From e5b11272431a7da08b2ceb12c90ed15ff6b9bfc8 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Nov 29 2011 20:19:12 +0000 Subject: detangle nicknames for requests and CAs from their bus names --- diff --git a/src/cm.c b/src/cm.c index 7b11a4e..ecb67df 100644 --- a/src/cm.c +++ b/src/cm.c @@ -226,7 +226,8 @@ cm_netlink_delayed_h(struct tevent_context *ec, struct tevent_timer *te, if (ctx->events[i].next_event != NULL) { switch (ctx->entries[i]->cm_state) { case CM_CA_UNREACHABLE: - cm_restart_one(ctx, ctx->entries[i]->cm_id); + cm_restart_one(ctx, + ctx->entries[i]->cm_nickname); break; default: break; @@ -298,7 +299,7 @@ cm_netlink_fd_h(struct tevent_context *ec, struct cm_store_ca * cm_find_ca_by_entry(struct cm_context *c, struct cm_store_entry *entry) { - return entry->cm_ca_name ? cm_get_ca_by_id(c, entry->cm_ca_name) : NULL; + return entry->cm_ca_nickname ? cm_get_ca_by_nickname(c, entry->cm_ca_nickname) : NULL; } static void * @@ -328,29 +329,33 @@ cm_service_one(struct cm_context *context, struct timeval *current_time, int i) case cm_time_now: t = tevent_add_timer(talloc_parent(context), context, now, cm_timer_h, context); - cm_log(3, "Will revisit '%s' now.\n", - context->entries[i]->cm_id); + cm_log(3, "Will revisit %s('%s') now.\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname); break; case cm_time_soon: then = tevent_timeval_add(&now, CM_DELAY_SOON, 0); t = tevent_add_timer(talloc_parent(context), context, then, cm_timer_h, context); - cm_log(3, "Will revisit '%s' soon.\n", - context->entries[i]->cm_id); + cm_log(3, "Will revisit %s('%s') soon.\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname); break; case cm_time_soonish: then = tevent_timeval_add(&now, CM_DELAY_SOONISH, 0); t = tevent_add_timer(talloc_parent(context), context, then, cm_timer_h, context); - cm_log(3, "Will revisit '%s' soonish.\n", - context->entries[i]->cm_id); + cm_log(3, "Will revisit %s('%s') soonish.\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname); break; case cm_time_delay: then = tevent_timeval_add(&now, delay, 0); t = tevent_add_timer(talloc_parent(context), context, then, cm_timer_h, context); - cm_log(3, "Will revisit '%s' in %d seconds.\n", - context->entries[i]->cm_id, delay); + cm_log(3, "Will revisit %s('%s') in %d seconds.\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname, delay); break; case cm_time_no_time: if (fd != -1) { @@ -358,12 +363,15 @@ cm_service_one(struct cm_context *context, struct timeval *current_time, int i) context, fd, TEVENT_FD_READ, cm_fd_h, context); - cm_log(3, "Will revisit '%s' on " + cm_log(3, "Will revisit %s('%s') on " "traffic from %d.\n", - context->entries[i]->cm_id, fd); + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname, fd); } else { cm_log(3, "Waiting for instructions for " - "'%s'.\n", context->entries[i]->cm_id); + "%s('%s').\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname); t = NULL; } break; @@ -388,10 +396,10 @@ cm_add_entry(struct cm_context *context, struct cm_store_entry *new_entry) char timestamp[15]; /* Check for duplicates and count the number of entries we're already * managing. */ - if (new_entry->cm_id != NULL) { + if (new_entry->cm_nickname != NULL) { for (i = 0; i < context->n_entries; i++) { - if (strcmp(context->entries[i]->cm_id, - new_entry->cm_id) == 0) { + if (strcmp(context->entries[i]->cm_nickname, + new_entry->cm_nickname) == 0) { return -1; } } @@ -399,19 +407,20 @@ cm_add_entry(struct cm_context *context, struct cm_store_entry *new_entry) do { /* Try to assign a new ID. */ now = cm_time(NULL); - new_entry->cm_id = cm_store_timestamp_from_time(now, - timestamp); + new_entry->cm_nickname = cm_store_timestamp_from_time(now, + timestamp); /* Check for duplicates. */ for (i = 0; i < context->n_entries; i++) { - if (strcmp(context->entries[i]->cm_id, - new_entry->cm_id) == 0) { + if (strcmp(context->entries[i]->cm_nickname, + new_entry->cm_nickname) == 0) { /* Busy wait 0.1s. Ugh. */ usleep(100000); break; } } } while (i < context->n_entries); - new_entry->cm_id = talloc_strdup(new_entry, new_entry->cm_id); + new_entry->cm_nickname = talloc_strdup(new_entry, + new_entry->cm_nickname); } /* Allocate storage for a new entry array. */ events = NULL; @@ -454,9 +463,10 @@ cm_add_entry(struct cm_context *context, struct cm_store_entry *new_entry) /* Prepare to set this entry in motion. */ i = context->n_entries - 1; if (cm_start_one(context, - context->entries[i]->cm_id) == FALSE) { - cm_log(3, "Error starting '%s', please retry.\n", - context->entries[i]->cm_id); + context->entries[i]->cm_nickname) == FALSE) { + cm_log(3, "Error starting %s('%s'), please retry.\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname); } /* Save this entry to the store, too. */ cm_store_entry_save(new_entry); @@ -466,11 +476,11 @@ cm_add_entry(struct cm_context *context, struct cm_store_entry *new_entry) } static int -cm_find_entry_by_id(struct cm_context *context, const char *id) +cm_find_entry_by_nickname(struct cm_context *context, const char *nickname) { int i; for (i = 0; i < context->n_entries; i++) { - if (strcmp(context->entries[i]->cm_id, id) == 0) { + if (strcmp(context->entries[i]->cm_nickname, nickname) == 0) { return i; } } @@ -478,11 +488,11 @@ cm_find_entry_by_id(struct cm_context *context, const char *id) } static int -cm_find_ca_by_id(struct cm_context *context, const char *id) +cm_find_ca_by_nickname(struct cm_context *context, const char *nickname) { int i; for (i = 0; i < context->n_cas; i++) { - if (strcmp(context->cas[i]->cm_id, id) == 0) { + if (strcmp(context->cas[i]->cm_nickname, nickname) == 0) { return i; } } @@ -497,8 +507,10 @@ cm_start_all(struct cm_context *context) if ((context->events[i].iterate_state == NULL) && (cm_iterate_init(context->entries[i], &context->events[i].iterate_state)) != 0) { - cm_log(1, "Error starting \"%s\", please try again.\n", - context->entries[i]->cm_id); + cm_log(1, "Error starting %s('%s'), " + "please try again.\n", + context->entries[i]->cm_busname, + context->entries[i]->cm_nickname); } else { context->events[i].next_event = cm_service_one(context, NULL, i); @@ -526,32 +538,34 @@ cm_stop_all(struct cm_context *context) } dbus_bool_t -cm_start_one(struct cm_context *context, const char *id) +cm_start_one(struct cm_context *context, const char *nickname) { int i; - i = cm_find_entry_by_id(context, id); + i = cm_find_entry_by_nickname(context, nickname); if (i != -1) { if (cm_iterate_init(context->entries[i], &context->events[i].iterate_state) == 0) { context->events[i].next_event = cm_service_one(context, NULL, i); - cm_log(3, "Started '%s'.\n", id); + cm_log(3, "Started '%s(%s)'.\n", + context->entries[i]->cm_busname, nickname); return TRUE; } else { - cm_log(3, "Error starting '%s', please retry.\n", id); + cm_log(3, "Error starting '%s(%s)', please retry.\n", + context->entries[i]->cm_busname, nickname); return FALSE; } } else { - cm_log(3, "No entry matching '%s'.\n", id); + cm_log(3, "No entry matching nickname '%s'.\n", nickname); return FALSE; } } dbus_bool_t -cm_stop_one(struct cm_context *context, const char *id) +cm_stop_one(struct cm_context *context, const char *nickname) { int i; - i = cm_find_entry_by_id(context, id); + i = cm_find_entry_by_nickname(context, nickname); if (i != -1) { talloc_free(context->events[i].next_event); context->events[i].next_event = NULL; @@ -559,20 +573,21 @@ cm_stop_one(struct cm_context *context, const char *id) context->events[i].iterate_state); context->events[i].iterate_state = NULL; cm_store_entry_save(context->entries[i]); - cm_log(3, "Stopped '%s'.\n", id); + cm_log(3, "Stopped '%s(%s)'.\n", + context->entries[i]->cm_busname, nickname); return TRUE; } else { - cm_log(3, "No entry matching '%s'.\n", id); + cm_log(3, "No entry matching nickname '%s'.\n", nickname); return FALSE; } } int -cm_remove_entry(struct cm_context *context, const char *id) +cm_remove_entry(struct cm_context *context, const char *nickname) { int i, rv = -1; - if (cm_stop_one(context, id)) { - i = cm_find_entry_by_id(context, id); + if (cm_stop_one(context, nickname)) { + i = cm_find_entry_by_nickname(context, nickname); if (i != -1) { if (cm_store_entry_delete(context->entries[i]) == 0) { /* Free the entry. */ @@ -599,17 +614,30 @@ cm_remove_entry(struct cm_context *context, const char *id) } dbus_bool_t -cm_restart_one(struct cm_context *context, const char *id) +cm_restart_one(struct cm_context *context, const char *nickname) { - return cm_stop_one(context, id) && cm_start_one(context, id); + return cm_stop_one(context, nickname) && + cm_start_one(context, nickname); } struct cm_store_entry * -cm_get_entry_by_id(struct cm_context *context, const char *id) +cm_get_entry_by_busname(struct cm_context *context, const char *name) { int i; for (i = 0; i < context->n_entries; i++) { - if (strcmp(context->entries[i]->cm_id, id) == 0) { + if (strcmp(context->entries[i]->cm_busname, name) == 0) { + return context->entries[i]; + } + } + return NULL; +} + +struct cm_store_entry * +cm_get_entry_by_nickname(struct cm_context *context, const char *nickname) +{ + int i; + for (i = 0; i < context->n_entries; i++) { + if (strcmp(context->entries[i]->cm_nickname, nickname) == 0) { return context->entries[i]; } } @@ -640,30 +668,31 @@ cm_add_ca(struct cm_context *context, struct cm_store_ca *new_ca) char timestamp[15]; /* Check for duplicates and count the number of CAs we're already * managing. */ - if (new_ca->cm_id != NULL) { + if (new_ca->cm_nickname != NULL) { for (i = 0; i < context->n_cas; i++) { - if (strcmp(context->cas[i]->cm_id, - new_ca->cm_id) == 0) { + if (strcmp(context->cas[i]->cm_nickname, + new_ca->cm_nickname) == 0) { return -1; } } } else { do { - /* Try to assign a new ID. */ + /* Try to assign a new nickname. */ now = cm_time(NULL); - new_ca->cm_id = cm_store_timestamp_from_time(now, - timestamp); + new_ca->cm_nickname = cm_store_timestamp_from_time(now, + timestamp); /* Check for duplicates. */ for (i = 0; i < context->n_cas; i++) { - if (strcmp(context->cas[i]->cm_id, - new_ca->cm_id) == 0) { + if (strcmp(context->cas[i]->cm_nickname, + new_ca->cm_nickname) == 0) { /* Busy wait 0.1s. Ugh. */ usleep(100000); break; } } } while (i < context->n_cas); - new_ca->cm_id = talloc_strdup(new_ca, new_ca->cm_id); + new_ca->cm_nickname = talloc_strdup(new_ca, + new_ca->cm_nickname); } /* Allocate storage for a new CA array. */ cas = talloc_array(context, struct cm_store_ca *, context->n_cas + 2); @@ -687,11 +716,23 @@ cm_add_ca(struct cm_context *context, struct cm_store_ca *new_ca) } struct cm_store_ca * -cm_get_ca_by_id(struct cm_context *context, const char *id) +cm_get_ca_by_busname(struct cm_context *context, const char *name) +{ + int i; + for (i = 0; i < context->n_cas; i++) { + if (strcmp(context->cas[i]->cm_busname, name) == 0) { + return context->cas[i]; + } + } + return NULL; +} + +struct cm_store_ca * +cm_get_ca_by_nickname(struct cm_context *context, const char *nickname) { int i; for (i = 0; i < context->n_cas; i++) { - if (strcmp(context->cas[i]->cm_id, id) == 0) { + if (strcmp(context->cas[i]->cm_nickname, nickname) == 0) { return context->cas[i]; } } @@ -714,10 +755,10 @@ cm_get_n_cas(struct cm_context *context) } int -cm_remove_ca(struct cm_context *context, const char *id) +cm_remove_ca(struct cm_context *context, const char *nickname) { int i; - i = cm_find_ca_by_id(context, id); + i = cm_find_ca_by_nickname(context, nickname); if (i != -1) { if (cm_store_ca_delete(context->cas[i]) == 0) { /* Free the entry. */ diff --git a/src/cm.h b/src/cm.h index 5679a40..78e0dab 100644 --- a/src/cm.h +++ b/src/cm.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Red Hat, Inc. + * Copyright (C) 2009,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -31,16 +31,22 @@ void cm_stop_all(struct cm_context *context); int cm_get_n_entries(struct cm_context *context); struct cm_store_entry *cm_get_entry_by_index(struct cm_context *c, int i); -struct cm_store_entry *cm_get_entry_by_id(struct cm_context *c, const char *id); +struct cm_store_entry *cm_get_entry_by_nickname(struct cm_context *c, + const char *nickname); +struct cm_store_entry *cm_get_entry_by_busname(struct cm_context *c, + const char *busname); int cm_add_entry(struct cm_context *context, struct cm_store_entry *new_entry); -int cm_remove_entry(struct cm_context *context, const char *id); +int cm_remove_entry(struct cm_context *context, const char *nickname); int cm_get_n_cas(struct cm_context *context); struct cm_store_ca *cm_get_ca_by_index(struct cm_context *c, int i); -struct cm_store_ca *cm_get_ca_by_id(struct cm_context *c, const char *id); +struct cm_store_ca *cm_get_ca_by_nickname(struct cm_context *c, + const char *nickname); +struct cm_store_ca *cm_get_ca_by_busname(struct cm_context *c, + const char *busname); int cm_add_ca(struct cm_context *context, struct cm_store_ca *new_ca); -int cm_remove_ca(struct cm_context *context, const char *id); -dbus_bool_t cm_restart_one(struct cm_context *c, const char *id); -dbus_bool_t cm_stop_one(struct cm_context *c, const char *id); -dbus_bool_t cm_start_one(struct cm_context *c, const char *id); +int cm_remove_ca(struct cm_context *context, const char *nickname); +dbus_bool_t cm_restart_one(struct cm_context *c, const char *nickname); +dbus_bool_t cm_stop_one(struct cm_context *c, const char *nickname); +dbus_bool_t cm_start_one(struct cm_context *c, const char *nickname); #endif diff --git a/src/csrgen-n.c b/src/csrgen-n.c index 754e8a8..14d6042 100644 --- a/src/csrgen-n.c +++ b/src/csrgen-n.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009,2010 Red Hat, Inc. + * Copyright (C) 2009,2010,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -247,7 +247,8 @@ cm_csrgen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry, /* Start up NSS and find the key pair. */ privkey = cm_keyiread_n_get_private_key(entry, 0); if (privkey == NULL) { - cm_log(1, "Error finding key pair for \"%s\".\n", entry->cm_id); + cm_log(1, "Error finding key pair for %s('%s').\n", + entry->cm_busname, entry->cm_nickname); PORT_FreeArena(arena, PR_TRUE); _exit(CM_STATUS_ERROR_NO_TOKEN); } diff --git a/src/csrgen-o.c b/src/csrgen-o.c index c943e46..9886712 100644 --- a/src/csrgen-o.c +++ b/src/csrgen-o.c @@ -179,7 +179,7 @@ cm_csrgen_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry, if (entry->cm_cert_nickname != NULL) { nickname = entry->cm_cert_nickname; } else { - nickname = entry->cm_id; + nickname = entry->cm_nickname; } unickname = (unsigned char *) nickname; if (nickname != NULL) { diff --git a/src/csrgen.c b/src/csrgen.c index ef615be..000dc11 100644 --- a/src/csrgen.c +++ b/src/csrgen.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Red Hat, Inc. + * Copyright (C) 2009,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,8 +26,9 @@ cm_csrgen_start(struct cm_store_entry *entry) { switch (entry->cm_key_storage_type) { case cm_key_storage_none: - cm_log(1, "Can't generate new CSR for \"%s\" without the key, " - "and we don't know where that is.\n", entry->cm_id); + cm_log(1, "Can't generate new CSR for %s('%s') without the " + "key, and we don't know where that is.\n", + entry->cm_busname, entry->cm_nickname); break; #ifdef HAVE_OPENSSL case cm_key_storage_file: diff --git a/src/iterate.c b/src/iterate.c index 7ec3525..a730ad1 100644 --- a/src/iterate.c +++ b/src/iterate.c @@ -248,7 +248,8 @@ cm_iterate_init(struct cm_store_entry *entry, void **cm_iterate_state) state->cm_certread_state = NULL; } cm_store_entry_save(entry); - cm_log(3, "'%s' starts in state '%s'\n", entry->cm_id, + cm_log(3, "%s('%s') starts in state '%s'\n", + entry->cm_busname, entry->cm_nickname, cm_store_state_as_string(entry->cm_state)); return 0; } @@ -627,9 +628,11 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, cm_submit_done(entry, state->cm_submit_state); state->cm_submit_state = NULL; if (entry->cm_cert != NULL) { - cm_log(3, "'%s' already had a " + cm_log(3, "%s('%s') already had a " "certificate, going back to " - "monitoring it\n", entry->cm_id); + "monitoring it\n", + entry->cm_busname, + entry->cm_nickname); entry->cm_state = CM_MONITORING; *when = cm_time_soonish; } else { @@ -663,9 +666,11 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, cm_submit_done(entry, state->cm_submit_state); state->cm_submit_state = NULL; if (entry->cm_cert != NULL) { - cm_log(3, "'%s' already had a " + cm_log(3, "%s('%s') already had a " "certificate, going back to " - "monitoring it\n", entry->cm_id); + "monitoring it\n", + entry->cm_busname, + entry->cm_nickname); entry->cm_state = CM_MONITORING; *when = cm_time_soonish; } else { @@ -677,7 +682,9 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, /* Don't know what's going on. HELP! */ cm_log(1, "Unable to determine course of action " - "for \"%s\".\n", entry->cm_id); + "for %s('%s').\n", + entry->cm_busname, + entry->cm_nickname); cm_submit_done(entry, state->cm_submit_state); state->cm_submit_state = NULL; entry->cm_state = CM_NEED_GUIDANCE; @@ -999,7 +1006,7 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, case CM_NEWLY_ADDED_DECIDING: /* Decide what to do next. Assign a CA if it doesn't have one * assigned to it already. */ - if ((entry->cm_ca_name == NULL) && + if ((entry->cm_ca_nickname == NULL) && (entry->cm_cert_issuer != NULL)) { /* Walk the list of known names of known CAs and try to * match one with the issuer of the certificate we @@ -1012,26 +1019,26 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, j++) { if (strcmp(tmp_ca->cm_ca_known_issuer_names[j], entry->cm_cert_issuer) == 0) { - entry->cm_ca_name = talloc_strdup(entry, tmp_ca->cm_id); + entry->cm_ca_nickname = talloc_strdup(entry, tmp_ca->cm_nickname); } } } } /* No match -> assign the default. */ - if (entry->cm_ca_name == NULL) { + if (entry->cm_ca_nickname == NULL) { for (i = 0; i < (*get_n_cas)(context); i++) { tmp_ca = (*get_ca_by_index)(context, i); if (tmp_ca->cm_ca_is_default) { - entry->cm_ca_name = talloc_strdup(entry, tmp_ca->cm_id); + entry->cm_ca_nickname = talloc_strdup(entry, tmp_ca->cm_nickname); } } } /* No default in our data store -> use the config file's. */ - if (entry->cm_ca_name == NULL) { + if (entry->cm_ca_nickname == NULL) { tmp_ca_name = cm_prefs_default_ca(); if (tmp_ca_name != NULL) { - entry->cm_ca_name = talloc_strdup(entry, - tmp_ca_name); + entry->cm_ca_nickname = talloc_strdup(entry, + tmp_ca_name); } } /* If we have a certificate, we go straight to monitoring it. @@ -1057,8 +1064,8 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, cm_store_set_if_not_set_s(entry, &entry->cm_template_eku, entry->cm_cert_eku); - cm_log(3, "'%s' has a certificate, monitoring it\n", - entry->cm_id); + cm_log(3, "%s('%s') has a certificate, monitoring it\n", + entry->cm_busname, entry->cm_nickname); entry->cm_state = CM_MONITORING; *when = cm_time_now; } else @@ -1068,26 +1075,28 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, /* If we don't have a certificate, but we have a key, * the next step is to generate a CSR. */ if (entry->cm_key_type.cm_key_size > 0) { - cm_log(3, "'%s' has no certificate, will " + cm_log(3, "%s('%s') has no certificate, will " "attempt enrollment using " - "already-present key\n", entry->cm_id); + "already-present key\n", + entry->cm_busname, entry->cm_nickname); entry->cm_state = CM_NEED_CSR; *when = cm_time_now; } else { /* No certificate, no key, start with * generating the key. */ - cm_log(3, "'%s' has no key or certificate, " + cm_log(3, "%s('%s') has no key or certificate, " "will generate keys and attempt " - "enrollment\n", entry->cm_id); + "enrollment\n", + entry->cm_busname, entry->cm_nickname); entry->cm_state = CM_NEED_KEY_PAIR; *when = cm_time_now; } } else { /* And if we don't have a place for the key, we're * screwed. Hopefully this didn't happen normally. */ - cm_log(3, "'%s' has no key or certificate location, " - "don't know what to do about that\n", - entry->cm_id); + cm_log(3, "%s('%s') has no key or certificate location," + " don't know what to do about that\n", + entry->cm_busname, entry->cm_nickname); entry->cm_state = CM_NEED_GUIDANCE; *when = cm_time_now; } @@ -1099,8 +1108,10 @@ cm_iterate(struct cm_store_entry *entry, struct cm_store_ca *ca, break; } if (old_entry_state != entry->cm_state) { - cm_log(3, "'%s' moved to state '%s'\n", - entry->cm_id ? entry->cm_id : "(unnamed entry)", + cm_log(3, "%s('%s') moved to state '%s'\n", + entry->cm_busname, + entry->cm_nickname ? + entry->cm_nickname : "(unnamed entry)", cm_store_state_as_string(entry->cm_state)); cm_store_entry_save(entry); } @@ -1137,7 +1148,8 @@ cm_iterate_done(struct cm_store_entry *entry, void *cm_iterate_state) talloc_free(state); } cm_entry_reset_state(entry); - cm_log(3, "'%s' ends in state '%s'\n", entry->cm_id, + cm_log(3, "%s('%s') ends in state '%s'\n", + entry->cm_busname, entry->cm_nickname, cm_store_state_as_string(entry->cm_state)); return 0; } diff --git a/src/keygen.c b/src/keygen.c index d1844b2..11e54ab 100644 --- a/src/keygen.c +++ b/src/keygen.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009,2010 Red Hat, Inc. + * Copyright (C) 2009,2010,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,8 +26,9 @@ cm_keygen_start(struct cm_store_entry *entry) { switch (entry->cm_key_storage_type) { case cm_key_storage_none: - cm_log(1, "Can't generate key for \"%s\" without knowing " - "where to store it.\n", entry->cm_id); + cm_log(1, "Can't generate key for %s('%s') without knowing " + "where to store it.\n", + entry->cm_busname, entry->cm_nickname); break; #ifdef HAVE_OPENSSL case cm_key_storage_file: diff --git a/src/store-files.c b/src/store-files.c index 0b12f26..5d513a1 100644 --- a/src/store-files.c +++ b/src/store-files.c @@ -39,6 +39,8 @@ #include "log.h" #include "tm.h" +static unsigned long long cm_entry_name_last, cm_ca_name_last; + enum cm_store_file_field { cm_store_file_field_invalid = 0, cm_store_file_field_id, @@ -91,7 +93,7 @@ enum cm_store_file_field { cm_store_entry_field_autorenew, cm_store_entry_field_monitor, - cm_store_entry_field_ca_name, + cm_store_entry_field_ca_nickname, cm_store_entry_field_submitted, cm_store_entry_field_ca_cookie, @@ -163,7 +165,7 @@ static struct cm_store_file_field_list { {cm_store_entry_field_autorenew, "autorenew"}, {cm_store_entry_field_monitor, "monitor"}, - {cm_store_entry_field_ca_name, "ca_name"}, + {cm_store_entry_field_ca_nickname, "ca_name"}, {cm_store_entry_field_submitted, "submitted"}, {cm_store_entry_field_ca_cookie, "ca_cookie"}, @@ -357,6 +359,12 @@ free_if_empty_multi(void *parent, char *p) return s; } +char * +cm_store_entry_next_busname(void *parent) +{ + return talloc_asprintf(parent, "Request%llu", ++cm_entry_name_last); +} + static struct cm_store_entry * cm_store_entry_read(void *parent, const char *filename, FILE *fp) { @@ -368,6 +376,7 @@ cm_store_entry_read(void *parent, const char *filename, FILE *fp) if (ret != NULL) { memset(ret, 0, sizeof(*ret)); s = cm_store_file_read_lines(ret, fp); + ret->cm_busname = cm_store_entry_next_busname(ret); ret->cm_store_private = talloc_strdup(ret, filename); for (i = 0; (s != NULL) && (s[i] != NULL); i++) { p = s[i]; @@ -384,7 +393,7 @@ cm_store_entry_read(void *parent, const char *filename, FILE *fp) case cm_store_ca_field_external_helper: break; case cm_store_file_field_id: - ret->cm_id = free_if_empty(p); + ret->cm_nickname = free_if_empty(p); break; case cm_store_entry_field_key_type: if (strcasecmp(s[i], "RSA") == 0) { @@ -569,8 +578,8 @@ cm_store_entry_read(void *parent, const char *filename, FILE *fp) ret->cm_monitor = atoi(p); talloc_free(p); break; - case cm_store_entry_field_ca_name: - ret->cm_ca_name = free_if_empty(p); + case cm_store_entry_field_ca_nickname: + ret->cm_ca_nickname = free_if_empty(p); break; case cm_store_entry_field_submitted: ret->cm_submitted = @@ -607,6 +616,12 @@ cm_store_files_entry_read(void *parent, const char *filename) return ret; } +char * +cm_store_ca_next_busname(void *parent) +{ + return talloc_asprintf(parent, "CA%llu", ++cm_ca_name_last); +} + static struct cm_store_ca * cm_store_ca_read(void *parent, const char *filename, FILE *fp) { @@ -618,6 +633,7 @@ cm_store_ca_read(void *parent, const char *filename, FILE *fp) if (ret != NULL) { memset(ret, 0, sizeof(*ret)); s = cm_store_file_read_lines(ret, fp); + ret->cm_busname = cm_store_ca_next_busname(ret); ret->cm_store_private = talloc_strdup(ret, filename); for (i = 0; (s != NULL) && (s[i] != NULL); i++) { p = s[i]; @@ -664,14 +680,14 @@ cm_store_ca_read(void *parent, const char *filename, FILE *fp) case cm_store_entry_field_state: case cm_store_entry_field_autorenew: case cm_store_entry_field_monitor: - case cm_store_entry_field_ca_name: + case cm_store_entry_field_ca_nickname: case cm_store_entry_field_submitted: case cm_store_entry_field_ca_cookie: case cm_store_entry_field_ca_error: case cm_store_entry_field_cert: break; case cm_store_file_field_id: - ret->cm_id = free_if_empty(p); + ret->cm_nickname = free_if_empty(p); break; case cm_store_ca_field_known_issuer_names: ret->cm_ca_known_issuer_names = @@ -797,10 +813,10 @@ cm_store_entry_write(FILE *fp, struct cm_store_entry *entry) char timestamp[15]; const char *p; - if (entry->cm_id == NULL) { + if (entry->cm_nickname == NULL) { p = cm_store_timestamp_from_time(cm_time(NULL), timestamp); } else { - p = entry->cm_id; + p = entry->cm_nickname; } cm_store_file_write_str(fp, cm_store_file_field_id, p); @@ -938,8 +954,8 @@ cm_store_entry_write(FILE *fp, struct cm_store_entry *entry) cm_store_file_write_int(fp, cm_store_entry_field_monitor, entry->cm_monitor); - cm_store_file_write_str(fp, cm_store_entry_field_ca_name, - entry->cm_ca_name); + cm_store_file_write_str(fp, cm_store_entry_field_ca_nickname, + entry->cm_ca_nickname); cm_store_file_write_str(fp, cm_store_entry_field_submitted, cm_store_timestamp_from_time(entry->cm_submitted, timestamp)); @@ -973,7 +989,7 @@ cm_store_entry_delete(struct cm_store_entry *entry) } } else { cm_log(3, "No file to remove for \"%s\".\n", - entry->cm_id); + entry->cm_nickname); ret = 0; } return 0; @@ -1112,8 +1128,8 @@ cm_store_get_all_entries(void *parent) if (ret[j] != NULL) { /* Check for duplicate names. */ for (k = 0; k < j; k++) { - if (strcmp(ret[k]->cm_id, - ret[j]->cm_id) == 0) { + if (strcmp(ret[k]->cm_nickname, + ret[j]->cm_nickname) == 0) { cm_store_entry_delete(ret[j]); talloc_free(ret[j]); ret[j] = NULL; @@ -1140,10 +1156,10 @@ cm_store_ca_write(FILE *fp, struct cm_store_ca *ca) const char *p; char timestamp[15]; - if (ca->cm_id == NULL) { + if (ca->cm_nickname == NULL) { p = cm_store_timestamp_from_time(cm_time(NULL), timestamp); } else { - p = ca->cm_id; + p = ca->cm_nickname; } cm_store_file_write_str(fp, cm_store_file_field_id, p); cm_store_file_write_strs(fp, @@ -1193,7 +1209,7 @@ cm_store_ca_delete(struct cm_store_ca *ca) filename, strerror(errno)); } } else { - cm_log(3, "No file to remove for \"%s\".\n", ca->cm_id); + cm_log(3, "No file to remove for \"%s\".\n", ca->cm_nickname); ret = 0; } return 0; @@ -1308,8 +1324,8 @@ cm_store_get_all_cas(void *parent) if (ret[j] != NULL) { /* Check for duplicate names. */ for (k = 0; k < j; k++) { - if (strcmp(ret[k]->cm_id, - ret[j]->cm_id) == 0) { + if (strcmp(ret[k]->cm_nickname, + ret[j]->cm_nickname) == 0) { cm_store_ca_delete(ret[j]); talloc_free(ret[j]); ret[j] = NULL; @@ -1331,8 +1347,8 @@ cm_store_get_all_cas(void *parent) } if (k == j) { ret[j] = cm_store_ca_new(ret); - ret[j]->cm_id = talloc_strdup(ret[j], - CM_SELF_SIGN_CA_NAME); + ret[j]->cm_nickname = talloc_strdup(ret[j], + CM_SELF_SIGN_CA_NAME); ret[j]->cm_ca_type = cm_ca_internal_self; ret[j]->cm_ca_internal_serial = talloc_strdup(ret[j], CM_DEFAULT_CERT_SERIAL); @@ -1342,13 +1358,15 @@ cm_store_get_all_cas(void *parent) /* Make sure we get at least one IPA entry. */ for (k = 0; k < j; k++) { if ((ret[k]->cm_ca_type == cm_ca_external) && - (strcmp(ret[k]->cm_id, CM_IPA_CA_NAME) == 0)) { + (strcmp(ret[k]->cm_nickname, + CM_IPA_CA_NAME) == 0)) { break; } } if (k == j) { ret[j] = cm_store_ca_new(ret); - ret[j]->cm_id = talloc_strdup(ret[j], CM_IPA_CA_NAME); + ret[j]->cm_nickname = talloc_strdup(ret[j], + CM_IPA_CA_NAME); ret[j]->cm_ca_type = cm_ca_external; ret[j]->cm_ca_external_helper = talloc_strdup(ret[j], CM_IPA_HELPER_PATH); @@ -1359,13 +1377,15 @@ cm_store_get_all_cas(void *parent) /* Make sure we get at least one certmaster entry. */ for (k = 0; k < j; k++) { if ((ret[k]->cm_ca_type == cm_ca_external) && - (strcmp(ret[k]->cm_id, CM_CERTMASTER_CA_NAME) == 0)) { + (strcmp(ret[k]->cm_nickname, + CM_CERTMASTER_CA_NAME) == 0)) { break; } } if (k == j) { ret[j] = cm_store_ca_new(ret); - ret[j]->cm_id = talloc_strdup(ret[j], CM_CERTMASTER_CA_NAME); + ret[j]->cm_nickname = talloc_strdup(ret[j], + CM_CERTMASTER_CA_NAME); ret[j]->cm_ca_type = cm_ca_external; ret[j]->cm_ca_external_helper = talloc_strdup(ret[j], CM_CERTMASTER_HELPER_PATH); diff --git a/src/store-int.h b/src/store-int.h index 69120b3..3b185ef 100644 --- a/src/store-int.h +++ b/src/store-int.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009,2010 Red Hat, Inc. + * Copyright (C) 2009,2010,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,11 +21,13 @@ #include struct cm_store_entry { + /* Per-instance unique identifier. */ + char *cm_busname; /* Store-private data - usually an identifier for the nonvolatile * saved copy, might be other stuff. */ void *cm_store_private; - /* A unique identifier. */ - char *cm_id; + /* A persistent unique identifier or nickname. */ + char *cm_nickname; /* Type of key pair to generate [or use default settings] RSA,2048 */ struct cm_key_type { enum cm_key_algorithm { @@ -127,7 +129,7 @@ struct cm_store_entry { /* Whether to start monitoring at issue */ unsigned int cm_monitor:1; /* Type and location of CA [or use default if NULL] */ - char *cm_ca_name; + char *cm_ca_nickname; /* Date of submission for in-progress submissions. */ time_t cm_submitted; /* Value of CA cookie for in-progress submissions. */ @@ -139,11 +141,13 @@ struct cm_store_entry { }; struct cm_store_ca { + /* Per-instance unique identifier. */ + char *cm_busname; /* Store-private data - usually an identifier for the nonvolatile * saved copy, might be other stuff. */ void *cm_store_private; - /* A unique identifier or nickname. */ - char *cm_id; + /* A persistent unique identifier or nickname. */ + char *cm_nickname; /* A list of issuer names. If no CA is specified when we create a new * request, and the certificate already exists and was issued by one of * these names, we'll use this CA. */ @@ -166,8 +170,10 @@ struct cm_store_ca { const char *cm_store_state_as_string(enum cm_state state); enum cm_state cm_store_state_from_string(const char *name); +char *cm_store_entry_next_busname(void *parent); struct cm_store_entry *cm_store_files_entry_read(void *parent, const char *filename); +char *cm_store_ca_next_busname(void *parent); struct cm_store_ca *cm_store_files_ca_read(void *parent, const char *filename); #endif diff --git a/src/submit.c b/src/submit.c index a71cf20..5887c45 100644 --- a/src/submit.c +++ b/src/submit.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Red Hat, Inc. + * Copyright (C) 2009,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -34,12 +34,14 @@ cm_submit_start(struct cm_store_ca *ca, struct cm_store_entry *entry) { if (ca == NULL) { if (entry != NULL) { - if (entry->cm_ca_name != NULL) { - cm_log(1, "No matching CA \"%s\" for \"%s\".\n", - entry->cm_ca_name, entry->cm_id); + if (entry->cm_ca_nickname != NULL) { + cm_log(1, "No matching CA \"%s\" for " + "%s('%s').\n", + entry->cm_ca_nickname, + entry->cm_busname, entry->cm_nickname); } else { - cm_log(1, "No matching CA for \"%s\".\n", - entry->cm_id); + cm_log(1, "No matching CA for %s('%s').\n", + entry->cm_busname, entry->cm_nickname); } } else { cm_log(1, "No matching CA.\n"); @@ -52,8 +54,9 @@ cm_submit_start(struct cm_store_ca *ca, struct cm_store_entry *entry) case cm_ca_internal_self: switch (entry->cm_key_storage_type) { case cm_key_storage_none: - cm_log(1, "Can't self-sign \"%s\" without access to " - "the private key.\n", entry->cm_id); + cm_log(1, "Can't self-sign %s('%s') without access to " + "the private key.\n", + entry->cm_busname, entry->cm_nickname); break; #ifdef HAVE_OPENSSL case cm_key_storage_file: @@ -69,8 +72,8 @@ cm_submit_start(struct cm_store_ca *ca, struct cm_store_entry *entry) break; case cm_ca_external: if (ca->cm_ca_external_helper == NULL) { - cm_log(1, "No helper defined for CA \"%s\".\n", - entry->cm_id); + cm_log(1, "No helper defined for CA %s('%s').\n", + entry->cm_busname, entry->cm_nickname); return NULL; } return cm_submit_e_start(ca, entry); diff --git a/src/tdbush.c b/src/tdbush.c index dd3caa8..e0161af 100644 --- a/src/tdbush.c +++ b/src/tdbush.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009,2010 Red Hat, Inc. + * Copyright (C) 2009,2010,2011 Red Hat, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -104,8 +104,8 @@ get_entry_for_path(struct cm_context *ctx, const char *path) initial = strlen(CM_DBUS_REQUEST_PATH); if (strncmp(path, CM_DBUS_REQUEST_PATH, initial) == 0) { if (path[initial] == '/') { - return cm_get_entry_by_id(ctx, - path + initial + 1); + return cm_get_entry_by_busname(ctx, + path + initial + 1); } } } @@ -124,7 +124,8 @@ get_ca_for_path(struct cm_context *ctx, const char *path) initial = strlen(CM_DBUS_CA_PATH); if (strncmp(path, CM_DBUS_CA_PATH, initial) == 0) { if (path[initial] == '/') { - return cm_get_ca_by_id(ctx, path + initial + 1); + return cm_get_ca_by_busname(ctx, + path + initial + 1); } } } @@ -256,22 +257,6 @@ send_internal_base_no_such_entry_error(DBusConnection *conn, DBusMessage *req) return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; } -/* Check if this string would be valid as a component in a D-Bus object path. */ -static int -cm_tdbush_check_object_path_component(struct cm_context *ctx, const char *name) -{ - if (strlen(name) == 0) { - return -1; - } - if (strspn(name, - "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz" - "0123456789_") != strlen(name)) { - return -1; - } - return 0; -} - static int cm_tdbush_check_arg_is_absolute_path(const char *path) { @@ -396,22 +381,18 @@ base_add_known_ca(DBusConnection *conn, DBusMessage *msg, n_cas = cm_get_n_cas(ctx); for (i = 0; i < n_cas; i++) { ca = cm_get_ca_by_index(ctx, i); - if (strcasecmp(ca->cm_id, ca_name) == 0) { + if (strcasecmp(ca->cm_nickname, ca_name) == 0) { cm_log(1, "There is already a CA with " - "the nickname \"%s\".\n", ca->cm_id); + "the nickname \"%s\": %s.\n", ca->cm_nickname, + ca->cm_busname); talloc_free(parent); return send_internal_base_duplicate_error(conn, msg, _("There is already a CA with the nickname \"%s\"."), - ca->cm_id, + ca->cm_nickname, NULL, NULL); } } - if (cm_tdbush_check_object_path_component(ctx, ca_name) != 0) { - return send_internal_base_bad_arg_error(conn, msg, - _("The nickname \"%s\" is not allowed."), - ca_name, NULL); - } /* Okay, we can go ahead and add the CA. */ new_ca = talloc_ptrtype(parent, new_ca); if (new_ca == NULL) { @@ -420,7 +401,8 @@ base_add_known_ca(DBusConnection *conn, DBusMessage *msg, } memset(new_ca, 0, sizeof(*new_ca)); /* Populate it with all of the information we have. */ - new_ca->cm_id = talloc_strdup(new_ca, ca_name); + new_ca->cm_busname = cm_store_ca_next_busname(new_ca); + new_ca->cm_nickname = talloc_strdup(new_ca, ca_name); new_ca->cm_ca_known_issuer_names = maybe_strdupv(new_ca, ca_issuer_names); new_ca->cm_ca_is_default = 0; @@ -442,7 +424,7 @@ base_add_known_ca(DBusConnection *conn, DBusMessage *msg, if (rep != NULL) { path = talloc_asprintf(parent, "%s/%s", CM_DBUS_CA_PATH, - new_ca->cm_id); + new_ca->cm_busname); cm_tdbusm_set_bp(rep, TRUE, path); dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -648,27 +630,19 @@ base_add_request(DBusConnection *conn, DBusMessage *msg, n_entries = cm_get_n_entries(ctx); for (i = 0; i < n_entries; i++) { e = cm_get_entry_by_index(ctx, i); - if (strcasecmp(e->cm_id, param->value.s) == 0) { + if (strcasecmp(e->cm_nickname, param->value.s) == 0) { cm_log(1, "There is already a request with " - "the nickname \"%s\".\n", e->cm_id); + "the nickname \"%s\": %s.\n", + e->cm_nickname, e->cm_busname); talloc_free(parent); return send_internal_base_duplicate_error(conn, msg, _("There is already a request with the nickname \"%s\"."), - e->cm_id, + e->cm_nickname, "NICKNAME", NULL); } } - if (cm_tdbush_check_object_path_component(ctx, - param->value.s) != 0) { - ret = send_internal_base_bad_arg_error(conn, msg, - _("The nickname \"%s\" is not allowed."), - param->value.s, - "NICKNAME"); - talloc_free(parent); - return ret; - } } /* Check for a duplicate of another entry's certificate storage * information. */ @@ -695,11 +669,12 @@ base_add_request(DBusConnection *conn, DBusMessage *msg, if (i < n_entries) { /* We found a match, and that's bad. */ cm_log(1, "Cert at same location is already being " - "used for request \"%s\".\n", e->cm_id); + "used for request %s with nickname \"%s\".\n", + e->cm_busname, e->cm_nickname); talloc_free(parent); return send_internal_base_duplicate_error(conn, msg, - _("Certificate at same location is already used by request \"%s\"."), - e->cm_id, + _("Certificate at same location is already used by request with nickname \"%s\"."), + e->cm_nickname, "CERT_LOCATION", cert_storage == cm_cert_storage_nssdb ? "CERT_NICKNAME" : NULL); @@ -871,11 +846,12 @@ base_add_request(DBusConnection *conn, DBusMessage *msg, if (i < n_entries) { /* We found a match, and that's bad. */ cm_log(1, "Key at same location is already being " - "used for request \"%s\".\n", e->cm_id); + "used for request %s with nickname \"%s\".\n", + e->cm_busname, e->cm_nickname); talloc_free(parent); return send_internal_base_duplicate_error(conn, msg, - _("Key at same location is already used by request \"%s\"."), - e->cm_id, + _("Key at same location is already used by request with nickname \"%s\"."), + e->cm_nickname, "KEY_LOCATION", key_storage == cm_key_storage_nssdb ? "KEY_NICKNAME" : NULL); @@ -889,9 +865,11 @@ base_add_request(DBusConnection *conn, DBusMessage *msg, } memset(new_entry, 0, sizeof(*new_entry)); /* Populate it with all of the information we have. */ + new_entry->cm_busname = cm_store_entry_next_busname(new_entry); param = cm_tdbusm_find_dict_entry(d, "NICKNAME", cm_tdbusm_dict_s); if (param != NULL) { - new_entry->cm_id = talloc_strdup(new_entry, param->value.s); + new_entry->cm_nickname = talloc_strdup(new_entry, + param->value.s); } param = cm_tdbusm_find_dict_entry(d, "KEY_SIZE", cm_tdbusm_dict_n); if (param != NULL) { @@ -922,8 +900,8 @@ base_add_request(DBusConnection *conn, DBusMessage *msg, if (param != NULL) { ca = get_ca_for_path(ctx, param->value.s); if (ca != NULL) { - new_entry->cm_ca_name = talloc_strdup(new_entry, - ca->cm_id); + new_entry->cm_ca_nickname = talloc_strdup(new_entry, + ca->cm_nickname); } else { cm_log(1, "No CA with path \"%s\" known.\n", param->value.s); @@ -992,7 +970,7 @@ base_add_request(DBusConnection *conn, DBusMessage *msg, if (rep != NULL) { path = talloc_asprintf(parent, "%s/%s", CM_DBUS_REQUEST_PATH, - new_entry->cm_id); + new_entry->cm_busname); cm_tdbusm_set_bp(rep, TRUE, path); dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -1029,7 +1007,8 @@ base_get_known_cas(DBusConnection *conn, DBusMessage *msg, break; } ret[i] = talloc_asprintf(ret, "%s/%s", - CM_DBUS_CA_PATH, ca->cm_id); + CM_DBUS_CA_PATH, + ca->cm_busname); } ret[i] = NULL; } @@ -1064,7 +1043,7 @@ base_get_requests(DBusConnection *conn, DBusMessage *msg, } ret[i] = talloc_asprintf(ret, "%s/%s", CM_DBUS_REQUEST_PATH, - entry->cm_id); + entry->cm_busname); } ret[i] = NULL; } @@ -1140,7 +1119,7 @@ base_remove_known_ca(DBusConnection *conn, DBusMessage *msg, ca = get_ca_for_path(ctx, path); talloc_free(parent); if (ca != NULL) { - ret = cm_remove_ca(ctx, ca->cm_id); + ret = cm_remove_ca(ctx, ca->cm_nickname); cm_tdbusm_set_b(rep, (ret == 0)); dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -1177,7 +1156,7 @@ base_remove_request(DBusConnection *conn, DBusMessage *msg, entry = get_entry_for_path(ctx, path); talloc_free(parent); if (entry != NULL) { - ret = cm_remove_entry(ctx, entry->cm_id); + ret = cm_remove_entry(ctx, entry->cm_nickname); cm_tdbusm_set_b(rep, (ret == 0)); dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -1219,8 +1198,8 @@ ca_get_nickname(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx) } rep = dbus_message_new_method_return(msg); if (rep != NULL) { - if (ca->cm_id != NULL) { - cm_tdbusm_set_s(rep, ca->cm_id); + if (ca->cm_nickname != NULL) { + cm_tdbusm_set_s(rep, ca->cm_nickname); } dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -1385,8 +1364,8 @@ request_get_nickname(DBusConnection *conn, DBusMessage *msg, } rep = dbus_message_new_method_return(msg); if (rep != NULL) { - if (entry->cm_id != NULL) { - cm_tdbusm_set_s(rep, entry->cm_id); + if (entry->cm_nickname != NULL) { + cm_tdbusm_set_s(rep, entry->cm_nickname); } dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -1899,6 +1878,7 @@ request_get_ca(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx) void *parent; DBusMessage *rep; struct cm_store_entry *entry; + struct cm_store_ca *ca; char *path; entry = get_entry_for_request_message(msg, ctx); if (entry == NULL) { @@ -1907,11 +1887,16 @@ request_get_ca(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx) rep = dbus_message_new_method_return(msg); if (rep != NULL) { parent = talloc_new(NULL); - if ((entry->cm_ca_name != NULL) && - (strlen(entry->cm_ca_name) > 0)) { - path = talloc_asprintf(parent, "%s/%s", - CM_DBUS_CA_PATH, - entry->cm_ca_name); + if ((entry->cm_ca_nickname != NULL) && + (strlen(entry->cm_ca_nickname) > 0)) { + ca = cm_get_ca_by_nickname(ctx, entry->cm_ca_nickname); + if ((ca != NULL) && + (ca->cm_busname != NULL) && + (strlen(ca->cm_busname) > 0)) { + path = talloc_asprintf(parent, "%s/%s", + CM_DBUS_CA_PATH, + ca->cm_busname); + } cm_tdbusm_set_p(rep, path); } dbus_connection_send(conn, rep, NULL); @@ -2025,19 +2010,13 @@ request_modify(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx) param = cm_tdbusm_find_dict_entry(d, "NICKNAME", cm_tdbusm_dict_s); if (param != NULL) { - if (cm_get_entry_by_id(ctx, param->value.s) != NULL) { + if (cm_get_entry_by_nickname(ctx, param->value.s) != NULL) { return send_internal_base_duplicate_error(conn, msg, _("There is already a request with the nickname \"%s\"."), param->value.s, "NICKNAME", NULL); } - if (cm_tdbush_check_object_path_component(ctx, param->value.s) != 0) { - return send_internal_base_bad_arg_error(conn, msg, - _("The nickname \"%s\" is not allowed."), - param->value.s, - "NICKNAME"); - } } /* If we're being asked to change the CA, check that the new CA * exists. */ @@ -2066,15 +2045,15 @@ request_modify(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx) if ((param->value_type == cm_tdbusm_dict_s) && (strcasecmp(param->key, "CA") == 0)) { ca = get_ca_for_path(ctx, param->value.s); - talloc_free(entry->cm_ca_name); - entry->cm_ca_name = talloc_strdup(entry, - ca->cm_id); + talloc_free(entry->cm_ca_nickname); + entry->cm_ca_nickname = talloc_strdup(entry, + ca->cm_nickname); } else if ((param->value_type == cm_tdbusm_dict_s) && (strcasecmp(param->key, "NICKNAME") == 0)) { - talloc_free(entry->cm_id); - entry->cm_id = talloc_strdup(entry, - param->value.s); + talloc_free(entry->cm_nickname); + entry->cm_nickname = talloc_strdup(entry, + param->value.s); } else if ((param->value_type == cm_tdbusm_dict_s) && (strcasecmp(param->key, "SUBJECT") == 0)) { @@ -2135,8 +2114,10 @@ request_modify(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx) if (d[i] == NULL) { new_request_path = talloc_asprintf(parent, "%s/%s", CM_DBUS_REQUEST_PATH, - entry->cm_id); - cm_tdbusm_set_bp(rep, cm_restart_one(ctx, entry->cm_id), + entry->cm_busname); + cm_tdbusm_set_bp(rep, + cm_restart_one(ctx, + entry->cm_nickname), new_request_path); dbus_connection_send(conn, rep, NULL); dbus_message_unref(rep); @@ -2172,13 +2153,13 @@ request_resubmit(DBusConnection *conn, DBusMessage *msg, } rep = dbus_message_new_method_return(msg); if (rep != NULL) { - if (cm_stop_one(ctx, entry->cm_id)) { + if (cm_stop_one(ctx, entry->cm_nickname)) { if (entry->cm_key_type.cm_key_size == 0) { entry->cm_state = CM_NEED_KEY_PAIR; } else { entry->cm_state = CM_NEED_CSR; } - if (cm_start_one(ctx, entry->cm_id)) { + if (cm_start_one(ctx, entry->cm_nickname)) { cm_tdbusm_set_b(rep, TRUE); } else { cm_tdbusm_set_b(rep, FALSE); @@ -2421,7 +2402,7 @@ request_group_introspect(struct cm_context *ctx, const char *path) entry = cm_get_entry_by_index(ctx, i); if (entry != NULL) { q = talloc_asprintf(ctx, " \n%s", - entry->cm_id, p ? p : ""); + entry->cm_busname, p ? p : ""); talloc_free(p); p = q; } @@ -2441,7 +2422,7 @@ ca_group_introspect(struct cm_context *ctx, const char *path) ca = cm_get_ca_by_index(ctx, i); if (ca != NULL) { q = talloc_asprintf(ctx, " \n%s", - ca->cm_id, p ? p : ""); + ca->cm_busname, p ? p : ""); talloc_free(p); p = q; } diff --git a/tests/tools/iterate.c b/tests/tools/iterate.c index f1af5d4..c1c3134 100644 --- a/tests/tools/iterate.c +++ b/tests/tools/iterate.c @@ -90,9 +90,10 @@ main(int argc, char **argv) strerror(errno)); return 1; } - if ((entry->cm_ca_name == NULL) || - (cm.ca->cm_id == NULL) || - (strcasecmp(entry->cm_ca_name, cm.ca->cm_id) != 0)) { + if ((entry->cm_ca_nickname == NULL) || + (cm.ca->cm_nickname == NULL) || + (strcasecmp(entry->cm_ca_nickname, + cm.ca->cm_nickname) != 0)) { talloc_free(cm.ca); cm.ca = NULL; }