/**
* gnutls_certificate_set_openpgp_key_file2 - Used to set OpenPGP keys
* @res: the destination context to save the data.
* @certfile: the file that contains the public key.
* @keyfile: the file that contains the secret key.
* @subkey_id: a hex encoded subkey id
* @format: the format of the keys
*
* This funtion is used to load OpenPGP keys into the GnuTLS credential
* structure. The files should contain non encrypted keys.
*
* The special keyword "auto" is also accepted as @subkey_id. In that
* case the gnutls_openpgp_crt_get_auth_subkey() will be used to
* retrieve the subkey.
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative error value.
*
* Since: 2.4.0
**/
int
gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t res,
const char *certfile,
const char *keyfile,
const char *subkey_id,
gnutls_openpgp_crt_fmt_t format)
{
struct stat statbuf;
gnutls_datum_t key, cert;
int rc;
size_t size;
if (!res || !keyfile || !certfile)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
if (stat (certfile, &statbuf) || stat (keyfile, &statbuf))
{
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
cert.data = read_binary_file (certfile, &size);
cert.size = (unsigned int) size;
if (cert.data == NULL)
{
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
key.data = read_binary_file (keyfile, &size);
key.size = (unsigned int) size;
if (key.data == NULL)
{
gnutls_assert ();
free (cert.data);
return GNUTLS_E_FILE_ERROR;
}
rc =
gnutls_certificate_set_openpgp_key_mem2 (res, &cert, &key, subkey_id,
format);
free (cert.data);
free (key.data);
if (rc < 0)
{
gnutls_assert ();
return rc;
}
return 0;
}
/**
* gnutls_x509_trust_list_add_trust_file:
* @list: The structure of the list
* @ca_file: A file containing a list of CAs (optional)
* @crl_file: A file containing a list of CRLs (optional)
* @type: The format of the certificates
* @tl_flags: GNUTLS_TL_*
* @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
*
* This function will add the given certificate authorities
* to the trusted list. pkcs11 URLs are also accepted, instead
* of files, by this function.
*
* Returns: The number of added elements is returned.
*
* Since: 3.1
**/
int
gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list,
const char* ca_file,
const char* crl_file,
gnutls_x509_crt_fmt_t type,
unsigned int tl_flags,
unsigned int tl_vflags)
{
gnutls_datum_t cas = { NULL, 0 };
gnutls_datum_t crls = { NULL, 0 };
size_t size;
int ret;
#ifdef ENABLE_PKCS11
if (strncmp (ca_file, "pkcs11:", 7) == 0)
{
ret = import_pkcs11_url(list, ca_file, tl_flags);
if (ret < 0)
return gnutls_assert_val(ret);
}
else
#endif
{
cas.data = (void*)read_binary_file (ca_file, &size);
if (cas.data == NULL)
{
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
cas.size = size;
}
if (crl_file)
{
crls.data = (void*)read_binary_file (crl_file, &size);
if (crls.data == NULL)
{
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
crls.size = size;
}
ret = gnutls_x509_trust_list_add_trust_mem(list, &cas, &crls, type, tl_flags, tl_vflags);
free(crls.data);
free(cas.data);
return ret;
}
/* Load the CA's private key.
*/
gnutls_privkey_t
load_ca_private_key (common_info_st * info)
{
gnutls_privkey_t key;
gnutls_datum_t dat;
size_t size;
if (info->ca_privkey == NULL)
error (EXIT_FAILURE, 0, "missing --load-ca-privkey");
if (gnutls_url_is_supported(info->ca_privkey) != 0)
return _load_url_privkey(info->ca_privkey);
dat.data = (void*)read_binary_file (info->ca_privkey, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-ca-privkey: %s",
info->ca_privkey);
key = _load_privkey(&dat, info);
free (dat.data);
return key;
}
static void verify_response(gnutls_datum_t *nonce)
{
gnutls_datum_t dat;
size_t size;
gnutls_x509_crt_t signer;
int v;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_RESPONSE),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading response\n");
exit(1);
}
dat.size = size;
signer = load_signer();
v = _verify_response(&dat, nonce, signer);
if (v && !HAVE_OPT(IGNORE_ERRORS))
exit(1);
}
/**
* gnutls_certificate_set_openpgp_keyring_file - Sets a keyring file for OpenPGP
* @c: A certificate credentials structure
* @file: filename of the keyring.
* @format: format of keyring.
*
* The function is used to set keyrings that will be used internally
* by various OpenPGP functions. For example to find a key when it
* is needed for an operations. The keyring will also be used at the
* verification functions.
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative error value.
**/
int
gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c,
const char *file,
gnutls_openpgp_crt_fmt_t format)
{
gnutls_datum_t ring;
size_t size;
int rc;
if (!c || !file)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
ring.data = read_binary_file (file, &size);
ring.size = (unsigned int) size;
if (ring.data == NULL)
{
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
rc =
gnutls_certificate_set_openpgp_keyring_mem (c, ring.data, ring.size,
format);
free (ring.data);
return rc;
}
QueryEngine::QueryEngine(const char * filepath){
//Create filepaths
std::string basepath(filepath);
std::string path_to_hashtable = basepath + "/probing_hash.dat";
std::string path_to_data_bin = basepath + "/binfile.dat";
std::string path_to_vocabid = basepath + "/vocabid.dat";
//Read config file
std::string line;
std::ifstream config ((basepath + "/config").c_str());
getline(config, line);
int tablesize = atoi(line.c_str()); //Get tablesize.
getline(config, line);
largest_entry = atoi(line.c_str()); //Set largest_entry.
config.close();
//Mmap binary table
struct stat filestatus;
stat(path_to_data_bin.c_str(), &filestatus);
binary_filesize = filestatus.st_size;
binary_mmaped = read_binary_file(path_to_data_bin.c_str(), binary_filesize);
//Read hashtable
size_t table_filesize = Table::Size(tablesize, 1.2);
mem = readTable(path_to_hashtable.c_str(), table_filesize);
Table table_init(mem, table_filesize);
table = table_init;
//Read vocabid
read_map(&vocabids, path_to_vocabid.c_str());
std::cout << "Initialized successfully! " << std::endl;
}
static gnutls_x509_crt_t
load_cert (const char *cert_file)
{
gnutls_x509_crt_t crt;
int ret;
gnutls_datum_t data;
size_t size;
ret = gnutls_x509_crt_init (&crt);
if (ret < 0)
exit (1);
data.data = (void *) read_binary_file (cert_file, &size);
data.size = size;
if (!data.data)
{
fprintf (stderr, "Cannot open file: %s\n", cert_file);
exit (1);
}
ret = gnutls_x509_crt_import (crt, &data, GNUTLS_X509_FMT_PEM);
free (data.data);
if (ret < 0)
{
fprintf (stderr, "Cannot import certificate in %s: %s\n",
cert_file, gnutls_strerror (ret));
exit (1);
}
return crt;
}
/* Load the CA's private key.
*/
gnutls_privkey_t
load_ca_private_key (common_info_st * info)
{
gnutls_privkey_t key;
gnutls_datum_t dat;
size_t size;
if (info->ca_privkey == NULL)
error (EXIT_FAILURE, 0, "missing --load-ca-privkey");
#ifdef ENABLE_PKCS11
if (strncmp(info->ca_privkey, "pkcs11:", 7) == 0)
return _load_pkcs11_privkey(info->ca_privkey);
#endif
dat.data = read_binary_file (info->ca_privkey, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-ca-privkey: %s",
info->ca_privkey);
key = _load_privkey(&dat, info);
free (dat.data);
return key;
}
/* Loads the CA's certificate
*/
gnutls_x509_crt_t
load_ca_cert (common_info_st * info)
{
gnutls_x509_crt_t crt;
int ret;
gnutls_datum_t dat;
size_t size;
if (info->ca == NULL)
error (EXIT_FAILURE, 0, "missing --load-ca-certificate");
ret = gnutls_x509_crt_init (&crt);
if (ret < 0)
error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
dat.data = read_binary_file (info->ca, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s",
info->ca);
ret = gnutls_x509_crt_import (crt, &dat, info->incert_format);
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-ca-certificate: %s: %s",
info->ca, gnutls_strerror (ret));
return crt;
}
static void
request_info (void)
{
gnutls_ocsp_req_t req;
int ret;
gnutls_datum_t dat;
size_t size;
ret = gnutls_ocsp_req_init (&req);
if (ret < 0)
error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret));
if (HAVE_OPT(LOAD_REQUEST))
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_REQUEST), &size);
else
dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading request");
dat.size = size;
ret = gnutls_ocsp_req_import (req, &dat);
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing request: %s", gnutls_strerror (ret));
ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &dat);
if (ret != 0)
error (EXIT_FAILURE, 0, "ocsp_req_print: %s", gnutls_strerror (ret));
printf ("%.*s", dat.size, dat.data);
gnutls_free (dat.data);
gnutls_ocsp_req_deinit (req);
}
/* Load the Certificate Request.
*/
gnutls_x509_crq_t
load_request (common_info_st * info)
{
gnutls_x509_crq_t crq;
int ret;
gnutls_datum_t dat;
size_t size;
if (!info->request)
return NULL;
ret = gnutls_x509_crq_init (&crq);
if (ret < 0)
error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret));
dat.data = read_binary_file (info->request, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-request: %s", info->request);
ret = gnutls_x509_crq_import (crq, &dat, info->incert_format);
if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
{
error (EXIT_FAILURE, 0,
"import error: could not find a valid PEM header");
}
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-request: %s: %s",
info->request, gnutls_strerror (ret));
return crq;
}
/* Load the CA's private key.
*/
gnutls_privkey_t load_ca_private_key(common_info_st * info)
{
gnutls_privkey_t key;
gnutls_datum_t dat;
size_t size;
if (info->ca_privkey == NULL) {
fprintf(stderr, "missing --load-ca-privkey\n");
exit(1);
}
if (gnutls_url_is_supported(info->ca_privkey) != 0)
return _load_url_privkey(info->ca_privkey);
dat.data = (void *) read_binary_file(info->ca_privkey, &size);
dat.size = size;
if (!dat.data) {
fprintf(stderr, "reading --load-ca-privkey: %s\n",
info->ca_privkey);
exit(1);
}
key = _load_privkey(&dat, info);
free(dat.data);
return key;
}
static gnutls_x509_crt_t
load_cert (void)
{
gnutls_x509_crt_t crt;
int ret;
gnutls_datum_t dat;
size_t size;
if (!HAVE_OPT(LOAD_CERT))
error (EXIT_FAILURE, 0, "missing --load-cert");
ret = gnutls_x509_crt_init (&crt);
if (ret < 0)
error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_CERT), &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-cert: %s", OPT_ARG(LOAD_CERT));
ret = gnutls_x509_crt_import (crt, &dat, encoding);
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-cert: %s: %s",
OPT_ARG(LOAD_CERT), gnutls_strerror (ret));
return crt;
}
/*
* Test the passing of bad userid/password values to est_proxy_init to make sure
* they're error checked.
*/
static void us894_test27 (void)
{
unsigned char *cacerts = NULL;
int cacerts_len = 0;
BIO *certin, *keyin;
X509 *x;
EVP_PKEY *priv_key;
int rv;
EST_CTX *ctx;
LOG_FUNC_NM;
/*
* Read in the CA certificates
*/
cacerts_len = read_binary_file(US894_CACERT, &cacerts);
CU_ASSERT(cacerts_len > 0);
/*
* Read the server cert
*/
certin = BIO_new(BIO_s_file_internal());
rv = BIO_read_filename(certin, US894_SERVER_CERT);
CU_ASSERT(rv > 0);
x = PEM_read_bio_X509(certin, NULL, NULL, NULL);
CU_ASSERT(x != NULL);
BIO_free(certin);
/*
* Read the server key
*/
keyin = BIO_new(BIO_s_file_internal());
rv = BIO_read_filename(keyin, US894_SERVER_KEY);
CU_ASSERT(rv > 0);
priv_key = PEM_read_bio_PrivateKey(keyin, NULL, NULL, NULL);
CU_ASSERT(priv_key != NULL);
BIO_free(keyin);
/*
* Attempt to init EST proxy using NULL userid
*/
est_init_logger(EST_LOG_LVL_INFO, NULL);
ctx = est_proxy_init(cacerts, cacerts_len, cacerts, cacerts_len,
EST_CERT_FORMAT_PEM,
"estrealm", x, priv_key,
NULL, "estpwd");
CU_ASSERT(ctx == NULL);
ctx = est_proxy_init(cacerts, cacerts_len, cacerts, cacerts_len,
EST_CERT_FORMAT_PEM,
"estrealm", x, priv_key,
"bad_userid_too_long_xxxxxxxxxxxx",
"estpwd");
CU_ASSERT(ctx == NULL);
X509_free(x);
EVP_PKEY_free(priv_key);
}
/* Reads a certificate file
*/
static int
read_cert_file(gnutls_certificate_credentials_t res,
gnutls_privkey_t key,
const char *certfile, gnutls_x509_crt_fmt_t type)
{
int ret;
size_t size;
char *data;
if (gnutls_url_is_supported(certfile)) {
return read_cert_url(res, key, certfile);
}
data = read_binary_file(certfile, &size);
if (data == NULL) {
gnutls_assert();
return GNUTLS_E_FILE_ERROR;
}
ret = read_cert_mem(res, key, data, size, type);
free(data);
return ret;
}
/*
* Read a section of a file, returning it as bytea
*/
Datum
pg_read_binary_file(PG_FUNCTION_ARGS)
{
text *filename_t = PG_GETARG_TEXT_PP(0);
int64 seek_offset = 0;
int64 bytes_to_read = -1;
bool missing_ok = false;
char *filename;
bytea *result;
/* handle optional arguments */
if (PG_NARGS() >= 3)
{
seek_offset = PG_GETARG_INT64(1);
bytes_to_read = PG_GETARG_INT64(2);
if (bytes_to_read < 0)
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("requested length cannot be negative")));
}
if (PG_NARGS() >= 4)
missing_ok = PG_GETARG_BOOL(3);
filename = convert_and_check_filename(filename_t);
result = read_binary_file(filename, seek_offset,
bytes_to_read, missing_ok);
if (result)
PG_RETURN_BYTEA_P(result);
else
PG_RETURN_NULL();
}
static pskc_t *
get_container (const struct gengetopt_args_info *args_info)
{
const char *filename = args_info->inputs ? args_info->inputs[0] : NULL;
int strict = args_info->strict_flag;
pskc_t *container;
char *buffer;
size_t len;
int rc;
rc = pskc_init (&container);
if (rc != PSKC_OK)
error (EXIT_FAILURE, 0, "initializing PSKC structure: %s",
pskc_strerror (rc));
if (filename)
buffer = read_binary_file (filename, &len);
else
buffer = fread_file (stdin, &len);
if (buffer == NULL)
error (EXIT_FAILURE, errno, "read");
rc = pskc_parse_from_memory (container, len, buffer);
if (!strict && rc == PSKC_PARSE_ERROR)
fprintf (stderr, "warning: parse error (use -d to diagnose), output "
"may be incomplete\n");
else if (rc != PSKC_OK)
error (EXIT_FAILURE, 0, "parsing PSKC data: %s", pskc_strerror (rc));
free (buffer);
return container;
}
QueryEngine::QueryEngine(const char * filepath) : decoder(filepath){
//Create filepaths
std::string basepath(filepath);
std::string path_to_hashtable = basepath + "/probing_hash.dat";
std::string path_to_data_bin = basepath + "/binfile.dat";
std::string path_to_source_vocabid = basepath + "/source_vocabids";
///Source phrase vocabids
read_map(&source_vocabids, path_to_source_vocabid.c_str());
//Target phrase vocabIDs
vocabids = decoder.get_target_lookup_map();
//Read config file
std::string line;
std::ifstream config ((basepath + "/config").c_str());
getline(config, line);
int tablesize = atoi(line.c_str()); //Get tablesize.
config.close();
//Mmap binary table
struct stat filestatus;
stat(path_to_data_bin.c_str(), &filestatus);
binary_filesize = filestatus.st_size;
binary_mmaped = read_binary_file(path_to_data_bin.c_str(), binary_filesize);
//Read hashtable
size_t table_filesize = Table::Size(tablesize, 1.2);
mem = readTable(path_to_hashtable.c_str(), table_filesize);
Table table_init(mem, table_filesize);
table = table_init;
std::cerr << "Initialized successfully! " << std::endl;
}
/**
* gnutls_x509_trust_list_remove_trust_file:
* @list: The list
* @ca_file: A file containing a list of CAs
* @type: The format of the certificates
*
* This function will remove the given certificate authorities
* from the trusted list, and add them into a black list when needed.
* PKCS 11 URLs are also accepted, instead
* of files, by this function.
*
* See also gnutls_x509_trust_list_remove_cas().
*
* Returns: The number of added elements is returned.
*
* Since: 3.1.10
**/
int
gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t list,
const char *ca_file,
gnutls_x509_crt_fmt_t type)
{
gnutls_datum_t cas = { NULL, 0 };
size_t size;
int ret;
#ifdef ENABLE_PKCS11
if (strncmp(ca_file, "pkcs11:", 7) == 0) {
if (is_pkcs11_url_object(ca_file) != 0) {
return remove_pkcs11_object_url(list, ca_file);
} else { /* token */
return remove_pkcs11_url(list, ca_file);
}
} else
#endif
{
cas.data = (void *) read_binary_file(ca_file, &size);
if (cas.data == NULL) {
gnutls_assert();
return GNUTLS_E_FILE_ERROR;
}
cas.size = size;
}
ret = gnutls_x509_trust_list_remove_trust_mem(list, &cas, type);
free(cas.data);
return ret;
}
std::string read_text_file(const std::string& path)
{
#if 1
const auto vec = read_binary_file(path);
return std::string(begin(vec), end(vec));
#else
ifstream file;
file.open(path.c_str());
std::string content = "";
std::string line;
if (!file.is_open()) {
ABORT_F("Failed to open '%s'", path.c_str());
}
while (!file.eof()) {
getline(file, line);
content += line + "\n";
}
file.close();
return content;
#endif
}
/* Load the private key.
* @mand should be non zero if it is required to read a private key.
*/
gnutls_x509_privkey_t
load_x509_private_key (int mand, common_info_st * info)
{
gnutls_x509_privkey_t key;
int ret;
gnutls_datum_t dat;
size_t size;
unsigned int flags = 0;
const char* pass;
if (!info->privkey && !mand)
return NULL;
if (info->privkey == NULL)
error (EXIT_FAILURE, 0, "missing --load-privkey");
ret = gnutls_x509_privkey_init (&key);
if (ret < 0)
error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
dat.data = (void*)read_binary_file (info->privkey, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey);
if (info->pkcs8)
{
pass = get_password (info, &flags, 0);
ret =
gnutls_x509_privkey_import_pkcs8 (key, &dat, info->incert_format,
pass, flags);
}
else
{
ret = gnutls_x509_privkey_import2 (key, &dat, info->incert_format, NULL, 0);
if (ret == GNUTLS_E_DECRYPTION_FAILED)
{
pass = get_password (info, &flags, 0);
ret = gnutls_x509_privkey_import2 (key, &dat, info->incert_format, pass, flags);
}
}
free (dat.data);
if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
{
error (EXIT_FAILURE, 0,
"import error: could not find a valid PEM header; "
"check if your key is PKCS #12 encoded");
}
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s",
info->privkey, gnutls_strerror (ret));
return key;
}
static int read_level_file(void)
{
char name[MAX_OSPATH];
size_t len, maxlen;
int index;
len = Q_snprintf(name, MAX_QPATH, "save/" SAVE_CURRENT "/%s.sv2", sv.name);
if (len >= MAX_QPATH)
return -1;
if (read_binary_file(name))
return -1;
if (MSG_ReadLong() != SAVE_MAGIC2)
return -1;
if (MSG_ReadLong() != SAVE_VERSION)
return -1;
// any error will drop from this point
// the rest can't underflow
msg_read.allowunderflow = qfalse;
// read all configstrings
while (1) {
index = MSG_ReadShort();
if (index == MAX_CONFIGSTRINGS)
break;
if (index < 0 || index > MAX_CONFIGSTRINGS)
Com_Error(ERR_DROP, "Bad savegame configstring index");
maxlen = CS_SIZE(index);
len = MSG_ReadString(sv.configstrings[index], maxlen);
if (len >= maxlen)
Com_Error(ERR_DROP, "Savegame configstring too long");
}
len = MSG_ReadByte();
if (len > MAX_MAP_PORTAL_BYTES)
Com_Error(ERR_DROP, "Savegame portalbits too long");
SV_ClearWorld();
CM_SetPortalStates(&sv.cm, MSG_ReadData(len), len);
// read game level
len = Q_snprintf(name, MAX_OSPATH, "%s/save/" SAVE_CURRENT "/%s.sav",
fs_gamedir, sv.name);
if (len >= MAX_OSPATH)
Com_Error(ERR_DROP, "Savegame path too long");
ge->ReadLevel(name);
return 0;
}
/* Helper functions to load a certificate and key
* files into memory.
*/
static gnutls_datum_t
load_file (const char *file)
{
gnutls_datum_t loaded_file = { NULL, 0 };
size_t length;
loaded_file.data = read_binary_file (file, &length);
if (loaded_file.data)
loaded_file.size = (unsigned int) length;
return loaded_file;
}
/*
* Similar to read_binary_file, but we verify that the contents are valid
* in the database encoding.
*/
static text *
read_text_file(const char *filename, int64 seek_offset, int64 bytes_to_read)
{
bytea *buf;
buf = read_binary_file(filename, seek_offset, bytes_to_read);
/* Make sure the input is valid */
pg_verifymbstr(VARDATA(buf), VARSIZE(buf) - VARHDRSZ, false);
/* OK, we can cast it to text safely */
return (text *) buf;
}
/* Load a public key.
* @mand should be non zero if it is required to read a public key.
*/
gnutls_pubkey_t load_pubkey(int mand, common_info_st * info)
{
gnutls_pubkey_t key;
int ret;
gnutls_datum_t dat;
size_t size;
if (!info->pubkey && !mand)
return NULL;
if (info->pubkey == NULL) {
fprintf(stderr, "missing --load-pubkey\n");
exit(1);
}
if (gnutls_url_is_supported(info->pubkey) != 0)
return _load_url_pubkey(info->pubkey);
ret = gnutls_pubkey_init(&key);
if (ret < 0) {
fprintf(stderr, "privkey_init: %s\n", gnutls_strerror(ret));
exit(1);
}
dat.data = (void *) read_binary_file(info->pubkey, &size);
dat.size = size;
if (!dat.data) {
fprintf(stderr, "reading --load-pubkey: %s\n", info->pubkey);
exit(1);
}
ret = gnutls_pubkey_import(key, &dat, info->incert_format);
free(dat.data);
if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) {
fprintf(stderr,
"import error: could not find a valid PEM header; "
"check if your key has the PUBLIC KEY header\n");
exit(1);
}
if (ret < 0) {
fprintf(stderr, "importing --load-pubkey: %s: %s\n",
info->pubkey, gnutls_strerror(ret));
exit(1);
}
return key;
}
char *SV_GetSaveInfo(const char *dir)
{
char name[MAX_QPATH], date[MAX_QPATH];
size_t len;
uint64_t timestamp;
int autosave, year;
time_t t;
struct tm *tm;
len = Q_snprintf(name, MAX_QPATH, "save/%s/server.ssv", dir);
if (len >= MAX_QPATH)
return NULL;
if (read_binary_file(name))
return NULL;
if (MSG_ReadLong() != SAVE_MAGIC1)
return NULL;
if (MSG_ReadLong() != SAVE_VERSION)
return NULL;
// read the comment field
timestamp = (uint64_t)MSG_ReadLong();
timestamp |= (uint64_t)MSG_ReadLong() << 32;
autosave = MSG_ReadByte();
MSG_ReadString(name, sizeof(name));
if (autosave)
return Z_CopyString(va("ENTERING %s", name));
// get current year
t = time(NULL);
tm = localtime(&t);
year = tm ? tm->tm_year : -1;
// format savegame date
t = (time_t)timestamp;
if ((tm = localtime(&t)) != NULL) {
if (tm->tm_year == year)
strftime(date, sizeof(date), "%b %d %H:%M", tm);
else
strftime(date, sizeof(date), "%b %d %Y", tm);
} else {
strcpy(date, "???");
}
return Z_CopyString(va("%s %s", date, name));
}
/*
* Read the whole of a file, returning it as bytea
*/
Datum
pg_read_binary_file_all(PG_FUNCTION_ARGS)
{
text *filename_t = PG_GETARG_TEXT_P(0);
char *filename;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to read files"))));
filename = convert_and_check_filename(filename_t);
PG_RETURN_BYTEA_P(read_binary_file(filename, 0, -1));
}
static void
verify_response (void)
{
gnutls_datum_t dat;
size_t size;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_RESPONSE), &size);
else
dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading response");
dat.size = size;
_verify_response(&dat);
}
/* Load a public key.
* @mand should be non zero if it is required to read a public key.
*/
gnutls_pubkey_t
load_pubkey (int mand, common_info_st * info)
{
gnutls_pubkey_t key;
int ret;
gnutls_datum_t dat;
size_t size;
if (!info->pubkey && !mand)
return NULL;
if (info->pubkey == NULL)
error (EXIT_FAILURE, 0, "missing --load-pubkey");
#ifdef ENABLE_PKCS11
if (strncmp(info->pubkey, "pkcs11:", 7) == 0)
return _load_pkcs11_pubkey(info->pubkey);
#endif
ret = gnutls_pubkey_init (&key);
if (ret < 0)
error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
dat.data = read_binary_file (info->pubkey, &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-pubkey: %s", info->pubkey);
ret = gnutls_pubkey_import (key, &dat, info->incert_format);
free (dat.data);
if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
{
error (EXIT_FAILURE, 0,
"import error: could not find a valid PEM header; "
"check if your key has the PUBLIC KEY header");
}
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-pubkey: %s: %s",
info->pubkey, gnutls_strerror (ret));
return key;
}
/*
* This routine is called when CUnit initializes this test
* suite. This can be used to allocate data or open any
* resources required for all the test cases.
*/
static int us1060_init_suite (void)
{
int rv;
est_init_logger(EST_LOG_LVL_INFO, &us1060_logger_stderr);
/*
* Start an instance of the EST server with
* automatic enrollment enabled.
*/
rv = us1060_start_server(US1060_SERVER_CERTKEY, US1060_SERVER_CERTKEY, 0, 0, 1);
/*
* Start an instance of the proxy with SRP enabled
*/
rv = st_proxy_start_srp(US1060_PROXY_PORT,
US1060_SERVER_CERTKEY, US1060_SERVER_CERTKEY,
"US1060 proxy realm",
US1060_CACERTS,
US1060_TRUST_CERTS,
US1060_UID,
US1060_PWD,
US1060_SERVER_IP,
US1060_SERVER_PORT,
0,
US1060_VFILE);
/*
* Read in the CA certificates
* Used for client-side API testing
*/
cacerts_len = read_binary_file(US1060_CACERTS, &cacerts);
if (cacerts_len <= 0) {
return 1;
}
srpdb = SRP_VBASE_new(NULL);
if (!srpdb) {
printf("\nUnable allocate SRP verifier database. Aborting!!!\n");
}
if (SRP_VBASE_init(srpdb, US1060_VFILE) != SRP_NO_ERROR) {
printf("\nUnable initialize SRP verifier database. Aborting!!!\n");
}
return rv;
}
