diff options
| author | Martin Willi <martin@revosec.ch> | 2013-11-21 14:22:01 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2014-01-23 15:55:32 +0100 |
| commit | b9ee059ca99bc8fb2a8854b35fef5a7672a03e1b (patch) | |
| tree | bbcb6728cb64f634238f45ed6cdc12460024676f /src | |
| parent | 37374a292aea466063bf7777929122299d493326 (diff) | |
| download | strongswan-b9ee059ca99bc8fb2a8854b35fef5a7672a03e1b.tar.bz2 strongswan-b9ee059ca99bc8fb2a8854b35fef5a7672a03e1b.tar.xz | |
chunk: Externalize error reporting in chunk_write()
This avoids passing that arbitrary label just for error messages, and gives
greater flexibility in handling errors.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_cred.c | 11 | ||||
| -rw-r--r-- | src/libstrongswan/tests/suites/test_chunk.c | 4 | ||||
| -rw-r--r-- | src/libstrongswan/utils/chunk.c | 15 | ||||
| -rw-r--r-- | src/libstrongswan/utils/chunk.h | 5 | ||||
| -rw-r--r-- | src/openac/openac.c | 10 | ||||
| -rw-r--r-- | src/scepclient/scepclient.c | 37 |
6 files changed, 52 insertions, 30 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c index 8d0001271..224dd9803 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.c +++ b/src/libcharon/plugins/stroke/stroke_cred.c @@ -521,7 +521,16 @@ METHOD(stroke_cred_t, cache_cert, void, if (cert->get_encoding(cert, CERT_ASN1_DER, &chunk)) { - chunk_write(chunk, buf, "crl", 022, TRUE); + if (chunk_write(chunk, buf, 022, TRUE)) + { + DBG1(DBG_CFG, " written crl file '%s' (%d bytes)", + buf, chunk.len); + } + else + { + DBG1(DBG_CFG, " writing crl file '%s' failed: %s", + buf, strerror(errno)); + } free(chunk.ptr); } } diff --git a/src/libstrongswan/tests/suites/test_chunk.c b/src/libstrongswan/tests/suites/test_chunk.c index 3492a7f7b..e373fbdb6 100644 --- a/src/libstrongswan/tests/suites/test_chunk.c +++ b/src/libstrongswan/tests/suites/test_chunk.c @@ -789,7 +789,7 @@ START_TEST(test_chunk_map) chunk_t *map, contents = chunk_from_chars(0x01,0x02,0x03,0x04,0x05); char *path = "/tmp/strongswan-chunk-map-test"; - ck_assert(chunk_write(contents, path, "chunk_map", 022, TRUE)); + ck_assert(chunk_write(contents, path, 022, TRUE)); /* read */ map = chunk_map(path, FALSE); @@ -827,7 +827,7 @@ START_TEST(test_chunk_from_fd_file) char *path = "/tmp/strongswan-chunk-fd-test"; int fd; - ck_assert(chunk_write(contents, path, "chunk_fd", 022, TRUE)); + ck_assert(chunk_write(contents, path, 022, TRUE)); fd = open(path, O_RDONLY); ck_assert(fd != -1); diff --git a/src/libstrongswan/utils/chunk.c b/src/libstrongswan/utils/chunk.c index 5961407dd..47181719a 100644 --- a/src/libstrongswan/utils/chunk.c +++ b/src/libstrongswan/utils/chunk.c @@ -28,7 +28,6 @@ #include <ctype.h> #include "chunk.h" -#include "debug.h" /** * Empty chunk. @@ -209,15 +208,16 @@ void chunk_split(chunk_t chunk, const char *mode, ...) /** * Described in header. */ -bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force) +bool chunk_write(chunk_t chunk, char *path, mode_t mask, bool force) { mode_t oldmask; FILE *fd; bool good = FALSE; + int tmp = 0; if (!force && access(path, F_OK) == 0) { - DBG1(DBG_LIB, " %s file '%s' already exists", label, path); + errno = EEXIST; return FALSE; } oldmask = umask(mask); @@ -226,23 +226,20 @@ bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force { if (fwrite(chunk.ptr, sizeof(u_char), chunk.len, fd) == chunk.len) { - DBG1(DBG_LIB, " written %s file '%s' (%d bytes)", - label, path, chunk.len); good = TRUE; } else { - DBG1(DBG_LIB, " writing %s file '%s' failed: %s", - label, path, strerror(errno)); + tmp = errno; } fclose(fd); } else { - DBG1(DBG_LIB, " could not open %s file '%s': %s", label, path, - strerror(errno)); + tmp = errno; } umask(oldmask); + errno = tmp; return good; } diff --git a/src/libstrongswan/utils/chunk.h b/src/libstrongswan/utils/chunk.h index 1228da30e..33f66caec 100644 --- a/src/libstrongswan/utils/chunk.h +++ b/src/libstrongswan/utils/chunk.h @@ -90,14 +90,15 @@ void chunk_split(chunk_t chunk, const char *mode, ...); /** * Write the binary contents of a chunk_t to a file * + * If the write fails, errno is set appropriately. + * * @param chunk contents to write to file * @param path path where file is written to - * @param label label specifying file type * @param mask file mode creation mask * @param force overwrite existing file by force * @return TRUE if write operation was successful */ -bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force); +bool chunk_write(chunk_t chunk, char *path, mode_t mask, bool force); /** * Store data read from FD into a chunk diff --git a/src/openac/openac.c b/src/openac/openac.c index 7074d44be..1996025e2 100644 --- a/src/openac/openac.c +++ b/src/openac/openac.c @@ -29,6 +29,7 @@ #include <getopt.h> #include <ctype.h> #include <time.h> +#include <errno.h> #include <library.h> #include <utils/debug.h> @@ -515,11 +516,18 @@ int main(int argc, char **argv) /* write the attribute certificate to file */ if (attr_cert->get_encoding(attr_cert, CERT_ASN1_DER, &attr_chunk)) { - if (chunk_write(attr_chunk, outfile, "attribute cert", 0022, TRUE)) + if (chunk_write(attr_chunk, outfile, 0022, TRUE)) { + DBG1(DBG_APP, " written attribute cert file '%s' (%d bytes)", + outfile, attr_chunk.len); write_serial(serial); status = 0; } + else + { + DBG1(DBG_APP, " writing attribute cert file '%s' failed: %s", + outfile, strerror(errno)); + } } } else diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 1267370ba..ec892cc0b 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -24,6 +24,7 @@ #include <time.h> #include <limits.h> #include <syslog.h> +#include <errno.h> #include <library.h> #include <utils/debug.h> @@ -975,9 +976,10 @@ int main(int argc, char **argv) { /* no PKCS#7 encoded CA+RA certificates, assume simple CA cert */ DBG1(DBG_APP, "unable to parse PKCS#7, assuming plain CA cert"); - if (!chunk_write(scep_response, ca_path, "ca cert", 0022, force)) + if (!chunk_write(scep_response, ca_path, 0022, force)) { - exit_scepclient("could not write ca cert file '%s'", ca_path); + exit_scepclient("could not write ca cert file '%s': %s", + ca_path, strerror(errno)); } } else @@ -1031,10 +1033,10 @@ int main(int argc, char **argv) } if (!cert->get_encoding(cert, CERT_ASN1_DER, &encoding) || - !chunk_write(encoding, path, - ca_cert ? "ca cert" : "ra cert", 0022, force)) + !chunk_write(encoding, path, 0022, force)) { - exit_scepclient("could not write cert file '%s'", path); + exit_scepclient("could not write cert file '%s': %s", + path, strerror(errno)); } chunk_free(&encoding); } @@ -1149,9 +1151,10 @@ int main(int argc, char **argv) join_paths(path, sizeof(path), REQ_PATH, file_out_pkcs10); - if (!chunk_write(pkcs10_encoding, path, "pkcs10", 0022, force)) + if (!chunk_write(pkcs10_encoding, path, 0022, force)) { - exit_scepclient("could not write pkcs10 file '%s'", path); + exit_scepclient("could not write pkcs10 file '%s': %s", + path, strerror(errno)); } filetype_out &= ~PKCS10; /* delete PKCS10 flag */ } @@ -1172,9 +1175,10 @@ int main(int argc, char **argv) DBG2(DBG_APP, "building pkcs1 object:"); if (!private_key->get_encoding(private_key, PRIVKEY_ASN1_DER, &pkcs1) || - !chunk_write(pkcs1, path, "pkcs1", 0066, force)) + !chunk_write(pkcs1, path, 0066, force)) { - exit_scepclient("could not write pkcs1 file '%s'", path); + exit_scepclient("could not write pkcs1 file '%s': %s", + path, strerror(errno)); } filetype_out &= ~PKCS1; /* delete PKCS1 flag */ } @@ -1236,9 +1240,10 @@ int main(int argc, char **argv) { exit_scepclient("encoding certificate failed"); } - if (!chunk_write(encoding, path, "self-signed cert", 0022, force)) + if (!chunk_write(encoding, path, 0022, force)) { - exit_scepclient("could not write self-signed cert file '%s'", path); + exit_scepclient("could not write self-signed cert file '%s': %s", + path, strerror(errno)); } chunk_free(&encoding); filetype_out &= ~CERT_SELF; /* delete CERT_SELF flag */ @@ -1300,9 +1305,10 @@ int main(int argc, char **argv) join_paths(path, sizeof(path), REQ_PATH, file_out_pkcs7); - if (!chunk_write(pkcs7, path, "pkcs7 encrypted request", 0022, force)) + if (!chunk_write(pkcs7, path, 0022, force)) { - exit_scepclient("could not write pkcs7 file '%s'", path); + exit_scepclient("could not write pkcs7 file '%s': %s", + path, strerror(errno)); } filetype_out &= ~PKCS7; /* delete PKCS7 flag */ } @@ -1460,9 +1466,10 @@ int main(int argc, char **argv) exit_scepclient("multiple certs received, only first stored"); } if (!cert->get_encoding(cert, CERT_ASN1_DER, &encoding) || - !chunk_write(encoding, path, "requested cert", 0022, force)) + !chunk_write(encoding, path, 0022, force)) { - exit_scepclient("could not write cert file '%s'", path); + exit_scepclient("could not write cert file '%s': %s", + path, strerror(errno)); } chunk_free(&encoding); stored = TRUE; |