/* * Copyright (C) 2011-2016 Intel Corporation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * Neither the name of Intel Corporation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "aesm_config.h" #include "aesm_proxy_type.h" #include "oal.h" #include #include #include #define AESM_CONFIG_FILE "/etc/aesmd.conf" #define MAX_LINE 1024 #define URL_PATTERN "[[:blank:]]*(http[s]?://[^[:blank:]]*)[[:blank:]]*" //pattern used to match a URL which should be started with http:// or https:// #define OPTION_COMMENT "(#.*)?" enum _config_value_t{ config_comment, config_space, config_endpoint_url, config_pse_rl_url, config_pse_ocsp_url, config_aesm_proxy_url, config_aesm_proxy_type, config_value_nums }; struct _config_patterns_t{ enum _config_value_t id; const char *pattern; }config_patterns[]={ {config_comment, "^[[:blank:]]*#"}, //matching a line with comments only (It is started by #) {config_space, "^[[:blank:]]*$"}, //matching empty line {config_endpoint_url, "^[[:blank:]]*endpoint[[:blank:]]*url[[:blank:]]*=" URL_PATTERN OPTION_COMMENT "$"}, //matching line in format: endpoint url = .... {config_pse_rl_url, "^[[:blank:]]*pse[[:blank:]]*rl[[:blank:]]*url[[:blank:]]*=" URL_PATTERN OPTION_COMMENT "$"}, //matching line in format: pse rl url = ... {config_pse_ocsp_url, "^[[:blank:]]*pse[[:blank:]]*ocsp[[:blank:]]*url[[:blank:]]*=" URL_PATTERN OPTION_COMMENT "$"}, //matching line in format: pse ocsp url = ... {config_aesm_proxy_url,"^[[:blank:]]*aesm[[:blank:]]*proxy[[:blank:]]*=" URL_PATTERN OPTION_COMMENT "$"}, //matching line in format: aesm proxy = ... {config_aesm_proxy_type, "^[[:blank:]]*proxy[[:blank:]]*type[[:blank:]]*=[[:blank:]]([^[:blank:]]+)[[:blank:]]*" OPTION_COMMENT "$"}//matching line in format: proxy type = [direct|default|manual] }; #define NUM_CONFIG_PATTERNS (sizeof(config_patterns)/sizeof(config_patterns[0])) typedef struct _config_entry_t{ bool initialized; regex_t reg; } config_entry_t; //static function to initialize all regular expression pattern static void init_config_patterns(config_entry_t entries[]) { uint32_t i; for(i=0;i=config_value_nums){ AESM_DBG_ERROR("config id %d is too large", entry_id); continue; } if(entries[entry_id].initialized){ AESM_DBG_ERROR("duplicated item for config id %d",entry_id); continue; } if(regcomp(&entries[entry_id].reg,config_patterns[i].pattern, REG_EXTENDED|REG_ICASE)!=0){ AESM_DBG_ERROR("Invalid config pattern %s", config_patterns[i].pattern); continue; } entries[entry_id].initialized=true; } } static void release_config_patterns(config_entry_t entries[]) { uint32_t i; for(i=0;i=MAX_PATH){ AESM_DBG_ERROR("too long endpoint url in config file"); }else{ memcpy(infos.endpoint_url, line+matches[1].rm_so,matches[1].rm_eo-matches[1].rm_so); infos.endpoint_url[matches[1].rm_eo-matches[1].rm_so]='\0'; } break; case config_pse_rl_url: if(matches[1].rm_eo-matches[1].rm_so>=MAX_PATH){ AESM_DBG_ERROR("too long pse pr url in config file"); }else{ memcpy(infos.pse_rl_url, line+matches[1].rm_so,matches[1].rm_eo-matches[1].rm_so); infos.pse_rl_url[matches[1].rm_eo-matches[1].rm_so]='\0'; } break; case config_pse_ocsp_url: if(matches[1].rm_eo-matches[1].rm_so>=MAX_PATH){ AESM_DBG_ERROR("too long pse ocsp url in config file"); }else{ memcpy(infos.pse_ocsp_url, line+matches[1].rm_so,matches[1].rm_eo-matches[1].rm_so); infos.pse_ocsp_url[matches[1].rm_eo-matches[1].rm_so]='\0'; } break; case config_aesm_proxy_url: if(matches[1].rm_eo-matches[1].rm_so>=MAX_PATH){ AESM_DBG_ERROR("too long aesm proxy url in config file"); }else{ memcpy(infos.aesm_proxy, line+matches[1].rm_so,matches[1].rm_eo-matches[1].rm_so); infos.aesm_proxy[matches[1].rm_eo-matches[1].rm_so]='\0'; } break; case config_aesm_proxy_type://It is a proxy type, we need change the string to integer by calling function read_aesm_proxy_type infos.proxy_type = read_aesm_proxy_type(line+matches[1].rm_so, matches[1].rm_eo-matches[1].rm_so); break; default: AESM_DBG_ERROR("reg exp type %d not processed", i); break; } break; } } if(i>=config_value_nums){//the line matching nothing AESM_DBG_ERROR("aesm config file error: invalid line[%s]",line); return false; } return true; } bool read_aesm_config(aesm_config_infos_t& infos) { char line[MAX_LINE]; int line_no=0; bool ret = true; config_entry_t entries[config_value_nums]; memset(&entries,0,sizeof(entries)); memset(&infos, 0, sizeof(aesm_config_infos_t)); strcpy(infos.endpoint_url, DEFAULT_URL); strcpy(infos.pse_rl_url, DEFAULT_PSE_RL_URL); strcpy(infos.pse_ocsp_url, DEFAULT_PSE_OCSP_URL); infos.proxy_type = AESM_PROXY_TYPE_DEFAULT_PROXY; FILE *f =fopen(AESM_CONFIG_FILE, "r"); if(f==NULL){ AESM_DBG_ERROR("Cannnot read aesm config file %s",AESM_CONFIG_FILE); return false; } init_config_patterns(entries); while(fgets(line, MAX_LINE, f)!=NULL){ size_t len=strlen(line); if(len>0&&line[len-1]=='\n')line[len-1]='\0';//remove the line ending line_no++; if(!config_process_one_line(line, entries, infos)){ AESM_LOG_WARN("format error in file %s:%d [%s]",AESM_CONFIG_FILE, line_no, line); ret = false;//continue process the file but save the error status } } release_config_patterns(entries); fclose(f); if(infos.proxy_type>=NUM_PROXY_TYPE|| (infos.proxy_type==AESM_PROXY_TYPE_MANUAL_PROXY&&infos.aesm_proxy[0]=='\0')){ AESM_DBG_WARN("Invalid proxy type %d",infos.proxy_type); infos.proxy_type = AESM_PROXY_TYPE_DIRECT_ACCESS; ret = false; } return ret; }