diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-09-26 11:33:02 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-10-05 13:32:21 +0900 |
commit | d7e2f7b9d58f60d0006fd9d78d543183ab233854 (patch) | |
tree | eb37bfacadfbe2c586e45efce04d22830bfc15e6 | |
parent | cde8ff37deb66bb879b1a8b761c7b9d28a715116 (diff) | |
download | cert-svc-d7e2f7b9d58f60d0006fd9d78d543183ab233854.tar.gz cert-svc-d7e2f7b9d58f60d0006fd9d78d543183ab233854.tar.bz2 cert-svc-d7e2f7b9d58f60d0006fd9d78d543183ab233854.zip |
Add static db for refine build performance
* certs-meta.db is not modified until ca-certificates be updated.
* So, check ca-certificates digest and install static db.
Change-Id: I99f217afffae70bd3d657de8109abdb10c0b0db1
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | etc/CMakeLists.txt | 62 | ||||
-rw-r--r-- | etc/db/CMakeLists.txt | 83 | ||||
-rwxr-xr-x | etc/db/cert_svc_create_clean_store_db.sh (renamed from etc/cert_svc_create_clean_store_db.sh) | 0 | ||||
-rw-r--r-- | etc/db/cert_svc_store_db.sql (renamed from etc/cert_svc_store_db.sql) | 0 | ||||
-rwxr-xr-x | etc/db/check_ca_bundle_digest.sh | 4 | ||||
-rwxr-xr-x | etc/db/initialize_store_db.sh (renamed from etc/initialize_store_db.sh) | 0 | ||||
-rw-r--r-- | etc/db/resource/certs-meta-0.0.3.db | bin | 0 -> 520192 bytes |
7 files changed, 110 insertions, 39 deletions
diff --git a/etc/CMakeLists.txt b/etc/CMakeLists.txt index d145ae9..e463be2 100644 --- a/etc/CMakeLists.txt +++ b/etc/CMakeLists.txt @@ -1,44 +1,28 @@ -SET(ETC_DIR ${CMAKE_CURRENT_SOURCE_DIR}) - -INSTALL(FILES - ${ETC_DIR}/schema.xsd - DESTINATION ${CERT_SVC_RO_PATH} - ) - -MESSAGE("Add ssl table to certs-meta.db") - -EXECUTE_PROCESS( - COMMAND - ${ETC_DIR}/cert_svc_create_clean_store_db.sh - ${ETC_DIR}/cert_svc_store_db.sql - ${ETC_DIR}/certs-meta.db - RESULT_VARIABLE ERROR_CODE - ) +# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Kyungwook tak (k.tak@samsung.com) +# @author Sangwan Kwon (sangwan.kwon@samsung.com) +# -IF (ERROR_CODE) - MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to create clean store db") -ENDIF (ERROR_CODE) - -EXECUTE_PROCESS( - COMMAND - ${ETC_DIR}/initialize_store_db.sh - ${ETC_DIR}/certs-meta.db - ${TZ_SYS_CA_CERTS} - RESULT_VARIABLE ERROR_CODE - ) - -IF (ERROR_CODE) - MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to initialize store db") -ENDIF (ERROR_CODE) - -INSTALL(FILES - ${ETC_DIR}/certs-meta.db - DESTINATION ${CERT_SVC_DB_PATH} - ) +SET(ETC_DIR ${CMAKE_CURRENT_SOURCE_DIR}) INSTALL(FILES - ${ETC_DIR}/certs-meta.db - DESTINATION ${UPGRADE_DATA_PATH} - ) + ${ETC_DIR}/schema.xsd + DESTINATION ${CERT_SVC_RO_PATH} +) +ADD_SUBDIRECTORY(db) ADD_SUBDIRECTORY(upgrade) diff --git a/etc/db/CMakeLists.txt b/etc/db/CMakeLists.txt new file mode 100644 index 0000000..58e0525 --- /dev/null +++ b/etc/db/CMakeLists.txt @@ -0,0 +1,83 @@ +# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Kyungwook tak (k.tak@samsung.com) +# @author Sangwan Kwon (sangwan.kwon@samsung.com) +# + +SET(PWD ${CMAKE_CURRENT_SOURCE_DIR}) +SET(CA_BUNDLE_DIGEST "c1518dfd686541282f9095c48d297413") + +EXECUTE_PROCESS( + COMMAND + ${PWD}/check_ca_bundle_digest.sh + ${TZ_SYS_CA_BUNDLE} + OUTPUT_VARIABLE CURRENT_DIGEST + ) + +IF (${CURRENT_DIGEST} STREQUAL ${CA_BUNDLE_DIGEST}) + MESSAGE("ca-certificate digest is match with static db.") + + INSTALL(FILES + resource/certs-meta-0.0.3.db + DESTINATION ${CERT_SVC_DB_PATH} + RENAME certs-meta.db + ) + + INSTALL(FILES + resource/certs-meta-0.0.3.db + DESTINATION ${UPGRADE_DATA_PATH} + RENAME certs-meta.db + ) + +ELSE (${CURRENT_DIGEST} STREQUAL ${CA_BUNDLE_DIGEST}) + MESSAGE("${CURRENT_DIGEST} digest is not match with static db.") + MESSAGE("Add ssl table to certs-meta.db") + + EXECUTE_PROCESS( + COMMAND + ${PWD}/cert_svc_create_clean_store_db.sh + ${PWD}/cert_svc_store_db.sql + ${PWD}/certs-meta.db + RESULT_VARIABLE ERROR_CODE + ) + + IF (ERROR_CODE) + MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to create clean store db") + ENDIF (ERROR_CODE) + + EXECUTE_PROCESS( + COMMAND + ${PWD}/initialize_store_db.sh + ${PWD}/certs-meta.db + ${TZ_SYS_CA_CERTS} + RESULT_VARIABLE ERROR_CODE + ) + + IF (ERROR_CODE) + MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to initialize store db") + ENDIF (ERROR_CODE) + + INSTALL(FILES + ${PWD}/certs-meta.db + DESTINATION ${CERT_SVC_DB_PATH} + ) + + INSTALL(FILES + ${PWD}/certs-meta.db + DESTINATION ${UPGRADE_DATA_PATH} + ) + +ENDIF (${CURRENT_DIGEST} STREQUAL ${CA_BUNDLE_DIGEST}) diff --git a/etc/cert_svc_create_clean_store_db.sh b/etc/db/cert_svc_create_clean_store_db.sh index fa45234..fa45234 100755 --- a/etc/cert_svc_create_clean_store_db.sh +++ b/etc/db/cert_svc_create_clean_store_db.sh diff --git a/etc/cert_svc_store_db.sql b/etc/db/cert_svc_store_db.sql index b0ef682..b0ef682 100644 --- a/etc/cert_svc_store_db.sql +++ b/etc/db/cert_svc_store_db.sql diff --git a/etc/db/check_ca_bundle_digest.sh b/etc/db/check_ca_bundle_digest.sh new file mode 100755 index 0000000..e435656 --- /dev/null +++ b/etc/db/check_ca_bundle_digest.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +CA_BUNDLE=$1 +openssl md5 $CA_BUNDLE | cut -f 2 -d ' ' | tr -d '\n' diff --git a/etc/initialize_store_db.sh b/etc/db/initialize_store_db.sh index 3d1fd63..3d1fd63 100755 --- a/etc/initialize_store_db.sh +++ b/etc/db/initialize_store_db.sh diff --git a/etc/db/resource/certs-meta-0.0.3.db b/etc/db/resource/certs-meta-0.0.3.db Binary files differnew file mode 100644 index 0000000..b77ba03 --- /dev/null +++ b/etc/db/resource/certs-meta-0.0.3.db |