annotate common/listutil.h @ 648:e41a2537b84d

Implement root installation We now iterate over all users that do not obviously have their login shell disabled and look for NSS directories in their home directory, dropping our privileges to do so.
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 25 Jun 2014 12:44:47 +0200
parents bf54c9fc0d63
children 44257ecdae6d
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 286
diff changeset
7 */
7
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
8 #ifndef LISTUTIL_H
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
9 #define LISTUTIL_H
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
10
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
11 #ifdef __cplusplus
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
12 extern "C" {
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
13 #endif
4
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
14
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
15 #include <stddef.h>
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
16
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
17 /**
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
18 * @file listutil.h
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
19 * @brief Functions to work with the certificate list.
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
20 */
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
21
7
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
22 /**
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
23 * @brief Status of the List Operations
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
24 */
4
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
25 typedef enum {
578
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
26 Valid = 100, /*! Could be read and signature matched */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
27 UnknownError = 1, /*! The expected unexpected */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
28 TooLarge = 2, /*! Failed because the file exeeds the limit */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
29 InvalidFormat = 3, /*! File does not appear to be in list format */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
30 InvalidSignature = 4, /*! Signature was invalid */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
31 SeekFailed = 5, /*! Could not seek in the file */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
32 ReadFailed = 6, /*! File exists but could not read the file */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
33 IncompatibleVersion = 7, /*! The Format Version does not match */
bf54c9fc0d63 Doxygen comments for list_status_t
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
34 NoList = 8 /*! No list parsed */
4
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
35 } list_status_t;
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
36
68
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
37 /* Definitions based on the format */
123
571f68c7a38f Specified line length is 9999 and not 1000!
Andre Heinecke <aheinecke@intevation.de>
parents: 70
diff changeset
38 #define MAX_LINE_LENGTH 9999
68
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
39 #define MAX_LINES 1000
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
40
4
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
41 /**
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
42 * @brief Obtain the complete and verified Certificate list.
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
43 *
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
44 * This checks if the file fileName is a valid certificate
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
45 * list signed by the key specified in pubkey.h
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
46 *
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
47 * The caller has to free data.
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
48 *
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
49 * @param[in] fileName Name of the file (UTF-8 encoded).
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
50 * @param[out] data Newly allocated pointer to the file content.
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
51 * @param[out] size Size in Bytes of the file content.
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
52 *
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
53 * @return status of the operation.
9849250f50f2 Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
54 */
28
e783fd99a9eb Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents: 22
diff changeset
55 list_status_t read_and_verify_list(const char *fileName, char **data, size_t *size);
59
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
56
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
57 /** @brief verify the certificate list
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
58 *
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
59 * The public key to verify against is the static publicKeyPEM data defined
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
60 * in the pubkey header.
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
61 *
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
62 * @param [in] data the list data
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
63 * @param [in] size the size of the data
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
64 *
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
65 * @returns 0 if the list is valid a polarssl error or -1 otherwise
3f6378647371 Start work on cinst. Strhelp new helpers to work with C String
Andre Heinecke <aheinecke@intevation.de>
parents: 31
diff changeset
66 */
68
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
67 int verify_list(const char *data, const size_t size);
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
68
286
881ce5126f07 Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents: 123
diff changeset
69 /** @brief get a list of the certificates marked with I: or R:
68
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
70 *
286
881ce5126f07 Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents: 123
diff changeset
71 * Get a list of certificates that are contained in the
68
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
72 * certificatelist pointed to by data.
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
73 * On Success this function makes a copy of the certificates
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
74 * and the certificates need to be freed by the caller.
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
75 *
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
76 * @param [in] data the certificatelist to parse
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
77 * @param [in] size the size of the certificatelist
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
78 *
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
79 * @returns a newly allocated array of strings containing the encoded
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
80 * certificates or NULL on error.
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
81 * */
286
881ce5126f07 Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents: 123
diff changeset
82 char **get_certs_from_list (char *data, const size_t size);
68
8ffbb48528ae Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 59
diff changeset
83
7
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
84 #ifdef __cplusplus
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
85 }
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
86 #endif
992c0ec57660 Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents: 4
diff changeset
87 #endif

http://wald.intevation.org/projects/trustbridge/