security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2025-01-24 20:37:27 +01:00
Code Issues Releases Wiki Activity

first (kind of) working version \o/

Browse Source
This commit is contained in:
kakwa 2016-08-31 00:09:17 +02:00
parent 00c91df4cf
commit f5d3f66031
3 changed files with 28 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/rfc3161.h
View File

@ -30,7 +30,7 @@ static int reply_command(CONF *conf, char *section, char *engine, char *query,
int text); int text);
static TS_RESP *read_PKCS7(BIO *in_bio); static TS_RESP *read_PKCS7(BIO *in_bio);
int create_response(rfc3161_context *ct, char *query, int query_len, int create_response(rfc3161_context *ct, char *query, int query_len,
TS_RESP_CTX *resp_ctx, int *resp_size, TS_RESP_CTX *resp_ctx, size_t *resp_size,
unsigned char **resp); unsigned char **resp);
static ASN1_INTEGER *serial_cb(TS_RESP_CTX *ctx, void *data); static ASN1_INTEGER *serial_cb(TS_RESP_CTX *ctx, void *data);
static ASN1_INTEGER *next_serial(const char *serialfile); static ASN1_INTEGER *next_serial(const char *serialfile);

13
src/lib/http.c
View File

@ -82,8 +82,8 @@ int rfc3161_handler(struct mg_connection *conn, void *context) {
is_tsq = 1; is_tsq = 1;
} }
unsigned char *content; unsigned char *content = NULL;
int content_length = 0; size_t content_length = 0;
// Send HTTP reply to the client // Send HTTP reply to the client
if (is_tsq) { if (is_tsq) {
@ -96,16 +96,17 @@ int rfc3161_handler(struct mg_connection *conn, void *context) {
int ts_resp = create_response(ct, query, query_len, ct->ts_ctx, int ts_resp = create_response(ct, query, query_len, ct->ts_ctx,
&content_length, &content); &content_length, &content);
if (ts_resp) { if (ts_resp) {
log_hex(ct, LOG_DEBUG, "response hexdump content", content,
content_length);
mg_printf(conn, mg_printf(conn,
"HTTP/1.1 200 OK\r\n" "HTTP/1.1 200 OK\r\n"
"Content-Type: application/timestamp-reply\r\n" "Content-Type: application/timestamp-reply\r\n"
"Content-Length: %d\r\n" // Always set Content-Length "Content-Length: %d\r\n" // Always set Content-Length
"\r\n", "\r\n",
content_length); (int)content_length);
mg_write(conn, content, content_length); mg_write(conn, content, content_length);
// free(content); log_hex(ct, LOG_DEBUG, "response hexdump content", content,
content_length);
free(content);
} else { } else {
mg_printf(conn, mg_printf(conn,
"HTTP/1.1 500 OK\r\n" "HTTP/1.1 500 OK\r\n"

31
src/lib/rfc3161.c
View File

@ -290,7 +290,7 @@ end:
} }
int create_response(rfc3161_context *ct, char *query, int query_len, int create_response(rfc3161_context *ct, char *query, int query_len,
TS_RESP_CTX *resp_ctx, int *resp_size, TS_RESP_CTX *resp_ctx, size_t *resp_size,
unsigned char **resp) { unsigned char **resp) {
int ret = 0; int ret = 0;
TS_RESP *ts_response = NULL; TS_RESP *ts_response = NULL;
@ -309,19 +309,19 @@ int create_response(rfc3161_context *ct, char *query, int query_len,
uts_logger(ct, LOG_ERR, "failed to create ts response"); uts_logger(ct, LOG_ERR, "failed to create ts response");
goto end; goto end;
} }
*resp_size = i2d_TS_RESP(ts_response, NULL);
*resp = calloc(*resp_size, sizeof(char));
i2d_TS_RESP(ts_response, resp); FILE * stream = open_memstream((char **)resp, (size_t *)resp_size);
ret = i2d_TS_RESP_fp(stream, ts_response);
fflush(stream);
fclose(stream);
ret = 1; ret = 1;
end: end:
if (!ret) {
TS_RESP_free(ts_response);
}
BIO_free_all(query_bio); BIO_free_all(query_bio);
TS_STATUS_INFO_print_bio(status_bio, ts_response->status_info);
// recover some status and error messages
BUF_MEM *bptr; BUF_MEM *bptr;
TS_STATUS_INFO_print_bio(status_bio, ts_response->status_info);
BIO_get_mem_ptr(status_bio, &bptr); BIO_get_mem_ptr(status_bio, &bptr);
// replacing '\n' by '|' to log on one line only // replacing '\n' by '|' to log on one line only
@ -329,32 +329,41 @@ end:
while ((temp = strstr(bptr->data, "\n")) != NULL) { while ((temp = strstr(bptr->data, "\n")) != NULL) {
temp[0] = '|'; temp[0] = '|';
} }
uts_logger(ct, LOG_DEBUG, "TimeStamp OpenSSL status: |%s", bptr->data);
BUF_MEM_free(bptr);
long status = ASN1_INTEGER_get(ts_response->status_info->status); long status = ASN1_INTEGER_get(ts_response->status_info->status);
switch (status) { switch (status) {
case TS_STATUS_GRANTED: case TS_STATUS_GRANTED:
uts_logger(ct, LOG_INFO, "timestamp request granted"); uts_logger(ct, LOG_INFO, "timestamp request granted");
ret = 1;
break; break;
case TS_STATUS_GRANTED_WITH_MODS: case TS_STATUS_GRANTED_WITH_MODS:
uts_logger(ct, LOG_NOTICE, uts_logger(ct, LOG_NOTICE,
"timestamp request granted with modification"); "timestamp request granted with modification");
ret = 1;
break; break;
case TS_STATUS_REJECTION: case TS_STATUS_REJECTION:
uts_logger(ct, LOG_WARNING, "timestamp request rejected"); uts_logger(ct, LOG_WARNING, "timestamp request rejected");
ret = 0;
break; break;
case TS_STATUS_WAITING: case TS_STATUS_WAITING:
uts_logger(ct, LOG_NOTICE, "timestamp request waiting"); uts_logger(ct, LOG_NOTICE, "timestamp request waiting");
ret = 0;
break; break;
case TS_STATUS_REVOCATION_WARNING: case TS_STATUS_REVOCATION_WARNING:
uts_logger(ct, LOG_WARNING, "timestamp request revocation warning"); uts_logger(ct, LOG_WARNING, "timestamp request revocation warning");
ret = 0;
break; break;
case TS_STATUS_REVOCATION_NOTIFICATION: case TS_STATUS_REVOCATION_NOTIFICATION:
uts_logger(ct, LOG_NOTICE, "timestamp request revovation notification"); uts_logger(ct, LOG_NOTICE, "timestamp request revovation notification");
ret = 0;
break; break;
default: default:
uts_logger(ct, LOG_ERR, "unknown error code '%d'", status); uts_logger(ct, LOG_ERR, "unknown error code '%d'", status);
ret = 0;
} }
uts_logger(ct, LOG_DEBUG, "TimeStamp OpenSSL status: |%s", bptr->data);
while ((err_code = ERR_get_error())) { while ((err_code = ERR_get_error())) {
if (err_code_prev != err_code) { if (err_code_prev != err_code) {
@ -367,8 +376,8 @@ end:
} }
err_code_prev = err_code; err_code_prev = err_code;
} }
// TS_TST_INFO_free(tst_info); //BIO_free_all(status_bio);
BIO_free(status_bio); TS_RESP_free(ts_response);
return ret; return ret;
} }