certtool-common.c   certtool-common.c 
skipping to change at line 50 skipping to change at line 50
#include <common.h> #include <common.h>
#include "certtool-common.h" #include "certtool-common.h"
#include "certtool-args.h" #include "certtool-args.h"
#include "certtool-cfg.h" #include "certtool-cfg.h"
#include <minmax.h> #include <minmax.h>
/* Gnulib portability files. */ /* Gnulib portability files. */
#include <read-file.h> #include <read-file.h>
unsigned char *lbuffer = NULL; unsigned char *lbuffer = NULL;
int lbuffer_size = 0; unsigned long lbuffer_size = 0;
void fix_lbuffer(unsigned size) static unsigned long file_size(FILE *fp)
{
unsigned long size;
unsigned long cur = ftell(fp);
fseek(fp, 0, SEEK_END);
size = ftell(fp);
fseek(fp, cur, SEEK_SET);
return size;
}
void fix_lbuffer(unsigned long size)
{ {
if (lbuffer_size == 0 || lbuffer == NULL) { if (lbuffer_size == 0 || lbuffer == NULL) {
if (size == 0) if (size == 0)
lbuffer_size = 64*1024; lbuffer_size = 64*1024;
else else
lbuffer_size = MAX(64*1024,size); lbuffer_size = MAX(64*1024,size+1);
lbuffer = malloc(lbuffer_size); lbuffer = malloc(lbuffer_size);
if (lbuffer == NULL) { } else if (size > lbuffer_size) {
fprintf(stderr, "memory error"); lbuffer_size = MAX(64*1024,size+1);
exit(1); lbuffer = realloc(lbuffer, lbuffer_size);
} }
if (lbuffer == NULL) {
fprintf(stderr, "memory error");
exit(1);
} }
} }
FILE *safe_open_rw(const char *file, int privkey_op) FILE *safe_open_rw(const char *file, int privkey_op)
{ {
mode_t omask = 0; mode_t omask = 0;
FILE *fh; FILE *fh;
if (privkey_op != 0) { if (privkey_op != 0) {
omask = umask(S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH); omask = umask(S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
skipping to change at line 346 skipping to change at line 360
return key; return key;
} }
/* Loads the certificate /* Loads the certificate
* If mand is non zero then a certificate is mandatory. Otherwise * If mand is non zero then a certificate is mandatory. Otherwise
* null will be returned if the certificate loading fails. * null will be returned if the certificate loading fails.
*/ */
gnutls_x509_crt_t load_cert(int mand, common_info_st * info) gnutls_x509_crt_t load_cert(int mand, common_info_st * info)
{ {
gnutls_x509_crt_t *crt; gnutls_x509_crt_t *crt;
size_t size; gnutls_x509_crt_t ret_crt;
size_t size, i;
crt = load_cert_list(mand, &size, info); crt = load_cert_list(mand, &size, info);
if (crt) {
ret_crt = crt[0];
for (i=1;i<size;i++)
gnutls_x509_crt_deinit(crt[i]);
gnutls_free(crt);
return ret_crt;
}
return crt ? crt[0] : NULL; return NULL;
} }
#define MAX_CERTS 256
/* Loads a certificate list /* Loads a certificate list
*/ */
gnutls_x509_crt_t *load_cert_list(int mand, size_t * crt_size, gnutls_x509_crt_t *load_cert_list(int mand, size_t * crt_size,
common_info_st * info) common_info_st * info)
{ {
FILE *fd; FILE *fd;
static gnutls_x509_crt_t crt[MAX_CERTS]; static gnutls_x509_crt_t *crt;
char *ptr; int ret;
int ret, i;
gnutls_datum_t dat; gnutls_datum_t dat;
size_t size; unsigned size;
int ptr_size; unsigned int crt_max;
fix_lbuffer(0);
*crt_size = 0; *crt_size = 0;
if (info->verbose) if (info->verbose)
fprintf(stderr, "Loading certificate list...\n"); fprintf(stderr, "Loading certificate list...\n");
if (info->cert == NULL) { if (info->cert == NULL) {
if (mand) { if (mand) {
fprintf(stderr, "missing --load-certificate\n"); fprintf(stderr, "missing --load-certificate\n");
exit(1); exit(1);
} else } else
return NULL; return NULL;
} }
fd = fopen(info->cert, "r"); fd = fopen(info->cert, "r");
if (fd == NULL) { if (fd == NULL) {
fprintf(stderr, "Could not open %s\n", info->cert); fprintf(stderr, "Could not open %s\n", info->cert);
exit(1); exit(1);
} }
fix_lbuffer(file_size(fd));
size = fread(lbuffer, 1, lbuffer_size - 1, fd); size = fread(lbuffer, 1, lbuffer_size - 1, fd);
lbuffer[size] = 0; lbuffer[size] = 0;
fclose(fd); fclose(fd);
ptr = (void *) lbuffer; dat.data = (void *) lbuffer;
ptr_size = size; dat.size = size;
for (i = 0; i < MAX_CERTS; i++) {
ret = gnutls_x509_crt_init(&crt[i]);
if (ret < 0) {
fprintf(stderr, "crt_init: %s\n",
gnutls_strerror(ret));
exit(1);
}
dat.data = (void *) ptr;
dat.size = ptr_size;
ret =
gnutls_x509_crt_import(crt[i], &dat,
info->incert_format);
if (ret < 0) {
int ret2 = gnutls_x509_crt_import(crt[i], &dat,
GNUTLS_X509_FMT_PEM);
if (ret2 >= 0)
ret = ret2;
}
if (ret < 0 && *crt_size > 0)
break;
if (ret < 0) {
fprintf(stderr, "crt_import: %s\n",
gnutls_strerror(ret));
exit(1);
}
ptr = strstr(ptr, "---END"); ret = gnutls_x509_crt_list_import2(&crt, &crt_max, &dat, GNUTLS_X509
if (ptr == NULL) _FMT_PEM, 0);
break; if (ret < 0) {
ptr++; fprintf(stderr, "Error loading certificates: %s\n", gnutls_s
trerror(ret));
ptr_size = size; exit(1);
ptr_size -= }
(unsigned int) ((unsigned char *) ptr -
(unsigned char *) lbuffer);
if (ptr_size < 0) *crt_size = crt_max;
break;
(*crt_size)++;
}
if (info->verbose) if (info->verbose)
fprintf(stderr, "Loaded %d certificates.\n", fprintf(stderr, "Loaded %d certificates.\n",
(int) *crt_size); (int) crt_max);
return crt; return crt;
} }
/* Loads a CRL list /* Loads a CRL list
*/ */
gnutls_x509_crl_t *load_crl_list(int mand, size_t * crl_size, gnutls_x509_crl_t *load_crl_list(int mand, size_t * crl_size,
common_info_st * info) common_info_st * info)
{ {
FILE *fd; FILE *fd;
static gnutls_x509_crl_t crl[MAX_CERTS]; static gnutls_x509_crl_t *crl;
char *ptr; unsigned int crl_max;
int ret, i; int ret;
gnutls_datum_t dat; gnutls_datum_t dat;
size_t size; size_t size;
int ptr_size;
fix_lbuffer(0);
*crl_size = 0; *crl_size = 0;
if (info->verbose) if (info->verbose)
fprintf(stderr, "Loading CRL list...\n"); fprintf(stderr, "Loading CRL list...\n");
if (info->crl == NULL) { if (info->crl == NULL) {
if (mand) { if (mand) {
fprintf(stderr, "missing --load-crl\n"); fprintf(stderr, "missing --load-crl\n");
exit(1); exit(1);
} else } else
return NULL; return NULL;
} }
fd = fopen(info->crl, "r"); fd = fopen(info->crl, "r");
if (fd == NULL) { if (fd == NULL) {
fprintf(stderr, "Could not open %s\n", info->crl); fprintf(stderr, "Could not open %s\n", info->crl);
exit(1); exit(1);
} }
fix_lbuffer(file_size(fd));
size = fread(lbuffer, 1, lbuffer_size - 1, fd); size = fread(lbuffer, 1, lbuffer_size - 1, fd);
lbuffer[size] = 0; lbuffer[size] = 0;
fclose(fd); fclose(fd);
ptr = (void *) lbuffer; dat.data = (void *) lbuffer;
ptr_size = size; dat.size = size;
for (i = 0; i < MAX_CERTS; i++) {
ret = gnutls_x509_crl_init(&crl[i]);
if (ret < 0) {
fprintf(stderr, "crl_init: %s\n",
gnutls_strerror(ret));
exit(1);
}
dat.data = (void *) ptr;
dat.size = ptr_size;
ret =
gnutls_x509_crl_import(crl[i], &dat,
info->incert_format);
if (ret < 0) {
int ret2 = gnutls_x509_crl_import(crl[i], &dat,
GNUTLS_X509_FMT_PEM);
if (ret2 >= 0)
ret = ret2;
}
if (ret < 0 && *crl_size > 0)
break;
if (ret < 0) {
fprintf(stderr, "crl_import: %s\n",
gnutls_strerror(ret));
exit(1);
}
ptr = strstr(ptr, "---END"); ret = gnutls_x509_crl_list_import2(&crl, &crl_max, &dat, GNUTLS_X509
if (ptr == NULL) _FMT_PEM, 0);
break; if (ret < 0) {
ptr++; fprintf(stderr, "Error loading CRLs: %s\n", gnutls_strerror(
ret));
ptr_size = size; exit(1);
ptr_size -= }
(unsigned int) ((unsigned char *) ptr -
(unsigned char *) lbuffer);
if (ptr_size < 0) *crl_size = crl_max;
break;
(*crl_size)++;
}
if (info->verbose) if (info->verbose)
fprintf(stderr, "Loaded %d certificates.\n", fprintf(stderr, "Loaded %d CRLs.\n",
(int) *crl_size); (int) *crl_size);
return crl; return crl;
} }
/* Load the Certificate Request. /* Load the Certificate Request.
*/ */
gnutls_x509_crq_t load_request(common_info_st * info) gnutls_x509_crq_t load_request(common_info_st * info)
{ {
gnutls_x509_crq_t crq; gnutls_x509_crq_t crq;
 End of changes. 24 change blocks. 
114 lines changed or deleted 64 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/