sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity

pki: Switch to binary mode on Windows when reading/writing DER to FDs

Browse Source
This commit is contained in:
Martin Willi 2014-03-08 14:57:54 +01:00
parent f1e7b9b0d7
commit 13298719e3
13 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/pki/commands/acert.c
View File

@ -196,6 +196,7 @@ static int acert()
}
else
{
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &encoding))
{
fprintf(stderr, "%s: ", strerror(errno));
@ -232,6 +233,7 @@ static int acert()
error = "encoding attribute certificate failed";
goto end;
}
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
error = "writing attribute certificate key failed";

2
src/pki/commands/gen.c
View File

@ -133,6 +133,7 @@ static int gen()
return 1;
}
key->destroy(key);
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
fprintf(stderr, "writing private key failed\n");
@ -163,4 +164,3 @@ static void __attribute__ ((constructor))reg()
}
});
}

2
src/pki/commands/issue.c
View File

@ -402,6 +402,7 @@ static int issue()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "%s: ", strerror(errno));
@ -500,6 +501,7 @@ static int issue()
error = "encoding certificate failed";
goto end;
}
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
error = "writing certificate key failed";

1
src/pki/commands/keyid.c
View File

@ -91,6 +91,7 @@ static int keyid()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "reading input failed: %s\n", strerror(errno));

1
src/pki/commands/pkcs7.c
View File

@ -58,6 +58,7 @@ static bool write_to_stream(FILE *stream, chunk_t data)
{
size_t len, total = 0;
set_file_mode(stream, CERT_ASN1_DER);
while (total < data.len)
{
len = fwrite(data.ptr + total, 1, data.len - total, stream);

1
src/pki/commands/print.c
View File

@ -604,6 +604,7 @@ static int print()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "reading input failed: %s\n", strerror(errno));

2
src/pki/commands/pub.c
View File

@ -110,6 +110,7 @@ static int pub()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "reading input failed: %s\n", strerror(errno));
@ -163,6 +164,7 @@ static int pub()
return 1;
}
public->destroy(public);
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
fprintf(stderr, "writing public key failed\n");

2
src/pki/commands/req.c
View File

@ -118,6 +118,7 @@ static int req()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "reading private key failed: %s\n", strerror(errno));
@ -150,6 +151,7 @@ static int req()
error = "encoding certificate request failed";
goto end;
}
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
error = "writing certificate request failed";

2
src/pki/commands/self.c
View File

@ -292,6 +292,7 @@ static int self()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "%s: ", strerror(errno));
@ -360,6 +361,7 @@ static int self()
error = "encoding certificate failed";
goto end;
}
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
error = "writing certificate key failed";

1
src/pki/commands/signcrl.c
View File

@ -405,6 +405,7 @@ static int sign_crl()
error = "encoding CRL failed";
goto error;
}
set_file_mode(stdout, form);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
error = "writing CRL failed";

1
src/pki/commands/verify.c
View File

@ -59,6 +59,7 @@ static int verify()
{
chunk_t chunk;
set_file_mode(stdin, CERT_ASN1_DER);
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "reading certificate failed: %s\n", strerror(errno));

28
src/pki/pki.c
View File

@ -19,6 +19,7 @@
#include <time.h>
#include <unistd.h>
#include <fcntl.h>
#include <utils/debug.h>
#include <credentials/sets/callback_cred.h>
@ -153,6 +154,33 @@ bool calculate_lifetime(char *format, char *nbstr, char *nastr, time_t span,
return TRUE;
}
/**
* Set output file mode appropriate for credential encoding form on Windows
*/
void set_file_mode(FILE *stream, cred_encoding_type_t enc)
{
#ifdef WIN32
int fd;
switch (enc)
{
case CERT_PEM:
case PRIVKEY_PEM:
case PUBKEY_PEM:
/* keep default text mode */
return;
default:
/* switch to binary mode */
break;
}
fd = fileno(stream);
if (fd != -1)
{
_setmode(fd, _O_BINARY);
}
#endif
}
/**
* Callback credential set pki uses
*/

5
src/pki/pki.h
View File

@ -50,4 +50,9 @@ bool get_form(char *form, cred_encoding_type_t *enc, credential_type_t type);
bool calculate_lifetime(char *format, char *nbstr, char *nastr, time_t span,
time_t *nb, time_t *na);
/**
* Set output file mode appropriate for credential encoding form on Windows
*/
void set_file_mode(FILE *stream, cred_encoding_type_t enc);
#endif /** PKI_H_ @}*/