diff --git a/common/include/tfe_utils.h b/common/include/tfe_utils.h index 2f21dc6..915da5f 100644 --- a/common/include/tfe_utils.h +++ b/common/include/tfe_utils.h @@ -34,14 +34,14 @@ extern void * g_default_logger; #define TFE_LOG_ERROR(handler, fmt, ...) \ do { fprintf(stderr, fmt "\n" , ##__VA_ARGS__); \ - MESA_handle_runtime_log(handler, RLOG_LV_FATAL, "tfe", fmt, ##__VA_ARGS__); } while(0) + MESA_handle_runtime_log(handler, RLOG_LV_FATAL, __FUNCTION__, fmt, ##__VA_ARGS__); } while(0) #define TFE_LOG_INFO(handler, fmt, ...) \ do { fprintf(stderr, fmt "\n", ##__VA_ARGS__); \ - MESA_handle_runtime_log(handler, RLOG_LV_INFO, "tfe", fmt, ##__VA_ARGS__); } while(0) \ + MESA_handle_runtime_log(handler, RLOG_LV_INFO, __FUNCTION__, fmt, ##__VA_ARGS__); } while(0) \ #define TFE_LOG_DEBUG(handler, fmt, ...) \ -do { MESA_handle_runtime_log(handler, RLOG_LV_DEBUG, "tfe", fmt, ##__VA_ARGS__); } while(0) \ +do { MESA_handle_runtime_log(handler, RLOG_LV_DEBUG, __FUNCTION__, fmt, ##__VA_ARGS__); } while(0) \ #define CHECK_OR_EXIT(condition, fmt, ...) \ do { if(!(condition)) { TFE_LOG_ERROR(g_default_logger, fmt, ##__VA_ARGS__); exit(EXIT_FAILURE); } } while(0) \ diff --git a/platform/CMakeLists.txt b/platform/CMakeLists.txt index 8f41fa4..285a7dd 100644 --- a/platform/CMakeLists.txt +++ b/platform/CMakeLists.txt @@ -35,58 +35,58 @@ endif() install(TARGETS tfe RUNTIME DESTINATION bin COMPONENT Program) -### test_key_keeper -add_executable(test_key_keeper test/test_key_keeper.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp ) - -target_include_directories(test_key_keeper PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) - -target_link_libraries(test_key_keeper common) -target_link_libraries(test_key_keeper pthread dl - openssl-ssl-static - openssl-crypto-static - pthread libevent-static - libevent-static-openssl - libevent-static-pthreads - MESA_handle_logger - MESA_prof_load - cjson - curl - MESA_htable wiredcfg - MESA_field_stat) - -### test_tfe_rpc -add_executable(test_tfe_rpc test/test_tfe_rpc.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp) - -target_include_directories(test_tfe_rpc PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) - -target_link_libraries(test_tfe_rpc common) -target_link_libraries(test_tfe_rpc pthread dl - openssl-ssl-static - openssl-crypto-static - pthread libevent-static - libevent-static-openssl - libevent-static-pthreads - MESA_handle_logger - MESA_prof_load - MESA_htable wiredcfg - cjson - curl - MESA_field_stat) - -### test_chello_parse -add_executable(test_chello_parse test/test_chello_parse.cpp src/ssl_utils.cpp) - -target_include_directories(test_chello_parse PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) - -target_link_libraries(test_chello_parse common) -target_link_libraries(test_chello_parse pthread dl - openssl-ssl-static - openssl-crypto-static - pthread libevent-static - libevent-static-openssl - libevent-static-pthreads - MESA_handle_logger - MESA_prof_load - MESA_htable wiredcfg - cjson - MESA_field_stat) +#### test_key_keeper +#add_executable(test_key_keeper test/test_key_keeper.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp ) +# +#target_include_directories(test_key_keeper PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) +# +#target_link_libraries(test_key_keeper common) +#target_link_libraries(test_key_keeper pthread dl +# openssl-ssl-static +# openssl-crypto-static +# pthread libevent-static +# libevent-static-openssl +# libevent-static-pthreads +# MESA_handle_logger +# MESA_prof_load +# cjson +# curl +# MESA_htable wiredcfg +# MESA_field_stat) +# +#### test_tfe_rpc +#add_executable(test_tfe_rpc test/test_tfe_rpc.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp) +# +#target_include_directories(test_tfe_rpc PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) +# +#target_link_libraries(test_tfe_rpc common) +#target_link_libraries(test_tfe_rpc pthread dl +# openssl-ssl-static +# openssl-crypto-static +# pthread libevent-static +# libevent-static-openssl +# libevent-static-pthreads +# MESA_handle_logger +# MESA_prof_load +# MESA_htable wiredcfg +# cjson +# curl +# MESA_field_stat) +# +#### test_chello_parse +#add_executable(test_chello_parse test/test_chello_parse.cpp src/ssl_utils.cpp) +# +#target_include_directories(test_chello_parse PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) +# +#target_link_libraries(test_chello_parse common) +#target_link_libraries(test_chello_parse pthread dl +# openssl-ssl-static +# openssl-crypto-static +# pthread libevent-static +# libevent-static-openssl +# libevent-static-pthreads +# MESA_handle_logger +# MESA_prof_load +# MESA_htable wiredcfg +# cjson +# MESA_field_stat) diff --git a/platform/src/key_keeper.cpp b/platform/src/key_keeper.cpp index b63ce58..2d425da 100644 --- a/platform/src/key_keeper.cpp +++ b/platform/src/key_keeper.cpp @@ -16,6 +16,7 @@ #include #include #include +#include #define HTABLE_MAX_KEY_LEN 256 #define KEYRING_EXSITED 0 @@ -230,56 +231,83 @@ static struct keyring_private* get_keyring_from_response(const char* data) cJSON* key_json = NULL; cJSON* chain_json = NULL; - if(data == NULL) - { - goto error_out; - } + assert(data != NULL); + data_json = cJSON_Parse(data); - if(data_json == NULL) + if(unlikely(data_json == NULL)) { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format: %s", data); goto error_out; } cert_json = cJSON_GetObjectItemCaseSensitive(data_json, "CERTIFICATE"); key_json = cJSON_GetObjectItemCaseSensitive(data_json, "PRIVATE_KEY"); chain_json = cJSON_GetObjectItemCaseSensitive(data_json, "CERTIFICATE_CHAIN"); - if (cert_json && cert_json->valuestring != NULL) - { - cert = transform_cert_to_x509(cert_json->valuestring); - } - if(cert == NULL) + + if(unlikely(cert_json == NULL)) { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No CERTIFICATE section: %s", data); goto error_out; } - if (key_json && key_json->valuestring != NULL) - { - key = transform_key_to_EVP(key_json->valuestring); - } - if(key == NULL) + + if(unlikely(key_json == NULL)) { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No PRIVATE_KEY section: %s", data); goto error_out; } - if(chain_json == NULL) + + if(unlikely(chain_json == NULL)) + { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No CERTIFICATE_CHAIN section: %s", data); + goto error_out; + } + + if(unlikely(cert_json->valuestring == NULL)) { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No CERTIFICATE value: %s", data); goto error_out; } - chain = sk_X509_new_null(); + + if(unlikely(key_json->valuestring == NULL)) + { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No PRIVATE_KEY value: %s", data); + goto error_out; + } + + cert = transform_cert_to_x509(cert_json->valuestring); + if(unlikely(cert == NULL)) + { + TFE_LOG_ERROR(g_default_logger, "Transform certificate to X509 failed: %s", cert_json->valuestring); + goto error_out; + } + + key = transform_key_to_EVP(key_json->valuestring); + if(unlikely(key == NULL)) + { + TFE_LOG_ERROR(g_default_logger, "Transform PRIVATE KEY to EVP failed: %s", key_json->valuestring); + goto error_out; + } + + chain = sk_X509_new_null(); cJSON_ArrayForEach(chain_cert_json, chain_json) { - chain_cert = NULL; - if (chain_cert_json && chain_cert_json->valuestring != NULL) - { - chain_cert = transform_cert_to_x509(chain_cert_json->valuestring); - } - if(chain_cert == NULL) + if(unlikely(chain_cert_json->valuestring == NULL)) { + TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, empty CERTIFICATE_CHAIN value."); goto error_out; } - sk_X509_push(chain, chain_cert); -// ssl_x509_refcount_inc(chain_cert); - } - _kyr= keyring_new(cert, key, chain); + chain_cert = transform_cert_to_x509(chain_cert_json->valuestring); + if(unlikely(chain_cert == NULL)) + { + TFE_LOG_ERROR(g_default_logger, "Transform certificate chain entry to X509 failed: %s", + chain_cert_json->valuestring); goto error_out; + } + + sk_X509_push(chain, chain_cert); + } + + _kyr= keyring_new(cert, key, chain); cJSON_Delete(data_json); return _kyr; @@ -287,7 +315,7 @@ error_out: if(data_json!=NULL) cJSON_Delete(data_json); if(cert) X509_free(cert); if(key) EVP_PKEY_free(key); - if(chain) sk_X509_pop_free(chain, X509_free); + if(chain) sk_X509_pop_free(chain, X509_free); return NULL; }