From 26cba8d900af70266ffc6dc07a10f7e70ab40ca4 Mon Sep 17 00:00:00 2001 From: fengweihao Date: Tue, 23 Oct 2018 11:31:57 +0800 Subject: [PATCH] =?UTF-8?q?1.=E4=BF=AE=E6=94=B9=E8=A7=A3=E6=9E=90URL?= =?UTF-8?q?=E4=B8=AD=E6=BA=90=E8=AF=81=E4=B9=A6=E8=B6=8A=E7=95=8C=EF=BC=8C?= =?UTF-8?q?=E6=AE=B5=E9=94=99=E8=AF=AF=202.=E4=BF=AE=E6=94=B9LOG=E6=96=87?= =?UTF-8?q?=E4=BB=B6=E5=91=BD=E5=90=8D=203.=E4=BF=AE=E6=94=B9=E9=9D=9E?= =?UTF-8?q?=E6=8E=88=E4=BF=A1=E8=AF=81=E4=B9=A6=E4=BB=8E=E6=9C=AC=E5=9C=B0?= =?UTF-8?q?=E7=AD=BE=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ca/mesalab-insec-cert.cer | 32 +++++++------ ca/mesalab-insec-cert.key | 38 ++++++++++------ conf/cert_store.ini | 5 +- src/cert_session.c | 78 ++++++++++++++++++++------------ src/cert_session.h | 3 ++ src/components/syslogd/logging.c | 38 +--------------- 6 files changed, 99 insertions(+), 95 deletions(-) diff --git a/ca/mesalab-insec-cert.cer b/ca/mesalab-insec-cert.cer index d55f3fb..c776676 100644 --- a/ca/mesalab-insec-cert.cer +++ b/ca/mesalab-insec-cert.cer @@ -1,15 +1,21 @@ -----BEGIN CERTIFICATE----- -MIICUzCCAbwCCQC5LmMkSxbKczANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJD -TjETMBEGA1UECAwKbXlwcm92aW5jZTEPMA0GA1UEBwwGbXljaXR5MRcwFQYDVQQK -DA5teW9yZ2FuaXphdGlvbjEQMA4GA1UECwwHbXlncm91cDEOMAwGA1UEAwwFaW5z -ZWMwHhcNMTgwOTA3MDcxMjQwWhcNMTkwOTA3MDcxMjQwWjBuMQswCQYDVQQGEwJD -TjETMBEGA1UECAwKbXlwcm92aW5jZTEPMA0GA1UEBwwGbXljaXR5MRcwFQYDVQQK -DA5teW9yZ2FuaXphdGlvbjEQMA4GA1UECwwHbXlncm91cDEOMAwGA1UEAwwFaW5z -ZWMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANbDfP8abLGN7MX7bsBkYX2l -rNRIxejl2GcX9Dzq7QR0fMj73chwU79dPIH30fdgmhwVTg+v2bxNMnbX51vd6oKL -2JvhGoNjZ1vNE4oBaW0G4hyidNKXclYlBCt/KcDAZIle0pZzMhzU1XdIujsYJXNI -tQ/J1B++d8wtzEKfHZL/AgMBAAEwDQYJKoZIhvcNAQELBQADgYEAqI612hQY3tX8 -eCKaIbsSyofb/hkZG+rQ6zQ3Y8pUNm0xQrCCWPaP2+c/MGn02R8foryaSa9q0kKf -b4LeaERq5bbvgCGIoQ7gKo/kKKTOiXbJJi/7tJARhdrUDvbnVew2/N66A4Xk62PP -vFLj6H6oDlQo0DqA865N2ZDm0XRt+F0= +MIIDdzCCAl+gAwIBAgIJAM3sdp+ssKYAMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV +BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg +Q29tcGFueSBMdGQxDjAMBgNVBAMMBWluc2VjMB4XDTE4MTAyMzAzMjA1MloXDTE5 +MTAyMzAzMjA1MlowUjELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0 +eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEOMAwGA1UEAwwFaW5zZWMw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9uRq4tMCqA4wNWk4nIogY +yxFiJqQyl1dWuCGIK0QDuXcN2BeSfx1dCTW9Ul6JzojUCM6E0MXRbYfTSd1UwKzb +AqlVuj20pFWAw6LOeMZ0xjC74hP2ADosmJg9KboOMhHYwRvLRP/IZcTNVFBxA3jo +mMLAGgNOYio4aLtNNfbLS61I+OK/XPii7/IW3V5AqDVGSyNJJsiQX3HuetQhMtg4 +iKtZWBHjGRaZIKJiKDRkCT+/yXXoEsr+nGk0PLWGFaeEsQgeQYA1vNuqSSHaTk9O +1BNaLjAC3QrRRD9UnXjRW8psUdDml5R3NEiqPhar78ddDDMphXGN32Sy2TI1RoJr +AgMBAAGjUDBOMB0GA1UdDgQWBBQ6GT0R/WaBzKME9AYvw4mC3V12OzAfBgNVHSME +GDAWgBQ6GT0R/WaBzKME9AYvw4mC3V12OzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4IBAQCmO/IfjwAyGOzYZAzDxc9uLdjkucqofTNUzyDav/I+35bmp8Q8 +/jzz/U7Ld7ThSmhP8kkGHM39wlpQhef9CrndRYvMpCUNB64rhDHq0xX07XLJoVUD +st4Qd8iWSHMF0cNM84FY+5L0DSVxKPlnqa+kRGwVumHuTbcrIzNwATiXrbOzCrdI +QMh5R/XmI09/c6Lj3KNI1DM4wgDzU/Cye+t/dSXOdsfMUL7mhnBKxlsPf02pnx4f +1qyOISPskn/ACnYNce8R+LAZh1SdNb4ZGnSeY28YHc9HFGme1y01X2KvB12ifheK +mcQTT7A7Vtee1H9ZnXHvvzAT6IkhMKnosYzv -----END CERTIFICATE----- diff --git a/ca/mesalab-insec-cert.key b/ca/mesalab-insec-cert.key index e3d6f37..04cca25 100644 --- a/ca/mesalab-insec-cert.key +++ b/ca/mesalab-insec-cert.key @@ -1,15 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDWw3z/GmyxjezF+27AZGF9pazUSMXo5dhnF/Q86u0EdHzI+93I -cFO/XTyB99H3YJocFU4Pr9m8TTJ21+db3eqCi9ib4RqDY2dbzROKAWltBuIconTS -l3JWJQQrfynAwGSJXtKWczIc1NV3SLo7GCVzSLUPydQfvnfMLcxCnx2S/wIDAQAB -AoGBAKukTZAs9FXrkiKhUuCc2XXsJXb8OoBqwkuSz3aoY4m998VB1v1NGQHGaIeP -ItZM9J4hQOQ0rRZbtEtbPuMjNzpr5yxhBjnp4ZDgutZxfgA8xVbOGcGMqf5vE6C1 -+eZK3kg5a+DAPgniKx0Gy2Ov/3R0H/3tWcLFcJicG/vJFgDxAkEA7fRm3pG2vzQb -RpJh/mhupBnq5gZ2S5zXk+ktBQ5Q4Dg4R2hl3c8TG8skCoaO4m1EhtSUk1ayR6zG -cD/VhpJzfQJBAOcM3D3EvFYFgrsOjB3sHYuL1ctTWojfNJprukSu7B+IUIumZM0w -ZIDMoPIXRhAl72qwzFHuH8QE+A1FdZ/ScSsCQQCeB2YaAiOfr/c9UxIJZ0mzahL6 -WOhPJwZ0kLL5XJyRjES0B70/JbrHBo4U/2/9KBwOfzd88mLL/w56lao1CSXxAkB9 -X6Ma+WhhHThlHG23xun5UPXAEQjtgIDg0lgO8QQ70BI01SOZnArNQTyMYUipdoxF -zo3wX1BpY3DecrRy9xRlAkEAzTvYMw1R4YJ68eis4SZyjEE8dy+g92+SU4VEWnps -f+f868w4jE6D94dgnRi0yYd/O2ctEF7+mbM/eh1mdFaxaA== +MIIEogIBAAKCAQEAvbkauLTAqgOMDVpOJyKIGMsRYiakMpdXVrghiCtEA7l3DdgX +kn8dXQk1vVJeic6I1AjOhNDF0W2H00ndVMCs2wKpVbo9tKRVgMOiznjGdMYwu+IT +9gA6LJiYPSm6DjIR2MEby0T/yGXEzVRQcQN46JjCwBoDTmIqOGi7TTX2y0utSPji +v1z4ou/yFt1eQKg1RksjSSbIkF9x7nrUITLYOIirWVgR4xkWmSCiYig0ZAk/v8l1 +6BLK/pxpNDy1hhWnhLEIHkGANbzbqkkh2k5PTtQTWi4wAt0K0UQ/VJ140VvKbFHQ +5peUdzRIqj4Wq+/HXQwzKYVxjd9kstkyNUaCawIDAQABAoIBAGwpgq15BzomKYtX +R6USD8sqwm9VnljlZTqgYSWTnQQOkWxIHTA83g2zeXrE4fbo06Mmni6kI5NBQaVY +wCFYc3Os8cNZGWLKKaDuZ/wUaPgcIZ6LxluCR6gzGuAL0PHU483SUjkxzi1+r5Ns +FSxJEX5x0N3aNrZSSsW8F8RuFpRRRS38fZ21c4mBzge/mfBLu9M4HQu8cW/LIwuX +uMZfj00+PKKtEyS0louNDBTkHUz7plCJAyY93BYhmgHSI/dq0Iv3YsrOlrzTnuFF +21nDa8DSYciSm3IbLbyLzhn5jO1oYcD7CM6l31Oklrk5C4HuxI84IrwVtc+z7nya +JBjFOckCgYEA8vwtM0/aBHJd0OgyoTiLcoht5Z4myniP+fUvyCvJONM3ayFEFs2C +bR1T5pJPjF/Qiex2qK0xgXKAFcStCDKP95yURgrmcZlILFvAo/wxy6cz+PXlLolC ++GGaIyiIE0DKzw8Hq//w/mFR/IneBh2GMa+ygBbExrZZg1dAxNxvCbUCgYEAx+KY +uZ9pSuX0F220gRR9H0Yvn7eAP5DzjQDmbxFbvkqbFCgIiim6Pb8dFgWTc+3g49cY +s5GTEqpO53o/tlwdoXG6qfvUyZdVyuD0rPuFO2ppUdKBejJxU3ew44fdTXQw+0ze +GCUx+jZxnmHkjQuCRJnhRHw+woZ/Hcr/7lLyb58CgYBZ59btqnkXth1iY9f/8UUf +jr1i/Z6Kwgs7yG3ymcjtfrF9sSRZb5b3uqdFpBNM9FLcBaNuDA9KP0yHQWtoohTE +4Km4NOZJWBbtWtGvm2vtV6OSVaGEE4O1FaALrD6VKR8heAU1rhDEfsvwLi75gkkZ +71GTtVj/0Y7TWyB69rkbFQKBgBNGltPPu6etZUydF7sa7rYFXrJYT9XRdKs0WwR6 ++A3xw+K9uZUZUQyDUZq+DuovFnDiXU9zymsSYWmRMHO1jmXzQb0CvBJ0taFK8E1+ +M+r26BEr67CNDMCv2i8W+xBtFAwn7YMGkzs95NcROakgYv+al06zbJn1vmxxFx00 +goyhAoGANOTrJ/UQuEmG73ptb/1/5tUIOKZXvda7V6UG89jg7r7JsfnS4Ay26Ug0 +qj205h2qRzYI/55TR3lgWg5cX6IdhpuToBph2SLqjRF8Ro1vSNgMG9ECEdfbNg/X +h3uchjbbOVh9vWIZma6HrMxOCr9Lf3AclwcA+ikkFjaNUOL8QgY= -----END RSA PRIVATE KEY----- diff --git a/conf/cert_store.ini b/conf/cert_store.ini index 1e1ce9b..e05e89d 100644 --- a/conf/cert_store.ini +++ b/conf/cert_store.ini @@ -12,7 +12,7 @@ expire_after = 30 #本地默认根证书路径 def-ca-path = ../ca [NTC_MAAT] -#配置加载模式,1为使用本地json,0为使用配置分发网络下发的文件 +#配置加载模式,0为使用配置分发网络下发的文件,1为使用本地json,2为使用Redis读取的配置 maat_json_switch=2 #当加载模式为网络下发时,设置扫描配置修改间隔(s) effective_interval=1 @@ -28,10 +28,11 @@ pxy_obj_keyring=../conf/pxy_obj_keyring.json #本地监控端口号,默认为9991 port = 9991 [CERTSTORE_REDIS] +#本地存储证书的Redis服务器IP地址和端口号 ip = 127.0.0.1 port = 6379 [MAAT_REDIS] -#指定Redsi服务器IP地址和端口号 +#Maat监控的Redsi服务器IP地址和端口号 ip = 192.168.11.243 port = 6379 dbindex = 4 diff --git a/src/cert_session.c b/src/cert_session.c index fd47283..a74d56d 100644 --- a/src/cert_session.c +++ b/src/cert_session.c @@ -49,8 +49,7 @@ #define WAIT_FOR_EFFECTIVE_US 1000*1000 -#define SG_DATA_SIZE 8192 -#define SG_INSEC_ID 256 +#define SG_DATA_SIZE 10240 #define LOCAL_USER_PEN 1 #define LOCAL_USER_DER 2 @@ -59,6 +58,9 @@ #define DEFAULT_PRIVATEKEY_NAME "mesalab-ca-cert.key" #define DEFAULT_CA_CERTIFICATE "mesalab-ca-cert.cer" +#define MESALAB_INSEC_CERT "mesalab-insec-cert.cer" +#define MESALAB_INSEC_KEY "mesalab-insec-cert.key" + #define CM_UPDATE_TYPE_FULL 1 #define CM_UPDATE_TYPE_INC 2 @@ -974,12 +976,11 @@ err: return NULL; } -static int -x509_online_append(struct x509_object_ctx *def, X509 *origin, int id, - char *sni, char *root, char *sign, - char *pkey, STACK_OF(X509) **stack_ca) +static int x509_online_append(struct x509_object_ctx *def, struct request_t *request, + char *root, char *sign, char *pkey, STACK_OF(X509) **stack_ca) { void *odata = NULL; + int is_valid = request->is_valid; int _expire = 0; char *_crl = NULL; X509 *_root = NULL; EVP_PKEY *_key = NULL; @@ -988,10 +989,10 @@ x509_online_append(struct x509_object_ctx *def, X509 *origin, int id, mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "The approval certificate chain is empty"); goto finish; } - odata = MESA_htable_search(keyring->htable, (const uchar *)&id, sizeof(int)); + odata = MESA_htable_search(keyring->htable, (const uchar *)&(request->keyring_id), sizeof(int)); if ( !odata ){ - _root = def->root; - _key = def->key; + _root = (is_valid == 1) ? def->root : def->insec_root; + _key = (is_valid == 1) ? def->key : def->insec_key; _expire = cert_default_config()->expire_after; mesa_runtime_log(RLOG_LV_INFO, MODULE_NAME, "Sing certificates using local default certificates"); } else { @@ -999,7 +1000,6 @@ x509_online_append(struct x509_object_ctx *def, X509 *origin, int id, if (pxy_obj->is_valid != 1){ pxy_obj->root = def->root; pxy_obj->key = def->key; - }else{ if (!STRCMP(pxy_obj->type, "end-entity")){ mesa_runtime_log(RLOG_LV_INFO, MODULE_NAME, "The certificate(%d) type is an entity certificate", @@ -1015,13 +1015,13 @@ x509_online_append(struct x509_object_ctx *def, X509 *origin, int id, *stack_ca = pxy_obj->stack_ca; } } - _root = pxy_obj->root; - _key = pxy_obj->key; + _root = (is_valid == 1) ? pxy_obj->root : def->insec_root; + _key = (is_valid == 1) ? pxy_obj->key : def->insec_key; _expire = pxy_obj->expire_after; _crl = pxy_obj->ctl; } - X509* x509 = x509_modify_by_cert(_root, _key, origin, pkey, - _expire, sni, _crl); + X509* x509 = x509_modify_by_cert(_root, _key, request->origin, pkey, + _expire, request->sni, _crl); if (!x509){ goto finish; } @@ -1163,8 +1163,7 @@ redis_clnt_pdu_send(struct request_t *request, redisAsyncContext *c) startTime = rt_time_ns(); - expire_after = x509_online_append(&info->def, request->origin, request->keyring_id, request->sni, - root, sign, pkey, &stack_ca); + expire_after = x509_online_append(&info->def, request, root, sign, pkey, &stack_ca); if (sign[0] == '\0' && pkey[0] == '\0'){ mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to sign certificate"); evhttp_send_error(request->evh_req, HTTP_NOTFOUND, 0); @@ -1178,7 +1177,7 @@ redis_clnt_pdu_send(struct request_t *request, redisAsyncContext *c) FS_internal_operate(SGstats.handle, info->column_ids, SGstats.line_ids[3], FS_OP_SET, info->diffTime); FS_internal_operate(SGstats.handle, info->field_ids, 0, FS_OP_ADD, 1); - char _chain[4][SG_DATA_SIZE]; + char _chain[6][SG_DATA_SIZE]; char *chain[6] = {0}; if (stack_ca){ for (i = 0; i < sk_X509_num(stack_ca); i++){ @@ -1220,7 +1219,6 @@ redis_clnt_send(struct request_t *request, redisReply *reply) { int xret = -1; - char odata[SG_DATA_SIZE * 2] = {0}; libevent_thread *thread = threads + request->thread_id; if (!reply && !reply->str){ @@ -1232,9 +1230,7 @@ redis_clnt_send(struct request_t *request, redisReply *reply) FS_internal_operate(SGstats.handle, thread->field_ids, 0, FS_OP_ADD, 1); - snprintf(odata, SG_DATA_SIZE * 2, "%s", reply->str); - - evhttp_socket_send(request->evh_req, odata); + evhttp_socket_send(request->evh_req, reply->str); finish: kfree(request); @@ -1336,8 +1332,6 @@ finish: return xret; } -#define BURSIZE 4096 - int hex2dec(char c) { if ('0' <= c && c <= '9') { @@ -1356,7 +1350,13 @@ void _urldecode(char url[]) int i = 0; int len = strlen(url); int res_len = 0; - char res[BURSIZE]; + char *res = NULL; + + res = (char *)malloc(len + 1); + if (!res){ + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Url alloc faild"); + return; + } if(!strchr(url, '%')) return; @@ -1375,6 +1375,8 @@ void _urldecode(char url[]) } res[res_len] = '\0'; strcpy(url, res); + + free(res); } static char* @@ -1428,7 +1430,7 @@ thread_decode_uri(const char *uri, X509 **origin, id = evhttp_find_header(¶ms, "keyring_id"); if (id) *keyring_id = atoi(id); - _valid = evhttp_find_header(¶ms, "is_valid"); + _valid = evhttp_find_header(¶ms, "is_vaild"); if (_valid) *is_valid = atoi(_valid); _sni = evhttp_find_header(¶ms, "sni"); @@ -1496,8 +1498,10 @@ pthread_work_proc(struct evhttp_request *evh_req, void *arg) request = (struct request_t *) kmalloc (sizeof(struct request_t), MPF_CLR, -1); if (request != NULL){ - request->thread_id = info->id; - request->evh_req = evh_req; + memset(request, 0, sizeof(struct request_t)); + request->keyring_id = 0; + request->thread_id = info->id; + request->evh_req = evh_req; } switch (evhttp_request_get_command(evh_req)) { case EVHTTP_REQ_GET: cmdtype = "GET"; break; @@ -1507,8 +1511,9 @@ pthread_work_proc(struct evhttp_request *evh_req, void *arg) thread_decode_uri(uri, &request->origin, &request->keyring_id, request->sni, &request->is_valid); - mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "[Thread %d]Received a %s request for uri, kering_id:%d, sni:%s origin:%p", - request->thread_id, cmdtype, request->keyring_id, request->sni, request->origin); + + mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "[Thread %d]Received a %s request for uri, kering_id:%d, sni:%s origin:%p valid:%d", + request->thread_id, cmdtype, request->keyring_id, request->sni, request->origin, request->is_valid); if (request->origin == NULL || !request->evh_req){ mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to resolve the request url"); @@ -1524,7 +1529,7 @@ pthread_work_proc(struct evhttp_request *evh_req, void *arg) } mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "Redis key is %s", request->rkey); - if (info->cl_ctx->err != 0){ + if (info->cl_ctx->err != 0 || request->is_valid == 0){ xret = redis_clnt_pdu_send(request, NULL); if (xret < 0) mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Local sign certificate failed"); @@ -1593,6 +1598,19 @@ task_private_init(struct event_base *base, libevent_thread *info) mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to initialize the x509 certificate"); goto finish; } + + /* Initialize the insec CA*/ + memset(key_path, 0, 256); + memset(cert_path, 0, 256); + snprintf(key_path, sizeof(key_path), "%s/%s", cert_default_config()->def_path, MESALAB_INSEC_KEY); + snprintf(cert_path, sizeof(cert_path), "%s/%s", cert_default_config()->def_path, MESALAB_INSEC_CERT); + + xret = x509_privatekey_init(key_path, cert_path, &info->def.insec_key, &info->def.insec_root); + if (xret < 0 || !(info->def.key) || !(info->def.root)){ + mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to initialize the insec x509 certificate"); + goto finish; + } + finish: return xret; } diff --git a/src/cert_session.h b/src/cert_session.h index c0c5850..896384b 100644 --- a/src/cert_session.h +++ b/src/cert_session.h @@ -16,6 +16,9 @@ struct x509_object_ctx { X509 *root; EVP_PKEY *key; + + X509 *insec_root; + EVP_PKEY *insec_key; }; typedef struct { diff --git a/src/components/syslogd/logging.c b/src/components/syslogd/logging.c index 4589564..fc80e68 100644 --- a/src/components/syslogd/logging.c +++ b/src/components/syslogd/logging.c @@ -22,45 +22,12 @@ #include "MESA_prof_load.h" #include "MESA_handle_logger.h" -static void rt_get_pname_by_pid(pid_t pid, char *task_name) -{ -#define BUF_SIZE 1024 - char proc_pid_path[BUF_SIZE]; - char buf[BUF_SIZE]; - sprintf(proc_pid_path, "/proc/%d/status", pid); - FILE* fp = fopen(proc_pid_path, "r"); - if(NULL != fp){ - if( fgets(buf, BUF_SIZE-1, fp)== NULL ){ - fclose(fp); - } - fclose(fp); - sscanf(buf, "%*s %s", task_name); - } -} - void mesa_logging_print(int log_level, char *module, char *msg) { MESA_handle_runtime_log(logging_sc_lid.run_log_handle, log_level, module, msg); return; } -int mesa_logging_mkfile(char *file, size_t size) -{ - char tm[24] = {0}; - char pname[32]= {0}; - - assert(file); - - if (size < 32) - return -1; - - rt_curr_tms2str(EVAL_TM_STYLE, tm, 23); - rt_get_pname_by_pid(getpid(), &pname[0]); - snprintf(file, 63, "%s-%s-%d-%d-%s.log", pname, getpwuid(getuid())->pw_name, getpwuid(getuid())->pw_uid, getpwuid(getuid())->pw_gid, tm); - - return 0; -} - void cert_syslog_init(char *config) { char run_log_path[256] = {0}; @@ -72,10 +39,7 @@ void cert_syslog_init(char *config) MESA_load_profile_string_def(config, (const char *)"SYSTEM",(const char *)"RUN_LOG_PATH", logging_sc_lid.run_log_path, 128, NULL); - char file[64] = {0}; - mesa_logging_mkfile(file, 63); - //STRCAT(logging_sc_lid.run_log_path, file); - snprintf(run_log_path, 255, "%s/%s", logging_sc_lid.run_log_path, file); + snprintf(run_log_path, 255, "%s/%s", logging_sc_lid.run_log_path, "certstore.log"); logging_sc_lid.run_log_handle = MESA_create_runtime_log_handle(run_log_path, logging_sc_lid.run_log_level); if(logging_sc_lid.run_log_handle == NULL){