-/*
- Cassiopeia - CAcert signing module
- Copyright (C) 2014 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
#include <sys/stat.h>
#include <unistd.h>
#include "database.h"
#include "mysql.h"
#include "simpleOpensslSigner.h"
+#include "util.h"
#ifdef NO_DAEMON
#define DAEMON false
std::string keyDir;
std::vector<Profile> profiles;
+std::string sqlHost, sqlUser, sqlPass, sqlDB;
std::string writeBackFile( uint32_t serial, std::string cert ) {
std::string filename = "keys";
filename += "/" + std::to_string( serial / 1000 );
mkdir( filename.c_str(), 0755 );
filename += "/" + std::to_string( serial ) + ".crt";
- std::ofstream file;
- file.open( filename.c_str() );
- file << cert.c_str();
- file.close();
+ writeFile( filename, cert );
+ std::cout << "wrote to " << filename << std::endl;
return filename;
}
int main( int argc, const char* argv[] ) {
- if( argc < 2 ) {
- std::cout << argv[0] << " password" << std::endl;
- return 1;
+ ( void ) argc;
+ ( void ) argv;
+ bool once = false;
+
+ if( argc == 2 && std::string( "--once" ) == std::string( argv[1] ) ) {
+ once = true;
}
std::ifstream config;
- config.open( "config.txt" );
+
+ if( DAEMON ) {
+ config.open( "/etc/cacert/cassiopeia/cassiopeia.conf" );
+ } else {
+ config.open( "config.txt" );
+ }
if( !config.is_open() ) {
std::cerr << "config missing" << std::endl;
if( key == "key.directory" ) {
keyDir = value;
continue;
+ } else if( key == "sql.host" ) {
+ sqlHost = value;
+ } else if( key == "sql.user" ) {
+ sqlUser = value;
+ } else if( key == "sql.password" ) {
+ sqlPass = value;
+ } else if( key == "sql.database" ) {
+ sqlDB = value;
}
if( key.compare( 0, 8, "profile." ) == 0 ) {
}
if( rest == "key" ) {
- profiles[i].cert = value;
- } else if( rest == "cert" ) {
profiles[i].key = value;
+ } else if( rest == "cert" ) {
+ profiles[i].cert = value;
} else {
std::cout << "invalid line: " << line1 << std::endl;
continue;
config.close();
- std::shared_ptr<JobProvider> jp( new MySQLJobProvider( "localhost", "cacert", argv[1], "cacert" ) );
+ std::shared_ptr<JobProvider> jp( new MySQLJobProvider( sqlHost, sqlUser, sqlPass, sqlDB ) );
std::shared_ptr<Signer> sign( new SimpleOpensslSigner() );
while( true ) {
}
std::cout << "Found a CSR at '" << cert->csr << "' signing" << std::endl;
- std::ifstream t( cert->csr );
- cert->csr_content = std::string( std::istreambuf_iterator<char>( t ), std::istreambuf_iterator<char>() );
+ cert->csr_content = readFile( cert->csr );
std::shared_ptr<SignedCertificate> res = sign->sign( cert );
- std::string fn = writeBackFile( res->serial, res->certificate );
+ std::string fn = writeBackFile( atoi( job->target.c_str() ), res->certificate );
res->crt_name = fn;
jp->writeBack( job, res );
} catch( const char* c ) {
- std::cerr << c << std::endl;
+ std::cerr << "ERROR: " << c << std::endl;
+ return 2;
+ } catch( std::string c ) {
+ std::cerr << "ERROR: " << c << std::endl;
return 2;
}
} else {
return 1;
}
- if( !DAEMON ) {
+ if( !DAEMON || once ) {
return 0;
}
}