#include <openssl/ssl.h>
+#include "util.h"
#include "io/record.h"
#include "io/opensslBIO.h"
#include "io/slipBio.h"
#include "db/database.h"
#include "crypto/remoteSigner.h"
#include "crypto/sslUtil.h"
-
#include "crypto/simpleOpensslSigner.h"
+#include "log/logger.hpp"
+
extern std::vector<Profile> profiles;
extern std::unordered_map<std::string, std::shared_ptr<CAConfig>> CAs;
RecordHandlerSession( DefaultRecordHandler* parent, std::shared_ptr<Signer> signer, std::shared_ptr<SSL_CTX> ctx, std::shared_ptr<BIO> output ) :
sessid( 0 ),
lastCommandCount( 0 ),
- tbs( new TBSCertificate() ){
+ tbs( new TBSCertificate() ) {
this->parent = parent;
this->signer = signer;
time_t c_time;
throw "Error while fetching time?";
}
- log = std::shared_ptr<std::ofstream>(
- new std::ofstream( std::string( "logs/log_" ) + std::to_string( c_time ) ),
- []( std::ofstream * ptr ) {
- ptr->close();
- delete ptr;
- } );
+ log = openLogfile( std::string( "logs/log_" ) + std::to_string( c_time ) );
ssl = std::shared_ptr<SSL>( SSL_new( ctx.get() ), SSL_free );
std::shared_ptr<BIO> bio(
int res = io->read( buffer.data(), buffer.capacity() );
if( res <= 0 ) {
- ( *log ) << "Stream error, resetting SSL" << std::endl;
+ logger::error( "Stream error, resetting SSL" );
parent->reset();
return;
}
execute( head, payload );
} catch( const char* msg ) {
if( log ) {
- ( *log ) << "ERROR: " << msg << std::endl;
+ logger::error( "ERROR: ", msg );
}
parent->reset();
case RecordHeader::SignerCommand::SET_CSR:
tbs->csr_content = data;
tbs->csr_type = "CSR";
- ( *log ) << "INFO: CSR read: " << tbs->csr_content << std::endl;
+ logger::note( "INFO: CSR read:\n", tbs->csr_content );
break;
case RecordHeader::SignerCommand::SET_SPKAC:
tbs->csr_content = data;
tbs->csr_type = "SPKAC";
- ( *log ) << "INFO: SPKAC read: " << tbs->csr_content << std::endl;
+ logger::note( "INFO: SPKAC read:\n", tbs->csr_content );
break;
case RecordHeader::SignerCommand::SET_SIGNATURE_TYPE:
tbs->wishTo = data;
break;
- case RecordHeader::SignerCommand::ADD_SAN: {
- size_t pos = data.find( "," );
-
- if( pos == std::string::npos ) {
- // error
- } else {
- std::shared_ptr<SAN> san( new SAN() );
- san->type = data.substr( 0, pos );
- san->content = data.substr( pos + 1 );
- tbs->SANs.push_back( san );
+ case RecordHeader::SignerCommand::ADD_SAN:
+ {
+ size_t pos = data.find( "," );
+
+ if( pos == std::string::npos ) {
+ // error
+ } else {
+ std::shared_ptr<SAN> san( new SAN() );
+ san->type = data.substr( 0, pos );
+ san->content = data.substr( pos + 1 );
+ tbs->SANs.push_back( san );
+ }
}
- }
- break;
-
- case RecordHeader::SignerCommand::ADD_AVA: {
- size_t pos = data.find( "," );
-
- if( pos == std::string::npos ) {
- // error
- } else {
- std::shared_ptr<AVA> ava( new AVA() );
- ava->name = data.substr( 0, pos );
- ava->value = data.substr( pos + 1 );
- tbs->AVAs.push_back( ava );
+ break;
+
+ case RecordHeader::SignerCommand::ADD_AVA:
+ {
+ size_t pos = data.find( "," );
+
+ if( pos == std::string::npos ) {
+ // error
+ } else {
+ std::shared_ptr<AVA> ava( new AVA() );
+ ava->name = data.substr( 0, pos );
+ ava->value = data.substr( pos + 1 );
+ tbs->AVAs.push_back( ava );
+ }
}
- }
- break;
+ break;
case RecordHeader::SignerCommand::ADD_PROOF_LINE:
break;
case RecordHeader::SignerCommand::SIGN:
result = signer->sign( tbs );
- ( *log ) << "INFO: signlog: " << result->log << std::endl;
- ( *log ) << "INFO: res: " << result->certificate << std::endl;
+ logger::note( "INFO: signlog:\n", result->log );
+ logger::note( "INFO: res:\n", result->certificate );
respondCommand( RecordHeader::SignerResult::SAVE_LOG, result->log );
break;
}
if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
- ( *log ) << "ERROR: SSL close failed" << std::endl;
+ logger::warn( "ERROR: SSL shutdown failed." );
}
+ parent->reset(); // Connection ended
+
break;
case RecordHeader::SignerCommand::ADD_SERIAL:
serials.push_back( data );
break;
- case RecordHeader::SignerCommand::REVOKE: {
- std::string ca = data;
- auto reqCA = CAs.at( ca );
- ( *log ) << "CA found" << std::endl;
- std::shared_ptr<CRL> crl;
- std::string date;
- std::tie<std::shared_ptr<CRL>, std::string>( crl, date ) = signer->revoke( reqCA, serials );
-
- respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() );
+ case RecordHeader::SignerCommand::REVOKE:
+ {
+ std::string ca = data;
+ auto reqCA = CAs.at( ca );
+ logger::note( "CA found" );
+ std::shared_ptr<CRL> crl;
+ std::string date;
+ std::tie<std::shared_ptr<CRL>, std::string>( crl, date ) = signer->revoke( reqCA, serials );
+ respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() );
+ }
break;
- }
- case RecordHeader::SignerCommand::GET_FULL_CRL: {
- auto ca = CAs.at( data );
- CRL c( ca->path + "/ca.crl" );
- respondCommand( RecordHeader::SignerResult::FULL_CRL, c.toString() );
+ case RecordHeader::SignerCommand::GET_FULL_CRL:
+ {
+ auto ca = CAs.at( data );
+ CRL c( ca->path + "/ca.crl" );
+ respondCommand( RecordHeader::SignerResult::FULL_CRL, c.toString() );
- if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
- ( *log ) << "ERROR: SSL close failed" << std::endl;
- }
+ if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
+ logger::error( "ERROR: SSL shutdown failed." );
+ }
+ parent->reset(); // Connection ended
+ }
break;
- }
default:
throw "Unimplemented";
}
};
-DefaultRecordHandler::DefaultRecordHandler( std::shared_ptr<Signer> signer, std::shared_ptr<BIO> bio )
- : bio( bio ), ctx( generateSSLContext( true ) ), signer( signer ), currentSession() {
+DefaultRecordHandler::DefaultRecordHandler( std::shared_ptr<Signer> signer, std::shared_ptr<BIO> bio ) :
+ bio( bio ), ctx( generateSSLContext( true ) ), signer( signer ), currentSession() {
}
void DefaultRecordHandler::reset() {
void DefaultRecordHandler::handle() {
if( !currentSession ) {
- std::cout << "session allocated" << std::endl;
+ logger::note( "New session allocated." );
currentSession = std::shared_ptr<RecordHandlerSession>( new RecordHandlerSession( this, signer, ctx, bio ) );
}
projects / cassiopeia.git / blobdiff