static void tryCVS(const char *path, const char **vers_, time_t * date_, const char **lock_) { char working[MAXPATHLEN]; char *leaf; char *s; CVS_WORK *cache; if (strlen(path) >= sizeof(working)) return; if ((leaf = fleaf(path)) == 0) return; strcpy(working, path); if ((s = fleaf_delim(working)) != 0) *s = EOS; /* * Look for cached data for this working directory. */ for (cache = my_work; cache != 0; cache = cache->next) { if (!strcmp(cache->working, working)) { if (check_timestamp(cache)) { break; } if (read_from_cache(cache, leaf, vers_, date_, lock_)) return; } } /* * If we did not find it in the cache list, or our cache is obsolete, * look for new information. */ if (cache == 0) { cache = typealloc(CVS_WORK); cache->next = my_work; my_work = cache; cache->timestamp = 0; cache->working = txtalloc(working); cache->num_entries = 0; cache->Entries = 0; cache->Repository = 0; cache->Root = 0; read_entries(cache); (void) check_timestamp(cache); } else { read_entries(cache); } (void) read_from_cache(cache, leaf, vers_, date_, lock_); }
int pmiWrite(int sec, int usec) { int sts; if (current == NULL) return PM_ERR_NOCONTEXT; if (current->result == NULL) return current->last_sts = PMI_ERR_NODATA; if (sec < 0) { pmtimevalNow(¤t->result->timestamp); } else { current->result->timestamp.tv_sec = sec; current->result->timestamp.tv_usec = usec; } if ((sts = check_timestamp()) == 0) { sts = _pmi_put_result(current, current->result); current->last_stamp = current->result->timestamp; } pmFreeResult(current->result); current->result = NULL; return current->last_sts = sts; }
/** * Validate a given file service s. Events are posted according to * its configuration. In case of a fatal event FALSE is returned. */ int check_file(Service_T s) { struct stat stat_buf; ASSERT(s); if (stat(s->path, &stat_buf) != 0) { Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "file doesn't exist"); return FALSE; } else { s->inf->st_mode = stat_buf.st_mode; if (s->inf->priv.file.st_ino == 0) { s->inf->priv.file.st_ino_prev = stat_buf.st_ino; s->inf->priv.file.readpos = stat_buf.st_size; } else s->inf->priv.file.st_ino_prev = s->inf->priv.file.st_ino; s->inf->priv.file.st_ino = stat_buf.st_ino; s->inf->st_uid = stat_buf.st_uid; s->inf->st_gid = stat_buf.st_gid; s->inf->priv.file.st_size = stat_buf.st_size; s->inf->timestamp = MAX(stat_buf.st_mtime, stat_buf.st_ctime); DEBUG("'%s' file exists check succeeded\n", s->name); Event_post(s, Event_Nonexist, STATE_SUCCEEDED, s->action_NONEXIST, "file exist"); } if (!S_ISREG(s->inf->st_mode)) { Event_post(s, Event_Invalid, STATE_FAILED, s->action_INVALID, "is not a regular file"); return FALSE; } else { DEBUG("'%s' is a regular file\n", s->name); Event_post(s, Event_Invalid, STATE_SUCCEEDED, s->action_INVALID, "is a regular file"); } if (s->checksum) check_checksum(s); if (s->perm) check_perm(s); if (s->uid) check_uid(s); if (s->gid) check_gid(s); if (s->sizelist) check_size(s); if (s->timestamplist) check_timestamp(s); if (s->matchlist) check_match(s); return TRUE; }
int pmiPutResult(const pmResult *result) { int sts; if (current == NULL) return PM_ERR_NOCONTEXT; current->result = (pmResult *)result; if ((sts = check_timestamp()) == 0) { sts = _pmi_put_result(current, current->result); current->last_stamp = current->result->timestamp; } current->result = NULL; return current->last_sts = sts; }
/** * Validate a given fifo service s. Events are posted according to * its configuration. In case of a fatal event FALSE is returned. */ int check_fifo(Service_T s) { struct stat stat_buf; ASSERT(s); if (stat(s->path, &stat_buf) != 0) { Event_post(s, Event_Nonexist, STATE_FAILED, s->action_NONEXIST, "fifo doesn't exist"); return FALSE; } else { s->inf->st_mode = stat_buf.st_mode; s->inf->st_uid = stat_buf.st_uid; s->inf->st_gid = stat_buf.st_gid; s->inf->timestamp = MAX(stat_buf.st_mtime, stat_buf.st_ctime); DEBUG("'%s' fifo exists check succeeded\n", s->name); Event_post(s, Event_Nonexist, STATE_SUCCEEDED, s->action_NONEXIST, "fifo exist"); } if (!S_ISFIFO(s->inf->st_mode)) { Event_post(s, Event_Invalid, STATE_FAILED, s->action_INVALID, "is not fifo"); return FALSE; } else { DEBUG("'%s' is fifo\n", s->name); Event_post(s, Event_Invalid, STATE_SUCCEEDED, s->action_INVALID, "is fifo"); } if (s->perm) check_perm(s); if (s->uid) check_uid(s); if (s->gid) check_gid(s); if (s->timestamplist) check_timestamp(s); return TRUE; }
static int write_func (const void *buf, size_t length) { static DWORD block = 0; if (debug_on < 2) debug_on = 2; if (block == 0) { tot_size = 0UL; start = time (NULL); fname = tftp_boot_local_file; fprintf (stderr, "opening `%s'\n", fname); file = fopen (fname, tftp_openmode ? tftp_openmode : "wb"); } if (!file) { perror (fname); return (-1); } #if defined(__DJGPP__) && 0 /* * Look for optional Watt-32 stubinfo in block 4. * If .exe file isn't newer, kill the connection */ if (block == 4 && is_exe && check_timestamp(buf) < our_timestamp) { close_func(); return (-1); } #endif if (fwrite (buf, 1, length, file) < length) return (-1); tot_size += length; block++; return (0); }
/** * Run SSL handshake and store the resulting time value in the * 'time_map'. * * @param time_map where to store the current time * @param time_is_an_illusion * @param http whether to do an http request and take the date from that * instead. */ static void run_ssl (uint32_t *time_map, int time_is_an_illusion, int http) { entropy_context entropy; ctr_drbg_context ctr_drbg; ssl_context ssl; proxy_polarssl_ctx proxy_ctx; x509_cert cacert; struct stat statbuf; int ret = 0, server_fd = 0; char *pers = "tlsdate-helper"; memset (&ssl, 0, sizeof(ssl_context)); memset (&cacert, 0, sizeof(x509_cert)); verb("V: Using PolarSSL for SSL"); if (ca_racket) { if (-1 == stat (ca_cert_container, &statbuf)) { die("Unable to stat CA certficate container %s", ca_cert_container); } else { switch (statbuf.st_mode & S_IFMT) { case S_IFREG: if (0 > x509parse_crtfile(&cacert, ca_cert_container)) fprintf(stderr, "x509parse_crtfile failed"); break; case S_IFDIR: if (0 > x509parse_crtpath(&cacert, ca_cert_container)) fprintf(stderr, "x509parse_crtpath failed"); break; default: die("Unable to load CA certficate container %s", ca_cert_container); } } } entropy_init (&entropy); if (0 != ctr_drbg_init (&ctr_drbg, entropy_func, &entropy, (unsigned char *) pers, strlen(pers))) { die("Failed to initialize CTR_DRBG"); } if (0 != ssl_init (&ssl)) { die("SSL initialization failed"); } ssl_set_endpoint (&ssl, SSL_IS_CLIENT); ssl_set_rng (&ssl, ctr_drbg_random, &ctr_drbg); ssl_set_ca_chain (&ssl, &cacert, NULL, hostname_to_verify); if (ca_racket) { // You can do SSL_VERIFY_REQUIRED here, but then the check in // inspect_key() never happens as the ssl_handshake() will fail. ssl_set_authmode (&ssl, SSL_VERIFY_OPTIONAL); } if (proxy) { char *scheme; char *proxy_host; char *proxy_port; parse_proxy_uri (proxy, &scheme, &proxy_host, &proxy_port); verb("V: opening socket to proxy %s:%s", proxy_host, proxy_port); if (0 != net_connect (&server_fd, proxy_host, atoi(proxy_port))) { die ("SSL connection failed"); } proxy_polarssl_init (&proxy_ctx); proxy_polarssl_set_bio (&proxy_ctx, net_recv, &server_fd, net_send, &server_fd); proxy_polarssl_set_host (&proxy_ctx, host); proxy_polarssl_set_port (&proxy_ctx, atoi(port)); proxy_polarssl_set_scheme (&proxy_ctx, scheme); ssl_set_bio (&ssl, proxy_polarssl_recv, &proxy_ctx, proxy_polarssl_send, &proxy_ctx); verb("V: Handle proxy connection"); if (0 == proxy_ctx.f_connect (&proxy_ctx)) die("Proxy connection failed"); } else { verb("V: opening socket to %s:%s", host, port); if (0 != net_connect (&server_fd, host, atoi(port))) { die ("SSL connection failed"); } ssl_set_bio (&ssl, net_recv, &server_fd, net_send, &server_fd); } verb("V: starting handshake"); if (0 != ssl_do_handshake_part (&ssl)) die("SSL handshake first part failed"); uint32_t timestamp = ( (uint32_t) ssl.in_msg[6] << 24 ) | ( (uint32_t) ssl.in_msg[7] << 16 ) | ( (uint32_t) ssl.in_msg[8] << 8 ) | ( (uint32_t) ssl.in_msg[9] ); check_timestamp (timestamp); verb("V: continuing handshake"); /* Continue with handshake */ while (0 != (ret = ssl_handshake (&ssl))) { if (POLARSSL_ERR_NET_WANT_READ != ret && POLARSSL_ERR_NET_WANT_WRITE != ret) { die("SSL handshake failed"); } } // Verify the peer certificate against the CA certs on the local system if (ca_racket) { inspect_key (&ssl, hostname_to_verify); } else { verb ("V: Certificate verification skipped!"); } check_key_length (&ssl); memcpy (time_map, ×tamp, sizeof(uint32_t)); proxy_polarssl_free (&proxy_ctx); ssl_free (&ssl); x509_free (&cacert); }