add: write remoteSigner serial back

diff --git a/src/apps/client.cpp b/src/apps/client.cpp
index 574160631ac2fdede9b336d03a4d3fc4aa0935eb..6e21d6e7f8e18742871cd03249547a58b7149e23 100644 (file)
--- a/src/apps/client.cpp
+++ b/src/apps/client.cpp
@@ -27,7 +27,7 @@ extern std::string sqlHost, sqlUser, sqlPass, sqlDB;
 extern std::string serialPath;
 
 std::string writeBackFile( uint32_t serial, std::string cert ) {
-    std::string filename = "keys";
+    std::string filename = keyDir;
     mkdir( filename.c_str(), 0755 );
     filename += "/crt";
     mkdir( filename.c_str(), 0755 );
@@ -117,7 +117,7 @@ int main( int argc, const char* argv[] ) {
                 }
 
                 log << "FINE: Found the CSR at '" << cert->csr << "'" << std::endl;
-                cert->csr_content = readFile( cert->csr );
+                cert->csr_content = readFile( keyDir + "/../" + cert->csr );
                 log << "FINE: CSR is " << std::endl << cert->csr_content << std::endl;
 
                 std::shared_ptr<SignedCertificate> res = sign->sign( cert );

diff --git a/src/recordHandler.cpp b/src/recordHandler.cpp
index dd5201beaebc26e605033a12a9beed7657976363..6869e02d1eb193620cd4c69239c07de66aa2850b 100644 (file)
--- a/src/recordHandler.cpp
+++ b/src/recordHandler.cpp
@@ -82,6 +82,7 @@ public:
         int res = io->read( buffer.data(), buffer.capacity() );
 
         if( res <= 0 ) {
+            ( *log ) << "Stream error, resetting SSL" << std::endl;
             parent->reset();
             return;
         }

diff --git a/src/remoteSigner.cpp b/src/remoteSigner.cpp
index 71714003cdabd8812e41d57779834d9f2fba6587..18ad28a70146c1b94268cda66092368deee1b976 100644 (file)
--- a/src/remoteSigner.cpp
+++ b/src/remoteSigner.cpp
@@ -2,10 +2,14 @@
 
 #include <iostream>
 
+#include <openssl/ssl.h>
+#include <openssl/bn.h>
+
 RemoteSigner::RemoteSigner( std::shared_ptr<BIO> target, std::shared_ptr<SSL_CTX> ctx ) {
     this->target = target;
     this->ctx = ctx;
 }
+
 RemoteSigner::~RemoteSigner() {
 }
 
@@ -67,8 +71,10 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
         try {
             int length = conn->read( buffer.data(), buffer.size() );
 
-            if( length == -1 ) {
-                return std::shared_ptr<SignedCertificate>();
+            if( length <= 0 ) {
+                std::cout << "Error, no response data" << std::endl;
+                result = std::shared_ptr<SignedCertificate>();
+                break;
             }
 
             RecordHeader head;
@@ -89,6 +95,37 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
         }
     }
 
+    if( result ) {
+        std::shared_ptr<BIO> bios( BIO_new( BIO_s_mem() ), BIO_free );
+        const char* buf = result->certificate.data();
+        unsigned int len = result->certificate.size();
+
+        while( len > 0 ) {
+            int dlen = BIO_write( bios.get(), buf, len );
+
+            if( dlen <= 0 ) {
+                throw "Memory error.";
+            }
+
+            len -= dlen;
+            buf += dlen;
+        }
+
+        std::shared_ptr<X509> pem( PEM_read_bio_X509( bios.get(), NULL, 0, NULL ) );
+
+        if( !pem ) {
+            throw "Pem was not readable";
+        }
+
+        std::shared_ptr<BIGNUM> ser( ASN1_INTEGER_to_BN( pem->cert_info->serialNumber, NULL ), BN_free );
+        std::shared_ptr<char> serStr(
+            BN_bn2hex( ser.get() ),
+            []( char* p ) {
+                OPENSSL_free( p );
+            } ); // OPENSSL_free is a macro...
+        result->serial = std::string( serStr.get() );
+    }
+
     if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) { // need to close the connection twice
         std::cout << "SSL shutdown failed" << std::endl;
     }