X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fio%2FrecordHandler.cpp;h=a1d7b47d1e7b0853bd04de66ebc1a807357d26d6;hb=3d3967b16610579e977b5d8685f3eedb10cbc23a;hp=b79d3cc144b96d2c70d210306e989c7846e9792e;hpb=f91a144781e9e71ec04cb39cc6619003def14f00;p=cassiopeia.git diff --git a/src/io/recordHandler.cpp b/src/io/recordHandler.cpp index b79d3cc..a1d7b47 100644 --- a/src/io/recordHandler.cpp +++ b/src/io/recordHandler.cpp @@ -7,6 +7,7 @@ #include +#include "util.h" #include "io/record.h" #include "io/opensslBIO.h" #include "io/slipBio.h" @@ -14,9 +15,10 @@ #include "db/database.h" #include "crypto/remoteSigner.h" #include "crypto/sslUtil.h" - #include "crypto/simpleOpensslSigner.h" +#include "log/logger.hpp" + extern std::vector profiles; extern std::unordered_map> CAs; @@ -35,8 +37,11 @@ public: std::shared_ptr signer; std::shared_ptr log; + std::vector serials; RecordHandlerSession( DefaultRecordHandler* parent, std::shared_ptr signer, std::shared_ptr ctx, std::shared_ptr output ) : + sessid( 0 ), + lastCommandCount( 0 ), tbs( new TBSCertificate() ) { this->parent = parent; this->signer = signer; @@ -46,12 +51,7 @@ public: throw "Error while fetching time?"; } - log = std::shared_ptr( - new std::ofstream( std::string( "logs/log_" ) + std::to_string( c_time ) ), - []( std::ofstream * ptr ) { - ptr->close(); - delete ptr; - } ); + log = openLogfile( std::string( "logs/log_" ) + std::to_string( c_time ) ); ssl = std::shared_ptr( SSL_new( ctx.get() ), SSL_free ); std::shared_ptr bio( @@ -79,7 +79,7 @@ public: int res = io->read( buffer.data(), buffer.capacity() ); if( res <= 0 ) { - ( *log ) << "Stream error, resetting SSL" << std::endl; + logger::error( "Stream error, resetting SSL" ); parent->reset(); return; } @@ -92,7 +92,7 @@ public: execute( head, payload ); } catch( const char* msg ) { if( log ) { - ( *log ) << "ERROR: " << msg << std::endl; + logger::error( "ERROR: ", msg ); } parent->reset(); @@ -109,13 +109,13 @@ public: case RecordHeader::SignerCommand::SET_CSR: tbs->csr_content = data; tbs->csr_type = "CSR"; - ( *log ) << "INFO: CSR read:" << std::endl << tbs->csr_content; + logger::note( "INFO: CSR read:\n", tbs->csr_content ); break; case RecordHeader::SignerCommand::SET_SPKAC: tbs->csr_content = data; tbs->csr_type = "SPKAC"; - ( *log ) << "INFO: SPKAC read:" << std::endl << tbs->csr_content; + logger::note( "INFO: SPKAC read:\n", tbs->csr_content ); break; case RecordHeader::SignerCommand::SET_SIGNATURE_TYPE: @@ -127,41 +127,51 @@ public: tbs->profile = data; break; - case RecordHeader::SignerCommand::ADD_SAN: { - size_t pos = data.find( "," ); + case RecordHeader::SignerCommand::SET_WISH_FROM: + tbs->wishFrom = data; + break; - if( pos == std::string::npos ) { - // error - } else { - std::shared_ptr san( new SAN() ); - san->type = data.substr( 0, pos ); - san->content = data.substr( pos + 1 ); - tbs->SANs.push_back( san ); + case RecordHeader::SignerCommand::SET_WISH_TO: + tbs->wishTo = data; + break; + + case RecordHeader::SignerCommand::ADD_SAN: + { + size_t pos = data.find( "," ); + + if( pos == std::string::npos ) { + // error + } else { + std::shared_ptr san( new SAN() ); + san->type = data.substr( 0, pos ); + san->content = data.substr( pos + 1 ); + tbs->SANs.push_back( san ); + } } - } - break; - - case RecordHeader::SignerCommand::ADD_AVA: { - size_t pos = data.find( "," ); - - if( pos == std::string::npos ) { - // error - } else { - std::shared_ptr ava( new AVA() ); - ava->name = data.substr( 0, pos ); - ava->value = data.substr( pos + 1 ); - tbs->AVAs.push_back( ava ); + break; + + case RecordHeader::SignerCommand::ADD_AVA: + { + size_t pos = data.find( "," ); + + if( pos == std::string::npos ) { + // error + } else { + std::shared_ptr ava( new AVA() ); + ava->name = data.substr( 0, pos ); + ava->value = data.substr( pos + 1 ); + tbs->AVAs.push_back( ava ); + } } - } - break; + break; case RecordHeader::SignerCommand::ADD_PROOF_LINE: break; case RecordHeader::SignerCommand::SIGN: result = signer->sign( tbs ); - ( *log ) << "INFO: signlog: " << result->log << std::endl; - ( *log ) << "INFO: res: " << result->certificate << std::endl; + logger::note( "INFO: signlog:\n", result->log ); + logger::note( "INFO: res:\n", result->certificate ); respondCommand( RecordHeader::SignerResult::SAVE_LOG, result->log ); break; @@ -172,56 +182,43 @@ public: } if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) { - ( *log ) << "ERROR: SSL close failed" << std::endl; + logger::warn( "ERROR: SSL shutdown failed." ); } - break; - - case RecordHeader::SignerCommand::REVOKE: { - ( *log ) << "got revoking command: " << data.size() << std::endl; - std::string nullstr( "\0", 1 ); - size_t t = data.find( nullstr ); + parent->reset(); // Connection ended - if( t == std::string::npos ) { - // error - ( *log ) << "error while parsing revoking command." << data << std::endl; - break; - } + break; - std::string ca = data.substr( 0, t ); - std::string serial = data.substr( t + 1 ); - ( *log ) << "revoking " << ca << "<->" << serial << std::endl; + case RecordHeader::SignerCommand::ADD_SERIAL: + serials.push_back( data ); + break; - ( *log ) << "["; + case RecordHeader::SignerCommand::REVOKE: + { + std::string ca = data; + auto reqCA = CAs.at( ca ); + logger::note( "CA found" ); + std::shared_ptr crl; + std::string date; + std::tie, std::string>( crl, date ) = signer->revoke( reqCA, serials ); - for( auto x : CAs ) { - ( *log ) << x.first << ", "; + respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() ); } - - ( *log ) << "]" << std::endl; - - auto reqCA = CAs.at( ca ); - ( *log ) << "CA found" << std::endl; - std::shared_ptr crl; - std::string date; - std::tie, std::string>( crl, date ) = signer->revoke( reqCA, serial ); - - respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() ); - break; - } - case RecordHeader::SignerCommand::GET_FULL_CRL: { - auto ca = CAs.at( data ); - CRL c( ca->path + "/ca.crl" ); - respondCommand( RecordHeader::SignerResult::FULL_CRL, c.toString() ); + case RecordHeader::SignerCommand::GET_FULL_CRL: + { + auto ca = CAs.at( data ); + CRL c( ca->path + "/ca.crl" ); + respondCommand( RecordHeader::SignerResult::FULL_CRL, c.toString() ); - if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) { - ( *log ) << "ERROR: SSL close failed" << std::endl; - } + if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) { + logger::error( "ERROR: SSL shutdown failed." ); + } + parent->reset(); // Connection ended + } break; - } default: throw "Unimplemented"; @@ -230,13 +227,7 @@ public: }; DefaultRecordHandler::DefaultRecordHandler( std::shared_ptr signer, std::shared_ptr bio ) : - currentSession() { - - this->signer = signer; - - ctx = generateSSLContext( true ); - - this->bio = bio; + bio( bio ), ctx( generateSSLContext( true ) ), signer( signer ), currentSession() { } void DefaultRecordHandler::reset() { @@ -245,7 +236,7 @@ void DefaultRecordHandler::reset() { void DefaultRecordHandler::handle() { if( !currentSession ) { - std::cout << "session allocated" << std::endl; + logger::note( "New session allocated." ); currentSession = std::shared_ptr( new RecordHandlerSession( this, signer, ctx, bio ) ); }