static void verify_response(gnutls_datum_t *nonce)
{
gnutls_datum_t dat;
size_t size;
gnutls_x509_crt_t signer;
int v;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_RESPONSE),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading response\n");
exit(1);
}
dat.size = size;
signer = load_signer();
v = _verify_response(&dat, nonce, signer);
if (v && !HAVE_OPT(IGNORE_ERRORS))
exit(1);
}
static pskc_t *
get_container (const struct gengetopt_args_info *args_info)
{
const char *filename = args_info->inputs ? args_info->inputs[0] : NULL;
int strict = args_info->strict_flag;
pskc_t *container;
char *buffer;
size_t len;
int rc;
rc = pskc_init (&container);
if (rc != PSKC_OK)
error (EXIT_FAILURE, 0, "initializing PSKC structure: %s",
pskc_strerror (rc));
if (filename)
buffer = read_binary_file (filename, &len);
else
buffer = fread_file (stdin, &len);
if (buffer == NULL)
error (EXIT_FAILURE, errno, "read");
rc = pskc_parse_from_memory (container, len, buffer);
if (!strict && rc == PSKC_PARSE_ERROR)
fprintf (stderr, "warning: parse error (use -d to diagnose), output "
"may be incomplete\n");
else if (rc != PSKC_OK)
error (EXIT_FAILURE, 0, "parsing PSKC data: %s", pskc_strerror (rc));
free (buffer);
return container;
}
static char *
internal_read_file (const char *filename, size_t * length, const char *mode)
{
FILE *stream = fopen (filename, mode);
char *out;
int save_errno;
if (!stream)
return NULL;
out = fread_file (stream, length);
save_errno = errno;
if (fclose (stream) != 0)
{
if (out)
{
save_errno = errno;
free (out);
}
errno = save_errno;
return NULL;
}
return out;
}
static void
request_info (void)
{
gnutls_ocsp_req_t req;
int ret;
gnutls_datum_t dat;
size_t size;
ret = gnutls_ocsp_req_init (&req);
if (ret < 0)
error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret));
if (HAVE_OPT(LOAD_REQUEST))
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_REQUEST), &size);
else
dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading request");
dat.size = size;
ret = gnutls_ocsp_req_import (req, &dat);
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing request: %s", gnutls_strerror (ret));
ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &dat);
if (ret != 0)
error (EXIT_FAILURE, 0, "ocsp_req_print: %s", gnutls_strerror (ret));
printf ("%.*s", dat.size, dat.data);
gnutls_free (dat.data);
gnutls_ocsp_req_deinit (req);
}
void dh_info(FILE * infile, FILE * outfile, common_info_st * ci)
{
gnutls_datum_t params;
size_t size;
int ret;
gnutls_dh_params_t dh_params;
gnutls_datum_t p, g;
unsigned int q_bits = 0;
if (gnutls_dh_params_init(&dh_params) < 0) {
fprintf(stderr, "Error in dh parameter initialization\n");
exit(1);
}
params.data = (void *) fread_file(infile, &size);
params.size = size;
ret =
gnutls_dh_params_import_pkcs3(dh_params, ¶ms,
ci->incert_format);
if (ret < 0) {
fprintf(stderr, "Error parsing dh params: %s\n",
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_dh_params_export_raw(dh_params, &p, &g, &q_bits);
if (ret < 0) {
fprintf(stderr, "Error exporting parameters: %s\n",
gnutls_strerror(ret));
exit(1);
}
if (ci->outcert_format == GNUTLS_X509_FMT_PEM)
print_dh_info(outfile, &p, &g, q_bits, ci->cprint);
if (!ci->cprint) { /* generate a PKCS#3 structure */
size_t len = buffer_size;
ret =
gnutls_dh_params_export_pkcs3(dh_params,
ci->outcert_format,
buffer, &len);
if (ret == 0) {
if (ci->outcert_format == GNUTLS_X509_FMT_PEM) {
fprintf(outfile, "\n%s", buffer);
} else {
fwrite(buffer, 1, len, outfile);
}
} else {
fprintf(stderr, "Error: %s\n",
gnutls_strerror(ret));
}
}
gnutls_dh_params_deinit(dh_params);
}
static void
verify_response (void)
{
gnutls_datum_t dat;
size_t size;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_RESPONSE), &size);
else
dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading response");
dat.size = size;
_verify_response(&dat);
}
static void request_info(void)
{
gnutls_ocsp_req_t req;
int ret;
gnutls_datum_t dat;
size_t size;
ret = gnutls_ocsp_req_init(&req);
if (ret < 0) {
fprintf(stderr, "ocsp_req_init: %s\n", gnutls_strerror(ret));
exit(1);
}
if (HAVE_OPT(LOAD_REQUEST))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_REQUEST),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading request\n");
exit(1);
}
dat.size = size;
ret = gnutls_ocsp_req_import(req, &dat);
free(dat.data);
if (ret < 0) {
fprintf(stderr, "error importing request: %s\n",
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_ocsp_req_print(req, GNUTLS_OCSP_PRINT_FULL, &dat);
if (ret != 0) {
fprintf(stderr, "ocsp_req_print: %s\n",
gnutls_strerror(ret));
exit(1);
}
printf("%.*s", dat.size, dat.data);
gnutls_free(dat.data);
gnutls_ocsp_req_deinit(req);
}
int
main (int argc, char *argv[])
{
const char *file_name;
size_t length;
char *input;
set_program_name (argv[0]);
file_name = parse_options (argc, argv);
/* Read from stdin into 'input'. Ensure that 'input' ends in a new-line
followed by a null byte. */
input = (!strcmp (file_name, "-")
? fread_file (stdin, &length)
: read_file (file_name, &length));
if (input == NULL)
error (EXIT_FAILURE, errno, "reading %s failed", file_name);
if (!check_truncations)
{
input = xrealloc (input, length + 3);
if (length == 0 || input[length - 1] != '\n')
input[length++] = '\n';
input[length++] = '\0';
check_segmentation (input, length, true);
}
else
{
size_t test_len;
for (test_len = 0; test_len <= length; test_len++)
{
char *copy = xmemdup0 (input, test_len);
check_segmentation (copy, test_len + 1, false);
free (copy);
}
}
free (input);
return 0;
}
static void response_info(void)
{
gnutls_datum_t dat;
size_t size;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_RESPONSE),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading response\n");
exit(1);
}
dat.size = size;
_response_info(&dat);
gnutls_free(dat.data);
}
/**
* Run a command without using the shell.
*
* return 0 if the command run and exited with 0 status; Otherwise
* return -1
*
*/
int run_program(struct netcf *ncf, const char *const *argv, char **output)
{
pid_t childpid = -1;
int exitstatus, waitret;
char *argv_str;
int ret = -1;
char errbuf[128];
char *outtext = NULL;
int outfd = -1;
FILE *outfile = NULL;
size_t outlen;
if (!output)
output = &outtext;
argv_str = argv_to_string(argv);
ERR_NOMEM(argv_str == NULL, ncf);
exec_program(ncf, argv, argv_str, &childpid, &outfd);
ERR_BAIL(ncf);
printf("Attempting to execute %s\n", argv_str);
outfile = fdopen(outfd, "r");
ERR_THROW_STRERROR(outfile == NULL,ncf, EEXEC,
"Failed to create file stream for output while executing '%s': %s",
argv_str, errbuf);
*output = fread_file(outfile, &outlen);
ERR_THROW_STRERROR(*output == NULL, ncf, EEXEC,
"Error while reading output from execution of '%s': %s",
argv_str, errbuf);
/* finished with the stream. Close it so the child can exit. */
fclose(outfile);
outfile = NULL;
while ((waitret = waitpid(childpid, &exitstatus, 0) == -1) &&
errno == EINTR) {
/* empty loop */
}
ERR_THROW_STRERROR(waitret == -1, ncf, EEXEC,
"Failed waiting for completion of '%s': %s",
argv_str, errbuf);
ERR_THROW(!WIFEXITED(exitstatus) && WIFSIGNALED(exitstatus), ncf, EEXEC,
"'%s' terminated by signal: %d",
argv_str, WTERMSIG(exitstatus));
ERR_THROW(!WIFEXITED(exitstatus), ncf, EEXEC,
"'%s' terminated improperly", argv_str);
ERR_THROW(WEXITSTATUS(exitstatus) == EXIT_ENOENT, ncf, EEXEC,
"Running '%s' program not found", argv_str);
ERR_THROW(WEXITSTATUS(exitstatus) == EXIT_CANNOT_INVOKE, ncf, EEXEC,
"Running '%s' program located but not usable", argv_str);
ERR_THROW(WEXITSTATUS(exitstatus) == EXIT_SIGMASK, ncf, EEXEC,
"Running '%s' failed to reset child process signal mask",
argv_str);
ERR_THROW(WEXITSTATUS(exitstatus) == EXIT_DUP2, ncf, EEXEC,
"Running '%s' failed to dup2 child process stdout/stderr",
argv_str);
ERR_THROW(WEXITSTATUS(exitstatus) == EXIT_INVALID_IN_THIS_STATE, ncf, EINVALIDOP,
"Running '%s' operation is invalid in this state",
argv_str);
ERR_THROW(WEXITSTATUS(exitstatus) != 0, ncf, EEXEC,
"Running '%s' failed with exit code %d: %s",
argv_str, WEXITSTATUS(exitstatus), *output);
ret = 0;
error:
if (outfile)
fclose(outfile);
else if (outfd >= 0)
close(outfd);
FREE(outtext);
FREE(argv_str);
return ret;
}
