/**
* Add a vici certificate blob value given by its file patch
*/
static bool add_file_key_value(vici_req_t *req, char *key, char *value)
{
chunk_t *map;
char *path, buf[PATH_MAX];
if (path_absolute(value))
{
path = value;
}
else
{
path = buf;
snprintf(path, PATH_MAX, "%s%s%s",
SWANCTL_X509CADIR, DIRECTORY_SEPARATOR, value);
}
map = chunk_map(path, FALSE);
if (map)
{
vici_add_key_value(req, key, map->ptr, map->len);
chunk_unmap(map);
return TRUE;
}
else
{
fprintf(stderr, "loading ca certificate '%s' failed: %s\n",
path, strerror(errno));
return FALSE;
}
}
/**
* Load certficiates from a directory
*/
static void load_certs(vici_conn_t *conn, command_format_options_t format,
char *type, char *dir)
{
enumerator_t *enumerator;
struct stat st;
chunk_t *map;
char *path;
enumerator = enumerator_create_directory(dir);
if (enumerator)
{
while (enumerator->enumerate(enumerator, NULL, &path, &st))
{
if (S_ISREG(st.st_mode))
{
map = chunk_map(path, FALSE);
if (map)
{
load_cert(conn, format, path, type, *map);
chunk_unmap(map);
}
else
{
fprintf(stderr, "mapping '%s' failed: %s, skipped\n",
path, strerror(errno));
}
}
}
enumerator->destroy(enumerator);
}
}
END_TEST
/*******************************************************************************
* test for chunk_map and friends
*/
START_TEST(test_chunk_map)
{
chunk_t *map, contents = chunk_from_chars(0x01,0x02,0x03,0x04,0x05);
char *path = "/tmp/strongswan-chunk-map-test";
ck_assert(chunk_write(contents, path, 022, TRUE));
/* read */
map = chunk_map(path, FALSE);
ck_assert(map != NULL);
ck_assert_msg(chunk_equals(*map, contents), "%B", map);
/* altering mapped chunk should not hurt */
*map = chunk_empty;
ck_assert(chunk_unmap(map));
/* write */
map = chunk_map(path, TRUE);
ck_assert(map != NULL);
ck_assert_msg(chunk_equals(*map, contents), "%B", map);
map->ptr[0] = 0x06;
ck_assert(chunk_unmap(map));
/* verify write */
contents.ptr[0] = 0x06;
map = chunk_map(path, FALSE);
ck_assert(map != NULL);
ck_assert_msg(chunk_equals(*map, contents), "%B", map);
ck_assert(chunk_unmap(map));
unlink(path);
}
/**
* load the credential from a file
*/
static void *load_from_file(char *file, credential_type_t type, int subtype,
identification_t *subject, x509_flag_t flags)
{
void *cred;
chunk_t *chunk;
chunk = chunk_map(file, FALSE);
if (!chunk)
{
DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
return NULL;
}
cred = load_from_blob(*chunk, type, subtype, subject, flags);
chunk_unmap(chunk);
return cred;
}
/**
* Load certficiates from a directory
*/
static void load_certs(load_ctx_t *ctx, char *type_str, char *dir)
{
enumerator_t *enumerator;
certificate_type_t type;
x509_flag_t flag;
struct stat st;
chunk_t *map;
char *path, buf[PATH_MAX];
vici_cert_info_from_str(type_str, &type, &flag);
snprintf(buf, sizeof(buf), "%s%s%s", swanctl_dir, DIRECTORY_SEPARATOR, dir);
dir = buf;
enumerator = enumerator_create_directory(dir);
if (enumerator)
{
while (enumerator->enumerate(enumerator, NULL, &path, &st))
{
if (S_ISREG(st.st_mode))
{
map = chunk_map(path, FALSE);
if (map)
{
load_cert(ctx, path, type, flag, *map);
chunk_unmap(map);
}
else
{
fprintf(stderr, "mapping '%s' failed: %s, skipped\n",
path, strerror(errno));
}
}
}
enumerator->destroy(enumerator);
}
}