usign-exec: fix exec error handling

When execvp fails in the forked process, we must exit. Also add an error message. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
author: Matthias Schiffer 2020-05-16 15:53:29 +0000
committer: Matthias Schiffer 2020-05-16 16:26:23 +0000
commit: 38dcb1a6f12115e156aa4f36997bd4760347e821 (patch)
tree: e484aa8c8970a5b58b8812a1d7dfc43783c4f4b2
parent: a9be4fb17df233fb9d23d3dae7aa6ce19fd7f38c (diff)
download: ucert-38dcb1a6f12115e156aa4f36997bd4760347e821.tar.gz
3 files changed, 27 insertions, 25 deletions
diff --git a/ucert.c b/ucert.c
index 89bf0c6..208d5f6 100644
--- a/ucert.c
+++ b/ucert.c
@@ -349,7 +349,7 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
 				   blobmsg_data_len(payloadtb[CERT_PL_ATTR_PUBKEY]),
 				   false);
 
-			if (usign_f_pubkey(chainedfp, chainedpubkey)) {
+			if (usign_f_pubkey(chainedfp, chainedpubkey, quiet)) {
 				DPRINTF("cannot get fingerprint for chained key\n");
 				ret = 2;
 				goto clean_and_return;
@@ -460,7 +460,7 @@ static int cert_issue(const char *certfile, const char *pubkeyfile, const char *
 
 	pkb[pklen] = '\0';
 
-	if (usign_f_pubkey(pkfp, pubkeyfile))
+	if (usign_f_pubkey(pkfp, pubkeyfile, quiet))
 		return -1;
 
 	gettimeofday(&tv, NULL);
diff --git a/usign-exec.c b/usign-exec.c
index 4ff2e63..22fdc14 100644
--- a/usign-exec.c
+++ b/usign-exec.c
@@ -72,10 +72,10 @@ int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bo
 		return -1;
 
 	case 0:
-		if (execvp(usign_argv[0], (char *const *)usign_argv))
-			return -1;
-
-		break;
+		execvp(usign_argv[0], (char *const *)usign_argv);
+		if (!quiet)
+			perror("Failed to execute usign");
+		_exit(1);
 
 	default:
 		waitpid(pid, &status, 0);
@@ -94,7 +94,7 @@ int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bo
  * call usign -F ... and set fingerprint returned
  * return WEXITSTATUS or -1 if fork or execv fails
  */
-static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
+static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile, bool quiet) {
 	int fds[2];
 	pid_t pid;
 	int status;
@@ -135,10 +135,10 @@ static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckey
 		close(fds[0]);
 		close(fds[1]);
 
-		if (execvp(usign_argv[0], (char *const *)usign_argv))
-			return -1;
-
-		break;
+		execvp(usign_argv[0], (char *const *)usign_argv);
+		if (!quiet)
+			perror("Failed to execute usign");
+		_exit(1);
 
 	default:
 		waitpid(pid, &status, 0);
@@ -164,22 +164,22 @@ static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckey
 /*
  * call usign -F -p ...
  */
-int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
-	return usign_f(fingerprint, pubkeyfile, NULL, NULL);
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile, bool quiet) {
+	return usign_f(fingerprint, pubkeyfile, NULL, NULL, quiet);
 }
 
 /*
  * call usign -F -s ...
  */
-int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
-	return usign_f(fingerprint, NULL, seckeyfile, NULL);
+int usign_f_seckey(char *fingerprint, const char *seckeyfile, bool quiet) {
+	return usign_f(fingerprint, NULL, seckeyfile, NULL, quiet);
 }
 
 /*
  * call usign -F -x ...
  */
-int usign_f_sig(char *fingerprint, const char *sigfile) {
-	return usign_f(fingerprint, NULL, NULL, sigfile);
+int usign_f_sig(char *fingerprint, const char *sigfile, bool quiet) {
+	return usign_f(fingerprint, NULL, NULL, sigfile, quiet);
 }
 
 
@@ -195,7 +195,7 @@ int usign_v(const char *msgfile, const char *pubkeyfile,
 	unsigned int usign_argc = 0;
 	char fingerprint[17];
 
-	if (usign_f_sig(fingerprint, sigfile)) {
+	if (usign_f_sig(fingerprint, sigfile, quiet)) {
 		if (!quiet)
 			fprintf(stderr, "cannot get signing key fingerprint\n");
 		return 1;
@@ -235,10 +235,10 @@ int usign_v(const char *msgfile, const char *pubkeyfile,
 		return -1;
 
 	case 0:
-		if (execvp(usign_argv[0], (char *const *)usign_argv))
-			return -1;
-
-		break;
+		execvp(usign_argv[0], (char *const *)usign_argv);
+		if (!quiet)
+			perror("Failed to execute usign");
+		_exit(1);
 
 	default:
 		waitpid(pid, &status, 0);
diff --git a/usign.h b/usign.h
index d57d09e..9c3207a 100644
--- a/usign.h
+++ b/usign.h
@@ -15,6 +15,8 @@
 #ifndef _USIGN_H
 #define _USIGN_H
 
+#include <stdbool.h>
+
 /**
  * Verify
  *
@@ -35,11 +37,11 @@ int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bo
  *
  * calls: usign -F ...
  */
-int usign_f_pubkey(char *fingerprint, const char *pubkeyfile);
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile, bool quiet);
 
-int usign_f_seckey(char *fingerprint, const char *seckeyfile);
+int usign_f_seckey(char *fingerprint, const char *seckeyfile, bool quiet);
 
-int usign_f_sig(char *fingerprint, const char *sigfile);
+int usign_f_sig(char *fingerprint, const char *sigfile, bool quiet);
 
 /**
  * custom extension to check for revokers
author	Matthias Schiffer	2020-05-16 15:53:29 +0000
committer	Matthias Schiffer	2020-05-16 16:26:23 +0000
commit	38dcb1a6f12115e156aa4f36997bd4760347e821 (patch)
tree	e484aa8c8970a5b58b8812a1d7dfc43783c4f4b2
parent	a9be4fb17df233fb9d23d3dae7aa6ce19fd7f38c (diff)
download	ucert-38dcb1a6f12115e156aa4f36997bd4760347e821.tar.gz