1 /*
2 * Copyright (c) 2011 Surfnet
3 * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation).
4 * Copyright (c) 2011 OpenDNSSEC AB (svb)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
22 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
24 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 *
28 */
29
30 #include "config.h"
31
32 #include <pthread.h>
33
34 #include "cmdhandler.h"
35 #include "daemon/enforcercommands.h"
36 #include "str.h"
37 #include "log.h"
38 #include "file.h"
39 #include "daemon/engine.h"
40 #include "clientpipe.h"
41 #include "daemon/cfg.h"
42 #include "parser/confparser.h"
43 #include "status.h"
44 #include "utils/kc_helper.h"
45 #include "daemon/engine.h"
46 #include "libhsm.h"
47
48 #include "enforcer/update_repositorylist_cmd.h"
49
50 static const char *module_str = "update_repositorylist_cmd";
51
52 /* 0 succes, 1 error */
53 static int
validate_configfile(const char * cfgfile)54 validate_configfile(const char* cfgfile)
55 {
56 char *kasp = NULL, *zonelist = NULL, **replist = NULL;
57 int repcount, i;
58 int cc_status = check_conf(cfgfile, &kasp, &zonelist, &replist,
59 &repcount, 0);
60 free(kasp);
61 free(zonelist);
62 if (replist) for (i = 0; i < repcount; i++) free(replist[i]);
63 free(replist);
64 return cc_status;
65 }
66
67 /**
68 * Update the repositorylist
69 * \param sockfd. Client to print to.
70 * \param engine. Main daemon state
71 * \return 1 on success, 0 on failure.
72 */
73 static int
perform_update_repositorylist(int sockfd,engine_type * engine)74 perform_update_repositorylist(int sockfd, engine_type* engine)
75 {
76 const char* cfgfile = ODS_SE_CFGFILE;
77 int status = 1;
78 hsm_repository_t* new_reps;
79
80 if (validate_configfile(cfgfile)) {
81 ods_log_error_and_printf(sockfd, module_str,
82 "Unable to validate '%s' consistency.", cfgfile);
83 return 0;
84 }
85
86 /* key gen tasks must be stopped, hsm connections must be closed
87 * easiest way is to stop all workers, */
88 pthread_mutex_lock(&engine->signal_lock);
89 /** we have got the lock, daemon thread is not going anywhere
90 * we can safely stop all workers */
91 engine_stop_workers(engine);
92 new_reps = parse_conf_repositories(cfgfile);
93 if (!new_reps) {
94 /* revert */
95 status = 0;
96 client_printf(sockfd, "Could not load new repositories. Will continue with old.\n");
97 } else {
98 /* succes */
99 hsm_repository_free(engine->config->repositories);
100 engine->config->repositories = new_reps;
101 engine->need_to_reload = 1;
102 client_printf(sockfd, "new repositories parsed successful.\n");
103 client_printf(sockfd, "Notifying enforcer of new respositories.\n");
104 /* kick daemon thread so it will reload the hsms */
105 pthread_cond_signal(&engine->signal_cond);
106 }
107 engine_start_workers(engine);
108 pthread_mutex_unlock(&engine->signal_lock);
109 return status;
110 }
111
112 static void
usage(int sockfd)113 usage(int sockfd)
114 {
115 client_printf(sockfd,
116 "update repositorylist\n");
117 }
118
119 static void
help(int sockfd)120 help(int sockfd)
121 {
122 client_printf(sockfd,
123 "Import respositories from conf.xml into the enforcer.\n\n");
124 }
125
126 static int
run(int sockfd,cmdhandler_ctx_type * context,const char * cmd)127 run(int sockfd, cmdhandler_ctx_type* context, const char *cmd)
128 {
129 engine_type* engine = getglobalcontext(context);
130 (void)cmd;
131 ods_log_debug("[%s] %s command", module_str,
132 update_repositorylist_funcblock.cmdname);
133
134 if (!perform_update_repositorylist(sockfd, engine)) {
135 ods_log_error_and_printf(sockfd, module_str,
136 "unable to update repositorylist.");
137 return 1;
138 }
139 return 0;
140 }
141
142 struct cmd_func_block update_repositorylist_funcblock = {
143 "update repositorylist", &usage, &help, NULL, &run
144 };
145