Fix return code of write_file()

[oweals/ucert.git] / ucert.c

diff --git a/ucert.c b/ucert.c
index 6cdc2201fb3933bacfdfbb011102a167571206ee..7de4c12711e861bbf1ca0e5c26c082c3e04c832a 100644 (file)
--- a/ucert.c
+++ b/ucert.c
@@ -48,9 +48,13 @@ static enum {
 
 static bool quiet;
 #ifndef UCERT_STRIP_MESSAGES
-#define DPRINTF(format, ...) if (!quiet) fprintf(stderr, "%s(%d): " format, __func__, __LINE__, ## __VA_ARGS__)
+#define DPRINTF(format, ...)                                                                   \
+       do {                                                                                    \
+               if (!quiet)                                                                     \
+                       fprintf(stderr, "%s(%d): " format, __func__, __LINE__, ## __VA_ARGS__); \
+       } while (0)
 #else
-#define DPRINTF(format, ...)
+#define DPRINTF(format, ...) do { } while (0)
 #endif
 
 /*
@@ -112,13 +116,13 @@ struct cert_object {
 };
 
 /* write buffer to file */
-static int write_file(const char *filename, void *buf, size_t len, bool append) {
+static bool write_file(const char *filename, void *buf, size_t len, bool append) {
        FILE *f;
        size_t outlen;
 
        f = fopen(filename, append?"a":"w");
        if (!f)
-               return 1;
+               return false;
 
        outlen = fwrite(buf, 1, len, f);
        fclose(f);
@@ -133,7 +137,7 @@ static int cert_load(const char *certfile, struct list_head *chain) {
        struct cert_object *cobj;
        char filebuf[CERT_BUF_LEN];
        int ret = 0, pret = 0;
-       int len, pos = 0;
+       size_t len, pos = 0;
 
        f = fopen(certfile, "r");
        if (!f)
@@ -150,7 +154,7 @@ static int cert_load(const char *certfile, struct list_head *chain) {
 
        bufpt = (struct blob_attr *)filebuf;
        do {
-               pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX);
+               pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy, CERT_ATTR_MAX);
                if (pret <= 0)
                        /* no attributes found */
                        break;
@@ -183,7 +187,7 @@ static int cert_load(const char *certfile, struct list_head *chain) {
 static int cert_append(const char *certfile, const char *sigfile) {
        FILE *fs;
        char filebuf[CERT_BUF_LEN];
-       struct blob_buf sigbuf;
+       struct blob_buf sigbuf = {0};
        int len;
        int ret;
 
@@ -269,8 +273,8 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
        list_for_each_entry(cobj, chain, list) {
                /* blob has payload, verify that using signature */
                if (cobj->cert[CERT_ATTR_PAYLOAD]) {
-                       uint64_t validfrom;
-                       uint64_t expiresat;
+                       time_t validfrom;
+                       time_t expiresat;
                        uint32_t certtype;
 
                        ret = cert_verify_blob(cobj->cert, chainedpubkey[0]?chainedpubkey:pubkeyfile, pubkeydir);
@@ -367,6 +371,7 @@ clean_and_return:
 /* dump single chain element to console */
 static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
        int i;
+       char *json = NULL;
 
        for (i = 0; i < CERT_ATTR_MAX; i++) {
                struct blob_attr *v = cert[i];
@@ -376,10 +381,16 @@ static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
 
                switch(cert_policy[i].type) {
                case BLOB_ATTR_BINARY:
-                       fprintf(stdout, "signature:\n---\n%s---\n", (char *) blob_data(v));
+                       printf("signature:\n---\n%s---\n", (char *) blob_data(v));
                        break;
                case BLOB_ATTR_NESTED:
-                       fprintf(stdout, "payload:\n---\n%s\n---\n", blobmsg_format_json_indent(blob_data(v), false, 0));
+                       json = blobmsg_format_json_indent(blob_data(v), false, 0);
+                       if (!json) {
+                               DPRINTF("cannot parse payload\n");
+                               continue;
+                       }
+                       printf("payload:\n---\n%s\n---\n", json);
+                       free(json);
                        break;
                }
        }
@@ -397,7 +408,7 @@ static int cert_dump(const char *certfile) {
        }
 
        list_for_each_entry(cobj, &certchain, list) {
-               fprintf(stdout, "=== CHAIN ELEMENT %02u ===\n", ++count);
+               printf("=== CHAIN ELEMENT %02u ===\n", ++count);
                cert_dump_blob(cobj->cert);
        }
 
@@ -406,15 +417,15 @@ static int cert_dump(const char *certfile) {
 
 /* issue an auth certificate for pubkey */
 static int cert_issue(const char *certfile, const char *pubkeyfile, const char *seckeyfile) {
-       struct blob_buf certbuf;
-       struct blob_buf payloadbuf;
+       struct blob_buf payloadbuf = {0};
+       struct blob_buf certbuf = {0};
        struct timeval tv;
        int pklen, siglen;
        int revoker = 1;
        void *c;
        FILE *pkf, *sigf;
        char pkb[512];
-       char sigb[512];
+       char sigb[1024];
        char fname[256], sfname[256];
        char pkfp[17];
        char tmpdir[] = "/tmp/ucert-XXXXXX";
@@ -499,12 +510,12 @@ static int cert_process_revoker(const char *certfile, const char *pubkeydir) {
        struct blob_attr *payloadtb[CERT_PL_ATTR_MAX];
        struct stat st;
        struct timeval tv;
-       uint64_t validfrom;
-       uint32_t certtype;
+       time_t validfrom;
+       enum certtype_id certtype;
        char *fingerprint;
        char rfname[512];
 
-       int ret;
+       int ret = -1;
 
        if (cert_load(certfile, &certchain)) {
                DPRINTF("cannot parse cert\n");