pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOB
authorTobias Brunner <tobias@strongswan.org>
Tue, 22 Oct 2013 12:35:13 +0000 (14:35 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 23 Oct 2013 15:20:39 +0000 (17:20 +0200)
This allows more than one builder to try parsing the data read from STDIN.

src/libstrongswan/credentials/builder.c
src/libstrongswan/credentials/builder.h
src/libstrongswan/plugins/pem/pem_builder.c
src/libstrongswan/plugins/sshkey/sshkey_builder.c
src/pki/commands/issue.c
src/pki/commands/keyid.c
src/pki/commands/print.c
src/pki/commands/pub.c
src/pki/commands/req.c
src/pki/commands/self.c
src/pki/commands/verify.c

index 6710dfb..4e52272 100644 (file)
@@ -17,7 +17,6 @@
 
 ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
        "BUILD_FROM_FILE",
-       "BUILD_FROM_FD",
        "BUILD_AGENT_SOCKET",
        "BUILD_BLOB",
        "BUILD_BLOB_ASN1_DER",
index 5ab462f..103b823 100644 (file)
@@ -45,8 +45,6 @@ typedef void* (*builder_function_t)(int subtype, va_list args);
 enum builder_part_t {
        /** path to a file encoded in any format, char* */
        BUILD_FROM_FILE,
-       /** file descriptor to read data, encoded in any format, int */
-       BUILD_FROM_FD,
        /** unix socket of a ssh/pgp agent, char* */
        BUILD_AGENT_SOCKET,
        /** An arbitrary blob of data, chunk_t */
index e9d55f3..254b195 100644 (file)
@@ -455,46 +455,11 @@ static void *load_from_file(char *file, credential_type_t type, int subtype,
 }
 
 /**
- * load the credential from a file descriptor
- */
-static void *load_from_fd(int fd, credential_type_t type, int subtype,
-                                                 identification_t *subject, x509_flag_t flags)
-{
-       char buf[8096];
-       char *pos = buf;
-       ssize_t len, total = 0;
-
-       while (TRUE)
-       {
-               len = read(fd, pos, buf + sizeof(buf) - pos);
-               if (len < 0)
-               {
-                       DBG1(DBG_LIB, "reading from file descriptor failed: %s",
-                                strerror(errno));
-                       return NULL;
-               }
-               if (len == 0)
-               {
-                       break;
-               }
-               total += len;
-               if (total == sizeof(buf))
-               {
-                       DBG1(DBG_LIB, "buffer too small to read from file descriptor");
-                       return NULL;
-               }
-       }
-       return load_from_blob(chunk_create(buf, total), type, subtype,
-                                                 subject, flags);
-}
-
-/**
  * Load all kind of PEM encoded credentials.
  */
 static void *pem_load(credential_type_t type, int subtype, va_list args)
 {
        char *file = NULL;
-       int fd = -1;
        chunk_t pem = chunk_empty;
        identification_t *subject = NULL;
        int flags = 0;
@@ -506,9 +471,7 @@ static void *pem_load(credential_type_t type, int subtype, va_list args)
                        case BUILD_FROM_FILE:
                                file = va_arg(args, char*);
                                continue;
-                       case BUILD_FROM_FD:
-                               fd = va_arg(args, int);
-                               continue;
+                       case BUILD_BLOB:
                        case BUILD_BLOB_PEM:
                                pem = va_arg(args, chunk_t);
                                continue;
@@ -534,10 +497,6 @@ static void *pem_load(credential_type_t type, int subtype, va_list args)
        {
                return load_from_file(file, type, subtype, subject, flags);
        }
-       if (fd != -1)
-       {
-               return load_from_fd(fd, type, subtype, subject, flags);
-       }
        return NULL;
 }
 
index 61e829f..569b0b7 100644 (file)
@@ -162,22 +162,15 @@ static sshkey_public_key_t *load_from_stream(FILE *file)
 }
 
 /**
- * Load SSH key from FD
+ * Load SSH key from a blob of data (most likely the content of a file)
  */
-static sshkey_public_key_t *load_from_fd(int fd)
+static sshkey_public_key_t *load_from_blob(chunk_t blob)
 {
        FILE *stream;
 
-       /* dup the FD as it gets closed in fclose() */
-       fd = dup(fd);
-       if (fd == -1)
-       {
-               return NULL;
-       }
-       stream = fdopen(fd, "r");
+       stream = fmemopen(blob.ptr, blob.len, "r");
        if (!stream)
        {
-               close(fd);
                return NULL;
        }
        return load_from_stream(stream);
@@ -204,22 +197,21 @@ static sshkey_public_key_t *load_from_file(char *file)
  */
 sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args)
 {
-       chunk_t blob = chunk_empty;
+       chunk_t sshkey = chunk_empty, blob = chunk_empty;
        char *file = NULL;
-       int fd = -1;
 
        while (TRUE)
        {
                switch (va_arg(args, builder_part_t))
                {
                        case BUILD_BLOB_SSHKEY:
-                               blob = va_arg(args, chunk_t);
+                               sshkey = va_arg(args, chunk_t);
                                continue;
                        case BUILD_FROM_FILE:
                                file = va_arg(args, char*);
                                continue;
-                       case BUILD_FROM_FD:
-                               fd = va_arg(args, int);
+                       case BUILD_BLOB:
+                               blob = va_arg(args, chunk_t);
                                continue;
                        case BUILD_END:
                                break;
@@ -228,17 +220,17 @@ sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args)
                }
                break;
        }
-       if (blob.ptr)
+       if (sshkey.ptr)
        {
-               return parse_public_key(blob);
+               return parse_public_key(sshkey);
        }
        if (file)
        {
                return load_from_file(file);
        }
-       if (fd != -1)
+       if (blob.ptr)
        {
-               return load_from_fd(fd);
+               return load_from_blob(blob);
        }
        return NULL;
 }
index 9d669df..000f63d 100644 (file)
@@ -380,9 +380,13 @@ static int issue()
                }
                else
                {
+                       chunk_t chunk;
+
+                       chunk = chunk_from_fd(0);
                        cert_req = lib->creds->create(lib->creds, CRED_CERTIFICATE,
                                                                                  CERT_PKCS10_REQUEST,
-                                                                                 BUILD_FROM_FD, 0, BUILD_END);
+                                                                                 BUILD_BLOB, chunk, BUILD_END);
+                       free(chunk.ptr);
                }
                if (!cert_req)
                {
@@ -419,8 +423,12 @@ static int issue()
                }
                else
                {
+                       chunk_t chunk;
+
+                       chunk = chunk_from_fd(0);
                        public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
-                                                                                BUILD_FROM_FD, 0, BUILD_END);
+                                                                                BUILD_BLOB, chunk, BUILD_END);
+                       free(chunk.ptr);
                }
        }
        if (!public)
index 6d2f7b9..353670e 100644 (file)
@@ -87,8 +87,12 @@ static int keyid()
        }
        else
        {
+               chunk_t chunk;
+
+               chunk = chunk_from_fd(0);
                cred = lib->creds->create(lib->creds, type, subtype,
-                                                                 BUILD_FROM_FD, 0, BUILD_END);
+                                                                 BUILD_BLOB, chunk, BUILD_END);
+               free(chunk.ptr);
        }
        if (!cred)
        {
index 90cf254..2261e44 100644 (file)
@@ -338,7 +338,7 @@ static void print_crl(crl_t *crl)
 
        if (crl->is_delta_crl(crl, &chunk))
        {
-               chunk = chunk_skip_zero(chunk);         
+               chunk = chunk_skip_zero(chunk);
                printf("delta CRL: for serial %#B\n", &chunk);
        }
        chunk = crl->get_authKeyIdentifier(crl);
@@ -508,8 +508,12 @@ static int print()
        }
        else
        {
+               chunk_t chunk;
+
+               chunk = chunk_from_fd(0);
                cred = lib->creds->create(lib->creds, type, subtype,
-                                                                 BUILD_FROM_FD, 0, BUILD_END);
+                                                                 BUILD_BLOB, chunk, BUILD_END);
+               free(chunk.ptr);
        }
        if (!cred)
        {
index 537af51..7f88055 100644 (file)
@@ -101,13 +101,17 @@ static int pub()
 
                chunk = chunk_from_hex(chunk_create(keyid, strlen(keyid)), NULL);
                cred = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
-                                                                        BUILD_PKCS11_KEYID, chunk, BUILD_END);
+                                                                 BUILD_PKCS11_KEYID, chunk, BUILD_END);
                free(chunk.ptr);
        }
        else
        {
+               chunk_t chunk;
+
+               chunk = chunk_from_fd(0);
                cred = lib->creds->create(lib->creds, type, subtype,
-                                                                        BUILD_FROM_FD, 0, BUILD_END);
+                                                                 BUILD_BLOB, chunk, BUILD_END);
+               free(chunk.ptr);
        }
 
        if (type == CRED_PRIVATE_KEY)
index e269f64..628463e 100644 (file)
@@ -116,8 +116,12 @@ static int req()
        }
        else
        {
+               chunk_t chunk;
+
+               chunk = chunk_from_fd(0);
                private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
-                                                                        BUILD_FROM_FD, 0, BUILD_END);
+                                                                        BUILD_BLOB, chunk, BUILD_END);
+               free(chunk.ptr);
        }
        if (!private)
        {
index a1f17c8..6bf0b13 100644 (file)
@@ -271,8 +271,12 @@ static int self()
        }
        else
        {
+               chunk_t chunk;
+
+               chunk = chunk_from_fd(0);
                private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
-                                                                        BUILD_FROM_FD, 0, BUILD_END);
+                                                                        BUILD_BLOB, chunk, BUILD_END);
+               free(chunk.ptr);
        }
        if (!private)
        {
index 11c596d..96b2b50 100644 (file)
@@ -55,8 +55,12 @@ static int verify()
        }
        else
        {
+               chunk_t chunk;
+
+               chunk = chunk_from_fd(0);
                cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
-                                                                 BUILD_FROM_FD, 0, BUILD_END);
+                                                                 BUILD_BLOB, chunk, BUILD_END);
+               free(chunk.ptr);
        }
        if (!cert)
        {