if (pid_file)
{
fprintf(pid_file, "%d\n", getpid());
- fchown(fileno(pid_file), charon->uid, charon->gid);
+ ignore_result(fchown(fileno(pid_file), charon->uid, charon->gid));
fclose(pid_file);
}
#include "sql_attribute.h"
+#include <time.h>
+
#include <daemon.h>
typedef struct private_sql_attribute_t private_sql_attribute_t;
FILE *shell;
/* get subnet/bits from string */
- asprintf(&my_client, "%R", my_ts);
+ if (asprintf(&my_client, "%R", my_ts) < 0)
+ {
+ my_client = NULL;
+ }
pos = strchr(my_client, '/');
*pos = '\0';
my_client_mask = pos + 1;
{
*pos = '\0';
}
- asprintf(&other_client, "%R", other_ts);
+ if (asprintf(&other_client, "%R", other_ts) < 0)
+ {
+ other_client = NULL;
+ }
pos = strchr(other_client, '/');
*pos = '\0';
other_client_mask = pos + 1;
if (vip)
{
- asprintf(&virtual_ip, "PLUTO_MY_SOURCEIP='%H' ", vip);
+ if (asprintf(&virtual_ip, "PLUTO_MY_SOURCEIP='%H' ", vip) < 0)
+ {
+ virtual_ip = NULL;
+ }
}
else
{
- asprintf(&virtual_ip, "");
+ if (asprintf(&virtual_ip, "") < 0)
+ {
+ virtual_ip = NULL;
+ }
}
iface = charon->kernel_interface->get_interface(
if (!found)
{
/* write line untouched back to file */
- fwrite(orig_line.ptr, orig_line.len, 1, file);
+ ignore_result(fwrite(orig_line.ptr, orig_line.len, 1, file));
fprintf(file, "\n");
}
}
{
this->dns_servers->insert_last(this->dns_servers, dns->clone(dns));
}
- fwrite(contents.ptr, contents.len, 1, file);
+ ignore_result(fwrite(contents.ptr, contents.len, 1, file));
fclose(file);
}
guest->destroy(guest);
if (len > 8 && len < 512)
{
- system(buf);
+ ignore_result(system(buf));
}
}
}
}
if (dir)
{
- asprintf(&this->dir, "%s/%s", cwd, dir);
+ if (asprintf(&this->dir, "%s/%s", cwd, dir) < 0)
+ {
+ this->dir = NULL;
+ }
}
else
{
}
}
this->template = NULL;
- asprintf(&this->guest_dir, "%s/%s", this->dir, GUEST_DIR);
+ if (asprintf(&this->guest_dir, "%s/%s", this->dir, GUEST_DIR) < 0)
+ {
+ this->guest_dir = NULL;
+ }
this->guests = linked_list_create();
this->bridges = linked_list_create();
- if (mkdir(this->guest_dir, PERME) < 0 && errno != EEXIST)
+ if (this->dir == NULL || this->guest_dir == NULL ||
+ (mkdir(this->guest_dir, PERME) < 0 && errno != EEXIST))
{
DBG1("creating guest directory '%s' failed: %m", this->guest_dir);
destroy(this);
return NULL;
}
-
+
load_guests(this);
return &this->public;
}
if (*parent == '/' || getcwd(cwd, sizeof(cwd)) == NULL)
{
- asprintf(&this->dirname, "%s/%s", parent, name);
+ if (asprintf(&this->dirname, "%s/%s", parent, name) < 0)
+ {
+ this->dirname = NULL;
+ }
}
else
{
- asprintf(&this->dirname, "%s/%s/%s", cwd, parent, name);
+ if (asprintf(&this->dirname, "%s/%s/%s", cwd, parent, name) < 0)
+ {
+ this->dirname = NULL;
+ }
+ }
+ if (this->dirname == NULL)
+ {
+ free(this);
+ return NULL;
}
if (create)
{
/* option pickup from files (userland only because of use of FILE) */
const char *optionsfrom(const char *filename, int *argcp, char ***argvp,
int optind, FILE *errorreport);
+#define ignore_result(call) { if (call); }
#endif
/*
chunk_t blob = chunk_from_buf(buf), key, type, tmp;
len = htonl(1);
- write(this->socket, &len, sizeof(len));
buf[0] = SSH_AGENT_ID_REQUEST;
- write(this->socket, &buf, 1);
+ if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+ write(this->socket, &buf, 1) != 1)
+ {
+ DBG1("writing to ssh-agent failed");
+ return FALSE;
+ }
blob.len = read(this->socket, blob.ptr, blob.len);
}
len = htonl(1 + sizeof(u_int32_t) * 3 + this->key.len + data.len);
- write(this->socket, &len, sizeof(len));
buf[0] = SSH_AGENT_SIGN_REQUEST;
- write(this->socket, &buf, 1);
+ if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+ write(this->socket, &buf, 1) != 1)
+ {
+ DBG1("writing to ssh-agent failed");
+ return FALSE;
+ }
len = htonl(this->key.len);
- write(this->socket, &len, sizeof(len));
- write(this->socket, this->key.ptr, this->key.len);
+ if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+ write(this->socket, this->key.ptr, this->key.len) != this->key.len)
+ {
+ DBG1("writing to ssh-agent failed");
+ return FALSE;
+ }
len = htonl(data.len);
- write(this->socket, &len, sizeof(len));
- write(this->socket, data.ptr, data.len);
+ if (write(this->socket, &len, sizeof(len)) != sizeof(len) ||
+ write(this->socket, data.ptr, data.len) != data.len)
+ {
+ DBG1("writing to ssh-agent failed");
+ return FALSE;
+ }
flags = htonl(0);
- write(this->socket, &flags, sizeof(flags));
+ if (write(this->socket, &flags, sizeof(flags)) != sizeof(flags))
+ {
+ DBG1("writing to ssh-agent failed");
+ return FALSE;
+ }
blob.len = read(this->socket, blob.ptr, blob.len);
if (blob.len < sizeof(u_int32_t) + sizeof(u_char) ||
case FETCH_REQUEST_DATA:
{
chunk_t data = va_arg(args, chunk_t);
- curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, data.ptr);
+ curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, (char*)data.ptr);
curl_easy_setopt(this->curl, CURLOPT_POSTFIELDSIZE, data.len);
return TRUE;
}
#define countof(array) (sizeof(array)/sizeof(array[0]))
/**
+ * Ignore result of functions tagged with warn_unused_result attributes
+ */
+#define ignore_result(call) { if(call); }
+
+/**
* Assign a function as a class method
*/
#define ASSIGN(method, function) (method = (typeof(method))function)
}
}
/* restore directory path */
- chdir(save_dir);
+ ignore_result(chdir(save_dir));
}
/*
}
}
/* restore directory path */
- chdir(save_dir);
+ ignore_result(chdir(save_dir));
}
/*
}
}
/* restore directory path */
- chdir(save_dir);
+ ignore_result(chdir(save_dir));
}
/*
{
mode_t oldmask;
FILE *fd;
+ size_t written;
if (!force)
{
if (fd)
{
- fwrite(ch.ptr, sizeof(u_char), ch.len, fd);
+ written = fwrite(ch.ptr, sizeof(u_char), ch.len, fd);
fclose(fd);
+ if (written != ch.len)
+ {
+ plog(" writing to %s file '%s' failed", label, filename);
+ umask(oldmask);
+ return FALSE;
+ }
plog(" written %s file '%s' (%d bytes)", label, filename, (int)ch.len);
umask(oldmask);
return TRUE;
curl_easy_setopt(curl, CURLOPT_URL, url);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&response);
- curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, &errorbuffer);
+ curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
curl_easy_setopt(curl, CURLOPT_URL, uri);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&response);
- curl_easy_setopt(curl, CURLOPT_POSTFIELDS, request.ptr);
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (void*)request.ptr);
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, request.len);
- curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, &errorbuffer);
+ curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
headers = curl_slist_append(headers, "Content-Type:");
headers = curl_slist_append(headers, "Expect:");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
- curl_easy_setopt(curl, CURLOPT_POSTFIELDS, pkcs7.ptr);
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char*)pkcs7.ptr);
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len);
}
}
_stop_requested = 0;
if (cfg->setup.prepluto)
- system(cfg->setup.prepluto);
+ ignore_result(system(cfg->setup.prepluto));
pid = fork();
switch (pid)
DBG_log("pluto (%d) started", _pluto_pid)
)
if (cfg->setup.postpluto)
- system(cfg->setup.postpluto);
+ ignore_result(system(cfg->setup.postpluto));
return 0;
}
}
/* ipsec module makes the pf_key proc interface visible */
if (stat(PROC_MODULES, &stb) == 0)
{
- system("modprobe -qv ipsec");
+ ignore_result(system("modprobe -qv ipsec"));
}
/* now test again */
}
/* load crypto algorithm modules */
- system("modprobe -qv ipsec_aes");
- system("modprobe -qv ipsec_blowfish");
- system("modprobe -qv ipsec_sha2");
+ ignore_result(system("modprobe -qv ipsec_aes"));
+ ignore_result(system("modprobe -qv ipsec_blowfish"));
+ ignore_result(system("modprobe -qv ipsec_sha2"));
DBG(DBG_CONTROL,
DBG_log("Found KLIPS IPsec stack")
void
starter_klips_cleanup(void)
{
- if (system("type eroute > /dev/null 2>&1") == 0)
- {
- system("spi --clear");
- system("eroute --clear");
- }
+ if (system("type eroute > /dev/null 2>&1") == 0)
+ {
+ ignore_result(system("spi --clear"));
+ ignore_result(system("eroute --clear"));
+ }
else if (system("type setkey > /dev/null 2>&1") == 0)
{
- system("setkey -F");
- system("setkey -FP");
+ ignore_result(system("setkey -F"));
+ ignore_result(system("setkey -FP"));
}
else
{
- plog("WARNING: cannot flush IPsec state/policy database");
+ plog("WARNING: cannot flush IPsec state/policy database");
}
}
/* af_key module makes the netkey proc interface visible */
if (stat(PROC_MODULES, &stb) == 0)
{
- system("modprobe -qv af_key");
+ ignore_result(system("modprobe -qv af_key"));
}
/* now test again */
/* make sure that all required IPsec modules are loaded */
if (stat(PROC_MODULES, &stb) == 0)
{
- system("modprobe -qv ah4");
- system("modprobe -qv esp4");
- system("modprobe -qv ipcomp");
- system("modprobe -qv xfrm4_tunnel");
- system("modprobe -qv xfrm_user");
+ ignore_result(system("modprobe -qv ah4"));
+ ignore_result(system("modprobe -qv esp4"));
+ ignore_result(system("modprobe -qv ipcomp"));
+ ignore_result(system("modprobe -qv xfrm4_tunnel"));
+ ignore_result(system("modprobe -qv xfrm_user"));
}
DBG(DBG_CONTROL,
{
if (system("ip xfrm state > /dev/null 2>&1") == 0)
{
- system("ip xfrm state flush");
- system("ip xfrm policy flush");
+ ignore_result(system("ip xfrm state flush"));
+ ignore_result(system("ip xfrm policy flush"));
}
else if (system("type setkey > /dev/null 2>&1") == 0)
{
- system("setkey -F");
- system("setkey -FP");
+ ignore_result(system("setkey -F"));
+ ignore_result(system("setkey -FP"));
}
else
{
#define MAX_INCLUDE_DEPTH 20
+#define YY_NO_INPUT
#define YY_NO_UNPUT
extern void yyerror(const char *);
extern int yylex (void);
#endif
setegid(gid);
seteuid(uid);
- system("ipsec scepclient --out pkcs1 --out cert-self --quiet");
+ ignore_result(system("ipsec scepclient --out pkcs1 --out cert-self --quiet"));
seteuid(0);
setegid(0);
fprintf(f, ": RSA myKey.der\n");
fclose(f);
}
- chown(SECRETS_FILE, uid, gid);
+ ignore_result(chown(SECRETS_FILE, uid, gid));
umask(oldmask);
}
}
}
le++; /* include NL in line */
- write(1, ls, le - ls);
+ ignore_result(write(1, ls, le - ls));
/* figure out prefix number
* and how it should affect our exit status