int handled_policy_import_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n) { const char *scmd = "policy import"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled ods_log_debug("[%s] %s command", module_str, scmd); time_t tstart = time(NULL); /* perform_policy_import(sockfd, engine->config); */ perform_update_kasp(sockfd, engine->config); //TODO: Need error checking so we only do this if the update succeeds perform_hsmkey_gen(sockfd, engine->config, 0 /* automatic */, engine->config->automatic_keygen_duration); flush_all_tasks(sockfd, engine); ods_printf(sockfd,"%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); return 1; }
int handled_zone_del_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n) { const char *scmd = "zone delete"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled ods_log_debug("[%s] %s command", module_str, scmd); std::string zone; int need_write_xml = 0; if (!get_arguments(sockfd,cmd,zone, need_write_xml)) { help_zone_del_cmd(sockfd); return 1; } time_t tstart = time(NULL); perform_zone_del(sockfd,engine->config, zone.c_str(), need_write_xml, false); ods_printf(sockfd,"%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); return 1; }
int handled_update_all_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n) { const char *scmd = "update all"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled ods_log_debug("[%s] %s command", module_str, scmd); // check that we are using a compatible protobuf version. GOOGLE_PROTOBUF_VERIFY_VERSION; time_t tstart = time(NULL); autostart(engine); /* Check all files for errors. The perform_update_*() * functions check as well but this gives us all or nothing. * Plus we get a complete check of the files mentioned in the * conf which need not be the same as the files in use by the * running enforcer!*/ char *kasp = NULL; char *zonelist = NULL; char **replist = NULL; int repcount, i; int error = 1; if (check_conf(engine->config->cfg_filename, &kasp, &zonelist, &replist, &repcount, 0)) ods_log_error_and_printf(sockfd, module_str, "Unable to validate '%s' consistency.", engine->config->cfg_filename); else if (check_kasp(kasp, replist, repcount, 0)) ods_log_error_and_printf(sockfd, module_str, "Unable to validate '%s' consistency.", kasp); else if (check_zonelist(zonelist, 0)) ods_log_error_and_printf(sockfd, module_str, "Unable to validate '%s' consistency.", zonelist); else error = 0; free(kasp); free(zonelist); if (replist) { for (i = 0; i < repcount; i++) free(replist[i]); } if (!error) error |= perform_update_repositorylist(sockfd, engine); if (!error) error |= perform_update_kasp(sockfd, engine->config); if (!error) error |= perform_update_keyzones(sockfd, engine->config); if (!error) { perform_update_hsmkeys(sockfd, engine->config, 0 /* automatic */); perform_hsmkey_gen(sockfd, engine->config, 0 /* automatic */, engine->config->automatic_keygen_duration); flush_all_tasks(sockfd, engine); } ods_printf(sockfd, "%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); return 1; }
int handled_keystate_list_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n) { char buf[ODS_SE_MAXLINE]; const char *argv[8]; const int NARGV = sizeof(argv)/sizeof(char*); int argc; const char *scmd = "key list"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled ods_log_debug("[%s] %s command", module_str, scmd); // Use buf as an intermediate buffer for the command. strncpy(buf,cmd,sizeof(buf)); buf[sizeof(buf)-1] = '\0'; // separate the arguments argc = ods_str_explode(buf,NARGV,argv); if (argc > NARGV) { ods_log_warning("[%s] too many arguments for %s command", module_str,scmd); ods_printf(sockfd,"too many arguments\n"); help_keystate_list_cmd(sockfd); return 1; // errors, but handled } bool bVerbose = ods_find_arg(&argc,argv,"verbose","v") != -1; bool bDebug = ods_find_arg(&argc,argv,"debug","d") != -1; if (argc) { ods_log_warning("[%s] unknown arguments for %s command", module_str,scmd); ods_printf(sockfd,"unknown arguments\n"); help_keystate_list_cmd(sockfd); return 1; // errors, but handled } time_t tstart = time(NULL); perform_keystate_list(sockfd, engine->config, bVerbose, bDebug); ods_printf(sockfd,"%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); return 1; }
int handled_zone_list_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n) { const char *scmd = "zone list"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled ods_log_debug("[%s] %s command", module_str, scmd); time_t tstart = time(NULL); perform_zone_list(sockfd,engine->config); ods_printf(sockfd,"%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); return 1; }
/* Delete any policies with no zones */ int handled_policy_purge_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n){ const char *scmd = "policy purge"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled // TODO: Should we require a confirmation here? ods_log_debug("[%s] %s command", module_str, scmd); time_t tstart = time(NULL); perform_policy_purge(sockfd, engine->config); ods_printf(sockfd, "%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); return 1; }
static int run(int sockfd, engine_type* engine, const char *cmd, ssize_t n, db_connection_t *dbconn) { #define NARGV 8 char buf[ODS_SE_MAXLINE]; const char *argv[NARGV]; int argc; const char *zone = NULL; (void)engine; ods_log_debug("[%s] %s command", module_str, rollover_list_funcblock()->cmdname); cmd = ods_check_command(cmd, n, rollover_list_funcblock()->cmdname); /* Use buf as an intermediate buffer for the command.*/ strncpy(buf, cmd,sizeof(buf)); buf[sizeof(buf)-1] = '\0'; /* separate the arguments*/ argc = ods_str_explode(buf, NARGV, argv); if (argc > NARGV) { ods_log_warning("[%s] too many arguments for %s command", module_str, rollover_list_funcblock()->cmdname); client_printf(sockfd,"too many arguments\n"); return -1; } (void)ods_find_arg_and_param(&argc,argv,"zone","z",&zone); if (argc) { ods_log_warning("[%s] unknown arguments for %s command", module_str, rollover_list_funcblock()->cmdname); client_printf(sockfd,"unknown arguments\n"); return -1; } return perform_rollover_list(sockfd, zone, dbconn); }
static int handles(const char *cmd, ssize_t n) { return ods_check_command(cmd, n, rollover_list_funcblock()->cmdname)?1:0; }
int handled_keystate_ds_seen_cmd(int sockfd, engine_type* engine, const char *cmd, ssize_t n) { char buf[ODS_SE_MAXLINE]; const char *argv[8]; const int NARGV = sizeof(argv)/sizeof(char*); int argc; const char *scmd = "key ds-seen"; cmd = ods_check_command(cmd,n,scmd); if (!cmd) return 0; // not handled ods_log_debug("[%s] %s command", module_str, scmd); // Use buf as an intermediate buffer for the command. strncpy(buf,cmd,sizeof(buf)); buf[sizeof(buf)-1] = '\0'; // separate the arguments argc = ods_str_explode(buf,NARGV,argv); if (argc > NARGV) { ods_log_warning("[%s] too many arguments for %s command", module_str,scmd); ods_printf(sockfd,"too many arguments\n"); return 1; // errors, but handled } const char *zone = NULL; const char *cka_id = NULL; const char *keytag = NULL; (void)ods_find_arg_and_param(&argc,argv,"zone","z",&zone); (void)ods_find_arg_and_param(&argc,argv,"cka_id","k",&cka_id); (void)ods_find_arg_and_param(&argc,argv,"keytag","x",&keytag); // Check for unknown parameters on the command line if (argc) { ods_log_warning("[%s] unknown arguments for %s command", module_str,scmd); ods_printf(sockfd,"unknown arguments\n"); help_keystate_ds_seen_cmd(sockfd); return 1; // errors, but handled } // Check for too many parameters on the command line if (argc > NARGV) { ods_log_warning("[%s] too many arguments for %s command", module_str,scmd); ods_printf(sockfd,"too many arguments\n"); help_keystate_ds_seen_cmd(sockfd); return 1; // errors, but handled } // Either no option or combi of zone & cka_id or zone & keytag needs to be // present. But not both cka_id and keytag uint16_t nkeytag = 0; if (zone || cka_id || keytag) { if (!zone) { ods_log_warning("[%s] expected option --zone <zone> for %s command", module_str,scmd); ods_printf(sockfd,"expected --zone <zone> option\n"); help_keystate_ds_seen_cmd(sockfd); return 1; // errors, but handled } if (!cka_id && !keytag) { ods_log_warning("[%s] expected option --cka_id <cka_id> or " "--keytag <keytag> for %s command", module_str,scmd); ods_printf(sockfd,"expected --cka_id <cka_id> or " "--keytag <keytag> option\n"); help_keystate_ds_seen_cmd(sockfd); return 1; // errors, but handled } else { if (cka_id && keytag) { ods_log_warning("[%s] both --cka_id <cka_id> and --keytag <keytag> given, " "please only specify one for %s command", module_str,scmd); ods_printf(sockfd, "both --cka_id <cka_id> and --keytag <keytag> given, " "please only specify one\n"); help_keystate_ds_seen_cmd(sockfd); return 1; // errors, but handled } } if (keytag) { int kt = atoi(keytag); if (kt<=0 || kt>=65536) { ods_log_warning("[%s] value \"%s\" for --keytag is invalid", module_str,keytag); ods_printf(sockfd, "value \"%s\" for --keytag is invalid\n", keytag); return 1; // errors, but handled } nkeytag = (uint16_t )kt; } } time_t tstart = time(NULL); perform_keystate_ds_seen(sockfd,engine->config,zone,cka_id,nkeytag); ods_printf(sockfd,"%s completed in %ld seconds.\n",scmd,time(NULL)-tstart); flush_enforce_task(engine); return 1; }
static int run(int sockfd, engine_type* engine, const char *cmd, ssize_t n, db_connection_t *dbconn) { char buf[ODS_SE_MAXLINE]; #define NARGV 12 const char *argv[NARGV]; int success, argIndex; int argc, bVerbose, bDebug, bParsable, bAll; char* keytypeParam; char* keystateParam; const char* filterZone; /* NULL if no filtering on zone, otherwise zone to match */ char** filterKeytype; /* NULL if no filtering on key type, NULL terminated list of key types to filter */ char** filterKeystate; /* NULL if no filtering on key state, NULL terminated list of key states to filter */ (void) engine; ods_log_debug("[%s] %s command", module_str, key_list_funcblock()->cmdname); cmd = ods_check_command(cmd, n, key_list_funcblock()->cmdname); /* Use buf as an intermediate buffer for the command. */ strncpy(buf, cmd, sizeof (buf)); buf[sizeof (buf) - 1] = '\0'; /* separate the arguments */ argc = ods_str_explode(buf, NARGV, argv); if (argc > NARGV) { ods_log_warning("[%s] too many arguments for %s command", module_str, key_list_funcblock()->cmdname); client_printf(sockfd, "too many arguments\n"); return -1; } bVerbose = ods_find_arg(&argc, argv, "verbose", "v") != -1; bDebug = ods_find_arg(&argc, argv, "debug", "d") != -1; bParsable = ods_find_arg(&argc, argv, "parsable", "p") != -1; if ((argIndex = ods_find_arg_and_param(&argc, argv, "zone", "z", &filterZone)) == -1) { filterZone = NULL; } if (ods_find_arg_and_param(&argc, argv, "keytype", "k", (const char **)&keytypeParam) == -1) { keytypeParam = NULL; } if (ods_find_arg_and_param(&argc, argv, "keystate", "e", (const char **)&keystateParam) == -1) { keystateParam = NULL; } bAll = (ods_find_arg(&argc, argv, "all", "a") != -1); if (keystateParam != NULL && bAll) { client_printf(sockfd, "Error: --keystate and --all option cannot be given together\n"); return -1; } if (argc) { ods_log_warning("[%s] unknown arguments for %s command", module_str, key_list_funcblock()->cmdname); client_printf(sockfd, "unknown arguments\n"); return -1; } if (keytypeParam) filterKeytype = tokenizeparam(keytypeParam); else filterKeytype = NULL; if (keystateParam) { filterKeystate = tokenizeparam(keystateParam); } else filterKeystate = NULL; if (bAll) { if (filterKeystate != NULL) { free(filterKeystate); } filterKeystate = NULL; } else if(filterKeystate == NULL) { if ((filterKeystate = malloc(sizeof (char*) * 6))) { filterKeystate[0] = (char *)"publish"; filterKeystate[1] = (char *)"ready"; filterKeystate[2] = (char *)"active"; filterKeystate[3] = (char *)"retire"; filterKeystate[4] = (char *)"mixed"; filterKeystate[5] = NULL; } /* else emit error */ } if (bDebug) { if (bParsable) { success = perform_keystate_list(sockfd, dbconn, filterZone, filterKeytype, filterKeystate, NULL, &printdebugparsablekey); } else { success = perform_keystate_list(sockfd, dbconn, filterZone, filterKeytype, filterKeystate, &printdebugheader, &printdebugkey); } } else if (bVerbose) { if (bParsable) { success = perform_keystate_list(sockfd, dbconn, filterZone, filterKeytype, filterKeystate, NULL, &printverboseparsablekey); } else { success = perform_keystate_list(sockfd, dbconn, filterZone, filterKeytype, filterKeystate, &printverboseheader, &printverbosekey); } } else { success = perform_keystate_list(sockfd, dbconn, filterZone, filterKeytype, filterKeystate, &printcompatheader, &printcompatkey); } if (filterKeytype) free(filterKeytype); if (filterKeystate) free(filterKeystate); return success; }
static int handles(const char *cmd, ssize_t n) { return ods_check_command(cmd, n, signconf_funcblock()->cmdname) ? 1 : 0; }