/**
* Verify PKCS#7 signed-data
*/
static int verify(chunk_t chunk)
{
container_t *container;
pkcs7_t *pkcs7;
enumerator_t *enumerator;
certificate_t *cert;
auth_cfg_t *auth;
chunk_t data;
time_t t;
bool verified = FALSE;
container = lib->creds->create(lib->creds, CRED_CONTAINER, CONTAINER_PKCS7,
BUILD_BLOB_ASN1_DER, chunk, BUILD_END);
if (!container)
{
return 1;
}
if (container->get_type(container) != CONTAINER_PKCS7_SIGNED_DATA)
{
fprintf(stderr, "verification failed, container is %N\n",
container_type_names, container->get_type(container));
container->destroy(container);
return 1;
}
pkcs7 = (pkcs7_t*)container;
enumerator = container->create_signature_enumerator(container);
while (enumerator->enumerate(enumerator, &auth))
{
verified = TRUE;
cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
if (cert)
{
fprintf(stderr, "signed by '%Y'", cert->get_subject(cert));
if (pkcs7->get_attribute(pkcs7, OID_PKCS9_SIGNING_TIME,
enumerator, &data))
{
t = asn1_to_time(&data, ASN1_UTCTIME);
if (t != UNDEFINED_TIME)
{
fprintf(stderr, " at %T", &t, FALSE);
}
free(data.ptr);
}
fprintf(stderr, "\n");
}
}
enumerator->destroy(enumerator);
if (!verified)
{
fprintf(stderr, "no trusted signature found\n");
}
if (verified)
{
if (container->get_data(container, &data))
{
write_to_stream(stdout, data);
free(data.ptr);
}
else
{
verified = FALSE;
}
}
container->destroy(container);
return verified ? 0 : 1;
}
void
gwkjs_debug(GwkjsDebugTopic topic,
const char *format,
...)
{
static FILE *logfp = NULL;
static gboolean debug_log_enabled = FALSE;
static gboolean strace_timestamps = FALSE;
static gboolean checked_for_timestamp = FALSE;
static gboolean print_timestamp = FALSE;
static GTimer *timer = NULL;
const char *prefix;
va_list args;
char *s;
if (!checked_for_timestamp) {
print_timestamp = gwkjs_environment_variable_is_set("GWKJS_DEBUG_TIMESTAMP");
checked_for_timestamp = TRUE;
}
if (print_timestamp && !timer) {
timer = g_timer_new();
}
if (logfp == NULL) {
const char *debug_output = g_getenv("GWKJS_DEBUG_OUTPUT");
if (debug_output != NULL &&
strcmp(debug_output, "stderr") == 0) {
debug_log_enabled = TRUE;
} else if (debug_output != NULL) {
const char *log_file;
char *free_me;
char *c;
/* Allow debug-%u.log for per-pid logfiles as otherwise log
* messages from multiple processes can overwrite each other.
*
* (printf below should be safe as we check '%u' is the only format
* string)
*/
c = strchr((char *) debug_output, '%');
if (c && c[1] == 'u' && !strchr(c+1, '%')) {
free_me = g_strdup_printf(debug_output, (guint)getpid());
log_file = free_me;
} else {
log_file = debug_output;
free_me = NULL;
}
/* avoid truncating in case we're using shared logfile */
logfp = fopen(log_file, "a");
if (!logfp)
fprintf(stderr, "Failed to open log file `%s': %s\n",
log_file, g_strerror(errno));
g_free(free_me);
debug_log_enabled = TRUE;
}
if (logfp == NULL)
logfp = stderr;
strace_timestamps = gwkjs_environment_variable_is_set("GWKJS_STRACE_TIMESTAMPS");
}
/* only strace timestamps if debug
* log wasn't specifically switched on
*/
if (!debug_log_enabled &&
topic != GWKJS_DEBUG_STRACE_TIMESTAMP)
return;
switch (topic) {
case GWKJS_DEBUG_STRACE_TIMESTAMP:
/* return early if strace timestamps are disabled, avoiding
* printf format overhead and so forth.
*/
if (!strace_timestamps)
return;
/* this is a special magic topic for use with
* git clone http://www.gnome.org/~federico/git/performance-scripts.git
* http://www.gnome.org/~federico/news-2006-03.html#timeline-tools
*/
prefix = "MARK";
break;
case GWKJS_DEBUG_GI_USAGE:
prefix = "JS GI USE";
break;
case GWKJS_DEBUG_MEMORY:
prefix = "JS MEMORY";
break;
case GWKJS_DEBUG_CONTEXT:
prefix = "JS CTX";
break;
case GWKJS_DEBUG_IMPORTER:
prefix = "JS IMPORT";
break;
case GWKJS_DEBUG_NATIVE:
prefix = "JS NATIVE";
break;
case GWKJS_DEBUG_KEEP_ALIVE:
prefix = "JS KP ALV";
break;
case GWKJS_DEBUG_GREPO:
prefix = "JS G REPO";
break;
case GWKJS_DEBUG_GNAMESPACE:
prefix = "JS G NS";
break;
case GWKJS_DEBUG_GOBJECT:
prefix = "JS G OBJ";
break;
case GWKJS_DEBUG_GFUNCTION:
prefix = "JS G FUNC";
break;
case GWKJS_DEBUG_GFUNDAMENTAL:
prefix = "JS G FNDMTL";
break;
case GWKJS_DEBUG_GCLOSURE:
prefix = "JS G CLSR";
break;
case GWKJS_DEBUG_GBOXED:
prefix = "JS G BXD";
break;
case GWKJS_DEBUG_GENUM:
prefix = "JS G ENUM";
break;
case GWKJS_DEBUG_GPARAM:
prefix = "JS G PRM";
break;
case GWKJS_DEBUG_DATABASE:
prefix = "JS DB";
break;
case GWKJS_DEBUG_RESULTSET:
prefix = "JS RS";
break;
case GWKJS_DEBUG_WEAK_HASH:
prefix = "JS WEAK";
break;
case GWKJS_DEBUG_MAINLOOP:
prefix = "JS MAINLOOP";
break;
case GWKJS_DEBUG_PROPS:
prefix = "JS PROPS";
break;
case GWKJS_DEBUG_SCOPE:
prefix = "JS SCOPE";
break;
case GWKJS_DEBUG_HTTP:
prefix = "JS HTTP";
break;
case GWKJS_DEBUG_BYTE_ARRAY:
prefix = "JS BYTE ARRAY";
break;
case GWKJS_DEBUG_GERROR:
prefix = "JS G ERR";
break;
default:
prefix = "???";
break;
}
if (!is_allowed_prefix(prefix))
return;
va_start (args, format);
s = g_strdup_vprintf (format, args);
va_end (args);
if (topic == GWKJS_DEBUG_STRACE_TIMESTAMP) {
/* Put a magic string in strace output */
char *s2;
s2 = g_strdup_printf("%s: gwkjs: %s",
prefix, s);
access(s2, F_OK);
g_free(s2);
} else {
if (print_timestamp) {
static gdouble previous = 0.0;
gdouble total = g_timer_elapsed(timer, NULL) * 1000.0;
gdouble since = total - previous;
const char *ts_suffix;
char *s2;
if (since > 50.0) {
ts_suffix = "!! ";
} else if (since > 100.0) {
ts_suffix = "!!! ";
} else if (since > 200.0) {
ts_suffix = "!!!!";
} else {
ts_suffix = " ";
}
s2 = g_strdup_printf("%g %s%s",
total, ts_suffix, s);
g_free(s);
s = s2;
previous = total;
}
write_to_stream(logfp, prefix, s);
}
g_free(s);
}