@@ -349,7 +349,7 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
blobmsg_data_len(payloadtb[CERT_PL_ATTR_PUBKEY]),
false);
- if (usign_f_pubkey(chainedfp, chainedpubkey)) {
+ if (usign_f_pubkey(chainedfp, chainedpubkey, quiet)) {
DPRINTF("cannot get fingerprint for chained key\n");
ret = 2;
goto clean_and_return;
@@ -460,7 +460,7 @@ static int cert_issue(const char *certfile, const char *pubkeyfile, const char *
pkb[pklen] = '\0';
- if (usign_f_pubkey(pkfp, pubkeyfile))
+ if (usign_f_pubkey(pkfp, pubkeyfile, quiet))
return -1;
gettimeofday(&tv, NULL);
@@ -72,10 +72,10 @@ int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bo
return -1;
case 0:
- if (execvp(usign_argv[0], (char *const *)usign_argv))
- return -1;
-
- break;
+ execvp(usign_argv[0], (char *const *)usign_argv);
+ if (!quiet)
+ perror("Failed to execute usign");
+ _exit(1);
default:
waitpid(pid, &status, 0);
@@ -94,7 +94,7 @@ int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bo
* call usign -F ... and set fingerprint returned
* return WEXITSTATUS or -1 if fork or execv fails
*/
-static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
+static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile, bool quiet) {
int fds[2];
pid_t pid;
int status;
@@ -135,10 +135,10 @@ static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckey
close(fds[0]);
close(fds[1]);
- if (execvp(usign_argv[0], (char *const *)usign_argv))
- return -1;
-
- break;
+ execvp(usign_argv[0], (char *const *)usign_argv);
+ if (!quiet)
+ perror("Failed to execute usign");
+ _exit(1);
default:
waitpid(pid, &status, 0);
@@ -164,22 +164,22 @@ static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckey
/*
* call usign -F -p ...
*/
-int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
- return usign_f(fingerprint, pubkeyfile, NULL, NULL);
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile, bool quiet) {
+ return usign_f(fingerprint, pubkeyfile, NULL, NULL, quiet);
}
/*
* call usign -F -s ...
*/
-int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
- return usign_f(fingerprint, NULL, seckeyfile, NULL);
+int usign_f_seckey(char *fingerprint, const char *seckeyfile, bool quiet) {
+ return usign_f(fingerprint, NULL, seckeyfile, NULL, quiet);
}
/*
* call usign -F -x ...
*/
-int usign_f_sig(char *fingerprint, const char *sigfile) {
- return usign_f(fingerprint, NULL, NULL, sigfile);
+int usign_f_sig(char *fingerprint, const char *sigfile, bool quiet) {
+ return usign_f(fingerprint, NULL, NULL, sigfile, quiet);
}
@@ -195,7 +195,7 @@ int usign_v(const char *msgfile, const char *pubkeyfile,
unsigned int usign_argc = 0;
char fingerprint[17];
- if (usign_f_sig(fingerprint, sigfile)) {
+ if (usign_f_sig(fingerprint, sigfile, quiet)) {
if (!quiet)
fprintf(stderr, "cannot get signing key fingerprint\n");
return 1;
@@ -235,10 +235,10 @@ int usign_v(const char *msgfile, const char *pubkeyfile,
return -1;
case 0:
- if (execvp(usign_argv[0], (char *const *)usign_argv))
- return -1;
-
- break;
+ execvp(usign_argv[0], (char *const *)usign_argv);
+ if (!quiet)
+ perror("Failed to execute usign");
+ _exit(1);
default:
waitpid(pid, &status, 0);
@@ -15,6 +15,8 @@
#ifndef _USIGN_H
#define _USIGN_H
+#include <stdbool.h>
+
/**
* Verify
*
@@ -35,11 +37,11 @@ int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bo
*
* calls: usign -F ...
*/
-int usign_f_pubkey(char *fingerprint, const char *pubkeyfile);
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile, bool quiet);
-int usign_f_seckey(char *fingerprint, const char *seckeyfile);
+int usign_f_seckey(char *fingerprint, const char *seckeyfile, bool quiet);
-int usign_f_sig(char *fingerprint, const char *sigfile);
+int usign_f_sig(char *fingerprint, const char *sigfile, bool quiet);
/**
* custom extension to check for revokers
When execvp fails in the forked process, we must exit. Also add an error message. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> --- ucert.c | 4 ++-- usign-exec.c | 40 ++++++++++++++++++++-------------------- usign.h | 8 +++++--- 3 files changed, 27 insertions(+), 25 deletions(-)