From 37a77d6960db1339682d4f025bd36919c4f679b8 Mon Sep 17 00:00:00 2001 From: jmagne Date: Mon, 1 Aug 2011 23:41:04 +0000 Subject: Fix Bugzilla Bug# 725572 - Starting TPS subsystem with no pre-existing audit log file does not write audit messages. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2089 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- pki/base/tps/src/engine/RA.cpp | 8 +++---- pki/base/tps/src/main/LogFile.cpp | 16 ++++++++++---- pki/base/tps/src/modules/tps/mod_tps.cpp | 38 ++++++++++++++++++++++++++++++++ 3 files changed, 54 insertions(+), 8 deletions(-) (limited to 'pki/base') diff --git a/pki/base/tps/src/engine/RA.cpp b/pki/base/tps/src/engine/RA.cpp index 7346d8099..0491b6db4 100644 --- a/pki/base/tps/src/engine/RA.cpp +++ b/pki/base/tps/src/engine/RA.cpp @@ -236,7 +236,7 @@ void RA::do_free(char *p) int RA::InitializeSignedAudit() { // cfu - RA::Debug("RA:: InitializeSignedAudit", "begins"); + RA::Debug("RA:: InitializeSignedAudit", "begins pid: %d",getpid()); tpsConfigured = m_cfg->GetConfigAsBool("tps.configured", false); // During installation config, don't do this if (IsTpsConfigured() && (m_audit_signed == true) && (m_audit_signing_key == NULL)) { @@ -527,8 +527,8 @@ int RA::InitializeInChild(RA_Context *ctx, int nSignedAuditInitCount) { int status = 0; char configname[256]; - RA::Debug( LL_PER_SERVER, "RA::InitializeInChild", "begins: %d", - nSignedAuditInitCount); + RA::Debug( LL_PER_SERVER, "RA::InitializeInChild", "begins: %d pid: %d ppid: %d", + nSignedAuditInitCount,getpid(),getppid()); if (!NSS_IsInitialized()) { RA::Debug( LL_PER_SERVER, "RA::InitializeInChild", "Initializing NSS"); @@ -589,7 +589,7 @@ int RA::InitializeInChild(RA_Context *ctx, int nSignedAuditInitCount) { m_buffer_size = m_cfg->GetConfigAsInt(CFG_AUDIT_BUFFER_SIZE, 512); m_flush_interval = m_cfg->GetConfigAsInt(CFG_AUDIT_FLUSH_INTERVAL, 5); - if (m_audit_enabled) { + if (m_audit_enabled && (nSignedAuditInitCount > 1 )) { // is audit logSigning on? m_audit_signed = m_cfg->GetConfigAsBool(CFG_AUDIT_SIGNED, false); RA::Debug("RA:: InitializeInChild", "Audit signing is %s", diff --git a/pki/base/tps/src/main/LogFile.cpp b/pki/base/tps/src/main/LogFile.cpp index e2dec7026..d908ca0c5 100644 --- a/pki/base/tps/src/main/LogFile.cpp +++ b/pki/base/tps/src/main/LogFile.cpp @@ -30,6 +30,7 @@ extern "C" { #endif +#include #include #include #include @@ -98,8 +99,8 @@ void LogFile::shutdown() { m_ctx->LogInfo( "LogFile::shutdown", __LINE__, - "thread = 0x%lx: Logfile %s shutting down", - PR_GetCurrentThread(), m_fname); + "thread = 0x%lx: Logfile %s shutting down pid: %d", + PR_GetCurrentThread(), m_fname,getpid()); PR_EnterMonitor(m_monitor); if (m_fd != NULL) { @@ -124,13 +125,20 @@ int LogFile::open() { PRFileInfo info; PR_EnterMonitor(m_monitor); + + m_ctx->LogInfo( "LogFile::open", + __LINE__, + "Opening Log File: %s pid: %d", + m_fname,getpid()); + if (m_fd == NULL) { m_fd = PR_Open(m_fname, PR_RDWR | PR_CREATE_FILE | PR_APPEND, 440|200); if (m_fd == NULL) { m_ctx->LogError( "LogFile::open", __LINE__, - "Unable to open log file %s", - m_fname); + "Unable to open log file %s error no: %d", + m_fname,PR_GetError()); + goto loser; } diff --git a/pki/base/tps/src/modules/tps/mod_tps.cpp b/pki/base/tps/src/modules/tps/mod_tps.cpp index cee4c5fd1..dc6cc95f9 100644 --- a/pki/base/tps/src/modules/tps/mod_tps.cpp +++ b/pki/base/tps/src/modules/tps/mod_tps.cpp @@ -631,6 +631,18 @@ static void mod_tps_init_child(apr_pool_t *p, server_rec *sv) srv_cfg->gconfig->nSignedAuditInitCount++; status = RA::InitializeInChild(srv_cfg->context, srv_cfg->gconfig->nSignedAuditInitCount); + + + if (status != RA_INITIALIZATION_SUCCESS) { + /* Need to shut down, the child was not initialized properly. */ + ap_log_error( "mod_tps_init_child", + __LINE__, APLOG_ERR, 0, sv, + "The tps module failed to do the initializeInChild tasks. "); + printf( "\nUnable to start Apache:\n" + " The tps module failed to do the initializeInChild tasks. "); + goto loser; + } + /* Register a server termination routine. */ apr_pool_cleanup_register( p, sv, @@ -645,6 +657,32 @@ static void mod_tps_init_child(apr_pool_t *p, server_rec *sv) ap_log_error(APLOG_MARK, APLOG_DEBUG, 0 /* status */, NULL, "Leaving mod_tps_init_child"); return; +loser: + /* Log TPS module debug information. */ + RA::Debug( "mod_tps::mod_tps_initialize", + "Failed loading the TPS module!" ); + + /* Free TPS resources. */ + /* If we are here, the parent should be up. */ + RA::Shutdown(); + + /* Since all members of mod_tps_server_configuration are allocated */ + /* from a pool, there is no need to unset any of these members. */ + +#ifdef MEM_PROFILING + /* If memory profiling is enabled, turn off memory profiling. */ + MEM_shutdown(); +#endif + + /* Shutdown all APR library routines. */ + /* NOTE: This automatically destroys all memory pools. */ + apr_terminate(); + + /* Terminate the entire Apache server */ + _exit(APEXIT_CHILDFATAL); + + return; + } -- cgit