From 954e9d806b925b6b47e436d5e1f58e15df01dee7 Mon Sep 17 00:00:00 2001 From: Aleksander Zdyb Date: Thu, 31 Jul 2014 16:49:12 +0200 Subject: [PATCH 01/16] Fix build break on DEBUG dbuild type Build was breaking during compilation with DEBUG option. snprintf was dropped and ostringstream is now used. Thanks to that we do no need to cast unw_word_t to void* during printing. To verify this check build with '--define "build_type DEBUG"' flag without and with this commit. Change-Id: I92f7b85873df2ea25c050f5b4949a6c6562535f7 Signed-off-by: Jan Cybulski --- src/common/log/Backtrace.cpp | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/common/log/Backtrace.cpp b/src/common/log/Backtrace.cpp index 36b3c27..ca413b7 100644 --- a/src/common/log/Backtrace.cpp +++ b/src/common/log/Backtrace.cpp @@ -26,6 +26,8 @@ #include #include #include +#include +#include #include #include @@ -55,12 +57,11 @@ void Backtrace::getSourceInfo(unw_word_t proc_address UNUSED) { } const std::string Backtrace::buildBacktrace(void) { - std::string backtrace; + std::ostringstream backtrace; unw_cursor_t cursor; unw_context_t uc; unw_word_t ip, sp; char proc_name[BUFSIZ]; - char btstr[BUFSIZ]; unw_word_t offp; int status; @@ -75,14 +76,15 @@ const std::string Backtrace::buildBacktrace(void) { char *realname = abi::__cxa_demangle(proc_name, 0, 0, &status); getSourceInfo(ip); - snprintf(btstr, sizeof(btstr), "ip = %p, sp = %p, %s, %s:%u\n", - ip, sp, realname ? realname : proc_name, - m_fileName, m_lineNumber); + backtrace << std::hex << "ip = 0x" << ip << ", sp = 0x" << sp + << ", " << (realname ? realname : proc_name) + << ", " << m_fileName + << ":" << std::dec << m_lineNumber << std::endl; + free(realname); - backtrace += btstr; } - return backtrace; + return backtrace.str(); } const std::string Backtrace::getBacktrace(void) { -- 2.7.4 From 4952f2d24d2e8333e468d08595fe4e00fe0dd61b Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Wed, 30 Jul 2014 17:39:10 +0200 Subject: [PATCH 02/16] Remove dependency to security-server Dependencies are relict of first cynara version that used security-server for checking privileges in libprivilege-control database. Change-Id: Iaa61370e048a824e4a5b09975f2349f0f915c847 --- build/cynara-client/cynara-client.pc.in | 2 +- packaging/cynara.spec | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/build/cynara-client/cynara-client.pc.in b/build/cynara-client/cynara-client.pc.in index d958ce6..d81e8ab 100644 --- a/build/cynara-client/cynara-client.pc.in +++ b/build/cynara-client/cynara-client.pc.in @@ -6,6 +6,6 @@ includedir=${prefix}/include Name: cynara-client Description: cynara-client package Version: 0.0.1 -Requires: security-server +Requires: Libs: -L${libdir} -lcynara-client Cflags: -I${includedir}/cynara diff --git a/packaging/cynara.spec b/packaging/cynara.spec index b68e6dc..a872b29 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -37,7 +37,6 @@ Summary: Cynara - client library Requires: cynara = %{version}-%{release} Requires(post): /sbin/ldconfig Requires(postun): /sbin/ldconfig -BuildRequires: pkgconfig(security-server) %description -n libcynara-client client library for checking policies -- 2.7.4 From 0552bff66f450d8fd66dda8ed10444b1150a9e20 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Thu, 17 Jul 2014 14:38:56 +0200 Subject: [PATCH 03/16] Change cache interface and add simple implementations Change CacheInterface so it supports different plugins Implement naive plugin Implement class responsible for getting values from server Change-Id: I8ca21a65ec9b9dfcbc922270d2b1351797bbd92d --- src/client/CMakeLists.txt | 3 +- src/client/cache/CacheInterface.h | 55 +++++++++++---- src/client/cache/CapacityCache.cpp | 135 ++++++++++++++++++++++++++++++++++++ src/client/cache/CapacityCache.h | 69 ++++++++++++++++++ src/client/cache/NaiveInterpreter.h | 49 +++++++++++++ src/client/cache/NoCache.cpp | 39 ----------- src/client/cache/NoCache.h | 56 --------------- src/client/cache/PolicyGetter.cpp | 66 ++++++++++++++++++ src/client/cache/PolicyGetter.h | 54 +++++++++++++++ src/client/logic/Logic.cpp | 67 ++++-------------- src/client/logic/Logic.h | 5 +- src/common/types/PolicyResult.h | 1 + 12 files changed, 434 insertions(+), 165 deletions(-) create mode 100644 src/client/cache/CapacityCache.cpp create mode 100644 src/client/cache/CapacityCache.h create mode 100644 src/client/cache/NaiveInterpreter.h delete mode 100644 src/client/cache/NoCache.cpp delete mode 100644 src/client/cache/NoCache.h create mode 100644 src/client/cache/PolicyGetter.cpp create mode 100644 src/client/cache/PolicyGetter.h diff --git a/src/client/CMakeLists.txt b/src/client/CMakeLists.txt index 72db5f1..4431556 100644 --- a/src/client/CMakeLists.txt +++ b/src/client/CMakeLists.txt @@ -23,7 +23,8 @@ SET(CYNARA_LIB_CYNARA_PATH ${CYNARA_PATH}/client) SET(LIB_CYNARA_SOURCES ${CYNARA_LIB_CYNARA_PATH}/api/client-api.cpp - ${CYNARA_LIB_CYNARA_PATH}/cache/NoCache.cpp + ${CYNARA_LIB_CYNARA_PATH}/cache/CapacityCache.cpp + ${CYNARA_LIB_CYNARA_PATH}/cache/PolicyGetter.cpp ${CYNARA_LIB_CYNARA_PATH}/logic/Logic.cpp ) diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index acfbd7e..22c4cb9 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -16,37 +16,66 @@ /* * @file CacheInterface.h * @author Lukasz Wojciechowski + * @author Zofia Abramowska * @version 1.0 - * @brief This file contains cache interface definition. + * @brief This file contains cache interface definitions. */ #ifndef SRC_CLIENT_CACHE_CACHEINTERFACE_H_ #define SRC_CLIENT_CACHE_CACHEINTERFACE_H_ +#include #include #include +#include #include #include - -#include +#include namespace Cynara { -class CacheInterface; -typedef std::shared_ptr CacheInterfacePtr; +class InterpreterInterface; +typedef std::shared_ptr InterpreterInterfacePtr; + +class PluginCache; +typedef std::shared_ptr PluginCachePtr; + +class ResultGetterInterface; +typedef std::shared_ptr ResultGetterInterfacePtr; + +class ResultGetterInterface { +public: + virtual cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; + virtual ~ResultGetterInterface() = default; +}; + +class InterpreterInterface { +public: + virtual bool isCacheable(const PolicyResult &result) noexcept = 0; + virtual bool isUsable(const PolicyResult &result) noexcept = 0; + virtual cynara_api_result toResult(const PolicyResult &result) noexcept = 0; + + virtual ~InterpreterInterface() = default; +}; -class CacheInterface { +class PluginCache { public: - CacheInterface() = default; - virtual ~CacheInterface() = default; + PluginCache(ResultGetterInterfacePtr getter) : m_getter(getter) {} + virtual cynara_api_result get(const std::string &session, const PolicyKey &key) = 0; + void registerPlugin(const PolicyType policyType, InterpreterInterfacePtr plugin) { + m_plugins[policyType] = plugin; + } + virtual void clear(void) { + m_plugins.clear(); + } + virtual ~PluginCache() = default; - virtual cynara_api_result check(const std::string &session, const PolicyKey &key) = 0; - virtual cynara_api_result updateAndCheck(const std::string &session, const PolicyKey &key, - const PolicyResult &result) = 0; - virtual void clear(void) = 0; +protected: + std::map m_plugins; + ResultGetterInterfacePtr m_getter; }; } // namespace Cynara -#endif /* SRC_CLIENT_CACHE_CACHEINTERFACE_H_ */ +#endif // SRC_CLIENT_CACHE_CACHEINTERFACE_H_ diff --git a/src/client/cache/CapacityCache.cpp b/src/client/cache/CapacityCache.cpp new file mode 100644 index 0000000..6b9f48e --- /dev/null +++ b/src/client/cache/CapacityCache.cpp @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file CapacityCache.cpp + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains capacity cache implementation. + */ + +#include + +#include + +#include + +namespace Cynara { + +cynara_api_result CapacityCache::get(const std::string &session, const PolicyKey &key) { + //This can be very time heavy. This part is welcomed to be optimized. + if (session != m_session) { + LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); + m_keyValue.clear(); + m_keyUsage.clear(); + m_session = session; + } + auto resultIt = m_keyValue.find(keyToString(key)); + //Do we have entry in cache? + if (resultIt == m_keyValue.end()) { + LOGD("No entry for client=%s user=%s privilege=%s.", + key.client().toString().c_str(), + key.user().toString().c_str(), + key.privilege().toString().c_str()); + return update(key); + } else { + LOGD("Entry available for client=%s user=%s privilege=%s", + key.client().toString().c_str(), + key.user().toString().c_str(), + key.privilege().toString().c_str()); + + auto pluginIt = m_plugins.find(resultIt->second.first.policyType()); + if (pluginIt == m_plugins.end()) { + LOGE("No plugin registered for given PolicyType : %" PRIu16, + resultIt->second.first.policyType()); + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } + + //Is it still usable? + InterpreterInterfacePtr plugin = pluginIt->second; + if (plugin->isUsable(resultIt->second.first)) { + LOGD("Entry usable."); + m_keyUsage.splice(m_keyUsage.begin(), m_keyUsage, resultIt->second.second); + return plugin->toResult(resultIt->second.first); + } else { + //remove from list and map and update + LOGD("Entry not usable."); + auto usage_it = resultIt->second.second; + m_keyUsage.erase(usage_it); + m_keyValue.erase(resultIt); + return update(key); + } + } +} + +void CapacityCache::clear(void) { + m_keyUsage.clear(); + m_keyValue.clear(); + m_session.clear(); +} + +std::string CapacityCache::keyToString(const PolicyKey &key) { + const char separator = '\1'; + auto clientStr = key.client().toString(); + auto privilegeStr = key.privilege().toString(); + auto userStr = key.user().toString(); + return clientStr + privilegeStr + userStr + separator + + std::to_string(clientStr.size()) + separator + + std::to_string(privilegeStr.size()) + separator + + std::to_string(userStr.size()); +} + +void CapacityCache::evict(void) { + + auto lastUsedKey = m_keyUsage.back(); + m_keyUsage.pop_back(); + + auto value_it = m_keyValue.find(lastUsedKey); + m_keyValue.erase(value_it); +} + +cynara_api_result CapacityCache::update(const PolicyKey &key) { + cynara_api_result ret; + PolicyResult result; + if ((ret = m_getter->requestResult(key, result)) != cynara_api_result::CYNARA_API_SUCCESS) { + LOGE("Error fetching new entry."); + return ret; + } + LOGD("Fetched new entry."); + auto pluginIt = m_plugins.find(result.policyType()); + + //No registered plugin for returned type of policy + if (pluginIt == m_plugins.end()) { + LOGE("No registered plugin for given PolicyType: %" PRIu16, + result.policyType()); + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } + auto plugin = pluginIt->second; + + if (m_capacity != 0) { + if (plugin->isCacheable(result)) { + LOGD("Entry cacheable"); + if (m_keyValue.size() == m_capacity) { + LOGD("Capacity reached."); + evict(); + } + m_keyUsage.push_front(keyToString(key)); + m_keyValue[keyToString(key)] = std::make_pair(result, m_keyUsage.begin()); + } + } + return plugin->toResult(result); +} + +} // namespace Cynara diff --git a/src/client/cache/CapacityCache.h b/src/client/cache/CapacityCache.h new file mode 100644 index 0000000..b5c4a1f --- /dev/null +++ b/src/client/cache/CapacityCache.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file CapacityCache.h + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains capacity cache header. + */ + +#ifndef SRC_CLIENT_CACHE_CAPACITYCACHE_H_ +#define SRC_CLIENT_CACHE_CAPACITYCACHE_H_ + +#include +#include + +#include + +namespace Cynara { + +class CapacityCache : public PluginCache { +public: + static const std::size_t CACHE_DEFAULT_CAPACITY = 10000; + + CapacityCache(ResultGetterInterfacePtr getter, + std::size_t capacity = CACHE_DEFAULT_CAPACITY) : + PluginCache(getter), + m_capacity(capacity) {} + + cynara_api_result get(const std::string &session, + const PolicyKey &key); + void clear(void); + +private: + typedef std::list KeyUsageList; + typedef std::map> KeyValueMap; + + static std::string keyToString(const PolicyKey &key); + void evict(void); + cynara_api_result update(const PolicyKey &key); + + std::size_t m_capacity; + std::string m_session; + + KeyUsageList m_keyUsage; + KeyValueMap m_keyValue; +}; + +} //namespace Cynara + +#endif // SRC_CLIENT_CACHE_CAPACITYCACHE_H_ + + + + diff --git a/src/client/cache/NaiveInterpreter.h b/src/client/cache/NaiveInterpreter.h new file mode 100644 index 0000000..6b96d4b --- /dev/null +++ b/src/client/cache/NaiveInterpreter.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file NaiveInterpreter.h + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains PolicyType naive interpreter implementation. + */ +#ifndef SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ +#define SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ + +#include +#include + +namespace Cynara { + +class NaiveInterpreter : public InterpreterInterface { + bool isUsable(const PolicyResult &result UNUSED) noexcept { + return true; + } + bool isCacheable(const PolicyResult &result UNUSED) noexcept { + return true; + } + cynara_api_result toResult(const PolicyResult &result) noexcept { + if (result.policyType() == PredefinedPolicyType::ALLOW) + return cynara_api_result::CYNARA_API_SUCCESS; + else + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } +}; + +} // namespace Cynara + +#endif // SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ + + diff --git a/src/client/cache/NoCache.cpp b/src/client/cache/NoCache.cpp deleted file mode 100644 index c9220e3..0000000 --- a/src/client/cache/NoCache.cpp +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file NoCache.cpp - * @author Lukasz Wojciechowski - * @version 1.0 - * @brief This file contains implementation of NoCache class - stub for no-cache version - */ - -#include -#include - -#include "NoCache.h" - -namespace Cynara { - -cynara_api_result NoCache::updateAndCheck(const std::string &session UNUSED, - const PolicyKey &key UNUSED, - const PolicyResult &result) { - if (result.policyType() == PredefinedPolicyType::ALLOW) - return cynara_api_result::CYNARA_API_SUCCESS; - else - return cynara_api_result::CYNARA_API_ACCESS_DENIED; -} - -} // namespace Cynara diff --git a/src/client/cache/NoCache.h b/src/client/cache/NoCache.h deleted file mode 100644 index c4330b1..0000000 --- a/src/client/cache/NoCache.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file NoCache.h - * @author Lukasz Wojciechowski - * @version 1.0 - * @brief This file contains definition of NoCache class - stub for no-cache version - */ - -#ifndef SRC_CLIENT_CACHE_NOCACHE_H_ -#define SRC_CLIENT_CACHE_NOCACHE_H_ - -#include - -#include -#include -#include - -#include -#include - -namespace Cynara { - -class NoCache : public CacheInterface { -public: - NoCache() = default; - virtual ~NoCache() = default; - - virtual cynara_api_result check(const std::string &session UNUSED, - const PolicyKey &key UNUSED) { - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; - } - - virtual cynara_api_result updateAndCheck(const std::string &session, const PolicyKey &key, - const PolicyResult &result); - - virtual void clear(void) { - } -}; - -} // namespace Cynara - -#endif /* SRC_CLIENT_CACHE_NOCACHE_H_ */ diff --git a/src/client/cache/PolicyGetter.cpp b/src/client/cache/PolicyGetter.cpp new file mode 100644 index 0000000..e383f9f --- /dev/null +++ b/src/client/cache/PolicyGetter.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file PolicyGetter.cpp + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains PolicyResult getter class implementation. + */ + +#include + +#include +#include +#include +#include +#include +#include + +#include + +namespace Cynara { + +cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { + ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); + + //Ask cynara service + CheckResponsePtr checkResponse; + try { + RequestPtr request = std::make_shared(key, sequenceNumber); + ResponsePtr response = m_socketClient->askCynaraServer(request); + if (!response) { + LOGW("Disconnected by cynara server."); + return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + } + checkResponse = std::dynamic_pointer_cast(response); + if (!checkResponse) { + LOGC("Critical error. Casting Response to CheckResponse failed."); + return cynara_api_result::CYNARA_API_ACCESS_DENIED; + } + + LOGD("checkResponse: policyType = %" PRIu16 ", metadata = %s", + checkResponse->m_resultRef.policyType(), + checkResponse->m_resultRef.metadata().c_str()); + } catch (const ServerConnectionErrorException &ex) { + LOGE("Cynara service not available."); + return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + } + + result = checkResponse->m_resultRef; + return cynara_api_result::CYNARA_API_SUCCESS; +} + +} // namespace Cynara diff --git a/src/client/cache/PolicyGetter.h b/src/client/cache/PolicyGetter.h new file mode 100644 index 0000000..fec6797 --- /dev/null +++ b/src/client/cache/PolicyGetter.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file PolicyGetter.h + * @author Zofia Abramowska + * @version 1.0 + * @brief This file contains Cynara PolicyResult getter implementation. + */ + +#ifndef SRC_CLIENT_CACHE_POLICYGETTER_H_ +#define SRC_CLIENT_CACHE_POLICYGETTER_H_ + +#include + +#include +#include + + +namespace Cynara { + +class PolicyGetter : public ResultGetterInterface { +public: + PolicyGetter(const SocketClientPtr &socketClient) : m_socketClient(socketClient) {} + cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept; + +private: + ProtocolFrameSequenceNumber generateSequenceNumber(void) { + static ProtocolFrameSequenceNumber sequenceNumber = 0; + return ++sequenceNumber; + } + + SocketClientPtr m_socketClient; +}; + +} //namespace Cynara + +#endif // SRC_CLIENT_CACHE_POLICYGETTER_H_ + + + + diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index ecdf34b..c2d9cb6 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -23,20 +23,14 @@ #include #include -#include -#include -#include #include #include -#include -#include -#include -#include #include #include -#include -#include +#include +#include +#include #include "Logic.h" namespace Cynara { @@ -44,56 +38,25 @@ namespace Cynara { const std::string clientSocketPath("/run/cynara/cynara.socket"); Logic::Logic() { - m_socketClient = std::make_shared(clientSocketPath, - std::make_shared()); - m_cache = std::make_shared(); + m_cache = std::make_shared( + std::make_shared( + std::make_shared(clientSocketPath, + std::make_shared()))); + auto naiveInterpreter = std::make_shared(); + m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter); + m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter); + m_cache->registerPlugin(PredefinedPolicyType::BUCKET, naiveInterpreter); } -ProtocolFrameSequenceNumber generateSequenceNumber(void) { - static ProtocolFrameSequenceNumber sequenceNumber = 0; - return ++sequenceNumber; -} - -cynara_api_result Logic::check(const std::string &client, const std::string &session UNUSED, +cynara_api_result Logic::check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) noexcept { PolicyKey key(client, user, privilege); - auto cacheResponse = m_cache->check(session, key); - if(cacheResponse != cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE) - return cacheResponse; - - ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); - - //Ask cynara service - CheckResponsePtr checkResponse; - try { - RequestPtr request = std::make_shared(key, sequenceNumber); - ResponsePtr response = m_socketClient->askCynaraServer(request); - if (!response) { - LOGW("Disconnected by cynara server."); - onDisconnected(); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; - } - checkResponse = std::dynamic_pointer_cast(response); - if (!checkResponse) { - LOGC("Critical error. Casting Response to CheckResponse failed."); - throw UnexpectedErrorException("Error casting Response to CheckResponse"); - } - - LOGD("checkResponse: policyType = %d, metadata = %s", - (int)checkResponse->m_resultRef.policyType(), - checkResponse->m_resultRef.metadata().c_str()); - } catch (const ServerConnectionErrorException &ex) { - LOGE("Cynara service not available."); + auto ret = m_cache->get(session, key); + if (ret == cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE) onDisconnected(); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; - } catch (const std::exception &ex) { - LOGE("Error during check of privilege: %s", ex.what()); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; - } - - return m_cache->updateAndCheck(session, key, checkResponse->m_resultRef); + return ret; } void Logic::onDisconnected(void) { diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index 06950d8..b2eb486 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -25,8 +25,6 @@ #include -#include - #include #include @@ -34,8 +32,7 @@ namespace Cynara { class Logic : public ApiInterface { private: - SocketClientPtr m_socketClient; - CacheInterfacePtr m_cache; + PluginCachePtr m_cache; void onDisconnected(void); diff --git a/src/common/types/PolicyResult.h b/src/common/types/PolicyResult.h index a8febc2..a9369d8 100644 --- a/src/common/types/PolicyResult.h +++ b/src/common/types/PolicyResult.h @@ -34,6 +34,7 @@ public: typedef std::string PolicyMetadata; public: + PolicyResult() : m_type(PredefinedPolicyType::DENY) {} PolicyResult(const PolicyType &policyType) : m_type(policyType) {} PolicyResult(const PolicyType &policyType, const PolicyMetadata &metadata) : m_type(policyType), m_metadata(metadata) {} -- 2.7.4 From 9adc695c9985c4d8223a877eac8ee1fa8631f64e Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 15:12:14 +0200 Subject: [PATCH 04/16] Change enum to defines in libcynara-client This change makes client API functions compatible with return type. Change-Id: I3973b66e27060dbc4c9374840de5182bde314121 --- src/client/api/ApiInterface.h | 4 ++-- src/client/api/client-api.cpp | 12 ++++++------ src/client/cache/CacheInterface.h | 9 ++++++--- src/client/cache/CapacityCache.cpp | 12 ++++++------ src/client/cache/CapacityCache.h | 5 ++--- src/client/cache/NaiveInterpreter.h | 6 +++--- src/client/cache/PolicyGetter.cpp | 10 +++++----- src/client/cache/PolicyGetter.h | 2 +- src/client/logic/Logic.cpp | 6 +++--- src/client/logic/Logic.h | 4 ++-- src/include/cynara-client.h | 13 +++++-------- 11 files changed, 41 insertions(+), 42 deletions(-) diff --git a/src/client/api/ApiInterface.h b/src/client/api/ApiInterface.h index c9d6daa..f268508 100644 --- a/src/client/api/ApiInterface.h +++ b/src/client/api/ApiInterface.h @@ -33,8 +33,8 @@ public: ApiInterface() = default; virtual ~ApiInterface() = default; - virtual cynara_api_result check(const std::string &client, const std::string &session, - const std::string &user, const std::string &privilege) = 0; + virtual int check(const std::string &client, const std::string &session, + const std::string &user, const std::string &privilege) = 0; }; } // namespace Cynara diff --git a/src/client/api/client-api.cpp b/src/client/api/client-api.cpp index 8b34981..186e043 100644 --- a/src/client/api/client-api.cpp +++ b/src/client/api/client-api.cpp @@ -45,12 +45,12 @@ CYNARA_API int cynara_initialize(cynara **pp_cynara, const cynara_configuration *p_conf UNUSED) { if (!pp_cynara) - return cynara_api_result::CYNARA_API_INVALID_PARAM; + return CYNARA_API_INVALID_PARAM; try { *pp_cynara = new cynara(new Cynara::Logic); } catch (const std::bad_alloc &ex) { - return cynara_api_result::CYNARA_API_OUT_OF_MEMORY; + return CYNARA_API_OUT_OF_MEMORY; } init_log(); @@ -59,7 +59,7 @@ int cynara_initialize(cynara **pp_cynara, const cynara_configuration *p_conf UNU LOGD("Cynara client initialized"); - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; } CYNARA_API @@ -67,7 +67,7 @@ int cynara_finish(cynara *p_cynara) { delete p_cynara; - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; } CYNARA_API @@ -75,9 +75,9 @@ int cynara_check(cynara *p_cynara, const char *client, const char *client_sessio const char *privilege) { if(!p_cynara || !p_cynara->impl) - return cynara_api_result::CYNARA_API_INVALID_PARAM; + return CYNARA_API_INVALID_PARAM; if(!client || !client_session || !user || !privilege) - return cynara_api_result::CYNARA_API_INVALID_PARAM; + return CYNARA_API_INVALID_PARAM; return p_cynara->impl->check(client, client_session, user, privilege); } diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index 22c4cb9..f325a42 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -46,7 +46,7 @@ typedef std::shared_ptr ResultGetterInterfacePtr; class ResultGetterInterface { public: - virtual cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; + virtual int requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; virtual ~ResultGetterInterface() = default; }; @@ -54,7 +54,7 @@ class InterpreterInterface { public: virtual bool isCacheable(const PolicyResult &result) noexcept = 0; virtual bool isUsable(const PolicyResult &result) noexcept = 0; - virtual cynara_api_result toResult(const PolicyResult &result) noexcept = 0; + virtual int toResult(const PolicyResult &result) noexcept = 0; virtual ~InterpreterInterface() = default; }; @@ -62,13 +62,16 @@ public: class PluginCache { public: PluginCache(ResultGetterInterfacePtr getter) : m_getter(getter) {} - virtual cynara_api_result get(const std::string &session, const PolicyKey &key) = 0; + virtual int get(const std::string &session, const PolicyKey &key) = 0; + void registerPlugin(const PolicyType policyType, InterpreterInterfacePtr plugin) { m_plugins[policyType] = plugin; } + virtual void clear(void) { m_plugins.clear(); } + virtual ~PluginCache() = default; protected: diff --git a/src/client/cache/CapacityCache.cpp b/src/client/cache/CapacityCache.cpp index 6b9f48e..f5a3df5 100644 --- a/src/client/cache/CapacityCache.cpp +++ b/src/client/cache/CapacityCache.cpp @@ -28,7 +28,7 @@ namespace Cynara { -cynara_api_result CapacityCache::get(const std::string &session, const PolicyKey &key) { +int CapacityCache::get(const std::string &session, const PolicyKey &key) { //This can be very time heavy. This part is welcomed to be optimized. if (session != m_session) { LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); @@ -54,7 +54,7 @@ cynara_api_result CapacityCache::get(const std::string &session, const PolicyKey if (pluginIt == m_plugins.end()) { LOGE("No plugin registered for given PolicyType : %" PRIu16, resultIt->second.first.policyType()); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } //Is it still usable? @@ -100,10 +100,10 @@ void CapacityCache::evict(void) { m_keyValue.erase(value_it); } -cynara_api_result CapacityCache::update(const PolicyKey &key) { - cynara_api_result ret; +int CapacityCache::update(const PolicyKey &key) { + int ret; PolicyResult result; - if ((ret = m_getter->requestResult(key, result)) != cynara_api_result::CYNARA_API_SUCCESS) { + if ((ret = m_getter->requestResult(key, result)) != CYNARA_API_SUCCESS) { LOGE("Error fetching new entry."); return ret; } @@ -114,7 +114,7 @@ cynara_api_result CapacityCache::update(const PolicyKey &key) { if (pluginIt == m_plugins.end()) { LOGE("No registered plugin for given PolicyType: %" PRIu16, result.policyType()); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } auto plugin = pluginIt->second; diff --git a/src/client/cache/CapacityCache.h b/src/client/cache/CapacityCache.h index b5c4a1f..39ca928 100644 --- a/src/client/cache/CapacityCache.h +++ b/src/client/cache/CapacityCache.h @@ -39,8 +39,7 @@ public: PluginCache(getter), m_capacity(capacity) {} - cynara_api_result get(const std::string &session, - const PolicyKey &key); + int get(const std::string &session, const PolicyKey &key); void clear(void); private: @@ -51,7 +50,7 @@ private: static std::string keyToString(const PolicyKey &key); void evict(void); - cynara_api_result update(const PolicyKey &key); + int update(const PolicyKey &key); std::size_t m_capacity; std::string m_session; diff --git a/src/client/cache/NaiveInterpreter.h b/src/client/cache/NaiveInterpreter.h index 6b96d4b..9ae333f 100644 --- a/src/client/cache/NaiveInterpreter.h +++ b/src/client/cache/NaiveInterpreter.h @@ -34,11 +34,11 @@ class NaiveInterpreter : public InterpreterInterface { bool isCacheable(const PolicyResult &result UNUSED) noexcept { return true; } - cynara_api_result toResult(const PolicyResult &result) noexcept { + int toResult(const PolicyResult &result) noexcept { if (result.policyType() == PredefinedPolicyType::ALLOW) - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; else - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } }; diff --git a/src/client/cache/PolicyGetter.cpp b/src/client/cache/PolicyGetter.cpp index e383f9f..8bf1a39 100644 --- a/src/client/cache/PolicyGetter.cpp +++ b/src/client/cache/PolicyGetter.cpp @@ -33,7 +33,7 @@ namespace Cynara { -cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { +int PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); //Ask cynara service @@ -43,12 +43,12 @@ cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult ResponsePtr response = m_socketClient->askCynaraServer(request); if (!response) { LOGW("Disconnected by cynara server."); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + return CYNARA_API_SERVICE_NOT_AVAILABLE; } checkResponse = std::dynamic_pointer_cast(response); if (!checkResponse) { LOGC("Critical error. Casting Response to CheckResponse failed."); - return cynara_api_result::CYNARA_API_ACCESS_DENIED; + return CYNARA_API_ACCESS_DENIED; } LOGD("checkResponse: policyType = %" PRIu16 ", metadata = %s", @@ -56,11 +56,11 @@ cynara_api_result PolicyGetter::requestResult(const PolicyKey &key, PolicyResult checkResponse->m_resultRef.metadata().c_str()); } catch (const ServerConnectionErrorException &ex) { LOGE("Cynara service not available."); - return cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE; + return CYNARA_API_SERVICE_NOT_AVAILABLE; } result = checkResponse->m_resultRef; - return cynara_api_result::CYNARA_API_SUCCESS; + return CYNARA_API_SUCCESS; } } // namespace Cynara diff --git a/src/client/cache/PolicyGetter.h b/src/client/cache/PolicyGetter.h index fec6797..c653887 100644 --- a/src/client/cache/PolicyGetter.h +++ b/src/client/cache/PolicyGetter.h @@ -34,7 +34,7 @@ namespace Cynara { class PolicyGetter : public ResultGetterInterface { public: PolicyGetter(const SocketClientPtr &socketClient) : m_socketClient(socketClient) {} - cynara_api_result requestResult(const PolicyKey &key, PolicyResult &result) noexcept; + int requestResult(const PolicyKey &key, PolicyResult &result) noexcept; private: ProtocolFrameSequenceNumber generateSequenceNumber(void) { diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index c2d9cb6..b3492ff 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -48,13 +48,13 @@ Logic::Logic() { m_cache->registerPlugin(PredefinedPolicyType::BUCKET, naiveInterpreter); } -cynara_api_result Logic::check(const std::string &client, const std::string &session, - const std::string &user, const std::string &privilege) noexcept +int Logic::check(const std::string &client, const std::string &session, const std::string &user, + const std::string &privilege) noexcept { PolicyKey key(client, user, privilege); auto ret = m_cache->get(session, key); - if (ret == cynara_api_result::CYNARA_API_SERVICE_NOT_AVAILABLE) + if (ret == CYNARA_API_SERVICE_NOT_AVAILABLE) onDisconnected(); return ret; } diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index b2eb486..34ec54c 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -40,8 +40,8 @@ public: Logic(); virtual ~Logic() = default; - virtual cynara_api_result check(const std::string &client, const std::string &session, - const std::string &user, const std::string &privilege) noexcept; + virtual int check(const std::string &client, const std::string &session, + const std::string &user, const std::string &privilege) noexcept; }; } // namespace Cynara diff --git a/src/include/cynara-client.h b/src/include/cynara-client.h index 3ceeaa6..f984966 100644 --- a/src/include/cynara-client.h +++ b/src/include/cynara-client.h @@ -31,23 +31,20 @@ * @{ */ -enum cynara_api_result -{ /*! \brief indicating the result of the one specific API is successful or access is allowed */ - CYNARA_API_SUCCESS, +#define CYNARA_API_SUCCESS 0 /*! \brief indicating that access that was checked is denied */ - CYNARA_API_ACCESS_DENIED, +#define CYNARA_API_ACCESS_DENIED -1 /*! \brief indicating system is running out of memory state */ - CYNARA_API_OUT_OF_MEMORY, +#define CYNARA_API_OUT_OF_MEMORY -2 /*! \brief indicating the API's parameter is malformed */ - CYNARA_API_INVALID_PARAM, +#define CYNARA_API_INVALID_PARAM -3 /*! \brief service not available */ - CYNARA_API_SERVICE_NOT_AVAILABLE -}; +#define CYNARA_API_SERVICE_NOT_AVAILABLE -4 /** @}*/ #ifdef __cplusplus -- 2.7.4 From 4824525a4f51b6217cb682b4bd65b64010ab44b0 Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 16:33:17 +0200 Subject: [PATCH 05/16] Add disconnectAllClients() function in SocketManager Function disconnects all clients connected to client interface socket. Boolean field m_client and accessor methods are added to Descriptor class to distinguish client connections from other. Change-Id: Ic3cc382fa3056153e25df05ed8c0eba2872adf7f --- src/service/sockets/Descriptor.cpp | 3 ++- src/service/sockets/Descriptor.h | 9 +++++++++ src/service/sockets/SocketManager.cpp | 33 ++++++++++++++++++++++----------- src/service/sockets/SocketManager.h | 7 +++++-- 4 files changed, 38 insertions(+), 14 deletions(-) diff --git a/src/service/sockets/Descriptor.cpp b/src/service/sockets/Descriptor.cpp index f58d28e..df7ddb4 100644 --- a/src/service/sockets/Descriptor.cpp +++ b/src/service/sockets/Descriptor.cpp @@ -24,7 +24,7 @@ namespace Cynara { -Descriptor::Descriptor() : m_listen(false), m_used(false), m_protocol(nullptr) { +Descriptor::Descriptor() : m_listen(false), m_used(false), m_client(false), m_protocol(nullptr) { } bool Descriptor::hasDataToWrite(void) const { @@ -56,6 +56,7 @@ RawBuffer &Descriptor::prepareWriteBuffer(void) { void Descriptor::clear(void) { m_listen = false; m_used = false; + m_client = false; m_readQueue.clear(); m_writeQueue.clear(); m_writeBuffer.clear(); diff --git a/src/service/sockets/Descriptor.h b/src/service/sockets/Descriptor.h index b49ef03..be9e62a 100644 --- a/src/service/sockets/Descriptor.h +++ b/src/service/sockets/Descriptor.h @@ -37,6 +37,7 @@ class Descriptor { private: bool m_listen; bool m_used; + bool m_client; BinaryQueue m_readQueue; BinaryQueue m_writeQueue; @@ -55,6 +56,10 @@ public: return m_used; } + bool isClient(void) const { + return m_client; + } + bool hasDataToWrite(void) const; const ProtocolPtr protocol(void) const { @@ -79,6 +84,10 @@ public: m_used = used; } + void setClient(bool client) { + m_client = client; + } + void pushReadBuffer(const RawBuffer &readbuffer); RequestPtr extractRequest(void); diff --git a/src/service/sockets/SocketManager.cpp b/src/service/sockets/SocketManager.cpp index 55edc02..0c269af 100644 --- a/src/service/sockets/SocketManager.cpp +++ b/src/service/sockets/SocketManager.cpp @@ -74,8 +74,9 @@ void SocketManager::init(void) { const mode_t clientSocketUMask(0); const mode_t adminSocketUMask(0077); - createDomainSocket(std::make_shared(), clientSocketPath, clientSocketUMask); - createDomainSocket(std::make_shared(), adminSocketPath, adminSocketUMask); + createDomainSocket(std::make_shared(), clientSocketPath, clientSocketUMask, + true); + createDomainSocket(std::make_shared(), adminSocketPath, adminSocketUMask, false); createSignalSocket(std::make_shared()); LOGI("SocketManger init done"); } @@ -192,18 +193,18 @@ void SocketManager::readyForAccept(int fd) { LOGD("SocketManger readyForAccept on fd [%d] start", fd); struct sockaddr_un clientAddr; unsigned int clientLen = sizeof(clientAddr); - int client = accept4(fd, (struct sockaddr*) &clientAddr, &clientLen, SOCK_NONBLOCK); - if (client == -1) { + int clientFd = accept4(fd, (struct sockaddr*) &clientAddr, &clientLen, SOCK_NONBLOCK); + if (clientFd == -1) { int err = errno; LOGW("Error in accept on socket [%d]: <%s>", fd, strerror(err)); return; } - LOGD("Accept on sock [%d]. New client socket opened [%d]", fd, client); + LOGD("Accept on sock [%d]. New client socket opened [%d]", fd, clientFd); - auto &desc = createDescriptor(client); + auto &desc = createDescriptor(clientFd, m_fds[fd].isClient()); desc.setListen(false); desc.setProtocol(m_fds[fd].protocol()->clone()); - addReadSocket(client); + addReadSocket(clientFd); LOGD("SocketManger readyForAccept on fd [%d] done", fd); } @@ -243,12 +244,13 @@ bool SocketManager::handleRead(int fd, const RawBuffer &readbuffer) { return true; } -void SocketManager::createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask) { +void SocketManager::createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask, + bool client) { int fd = getSocketFromSystemD(path); if (fd == -1) fd = createDomainSocketHelp(path, mask); - auto &desc = createDescriptor(fd); + auto &desc = createDescriptor(fd, client); desc.setListen(true); desc.setProtocol(protocol); addReadSocket(fd); @@ -349,7 +351,7 @@ void SocketManager::createSignalSocket(ProtocolPtr protocol) { return; } - auto &desc = createDescriptor(fd); + auto &desc = createDescriptor(fd, false); desc.setListen(false); desc.setProtocol(protocol); addReadSocket(fd); @@ -357,7 +359,7 @@ void SocketManager::createSignalSocket(ProtocolPtr protocol) { LOGD("Signal socket: [%d] added.", fd); } -Descriptor &SocketManager::createDescriptor(int fd) { +Descriptor &SocketManager::createDescriptor(int fd, bool client) { if (fd > m_maxDesc) { m_maxDesc = fd; if (fd >= static_cast(m_fds.size())) @@ -365,6 +367,7 @@ Descriptor &SocketManager::createDescriptor(int fd) { } auto &desc = m_fds[fd]; desc.setUsed(true); + desc.setClient(client); return desc; } @@ -388,4 +391,12 @@ RequestTakerPtr SocketManager::requestTaker(void) { return std::static_pointer_cast(m_logic); } +void SocketManager::disconnectAllClients(void) { + for(int i = 0; i <= m_maxDesc; ++i) { + auto &desc = m_fds[i]; + if(desc.isUsed() && desc.isClient() && !desc.isListen()) + closeSocket(i); + } +} + } // namespace Cynara diff --git a/src/service/sockets/SocketManager.h b/src/service/sockets/SocketManager.h index ae0906b..6154322 100644 --- a/src/service/sockets/SocketManager.h +++ b/src/service/sockets/SocketManager.h @@ -54,6 +54,8 @@ public: m_logic.reset(); } + void disconnectAllClients(void); + private: LogicPtr m_logic; @@ -75,12 +77,13 @@ private: void closeSocket(int fd); bool handleRead(int fd, const RawBuffer &readbuffer); - void createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask); + void createDomainSocket(ProtocolPtr protocol, const std::string &path, mode_t mask, + bool client); static int createDomainSocketHelp(const std::string &path, mode_t mask); static int getSocketFromSystemD(const std::string &path); void createSignalSocket(ProtocolPtr protocol); - Descriptor &createDescriptor(int fd); + Descriptor &createDescriptor(int fd, bool client); void addReadSocket(int fd); void removeReadSocket(int fd); -- 2.7.4 From 235aab099e043f219a2b1605eeed96a823e4c12d Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 16:36:13 +0200 Subject: [PATCH 06/16] Disconnect all clients from cynara when policy rules change All actions that should be run when cynara policies change are grouped in onPoliciesChanged() function. Change-Id: I30687fc35258b448fcccc2d54955b57d8cbc82af --- src/service/logic/Logic.cpp | 12 +++++++++--- src/service/logic/Logic.h | 1 + 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/service/logic/Logic.cpp b/src/service/logic/Logic.cpp index 739add2..377bcce 100644 --- a/src/service/logic/Logic.cpp +++ b/src/service/logic/Logic.cpp @@ -91,7 +91,7 @@ bool Logic::check(RequestContextPtr context UNUSED, const PolicyKey &key, void Logic::execute(RequestContextPtr context, InsertOrUpdateBucketRequestPtr request) { m_storage->addOrUpdateBucket(request->bucketId(), request->result()); - m_storage->save(); + onPoliciesChanged(); context->returnResponse(context, std::make_shared(CodeResponse::Code::OK, request->sequenceNumber())); @@ -101,7 +101,7 @@ void Logic::execute(RequestContextPtr context, RemoveBucketRequestPtr request) { auto code = CodeResponse::Code::OK; try { m_storage->deleteBucket(request->bucketId()); - m_storage->save(); + onPoliciesChanged(); } catch (const BucketNotExistsException &ex) { code = CodeResponse::Code::NO_BUCKET; } catch (const DefaultBucketDeletionException &ex) { @@ -116,7 +116,7 @@ void Logic::execute(RequestContextPtr context, SetPoliciesRequestPtr request) { try { m_storage->insertPolicies(request->policiesToBeInsertedOrUpdated()); m_storage->deletePolicies(request->policiesToBeRemoved()); - m_storage->save(); + onPoliciesChanged(); } catch (const BucketNotExistsException &ex) { code = CodeResponse::Code::NO_BUCKET; } @@ -124,4 +124,10 @@ void Logic::execute(RequestContextPtr context, SetPoliciesRequestPtr request) { request->sequenceNumber())); } +void Logic::onPoliciesChanged(void) { + m_storage->save(); + m_socketManager->disconnectAllClients(); + //todo remove all saved contexts (if there will be any saved contexts) +} + } // namespace Cynara diff --git a/src/service/logic/Logic.h b/src/service/logic/Logic.h index e21419a..4e8a476 100644 --- a/src/service/logic/Logic.h +++ b/src/service/logic/Logic.h @@ -62,6 +62,7 @@ private: bool check(RequestContextPtr context, const PolicyKey &key, PolicyResult& result); + void onPoliciesChanged(void); }; } // namespace Cynara -- 2.7.4 From cc514ea58727ba22576eb567acb2a70ba01b58ec Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 17:35:49 +0200 Subject: [PATCH 07/16] Check if connection to cynara is valid Change-Id: I1a406ce6aa092cc75f452493ec22996e675a57ea --- src/client/logic/Logic.cpp | 9 +++++---- src/client/logic/Logic.h | 3 +++ src/common/sockets/Socket.cpp | 26 +++++++++++++++++++++++++- src/common/sockets/Socket.h | 5 +++++ src/common/sockets/SocketClient.cpp | 6 +++++- src/common/sockets/SocketClient.h | 2 ++ 6 files changed, 45 insertions(+), 6 deletions(-) diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index b3492ff..dbdcf36 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -38,10 +38,8 @@ namespace Cynara { const std::string clientSocketPath("/run/cynara/cynara.socket"); Logic::Logic() { - m_cache = std::make_shared( - std::make_shared( - std::make_shared(clientSocketPath, - std::make_shared()))); + m_socket = std::make_shared(clientSocketPath, std::make_shared()); + m_cache = std::make_shared(std::make_shared(m_socket)); auto naiveInterpreter = std::make_shared(); m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter); m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter); @@ -53,6 +51,9 @@ int Logic::check(const std::string &client, const std::string &session, const st { PolicyKey key(client, user, privilege); + if (!m_socket->isConnected()) + onDisconnected(); + auto ret = m_cache->get(session, key); if (ret == CYNARA_API_SERVICE_NOT_AVAILABLE) onDisconnected(); diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index 34ec54c..e9f2c23 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -25,6 +25,8 @@ #include +#include + #include #include @@ -33,6 +35,7 @@ namespace Cynara { class Logic : public ApiInterface { private: PluginCachePtr m_cache; + SocketClientPtr m_socket; void onDisconnected(void); diff --git a/src/common/sockets/Socket.cpp b/src/common/sockets/Socket.cpp index e666262..c61134a 100644 --- a/src/common/sockets/Socket.cpp +++ b/src/common/sockets/Socket.cpp @@ -203,7 +203,7 @@ bool Socket::sendToServer(BinaryQueue &queue) { return true; } -bool Socket::receiveFromServer(BinaryQueue &queue) +bool Socket::waitAndReceiveFromServer(BinaryQueue &queue) { if (!waitForSocket(POLLIN)) { LOGE("Error in poll(POLLIN)"); @@ -228,4 +228,28 @@ bool Socket::receiveFromServer(BinaryQueue &queue) return true; } +bool Socket::receiveFromServer(BinaryQueue &queue) +{ + RawBuffer readBuffer(BUFSIZ); + ssize_t size = TEMP_FAILURE_RETRY(read(m_sock, readBuffer.data(), BUFSIZ)); + + if (size == -1) { + int err = errno; + if (err == EAGAIN) { + LOGD("is connected, but no data available"); + return true; + } + LOGE("'read' function error [%d] : <%s>", err, strerror(err)); + throw UnexpectedErrorException(err, strerror(err)); + } + + if (size == 0) { + LOGW("read return 0 / Connection closed by server."); + return false; + } + queue.appendCopy(readBuffer.data(), size); + + return true; +} + } // namespace Cynara diff --git a/src/common/sockets/Socket.h b/src/common/sockets/Socket.h index 7ea8c61..2754142 100644 --- a/src/common/sockets/Socket.h +++ b/src/common/sockets/Socket.h @@ -71,6 +71,11 @@ public: //returns false if connection was lost //throws ServerConnectionErrorException if cannot connect server (or timeout) //throws other exceptions in critical situations + bool waitAndReceiveFromServer(BinaryQueue &queue); + + //returns true if data was successfully read from server + //returns false if connection was lost + //throws other exceptions in critical situations bool receiveFromServer(BinaryQueue &queue); }; diff --git a/src/common/sockets/SocketClient.cpp b/src/common/sockets/SocketClient.cpp index 6eff9f5..d9de1f8 100644 --- a/src/common/sockets/SocketClient.cpp +++ b/src/common/sockets/SocketClient.cpp @@ -52,7 +52,7 @@ ResponsePtr SocketClient::askCynaraServer(RequestPtr request) { // receive response from cynara while (true) { - if (!m_socket.receiveFromServer(m_readQueue)) { + if (!m_socket.waitAndReceiveFromServer(m_readQueue)) { LOGW("Error receiving response from Cynara. Service not available."); return nullptr; } @@ -63,4 +63,8 @@ ResponsePtr SocketClient::askCynaraServer(RequestPtr request) { } } +bool SocketClient::isConnected(void) { + return m_socket.isConnected() && m_socket.receiveFromServer(m_readQueue); +} + } // namespace Cynara diff --git a/src/common/sockets/SocketClient.h b/src/common/sockets/SocketClient.h index 04f0436..fae5ba3 100644 --- a/src/common/sockets/SocketClient.h +++ b/src/common/sockets/SocketClient.h @@ -51,6 +51,8 @@ public: //returns pointer to response // or nullptr when connection to cynara service is lost ResponsePtr askCynaraServer(RequestPtr request); + + bool isConnected(void); }; } // namespace Cynara -- 2.7.4 From 5b42c327b0f752ebc009ba866db6a7e639287b2a Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Thu, 31 Jul 2014 18:13:37 +0200 Subject: [PATCH 08/16] Handle SIGPIPE more elegant way Remove SIGPIPE ignoring in libraries. Use send with MSG_NOSIGNAL instead of write in libraries Socket classes. Change-Id: I2876d0ae80a21c7e2e3314f718c974cb7a1d389f --- src/admin/api/admin-api.cpp | 3 --- src/client/api/client-api.cpp | 3 --- src/common/CMakeLists.txt | 1 - src/common/sockets/Socket.cpp | 4 ++-- src/common/system/signals.cpp | 41 ----------------------------------------- src/common/system/signals.h | 30 ------------------------------ 6 files changed, 2 insertions(+), 80 deletions(-) delete mode 100644 src/common/system/signals.cpp delete mode 100644 src/common/system/signals.h diff --git a/src/admin/api/admin-api.cpp b/src/admin/api/admin-api.cpp index 3c72744..d6e6a12 100644 --- a/src/admin/api/admin-api.cpp +++ b/src/admin/api/admin-api.cpp @@ -27,7 +27,6 @@ #include #include -#include #include #include #include @@ -62,8 +61,6 @@ int cynara_admin_initialize(struct cynara_admin **pp_cynara_admin) { init_log(); - ignore_sigpipe(); - LOGD("Cynara admin initialized"); return CYNARA_ADMIN_API_SUCCESS; diff --git a/src/client/api/client-api.cpp b/src/client/api/client-api.cpp index 186e043..b6f139f 100644 --- a/src/client/api/client-api.cpp +++ b/src/client/api/client-api.cpp @@ -25,7 +25,6 @@ #include #include -#include #include #include @@ -55,8 +54,6 @@ int cynara_initialize(cynara **pp_cynara, const cynara_configuration *p_conf UNU init_log(); - ignore_sigpipe(); - LOGD("Cynara client initialized"); return CYNARA_API_SUCCESS; diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index 5f25aea..aef2ae7 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -42,7 +42,6 @@ SET(COMMON_SOURCES ${COMMON_PATH}/response/ResponseTaker.cpp ${COMMON_PATH}/sockets/Socket.cpp ${COMMON_PATH}/sockets/SocketClient.cpp - ${COMMON_PATH}/system/signals.cpp ${COMMON_PATH}/types/PolicyBucket.cpp ${COMMON_PATH}/types/PolicyKey.cpp ${COMMON_PATH}/types/PolicyKeyHelpers.cpp diff --git a/src/common/sockets/Socket.cpp b/src/common/sockets/Socket.cpp index c61134a..1c5ac3c 100644 --- a/src/common/sockets/Socket.cpp +++ b/src/common/sockets/Socket.cpp @@ -182,8 +182,8 @@ bool Socket::sendToServer(BinaryQueue &queue) { LOGE("Error in poll(POLLOUT)"); throw ServerConnectionErrorException(); } - ssize_t t = TEMP_FAILURE_RETRY(write(m_sock, buffer.data() + done, - buffer.size() - done)); + ssize_t t = TEMP_FAILURE_RETRY(send(m_sock, buffer.data() + done, + buffer.size() - done, MSG_NOSIGNAL)); if (t == -1) { int err = errno; if (err == EPIPE) { diff --git a/src/common/system/signals.cpp b/src/common/system/signals.cpp deleted file mode 100644 index 6d74f4b..0000000 --- a/src/common/system/signals.cpp +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Lukasz Wojciechowski - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file signals.cpp - * @author Adam Malinowski - * @version 1.0 - * @brief Implementation of signal related functions - */ - -#include -#include - -#include - -#include "signals.h" - -void ignore_sigpipe(void) -{ - struct sigaction act; - - memset(&act, 0, sizeof(act)); - act.sa_handler = SIG_IGN; - - if (sigaction(SIGPIPE, &act, NULL)) - LOGE("sigaction failed during setting SIGPIPE handler to ignore"); -} diff --git a/src/common/system/signals.h b/src/common/system/signals.h deleted file mode 100644 index ef21ebb..0000000 --- a/src/common/system/signals.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Lukasz Wojciechowski - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file signals.h - * @author Adam Malinowski - * @version 1.0 - * @brief Declaration of signal related functions - */ - -#ifndef SRC_COMMON_SYSTEM_SIGNALS_H_ -#define SRC_COMMON_SYSTEM_SIGNALS_H_ - -void ignore_sigpipe(void); - -#endif /* SRC_COMMON_SYSTEM_SIGNALS_H_ */ -- 2.7.4 From 7155f2d34363ac078c093fad920adc1bdeb28390 Mon Sep 17 00:00:00 2001 From: Aleksander Zdyb Date: Fri, 1 Aug 2014 09:45:16 +0200 Subject: [PATCH 09/16] Disallow pointing to nonexistent buckets Storage::insertPolicies() now cares, if bucket pointed by inserted policies exists. Change-Id: I113de2ead6ae17d18eb9a5928ef0181bee2f67d3 --- src/service/storage/Storage.cpp | 19 ++++++++++++++++ test/storage/storage/policies.cpp | 46 ++++++++++++++++++++++++++++++++++----- 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/src/service/storage/Storage.cpp b/src/service/storage/Storage.cpp index f8e7b8a..7f92c34 100644 --- a/src/service/storage/Storage.cpp +++ b/src/service/storage/Storage.cpp @@ -24,6 +24,7 @@ #include #include +#include #include "exceptions/DefaultBucketDeletionException.h" #include #include @@ -79,6 +80,24 @@ PolicyResult Storage::minimalPolicy(const PolicyBucket &bucket, const PolicyKey } void Storage::insertPolicies(const std::map> &policiesByBucketId) { + + auto pointedBucketExists = [this] (const Policy &policy) -> void { + if (policy.result().policyType() == PredefinedPolicyType::BUCKET) { + const auto &bucketId = policy.result().metadata(); + if (m_backend.hasBucket(bucketId) == false) { + throw BucketNotExistsException(bucketId); + } + } + }; + + // TODO: Rewrite, when transactions are supported + // Check if all of buckets exist + for (const auto &group : policiesByBucketId) { + const auto &policies = group.second; + std::for_each(policies.cbegin(), policies.cend(), pointedBucketExists); + } + + // Then insert policies for (const auto &group : policiesByBucketId) { const PolicyBucketId &bucketId = group.first; const auto &policies = group.second; diff --git a/test/storage/storage/policies.cpp b/test/storage/storage/policies.cpp index fbe40fa..54e0455 100644 --- a/test/storage/storage/policies.cpp +++ b/test/storage/storage/policies.cpp @@ -28,6 +28,7 @@ #include #include +#include #include #include #include @@ -78,6 +79,10 @@ TEST(storage, deleteBucketWithLinkedPolicies) { TEST(storage, insertPolicies) { using ::testing::Pointee; using ::testing::Return; + using PredefinedPolicyType::ALLOW; + using PredefinedPolicyType::BUCKET; + using PredefinedPolicyType::DENY; + FakeStorageBackend backend; Storage storage(backend); @@ -86,22 +91,24 @@ TEST(storage, insertPolicies) { typedef std::pair> BucketPolicyPair; - auto createPolicy = [] (const std::string &keySuffix, const PolicyType &type) -> Policy { - return Policy(Helpers::generatePolicyKey(keySuffix), type); + auto createPolicy = [] (const std::string &keySuffix, const PolicyResult &result) -> Policy { + return Policy(Helpers::generatePolicyKey(keySuffix), result); }; std::map> policiesToInsert = { BucketPolicyPair(testBucket1, { - createPolicy("1", PredefinedPolicyType::ALLOW), - createPolicy("2", PredefinedPolicyType::DENY), - createPolicy("3", PredefinedPolicyType::DENY) + createPolicy("1", ALLOW), + createPolicy("2", DENY), + createPolicy("3", DENY) }), BucketPolicyPair(testBucket2, { - createPolicy("4", PredefinedPolicyType::ALLOW), + createPolicy("4", { BUCKET, testBucket1 }), createPolicy("5", PredefinedPolicyType::ALLOW) }) }; + EXPECT_CALL(backend, hasBucket(testBucket1)).WillOnce(Return(true)); + for (const auto &group : policiesToInsert) { const auto &bucketId = group.first; const auto &policies = group.second; @@ -113,3 +120,30 @@ TEST(storage, insertPolicies) { storage.insertPolicies(policiesToInsert); } + +TEST(storage, insertPointingToNonexistentBucket) { + using ::testing::Pointee; + using ::testing::Return; + FakeStorageBackend backend; + Storage storage(backend); + + PolicyBucketId testBucketId = "test-bucket-1"; + PolicyBucketId nonexistentBucketId = "nonexistent"; + + typedef std::pair> BucketPolicyPair; + + auto createPolicy = [] (const std::string &keySuffix, const PolicyResult &result) -> Policy { + return Policy(Helpers::generatePolicyKey(keySuffix), result); + }; + + std::map> policiesToInsert = { + BucketPolicyPair(testBucketId, { + createPolicy("1", { PredefinedPolicyType::DENY }), + createPolicy("2", { PredefinedPolicyType::BUCKET, nonexistentBucketId }), + }), + }; + + EXPECT_CALL(backend, hasBucket(nonexistentBucketId)).WillOnce(Return(false)); + + ASSERT_THROW(storage.insertPolicies(policiesToInsert), BucketNotExistsException); +} -- 2.7.4 From 69d41ab34958afe806bf8673f55af47f670b681f Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Fri, 1 Aug 2014 12:29:02 +0200 Subject: [PATCH 10/16] Release version 0.2.0 Change-Id: Ied0ad56182536bbd0012bc3bf68f7ec3ea1dcc6f --- packaging/cynara.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index a872b29..a3d82f0 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -1,6 +1,6 @@ Name: cynara Summary: Cynara service with client libraries -Version: 0.1.0 +Version: 0.2.0 Release: 1 Group: Security/Access Control License: Apache-2.0 -- 2.7.4 From f32215d2aeff3b2c24d801690d2ae60e442bf75f Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 13:39:33 +0200 Subject: [PATCH 11/16] Fix format string concatenating in log message Change-Id: I945ca6a4fcc80ff83415b285b761369356757e6a --- src/common/protocol/ProtocolAdmin.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/protocol/ProtocolAdmin.cpp b/src/common/protocol/ProtocolAdmin.cpp index 1a6ff67..a42f8fc 100644 --- a/src/common/protocol/ProtocolAdmin.cpp +++ b/src/common/protocol/ProtocolAdmin.cpp @@ -213,7 +213,7 @@ void ProtocolAdmin::execute(RequestContextPtr context, RemoveBucketRequestPtr re } void ProtocolAdmin::execute(RequestContextPtr context, SetPoliciesRequestPtr request) { - LOGD("Serializing SetPoliciesRequestPtr: sequenceNumber [%u], insertOrUpdate count [%zu]", + LOGD("Serializing SetPoliciesRequestPtr: sequenceNumber [%u], insertOrUpdate count [%zu], " "remove count [%zu]", static_cast(request->sequenceNumber()), request->policiesToBeInsertedOrUpdated().size(), request->policiesToBeRemoved().size()); -- 2.7.4 From 24815d050799b0f46a9caeee8aedaefa033489a2 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 13:43:17 +0200 Subject: [PATCH 12/16] Add missing include in InMemoryStorageBackend.cpp file Change-Id: I82e40449ce7f797d656482af39749d6879298860 --- src/service/storage/InMemoryStorageBackend.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/service/storage/InMemoryStorageBackend.cpp b/src/service/storage/InMemoryStorageBackend.cpp index e46e485..dc802e2 100644 --- a/src/service/storage/InMemoryStorageBackend.cpp +++ b/src/service/storage/InMemoryStorageBackend.cpp @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include -- 2.7.4 From 629833fb521b7b61ab2c4cbb8a1b5930acfbd645 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 14:02:20 +0200 Subject: [PATCH 13/16] Change member initialization This change is needed by other compilers to build without error. Change-Id: I38826a3c72fed96f948ad1b1eaf9735bd3f5b99f --- src/service/storage/InMemoryStorageBackend.cpp | 2 ++ src/service/storage/InMemoryStorageBackend.h | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/service/storage/InMemoryStorageBackend.cpp b/src/service/storage/InMemoryStorageBackend.cpp index dc802e2..9fee197 100644 --- a/src/service/storage/InMemoryStorageBackend.cpp +++ b/src/service/storage/InMemoryStorageBackend.cpp @@ -49,6 +49,8 @@ namespace Cynara { +const std::string InMemoryStorageBackend::m_indexFileName = "buckets"; + void InMemoryStorageBackend::load(void) { std::string indexFilename = m_dbPath + m_indexFileName; diff --git a/src/service/storage/InMemoryStorageBackend.h b/src/service/storage/InMemoryStorageBackend.h index 68d042e..be187bb 100644 --- a/src/service/storage/InMemoryStorageBackend.h +++ b/src/service/storage/InMemoryStorageBackend.h @@ -70,7 +70,7 @@ protected: private: std::string m_dbPath; Buckets m_buckets; - const std::string m_indexFileName = "buckets"; + static const std::string m_indexFileName; protected: virtual Buckets &buckets(void) { -- 2.7.4 From dd800411de0c60833227b59084cf6d157b9b8f76 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 14:09:56 +0200 Subject: [PATCH 14/16] Add 'class' keyword in friend class declaration Change-Id: I1a63573faf35313b600439678198112cd9a6dcd9 --- src/common/types/PolicyKey.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/types/PolicyKey.h b/src/common/types/PolicyKey.h index ae9774e..f7d0fe0 100644 --- a/src/common/types/PolicyKey.h +++ b/src/common/types/PolicyKey.h @@ -33,7 +33,7 @@ namespace Cynara { class PolicyKey; class PolicyKeyFeature { -friend PolicyKey; +friend class PolicyKey; public: typedef std::string ValueType; -- 2.7.4 From 90f40c36c40d99533afc4326a9804c6a65f4e9e3 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Mon, 4 Aug 2014 14:12:13 +0200 Subject: [PATCH 15/16] Change default virtual destructor from '= default' to '{}' '= default' seems to be problematic. Some compilers give error: "declared virtual cannot be defaulted in the class body". Change-Id: Iaca3a70f64e45309430bc010883a87fcdc536d1b --- src/admin/api/ApiInterface.h | 2 +- src/admin/logic/Logic.h | 2 +- src/client/api/ApiInterface.h | 2 +- src/client/cache/CacheInterface.h | 6 +++--- src/client/logic/Logic.h | 2 +- src/common/exceptions/BucketDeserializationException.h | 1 + src/common/exceptions/BucketNotExistsException.h | 2 +- src/common/exceptions/BucketRecordCorruptedException.h | 2 +- src/common/exceptions/BucketSerializationException.h | 1 + src/common/exceptions/CannotCreateFileException.h | 2 +- src/common/exceptions/DefaultBucketDeletionException.h | 2 +- src/common/exceptions/DescriptorNotExistsException.h | 2 +- src/common/exceptions/Exception.h | 2 +- src/common/exceptions/FileNotFoundException.h | 2 +- src/common/exceptions/InitException.h | 2 +- src/common/exceptions/InvalidProtocolException.h | 2 +- src/common/exceptions/NotImplementedException.h | 2 +- src/common/exceptions/NullPointerException.h | 2 +- src/common/exceptions/OutOfDataException.h | 2 +- src/common/exceptions/PluginNotFoundException.h | 2 +- src/common/exceptions/ServerConnectionErrorException.h | 2 +- src/common/exceptions/UnexpectedErrorException.h | 2 +- src/common/protocol/Protocol.h | 2 +- src/common/protocol/ProtocolFrame.h | 2 +- src/common/protocol/ProtocolFrameHeader.h | 2 +- src/common/protocol/ProtocolSerialization.h | 4 ++-- src/common/request/CheckRequest.h | 2 +- src/common/request/InsertOrUpdateBucketRequest.h | 2 +- src/common/request/RemoveBucketRequest.h | 2 +- src/common/request/Request.h | 2 +- src/common/request/RequestTaker.h | 2 +- src/common/request/SetPoliciesRequest.h | 2 +- src/common/request/SignalRequest.h | 2 +- src/common/response/CheckResponse.h | 2 +- src/common/response/CodeResponse.h | 2 +- src/common/response/Response.h | 2 +- src/common/response/ResponseTaker.h | 2 +- src/common/sockets/SocketClient.h | 2 +- src/service/storage/InMemoryStorageBackend.h | 2 +- src/service/storage/StorageSerializer.h | 2 +- test/storage/serializer/bucket_load.cpp | 2 +- test/storage/serializer/serialize.cpp | 2 +- 42 files changed, 45 insertions(+), 43 deletions(-) diff --git a/src/admin/api/ApiInterface.h b/src/admin/api/ApiInterface.h index 9c513f6..eb2b17b 100644 --- a/src/admin/api/ApiInterface.h +++ b/src/admin/api/ApiInterface.h @@ -39,7 +39,7 @@ namespace Cynara { class ApiInterface { public: ApiInterface() = default; - virtual ~ApiInterface() = default; + virtual ~ApiInterface() {}; virtual int setPolicies(const std::map> &insertOrUpdate, const std::map> &remove) noexcept = 0; diff --git a/src/admin/logic/Logic.h b/src/admin/logic/Logic.h index d61c7e8..2d349f3 100644 --- a/src/admin/logic/Logic.h +++ b/src/admin/logic/Logic.h @@ -40,7 +40,7 @@ private: public: Logic(); - virtual ~Logic() = default; + virtual ~Logic() {}; virtual int setPolicies(const std::map> &insertOrUpdate, const std::map> &remove) noexcept; diff --git a/src/client/api/ApiInterface.h b/src/client/api/ApiInterface.h index f268508..73bcec5 100644 --- a/src/client/api/ApiInterface.h +++ b/src/client/api/ApiInterface.h @@ -31,7 +31,7 @@ namespace Cynara { class ApiInterface { public: ApiInterface() = default; - virtual ~ApiInterface() = default; + virtual ~ApiInterface() {}; virtual int check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) = 0; diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index f325a42..0279fdb 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -47,7 +47,7 @@ typedef std::shared_ptr ResultGetterInterfacePtr; class ResultGetterInterface { public: virtual int requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; - virtual ~ResultGetterInterface() = default; + virtual ~ResultGetterInterface() {}; }; class InterpreterInterface { @@ -56,7 +56,7 @@ public: virtual bool isUsable(const PolicyResult &result) noexcept = 0; virtual int toResult(const PolicyResult &result) noexcept = 0; - virtual ~InterpreterInterface() = default; + virtual ~InterpreterInterface() {}; }; class PluginCache { @@ -72,7 +72,7 @@ public: m_plugins.clear(); } - virtual ~PluginCache() = default; + virtual ~PluginCache() {}; protected: std::map m_plugins; diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index e9f2c23..ec298da 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -41,7 +41,7 @@ private: public: Logic(); - virtual ~Logic() = default; + virtual ~Logic() {}; virtual int check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) noexcept; diff --git a/src/common/exceptions/BucketDeserializationException.h b/src/common/exceptions/BucketDeserializationException.h index 2a00555..01d9a80 100644 --- a/src/common/exceptions/BucketDeserializationException.h +++ b/src/common/exceptions/BucketDeserializationException.h @@ -30,6 +30,7 @@ namespace Cynara { class BucketDeserializationException : public DatabaseException { public: BucketDeserializationException(const PolicyBucketId &bucketId) : m_bucketId(bucketId) {} + ~BucketDeserializationException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/BucketNotExistsException.h b/src/common/exceptions/BucketNotExistsException.h index 54c942e..18eb190 100644 --- a/src/common/exceptions/BucketNotExistsException.h +++ b/src/common/exceptions/BucketNotExistsException.h @@ -34,7 +34,7 @@ class BucketNotExistsException : public Exception { public: BucketNotExistsException() = delete; BucketNotExistsException(const PolicyBucketId &bucketId) : m_bucketId(bucketId) {} - virtual ~BucketNotExistsException() = default; + virtual ~BucketNotExistsException() noexcept {}; virtual const std::string message(void) const { return "BucketNotExistsException"; diff --git a/src/common/exceptions/BucketRecordCorruptedException.h b/src/common/exceptions/BucketRecordCorruptedException.h index 227c1d9..8152a77 100644 --- a/src/common/exceptions/BucketRecordCorruptedException.h +++ b/src/common/exceptions/BucketRecordCorruptedException.h @@ -31,7 +31,7 @@ namespace Cynara { class BucketRecordCorruptedException : public Exception { public: BucketRecordCorruptedException(void) = delete; - virtual ~BucketRecordCorruptedException(void) = default; + virtual ~BucketRecordCorruptedException() noexcept {}; BucketRecordCorruptedException(const std::string &line) : m_lineNumber(0), m_line(line) {} diff --git a/src/common/exceptions/BucketSerializationException.h b/src/common/exceptions/BucketSerializationException.h index 8882ff4..83f3397 100644 --- a/src/common/exceptions/BucketSerializationException.h +++ b/src/common/exceptions/BucketSerializationException.h @@ -30,6 +30,7 @@ namespace Cynara { class BucketSerializationException : public DatabaseException { public: BucketSerializationException(const PolicyBucketId &bucketId) : m_bucketId(bucketId) {} + ~BucketSerializationException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/CannotCreateFileException.h b/src/common/exceptions/CannotCreateFileException.h index bb3f937..cfdfb49 100644 --- a/src/common/exceptions/CannotCreateFileException.h +++ b/src/common/exceptions/CannotCreateFileException.h @@ -32,7 +32,7 @@ namespace Cynara { class CannotCreateFileException : public DatabaseException { public: CannotCreateFileException(const std::string &filename) : m_filename(filename) {}; - virtual ~CannotCreateFileException() = default; + virtual ~CannotCreateFileException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/DefaultBucketDeletionException.h b/src/common/exceptions/DefaultBucketDeletionException.h index 6a92ec5..92e1a73 100644 --- a/src/common/exceptions/DefaultBucketDeletionException.h +++ b/src/common/exceptions/DefaultBucketDeletionException.h @@ -32,7 +32,7 @@ namespace Cynara { class DefaultBucketDeletionException : public Exception { public: DefaultBucketDeletionException() = default; - virtual ~DefaultBucketDeletionException() = default; + virtual ~DefaultBucketDeletionException() noexcept {}; virtual const std::string message(void) const { return "DefaultBucketDeletionException"; diff --git a/src/common/exceptions/DescriptorNotExistsException.h b/src/common/exceptions/DescriptorNotExistsException.h index 5dd9553..095ffba 100644 --- a/src/common/exceptions/DescriptorNotExistsException.h +++ b/src/common/exceptions/DescriptorNotExistsException.h @@ -43,7 +43,7 @@ public: m_whatMsg = stream.str(); } - virtual ~DescriptorNotExistsException() = default; + virtual ~DescriptorNotExistsException() noexcept {}; virtual const std::string message(void) const { return m_whatMsg; diff --git a/src/common/exceptions/Exception.h b/src/common/exceptions/Exception.h index b709060..74ded47 100644 --- a/src/common/exceptions/Exception.h +++ b/src/common/exceptions/Exception.h @@ -33,7 +33,7 @@ public: m_backtrace = Backtrace::getBacktrace(); } - virtual ~Exception() = default; + virtual ~Exception() noexcept {}; virtual const char *what(void) const noexcept { if(m_whatMessage.empty()) { diff --git a/src/common/exceptions/FileNotFoundException.h b/src/common/exceptions/FileNotFoundException.h index e353c19..bce1fcb 100644 --- a/src/common/exceptions/FileNotFoundException.h +++ b/src/common/exceptions/FileNotFoundException.h @@ -32,7 +32,7 @@ namespace Cynara { class FileNotFoundException : public DatabaseException { public: FileNotFoundException(const std::string &filename) : m_filename(filename) {}; - virtual ~FileNotFoundException() = default; + virtual ~FileNotFoundException() noexcept {}; const std::string message(void) const { if (m_message.empty()) { diff --git a/src/common/exceptions/InitException.h b/src/common/exceptions/InitException.h index d06e1d7..c51cb5b 100644 --- a/src/common/exceptions/InitException.h +++ b/src/common/exceptions/InitException.h @@ -32,7 +32,7 @@ namespace Cynara { class InitException : public Exception { public: InitException() = default; - virtual ~InitException() = default; + virtual ~InitException() noexcept {}; virtual const std::string message(void) const { return "InitException"; diff --git a/src/common/exceptions/InvalidProtocolException.h b/src/common/exceptions/InvalidProtocolException.h index a2d65d1..33053e9 100644 --- a/src/common/exceptions/InvalidProtocolException.h +++ b/src/common/exceptions/InvalidProtocolException.h @@ -59,7 +59,7 @@ public: } - virtual ~InvalidProtocolException() = default; + virtual ~InvalidProtocolException() noexcept {}; virtual const std::string message(void) const { return m_whatMessage; diff --git a/src/common/exceptions/NotImplementedException.h b/src/common/exceptions/NotImplementedException.h index ceabb9a..3d1882a 100644 --- a/src/common/exceptions/NotImplementedException.h +++ b/src/common/exceptions/NotImplementedException.h @@ -32,7 +32,7 @@ namespace Cynara { class NotImplementedException : public Exception { public: NotImplementedException() = default; - virtual ~NotImplementedException() = default; + virtual ~NotImplementedException() noexcept {}; virtual const std::string message(void) const { return "NotImplementedException"; diff --git a/src/common/exceptions/NullPointerException.h b/src/common/exceptions/NullPointerException.h index ffd0bef..02db1c5 100644 --- a/src/common/exceptions/NullPointerException.h +++ b/src/common/exceptions/NullPointerException.h @@ -42,7 +42,7 @@ public: + std::string(">"); } - virtual ~NullPointerException() = default; + virtual ~NullPointerException() noexcept {}; virtual const std::string message(void) const { return m_whatMsg; diff --git a/src/common/exceptions/OutOfDataException.h b/src/common/exceptions/OutOfDataException.h index 827eb7a..c0b63bd 100644 --- a/src/common/exceptions/OutOfDataException.h +++ b/src/common/exceptions/OutOfDataException.h @@ -44,7 +44,7 @@ public: m_whatMsg = stream.str(); } - virtual ~OutOfDataException() = default; + virtual ~OutOfDataException() noexcept {}; virtual const std::string message(void) const { return m_whatMsg; diff --git a/src/common/exceptions/PluginNotFoundException.h b/src/common/exceptions/PluginNotFoundException.h index 345fd1d..4e422d3 100644 --- a/src/common/exceptions/PluginNotFoundException.h +++ b/src/common/exceptions/PluginNotFoundException.h @@ -45,7 +45,7 @@ public: m_whatMessage = stream.str(); } - virtual ~PluginNotFoundException() = default; + virtual ~PluginNotFoundException() noexcept {}; virtual const std::string message(void) const { return m_whatMessage; diff --git a/src/common/exceptions/ServerConnectionErrorException.h b/src/common/exceptions/ServerConnectionErrorException.h index a5a7b08..88a5e47 100644 --- a/src/common/exceptions/ServerConnectionErrorException.h +++ b/src/common/exceptions/ServerConnectionErrorException.h @@ -32,7 +32,7 @@ namespace Cynara { class ServerConnectionErrorException : public Exception { public: ServerConnectionErrorException() = default; - virtual ~ServerConnectionErrorException() = default; + virtual ~ServerConnectionErrorException() noexcept {}; virtual const std::string message(void) const { return "ServerConnectionError"; } diff --git a/src/common/exceptions/UnexpectedErrorException.h b/src/common/exceptions/UnexpectedErrorException.h index a7d100b..f3fca09 100644 --- a/src/common/exceptions/UnexpectedErrorException.h +++ b/src/common/exceptions/UnexpectedErrorException.h @@ -49,7 +49,7 @@ public: m_whatMessage = stream.str(); } - virtual ~UnexpectedErrorException() = default; + virtual ~UnexpectedErrorException() noexcept {}; virtual const std::string message(void) const { return m_whatMessage; diff --git a/src/common/protocol/Protocol.h b/src/common/protocol/Protocol.h index daf001c..5069cff 100644 --- a/src/common/protocol/Protocol.h +++ b/src/common/protocol/Protocol.h @@ -40,7 +40,7 @@ typedef std::shared_ptr ProtocolPtr; class Protocol : public RequestTaker, public ResponseTaker { public: Protocol() = default; - virtual ~Protocol() = default; + virtual ~Protocol() {}; virtual ProtocolPtr clone(void) = 0; diff --git a/src/common/protocol/ProtocolFrame.h b/src/common/protocol/ProtocolFrame.h index 709196e..f3c64b8 100644 --- a/src/common/protocol/ProtocolFrame.h +++ b/src/common/protocol/ProtocolFrame.h @@ -40,7 +40,7 @@ class ProtocolFrame: public IStream { public: ProtocolFrame(ProtocolFrameHeaderPtr frameHeader, BinaryQueuePtr headerContent); - virtual ~ProtocolFrame() = default; + virtual ~ProtocolFrame() {}; ProtocolFrameHeaderPtr frameHeader(void) { return m_frameHeader; diff --git a/src/common/protocol/ProtocolFrameHeader.h b/src/common/protocol/ProtocolFrameHeader.h index 0db0d6b..6560255 100644 --- a/src/common/protocol/ProtocolFrameHeader.h +++ b/src/common/protocol/ProtocolFrameHeader.h @@ -46,7 +46,7 @@ private: public: ProtocolFrameHeader(BinaryQueuePtr headerContent = nullptr); - virtual ~ProtocolFrameHeader() = default; + virtual ~ProtocolFrameHeader() {}; virtual void read(size_t num, void *bytes); virtual void write(size_t num, const void *bytes); diff --git a/src/common/protocol/ProtocolSerialization.h b/src/common/protocol/ProtocolSerialization.h index 532f78b..f3acff7 100644 --- a/src/common/protocol/ProtocolSerialization.h +++ b/src/common/protocol/ProtocolSerialization.h @@ -38,7 +38,7 @@ class IStream { public: virtual void read(size_t num, void *bytes) = 0; virtual void write(size_t num, const void *bytes) = 0; - virtual ~IStream() = default; + virtual ~IStream() {}; }; // Serializable interface @@ -47,7 +47,7 @@ public: /* ISerializable(){}; * ISerializable(IStream&){}; */ virtual void serialize(IStream &) const = 0; - virtual ~ISerializable() = default; + virtual ~ISerializable() {}; }; struct ProtocolSerialization { diff --git a/src/common/request/CheckRequest.h b/src/common/request/CheckRequest.h index 03135c7..7262347 100644 --- a/src/common/request/CheckRequest.h +++ b/src/common/request/CheckRequest.h @@ -40,7 +40,7 @@ public: Request(sequenceNumber), m_key(key) { } - virtual ~CheckRequest() = default; + virtual ~CheckRequest() {}; const PolicyKey &key(void) const { return m_key; diff --git a/src/common/request/InsertOrUpdateBucketRequest.h b/src/common/request/InsertOrUpdateBucketRequest.h index b166d71..2cf03ce 100644 --- a/src/common/request/InsertOrUpdateBucketRequest.h +++ b/src/common/request/InsertOrUpdateBucketRequest.h @@ -43,7 +43,7 @@ public: Request(sequenceNumber), m_bucketId(bucketId), m_result(result) { } - virtual ~InsertOrUpdateBucketRequest() = default; + virtual ~InsertOrUpdateBucketRequest() {}; const PolicyBucketId &bucketId(void) const { return m_bucketId; diff --git a/src/common/request/RemoveBucketRequest.h b/src/common/request/RemoveBucketRequest.h index ff49a43..49ef2a0 100644 --- a/src/common/request/RemoveBucketRequest.h +++ b/src/common/request/RemoveBucketRequest.h @@ -40,7 +40,7 @@ public: : Request(sequenceNumber), m_bucketId(bucketId) { } - virtual ~RemoveBucketRequest() = default; + virtual ~RemoveBucketRequest() {}; const PolicyBucketId &bucketId(void) const { return m_bucketId; diff --git a/src/common/request/Request.h b/src/common/request/Request.h index ac92398..9b9a2d2 100644 --- a/src/common/request/Request.h +++ b/src/common/request/Request.h @@ -33,7 +33,7 @@ class Request { public: Request(ProtocolFrameSequenceNumber sequenceNumber) : m_sequenceNumber(sequenceNumber) { } - virtual ~Request() = default; + virtual ~Request() {}; virtual void execute(RequestPtr self, RequestTakerPtr taker, RequestContextPtr context) const = 0; diff --git a/src/common/request/RequestTaker.h b/src/common/request/RequestTaker.h index 0c3ff7d..9d0a10f 100644 --- a/src/common/request/RequestTaker.h +++ b/src/common/request/RequestTaker.h @@ -30,7 +30,7 @@ namespace Cynara { class RequestTaker { public: RequestTaker() = default; - virtual ~RequestTaker() = default; + virtual ~RequestTaker() {}; virtual void execute(RequestContextPtr context, CheckRequestPtr request); virtual void execute(RequestContextPtr context, InsertOrUpdateBucketRequestPtr request); diff --git a/src/common/request/SetPoliciesRequest.h b/src/common/request/SetPoliciesRequest.h index d876ad1..afb8f14 100644 --- a/src/common/request/SetPoliciesRequest.h +++ b/src/common/request/SetPoliciesRequest.h @@ -49,7 +49,7 @@ public: m_removePolicies(removePolicies) { } - virtual ~SetPoliciesRequest() = default; + virtual ~SetPoliciesRequest() {}; const std::map> &policiesToBeInsertedOrUpdated(void) const { return m_insertOrUpdatePolicies; diff --git a/src/common/request/SignalRequest.h b/src/common/request/SignalRequest.h index f9d1422..068834d 100644 --- a/src/common/request/SignalRequest.h +++ b/src/common/request/SignalRequest.h @@ -38,7 +38,7 @@ public: SignalRequest(struct signalfd_siginfo sigInfo) : Request(0), m_sigInfo(sigInfo) { } - virtual ~SignalRequest() = default; + virtual ~SignalRequest() {}; virtual void execute(RequestPtr self, RequestTakerPtr taker, RequestContextPtr context) const; diff --git a/src/common/response/CheckResponse.h b/src/common/response/CheckResponse.h index 1f49648..1ca69f3 100644 --- a/src/common/response/CheckResponse.h +++ b/src/common/response/CheckResponse.h @@ -39,7 +39,7 @@ public: Response(sequenceNumber), m_resultRef(result) { } - virtual ~CheckResponse() = default; + virtual ~CheckResponse() {}; virtual void execute(ResponsePtr self, ResponseTakerPtr taker, RequestContextPtr context) const; diff --git a/src/common/response/CodeResponse.h b/src/common/response/CodeResponse.h index ec04e03..96d04c6 100644 --- a/src/common/response/CodeResponse.h +++ b/src/common/response/CodeResponse.h @@ -43,7 +43,7 @@ public: Response(sequenceNumber), m_code(code) { } - virtual ~CodeResponse() = default; + virtual ~CodeResponse() {}; virtual void execute(ResponsePtr self, ResponseTakerPtr taker, RequestContextPtr context) const; diff --git a/src/common/response/Response.h b/src/common/response/Response.h index e85de48..0731975 100644 --- a/src/common/response/Response.h +++ b/src/common/response/Response.h @@ -33,7 +33,7 @@ class Response { public: Response(ProtocolFrameSequenceNumber sequenceNumber) : m_sequenceNumber(sequenceNumber) { }; - virtual ~Response() = default; + virtual ~Response() {}; virtual void execute(ResponsePtr self, ResponseTakerPtr taker, RequestContextPtr context) const = 0; diff --git a/src/common/response/ResponseTaker.h b/src/common/response/ResponseTaker.h index 545f60f..8aede4d 100644 --- a/src/common/response/ResponseTaker.h +++ b/src/common/response/ResponseTaker.h @@ -31,7 +31,7 @@ namespace Cynara { class ResponseTaker { public: ResponseTaker() = default; - virtual ~ResponseTaker() = default; + virtual ~ResponseTaker() {}; virtual void execute(RequestContextPtr context, CheckResponsePtr response); virtual void execute(RequestContextPtr context, CodeResponsePtr response); diff --git a/src/common/sockets/SocketClient.h b/src/common/sockets/SocketClient.h index fae5ba3..7553a5a 100644 --- a/src/common/sockets/SocketClient.h +++ b/src/common/sockets/SocketClient.h @@ -46,7 +46,7 @@ private: public: SocketClient(const std::string &socketPath, ProtocolPtr protocol); - virtual ~SocketClient() = default; + virtual ~SocketClient() {}; //returns pointer to response // or nullptr when connection to cynara service is lost diff --git a/src/service/storage/InMemoryStorageBackend.h b/src/service/storage/InMemoryStorageBackend.h index be187bb..d811edd 100644 --- a/src/service/storage/InMemoryStorageBackend.h +++ b/src/service/storage/InMemoryStorageBackend.h @@ -44,7 +44,7 @@ class InMemoryStorageBackend : public StorageBackend { public: InMemoryStorageBackend(const std::string &path) : m_dbPath(path) { } - virtual ~InMemoryStorageBackend() = default; + virtual ~InMemoryStorageBackend() {}; virtual void load(void); virtual void save(void); diff --git a/src/service/storage/StorageSerializer.h b/src/service/storage/StorageSerializer.h index a995265..55ec2cd 100644 --- a/src/service/storage/StorageSerializer.h +++ b/src/service/storage/StorageSerializer.h @@ -45,7 +45,7 @@ public: BucketStreamOpener; StorageSerializer(std::shared_ptr os); - virtual ~StorageSerializer() = default; + virtual ~StorageSerializer() {}; virtual void dump(const Buckets &buckets, BucketStreamOpener streamOpener); diff --git a/test/storage/serializer/bucket_load.cpp b/test/storage/serializer/bucket_load.cpp index 3c2096e..8e5b2df 100644 --- a/test/storage/serializer/bucket_load.cpp +++ b/test/storage/serializer/bucket_load.cpp @@ -43,7 +43,7 @@ MATCHER_P(PolicyAtPtrEq, policy, "") { class BucketDeserializerFixture : public ::testing::Test { public: - virtual ~BucketDeserializerFixture() = default; + virtual ~BucketDeserializerFixture() {}; PolicyPtr createPolicy(const PolicyKey &pk, const PolicyResult &pr) { return std::make_shared(pk, pr); diff --git a/test/storage/serializer/serialize.cpp b/test/storage/serializer/serialize.cpp index 07804f4..ad55495 100644 --- a/test/storage/serializer/serialize.cpp +++ b/test/storage/serializer/serialize.cpp @@ -56,7 +56,7 @@ public: class StorageSerializerFixture : public ::testing::Test { public: - virtual ~StorageSerializerFixture() = default; + virtual ~StorageSerializerFixture() {}; Cynara::Buckets buckets; FakeStreamForBucketId fakeStreamOpener; -- 2.7.4 From 88cebd4b4739baf26d06114b40efb28cbd43a9a4 Mon Sep 17 00:00:00 2001 From: Adam Malinowski Date: Wed, 6 Aug 2014 15:12:15 +0200 Subject: [PATCH 16/16] Move user and group creating section from %post to %pre scriptlet This change is needed for creating cynara local state directory with proper user and group. Change-Id: I50d353f7fee1e352c7377a8902a237519c0a6491 --- packaging/cynara.spec | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index a3d82f0..937fbea 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -104,13 +104,7 @@ mkdir -p %{buildroot}/%{state_path} ln -s ../cynara.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/cynara.socket ln -s ../cynara-admin.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/cynara-admin.socket -%post -### Add file capabilities if needed -### setcap/getcap binary are useful. To use them you must install libcap and libcap-tools packages -### In such case uncomment Requires with those packages - -systemctl daemon-reload - +%pre id -g %{group_name} > /dev/null 2>&1 if [ $? -eq 1 ]; then groupadd %{group_name} -r > /dev/null 2>&1 @@ -121,6 +115,13 @@ if [ $? -eq 1 ]; then useradd -m %{user_name} -r > /dev/null 2>&1 fi +%post +### Add file capabilities if needed +### setcap/getcap binary are useful. To use them you must install libcap and libcap-tools packages +### In such case uncomment Requires with those packages + +systemctl daemon-reload + if [ $1 = 1 ]; then systemctl enable %{name}.service fi -- 2.7.4