render_unit( std::istream &is, const vec3i &base_pos )
: base_pos_(base_pos),
scene_static_(base_pos)
{
assert( is.good() );
// height_fields_ = crystal_bits::load_crystal(is, pump_factor_);
// std::cout << "hf: " << height_fields_.size() << "\n";
//
//
//
// scene_static_.init_solid(height_fields_);
//
const size_t pump_factor = 4;
base_pos_.x *= pump_factor;
base_pos_.z *= pump_factor;
scene_static_.init_solid_from_crystal(is, pump_factor);
// scene_static_.init_planes();
scene_static_.init_binmaps();
scene_static_.init_strips();
uint64_t scene_hash = scene_static_.hash();
auto bin_name = hash_to_filename(scene_hash);
std::cout << "baked name: " << bin_name << "\n";
try {
std::ifstream is( bin_name.c_str() );
light_static_ = light_static( is, scene_hash );
} catch( std::runtime_error x ) {
std::cerr << "load failed. recreating. error:\n" << x.what() << std::endl;
light_static_ = setup_formfactors(scene_static_.planes(), scene_static_.solid());
}
if( !false ) {
std::ofstream os( bin_name.c_str() );
light_static_.write(os, scene_hash);
}
light_dynamic_ = light_dynamic(scene_static_.planes().size() );
rad_core_ = make_rad_core_threaded(scene_static_, light_static_);
// vbob_ = vbo_builder(scene_static_.planes().size() );
// vbob_.update_index_buffer( scene_static_.planes().size());
// vbob_.update_vertices( scene_static_.planes().begin(), scene_static_.planes().end());
//
vbob_ts_ = vbo_builder_tristrip( scene_static_.tristrip_at(0) );
auto bin_map = scene_static_.bin_maps().at(0);
lightmap.upload_rgb( (uint8_t*)bin_map.data(), 256, 256 );
}
// take certificate hashes, check their validity and output json that
// will indicate which certificate were used for verification, whatever
// the chain was trusted and if all certificates needed for verification
// (with the exception of root CA) were present in hashes
int process_chain(const char **cert_hashes)
{
int ret;
int rc; // return code from function
char *f_name;
X509 *cert;
X509 *x509;
X509_STORE *store;
X509_STORE_CTX *csc;
STACK_OF(X509) *ustack;
STACK_OF(X509) *vstack;
// load certificates to temp structures
// first the end entity cert
// (EE cert needs to be passed separately to OpenSSL verification context)
f_name = hash_to_filename(cert_hashes[0]);
if (f_name == NULL)
return 1;
cert = load_cert(f_name);
free(f_name);
if (cert == NULL) {
printf("can't load certificate!\n");
return 1;
}
// then the intermediate certificates
ustack = sk_X509_new_null();
for (int i=1; cert_hashes[i]!=NULL; i++) {
//printf(".\n");
f_name = hash_to_filename(cert_hashes[i]);
if (f_name == NULL) {
// file not found
continue;
}
x509 = load_cert(f_name);
if (x509 == NULL) {
// loading cert failed
continue;
}
sk_X509_push(ustack, x509);
free(f_name);
}
// first try with just trusted certificates
store = SSL_CTX_get_cert_store(trusted_only);
if (store == NULL) {
fprintf(stderr, "store init failed\n");
return 1;
}
X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST);
csc = X509_STORE_CTX_new();
ret = X509_STORE_CTX_init(csc, store, cert, ustack);
if (ret != 1) {
return 1;
}
ret = X509_verify_cert(csc);
if (ret != 1) {
// printf("%s\n", X509_verify_cert_error_string(csc->error));
} else {
// chain is complete, output certificate hashes
printf("{\"chain\":\"complete\",\"certificates\":[");
vstack = X509_STORE_CTX_get_chain(csc);
for(int i=0; i<sk_X509_num(vstack); i++) {
X509 *c = sk_X509_value(vstack, i);
const EVP_MD *digest;
unsigned char md[EVP_MAX_MD_SIZE];
int n;
digest = EVP_get_digestbyname("sha256");
X509_digest(c, digest, md, &n);
printf("\"");
for(int i=0; i<n; i++) {
printf("%02x", md[i]);
}
printf("\"");
if (i+1 < sk_X509_num(vstack)) {
printf(",");
}
}
printf("]}");
X509_STORE_CTX_free(csc);
sk_X509_pop_free(ustack, X509_free);
X509_free(cert);
return 0;
}
X509_STORE_CTX_free(csc);
// validation failed with just the trust anchors, retry with all
// known intermediate certificates
store = SSL_CTX_get_cert_store(all_CAs);
if (store == NULL) {
fprintf(stderr, "store init failed\n");
return 1;
}
X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST);
csc = X509_STORE_CTX_new();
ret = X509_STORE_CTX_init(csc, store, cert, ustack);
if (ret != 1) {
return 1;
}
ret = X509_verify_cert(csc);
if (ret != 1) {
// certificate untrusted
printf("{\"chain\":\"untrusted\"}");
} else {
// chain successfully verified using all certificates,
// print all the certs used to verify it
printf("{\"chain\":\"incomplete\",\"certificates\":[");
vstack = X509_STORE_CTX_get_chain(csc);
for(int i=0; i<sk_X509_num(vstack); i++) {
X509 *c = sk_X509_value(vstack, i);
const EVP_MD *digest;
unsigned char md[EVP_MAX_MD_SIZE];
int n;
digest = EVP_get_digestbyname("sha256");
X509_digest(c, digest, md, &n);
printf("\"");
for(int i=0; i<n; i++) {
printf("%02x", md[i]);
}
printf("\"");
if (i+1 < sk_X509_num(vstack)) {
printf(",");
}
}
printf("]}");
}
X509_STORE_CTX_free(csc);
sk_X509_pop_free(ustack, X509_free);
X509_free(cert);
return 0;
}
