class RecordHandlerSession {
public:
- uint32_t sessid;
- uint32_t lastCommandCount;
+ uint32_t sessid = 0;
+ uint32_t lastCommandCount = 0;
std::shared_ptr<TBSCertificate> tbs;
std::shared_ptr<SignedCertificate> result;
DefaultRecordHandler* parent;
std::shared_ptr<Signer> signer;
- std::shared_ptr<std::ofstream> logFile;
+ std::unique_ptr<std::ofstream> logFile;
//std::stringstream sessionlog;
std::vector<std::string> serials;
logger::logger_set logger;
RecordHandlerSession( DefaultRecordHandler* parent, std::shared_ptr<Signer> signer, std::shared_ptr<SSL_CTX> ctx, std::shared_ptr<BIO> output ) :
- sessid( 0 ),
- lastCommandCount( 0 ),
- tbs( new TBSCertificate() ),
- logFile(openLogfile( std::string( "logs/log_" ) + std::to_string( [](){
- time_t c_time;
- if( time( &c_time ) == -1 ) {
- throw "Error while fetching time?";
- }
- return c_time;
- }() ) )),
- logger( {
- logger::log_target(std::cout, logger::level::note),
- //logger::log_target(sessionlog, logger::level::note),
- logger::log_target(*logFile, logger::level::note)
- }, logger::auto_register::on) {
+ tbs( std::make_shared<TBSCertificate>() ),
+ logFile(openLogfile( "logs/log_" + timestamp() ) ),
+ logger{ std::cout, *logFile } {
this->parent = parent;
this->signer = signer;
SSL_set_accept_state( ssl.get() );
SSL_set_bio( ssl.get(), output.get(), output.get() );
BIO_set_ssl( bio.get(), ssl.get(), BIO_NOCLOSE );
- io = std::shared_ptr<OpensslBIOWrapper>( new OpensslBIOWrapper( bio ) );
+ io = std::make_shared<OpensslBIOWrapper>( bio );
}
void respondCommand( RecordHeader::SignerResult res, std::string payload ) {
RecordHeader rh;
- rh.command = ( uint16_t ) res;
+ rh.command = static_cast<uint16_t>( res );
rh.flags = 0;
rh.command_count = 0; // TODO i++
- rh.totalLength = payload.size();
sendCommand( rh, payload, io );
}
void work() {
- std::vector<char> buffer( 2048, 0 );
- int res = io->read( buffer.data(), buffer.capacity() );
-
- if( res <= 0 ) {
- logger::error( "Stream error, resetting SSL" );
- parent->reset();
- return;
- }
-
- std::string content( buffer.data(), res );
-
try {
RecordHeader head;
- std::string payload = parseCommand( head, content );
- execute( head, payload );
- } catch( const char* msg ) {
- logger::error( "ERROR: ", msg );
+ std::string all = parseCommandChunked( head, io );
+ execute( static_cast<RecordHeader::SignerCommand>( head.command ), all );
+ } catch( const std::exception& msg ) {
+ logger::error( "ERROR: ", msg.what() );
parent->reset();
return;
}
}
- void execute( RecordHeader& head, std::string data ) {
- if( head.totalLength != head.payloadLength || head.offset != 0 ) {
- throw "Error, chunking not supported yet";
- }
-
- switch( ( RecordHeader::SignerCommand ) head.command ) {
+ void execute( RecordHeader::SignerCommand command, std::string data ) {
+ switch( command ) {
case RecordHeader::SignerCommand::SET_CSR:
tbs->csr_content = data;
tbs->csr_type = "CSR";
if( pos == std::string::npos ) {
// error
} else {
- std::shared_ptr<SAN> san( new SAN() );
+ auto san = std::make_shared<SAN>();
san->type = data.substr( 0, pos );
san->content = data.substr( pos + 1 );
tbs->SANs.push_back( san );
if( pos == std::string::npos ) {
// error
} else {
- std::shared_ptr<AVA> ava( new AVA() );
+ auto ava = std::make_shared<AVA>();
ava->name = data.substr( 0, pos );
ava->value = data.substr( pos + 1 );
tbs->AVAs.push_back( ava );
respondCommand( RecordHeader::SignerResult::CERTIFICATE, result->certificate );
}
+ logger::note( "Shutting down SSL" );
if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
logger::warn( "ERROR: SSL shutdown failed." );
}
+ io->ctrl( BIO_CTRL_FLUSH, 0, NULL );
+ logger::note( "Shutted down SSL" );
parent->reset(); // Connection ended
logger::note( "CA found in recordHandler" );
std::shared_ptr<CRL> crl;
std::string date;
- std::tie<std::shared_ptr<CRL>, std::string>( crl, date ) = signer->revoke( reqCA, serials );
+ std::tie( crl, date ) = signer->revoke( reqCA, serials );
respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() );
}
auto ca = CAs.at( data );
CRL c( ca->path + "/ca.crl" );
respondCommand( RecordHeader::SignerResult::FULL_CRL, c.toString() );
-
+
+ logger::note( "Shutting down SSL" );
if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
logger::error( "ERROR: SSL shutdown failed." );
}
+ io->ctrl( BIO_CTRL_FLUSH, 0, NULL );
+ logger::note( "Shutted down SSL" );
parent->reset(); // Connection ended
}
break;
default:
- throw "Unimplemented";
+ throw std::runtime_error("Unimplemented");
}
}
};
void DefaultRecordHandler::handle() {
if( !currentSession ) {
+ (void) BIO_reset( bio.get() );
logger::note( "New session allocated." );
- currentSession = std::shared_ptr<RecordHandlerSession>( new RecordHandlerSession( this, signer, ctx, bio ) );
+ currentSession = std::make_shared<RecordHandlerSession>( this, signer, ctx, bio );
+ }
+ try {
+ currentSession->work();
+ } catch( eof_exception e ){
+ reset();
}
-
- currentSession->work();
}