Print this page
6862532 "cryptoadm: failed to parse configuration" error
6353443 domestic (crypt) source build leaves stuff it shouldn't
6818180 mac(1) printed "invalid key" error message when user input an invalid passphrase
*** 17,27 ****
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
! * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <errno.h>
#include <fcntl.h>
--- 17,27 ----
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
! * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <errno.h>
#include <fcntl.h>
*** 40,50 ****
static int build_entrylist(entry_t *, entrylist_t **);
static entry_t *dup_entry(entry_t *);
static mechlist_t *dup_mechlist(mechlist_t *);
static entry_t *getent(char *, entrylist_t *);
static int interpret(char *, entry_t **);
! static int parse_sup_dis_list(char *, entry_t *);
/*
* Duplicate the mechanism list. A null pointer is returned if the storage
* space available is insufficient or the input argument is NULL.
--- 40,50 ----
static int build_entrylist(entry_t *, entrylist_t **);
static entry_t *dup_entry(entry_t *);
static mechlist_t *dup_mechlist(mechlist_t *);
static entry_t *getent(char *, entrylist_t *);
static int interpret(char *, entry_t **);
! static int parse_sup_dis_list(const char *buf, entry_t *pent);
/*
* Duplicate the mechanism list. A null pointer is returned if the storage
* space available is insufficient or the input argument is NULL.
*** 176,186 ****
* pent: the entry for the disabledlist. This is an IN/OUT argument.
*
* Return value: SUCCESS or FAILURE.
*/
static int
! parse_sup_dis_list(char *buf, entry_t *pent)
{
mechlist_t *pmech = NULL;
mechlist_t *phead = NULL;
char *next_token;
char *value;
--- 176,186 ----
* pent: the entry for the disabledlist. This is an IN/OUT argument.
*
* Return value: SUCCESS or FAILURE.
*/
static int
! parse_sup_dis_list(const char *buf, entry_t *pent)
{
mechlist_t *pmech = NULL;
mechlist_t *phead = NULL;
char *next_token;
char *value;
*** 213,226 ****
--- 213,238 ----
if ((pmech = create_mech(next_token)) == NULL) {
return (FAILURE);
}
if (supflag) {
+ if (pent->suplist != NULL) {
+ cryptodebug("multiple supportedlist entries "
+ "for a mechanism in file kcf.conf.");
+ return (FAILURE);
+ } else {
pent->suplist = phead = pmech;
+ }
} else if (disflag) {
+ if (pent->dislist != NULL) {
+ cryptodebug("multiple disabledlist entries "
+ "for a mechanism in file kcf.conf.");
+ return (FAILURE);
+ } else {
pent->dislist = phead = pmech;
}
+ }
count = 1;
while (next_token) {
if (next_token = strtok(NULL, SEP_COMMA)) {
if ((pmech = create_mech(next_token)) == NULL) {
*** 249,258 ****
--- 261,272 ----
/*
* Convert a char string containing a line about a provider
* from kcf.conf into an entry_t structure.
*
+ * Note: the input string, buf, may be modified by this function.
+ *
* See ent2str(), the reverse of this function, for the format of
* kcf.conf lines.
*/
static int
interpret(char *buf, entry_t **ppent)
*** 280,312 ****
return (FAILURE);
}
if (strncmp(token2, EF_UNLOAD, strlen(EF_UNLOAD)) == 0) {
pent->load = B_FALSE; /* cryptoadm unload */
! if ((token2 = strtok(NULL, SEP_SEMICOLON)) == NULL) {
! /* The entry contains a provider name:unload only */
! free_entry(pent);
! return (FAILURE);
}
- }
! /* need to get token3 first to satisfy nested strtok invocations */
token3 = strtok(NULL, SEP_SEMICOLON); /* optional */
/* parse supportedlist (or disabledlist if no supportedlist) */
! if ((token2 != NULL) && ((rc = parse_sup_dis_list(token2, pent)) !=
! SUCCESS)) {
free_entry(pent);
return (rc);
}
/* parse disabledlist (if there's a supportedlist) */
! if ((token3 != NULL) && ((rc = parse_sup_dis_list(token3, pent)) !=
! SUCCESS)) {
free_entry(pent);
return (rc);
}
*ppent = pent;
return (SUCCESS);
}
--- 294,332 ----
return (FAILURE);
}
if (strncmp(token2, EF_UNLOAD, strlen(EF_UNLOAD)) == 0) {
pent->load = B_FALSE; /* cryptoadm unload */
! token2 = strtok(NULL, SEP_SEMICOLON);
! /*
! * If token2 is NULL, the entry contains a
! * provider name:unload only
! */
}
! if (token2 != NULL) {
! /*
! * Either supportedlist or disabledlist or both are present.
! * Need to call strtok() to get token3 first, as function
! * parse_sup_dis_list() makes strtok() calls on the
! * token2 substring.
! */
token3 = strtok(NULL, SEP_SEMICOLON); /* optional */
/* parse supportedlist (or disabledlist if no supportedlist) */
! if ((rc = parse_sup_dis_list(token2, pent)) != SUCCESS) {
free_entry(pent);
return (rc);
}
/* parse disabledlist (if there's a supportedlist) */
! if ((token3 != NULL) && ((rc = parse_sup_dis_list(token3,
! pent)) != SUCCESS)) {
free_entry(pent);
return (rc);
}
+ }
*ppent = pent;
return (SUCCESS);
}
*** 412,426 ****
/*
* Convert an entry to a string. This routine builds a string for the entry
* to be inserted in the kcf.conf file. Based on the content of each entry,
! * the result string can be one of these 6 forms:
* - name:supportedlist=m1,m2,...,mj
* - name:disabledlist=m1,m2,...,mj
* - name:supportedlist=m1,...,mj;disabledlist=m1,m2,...,mk
*
* - name:unload;supportedlist=m1,m2,...,mj
* - name:unload;disabledlist=m1,m2,...,mj
* - name:unload;supportedlist=m1,...,mj;disabledlist=m1,m2,...,mk
*
* Note that the caller is responsible for freeing the returned string
--- 432,447 ----
/*
* Convert an entry to a string. This routine builds a string for the entry
* to be inserted in the kcf.conf file. Based on the content of each entry,
! * the result string can be one of these 7 forms:
* - name:supportedlist=m1,m2,...,mj
* - name:disabledlist=m1,m2,...,mj
* - name:supportedlist=m1,...,mj;disabledlist=m1,m2,...,mk
*
+ * - name:unload
* - name:unload;supportedlist=m1,m2,...,mj
* - name:unload;disabledlist=m1,m2,...,mj
* - name:unload;supportedlist=m1,...,mj;disabledlist=m1,m2,...,mk
*
* Note that the caller is responsible for freeing the returned string