summaryrefslogtreecommitdiff
path: root/gnutls-helpers.c
blob: ce77d0cbdd4ad9ad81093a3e2b3e946c32457a26 (plain) 
    

  1. /* Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> */
    2. 

  2. /* Date: Fri, 04 Apr 2008 19:31:16 -0400 */
    3. 

  3. /* License: GPL v3 or later */
    4. 

  4. 

  5. #include "gnutls-helpers.h"
    6. 

  6. /* for htonl() */
    7. 

  7. #include <arpa/inet.h>
    8. 

  8. 

  9. /* for setlocale() */
    10. 

  10. #include <locale.h>
    11. 

  11. 

  12. /* for isalnum() */
    13. 

  13. #include <ctype.h>
    14. 

  14. 

  15. int loglevel = 0;
    16. 

  16. 

  17. 

  18. void err(const char* fmt, ...) {
    19. 

  19.   va_list ap;
    20. 

  20.   va_start(ap, fmt);
    21. 

  21.   vfprintf(stderr, fmt, ap);
    22. 

  22.   va_end(ap);
    23. 

  23. }
    24. 

  24. 

  25. void logfunc(int level, const char* string) {
    26. 

  26.   fprintf(stderr, "GnuTLS Logging (%d): %s\n", level, string);
    27. 

  27. }
    28. 

  28. 

  29. void init_keyid(gnutls_openpgp_keyid_t keyid) {
    30. 

  30.   memset(keyid, 'x', sizeof(gnutls_openpgp_keyid_t));
    31. 

  31. }
    32. 

  32. 

  33. 

  34. 

  35. void make_keyid_printable(printable_keyid out, gnutls_openpgp_keyid_t keyid)
    36. 

  36. {
    37. 

  37.   static const char hex[16] = "0123456789ABCDEF";
    38. 

  38.   unsigned int kix = 0, outix = 0;
    39. 

  39.   
    40. 

  40.   while (kix < sizeof(gnutls_openpgp_keyid_t)) {
    41. 

  41.     out[outix] = hex[(keyid[kix] >> 4) & 0x0f];
    42. 

  42.     out[outix + 1] = hex[keyid[kix] & 0x0f];
    43. 

  43.     kix++;
    44. 

  44.     outix += 2;
    45. 

  45.   }
    46. 

  46. }
    47. 

  47. 

  48. 

  49. int init_gnutls() {
    50. 

  50.   const char* version = NULL;
    51. 

  51.   const char* debug_string = NULL;
    52. 

  52.   int ret;
    53. 

  53. 

  54.   if (ret = gnutls_global_init(), ret) {
    55. 

  55.     err("Failed to do gnutls_global_init() (error: %d)\n", ret);
    56. 

  56.     return 1;
    57. 

  57.   }
    58. 

  58. 

  59.   version = gnutls_check_version(NULL);
    60. 

  60. 

  61.   if (version) 
    62. 

  62.     err("gnutls version: %s\n", version);
    63. 

  63.   else {
    64. 

  64.     err("no version found!\n");
    65. 

  65.     return 1;
    66. 

  66.   }
    67. 

  67. 

  68.   if (debug_string = getenv("MONKEYSPHERE_DEBUG"), debug_string) {
    69. 

  69.     loglevel = atoi(debug_string);
    70. 

  70.     gnutls_global_set_log_function(logfunc);
    71. 

  71.     
    72. 

  72.     gnutls_global_set_log_level(loglevel);
    73. 

  73.     err("set log level to %d\n", loglevel);
    74. 

  74.   }
    75. 

  75.   return 0;
    76. 

  76. }
    77. 

  77. 

  78. void init_datum(gnutls_datum_t* d) {
    79. 

  79.   d->data = NULL;
    80. 

  80.   d->size = 0;
    81. 

  81. }
    82. 

  82. void copy_datum(gnutls_datum_t* dest, const gnutls_datum_t* src) {
    83. 

  83.   dest->data = gnutls_realloc(dest->data, src->size);
    84. 

  84.   dest->size = src->size;
    85. 

  85.   memcpy(dest->data, src->data, src->size);
    86. 

  86. }
    87. 

  87. int compare_data(const gnutls_datum_t* a, const gnutls_datum_t* b) {
    88. 

  88.   if (a->size > b->size) {
    89. 

  89.     err("a is larger\n");
    90. 

  90.     return 1;
    91. 

  91.   }
    92. 

  92.   if (a->size < b->size) {
    93. 

  93.     err("b is larger\n");
    94. 

  94.     return -1;
    95. 

  95.   }
    96. 

  96.   return memcmp(a->data, b->data, a->size);
    97. 

  97. }
    98. 

  98. void free_datum(gnutls_datum_t* d) {
    99. 

  99.   gnutls_free(d->data);
    100. 

  100.   d->data = NULL;
    101. 

  101.   d->size = 0;
    102. 

  102. }
    103. 

  103. 

  104. /* read the passed-in string, store in a single datum */
    105. 

  105. int set_datum_string(gnutls_datum_t* d, const char* s) {
    106. 

  106.   unsigned int x = strlen(s)+1;
    107. 

  107.   unsigned char* c = NULL;
    108. 

  108. 

  109.   c = gnutls_realloc(d->data, x);
    110. 

  110.   if (NULL == c)
    111. 

  111.     return -1;
    112. 

  112.   d->data = c;
    113. 

  113.   d->size = x;
    114. 

  114.   memcpy(d->data, s, x);
    115. 

  115.   return 0;
    116. 

  116. }
    117. 

  117. 

  118. /* read the passed-in file descriptor until EOF, store in a single
    119. 

  119.    datum */
    120. 

  120. int set_datum_fd(gnutls_datum_t* d, int fd) {
    121. 

  121.   unsigned int bufsize = 1024;
    122. 

  122.   unsigned int len = 0;
    123. 

  123. 

  124.   FILE* f = fdopen(fd, "r");
    125. 

  125.   if (bufsize > d->size) {
    126. 

  126.     bufsize = 1024;
    127. 

  127.     d->data = gnutls_realloc(d->data, bufsize);
    128. 

  128.     if (d->data == NULL) {
    129. 

  129.       err("out of memory!\n");
    130. 

  130.       return -1;
    131. 

  131.     }
    132. 

  132.     d->size = bufsize;
    133. 

  133.   } else {
    134. 

  134.     bufsize = d->size;
    135. 

  135.   }
    136. 

  136.   f = fdopen(fd, "r");
    137. 

  137.   if (NULL == f) {
    138. 

  138.     err("could not fdopen FD %d\n", fd);
    139. 

  139.   }
    140. 

  140.   clearerr(f);
    141. 

  141.   while (!feof(f) && !ferror(f)) { 
    142. 

  142.     if (len == bufsize) {
    143. 

  143.       /* allocate more space by doubling: */
    144. 

  144.       bufsize *= 2;
    145. 

  145.       d->data = gnutls_realloc(d->data, bufsize);
    146. 

  146.       if (d->data == NULL) {
    147. 

  147.     err("out of memory!\n"); 
    148. 

  148.     return -1;
    149. 

  149.       };
    150. 

  150.       d->size = bufsize;
    151. 

  151.     }
    152. 

  152.     len += fread(d->data + len, 1, bufsize - len, f);
    153. 

  153.     /*     err("read %d bytes\n", len); */
    154. 

  154.   }
    155. 

  155.   if (ferror(f)) {
    156. 

  156.     err("Error reading from fd %d (error: %d) (error: %d '%s')\n", fd, ferror(f), errno, strerror(errno));
    157. 

  157.     return -1;
    158. 

  158.   }
    159. 

  159.     
    160. 

  160.   /* touch up buffer size to match reality: */
    161. 

  161.   d->data = gnutls_realloc(d->data, len);
    162. 

  162.   d->size = len;
    163. 

  163.   return 0;
    164. 

  164. }
    165. 

  165. 

  166. /* read the file indicated (by name) in the fname parameter.  store
    167. 

  167.    its entire contents in a single datum. */
    168. 

  168. int set_datum_file(gnutls_datum_t* d, const char* fname) {
    169. 

  169.   struct stat sbuf;
    170. 

  170.   unsigned char* c = NULL;
    171. 

  171.   FILE* file = NULL;
    172. 

  172.   size_t x = 0;
    173. 

  173. 

  174.   if (0 != stat(fname, &sbuf)) {
    175. 

  175.     err("failed to stat '%s'\n", fname);
    176. 

  176.     return -1;
    177. 

  177.   }
    178. 

  178.   
    179. 

  179.   c = gnutls_realloc(d->data, sbuf.st_size);
    180. 

  180.   if (NULL == c) {
    181. 

  181.     err("failed to allocate %d bytes for '%s'\n", sbuf.st_size, fname);
    182. 

  182.     return -1;
    183. 

  183.   }
    184. 

  184. 

  185.   d->data = c;
    186. 

  186.   d->size = sbuf.st_size;
    187. 

  187.   file = fopen(fname, "r");
    188. 

  188.   if (NULL == file) {
    189. 

  189.     err("failed to open '%s' for reading\n",  fname);
    190. 

  190.     return -1;
    191. 

  191.   }
    192. 

  192. 

  193.   x = fread(d->data, d->size, 1, file);
    194. 

  194.   if (x != 1) {
    195. 

  195.     err("tried to read %d bytes, read %d instead from '%s'\n", d->size, x, fname);
    196. 

  196.     fclose(file);
    197. 

  197.     return -1;
    198. 

  198.   }
    199. 

  199.   fclose(file);
    200. 

  200.   return 0;
    201. 

  201. }
    202. 

  202. 

  203. int write_datum_fd(int fd, const gnutls_datum_t* d) {
    204. 

  204.   if (d->size != write(fd, d->data, d->size)) {
    205. 

  205.     err("failed to write body of datum.\n");
    206. 

  206.     return -1;
    207. 

  207.   }
    208. 

  208.   return 0;
    209. 

  209. }
    210. 

  210. 

  211. 

  212. int write_datum_fd_with_length(int fd, const gnutls_datum_t* d) {
    213. 

  213.   uint32_t len = htonl(d->size);
    214. 

  214.   if (write(fd, &len, sizeof(len)) != sizeof(len)) {
    215. 

  215.     err("failed to write size of datum.\n");
    216. 

  216.     return -2;
    217. 

  217.   }
    218. 

  218.   return write_datum_fd(fd, d);
    219. 

  219. }
    220. 

  220. 

  221. int write_data_fd_with_length(int fd, const gnutls_datum_t** d, unsigned int num) {
    222. 

  222.   unsigned int i;
    223. 

  223.   int ret;
    224. 

  224. 

  225.   for (i = 0; i < num; i++)
    226. 

  226.     if (ret = write_datum_fd_with_length(fd, d[i]), ret != 0)
    227. 

  227.       return ret;
    228. 

  228. 

  229.   return 0;
    230. 

  230. }
    231. 

  231. 

  232. 

  233. int datum_from_string(gnutls_datum_t* d, const char* str) {
    234. 

  234.   d->size = strlen(str);
    235. 

  235.   d->data = gnutls_realloc(d->data, d->size);
    236. 

  236.   if (d->data == 0)
    237. 

  237.     return ENOMEM;
    238. 

  238.   memcpy(d->data, str, d->size);
    239. 

  239.   return 0;
    240. 

  240. }
    241. 

  241. 

  242. 

  243. int create_writing_pipe(pid_t* pid, const char* path, char* const argv[]) {
    244. 

  244.   int p[2];
    245. 

  245.   int ret;
    246. 

  246. 

  247.   if (pid == NULL) {
    248. 

  248.     err("bad pointer passed to create_writing_pipe()\n");
    249. 

  249.     return -1;
    250. 

  250.   }
    251. 

  251. 

  252.   if (ret = pipe(p), ret == -1) {
    253. 

  253.     err("failed to create a pipe (error: %d \"%s\")\n", errno, strerror(errno));
    254. 

  254.     return -1;
    255. 

  255.   }
    256. 

  256. 

  257.   *pid = fork();
    258. 

  258.   if (*pid == -1) {
    259. 

  259.     err("Failed to fork (error: %d \"%s\")\n", errno, strerror(errno));
    260. 

  260.     return -1;
    261. 

  261.   }
    262. 

  262.   if (*pid == 0) { /* this is the child */
    263. 

  263.     close(p[1]); /* close unused write end */
    264. 

  264.     
    265. 

  265.     if (0 != dup2(p[0], 0)) { /* map the reading end into stdin */
    266. 

  266.       err("Failed to transfer reading file descriptor to stdin (error: %d \"%s\")\n", errno, strerror(errno));
    267. 

  267.       exit(1);
    268. 

  268.     }
    269. 

  269.     execv(path, argv);
    270. 

  270.     err("exec %s failed (error: %d \"%s\")\n", path, errno, strerror(errno));
    271. 

  271.     exit(1);
    272. 

  272.   } else { /* this is the parent */
    273. 

  273.     close(p[0]); /* close unused read end */
    274. 

  274.     return p[1];
    275. 

  275.   }
    276. 

  276. }
    277. 

  277. 

  278. int validate_ssh_host_userid(const char* userid) {
    279. 

  279.   char* oldlocale = setlocale(LC_ALL, "C");
    280. 

  280.   
    281. 

  281.   /* choke if userid does not match the expected format
    282. 

  282.      ("ssh://fully.qualified.domain.name") */
    283. 

  283.   if (strncmp("ssh://", userid, strlen("ssh://")) != 0) {
    284. 

  284.     err("The user ID should start with ssh:// for a host key\n");
    285. 

  285.     goto fail;
    286. 

  286.   }
    287. 

  287.   /* so that isalnum will work properly */
    288. 

  288.   userid += strlen("ssh://");
    289. 

  289.   while (0 != (*userid)) {
    290. 

  290.     if (!isalnum(*userid)) {
    291. 

  291.       err("label did not start with a letter or a digit! (%s)\n", userid);
    292. 

  292.       goto fail;
    293. 

  293.     }
    294. 

  294.     userid++;
    295. 

  295.     while (isalnum(*userid) || ('-' == (*userid)))
    296. 

  296.       userid++;
    297. 

  297.     if (('.' == (*userid)) || (0 == (*userid))) { /* clean end of label:
    298. 

  298.                          check last char
    299. 

  299.                          isalnum */
    300. 

  300.       if (!isalnum(*(userid - 1))) {
    301. 

  301.     err("label did not end with a letter or a digit!\n");
    302. 

  302.     goto fail;
    303. 

  303.       }
    304. 

  304.       if ('.' == (*userid)) /* advance to the start of the next label */
    305. 

  305.     userid++;
    306. 

  306.     } else {
    307. 

  307.       err("invalid character in domain name: %c\n", *userid);
    308. 

  308.       goto fail;
    309. 

  309.     }
    310. 

  310.   }
    311. 

  311.   /* ensure that the last character is valid: */
    312. 

  312.   if (!isalnum(*(userid - 1))) {
    313. 

  313.     err("hostname did not end with a letter or a digit!\n");
    314. 

  314.     goto fail;
    315. 

  315.   }
    316. 

  316.   /* FIXME: fqdn's can be unicode now, thanks to RFC 3490 -- how do we
    317. 

  317.      make sure that we've got an OK string? */
    318. 

  318. 

  319.   return 0;
    320. 

  320. 

  321.  fail:
    322. 

  322.   setlocale(LC_ALL, oldlocale);
    323. 

  323.   return 1;
    324. 

  324. }
    325.
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-06 03:11:13 +0000