From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 24 Nov 2011 13:36:10 +0000 (+0100)
Subject: attest can query components
X-Git-Tag: 4.6.2~157
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6b55276a94823ea1e9750762131098bbcb834505;p=thirdparty%2Fstrongswan.git

attest can query components
---

diff --git a/src/libimcv/plugins/imv_attestation/Makefile.am b/src/libimcv/plugins/imv_attestation/Makefile.am
index f90fe2ab04..a550a35520 100644
--- a/src/libimcv/plugins/imv_attestation/Makefile.am
+++ b/src/libimcv/plugins/imv_attestation/Makefile.am
@@ -27,7 +27,7 @@ attest_SOURCES = attest.c \
 	attest_db.h attest_db.c \
 	tables.sql data.sql
 attest_LDADD = \
-	$(top_builddir)/src/libpts/libpts.la \
 	$(top_builddir)/src/libimcv/libimcv.la \
+	$(top_builddir)/src/libpts/libpts.la \
 	$(top_builddir)/src/libstrongswan/libstrongswan.la
 attest.o :	$(top_builddir)/config.status
diff --git a/src/libimcv/plugins/imv_attestation/attest.c b/src/libimcv/plugins/imv_attestation/attest.c
index 30563364ca..aa8d1f7974 100644
--- a/src/libimcv/plugins/imv_attestation/attest.c
+++ b/src/libimcv/plugins/imv_attestation/attest.c
@@ -19,14 +19,63 @@
 #include <stdio.h>
 #include <string.h>
 #include <errno.h>
+#include <syslog.h>
 
 #include <library.h>
+#include <debug.h>
 
+#include <imcv.h>
+#include <libpts.h>
 #include <pts/pts_meas_algo.h>
 
 #include "attest_db.h"
 #include "attest_usage.h"
 
+/**
+ * global debug output variables
+ */
+static int debug_level = 0;
+static bool stderr_quiet = TRUE;
+
+/**
+ * attest dbg function
+ */
+static void attest_dbg(debug_t group, level_t level, char *fmt, ...)
+{
+	int priority = LOG_INFO;
+	char buffer[8192];
+	char *current = buffer, *next;
+	va_list args;
+
+	if (level <= debug_level)
+	{
+		if (!stderr_quiet)
+		{
+			va_start(args, fmt);
+			vfprintf(stderr, fmt, args);
+			fprintf(stderr, "\n");
+			va_end(args);
+		}
+
+		/* write in memory buffer first */
+		va_start(args, fmt);
+		vsnprintf(buffer, sizeof(buffer), fmt, args);
+		va_end(args);
+
+		/* do a syslog with every line */
+		while (current)
+		{
+			next = strchr(current, '\n');
+			if (next)
+			{
+				*(next++) = '\0';
+			}
+			syslog(priority, "%s\n", current);
+			current = next;
+		}
+	}
+}
+
 /**
  * global attestation database object
  */
@@ -46,6 +95,7 @@ static void do_args(int argc, char *argv[])
 		OP_UNDEF,
 		OP_USAGE,
 		OP_FILES,
+		OP_COMPONENTS,
 		OP_PRODUCTS,
 		OP_HASHES,
 		OP_ADD,
@@ -61,6 +111,7 @@ static void do_args(int argc, char *argv[])
 
 		struct option long_opts[] = {
 			{ "help", no_argument, NULL, 'h' },
+			{ "components", no_argument, NULL, 'c' },
 			{ "files", no_argument, NULL, 'f' },
 			{ "products", no_argument, NULL, 'p' },
 			{ "hashes", no_argument, NULL, 'H' },
@@ -93,6 +144,9 @@ static void do_args(int argc, char *argv[])
 			case 'h':
 				op = OP_USAGE;
 				break;
+			case 'c':
+				op = OP_COMPONENTS;
+				continue;
 			case 'f':
 				op = OP_FILES;
 				continue;
@@ -180,6 +234,9 @@ static void do_args(int argc, char *argv[])
 		case OP_PRODUCTS:
 			attest->list_products(attest);
 			break;
+		case OP_COMPONENTS:
+			attest->list_components(attest);
+			break;
 		case OP_FILES:
 			attest->list_files(attest);
 			break;
@@ -205,6 +262,10 @@ int main(int argc, char *argv[])
 {
 	char *uri;
 
+	/* enable attest debugging hook */
+	dbg = attest_dbg;
+	openlog("attest", 0, LOG_DEBUG);
+
 	atexit(library_deinit);
 
 	/* initialize library */
@@ -230,9 +291,15 @@ int main(int argc, char *argv[])
 		exit(SS_RC_INITIALIZATION_FAILED);
 	}
 	atexit(cleanup);
+	libimcv_init();
+	libpts_init();
 
 	do_args(argc, argv);
 
+	libpts_deinit();
+	libimcv_deinit();
+	closelog();
+
 	exit(EXIT_SUCCESS);
 }
 
diff --git a/src/libimcv/plugins/imv_attestation/attest_db.c b/src/libimcv/plugins/imv_attestation/attest_db.c
index 7a01ef1640..e730d26bc6 100644
--- a/src/libimcv/plugins/imv_attestation/attest_db.c
+++ b/src/libimcv/plugins/imv_attestation/attest_db.c
@@ -15,6 +15,9 @@
 
 #include "attest_db.h"
 
+#include "libpts.h"
+#include "pts/components/pts_comp_func_name.h"
+
 typedef struct private_attest_db_t private_attest_db_t;
 
 /**
@@ -318,6 +321,62 @@ METHOD(attest_db_t, set_algo, void,
 	this->algo = algo;
 }
 
+METHOD(attest_db_t, list_components, void,
+	private_attest_db_t *this)
+{
+	enumerator_t *e;
+	enum_name_t *names, *types;
+	pts_comp_func_name_t *cfn;
+	int type, cid, vid, name, qualifier, count = 0;
+	char flags[8];
+
+	if (this->pid)
+	{
+		e = this->db->query(this->db,
+				"SELECT c.id, c.vendor_id, c.name, c.qualifier "
+				"FROM components AS c "
+				"JOIN product_component AS pc ON c.id = pc.component "
+				"WHERE pc.product = ? ORDER BY c.vendor_id, c.name, c.qualifier",
+				DB_INT, this->pid, DB_INT, DB_INT, DB_INT, DB_INT);
+	}
+	else
+	{
+		e = this->db->query(this->db,
+				"SELECT id, vendor_id, name, qualifier FROM components "
+				"ORDER BY vendor_id, name, qualifier",
+				DB_INT, DB_INT, DB_INT, DB_INT);
+	}
+	if (e)
+	{
+		while (e->enumerate(e, &cid, &vid, &name, &qualifier))
+		{
+			printf("%3d: 0x%06x/0x%08x-0x%02x", cid, vid, name, qualifier);
+
+			cfn   = pts_comp_func_name_create(vid, name, qualifier);
+			names = pts_components->get_comp_func_names(pts_components, vid);
+			types = pts_components->get_qualifier_type_names(pts_components, vid);
+			type =  pts_components->get_qualifier(pts_components, cfn, flags);
+			if (names && types)
+			{
+				printf(" %N '%N' [%s] '%N'", pen_names, vid, names, name, flags,
+											types, type);
+			}
+			printf("\n");
+			cfn->destroy(cfn);
+
+			count++;
+		}
+		e->destroy(e);
+
+		printf("%d component%s found", count, (count == 1) ? "" : "s");
+		if (this->product)
+		{
+			printf(" for product '%s'", this->product);
+		}
+		printf("\n");
+	}
+}
+
 METHOD(attest_db_t, list_files, void,
 	private_attest_db_t *this)
 {
@@ -383,7 +442,7 @@ METHOD(attest_db_t, list_products, void,
 	{
 		while (e->enumerate(e, &pid, &product))
 		{
-			printf("%3d:  %s\n", pid, product);
+			printf("%3d: %s\n", pid, product);
 			count++;
 		}
 		e->destroy(e);
@@ -647,6 +706,7 @@ attest_db_t *attest_db_create(char *uri)
 			.set_algo = _set_algo,
 			.list_products = _list_products,
 			.list_files = _list_files,
+			.list_components = _list_components,
 			.list_hashes = _list_hashes,
 			.add = _add,
 			.delete = _delete,
diff --git a/src/libimcv/plugins/imv_attestation/attest_db.h b/src/libimcv/plugins/imv_attestation/attest_db.h
index 990297eb20..8eab3536fb 100644
--- a/src/libimcv/plugins/imv_attestation/attest_db.h
+++ b/src/libimcv/plugins/imv_attestation/attest_db.h
@@ -101,6 +101,11 @@ struct attest_db_t {
 	 */
 	void (*list_files)(attest_db_t *this);
 
+	/**
+	 * List all components stored in the database
+	 */
+	void (*list_components)(attest_db_t *this);
+
 	/**
 	 * List selected measurement hashes stored in the database
 	 */
diff --git a/src/libimcv/plugins/imv_attestation/attest_usage.c b/src/libimcv/plugins/imv_attestation/attest_usage.c
index 32d175483a..629d93771f 100644
--- a/src/libimcv/plugins/imv_attestation/attest_usage.c
+++ b/src/libimcv/plugins/imv_attestation/attest_usage.c
@@ -24,12 +24,16 @@ void usage(void)
 {
 	printf("\
 Usage:\n\
-  ipsec attest --files|--products|--hashes [options]\n\
+  ipsec attest --files|--components|--products|--hashes [options]\n\
   \n\
   ipsec attest --files [--product <name>|--pid <id>]\n\
     Show a list of files with a software product name or\n\
     its primary key as an optional selector.\n\
   \n\
+  ipsec attest --components [--product <name>|--pid <id>]\n\
+    Show a list of components with a software product name or\n\
+    its primary key as an optional selector.\n\
+  \n\
   ipsec attest --products [--file <path>|--fid <id>]\n\
     Show a list of supported software products with a file path or\n\
     its primary key as an optional selector.\n\