Fixed bugzilla bugs: 607373 and 607374.

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1188 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-08-16 20:37:13 +0000
committer: awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-08-16 20:37:13 +0000
commit: ec4b497fafedc07c46866069e022b9f33166ee48 (patch)
tree: a0e2db3d611f3344ff7ff47d62a4145cf9a90368 /pki
parent: c22ab808cf7773c2ab98660d629513bf54bacd33 (diff)
download: pki-ec4b497fafedc07c46866069e022b9f33166ee48.tar.gz
pki-ec4b497fafedc07c46866069e022b9f33166ee48.tar.xz
pki-ec4b497fafedc07c46866069e022b9f33166ee48.zip
3 files changed, 564 insertions, 0 deletions
diff --git a/pki/base/tps/src/selftests/SelfTest.cpp b/pki/base/tps/src/selftests/SelfTest.cpp
new file mode 100644
index 000000000..aaa75f8a5
--- /dev/null
+++ b/pki/base/tps/src/selftests/SelfTest.cpp
@@ -0,0 +1,177 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This library is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation;
+// version 2.1 of the License.
+// 
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// Lesser General Public License for more details.
+// 
+// You should have received a copy of the GNU Lesser General Public
+// License along with this library; if not, write to the Free Software
+// Foundation, Inc., 51 Franklin Street, Fifth Floor,
+// Boston, MA  02110-1301  USA 
+// 
+// Copyright (C) 2010 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+
+#ifdef XP_WIN32
+#define TPS_PUBLIC __declspec(dllexport)
+#else /* !XP_WIN32 */
+#define TPS_PUBLIC
+#endif /* !XP_WIN32 */
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "prmem.h"
+#include "prsystem.h"
+#include "plstr.h"
+#include "prio.h"
+
+#include "cert.h"
+#include "certt.h"
+
+#ifdef __cplusplus
+}   
+#endif
+
+#include "engine/RA.h"
+#include "main/ConfigStore.h"
+#include "selftests/SelfTest.h"
+#include "selftests/TPSPresence.h"
+#include "selftests/TPSValidity.h"
+
+
+const char *SelfTest::CFG_SELFTEST_STARTUP = "selftests.container.order.startup";
+const char *SelfTest::CFG_SELFTEST_ONDEMAND = "selftests.container.order.onDemand";
+const int  SelfTest::nTests = 2;
+const char *SelfTest::TEST_NAMES[SelfTest::nTests] = { TPSPresence::TEST_NAME, TPSValidity::TEST_NAME };
+
+int SelfTest::isInitialized = 0;
+
+SelfTest::SelfTest()
+{
+}
+
+SelfTest::~SelfTest()
+{
+}
+
+void SelfTest::Initialize (ConfigStore *cfg)
+{
+    if (SelfTest::isInitialized == 0) {
+        SelfTest::isInitialized = 1;
+        TPSPresence::Initialize (cfg);
+        TPSValidity::Initialize (cfg);
+        SelfTest::isInitialized = 2;
+    }
+    RA::SelfTestLog("SelfTest::Initialize", "%s", ((isInitialized==2)?"successfully completed":"failed"));
+}
+
+// Error codes:
+//   -1 - missing cert db handle
+//    2 - missing cert
+//   -3 - missing cert nickname
+//    4 - secCertTimeExpired
+//    5 - secCertTimeNotValidYet
+// critical errors are negative
+
+int SelfTest::runStartUpSelfTests (const char *nickname)
+{
+    int rc = 0;
+    CERTCertificate *cert = 0;
+
+    RA::SelfTestLog("SelfTest::runStartUpSelfTests", "starting");
+    if (TPSPresence::isStartupEnabled()) {
+        rc = TPSPresence::runSelfTest(nickname, &cert);
+    }
+    if (rc != 0 && TPSPresence::isStartupCritical()) {
+        if (rc > 0) rc *= -1;
+        RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Critical TPSPresence self test failure: %d", rc);
+        return rc;
+    } else if (rc != 0) {
+        RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Noncritical TPSPresence self test failure: %d", rc);
+    } else {
+        RA::SelfTestLog("SelfTest::runStartUpSelfTests", "TPSPresence self test has been successfully completed.");
+    }
+    if (TPSValidity::isStartupEnabled()) {
+        rc = TPSValidity::runSelfTest(nickname, cert);
+rc = 4;
+    }
+    if (cert != 0) {
+        CERT_DestroyCertificate (cert);
+        cert = 0;
+    }
+    if (rc != 0 && TPSValidity::isStartupCritical()) {
+        if (rc > 0) rc *= -1;
+        RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Critical TPSValidity self test failure: %d", rc);
+        return rc;
+    } else if (rc != 0) {
+        RA::SelfTestLog("SelfTest::runStartUpSelfTests", "Noncritical TPSValidity self test failure: %d", rc);
+    } else {
+        RA::SelfTestLog("SelfTest::runStartUpSelfTests", "TPSValidity self test has been successfully completed.");
+    }
+    RA::SelfTestLog("SelfTest::runStartUpSelfTests", "done");
+    return 0;
+}
+
+int SelfTest::runOnDemandSelfTests ()
+{
+    int rc = 0;
+    RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "starting");
+    if (TPSPresence::isOnDemandEnabled()) {
+        rc = TPSPresence::runSelfTest();
+    }
+    if (rc != 0 && TPSPresence::isOnDemandCritical()) {
+        if (rc > 0) rc *= -1;
+        RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "Critical TPSPresence self test failure: %d", rc);
+        return rc;
+    } else if (rc != 0) {
+        RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "Noncritical TPSPresence self test failure: %d", rc);
+    } else {
+        RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "TPSPresence self test has been successfully completed.");
+    }
+    if (TPSValidity::isOnDemandEnabled()) {
+        rc = TPSValidity::runSelfTest();
+rc = 5;
+    }
+    if (rc != 0 && TPSValidity::isOnDemandCritical()) {
+        if (rc > 0) rc *= -1;
+        RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "Critical TPSValidity self test failure: %d", rc);
+        return rc;
+    } else if (rc != 0) {
+        RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "Noncritical TPSValidity self test failure: %d", rc);
+    } else {
+        RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "TPSValidity self test has been successfully completed.");
+    }
+    RA::SelfTestLog("SelfTest::runOnDemandSelfTests", "done");
+    return rc;
+}
+
+int SelfTest::isOnDemandEnabled ()
+{
+    int n = 0;
+    if (TPSPresence::isOnDemandEnabled()) n++;
+    if (TPSValidity::isOnDemandEnabled()) n += 2;
+    return n;
+}
+
+int SelfTest::isOnDemandCritical ()
+{
+    int n = 0;
+    if (TPSPresence::isOnDemandCritical()) n++;
+    if (TPSValidity::isOnDemandCritical()) n += 2;
+    return n;
+}
+
diff --git a/pki/base/tps/src/selftests/TPSPresence.cpp b/pki/base/tps/src/selftests/TPSPresence.cpp
new file mode 100644
index 000000000..6e2e562c9
--- /dev/null
+++ b/pki/base/tps/src/selftests/TPSPresence.cpp
@@ -0,0 +1,187 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This library is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation;
+// version 2.1 of the License.
+// 
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// Lesser General Public License for more details.
+// 
+// You should have received a copy of the GNU Lesser General Public
+// License along with this library; if not, write to the Free Software
+// Foundation, Inc., 51 Franklin Street, Fifth Floor,
+// Boston, MA  02110-1301  USA 
+// 
+// Copyright (C) 2010 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+
+#ifdef XP_WIN32
+#define TPS_PUBLIC __declspec(dllexport)
+#else /* !XP_WIN32 */
+#define TPS_PUBLIC
+#endif /* !XP_WIN32 */
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "prmem.h"
+#include "prsystem.h"
+#include "plstr.h"
+#include "prio.h"
+
+#include "cert.h"
+#include "certt.h"
+
+#ifdef __cplusplus
+}   
+#endif
+
+#include "engine/RA.h"
+#include "main/ConfigStore.h"
+#include "selftests/TPSPresence.h"
+
+
+int  TPSPresence::initialized = 0;
+bool TPSPresence::startupEnabled = false;
+bool TPSPresence::onDemandEnabled = false;
+bool TPSPresence::startupCritical = false;
+bool TPSPresence::onDemandCritical = false;
+char *TPSPresence::nickname = 0;
+const char *TPSPresence::NICKNAME_NAME = "selftests.plugin.TPSPresence.nickname";
+const char *TPSPresence::CRITICAL_TEST_NAME = "TPSPresence:critical";
+const char *TPSPresence::TEST_NAME = "TPSPresence";
+
+//default constructor
+TPSPresence::TPSPresence()
+{
+}
+
+TPSPresence::~TPSPresence()
+{
+}
+
+void TPSPresence::Initialize (ConfigStore *cfg)
+{
+    if (TPSPresence::initialized == 0) {
+        TPSPresence::initialized = 1;
+        const char* s = cfg->GetConfigAsString(CFG_SELFTEST_STARTUP);
+        if (s != 0) {
+            if (PL_strstr (s, TPSPresence::CRITICAL_TEST_NAME) != 0) {
+                startupCritical = true;
+                startupEnabled = true;
+            } else if (PL_strstr (s, TPSPresence::TEST_NAME) != 0) {
+                startupEnabled = true;
+            }
+        }
+        const char* d = cfg->GetConfigAsString(CFG_SELFTEST_ONDEMAND);
+        if (d != 0) {
+            if (PL_strstr (d, TPSPresence::CRITICAL_TEST_NAME) != 0) {
+                onDemandCritical = true;
+                onDemandEnabled = true;
+            } else if (PL_strstr (d, TPSPresence::TEST_NAME) != 0) {
+                onDemandEnabled = true;
+            }
+        }
+        char* n = (char*)(cfg->GetConfigAsString(TPSPresence::NICKNAME_NAME));
+        if (n != 0 && PL_strlen(n) > 0) {
+            TPSPresence::nickname = n;
+        }
+        TPSPresence::initialized = 2;
+    }
+    RA::SelfTestLog("TPSPresence::Initialize", "%s", ((initialized==2)?"successfully completed":"failed"));
+}
+
+// Error codes:
+//   -1 - missing cert db handle
+//    2 - missing cert
+//   -3 - missing cert nickname
+//    4 - secCertTimeExpired
+//    5 - secCertTimeNotValidYet
+// critical errors are negative
+
+int TPSPresence::runSelfTest ()
+{
+    int rc = 0;
+    if (TPSPresence::nickname != 0 && PL_strlen(TPSPresence::nickname) > 0) {
+        rc = TPSPresence::runSelfTest (TPSPresence::nickname);
+    } else {
+        rc = -3;
+    }
+    return rc;
+}
+
+int TPSPresence::runSelfTest (const char *nick_name)
+{
+    int rc = 0;
+    CERTCertDBHandle *handle = 0;
+    CERTCertificate *cert = 0;
+
+    if (nick_name != 0 && PL_strlen(nick_name) > 0) {
+        handle = CERT_GetDefaultCertDB();
+        if (handle != 0) {
+            cert = CERT_FindCertByNickname( handle, (char *) nick_name);
+            if (cert != 0) {
+                CERT_DestroyCertificate (cert);
+                cert = 0;
+            } else {
+                rc = 2;
+            }
+        } else {
+            rc = -1;
+        }
+    } else {
+        rc = TPSPresence::runSelfTest ();
+    }
+
+    return rc;
+}
+
+int TPSPresence::runSelfTest (const char *nick_name, CERTCertificate **cert)
+{
+    int rc = 0;
+    CERTCertDBHandle *handle = 0;
+
+    handle = CERT_GetDefaultCertDB();
+    if (handle != 0) {
+        *cert = CERT_FindCertByNickname( handle, (char *) nick_name);
+        if (*cert == NULL) {
+            rc = 2;
+        }
+    } else {
+        rc = 1;
+    }
+
+    return rc;
+}
+
+bool TPSPresence::isStartupEnabled ()
+{
+    return startupEnabled;
+}
+
+bool TPSPresence::isOnDemandEnabled ()
+{
+    return onDemandEnabled;
+}
+
+bool TPSPresence::isStartupCritical ()
+{
+    return startupCritical;
+}
+
+bool TPSPresence::isOnDemandCritical ()
+{
+    return onDemandCritical;
+}
+
+
diff --git a/pki/base/tps/src/selftests/TPSValidity.cpp b/pki/base/tps/src/selftests/TPSValidity.cpp
new file mode 100644
index 000000000..988870564
--- /dev/null
+++ b/pki/base/tps/src/selftests/TPSValidity.cpp
@@ -0,0 +1,200 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This library is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation;
+// version 2.1 of the License.
+// 
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// Lesser General Public License for more details.
+// 
+// You should have received a copy of the GNU Lesser General Public
+// License along with this library; if not, write to the Free Software
+// Foundation, Inc., 51 Franklin Street, Fifth Floor,
+// Boston, MA  02110-1301  USA 
+// 
+// Copyright (C) 2010 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+
+#ifdef XP_WIN32
+#define TPS_PUBLIC __declspec(dllexport)
+#else /* !XP_WIN32 */
+#define TPS_PUBLIC
+#endif /* !XP_WIN32 */
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "prmem.h"
+#include "prsystem.h"
+#include "plstr.h"
+#include "prio.h"
+
+#include "cert.h"
+#include "certt.h"
+
+#ifdef __cplusplus
+}   
+#endif
+
+#include "engine/RA.h"
+#include "main/ConfigStore.h"
+#include "selftests/TPSValidity.h"
+
+
+int  TPSValidity::initialized = 0;
+bool TPSValidity::startupEnabled = false;
+bool TPSValidity::onDemandEnabled = false;
+bool TPSValidity::startupCritical = false;
+bool TPSValidity::onDemandCritical = false;
+char *TPSValidity::nickname = 0;
+const char *TPSValidity::NICKNAME_NAME = "selftests.plugin.TPSValidity.nickname";
+const char *TPSValidity::CRITICAL_TEST_NAME = "TPSValidity:critical";
+const char *TPSValidity::TEST_NAME = "TPSValidity";
+
+
+//default constructor
+TPSValidity::TPSValidity()
+{
+}
+
+TPSValidity::~TPSValidity()
+{
+}
+
+void TPSValidity::Initialize (ConfigStore *cfg)
+{
+    if (TPSValidity::initialized == 0) {
+        TPSValidity::initialized = 1;
+        const char* s = cfg->GetConfigAsString(CFG_SELFTEST_STARTUP);
+        if (s != NULL) {
+            if (PL_strstr (s, TPSValidity::CRITICAL_TEST_NAME) != NULL) {
+                startupCritical = true;
+                startupEnabled = true;
+            } else if (PL_strstr (s, TPSValidity::TEST_NAME) != NULL) {
+                startupEnabled = true;
+            }
+        }
+        const char* d = cfg->GetConfigAsString(CFG_SELFTEST_ONDEMAND);
+        if (d != NULL) {
+            if (PL_strstr (d, TPSValidity::CRITICAL_TEST_NAME) != NULL) {
+                onDemandCritical = true;
+                onDemandEnabled = true;
+            } else if (PL_strstr (d, TPSValidity::TEST_NAME) != NULL) {
+                onDemandEnabled = true;
+            }
+        }
+        char* n = (char*)(cfg->GetConfigAsString(TPSValidity::NICKNAME_NAME));
+        if (n != NULL && PL_strlen(n) > 0) {
+            TPSValidity::nickname = n;
+        }
+        TPSValidity::initialized = 2;
+    }
+    RA::SelfTestLog("TPSValidity::Initialize", "%s", ((initialized==2)?"successfully completed":"failed"));
+}
+
+// Error codes:
+//   -1 - missing cert db handle
+//    2 - missing cert
+//   -3 - missing cert nickname
+//    4 - secCertTimeExpired
+//    5 - secCertTimeNotValidYet
+// critical errors are negative
+
+int TPSValidity::runSelfTest ()
+{
+    int rc = 0;
+    if (TPSValidity::nickname != NULL && PL_strlen(TPSValidity::nickname) > 0) {
+        rc = TPSValidity::runSelfTest (TPSValidity::nickname);
+    } else {
+        rc = -3;
+    }
+    return rc;
+}
+
+int TPSValidity::runSelfTest (const char *nick_name)
+{
+    SECCertTimeValidity certTimeValidity;
+    PRTime now;
+    int rc = 0;
+    CERTCertDBHandle *handle = 0;
+    CERTCertificate *cert = 0;
+
+    handle = CERT_GetDefaultCertDB();
+    if (handle != 0) {
+        cert = CERT_FindCertByNickname( handle, (char *) nick_name);
+        if (cert != 0) {
+            now = PR_Now();
+            certTimeValidity = CERT_CheckCertValidTimes (cert, now, PR_FALSE);
+            if (certTimeValidity == secCertTimeExpired) {
+                rc = 4;
+            } else if (certTimeValidity == secCertTimeNotValidYet) {
+                rc = 5;
+            }
+            CERT_DestroyCertificate (cert);
+            cert = 0;
+        } else {
+            rc = 2;
+        }
+    } else {
+        rc = -1;
+    }
+
+    return rc;
+}
+
+int TPSValidity::runSelfTest (const char *nick_name, CERTCertificate *cert)
+{
+    SECCertTimeValidity certTimeValidity;
+    PRTime now;
+    int rc = 0;
+
+    if (cert != 0) {
+        now = PR_Now();
+        certTimeValidity = CERT_CheckCertValidTimes (cert, now, PR_FALSE);
+            if (certTimeValidity == secCertTimeExpired) {
+                rc = 4;
+            } else if (certTimeValidity == secCertTimeNotValidYet) {
+                rc = 5;
+            }
+            CERT_DestroyCertificate (cert);
+            cert = 0;
+    } else if (nick_name != 0 && PL_strlen(nick_name) > 0) {
+        rc = TPSValidity::runSelfTest (nick_name);
+    } else {
+        rc = TPSValidity::runSelfTest ();
+    }
+
+    return rc;
+
+}
+
+bool TPSValidity::isStartupEnabled ()
+{
+    return startupEnabled;
+}
+
+bool TPSValidity::isOnDemandEnabled ()
+{
+    return onDemandEnabled;
+}
+
+bool TPSValidity::isStartupCritical ()
+{
+    return startupCritical;
+}
+
+bool TPSValidity::isOnDemandCritical ()
+{
+    return onDemandCritical;
+}
+
author	awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-08-16 20:37:13 +0000
committer	awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-08-16 20:37:13 +0000
commit	ec4b497fafedc07c46866069e022b9f33166ee48 (patch)
tree	a0e2db3d611f3344ff7ff47d62a4145cf9a90368 /pki
parent	c22ab808cf7773c2ab98660d629513bf54bacd33 (diff)
download	pki-ec4b497fafedc07c46866069e022b9f33166ee48.tar.gz pki-ec4b497fafedc07c46866069e022b9f33166ee48.tar.xz pki-ec4b497fafedc07c46866069e022b9f33166ee48.zip