ci: fix unit test failures by enabling full ucert build

[oweals/ucert.git] / ucert.c
diff --git a/ucert.c b/ucert.c

index 569b31d5f16e3c8135e0a03dc65883ea3131ae6c..d822199eb7f8b8db7a67845d3f2a4642d711020f 100644 (file)
--- a/ucert.c
+++ b/ucert.c
@@ -48,9 +48,13 @@ static enum {
  
  static bool quiet;
  #ifndef UCERT_STRIP_MESSAGES
-#define DPRINTF(format, ...) if (!quiet) fprintf(stderr, "%s(%d): " format, __func__, __LINE__, ## __VA_ARGS__)
+#define DPRINTF(format, ...)                                                                   \
+       do {                                                                                    \
+               if (!quiet)                                                                     \
+                       fprintf(stderr, "%s(%d): " format, __func__, __LINE__, ## __VA_ARGS__); \
+       } while (0)
  #else
-#define DPRINTF(format, ...)
+#define DPRINTF(format, ...) do { } while (0)
  #endif
  
  /*
@@ -133,7 +137,7 @@ static int cert_load(const char *certfile, struct list_head *chain) {
         struct cert_object *cobj;
         char filebuf[CERT_BUF_LEN];
         int ret = 0, pret = 0;
-       int len, pos = 0;
+       size_t len, pos = 0;
  
         f = fopen(certfile, "r");
         if (!f)
@@ -150,7 +154,7 @@ static int cert_load(const char *certfile, struct list_head *chain) {
  
         bufpt = (struct blob_attr *)filebuf;
         do {
-               pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX);
+               pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy, CERT_ATTR_MAX);
                 if (pret <= 0)
                         /* no attributes found */
                         break;
@@ -269,8 +273,8 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
         list_for_each_entry(cobj, chain, list) {
                 /* blob has payload, verify that using signature */
                 if (cobj->cert[CERT_ATTR_PAYLOAD]) {
-                       uint64_t validfrom;
-                       uint64_t expiresat;
+                       time_t validfrom;
+                       time_t expiresat;
                         uint32_t certtype;
  
                         ret = cert_verify_blob(cobj->cert, chainedpubkey[0]?chainedpubkey:pubkeyfile, pubkeydir);
@@ -367,6 +371,7 @@ clean_and_return:
  /* dump single chain element to console */
  static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
         int i;
+       char *json = NULL;
  
         for (i = 0; i < CERT_ATTR_MAX; i++) {
                 struct blob_attr *v = cert[i];
@@ -379,7 +384,13 @@ static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
                         fprintf(stdout, "signature:\n---\n%s---\n", (char *) blob_data(v));
                         break;
                 case BLOB_ATTR_NESTED:
-                       fprintf(stdout, "payload:\n---\n%s\n---\n", blobmsg_format_json_indent(blob_data(v), false, 0));
+                       json = blobmsg_format_json_indent(blob_data(v), false, 0);
+                       if (!json) {
+                               DPRINTF("cannot parse payload\n");
+                               continue;
+                       }
+                       fprintf(stdout, "payload:\n---\n%s\n---\n", json);
+                       free(json);
                         break;
                 }
         }
@@ -499,12 +510,12 @@ static int cert_process_revoker(const char *certfile, const char *pubkeydir) {
         struct blob_attr *payloadtb[CERT_PL_ATTR_MAX];
         struct stat st;
         struct timeval tv;
-       uint64_t validfrom;
-       uint32_t certtype;
+       time_t validfrom;
+       enum certtype_id certtype;
         char *fingerprint;
         char rfname[512];
  
-       int ret;
+       int ret = -1;
  
         if (cert_load(certfile, &certchain)) {
                 DPRINTF("cannot parse cert\n");