This allows more than one builder to try parsing the data read from STDIN.
ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_FROM_FILE",
- "BUILD_FROM_FD",
"BUILD_AGENT_SOCKET",
"BUILD_BLOB",
"BUILD_BLOB_ASN1_DER",
enum builder_part_t {
/** path to a file encoded in any format, char* */
BUILD_FROM_FILE,
- /** file descriptor to read data, encoded in any format, int */
- BUILD_FROM_FD,
/** unix socket of a ssh/pgp agent, char* */
BUILD_AGENT_SOCKET,
/** An arbitrary blob of data, chunk_t */
return cred;
}
-/**
- * load the credential from a file descriptor
- */
-static void *load_from_fd(int fd, credential_type_t type, int subtype,
- identification_t *subject, x509_flag_t flags)
-{
- char buf[8096];
- char *pos = buf;
- ssize_t len, total = 0;
-
- while (TRUE)
- {
- len = read(fd, pos, buf + sizeof(buf) - pos);
- if (len < 0)
- {
- DBG1(DBG_LIB, "reading from file descriptor failed: %s",
- strerror(errno));
- return NULL;
- }
- if (len == 0)
- {
- break;
- }
- total += len;
- if (total == sizeof(buf))
- {
- DBG1(DBG_LIB, "buffer too small to read from file descriptor");
- return NULL;
- }
- }
- return load_from_blob(chunk_create(buf, total), type, subtype,
- subject, flags);
-}
-
/**
* Load all kind of PEM encoded credentials.
*/
static void *pem_load(credential_type_t type, int subtype, va_list args)
{
char *file = NULL;
- int fd = -1;
chunk_t pem = chunk_empty;
identification_t *subject = NULL;
int flags = 0;
case BUILD_FROM_FILE:
file = va_arg(args, char*);
continue;
- case BUILD_FROM_FD:
- fd = va_arg(args, int);
- continue;
+ case BUILD_BLOB:
case BUILD_BLOB_PEM:
pem = va_arg(args, chunk_t);
continue;
{
return load_from_file(file, type, subtype, subject, flags);
}
- if (fd != -1)
- {
- return load_from_fd(fd, type, subtype, subject, flags);
- }
return NULL;
}
}
/**
- * Load SSH key from FD
+ * Load SSH key from a blob of data (most likely the content of a file)
*/
-static sshkey_public_key_t *load_from_fd(int fd)
+static sshkey_public_key_t *load_from_blob(chunk_t blob)
{
FILE *stream;
- /* dup the FD as it gets closed in fclose() */
- fd = dup(fd);
- if (fd == -1)
- {
- return NULL;
- }
- stream = fdopen(fd, "r");
+ stream = fmemopen(blob.ptr, blob.len, "r");
if (!stream)
{
- close(fd);
return NULL;
}
return load_from_stream(stream);
*/
sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args)
{
- chunk_t blob = chunk_empty;
+ chunk_t sshkey = chunk_empty, blob = chunk_empty;
char *file = NULL;
- int fd = -1;
while (TRUE)
{
switch (va_arg(args, builder_part_t))
{
case BUILD_BLOB_SSHKEY:
- blob = va_arg(args, chunk_t);
+ sshkey = va_arg(args, chunk_t);
continue;
case BUILD_FROM_FILE:
file = va_arg(args, char*);
continue;
- case BUILD_FROM_FD:
- fd = va_arg(args, int);
+ case BUILD_BLOB:
+ blob = va_arg(args, chunk_t);
continue;
case BUILD_END:
break;
}
break;
}
- if (blob.ptr)
+ if (sshkey.ptr)
{
- return parse_public_key(blob);
+ return parse_public_key(sshkey);
}
if (file)
{
return load_from_file(file);
}
- if (fd != -1)
+ if (blob.ptr)
{
- return load_from_fd(fd);
+ return load_from_blob(blob);
}
return NULL;
}
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
cert_req = lib->creds->create(lib->creds, CRED_CERTIFICATE,
CERT_PKCS10_REQUEST,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (!cert_req)
{
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
}
if (!public)
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
cred = lib->creds->create(lib->creds, type, subtype,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (!cred)
{
if (crl->is_delta_crl(crl, &chunk))
{
- chunk = chunk_skip_zero(chunk);
+ chunk = chunk_skip_zero(chunk);
printf("delta CRL: for serial %#B\n", &chunk);
}
chunk = crl->get_authKeyIdentifier(crl);
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
cred = lib->creds->create(lib->creds, type, subtype,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (!cred)
{
chunk = chunk_from_hex(chunk_create(keyid, strlen(keyid)), NULL);
cred = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
- BUILD_PKCS11_KEYID, chunk, BUILD_END);
+ BUILD_PKCS11_KEYID, chunk, BUILD_END);
free(chunk.ptr);
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
cred = lib->creds->create(lib->creds, type, subtype,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (type == CRED_PRIVATE_KEY)
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (!private)
{
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (!private)
{
}
else
{
+ chunk_t chunk;
+
+ chunk = chunk_from_fd(0);
cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
- BUILD_FROM_FD, 0, BUILD_END);
+ BUILD_BLOB, chunk, BUILD_END);
+ free(chunk.ptr);
}
if (!cert)
{