cmtinit.c

安全开发库。含客户端建立ssl连接、签名、证书验证、证书发布和撤销等。编译用到nss

#else
    return CMTFailure;
#endif
}

PCMT_CONTROL CMT_EstablishControlConnection(char            *inPath, 
                                            CMT_SocketFuncs *sockFuncs,
                                            CMT_MUTEX       *mutex)
{
    PCMT_CONTROL control;
    char *executable;
    char *newWorkingDir;
    char oldWorkingDir[MAX_PATH_LEN];
    int i;
    char *path;
    size_t stringLen;
    struct stat stbuf;
    
    /*
     * Create our own copy of path.
     * I'd like to do a straight strdup here, but that caused problems
     * for https.
     */
    stringLen = strlen(inPath);

    path = (char*) malloc(stringLen+1);
    memcpy(path, inPath, stringLen);
    path[stringLen] = '\0';

    control = CMT_ControlConnect(mutex, sockFuncs);
    if (control != NULL) {
        return control;
    }
    /*
     * We have to try to launch it now, so it better be a valid 
     * path.
     */
    if (stat(path, &stbuf) == -1) {
        goto loser;
    }
    /*
     * Now we have to parse the path and launch the psm server.
     */
    executable = strrchr(path, DIRECTORY_SEPARATOR);
    if (executable != NULL) {
        *executable = '\0';
        executable ++;
        newWorkingDir = path;
    } else {
        executable = path;
        newWorkingDir = NULL;
    }
    if (getCurrWorkDir(oldWorkingDir, MAX_PATH_LEN) == NULL) {
        goto loser;
    }
    setWorkingDir(newWorkingDir);
    if (launch_psm(executable) != CMTSuccess) {
        goto loser;
    }
    setWorkingDir(oldWorkingDir);
    /*
     * Now try to connect to the psm server.  We will try to connect
     * a maximum of 30 times and then give up.
     */
#ifdef WIN32
    for (i=0; i<30; i++) {
        Sleep(1000);
        control = CMT_ControlConnect(mutex, sockFuncs);
        if (control != NULL) {
            break;
        }
    }
#elif defined XP_UNIX
    i = 0;
    while (i<1000) {
        i += sleep(10);
	control = CMT_ControlConnect(mutex, sockFuncs);
	if (control != NULL) {
	  break;
	}
    }
#else
    /*
     * Figure out how to sleep for a while first
     */
    for (i=0; i<30; i++) {
      control = CMT_ControlConnect(mutex, sockFuncs);
      if (control!= NULL) {
	break;
      }
    }
#endif
    if (control == NULL) {
        goto loser;
    }
    if (path) {
        free (path);
    }
    return control;
 loser:
    if (control != NULL) {
        CMT_CloseControlConnection(control);
    }
    if (path) {
        free(path);
    }
    return NULL;
}


PCMT_CONTROL CMT_ControlConnect(CMT_MUTEX *mutex, CMT_SocketFuncs *sockFuncs)
{
    PCMT_CONTROL control = NULL; 
    CMTSocket sock=NULL;
    SSMObscureObject * obscureObj = NULL;
#ifdef XP_UNIX
    int unixSock = 1;
    char path[20];
#else
    int unixSock = 0;
    char *path=NULL;
#endif

    if (sockFuncs == NULL) {
        return NULL;
    }
#ifdef XP_UNIX
    sprintf(path, "/tmp/.nsmc-%d", (int)geteuid());
#endif    

    sock = sockFuncs->socket(unixSock);
    if (sock == NULL) {
        LOG("Could not create a socket to connect to Control Connection.\n");
        goto loser;
    }
    /* Connect to the psm process */
    if (sockFuncs->connect(sock, CARTMAN_PORT, path)) {
	  LOG("Could not connect to Cartman\n");
	  goto loser;
    }

#ifdef XP_UNIX
    if (sockFuncs->verify(sock) != CMTSuccess) {
        goto loser;
    }
#endif

	LOG("Connected to Cartman\n");

    /* Set up the protocol obfuscation */
    if (!(obscureObj = InitClientObscureObject(sockFuncs, sock))) {
        goto loser;
    }
	
	/* fill in the CMTControl struct */
	control = (PCMT_CONTROL)calloc(sizeof(CMT_CONTROL), 1);
	if (control == NULL ) {
		goto loser;
	}
	control->sock = sock;
    control->obscureObj = obscureObj;
    if (mutex != NULL) {
        control->mutex = (CMT_MUTEX*)calloc(sizeof(CMT_MUTEX),1);
        if (control->mutex == NULL) {
            goto loser;
        }
        *control->mutex = *mutex;
    }
    memcpy(&control->sockFuncs, sockFuncs, sizeof(CMT_SocketFuncs));
    control->refCount = 1;
	goto done;
    
 loser:
	if (control != NULL) {
		free(control);
    }
    if (sock != NULL) {
        sockFuncs->close(sock);
    }
	control = NULL;
    
 done:
	return control;
}

CMTStatus CMT_CloseControlConnection(PCMT_CONTROL control)
{
	/* XXX Don't know what to do here yet */
    if (control != NULL) {
        CMInt32 refCount;
        CMT_LOCK(control->mutex);
        control->refCount--;
        refCount = control->refCount;
        CMT_UNLOCK(control->mutex);
        if (refCount <= 0) {
            if (control->mutex != NULL) {
                free (control->mutex);
            }
            if (control->obscureObj) {
                SSMObscure_Destroy(control->obscureObj);
            }
            control->sockFuncs.close(control->sock);
            free(control);
        }
    }
    
	return CMTSuccess;
}

CMTStatus CMT_Hello(PCMT_CONTROL control, CMUint32 version, char* profile, 
                    char* profileDir)
{
	CMTItem message;
    PCMT_EVENT eventHandler;
    CMBool doesUI;
    HelloRequest request;
    HelloReply reply;

	/* Check the passed parameters */
	if (!control) {
		return CMTFailure;
	}
	if (!profile) {
		return CMTFailure;
	}
    if (!profileDir) {
        return CMTFailure;
    }
    
	/* Create the hello message */
    eventHandler = CMT_GetEventHandler(control, SSM_UI_EVENT, 0);
    doesUI = (eventHandler == NULL) ? CM_FALSE : CM_TRUE;

    /* Setup the request struct */
    request.version = version;
    request.policy = SVRPLCY_UtilityPolicyTable.table[0].value;
    request.doesUI = doesUI;
    request.profile = profile;
    request.profileDir = profileDir;

    message.type = SSM_REQUEST_MESSAGE | SSM_HELLO_MESSAGE;

    if (CMT_EncodeMessage(HelloRequestTemplate, &message, &request) != CMTSuccess) {
        goto loser;
    }

	/* Send the message and get the response */
	if (CMT_SendMessage(control, &message) != CMTSuccess) {
        goto loser;
	}

    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_HELLO_MESSAGE)) {
        goto loser;
    }

    /* Decode the message */
    if (CMT_DecodeMessage(HelloReplyTemplate, &reply, &message) != CMTSuccess) {
        goto loser;
    }

	/* Successful response */
	if (reply.result == 0) {
            /* Save the nonce value */
            control->sessionID = reply.sessionID;
            control->protocolVersion = reply.version;
            control->port = reply.httpPort;
            control->nonce = reply.nonce;
            control->policy = reply.policy;
            control->serverStringVersion = reply.stringVersion;

            /* XXX Free the messages */
            return CMTSuccess;
	}
loser:
	/* XXX Free the messages */
	return CMTFailure;
}

CMTStatus CMT_PassAllPrefs(PCMT_CONTROL control, int num,
                           CMTSetPrefElement* list)
{
    SetPrefListMessage request;
    SingleNumMessage reply;
    CMTItem message;

    if ((control == NULL) || (list == NULL)) {
        return CMTFailure;
    }

    /* pack the request */
    request.length = num;
    request.list = (SetPrefElement*)list;

    if (CMT_EncodeMessage(SetPrefListMessageTemplate, &message, &request) !=
        CMTSuccess) {
        goto loser;
    }
    message.type = SSM_REQUEST_MESSAGE | SSM_PREF_ACTION;

    /* send the message */
    if (CMT_SendMessage(control, &message) != CMTSuccess) {
        goto loser;
    }

    if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_PREF_ACTION)) {
        goto loser;
    }

    if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) !=
        CMTSuccess) {
        goto loser;
    }

    /* don't really need to check the return value */
    return CMTSuccess;
loser:
    return CMTFailure;
}

char* CMT_GetServerStringVersion(PCMT_CONTROL control)
{
    if (control == NULL) {
        return NULL;
    }
    return control->serverStringVersion;
}