1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
/*************************************************************************
> File Name: cert_init.c
> Author: fengweihao
> Mail:
> Created Time: Fri 01 Jun 2018 12:06:01 AM PDT
************************************************************************/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "rt_string.h"
#include "rt_common.h"
#include "rt_file.h"
#include "cert_conf.h"
#include "logging.h"
#include "MESA_prof_load.h"
struct config_bucket_t certConfig = {
.thread_nu = 1,
.expire_after = 30,
.ca_path = "./cert/mesalab-ca.pem",
.uninsec_path = "./cert/mesalab-ca-untrust.pem",
.addr_t = {9995, 6379, "0.0.0.0", 0, 6379, "0.0.0.0"},
};
struct config_bucket_t *cert_default_config()
{
return &certConfig;
}
static int load_system_config(char *config)
{
int xret = -1;
struct config_bucket_t *rte = cert_default_config();
xret = MESA_load_profile_uint_nodef(config, "CONFIG", "thread-nu", &(rte->thread_nu));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the number of running threads failed");
}
xret = MESA_load_profile_uint_nodef(config, "CONFIG", "expire_after", &(rte->expire_after));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the number of valid time failed");
}
xret = MESA_load_profile_string_nodef(config, "CONFIG", "ca_path", rte->ca_path, 128);
if (xret <0 && rt_file_exsit(rte->ca_path)){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the ca path failed or the (%s) does not exist",
rte->ca_path);
goto finish;
}
xret = MESA_load_profile_uint_nodef(config, "CONFIG", "local_debug", &(rte->local_debug));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the number of local_debug failed");
}
xret = MESA_load_profile_string_nodef(config, "CONFIG", "untrusted_ca_path", rte->uninsec_path, 128);
if (xret <0 && rt_file_exsit(rte->uninsec_path)){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the untrusted ca path failed or the (%s) does not exist",
rte->ca_path);
goto finish;
}
finish:
return xret;
}
static int load_module_config(char *config)
{
int xret = -1;
struct config_bucket_t *rte = cert_default_config();
xret = MESA_load_profile_short_nodef(config, "LIBEVENT", "port", (short *)&(rte->addr_t.e_port));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Libevent Port invalid");
goto finish;
}
xret = MESA_load_profile_string_nodef(config, "MAAT_REDIS", "ip", rte->addr_t.maat_ip, 16);
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Maat redis ip invalid");
goto finish;
}
xret = MESA_load_profile_short_nodef(config, "MAAT_REDIS", "port", (short *)&(rte->addr_t.maat_port));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Maat redis port invalid");
goto finish;
}
xret = MESA_load_profile_short_nodef(config, "MAAT_REDIS", "dbindex", (short *)&(rte->addr_t.dbindex));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Maat redis dbindex invalid");
goto finish;
}
xret = MESA_load_profile_string_nodef(config, "CERTSTORE_REDIS", "ip", rte->addr_t.store_ip, 16);
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Certsotre redis ip invalid");
goto finish;
}
xret = MESA_load_profile_short_nodef(config, "CERTSTORE_REDIS", "port", (short *)&(rte->addr_t.store_port));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Certsotre redis port invalid");
goto finish;
}
finish:
return xret;
}
static int load_maat_config(char *config)
{
int xret = -1;
struct ntc_maat_t *maat_t = &cert_default_config()->maat_t;
xret = MESA_load_profile_uint_nodef(config, "NTC_MAAT", "maat_json_switch", &(maat_t->maat_json_switch));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the number of running threads failed");
}
xret = MESA_load_profile_string_nodef(config, "NTC_MAAT", "table_info", maat_t->info_path, 128);
if (xret < 0 && !rt_file_exsit( maat_t->info_path)){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the table info failed or the (%s) does not exist",
maat_t->info_path);
goto finish;
}
if (maat_t->maat_json_switch == 1){
xret = MESA_load_profile_string_nodef(config, "NTC_MAAT", "pxy_obj_keyring", maat_t->pxy_path, 128);
if (xret < 0 && !rt_file_exsit(maat_t->pxy_path)){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the pxy obj keyring failed or the (%s) does not exist",
maat_t->pxy_path);
goto finish;
}
}
if (maat_t->maat_json_switch == 0){
xret = MESA_load_profile_uint_nodef(config, "NTC_MAAT", "effective_interval", &(maat_t->effective_interval_s));
if (xret < 0){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Reading the interval of scan failed");
}
xret = MESA_load_profile_string_nodef(config, "NTC_MAAT", "inc_cfg_dir", maat_t->inc_cfg_dir, 128);
if (xret < 0 && !rt_file_exsit( maat_t->inc_cfg_dir)){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the table info failed or the (%s) does not exist",
maat_t->inc_cfg_dir);
goto finish;
}
xret = MESA_load_profile_string_nodef(config, "NTC_MAAT", "full_cfg_dir", maat_t->full_cfg_dir, 128);
if (xret < 0 && !rt_file_exsit( maat_t->full_cfg_dir)){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Read the table info failed or the (%s) does not exist",
maat_t->full_cfg_dir);
goto finish;
}
}
finish:
return xret;
}
void cert_init_config(char *config)
{
load_system_config(config);
load_maat_config(config);
load_module_config(config);
}
|
