Beispiel #1
0
/****************
 * This is our log function which prints all log messages to stderr or
 * using the function defined with gcry_set_log_handler().
 */
static void
_gcry_logv( int level, const char *fmt, va_list arg_ptr )
{
  if (log_handler)
    log_handler (log_handler_value, level, fmt, arg_ptr);
  else 
    {
      switch (level) 
        {
        case GCRY_LOG_CONT:  break;
        case GCRY_LOG_INFO:  break;
        case GCRY_LOG_WARN:  break;
        case GCRY_LOG_ERROR: break;
        case GCRY_LOG_FATAL: fputs("Fatal: ",stderr ); break;
        case GCRY_LOG_BUG:   fputs("Ohhhh jeeee: ", stderr); break;
        case GCRY_LOG_DEBUG: fputs("DBG: ", stderr ); break;
        default: fprintf(stderr,"[Unknown log level %d]: ", level ); break;
	}
      vfprintf(stderr,fmt,arg_ptr) ;
    }
  
  if ( level == GCRY_LOG_FATAL || level == GCRY_LOG_BUG )
    {
      fips_signal_fatal_error ("internal error (fatal or bug)");
      _gcry_secmem_term ();
      abort ();
    }
}
Beispiel #2
0
/*
 * This function is called for fatal errors.  A caller might want to
 * set his own handler because this function simply calls abort().
 */
void
_gcry_fatal_error (int rc, const char *text)
{
  if ( !text ) /* get a default text */
    text = gpg_strerror (rc);

  if (fatal_error_handler && !fips_mode () )
    fatal_error_handler (fatal_error_handler_value, rc, text);

  fips_signal_fatal_error (text);
  write2stderr("\nFatal error: ");
  write2stderr(text);
  write2stderr("\n");
  _gcry_secmem_term ();
  abort ();
}
Beispiel #3
0
gcry_error_t
gcry_control (enum gcry_ctl_cmds cmd, ...)
{
  gcry_err_code_t err = GPG_ERR_NO_ERROR;
  static int init_finished = 0;
  va_list arg_ptr;
  
  va_start (arg_ptr, cmd);
  switch (cmd)
    {
    case GCRYCTL_ENABLE_M_GUARD:
      _gcry_private_enable_m_guard ();
      break;

    case GCRYCTL_ENABLE_QUICK_RANDOM:
      _gcry_quick_random_gen (1);
      break;

    case 51:  /* Should be GCRYCTL_FAKED_RANDOM_P but we want to sneak
                 that into the API for the sake of GnuPG 1.9 - there
                 we check the error code and print a warning message
                 if that call is not supported.  The literal number is
                 used there as well. */
      /* Return an error if the RNG is faked one (i.e. enabled by
         ENABLE_QUICK_RANDOM. */
      if (_gcry_random_is_faked ())
        err = GPG_ERR_GENERAL;
      break;


    case GCRYCTL_DUMP_RANDOM_STATS:
      _gcry_random_dump_stats ();
      break;

    case GCRYCTL_DUMP_MEMORY_STATS:
      /*m_print_stats("[fixme: prefix]");*/
      break;

    case GCRYCTL_DUMP_SECMEM_STATS:
      _gcry_secmem_dump_stats ();
      break;

    case GCRYCTL_DROP_PRIVS:
      global_init ();
      _gcry_secmem_init (0);
      break;

    case GCRYCTL_DISABLE_SECMEM:
      global_init ();
      no_secure_memory = 1;
      break;    

    case GCRYCTL_INIT_SECMEM:
      global_init ();
      _gcry_secmem_init (va_arg (arg_ptr, unsigned int));
      if ((_gcry_secmem_get_flags () & GCRY_SECMEM_FLAG_NOT_LOCKED))
        err = GPG_ERR_GENERAL;
      break;

    case GCRYCTL_TERM_SECMEM:
      global_init ();
      _gcry_secmem_term ();
      break;

    case GCRYCTL_DISABLE_SECMEM_WARN:
      _gcry_secmem_set_flags ((_gcry_secmem_get_flags ()
			       | GCRY_SECMEM_FLAG_NO_WARNING));
      break;

    case GCRYCTL_SUSPEND_SECMEM_WARN:
      _gcry_secmem_set_flags ((_gcry_secmem_get_flags ()
			       | GCRY_SECMEM_FLAG_SUSPEND_WARNING));
      break;

    case GCRYCTL_RESUME_SECMEM_WARN:
      _gcry_secmem_set_flags ((_gcry_secmem_get_flags ()
			       & ~GCRY_SECMEM_FLAG_SUSPEND_WARNING));
      break;

    case GCRYCTL_USE_SECURE_RNDPOOL:
      global_init ();
      _gcry_secure_random_alloc (); /* put random number into secure memory */
      break;

    case GCRYCTL_SET_RANDOM_SEED_FILE:
      _gcry_set_random_seed_file (va_arg (arg_ptr, const char *));
      break;

    case GCRYCTL_UPDATE_RANDOM_SEED_FILE:
      _gcry_update_random_seed_file ();
      break;

    case GCRYCTL_SET_VERBOSITY:
      _gcry_set_log_verbosity (va_arg (arg_ptr, int));
      break;

    case GCRYCTL_SET_DEBUG_FLAGS:
      debug_flags |= va_arg (arg_ptr, unsigned int);
      break;

    case GCRYCTL_CLEAR_DEBUG_FLAGS:
      debug_flags &= ~va_arg (arg_ptr, unsigned int);
      break;

    case GCRYCTL_DISABLE_INTERNAL_LOCKING:
      global_init ();
      break;

    case GCRYCTL_ANY_INITIALIZATION_P:
      if (any_init_done)
	err = GPG_ERR_GENERAL;
      break;

    case GCRYCTL_INITIALIZATION_FINISHED_P:
      if (init_finished)
	err = GPG_ERR_GENERAL;
      break;

    case GCRYCTL_INITIALIZATION_FINISHED:
      /* This is a hook which should be used by an application after
	 all initialization has been done and right before any threads
	 are started.  It is not really needed but the only way to be
	 really sure that all initialization for thread-safety has
	 been done. */
        if (! init_finished)
	  {
            global_init ();
            /* Do only a basic random initialization, i.e. init the
               mutexes. */
            _gcry_random_initialize (0);
            init_finished = 1;
	  }
        break;

    case GCRYCTL_SET_THREAD_CBS:
      err = ath_install (va_arg (arg_ptr, void *), any_init_done);
      break;

    case GCRYCTL_FAST_POLL:
      /* We need to do make sure that the random pool is really
         initialized so that the poll fucntion is not a NOP. */
      _gcry_random_initialize (1);
      _gcry_fast_random_poll (); 
      break;

    default:
      err = GPG_ERR_INV_OP;
    }

  va_end(arg_ptr);
  return gcry_error (err);
}