Exemplo n.º 1
0
/**
 * Load certficiates from a directory
 */
static void load_certs(load_ctx_t *ctx, char *type_str, char *dir)
{
	enumerator_t *enumerator;
	certificate_type_t type;
	x509_flag_t flag;
	struct stat st;
	chunk_t *map;
	char *path;

	vici_cert_info_from_str(type_str, &type, &flag);

	enumerator = enumerator_create_directory(dir);
	if (enumerator)
	{
		while (enumerator->enumerate(enumerator, NULL, &path, &st))
		{
			if (S_ISREG(st.st_mode))
			{
				map = chunk_map(path, FALSE);
				if (map)
				{
					load_cert(ctx, path, type, flag, *map);
					chunk_unmap(map);
				}
				else
				{
					fprintf(stderr, "mapping '%s' failed: %s, skipped\n",
							path, strerror(errno));
				}
			}
		}
		enumerator->destroy(enumerator);
	}
}
Exemplo n.º 2
0
/**
 * Add a vici certificate blob value given by its file patch
 */
static bool add_file_key_value(vici_req_t *req, char *key, char *value)
{
	chunk_t *map;
	char *path, buf[PATH_MAX];

	if (path_absolute(value))
	{
		path = value;
	}
	else
	{
		path = buf;
		snprintf(path, PATH_MAX, "%s%s%s",
				 SWANCTL_X509CADIR, DIRECTORY_SEPARATOR, value);
	}
	map = chunk_map(path, FALSE);

	if (map)
	{
		vici_add_key_value(req, key, map->ptr, map->len);
		chunk_unmap(map);
		return TRUE;
	}
	else
	{
		fprintf(stderr, "loading ca certificate '%s' failed: %s\n",
				path, strerror(errno));
		return FALSE;
	}
}
/**
 * Load certficiates from a directory
 */
static void load_certs(vici_conn_t *conn, command_format_options_t format,
					   char *type, char *dir)
{
	enumerator_t *enumerator;
	struct stat st;
	chunk_t *map;
	char *path;

	enumerator = enumerator_create_directory(dir);
	if (enumerator)
	{
		while (enumerator->enumerate(enumerator, NULL, &path, &st))
		{
			if (S_ISREG(st.st_mode))
			{
				map = chunk_map(path, FALSE);
				if (map)
				{
					load_cert(conn, format, path, type, *map);
					chunk_unmap(map);
				}
				else
				{
					fprintf(stderr, "mapping '%s' failed: %s, skipped\n",
							path, strerror(errno));
				}
			}
		}
		enumerator->destroy(enumerator);
	}
}
Exemplo n.º 4
0
END_TEST

/*******************************************************************************
 * test for chunk_map and friends
 */

START_TEST(test_chunk_map)
{
	chunk_t *map, contents = chunk_from_chars(0x01,0x02,0x03,0x04,0x05);
	char *path = "/tmp/strongswan-chunk-map-test";

	ck_assert(chunk_write(contents, path, 022, TRUE));

	/* read */
	map = chunk_map(path, FALSE);
	ck_assert(map != NULL);
	ck_assert_msg(chunk_equals(*map, contents), "%B", map);
	/* altering mapped chunk should not hurt */
	*map = chunk_empty;
	ck_assert(chunk_unmap(map));

	/* write */
	map = chunk_map(path, TRUE);
	ck_assert(map != NULL);
	ck_assert_msg(chunk_equals(*map, contents), "%B", map);
	map->ptr[0] = 0x06;
	ck_assert(chunk_unmap(map));

	/* verify write */
	contents.ptr[0] = 0x06;
	map = chunk_map(path, FALSE);
	ck_assert(map != NULL);
	ck_assert_msg(chunk_equals(*map, contents), "%B", map);
	ck_assert(chunk_unmap(map));

	unlink(path);
}
Exemplo n.º 5
0
/**
 * load the credential from a file
 */
static void *load_from_file(char *file, credential_type_t type, int subtype,
							identification_t *subject, x509_flag_t flags)
{
	void *cred;
	chunk_t *chunk;

	chunk = chunk_map(file, FALSE);
	if (!chunk)
	{
		DBG1(DBG_LIB, "  opening '%s' failed: %s", file, strerror(errno));
		return NULL;
	}
	cred = load_from_blob(*chunk, type, subtype, subject, flags);
	chunk_unmap(chunk);
	return cred;
}
Exemplo n.º 6
0
void *
chunk_alloc_dss(size_t size, size_t alignment, bool *zero)
{
	void *ret;

	cassert(config_dss);
	assert(size > 0 && (size & chunksize_mask) == 0);
	assert(alignment > 0 && (alignment & chunksize_mask) == 0);

	/*
	 * sbrk() uses a signed increment argument, so take care not to
	 * interpret a huge allocation request as a negative increment.
	 */
	if ((intptr_t)size < 0)
		return (NULL);

	malloc_mutex_lock(&dss_mtx);
	if (dss_prev != (void *)-1) {
		size_t gap_size, cpad_size;
		void *cpad, *dss_next;
		intptr_t incr;

		/*
		 * The loop is necessary to recover from races with other
		 * threads that are using the DSS for something other than
		 * malloc.
		 */
		do {
			/* Get the current end of the DSS. */
			dss_max = chunk_dss_sbrk(0);
			/*
			 * Calculate how much padding is necessary to
			 * chunk-align the end of the DSS.
			 */
			gap_size = (chunksize - CHUNK_ADDR2OFFSET(dss_max)) &
			    chunksize_mask;
			/*
			 * Compute how much chunk-aligned pad space (if any) is
			 * necessary to satisfy alignment.  This space can be
			 * recycled for later use.
			 */
			cpad = (void *)((uintptr_t)dss_max + gap_size);
			ret = (void *)ALIGNMENT_CEILING((uintptr_t)dss_max,
			    alignment);
			cpad_size = (uintptr_t)ret - (uintptr_t)cpad;
			dss_next = (void *)((uintptr_t)ret + size);
			if ((uintptr_t)ret < (uintptr_t)dss_max ||
			    (uintptr_t)dss_next < (uintptr_t)dss_max) {
				/* Wrap-around. */
				malloc_mutex_unlock(&dss_mtx);
				return (NULL);
			}
			incr = gap_size + cpad_size + size;
			dss_prev = chunk_dss_sbrk(incr);
			if (dss_prev == dss_max) {
				/* Success. */
				dss_max = dss_next;
				malloc_mutex_unlock(&dss_mtx);
				if (cpad_size != 0)
					chunk_unmap(cpad, cpad_size);
				if (*zero) {
					VALGRIND_MAKE_MEM_UNDEFINED(ret, size);
					memset(ret, 0, size);
				}
				return (ret);
			}
		} while (dss_prev != (void *)-1);
	}
	malloc_mutex_unlock(&dss_mtx);

	return (NULL);
}