|
|
2380830 |
From 6796e5f7b0ab1eb08f92887ae0427cf5a4120e0b Mon Sep 17 00:00:00 2001
|
|
|
2380830 |
From: Peter Jones <pjones@redhat.com>
|
|
|
2380830 |
Date: Sun, 8 Nov 2015 14:42:29 -0500
|
|
|
2380830 |
Subject: [PATCH 1/5] pesign: when nss fails to tell us -EPERM or -ENOENT,
|
|
|
2380830 |
figure it out.
|
|
|
2380830 |
|
|
|
2380830 |
This should make -EPERM problems much easier for the user to diagnose.
|
|
|
2380830 |
|
|
|
2380830 |
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
|
2380830 |
---
|
|
|
2380830 |
src/pesign.c | 24 ++++++++++++++++++++----
|
|
|
2380830 |
1 file changed, 20 insertions(+), 4 deletions(-)
|
|
|
2380830 |
|
|
|
2380830 |
diff --git a/src/pesign.c b/src/pesign.c
|
|
|
2380830 |
index 1d72657..09b6a2b 100644
|
|
|
2380830 |
--- a/src/pesign.c
|
|
|
2380830 |
+++ b/src/pesign.c
|
|
|
2380830 |
@@ -17,7 +17,9 @@
|
|
|
2380830 |
* Author(s): Peter Jones <pjones@redhat.com>
|
|
|
2380830 |
*/
|
|
|
2380830 |
|
|
|
2380830 |
+#include <err.h>
|
|
|
2380830 |
#include <fcntl.h>
|
|
|
2380830 |
+#include <glob.h>
|
|
|
2380830 |
#include <stdio.h>
|
|
|
2380830 |
#include <stdlib.h>
|
|
|
2380830 |
#include <string.h>
|
|
|
2380830 |
@@ -576,14 +578,28 @@ main(int argc, char *argv[])
|
|
|
2380830 |
|
|
|
2380830 |
if (!daemon) {
|
|
|
2380830 |
SECStatus status;
|
|
|
2380830 |
- if (need_db)
|
|
|
2380830 |
+ if (need_db) {
|
|
|
2380830 |
status = NSS_Init(certdir);
|
|
|
2380830 |
- else
|
|
|
2380830 |
+ if (status != SECSuccess) {
|
|
|
2380830 |
+ char *globpattern = NULL;
|
|
|
2380830 |
+ rc = asprintf(&globpattern, "%s/cert*.db",
|
|
|
2380830 |
+ certdir);
|
|
|
2380830 |
+ if (rc > 0) {
|
|
|
2380830 |
+ glob_t globbuf;
|
|
|
2380830 |
+ memset(&globbuf, 0, sizeof(globbuf));
|
|
|
2380830 |
+ rc = glob(globpattern, GLOB_ERR, NULL,
|
|
|
2380830 |
+ &globbuf);
|
|
|
2380830 |
+ if (rc != 0) {
|
|
|
2380830 |
+ err(1, "Could not open NSS database (\"%s\")",
|
|
|
2380830 |
+ PORT_ErrorToString(PORT_GetError()));
|
|
|
2380830 |
+ }
|
|
|
2380830 |
+ }
|
|
|
2380830 |
+ }
|
|
|
2380830 |
+ } else
|
|
|
2380830 |
status = NSS_NoDB_Init(NULL);
|
|
|
2380830 |
if (status != SECSuccess) {
|
|
|
2380830 |
- fprintf(stderr, "Could not initialize nss: %s\n",
|
|
|
2380830 |
+ errx(1, "Could not initialize nss. NSS says \"%s\" errno says \"%m\"\n",
|
|
|
2380830 |
PORT_ErrorToString(PORT_GetError()));
|
|
|
2380830 |
- exit(1);
|
|
|
2380830 |
}
|
|
|
2380830 |
|
|
|
2380830 |
status = register_oids(ctxp->cms_ctx);
|
|
|
2380830 |
--
|
|
|
2380830 |
2.5.0
|
|
|
2380830 |
|