2 * This file is part of the OpenPTS project.
4 * The Initial Developer of the Original Code is International
5 * Business Machines Corporation. Portions created by IBM
6 * Corporation are Copyright (C) 2010 International Business
7 * Machines Corporation. All Rights Reserved.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the Common Public License as published by
11 * IBM Corporation; either version 1 of the License, or (at your option)
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * Common Public License for more details.
19 * You should have received a copy of the Common Public License
20 * along with this program; if not, a copy can be viewed at
21 * http://www.opensource.org/licenses/cpl1.0.php.
26 * \brief read/write configuration file
28 * @author Seiji Munetoh <munetoh@users.sourceforge.jp>
30 * cleanup 2011-07-06 SM
33 * grep strncmp src/conf.c | gawk '{print $3}'
34 * grep strncmp src/conf.c | awk '{print " * " $3}' | sed -e "s/\"//g" -e "s/,//g"
37 * ----------------------------------------------------
42 * aide.ignorelist.file
80 * verifier.logging.dir
81 * ------------------------------------------------------------------------
82 * srk.password.mode null/known
83 * ------------------------------------------------------------------------
98 * create [target num + 1], [last] for new target
100 OPENPTS_TARGET_LIST *newTargetList(int num) {
101 OPENPTS_TARGET_LIST *list;
104 size = sizeof(OPENPTS_TARGET_LIST) + sizeof(OPENPTS_TARGET) * (num);
106 list = (OPENPTS_TARGET_LIST *) xmalloc(size);
110 memset(list, 0, size);
112 list->target_num = num - 1; // set actual number
120 void freeTargetList(OPENPTS_TARGET_LIST *list) {
123 OPENPTS_TARGET *target;
125 num = list->target_num;
128 for (i = 0; i < num; i++) {
129 target = &list->target[i];
130 if (target == NULL) {
131 ERROR("no memory cnt=%d\n", i);
133 if (target->uuid != NULL) freeUuid(target->uuid);
134 if (target->str_uuid != NULL) xfree(target->str_uuid);
135 if (target->time != NULL) xfree(target->time);
136 if (target->dir != NULL) xfree(target->dir);
137 if (target->target_conf_filename != NULL) xfree(target->target_conf_filename);
138 if (target->target_conf != NULL) {
139 // DEBUG("target->target_conf => free\n");
140 /* WORK NEEDED: freePtsConfig -> freeTargetList -> freePtsConfig .
141 Can we have cases where freePtsConfig is called twice on
142 the same structure?! This leads to double free errors. Set the
143 member variable to NULL before calling so we don't get circular
145 OPENPTS_CONFIG *conf = target->target_conf;
146 target->target_conf = NULL;
157 OPENPTS_CONFIG * newPtsConfig() {
158 OPENPTS_CONFIG * conf;
160 // DEBUG("newPtsConfig()\n");
163 conf = (OPENPTS_CONFIG *) xmalloc(sizeof(OPENPTS_CONFIG));
167 memset(conf, 0, sizeof(OPENPTS_CONFIG));
169 // tpm_version. tss_version are set by ptscd.c
170 // set by configure.in
171 conf->pts_version.bMajor = PTS_SPEC_MAJOR;
172 conf->pts_version.bMinor = PTS_SPEC_MINOR;
173 conf->pts_version.bRevMajor = PTS_VER_MAJOR;
174 conf->pts_version.bRevMinor = PTS_VER_MINOR;
176 // set PCR used by openpts itself
177 // set by configure.in
178 conf->openpts_pcr_index = OPENPTS_PCR_INDEX;
187 int freePtsConfig(OPENPTS_CONFIG * conf) {
189 // DEBUG("freePtsConfig()\n");
197 if (conf->config_dir != NULL) {
198 xfree(conf->config_dir);
199 conf->config_dir = NULL;
202 if (conf->bios_iml_filename != NULL) {
203 xfree(conf->bios_iml_filename);
204 conf->bios_iml_filename = NULL;
207 if (conf->runtime_iml_filename != NULL) {
208 xfree(conf->runtime_iml_filename);
209 conf->runtime_iml_filename = NULL;
212 if (conf->pcrs_filename != NULL) {
213 xfree(conf->pcrs_filename);
214 conf->pcrs_filename = NULL;
217 if (conf->ir_filename != NULL) {
218 xfree(conf->ir_filename);
219 conf->ir_filename = NULL;
222 if (conf->ir_dir != NULL) {
227 if (conf->prop_filename != NULL) {
228 xfree(conf->prop_filename);
229 conf->prop_filename = NULL;
232 if (conf->model_dir != NULL) {
234 xfree(conf->model_dir);
235 conf->model_dir = NULL;
238 if (conf->verifier_logging_dir != NULL) {
240 xfree(conf->verifier_logging_dir);
241 conf->verifier_logging_dir = NULL;
244 if (conf->policy_filename != NULL) {
245 xfree(conf->policy_filename);
246 conf->policy_filename = NULL;
250 if (conf->aide_database_filename != NULL) {
251 xfree(conf->aide_database_filename);
252 conf->aide_database_filename = NULL;
255 if (conf->aide_sqlite_filename != NULL) {
256 xfree(conf->aide_sqlite_filename);
257 conf->aide_sqlite_filename = NULL;
259 #endif // CONFIG_SQLITE
260 if (conf->aide_ignorelist_filename != NULL) {
261 xfree(conf->aide_ignorelist_filename);
262 conf->aide_ignorelist_filename = NULL;
264 #endif // CONFIG_AIDE
266 if (conf->pubkey != NULL) {
271 if (conf->property_filename != NULL) {
272 xfree(conf->property_filename);
273 conf->property_filename = NULL;
276 /* OPENPTS_TARGET_LIST */
277 if (conf->target_list != NULL) {
278 // DEBUG("conf->target_list != NULL => free\n");
279 /* WORK NEEDED: freePtsConfig -> freeTargetList -> freePtsConfig .
280 Can we have cases where freePtsConfig is called twice on
281 the same structure?! This leads to double free errors. Set the
282 member variable to NULL before calling so we don't get circular
284 OPENPTS_TARGET_LIST *list = conf->target_list;
285 conf->target_list = NULL;
286 freeTargetList(list); // conf.c
290 if (conf->uuid != NULL) {
291 freeOpenptsUuid(conf->uuid);
295 if (conf->rm_uuid != NULL) {
296 freeOpenptsUuid(conf->rm_uuid);
297 conf->rm_uuid = NULL;
300 if (conf->newrm_uuid != NULL) {
301 freeOpenptsUuid(conf->newrm_uuid);
302 conf->newrm_uuid = NULL;
305 if (conf->oldrm_uuid != NULL) {
306 freeOpenptsUuid(conf->oldrm_uuid);
307 conf->oldrm_uuid = NULL;
311 if (conf->target_uuid != NULL) {
312 xfree(conf->target_uuid);
313 conf->target_uuid = NULL;
315 if (conf->str_target_uuid != NULL) {
316 xfree(conf->str_target_uuid);
317 conf->str_target_uuid = NULL;
322 for (i = 0; i< conf->rm_num; i++) {
323 if (conf->rm_filename[i] != NULL) {
324 xfree(conf->rm_filename[i]);
325 conf->rm_filename[i] = NULL;
328 for (i = 0; i< conf->newrm_num; i++) {
329 if (conf->newrm_filename[i] != NULL) {
330 xfree(conf->newrm_filename[i]);
331 conf->newrm_filename[i] = NULL;
337 if (conf->rm_basedir != NULL) {
338 xfree(conf->rm_basedir);
339 conf->rm_basedir = NULL;
343 if (conf->hostname != NULL) {
344 xfree(conf->hostname);
345 conf->hostname = NULL;
347 if (conf->ssh_username != NULL) {
348 xfree(conf->ssh_username);
349 conf->ssh_username = NULL;
351 if (conf->ssh_port != NULL) {
352 xfree(conf->ssh_port);
353 conf->ssh_port = NULL;
356 if (conf->config_file != NULL) {
357 // DEBUG("conf->config_file => free\n");
358 xfree(conf->config_file);
359 conf->config_file = NULL;
363 #ifdef CONFIG_AUTO_RM_UPDATE
364 if (conf->newRmSet != NULL) {
365 xfree(conf->newRmSet);
366 conf->newRmSet = NULL;
370 for (i = 0; i < MAX_RM_NUM; i++) {
371 if (conf->compIDs[i].SimpleName != NULL) xfree(conf->compIDs[i].SimpleName);
372 if (conf->compIDs[i].ModelName != NULL) xfree(conf->compIDs[i].ModelName);
373 if (conf->compIDs[i].ModelNumber != NULL) xfree(conf->compIDs[i].ModelNumber);
374 if (conf->compIDs[i].ModelSerialNumber != NULL) xfree(conf->compIDs[i].ModelSerialNumber);
375 if (conf->compIDs[i].ModelSystemClass != NULL) xfree(conf->compIDs[i].ModelSystemClass);
376 if (conf->compIDs[i].VersionMajor != NULL) xfree(conf->compIDs[i].VersionMajor);
377 if (conf->compIDs[i].VersionMinor != NULL) xfree(conf->compIDs[i].VersionMinor);
378 if (conf->compIDs[i].VersionBuild != NULL) xfree(conf->compIDs[i].VersionBuild);
379 if (conf->compIDs[i].VersionString != NULL) xfree(conf->compIDs[i].VersionString);
380 if (conf->compIDs[i].MfgDate != NULL) xfree(conf->compIDs[i].MfgDate);
381 if (conf->compIDs[i].PatchLevel != NULL) xfree(conf->compIDs[i].PatchLevel);
382 if (conf->compIDs[i].DiscretePatches != NULL) xfree(conf->compIDs[i].DiscretePatches);
383 if (conf->compIDs[i].VendorID_Name != NULL) xfree(conf->compIDs[i].VendorID_Name);
384 if (conf->compIDs[i].VendorID_Value != NULL) xfree(conf->compIDs[i].VendorID_Value);
389 if (conf->aik_storage_filename != NULL) {
390 free(conf->aik_storage_filename);
394 //>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
399 /* parse Component ID related properties */
400 static int readPtsConfig_CompID(
401 OPENPTS_CONFIG *conf,
406 const char *levelStr;
408 char **attributeValue;
415 // rm.compid.0.SimpleName
416 if (strncmp(name, "rm.compid.", 10) != 0) return PTS_SUCCESS;
418 levelStr = name + 10;
419 level = strtoul(levelStr, &attributeName, 10);
421 if (levelStr == attributeName) {
422 ERROR("readPtsConfig_CompID()- invalid level number ('%s')\n", name);
426 if (*attributeName != '.') {
427 ERROR("readPtsConfig_CompID()- missing '.' after level ('%s')\n", name);
437 if (level >= MAX_RM_NUM) {
438 ERROR("readPtsConfig_CompID()- trying to affect a CompID(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
439 attributeName, level, MAX_RM_NUM);
443 if (strcmp(attributeName, "SimpleName") == 0)
444 attributeValue = &conf->compIDs[level].SimpleName;
445 else if (strcmp(attributeName, "ModelName") == 0)
446 attributeValue = &conf->compIDs[level].ModelName;
447 else if (strcmp(attributeName, "ModelNumber") == 0)
448 attributeValue = &conf->compIDs[level].ModelNumber;
449 else if (strcmp(attributeName, "ModelSerialNumber") == 0)
450 attributeValue = &conf->compIDs[level].ModelSerialNumber;
451 else if (strcmp(attributeName, "ModelSystemClass") == 0)
452 attributeValue = &conf->compIDs[level].ModelSystemClass;
453 else if (strcmp(attributeName, "VersionMajor") == 0)
454 attributeValue = &conf->compIDs[level].VersionMajor;
455 else if (strcmp(attributeName, "VersionMinor") == 0)
456 attributeValue = &conf->compIDs[level].VersionMinor;
457 else if (strcmp(attributeName, "VersionBuild") == 0)
458 attributeValue = &conf->compIDs[level].VersionBuild;
459 else if (strcmp(attributeName, "VersionString") == 0)
460 attributeValue = &conf->compIDs[level].VersionString;
461 else if (strcmp(attributeName, "MfgDate") == 0)
462 attributeValue = &conf->compIDs[level].MfgDate;
463 else if (strcmp(attributeName, "PatchLevel") == 0)
464 attributeValue = &conf->compIDs[level].PatchLevel;
465 else if (strcmp(attributeName, "DiscretePatches") == 0)
466 attributeValue = &conf->compIDs[level].DiscretePatches;
467 else if (strcmp(attributeName, "VendorID_Name") == 0)
468 attributeValue = &conf->compIDs[level].VendorID_Name;
469 else if (strcmp(attributeName, "TcgVendorId") == 0) {
470 conf->compIDs[level].VendorID_type = VENDORID_TYPE_TCG;
471 attributeValue = &conf->compIDs[level].VendorID_Value;
472 } else if (strcmp(attributeName, "SmiVendorId") == 0) {
473 conf->compIDs[level].VendorID_type = VENDORID_TYPE_SMI;
474 attributeValue = &conf->compIDs[level].VendorID_Value;
475 } else if (strcmp(attributeName, "VendorGUID") == 0) {
476 conf->compIDs[level].VendorID_type = VENDORID_TYPE_GUID;
477 attributeValue = &conf->compIDs[level].VendorID_Value;
479 ERROR("unknown Component ID attribute: '%s'\n", attributeName);
483 if (*attributeValue != NULL) {
484 xfree(*attributeValue);
486 *attributeValue = smalloc(value);
487 if (*attributeValue == NULL) {
495 * Read pts config file
499 * filename fullpath or PWD/filename
508 #define LINE_BUF_SIZE 512
510 int readPtsConfig(OPENPTS_CONFIG *conf, char *filename) {
511 int rc = PTS_SUCCESS;
513 char line[LINE_BUF_SIZE];
517 char *filename2 = NULL; // fullpath
520 int isFileIncorrect = 0;
523 char *aik_storage_filename = NULL;
526 DEBUG("readPtsConfig() : %s\n", filename);
528 if (filename == NULL) {
529 ERROR("readPtsConfig - filename is NULL\n");
530 return PTS_INTERNAL_ERROR;
533 /* config filename -> fullpath -> filename2 */
534 if (filename[0] != '/') {
535 /* => get fullpath */
536 path = getenv("PWD");
537 if (path[0] != '/') {
538 ERROR("readPtsConfig() - path, '%s' is not a full path", path);
540 filename2 = getFullpathName(path, filename);
542 /* started by /, seems full path */
543 filename2 = smalloc(filename);
545 if (filename2 == NULL) {
546 return PTS_INTERNAL_ERROR;
549 /* set config filename (fullpath) to conf*/
550 if (conf->config_file != NULL) {
551 /* replace, free old conf path */
552 xfree(conf->config_file);
554 conf->config_file = smalloc_assert(filename2);
556 /* dir where config file -> config_dir */
557 if (conf->config_dir != NULL) {
559 xfree(conf->config_dir);
561 conf->config_dir = getFullpathDir(filename2);
565 if ((fp = fopen(filename2, "r")) == NULL) {
566 DEBUG("readPtsConfig - File %s open was failed\n", filename2);
567 rc = PTS_INTERNAL_ERROR;
574 while (fgets(line, LINE_BUF_SIZE, fp) != NULL) { // read line
576 line_len = strlen(line);
578 /* check for line length */
579 if (line_len == LINE_BUF_SIZE) {
580 ERROR("Line too long in %s at line %d\n", filename2, cnt);
585 /* strip trailing CR */
586 if (line[line_len-1] == '\n') line[--line_len] = '\0';
588 if (line[0] == '#') {
590 } else if ((eq = strstr(line, "=")) != NULL) { /* name=value line*/
599 // DEBUG("%4d [%s]=[%s]\n",cnt, name, value);
602 replace the curent setting based on the location of config file
603 to path set by config file.
605 if (!strncmp(name, "config.dir", 10)) {
606 DEBUG("conf dir : %s\n", value);
607 if (value[0] != '/') {
608 /* => get fullpath */
609 path = getFullpathName(conf->config_dir, value);
610 xfree(conf->config_dir);
611 conf->config_dir = path;
613 /* started by /, seems full path, just replace */
614 xfree(conf->config_dir);
615 conf->config_dir = smalloc_assert(value);
619 /* openpts_pcr_index */
620 if (!strncmp(name, "openpts.pcr.index", 17)) {
621 conf->openpts_pcr_index = atoi(value);
622 DEBUG("openpts_pcr_index = %d\n", conf->openpts_pcr_index);
625 /* How to get the IML? 0: via tss, 1:securityfs */
626 if (!strncmp(name, "iml.mode", 8)) {
627 if (!strncmp(value, "securityfs", 10)) {
629 } else if (!strncmp(value, "tss", 3)) {
632 ERROR("iml.mode is neither 'securityfs' or 'tss'\n");
638 /* srk.password.mode */
639 if (!strncmp(name, "srk.password.mode", 17)) {
640 if (!strncmp(value, "null", 4)) {
641 conf->srk_password_mode = 0;
642 DEBUG("conf->srk_password_mode : null\n");
643 } else if (!strncmp(value, "known", 5)) {
644 conf->srk_password_mode = 1;
645 DEBUG("conf->srk_password_mode : known\n");
647 ERROR("Bad srk.password.mode flag '%s' in %s\n",
654 /* tpm.resetdalock */
655 if (!strncmp(name, "tpm.resetdalock", 15)) {
656 if (!strncmp(value, "on", 2)) {
657 conf->tpm_resetdalock = 1;
658 DEBUG("conf->tpm_resetdalock : on\n");
659 } else if (!strncmp(value, "off", 3)) {
660 conf->tpm_resetdalock = 0; // default
661 DEBUG("conf->tpm_resetdalock : off (default)\n");
663 ERROR("Bad tpm.resetdalock flag '%s' in %s\n",
671 if (!strncmp(name, "tpm.quote.type", 14)) {
672 if (!strncmp(value, "quote2", 6)) {
673 conf->tpm_quote_type = 0; // default
674 DEBUG("conf->tpm_quote_type : quote2 (default)\n");
675 } else if (!strncmp(value, "quote", 5)) {
676 conf->tpm_quote_type = 1;
677 DEBUG("conf->tpm_quote_type : quote\n");
679 ERROR("Bad tpm.quote.type flag %s\n", value);
685 /* Endian for cross platform debug */
686 if (!strncmp(name, "iml.endian", 10)) {
687 if (!strncmp(value, "little", 6)) {
689 conf->iml_endian = 2; // = mode option of getBiosIml()
690 DEBUG("convert endian mode\n");
692 conf->iml_endian = 0;
694 } else if (!strncmp(value, "big", 3)) {
696 conf->iml_endian = 0;
698 conf->iml_endian = 2;
699 // DEBUG("convert endian mode\n");
700 DEBUG("endian mode : convert\n");
703 ERROR("iml.endian is neither 'big' or 'little'\n");
710 if (!strncmp(name, "iml.aligned", 11)) {
711 conf->iml_aligned = atoi(value);
716 if (!strncmp(name, "bios.iml.file", 13)) {
717 conf->bios_iml_filename = getFullpathName(conf->config_dir, value);
718 DEBUG("conf->bios_iml_filename : %s\n", conf->bios_iml_filename);
721 if (!strncmp(name, "runtime.iml.file", 16)) {
722 conf->runtime_iml_filename = getFullpathName(conf->config_dir, value);
723 DEBUG("conf->runtime_iml_filename : %s\n", conf->runtime_iml_filename);
725 if (!strncmp(name, "runtime.iml.type", 16)) {
726 if (!strncmp(value, "IMA31", 5)) {
727 conf->runtime_iml_type = BINARY_IML_TYPE_IMA_31;
728 } else if (!strncmp(value, "IMA32", 5)) {
729 conf->runtime_iml_type = BINARY_IML_TYPE_IMA;
730 } else if (!strncmp(value, "IMA", 3)) {
731 conf->runtime_iml_type = BINARY_IML_TYPE_IMA_ORIGINAL;
733 ERROR("unknown runtime.iml.type %s\n", value);
739 if (!strncmp(name, "pcrs.file", 9)) {
740 conf->pcrs_filename = getFullpathName(conf->config_dir, value);
741 DEBUG("conf->pcrs_filename : %s\n", conf->pcrs_filename);
744 // RM config - from 0.2.3
745 if (!strncmp(name, "rm.basedir", 10)) {
746 if (conf->rm_basedir != NULL) {
747 // DEBUG("realloc conf->rm_basedir"); // TODO realloc happen
748 xfree(conf->rm_basedir);
750 conf->rm_basedir = getFullpathName(conf->config_dir, value);
752 if (!strncmp(name, "rm.num", 6)) {
753 conf->rm_num = atoi(value);
754 if (conf->rm_num > MAX_RM_NUM) {
755 ERROR("RM number rm.num=%d is larger than MAX_RM_NUM=%d - truncking\n", conf->rm_num, MAX_RM_NUM);
756 conf->rm_num = MAX_RM_NUM;
758 DEBUG("conf->rm_num : %d\n", conf->rm_num);
761 /* IR file (verifier side) */
762 /* Depricated - we use a temporary file in /tmp on collector side */
763 if (!strncmp(name, "ir.file", 7)) {
764 if (conf->ir_filename != NULL) {
765 // DEBUG("realloc conf->ir_filename"); // TODO realloc happen
766 xfree(conf->ir_filename);
768 conf->ir_filename = getFullpathName(conf->config_dir, value);
769 DEBUG("conf->ir_filename : %s\n", conf->ir_filename);
770 // ERROR("ir.file is obsolute, please use ir.dir"); /// Collectror TODO
772 /* IR dir (collector side) */
773 if (!strncmp(name, "ir.dir", 6)) {
774 if (conf->ir_dir != NULL) {
775 // DEBUG("realloc conf->ir_filename"); // TODO realloc happen
778 conf->ir_dir = getFullpathName(conf->config_dir, value);
779 DEBUG("conf->ir_dir : %s\n", conf->ir_dir);
781 // /* set this to some sensible default value so that ptsc.c doesn't seg fault */
782 // conf->ir_dir = smalloc("/tmp");
785 if (!strncmp(name, "prop.file", 9)) {
786 if (conf->prop_filename != NULL) {
787 // DEBUG("realloc conf->prop_filename"); // TODO realloc happen
788 xfree(conf->prop_filename);
790 conf->prop_filename = getFullpathName(conf->config_dir, value);
793 // 20100908 Munetoh -> ifm.c
794 if (!strncmp(name, "ir.quote", 8)) {
795 if (!strncmp(value, "WITHOUT_QUOTE", 13)) {
796 conf->ir_without_quote = 1;
797 TODO("Generate IR without TPM_Quote signature\n");
802 if (!strncmp(name, "model.dir", 10)) {
803 conf->model_dir = getFullpathName(conf->config_dir, value);
806 if (!strncmp(name, "iml.ipl.maxcount", 16)) {
807 conf->iml_maxcount = atoi(value);
808 DEBUG("conf->iml_maxcount : %d\n", conf->iml_maxcount);
812 if (!strncmp(name, "verifier.logging.dir", 20)) {
813 if (conf->verifier_logging_dir != NULL) {
814 xfree(conf->verifier_logging_dir);
816 conf->verifier_logging_dir = getFullpathName(conf->config_dir, value);
820 if (!strncmp(name, "policy.file", 11)) {
821 if (conf->policy_filename != NULL) {
822 // DEBUG("realloc conf->policy_filename\n"); // TODO realloc happen
823 xfree(conf->policy_filename);
825 conf->policy_filename = getFullpathName(conf->config_dir, value);
829 if (!strncmp(name, "config.dir", 10)) {
830 if (conf->config_dir != NULL) {
831 TODO("conf dir %s ->%s\n", conf->config_dir, value);
834 conf->config_dir = getFullpathName(config_path, value);
840 if (!strncmp(name, "ima.validation.mode", 19)) {
841 if (!strncmp(value, "aide", 4)) {
842 conf->ima_validation_mode = OPENPTS_VALIDATION_MODE_AIDE;
843 } else if (!strncmp(value, "none", 4)) {
844 conf->ima_validation_mode = OPENPTS_VALIDATION_MODE_NONE;
846 ERROR("unknown ima.validation.mode [%s]\n", value);
852 if (!strncmp(name, "aide.database.file", 18)) {
853 if (conf->aide_database_filename != NULL) {
854 // DEBUG("realloc conf->aide_database_filename\n"); // TODO realloc happen
855 xfree(conf->aide_database_filename);
857 conf->aide_database_filename = getFullpathName(conf->config_dir, value);
860 if (!strncmp(name, "aide.sqlite.file", 18)) {
861 conf->aide_sqlite_filename = getFullpathName(conf->config_dir, value);
864 if (!strncmp(name, "aide.ignorelist.file", 20)) {
865 if (conf->aide_ignorelist_filename != NULL) {
866 // DEBUG("realloc conf->aide_ignorelist_filename\n"); // TODO realloc happen
867 xfree(conf->aide_ignorelist_filename);
869 conf->aide_ignorelist_filename = getFullpathName(conf->config_dir, value);
871 #endif // CONFIG_AIDE
874 if (!strncmp(name, "uuid.file", 9)) {
875 if (conf->uuid == NULL) {
876 conf->uuid = newOpenptsUuid();
878 conf->uuid->filename = getFullpathName(conf->config_dir, value);
879 conf->uuid->status = OPENPTS_UUID_FILENAME_ONLY;
880 rc = readOpenptsUuidFile(conf->uuid);
881 if (rc != PTS_SUCCESS) {
882 /* uuid file is missing */
884 // DEBUG("no UUID file %s\n", conf->uuid->filename);
885 conf->uuid->status = OPENPTS_UUID_FILENAME_ONLY;
886 DEBUG("conf->uuid : not initialized\n");
888 DEBUG("conf->uuid->str : %s\n", conf->uuid->str);
890 } else if (!strncmp(name, "uuid", 4)) {
891 ERROR("uuid=XXX is deprecated, in %s\n", filename);
892 if (conf->uuid == NULL) {
893 conf->uuid = newOpenptsUuid();
895 if (conf->uuid->uuid != NULL) {
896 TODO("free conf->uuid \n");
897 xfree(conf->uuid->uuid);
900 conf->uuid->uuid = getUuidFromString(value);
901 if (conf->uuid->uuid == NULL) {
902 ERROR("read UUID fail\n");
904 conf->uuid->str = getStringOfUuid(conf->uuid->uuid);
905 if (conf->uuid->str == NULL) {
906 ERROR("read UUID fail\n");
910 /* RM UUID for RM set */
911 if (!strncmp(name, "rm.uuid.file", 12)) {
912 if (conf->rm_uuid == NULL) {
913 conf->rm_uuid = newOpenptsUuid();
915 if (conf->rm_uuid->filename != NULL) {
916 // DEBUG("realloc conf->rm_uuid->filename"); // TODO realloc happen
917 xfree(conf->rm_uuid->filename);
919 conf->rm_uuid->filename = getFullpathName(conf->config_dir, value);
920 conf->rm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
921 rc = readOpenptsUuidFile(conf->rm_uuid);
922 if (rc != PTS_SUCCESS) {
923 /* uuid file is missing */
925 // DEBUG("no UUID file %s\n", conf->uuid->filename);
926 conf->rm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
928 // DEBUG("read UUID from file %s, UUID=%s\n", conf->uuid->filename, conf->uuid->str);
930 DEBUG("conf->rm_uuid->str : %s\n", conf->rm_uuid->str);
933 /* NEWRM UUID for next boot */
934 /* NEWRM UUID for RM set */
935 if (!strncmp(name, "newrm.uuid.file", 15)) {
936 if (conf->newrm_uuid == NULL) {
937 conf->newrm_uuid = newOpenptsUuid();
939 if (conf->newrm_uuid->filename != NULL) {
940 // DEBUG("realloc conf->rm_uuid->filename"); // TODO realloc happen
941 xfree(conf->newrm_uuid->filename);
943 conf->newrm_uuid->filename = getFullpathName(conf->config_dir, value);
944 conf->newrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
945 rc = readOpenptsUuidFile(conf->newrm_uuid);
946 if (rc != PTS_SUCCESS) {
947 /* uuid file is missing */
949 // DEBUG("no UUID file %s\n", conf->uuid->filename);
950 conf->newrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
952 conf->pts_flag[0] |= OPENPTS_FLAG0_NEWRM_EXIST;
953 DEBUG("Read new RM UUID from file %s, UUID=%s. New pts_flag[0]=0x%02x\n",
954 conf->newrm_uuid->filename, conf->newrm_uuid->str, conf->pts_flag[0]);
956 DEBUG("conf->newrm_uuid->str : %s\n", conf->newrm_uuid->str);
958 /* OLDRM UUID for RM set */
959 if (!strncmp(name, "oldrm.uuid.file", 15)) {
960 if (conf->oldrm_uuid == NULL) {
961 conf->oldrm_uuid = newOpenptsUuid();
963 if (conf->oldrm_uuid->filename != NULL) {
964 // DEBUG("realloc conf->oldrm_uuid->filename"); // TODO realloc happen
965 xfree(conf->oldrm_uuid->filename);
967 conf->oldrm_uuid->filename = getFullpathName(conf->config_dir, value);
968 conf->oldrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
969 rc = readOpenptsUuidFile(conf->oldrm_uuid);
970 if (rc != PTS_SUCCESS) {
971 /* uuid file is missing */
973 // DEBUG("no UUID file %s\n", conf->uuid->filename);
974 conf->oldrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
976 // DEBUG("read UUID from file %s, UUID=%s\n", conf->uuid->filename, conf->uuid->str);
978 DEBUG("conf->oldrm_uuid->str : %s\n", conf->oldrm_uuid->str);
982 if (!strncmp(name, "target.uuid", 11)) {
983 if (conf->target_uuid != NULL) {
984 // DEBUG("realloc conf->target_uuid\n"); // TODO realloc happen
985 xfree(conf->target_uuid);
987 conf->target_uuid = getUuidFromString(value);
988 if (conf->target_uuid == NULL) {
989 ERROR("bad UUID ? %s\n", value);
992 if (conf->str_target_uuid != NULL) {
993 // DEBUG("realloc conf->str_target_uuid\n"); // TODO realloc happen
994 xfree(conf->str_target_uuid);
996 conf->str_target_uuid = getStringOfUuid(conf->target_uuid);
997 if (conf->str_target_uuid == NULL) {
998 ERROR("bad UUID ? %s\n", value);
1004 if (!strncmp(name, "target.pubkey", 13)) {
1005 if (conf->pubkey != NULL) {
1006 xfree(conf->pubkey);
1008 conf->pubkey = decodeBase64(
1012 if (conf->pubkey == NULL) {
1013 ERROR("decodeBase64");
1014 conf->pubkey_length = 0;
1016 conf->pubkey_length = buf_len;
1017 DEBUG("pubkey length : %d\n", conf->pubkey_length);
1022 /* default values */
1023 conf->ssh_username = NULL; // use default values
1024 conf->ssh_port = NULL;
1026 if (!strncmp(name, "ssh.username", 12)) {
1027 conf->ssh_username = smalloc_assert(value);
1028 DEBUG("conf->ssh_username : %s\n", conf->ssh_username);
1030 if (!strncmp(name, "ssh.port", 8)) {
1031 conf->ssh_port = smalloc_assert(value);
1032 DEBUG("conf->ssh_port : %s\n", conf->ssh_port);
1036 if (!strncmp(name, "hostname", 8)) {
1037 if (conf->hostname != NULL) {
1038 // DEBUG("realloc conf->hostname\n"); // TODO realloc happen
1039 xfree(conf->hostname);
1041 conf->hostname = smalloc_assert(value);
1042 DEBUG("conf->hostname : %s\n", conf->hostname);
1046 if (!strncmp(name, "selftest", 8)) {
1047 if (!strncmp(value, "on", 2)) {
1049 } else if (!strncmp(value, "off", 3)) {
1050 conf->selftest = 0; // default
1052 ERROR("unknown selftest %s\n", value);
1053 isFileIncorrect = 1;
1058 if (!strncmp(name, "autoupdate", 10)) {
1059 if (!strncmp(value, "on", 2)) {
1060 conf->autoupdate = 1;
1061 DEBUG("conf->autoupdate : on\n");
1062 } else if (!strncmp(value, "off", 3)) {
1063 conf->autoupdate = 0; // default
1064 DEBUG("conf->autoupdate : off\n");
1066 ERROR("unknown autoupdate %s\n", value); // TODO
1067 isFileIncorrect = 1;
1073 if ((rc = readPtsConfig_CompID(conf, name, value)) != PTS_SUCCESS) {
1074 isFileIncorrect = 1;
1078 /* PTSV Enrollment */
1079 if (!strncmp(name, "enrollment", 10)) {
1080 if (!strncmp(value, "none", 4)) {
1081 conf->enrollment = IMV_ENROLLMENT_NONE;
1082 DEBUG("conf->enrollment : none\n");
1083 } else if (!strncmp(value, "credential", 10)) {
1084 conf->enrollment = IMV_ENROLLMENT_CREDENTIAL;
1085 DEBUG("conf->enrollment : credential\n");
1086 } else if (!strncmp(value, "auto", 4)) {
1087 conf->enrollment = IMV_ENROLLMENT_AUTO;
1088 DEBUG("conf->enrollment : auto\n");
1090 ERROR("unknown enrollment %s\n", value); // TODO
1091 conf->enrollment = 0;
1095 /* Atetstation(sign) key*/
1096 if (!strncmp(name, "aik.storage.type", 16)) {
1097 if (!strncmp(value, "tss", 3)) {
1098 conf->aik_storage_type = OPENPTS_AIK_STORAGE_TYPE_TSS;
1099 DEBUG("conf->aik_storage_type : none\n");
1100 } else if (!strncmp(value, "blob", 4)) {
1101 conf->aik_storage_type = OPENPTS_AIK_STORAGE_TYPE_BLOB;
1102 DEBUG("conf->aik_storage_type : blob\n");
1104 ERROR("unknown aik.storage.type %s\n", value); // TODO
1105 conf->aik_storage_type = 0;
1108 if (!strncmp(name, "aik.storage.filename", 20)) {
1109 if (aik_storage_filename != NULL) {
1110 free(aik_storage_filename);
1112 aik_storage_filename = smalloc(value);
1113 DEBUG("aik_storage_filename : CONF/%s\n", aik_storage_filename);
1115 if (!strncmp(name, "aik.auth.type", 13)) {
1116 if (!strncmp(value, "null", 4)) {
1117 conf->aik_auth_type = OPENPTS_AIK_AUTH_TYPE_NULL;
1118 DEBUG("conf->aik_auth_type : null\n");
1119 } else if (!strncmp(value, "common", 6)) {
1120 conf->aik_auth_type = OPENPTS_AIK_AUTH_TYPE_COMMON;
1121 DEBUG("conf->aik_auth_type : common\n");
1123 ERROR("unknown aik.auth.type %s\n", value); // TODO
1124 conf->aik_auth_type = 0;
1129 if (!strncmp(name, "verbose", 7)) {
1130 setVerbosity(atoi(value));
1131 DEBUG("Verbosity : %d (set by conf)\n", getVerbosity());
1133 if (!strncmp(name, "logging.location", 16)) {
1134 if (!strncmp(value, "syslog", 6)) {
1135 setLogLocation(OPENPTS_LOG_SYSLOG, NULL);
1136 DEBUG("Logging location : syslog\n");
1137 } else if (!strncmp(value, "console", 6)) {
1138 setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
1139 DEBUG("Logging location : syslog\n");
1141 ERROR("unknown aik.storage.type %s\n", value); // TODO
1142 conf->aik_storage_type = 0;
1145 if (!strncmp(name, "logging.file", 12)) {
1147 log_filename = getFullpathName(conf->config_dir, value);
1148 setLogLocation(OPENPTS_LOG_FILE, log_filename);
1149 DEBUG("Logging location : file (%s)\n", log_filename);
1150 xfree(log_filename);
1155 /* accept only blank lines */
1159 while (*ptr != '\0') {
1160 if (!isspace(*ptr)) {
1161 ERROR("Syntax error in %s at line %d\n", filename2, cnt);
1162 isFileIncorrect = 1;
1170 if (conf->verifier_logging_dir == NULL) {
1171 /* set default logging dir */
1172 conf->verifier_logging_dir = smalloc_assert("~/.openpts");
1175 /* Atetstation(sign) key */
1176 if (conf->aik_storage_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
1177 if (aik_storage_filename == NULL) {
1178 /* set the default filename if missed */
1179 conf->aik_storage_filename = getFullpathName(conf->config_dir, "key.blob");
1181 conf->aik_storage_filename =
1182 getFullpathName(conf->config_dir, aik_storage_filename);
1183 free(aik_storage_filename);
1185 DEBUG("conf->aik_storage_filename : %s\n", conf->aik_storage_filename);
1189 if (conf->uuid != NULL) {
1190 DEBUG("conf->uuid->filename : %s\n", conf->uuid->filename);
1192 // DEBUG("conf->uuid->filename : uuid is not initialized\n");
1194 if (conf->rm_uuid != NULL) {
1195 DEBUG("conf->rm_uuid->filename : %s\n", conf->rm_uuid->filename);
1197 // DEBUG("conf->rm_uuid->filename : rm_uuid is not initialized\n");
1205 if (isFileIncorrect) {
1206 OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_BAD_CONFIG_FILE, "Bad configuration file\n"));
1207 rc = PTS_INTERNAL_ERROR;
1214 OUTPUT(NLS(MS_OPENPTS, OPENPTS_CONFIG_MISSING, "Cannot open config file '%s'\n"), filename2);
1215 rc = PTS_INTERNAL_ERROR;
1218 if (filename2 != NULL) xfree(filename2);
1224 static void writeTargetConf_CompID(OPENPTS_CONFIG *conf, FILE *fp) {
1227 for (level = 0; level < MAX_RM_NUM; level++) {
1228 if (conf->compIDs[level].SimpleName != NULL)
1229 fprintf(fp, "rm.compid.%d.SimpleName=%s\n", level, conf->compIDs[level].SimpleName);
1230 if (conf->compIDs[level].ModelName != NULL)
1231 fprintf(fp, "rm.compid.%d.ModelName=%s\n", level, conf->compIDs[level].ModelName);
1232 if (conf->compIDs[level].ModelNumber != NULL)
1233 fprintf(fp, "rm.compid.%d.ModelNumber=%s\n", level, conf->compIDs[level].ModelNumber);
1234 if (conf->compIDs[level].ModelSerialNumber != NULL)
1235 fprintf(fp, "rm.compid.%d.ModelSerialNumber=%s\n", level, conf->compIDs[level].ModelSerialNumber);
1236 if (conf->compIDs[level].ModelSystemClass != NULL)
1237 fprintf(fp, "rm.compid.%d.ModelSystemClass=%s\n", level, conf->compIDs[level].ModelSystemClass);
1238 if (conf->compIDs[level].VersionMajor != NULL)
1239 fprintf(fp, "rm.compid.%d.VersionMajor=%s\n", level, conf->compIDs[level].VersionMajor);
1240 if (conf->compIDs[level].VersionMinor != NULL)
1241 fprintf(fp, "rm.compid.%d.VersionMinor=%s\n", level, conf->compIDs[level].VersionMinor);
1242 if (conf->compIDs[level].VersionBuild != NULL)
1243 fprintf(fp, "rm.compid.%d.VersionBuild=%s\n", level, conf->compIDs[level].VersionBuild);
1244 if (conf->compIDs[level].VersionString != NULL)
1245 fprintf(fp, "rm.compid.%d.VersionString=%s\n", level, conf->compIDs[level].VersionString);
1246 if (conf->compIDs[level].MfgDate != NULL)
1247 fprintf(fp, "rm.compid.%d.MfgDate=%s\n", level, conf->compIDs[level].MfgDate);
1248 if (conf->compIDs[level].PatchLevel != NULL)
1249 fprintf(fp, "rm.compid.%d.PatchLevel=%s\n", level, conf->compIDs[level].PatchLevel);
1250 if (conf->compIDs[level].DiscretePatches != NULL)
1251 fprintf(fp, "rm.compid.%d.DiscretePatches=%s\n", level, conf->compIDs[level].DiscretePatches);
1252 if (conf->compIDs[level].VendorID_Name != NULL)
1253 fprintf(fp, "rm.compid.%d.VendorID_Name=%s\n", level, conf->compIDs[level].VendorID_Name);
1254 if (conf->compIDs[level].VendorID_Value != NULL) {
1255 fprintf(fp, "rm.compid.%d.", level);
1256 switch (conf->compIDs[level].VendorID_type) {
1257 case VENDORID_TYPE_TCG: fprintf(fp, "TcgVendorId="); break;
1258 case VENDORID_TYPE_SMI: fprintf(fp, "SmiVendorId="); break;
1259 case VENDORID_TYPE_GUID: fprintf(fp, "VendorGUID="); break;
1261 fprintf(fp, "%s\n", conf->compIDs[level].VendorID_Value);
1270 * HOME/.openpts/hostname/target.conf
1272 * IntegrationTest : check_ifm.c
1276 int writeTargetConf(OPENPTS_CONFIG *conf, PTS_UUID *uuid, char *filename) {
1281 DEBUG("writeTargetConf : %s\n", filename);
1284 if ((fp = fopen(filename, "w")) == NULL) {
1285 ERROR("writeTargetConf - Conf File %s open was failed\n", filename);
1289 str_uuid = getStringOfUuid(uuid);
1290 // TODO check 6 free
1292 fprintf(fp, "# generated by openpts. do not edit this file\n");
1293 fprintf(fp, "target.uuid=%s\n", str_uuid);
1295 if (conf->pubkey_length > 0) {
1300 (unsigned char *)conf->pubkey,
1301 conf->pubkey_length,
1303 fprintf(fp, "target.pubkey=%s\n", buf); // base64
1307 fprintf(fp, "verifier.logging.dir=./\n");
1308 fprintf(fp, "policy.file=./policy.conf\n");
1312 fprintf(fp, "rm.basedir=./\n");
1313 fprintf(fp, "rm.num=%d\n", conf->rm_num);
1315 fprintf(fp, "rm.uuid.file=./rm_uuid\n");
1316 fprintf(fp, "newrm.uuid.file=./newrm_uuid\n");
1317 fprintf(fp, "oldrm.uuid.file=./oldrm_uuid\n");
1318 fprintf(fp, "ir.file=./ir.xml\n");
1319 fprintf(fp, "prop.file=./vr.properties\n");
1322 if (conf->ima_validation_mode == OPENPTS_VALIDATION_MODE_AIDE) {
1323 fprintf(fp, "ima.validation.mode=aide\n");
1324 fprintf(fp, "aide.database.file=./aide.db.gz\n");
1325 #ifdef CONFIG_SQLITE
1326 fprintf(fp, "aide.sqlite.file=./aide.sqlite.db\n");
1328 fprintf(fp, "aide.ignorelist.file=./aide.ignore\n");
1330 fprintf(fp, "ima.validation.mode=none\n");
1334 // #ifdef CONFIG_AUTO_RM_UPDATE
1335 // fprintf(fp, "autoupdate=on\n");
1339 if (conf->ssh_username != NULL) {
1340 fprintf(fp, "ssh.username=%s\n", conf->ssh_username);
1342 if (conf->ssh_port != NULL) {
1343 fprintf(fp, "ssh.port=%s\n", conf->ssh_port);
1346 /* target hostname */
1347 // 20110117 move from dir name to conf, since the dir name uses UUID
1348 fprintf(fp, "hostname=%s\n", conf->hostname);
1359 * HOME/.openpts/hostname/target.conf
1361 int readTargetConf(OPENPTS_CONFIG *conf, char *filename) {
1364 DEBUG("readTargetConf : %s\n", filename);
1367 conf->iml_mode = 0; // set TSS
1370 rc = readPtsConfig(conf, filename);
1371 if (rc != PTS_SUCCESS) {
1372 ERROR("readTargetConf - fail, rc = %d\n", rc);
1380 * Write openpts (verifier) conf
1382 * HOME/.openpts/openpts.conf
1388 int writeOpenptsConf(OPENPTS_CONFIG *conf, char *filename) {
1392 // DEBUG("writeOpenptsConf %s\n", filename);
1395 if ((fp = fopen(filename, "w")) == NULL) {
1396 ERROR("writeOpenptsConf - Conf File %s open was failed\n", filename);
1397 return PTS_INTERNAL_ERROR;
1400 fprintf(fp, "# generated by openpts. do not edit this file\n");
1401 fprintf(fp, "uuid.file=./uuid\n");
1402 fprintf(fp, "verifier.logging.dir=./\n");
1414 * HOME/.openpts/openpts.conf
1416 int readOpenptsConf(OPENPTS_CONFIG *conf, char *filename) {
1419 DEBUG_CAL("readOpenptsConf %s\n", filename);
1423 ERROR("null input");
1426 if (filename == NULL) {
1427 ERROR("null input");
1431 rc = readPtsConfig(conf, filename);
1433 ERROR("readOpenptsConf - fail, rc = %d\n", rc);
1440 * Set Model Filename
1442 * level Snapshot level (0 or 1)
1444 int setModelFile(OPENPTS_CONFIG *conf, int index, int level, char *filename) {
1447 ERROR("null input");
1451 if (level >= MAX_RM_NUM) {
1452 ERROR("setModelFile()- PCR[%d] trying to affect a model file(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
1453 index, filename, level, MAX_RM_NUM);
1457 if (conf->model_filename[level][index] != NULL) {
1458 xfree(conf->model_filename[level][index]);
1461 conf->model_filename[level][index] = smalloc(filename);
1463 if (conf->model_filename[level][index] == NULL) {