X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fapps%2Fclient.cpp;h=2f0480f7f8a59669f019d717b48022df580ed40a;hb=5200bfb6a5d60618edfa62fa99c85155d913269f;hp=be31bc2201fdac4305108b1c39298141961a0dc2;hpb=c3f5775ce88f4df732e5e803dab70ce395c5f504;p=cassiopeia.git diff --git a/src/apps/client.cpp b/src/apps/client.cpp index be31bc2..2f0480f 100644 --- a/src/apps/client.cpp +++ b/src/apps/client.cpp @@ -4,15 +4,16 @@ #include #include #include +#include -#include "database.h" -#include "mysql.h" -#include "simpleOpensslSigner.h" +#include "db/database.h" +#include "db/mysql.h" +#include "crypto/simpleOpensslSigner.h" +#include "crypto/remoteSigner.h" +#include "crypto/sslUtil.h" #include "util.h" -#include "bios.h" -#include "slipBio.h" -#include "remoteSigner.h" -#include "sslUtil.h" +#include "io/bios.h" +#include "io/slipBio.h" #include "config.h" #ifdef NO_DAEMON @@ -22,23 +23,9 @@ #endif extern std::string keyDir; -extern std::vector profiles; extern std::string sqlHost, sqlUser, sqlPass, sqlDB; - -std::string writeBackFile( uint32_t serial, std::string cert ) { - std::string filename = "keys"; - mkdir( filename.c_str(), 0755 ); - filename += "/crt"; - mkdir( filename.c_str(), 0755 ); - filename += "/" + std::to_string( serial / 1000 ); - mkdir( filename.c_str(), 0755 ); - filename += "/" + std::to_string( serial ) + ".crt"; - writeFile( filename, cert ); - std::cout << "wrote to " << filename << std::endl; - return filename; -} - -int handlermain( int argc, const char* argv[] ); +extern std::string serialPath; +extern std::unordered_map> CAs; int main( int argc, const char* argv[] ) { ( void ) argc; @@ -51,22 +38,23 @@ int main( int argc, const char* argv[] ) { std::string path; - if( DAEMON ) { - path = "/etc/cacert/cassiopeia/cassiopeia.conf"; - } else { - path = "config.txt"; - } +#ifdef NDEBUG + path = "/etc/cacert/cassiopeia/cassiopeia.conf"; +#else + path = "config.txt"; +#endif if( parseConfig( path ) != 0 ) { return -1; } - if( argc == 0 ) { - return handlermain( argc, argv ); + if( serialPath == "" ) { + std::cout << "Error: no serial device is given" << std::endl; + return -1; } std::shared_ptr jp( new MySQLJobProvider( sqlHost, sqlUser, sqlPass, sqlDB ) ); - std::shared_ptr b = openSerial( "/dev/ttyUSB0" ); + std::shared_ptr b = openSerial( serialPath ); std::shared_ptr slip1( BIO_new( toBio() ), BIO_free ); ( ( SlipBIO* )slip1->ptr )->setTarget( std::shared_ptr( new OpensslBIOWrapper( b ) ) ); std::shared_ptr sign( new RemoteSigner( slip1, generateSSLContext( false ) ) ); @@ -81,38 +69,90 @@ int main( int argc, const char* argv[] ) { continue; } + std::ofstream* logP = new std::ofstream( std::string( "logs/" ) + job->id + std::string( "_" ) + job->warning + std::string( ".log" ) ); + std::shared_ptr logPtr( + logP, + []( std::ofstream * ptr ) { + ( *ptr ).close(); + delete ptr; + } ); + std::ofstream& log = *logP; + + sign->setLog( logPtr ); + log << "TASK ID: " << job->id << std::endl; + log << "TRY: " << job->warning << std::endl; + log << "TARGET: " << job->target << std::endl; + log << "TASK: " << job->task << std::endl << std::endl; + if( job->task == "sign" ) { try { std::shared_ptr cert = jp->fetchTBSCert( job ); + log << "INFO: message digest: " << cert->md << std::endl; + log << "INFO: profile id: " << cert->profile << std::endl; + + for( auto& SAN : cert->SANs ) { + log << "INFO: SAN " << SAN->type << ": " << SAN->content; + } + + for( auto& AVA : cert->AVAs ) { + log << "INFO: AVA " << AVA->name << ": " << AVA->value; + } if( !cert ) { std::cout << "wasn't able to load CSR" << std::endl; - return 2; + jp->failJob( job ); + continue; } - std::cout << "Found a CSR at '" << cert->csr << "' signing" << std::endl; - cert->csr_content = readFile( cert->csr ); - std::cout << cert->csr_content << " content " << std::endl; + log << "FINE: Found the CSR at '" << cert->csr << "'" << std::endl; + cert->csr_content = readFile( keyDir + "/../" + cert->csr ); + log << "FINE: CSR is " << std::endl << cert->csr_content << std::endl; std::shared_ptr res = sign->sign( cert ); - std::cout << "did it!" << res->certificate << std::endl; - std::string fn = writeBackFile( atoi( job->target.c_str() ), res->certificate ); + + if( !res ) { + log << "ERROR: The signer failed. There was no certificate." << std::endl; + jp->failJob( job ); + continue; + } + + log << "FINE: CERTIFICATE LOG: " << res->log << std::endl; + log << "FINE: CERTIFICATE:" << std::endl << res->certificate << std::endl; + std::string fn = writeBackFile( job->target.c_str(), res->certificate, keyDir ); res->crt_name = fn; jp->writeBack( job, res ); - std::cout << "wrote back" << std::endl; + log << "FINE: signing done." << std::endl; + + if( DAEMON ) { + jp->finishJob( job ); + } + + continue; } catch( const char* c ) { - std::cerr << "ERROR: " << c << std::endl; - return 2; + log << "ERROR: " << c << std::endl; } catch( std::string c ) { - std::cerr << "ERROR: " << c << std::endl; - return 2; + log << "ERROR: " << c << std::endl; } - } else { - std::cout << "Unknown job type" << job->task << std::endl; - } - if( DAEMON && !jp->finishJob( job ) ) { - return 1; + try { + jp->failJob( job ); + } catch( const char* c ) { + log << "ERROR: " << c << std::endl; + } catch( std::string c ) { + log << "ERROR: " << c << std::endl; + } + } else if( job->task == "revoke" ) { + std::cout << "Revoking!" << std::endl; + + for( auto& x : CAs ) { + std::cout << " [" << x.first << ']' << std::endl; + } + + sign->revoke( CAs.at( "unassured" ), "12345" ); + jp->finishJob( job ); + } else { + log << "Unknown job type" << job->task << std::endl; + jp->failJob( job ); } if( !DAEMON || once ) {