X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fkeytrans%2Fgnutls-helpers.c;h=8d8ec17ae31f23a308380d90daa31956877374d2;hb=321ff6d4c721f2f699c57874335ce792c456a19a;hp=7c342bb4c65b78ab610726cf9e681c70757291cc;hpb=6f2d6f78cd11231d6f7ffd6361812b1bd49a4c34;p=monkeysphere.git diff --git a/src/keytrans/gnutls-helpers.c b/src/keytrans/gnutls-helpers.c index 7c342bb..8d8ec17 100644 --- a/src/keytrans/gnutls-helpers.c +++ b/src/keytrans/gnutls-helpers.c @@ -15,11 +15,16 @@ /* for exit() */ #include -int loglevel = 0; +#include +/* higher levels allow more frivolous error messages through. + this is set with the MONKEYSPHERE_DEBUG variable */ +static int loglevel = 0; -void err(const char* fmt, ...) { +void err(int level, const char* fmt, ...) { va_list ap; + if (level > loglevel) + return; va_start(ap, fmt); vfprintf(stderr, fmt, ap); va_end(ap); @@ -37,14 +42,21 @@ void init_keyid(gnutls_openpgp_keyid_t keyid) { void make_keyid_printable(printable_keyid out, gnutls_openpgp_keyid_t keyid) +{ + assert(sizeof(out) >= 2*sizeof(keyid)); + hex_print_data((char*)out, (const unsigned char*)keyid, sizeof(keyid)); +} + +/* you must have twice as many bytes in the out buffer as in the in buffer */ +void hex_print_data(char* out, const unsigned char* in, size_t incount) { static const char hex[16] = "0123456789ABCDEF"; - unsigned int kix = 0, outix = 0; + unsigned int inix = 0, outix = 0; - while (kix < sizeof(gnutls_openpgp_keyid_t)) { - out[outix] = hex[(keyid[kix] >> 4) & 0x0f]; - out[outix + 1] = hex[keyid[kix] & 0x0f]; - kix++; + while (inix < incount) { + out[outix] = hex[(in[inix] >> 4) & 0x0f]; + out[outix + 1] = hex[in[inix] & 0x0f]; + inix++; outix += 2; } } @@ -61,16 +73,15 @@ unsigned char hex2bin(unsigned char x) { void collapse_printable_keyid(gnutls_openpgp_keyid_t out, printable_keyid in) { unsigned int pkix = 0, outkix = 0; - while (pkix < sizeof(printable_keyid)) { unsigned hi = hex2bin(in[pkix]); unsigned lo = hex2bin(in[pkix + 1]); if (hi == 0xff) { - err("character '%c' is not a hex char\n", in[pkix]); + err(0, "character '%c' is not a hex char\n", in[pkix]); exit(1); } if (lo == 0xff) { - err("character '%c' is not a hex char\n", in[pkix + 1]); + err(0, "character '%c' is not a hex char\n", in[pkix + 1]); exit(1); } out[outkix] = lo | (hi << 4); @@ -80,6 +91,27 @@ void collapse_printable_keyid(gnutls_openpgp_keyid_t out, printable_keyid in) { } } +unsigned int hexstring2bin(unsigned char* out, const char* in) { + unsigned int pkix = 0, outkix = 0; + int hi = 0; /* which nybble is it? */ + + while (in[pkix]) { + unsigned char z = hex2bin(in[pkix]); + if (z != 0xff) { + if (!hi) { + if (out) out[outkix] = (z << 4); + hi = 1; + } else { + if (out) out[outkix] |= z; + hi = 0; + outkix++; + } + pkix++; + } + } + return outkix*8 + (hi ? 4 : 0); +} + int convert_string_to_keyid(gnutls_openpgp_keyid_t out, const char* str) { printable_keyid p; int ret; @@ -97,7 +129,7 @@ int convert_string_to_printable_keyid(printable_keyid pkeyid, const char* str) { (str[x] != '\0')) { if (isxdigit(str[x])) { if (arglen == sizeof(printable_keyid)) { - err("There are more than %d hex digits in the keyid '%s'\n", sizeof(printable_keyid), str); + err(0, "There are more than %d hex digits in the keyid '%s'\n", sizeof(printable_keyid), str); return 1; } pkeyid[arglen] = str[x]; @@ -107,7 +139,7 @@ int convert_string_to_printable_keyid(printable_keyid pkeyid, const char* str) { } if (arglen != sizeof(printable_keyid)) { - err("keyid '%s' is not %d hex digits in length\n", str, sizeof(printable_keyid)); + err(0, "Keyid '%s' is not %d hex digits in length\n", str, sizeof(printable_keyid)); return 1; } return 0; @@ -120,27 +152,29 @@ int init_gnutls() { const char* debug_string = NULL; int ret; + if (debug_string = getenv("MONKEYSPHERE_DEBUG"), debug_string) { + loglevel = atoi(debug_string); + } + if (ret = gnutls_global_init(), ret) { - err("Failed to do gnutls_global_init() (error: %d)\n", ret); + err(0, "Failed to do gnutls_global_init() (error: %d)\n", ret); return 1; } version = gnutls_check_version(NULL); if (version) - err("gnutls version: %s\n", version); + err(1, "gnutls version: %s\n", version); else { - err("no version found!\n"); + err(0, "no gnutls version found!\n"); return 1; } - if (debug_string = getenv("MONKEYSPHERE_DEBUG"), debug_string) { - loglevel = atoi(debug_string); - gnutls_global_set_log_function(logfunc); - - gnutls_global_set_log_level(loglevel); - err("set log level to %d\n", loglevel); - } + gnutls_global_set_log_function(logfunc); + + gnutls_global_set_log_level(loglevel); + err(1, "set log level to %d\n", loglevel); + return 0; } @@ -155,11 +189,11 @@ void copy_datum(gnutls_datum_t* dest, const gnutls_datum_t* src) { } int compare_data(const gnutls_datum_t* a, const gnutls_datum_t* b) { if (a->size > b->size) { - err("a is larger\n"); + err(0,"a is larger\n"); return 1; } if (a->size < b->size) { - err("b is larger\n"); + err(0,"b is larger\n"); return -1; } return memcmp(a->data, b->data, a->size); @@ -195,7 +229,7 @@ int set_datum_fd(gnutls_datum_t* d, int fd) { bufsize = 1024; d->data = gnutls_realloc(d->data, bufsize); if (d->data == NULL) { - err("out of memory!\n"); + err(0,"out of memory!\n"); return -1; } d->size = bufsize; @@ -204,7 +238,7 @@ int set_datum_fd(gnutls_datum_t* d, int fd) { } f = fdopen(fd, "r"); if (NULL == f) { - err("could not fdopen FD %d\n", fd); + err(0,"could not fdopen FD %d\n", fd); } clearerr(f); while (!feof(f) && !ferror(f)) { @@ -213,16 +247,16 @@ int set_datum_fd(gnutls_datum_t* d, int fd) { bufsize *= 2; d->data = gnutls_realloc(d->data, bufsize); if (d->data == NULL) { - err("out of memory!\n"); + err(0,"out of memory!\n"); return -1; }; d->size = bufsize; } len += fread(d->data + len, 1, bufsize - len, f); - /* err("read %d bytes\n", len); */ + /* err(0,"read %d bytes\n", len); */ } if (ferror(f)) { - err("Error reading from fd %d (error: %d) (error: %d '%s')\n", fd, ferror(f), errno, strerror(errno)); + err(0,"Error reading from fd %d (error: %d) (error: %d '%s')\n", fd, ferror(f), errno, strerror(errno)); return -1; } @@ -241,13 +275,13 @@ int set_datum_file(gnutls_datum_t* d, const char* fname) { size_t x = 0; if (0 != stat(fname, &sbuf)) { - err("failed to stat '%s'\n", fname); + err(0,"failed to stat '%s'\n", fname); return -1; } c = gnutls_realloc(d->data, sbuf.st_size); if (NULL == c) { - err("failed to allocate %d bytes for '%s'\n", sbuf.st_size, fname); + err(0,"failed to allocate %d bytes for '%s'\n", sbuf.st_size, fname); return -1; } @@ -255,13 +289,13 @@ int set_datum_file(gnutls_datum_t* d, const char* fname) { d->size = sbuf.st_size; file = fopen(fname, "r"); if (NULL == file) { - err("failed to open '%s' for reading\n", fname); + err(0,"failed to open '%s' for reading\n", fname); return -1; } x = fread(d->data, d->size, 1, file); if (x != 1) { - err("tried to read %d bytes, read %d instead from '%s'\n", d->size, x, fname); + err(0,"tried to read %d bytes, read %d instead from '%s'\n", d->size, x, fname); fclose(file); return -1; } @@ -271,7 +305,7 @@ int set_datum_file(gnutls_datum_t* d, const char* fname) { int write_datum_fd(int fd, const gnutls_datum_t* d) { if (d->size != write(fd, d->data, d->size)) { - err("failed to write body of datum.\n"); + err(0,"failed to write body of datum.\n"); return -1; } return 0; @@ -293,12 +327,12 @@ int write_datum_fd_with_length(int fd, const gnutls_datum_t* d) { len = htonl(d->size); } if (write(fd, &len, sizeof(len)) != sizeof(len)) { - err("failed to write size of datum.\n"); + err(0,"failed to write size of datum.\n"); return -2; } if (looks_negative) { if (write(fd, &zero, 1) != 1) { - err("failed to write padding byte for MPI.\n"); + err(0,"failed to write padding byte for MPI.\n"); return -2; } } @@ -332,29 +366,29 @@ int create_writing_pipe(pid_t* pid, const char* path, char* const argv[]) { int ret; if (pid == NULL) { - err("bad pointer passed to create_writing_pipe()\n"); + err(0,"bad pointer passed to create_writing_pipe()\n"); return -1; } if (ret = pipe(p), ret == -1) { - err("failed to create a pipe (error: %d \"%s\")\n", errno, strerror(errno)); + err(0,"failed to create a pipe (error: %d \"%s\")\n", errno, strerror(errno)); return -1; } *pid = fork(); if (*pid == -1) { - err("Failed to fork (error: %d \"%s\")\n", errno, strerror(errno)); + err(0,"Failed to fork (error: %d \"%s\")\n", errno, strerror(errno)); return -1; } if (*pid == 0) { /* this is the child */ close(p[1]); /* close unused write end */ if (0 != dup2(p[0], 0)) { /* map the reading end into stdin */ - err("Failed to transfer reading file descriptor to stdin (error: %d \"%s\")\n", errno, strerror(errno)); + err(0,"Failed to transfer reading file descriptor to stdin (error: %d \"%s\")\n", errno, strerror(errno)); exit(1); } - execv(path, argv); - err("exec %s failed (error: %d \"%s\")\n", path, errno, strerror(errno)); + execvp(path, argv); + err(0,"exec %s failed (error: %d \"%s\")\n", path, errno, strerror(errno)); /* close the open file descriptors */ close(p[0]); close(0); @@ -372,14 +406,14 @@ int validate_ssh_host_userid(const char* userid) { /* choke if userid does not match the expected format ("ssh://fully.qualified.domain.name") */ if (strncmp("ssh://", userid, strlen("ssh://")) != 0) { - err("The user ID should start with ssh:// for a host key\n"); + err(0,"The user ID should start with ssh:// for a host key\n"); goto fail; } /* so that isalnum will work properly */ userid += strlen("ssh://"); while (0 != (*userid)) { if (!isalnum(*userid)) { - err("label did not start with a letter or a digit! (%s)\n", userid); + err(0,"label did not start with a letter or a digit! (%s)\n", userid); goto fail; } userid++; @@ -389,19 +423,19 @@ int validate_ssh_host_userid(const char* userid) { check last char isalnum */ if (!isalnum(*(userid - 1))) { - err("label did not end with a letter or a digit!\n"); + err(0,"label did not end with a letter or a digit!\n"); goto fail; } if ('.' == (*userid)) /* advance to the start of the next label */ userid++; } else { - err("invalid character in domain name: %c\n", *userid); + err(0,"invalid character in domain name: %c\n", *userid); goto fail; } } /* ensure that the last character is valid: */ if (!isalnum(*(userid - 1))) { - err("hostname did not end with a letter or a digit!\n"); + err(0,"hostname did not end with a letter or a digit!\n"); goto fail; } /* FIXME: fqdn's can be unicode now, thanks to RFC 3490 -- how do we