static GArray* read_config_file (GError **err) { GError *e = NULL; gboolean ret; GArray *array; gchar *conf, *contents; gchar **lines, **l; g_assert (!err || !*err); if (!err) err = &e; conf = find_config_file (TRUE, err); if (conf == NULL) return NULL; ret = g_file_get_contents (conf, &contents, NULL, err); g_free (conf); if (!ret) return FALSE; lines = g_strsplit (contents, "\n", -1); g_free (contents); array = g_array_new (TRUE, TRUE, sizeof (gchar**)); for (l = lines; *l; l++) g_array_append_val (array, *l); /* We took ownership of the individual lines */ g_free (lines); return array; }
/** * gnutls_verify_stored_pubkey: * @db_name: A file specifying the stored keys (use NULL for the default) * @tdb: A storage structure or NULL to use the default * @host: The peer's name * @service: non-NULL if this key is specific to a service (e.g. http) * @cert_type: The type of the certificate * @cert: The raw (der) data of the certificate * @flags: should be 0. * * This function will try to verify a raw public-key or a public-key provided via * a raw (DER-encoded) certificate using a list of stored public keys. * The @service field if non-NULL should be a port number. * * The @db_name variable if non-null specifies a custom backend for * the retrieval of entries. If it is NULL then the * default file backend will be used. In POSIX-like systems the * file backend uses the $HOME/.gnutls/known_hosts file. * * Note that if the custom storage backend is provided the * retrieval function should return %GNUTLS_E_CERTIFICATE_KEY_MISMATCH * if the host/service pair is found but key doesn't match, * %GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with * the given key is found, and 0 if it was found. The storage * function should return 0 on success. * * As of GnuTLS 3.6.6 this function also verifies raw public keys. * * Returns: If no associated public key is found * then %GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key * is found but does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH * is returned. On success, %GNUTLS_E_SUCCESS (0) is returned, * or a negative error value on other errors. * * Since: 3.0.13 **/ int gnutls_verify_stored_pubkey(const char *db_name, gnutls_tdb_t tdb, const char *host, const char *service, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, unsigned int flags) { gnutls_datum_t pubkey = { NULL, 0 }; // Holds the pubkey in subjectPublicKeyInfo format (DER encoded) int ret; char local_file[MAX_FILENAME]; bool need_free; if (db_name == NULL && tdb == NULL) { ret = find_config_file(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); db_name = local_file; } if (tdb == NULL) tdb = &default_tdb; /* Import the public key depending on the provided certificate type */ switch (cert_type) { case GNUTLS_CRT_X509: /* Extract the pubkey from the cert. This function does a malloc * deep down the call chain. We are responsible for freeing. */ ret = _gnutls_x509_raw_crt_to_raw_pubkey(cert, &pubkey); if (ret < 0) { _gnutls_free_datum(&pubkey); return gnutls_assert_val(ret); } need_free = true; break; case GNUTLS_CRT_RAWPK: pubkey.data = cert->data; pubkey.size = cert->size; need_free = false; break; default: return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE); } // Verify our pubkey against the database ret = tdb->verify(db_name, host, service, &pubkey); if (ret < 0 && ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH) ret = gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND); if (need_free) { _gnutls_free_datum(&pubkey); } return ret; }
/** * gnutls_store_pubkey: * @db_name: A file specifying the stored keys (use NULL for the default) * @tdb: A storage structure or NULL to use the default * @host: The peer's name * @service: non-NULL if this key is specific to a service (e.g. http) * @cert_type: The type of the certificate * @cert: The data of the certificate * @expiration: The expiration time (use 0 to disable expiration) * @flags: should be 0. * * This function will store the provided certificate to * the list of stored public keys. The key will be considered valid until * the provided expiration time. * * The @store variable if non-null specifies a custom backend for * the storage of entries. If it is NULL then the * default file backend will be used. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.0 **/ int gnutls_store_pubkey(const char* db_name, gnutls_tdb_t tdb, const char* host, const char* service, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, time_t expiration, unsigned int flags) { FILE* fd = NULL; gnutls_datum_t pubkey = { NULL, 0 }; int ret; char local_file[MAX_FILENAME]; if (cert_type != GNUTLS_CRT_X509 && cert_type != GNUTLS_CRT_OPENPGP) return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE); if (db_name == NULL && tdb == NULL) { ret = _gnutls_find_config_path(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); _gnutls_debug_log("Configuration path: %s\n", local_file); mkdir(local_file, 0700); ret = find_config_file(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); db_name = local_file; } if (tdb == NULL) tdb = &default_tdb; if (cert_type == GNUTLS_CRT_X509) ret = x509_crt_to_raw_pubkey(cert, &pubkey); else ret = pgp_crt_to_raw_pubkey(cert, &pubkey); if (ret < 0) { gnutls_assert(); goto cleanup; } _gnutls_debug_log("Configuration file: %s\n", db_name); tdb->store(db_name, host, service, expiration, &pubkey); ret = 0; cleanup: gnutls_free(pubkey.data); if (fd != NULL) fclose(fd); return ret; }
/* searches for configuration file and directories, stores them and ensures * existence of some of them */ void set_config_paths(void) { LOG_FUNC_ENTER; find_home_dir(); find_config_dir(); find_config_file(); store_config_paths(); create_config_dir(); }
/** * gnutls_store_commitment: * @db_name: A file specifying the stored keys (use NULL for the default) * @tdb: A storage structure or NULL to use the default * @host: The peer's name * @service: non-NULL if this key is specific to a service (e.g. http) * @hash_algo: The hash algorithm type * @hash: The raw hash * @expiration: The expiration time (use 0 to disable expiration) * @flags: should be 0. * * This function will store the provided hash commitment to * the list of stored public keys. The key with the given * hash will be considered valid until the provided expiration time. * * The @store variable if non-null specifies a custom backend for * the storage of entries. If it is NULL then the * default file backend will be used. * * Note that this function is not thread safe with the default backend. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.0 **/ int gnutls_store_commitment(const char *db_name, gnutls_tdb_t tdb, const char *host, const char *service, gnutls_digest_algorithm_t hash_algo, const gnutls_datum_t * hash, time_t expiration, unsigned int flags) { FILE *fd = NULL; int ret; char local_file[MAX_FILENAME]; const mac_entry_st *me = hash_to_entry(hash_algo); if (me == NULL || _gnutls_digest_is_secure(me) == 0) return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); if (_gnutls_hash_get_algo_len(me) != hash->size) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); if (db_name == NULL && tdb == NULL) { ret = _gnutls_find_config_path(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); _gnutls_debug_log("Configuration path: %s\n", local_file); mkdir(local_file, 0700); ret = find_config_file(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); db_name = local_file; } if (tdb == NULL) tdb = &default_tdb; _gnutls_debug_log("Configuration file: %s\n", db_name); tdb->cstore(db_name, host, service, expiration, (gnutls_digest_algorithm_t)me->id, hash); ret = 0; if (fd != NULL) fclose(fd); return ret; }
void cfg_discover_paths(void) { LOG_FUNC_ENTER; find_home_dir(); find_config_dir(); find_data_dir(); find_config_file(); store_config_paths(); setup_dirs(); }
/** * gnutls_verify_stored_pubkey: * @db_name: A file specifying the stored keys (use NULL for the default) * @tdb: A storage structure or NULL to use the default * @host: The peer's name * @service: non-NULL if this key is specific to a service (e.g. http) * @cert_type: The type of the certificate * @cert: The raw (der) data of the certificate * @flags: should be 0. * * This function will try to verify the provided (raw or DER-encoded) certificate * using a list of stored public keys. The @service field if non-NULL should * be a port number. * * The @retrieve variable if non-null specifies a custom backend for * the retrieval of entries. If it is NULL then the * default file backend will be used. In POSIX-like systems the * file backend uses the $HOME/.gnutls/known_hosts file. * * Note that if the custom storage backend is provided the * retrieval function should return %GNUTLS_E_CERTIFICATE_KEY_MISMATCH * if the host/service pair is found but key doesn't match, * %GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with * the given key is found, and 0 if it was found. The storage * function should return 0 on success. * * Returns: If no associated public key is found * then %GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key * is found but does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH * is returned. On success, %GNUTLS_E_SUCCESS (0) is returned, * or a negative error value on other errors. * * Since: 3.0.13 **/ int gnutls_verify_stored_pubkey(const char *db_name, gnutls_tdb_t tdb, const char *host, const char *service, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, unsigned int flags) { gnutls_datum_t pubkey = { NULL, 0 }; int ret; char local_file[MAX_FILENAME]; if (cert_type != GNUTLS_CRT_X509 && cert_type != GNUTLS_CRT_OPENPGP) return gnutls_assert_val (GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE); if (db_name == NULL && tdb == NULL) { ret = find_config_file(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); db_name = local_file; } if (tdb == NULL) tdb = &default_tdb; if (cert_type == GNUTLS_CRT_X509) ret = x509_crt_to_raw_pubkey(cert, &pubkey); else ret = pgp_crt_to_raw_pubkey(cert, &pubkey); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = tdb->verify(db_name, host, service, &pubkey); if (ret < 0 && ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH) ret = gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND); cleanup: gnutls_free(pubkey.data); return ret; }
static gboolean write_config_file (GArray *array, GError **err) { GError *e = NULL; gchar *conf, *contents; g_assert (!err || !*err); if (!err) err = &e; conf = find_config_file (FALSE, err); if (conf == NULL) return FALSE; contents = g_strjoinv ("\n", (gchar**)(array->data)); bastile_util_write_file_private (conf, contents, err); g_free (contents); return *err ? FALSE : TRUE; }
void cb_menu(fltk::Widget *wid, long user_data) { if(!dir) return; char cmd[FL_PATH_MAX]; EDE_Config pGlobalConfig(find_config_file("ede.conf", false)); // we can't use Fl_String here, because gcc3.2.3 bug, so we will use // plain char with stupid FL_PATH_MAX switch(user_data) { case 1: { char term[FL_PATH_MAX]; pGlobalConfig.get("Terminal", "Terminal", term, 0, sizeof(term)); if(pGlobalConfig.error() && !term[0] || (strlen(term) == 0)) strncpy(term, "xterm", sizeof(term)); snprintf(cmd, sizeof(cmd)-1, "cd %s; %s\n", dir, term); } break; case 2: { char browser[FL_PATH_MAX]; pGlobalConfig.get("Web", "Browser", browser, 0, sizeof(browser)); if(pGlobalConfig.error() && !browser[0] || (strlen(browser) == 0)) strncpy(browser, "mozilla", sizeof(browser)); snprintf(cmd, sizeof(cmd)-1, "%s %s\n", browser, dir); } break; case 0: fltk::exit_modal(); default: return; } fltk::start_child_process(cmd, false); }
ac_rtld_config::ac_rtld_config() { int mapfile_fd; config_loaded = false; hashtable = NULL; /* Our config file exists? */ mapfile_fd = find_config_file ("ac_rtld.relmap"); if (mapfile_fd >= 0) { if (hash_initialize(&hashtable) == FINE) { if (process_map_file(mapfile_fd, hashtable) == FINE) { config_loaded = true; } else { hash_delete(&hashtable); } } close(mapfile_fd); } }
int main(int argc, char **argv) { int port = 0; int messagenumber = 5; char local_addr[256]; int c; int mclient = 1; char peer_address[129] = "\0"; int peer_port = PEER_DEFAULT_PORT; char rest_api_separator = ':'; int use_null_cipher=0; set_logfile("stdout"); set_execdir(); set_system_parameters(0); ns_bzero(local_addr, sizeof(local_addr)); while ((c = getopt(argc, argv, "d:p:l:n:L:m:e:r:u:w:i:k:z:W:C:E:F:vsyhcxXgtTSAPDNOUHMRIGB")) != -1) { switch (c){ case 'B': random_disconnect = 1; break; case 'G': extra_requests = 1; break; case 'F': STRCPY(cipher_suite,optarg); break; case 'I': no_permissions = 1; break; case 'M': mobility = 1; break; case 'H': shatype = SHATYPE_SHA256; break; case 'E': { char* fn = find_config_file(optarg,1); if(!fn) { fprintf(stderr,"ERROR: file %s not found\n",optarg); exit(-1); } STRCPY(ca_cert_file,fn); } break; case 'O': dos = 1; break; case 'C': rest_api_separator=*optarg; break; case 'D': mandatory_channel_padding = 1; break; case 'N': negative_test = 1; break; case 'R': negative_protocol_test = 1; break; case 'z': RTP_PACKET_INTERVAL = atoi(optarg); break; case 'A': use_short_term = 1; break; case 'u': STRCPY(g_uname, optarg); break; case 'w': STRCPY(g_upwd, optarg); break; case 'g': dont_fragment = 1; break; case 'd': STRCPY(client_ifname, optarg); break; case 'x': default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6; break; case 'X': default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV4; break; case 'l': clmessage_length = atoi(optarg); break; case 's': do_not_use_channel = 1; break; case 'n': messagenumber = atoi(optarg); break; case 'p': port = atoi(optarg); break; case 'L': STRCPY(local_addr, optarg); break; case 'e': STRCPY(peer_address, optarg); break; case 'r': peer_port = atoi(optarg); break; case 'v': clnet_verbose = TURN_VERBOSE_NORMAL; break; case 'h': hang_on = 1; break; case 'c': no_rtcp = 1; break; case 'm': mclient = atoi(optarg); break; case 'y': c2c = 1; break; case 't': use_tcp = 1; break; case 'P': passive_tcp = 1; /* implies 'T': */ /* no break */ case 'T': relay_transport = STUN_ATTRIBUTE_TRANSPORT_TCP_VALUE; break; case 'U': use_null_cipher = 1; /* implies 'S' */ /* no break */ case 'S': use_secure = 1; break; case 'W': g_use_auth_secret_with_timestamp = 1; STRCPY(g_auth_secret,optarg); break; case 'i': { char* fn = find_config_file(optarg,1); if(!fn) { fprintf(stderr,"ERROR: file %s not found\n",optarg); exit(-1); } STRCPY(cert_file,fn); free(fn); } break; case 'k': { char* fn = find_config_file(optarg,1); if(!fn) { fprintf(stderr,"ERROR: file %s not found\n",optarg); exit(-1); } STRCPY(pkey_file,fn); free(fn); } break; default: fprintf(stderr, "%s\n", Usage); exit(1); } } if(g_use_auth_secret_with_timestamp) { if(use_short_term) { fprintf(stderr,"ERROR: You cannot use authentication secret (REST API) with short-term credentials mechanism.\n"); exit(-1); } { char new_uname[1025]; const unsigned long exp_time = 3600 * 24; /* one day */ if(g_uname[0]) { snprintf(new_uname,sizeof(new_uname),"%lu%c%s",(unsigned long)time(NULL) + exp_time,rest_api_separator, (char*)g_uname); } else { snprintf(new_uname,sizeof(new_uname),"%lu", (unsigned long)time(NULL) + exp_time); } STRCPY(g_uname,new_uname); } { u08bits hmac[MAXSHASIZE]; unsigned int hmac_len; switch(shatype) { case SHATYPE_SHA256: hmac_len = SHA256SIZEBYTES; break; default: hmac_len = SHA1SIZEBYTES; }; hmac[0]=0; if(stun_calculate_hmac(g_uname, strlen((char*)g_uname), (u08bits*)g_auth_secret, strlen(g_auth_secret), hmac, &hmac_len, shatype)>=0) { size_t pwd_length = 0; char *pwd = base64_encode(hmac,hmac_len,&pwd_length); if(pwd) { if(pwd_length>0) { ns_bcopy(pwd,g_upwd,pwd_length); g_upwd[pwd_length]=0; } } free(pwd); } } } if(is_TCP_relay()) { dont_fragment = 0; no_rtcp = 1; c2c = 1; use_tcp = 1; do_not_use_channel = 1; } if(port == 0) { if(use_secure) port = DEFAULT_STUN_TLS_PORT; else port = DEFAULT_STUN_PORT; } if (clmessage_length < (int) sizeof(message_info)) clmessage_length = (int) sizeof(message_info); const int max_header = 100; if(clmessage_length > (int)(STUN_BUFFER_SIZE-max_header)) { fprintf(stderr,"Message length was corrected to %d\n",(STUN_BUFFER_SIZE-max_header)); clmessage_length = (int)(STUN_BUFFER_SIZE-max_header); } if (optind >= argc) { fprintf(stderr, "%s\n", Usage); exit(-1); } if (!c2c) { if (make_ioa_addr((const u08bits*) peer_address, peer_port, &peer_addr) < 0) return -1; if(peer_addr.ss.sa_family == AF_INET6) default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6; } /* SSL Init ==>> */ if(use_secure) { SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); const char *csuite = "ALL"; //"AES256-SHA" "DH" if(use_null_cipher) csuite = "eNULL"; else if(cipher_suite[0]) csuite=cipher_suite; if(use_tcp) { root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(SSLv23_client_method()); SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite); root_tls_ctx_num++; root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(SSLv3_client_method()); SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite); root_tls_ctx_num++; root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(TLSv1_client_method()); SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite); root_tls_ctx_num++; #if defined(SSL_TXT_TLSV1_1) root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(TLSv1_1_client_method()); SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite); root_tls_ctx_num++; #if defined(SSL_TXT_TLSV1_2) root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(TLSv1_2_client_method()); SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite); root_tls_ctx_num++; #endif #endif } else { #if defined(TURN_NO_DTLS) fprintf(stderr,"ERROR: DTLS is not supported.\n"); exit(-1); #else if(OPENSSL_VERSION_NUMBER < 0x10000000L) { TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "WARNING: OpenSSL version is rather old, DTLS may not be working correctly.\n"); } root_tls_ctx[root_tls_ctx_num] = SSL_CTX_new(DTLSv1_client_method()); SSL_CTX_set_cipher_list(root_tls_ctx[root_tls_ctx_num], csuite); root_tls_ctx_num++; #endif } int sslind = 0; for(sslind = 0; sslind<root_tls_ctx_num; sslind++) { if(cert_file[0]) { if (!SSL_CTX_use_certificate_chain_file(root_tls_ctx[sslind], cert_file)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no certificate found!\n"); exit(-1); } } if (!SSL_CTX_use_PrivateKey_file(root_tls_ctx[sslind], pkey_file, SSL_FILETYPE_PEM)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no private key found!\n"); exit(-1); } if(cert_file[0]) { if (!SSL_CTX_check_private_key(root_tls_ctx[sslind])) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: invalid private key!\n"); exit(-1); } } if (ca_cert_file[0]) { if (!SSL_CTX_load_verify_locations(root_tls_ctx[sslind], ca_cert_file, NULL )) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "ERROR: cannot load CA from file: %s\n", ca_cert_file); } /* Set to require peer (client) certificate verification */ SSL_CTX_set_verify(root_tls_ctx[sslind], SSL_VERIFY_PEER, NULL ); /* Set the verification depth to 9 */ SSL_CTX_set_verify_depth(root_tls_ctx[sslind], 9); } else { SSL_CTX_set_verify(root_tls_ctx[sslind], SSL_VERIFY_NONE, NULL ); } if(!use_tcp) SSL_CTX_set_read_ahead(root_tls_ctx[sslind], 1); } } start_mclient(argv[optind], port, client_ifname, local_addr, messagenumber, mclient); return 0; }
bool CONFIG::parse_config() { LEX *lc = NULL; int token, i, pass; int res_type = 0; enum parse_state state = p_none; RES_ITEM *items = NULL; int level = 0; static bool first = true; int errstat; const char *cf = m_cf; LEX_ERROR_HANDLER *scan_error = m_scan_error; int err_type = m_err_type; if (first && (errstat=rwl_init(&res_lock)) != 0) { berrno be; Jmsg1(NULL, M_ABORT, 0, _("Unable to initialize resource lock. ERR=%s\n"), be.bstrerror(errstat)); } first = false; char *full_path = (char *)alloca(MAX_PATH + 1); if (!find_config_file(cf, full_path, MAX_PATH +1)) { Jmsg0(NULL, M_ABORT, 0, _("Config filename too long.\n")); } cf = full_path; /* Make two passes. The first builds the name symbol table, * and the second picks up the items. */ Dmsg0(900, "Enter parse_config()\n"); for (pass=1; pass <= 2; pass++) { Dmsg1(900, "parse_config pass %d\n", pass); if ((lc = lex_open_file(lc, cf, scan_error)) == NULL) { berrno be; /* We must create a lex packet to print the error */ lc = (LEX *)malloc(sizeof(LEX)); memset(lc, 0, sizeof(LEX)); if (scan_error) { lc->scan_error = scan_error; } else { lex_set_default_error_handler(lc); } lex_set_error_handler_error_type(lc, err_type) ; bstrncpy(lc->str, cf, sizeof(lc->str)); lc->fname = lc->str; scan_err2(lc, _("Cannot open config file \"%s\": %s\n"), lc->str, be.bstrerror()); free(lc); return 0; } lex_set_error_handler_error_type(lc, err_type) ; while ((token=lex_get_token(lc, T_ALL)) != T_EOF) { Dmsg3(900, "parse state=%d pass=%d got token=%s\n", state, pass, lex_tok_to_str(token)); switch (state) { case p_none: if (token == T_EOL) { break; } else if (token == T_UTF8_BOM) { /* We can assume the file is UTF-8 as we have seen a UTF-8 BOM */ break; } else if (token == T_UTF16_BOM) { scan_err0(lc, _("Currently we cannot handle UTF-16 source files. " "Please convert the conf file to UTF-8\n")); return 0; } else if (token != T_IDENTIFIER) { scan_err1(lc, _("Expected a Resource name identifier, got: %s"), lc->str); return 0; } for (i=0; resources[i].name; i++) { if (strcasecmp(resources[i].name, lc->str) == 0) { items = resources[i].items; if (!items) { break; } state = p_resource; res_type = resources[i].rcode; init_resource(this, res_type, items, pass); break; } } if (state == p_none) { scan_err1(lc, _("expected resource name, got: %s"), lc->str); return 0; } break; case p_resource: switch (token) { case T_BOB: level++; break; case T_IDENTIFIER: if (level != 1) { scan_err1(lc, _("not in resource definition: %s"), lc->str); return 0; } for (i=0; items[i].name; i++) { if (strcasecmp(items[i].name, lc->str) == 0) { /* If the ITEM_NO_EQUALS flag is set we do NOT * scan for = after the keyword */ if (!(items[i].flags & ITEM_NO_EQUALS)) { token = lex_get_token(lc, T_SKIP_EOL); Dmsg1 (900, "in T_IDENT got token=%s\n", lex_tok_to_str(token)); if (token != T_EQUALS) { scan_err1(lc, _("expected an equals, got: %s"), lc->str); return 0; } } Dmsg1(800, "calling handler for %s\n", items[i].name); /* Call item handler */ items[i].handler(lc, &items[i], i, pass); i = -1; break; } } if (i >= 0) { Dmsg2(900, "level=%d id=%s\n", level, lc->str); Dmsg1(900, "Keyword = %s\n", lc->str); scan_err1(lc, _("Keyword \"%s\" not permitted in this resource.\n" "Perhaps you left the trailing brace off of the previous resource."), lc->str); return 0; } break; case T_EOB: level--; state = p_none; Dmsg0(900, "T_EOB => define new resource\n"); if (res_all.hdr.name == NULL) { scan_err0(lc, _("Name not specified for resource")); return 0; } save_resource(res_type, items, pass); /* save resource */ break; case T_EOL: break; default: scan_err2(lc, _("unexpected token %d %s in resource definition"), token, lex_tok_to_str(token)); return 0; } break; default: scan_err1(lc, _("Unknown parser state %d\n"), state); return 0; } } if (state != p_none) { scan_err0(lc, _("End of conf file reached with unclosed resource.")); return 0; } if (debug_level >= 900 && pass == 2) { int i; for (i=m_r_first; i<=m_r_last; i++) { dump_resource(i, m_res_head[i-m_r_first], prtmsg, NULL); } } lc = lex_close_file(lc); } Dmsg0(900, "Leave parse_config()\n"); return 1; }
static int read_config_file(void) { _cleanup_fclose_ FILE *fp = NULL; char *config_path = NULL; char line[BUFSIZ]; int lineno = 0; config_path = find_config_file(); if (config_path == NULL) { log_warn("unable to determine location of config file. " "Skipping.\n"); return 0; } fp = fopen(config_path, "r"); if (fp == NULL) { if (errno == ENOENT) /* ignore error when file isn't found */ return 0; log_error("failed to open %s: %s", config_path, strerror(errno)); return -errno; } while (fgets(line, sizeof(line), fp) != NULL) { char *key, *value; size_t len; ++lineno; len = strtrim(line); if (len == 0 || line[0] == '#') continue; key = value = line; strsep(&value, "="); strtrim(key); strtrim(value); if (streq(key, "User")) { char *v = strdup(value); if (v == NULL) log_error("failed to allocate memory\n"); else arg_username = v; } else if (streq(key, "Password")) { char *v = strdup(value); if (v == NULL) log_error("failed to allocate memory\n"); else arg_password = v; } else if (streq(key, "Cookies")) { char *v = shell_expand(value); if (v == NULL) log_error("failed to allocate memory\n"); else arg_cookiefile = v; } else log_warn("unknown config entry '%s' on line %d", key, lineno); } return 0; }
/** * gnutls_store_pubkey: * @db_name: A file specifying the stored keys (use NULL for the default) * @tdb: A storage structure or NULL to use the default * @host: The peer's name * @service: non-NULL if this key is specific to a service (e.g. http) * @cert_type: The type of the certificate * @cert: The data of the certificate * @expiration: The expiration time (use 0 to disable expiration) * @flags: should be 0. * * This function will store a raw public-key or a public-key provided via * a raw (DER-encoded) certificate to the list of stored public keys. The key * will be considered valid until the provided expiration time. * * The @tdb variable if non-null specifies a custom backend for * the storage of entries. If it is NULL then the * default file backend will be used. * * Unless an alternative @tdb is provided, the storage format is a textual format * consisting of a line for each host with fields separated by '|'. The contents of * the fields are a format-identifier which is set to 'g0', the hostname that the * rest of the data applies to, the numeric port or host name, the expiration * time in seconds since the epoch (0 for no expiration), and a base64 * encoding of the raw (DER) public key information (SPKI) of the peer. * * As of GnuTLS 3.6.6 this function also accepts raw public keys. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.0.13 **/ int gnutls_store_pubkey(const char *db_name, gnutls_tdb_t tdb, const char *host, const char *service, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, time_t expiration, unsigned int flags) { gnutls_datum_t pubkey = { NULL, 0 }; // Holds the pubkey in subjectPublicKeyInfo format (DER encoded) int ret; char local_file[MAX_FILENAME]; bool need_free; if (db_name == NULL && tdb == NULL) { ret = _gnutls_find_config_path(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); _gnutls_debug_log("Configuration path: %s\n", local_file); mkdir(local_file, 0700); ret = find_config_file(local_file, sizeof(local_file)); if (ret < 0) return gnutls_assert_val(ret); db_name = local_file; } if (tdb == NULL) tdb = &default_tdb; /* Import the public key depending on the provided certificate type */ switch (cert_type) { case GNUTLS_CRT_X509: /* Extract the pubkey from the cert. This function does a malloc * deep down the call chain. We are responsible for freeing. */ ret = _gnutls_x509_raw_crt_to_raw_pubkey(cert, &pubkey); if (ret < 0) { _gnutls_free_datum(&pubkey); return gnutls_assert_val(ret); } need_free = true; break; case GNUTLS_CRT_RAWPK: pubkey.data = cert->data; pubkey.size = cert->size; need_free = false; break; default: return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE); } _gnutls_debug_log("Configuration file: %s\n", db_name); tdb->store(db_name, host, service, expiration, &pubkey); if (need_free) { _gnutls_free_datum(&pubkey); } return GNUTLS_E_SUCCESS; }
void sim_pulse(struct device *in) { struct buffer buf; buffer_init(&buf); struct dynamic_store store; dump_dynamic_init(&store, in); struct istruct out_i; inter_init(&out_i); struct istruct out_v; inter_init(&out_v); struct istruct out_G; inter_init(&out_G); struct istruct lost_charge; inter_init(&lost_charge); char config_file_name[200]; if (find_config_file (config_file_name, in->inputpath, in->simmode, "pulse") != 0) { ewe("%s %s %s\n", _("no pulse config file found"), in->inputpath, in->simmode); } printf("%s\n", config_file_name); pulse_load_config(&pulse_config, in, config_file_name); int number = strextract_int(config_file_name); ntricks_externv_set_load(pulse_config.pulse_Rload); in->go_time = FALSE; in->time = 0.0; time_init(in); //time_load_mesh(in,number); time_load_mesh(in, number); //time_mesh_save(); //getchar(); //struct istruct pulseout; //inter_init(&pulseout); int ittr = 0; int step = 0; in->Psun = time_get_sun(); light_solve_and_update(in, &(in->mylight), time_get_sun(), time_get_laser()); double V = 0.0; if (pulse_config.pulse_sim_mode == pulse_load) { sim_externalv(in, time_get_voltage()); ntricks_externv_newton(in, time_get_voltage(), FALSE); } else if (pulse_config.pulse_sim_mode == pulse_open_circuit) { in->Vapplied = in->Vbi; pulse_newton_sim_voc(in); pulse_newton_sim_voc_fast(in, FALSE); } else { ewe(_("pulse mode not known\n")); } device_timestep(in); in->go_time = TRUE; double extracted_through_contacts = 0.0; double i0 = 0; carrier_count_reset(in); reset_np_save(in); do { in->Psun = time_get_sun(); light_solve_and_update(in, &(in->mylight), time_get_sun(), time_get_laser() + time_get_fs_laser()); dump_dynamic_add_data(&store, in, in->time); if (pulse_config.pulse_sim_mode == pulse_load) { i0 = ntricks_externv_newton(in, time_get_voltage(), TRUE); } else if (pulse_config.pulse_sim_mode == pulse_open_circuit) { V = in->Vapplied; pulse_newton_sim_voc_fast(in, TRUE); } else { ewe(_("pulse mode not known\n")); } if (get_dump_status(dump_print_text) == TRUE) { printf_log("%s=%e %s=%d %.1e ", _("pulse time"), in->time, _("step"), step, in->last_error); printf_log("Vtot=%lf %s = %e mA (%e A/m^2)\n", V, _("current"), get_I(in) / 1e-3, get_J(in)); } ittr++; gui_send_data("pulse"); dump_write_to_disk(in); plot_now(in, "pulse.plot"); inter_append(&out_i, in->time, i0); inter_append(&out_v, in->time, V); inter_append(&out_G, in->time, in->Gn[0]); inter_append(&lost_charge, in->time, extracted_through_contacts - fabs(get_extracted_n(in) + get_extracted_p(in)) / 2.0); device_timestep(in); step++; if (time_run() == FALSE) break; //getchar(); } while (1); struct istruct out_flip; dump_dynamic_save(in->outputpath, &store); dump_dynamic_free(&store); buffer_malloc(&buf); buf.y_mul = 1e3; buf.x_mul = 1e6; strcpy(buf.title, _("Time - current")); strcpy(buf.type, _("xy")); strcpy(buf.x_label, _("Time")); strcpy(buf.y_label, _("Current")); strcpy(buf.x_units, _("us")); strcpy(buf.y_units, _("m")); buf.logscale_x = 0; buf.logscale_y = 0; buffer_add_info(&buf); buffer_add_xy_data(&buf, out_i.x, out_i.data, out_i.len); buffer_dump_path(in->outputpath, "pulse_i.dat", &buf); buffer_free(&buf); inter_copy(&out_flip, &out_i, TRUE); inter_mul(&out_flip, -1.0); buffer_malloc(&buf); buf.y_mul = 1e3; buf.x_mul = 1e6; strcpy(buf.title, _("Time - -current")); strcpy(buf.type, _("xy")); strcpy(buf.x_label, _("Time")); strcpy(buf.y_label, _("-Current")); strcpy(buf.x_units, _("us")); strcpy(buf.y_units, _("mA")); buf.logscale_x = 0; buf.logscale_y = 0; buffer_add_info(&buf); buffer_add_xy_data(&buf, out_flip.x, out_flip.data, out_flip.len); buffer_dump_path(in->outputpath, "pulse_i_pos.dat", &buf); buffer_free(&buf); inter_free(&out_flip); buffer_malloc(&buf); buf.y_mul = 1.0; buf.x_mul = 1e6; strcpy(buf.title, _("Time - Voltage")); strcpy(buf.type, _("xy")); strcpy(buf.x_label, _("Time")); strcpy(buf.y_label, _("Volts")); strcpy(buf.x_units, _("us")); strcpy(buf.y_units, _("Voltage")); buf.logscale_x = 0; buf.logscale_y = 0; buffer_add_info(&buf); buffer_add_xy_data(&buf, out_v.x, out_v.data, out_v.len); buffer_dump_path(in->outputpath, "pulse_v.dat", &buf); buffer_free(&buf); buffer_malloc(&buf); buf.y_mul = 1.0; buf.x_mul = 1e6; strcpy(buf.title, _("Time - Photogeneration rate")); strcpy(buf.type, _("xy")); strcpy(buf.x_label, _("Time")); strcpy(buf.y_label, _("Generation rate")); strcpy(buf.x_units, _("s")); strcpy(buf.y_units, _("m^{-3} s^{-1}")); buf.logscale_x = 0; buf.logscale_y = 0; buffer_add_info(&buf); buffer_add_xy_data(&buf, out_G.x, out_G.data, out_G.len); buffer_dump_path(in->outputpath, "pulse_G.dat", &buf); buffer_free(&buf); //sprintf(outpath,"%s%s",in->outputpath,"pulse_lost_charge.dat"); //inter_save(&lost_charge,outpath); in->go_time = FALSE; inter_free(&out_G); inter_free(&out_i); inter_free(&out_v); time_memory_free(); }
int main(int argc, char **argv) { int port = 0; int messagenumber = 5; char local_addr[256]; char c; int mclient = 1; unsigned char ifname[1025] = "\0"; char peer_address[129] = "\0"; int peer_port = PEER_DEFAULT_PORT; set_execdir(); srandom((unsigned int) time(NULL)); memset(local_addr, 0, sizeof(local_addr)); while ((c = getopt(argc, argv, "d:p:l:n:L:m:e:r:u:w:i:k:z:vsyhcxgtS")) != -1) { switch (c){ case 'z': RTP_PACKET_INTERVAL = atoi(optarg); break; case 'u': STRCPY(g_uname, optarg); break; case 'w': STRCPY(g_upwd, optarg); break; case 'g': dont_fragment = 1; break; case 'd': STRCPY(ifname, optarg); break; case 'x': default_address_family = STUN_ATTRIBUTE_REQUESTED_ADDRESS_FAMILY_VALUE_IPV6; break; case 'l': clmessage_length = atoi(optarg); break; case 's': use_send_method = 1; break; case 'n': messagenumber = atoi(optarg); break; case 'p': port = atoi(optarg); break; case 'L': STRCPY(local_addr, optarg); break; case 'e': STRCPY(peer_address, optarg); break; case 'r': peer_port = atoi(optarg); break; case 'v': clnet_verbose = 1; break; case 'h': hang_on = 1; break; case 'c': no_rtcp = 1; break; case 'm': mclient = atoi(optarg); break; case 'y': c2c = 1; break; case 't': use_tcp = 1; break; case 'S': use_secure = 1; break; case 'i': { char* fn = find_config_file(optarg,1); if(!fn) { fprintf(stderr,"ERROR: file %s not found\n",optarg); exit(-1); } strcpy(cert_file,fn); free(fn); break; } case 'k': { char* fn = find_config_file(optarg,1); if(!fn) { fprintf(stderr,"ERROR: file %s not found\n",optarg); exit(-1); } STRCPY(pkey_file,fn); free(fn); break; } default: fprintf(stderr, "%s\n", Usage); exit(1); } } if(port == 0) { if(use_secure) port = DEFAULT_STUN_TLS_PORT; else port = DEFAULT_STUN_PORT; } if (clmessage_length < (int) sizeof(message_info)) clmessage_length = (int) sizeof(message_info); if (optind >= argc) { fprintf(stderr, "%s\n", Usage); exit(-1); } if (!c2c) { if (make_ioa_addr((const u08bits*) peer_address, peer_port, &peer_addr) < 0) return -1; } /* SSL Init ==>> */ if(use_secure) { SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); if(use_tcp) { root_tls_ctx = SSL_CTX_new(TLSv1_client_method()); } else { #if !defined(BIO_CTRL_DGRAM_QUERY_MTU) fprintf(stderr,"ERROR: DTLS is not supported.\n"); exit(-1); #else if(OPENSSL_VERSION_NUMBER < 0x10000000L) { TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "WARNING: OpenSSL version is rather old, DTLS may not be working correctly.\n"); } root_tls_ctx = SSL_CTX_new(DTLSv1_client_method()); #endif } SSL_CTX_set_cipher_list(root_tls_ctx, "DEFAULT"); if (!SSL_CTX_use_certificate_file(root_tls_ctx, cert_file, SSL_FILETYPE_PEM)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no certificate found!\n"); exit(-1); } if (!SSL_CTX_use_PrivateKey_file(root_tls_ctx, pkey_file, SSL_FILETYPE_PEM)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: no private key found!\n"); exit(-1); } if (!SSL_CTX_check_private_key(root_tls_ctx)) { TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "\nERROR: invalid private key!\n"); exit(-1); } SSL_CTX_set_verify_depth(root_tls_ctx, 2); SSL_CTX_set_read_ahead(root_tls_ctx, 1); } start_mclient(argv[optind], port, ifname, local_addr, messagenumber, mclient); return 0; }