1 /*
2  * Copyright (c) 2011 Surfnet
3  * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation).
4  * Copyright (c) 2011 OpenDNSSEC AB (svb)
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
22  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
24  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27  *
28  */
29 
30 #include "config.h"
31 
32 #include <pthread.h>
33 
34 #include "cmdhandler.h"
35 #include "daemon/enforcercommands.h"
36 #include "str.h"
37 #include "log.h"
38 #include "file.h"
39 #include "daemon/engine.h"
40 #include "clientpipe.h"
41 #include "daemon/cfg.h"
42 #include "parser/confparser.h"
43 #include "status.h"
44 #include "utils/kc_helper.h"
45 #include "daemon/engine.h"
46 #include "libhsm.h"
47 
48 #include "enforcer/update_repositorylist_cmd.h"
49 
50 static const char *module_str = "update_repositorylist_cmd";
51 
52 /* 0 succes, 1 error */
53 static int
validate_configfile(const char * cfgfile)54 validate_configfile(const char* cfgfile)
55 {
56 	char *kasp = NULL, *zonelist = NULL, **replist = NULL;
57 	int repcount, i;
58 	int cc_status = check_conf(cfgfile, &kasp, &zonelist, &replist,
59 		&repcount, 0);
60 	free(kasp);
61 	free(zonelist);
62 	if (replist) for (i = 0; i < repcount; i++) free(replist[i]);
63 	free(replist);
64 	return cc_status;
65 }
66 
67 /**
68  * Update the repositorylist
69  * \param sockfd. Client to print to.
70  * \param engine. Main daemon state
71  * \return 1 on success, 0 on failure.
72  */
73 static int
perform_update_repositorylist(int sockfd,engine_type * engine)74 perform_update_repositorylist(int sockfd, engine_type* engine)
75 {
76 	const char* cfgfile = ODS_SE_CFGFILE;
77 	int status = 1;
78 	hsm_repository_t* new_reps;
79 
80 	if (validate_configfile(cfgfile)) {
81 		ods_log_error_and_printf(sockfd, module_str,
82 			"Unable to validate '%s' consistency.", cfgfile);
83 		return 0;
84 	}
85 
86 	/* key gen tasks must be stopped, hsm connections must be closed
87 	 * easiest way is to stop all workers,  */
88 	pthread_mutex_lock(&engine->signal_lock);
89 		/** we have got the lock, daemon thread is not going anywhere
90 		 * we can safely stop all workers */
91 		engine_stop_workers(engine);
92 		new_reps = parse_conf_repositories(cfgfile);
93 		if (!new_reps) {
94 			/* revert */
95 			status = 0;
96 			client_printf(sockfd, "Could not load new repositories. Will continue with old.\n");
97 		} else {
98 			/* succes */
99             hsm_repository_free(engine->config->repositories);
100 			engine->config->repositories = new_reps;
101 			engine->need_to_reload = 1;
102 			client_printf(sockfd, "new repositories parsed successful.\n");
103 			client_printf(sockfd, "Notifying enforcer of new respositories.\n");
104 			/* kick daemon thread so it will reload the hsms */
105 			pthread_cond_signal(&engine->signal_cond);
106 		}
107 		engine_start_workers(engine);
108 	pthread_mutex_unlock(&engine->signal_lock);
109 	return status;
110 }
111 
112 static void
usage(int sockfd)113 usage(int sockfd)
114 {
115 	client_printf(sockfd,
116 		"update repositorylist\n");
117 }
118 
119 static void
help(int sockfd)120 help(int sockfd)
121 {
122 	client_printf(sockfd,
123 		"Import respositories from conf.xml into the enforcer.\n\n");
124 }
125 
126 static int
run(int sockfd,cmdhandler_ctx_type * context,const char * cmd)127 run(int sockfd, cmdhandler_ctx_type* context, const char *cmd)
128 {
129         engine_type* engine = getglobalcontext(context);
130         (void)cmd;
131 	ods_log_debug("[%s] %s command", module_str,
132 		update_repositorylist_funcblock.cmdname);
133 
134 	if (!perform_update_repositorylist(sockfd, engine)) {
135 		ods_log_error_and_printf(sockfd, module_str,
136 			"unable to update repositorylist.");
137 		return 1;
138 	}
139 	return 0;
140 }
141 
142 struct cmd_func_block update_repositorylist_funcblock = {
143 	"update repositorylist", &usage, &help, NULL, &run
144 };
145