diff options
author | Janusz Kozerski <j.kozerski@samsung.com> | 2015-05-15 14:11:30 +0200 |
---|---|---|
committer | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2015-05-27 13:20:03 +0200 |
commit | e1301082a4c40852dde8500b18bb2f3df88fac8f (patch) | |
tree | c7d75759c71082187877437b92afb3caefd8b7b5 | |
parent | cd3abbff7768fc93a4b7f045fa040ccf0a418e27 (diff) | |
download | cert-checker-e1301082a4c40852dde8500b18bb2f3df88fac8f.tar.gz cert-checker-e1301082a4c40852dde8500b18bb2f3df88fac8f.tar.bz2 cert-checker-e1301082a4c40852dde8500b18bb2f3df88fac8f.zip |
Add classes: Logic, App_t. Add journal loging support
Class Logic has only dbus callbacks implemetation (package-manager,
connman), beside it it's empty implementation.
Verification:
1) Build cert-checker with debug, and install on emulator.
2) Run cert-checker - do it in emulator UI console (not via ssh).
3) On other console in emulator UI run command:
journalctl -f | grep cert-checker
- to see the logs.
4) On third console turn on and off offline mode on device:
/usr/sbin/connmanctl enable offline
/usr/sbin/connmanctl disable offline
5) You should see logs from cert-checker in journal
6) Install any app to check if package-manager signal works in cert-checker:
pkgcmd -i -t wgt -p /usr/share/widget_demo/go.wgt -q
7) Check if logs are present.
Change-Id: Ic7d6fc4f47ca9ced18744ad8a77f8516b75304e3
-rw-r--r-- | CMakeLists.txt | 60 | ||||
-rw-r--r-- | LICENSE | 203 | ||||
-rw-r--r-- | packaging/cert-checker.spec | 46 | ||||
-rw-r--r-- | src/CMakeLists.txt | 34 | ||||
-rw-r--r-- | src/app.cpp | 54 | ||||
-rw-r--r-- | src/cert-checker.cpp | 47 | ||||
-rw-r--r-- | src/include/app.h | 51 | ||||
-rw-r--r-- | src/include/logic.h | 80 | ||||
-rw-r--r-- | src/log/log.cpp | 49 | ||||
-rw-r--r-- | src/log/log.h | 86 | ||||
-rw-r--r-- | src/logic.cpp | 213 |
11 files changed, 923 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..1a4ed07 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,60 @@ +# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Janusz Kozerski <j.kozerski@samsung.com> +# @brief +# + +############################# Check minimum CMake version ##################### + +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) +PROJECT("cert-checker") + +############################# cmake packages ################################## + +INCLUDE(FindPkgConfig) + +############################# defines ################################## + +SET(PREFIX ${CMAKE_INSTALL_PREFIX}) +SET(BINDIR "${PREFIX}/bin") +SET(RESDIR "${PREFIX}/res") +SET(LOCALEDIR "${RESDIR}/locale") + +############################# compiler flags ################################## + +SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++0x -O0 -pg -Wp,-U_FORTIFY_SOURCE") +SET(CMAKE_C_FLAGS_DEBUG "-g -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") +SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++0x -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") +SET(CMAKE_C_FLAGS_RELEASE "-g -O2") +SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2") +SET(CMAKE_CXX_FLAGS_CCOV "-g -std=c++0x -O2 --coverage") + +# Set compiler warning flags +ADD_DEFINITIONS("-Werror") # Make all warnings into errors. +ADD_DEFINITIONS("-Wall") # Generate all warnings +ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings +ADD_DEFINITIONS("-fvisibility=hidden -fPIE") # Hide symbols by default + +# Pass project name to sources +ADD_DEFINITIONS("-DPROJECT_NAME=\"${PROJECT_NAME}\"") + +IF (CMAKE_BUILD_TYPE MATCHES "DEBUG") + ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG") +ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG") + +SET(TARGET_CERT_CHECKER "cert-checker") + +ADD_SUBDIRECTORY(src) @@ -0,0 +1,203 @@ +Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved. + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packaging/cert-checker.spec b/packaging/cert-checker.spec new file mode 100644 index 0000000..224e5bf --- /dev/null +++ b/packaging/cert-checker.spec @@ -0,0 +1,46 @@ +Name: cert-checker +Summary: OCSP checking on application installation +Version: 0.0.1 +Release: 1 +Group: System/Security +License: Apache-2.0 +Source0: %{name}-%{version}.tar.gz +BuildRequires: cmake +BuildRequires: zip +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(capi-appfw-package-manager) +BuildRequires: pkgconfig(notification) +BuildRequires: pkgconfig(dbus-1) +BuildRequires: pkgconfig(dbus-glib-1) +BuildRequires: pkgconfig(libsystemd-journal) + +%description +Cert-checker + +%prep +%setup -q + +%build +export CFLAGS="$CFLAGS" +export CXXFLAGS="$CXXFLAGS" +export FFLAGS="$FFLAGS" +export LDFLAGS+="-Wl,--rpath=%{_libdir} " + +%cmake . -DVERSION=%{version} \ + -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \ + -DCMAKE_VERBOSE_MAKEFILE=ON + +make %{?jobs:-j%jobs} + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/usr/share/license +cp LICENSE %{buildroot}/usr/share/license/%{name} +%make_install + +%clean +rm -rf %{buildroot} + +%files +%{_bindir}/cert-checker +%{_datadir}/license/%{name} diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt new file mode 100644 index 0000000..94a8b74 --- /dev/null +++ b/src/CMakeLists.txt @@ -0,0 +1,34 @@ +PKG_CHECK_MODULES(CERT_CHECKER_DEP + REQUIRED + dbus-1 + dbus-glib-1 + glib-2.0 + gio-2.0 + capi-appfw-package-manager + notification + libsystemd-journal + ) + +SET(CERT_CHECKER_SRC_PATH ${PROJECT_SOURCE_DIR}/src) + +SET(CERT_CHECKER_SOURCES + ${CERT_CHECKER_SRC_PATH}/cert-checker.cpp + ${CERT_CHECKER_SRC_PATH}/app.cpp + ${CERT_CHECKER_SRC_PATH}/logic.cpp + # logs + ${CERT_CHECKER_SRC_PATH}/log/log.cpp + ) + +INCLUDE_DIRECTORIES(SYSTEM + ${CERT_CHECKER_DEP_INCLUDE_DIRS} + ${CERT_CHECKER_SRC_PATH}/include/ + ${CERT_CHECKER_SRC_PATH}/log/ + ) + +ADD_EXECUTABLE(${TARGET_CERT_CHECKER} ${CERT_CHECKER_SOURCES}) + +TARGET_LINK_LIBRARIES(${TARGET_CERT_CHECKER} + ${CERT_CHECKER_DEP_LIBRARIES} + ) + +INSTALL(TARGETS ${TARGET_CERT_CHECKER} DESTINATION ${BINDIR}) diff --git a/src/app.cpp b/src/app.cpp new file mode 100644 index 0000000..575cf03 --- /dev/null +++ b/src/app.cpp @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file app.cpp + * @author Janusz Kozerski (j.kozerski@samsung.com) + * @version 1.0 + * @brief This file is the implementation of app struct + */ + +#include <sstream> +#include <string> +#include <vector> +#include <sys/types.h> + +#include <app.h> + +namespace CCHECKER { + +app_t::app_t(void): + check_id(-1), // -1 as invalid check_id - assume that in database + // all check_ids will be positive + uid((uid_t)-1), // (uid_t)-1 (0xFF) is defined to be invalid uid. According + // to chown manual page, you cannot change file group of owner + // to (uid_t)-1, so we'll use it as initial, invalid value. + verified(verified_t::UNKNOWN) +{} + +std::ostream & operator<< (std::ostream &out, const app_t &app) +{ + out << "app: " << app.app_id << ", pkg: " << app.pkg_id << ", uid: " << app.uid; + return out; +} + +std::string app_t::str() const +{ + std::stringstream ss; + ss << this; + return ss.str(); +} + +} //CCHECKER diff --git a/src/cert-checker.cpp b/src/cert-checker.cpp new file mode 100644 index 0000000..984e41e --- /dev/null +++ b/src/cert-checker.cpp @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file cert-checker.cpp + * @author Janusz Kozerski (j.kozerski@samsung.com) + * @version 1.0 + * @brief Cert-checker daemon main loop. + */ + +#include <glib.h> + +#include <log.h> +#include <logic.h> + +using namespace CCHECKER; + +int main(void) +{ + LogDebug("Cert-checker start!"); + + GMainLoop *main_loop = g_main_loop_new(NULL, FALSE); + + Logic logic; + if (logic.setup() != NO_ERROR) { + LogError("Cannot setup logic. Exit cert-checker!"); + return -1; + } + + LogDebug("Running the main loop"); + g_main_loop_run(main_loop); + + LogDebug("Cert-checker exit!"); + return 0; +} diff --git a/src/include/app.h b/src/include/app.h new file mode 100644 index 0000000..7452714 --- /dev/null +++ b/src/include/app.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file app.h + * @author Janusz Kozerski (j.kozerski@samsung.com) + * @version 1.0 + * @brief This file is the implementation of app struct + */ +#ifndef CCHECKER_APP_H +#define CCHECKER_APP_H + +#include <string> +#include <vector> +#include <sys/types.h> + +namespace CCHECKER { + +struct app_t { + enum class verified_t : int { + NO = 0, + YES = 1, + UNKNOWN = 2 + }; + + int32_t check_id; + std::string app_id; + std::string pkg_id; + uid_t uid; + std::vector<std::string> certificates; + verified_t verified; + + app_t(void); + std::string str(void) const; +}; + +} //CCHECKER + +#endif //CCHECKER_APP_H diff --git a/src/include/logic.h b/src/include/logic.h new file mode 100644 index 0000000..c2b793d --- /dev/null +++ b/src/include/logic.h @@ -0,0 +1,80 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file logic.h + * @author Janusz Kozerski (j.kozerski@samsung.com) + * @version 1.0 + * @brief This file is the implementation of SQL queries + */ + +#ifndef CCHECKER_LOGIC_H +#define CCHECKER_LOGIC_H + +#include <gio/gio.h> +#include <package_manager.h> +#include <string> +#include <vector> + +#include <app.h> + +namespace CCHECKER { + +enum error_t { + NO_ERROR, + REGISTER_CALLBACK_ERROR, + DBUS_ERROR, + PACKAGE_MANAGER_ERROR +}; + +class Logic { + public: + Logic(void); + virtual ~Logic(void); + int setup(); + static void pkg_manager_callback( + const char *type, + const char *package, + package_manager_event_type_e eventType, + package_manager_event_state_e eventState, + int progress, + package_manager_error_e error, + void *logic_ptr); + static void connman_callback(GDBusProxy *proxy, + gchar *sender_name, + gchar *signal_name, + GVariant *parameters, + void *logic_ptr); + + private: + //TODO: implement missing members + + void check_ocsp(app_t &app); + void add_ocsp_url(const std::string &issuer, const std::string &url); + void pkgmanager_uninstall(const app_t &app); + void get_certs_from_signature(const std::string &signature, std::vector<std::string> &cert); + error_t load_database_to_buffer(); + + error_t register_connman_signal_handler (); + + bool m_is_online; + package_manager_h m_request; + GDBusProxy *m_proxy; + +}; + +} // CCHECKER + +#endif //CCHECKER_LOGIC_H diff --git a/src/log/log.cpp b/src/log/log.cpp new file mode 100644 index 0000000..ced0fe9 --- /dev/null +++ b/src/log/log.cpp @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file log.cpp + * @author Janusz Kozerski <j.kozerski@samsung.com> + * @brief This file declares class for ask user window + */ + +#include <stdexcept> +#include <systemd/sd-journal.h> + +void JournalLog(int logLevel, + const char *message, + const char *fileName, + int line, + const char *function) +{ + try { + sd_journal_send("PRIORITY=%d", logLevel, + "CODE_FILE=%s", fileName, + "CODE_FUNC=%s", function, + "CODE_LINE=%d", line, + // add file, line & function info to log message + "MESSAGE=[%s:%d] %s(): %s", fileName, line, function, message, + NULL); + } catch (const std::out_of_range&) { + sd_journal_send( + "PRIORITY=%d", LOG_ERR, + "CODE_FILE=%s", fileName, + "CODE_FUNC=%s", function, + "CODE_LINE=%d", line, + // add file, line & function info to log message + "MESSAGE=[%s:%d] %s(): Unsupported log level %d", fileName, line, function, logLevel, + NULL); + } +} diff --git a/src/log/log.h b/src/log/log.h new file mode 100644 index 0000000..d4efcdc --- /dev/null +++ b/src/log/log.h @@ -0,0 +1,86 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file log.h + * @author Janusz Kozerski <j.kozerski@samsung.com> + * @brief Project log framework - logs into journal + */ + +#include <sstream> +#include <systemd/sd-journal.h> + +#ifndef CERT_CHECKER_LOG_H +#define CERT_CHECKER_LOG_H + +void JournalLog(int logLevel, const char *message, const char *fileName, + int line, const char *function); + +/* + * Replacement low overhead null logging class + */ +class NullStream +{ + public: + NullStream() {} + + template <typename T> + NullStream& operator<<(const T&) + { + return *this; + } +}; + +/* avoid warnings about unused variables */ +#define DPL_MACRO_DUMMY_LOGGING(message, level) \ + do { \ + NullStream ns; \ + ns << message; \ + } while (0) + +#define CERT_CHECKER_LOG(message, level) \ +do \ +{ \ + std::ostringstream platformLog; \ + platformLog << message; \ + JournalLog(level, \ + platformLog.str().c_str(), \ + __FILE__, \ + __LINE__, \ + __FUNCTION__); \ +} while (0) + +/* Errors must be always logged. */ +#define LogError(message) \ + CERT_CHECKER_LOG(message, LOG_ERR) + +#ifdef BUILD_TYPE_DEBUG + #define LogDebug(message) \ + CERT_CHECKER_LOG(message, LOG_DEBUG) + #define LogInfo(message) \ + CERT_CHECKER_LOG(message, LOG_INFO) + #define LogWarning(message) \ + CERT_CHECKER_LOG(message, LOG_WARNING) +#else + #define LogDebug(message) \ + DPL_MACRO_DUMMY_LOGGING(message, LOG_DEBUG) + #define LogInfo(message) \ + DPL_MACRO_DUMMY_LOGGING(message, LOG_INFO) + #define LogWarning(message) \ + DPL_MACRO_DUMMY_LOGGING(message, LOG_WARNING) +#endif // BUILD_TYPE_DEBUG + +#endif //CERT_CHECKER_LOG_H + diff --git a/src/logic.cpp b/src/logic.cpp new file mode 100644 index 0000000..10ed0fd --- /dev/null +++ b/src/logic.cpp @@ -0,0 +1,213 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file logic.cpp + * @author Janusz Kozerski (j.kozerski@samsung.com) + * @version 1.0 + * @brief This file is the implementation of SQL queries + */ + +#include <logic.h> +#include <log.h> + +namespace { + +const char * eventTypeStr(package_manager_event_type_e type) { + if (type == PACKAGE_MANAGER_EVENT_TYPE_INSTALL) + return "PACKAGE_MANAGER_EVENT_TYPE_INSTALL"; + if (type == PACKAGE_MANAGER_EVENT_TYPE_UNINSTALL) + return "PACKAGE_MANAGER_EVENT_TYPE_UNINSTALL"; + if (type == PACKAGE_MANAGER_EVENT_TYPE_UPDATE) + return "PACKAGE_MANAGER_EVENT_TYPE_UPDATE"; + return "UNKNOWN"; +} + +const char * eventStateStr(package_manager_event_state_e type) { + if (type == PACKAGE_MANAGER_EVENT_STATE_STARTED) + return "PACKAGE_MANAGER_EVENT_STATE_STARTED"; + if (type == PACKAGE_MANAGER_EVENT_STATE_PROCESSING) + return "PACKAGE_MANAGER_EVENT_STATE_PROCESSING"; + if (type == PACKAGE_MANAGER_EVENT_STATE_COMPLETED) + return "PACKAGE_MANAGER_EVENT_STATE_COMPLETED"; + if (type == PACKAGE_MANAGER_EVENT_STATE_FAILED) + return "PACKAGE_MANAGER_EVENT_STATE_FAILED"; + return "UNKNOWN"; +} +} //anonymus + + +namespace CCHECKER { + +Logic::~Logic(void) +{ + LogDebug("Cert-checker cleaning."); + if (m_proxy) + g_object_unref(m_proxy); + package_manager_destroy(m_request); +} + +Logic::Logic(void) : + m_is_online(false), + m_proxy(NULL) +{} + +int Logic::setup() +{ + // Add package manager callback + int ret = package_manager_create(&m_request); + if (ret != PACKAGE_MANAGER_ERROR_NONE) { + LogError("package_manager_create error: " << ret); + return PACKAGE_MANAGER_ERROR; + } + + LogDebug("register installedApp event callback start"); + ret = package_manager_set_event_cb(m_request, Logic::pkg_manager_callback, this); + if (PACKAGE_MANAGER_ERROR_NONE != ret) { + LogError("Error in package_manager_set_event_cb: " << ret); + return REGISTER_CALLBACK_ERROR; + } + LogDebug("register installedApp event callback success"); + + // Add connman callback + LogDebug("register connman event callback start"); + if (register_connman_signal_handler() != NO_ERROR) { + LogError("Error in register_connman_signal_handler"); + return REGISTER_CALLBACK_ERROR; + } + LogDebug("register connman event callback success"); + + return load_database_to_buffer(); +} + +error_t Logic::register_connman_signal_handler(void) +{ + GError *error = NULL; + GDBusProxyFlags flags = G_DBUS_PROXY_FLAGS_NONE; + + // Obtain a connection to the System Bus + m_proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM, + flags, + NULL, /* GDBusInterfaceInfo */ + "net.connman", + "/", + "net.connman.Manager", + NULL, /* GCancellable */ + &error); + + if (m_proxy == NULL) { + if (error) { + LogError("Error creating D-Bus proxy: " << error->message); + g_error_free (error); + } + else { + LogError("Error creating D-Bus proxy. Unknown error"); + } + return DBUS_ERROR; + } + + // Connect to g-signal to receive signals from proxy + if (g_signal_connect (m_proxy, "g-signal", G_CALLBACK (Logic::connman_callback), this) < 1) { + LogError("g_signal_connect error while connecting connman signal"); + return REGISTER_CALLBACK_ERROR; + } + + return NO_ERROR; +} + +void Logic::pkg_manager_callback( + const char *type, + const char *package, + package_manager_event_type_e eventType, + package_manager_event_state_e eventState, + int progress, + package_manager_error_e error, + void *logic_ptr) +{ + LogDebug("---- packageInstalledEventCallback ----\n"); + LogDebug("Type: " << type << ", package: " << package << ", Event type: " << + eventTypeStr(eventType) << ", Event state: " << eventStateStr(eventState) << + ", progress: " << progress <<", error: " << error); + Logic *logic = static_cast<Logic*>(logic_ptr); + + if (eventType != PACKAGE_MANAGER_EVENT_TYPE_INSTALL|| + eventState != PACKAGE_MANAGER_EVENT_STATE_COMPLETED || + error != PACKAGE_MANAGER_ERROR_NONE || + package == NULL) { + LogDebug("PackageInstalled Callback error or Invalid Param"); + } else { + LogDebug("PackageInstalled Callback. Instalation of: " << package << + ", error: " << error << ", progress: " << progress); + // TODO: Add event to queue here + (void) logic; + } +} + +void Logic::connman_callback(GDBusProxy */*proxy*/, + gchar */*sender_name*/, + gchar *signal_name, + GVariant *parameters, + void *logic_ptr) +{ + std::string signal_name_str = std::string(signal_name); + if (signal_name_str != "PropertyChanged") { + // Invalid param. Nothing to do here. + return; + } + + gchar *parameters_g = g_variant_print(parameters, TRUE); + std::string params_str = std::string(parameters_g); + g_free (parameters_g); + + Logic *logic = static_cast<Logic*> (logic_ptr); + + if (params_str == "('State', <'online'>)") { + LogDebug("Device online"); + logic->m_is_online = true; + } + else if (params_str == "('State', <'offline'>)") { + LogDebug("Device offline"); + logic->m_is_online = false; + } +} + +void Logic::check_ocsp(app_t &app) +{ + (void)app; +} + +void Logic::add_ocsp_url(const std::string &issuer, const std::string &url) +{ + (void)issuer; + (void)url; +} + +void Logic::pkgmanager_uninstall(const app_t &app) +{ + (void)app; +} + +void Logic::get_certs_from_signature(const std::string &signature, std::vector<std::string> &cert) +{ + (void)signature; + (void)cert; +} + +error_t Logic::load_database_to_buffer() +{ + return error_t::NO_ERROR; +} + +} //CCHECKER |