*
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-13
- * cleanup 2011-07-06 SM
- *
+ * cleanup 2012-01-04 SM
*
* grep strncmp src/conf.c | gawk '{print $3}'
* grep strncmp src/conf.c | awk '{print " * " $3}' | sed -e "s/\"//g" -e "s/,//g"
*
- * name default value
- * ----------------------------------------------------
- * config.dir
- * openpts.pcr.index
- * aide
- * aide.database.file
- * aide.ignorelist.file
- * aide.sqlite.file
- * autoupdate
- * bios.iml.file
- * config.dir
- * config.dir
- * hostname
- * ima.validation.mode
- * iml.aligned
- * iml.endian
- * iml.mode
- * ir.dir
- * ir.file
- * ir.quote
- * little
- * model.dir
- * newrm.uuid.file
- * oldrm.uuid.file
- * openpts.pcr.index
- * pcrs.file
- * policy.file
- * port
- * prop.file
- * rm.basedir
- * rm.num
- * rm.uuid.file
- * runtime.iml.file
- * runtime.iml.type
- * securityfs
- * selftest
- * ssh.mode
- * ssh.port
- * ssh.username
- * strncmp
- * strncmp
- * target.pubkey
- * target.uuid
- * uuid.file
- * verifier.logging.dir
- * ------------------------------------------------------------------------
- * srk.password.mode null/known
- * ------------------------------------------------------------------------
- *
+ * Also update man/man5/ptsc.conf.5
+ *
*/
#include <stdio.h>
#include <ctype.h>
#include <openpts.h>
-// #include <log.h>
/**
* new Target list
}
memset(list, 0, size);
- list->target_num = num;
+ list->target_num = num - 1; // set actual number
return list;
}
for (i = 0; i < num; i++) {
target = &list->target[i];
if (target == NULL) {
- ERROR("no memory cnt=%d\n", i);
+ LOG(LOG_ERR, "no memory cnt=%d\n", i);
} else {
if (target->uuid != NULL) freeUuid(target->uuid);
if (target->str_uuid != NULL) xfree(target->str_uuid);
OPENPTS_CONFIG * newPtsConfig() {
OPENPTS_CONFIG * conf;
- // DEBUG("newPtsConfig()\n");
-
/* config */
conf = (OPENPTS_CONFIG *) xmalloc(sizeof(OPENPTS_CONFIG));
if (conf == NULL) {
*/
int freePtsConfig(OPENPTS_CONFIG * conf) {
int i;
- // DEBUG("freePtsConfig()\n");
- ASSERT(NULL != conf, "conf is NULL\n");
+ /* check */
+ if (conf == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (conf->config_dir != NULL) {
xfree(conf->config_dir);
conf->config_file = NULL;
}
-//<<<<<<< HEAD
#ifdef CONFIG_AUTO_RM_UPDATE
if (conf->newRmSet != NULL) {
xfree(conf->newRmSet);
if (conf->compIDs[i].VendorID_Value != NULL) xfree(conf->compIDs[i].VendorID_Value);
}
-// xfree(conf);
-//=======
if (conf->aik_storage_filename != NULL) {
free(conf->aik_storage_filename);
}
free(conf);
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
return PTS_SUCCESS;
}
level = strtoul(levelStr, &attributeName, 10);
if (levelStr == attributeName) {
- ERROR("readPtsConfig_CompID()- invalid level number ('%s')\n", name);
+ LOG(LOG_ERR, "readPtsConfig_CompID()- invalid level number ('%s')\n", name);
return PTS_FATAL;
}
if (*attributeName != '.') {
- ERROR("readPtsConfig_CompID()- missing '.' after level ('%s')\n", name);
+ LOG(LOG_ERR, "readPtsConfig_CompID()- missing '.' after level ('%s')\n", name);
return PTS_FATAL;
}
/******************/
if (level >= MAX_RM_NUM) {
- ERROR("readPtsConfig_CompID()- trying to affect a CompID(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
+ LOG(LOG_ERR,
+ "readPtsConfig_CompID()- trying to affect a CompID(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
attributeName, level, MAX_RM_NUM);
return PTS_FATAL;
}
conf->compIDs[level].VendorID_type = VENDORID_TYPE_GUID;
attributeValue = &conf->compIDs[level].VendorID_Value;
} else {
- ERROR("unknown Component ID attribute: '%s'\n", attributeName);
+ LOG(LOG_ERR, "unknown Component ID attribute: '%s'\n", attributeName);
return PTS_FATAL;
}
char *path;
char *filename2 = NULL; // fullpath
int buf_len;
-//<<<<<<< HEAD
int isFileFound = 0;
int isFileIncorrect = 0;
-//=======
/* tmp path */
char *aik_storage_filename = NULL;
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
+
DEBUG("readPtsConfig() : %s\n", filename);
if (filename == NULL) {
- ERROR("readPtsConfig - filename is NULL\n");
+ LOG(LOG_ERR, "readPtsConfig - filename is NULL\n");
return PTS_INTERNAL_ERROR;
}
/* => get fullpath */
path = getenv("PWD");
if (path[0] != '/') {
- ERROR("readPtsConfig() - path, '%s' is not a full path", path);
+ LOG(LOG_ERR, "readPtsConfig() - path, '%s' is not a full path", path);
}
filename2 = getFullpathName(path, filename);
} else {
/* dir where config file -> config_dir */
if (conf->config_dir != NULL) {
- // free old one
+ /* free old one */
xfree(conf->config_dir);
}
conf->config_dir = getFullpathDir(filename2);
-
/* open */
if ((fp = fopen(filename2, "r")) == NULL) {
- ERROR("readPtsConfig - File %s open was failed\n", filename2);
+ DEBUG("readPtsConfig - File %s open was failed\n", filename2);
rc = PTS_INTERNAL_ERROR;
goto free;
}
/* check for line length */
if (line_len == LINE_BUF_SIZE) {
- ERROR("Line too long in %s at line %d\n", filename2, cnt);
+ LOG(LOG_ERR, "Line too long in %s at line %d\n", filename2, cnt);
isFileIncorrect = 1;
goto free;
}
if (line[0] == '#') {
// comment -> skip
- } else if ((eq = strstr(line, "=")) != NULL) { /* name=value line*/
+ } else if ((eq = strstr(line, "=")) != NULL) { /* name=value line */
char *name;
char *value;
name = line;
value = eq + 1;
-
*eq = 0;
- // DEBUG("%4d [%s]=[%s]\n",cnt, name, value);
-
/* config dir
replace the curent setting based on the location of config file
to path set by config file.
} else if (!strncmp(value, "tss", 3)) {
conf->iml_mode = 0;
} else {
- ERROR("iml.mode is neither 'securityfs' or 'tss'\n");
+ LOG(LOG_ERR, "iml.mode is neither 'securityfs' or 'tss'\n");
isFileIncorrect = 1;
goto free;
}
conf->srk_password_mode = 1;
DEBUG("conf->srk_password_mode : known\n");
} else {
- ERROR("Bad srk.password.mode flag '%s' in %s\n",
+ LOG(LOG_ERR, "Bad srk.password.mode flag '%s' in %s\n",
value, filename);
isFileIncorrect = 1;
goto free;
conf->tpm_resetdalock = 0; // default
DEBUG("conf->tpm_resetdalock : off (default)\n");
} else {
- ERROR("Bad tpm.resetdalock flag '%s' in %s\n",
+ LOG(LOG_ERR, "Bad tpm.resetdalock flag '%s' in %s\n",
value, filename);
isFileIncorrect = 1;
goto free;
conf->tpm_quote_type = 1;
DEBUG("conf->tpm_quote_type : quote\n");
} else {
- ERROR("Bad tpm.quote.type flag %s\n", value);
+ LOG(LOG_ERR, "Bad tpm.quote.type flag %s\n", value);
isFileIncorrect = 1;
goto free;
}
conf->iml_endian = 0;
#else
conf->iml_endian = 2;
- // DEBUG("convert endian mode\n");
DEBUG("endian mode : convert\n");
#endif
} else {
- ERROR("iml.endian is neither 'big' or 'little'\n");
+ LOG(LOG_ERR, "iml.endian is neither 'big' or 'little'\n");
isFileIncorrect = 1;
goto free;
}
} else if (!strncmp(value, "IMA", 3)) {
conf->runtime_iml_type = BINARY_IML_TYPE_IMA_ORIGINAL;
} else {
- ERROR("unknown runtime.iml.type %s\n", value);
+ LOG(LOG_ERR, "unknown runtime.iml.type %s\n", value);
isFileIncorrect = 1;
goto free;
}
// RM config - from 0.2.3
if (!strncmp(name, "rm.basedir", 10)) {
if (conf->rm_basedir != NULL) {
- // DEBUG("realloc conf->rm_basedir"); // TODO realloc happen
xfree(conf->rm_basedir);
}
conf->rm_basedir = getFullpathName(conf->config_dir, value);
if (!strncmp(name, "rm.num", 6)) {
conf->rm_num = atoi(value);
if (conf->rm_num > MAX_RM_NUM) {
- ERROR("RM number rm.num=%d is larger than MAX_RM_NUM=%d - truncking\n", conf->rm_num, MAX_RM_NUM);
+ LOG(LOG_ERR,
+ "RM number rm.num=%d is larger than MAX_RM_NUM=%d - truncking\n",
+ conf->rm_num, MAX_RM_NUM);
conf->rm_num = MAX_RM_NUM;
}
DEBUG("conf->rm_num : %d\n", conf->rm_num);
/* Depricated - we use a temporary file in /tmp on collector side */
if (!strncmp(name, "ir.file", 7)) {
if (conf->ir_filename != NULL) {
- // DEBUG("realloc conf->ir_filename"); // TODO realloc happen
xfree(conf->ir_filename);
}
conf->ir_filename = getFullpathName(conf->config_dir, value);
DEBUG("conf->ir_filename : %s\n", conf->ir_filename);
- // ERROR("ir.file is obsolute, please use ir.dir"); /// Collectror TODO
}
/* IR dir (collector side) */
if (!strncmp(name, "ir.dir", 6)) {
if (conf->ir_dir != NULL) {
- // DEBUG("realloc conf->ir_filename"); // TODO realloc happen
xfree(conf->ir_dir);
}
conf->ir_dir = getFullpathName(conf->config_dir, value);
- DEBUG("conf->ir_dir : %s\n", conf->ir_dir);
- } // BAD else {
- // /* set this to some sensible default value so that ptsc.c doesn't seg fault */
- // conf->ir_dir = smalloc("/tmp");
- //}
-
+ DEBUG("conf->ir_dir : %s\n", conf->ir_dir);
+ }
if (!strncmp(name, "prop.file", 9)) {
if (conf->prop_filename != NULL) {
- // DEBUG("realloc conf->prop_filename"); // TODO realloc happen
xfree(conf->prop_filename);
}
conf->prop_filename = getFullpathName(conf->config_dir, value);
}
-
- // 20100908 Munetoh -> ifm.c
if (!strncmp(name, "ir.quote", 8)) {
if (!strncmp(value, "WITHOUT_QUOTE", 13)) {
conf->ir_without_quote = 1;
- TODO("Generate IR without TPM_Quote signature\n");
+ LOG(LOG_TODO, "Generate IR without TPM_Quote signature\n");
}
}
conf->model_dir = getFullpathName(conf->config_dir, value);
}
+ /* prop (AIX) */
if (!strncmp(name, "iml.ipl.maxcount", 16)) {
conf->iml_maxcount = atoi(value);
DEBUG("conf->iml_maxcount : %d\n", conf->iml_maxcount);
conf->verifier_logging_dir = getFullpathName(conf->config_dir, value);
}
-
if (!strncmp(name, "policy.file", 11)) {
if (conf->policy_filename != NULL) {
// DEBUG("realloc conf->policy_filename\n"); // TODO realloc happen
conf->policy_filename = getFullpathName(conf->config_dir, value);
}
-#if 0
- if (!strncmp(name, "config.dir", 10)) {
- if (conf->config_dir != NULL) {
- TODO("conf dir %s ->%s\n", conf->config_dir, value);
- //
- } else {
- conf->config_dir = getFullpathName(config_path, value);
- }
- }
-#endif
-
/* IMA and AIDE */
if (!strncmp(name, "ima.validation.mode", 19)) {
if (!strncmp(value, "aide", 4)) {
} else if (!strncmp(value, "none", 4)) {
conf->ima_validation_mode = OPENPTS_VALIDATION_MODE_NONE;
} else {
- ERROR("unknown ima.validation.mode [%s]\n", value);
+ LOG(LOG_ERR, "unknown ima.validation.mode [%s]\n", value);
isFileIncorrect = 1;
goto free;
}
#ifdef CONFIG_AIDE
if (!strncmp(name, "aide.database.file", 18)) {
if (conf->aide_database_filename != NULL) {
- // DEBUG("realloc conf->aide_database_filename\n"); // TODO realloc happen
xfree(conf->aide_database_filename);
}
conf->aide_database_filename = getFullpathName(conf->config_dir, value);
#endif
if (!strncmp(name, "aide.ignorelist.file", 20)) {
if (conf->aide_ignorelist_filename != NULL) {
- // DEBUG("realloc conf->aide_ignorelist_filename\n"); // TODO realloc happen
xfree(conf->aide_ignorelist_filename);
}
conf->aide_ignorelist_filename = getFullpathName(conf->config_dir, value);
DEBUG("conf->uuid->str : %s\n", conf->uuid->str);
}
} else if (!strncmp(name, "uuid", 4)) {
- ERROR("uuid=XXX is deprecated, in %s\n", filename);
+ LOG(LOG_ERR, "uuid=XXX is deprecated, in %s\n", filename);
if (conf->uuid == NULL) {
conf->uuid = newOpenptsUuid();
}
if (conf->uuid->uuid != NULL) {
- TODO("free conf->uuid \n");
+ LOG(LOG_TODO, "free conf->uuid \n");
xfree(conf->uuid->uuid);
}
/* set */
conf->uuid->uuid = getUuidFromString(value);
if (conf->uuid->uuid == NULL) {
- ERROR("read UUID fail\n");
+ LOG(LOG_ERR, "read UUID fail\n");
}
conf->uuid->str = getStringOfUuid(conf->uuid->uuid);
if (conf->uuid->str == NULL) {
- ERROR("read UUID fail\n");
+ LOG(LOG_ERR, "read UUID fail\n");
}
}
conf->rm_uuid = newOpenptsUuid();
}
if (conf->rm_uuid->filename != NULL) {
- // DEBUG("realloc conf->rm_uuid->filename"); // TODO realloc happen
xfree(conf->rm_uuid->filename);
}
conf->rm_uuid->filename = getFullpathName(conf->config_dir, value);
rc = readOpenptsUuidFile(conf->rm_uuid);
if (rc != PTS_SUCCESS) {
/* uuid file is missing */
- // TODO gen UUID?
- // DEBUG("no UUID file %s\n", conf->uuid->filename);
conf->rm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
- } else {
- // DEBUG("read UUID from file %s, UUID=%s\n", conf->uuid->filename, conf->uuid->str);
}
DEBUG("conf->rm_uuid->str : %s\n", conf->rm_uuid->str);
}
conf->newrm_uuid = newOpenptsUuid();
}
if (conf->newrm_uuid->filename != NULL) {
- // DEBUG("realloc conf->rm_uuid->filename"); // TODO realloc happen
xfree(conf->newrm_uuid->filename);
}
conf->newrm_uuid->filename = getFullpathName(conf->config_dir, value);
rc = readOpenptsUuidFile(conf->newrm_uuid);
if (rc != PTS_SUCCESS) {
/* uuid file is missing */
- // TODO gen UUID?
- // DEBUG("no UUID file %s\n", conf->uuid->filename);
conf->newrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
} else {
conf->pts_flag[0] |= OPENPTS_FLAG0_NEWRM_EXIST;
conf->oldrm_uuid = newOpenptsUuid();
}
if (conf->oldrm_uuid->filename != NULL) {
- // DEBUG("realloc conf->oldrm_uuid->filename"); // TODO realloc happen
xfree(conf->oldrm_uuid->filename);
}
conf->oldrm_uuid->filename = getFullpathName(conf->config_dir, value);
rc = readOpenptsUuidFile(conf->oldrm_uuid);
if (rc != PTS_SUCCESS) {
/* uuid file is missing */
- // TODO gen UUID?
- // DEBUG("no UUID file %s\n", conf->uuid->filename);
conf->oldrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
- } else {
- // DEBUG("read UUID from file %s, UUID=%s\n", conf->uuid->filename, conf->uuid->str);
}
DEBUG("conf->oldrm_uuid->str : %s\n", conf->oldrm_uuid->str);
}
/* */
if (!strncmp(name, "target.uuid", 11)) {
if (conf->target_uuid != NULL) {
- // DEBUG("realloc conf->target_uuid\n"); // TODO realloc happen
xfree(conf->target_uuid);
}
conf->target_uuid = getUuidFromString(value);
if (conf->target_uuid == NULL) {
- ERROR("bad UUID ? %s\n", value);
+ LOG(LOG_ERR, "bad UUID ? %s\n", value);
} else {
// add string too
if (conf->str_target_uuid != NULL) {
- // DEBUG("realloc conf->str_target_uuid\n"); // TODO realloc happen
xfree(conf->str_target_uuid);
}
conf->str_target_uuid = getStringOfUuid(conf->target_uuid);
if (conf->str_target_uuid == NULL) {
- ERROR("bad UUID ? %s\n", value);
+ LOG(LOG_ERR, "bad UUID ? %s\n", value);
}
}
}
strlen(value),
&buf_len);
if (conf->pubkey == NULL) {
- ERROR("decodeBase64");
+ LOG(LOG_ERR, "decodeBase64");
conf->pubkey_length = 0;
} else {
conf->pubkey_length = buf_len;
/* hostname */
if (!strncmp(name, "hostname", 8)) {
if (conf->hostname != NULL) {
- // DEBUG("realloc conf->hostname\n"); // TODO realloc happen
xfree(conf->hostname);
}
conf->hostname = smalloc_assert(value);
} else if (!strncmp(value, "off", 3)) {
conf->selftest = 0; // default
} else {
- ERROR("unknown selftest %s\n", value);
+ LOG(LOG_ERR, "unknown selftest %s\n", value);
isFileIncorrect = 1;
goto free;
}
conf->autoupdate = 0; // default
DEBUG("conf->autoupdate : off\n");
} else {
- ERROR("unknown autoupdate %s\n", value); // TODO
+ LOG(LOG_ERR, "unknown autoupdate %s\n", value); // TODO
isFileIncorrect = 1;
goto free;
}
conf->enrollment = IMV_ENROLLMENT_AUTO;
DEBUG("conf->enrollment : auto\n");
} else {
- ERROR("unknown enrollment %s\n", value); // TODO
+ LOG(LOG_ERR, "unknown enrollment %s\n", value); // TODO
conf->enrollment = 0;
}
}
conf->aik_storage_type = OPENPTS_AIK_STORAGE_TYPE_BLOB;
DEBUG("conf->aik_storage_type : blob\n");
} else {
- ERROR("unknown aik.storage.type %s\n", value); // TODO
+ LOG(LOG_ERR, "unknown aik.storage.type %s\n", value); // TODO
conf->aik_storage_type = 0;
}
}
conf->aik_auth_type = OPENPTS_AIK_AUTH_TYPE_COMMON;
DEBUG("conf->aik_auth_type : common\n");
} else {
- ERROR("unknown aik.auth.type %s\n", value); // TODO
+ LOG(LOG_ERR, "unknown aik.auth.type %s\n", value); // TODO
conf->aik_auth_type = 0;
}
}
+ /* DEBUG */
+ if (!strncmp(name, "verbose", 7)) {
+ setVerbosity(atoi(value));
+ DEBUG("Verbosity : %d (set by conf)\n", getVerbosity());
+ }
+ if (!strncmp(name, "logging.location", 16)) {
+ if (!strncmp(value, "syslog", 6)) {
+ setLogLocation(OPENPTS_LOG_SYSLOG, NULL);
+ DEBUG("Logging location : syslog\n");
+ } else if (!strncmp(value, "console", 6)) {
+ setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
+ DEBUG("Logging location : console\n");
+ } else {
+ LOG(LOG_ERR, "unknown aik.storage.type %s\n", value); // TODO
+ conf->aik_storage_type = 0;
+ }
+ }
+ if (!strncmp(name, "logging.file", 12)) {
+ char *log_filename;
+ log_filename = getFullpathName(conf->config_dir, value);
+ setLogLocation(OPENPTS_LOG_FILE, log_filename);
+ DEBUG("Logging location : file (%s)\n", log_filename);
+ xfree(log_filename);
+ }
+ if (!strncmp(name, "debug.mode", 11)) {
+ debugBits = (int) strtol(value, NULL, 16);
+ DEBUG("DEBUG mode : 0x%x\n", debugBits);
+ }
+
cnt++;
} else {
/* accept only blank lines */
ptr = line;
while (*ptr != '\0') {
if (!isspace(*ptr)) {
- ERROR("Syntax error in %s at line %d\n", filename2, cnt);
+ LOG(LOG_ERR, "Syntax error in %s at line %d\n", filename2, cnt);
isFileIncorrect = 1;
goto free;
}
/* open */
if ((fp = fopen(filename, "w")) == NULL) {
- ERROR("writeTargetConf - Conf File %s open was failed\n", filename);
+ LOG(LOG_ERR, "writeTargetConf - Conf File %s open was failed\n", filename);
return -1;
}
rc = readPtsConfig(conf, filename);
if (rc != PTS_SUCCESS) {
- ERROR("readTargetConf - fail, rc = %d\n", rc);
+ LOG(LOG_ERR, "readTargetConf - fail, rc = %d\n", rc);
}
return rc;
/* open */
if ((fp = fopen(filename, "w")) == NULL) {
- ERROR("writeOpenptsConf - Conf File %s open was failed\n", filename);
+ LOG(LOG_ERR, "writeOpenptsConf - Conf File %s open was failed\n", filename);
return PTS_INTERNAL_ERROR;
}
DEBUG_CAL("readOpenptsConf %s\n", filename);
+ /* check */
+ if (conf == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
rc = readPtsConfig(conf, filename);
if (rc < 0) {
- ERROR("readOpenptsConf - fail, rc = %d\n", rc);
+ LOG(LOG_ERR, "readOpenptsConf - fail, rc = %d\n", rc);
}
return rc;
*/
int setModelFile(OPENPTS_CONFIG *conf, int index, int level, char *filename) {
/* check */
- ASSERT(NULL != conf, "setModelFile()- conf is NULL\n");
+ if (conf == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (level >= MAX_RM_NUM) {
- ERROR("setModelFile()- PCR[%d] trying to affect a model file(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
+ LOG(LOG_ERR,
+ "setModelFile()- PCR[%d] trying to affect a model file(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
index, filename, level, MAX_RM_NUM);
return PTS_FATAL;
}