diff options
author | Geoff Levand <geoff@infradead.org> | 2018-08-02 17:29:34 +0000 |
---|---|---|
committer | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2018-08-07 11:30:36 +1000 |
commit | c78f9ec47ba92b74698dacdae963dbbefd9b676f (patch) | |
tree | 58ce2f0f50f8edb451f81d9ecedc9abc842bc3d6 /lib/security | |
parent | 679d9dceb5bdf51f118548ca2645dc81088a8974 (diff) | |
download | talos-petitboot-c78f9ec47ba92b74698dacdae963dbbefd9b676f.tar.gz talos-petitboot-c78f9ec47ba92b74698dacdae963dbbefd9b676f.zip |
lib/log: Switch to pb_log_fn
The only functional change should be an additional '/n' to
a few log messagees that seemed to be missing it.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Diffstat (limited to 'lib/security')
-rw-r--r-- | lib/security/common.c | 2 | ||||
-rw-r--r-- | lib/security/gpg.c | 26 | ||||
-rw-r--r-- | lib/security/openssl.c | 18 |
3 files changed, 23 insertions, 23 deletions
diff --git a/lib/security/common.c b/lib/security/common.c index df04054..a93ee98 100644 --- a/lib/security/common.c +++ b/lib/security/common.c @@ -81,7 +81,7 @@ int validate_boot_files(struct boot_task *boot_task) { /* Load authorized signatures file */ authorized_signatures_handle = fopen(LOCKDOWN_FILE, "r"); if (!authorized_signatures_handle) { - pb_log("%s: unable to read lockdown file\n", __func__); + pb_log_fn("unable to read lockdown file\n"); return KEXEC_LOAD_SIG_SETUP_INVALID; } diff --git a/lib/security/gpg.c b/lib/security/gpg.c index aae85aa..e319a06 100644 --- a/lib/security/gpg.c +++ b/lib/security/gpg.c @@ -73,22 +73,22 @@ int decrypt_file(const char *filename, gpgme_set_locale(NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); err = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: OpenPGP support not available\n", __func__); + pb_log_fn("OpenPGP support not available\n"); return -1; } err = gpgme_get_engine_info(&enginfo); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: GPG engine failed to initialize\n", __func__); + pb_log_fn("GPG engine failed to initialize\n"); return -1; } err = gpgme_new(&gpg_context); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: GPG context could not be created\n", __func__); + pb_log_fn("GPG context could not be created\n"); return -1; } err = gpgme_set_protocol(gpg_context, GPGME_PROTOCOL_OpenPGP); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: GPG protocol could not be set\n", __func__); + pb_log_fn("GPG protocol could not be set\n"); return -1; } if (keyring_path) @@ -100,7 +100,7 @@ int decrypt_file(const char *filename, GPGME_PROTOCOL_OpenPGP, enginfo->file_name, enginfo->home_dir); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: Could not set GPG engine information\n", __func__); + pb_log_fn("Could not set GPG engine information\n"); return -1; } err = gpgme_data_new(&plaintext_data); @@ -120,7 +120,7 @@ int decrypt_file(const char *filename, err = gpgme_op_decrypt_verify(gpg_context, ciphertext_data, plaintext_data); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: Could not decrypt file\n", __func__); + pb_log_fn("Could not decrypt file\n"); return -1; } verification_result = gpgme_op_verify_result(gpg_context); @@ -210,7 +210,7 @@ int decrypt_file(const char *filename, gpgme_release(gpg_context); if (!valid) { - pb_log("%s: Incorrect GPG signature\n", __func__); + pb_log_fn("Incorrect GPG signature\n"); return -1; } @@ -242,22 +242,22 @@ int verify_file_signature(const char *plaintext_filename, gpgme_set_locale(NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); err = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: OpenPGP support not available\n", __func__); + pb_log_fn("OpenPGP support not available\n"); return -1; } err = gpgme_get_engine_info(&enginfo); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: GPG engine failed to initialize\n", __func__); + pb_log_fn("GPG engine failed to initialize\n"); return -1; } err = gpgme_new(&gpg_context); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: GPG context could not be created\n", __func__); + pb_log_fn("GPG context could not be created\n"); return -1; } err = gpgme_set_protocol(gpg_context, GPGME_PROTOCOL_OpenPGP); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: GPG protocol could not be set\n", __func__); + pb_log_fn("GPG protocol could not be set\n"); return -1; } if (keyring_path) @@ -269,7 +269,7 @@ int verify_file_signature(const char *plaintext_filename, GPGME_PROTOCOL_OpenPGP, enginfo->file_name, enginfo->home_dir); if (err != GPG_ERR_NO_ERROR) { - pb_log("%s: Could not set GPG engine information\n", __func__); + pb_log_fn("Could not set GPG engine information\n"); return -1; } err = gpgme_data_new_from_file(&plaintext_data, plaintext_filename, 1); @@ -340,7 +340,7 @@ int verify_file_signature(const char *plaintext_filename, gpgme_release(gpg_context); if (!valid) { - pb_log("%s: Incorrect GPG signature\n", __func__); + pb_log_fn("Incorrect GPG signature\n"); return -1; } diff --git a/lib/security/openssl.c b/lib/security/openssl.c index 6454f8a..d9dfb95 100644 --- a/lib/security/openssl.c +++ b/lib/security/openssl.c @@ -94,7 +94,7 @@ static int get_pkcs12(FILE *keyfile, X509 **cert, EVP_PKEY **priv) */ if (!PKCS12_parse(p12, NULL, priv, cert, NULL) && !PKCS12_parse(p12, "", priv, cert, NULL)) { - pb_log("%s: Error parsing OpenSSL PKCS12:\n", __func__); + pb_log_fn("Error parsing OpenSSL PKCS12:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); } else ok = 1; @@ -131,7 +131,7 @@ static STACK_OF(X509) *get_cert_stack(FILE *keyfile) if (cert) sk_X509_push(certs, get_cert(keyfile)); } else { - pb_log("%s: Error allocating OpenSSL X509 stack:\n", __func__); + pb_log_fn("Error allocating OpenSSL X509 stack:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); } @@ -168,7 +168,7 @@ static EVP_PKEY *get_public_key(FILE *keyfile) /* handles both cases */ if (!pkey) { - pb_log("%s: Error loading OpenSSL public key:\n", __func__); + pb_log_fn("Error loading OpenSSL public key:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); } @@ -240,7 +240,7 @@ int decrypt_file(const char *filename, certs = sk_X509_new_null(); if (!certs) { - pb_log("%s: Error allocating OpenSSL X509 stack:\n", __func__); + pb_log_fn("Error allocating OpenSSL X509 stack:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); goto out; } @@ -268,7 +268,7 @@ int decrypt_file(const char *filename, /* in this mode its attached content */ if (!CMS_verify(cms, certs, NULL, content_bio, out_bio, CMS_NO_SIGNER_CERT_VERIFY | CMS_BINARY)) { - pb_log("%s: Failed OpenSSL CMS decrypt verify:\n", __func__); + pb_log_fn("Failed OpenSSL CMS decrypt verify:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); goto out; } @@ -359,7 +359,7 @@ int verify_file_signature(const char *plaintext_filename, if (!CMS_verify(cms, certs, NULL, plaintext_bio, NULL, CMS_DETACHED | CMS_NO_SIGNER_CERT_VERIFY | CMS_BINARY)) { - pb_log("%s: Failed OpenSSL CMS verify:\n", __func__); + pb_log_fn("Failed OpenSSL CMS verify:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); goto out; } @@ -375,7 +375,7 @@ int verify_file_signature(const char *plaintext_filename, ctx = EVP_MD_CTX_create(); if (!ctx) { - pb_log("%s: Error allocating OpenSSL MD ctx:\n", __func__); + pb_log_fn("Error allocating OpenSSL MD ctx:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); goto out; } @@ -385,7 +385,7 @@ int verify_file_signature(const char *plaintext_filename, goto out; if (EVP_DigestVerifyInit(ctx, NULL, s_verify_md, NULL, pkey) < 1) { - pb_log("%s: Error initializing OpenSSL verify:\n", __func__); + pb_log_fn("Error initializing OpenSSL verify:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); goto out; } @@ -425,7 +425,7 @@ int verify_file_signature(const char *plaintext_filename, if (EVP_DigestVerifyFinal(ctx, (unsigned char*)sigbuf, siglen)) nok = 0; else { - pb_log("%s: Error finalizing OpenSSL verify:\n", __func__); + pb_log_fn("Error finalizing OpenSSL verify:\n"); ERR_print_errors_cb(&pb_log_print_errors_cb, NULL); } } |