microhttpd-util.c revision f12be7e8ca278a5a207d0fd051acec700b804a7a
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
/***
This file is part of systemd.
Copyright 2012 Lennart Poettering
Copyright 2012 Zbigniew Jędrzejewski-Szmek
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <stddef.h>
#include <stdio.h>
#include <string.h>
#include "microhttpd-util.h"
#include "log.h"
#include "macro.h"
#include "util.h"
#ifdef HAVE_GNUTLS
#endif
_cleanup_free_ char *f = NULL;
log_oom();
return;
}
}
struct MHD_Response *response;
const char m[] = "Out of memory.\n";
int ret;
if (!response)
return MHD_NO;
return ret;
}
unsigned code,
const char *format, ...) {
struct MHD_Response *response;
char *m;
int r;
if (r < 0)
return respond_oom(connection);
if (!response) {
free(m);
return respond_oom(connection);
}
return r;
}
#ifdef HAVE_GNUTLS
static int log_level_map[] = {
LOG_WARNING, /* gnutls session audit */
LOG_DEBUG, /* gnutls debug log */
LOG_WARNING, /* gnutls assert log */
LOG_INFO, /* gnutls handshake log */
LOG_DEBUG, /* gnutls record log */
LOG_DEBUG, /* gnutls dtls log */
LOG_DEBUG, /* gnutls hard log */
LOG_DEBUG, /* gnutls read log */
LOG_DEBUG, /* gnutls write log */
LOG_DEBUG, /* gnutls io log */
LOG_DEBUG, /* gnutls buffers log */
};
int ourlevel;
else
}
unsigned status;
int r;
if (r < 0) {
return r;
}
if (r < 0) {
return r;
}
}
const gnutls_datum_t *pcert;
unsigned listsize;
int r;
log_error("Failed to retrieve certificate chain");
return -EINVAL;
}
r = gnutls_x509_crt_init(&cert);
if (r < 0) {
log_error("Failed to initialize client certificate");
return r;
}
/* Note that by passing values between 0 and listsize here, you
can get access to the CA's certs */
if (r < 0) {
log_error("Failed to import client certificate");
return r;
}
*client_cert = cert;
return 0;
}
int r;
if (r != GNUTLS_E_SHORT_MEMORY_BUFFER) {
log_error("gnutls_x509_crt_get_dn failed");
return r;
}
if (!*buf)
return log_oom();
return 0;
}
const union MHD_ConnectionInfo *ci;
int r;
*code = 0;
if (!ci) {
log_error("MHD_get_connection_info failed");
return -EINVAL;
}
if (r < 0) {
"Authorization through certificate is required");
return -EPERM;
}
if (r < 0) {
"Failed to determine distinguished name from certificate");
return -EPERM;
}
if (r < 0) {
log_error("Client is not authorized");
"Client certificate not signed by recognized authority");
}
return r;
}
#else
return -EPERM;
}
#endif