#include <openssl/ssl.h>
+#include "util.h"
#include "io/record.h"
#include "io/opensslBIO.h"
#include "io/slipBio.h"
std::shared_ptr<Signer> signer;
std::shared_ptr<std::ofstream> log;
+ std::vector<std::string> serials;
RecordHandlerSession( DefaultRecordHandler* parent, std::shared_ptr<Signer> signer, std::shared_ptr<SSL_CTX> ctx, std::shared_ptr<BIO> output ) :
+ sessid( 0 ),
+ lastCommandCount( 0 ),
tbs( new TBSCertificate() ) {
this->parent = parent;
this->signer = signer;
throw "Error while fetching time?";
}
- log = std::shared_ptr<std::ofstream>(
- new std::ofstream( std::string( "logs/log_" ) + std::to_string( c_time ) ),
- []( std::ofstream * ptr ) {
- ptr->close();
- delete ptr;
- } );
+ log = openLogfile( std::string( "logs/log_" ) + std::to_string( c_time ) );
ssl = std::shared_ptr<SSL>( SSL_new( ctx.get() ), SSL_free );
std::shared_ptr<BIO> bio(
case RecordHeader::SignerCommand::SET_CSR:
tbs->csr_content = data;
tbs->csr_type = "CSR";
- ( *log ) << "INFO: CSR read:" << std::endl << tbs->csr_content;
+ ( *log ) << "INFO: CSR read: " << tbs->csr_content << std::endl;
break;
case RecordHeader::SignerCommand::SET_SPKAC:
tbs->csr_content = data;
tbs->csr_type = "SPKAC";
- ( *log ) << "INFO: SPKAC read:" << std::endl << tbs->csr_content;
+ ( *log ) << "INFO: SPKAC read: " << tbs->csr_content << std::endl;
break;
case RecordHeader::SignerCommand::SET_SIGNATURE_TYPE:
tbs->profile = data;
break;
+ case RecordHeader::SignerCommand::SET_WISH_FROM:
+ tbs->wishFrom = data;
+ break;
+
+ case RecordHeader::SignerCommand::SET_WISH_TO:
+ tbs->wishTo = data;
+ break;
+
case RecordHeader::SignerCommand::ADD_SAN: {
size_t pos = data.find( "," );
if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
( *log ) << "ERROR: SSL close failed" << std::endl;
}
+ parent->reset(); // Connection ended
break;
- case RecordHeader::SignerCommand::REVOKE: {
- ( *log ) << "got revoking command: " << data.size() << std::endl;
- std::string nullstr( "\0", 1 );
- size_t t = data.find( nullstr );
-
- if( t == std::string::npos ) {
- // error
- ( *log ) << "error while parsing revoking command." << data << std::endl;
- break;
- }
-
- std::string ca = data.substr( 0, t );
- std::string serial = data.substr( t + 1 );
- ( *log ) << "revoking " << ca << "<->" << serial << std::endl;
-
- ( *log ) << "[";
-
- for( auto x : CAs ) {
- ( *log ) << x.first << ", ";
- }
-
- ( *log ) << "]" << std::endl;
+ case RecordHeader::SignerCommand::ADD_SERIAL:
+ serials.push_back( data );
+ break;
+ case RecordHeader::SignerCommand::REVOKE: {
+ std::string ca = data;
auto reqCA = CAs.at( ca );
( *log ) << "CA found" << std::endl;
std::shared_ptr<CRL> crl;
std::string date;
- std::tie<std::shared_ptr<CRL>, std::string>( crl, date ) = signer->revoke( reqCA, serial );
+ std::tie<std::shared_ptr<CRL>, std::string>( crl, date ) = signer->revoke( reqCA, serials );
respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() );
if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
( *log ) << "ERROR: SSL close failed" << std::endl;
}
-
+ parent->reset(); // Connection ended
break;
}
}
};
-DefaultRecordHandler::DefaultRecordHandler( std::shared_ptr<Signer> signer, std::shared_ptr<BIO> bio ) :
- currentSession() {
-
- this->signer = signer;
-
- ctx = generateSSLContext( true );
-
- this->bio = bio;
+DefaultRecordHandler::DefaultRecordHandler( std::shared_ptr<Signer> signer, std::shared_ptr<BIO> bio )
+ : bio( bio ), ctx( generateSSLContext( true ) ), signer( signer ), currentSession() {
}
void DefaultRecordHandler::reset() {