diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-15 00:06:26 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-15 00:06:26 +0000 |
commit | 5d516b7e2fbac63521c7db3896986a828db015e2 (patch) | |
tree | 2a3ee8b405ca44194b774270e63bc14366ff51bf /pki/base/tps | |
parent | a5cf77dec7aa2e5e37479313a322b1f2d9377719 (diff) | |
download | pki-5d516b7e2fbac63521c7db3896986a828db015e2.tar.gz pki-5d516b7e2fbac63521c7db3896986a828db015e2.tar.xz pki-5d516b7e2fbac63521c7db3896986a828db015e2.zip |
Bug 669055 - TPS server does not re-start when signedAudit logging is turned ON
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1736 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/tps')
-rw-r--r-- | pki/base/tps/src/engine/RA.cpp | 4 | ||||
-rw-r--r-- | pki/base/tps/src/include/selftests/SelfTest.h | 4 | ||||
-rw-r--r-- | pki/base/tps/src/selftests/SelfTest.cpp | 42 |
3 files changed, 36 insertions, 14 deletions
diff --git a/pki/base/tps/src/engine/RA.cpp b/pki/base/tps/src/engine/RA.cpp index dfb784245..392946cff 100644 --- a/pki/base/tps/src/engine/RA.cpp +++ b/pki/base/tps/src/engine/RA.cpp @@ -627,6 +627,9 @@ int RA::InitializeInChild(RA_Context *ctx, int nSignedAuditInitCount) { // As per CC requirements, we want to flush the audit log immediately // to ensure that the audit log is not full FlushAuditLogBuffer(); + + rc = SelfTest::runStartUpSelfTests(); // run general self tests + if (rc != 0) goto loser; } if (m_debug_log != NULL) { @@ -2543,6 +2546,7 @@ int RA::InitializeHttpConnections(const char *id, int *len, HttpConnection **con if( ( clientnickname != NULL ) && ( PL_strcmp( clientnickname, "" ) != 0 ) ) { SelfTest::Initialize(m_cfg); + rc = SelfTest::runStartUpSelfTests(clientnickname); if (rc != 0) goto loser; } else { diff --git a/pki/base/tps/src/include/selftests/SelfTest.h b/pki/base/tps/src/include/selftests/SelfTest.h index cfdb0cdcc..c52f62f23 100644 --- a/pki/base/tps/src/include/selftests/SelfTest.h +++ b/pki/base/tps/src/include/selftests/SelfTest.h @@ -53,7 +53,8 @@ class SelfTest SelfTest(); ~SelfTest(); static void Initialize (ConfigStore *cfg); - static int runStartUpSelfTests (const char *nickname); + static int runStartUpSelfTests (const char *nickname); /* per cert */ + static int runStartUpSelfTests (); /* general */ static int runOnDemandSelfTests (); static int isOnDemandEnabled (); static int isOnDemandCritical (); @@ -67,6 +68,7 @@ class SelfTest private: static int isInitialized; + static int StartupSystemCertsVerificationRun; }; #endif diff --git a/pki/base/tps/src/selftests/SelfTest.cpp b/pki/base/tps/src/selftests/SelfTest.cpp index 93dc73d21..71266d581 100644 --- a/pki/base/tps/src/selftests/SelfTest.cpp +++ b/pki/base/tps/src/selftests/SelfTest.cpp @@ -60,6 +60,7 @@ const int SelfTest::nTests = 3; const char *SelfTest::TEST_NAMES[SelfTest::nTests] = { TPSPresence::TEST_NAME, TPSValidity::TEST_NAME, TPSSystemCertsVerification::TEST_NAME }; int SelfTest::isInitialized = 0; +int SelfTest::StartupSystemCertsVerificationRun = 0; SelfTest::SelfTest() { @@ -94,7 +95,7 @@ int SelfTest::runStartUpSelfTests (const char *nickname) int rc = 0; CERTCertificate *cert = 0; - RA::SelfTestLog("SelfTest::runStartUpSelfTests", "starting"); + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "per cert selftests starting for %s", nickname); if (TPSPresence::isStartupEnabled()) { rc = TPSPresence::runSelfTest(nickname, &cert); } @@ -123,19 +124,34 @@ int SelfTest::runStartUpSelfTests (const char *nickname) } else { RA::SelfTestLog("SelfTest::runStartUpSelfTests", "TPSValidity self test has been successfully completed."); } - if (TPSSystemCertsVerification::isStartupEnabled()) { - rc = TPSSystemCertsVerification::runSelfTest(); - } - if (rc != 0 && TPSSystemCertsVerification::isStartupCritical()) { - if (rc > 0) rc *= -1; - RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Critical TPSSystemCertsVerification self test failure: %d", rc); - return rc; - } else if (rc != 0) { - RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Noncritical TPSSystemCertsVerification self test failure: %d", rc); - } else { - RA::SelfTestLog("SelfTest::runStartUpSelfTests", "TPSSystemCertsVerification self test has been successfully completed."); + + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "per cert selftests done for %s", nickname); + return 0; +} + +int SelfTest::runStartUpSelfTests () +{ + int rc = 0; + + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "general selftests starting"); + /* this only needs to run once at startup */ + if (SelfTest::StartupSystemCertsVerificationRun == 0) { + if (TPSSystemCertsVerification::isStartupEnabled()) { + rc = TPSSystemCertsVerification::runSelfTest(); + } + if (rc != 0 && TPSSystemCertsVerification::isStartupCritical()) { + if (rc > 0) rc *= -1; + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Critical TPSSystemCertsVerification self test failure: %d", rc); + return rc; + } else if (rc != 0) { + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Noncritical TPSSystemCertsVerification self test failure: %d", rc); + } else { + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "TPSSystemCertsVerification self test has been successfully completed."); + } + SelfTest::StartupSystemCertsVerificationRun = 1; } - RA::SelfTestLog("SelfTest::runStartUpSelfTests", "done"); + + RA::SelfTestLog("SelfTest::runStartUpSelfTests", "general selftests done"); return 0; } |