dbuspolicy_serializer_LDADD = src/libinternal.a \
$(CYNARA_LIBS) \
$(DLOG_LIBS) \
- -lexpat
+ -lexpat \
+ -lcrypto
EXTRA_dbuspolicy_serializer_DEPENDENCIES = ${top_srcdir}/src/libdbuspolicy1.sym
bin_PROGRAMS = dbuspolicy-serializer dbuspolicy-printer
dbuspolicy_printerdir = /bin/
+dist_bin_SCRIPTS = src/dbuspolicy-verifier
+
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = src/libdbuspolicy1.pc
EXTRA_DIST += src/libdbuspolicy1.pc.in
StandardInput=null
StandardOutput=kmsg+console
StandardError=kmsg+console
-ExecStart=/usr/bin/dbuspolicy-serializer -j --system
-ExecStart=/usr/bin/dbuspolicy-serializer -j --session
+ExecStart=/usr/bin/dbuspolicy-verifier --system --session
ExecStartPost=/bin/systemctl isolate graphical.target
%package serializer
Summary: Tool to serialize dbus policy
+BuildRequires: libopenssl-devel libopenssl
%package assert-data-valid
Requires: %{name}-serializer
%license LICENSE.APACHE2.0
%{_unitdir}/libdbuspolicy-verify-data.target
%{_unitdir}/libdbuspolicy-verify-data.service
+%{_bindir}/dbuspolicy-verifier
%if 0%{?enable_doxygen:1}
%files doc
--- /dev/null
+#!/bin/sh
+
+set -e
+
+FNAME=
+
+if [ -z "$1" ]
+then
+ echo 'Usage: $0 {--system|--session|serialized_file_name}'
+ exit 1
+fi
+
+while [ -n "$1" ]
+do
+ if [ "$1" == "--system" ]
+ then
+ FNAME=/usr/share/dbus-1/system.conf.serialized
+ elif [ "$1" == "--session" ]
+ then
+ FNAME=/usr/share/dbus-1/session.conf.serialized
+ else
+ FNAME=$1
+ fi
+
+ echo Verifying SHA1...
+ sha1sum -c $FNAME.sha1
+ echo Verifying FlatBuffers structure...
+ dbuspolicy-printer $1 -v
+ shift
+done
static void print_help(const char *name) {
cout << endl;
- cout << "usage: " << name << " [-i input_filename]" << endl;
- cout << " " << name << " {--system|--session}" << endl;
+ cout << "usage: " << name << " [-i input_filename] [-v]" << endl;
+ cout << " " << name << " {--system|--session} [-v]" << endl;
+ cout << " -v - just verify, don't print anything" << endl;
cout << endl;
}
int main(int argc, char *argv[]) {
std::string input_filename;
int c;
+ bool just_verify = false;
if (argc < 2) {
print_help(argv[0]);
- return 1;
+ return EXIT_FAILURE;
}
while (1) {
int option_index;
- c = getopt_long(argc, argv, "i:", options, &option_index);
+ c = getopt_long(argc, argv, "i:v", options, &option_index);
if (c == -1)
break;
case 'i':
input_filename = optarg;
break;
- case '?':
+ case 'v':
+ just_verify = true;
break;
+ case '?':
+ print_help(argv[0]);
+ return EXIT_FAILURE;
}
- if (!input_filename.empty())
- break;
}
+ if (optind < argc)
+ input_filename = argv[optind];
+
if (input_filename.empty()) {
cout << "No input filename" << endl;
print_help(argv[0]);
- return 1;
+ return EXIT_FAILURE;
}
tslog::init(tslog::ldp_log_level::DEFAULT);
ldp_serialized::StorageBackendSerialized storage;
- if (!storage.init(input_filename.c_str(), true))
- return 1;
+ if (!storage.init(input_filename.c_str(), true)) {
+ if (just_verify)
+ cout << input_filename << ": FAILED" << endl;
+ return EXIT_FAILURE;
+ }
+
+ if (just_verify) {
+ cout << input_filename << ": OK" << endl;
+ return EXIT_SUCCESS;
+ }
storage.printContent();
- return 0;
+ return EXIT_SUCCESS;
}
#include <getopt.h>
#include <algorithm>
+#include <iomanip>
#include <iostream>
#include <fstream>
#include <sstream>
#include "dbuspolicy1/libdbuspolicy1.h"
#include "libdbuspolicy1-private.h"
+#include <openssl/sha.h>
+
using namespace std;
static const struct option options[] = {
output.str().begin());
}
cout << output_filename << " is " << (ok ? "valid and up to date" : "not updated or invalid") << endl;
- return ok ? 0 : 1;
+ return ok ? EXIT_SUCCESS : EXIT_FAILURE;
}
int main(int argc, char *argv[])
input_filename = argv[optind];
} else {
print_help(argv[0]);
- return 1;
+ return EXIT_FAILURE;
}
}
ldp_xml_parser::Serializer serializer;
ofstream output(output_filename, ofstream::binary);
- serializer.serialize(input_filename, output);
+ uint8_t *data = serializer.serialize(input_filename, output);
+
+ if (output.fail()) {
+ cout << "Write FAILED." << endl;
+ return EXIT_FAILURE;
+ }
cout << "Write " << output.tellp() << " bytes" << endl;
- return 0;
+ array<unsigned char, SHA_DIGEST_LENGTH> digest;
+ string sha1_filename = output_filename + ".sha1";
+ ofstream output_sha1(sha1_filename);
+
+ SHA1(data, output.tellp(), digest.data());
+
+ output_sha1 << hex;
+ for_each(digest.begin(), digest.end(), [&](uint16_t c) { output_sha1 << setw(2) << setfill('0') << c; });
+ output_sha1 << " *" << output_filename << endl;
+
+ cout << "SHA1 written to " << sha1_filename << endl;
+
+ return EXIT_SUCCESS;
}
return serialize(xmlStorage, size);
}
-void Serializer::serialize(const std::string config_path, std::ostream &output) {
+uint8_t *Serializer::serialize(const std::string config_path, std::ostream &output) {
size_t size;
uint8_t *buf = serialize(config_path, size);
output.write(reinterpret_cast<char *>(buf), size);
+ return buf;
}
template <typename T>
public:
uint8_t *serialize(const ldp_xml::StorageBackendXML &db, size_t &size);
uint8_t *serialize(const std::string config_path, size_t &size);
- void serialize(const std::string config_path, std::ostream &output);
+ uint8_t *serialize(const std::string config_path, std::ostream &output);
friend class SerializerTests;
};
}