oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

pass back an heim_error from hx509_cert_init

Browse Source
This commit is contained in:
Love Hornquist Astrand
2012-10-07 06:33:13 -07:00
parent 216bfa564d
commit 029de6cfa4
16 changed files with 135 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
kdc/pkinit.c
View File

@@ -540,11 +540,11 @@ _kdc_pk_rd_padata(krb5_context context,
unsigned int i;
for (i = 0; i < pc->len; i++) {
ret = hx509_cert_init_data(context->hx509ctx,
pc->val[i].cert.data,
pc->val[i].cert.length,
&cert);
if (ret)
cert = hx509_cert_init_data(context->hx509ctx,
pc->val[i].cert.data,
pc->val[i].cert.length,
NULL);
if (cert == NULL)
continue;
hx509_certs_add(context->hx509ctx, trust_anchors, cert);
hx509_cert_free(cert);
@@ -1742,11 +1742,11 @@ _kdc_pk_check_client(krb5_context context,
size_t j;
for (j = 0; j < pc->len; j++) {
ret = hx509_cert_init_data(context->hx509ctx,
pc->val[j].cert.data,
pc->val[j].cert.length,
&cert);
if (ret)
cert = hx509_cert_init_data(context->hx509ctx,
pc->val[j].cert.data,
pc->val[j].cert.length,
NULL);
if (cert == NULL)
continue;
ret = hx509_cert_cmp(cert, cp->cert);
hx509_cert_free(cert);

14
lib/base/db.c
View File

@@ -68,7 +68,7 @@
#define HEIM_ENOMEM(ep) \
(((ep) && !*(ep)) ? \
heim_error_get_code((*(ep) = heim_error_enomem())) : ENOMEM)
heim_error_get_code((*(ep) = heim_error_create_enomem())) : ENOMEM)
#define HEIM_ERROR_HELPER(ep, ec, args) \
(((ep) && !*(ep)) ? \
@@ -326,7 +326,7 @@ heim_db_create(const char *dbtype, const char *dbname,
options = heim_dict_create(11);
if (options == NULL) {
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}
} else {
@@ -413,7 +413,7 @@ heim_db_create(const char *dbtype, const char *dbname,
if (!db->dbtype || ! db->dbname) {
heim_release(db);
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}
}
@@ -456,7 +456,7 @@ heim_db_clone(heim_db_t db, heim_error_t *error)
result = _heim_alloc_object(&db_object, sizeof(*result));
if (result == NULL) {
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}
@@ -763,7 +763,7 @@ heim_db_copy_value(heim_db_t db, heim_string_t table, heim_data_t key,
key64 = to_base64(key, error);
if (key64 == NULL) {
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}
@@ -1126,7 +1126,7 @@ heim_string_t to_base64(heim_data_t data, heim_error_t *error)
enomem:
free(b64);
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}
@@ -1150,7 +1150,7 @@ heim_data_t from_base64(heim_string_t s, heim_error_t *error)
enomem:
free(buf);
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}

18
lib/base/error.c
View File

@@ -77,12 +77,24 @@ struct heim_type_data _heim_error_object = {
};
heim_error_t
heim_error_enomem(void)
heim_error_create_enomem(void)
{
/* This is an immediate object; see heim_number_create() */
return (heim_error_t)heim_number_create(ENOMEM);
}
void
heim_error_create_opt(heim_error_t *error, int error_code, const char *fmt, ...)
{
if (error) {
va_list ap;
va_start(ap, fmt);
*error = heim_error_createv(error_code, fmt, ap);
va_end(ap);
}
}
heim_error_t
heim_error_create(int error_code, const char *fmt, ...)
{
@@ -107,7 +119,7 @@ heim_error_createv(int error_code, const char *fmt, va_list ap)
str = malloc(1024);
errno = save_errno;
if (str == NULL)
return heim_error_enomem();
return heim_error_create_enomem();
len = vsnprintf(str, 1024, fmt, ap);
errno = save_errno;
if (len < 0) {
@@ -141,6 +153,8 @@ heim_error_copy_string(heim_error_t error)
int
heim_error_get_code(heim_error_t error)
{
if (error == NULL)
return -1;
if (heim_get_tid(error) != HEIM_TID_ERROR) {
if (heim_get_tid(error) == heim_number_get_type_id())
return heim_number_get_int((heim_number_t)error);

2
lib/base/heimbase.c
View File

@@ -894,7 +894,7 @@ heim_path_vcreate(heim_object_t ptr, size_t size, heim_object_t leaf,
err:
if (error && !*error) {
if (ret == ENOMEM)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
else
*error = heim_error_create(ret, "Could not set "
"dict value");

6
lib/base/heimbase.h
View File

@@ -189,11 +189,15 @@ heim_string_t __heim_string_constant(const char *);
*/
typedef struct heim_error * heim_error_t;
heim_error_t heim_error_enomem(void);
heim_error_t heim_error_create_enomem(void);
heim_error_t heim_error_create(int, const char *, ...)
HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3));
void heim_error_create_opt(heim_error_t *error, int error_code, const char *fmt, ...)
HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4));
heim_error_t heim_error_createv(int, const char *, va_list)
HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0));

14
lib/base/json.c
View File

@@ -390,7 +390,7 @@ parse_string(struct parse_ctx *ctx)
} else {
o = heim_string_create_with_bytes(start, ctx->p - start);
if (o == NULL) {
ctx->error = heim_error_enomem();
ctx->error = heim_error_create_enomem();
return NULL;
}
@@ -407,7 +407,7 @@ parse_string(struct parse_ctx *ctx)
buf = malloc(len);
if (buf == NULL) {
heim_release(o);
ctx->error = heim_error_enomem();
ctx->error = heim_error_create_enomem();
return NULL;
}
len = base64_decode(s, buf);
@@ -511,7 +511,7 @@ parse_dict(struct parse_ctx *ctx)
dict = heim_dict_create(11);
if (dict == NULL) {
ctx->error = heim_error_enomem();
ctx->error = heim_error_create_enomem();
return NULL;
}
@@ -538,7 +538,7 @@ parse_dict(struct parse_ctx *ctx)
if (buf == NULL) {
heim_release(dict);
heim_release(v);
ctx->error = heim_error_enomem();
ctx->error = heim_error_create_enomem();
return NULL;
}
len = base64_decode(heim_string_get_utf8(v), buf);
@@ -777,7 +777,7 @@ heim_serialize(heim_object_t obj, heim_json_flags_t flags, heim_error_t *error)
strbuf.str = malloc(STRBUF_INIT_SZ);
if (strbuf.str == NULL) {
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
return NULL;
}
strbuf.len = 0;
@@ -789,7 +789,7 @@ heim_serialize(heim_object_t obj, heim_json_flags_t flags, heim_error_t *error)
if (ret || strbuf.enomem) {
if (error) {
if (strbuf.enomem || ret == ENOMEM)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
else
*error = heim_error_create(1, "Impossible to JSON-encode "
"object");
@@ -804,7 +804,7 @@ heim_serialize(heim_object_t obj, heim_json_flags_t flags, heim_error_t *error)
str = heim_string_ref_create(strbuf.str, free);
if (str == NULL) {
if (error)
*error = heim_error_enomem();
*error = heim_error_create_enomem();
free(strbuf.str);
}
return str;

3
lib/base/version-script.map
View File

@@ -55,9 +55,10 @@ HEIMDAL_BASE_1.0 {
heim_dict_set_value;
heim_error_append;
heim_error_copy_string;
heim_error_create_opt;
heim_error_create;
heim_error_createv;
heim_error_enomem;
heim_error_create_enomem;
heim_error_get_code;
heim_get_hash;
heim_get_tid;

8
lib/hx509/ca.c
View File

@@ -987,6 +987,7 @@ ca_sign(hx509_context context,
const Name *issuername,
hx509_cert *certificate)
{
heim_error_t error = NULL;
heim_octet_string data;
Certificate c;
TBSCertificate *tbsc;
@@ -1408,9 +1409,12 @@ ca_sign(hx509_context context,
if (ret)
goto out;
ret = hx509_cert_init(context, &c, certificate);
if (ret)
*certificate = hx509_cert_init(context, &c, &error);
if (*certificate == NULL) {
ret = heim_error_get_code(error);
heim_release(error);
goto out;
}
free_Certificate(&c);

72
lib/hx509/cert.c
View File

@@ -218,42 +218,43 @@ _hx509_cert_get_version(const Certificate *t)
*
* @param context A hx509 context.
* @param c
* @param cert
* @param error
*
* @return Returns an hx509 error code.
* @return Returns an hx509 certificate
*
* @ingroup hx509_cert
*/
int
hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert)
hx509_cert
hx509_cert_init(hx509_context context, const Certificate *c, heim_error_t *error)
{
hx509_cert cert;
int ret;
*cert = malloc(sizeof(**cert));
if (*cert == NULL)
return ENOMEM;
(*cert)->ref = 1;
(*cert)->friendlyname = NULL;
(*cert)->attrs.len = 0;
(*cert)->attrs.val = NULL;
(*cert)->private_key = NULL;
(*cert)->basename = NULL;
(*cert)->release = NULL;
(*cert)->ctx = NULL;
cert = malloc(sizeof(*cert));
if (cert == NULL)
return heim_error_create_enomem();
cert->ref = 1;
cert->friendlyname = NULL;
cert->attrs.len = 0;
cert->attrs.val = NULL;
cert->private_key = NULL;
cert->basename = NULL;
cert->release = NULL;
cert->ctx = NULL;
(*cert)->data = calloc(1, sizeof(*(*cert)->data));
if ((*cert)->data == NULL) {
free(*cert);
return ENOMEM;
cert->data = calloc(1, sizeof(*(cert->data)));
if (cert->data == NULL) {
free(cert);
return heim_error_create_enomem();
}
ret = copy_Certificate(c, (*cert)->data);
ret = copy_Certificate(c, cert->data);
if (ret) {
free((*cert)->data);
free(*cert);
*cert = NULL;
free(cert->data);
free(cert);
cert = NULL;
}
return ret;
return cert;
}
/**
@@ -268,39 +269,38 @@ hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert)
* @param context A hx509 context.
* @param ptr pointer to memory region containing encoded certificate.
* @param len length of memory region.
* @param cert a return pointer to a hx509 certificate object, will
* contain NULL on error.
* @param error possibly returns an error
*
* @return An hx509 error code, see hx509_get_error_string().
* @return An hx509 certificate
*
* @ingroup hx509_cert
*/
int
hx509_cert
hx509_cert_init_data(hx509_context context,
const void *ptr,
size_t len,
hx509_cert *cert)
heim_error_t *error)
{
hx509_cert cert;
Certificate t;
size_t size;
int ret;
ret = decode_Certificate(ptr, len, &t, &size);
if (ret) {
hx509_set_error_string(context, 0, ret, "Failed to decode certificate");
return ret;
*error = heim_error_create(ret, "Failed to decode certificate");
return NULL;
}
if (size != len) {
free_Certificate(&t);
hx509_set_error_string(context, 0, HX509_EXTRA_DATA_AFTER_STRUCTURE,
"Extra data after certificate");
return HX509_EXTRA_DATA_AFTER_STRUCTURE;
return heim_error_create(HX509_EXTRA_DATA_AFTER_STRUCTURE,
"Extra data after certificate");
}
ret = hx509_cert_init(context, &t, cert);
cert = hx509_cert_init(context, &t, error);
free_Certificate(&t);
return ret;
return cert;
}
void

14
lib/hx509/cms.c
View File

@@ -730,14 +730,18 @@ any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs)
return 0;
for (i = 0; i < sd->certificates->len; i++) {
heim_error_t error;
hx509_cert c;
ret = hx509_cert_init_data(context,
sd->certificates->val[i].data,
sd->certificates->val[i].length,
&c);
if (ret)
c = hx509_cert_init_data(context,
sd->certificates->val[i].data,
sd->certificates->val[i].length,
&error);
if (c == NULL) {
ret = heim_error_get_code(error);
heim_release(error);
return ret;
}
ret = hx509_certs_add(context, certs, c);
hx509_cert_free(c);
if (ret)

8
lib/hx509/ks_file.c
View File

@@ -52,12 +52,16 @@ parse_certificate(hx509_context context, const char *fn,
const void *data, size_t len,
const AlgorithmIdentifier *ai)
{
heim_error_t error = NULL;
hx509_cert cert;
int ret;
ret = hx509_cert_init_data(context, data, len, &cert);
if (ret)
cert = hx509_cert_init_data(context, data, len, &error);
if (cert == NULL) {
ret = heim_error_get_code(error);
heim_release(error);
return ret;
}
ret = _hx509_collector_certs_add(context, c, cert);
hx509_cert_free(cert);

12
lib/hx509/ks_keychain.c
View File

@@ -420,8 +420,8 @@ keychain_iter_start(hx509_context context,
SecCertificateGetData(cr, &cssm);
ret = hx509_cert_init_data(context, cssm.Data, cssm.Length, &cert);
if (ret)
cert = hx509_cert_init_data(context, cssm.Data, cssm.Length, NULL);
if (cert == NULL)
continue;
ret = hx509_certs_add(context, iter->certs, cert);
@@ -470,6 +470,7 @@ keychain_iter(hx509_context context,
UInt32 attrFormat[1] = { 0 };
SecKeychainItemRef itemRef;
SecItemAttr item[1];
heim_error_t error = NULL;
struct iter *iter = cursor;
OSStatus ret;
UInt32 len;
@@ -501,9 +502,12 @@ keychain_iter(hx509_context context,
if (ret)
return EINVAL;
ret = hx509_cert_init_data(context, ptr, len, cert);
if (ret)
cert = hx509_cert_init_data(context, ptr, len, &error);
if (cert == NULL) {
ret = heim_error_get_code(error);
heim_release(error);
goto out;
}
/*
* Find related private key if there is one by looking at

10
lib/hx509/ks_p11.c
View File

@@ -688,6 +688,7 @@ collect_cert(hx509_context context,
void *ptr, CK_ATTRIBUTE *query, int num_query)
{
struct hx509_collector *collector = ptr;
heim_error_t error = NULL;
hx509_cert cert;
int ret;
@@ -697,10 +698,13 @@ collect_cert(hx509_context context,
return 0;
}
ret = hx509_cert_init_data(context, query[1].pValue,
query[1].ulValueLen, &cert);
if (ret)
cert = hx509_cert_init_data(context, query[1].pValue,
query[1].ulValueLen, &error);
if (cert == NULL) {
ret = heim_error_get_code(error);
heim_release(error);
return ret;
}
if (p->ref == 0)
_hx509_abort("pkcs11 ref == 0 on alloc");

8
lib/hx509/ks_p12.c
View File

@@ -130,6 +130,7 @@ certBag_parser(hx509_context context,
const void *data, size_t length,
const PKCS12_Attributes *attrs)
{
heim_error_t error = NULL;
heim_octet_string os;
hx509_cert cert;
PKCS12_CertBag cb;
@@ -152,10 +153,13 @@ certBag_parser(hx509_context context,
if (ret)
return ret;
ret = hx509_cert_init_data(context, os.data, os.length, &cert);
cert = hx509_cert_init_data(context, os.data, os.length, &error);
der_free_octet_string(&os);
if (ret)
if (cert == NULL) {
ret = heim_error_get_code(error);
heim_release(error);
return ret;
}
ret = _hx509_collector_certs_add(context, c, cert);
if (ret) {

4
lib/hx509/revoke.c
View File

@@ -361,8 +361,8 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp)
for (i = 0; i < basic.certs->len; i++) {
hx509_cert c;
ret = hx509_cert_init(context, &basic.certs->val[i], &c);
if (ret)
c = hx509_cert_init(context, &basic.certs->val[i], NULL);
if (c == NULL)
continue;
ret = hx509_certs_add(context, certs, c);

14
lib/hx509/test_name.c
View File

@@ -319,14 +319,14 @@ test_compare(hx509_context context)
/* check transative properties of name compare function */
ret = hx509_cert_init_data(context, certdata1, sizeof(certdata1) - 1, &c1);
if (ret) return 1;
c1 = hx509_cert_init_data(context, certdata1, sizeof(certdata1) - 1, NULL);
if (c1 == NULL) return 1;
ret = hx509_cert_init_data(context, certdata2, sizeof(certdata2) - 1, &c2);
if (ret) return 1;
ret = hx509_cert_init_data(context, certdata3, sizeof(certdata3) - 1, &c3);
if (ret) return 1;
c2 = hx509_cert_init_data(context, certdata2, sizeof(certdata2) - 1, NULL);
if (c2 == NULL) return 1;
c3 = hx509_cert_init_data(context, certdata3, sizeof(certdata3) - 1, NULL);
if (c3 == NULL) return 1;
ret = compare_subject(c1, c1, &l0);
if (ret) return 1;