c7
-rw-r--r--src/pki/commands/pub.c9
-rw-r--r--src/pki/commands/req.c8
-rw-r--r--src/pki/commands/self.c8
-rw-r--r--src/pki/commands/verify.c8
-rw-r--r--src/pki/man/Makefile.in12
-rw-r--r--src/pki/man/pki---issue.1.in2
-rw-r--r--src/pki/pki.c2
13 files changed, 99 insertions, 27 deletions
diff --git a/src/pki/Makefile.in b/src/pki/Makefile.in
index 1101366d1..461d958da 100644
--- a/src/pki/Makefile.in
+++ b/src/pki/Makefile.in
@@ -231,8 +231,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -300,6 +298,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -388,12 +391,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -408,6 +415,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/pki/command.c b/src/pki/command.c
index 984da59b4..b6966ee0b 100644
--- a/src/pki/command.c
+++ b/src/pki/command.c
@@ -29,7 +29,7 @@
/**
* Registered commands.
*/
-command_t cmds[MAX_COMMANDS];
+static command_t cmds[MAX_COMMANDS];
/**
* active command.
@@ -55,12 +55,12 @@ static options_t *options;
/**
* Global options used by all subcommands
*/
-static struct option command_opts[MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS];
+static struct option command_opts[MAX_COMMANDS > MAX_OPTIONS ? MAX_COMMANDS : MAX_OPTIONS];
/**
* Global optstring used by all subcommands
*/
-static char command_optstring[(MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS) * 3];
+static char command_optstring[(MAX_COMMANDS > MAX_OPTIONS ? MAX_COMMANDS : MAX_OPTIONS) * 3];
/**
* Build command_opts/command_optstr for the active command
@@ -140,23 +140,37 @@ void command_register(command_t command)
{
int i;
+ if (registered == MAX_COMMANDS)
+ {
+ fprintf(stderr, "unable to register command, please increase "
+ "MAX_COMMANDS\n");
+ return;
+ }
+
cmds[registered] = command;
/* append default options, but not to --help */
if (!active)
{
for (i = 0; i < countof(cmds[registered].options) - 1; i++)
{
- if (cmds[registered].options[i].name)
+ if (!cmds[registered].options[i].name)
{
- continue;
+ break;
}
+ }
+ if (i > countof(cmds[registered].options) - 3)
+ {
+ fprintf(stderr, "command '%s' registered too many options, please "
+ "increase MAX_OPTIONS\n", command.cmd);
+ }
+ else
+ {
cmds[registered].options[i++] = (command_option_t) {
"debug", 'v', 1, "set debug level, default: 1"
};
cmds[registered].options[i++] = (command_option_t) {
"options", '+', 1, "read command line options from file"
};
- break;
}
}
registered++;
@@ -260,4 +274,3 @@ int command_dispatch(int c, char *v[])
}
return command_usage(c > 1 ? "invalid operation" : NULL);
}
-
diff --git a/src/pki/command.h b/src/pki/command.h
index 1a884fb73..737f4658d 100644
--- a/src/pki/command.h
+++ b/src/pki/command.h
@@ -22,12 +22,12 @@
#define COMMAND_H_
/**
- * Maximum number of commands.
+ * Maximum number of commands (+1).
*/
-#define MAX_COMMANDS 10
+#define MAX_COMMANDS 11
/**
- * Maximum number of options in a command (+1)
+ * Maximum number of options in a command (+3)
*/
#define MAX_OPTIONS 32
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index 000f63d1a..d5c33b89f 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -14,6 +14,7 @@
*/
#include <time.h>
+#include <errno.h>
#include "pki.h"
@@ -382,7 +383,12 @@ static int issue()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "%s: ", strerror(errno));
+ error = "reading certificate request failed";
+ goto end;
+ }
cert_req = lib->creds->create(lib->creds, CRED_CERTIFICATE,
CERT_PKCS10_REQUEST,
BUILD_BLOB, chunk, BUILD_END);
@@ -425,7 +431,12 @@ static int issue()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "%s: ", strerror(errno));
+ error = "reading public key failed";
+ goto end;
+ }
public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
@@ -562,4 +573,3 @@ static void __attribute__ ((constructor))reg()
}
});
}
-
diff --git a/src/pki/commands/keyid.c b/src/pki/commands/keyid.c
index 353670e32..64bb3cc2c 100644
--- a/src/pki/commands/keyid.c
+++ b/src/pki/commands/keyid.c
@@ -13,6 +13,8 @@
* for more details.
*/
+#include <errno.h>
+
#include "pki.h"
#include <credentials/certificates/certificate.h>
@@ -89,7 +91,11 @@ static int keyid()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "reading input failed: %s\n", strerror(errno));
+ return 1;
+ }
cred = lib->creds->create(lib->creds, type, subtype,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
@@ -165,4 +171,3 @@ static void __attribute__ ((constructor))reg()
}
});
}
-
diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c
index 2261e44ff..077c1ef3e 100644
--- a/src/pki/commands/print.c
+++ b/src/pki/commands/print.c
@@ -22,6 +22,7 @@
#include <selectors/traffic_selector.h>
#include <time.h>
+#include <errno.h>
/**
* Print public key information
@@ -510,7 +511,11 @@ static int print()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "reading input failed: %s\n", strerror(errno));
+ return 1;
+ }
cred = lib->creds->create(lib->creds, type, subtype,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c
index 7f88055ef..260044c4e 100644
--- a/src/pki/commands/pub.c
+++ b/src/pki/commands/pub.c
@@ -13,6 +13,8 @@
* for more details.
*/
+#include <errno.h>
+
#include "pki.h"
#include <credentials/certificates/certificate.h>
@@ -108,7 +110,11 @@ static int pub()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "reading input failed: %s\n", strerror(errno));
+ return 1;
+ }
cred = lib->creds->create(lib->creds, type, subtype,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
@@ -186,4 +192,3 @@ static void __attribute__ ((constructor))reg()
}
});
}
-
diff --git a/src/pki/commands/req.c b/src/pki/commands/req.c
index 628463e7b..5b2c128b7 100644
--- a/src/pki/commands/req.c
+++ b/src/pki/commands/req.c
@@ -16,6 +16,7 @@
*/
#include <time.h>
+#include <errno.h>
#include "pki.h"
@@ -118,7 +119,12 @@ static int req()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "reading private key failed: %s\n", strerror(errno));
+ error = "";
+ goto end;
+ }
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index 6bf0b1353..c28c9c291 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -14,6 +14,7 @@
*/
#include <time.h>
+#include <errno.h>
#include "pki.h"
@@ -273,7 +274,12 @@ static int self()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "%s: ", strerror(errno));
+ error = "reading private key failed";
+ goto end;
+ }
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
diff --git a/src/pki/commands/verify.c b/src/pki/commands/verify.c
index 96b2b5065..f30dda94d 100644
--- a/src/pki/commands/verify.c
+++ b/src/pki/commands/verify.c
@@ -13,6 +13,8 @@
* for more details.
*/
+#include <errno.h>
+
#include "pki.h"
#include <credentials/certificates/certificate.h>
@@ -57,7 +59,11 @@ static int verify()
{
chunk_t chunk;
- chunk = chunk_from_fd(0);
+ if (!chunk_from_fd(0, &chunk))
+ {
+ fprintf(stderr, "reading certificate failed: %s\n", strerror(errno));
+ return 1;
+ }
cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
diff --git a/src/pki/man/Makefile.in b/src/pki/man/Makefile.in
index ecba4a9b3..edbde85b5 100644
--- a/src/pki/man/Makefile.in
+++ b/src/pki/man/Makefile.in
@@ -170,8 +170,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -239,6 +237,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -327,12 +330,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -347,6 +354,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in
index 9effd9b15..3fad1ae8a 100644
--- a/src/pki/man/pki---issue.1.in
+++ b/src/pki/man/pki---issue.1.in
@@ -1,4 +1,4 @@
-.TH "PKI \-\-ISSUE" 8 "2013-08-12" "@PACKAGE_VERSION@" "strongSwan"
+.TH "PKI \-\-ISSUE" 1 "2013-08-12" "@PACKAGE_VERSION@" "strongSwan"
.
.SH "NAME"
.
diff --git a/src/pki/pki.c b/src/pki/pki.c
index ecc0702cd..eb614dd7f 100644
--- a/src/pki/pki.c
+++ b/src/pki/pki.c
@@ -168,7 +168,7 @@ static void remove_callback()
int main(int argc, char *argv[])
{
atexit(library_deinit);
- if (!library_init(NULL))
+ if (!library_init(NULL, "pki"))
{
exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
}