From 1df1b0f7b28c733bf01e5d1faa2f8ccdb3db1665 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 2 Sep 2013 13:47:18 +0300 Subject: [PATCH] Avoid using gnulib's error() --- src/certtool-common.c | 180 +++++++++--- src/certtool-extras.c | 21 +- src/certtool.c | 763 +++++++++++++++++++++++++++++++++++++++---------- src/danetool.c | 97 +++++-- src/ocsptool-common.c | 48 +++- src/ocsptool.c | 171 +++++++++--- src/p11tool.c | 16 +- src/pkcs11.c | 1 - src/serv.c | 2 + src/tpmtool.c | 41 ++- 10 files changed, 1055 insertions(+), 285 deletions(-) diff --git a/src/certtool-common.c b/src/certtool-common.c index cca7c49..1799250 100644 --- a/src/certtool-common.c +++ b/src/certtool-common.c @@ -37,7 +37,6 @@ #include #include #include -#include #include #include "certtool-common.h" #include "certtool-args.h" @@ -86,7 +85,10 @@ load_secret_key (int mand, common_info_st * info) if (info->secret_key == NULL) { if (mand) - error (EXIT_FAILURE, 0, "missing --secret-key"); + { + fprintf (stderr, "missing --secret-key"); + exit(1); + } else return NULL; } @@ -96,7 +98,10 @@ load_secret_key (int mand, common_info_st * info) ret = gnutls_hex_decode (&hex_key, raw_key, &raw_key_size); if (ret < 0) - error (EXIT_FAILURE, 0, "hex_decode: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "hex_decode: %s", gnutls_strerror (ret)); + exit(1); + } key.data = (void*)raw_key; key.size = raw_key_size; @@ -135,7 +140,10 @@ const char* pass; ret = gnutls_privkey_init (&key); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_privkey_import_x509_raw (key, dat, info->incert_format, NULL, 0); if (ret == GNUTLS_E_DECRYPTION_FAILED) @@ -146,14 +154,18 @@ const char* pass; if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) { - error (EXIT_FAILURE, 0, + fprintf (stderr, "import error: could not find a valid PEM header; " "check if your key is PKCS #12 encoded"); + exit(1); } if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s", + { + fprintf (stderr, "importing --load-privkey: %s: %s", info->privkey, gnutls_strerror (ret)); + exit(1); + } return key; } @@ -165,12 +177,18 @@ gnutls_privkey_t key; ret = gnutls_privkey_init (&key); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_privkey_import_url(key, url, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "importing key: %s: %s", + { + fprintf (stderr, "importing key: %s: %s", url, gnutls_strerror (ret)); + exit(1); + } return key; } @@ -214,7 +232,10 @@ load_private_key (int mand, common_info_st * info) return NULL; if (info->privkey == NULL) - error (EXIT_FAILURE, 0, "missing --load-privkey"); + { + fprintf (stderr, "missing --load-privkey"); + exit(1); + } if (gnutls_url_is_supported(info->privkey) != 0) return _load_url_privkey(info->privkey); @@ -223,7 +244,10 @@ load_private_key (int mand, common_info_st * info) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey); + { + fprintf (stderr, "reading --load-privkey: %s", info->privkey); + exit(1); + } key = _load_privkey(&dat, info); @@ -249,17 +273,26 @@ load_x509_private_key (int mand, common_info_st * info) return NULL; if (info->privkey == NULL) - error (EXIT_FAILURE, 0, "missing --load-privkey"); + { + fprintf (stderr, "missing --load-privkey"); + exit(1); + } ret = gnutls_x509_privkey_init (&key); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (info->privkey, &size); dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey); + { + fprintf (stderr, "reading --load-privkey: %s", info->privkey); + exit(1); + } if (info->pkcs8) { @@ -282,14 +315,18 @@ load_x509_private_key (int mand, common_info_st * info) if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) { - error (EXIT_FAILURE, 0, + fprintf (stderr, "import error: could not find a valid PEM header; " - "check if your key is PKCS #12 encoded"); + "check if your key is PEM encoded"); + exit(1); } if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s", + { + fprintf( stderr, "importing --load-privkey: %s: %s", info->privkey, gnutls_strerror (ret)); + exit(1); + } return key; } @@ -332,14 +369,20 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info) if (info->cert == NULL) { if (mand) - error (EXIT_FAILURE, 0, "missing --load-certificate"); + { + fprintf (stderr, "missing --load-certificate"); + exit(1); + } else return NULL; } fd = fopen (info->cert, "r"); if (fd == NULL) - error (EXIT_FAILURE, errno, "%s", info->cert); + { + fprintf (stderr, "%s", info->cert); + exit(1); + } size = fread (buffer, 1, sizeof (buffer) - 1, fd); buffer[size] = 0; @@ -353,7 +396,10 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info) { ret = gnutls_x509_crt_init (&crt[i]); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crt_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)ptr; dat.size = ptr_size; @@ -362,7 +408,10 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info) if (ret < 0 && *crt_size > 0) break; if (ret < 0) - error (EXIT_FAILURE, 0, "crt_import: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crt_import: %s", gnutls_strerror (ret)); + exit(1); + } ptr = strstr (ptr, "---END"); if (ptr == NULL) @@ -399,26 +448,35 @@ load_request (common_info_st * info) ret = gnutls_x509_crq_init (&crq); if (ret < 0) - error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crq_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (info->request, &size); dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-request: %s", info->request); + { + fprintf (stderr, "reading --load-request: %s", info->request); + exit(1); + } ret = gnutls_x509_crq_import (crq, &dat, info->incert_format); if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) { - error (EXIT_FAILURE, 0, + fprintf(stderr, "import error: could not find a valid PEM header"); + exit(1); } free (dat.data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-request: %s: %s", - info->request, gnutls_strerror (ret)); - + { + fprintf(stderr, "importing --load-request: %s: %s", + info->request, gnutls_strerror (ret)); + exit(1); + } return crq; } @@ -432,7 +490,10 @@ load_ca_private_key (common_info_st * info) size_t size; if (info->ca_privkey == NULL) - error (EXIT_FAILURE, 0, "missing --load-ca-privkey"); + { + fprintf(stderr, "missing --load-ca-privkey"); + exit(1); + } if (gnutls_url_is_supported(info->ca_privkey) != 0) return _load_url_privkey(info->ca_privkey); @@ -441,8 +502,11 @@ load_ca_private_key (common_info_st * info) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-ca-privkey: %s", + { + fprintf (stderr, "reading --load-ca-privkey: %s", info->ca_privkey); + exit(1); + } key = _load_privkey(&dat, info); @@ -462,24 +526,36 @@ load_ca_cert (common_info_st * info) size_t size; if (info->ca == NULL) - error (EXIT_FAILURE, 0, "missing --load-ca-certificate"); + { + fprintf(stderr, "missing --load-ca-certificate"); + exit(1); + } ret = gnutls_x509_crt_init (&crt); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crt_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (info->ca, &size); dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s", + { + fprintf( stderr, "reading --load-ca-certificate: %s", info->ca); + exit(1); + } ret = gnutls_x509_crt_import (crt, &dat, info->incert_format); free (dat.data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-ca-certificate: %s: %s", - info->ca, gnutls_strerror (ret)); + { + fprintf(stderr, "importing --load-ca-certificate: %s: %s", + info->ca, gnutls_strerror (ret)); + exit(1); + } return crt; } @@ -499,20 +575,29 @@ load_pubkey (int mand, common_info_st * info) return NULL; if (info->pubkey == NULL) - error (EXIT_FAILURE, 0, "missing --load-pubkey"); + { + fprintf(stderr, "missing --load-pubkey"); + exit(1); + } if (gnutls_url_is_supported(info->pubkey) != 0) return _load_url_pubkey(info->pubkey); ret = gnutls_pubkey_init (&key); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (info->pubkey, &size); dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-pubkey: %s", info->pubkey); + { + fprintf( stderr, "reading --load-pubkey: %s", info->pubkey); + exit(1); + } ret = gnutls_pubkey_import (key, &dat, info->incert_format); @@ -520,14 +605,18 @@ load_pubkey (int mand, common_info_st * info) if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) { - error (EXIT_FAILURE, 0, + fprintf(stderr, "import error: could not find a valid PEM header; " "check if your key has the PUBLIC KEY header"); + exit(1); } if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-pubkey: %s: %s", + { + fprintf(stderr, "importing --load-pubkey: %s: %s", info->pubkey, gnutls_strerror (ret)); + exit(1); + } return key; } @@ -539,8 +628,11 @@ int ret; ret = gnutls_pubkey_init(&pubkey); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_pubkey_init: %s", + { + fprintf(stderr, "gnutls_pubkey_init: %s", gnutls_strerror (ret)); + exit(1); + } if (!privkey || (ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0)) < 0) { /* could not get (e.g. on PKCS #11 */ @@ -747,7 +839,10 @@ size_t size; ret = gnutls_pubkey_print(pubkey, format, &data); if (ret < 0) - error (EXIT_FAILURE, 0, "pubkey_print error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "pubkey_print error: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "%s\n", data.data); gnutls_free (data.data); @@ -755,7 +850,10 @@ size_t size; size = buffer_size; ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_PEM, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "\n%s\n", buffer); } diff --git a/src/certtool-extras.c b/src/certtool-extras.c index 1422188..ee89434 100644 --- a/src/certtool-extras.c +++ b/src/certtool-extras.c @@ -38,7 +38,6 @@ #include #include #include -#include #include "certtool-common.h" #include "certtool-cfg.h" @@ -64,14 +63,20 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info) if (info->privkey == NULL) { if (mand) - error (EXIT_FAILURE, 0, "missing --load-privkey"); + { + fprintf( stderr, "missing --load-privkey"); + exit(1); + } else return NULL; } ret = gnutls_load_file(info->privkey, &file_data); if (ret < 0) - error (EXIT_FAILURE, errno, "%s", info->privkey); + { + fprintf (stderr, "%s", info->privkey); + exit(1); + } ptr = (void*)file_data.data; ptr_size = file_data.size; @@ -80,7 +85,10 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info) { ret = gnutls_x509_privkey_init (&key[i]); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)ptr; dat.size = ptr_size; @@ -95,7 +103,10 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info) if (ret < 0 && *privkey_size > 0) break; if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_import: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "privkey_import: %s", gnutls_strerror (ret)); + exit(1); + } (*privkey_size)++; diff --git a/src/certtool.c b/src/certtool.c index 2a1a668..0ea52e8 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -38,7 +38,6 @@ #include #include #include -#include /* Gnulib portability files. */ #include @@ -109,7 +108,10 @@ generate_private_key_int (common_info_st * cinfo) ret = gnutls_x509_privkey_init (&key); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } bits = get_bits (key_type, cinfo->bits, cinfo->sec_param, 1); @@ -122,11 +124,17 @@ generate_private_key_int (common_info_st * cinfo) ret = gnutls_x509_privkey_generate (key, key_type, bits, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_generate: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_generate: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_x509_privkey_verify_params (key); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_verify_params: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_verify_params: %s", gnutls_strerror (ret)); + exit(1); + } return key; } @@ -167,8 +175,8 @@ cipher_to_flags (const char *cipher) return GNUTLS_PKCS_USE_PKCS12_RC2_40; } - error (EXIT_FAILURE, 0, "unknown cipher %s\n", cipher); - return -1; + fprintf(stderr, "unknown cipher %s\n", cipher); + exit(1); } @@ -190,7 +198,10 @@ print_private_key (common_info_st* cinfo, gnutls_x509_privkey_t key) ret = gnutls_x509_privkey_export (key, outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_export: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_export: %s", gnutls_strerror (ret)); + exit(1); + } } else { @@ -205,8 +216,11 @@ print_private_key (common_info_st* cinfo, gnutls_x509_privkey_t key) gnutls_x509_privkey_export_pkcs8 (key, outcert_format, pass, flags, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_export_pkcs8: %s", + { + fprintf(stderr, "privkey_export_pkcs8: %s", gnutls_strerror (ret)); + exit(1); + } } fwrite (buffer, 1, size, outfile); @@ -244,7 +258,10 @@ generate_certificate (gnutls_privkey_t * ret_key, ret = gnutls_x509_crt_init (&crt); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crt_init: %s", gnutls_strerror (ret)); + exit(1); + } crq = load_request (cinfo); @@ -266,8 +283,11 @@ generate_certificate (gnutls_privkey_t * ret_key, { result = gnutls_x509_crt_set_proxy_dn (crt, ca_crt, 0, NULL, 0); if (result < 0) - error (EXIT_FAILURE, 0, "set_proxy_dn: %s", + { + fprintf(stderr, "set_proxy_dn: %s", gnutls_strerror (result)); + exit(1); + } get_dn_crt_set (crt); get_cn_crt_set (crt); @@ -297,13 +317,19 @@ generate_certificate (gnutls_privkey_t * ret_key, result = gnutls_x509_crt_set_pubkey (crt, pubkey); if (result < 0) - error (EXIT_FAILURE, 0, "set_key: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_key: %s", gnutls_strerror (result)); + exit(1); + } } else { result = gnutls_x509_crt_set_crq (crt, crq); if (result < 0) - error (EXIT_FAILURE, 0, "set_crq: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_crq: %s", gnutls_strerror (result)); + exit(1); + } } @@ -319,7 +345,10 @@ generate_certificate (gnutls_privkey_t * ret_key, result = gnutls_x509_crt_set_serial (crt, bin_serial, 5); if (result < 0) - error (EXIT_FAILURE, 0, "serial: %s", gnutls_strerror (result)); + { + fprintf(stderr, "serial: %s", gnutls_strerror (result)); + exit(1); + } } if (!batch) @@ -339,7 +368,10 @@ generate_certificate (gnutls_privkey_t * ret_key, result = gnutls_x509_crt_set_expiration_time (crt, secs); if (result < 0) - error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_expiration: %s", gnutls_strerror (result)); + exit(1); + } if (!batch) fprintf (stderr, "\n\nExtensions.\n"); @@ -349,7 +381,10 @@ generate_certificate (gnutls_privkey_t * ret_key, { result = gnutls_x509_crt_set_crq_extensions (crt, crq); if (result < 0) - error (EXIT_FAILURE, 0, "set_crq: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_crq: %s", gnutls_strerror (result)); + exit(1); + } } /* append additional extensions */ @@ -375,8 +410,11 @@ generate_certificate (gnutls_privkey_t * ret_key, gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage, policy, policylen); if (result < 0) - error (EXIT_FAILURE, 0, "set_proxy: %s", + { + fprintf(stderr, "set_proxy: %s", gnutls_strerror (result)); + exit(1); + } } if (!proxy) @@ -389,8 +427,11 @@ generate_certificate (gnutls_privkey_t * ret_key, result = gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len); if (result < 0) - error (EXIT_FAILURE, 0, "basic_constraints: %s", + { + fprintf(stderr, "basic_constraints: %s", gnutls_strerror (result)); + exit(1); + } client = get_tls_client_status (); if (client != 0) @@ -399,7 +440,10 @@ generate_certificate (gnutls_privkey_t * ret_key, GNUTLS_KP_TLS_WWW_CLIENT, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); + exit(1); + } } is_ike = get_ipsec_ike_status (); @@ -418,7 +462,10 @@ generate_certificate (gnutls_privkey_t * ret_key, gnutls_x509_crt_set_key_purpose_oid (crt, GNUTLS_KP_TLS_WWW_SERVER, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); + exit(1); + } } else if (!proxy) { @@ -451,8 +498,11 @@ generate_certificate (gnutls_privkey_t * ret_key, gnutls_x509_crt_set_key_purpose_oid (crt, GNUTLS_KP_IPSEC_IKE, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); + exit(1); + } } } @@ -475,8 +525,11 @@ generate_certificate (gnutls_privkey_t * ret_key, GNUTLS_KP_CODE_SIGNING, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); + exit(1); + } } result = get_ocsp_sign_status (); @@ -487,8 +540,11 @@ generate_certificate (gnutls_privkey_t * ret_key, GNUTLS_KP_OCSP_SIGNING, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); + exit(1); + } } result = get_time_stamp_status (); @@ -499,8 +555,11 @@ generate_certificate (gnutls_privkey_t * ret_key, GNUTLS_KP_TIME_STAMPING, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); + exit(1); + } } } get_ocsp_issuer_set(crt); @@ -515,8 +574,11 @@ generate_certificate (gnutls_privkey_t * ret_key, usage |= GNUTLS_KEY_NON_REPUDIATION; result = gnutls_x509_crt_set_key_usage (crt, usage); if (result < 0) - error (EXIT_FAILURE, 0, "key_usage: %s", + { + fprintf(stderr, "key_usage: %s", gnutls_strerror (result)); + exit(1); + } } /* Subject Key ID. @@ -527,8 +589,11 @@ generate_certificate (gnutls_privkey_t * ret_key, { result = gnutls_x509_crt_set_subject_key_id (crt, buffer, size); if (result < 0) - error (EXIT_FAILURE, 0, "set_subject_key_id: %s", + { + fprintf(stderr, "set_subject_key_id: %s", gnutls_strerror (result)); + exit(1); + } } /* Authority Key ID. @@ -548,8 +613,11 @@ generate_certificate (gnutls_privkey_t * ret_key, result = gnutls_x509_crt_set_authority_key_id (crt, buffer, size); if (result < 0) - error (EXIT_FAILURE, 0, "set_authority_key_id: %s", + { + fprintf(stderr, "set_authority_key_id: %s", gnutls_strerror (result)); + exit(1); + } } } } @@ -562,7 +630,10 @@ generate_certificate (gnutls_privkey_t * ret_key, vers = 3; result = gnutls_x509_crt_set_version (crt, vers); if (result < 0) - error (EXIT_FAILURE, 0, "set_version: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_version: %s", gnutls_strerror (result)); + exit(1); + } *ret_key = key; return crt; @@ -581,7 +652,10 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) result = gnutls_x509_crl_init (&crl); if (result < 0) - error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crl_init: %s", gnutls_strerror (result)); + exit(1); + } crts = load_cert_list (0, &size, cinfo); @@ -589,23 +663,35 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) { result = gnutls_x509_crl_set_crt (crl, crts[i], now); if (result < 0) - error (EXIT_FAILURE, 0, "crl_set_crt: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crl_set_crt: %s", gnutls_strerror (result)); + exit(1); + } } result = gnutls_x509_crl_set_this_update (crl, now); if (result < 0) - error (EXIT_FAILURE, 0, "this_update: %s", gnutls_strerror (result)); + { + fprintf(stderr, "this_update: %s", gnutls_strerror (result)); + exit(1); + } fprintf (stderr, "Update times.\n"); days = get_crl_next_update (); result = gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60); if (result < 0) - error (EXIT_FAILURE, 0, "next_update: %s", gnutls_strerror (result)); + { + fprintf(stderr, "next_update: %s", gnutls_strerror (result)); + exit(1); + } result = gnutls_x509_crl_set_version (crl, 2); if (result < 0) - error (EXIT_FAILURE, 0, "set_version: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_version: %s", gnutls_strerror (result)); + exit(1); + } /* Authority Key ID. */ @@ -623,8 +709,12 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) { result = gnutls_x509_crl_set_authority_key_id (crl, buffer, size); if (result < 0) - error (EXIT_FAILURE, 0, "set_authority_key_id: %s", + { + fprintf(stderr, "set_authority_key_id: %s", gnutls_strerror (result)); + exit(1); + } + } } @@ -640,7 +730,10 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) result = gnutls_x509_crl_set_number (crl, bin_number, 5); if (result < 0) - error (EXIT_FAILURE, 0, "set_number: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_number: %s", gnutls_strerror (result)); + exit(1); + } } return crl; @@ -656,8 +749,11 @@ get_dig_for_pub (gnutls_pubkey_t pubkey) result = gnutls_pubkey_get_preferred_hash_algorithm (pubkey, &dig, &mand); if (result < 0) { - error (EXIT_FAILURE, 0, "crt_get_preferred_hash_algorithm: %s", + { + fprintf(stderr, "crt_get_preferred_hash_algorithm: %s", gnutls_strerror (result)); + exit(1); + } } /* if algorithm allows alternatives */ @@ -679,8 +775,11 @@ get_dig (gnutls_x509_crt_t crt) result = gnutls_pubkey_import_x509(pubkey, crt, 0); if (result < 0) { - error (EXIT_FAILURE, 0, "gnutls_pubkey_import_x509: %s", + { + fprintf(stderr, "gnutls_pubkey_import_x509: %s", gnutls_strerror (result)); + exit(1); + } } dig = get_dig_for_pub (pubkey); @@ -713,8 +812,11 @@ generate_self_signed (common_info_st * cinfo) uri, 0 /* all reasons */ ); if (result < 0) - error (EXIT_FAILURE, 0, "crl_dist_points: %s", + { + fprintf(stderr, "crl_dist_points: %s", gnutls_strerror (result)); + exit(1); + } } print_certificate_info (crt, stderr, 0); @@ -723,12 +825,18 @@ generate_self_signed (common_info_st * cinfo) result = gnutls_x509_crt_privkey_sign (crt, crt, key, get_dig (crt), 0); if (result < 0) - error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); + exit(1); + } size = buffer_size; result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -765,12 +873,18 @@ generate_signed_certificate (common_info_st * cinfo) result = gnutls_x509_crt_privkey_sign (crt, ca_crt, ca_key, get_dig (ca_crt), 0); if (result < 0) - error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); + exit(1); + } size = buffer_size; result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -800,12 +914,18 @@ generate_proxy_certificate (common_info_st * cinfo) result = gnutls_x509_crt_privkey_sign (crt, eecrt, eekey, get_dig (eecrt), 0); if (result < 0) - error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); + exit(1); + } size = buffer_size; result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -832,7 +952,10 @@ generate_signed_crl (common_info_st * cinfo) fprintf (stderr, "\n"); result = gnutls_x509_crl_privkey_sign(crl, ca_crt, ca_key, get_dig (ca_crt), 0); if (result < 0) - error (EXIT_FAILURE, 0, "crl_privkey_sign: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crl_privkey_sign: %s", gnutls_strerror (result)); + exit(1); + } print_crl_info (crl, stderr); @@ -865,18 +988,27 @@ update_signed_certificate (common_info_st * cinfo) result = gnutls_x509_crt_set_expiration_time (crt, tim + ((time_t) days) * 24 * 60 * 60); if (result < 0) - error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_expiration: %s", gnutls_strerror (result)); + exit(1); + } fprintf (stderr, "\n\nSigning certificate...\n"); result = gnutls_x509_crt_privkey_sign (crt, ca_crt, ca_key, get_dig (ca_crt), 0); if (result < 0) - error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); + exit(1); + } size = buffer_size; result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); + { + fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -902,7 +1034,10 @@ cmd_parser (int argc, char **argv) { outfile = safe_open_rw (OPT_ARG(OUTFILE), privkey_op); if (outfile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); + { + fprintf(stderr, "%s", OPT_ARG(OUTFILE)); + exit(1); + } } else outfile = stdout; @@ -911,7 +1046,10 @@ cmd_parser (int argc, char **argv) { infile = fopen (OPT_ARG(INFILE), "rb"); if (infile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE)); + { + fprintf(stderr, "%s", OPT_ARG(INFILE)); + exit(1); + } } else infile = stdin; @@ -955,7 +1093,10 @@ cmd_parser (int argc, char **argv) else if (strcasecmp (OPT_ARG(HASH), "rmd160") == 0) default_dig = GNUTLS_DIG_RMD160; else - error (EXIT_FAILURE, 0, "invalid hash: %s", OPT_ARG(HASH)); + { + fprintf(stderr, "invalid hash: %s", OPT_ARG(HASH)); + exit(1); + } } batch = 0; @@ -974,7 +1115,10 @@ cmd_parser (int argc, char **argv) } if ((ret = gnutls_global_init ()) < 0) - error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "global_init: %s", gnutls_strerror (ret)); + exit(1); + } #ifdef ENABLE_PKCS11 pkcs11_common(); @@ -1124,14 +1268,17 @@ certificate_info (int pubkey, common_info_st * cinfo) GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { - error (0, 0, "too many certificates (%d); " + fprintf( stderr, "too many certificates (%d); " "will only read the first %d", crt_num, MAX_CRTS); crt_num = MAX_CRTS; ret = gnutls_x509_crt_list_import (crt, &crt_num, &pem, incert_format, 0); } if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } free (pem.data); @@ -1139,7 +1286,7 @@ certificate_info (int pubkey, common_info_st * cinfo) if (count > 1 && outcert_format == GNUTLS_X509_FMT_DER) { - error (0, 0, "cannot output multiple certificates in DER format; " + fprintf( stderr, "cannot output multiple certificates in DER format; " "using PEM instead"); outcert_format = GNUTLS_X509_FMT_PEM; } @@ -1160,7 +1307,10 @@ certificate_info (int pubkey, common_info_st * cinfo) ret = gnutls_x509_crt_export (crt[i], outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } fwrite (buffer, 1, size, outfile); } @@ -1185,12 +1335,18 @@ pgp_certificate_info (void) ret = gnutls_openpgp_crt_init (&crt); if (ret < 0) - error (EXIT_FAILURE, 0, "openpgp_crt_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "openpgp_crt_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_openpgp_crt_import (crt, &pem, incert_format); if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } free (pem.data); @@ -1209,8 +1365,11 @@ pgp_certificate_info (void) ret = gnutls_openpgp_crt_verify_self (crt, 0, &verify_status); if (ret < 0) { - error (EXIT_FAILURE, 0, "verify signature error: %s", + { + fprintf(stderr, "verify signature error: %s", gnutls_strerror (ret)); + exit(1); + } } if (verify_status & GNUTLS_CERT_INVALID) @@ -1227,8 +1386,8 @@ pgp_certificate_info (void) ret = gnutls_openpgp_crt_export (crt, outcert_format, buffer, &size); if (ret < 0) { - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); - fwrite (buffer, 1, size, outfile); + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); } fprintf (outfile, "%s\n", buffer); @@ -1257,14 +1416,20 @@ pgp_privkey_info (void) NULL, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } /* Public key algorithm */ subkeys = gnutls_openpgp_privkey_get_subkey_count (key); if (subkeys < 0) - error (EXIT_FAILURE, 0, "privkey_get_subkey_count: %s", + { + fprintf(stderr, "privkey_get_subkey_count: %s", gnutls_strerror (subkeys)); + exit(1); + } for (i = -1; i < subkeys; i++) { @@ -1378,7 +1543,10 @@ pgp_privkey_info (void) ret = gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64, NULL, 0, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "\n%s\n", buffer); @@ -1399,13 +1567,19 @@ pgp_ring_info (void) ret = gnutls_openpgp_keyring_init (&ring); if (ret < 0) - error (EXIT_FAILURE, 0, "openpgp_keyring_init: %s", + { + fprintf(stderr, "openpgp_keyring_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_openpgp_keyring_import (ring, &pem, incert_format); if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } free (pem.data); @@ -1413,19 +1587,28 @@ pgp_ring_info (void) if (count >= 0) fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", count); else - error (EXIT_FAILURE, 0, "keyring error: %s", gnutls_strerror (count)); + { + fprintf(stderr, "keyring error: %s", gnutls_strerror (count)); + exit(1); + } for (i = 0; i < count; i++) { ret = gnutls_openpgp_keyring_get_crt (ring, i, &crt); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } size = buffer_size; ret = gnutls_openpgp_crt_export (crt, outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } fwrite (buffer, 1, size, outfile); fprintf (outfile, "\n\n"); @@ -1475,7 +1658,10 @@ print_crl_info (gnutls_x509_crl_t crl, FILE * out) ret = gnutls_x509_crl_print (crl, full_format, &data); if (ret < 0) - error (EXIT_FAILURE, 0, "crl_print: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crl_print: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (out, "%s\n", data.data); @@ -1484,7 +1670,10 @@ print_crl_info (gnutls_x509_crl_t crl, FILE * out) size = buffer_size; ret = gnutls_x509_crl_export (crl, GNUTLS_X509_FMT_PEM, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "crl_export: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crl_export: %s", gnutls_strerror (ret)); + exit(1); + } fwrite (buffer, 1, size, outfile); } @@ -1499,20 +1688,29 @@ crl_info (void) ret = gnutls_x509_crl_init (&crl); if (ret < 0) - error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crl_init: %s", gnutls_strerror (ret)); + exit(1); + } pem.data = (void*)fread_file (infile, &size); pem.size = size; if (!pem.data) - error (EXIT_FAILURE, errno, "%s", infile ? "file" : + { + fprintf(stderr, "%s", infile ? "file" : "standard input"); + exit(1); + } ret = gnutls_x509_crl_import (crl, &pem, incert_format); free (pem.data); if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } print_crl_info (crl, outfile); @@ -1530,7 +1728,10 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out) { ret = gnutls_x509_crq_print (crq, full_format, &data); if (ret < 0) - error (EXIT_FAILURE, 0, "crq_print: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crq_print: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (out, "%s\n", data.data); @@ -1550,7 +1751,10 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out) size = buffer_size; ret = gnutls_x509_crq_export (crq, outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "crq_export: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crq_export: %s", gnutls_strerror (ret)); + exit(1); + } fwrite (buffer, 1, size, outfile); } @@ -1565,20 +1769,29 @@ crq_info (void) ret = gnutls_x509_crq_init (&crq); if (ret < 0) - error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crq_init: %s", gnutls_strerror (ret)); + exit(1); + } pem.data = (void*)fread_file (infile, &size); pem.size = size; if (!pem.data) - error (EXIT_FAILURE, errno, "%s", infile ? "file" : + { + fprintf(stderr, "%s", infile ? "file" : "standard input"); + exit(1); + } ret = gnutls_x509_crq_import (crq, &pem, incert_format); free (pem.data); if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } print_crq_info (crq, outfile); @@ -1724,7 +1937,10 @@ privkey_info (common_info_st* cinfo) incert_format, pass, flags); } if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } if (outcert_format == GNUTLS_X509_FMT_PEM) privkey_info_int (cinfo, key); @@ -1736,7 +1952,10 @@ privkey_info (common_info_st* cinfo) size = buffer_size; ret = gnutls_x509_privkey_export (key, outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -1761,7 +1980,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_init (&crq); if (ret < 0) - error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crq_init: %s", gnutls_strerror (ret)); + exit(1); + } /* Load the private key. @@ -1771,7 +1993,10 @@ generate_request (common_info_st * cinfo) { ret = gnutls_privkey_init (&pkey); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret)); + exit(1); + } xkey = generate_private_key_int (cinfo); @@ -1779,7 +2004,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_privkey_import_x509(pkey, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_import_x509: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "privkey_import_x509: %s", gnutls_strerror (ret)); + exit(1); + } } pubkey = load_public_key_or_import (1, pkey, cinfo); @@ -1812,7 +2040,10 @@ generate_request (common_info_st * cinfo) { ret = gnutls_x509_crq_set_challenge_password (crq, pass); if (ret < 0) - error (EXIT_FAILURE, 0, "set_pass: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "set_pass: %s", gnutls_strerror (ret)); + exit(1); + } } if (cinfo->crq_extensions != 0) @@ -1825,8 +2056,11 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_basic_constraints (crq, ca_status, path_len); if (ret < 0) - error (EXIT_FAILURE, 0, "set_basic_constraints: %s", + { + fprintf(stderr, "set_basic_constraints: %s", gnutls_strerror (ret)); + exit(1); + } if (pk == GNUTLS_PK_RSA) { @@ -1861,7 +2095,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_CODE_SIGNING, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); + exit(1); + } } ret = get_ocsp_sign_status (); @@ -1870,7 +2107,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_OCSP_SIGNING, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); + exit(1); + } } ret = get_time_stamp_status (); @@ -1879,7 +2119,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TIME_STAMPING, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); + exit(1); + } } ret = get_ipsec_ike_status (); @@ -1888,13 +2131,19 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_IPSEC_IKE, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); + exit(1); + } } } ret = gnutls_x509_crq_set_key_usage (crq, usage); if (ret < 0) - error (EXIT_FAILURE, 0, "key_usage: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_usage: %s", gnutls_strerror (ret)); + exit(1); + } ret = get_tls_client_status (); if (ret != 0) @@ -1902,7 +2151,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_CLIENT, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); + exit(1); + } } ret = get_tls_server_status (); @@ -1911,7 +2163,10 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_SERVER, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); + exit(1); + } } get_key_purpose_set (TYPE_CRQ, crq); @@ -1919,11 +2174,17 @@ generate_request (common_info_st * cinfo) ret = gnutls_x509_crq_set_pubkey (crq, pubkey); if (ret < 0) - error (EXIT_FAILURE, 0, "set_key: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "set_key: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_x509_crq_privkey_sign (crq, pkey, get_dig_for_pub (pubkey), 0); if (ret < 0) - error (EXIT_FAILURE, 0, "sign: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "sign: %s", gnutls_strerror (ret)); + exit(1); + } print_crq_info (crq, outfile); @@ -1950,13 +2211,19 @@ static int detailed_verification(gnutls_x509_crt_t cert, ret = gnutls_x509_crt_get_issuer_dn (cert, issuer_name, &issuer_name_size); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); + exit(1); + } name_size = sizeof (name); ret = gnutls_x509_crt_get_dn (cert, name, &name_size); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_dn: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "gnutls_x509_crt_get_dn: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "\tSubject: %s\n", name); fprintf (outfile, "\tIssuer: %s\n", issuer_name); @@ -1967,7 +2234,10 @@ static int detailed_verification(gnutls_x509_crt_t cert, ret = gnutls_x509_crt_get_dn (issuer, issuer_name, &issuer_name_size); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "\tChecked against: %s\n", issuer_name); } @@ -1980,7 +2250,10 @@ static int detailed_verification(gnutls_x509_crt_t cert, ret = gnutls_x509_crl_get_issuer_dn (crl, issuer_name, &issuer_name_size); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crl_get_issuer_dn: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "gnutls_x509_crl_get_issuer_dn: %s", gnutls_strerror (ret)); + exit(1); + } name_size = sizeof(tmp); ret = gnutls_x509_crl_get_number(crl, tmp, &name_size, NULL); @@ -1994,7 +2267,10 @@ static int detailed_verification(gnutls_x509_crt_t cert, name_size = sizeof(name); ret = gnutls_hex_encode(&data, name, &name_size); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "gnutls_hex_encode: %s", gnutls_strerror (ret)); + exit(1); + } } fprintf (outfile, "\tChecked against CRL[%s] of: %s\n", name, issuer_name); } @@ -2025,8 +2301,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) ret = gnutls_x509_trust_list_init(&list, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s", + { + fprintf(stderr, "gnutls_x509_trust_list_init: %s", gnutls_strerror (ret)); + exit(1); + } if (ca == NULL) { @@ -2042,8 +2321,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) ret = gnutls_x509_crt_list_import2( &x509_ca_list, &x509_ncas, &tmp, GNUTLS_X509_FMT_PEM, 0); if (ret < 0 || x509_ncas < 1) - error (EXIT_FAILURE, 0, "error parsing CAs: %s", + { + fprintf(stderr, "error parsing CAs: %s", gnutls_strerror (ret)); + exit(1); + } } ret = gnutls_x509_crl_list_import2( &x509_crl_list, &x509_ncrls, &tmp, @@ -2061,8 +2343,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) ret = gnutls_x509_crt_list_import2( &x509_cert_list, &x509_ncerts, &tmp, GNUTLS_X509_FMT_PEM, 0); if (ret < 0 || x509_ncerts < 1) - error (EXIT_FAILURE, 0, "error parsing CRTs: %s", + { + fprintf(stderr, "error parsing CRTs: %s", gnutls_strerror (ret)); + exit(1); + } if (ca == NULL) { @@ -2075,13 +2360,19 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) ret = gnutls_x509_trust_list_add_cas(list, x509_ca_list, x509_ncas, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_cas: %s", + { + fprintf(stderr, "gnutls_x509_trust_add_cas: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_x509_trust_list_add_crls(list, x509_crl_list, x509_ncrls, 0, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_crls: %s", + { + fprintf(stderr, "gnutls_x509_trust_add_crls: %s", gnutls_strerror (ret)); + exit(1); + } gnutls_free(x509_crl_list); @@ -2089,8 +2380,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) GNUTLS_VERIFY_DO_NOT_ALLOW_SAME|GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, &output, detailed_verification); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_trusted_list_verify_crt: %s", + { + fprintf(stderr, "gnutls_x509_trusted_list_verify_crt: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "Chain verification output: "); print_verification_res(outfile, output); @@ -2140,7 +2434,10 @@ verify_chain (void) buf = (void*)fread_file (infile, &size); if (buf == NULL) - error (EXIT_FAILURE, errno, "reading chain"); + { + fprintf(stderr, "reading chain"); + exit(1); + } buf[size] = 0; @@ -2157,17 +2454,26 @@ verify_certificate (common_info_st * cinfo) FILE * ca_file = fopen(cinfo->ca, "r"); if (ca_file == NULL) - error (EXIT_FAILURE, errno, "opening CA file"); + { + fprintf(stderr, "opening CA file"); + exit(1); + } cert = (void*)fread_file (infile, &cert_size); if (cert == NULL) - error (EXIT_FAILURE, errno, "reading certificate chain"); + { + fprintf(stderr, "reading certificate chain"); + exit(1); + } cert[cert_size] = 0; cas = (void*)fread_file (ca_file, &ca_size); if (cas == NULL) - error (EXIT_FAILURE, errno, "reading CA list"); + { + fprintf(stderr, "reading CA list"); + exit(1); + } cas[ca_size] = 0; fclose(ca_file); @@ -2195,13 +2501,19 @@ verify_crl (common_info_st * cinfo) dn_size = sizeof (dn); ret = gnutls_x509_crt_get_dn (issuer, dn, &dn_size); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_get_dn: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crt_get_dn: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "\tSubject: %s\n\n", dn); ret = gnutls_x509_crl_init (&crl); if (ret < 0) - error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "crl_init: %s", gnutls_strerror (ret)); + exit(1); + } pem.data = (void*)fread_file (infile, &size); pem.size = size; @@ -2209,14 +2521,20 @@ verify_crl (common_info_st * cinfo) ret = gnutls_x509_crl_import (crl, &pem, incert_format); free (pem.data); if (ret < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (ret)); + exit(1); + } print_crl_info (crl, outfile); fprintf (outfile, "Verification output: "); ret = gnutls_x509_crl_verify (crl, &issuer, 1, 0, &output); if (ret < 0) - error (EXIT_FAILURE, 0, "verification error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "verification error: %s", gnutls_strerror (ret)); + exit(1); + } if (output) { @@ -2265,7 +2583,10 @@ generate_pkcs8 (common_info_st * cinfo) password, flags, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result)); + { + fprintf(stderr, "key_export: %s", gnutls_strerror (result)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -2302,7 +2623,10 @@ generate_pkcs12 (common_info_st * cinfo) result = gnutls_pkcs12_init (&pkcs12); if (result < 0) - error (EXIT_FAILURE, 0, "pkcs12_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "pkcs12_init: %s", gnutls_strerror (result)); + exit(1); + } pass = get_password(cinfo, &flags, 1); flags |= cipher_to_flags (cinfo->pkcs_cipher); @@ -2313,12 +2637,18 @@ generate_pkcs12 (common_info_st * cinfo) result = gnutls_pkcs12_bag_init (&bag); if (result < 0) - error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); + exit(1); + } result = gnutls_pkcs12_bag_set_crt (bag, crts[i]); if (result < 0) - error (EXIT_FAILURE, 0, "set_crt[%d]: %s", i, + { + fprintf(stderr, "set_crt[%d]: %s", i, gnutls_strerror (result)); + exit(1); + } indx = result; @@ -2326,31 +2656,46 @@ generate_pkcs12 (common_info_st * cinfo) { result = gnutls_pkcs12_bag_set_friendly_name (bag, indx, name); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_friendly_name: %s", + { + fprintf(stderr, "bag_set_friendly_name: %s", gnutls_strerror (result)); + exit(1); + } } size = sizeof (_key_id); result = gnutls_x509_crt_get_key_id (crts[i], 0, _key_id, &size); if (result < 0) - error (EXIT_FAILURE, 0, "key_id[%d]: %s", i, + { + fprintf(stderr, "key_id[%d]: %s", i, gnutls_strerror (result)); + exit(1); + } key_id.data = _key_id; key_id.size = size; result = gnutls_pkcs12_bag_set_key_id (bag, indx, &key_id); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_key_id: %s", + { + fprintf(stderr, "bag_set_key_id: %s", gnutls_strerror (result)); + exit(1); + } result = gnutls_pkcs12_bag_encrypt (bag, pass, flags); if (result < 0) - error (EXIT_FAILURE, 0, "bag_encrypt: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_encrypt: %s", gnutls_strerror (result)); + exit(1); + } result = gnutls_pkcs12_set_bag (pkcs12, bag); if (result < 0) - error (EXIT_FAILURE, 0, "set_bag: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_bag: %s", gnutls_strerror (result)); + exit(1); + } } for (i = 0; i < nkeys; i++) @@ -2359,14 +2704,20 @@ generate_pkcs12 (common_info_st * cinfo) result = gnutls_pkcs12_bag_init (&kbag); if (result < 0) - error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); + exit(1); + } size = buffer_size; result = gnutls_x509_privkey_export_pkcs8 (keys[i], GNUTLS_X509_FMT_DER, pass, flags, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "key_export[%d]: %s", i, gnutls_strerror (result)); + { + fprintf(stderr, "key_export[%d]: %s", i, gnutls_strerror (result)); + exit(1); + } data.data = buffer; data.size = size; @@ -2374,41 +2725,62 @@ generate_pkcs12 (common_info_st * cinfo) gnutls_pkcs12_bag_set_data (kbag, GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_data: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_set_data: %s", gnutls_strerror (result)); + exit(1); + } indx = result; result = gnutls_pkcs12_bag_set_friendly_name (kbag, indx, name); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_friendly_name: %s", + { + fprintf(stderr, "bag_set_friendly_name: %s", gnutls_strerror (result)); + exit(1); + } size = sizeof (_key_id); result = gnutls_x509_privkey_get_key_id (keys[i], 0, _key_id, &size); if (result < 0) - error (EXIT_FAILURE, 0, "key_id[%d]: %s", i, gnutls_strerror (result)); + { + fprintf(stderr, "key_id[%d]: %s", i, gnutls_strerror (result)); + exit(1); + } key_id.data = _key_id; key_id.size = size; result = gnutls_pkcs12_bag_set_key_id (kbag, indx, &key_id); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_key_id: %s", + { + fprintf(stderr, "bag_set_key_id: %s", gnutls_strerror (result)); + exit(1); + } result = gnutls_pkcs12_set_bag (pkcs12, kbag); if (result < 0) - error (EXIT_FAILURE, 0, "set_bag: %s", gnutls_strerror (result)); + { + fprintf(stderr, "set_bag: %s", gnutls_strerror (result)); + exit(1); + } } result = gnutls_pkcs12_generate_mac (pkcs12, pass); if (result < 0) - error (EXIT_FAILURE, 0, "generate_mac: %s", gnutls_strerror (result)); + { + fprintf(stderr, "generate_mac: %s", gnutls_strerror (result)); + exit(1); + } size = buffer_size; result = gnutls_pkcs12_export (pkcs12, outcert_format, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "pkcs12_export: %s", gnutls_strerror (result)); + { + fprintf(stderr, "pkcs12_export: %s", gnutls_strerror (result)); + exit(1); + } fwrite (buffer, 1, size, outfile); @@ -2449,7 +2821,10 @@ print_bag_data (gnutls_pkcs12_bag_t bag) count = gnutls_pkcs12_bag_get_count (bag); if (count < 0) - error (EXIT_FAILURE, 0, "get_count: %s", gnutls_strerror (count)); + { + fprintf(stderr, "get_count: %s", gnutls_strerror (count)); + exit(1); + } fprintf (outfile, "\tElements: %d\n", count); @@ -2457,15 +2832,22 @@ print_bag_data (gnutls_pkcs12_bag_t bag) { type = gnutls_pkcs12_bag_get_type (bag, i); if (type < 0) - error (EXIT_FAILURE, 0, "get_type: %s", gnutls_strerror (type)); + { + fprintf(stderr, "get_type: %s", gnutls_strerror (type)); + exit(1); + } fprintf (stderr, "\tType: %s\n", BAGTYPE (type)); name = NULL; result = gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name); if (result < 0) - error (EXIT_FAILURE, 0, "get_friendly_name: %s", + { + fprintf(stderr, "get_friendly_name: %s", gnutls_strerror (type)); + exit(1); + } + if (name) fprintf (outfile, "\tFriendly name: %s\n", name); @@ -2473,13 +2855,20 @@ print_bag_data (gnutls_pkcs12_bag_t bag) id.size = 0; result = gnutls_pkcs12_bag_get_key_id (bag, i, &id); if (result < 0) - error (EXIT_FAILURE, 0, "get_key_id: %s", gnutls_strerror (type)); + { + fprintf(stderr, "get_key_id: %s", gnutls_strerror (type)); + exit(1); + } + if (id.size > 0) fprintf (outfile, "\tKey ID: %s\n", raw_to_string (id.data, id.size)); result = gnutls_pkcs12_bag_get_data (bag, i, &cdata); if (result < 0) - error (EXIT_FAILURE, 0, "get_data: %s", gnutls_strerror (result)); + { + fprintf(stderr, "get_data: %s", gnutls_strerror (result)); + exit(1); + } switch (type) { @@ -2525,7 +2914,10 @@ pkcs12_info (common_info_st* cinfo) result = gnutls_pkcs12_init (&pkcs12); if (result < 0) - error (EXIT_FAILURE, 0, "p12_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "p12_init: %s", gnutls_strerror (result)); + exit(1); + } data.data = (void*)fread_file (infile, &size); data.size = size; @@ -2533,7 +2925,10 @@ pkcs12_info (common_info_st* cinfo) result = gnutls_pkcs12_import (pkcs12, &data, incert_format, 0); free (data.data); if (result < 0) - error (EXIT_FAILURE, 0, "p12_import: %s", gnutls_strerror (result)); + { + fprintf(stderr, "p12_import: %s", gnutls_strerror (result)); + exit(1); + } pass = get_password(cinfo, NULL, 0); @@ -2541,14 +2936,17 @@ pkcs12_info (common_info_st* cinfo) if (result < 0) { fail = 1; - error (0, 0, "verify_mac: %s", gnutls_strerror (result)); + fprintf (stderr, "verify_mac: %s", gnutls_strerror (result)); } for (indx = 0;; indx++) { result = gnutls_pkcs12_bag_init (&bag); if (result < 0) - error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); + exit(1); + } result = gnutls_pkcs12_get_bag (pkcs12, indx, bag); if (result < 0) @@ -2556,13 +2954,19 @@ pkcs12_info (common_info_st* cinfo) result = gnutls_pkcs12_bag_get_count (bag); if (result < 0) - error (EXIT_FAILURE, 0, "bag_count: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_count: %s", gnutls_strerror (result)); + exit(1); + } fprintf (outfile, "BAG #%d\n", indx); result = gnutls_pkcs12_bag_get_type (bag, 0); if (result < 0) - error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); + exit(1); + } if (result == GNUTLS_BAG_ENCRYPTED) { @@ -2574,14 +2978,17 @@ pkcs12_info (common_info_st* cinfo) if (result < 0) { fail = 1; - error (0, 0, "bag_decrypt: %s", gnutls_strerror (result)); + fprintf(stderr, "bag_decrypt: %s", gnutls_strerror (result)); continue; } result = gnutls_pkcs12_bag_get_count (bag); if (result < 0) - error (EXIT_FAILURE, 0, "encrypted bag_count: %s", + { + fprintf(stderr, "encrypted bag_count: %s", gnutls_strerror (result)); + exit(1); + } } print_bag_data (bag); @@ -2590,7 +2997,10 @@ pkcs12_info (common_info_st* cinfo) } if (fail) - error (EXIT_FAILURE, 0, "There were errors parsing the structure\n"); + { + fprintf(stderr, "There were errors parsing the structure\n"); + exit(1); + } } void @@ -2604,7 +3014,10 @@ pkcs7_info (void) result = gnutls_pkcs7_init (&pkcs7); if (result < 0) - error (EXIT_FAILURE, 0, "p7_init: %s", gnutls_strerror (result)); + { + fprintf(stderr, "p7_init: %s", gnutls_strerror (result)); + exit(1); + } data.data = (void*)fread_file (infile, &size); data.size = size; @@ -2612,13 +3025,19 @@ pkcs7_info (void) result = gnutls_pkcs7_import (pkcs7, &data, incert_format); free (data.data); if (result < 0) - error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (result)); + { + fprintf(stderr, "import error: %s", gnutls_strerror (result)); + exit(1); + } /* Read and print the certificates. */ result = gnutls_pkcs7_get_crt_count (pkcs7); if (result < 0) - error (EXIT_FAILURE, 0, "p7_crt_count: %s", gnutls_strerror (result)); + { + fprintf(stderr, "p7_crt_count: %s", gnutls_strerror (result)); + exit(1); + } count = result; @@ -2639,7 +3058,10 @@ pkcs7_info (void) result = gnutls_pem_base64_encode_alloc ("CERTIFICATE", &data, &b64); if (result < 0) - error (EXIT_FAILURE, 0, "encoding: %s", gnutls_strerror (result)); + { + fprintf(stderr, "encoding: %s", gnutls_strerror (result)); + exit(1); + } fputs ((void*)b64.data, outfile); gnutls_free (b64.data); @@ -2649,7 +3071,10 @@ pkcs7_info (void) */ result = gnutls_pkcs7_get_crl_count (pkcs7); if (result < 0) - error (EXIT_FAILURE, 0, "p7_crl_count: %s", gnutls_strerror (result)); + { + fprintf(stderr, "p7_crl_count: %s", gnutls_strerror (result)); + exit(1); + } count = result; @@ -2670,7 +3095,10 @@ pkcs7_info (void) result = gnutls_pem_base64_encode_alloc ("X509 CRL", &data, &b64); if (result < 0) - error (EXIT_FAILURE, 0, "encoding: %s", gnutls_strerror (result)); + { + fprintf(stderr, "encoding: %s", gnutls_strerror (result)); + exit(1); + } fputs ((void*)b64.data, outfile); gnutls_free (b64.data); @@ -2690,7 +3118,10 @@ smime_to_pkcs7 (void) { len = getline (&lineptr, &linesize, infile); if (len == -1) - error (EXIT_FAILURE, 0, "cannot find RFC 2822 header/body separator"); + { + fprintf(stderr, "cannot find RFC 2822 header/body separator"); + exit(1); + } } while (strcmp (lineptr, "\r\n") != 0 && strcmp (lineptr, "\n") != 0); @@ -2698,7 +3129,10 @@ smime_to_pkcs7 (void) { len = getline (&lineptr, &linesize, infile); if (len == -1) - error (EXIT_FAILURE, 0, "message has RFC 2822 header but no body"); + { + fprintf(stderr, "message has RFC 2822 header but no body"); + exit(1); + } } while (strcmp (lineptr, "\r\n") == 0 && strcmp (lineptr, "\n") == 0); @@ -2733,7 +3167,8 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) ret = gnutls_pubkey_init (&pubkey); if (ret < 0) { - error (EXIT_FAILURE, 0, "pubkey_init: %s", gnutls_strerror (ret)); + fprintf(stderr, "pubkey_init: %s", gnutls_strerror (ret)); + exit(1); } if (crt == NULL) @@ -2750,15 +3185,21 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) { ret = gnutls_pubkey_import_x509 (pubkey, crt, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "pubkey_import_x509: %s", + { + fprintf(stderr, "pubkey_import_x509: %s", gnutls_strerror (ret)); + exit(1); + } } else if (crq != NULL) { ret = gnutls_pubkey_import_x509_crq (pubkey, crq, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "pubkey_import_x509_crq: %s", + { + fprintf(stderr, "pubkey_import_x509_crq: %s", gnutls_strerror (ret)); + exit(1); + } } else { @@ -2768,8 +3209,11 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) { ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "pubkey_import_privkey: %s", + { + fprintf(stderr, "pubkey_import_privkey: %s", gnutls_strerror (ret)); + exit(1); + } } else { @@ -2783,7 +3227,10 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) size = buffer_size; ret = gnutls_pubkey_export (pubkey, outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } fwrite (buffer, 1, size, outfile); diff --git a/src/danetool.c b/src/danetool.c index 5c27321..07921c9 100644 --- a/src/danetool.c +++ b/src/danetool.c @@ -42,7 +42,6 @@ #include #include #include -#include /* Gnulib portability files. */ #include @@ -95,7 +94,10 @@ cmd_parser (int argc, char **argv) { outfile = safe_open_rw (OPT_ARG(OUTFILE), privkey_op); if (outfile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); + { + fprintf (stderr, "%s", OPT_ARG(OUTFILE)); + exit(1); + } } else outfile = stdout; @@ -122,7 +124,10 @@ cmd_parser (int argc, char **argv) else if (strcasecmp (OPT_ARG(HASH), "rmd160") == 0) default_dig = GNUTLS_DIG_RMD160; else - error (EXIT_FAILURE, 0, "invalid hash: %s", OPT_ARG(HASH)); + { + fprintf (stderr, "invalid hash: %s", OPT_ARG(HASH)); + exit(1); + } } gnutls_global_set_log_function (tls_log_func); @@ -134,7 +139,10 @@ cmd_parser (int argc, char **argv) } if ((ret = gnutls_global_init ()) < 0) - error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "global_init: %s", gnutls_strerror (ret)); + exit(1); + } #ifdef ENABLE_PKCS11 pkcs11_common(); @@ -207,31 +215,46 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED; printf("Querying %s (%s:%d)...\n", host, proto, port); ret = dane_state_init(&s, flags); if (ret < 0) - error (EXIT_FAILURE, 0, "dane_state_init: %s", dane_strerror (ret)); + { + fprintf (stderr, "dane_state_init: %s", dane_strerror (ret)); + exit(1); + } if (HAVE_OPT(DLV)) { ret = dane_state_set_dlv_file(s, OPT_ARG(DLV)); if (ret < 0) - error (EXIT_FAILURE, 0, "dane_state_set_dlv_file: %s", dane_strerror (ret)); + { + fprintf (stderr, "dane_state_set_dlv_file: %s", dane_strerror (ret)); + exit(1); + } } ret = dane_query_tlsa(s, &q, host, proto, port); if (ret < 0) - error (EXIT_FAILURE, 0, "dane_query_tlsa: %s", dane_strerror (ret)); + { + fprintf (stderr, "dane_query_tlsa: %s", dane_strerror (ret)); + exit(1); + } entries = dane_query_entries(q); for (i=0;i 1) printf("\nEntry %d:\n", i+1); @@ -249,11 +272,17 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED; ret = gnutls_load_file(cinfo->cert, &file); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_load_file: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_load_file: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_x509_crt_list_import2( &clist, &clist_size, &file, cinfo->incert_format, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_import2: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_x509_crt_list_import2: %s", gnutls_strerror (ret)); + exit(1); + } if (clist_size > 0) { @@ -265,17 +294,26 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED; { ret = gnutls_x509_crt_export2( clist[i], GNUTLS_X509_FMT_DER, &certs[i]); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_export2: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_x509_crt_export2: %s", gnutls_strerror (ret)); + exit(1); + } } ret = dane_verify_crt( s, certs, clist_size, GNUTLS_CRT_X509, host, proto, port, 0, vflags, &status); if (ret < 0) - error (EXIT_FAILURE, 0, "dane_verify_crt: %s", dane_strerror (ret)); + { + fprintf (stderr, "dane_verify_crt: %s", dane_strerror (ret)); + exit(1); + } ret = dane_verification_status_print(status, &out, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "dane_verification_status_print: %s", dane_strerror (ret)); + { + fprintf( stderr, "dane_verification_status_print: %s", dane_strerror (ret)); + exit(1); + } printf("\nVerification: %s\n", out.data); gnutls_free(out.data); @@ -331,7 +369,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, size = buffer_size; ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_DER, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } gnutls_x509_crt_deinit (crt); } @@ -341,7 +382,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, ret = gnutls_pubkey_init (&pubkey); if (ret < 0) - error (EXIT_FAILURE, 0, "pubkey_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "pubkey_init: %s", gnutls_strerror (ret)); + exit(1); + } if (crt != NULL) { @@ -349,16 +393,18 @@ static void dane_info(const char* host, const char* proto, unsigned int port, ret = gnutls_pubkey_import_x509 (pubkey, crt, 0); if (ret < 0) { - error (EXIT_FAILURE, 0, "pubkey_import_x509: %s", + fprintf (stderr, "pubkey_import_x509: %s", gnutls_strerror (ret)); + exit(1); } size = buffer_size; ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_DER, buffer, &size); if (ret < 0) { - error (EXIT_FAILURE, 0, "pubkey_export: %s", + fprintf( stderr, "pubkey_export: %s", gnutls_strerror (ret)); + exit(1); } gnutls_x509_crt_deinit(crt); @@ -370,7 +416,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, size = buffer_size; ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_DER, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "export error: %s", gnutls_strerror (ret)); + exit(1); + } } gnutls_pubkey_deinit (pubkey); @@ -384,7 +433,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, ret = gnutls_hash_fast(default_dig, buffer, size, digest); if (ret < 0) - error (EXIT_FAILURE, 0, "hash error: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "hash error: %s", gnutls_strerror (ret)); + exit(1); + } if (default_dig == GNUTLS_DIG_SHA256) type = 1; @@ -408,7 +460,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, size = buffer_size; ret = gnutls_hex_encode(&t, (void*)buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "hex encode error: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "hex encode error: %s", gnutls_strerror (ret)); + exit(1); + } fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port, proto, host, usage, selector, type, buffer); diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c index 060f114..4bc3f59 100644 --- a/src/ocsptool-common.c +++ b/src/ocsptool-common.c @@ -31,7 +31,6 @@ #include /* Gnulib portability files. */ -#include #include #include @@ -83,12 +82,18 @@ _generate_request (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, ret = gnutls_ocsp_req_init (&req); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "ocsp_req_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_req_add_cert (req, GNUTLS_DIG_SHA1, issuer, cert); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_req_add_cert: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "ocsp_req_add_cert: %s", gnutls_strerror (ret)); + exit(1); + } if (nonce) { @@ -97,17 +102,26 @@ _generate_request (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, ret = gnutls_rnd (GNUTLS_RND_RANDOM, nonce.data, nonce.size); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_rnd: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "gnutls_rnd: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_req_set_nonce (req, 0, &nonce); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_req_set_nonce: %s", + { + fprintf( stderr, "ocsp_req_set_nonce: %s", gnutls_strerror (ret)); + exit(1); + } } ret = gnutls_ocsp_req_export (req, rdata); if (ret != 0) - error (EXIT_FAILURE, 0, "ocsp_req_export: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "ocsp_req_export: %s", gnutls_strerror (ret)); + exit(1); + } gnutls_ocsp_req_deinit (req); return; @@ -321,11 +335,17 @@ check_ocsp_response (gnutls_x509_crt_t cert, ret = gnutls_ocsp_resp_init (&resp); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "ocsp_resp_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_resp_import (resp, data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "importing response: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_resp_check_crt(resp, 0, cert); if (ret < 0) @@ -337,8 +357,11 @@ check_ocsp_response (gnutls_x509_crt_t cert, ret = gnutls_ocsp_resp_verify_direct( resp, issuer, &status, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify_direct: %s", - gnutls_strerror (ret)); + { + fprintf(stderr, "gnutls_ocsp_resp_verify_direct: %s", + gnutls_strerror (ret)); + exit(1); + } if (status != 0) { @@ -357,7 +380,10 @@ check_ocsp_response (gnutls_x509_crt_t cert, ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL, &cert_status, &vtime, &ntime, &rtime, NULL); if (ret < 0) - error (EXIT_FAILURE, 0, "reading response: %s", gnutls_strerror (ret)); + { + fprintf(stderr, "reading response: %s", gnutls_strerror (ret)); + exit(1); + } if (cert_status == GNUTLS_OCSP_CERT_REVOKED) { diff --git a/src/ocsptool.c b/src/ocsptool.c index ffbb051..cd92c1d 100644 --- a/src/ocsptool.c +++ b/src/ocsptool.c @@ -31,7 +31,6 @@ #include /* Gnulib portability files. */ -#include #include #include @@ -59,24 +58,36 @@ request_info (void) ret = gnutls_ocsp_req_init (&req); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "ocsp_req_init: %s", gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(LOAD_REQUEST)) dat.data = (void*)read_binary_file (OPT_ARG(LOAD_REQUEST), &size); else dat.data = (void*)fread_file (infile, &size); if (dat.data == NULL) - error (EXIT_FAILURE, errno, "reading request"); + { + fprintf (stderr, "reading request"); + exit(1); + } dat.size = size; ret = gnutls_ocsp_req_import (req, &dat); free (dat.data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing request: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "importing request: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &dat); if (ret != 0) - error (EXIT_FAILURE, 0, "ocsp_req_print: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "ocsp_req_print: %s", gnutls_strerror (ret)); + exit(1); + } printf ("%.*s", dat.size, dat.data); gnutls_free (dat.data); @@ -93,18 +104,27 @@ _response_info (const gnutls_datum_t* data) ret = gnutls_ocsp_resp_init (&resp); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "ocsp_resp_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_resp_import (resp, data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "importing response: %s", gnutls_strerror (ret)); + exit(1); + } if (ENABLED_OPT(VERBOSE)) ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_FULL, &buf); else ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_COMPACT, &buf); if (ret != 0) - error (EXIT_FAILURE, 0, "ocsp_resp_print: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "ocsp_resp_print: %s", gnutls_strerror (ret)); + exit(1); + } printf ("%.*s", buf.size, buf.data); gnutls_free (buf.data); @@ -123,7 +143,10 @@ response_info (void) else dat.data = (void*)fread_file (infile, &size); if (dat.data == NULL) - error (EXIT_FAILURE, errno, "reading response"); + { + fprintf (stderr, "reading response"); + exit(1); + } dat.size = size; _response_info(&dat); @@ -139,23 +162,35 @@ load_issuer (void) size_t size; if (!HAVE_OPT(LOAD_ISSUER)) - error (EXIT_FAILURE, 0, "missing --load-issuer"); + { + fprintf( stderr, "missing --load-issuer"); + exit(1); + } ret = gnutls_x509_crt_init (&crt); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "crt_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (OPT_ARG(LOAD_ISSUER), &size); dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-issuer: %s", OPT_ARG(LOAD_ISSUER)); + { + fprintf (stderr, "reading --load-issuer: %s", OPT_ARG(LOAD_ISSUER)); + exit(1); + } ret = gnutls_x509_crt_import (crt, &dat, encoding); free (dat.data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-issuer: %s: %s", + { + fprintf (stderr, "importing --load-issuer: %s: %s", OPT_ARG(LOAD_ISSUER), gnutls_strerror (ret)); + exit(1); + } return crt; } @@ -169,23 +204,35 @@ load_cert (void) size_t size; if (!HAVE_OPT(LOAD_CERT)) - error (EXIT_FAILURE, 0, "missing --load-cert"); + { + fprintf (stderr, "missing --load-cert"); + exit(1); + } ret = gnutls_x509_crt_init (&crt); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "crt_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (OPT_ARG(LOAD_CERT), &size); dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-cert: %s", OPT_ARG(LOAD_CERT)); + { + fprintf (stderr, "reading --load-cert: %s", OPT_ARG(LOAD_CERT)); + exit(1); + } ret = gnutls_x509_crt_import (crt, &dat, encoding); free (dat.data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-cert: %s: %s", + { + fprintf (stderr, "importing --load-cert: %s: %s", OPT_ARG(LOAD_CERT), gnutls_strerror (ret)); + exit(1); + } return crt; } @@ -218,29 +265,44 @@ _verify_response (gnutls_datum_t *data) ret = gnutls_ocsp_resp_init (&resp); if (ret < 0) - error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "ocsp_resp_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_ocsp_resp_import (resp, data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "importing response: %s", gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(LOAD_TRUST)) { dat.data = (void*)read_binary_file (OPT_ARG(LOAD_TRUST), &size); if (dat.data == NULL) - error (EXIT_FAILURE, errno, "reading --load-trust: %s", OPT_ARG(LOAD_TRUST)); + { + fprintf (stderr, "reading --load-trust: %s", OPT_ARG(LOAD_TRUST)); + exit(1); + } dat.size = size; ret = gnutls_x509_trust_list_init (&list, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s", + { + fprintf (stderr, "gnutls_x509_trust_list_init: %s", gnutls_strerror (ret)); + exit(1); + } ret = gnutls_x509_crt_list_import2 (&x509_ca_list, &x509_ncas, &dat, GNUTLS_X509_FMT_PEM, 0); if (ret < 0 || x509_ncas < 1) - error (EXIT_FAILURE, 0, "error parsing CAs: %s", + { + fprintf (stderr, "error parsing CAs: %s", gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(VERBOSE)) { @@ -253,8 +315,11 @@ _verify_response (gnutls_datum_t *data) ret = gnutls_x509_crt_print (x509_ca_list[i], GNUTLS_CRT_PRINT_ONELINE, &out); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_print: %s", + { + fprintf (stderr, "gnutls_x509_crt_print: %s", gnutls_strerror (ret)); + exit(1); + } printf ("%d: %.*s\n", i, out.size, out.data); gnutls_free (out.data); @@ -264,33 +329,48 @@ _verify_response (gnutls_datum_t *data) ret = gnutls_x509_trust_list_add_cas (list, x509_ca_list, x509_ncas, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_cas: %s", + { + fprintf (stderr, "gnutls_x509_trust_add_cas: %s", gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(VERBOSE)) fprintf (stdout, "Loaded %d trust anchors\n", x509_ncas); ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify: %s", + { + fprintf (stderr, "gnutls_ocsp_resp_verify: %s", gnutls_strerror (ret)); + exit(1); + } } else if (HAVE_OPT(LOAD_SIGNER)) { ret = gnutls_x509_crt_init (&signer); if (ret < 0) - error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "crt_init: %s", gnutls_strerror (ret)); + exit(1); + } dat.data = (void*)read_binary_file (OPT_ARG(LOAD_SIGNER), &size); if (dat.data == NULL) - error (EXIT_FAILURE, errno, "reading --load-signer: %s", OPT_ARG(LOAD_SIGNER)); + { + fprintf (stderr, "reading --load-signer: %s", OPT_ARG(LOAD_SIGNER)); + exit(1); + } dat.size = size; ret = gnutls_x509_crt_import (signer, &dat, encoding); free (dat.data); if (ret < 0) - error (EXIT_FAILURE, 0, "importing --load-signer: %s: %s", + { + fprintf (stderr, "importing --load-signer: %s: %s", OPT_ARG(LOAD_SIGNER), gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(VERBOSE)) { @@ -298,8 +378,11 @@ _verify_response (gnutls_datum_t *data) ret = gnutls_x509_crt_print (signer, GNUTLS_CRT_PRINT_ONELINE, &out); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_print: %s", + { + fprintf (stderr, "gnutls_x509_crt_print: %s", gnutls_strerror (ret)); + exit(1); + } printf ("Signer: %.*s\n", out.size, out.data); gnutls_free (out.data); @@ -308,11 +391,17 @@ _verify_response (gnutls_datum_t *data) ret = gnutls_ocsp_resp_verify_direct (resp, signer, &verify, 0); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify_direct: %s", + { + fprintf (stderr, "gnutls_ocsp_resp_verify_direct: %s", gnutls_strerror (ret)); + exit(1); + } } else - error (EXIT_FAILURE, 0, "missing --load-trust or --load-signer"); + { + fprintf (stderr, "missing --load-trust or --load-signer"); + exit(1); + } printf ("Verifying OCSP Response: "); print_ocsp_verify_res (verify); @@ -334,7 +423,10 @@ verify_response (void) else dat.data = (void*)fread_file (infile, &size); if (dat.data == NULL) - error (EXIT_FAILURE, errno, "reading response"); + { + fprintf (stderr, "reading response"); + exit(1); + } dat.size = size; _verify_response(&dat); @@ -381,7 +473,10 @@ main (int argc, char **argv) int ret; if ((ret = gnutls_global_init ()) < 0) - error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); + { + fprintf( stderr, "global_init: %s", gnutls_strerror (ret)); + exit(1); + } optionProcess( &ocsptoolOptions, argc, argv); @@ -392,7 +487,10 @@ main (int argc, char **argv) { outfile = fopen (OPT_ARG(OUTFILE), "wb"); if (outfile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); + { + fprintf( stderr, "%s", OPT_ARG(OUTFILE)); + exit(1); + } } else outfile = stdout; @@ -401,7 +499,10 @@ main (int argc, char **argv) { infile = fopen (OPT_ARG(INFILE), "rb"); if (infile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE)); + { + fprintf( stderr, "%s", OPT_ARG(INFILE)); + exit(1); + } } else infile = stdin; diff --git a/src/p11tool.c b/src/p11tool.c index 924f6bb..19ca1fd 100644 --- a/src/p11tool.c +++ b/src/p11tool.c @@ -39,7 +39,6 @@ #include #include #include -#include /* Gnulib portability files. */ #include @@ -97,7 +96,10 @@ cmd_parser (int argc, char **argv) printf ("Setting log level to %d\n", debug); if ((ret = gnutls_global_init ()) < 0) - error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "global_init: %s", gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(PROVIDER)) { @@ -108,8 +110,11 @@ cmd_parser (int argc, char **argv) { ret = gnutls_pkcs11_add_provider (OPT_ARG(PROVIDER), NULL); if (ret < 0) - error (EXIT_FAILURE, 0, "pkcs11_add_provider: %s", + { + fprintf (stderr, "pkcs11_add_provider: %s", gnutls_strerror (ret)); + exit(1); + } } } else @@ -123,7 +128,10 @@ cmd_parser (int argc, char **argv) { outfile = safe_open_rw (OPT_ARG(OUTFILE), 0); if (outfile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); + { + fprintf (stderr, "%s", OPT_ARG(OUTFILE)); + exit(1); + } } else outfile = stdout; diff --git a/src/pkcs11.c b/src/pkcs11.c index 9759892..5290f63 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -75,7 +75,6 @@ pkcs11_list (FILE * outfile, const char *url, int type, unsigned int login, unsigned int detailed, common_info_st * info) { gnutls_pkcs11_obj_t *crt_list; - gnutls_x509_crt_t xcrt; unsigned int crt_list_size = 0, i; int ret, otype; char *output; diff --git a/src/serv.c b/src/serv.c index 5650658..d420cb8 100644 --- a/src/serv.c +++ b/src/serv.c @@ -1216,6 +1216,8 @@ main (int argc, char **argv) udp_server (name, port, mtu); else tcp_server (name, port); + + return 0; } static void diff --git a/src/tpmtool.c b/src/tpmtool.c index 0c81d34..9b2168e 100644 --- a/src/tpmtool.c +++ b/src/tpmtool.c @@ -39,7 +39,6 @@ #include #include #include -#include /* Gnulib portability files. */ #include @@ -130,13 +129,19 @@ cmd_parser (int argc, char **argv) printf ("Setting log level to %d\n", debug); if ((ret = gnutls_global_init ()) < 0) - error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "global_init: %s", gnutls_strerror (ret)); + exit(1); + } if (HAVE_OPT(OUTFILE)) { outfile = safe_open_rw (OPT_ARG(OUTFILE), 0); if (outfile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); + { + fprintf (stderr, "%s", OPT_ARG(OUTFILE)); + exit(1); + } } else outfile = stdout; @@ -145,7 +150,10 @@ cmd_parser (int argc, char **argv) { infile = fopen (OPT_ARG(INFILE), "rb"); if (infile == NULL) - error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE)); + { + fprintf (stderr, "%s", OPT_ARG(INFILE)); + exit(1); + } } else infile = stdin; @@ -210,7 +218,10 @@ static void tpm_generate(FILE* outfile, unsigned int key_type, unsigned int bits free(srk_pass); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_generate: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_tpm_privkey_generate: %s", gnutls_strerror (ret)); + exit(1); + } /* fwrite (pubkey.data, 1, pubkey.size, outfile); fputs ("\n", outfile);*/ @@ -230,7 +241,10 @@ static void tpm_delete(const char* url, FILE* outfile) ret = gnutls_tpm_privkey_delete(url, srk_pass); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_delete: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_tpm_privkey_delete: %s", gnutls_strerror (ret)); + exit(1); + } fprintf (outfile, "Key %s deleted\n", url); } @@ -244,7 +258,10 @@ static void tpm_list(FILE* outfile) ret = gnutls_tpm_get_registered (&list); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_tpm_get_registered: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_tpm_get_registered: %s", gnutls_strerror (ret)); + exit(1); + } fprintf(outfile, "Available keys:\n"); for (i=0;;i++) @@ -253,7 +270,10 @@ static void tpm_list(FILE* outfile) if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; else if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_tpm_key_list_get_url: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_tpm_key_list_get_url: %s", gnutls_strerror (ret)); + exit(1); + } fprintf(outfile, "\t%u: %s\n", i, url); gnutls_free(url); @@ -279,7 +299,10 @@ static void tpm_pubkey(const char* url, FILE* outfile) free(srk_pass); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_pubkey_import_tpm_url: %s", gnutls_strerror (ret)); + { + fprintf (stderr, "gnutls_pubkey_import_tpm_url: %s", gnutls_strerror (ret)); + exit(1); + } _pubkey_info(outfile, GNUTLS_CRT_PRINT_FULL, pubkey); -- 1.7.1