diff --git a/ACTK1_0/common/init.cpp b/ACTK1_0/common/init.cpp index d0740d1..8182f06 100644 --- a/ACTK1_0/common/init.cpp +++ b/ACTK1_0/common/init.cpp @@ -19,6 +19,9 @@ #include #include +const char *otePeer="epp.ote.donuts.co"; +static int tkScenario=0; + namespace { void initEnumTypes() @@ -77,10 +80,18 @@ public: } }; -} // anonymous namepsace +} // anonymous namespace void init(const std::string& system_props_file) { static const Init doInit(system_props_file); } + +void scenario(int scenario) +{ + std::string stdPropsPath("etc/toolkit2.conf"); + + tkScenario = scenario; + static const Init doInit(stdPropsPath); +} diff --git a/ACTK1_0/common/init.hpp b/ACTK1_0/common/init.hpp index d62d096..40df735 100644 --- a/ACTK1_0/common/init.hpp +++ b/ACTK1_0/common/init.hpp @@ -4,5 +4,6 @@ #include void init(const std::string &system_props_file); +void scenario(int which); #endif diff --git a/ACTK1_0/session/TLSSocket.cpp b/ACTK1_0/session/TLSSocket.cpp index e42d26f..2280c63 100644 --- a/ACTK1_0/session/TLSSocket.cpp +++ b/ACTK1_0/session/TLSSocket.cpp @@ -7,6 +7,9 @@ #include #include // htonl +extern char *otePeer; +extern const int tkScenario; + using namespace std; TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host, @@ -38,21 +41,26 @@ TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host, throw e; } - // Common name - char cn[256]; - X509 *peer = SSL_get_peer_certificate(ssl); - X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256); - commonName = cn; + if (tkScenario == 1) commonName = otePeer; + else { if ((ret = SSL_get_verify_result(ssl)) != X509_V_OK) - {char why[100]; sprintf(why,"Cert verify fail: %d",ret); + {char why[100]; sprintf(why,"SSL verify result: %d",ret); SSLException e(why, ssl, ret); SSL_shutdown(ssl); throw e; } + // Common name + char cn[256]; + X509 *peer = SSL_get_peer_certificate(ssl); + X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256); + commonName = cn; + X509_free(peer); + + } // scenario 1 } TLSSocket::~TLSSocket() diff --git a/AusRegCliever/include/ausRegTK.h b/AusRegCliever/include/ausRegTK.h index f231360..f88aca0 100644 --- a/AusRegCliever/include/ausRegTK.h +++ b/AusRegCliever/include/ausRegTK.h @@ -5,6 +5,10 @@ class ausRegEPPTK { friend class masterDaemon; + public: int tkScenario; + // See the Toolkit Overview. At this level supposedly it can do everything. + + ausRegEPPTK() { tkScenario = 0; } bool didInit(const std::string propertiesFilePath); diff --git a/AusRegCliever/include/mdcommon.h b/AusRegCliever/include/mdcommon.h index 906913e..98e19c1 100644 --- a/AusRegCliever/include/mdcommon.h +++ b/AusRegCliever/include/mdcommon.h @@ -60,6 +60,7 @@ using namespace std; using boost::asio::ip::udp; +#define MAX_SCENARIO 1 // defined by increasing assumption of control from TK #define MAX_AC 1 #define MAX_CLIENTS 1 #define MAX_CLIEVER 10 diff --git a/AusRegCliever/server/mdAusReg.cpp b/AusRegCliever/server/mdAusReg.cpp index 483aba8..3e8f9fe 100644 --- a/AusRegCliever/server/mdAusReg.cpp +++ b/AusRegCliever/server/mdAusReg.cpp @@ -4,18 +4,32 @@ bool ausRegEPPTK::didInit(const std::string propPath) { - bool did=false;; + bool did=false; - try { +getPeerService: + switch(tkScenario) { + case 0: + try { init( propPath ); did = true; - - } - catch(std::exception &e) { - - } - + } + catch(std::exception &e) { + theseLogs->logN(1,"Scenario Zero TK Exception: %s .",e.what()); + } + if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; } + break; + case 1: // Our first level of implementation, allow an insecure partially authenticated TLS Session. + try { + scenario( tkScenario ); + did = true; + } + catch(std::exception &e) { + theseLogs->logN(1,"Scenario One TK Exception: %s .",e.what()); + } + if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; } + break; + } return did; }