static boolean authority_synchronization_main(SSL *ssl_client, unsigned int authority_id, char *authority_name)
{
MYSQL *db_conn = NULL;
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
if(!synchronize_authority_info(ssl_client))
goto ERROR;
if(!synchronize_attribute(db_conn, ssl_client))
goto ERROR;
if(!synchronize_user(db_conn, ssl_client))
goto ERROR;
if(!synchronize_access_permission(db_conn, ssl_client, authority_id))
goto ERROR;
if(!synchronize_emergency_delegation(ssl_client, authority_name))
goto ERROR;
if(!synchronize_phr_transaction_log(ssl_client, authority_name))
goto ERROR;
disconnect_db(&db_conn);
return true;
ERROR:
disconnect_db(&db_conn);
return false;
}
/*---------------------------------------------------------------------
* M A I N P R O G R A M
*---------------------------------------------------------------------*/
int main(int argc, char **argv)
{
params_t oci_params;
/* Outbound connection info */
conn_info_t xout_params = {XOUT_USER, XOUT_USER_LEN,
XOUT_PSW, XOUT_PSW_LEN,
XOUT_DB, XOUT_DB_LEN,
XOUT_APPLY, XOUT_APPLY_LEN};
/* Database connection info */
conn_info_t db_params = {DB_USER, DB_USER_LEN,
DB_PSW, DB_PSW_LEN,
XOUT_DB, XOUT_DB_LEN,
(oratext *) 0, 0};
myctx_t ctx;
oci_t *ocip = (oci_t *)NULL;
ub2 obdb_char_csid = 0; /* outbound db char csid */
ub2 obdb_nchar_csid = 0; /* outbound db nchar csid */
memset(&ctx, 0, sizeof(ctx));
ctx.longform = TRUE;
/* parse command line arguments */
get_inputs(&ctx, &xout_params, &db_params, argc, argv);
/* Get the outbound database CHAR and NCHAR character set info */
get_db_charsets(&xout_params, &obdb_char_csid, &obdb_nchar_csid);
/* connect to the source database */
connect_db(&xout_params, &ocip, obdb_char_csid, obdb_nchar_csid);
/* Attach to outbound server */
attach_session(ocip, &xout_params, TRUE);
ctx.outbound_ocip = ocip;
/* connect to source database to do query and inserts on source tables */
ocip = (oci_t *)NULL;
connect_db(&db_params, &ocip, obdb_char_csid, obdb_nchar_csid);
ctx.sql_sel_ocip = ocip;
/* Get lcrs from outbound server and send to inbound server */
get_lcrs(&ctx);
/* Detach from XStream servers */
detach_session(ctx.outbound_ocip, FALSE);
/* Disconnect from outbound database */
disconnect_db(ctx.outbound_ocip);
free(ctx.outbound_ocip);
/* Disconnect from sql database */
disconnect_db(ctx.sql_sel_ocip);
free(ctx.sql_sel_ocip);
return 0;
}
static boolean authority_exists(char *authority_name, unsigned int *authority_id_ret)
{
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query for authority info
sprintf(stat, "SELECT authority_id FROM %s WHERE authority_name LIKE '%s' COLLATE latin1_general_cs", UA__AUTHORITIES, authority_name);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
if(!row)
{
goto ERROR;
}
*authority_id_ret = atoi(row[0]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
static void load_user_basic_info(char *username, boolean is_admin_flag, char *email_address_ret)
{
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query the user's e-mail address
sprintf(stat, "SELECT email_address FROM %s WHERE username LIKE '%s' COLLATE latin1_general_cs", (is_admin_flag) ? UA__ADMINS : UA__USERS, username);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
if(!row)
int_error("Getting user basic information from the database failed");
strcpy(email_address_ret, row[0]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
}
/* this function free the memory allocated and exit
* and it is called on signals */
void destroyall(int status)
{
odbc_free();
disconnect_db();
close(portfd);
free_emb_info();
free_cfg();
exit(-1);
}
/* this is the main body */
int main(int argc, char *argv[])
{
if (cfg.verbose)
printf("%s version %s\n", APPNAME, VERSION);
/* fill the cfg struct with the default options */
fill_default_options();
/* parse options from config file */
parse_cfgfile(cfg.cfgfile);
/* parse the command line options */
parse_opts(argc, argv);
odbc_alloc();
connect_db(cfg.dsn, cfg.dbuser, cfg.dbpass);
get_embedded_infos();
disconnect_db();
/* if cfg.daemon option is set to 1 we go to background */
if (cfg.daemon)
daemon(0, 0);
/* set signal hook function */
signal(SIGHUP, &destroyall);
signal(SIGINT, &destroyall);
signal(SIGQUIT, &destroyall);
signal(SIGTERM, &destroyall);
signal(SIGABRT, &destroyall);
/* open and configure the serial port */
cfgport();
/* enter the main loop */
serial_mainloop();
odbc_free();
disconnect_db();
free_cfg();
free_emb_info();
exit(0);
}
void db_close(db_con_t* _h)
{
DLOG("db_close", "entry");
if(! _h)
{
PLOG("db_close", "no handle passed, ignored");
return;
}
disconnect_db(_h);
aug_free(_h);
}
static int mod_init(void)
{
if (bind_dbmod(db_url.s, &db )) {
LOG(L_CRIT, "Cannot bind to database module! "
"Did you forget to load a database module ?\n");
return -1;
}
/* Check if cache needs to be loaded from domain table */
if (db_mode) {
if (connect_db() < 0) goto error;
if (check_version() < 0) goto error;
if (allocate_tables() < 0) goto error;
if (reload_domain_list() < 0) goto error;
disconnect_db();
}
return 0;
error:
disconnect_db();
return -1;
}
void check_db_disconnect(void)
{
/* first check if we're even connected */
if( !db_connect)
return;
/* No we see if we have been connected for too long,
if we have, lets disconnect and save resources
*/
if( db_last_action >= DB_CONNECT_TIME_LIMIT)
{
disconnect_db();
return;
}
/* at this point we must still be connected, so lets increment our time */
db_last_action++;
return;
}
static void set_authority_join_flag(unsigned int authority_id)
{
MYSQL *db_conn = NULL;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Set the authority join flag
sprintf(stat, "UPDATE %s SET authority_join_flag='1' WHERE authority_id=%u", UA__AUTHORITIES, authority_id);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
disconnect_db(&db_conn);
}
static void get_necessary_info()
{
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query for the authority's information
sprintf(stat, "SELECT authority_name, mail_server_url, authority_email_address, authority_email_passwd FROM %s", ESA__BASIC_AUTHORITY_INFO);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
if(!row)
int_error("Getting the authority's information from the database failed");
strcpy(GLOBAL_authority_name, row[0]);
strcpy(GLOBAL_mail_server_url, row[1]);
strcpy(GLOBAL_authority_email_address, row[2]);
strcpy(GLOBAL_authority_email_passwd, row[3]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
}
static boolean respond_requested_restricted_phr_list_loading(SSL *ssl_client)
{
char emergency_unit_name[AUTHORITY_NAME_LENGTH + 1];
char emergency_staff_name[USER_NAME_LENGTH + 1];
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
unsigned int phr_request_id;
SSL *ssl_PHRsv_conn = NULL;
char buffer[BUFFER_LENGTH + 1];
char token_name[TOKEN_NAME_LENGTH + 1];
char remote_site_phr_id_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
unsigned int remote_site_phr_id;
char restricted_phr_information_requesting_result_flag_str_tmp[FLAG_LENGTH + 1];
boolean restricted_phr_information_requesting_result_flag;
char phr_ownername[USER_NAME_LENGTH + 1];
char data_description[DATA_DESCRIPTION_LENGTH + 1];
char file_size_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
unsigned int no_approvals;
char no_approvals_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
unsigned int threshold_value;
char threshold_value_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
char request_status[RESTRICTED_PHR_REQUEST_STATUS_LENGTH + 1];
// Get the emergency staff info
get_cert_owner_info(ssl_client, emergency_unit_name, emergency_staff_name);
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query for the phr_request_id and remote_site_phr_id that was requested by the emergency staff if any
sprintf(stat, "SELECT phr_request_id, remote_site_phr_id FROM %s WHERE emergency_unit_name LIKE '%s' COLLATE latin1_general_cs AND emergency_staff_name "
"LIKE '%s' COLLATE latin1_general_cs", EMS__RESTRICTED_LEVEL_PHR_REQUESTS, emergency_unit_name, emergency_staff_name);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
// There is no request from the emergency staff
if(!row)
{
// Send the is_end_of_requested_restricted_phr_list_flag
write_token_into_buffer("is_end_of_requested_restricted_phr_list_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the is_end_of_requested_restricted_phr_list_flag failed\n");
goto ERROR;
}
goto NO_REQUEST;
}
// There are requests from the emergency staff, then connect to PHR Server
if(!connect_to_emergency_phr_list_loading_service(&ssl_PHRsv_conn))
goto ERROR;
// Send request information
write_token_into_buffer("request", REQUESTED_RESTRICTED_LEVEL_PHR_INFO_LOADING, true, buffer);
if(!SSL_send_buffer(ssl_PHRsv_conn, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending request information failed\n");
goto ERROR;
}
// Requested restricted-level PHRs
do{
phr_request_id = atoi(row[0]);
remote_site_phr_id = atoi(row[1]);
// Send the restricted-level PHR information request
sprintf(remote_site_phr_id_str_tmp, "%u", remote_site_phr_id);
write_token_into_buffer("is_end_of_getting_restricted_phr_information_flag", "0", true, buffer);
write_token_into_buffer("phr_id", remote_site_phr_id_str_tmp, false, buffer);
if(!SSL_send_buffer(ssl_PHRsv_conn, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the restricted-level PHR information request failed\n");
goto ERROR;
}
// Receive the restricted-level PHR information
if(SSL_recv_buffer(ssl_PHRsv_conn, buffer, NULL) == 0)
{
fprintf(stderr, "Receiving the restricted-level PHR information failed\n");
goto ERROR;
}
if(read_token_from_buffer(buffer, 1, token_name, restricted_phr_information_requesting_result_flag_str_tmp)
!= READ_TOKEN_SUCCESS || strcmp(token_name, "restricted_phr_information_requesting_result_flag") != 0)
{
int_error("Extracting the restricted_phr_information_requesting_result_flag failed");
}
restricted_phr_information_requesting_result_flag = (strcmp(restricted_phr_information_requesting_result_flag_str_tmp, "1") == 0) ? true : false;
if(!restricted_phr_information_requesting_result_flag)
continue;
if(read_token_from_buffer(buffer, 2, token_name, phr_ownername) != READ_TOKEN_SUCCESS || strcmp(token_name, "phr_ownername") != 0)
{
int_error("Extracting the phr_ownername failed");
}
if(read_token_from_buffer(buffer, 3, token_name, data_description) != READ_TOKEN_SUCCESS || strcmp(token_name, "data_description") != 0)
{
int_error("Extracting the data_description failed");
}
if(read_token_from_buffer(buffer, 4, token_name, file_size_str_tmp) != READ_TOKEN_SUCCESS || strcmp(token_name, "file_size") != 0)
{
int_error("Extracting the file_size failed");
}
get_threshold_value(db_conn, remote_site_phr_id, &threshold_value);
get_no_approvals(db_conn, phr_request_id, &no_approvals);
// Note that, if the request was rejected, Emergency server will remove the request and then
// inform the emergency staff (requestor) about the rejection through his/her e-mail address
if(no_approvals >= threshold_value)
{
// Request approved
strcpy(request_status, RESTRICTED_PHR_REQUEST_APPROVED);
}
else
{
// Request pending
strcpy(request_status, RESTRICTED_PHR_REQUEST_PENDING);
}
sprintf(remote_site_phr_id_str_tmp, "%u", remote_site_phr_id);
sprintf(no_approvals_str_tmp, "%u", no_approvals);
sprintf(threshold_value_str_tmp, "%u", threshold_value);
// Re-pack the information
write_token_into_buffer("is_end_of_requested_restricted_phr_list_flag", "0", true, buffer);
write_token_into_buffer("phr_id", remote_site_phr_id_str_tmp, false, buffer);
write_token_into_buffer("phr_ownername", phr_ownername, false, buffer);
write_token_into_buffer("data_description", data_description, false, buffer);
write_token_into_buffer("file_size", file_size_str_tmp, false, buffer);
// Append the request info
write_token_into_buffer("approvals", no_approvals_str_tmp, false, buffer);
write_token_into_buffer("threshold_value", threshold_value_str_tmp, false, buffer);
write_token_into_buffer("request_status", request_status, false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the requested restricted-level PHR information failed\n");
goto ERROR;
}
}
while((row = mysql_fetch_row(result)));
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
// Send the is_end_of_getting_restricted_phr_information_flag
write_token_into_buffer("is_end_of_getting_restricted_phr_information_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_PHRsv_conn, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the is_end_of_getting_restricted_phr_information_flag failed\n");
goto ERROR;
}
SSL_cleanup(ssl_PHRsv_conn);
ssl_PHRsv_conn = NULL;
// Send the is_end_of_requested_restricted_phr_list_flag
write_token_into_buffer("is_end_of_requested_restricted_phr_list_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the is_end_of_requested_restricted_phr_list_flag failed\n");
goto ERROR;
}
return true;
NO_REQUEST:
if(result)
{
mysql_free_result(result);
result = NULL;
}
if(db_conn)
{
disconnect_db(&db_conn);
db_conn = NULL;
}
if(ssl_PHRsv_conn)
{
SSL_cleanup(ssl_PHRsv_conn);
ssl_PHRsv_conn = NULL;
}
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
if(db_conn)
{
disconnect_db(&db_conn);
db_conn = NULL;
}
if(ssl_PHRsv_conn)
{
SSL_cleanup(ssl_PHRsv_conn);
ssl_PHRsv_conn = NULL;
}
return false;
}
// Response the CP-ABE private key to the user if he/she is a normal user (An administrator does not have the private key)
static boolean cpabe_private_key_response(SSL *ssl_client, char *username)
{
char *cpabe_priv_key_data = NULL;
unsigned int cpabe_priv_key_data_length;
char cpabe_priv_key_hash[SHA1_DIGEST_LENGTH + 1];
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
unsigned long *lengths = NULL;
cpabe_priv_key_data = (char *)malloc(sizeof(char)*1000*1024);
if(!cpabe_priv_key_data)
{
int_error("Allocating memory for \"cpabe_priv_key_data\" failed");
}
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query the user's CP-ABE private key and write it to buffer
sprintf(stat, "SELECT enc_cpabe_priv_key, enc_cpabe_priv_key_hash FROM %s WHERE username LIKE '%s' COLLATE latin1_general_cs", UA__USERS, username);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
if(!row)
int_error("Getting a CP-ABE private key from the database failed");
lengths = mysql_fetch_lengths(result);
cpabe_priv_key_data_length = lengths[0];
memcpy(cpabe_priv_key_data, row[0], cpabe_priv_key_data_length);
strcpy(cpabe_priv_key_hash, row[1]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
// Send the user's CP-ABE private key and its hash value
if(!SSL_send_buffer(ssl_client, cpabe_priv_key_data, cpabe_priv_key_data_length))
{
fprintf(stderr, "Sending the CP-ABE private key failed\n");
goto ERROR;
}
if(!SSL_send_buffer(ssl_client, cpabe_priv_key_hash, strlen(cpabe_priv_key_hash)))
{
fprintf(stderr, "Sending the CP-ABE private key hash failed\n");
goto ERROR;
}
if(cpabe_priv_key_data)
{
free(cpabe_priv_key_data);
cpabe_priv_key_data = NULL;
}
return true;
ERROR:
if(cpabe_priv_key_data)
{
free(cpabe_priv_key_data);
cpabe_priv_key_data = NULL;
}
return false;
}
// Implementation
static boolean load_phr_authority_list(SSL *ssl_client)
{
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
char buffer[BUFFER_LENGTH + 1];
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query for PHR authority list
sprintf(stat, "SELECT phr_authority_name, emergency_server_ip_addr FROM %s", ESA__PHR_AUTHORITIES);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
while((row = mysql_fetch_row(result)))
{
// Send the PHR authority information
write_token_into_buffer("is_end_of_phr_authority_list_flag", "0", true, buffer);
write_token_into_buffer("phr_authority_name", row[0], false, buffer);
write_token_into_buffer("ip_address", row[1], false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the PHR authority information failed\n");
goto ERROR;
}
}
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
// Send the end of authority list
write_token_into_buffer("is_end_of_phr_authority_list_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the end of PHR authority list failed\n");
goto ERROR;
}
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
// Implementation
static boolean change_mail_server_configuration(SSL *ssl_client)
{
char buffer[BUFFER_LENGTH + 1];
char token_name[TOKEN_NAME_LENGTH + 1];
char mail_server_url[URL_LENGTH + 1];
char authority_email_address[EMAIL_ADDRESS_LENGTH + 1];
char authority_email_passwd[PASSWD_LENGTH + 1];
MYSQL *db_conn = NULL;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
// Receive mail server configuration information
if(SSL_recv_buffer(ssl_client, buffer, NULL) == 0)
{
fprintf(stderr, "Receiving mail server configuration information failed\n");
goto ERROR;
}
// Get mail server configuration tokens from buffer
if(read_token_from_buffer(buffer, 1, token_name, mail_server_url) != READ_TOKEN_SUCCESS || strcmp(token_name, "mail_server_url") != 0)
{
int_error("Extracting the mail_server_url failed");
}
if(read_token_from_buffer(buffer, 2, token_name, authority_email_address) != READ_TOKEN_SUCCESS || strcmp(token_name, "authority_email_address") != 0)
{
int_error("Extracting the authority_email_address failed");
}
if(read_token_from_buffer(buffer, 3, token_name, authority_email_passwd) != READ_TOKEN_SUCCESS || strcmp(token_name, "authority_email_passwd") != 0)
{
int_error("Extracting the authority_email_passwd failed");
}
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Update the mail server configuration
sprintf(stat, "UPDATE %s SET mail_server_url = '%s', authority_email_address = '%s', authority_email_passwd = '%s'",
ESA__BASIC_AUTHORITY_INFO, mail_server_url, authority_email_address, authority_email_passwd);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
disconnect_db(&db_conn);
// Update values on memory
strcpy(GLOBAL_mail_server_url, mail_server_url);
strcpy(GLOBAL_authority_email_address, authority_email_address);
strcpy(GLOBAL_authority_email_passwd, authority_email_passwd);
// Send the mail server configuration changing result flag
write_token_into_buffer("mail_server_configuration_changing_result_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the mail server configuration changing result flag failed\n");
goto ERROR;
}
return true;
ERROR:
return false;
}
// Implementation
static boolean verify_authentication_request(BIO *bio_client, char *username_ret, boolean *is_admin_flag_ret, char *key_exchange_passwd_ret)
{
boolean verification_flag;
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
char token_name[TOKEN_NAME_LENGTH + 1];
char is_admin_flag_str_tmp[FLAG_LENGTH + 1]; // "0" or "1"
char passwd[PASSWD_LENGTH + 1];
char salted_passwd_hash_cmp[SHA1_DIGEST_LENGTH + 1];
char salted_passwd_hash[SHA1_DIGEST_LENGTH + 1];
char salt_value[SALT_VALUE_LENGTH + 1];
char passwd_with_salt_value[PASSWD_LENGTH + SALT_VALUE_LENGTH + 1];
// Receive the verification information
if(!BIO_recv_file(bio_client, VERIFICATION_INFO_CIPHERTEXT_PATH))
{
fprintf(stderr, "Receiving verification information failed\n");
goto ERROR;
}
// Decrypt the verification information with the User Authority's private key
if(!smime_decrypt_with_cert(VERIFICATION_INFO_CIPHERTEXT_PATH, VERIFICATION_INFO_PLAINTEXT_PATH, UA_CERTFILE_PATH, UA_CERTFILE_PASSWD, err_msg))
{
fprintf(stderr, "Decrypting verification information failed\n\"%s\"\n", err_msg);
goto ERROR;
}
unlink(VERIFICATION_INFO_CIPHERTEXT_PATH);
// Get the verification information from file
if(read_token_from_file(VERIFICATION_INFO_PLAINTEXT_PATH, 1, token_name, is_admin_flag_str_tmp) != READ_TOKEN_SUCCESS || strcmp(token_name, "is_admin_flag") != 0)
{
int_error("Extracting the is_admin_flag failed");
}
*is_admin_flag_ret = (strcmp(is_admin_flag_str_tmp, "1") == 0) ? true : false;
if(read_token_from_file(VERIFICATION_INFO_PLAINTEXT_PATH, 2, token_name, username_ret) != READ_TOKEN_SUCCESS || strcmp(token_name, "username") != 0)
{
int_error("Extracting the username failed");
}
if(read_token_from_file(VERIFICATION_INFO_PLAINTEXT_PATH, 3, token_name, passwd) != READ_TOKEN_SUCCESS || strcmp(token_name, "passwd") != 0)
{
int_error("Extracting the passwd failed");
}
if(read_token_from_file(VERIFICATION_INFO_PLAINTEXT_PATH, 4, token_name, key_exchange_passwd_ret)
!= READ_TOKEN_SUCCESS || strcmp(token_name, "key_exchange_passwd") != 0)
{
int_error("Extracting the key_exchange_passwd failed");
}
unlink(VERIFICATION_INFO_PLAINTEXT_PATH);
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Verify the user
sprintf(stat, "SELECT salted_passwd_hash, salt_value FROM %s WHERE username LIKE '%s' "
"COLLATE latin1_general_cs", (*is_admin_flag_ret) ? UA__ADMINS : UA__USERS, username_ret);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
if(row)
{
strcpy(salted_passwd_hash_cmp, row[0]);
strcpy(salt_value, row[1]);
// Get the salted password hash
sprintf(passwd_with_salt_value, "%s%s", passwd, salt_value);
sum_sha1_from_string(passwd_with_salt_value, strlen(passwd_with_salt_value), salted_passwd_hash, SALTED_PASSWD_HASH_PATH);
if(strcmp(salted_passwd_hash, salted_passwd_hash_cmp) == 0) // Authentication succeed
{
verification_flag = true;
if(!write_token_into_file("verification_result_flag", "1", true, VERIFICATION_RESULT_PLAINTEXT_PATH))
int_error("Writing the verification_result_flag failed");
}
else // Authentication failed
{
verification_flag = false;
if(!write_token_into_file("verification_result_flag", "0", true, VERIFICATION_RESULT_PLAINTEXT_PATH))
int_error("Writing the verification_result_flag failed");
if(!write_token_into_file("error_msg", "Invalid username or password", false, VERIFICATION_RESULT_PLAINTEXT_PATH))
int_error("Writing the error_msg failed");
}
}
else // Authentication failed
{
verification_flag = false;
if(!write_token_into_file("verification_result_flag", "0", true, VERIFICATION_RESULT_PLAINTEXT_PATH))
int_error("Writing the verification_result_flag failed");
if(!write_token_into_file("error_msg", "Invalid username or password", false, VERIFICATION_RESULT_PLAINTEXT_PATH))
int_error("Writing the error_msg failed");
}
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
// Encrypt the verification result with random session password
if(!des3_encrypt(VERIFICATION_RESULT_PLAINTEXT_PATH, VERIFICATION_RESULT_CIPHERTEXT_PATH, key_exchange_passwd_ret, err_msg))
{
fprintf(stderr, "Encrypting the verification result failed\n\"%s\"\n", err_msg);
goto ERROR;
}
unlink(VERIFICATION_RESULT_PLAINTEXT_PATH);
// Send the verification result
if(!BIO_send_file(bio_client, VERIFICATION_RESULT_CIPHERTEXT_PATH))
{
fprintf(stderr, "Sending the verification result failed");
goto ERROR;
}
unlink(VERIFICATION_RESULT_CIPHERTEXT_PATH);
return verification_flag;
ERROR:
unlink(VERIFICATION_INFO_CIPHERTEXT_PATH);
unlink(VERIFICATION_INFO_PLAINTEXT_PATH);
unlink(VERIFICATION_RESULT_PLAINTEXT_PATH);
unlink(VERIFICATION_RESULT_CIPHERTEXT_PATH);
return false;
}
static boolean remove_user(SSL *ssl_client, boolean is_admin_flag)
{
char buffer[BUFFER_LENGTH + 1];
char token_name[TOKEN_NAME_LENGTH + 1];
char username[USER_NAME_LENGTH + 1];
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
unsigned int user_or_admin_id;
// Receive user/admin removal information
if(SSL_recv_buffer(ssl_client, buffer, NULL) == 0)
{
fprintf(stderr, "Receiving user/admin removal information failed\n");
goto ERROR;
}
// Get a user/admin removal information token from buffer
if(read_token_from_buffer(buffer, 1, token_name, username) != READ_TOKEN_SUCCESS || strcmp(token_name, "username") != 0)
int_error("Extracting the username failed");
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Check for the existence of username
if(is_admin_flag)
{
sprintf(stat, "SELECT admin_id FROM %s WHERE username LIKE '%s' COLLATE latin1_general_cs", ESA__ADMINS, username);
}
else
{
sprintf(stat, "SELECT user_id FROM %s WHERE username LIKE '%s' COLLATE latin1_general_cs", ESA__USERS, username);
}
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
// The user/admin does not exist
if(!row)
{
// Send the user/admin removal result flag
write_token_into_buffer("user_or_admin_removal_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "User does not exist", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the user/admin removal result flag failed\n");
goto ERROR;
}
goto ERROR;
}
user_or_admin_id = atoi(row[0]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
// Delete the user/admin
if(is_admin_flag)
{
sprintf(stat, "DELETE FROM %s WHERE admin_id = %u", ESA__ADMINS, user_or_admin_id);
}
else
{
sprintf(stat, "DELETE FROM %s WHERE user_id = %u", ESA__USERS, user_or_admin_id);
}
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
disconnect_db(&db_conn);
// Send the user/admin removal result flag
write_token_into_buffer("user_or_admin_removal_result_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the user/admin removal result flag failed\n");
goto ERROR;
}
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
void serial_mainloop(void)
{
unsigned char buf;
int countbyte = 0, started = 0;
datarecord data; // used to collect datas from plc
datarecord data_response; // used to send responses to plc
setzero(&data, sizeof(data));
first_loop = 1;
while (1) {
int buflen = 0;
buflen = read(portfd, &buf, 1);
if (buflen == -1) {
printFatal(strerror(errno));
}
if (!started && buf == SOH && !countbyte) {
started = 1;
countbyte++;
data.start = buf;
continue;
}
if (started) {
switch (countbyte) {
case 1:
/* 0x18 == 24 */
/* if byte 1 isn't 0x18 retry... */
if (buf != 0x18) {
started = 0;
countbyte = 0;
continue;
}
data.length = buf;
break;
/* if byte 2 isn't 0x04 retry... */
case 2:
if (buf != 0x04) {
started = 0;
countbyte = 0;
continue;
}
data.cmd = buf;
break;
}
/* put bytes from 3 to 27 into the struct field */
if (countbyte >= 3 && countbyte < data.length + 3) {
data.databytes[countbyte - 3] = buf;
}
/* the byte 27 is the checksum given by the plc */
if (countbyte == 27) {
data.checksum = buf;
if (cfg.verbose) {
// TODO: improve logging and printf debug behaviour
// TODO: take the log util functions from netsukuku src
printf
("catch BCC checksum value: %#x\n",
data.checksum);
printf
("calculated BCC checksum value: %#x\n",
(unsigned char)
calculateBCC(data));
}
}
/* the byte 28 is the last byte of the record and it must be ETX */
if (countbyte == 28 && buf == ETX) {
data.end = buf;
started = 0;
countbyte = 0;
int tmpcurr = 0;
float tmpvolt = 0;
// MAX_VOLT : MAX_HEX_VALUE = x : bytes
tmpvolt =
(unsigned int) FETCH2BYTES(5, 4,
data.databytes);
if (tmpvolt > MAX_HEX_VALUE)
data.voltage = 0;
else
data.voltage =
tmpvolt * (float) MAX_VOLT /
(float) MAX_HEX_VALUE *emb_info.k1;
tmpcurr =
(unsigned int) FETCH2BYTES(7, 6,
data.databytes);
if (tmpcurr > MAX_HEX_VALUE)
data.current = 0;
else
data.current =
(int) ((float) tmpcurr *
(float) MAX_VOLT /
(float) MAX_HEX_VALUE *
emb_info.k2);
data.encoder[0] =
(unsigned long int) FETCH4BYTES(data.
databytes,
8) /
emb_info.array_island_k1[0];
data.encoder[1] =
(unsigned long int) FETCH4BYTES(data.
databytes,
12) /
emb_info.array_island_k1[1];
data.encoder[2] =
(unsigned long int) FETCH4BYTES(data.
databytes,
16) /
emb_info.array_island_k1[2];
data.encoder[3] =
(unsigned long int) FETCH4BYTES(data.
databytes,
20) /
emb_info.array_island_k1[3];
if (cfg.verbose) {
// TODO: improve logging and printf debug behaviour
printf
("contacolpi1: %f, contacolpi2: %f, ",
data.encoder[0], data.encoder[1]);
printf
("contacolpi3: %f, contacolpi4: %f, ",
data.encoder[2], data.encoder[3]);
printf
("voltage value: %f, current value: %d\n",
data.voltage, data.current);
}
if (cfg.verbose) {
int i;
// TODO: take the log util functions from netsukuku src
// TODO: improve logging and printf debug behaviour
// printf("catch start code: %#x\n", data.start);
// printf("catch len code: %#x\n", data.length);
// printf("catch cmd code: %#x\n", data.cmd);
for (i = 0; i < 24; i++) {
printf("byte[%d]: %#x\n",
i, data.databytes[i]);
}
}
/* if the checksum given by the plc is the same we have
* calculated send ack */
if ((unsigned char) calculateBCC(data) ==
(unsigned char) data.checksum) {
/* compile the response data record with the ACK byte
* the response is the same record except for the first
* data byte that is ACK
*/
memcpy(&data_response, &data,
sizeof(data));
data_response.databytes[0] = ACK;
connect_db(cfg.dsn, cfg.dbuser,
cfg.dbpass);
if (cfg.polling)
get_embedded_infos();
/* TODO: do all the processing SQL things */
do_sql_things(data);
disconnect_db();
if (cfg.verbose)
printf("ok, sending ACK...\n");
/* send response */
send_response(portfd, data_response);
} else {
memcpy(&data_response, &data,
sizeof(data));
data_response.databytes[0] = NACK;
//if(cfg.polling) get_embedded_infos();
//do_sql_things(data);
if (cfg.verbose)
printf("ok, sending NACK...\n");
/* send response */
send_response(portfd, data_response);
}
setzero(&data, sizeof(data));
setzero(&data_response, sizeof(data_response));
continue;
}
countbyte++;
}
}
close(portfd);
}
static boolean respond_only_restricted_phr_list_loading(SSL *ssl_client)
{
char buffer[BUFFER_LENGTH + 1];
char token_name[TOKEN_NAME_LENGTH + 1];
char phr_ownername[USER_NAME_LENGTH + 1];
SSL *ssl_PHRsv_conn = NULL;
char is_end_of_restricted_phr_list_flag_str_tmp[FLAG_LENGTH + 1]; // "0" or "1"
boolean is_end_of_restricted_phr_list_flag;
char phr_id_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
unsigned int phr_id;
char emergency_unit_name[AUTHORITY_NAME_LENGTH + 1];
char emergency_staff_name[USER_NAME_LENGTH + 1];
MYSQL *db_conn = NULL;
unsigned int no_approvals;
char no_approvals_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
unsigned int threshold_value;
char threshold_value_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
char request_status[RESTRICTED_PHR_REQUEST_STATUS_LENGTH + 1];
// Get the emergency staff info
get_cert_owner_info(ssl_client, emergency_unit_name, emergency_staff_name);
// Receive the restricted-level PHR list loading information
if(SSL_recv_buffer(ssl_client, buffer, NULL) == 0)
{
fprintf(stderr, "Receiving the restricted-level PHR list loading information failed\n");
goto ERROR;
}
// Get the restricted-level PHR list loading information token from buffer
if(read_token_from_buffer(buffer, 1, token_name, phr_ownername) != READ_TOKEN_SUCCESS || strcmp(token_name, "phr_ownername") != 0)
int_error("Extracting the phr_ownername failed");
// Connect to PHR Server
if(!connect_to_emergency_phr_list_loading_service(&ssl_PHRsv_conn))
goto ERROR;
// Send request information
write_token_into_buffer("request", ONLY_RESTRICTED_LEVEL_PHR_LIST_LOADING, true, buffer);
if(!SSL_send_buffer(ssl_PHRsv_conn, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending request information failed\n");
goto ERROR;
}
// Send the restricted-level PHR list loading information
write_token_into_buffer("phr_ownername", phr_ownername, true, buffer);
write_token_into_buffer("phr_owner_authority_name", GLOBAL_authority_name, false, buffer);
if(!SSL_send_buffer(ssl_PHRsv_conn, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the restricted-level PHR list loading information failed\n");
goto ERROR;
}
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Restricted-level PHRs
while(1)
{
char data_description[DATA_DESCRIPTION_LENGTH + 1];
char file_size_str_tmp[INT_TO_STR_DIGITS_LENGTH + 1];
// Receive restricted-level PHR information
if(SSL_recv_buffer(ssl_PHRsv_conn, buffer, NULL) == 0)
{
fprintf(stderr, "Receiving the restricted-level PHR information failed\n");
goto ERROR;
}
// Get the is_end_of_restricted_phr_list_flag token from buffer
if(read_token_from_buffer(buffer, 1, token_name, is_end_of_restricted_phr_list_flag_str_tmp)
!= READ_TOKEN_SUCCESS || strcmp(token_name, "is_end_of_restricted_phr_list_flag") != 0)
{
int_error("Extracting the is_end_of_restricted_phr_list_flag failed");
}
is_end_of_restricted_phr_list_flag = (strcmp(is_end_of_restricted_phr_list_flag_str_tmp, "1") == 0) ? true : false;
if(is_end_of_restricted_phr_list_flag)
break;
if(read_token_from_buffer(buffer, 2, token_name, phr_id_str_tmp) != READ_TOKEN_SUCCESS || strcmp(token_name, "phr_id") != 0)
{
int_error("Extracting the phr_id failed");
}
phr_id = atoi(phr_id_str_tmp);
if(read_token_from_buffer(buffer, 3, token_name, data_description) != READ_TOKEN_SUCCESS || strcmp(token_name, "data_description") != 0)
{
int_error("Extracting the data_description failed");
}
if(read_token_from_buffer(buffer, 4, token_name, file_size_str_tmp) != READ_TOKEN_SUCCESS || strcmp(token_name, "file_size") != 0)
{
int_error("Extracting the file_size failed");
}
// Get a restricted-level PHR request status
get_restricted_phr_request_status(db_conn, phr_id, emergency_unit_name, emergency_staff_name, &no_approvals, &threshold_value, request_status);
sprintf(no_approvals_str_tmp, "%u", no_approvals);
sprintf(threshold_value_str_tmp, "%u", threshold_value);
// Re-pack the information
write_token_into_buffer("is_end_of_restricted_phr_list_flag", "0", true, buffer);
write_token_into_buffer("phr_id", phr_id_str_tmp, false, buffer);
write_token_into_buffer("data_description", data_description, false, buffer);
write_token_into_buffer("file_size", file_size_str_tmp, false, buffer);
// Append the request info
write_token_into_buffer("approvals", no_approvals_str_tmp, false, buffer);
write_token_into_buffer("threshold_value", threshold_value_str_tmp, false, buffer);
write_token_into_buffer("request_status", request_status, false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the restricted-level PHR information failed\n");
goto ERROR;
}
}
// Send the is_end_of_restricted_phr_list_flag
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the is_end_of_restricted_phr_list_flag failed\n");
goto ERROR;
}
disconnect_db(&db_conn);
SSL_cleanup(ssl_PHRsv_conn);
ssl_PHRsv_conn = NULL;
return true;
ERROR:
if(db_conn)
{
disconnect_db(&db_conn);
db_conn = NULL;
}
if(ssl_PHRsv_conn)
{
SSL_cleanup(ssl_PHRsv_conn);
ssl_PHRsv_conn = NULL;
}
return false;
}
static boolean remove_access_permission(SSL *ssl_client, char *desired_user_authority_name, char *desired_username)
{
char buffer[BUFFER_LENGTH + 1];
char phr_owner_name[USER_NAME_LENGTH + 1];
unsigned int phr_owner_id;
unsigned int desired_user_authority_id;
unsigned int desired_user_id;
unsigned int assigned_permission_id;
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
// Get certificate owner's name
get_cert_ownername(ssl_client, GLOBAL_authority_name, phr_owner_name, NULL);
// The desired user must not be the same one with the PHR owner
if(strcmp(desired_user_authority_name, GLOBAL_authority_name) == 0 && strcmp(desired_username, phr_owner_name) == 0)
{
// Send the access permission removal result flag
write_token_into_buffer("access_permission_removal_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "Invalid operation", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission removal result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Check for the existence of the desired user
if(!does_desired_user_exists(db_conn, desired_username, desired_user_authority_name, &desired_user_id, &desired_user_authority_id))
{
// Send the access permission removal result flag
write_token_into_buffer("access_permission_removal_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "Do not found your desired user", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission removal result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Query for the PHR owner id
if(!get_phr_owner_id(db_conn, phr_owner_name, &phr_owner_id))
{
// Send the access permission removal result flag
write_token_into_buffer("access_permission_removal_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "Getting the PHR owner id from a database failed", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission removal result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Check for the existence of access permission for this desired user
if(!does_desired_user_access_permission_exists(db_conn, phr_owner_id, desired_user_id, desired_user_authority_id, &assigned_permission_id))
{
// Send the access permission removal result flag
write_token_into_buffer("access_permission_removal_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "Getting the assigned permission id from a database failed", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission removal result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Delete the access permission for this desired user (permissions_assigned_to_others)
sprintf(stat, "DELETE FROM %s WHERE assigned_permission_id = %u", UA__PERMISSIONS_ASSIGNED_TO_OTHERS, assigned_permission_id);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
// If the desired user is in the same authority with the PHR owner then delete desired user's
// access permission in an access_permissions table, unless wait for synchronization mechanism
if(desired_user_authority_id == GLOBAL_authority_id)
{
// Delete the access permission for this desired user (access_permissions)
sprintf(stat, "DELETE FROM %s WHERE user_id = %u AND phr_owner_id = %u AND phr_owner_authority_id = %u",
UA__ACCESS_PERMISSIONS, desired_user_id, phr_owner_id, GLOBAL_authority_id);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
}
disconnect_db(&db_conn);
// Send the access permission removal result flag
write_token_into_buffer("access_permission_removal_result_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission removal result flag failed\n");
goto ERROR;
}
// Record a transaction log
record_transaction_log(ssl_client, desired_username, desired_user_authority_name, NO_SPECIFIC_DATA, ACCESS_PERMISSION_REMOVAL_MSG);
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
static boolean assign_access_permission(SSL *ssl_client, char *desired_user_authority_name, char *desired_username,
boolean upload_permission_flag, boolean download_permission_flag, boolean delete_permission_flag)
{
char buffer[BUFFER_LENGTH + 1];
char phr_owner_name[USER_NAME_LENGTH + 1];
unsigned int phr_owner_id;
unsigned int desired_user_authority_id;
unsigned int desired_user_id;
unsigned int assigned_permission_id;
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
char object_description[DATA_DESCRIPTION_LENGTH + 1];
// Get certificate owner's name
get_cert_ownername(ssl_client, GLOBAL_authority_name, phr_owner_name, NULL);
// The desired user must not be the same one with the PHR owner
if(strcmp(desired_user_authority_name, GLOBAL_authority_name) == 0 && strcmp(desired_username, phr_owner_name) == 0)
{
// Send the access permission assignment result flag
write_token_into_buffer("access_permission_assignment_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "You have access permissions to your own data already", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission assignment result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Check for the existence of the desired user
if(!does_desired_user_exists(db_conn, desired_username, desired_user_authority_name, &desired_user_id, &desired_user_authority_id))
{
// Send the access permission assignment result flag
write_token_into_buffer("access_permission_assignment_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "Do not found the user that you're looking for", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission assignment result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Query for the PHR owner id
if(!get_phr_owner_id(db_conn, phr_owner_name, &phr_owner_id))
{
// Send the access permission assignment result flag
write_token_into_buffer("access_permission_assignment_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "Getting the PHR owner id from a database failed", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission assignment result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Check for the existence of access permission for this desired user
if(does_desired_user_access_permission_exists(db_conn, phr_owner_id, desired_user_id, desired_user_authority_id, &assigned_permission_id))
{
// Send the access permission assignment result flag
write_token_into_buffer("access_permission_assignment_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "You have assigned the permission to this user already", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission assignment result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Insert the access permission for this desired user (permissions_assigned_to_others)
sprintf(stat, "INSERT INTO %s(user_id, object_user_id, object_user_authority_id, upload_permission_flag, download_permission_flag, "
"delete_permission_flag) VALUES(%u, %u, %u, '%s', '%s', '%s')", UA__PERMISSIONS_ASSIGNED_TO_OTHERS, phr_owner_id, desired_user_id,
desired_user_authority_id, (upload_permission_flag) ? "1" : "0", (download_permission_flag) ? "1" : "0", (delete_permission_flag) ? "1" : "0");
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
// If the desired user is in the same authority with the PHR owner then insert desired user's
// access permission in an access_permissions table, unless wait for synchronization mechanism
if(desired_user_authority_id == GLOBAL_authority_id)
{
// Insert the access permission for this desired user (access_permissions)
sprintf(stat, "INSERT INTO %s(user_id, phr_owner_id, phr_owner_authority_id, upload_permission_flag, download_permission_flag, "
"delete_permission_flag) VALUES(%u, %u, %u, '%s', '%s', '%s')", UA__ACCESS_PERMISSIONS, desired_user_id, phr_owner_id,
GLOBAL_authority_id, (upload_permission_flag) ? "1" : "0", (download_permission_flag) ? "1" : "0", (delete_permission_flag) ? "1" : "0");
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
}
disconnect_db(&db_conn);
// Send the access permission assignment result flag
write_token_into_buffer("access_permission_assignment_result_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the access permission assignment result flag failed\n");
goto ERROR;
}
// Record a transaction log
sprintf(object_description, "Access permission: <upload: %s><download: %s><delete: %s>", (upload_permission_flag) ? "true" : "false",
(download_permission_flag) ? "true" : "false", (delete_permission_flag) ? "true" : "false");
record_transaction_log(ssl_client, desired_username, desired_user_authority_name, object_description, ACCESS_PERMISSION_ASSIGNMENT_MSG);
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
static void get_db_charsets(conn_info_t *params_p, ub2 *char_csid,
ub2 *nchar_csid)
{
OCIDefine *defnp1 = (OCIDefine *) NULL;
OCIDefine *defnp2 = (OCIDefine *) NULL;
oratext parm[PARM_BUFLEN];
oratext value[OCI_NLS_MAXBUFSZ];
ub2 parm_len = 0;
ub2 value_len = 0;
oci_t ocistruct;
oci_t *ocip = &ocistruct;
*char_csid = 0;
*nchar_csid = 0;
memset (ocip, 0, sizeof(ocistruct));
if (OCIEnvCreate(&ocip->envp, OCI_OBJECT, (dvoid *)0,
(dvoid * (*)(dvoid *, size_t)) 0,
(dvoid * (*)(dvoid *, dvoid *, size_t))0,
(void (*)(dvoid *, dvoid *)) 0,
(size_t) 0, (dvoid **) 0))
{
ocierror(ocip, (char *)"OCIEnvCreate() failed", TRUE);
}
if (OCIHandleAlloc((dvoid *) ocip->envp, (dvoid **) &ocip->errp,
(ub4) OCI_HTYPE_ERROR, (size_t) 0, (dvoid **) 0))
{
ocierror(ocip, (char *)"OCIHandleAlloc(OCI_HTYPE_ERROR) failed", TRUE);
}
OCICALL(ocip,
OCILogon(ocip->envp, ocip->errp, &ocip->svcp,
params_p->user, params_p->userlen,
params_p->passw, params_p->passwlen,
params_p->dbname, params_p->dbnamelen));
OCICALL(ocip,
OCIHandleAlloc((dvoid *) ocip->envp, (dvoid **) &ocip->stmtp,
(ub4) OCI_HTYPE_STMT, (size_t) 0, (dvoid **) 0));
/* Execute stmt to select the db nls char and nchar character set */
OCICALL(ocip,
OCIStmtPrepare(ocip->stmtp, ocip->errp,
(CONST text *)GET_DB_CHARSETS,
(ub4)strlen((char *)GET_DB_CHARSETS),
(ub4)OCI_NTV_SYNTAX, (ub4)OCI_DEFAULT));
OCICALL(ocip,
OCIDefineByPos(ocip->stmtp, &defnp1,
ocip->errp, (ub4) 1, parm,
PARM_BUFLEN, SQLT_CHR, (void*) 0,
&parm_len, (ub2 *)0, OCI_DEFAULT));
OCICALL(ocip,
OCIDefineByPos(ocip->stmtp, &defnp2,
ocip->errp, (ub4) 2, value,
OCI_NLS_MAXBUFSZ, SQLT_CHR, (void*) 0,
&value_len, (ub2 *)0, OCI_DEFAULT));
OCICALL(ocip,
OCIStmtExecute(ocip->svcp, ocip->stmtp,
ocip->errp, (ub4)0, (ub4)0,
(const OCISnapshot *)0,
(OCISnapshot *)0, (ub4)OCI_DEFAULT));
while (OCIStmtFetch(ocip->stmtp, ocip->errp, 1,
OCI_FETCH_NEXT, OCI_DEFAULT) == OCI_SUCCESS)
{
value[value_len] = '\0';
if (parm_len == strlen("NLS_CHARACTERSET") &&
!memcmp(parm, "NLS_CHARACTERSET", parm_len))
{
*char_csid = OCINlsCharSetNameToId(ocip->envp, value);
printf("Outbound database NLS_CHARACTERSET = %.*s (csid = %d) \n",
value_len, value, *char_csid);
}
else if (parm_len == strlen("NLS_NCHAR_CHARACTERSET") &&
!memcmp(parm, "NLS_NCHAR_CHARACTERSET", parm_len))
{
*nchar_csid = OCINlsCharSetNameToId(ocip->envp, value);
printf("Outbound database NLS_NCHAR_CHARACTERSET = %.*s (csid = %d) \n",
value_len, value, *nchar_csid);
}
}
disconnect_db(ocip);
}
// A PHR owner is assumed to be in current authority but a trusted user can be in another authority
static boolean load_emergency_trusted_user_list(SSL *ssl_client)
{
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
char phr_owner_name[USER_NAME_LENGTH + 1];
unsigned int trusted_user_id;
char trusted_username[USER_NAME_LENGTH + 1];
char trusted_user_authority_name[AUTHORITY_NAME_LENGTH + 1];
char buffer[BUFFER_LENGTH + 1];
// Get certificate owner's name
get_cert_ownername(ssl_client, GLOBAL_authority_name, phr_owner_name, NULL);
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query the emergency trusted user list of the requestor
sprintf(stat, "SELECT DGT.trusted_user_id FROM %s DGT, %s USR WHERE DGT.phr_owner_id = USR.user_id AND USR.username LIKE '%s' COLLATE latin1_general_cs "
"AND USR.authority_id = %u AND DGT.rejection_by_trusted_user_flag = '0'", EMS__DELEGATIONS, EMS__USERS, phr_owner_name, GLOBAL_authority_id);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
while((row = mysql_fetch_row(result)))
{
trusted_user_id = atoi(row[0]);
get_user_information(db_conn, trusted_user_id, trusted_username, trusted_user_authority_name);
// Send the emergency trusted user information
write_token_into_buffer("is_end_of_emergency_trusted_user_list_flag", "0", true, buffer);
write_token_into_buffer("trusted_username", trusted_username, false, buffer);
write_token_into_buffer("trusted_user_authority_name", trusted_user_authority_name, false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the emergency trusted user information failed\n");
goto ERROR;
}
}
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
// Send the end of emergency trusted user list
write_token_into_buffer("is_end_of_emergency_trusted_user_list_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the end of emergency trusted user list failed\n");
goto ERROR;
}
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
static int connect_db(db_con_t* _h, const char* _db_url)
{
char* user, *password, *host, *port, *database;
if(! _h)
{
PLOG("connect_db", "must pass db_con_t!");
return(-1);
}
if(CON_CONNECTED(_h))
{
DLOG("connect_db", "disconnect first!");
disconnect_db(_h);
}
/*
** CON_CONNECTED(_h) is now 0, set by disconnect_db()
*/
/*
** Note :
** Make a scratch pad copy of given SQL URL.
** all memory allocated to this connection is rooted
** from this.
** This is an important concept.
** as long as you always allocate memory using the function:
** mem = aug_alloc(size, CON_SQLURL(_h)) or
** str = aug_strdup(string, CON_SQLURL(_h))
** where size is the amount of memory, then in the future
** when CON_SQLURL(_h) is freed (in the function disconnect_db())
** all other memory allocated in this manner is freed.
** this will keep memory leaks from happening.
*/
CON_SQLURL(_h) = aug_strdup((char *) _db_url, (char *) _h);
/*
** get the connection parameters parsed from the db_url string
** it looks like: postgres://username:userpass@dbhost:dbport/dbname
** username/userpass : name and password for the database
** dbhost : the host name or ip address hosting the database
** dbport : the port to connect to database on
** dbname : the name of the database
*/
if(parse_sql_url(CON_SQLURL(_h),
&user,&password,&host,&port,&database) < 0)
{
char buf[256];
sprintf(buf, "Error while parsing %s", _db_url);
PLOG("connect_db", buf);
aug_free(CON_SQLURL(_h));
return -3;
}
/*
** finally, actually connect to the database
*/
CON_CONNECTION(_h) =
PQsetdbLogin(host,port,NULL,NULL,database,user, password);
if(CON_CONNECTION(_h) == 0
|| PQstatus(CON_CONNECTION(_h)) != CONNECTION_OK)
{
PLOG("connect_db", PQerrorMessage(CON_CONNECTION(_h)));
PQfinish(CON_CONNECTION(_h));
aug_free(CON_SQLURL(_h));
return -4;
}
CON_PID(_h) = getpid();
/*
** all is well, database was connected, we can now submit_query's
*/
CON_CONNECTED(_h) = 1;
return 0;
}
static boolean reset_user_passwd(SSL *ssl_client, boolean is_admin_flag)
{
char buffer[BUFFER_LENGTH + 1];
char token_name[TOKEN_NAME_LENGTH + 1];
char username[USER_NAME_LENGTH + 1];
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
unsigned int user_or_admin_id;
char email_address[EMAIL_ADDRESS_LENGTH + 1];
char random_passwd[PASSWD_LENGTH + 1];
char random_salt_value[SALT_VALUE_LENGTH + 1];
char random_passwd_with_salt_value[PASSWD_LENGTH + SALT_VALUE_LENGTH + 1];
char salted_passwd_hash[SHA1_DIGEST_LENGTH + 1];
// Receive user/admin password resetting information
if(SSL_recv_buffer(ssl_client, buffer, NULL) == 0)
{
fprintf(stderr, "Receiving user/admin password resetting information failed\n");
goto ERROR;
}
// Get a user/admin password resetting information token from buffer
if(read_token_from_buffer(buffer, 1, token_name, username) != READ_TOKEN_SUCCESS || strcmp(token_name, "username") != 0)
int_error("Extracting the username failed");
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Check for the existence of username
if(is_admin_flag)
{
sprintf(stat, "SELECT admin_id, email_address FROM %s WHERE username LIKE '%s' COLLATE latin1_general_cs", ESA__ADMINS, username);
}
else
{
sprintf(stat, "SELECT user_id, email_address FROM %s WHERE username LIKE '%s' COLLATE latin1_general_cs", ESA__USERS, username);
}
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
// The user/admin does not exist
if(!row)
{
// Send the user/admin password resetting result flag
write_token_into_buffer("user_or_admin_passwd_resetting_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", "User does not exist", false, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the user/admin password resetting result flag failed\n");
goto ERROR;
}
goto ERROR;
}
user_or_admin_id = atoi(row[0]);
strcpy(email_address, row[1]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
// Generate a random 8 character password
gen_random_password(random_passwd);
// Generate a random 8 character salt value
gen_random_salt_value(random_salt_value);
// Get the salted password hash
sprintf(random_passwd_with_salt_value, "%s%s", random_passwd, random_salt_value);
sum_sha1_from_string(random_passwd_with_salt_value, strlen(random_passwd_with_salt_value), salted_passwd_hash, SALTED_PASSWD_HASH_PATH);
// Update the password hash information
if(is_admin_flag)
{
sprintf(stat, "UPDATE %s SET salted_passwd_hash = '%s', salt_value = '%s' WHERE admin_id = %u",
ESA__ADMINS, salted_passwd_hash, random_salt_value, user_or_admin_id);
}
else
{
sprintf(stat, "UPDATE %s SET salted_passwd_hash = '%s', salt_value = '%s' WHERE user_id = %u",
ESA__USERS, salted_passwd_hash, random_salt_value, user_or_admin_id);
}
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
// Generate an SSL certificate
generate_ssl_cert(db_conn, user_or_admin_id, username, is_admin_flag, random_passwd, email_address, SSL_CERT_PRIV_KEY_PATH, SSL_CERT_REQ_PATH, ENC_SSL_CERT_PATH,
FULL_ENC_SSL_CERT_PATH, FULL_ENC_SSL_CERT_HASH_PATH);
disconnect_db(&db_conn);
// Lock an e-mail sending
if(sem_wait(&email_sending_lock_mutex) != 0)
int_error("Locking the mutex failed");
if(!send_passwd_to_user_email_address(email_address, username, is_admin_flag, random_passwd))
{
// Send the user/admin password resetting result flag
write_token_into_buffer("user_or_admin_passwd_resetting_result_flag", "0", true, buffer);
write_token_into_buffer("error_msg", get_send_email_error_msg(), false, buffer);
// Unlock an e-mail sending
if(sem_post(&email_sending_lock_mutex) != 0)
int_error("Unlocking the mutex failed");
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the user/admin password resetting result flag failed\n");
goto ERROR;
}
goto ERROR;
}
// Unlock an e-mail sending
if(sem_post(&email_sending_lock_mutex) != 0)
int_error("Unlocking the mutex failed");
// Send the user/admin password resetting result flag
write_token_into_buffer("user_or_admin_passwd_resetting_result_flag", "1", true, buffer);
if(!SSL_send_buffer(ssl_client, buffer, strlen(buffer)))
{
fprintf(stderr, "Sending the user/admin password resetting result flag failed\n");
goto ERROR;
}
return true;
ERROR:
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
return false;
}
static boolean ssl_cert_response(BIO *bio_client, char *username, boolean is_admin_flag, char *key_exchange_passwd)
{
char *ssl_cert_data = NULL;
unsigned long ssl_cert_data_length;
char ssl_cert_hash[SHA1_DIGEST_LENGTH + 1];
MYSQL *db_conn = NULL;
MYSQL_RES *result = NULL;
MYSQL_ROW row;
char stat[SQL_STATEMENT_LENGTH + 1];
char err_msg[ERR_MSG_LENGTH + 1];
unsigned long *lengths = NULL;
ssl_cert_data = (char *)malloc(sizeof(char)*1000*1024);
if(!ssl_cert_data)
{
int_error("Allocating memory for \"ssl_cert_data\" failed");
}
// Connect the database
connect_db(&db_conn, DB_IP, DB_USERNAME, DB_PASSWD, DB_NAME);
// Query the user's SSL certificate and write it to buffer
sprintf(stat, "SELECT enc_ssl_cert, enc_ssl_cert_hash FROM %s WHERE username LIKE '%s' "
"COLLATE latin1_general_cs", (is_admin_flag) ? UA__ADMINS : UA__USERS, username);
if(mysql_query(db_conn, stat))
{
sprintf(err_msg, "Error %u: %s\n", mysql_errno(db_conn), mysql_error(db_conn));
int_error(err_msg);
}
result = mysql_store_result(db_conn);
row = mysql_fetch_row(result);
if(!row)
int_error("Getting an SSL certificate from the database failed");
lengths = mysql_fetch_lengths(result);
ssl_cert_data_length = lengths[0];
memcpy(ssl_cert_data, row[0], ssl_cert_data_length);
strcpy(ssl_cert_hash, row[1]);
if(result)
{
mysql_free_result(result);
result = NULL;
}
disconnect_db(&db_conn);
// Write the SSL ceertificate to file and encrypt it with random session password before sending it to the user
if(!write_bin_file(SSL_CERT_PLAINTEXT_PATH, "wb", ssl_cert_data, ssl_cert_data_length))
{
fprintf(stderr, "Writing the SSL certificate hash failed");
goto ERROR;
}
if(!des3_encrypt(SSL_CERT_PLAINTEXT_PATH, SSL_CERT_CIPHERTEXT_PATH, key_exchange_passwd, err_msg))
{
fprintf(stderr, "Decrypting the SSL certificate failed\n\"%s\"\n", err_msg);
goto ERROR;
}
unlink(SSL_CERT_PLAINTEXT_PATH);
// Send the user's SSL certificate
if(!BIO_send_file(bio_client, SSL_CERT_CIPHERTEXT_PATH))
{
fprintf(stderr, "Sending the SSL certificate failed\n");
goto ERROR;
}
unlink(SSL_CERT_CIPHERTEXT_PATH);
// Write hash value to file and encrypt it with random session password before sending it to the user
if(!write_bin_file(SSL_CERT_HASH_PLAINTEXT_PATH, "wb", ssl_cert_hash, SHA1_DIGEST_LENGTH))
{
fprintf(stderr, "Writing the SSL certificate hash failed");
goto ERROR;
}
if(!des3_encrypt(SSL_CERT_HASH_PLAINTEXT_PATH, SSL_CERT_HASH_CIPHERTEXT_PATH, key_exchange_passwd, err_msg))
{
fprintf(stderr, "Decrypting the SSL certificate hash failed\n\"%s\"\n", err_msg);
goto ERROR;
}
unlink(SSL_CERT_HASH_PLAINTEXT_PATH);
// Send the user's SSL certificate hash
if(!BIO_send_file(bio_client, SSL_CERT_HASH_CIPHERTEXT_PATH))
{
fprintf(stderr, "Sending the SSL certificate hash failed\n");
goto ERROR;
}
unlink(SSL_CERT_HASH_CIPHERTEXT_PATH);
if(ssl_cert_data)
{
free(ssl_cert_data);
ssl_cert_data = NULL;
}
return true;
ERROR:
unlink(SSL_CERT_PLAINTEXT_PATH);
unlink(SSL_CERT_CIPHERTEXT_PATH);
unlink(SSL_CERT_HASH_PLAINTEXT_PATH);
unlink(SSL_CERT_HASH_CIPHERTEXT_PATH);
if(ssl_cert_data)
{
free(ssl_cert_data);
ssl_cert_data = NULL;
}
return false;
}
