attest can query components
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 24 Nov 2011 13:36:10 +0000 (14:36 +0100)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 20:23:59 +0000 (21:23 +0100)
src/libimcv/plugins/imv_attestation/Makefile.am
src/libimcv/plugins/imv_attestation/attest.c
src/libimcv/plugins/imv_attestation/attest_db.c
src/libimcv/plugins/imv_attestation/attest_db.h
src/libimcv/plugins/imv_attestation/attest_usage.c

index f90fe2a..a550a35 100644 (file)
@@ -27,7 +27,7 @@ attest_SOURCES = attest.c \
        attest_db.h attest_db.c \
        tables.sql data.sql
 attest_LDADD = \
-       $(top_builddir)/src/libpts/libpts.la \
        $(top_builddir)/src/libimcv/libimcv.la \
+       $(top_builddir)/src/libpts/libpts.la \
        $(top_builddir)/src/libstrongswan/libstrongswan.la
 attest.o :     $(top_builddir)/config.status
index 3056336..aa8d1f7 100644 (file)
 #include <stdio.h>
 #include <string.h>
 #include <errno.h>
+#include <syslog.h>
 
 #include <library.h>
+#include <debug.h>
 
+#include <imcv.h>
+#include <libpts.h>
 #include <pts/pts_meas_algo.h>
 
 #include "attest_db.h"
 #include "attest_usage.h"
 
 /**
+ * global debug output variables
+ */
+static int debug_level = 0;
+static bool stderr_quiet = TRUE;
+
+/**
+ * attest dbg function
+ */
+static void attest_dbg(debug_t group, level_t level, char *fmt, ...)
+{
+       int priority = LOG_INFO;
+       char buffer[8192];
+       char *current = buffer, *next;
+       va_list args;
+
+       if (level <= debug_level)
+       {
+               if (!stderr_quiet)
+               {
+                       va_start(args, fmt);
+                       vfprintf(stderr, fmt, args);
+                       fprintf(stderr, "\n");
+                       va_end(args);
+               }
+
+               /* write in memory buffer first */
+               va_start(args, fmt);
+               vsnprintf(buffer, sizeof(buffer), fmt, args);
+               va_end(args);
+
+               /* do a syslog with every line */
+               while (current)
+               {
+                       next = strchr(current, '\n');
+                       if (next)
+                       {
+                               *(next++) = '\0';
+                       }
+                       syslog(priority, "%s\n", current);
+                       current = next;
+               }
+       }
+}
+
+/**
  * global attestation database object
  */
 attest_db_t *attest;
@@ -46,6 +95,7 @@ static void do_args(int argc, char *argv[])
                OP_UNDEF,
                OP_USAGE,
                OP_FILES,
+               OP_COMPONENTS,
                OP_PRODUCTS,
                OP_HASHES,
                OP_ADD,
@@ -61,6 +111,7 @@ static void do_args(int argc, char *argv[])
 
                struct option long_opts[] = {
                        { "help", no_argument, NULL, 'h' },
+                       { "components", no_argument, NULL, 'c' },
                        { "files", no_argument, NULL, 'f' },
                        { "products", no_argument, NULL, 'p' },
                        { "hashes", no_argument, NULL, 'H' },
@@ -93,6 +144,9 @@ static void do_args(int argc, char *argv[])
                        case 'h':
                                op = OP_USAGE;
                                break;
+                       case 'c':
+                               op = OP_COMPONENTS;
+                               continue;
                        case 'f':
                                op = OP_FILES;
                                continue;
@@ -180,6 +234,9 @@ static void do_args(int argc, char *argv[])
                case OP_PRODUCTS:
                        attest->list_products(attest);
                        break;
+               case OP_COMPONENTS:
+                       attest->list_components(attest);
+                       break;
                case OP_FILES:
                        attest->list_files(attest);
                        break;
@@ -205,6 +262,10 @@ int main(int argc, char *argv[])
 {
        char *uri;
 
+       /* enable attest debugging hook */
+       dbg = attest_dbg;
+       openlog("attest", 0, LOG_DEBUG);
+
        atexit(library_deinit);
 
        /* initialize library */
@@ -230,9 +291,15 @@ int main(int argc, char *argv[])
                exit(SS_RC_INITIALIZATION_FAILED);
        }
        atexit(cleanup);
+       libimcv_init();
+       libpts_init();
 
        do_args(argc, argv);
 
+       libpts_deinit();
+       libimcv_deinit();
+       closelog();
+
        exit(EXIT_SUCCESS);
 }
 
index 7a01ef1..e730d26 100644 (file)
@@ -15,6 +15,9 @@
 
 #include "attest_db.h"
 
+#include "libpts.h"
+#include "pts/components/pts_comp_func_name.h"
+
 typedef struct private_attest_db_t private_attest_db_t;
 
 /**
@@ -318,6 +321,62 @@ METHOD(attest_db_t, set_algo, void,
        this->algo = algo;
 }
 
+METHOD(attest_db_t, list_components, void,
+       private_attest_db_t *this)
+{
+       enumerator_t *e;
+       enum_name_t *names, *types;
+       pts_comp_func_name_t *cfn;
+       int type, cid, vid, name, qualifier, count = 0;
+       char flags[8];
+
+       if (this->pid)
+       {
+               e = this->db->query(this->db,
+                               "SELECT c.id, c.vendor_id, c.name, c.qualifier "
+                               "FROM components AS c "
+                               "JOIN product_component AS pc ON c.id = pc.component "
+                               "WHERE pc.product = ? ORDER BY c.vendor_id, c.name, c.qualifier",
+                               DB_INT, this->pid, DB_INT, DB_INT, DB_INT, DB_INT);
+       }
+       else
+       {
+               e = this->db->query(this->db,
+                               "SELECT id, vendor_id, name, qualifier FROM components "
+                               "ORDER BY vendor_id, name, qualifier",
+                               DB_INT, DB_INT, DB_INT, DB_INT);
+       }
+       if (e)
+       {
+               while (e->enumerate(e, &cid, &vid, &name, &qualifier))
+               {
+                       printf("%3d: 0x%06x/0x%08x-0x%02x", cid, vid, name, qualifier);
+
+                       cfn   = pts_comp_func_name_create(vid, name, qualifier);
+                       names = pts_components->get_comp_func_names(pts_components, vid);
+                       types = pts_components->get_qualifier_type_names(pts_components, vid);
+                       type =  pts_components->get_qualifier(pts_components, cfn, flags);
+                       if (names && types)
+                       {
+                               printf(" %N '%N' [%s] '%N'", pen_names, vid, names, name, flags,
+                                                                                       types, type);
+                       }
+                       printf("\n");
+                       cfn->destroy(cfn);
+
+                       count++;
+               }
+               e->destroy(e);
+
+               printf("%d component%s found", count, (count == 1) ? "" : "s");
+               if (this->product)
+               {
+                       printf(" for product '%s'", this->product);
+               }
+               printf("\n");
+       }
+}
+
 METHOD(attest_db_t, list_files, void,
        private_attest_db_t *this)
 {
@@ -383,7 +442,7 @@ METHOD(attest_db_t, list_products, void,
        {
                while (e->enumerate(e, &pid, &product))
                {
-                       printf("%3d:  %s\n", pid, product);
+                       printf("%3d: %s\n", pid, product);
                        count++;
                }
                e->destroy(e);
@@ -647,6 +706,7 @@ attest_db_t *attest_db_create(char *uri)
                        .set_algo = _set_algo,
                        .list_products = _list_products,
                        .list_files = _list_files,
+                       .list_components = _list_components,
                        .list_hashes = _list_hashes,
                        .add = _add,
                        .delete = _delete,
index 990297e..8eab353 100644 (file)
@@ -102,6 +102,11 @@ struct attest_db_t {
        void (*list_files)(attest_db_t *this);
 
        /**
+        * List all components stored in the database
+        */
+       void (*list_components)(attest_db_t *this);
+
+       /**
         * List selected measurement hashes stored in the database
         */
        void (*list_hashes)(attest_db_t *this);
index 32d1754..629d937 100644 (file)
@@ -24,12 +24,16 @@ void usage(void)
 {
        printf("\
 Usage:\n\
-  ipsec attest --files|--products|--hashes [options]\n\
+  ipsec attest --files|--components|--products|--hashes [options]\n\
   \n\
   ipsec attest --files [--product <name>|--pid <id>]\n\
     Show a list of files with a software product name or\n\
     its primary key as an optional selector.\n\
   \n\
+  ipsec attest --components [--product <name>|--pid <id>]\n\
+    Show a list of components with a software product name or\n\
+    its primary key as an optional selector.\n\
+  \n\
   ipsec attest --products [--file <path>|--fid <id>]\n\
     Show a list of supported software products with a file path or\n\
     its primary key as an optional selector.\n\