30 #include "clientpipe.h"
41 #include <libxml/parser.h>
42 #include <libxml/tree.h>
63 for (policy_key_db = *policy_keys_db; policy_key_db; policy_key_db = *policy_keys_db) {
64 *policy_keys_db = policy_key_db->
next;
70 for (policy_key_xml = *policy_keys_xml; policy_key_xml; policy_key_xml = *policy_keys_xml) {
71 *policy_keys_xml = policy_key_xml->
next;
76 policy_key_xml = *policy_keys_xml;
78 for (policy2 = *policies; policy2; policy2 = *policies) {
79 *policies = policy2->
next;
85 static int check_duplicated_policy_keys(
db_connection_t *dbconn, xmlNodePtr node) {
89 size_t count = 0, i, j, found;
95 for (node2 = node->children; node2; node2 = node2->next) {
96 if (node2->type != XML_ELEMENT_NODE) {
99 if (strcmp((
char*)node2->name,
"Keys")) {
103 for (node3 = node2->children; node3; node3 = node3->next) {
104 if (node3->type != XML_ELEMENT_NODE) {
107 if (strcmp((
char*)node3->name,
"KSK")
108 && strcmp((
char*)node3->name,
"ZSK")
109 && strcmp((
char*)node3->name,
"CSK"))
125 if (!(keys = (xmlNodePtr*)calloc(count,
sizeof(xmlNodePtr)))) {
128 for (i = 0, node2 = node->children; node2; node2 = node2->next) {
129 if (node2->type != XML_ELEMENT_NODE) {
132 if (strcmp((
char*)node2->name,
"Keys")) {
136 for (node3 = node2->children; node3; node3 = node3->next) {
137 if (node3->type != XML_ELEMENT_NODE) {
140 if (strcmp((
char*)node3->name,
"KSK")
141 && strcmp((
char*)node3->name,
"ZSK")
142 && strcmp((
char*)node3->name,
"CSK"))
171 for (found = 0, i = 0; i < count && !found; i++) {
177 for (j = i + 1; j < count && !found; j++) {
200 xmlNodePtr real_root;
217 int database_error = 0;
219 char **repositories = NULL;
220 int repository_count = 0;
221 hsm_repository_t* hsm;
249 client_printf_err(sockfd,
"Unable to fetch all the current policies in the database!\n");
256 client_printf_err(sockfd,
"Memory allocation error!\n");
261 for (policy2 = policies; policy2; policy2 = policies) {
263 policies = policy2->
next;
269 policy2->
next = policies;
280 if (!(repositories = calloc(repository_count,
sizeof(
char*)))) {
281 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
285 repositories[i] = hsm->name;
292 client_printf_err(sockfd,
"Unable to validate the KASP XML, please run ods-kaspcheck for more details!\n");
296 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
305 client_printf_err(sockfd,
"Unable to read/parse KASP XML file %s!\n",
307 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
311 if (!(real_root = xmlDocGetRootElement(doc))) {
312 client_printf_err(sockfd,
"Unable to get the root element in the KASP XML!\n");
314 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
321 for (root = real_root; root; root = root->next) {
322 if (root->type != XML_ELEMENT_NODE) {
326 if (!strcmp((
char*)root->name,
"KASP")) {
327 for (node = root->children; node; node = node->next) {
328 if (node->type != XML_ELEMENT_NODE) {
331 if (strcmp((
char*)node->name,
"Policy")) {
335 if (!(
name = xmlGetProp(node, (
const xmlChar*)
"name"))) {
336 client_printf_err(sockfd,
"Invalid Policy element in KASP XML!\n");
338 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
342 if (check_duplicated_policy_keys(dbconn, node)) {
343 client_printf_err(sockfd,
"Duplicated Policy Key elements in KASP XML is not allowed!\n");
346 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
357 for (root = real_root; root; root = root->next) {
358 if (root->type != XML_ELEMENT_NODE) {
362 if (!strcmp((
char*)root->name,
"KASP")) {
363 for (node = root->children; node; node = node->next) {
364 if (node->type != XML_ELEMENT_NODE) {
367 if (strcmp((
char*)node->name,
"Policy")) {
371 if (!(
name = xmlGetProp(node, (
const xmlChar*)
"name"))) {
372 client_printf_err(sockfd,
"Invalid Policy element in KASP XML!\n");
374 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
379 client_printf_err(sockfd,
"Memory allocation error!\n");
382 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
392 client_printf_err(sockfd,
393 "Unable to create policy %s from XML, XML content may be invalid!\n",
402 client_printf_err(sockfd,
403 "Unable to create policy %s in the database!\n",
412 client_printf_err(sockfd,
413 "Unable to get policy %s from the database after creation, the policy may be corrupt in the database now!\n",
425 for (node2 = node->children; node2; node2 = node2->next) {
426 if (node2->type != XML_ELEMENT_NODE) {
429 if (strcmp((
char*)node2->name,
"Keys")) {
433 for (node3 = node2->children; node3; node3 = node3->next) {
434 if (node3->type != XML_ELEMENT_NODE) {
437 if (strcmp((
char*)node3->name,
"KSK")
438 && strcmp((
char*)node3->name,
"ZSK")
439 && strcmp((
char*)node3->name,
"CSK"))
448 client_printf_err(sockfd,
"Memory allocation error!\n");
453 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
457 client_printf_err(sockfd,
458 "Unable to create %s key for policy %s from XML!\n",
459 (
char*)node3->name, (
char*)
name);
468 client_printf_err(sockfd,
469 "Unable to create %s key for policy %s in the database, the policy is not complete in the database now!\n",
470 (
char*)node3->name, (
char*)
name);
481 ods_log_info(
"[policy_import] policy %s created", (
char*)
name);
482 client_printf(sockfd,
"Created policy %s successfully\n", (
char*)
name);
490 for (policy2 = policies; policy2; policy2 = policy2->
next) {
494 if (!strcmp(policy2->
name, (
char*)
name)) {
507 client_printf_err(sockfd,
508 "Unable to retrieve policy keys for policy %s, unknown database error!\n",
520 for (policy_key_db = policy_keys_db; policy_key_db; policy_key_db = policy_keys_db) {
521 policy_keys_db = policy_key_db->
next;
529 while (policy_key2) {
534 client_printf_err(sockfd,
"Memory allocation or internal error!\n");
543 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
547 policy_key_db->
next = policy_keys_db;
548 policy_keys_db = policy_key_db;
559 client_printf_err(sockfd,
560 "Unable to update policy %s from XML, XML content may be invalid!\n",
576 for (policy_key_xml = policy_keys_xml; policy_key_xml; policy_key_xml = policy_keys_xml) {
577 policy_keys_xml = policy_key_xml->
next;
581 free(policy_key_xml);
582 policy_key_xml = policy_keys_xml;
586 for (node2 = node->children; node2; node2 = node2->next) {
587 if (node2->type != XML_ELEMENT_NODE) {
590 if (strcmp((
char*)node2->name,
"Keys")) {
594 for (node3 = node2->children; node3; node3 = node3->next) {
595 if (node3->type != XML_ELEMENT_NODE) {
598 if (strcmp((
char*)node3->name,
"KSK")
599 && strcmp((
char*)node3->name,
"ZSK")
600 && strcmp((
char*)node3->name,
"CSK"))
608 client_printf_err(sockfd,
"Memory allocation or internal error!\n");
612 free(policy_key_xml);
616 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
623 client_printf_err(sockfd,
624 "Unable to create %s key for policy %s from XML, XML content may be invalid!\n",
625 (
char*)node3->name, (
char*)
name);
630 free(policy_key_xml);
635 policy_key_xml->
next = policy_keys_xml;
636 policy_keys_xml = policy_key_xml;
641 client_printf_err(sockfd,
642 "Unable to update policy %s from XML because of previous policy key error!\n",
655 policy_key_xml = policy_keys_xml;
656 while (policy_key_xml) {
658 policy_key_xml = policy_key_xml->
next;
662 policy_key_db = policy_keys_db;
663 while (policy_key_db) {
665 policy_key_db = policy_key_db->
next;
675 policy_key_db = policy_key_db->
next;
678 policy_key_xml = policy_key_xml->
next;
688 policy_key_xml = policy_keys_xml;
689 while (policy_key_xml) {
691 policy_key_xml = policy_key_xml->
next;
698 client_printf_err(sockfd,
699 "Unable to create %s key for policy %s in database!\n",
707 policy_key_xml = policy_key_xml->
next;
711 client_printf_err(sockfd,
712 "Unable to update policy %s in the database because of previous policy key creation error, policy is not complete in the database now!\n",
724 policy_key_db = policy_keys_db;
725 while (policy_key_db) {
727 policy_key_db = policy_key_db->
next;
734 client_printf_err(sockfd,
735 "Unable to delete %s key for policy %s from database!\n",
743 policy_key_db = policy_key_db->
next;
747 client_printf_err(sockfd,
748 "Unable to update policy %s in the database because of previous policy key deletion error, policy is invalid in the database now!\n",
761 client_printf_err(sockfd,
"Unable to update policy %s in database!\n",
769 ods_log_info(
"[policy_import] policy %s updated", (
char*)
name);
770 client_printf(sockfd,
"Updated policy %s successfully\n",
774 else if (keys_updated) {
775 ods_log_info(
"[policy_import] policy %s updated", (
char*)
name);
776 client_printf(sockfd,
"Updated policy %s successfully\n",
781 client_printf(sockfd,
"Policy %s already up-to-date\n",
796 for (policy2 = policies; policy2; policy2 = policy2->
next) {
802 client_printf_err(sockfd,
"Memory allocation error!\n");
804 for (policy2 = policies; policy2; policy2 = policies) {
806 policies = policy2->
next;
809 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
819 client_printf_err(sockfd,
"Unable to check for zones using policy %s from database!\n", policy2->
name);
826 client_printf_err(sockfd,
"Unable to delete policy %s, there are still zones using this policy!\n", policy2->
name);
833 client_printf_err(sockfd,
"Unable to check for hsm keys using policy %s from database!\n", policy2->
name);
840 client_printf_err(sockfd,
"Unable to delete policy %s, there are still hsm keys using this policy!\n", policy2->
name);
851 client_printf_err(sockfd,
"Unable to get policy keys for policy %s from database!\n", policy2->
name);
872 client_printf_err(sockfd,
"Unable to delete policy %s from database!\n", policy2->
name);
878 ods_log_info(
"[policy_import] policy %s deleted", policy2->
name);
879 client_printf(sockfd,
"Deleted policy %s successfully\n", policy2->
name);
882 client_printf_err(sockfd,
"Unable to delete policy %s from database!\n", policy2->
name);
893 __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies);
895 if (database_error) {
const hsm_key_t * hsm_key_list_next(hsm_key_list_t *hsm_key_list)
hsm_key_list_t * hsm_key_list_new_get_by_policy_id(const db_connection_t *connection, const db_value_t *policy_id)
void hsm_key_list_free(hsm_key_list_t *hsm_key_list)
int hsm_key_factory_schedule_generate_all(engine_type *engine, time_t duration)
int check_kasp(const char *kasp, char **repo_list, int repo_count, int verbose, char ***policy_names_out, int *policy_count_out)
const char * policy_name(const policy_t *policy)
const policy_t * policy_list_next(policy_list_t *policy_list)
void policy_list_free(policy_list_t *policy_list)
policy_list_t * policy_list_new_get(const db_connection_t *connection)
const db_value_t * policy_id(const policy_t *policy)
int policy_get_by_name(policy_t *policy, const char *name)
int policy_create(policy_t *policy)
int policy_delete(policy_t *policy)
void policy_free(policy_t *policy)
int policy_update(policy_t *policy)
policy_t * policy_new(const db_connection_t *connection)
int policy_update_from_xml(policy_t *policy, xmlNodePtr policy_node, int *updated)
int policy_create_from_xml(policy_t *policy, xmlNodePtr policy_node)
int policy_import(int sockfd, engine_type *engine, db_connection_t *dbconn, int do_delete)
#define POLICY_IMPORT_ERR_ARGS
#define POLICY_IMPORT_ERR_DATABASE
#define POLICY_IMPORT_ERR_MEMORY
#define POLICY_IMPORT_ERR_XML
void policy_key_reset(policy_key_t *policy_key)
policy_key_list_t * policy_key_list_new(const db_connection_t *connection)
policy_key_t * policy_key_list_get_next(policy_key_list_t *policy_key_list)
int policy_key_copy(policy_key_t *policy_key, const policy_key_t *policy_key_copy)
int policy_key_cmp(const policy_key_t *policy_key_a, const policy_key_t *policy_key_b)
int policy_key_delete(policy_key_t *policy_key)
const policy_key_t * policy_key_list_next(policy_key_list_t *policy_key_list)
void policy_key_list_free(policy_key_list_t *policy_key_list)
void policy_key_free(policy_key_t *policy_key)
const char * policy_key_role_text(const policy_key_t *policy_key)
int policy_key_set_policy_id(policy_key_t *policy_key, const db_value_t *policy_id)
policy_key_t * policy_key_new(const db_connection_t *connection)
int policy_key_create(policy_key_t *policy_key)
policy_key_list_t * policy_key_list_new_get_by_policy_id(const db_connection_t *connection, const db_value_t *policy_id)
int policy_key_list_get_by_policy_id(policy_key_list_t *policy_key_list, const db_value_t *policy_id)
int policy_key_create_from_xml(policy_key_t *policy_key, xmlNodePtr key_node)
void signconf_task_flush_all(engine_type *engine, db_connection_t *dbconn)
struct __policy_import_policy_key * next
policy_key_t * policy_key
struct __policy_import_policy * next
engineconfig_type * config
const char * policy_filename
hsm_repository_t * repositories
zone_list_db_t * zone_list_db_new_get_by_policy_id(const db_connection_t *connection, const db_value_t *policy_id)
const zone_db_t * zone_list_db_next(zone_list_db_t *zone_list)
void zone_list_db_free(zone_list_db_t *zone_list)