From 1405e059bac55207021aa796c9ee9cb7b74f107b Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Tue, 26 Aug 2014 14:08:18 +0200 Subject: [PATCH 01/16] Add additional error code CYNARA_API_CACHE_MISS Change-Id: I2f128b28b19956409f0251f725a28a0e8ace2e7d --- src/include/cynara-client-error.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/include/cynara-client-error.h b/src/include/cynara-client-error.h index b4746b8..e5539ea 100644 --- a/src/include/cynara-client-error.h +++ b/src/include/cynara-client-error.h @@ -21,8 +21,8 @@ * @brief This file contains error codes returned by client APIs of Cynara. */ -#ifndef CYNARA_ERROR_H -#define CYNARA_ERROR_H +#ifndef CYNARA_CLIENT_ERROR_H +#define CYNARA_CLIENT_ERROR_H /** * \name Return Codes @@ -45,6 +45,9 @@ /*! \brief service not available */ #define CYNARA_API_SERVICE_NOT_AVAILABLE -4 + +/*! \brief indicating that value is not present in cache */ +#define CYNARA_API_CACHE_MISS -5 /** @}*/ -#endif // CYNARA_ERROR_H +#endif // CYNARA_CLIENT_ERROR_H -- 2.7.4 From d6225814636144a5ed9801cdb6aef4b01c2bd8b4 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Mon, 25 Aug 2014 16:52:33 +0200 Subject: [PATCH 02/16] Prepare Cache for async API Change-Id: I4f2eba2db4a0f35efaa6fa00a924e582211a1e45 --- src/client/cache/CacheInterface.h | 6 ++++-- src/client/cache/CapacityCache.cpp | 35 ++++++++++++++++++----------------- src/client/cache/CapacityCache.h | 9 +++++---- src/client/logic/Logic.cpp | 26 +++++++++++++++++++------- src/client/logic/Logic.h | 3 ++- 5 files changed, 48 insertions(+), 31 deletions(-) diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index 0279fdb..ec76a2e 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -61,8 +61,11 @@ public: class PluginCache { public: - PluginCache(ResultGetterInterfacePtr getter) : m_getter(getter) {} + PluginCache() {} virtual int get(const std::string &session, const PolicyKey &key) = 0; + virtual int update(const std::string &session, + const PolicyKey &key, + const PolicyResult &result) = 0; void registerPlugin(const PolicyType policyType, InterpreterInterfacePtr plugin) { m_plugins[policyType] = plugin; @@ -76,7 +79,6 @@ public: protected: std::map m_plugins; - ResultGetterInterfacePtr m_getter; }; } // namespace Cynara diff --git a/src/client/cache/CapacityCache.cpp b/src/client/cache/CapacityCache.cpp index a0025b2..412d231 100644 --- a/src/client/cache/CapacityCache.cpp +++ b/src/client/cache/CapacityCache.cpp @@ -33,9 +33,9 @@ int CapacityCache::get(const std::string &session, const PolicyKey &key) { //This can be very time heavy. This part is welcomed to be optimized. if (session != m_session) { LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); - m_keyValue.clear(); - m_keyUsage.clear(); + clear(); m_session = session; + return CYNARA_API_CACHE_MISS; } auto resultIt = m_keyValue.find(keyToString(key)); //Do we have entry in cache? @@ -44,7 +44,7 @@ int CapacityCache::get(const std::string &session, const PolicyKey &key) { key.client().toString().c_str(), key.user().toString().c_str(), key.privilege().toString().c_str()); - return update(key); + return CYNARA_API_CACHE_MISS; } else { LOGD("Entry available for client=%s user=%s privilege=%s", key.client().toString().c_str(), @@ -64,14 +64,13 @@ int CapacityCache::get(const std::string &session, const PolicyKey &key) { LOGD("Entry usable."); m_keyUsage.splice(m_keyUsage.begin(), m_keyUsage, resultIt->second.second); return plugin->toResult(resultIt->second.first); - } else { - //remove from list and map and update - LOGD("Entry not usable."); - auto usage_it = resultIt->second.second; - m_keyUsage.erase(usage_it); - m_keyValue.erase(resultIt); - return update(key); } + //Remove unusable entry + LOGD("Entry not usable"); + auto usageIt = resultIt->second.second; + m_keyUsage.erase(usageIt); + m_keyValue.erase(resultIt); + return CYNARA_API_CACHE_MISS; } } @@ -101,14 +100,16 @@ void CapacityCache::evict(void) { m_keyValue.erase(value_it); } -int CapacityCache::update(const PolicyKey &key) { - int ret; - PolicyResult result; - if ((ret = m_getter->requestResult(key, result)) != CYNARA_API_SUCCESS) { - LOGE("Error fetching new entry."); - return ret; +int CapacityCache::update(const std::string &session, + const PolicyKey &key, + const PolicyResult &result) { + //This can be very time heavy. This part is welcomed to be optimized. + if (session != m_session) { + LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); + clear(); + m_session = session; } - LOGD("Fetched new entry."); + auto pluginIt = m_plugins.find(result.policyType()); //No registered plugin for returned type of policy diff --git a/src/client/cache/CapacityCache.h b/src/client/cache/CapacityCache.h index 12101db..921a16b 100644 --- a/src/client/cache/CapacityCache.h +++ b/src/client/cache/CapacityCache.h @@ -34,12 +34,13 @@ class CapacityCache : public PluginCache { public: static const std::size_t CACHE_DEFAULT_CAPACITY = 10000; - CapacityCache(ResultGetterInterfacePtr getter, - std::size_t capacity = CACHE_DEFAULT_CAPACITY) : - PluginCache(getter), + CapacityCache(std::size_t capacity = CACHE_DEFAULT_CAPACITY) : m_capacity(capacity) {} int get(const std::string &session, const PolicyKey &key); + int update(const std::string& session, + const PolicyKey &key, + const PolicyResult &result); void clear(void); private: @@ -50,7 +51,7 @@ private: static std::string keyToString(const PolicyKey &key); void evict(void); - int update(const PolicyKey &key); + std::size_t m_capacity; std::string m_session; diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index dbdcf36..0c8ffc9 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -39,7 +39,8 @@ const std::string clientSocketPath("/run/cynara/cynara.socket"); Logic::Logic() { m_socket = std::make_shared(clientSocketPath, std::make_shared()); - m_cache = std::make_shared(std::make_shared(m_socket)); + m_resultGetter = std::make_shared(m_socket); + m_cache = std::make_shared(); auto naiveInterpreter = std::make_shared(); m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter); m_cache->registerPlugin(PredefinedPolicyType::DENY, naiveInterpreter); @@ -49,15 +50,26 @@ Logic::Logic() { int Logic::check(const std::string &client, const std::string &session, const std::string &user, const std::string &privilege) noexcept { - PolicyKey key(client, user, privilege); - - if (!m_socket->isConnected()) + if (!m_socket->isConnected()){ onDisconnected(); + } + PolicyKey key(client, user, privilege); auto ret = m_cache->get(session, key); - if (ret == CYNARA_API_SERVICE_NOT_AVAILABLE) - onDisconnected(); - return ret; + //Any other situation than cache miss + if (ret != CYNARA_API_CACHE_MISS) { + return ret; + } + + //No value in Cache + PolicyResult result; + ret = m_resultGetter->requestResult(key, result); + if (ret != CYNARA_API_SUCCESS) { + LOGE("Error fetching new entry."); + return ret; + } + + return m_cache->update(session, key, result); } void Logic::onDisconnected(void) { diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index ec298da..3d2ee95 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -34,8 +34,9 @@ namespace Cynara { class Logic : public ApiInterface { private: - PluginCachePtr m_cache; SocketClientPtr m_socket; + ResultGetterInterfacePtr m_resultGetter; + PluginCachePtr m_cache; void onDisconnected(void); -- 2.7.4 From 4048a09d307ff55977ab8b1e582002e1f571a684 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Tue, 26 Aug 2014 13:17:40 +0200 Subject: [PATCH 03/16] Add ClientSession type Change-Id: Ia62dac02a652c2f252708ed05320eb66ea5506b1 --- src/client/api/ApiInterface.h | 4 +++- src/client/cache/CacheInterface.h | 5 +++-- src/client/cache/CapacityCache.cpp | 4 ++-- src/client/cache/CapacityCache.h | 6 +++--- src/client/logic/Logic.cpp | 2 +- src/client/logic/Logic.h | 2 +- src/common/types/ClientSession.h | 34 ++++++++++++++++++++++++++++++++++ 7 files changed, 47 insertions(+), 10 deletions(-) create mode 100644 src/common/types/ClientSession.h diff --git a/src/client/api/ApiInterface.h b/src/client/api/ApiInterface.h index 73bcec5..656cc1d 100644 --- a/src/client/api/ApiInterface.h +++ b/src/client/api/ApiInterface.h @@ -24,7 +24,9 @@ #define SRC_CLIENT_API_APIINTERFACE_H_ #include + #include +#include namespace Cynara { @@ -33,7 +35,7 @@ public: ApiInterface() = default; virtual ~ApiInterface() {}; - virtual int check(const std::string &client, const std::string &session, + virtual int check(const std::string &client, const ClientSession &session, const std::string &user, const std::string &privilege) = 0; }; diff --git a/src/client/cache/CacheInterface.h b/src/client/cache/CacheInterface.h index ec76a2e..ee2b27d 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client/cache/CacheInterface.h @@ -29,6 +29,7 @@ #include #include +#include #include #include #include @@ -62,8 +63,8 @@ public: class PluginCache { public: PluginCache() {} - virtual int get(const std::string &session, const PolicyKey &key) = 0; - virtual int update(const std::string &session, + virtual int get(const ClientSession &session, const PolicyKey &key) = 0; + virtual int update(const ClientSession &session, const PolicyKey &key, const PolicyResult &result) = 0; diff --git a/src/client/cache/CapacityCache.cpp b/src/client/cache/CapacityCache.cpp index 412d231..1d2c658 100644 --- a/src/client/cache/CapacityCache.cpp +++ b/src/client/cache/CapacityCache.cpp @@ -29,7 +29,7 @@ namespace Cynara { -int CapacityCache::get(const std::string &session, const PolicyKey &key) { +int CapacityCache::get(const ClientSession &session, const PolicyKey &key) { //This can be very time heavy. This part is welcomed to be optimized. if (session != m_session) { LOGD("Session changed from %s to %s.", m_session.c_str(), session.c_str()); @@ -100,7 +100,7 @@ void CapacityCache::evict(void) { m_keyValue.erase(value_it); } -int CapacityCache::update(const std::string &session, +int CapacityCache::update(const ClientSession &session, const PolicyKey &key, const PolicyResult &result) { //This can be very time heavy. This part is welcomed to be optimized. diff --git a/src/client/cache/CapacityCache.h b/src/client/cache/CapacityCache.h index 921a16b..6fe9c83 100644 --- a/src/client/cache/CapacityCache.h +++ b/src/client/cache/CapacityCache.h @@ -37,8 +37,8 @@ public: CapacityCache(std::size_t capacity = CACHE_DEFAULT_CAPACITY) : m_capacity(capacity) {} - int get(const std::string &session, const PolicyKey &key); - int update(const std::string& session, + int get(const ClientSession &session, const PolicyKey &key); + int update(const ClientSession& session, const PolicyKey &key, const PolicyResult &result); void clear(void); @@ -54,7 +54,7 @@ private: std::size_t m_capacity; - std::string m_session; + ClientSession m_session; KeyUsageList m_keyUsage; KeyValueMap m_keyValue; diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index 0c8ffc9..a609314 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -47,7 +47,7 @@ Logic::Logic() { m_cache->registerPlugin(PredefinedPolicyType::BUCKET, naiveInterpreter); } -int Logic::check(const std::string &client, const std::string &session, const std::string &user, +int Logic::check(const std::string &client, const ClientSession &session, const std::string &user, const std::string &privilege) noexcept { if (!m_socket->isConnected()){ diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index 3d2ee95..daab6f4 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -44,7 +44,7 @@ public: Logic(); virtual ~Logic() {}; - virtual int check(const std::string &client, const std::string &session, + virtual int check(const std::string &client, const ClientSession &session, const std::string &user, const std::string &privilege) noexcept; }; diff --git a/src/common/types/ClientSession.h b/src/common/types/ClientSession.h new file mode 100644 index 0000000..a848137 --- /dev/null +++ b/src/common/types/ClientSession.h @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file ClientSession.h + * @author Zofia Abramowska + * @version 1.0 + * @brief Description of user defined session type + */ + +#ifndef SRC_COMMON_TYPES_CLIENTSESSION_H_ +#define SRC_COMMON_TYPES_CLIENTSESSION_H_ + +#include + +namespace Cynara { + +typedef std::string ClientSession; + +} // namespace Cynara + +#endif /* SRC_COMMON_TYPES_CLIENTSESSION_H_ */ -- 2.7.4 From 8eb9b35471e4e6dc036d06eaac2f7b73abc1c1ab Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Tue, 26 Aug 2014 13:27:31 +0200 Subject: [PATCH 04/16] Move Cache to client commons library Change-Id: Ia47e434063b7a1f6d079a29e0076ab0c2392832f --- CMakeLists.txt | 1 + packaging/cynara.spec | 2 + src/CMakeLists.txt | 2 +- src/admin/CMakeLists.txt | 1 + src/client-common/CMakeLists.txt | 47 +++++++++++++++ .../cache/CacheInterface.h | 28 ++------- .../cache/CapacityCache.cpp | 0 .../cache/CapacityCache.h | 6 +- .../plugins}/NaiveInterpreter.h | 6 +- .../plugins/PluginInterface.h} | 41 ++++++------- src/client/CMakeLists.txt | 22 +++---- src/client/cache/PolicyGetter.cpp | 67 ---------------------- src/client/logic/Logic.cpp | 53 ++++++++++++++--- src/client/logic/Logic.h | 5 +- 14 files changed, 139 insertions(+), 142 deletions(-) create mode 100644 src/client-common/CMakeLists.txt rename src/{client => client-common}/cache/CacheInterface.h (69%) rename src/{client => client-common}/cache/CapacityCache.cpp (100%) rename src/{client => client-common}/cache/CapacityCache.h (92%) rename src/{client/cache => client-common/plugins}/NaiveInterpreter.h (89%) rename src/{client/cache/PolicyGetter.h => client-common/plugins/PluginInterface.h} (50%) delete mode 100644 src/client/cache/PolicyGetter.cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index 354d39b..38c37d7 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -55,6 +55,7 @@ ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG") SET(TARGET_CYNARA "cynara") SET(TARGET_LIB_CYNARA "cynara-client") +SET(TARGET_LIB_CYNARA_COMMON "cynara-client-commons") SET(TARGET_LIB_CYNARA_ADMIN "cynara-admin") SET(TARGET_CYNARA_COMMON "cynara-commons") SET(TARGET_CYNARA_TESTS "cynara-tests") diff --git a/packaging/cynara.spec b/packaging/cynara.spec index a06f5cc..0fcd718 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -193,6 +193,7 @@ fi %license LICENSE %defattr(-,root,root,-) %{_libdir}/libcynara-client.so.* +%{_libdir}/libcynara-client-commons.so.* %files -n libcynara-client-devel %defattr(-,root,root,-) @@ -200,6 +201,7 @@ fi %{_includedir}/cynara/cynara-client-error.h %{_libdir}/pkgconfig/cynara-client.pc %{_libdir}/libcynara-client.so +%{_libdir}/libcynara-client-commons.so %files -n libcynara-admin %manifest libcynara-admin.manifest diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 852e0a5..596e84a 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -40,12 +40,12 @@ INCLUDE_DIRECTORIES(SYSTEM SET(CYNARA_PATH ${PROJECT_SOURCE_DIR}/src) INCLUDE_DIRECTORIES( - ${CYNARA_PATH}/include ${CYNARA_PATH}/common ) ADD_SUBDIRECTORY(include) ADD_SUBDIRECTORY(common) ADD_SUBDIRECTORY(client) +ADD_SUBDIRECTORY(client-common) ADD_SUBDIRECTORY(admin) ADD_SUBDIRECTORY(service) diff --git a/src/admin/CMakeLists.txt b/src/admin/CMakeLists.txt index bbf0ebc..9f53d55 100644 --- a/src/admin/CMakeLists.txt +++ b/src/admin/CMakeLists.txt @@ -27,6 +27,7 @@ SET(LIB_CYNARA_ADMIN_SOURCES ) INCLUDE_DIRECTORIES( + ${CYNARA_PATH}/include ${CYNARA_LIB_CYNARA_ADMIN_PATH} ) diff --git a/src/client-common/CMakeLists.txt b/src/client-common/CMakeLists.txt new file mode 100644 index 0000000..fdc41c6 --- /dev/null +++ b/src/client-common/CMakeLists.txt @@ -0,0 +1,47 @@ +# Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Zofia Abramowska +# + +SET(LIB_CYNARA_CLIENT_COMMON_VERSION_MAJOR 0) +SET(LIB_CYNARA_CLIENT_COMMON_VERSION ${LIB_CYNARA_CLIENT_COMMON_VERSION_MAJOR}.0.2) + +SET(LIB_CYNARA_COMMON_PATH ${CYNARA_PATH}/client-common) + +INCLUDE_DIRECTORIES( + ${LIB_CYNARA_COMMON_PATH} + ${CYNARA_PATH}/include + ) + +SET(LIB_CYNARA_COMMON_SOURCES + ${LIB_CYNARA_COMMON_PATH}/cache/CapacityCache.cpp + ) + +ADD_LIBRARY(${TARGET_LIB_CYNARA_COMMON} SHARED ${LIB_CYNARA_COMMON_SOURCES}) + +SET_TARGET_PROPERTIES( + ${TARGET_LIB_CYNARA_COMMON} + PROPERTIES + COMPILE_FLAGS "-D_GNU_SOURCE" + SOVERSION ${LIB_CYNARA_CLIENT_COMMON_VERSION_MAJOR} + VERSION ${LIB_CYNARA_CLIENT_COMMON_VERSION} + ) + +TARGET_LINK_LIBRARIES(${TARGET_LIB_CYNARA_COMMON} + ${TARGET_CYNARA_COMMON} + ) + +INSTALL(TARGETS ${TARGET_LIB_CYNARA_COMMON} DESTINATION ${LIB_INSTALL_DIR}) diff --git a/src/client/cache/CacheInterface.h b/src/client-common/cache/CacheInterface.h similarity index 69% rename from src/client/cache/CacheInterface.h rename to src/client-common/cache/CacheInterface.h index ee2b27d..cdf3be7 100644 --- a/src/client/cache/CacheInterface.h +++ b/src/client-common/cache/CacheInterface.h @@ -21,14 +21,15 @@ * @brief This file contains cache interface definitions. */ -#ifndef SRC_CLIENT_CACHE_CACHEINTERFACE_H_ -#define SRC_CLIENT_CACHE_CACHEINTERFACE_H_ +#ifndef SRC_CLIENT_COMMON_CACHE_CACHEINTERFACE_H_ +#define SRC_CLIENT_COMMON_CACHE_CACHEINTERFACE_H_ #include #include #include #include +#include #include #include #include @@ -36,30 +37,9 @@ namespace Cynara { -class InterpreterInterface; -typedef std::shared_ptr InterpreterInterfacePtr; - class PluginCache; typedef std::shared_ptr PluginCachePtr; -class ResultGetterInterface; -typedef std::shared_ptr ResultGetterInterfacePtr; - -class ResultGetterInterface { -public: - virtual int requestResult(const PolicyKey &key, PolicyResult &result) noexcept = 0; - virtual ~ResultGetterInterface() {}; -}; - -class InterpreterInterface { -public: - virtual bool isCacheable(const PolicyResult &result) noexcept = 0; - virtual bool isUsable(const PolicyResult &result) noexcept = 0; - virtual int toResult(const PolicyResult &result) noexcept = 0; - - virtual ~InterpreterInterface() {}; -}; - class PluginCache { public: PluginCache() {} @@ -84,4 +64,4 @@ protected: } // namespace Cynara -#endif // SRC_CLIENT_CACHE_CACHEINTERFACE_H_ +#endif // SRC_CLIENT_COMMON_CACHE_CACHEINTERFACE_H_ diff --git a/src/client/cache/CapacityCache.cpp b/src/client-common/cache/CapacityCache.cpp similarity index 100% rename from src/client/cache/CapacityCache.cpp rename to src/client-common/cache/CapacityCache.cpp diff --git a/src/client/cache/CapacityCache.h b/src/client-common/cache/CapacityCache.h similarity index 92% rename from src/client/cache/CapacityCache.h rename to src/client-common/cache/CapacityCache.h index 6fe9c83..0a607fd 100644 --- a/src/client/cache/CapacityCache.h +++ b/src/client-common/cache/CapacityCache.h @@ -20,8 +20,8 @@ * @brief This file contains capacity cache header. */ -#ifndef SRC_CLIENT_CACHE_CAPACITYCACHE_H_ -#define SRC_CLIENT_CACHE_CAPACITYCACHE_H_ +#ifndef SRC_CLIENT_COMMON_CACHE_CAPACITYCACHE_H_ +#define SRC_CLIENT_COMMON_CACHE_CAPACITYCACHE_H_ #include #include @@ -62,7 +62,7 @@ private: } //namespace Cynara -#endif // SRC_CLIENT_CACHE_CAPACITYCACHE_H_ +#endif // SRC_CLIENT_COMMON_CACHE_CAPACITYCACHE_H_ diff --git a/src/client/cache/NaiveInterpreter.h b/src/client-common/plugins/NaiveInterpreter.h similarity index 89% rename from src/client/cache/NaiveInterpreter.h rename to src/client-common/plugins/NaiveInterpreter.h index 9574f2c..adac014 100644 --- a/src/client/cache/NaiveInterpreter.h +++ b/src/client-common/plugins/NaiveInterpreter.h @@ -19,8 +19,8 @@ * @version 1.0 * @brief This file contains PolicyType naive interpreter implementation. */ -#ifndef SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ -#define SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ +#ifndef SRC_CLIENT_COMMON_PLUGINS_NAIVEINTERPRETER_H_ +#define SRC_CLIENT_COMMON_PLUGINS_NAIVEINTERPRETER_H_ #include #include @@ -45,6 +45,6 @@ class NaiveInterpreter : public InterpreterInterface { } // namespace Cynara -#endif // SRC_CLIENT_CACHE_NAIVEINTERPRETER_H_ +#endif // SRC_CLIENT_COMMON_PLUGINS_NAIVEINTERPRETER_H_ diff --git a/src/client/cache/PolicyGetter.h b/src/client-common/plugins/PluginInterface.h similarity index 50% rename from src/client/cache/PolicyGetter.h rename to src/client-common/plugins/PluginInterface.h index c653887..5edec7a 100644 --- a/src/client/cache/PolicyGetter.h +++ b/src/client-common/plugins/PluginInterface.h @@ -1,3 +1,4 @@ + /* * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved * @@ -14,41 +15,33 @@ * limitations under the License */ /* - * @file PolicyGetter.h + * @file PluginInterface.h * @author Zofia Abramowska * @version 1.0 - * @brief This file contains Cynara PolicyResult getter implementation. + * @brief This file contains plugin interface definitions. */ -#ifndef SRC_CLIENT_CACHE_POLICYGETTER_H_ -#define SRC_CLIENT_CACHE_POLICYGETTER_H_ - -#include +#ifndef SRC_CLIENT_COMMON_PLUGINS_PLUGININTERFACE_H_ +#define SRC_CLIENT_COMMON_PLUGINS_PLUGININTERFACE_H_ -#include -#include +#include +#include namespace Cynara { -class PolicyGetter : public ResultGetterInterface { -public: - PolicyGetter(const SocketClientPtr &socketClient) : m_socketClient(socketClient) {} - int requestResult(const PolicyKey &key, PolicyResult &result) noexcept; +class InterpreterInterface; +typedef std::shared_ptr InterpreterInterfacePtr; -private: - ProtocolFrameSequenceNumber generateSequenceNumber(void) { - static ProtocolFrameSequenceNumber sequenceNumber = 0; - return ++sequenceNumber; - } +class InterpreterInterface { +public: + virtual bool isCacheable(const PolicyResult &result) noexcept = 0; + virtual bool isUsable(const PolicyResult &result) noexcept = 0; + virtual int toResult(const PolicyResult &result) noexcept = 0; - SocketClientPtr m_socketClient; + virtual ~InterpreterInterface() {}; }; -} //namespace Cynara - -#endif // SRC_CLIENT_CACHE_POLICYGETTER_H_ - - - +} +#endif // SRC_CLIENT_COMMON_PLUGINS_PLUGININTERFACE_H_ diff --git a/src/client/CMakeLists.txt b/src/client/CMakeLists.txt index 4431556..09a023e 100644 --- a/src/client/CMakeLists.txt +++ b/src/client/CMakeLists.txt @@ -14,22 +14,23 @@ # # @file CMakeLists.txt # @author Lukasz Wojciechowski +# @author Zofia Abramowska # SET(LIB_CYNARA_VERSION_MAJOR 0) SET(LIB_CYNARA_VERSION ${LIB_CYNARA_VERSION_MAJOR}.0.2) -SET(CYNARA_LIB_CYNARA_PATH ${CYNARA_PATH}/client) +SET(LIB_CYNARA_PATH ${CYNARA_PATH}/client) -SET(LIB_CYNARA_SOURCES - ${CYNARA_LIB_CYNARA_PATH}/api/client-api.cpp - ${CYNARA_LIB_CYNARA_PATH}/cache/CapacityCache.cpp - ${CYNARA_LIB_CYNARA_PATH}/cache/PolicyGetter.cpp - ${CYNARA_LIB_CYNARA_PATH}/logic/Logic.cpp +INCLUDE_DIRECTORIES( + ${LIB_CYNARA_PATH} + ${CYNARA_PATH}/include + ${CYNARA_PATH}/client-common ) -INCLUDE_DIRECTORIES( - ${CYNARA_LIB_CYNARA_PATH} +SET(LIB_CYNARA_SOURCES + ${LIB_CYNARA_PATH}/api/client-api.cpp + ${LIB_CYNARA_PATH}/logic/Logic.cpp ) ADD_LIBRARY(${TARGET_LIB_CYNARA} SHARED ${LIB_CYNARA_SOURCES}) @@ -37,14 +38,13 @@ ADD_LIBRARY(${TARGET_LIB_CYNARA} SHARED ${LIB_CYNARA_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_LIB_CYNARA} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=hidden" + COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=hidden" SOVERSION ${LIB_CYNARA_VERSION_MAJOR} VERSION ${LIB_CYNARA_VERSION} ) TARGET_LINK_LIBRARIES(${TARGET_LIB_CYNARA} - ${CYNARA_DEP_LIBRARIES} - ${TARGET_CYNARA_COMMON} + ${TARGET_LIB_CYNARA_COMMON} ) INSTALL(TARGETS ${TARGET_LIB_CYNARA} DESTINATION ${LIB_INSTALL_DIR}) diff --git a/src/client/cache/PolicyGetter.cpp b/src/client/cache/PolicyGetter.cpp deleted file mode 100644 index f1f2e49..0000000 --- a/src/client/cache/PolicyGetter.cpp +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file PolicyGetter.cpp - * @author Zofia Abramowska - * @version 1.0 - * @brief This file contains PolicyResult getter class implementation. - */ - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include - -namespace Cynara { - -int PolicyGetter::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { - ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); - - //Ask cynara service - CheckResponsePtr checkResponse; - try { - RequestPtr request = std::make_shared(key, sequenceNumber); - ResponsePtr response = m_socketClient->askCynaraServer(request); - if (!response) { - LOGW("Disconnected by cynara server."); - return CYNARA_API_SERVICE_NOT_AVAILABLE; - } - checkResponse = std::dynamic_pointer_cast(response); - if (!checkResponse) { - LOGC("Critical error. Casting Response to CheckResponse failed."); - return CYNARA_API_ACCESS_DENIED; - } - - LOGD("checkResponse: policyType = %" PRIu16 ", metadata = %s", - checkResponse->m_resultRef.policyType(), - checkResponse->m_resultRef.metadata().c_str()); - } catch (const ServerConnectionErrorException &ex) { - LOGE("Cynara service not available."); - return CYNARA_API_SERVICE_NOT_AVAILABLE; - } - - result = checkResponse->m_resultRef; - return CYNARA_API_SUCCESS; -} - -} // namespace Cynara diff --git a/src/client/logic/Logic.cpp b/src/client/logic/Logic.cpp index a609314..2444bff 100644 --- a/src/client/logic/Logic.cpp +++ b/src/client/logic/Logic.cpp @@ -22,24 +22,33 @@ #include +#include #include +#include +#include +#include +#include #include #include +#include +#include +#include +#include #include -#include -#include -#include -#include -#include "Logic.h" +#include namespace Cynara { const std::string clientSocketPath("/run/cynara/cynara.socket"); +static ProtocolFrameSequenceNumber generateSequenceNumber(void) { + static ProtocolFrameSequenceNumber sequenceNumber = 0; + return ++sequenceNumber; +} + Logic::Logic() { m_socket = std::make_shared(clientSocketPath, std::make_shared()); - m_resultGetter = std::make_shared(m_socket); m_cache = std::make_shared(); auto naiveInterpreter = std::make_shared(); m_cache->registerPlugin(PredefinedPolicyType::ALLOW, naiveInterpreter); @@ -63,7 +72,7 @@ int Logic::check(const std::string &client, const ClientSession &session, const //No value in Cache PolicyResult result; - ret = m_resultGetter->requestResult(key, result); + ret = requestResult(key, result); if (ret != CYNARA_API_SUCCESS) { LOGE("Error fetching new entry."); return ret; @@ -72,6 +81,36 @@ int Logic::check(const std::string &client, const ClientSession &session, const return m_cache->update(session, key, result); } +int Logic::requestResult(const PolicyKey &key, PolicyResult &result) noexcept { + ProtocolFrameSequenceNumber sequenceNumber = generateSequenceNumber(); + + //Ask cynara service + CheckResponsePtr checkResponse; + try { + RequestPtr request = std::make_shared(key, sequenceNumber); + ResponsePtr response = m_socket->askCynaraServer(request); + if (!response) { + LOGW("Disconnected by cynara server."); + return CYNARA_API_SERVICE_NOT_AVAILABLE; + } + checkResponse = std::dynamic_pointer_cast(response); + if (!checkResponse) { + LOGC("Critical error. Casting Response to CheckResponse failed."); + return CYNARA_API_ACCESS_DENIED; + } + + LOGD("checkResponse: policyType = %" PRIu16 ", metadata = %s", + checkResponse->m_resultRef.policyType(), + checkResponse->m_resultRef.metadata().c_str()); + } catch (const ServerConnectionErrorException &ex) { + LOGE("Cynara service not available."); + return CYNARA_API_SERVICE_NOT_AVAILABLE; + } + + result = checkResponse->m_resultRef; + return CYNARA_API_SUCCESS; +} + void Logic::onDisconnected(void) { m_cache->clear(); } diff --git a/src/client/logic/Logic.h b/src/client/logic/Logic.h index daab6f4..16d63ab 100644 --- a/src/client/logic/Logic.h +++ b/src/client/logic/Logic.h @@ -26,6 +26,8 @@ #include #include +#include +#include #include #include @@ -35,11 +37,10 @@ namespace Cynara { class Logic : public ApiInterface { private: SocketClientPtr m_socket; - ResultGetterInterfacePtr m_resultGetter; PluginCachePtr m_cache; void onDisconnected(void); - + int requestResult(const PolicyKey &key, PolicyResult &result) noexcept; public: Logic(); virtual ~Logic() {}; -- 2.7.4 From 1f5a119d8f4ef420b80911013f5862b47d416f34 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Wed, 27 Aug 2014 19:02:55 +0200 Subject: [PATCH 05/16] Create additional packages for commons Change-Id: Idd62a30326e6f238ac885e13a8bc267fc4a8fe24 --- packaging/cynara.spec | 73 +++++++++++++++++++++++++++-- packaging/libcynara-client-commons.manifest | 5 ++ packaging/libcynara-commons.manifest | 5 ++ 3 files changed, 80 insertions(+), 3 deletions(-) create mode 100644 packaging/libcynara-client-commons.manifest create mode 100644 packaging/libcynara-commons.manifest diff --git a/packaging/cynara.spec b/packaging/cynara.spec index 0fcd718..4a6a605 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -9,6 +9,8 @@ Source1001: cynara.manifest Source1002: libcynara-client.manifest Source1003: libcynara-admin.manifest Source1004: cynara-tests.manifest +Source1005: libcynara-client-commons.manifest +Source1006: libcynara-commons.manifest Requires: default-ac-domains BuildRequires: cmake BuildRequires: zip @@ -51,6 +53,23 @@ Requires: libcynara-client = %{version}-%{release} client library (devel) for checking policies ####################################################### +%package -n libcynara-client-commons +Summary: Cynara - client commons library +Requires: cynara = %{version}-%{release} +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig + +%description -n libcynara-client-commons +client commons library with common functionalities + +%package -n libcynara-client-commons-devel +Summary: Cynara - client commons library (devel) +Requires: libcynara-client-commons = %{version}-%{release} + +%description -n libcynara-client-commons-devel +client commons library (devel) with common functionalities + +####################################################### %package -n libcynara-admin Summary: Cynara - admin client library Requires: cynara = %{version}-%{release} @@ -68,6 +87,23 @@ Requires: libcynara-admin = %{version}-%{release} admin client library (devel) for setting, listing and removing policies ####################################################### +%package -n libcynara-commons +Summary: Cynara - cynara commons library +Requires: cynara = %{version}-%{release} +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig + +%description -n libcynara-commons +cynara common library with common functionalities + +%package -n libcynara-commons-devel +Summary: Cynara - cynara commons library (devel) +Requires: libcynara-commons = %{version}-%{release} + +%description -n libcynara-commons-devel +cynara common library (devel) with common functionalities + +####################################################### %package -n cynara-tests Summary: Cynara - cynara test binaries BuildRequires: pkgconfig(gmock) @@ -90,6 +126,8 @@ cp -a %{SOURCE1001} . cp -a %{SOURCE1002} . cp -a %{SOURCE1003} . cp -a %{SOURCE1004} . +cp -a %{SOURCE1005} . +cp -a %{SOURCE1006} . %build %if 0%{?sec_build_binary_debug_enable} @@ -163,23 +201,38 @@ fi %postun -n libcynara-client -p /sbin/ldconfig +%post -n libcynara-client-commons -p /sbin/ldconfig + +%postun -n libcynara-client-commons -p /sbin/ldconfig + %post -n libcynara-admin -p /sbin/ldconfig %postun -n libcynara-admin -p /sbin/ldconfig +%post -n libcynara-commons -p /sbin/ldconfig + +%postun -n libcynara-commons -p /sbin/ldconfig + %post -n libcynara-client-devel -p /sbin/ldconfig %postun -n libcynara-client-devel -p /sbin/ldconfig +%post -n libcynara-client-commons-devel -p /sbin/ldconfig + +%postun -n libcynara-client-commons-devel -p /sbin/ldconfig + %post -n libcynara-admin-devel -p /sbin/ldconfig %postun -n libcynara-admin-devel -p /sbin/ldconfig +%post -n libcynara-commons-devel -p /sbin/ldconfig + +%postun -n libcynara-commons-devel -p /sbin/ldconfig + %files -n cynara %manifest cynara.manifest %license LICENSE %attr(755,root,root) /usr/bin/cynara -%{_libdir}/libcynara-commons.so* %attr(-,root,root) /usr/lib/systemd/system/cynara.service %attr(-,root,root) /usr/lib/systemd/system/cynara.target %attr(-,root,root) /usr/lib/systemd/system/sockets.target.wants/cynara.socket @@ -193,14 +246,20 @@ fi %license LICENSE %defattr(-,root,root,-) %{_libdir}/libcynara-client.so.* -%{_libdir}/libcynara-client-commons.so.* %files -n libcynara-client-devel %defattr(-,root,root,-) %{_includedir}/cynara/cynara-client.h -%{_includedir}/cynara/cynara-client-error.h %{_libdir}/pkgconfig/cynara-client.pc %{_libdir}/libcynara-client.so + +%files -n libcynara-client-commons +%manifest libcynara-client-commons.manifest +%license LICENSE +%{_libdir}/libcynara-client-commons.so.* + +%files -n libcynara-client-commons-devel +%{_includedir}/cynara/cynara-client-error.h %{_libdir}/libcynara-client-commons.so %files -n libcynara-admin @@ -216,6 +275,14 @@ fi %{_libdir}/libcynara-admin.so %{_libdir}/pkgconfig/cynara-admin.pc +%files -n libcynara-commons +%manifest libcynara-commons.manifest +%license LICENSE +%{_libdir}/libcynara-commons.so.* + +%files -n libcynara-commons-devel +%{_libdir}/libcynara-commons.so + %files -n cynara-tests %manifest cynara-tests.manifest %attr(755,root,root) /usr/bin/cynara-tests diff --git a/packaging/libcynara-client-commons.manifest b/packaging/libcynara-client-commons.manifest new file mode 100644 index 0000000..a76fdba --- /dev/null +++ b/packaging/libcynara-client-commons.manifest @@ -0,0 +1,5 @@ + + + + + diff --git a/packaging/libcynara-commons.manifest b/packaging/libcynara-commons.manifest new file mode 100644 index 0000000..a76fdba --- /dev/null +++ b/packaging/libcynara-commons.manifest @@ -0,0 +1,5 @@ + + + + + -- 2.7.4 From 70e713b09874f575241e417b5fff26a5efa7cbfc Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Mon, 1 Sep 2014 12:03:21 +0200 Subject: [PATCH 06/16] Add error include in API headers Change-Id: Id907a8fc93585b55b1115ae43054639d1a9088fe --- packaging/cynara.spec | 1 + src/include/cynara-admin.h | 2 ++ src/include/cynara-client.h | 2 ++ 3 files changed, 5 insertions(+) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index 4a6a605..ea556ce 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -48,6 +48,7 @@ client library for checking policies %package -n libcynara-client-devel Summary: Cynara - client library (devel) Requires: libcynara-client = %{version}-%{release} +Requires: libcynara-client-commons-devel = %{version}-%{release} %description -n libcynara-client-devel client library (devel) for checking policies diff --git a/src/include/cynara-admin.h b/src/include/cynara-admin.h index 2224140..b8aec4e 100644 --- a/src/include/cynara-admin.h +++ b/src/include/cynara-admin.h @@ -23,6 +23,8 @@ #ifndef CYNARA_ADMIN_H #define CYNARA_ADMIN_H +#include + #ifdef __cplusplus extern "C" { #endif diff --git a/src/include/cynara-client.h b/src/include/cynara-client.h index 2827ff2..5ec59e5 100644 --- a/src/include/cynara-client.h +++ b/src/include/cynara-client.h @@ -23,6 +23,8 @@ #ifndef CYNARA_CLIENT_H #define CYNARA_CLIENT_H +#include + #ifdef __cplusplus extern "C" { #endif -- 2.7.4 From b6278f007b1b3927d0e08810c6a6a7b729e553ac Mon Sep 17 00:00:00 2001 From: Jacek Bukarewicz Date: Mon, 1 Sep 2014 11:03:43 +0200 Subject: [PATCH 07/16] Move cynara package to the floor domain This makes cynara conform to the three domain security model according to which program files, libraries and static data associated with the system are given the _ (floor) label. Change-Id: I4279fbe23f37917835257191aaccaef127606788 --- packaging/cynara.manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/cynara.manifest b/packaging/cynara.manifest index f31de52..a76fdba 100644 --- a/packaging/cynara.manifest +++ b/packaging/cynara.manifest @@ -1,5 +1,5 @@ - + -- 2.7.4 From cfa9c8fc022a38c159ce5d2833fa9015144d6329 Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Sat, 30 Aug 2014 23:22:11 +0200 Subject: [PATCH 08/16] Add missing Requires for pre, post and postun scripts in spec And remove unneeded calls to ldconfig in %post and %postun sections of main package as there is no library installed there. Change-Id: I642f9cb073d8dd9b6569d43175a45a40ef51e1bb --- packaging/cynara.spec | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index ea556ce..ff98a89 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -12,6 +12,9 @@ Source1004: cynara-tests.manifest Source1005: libcynara-client-commons.manifest Source1006: libcynara-commons.manifest Requires: default-ac-domains +Requires(pre): pwdutils +Requires(post): smack +Requires(postun): pwdutils BuildRequires: cmake BuildRequires: zip BuildRequires: pkgconfig(libsystemd-daemon) @@ -39,8 +42,6 @@ and tests (cynara-tests) %package -n libcynara-client Summary: Cynara - client library Requires: cynara = %{version}-%{release} -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig %description -n libcynara-client client library for checking policies @@ -57,8 +58,6 @@ client library (devel) for checking policies %package -n libcynara-client-commons Summary: Cynara - client commons library Requires: cynara = %{version}-%{release} -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig %description -n libcynara-client-commons client commons library with common functionalities @@ -74,8 +73,6 @@ client commons library (devel) with common functionalities %package -n libcynara-admin Summary: Cynara - admin client library Requires: cynara = %{version}-%{release} -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig %description -n libcynara-admin admin client library for setting, listing and removing policies @@ -91,8 +88,6 @@ admin client library (devel) for setting, listing and removing policies %package -n libcynara-commons Summary: Cynara - cynara commons library Requires: cynara = %{version}-%{release} -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig %description -n libcynara-commons cynara common library with common functionalities @@ -181,8 +176,6 @@ chsmack -a System %{state_path} systemctl restart %{name}.service -/sbin/ldconfig - %preun if [ $1 = 0 ]; then # unistall @@ -196,8 +189,6 @@ if [ $1 = 0 ]; then systemctl daemon-reload fi -/sbin/ldconfig - %post -n libcynara-client -p /sbin/ldconfig %postun -n libcynara-client -p /sbin/ldconfig -- 2.7.4 From 300bb4b003fcf7088a092ada200a2b233babd6ef Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Sat, 30 Aug 2014 23:33:51 +0200 Subject: [PATCH 09/16] Remove not needed %defattr from cynara.spec Change-Id: I96fcb30e5e9a498b69505361150e7b0ffdbebb62 --- packaging/cynara.spec | 4 ---- 1 file changed, 4 deletions(-) diff --git a/packaging/cynara.spec b/packaging/cynara.spec index ff98a89..77759cb 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -236,11 +236,9 @@ fi %files -n libcynara-client %manifest libcynara-client.manifest %license LICENSE -%defattr(-,root,root,-) %{_libdir}/libcynara-client.so.* %files -n libcynara-client-devel -%defattr(-,root,root,-) %{_includedir}/cynara/cynara-client.h %{_libdir}/pkgconfig/cynara-client.pc %{_libdir}/libcynara-client.so @@ -257,11 +255,9 @@ fi %files -n libcynara-admin %manifest libcynara-admin.manifest %license LICENSE -%defattr(-,root,root,-) %{_libdir}/libcynara-admin.so.* %files -n libcynara-admin-devel -%defattr(-,root,root,-) %{_includedir}/cynara/cynara-admin.h %{_includedir}/cynara/cynara-admin-error.h %{_libdir}/libcynara-admin.so -- 2.7.4 From 5b044e7e7710cab74f74bd33f73386ac3544e81b Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Sun, 31 Aug 2014 03:34:13 +0200 Subject: [PATCH 10/16] Remove -fPIC flag Explicit definition of this flag in not needed. They are added by default when sources are used to create SHARED librray in cmake. Change-Id: I9027835a932b7f46941a5007ddfcce08f85fb38d --- CMakeLists.txt | 5 ----- src/admin/CMakeLists.txt | 2 +- src/common/CMakeLists.txt | 2 +- 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 38c37d7..7fc747b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -36,11 +36,6 @@ SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2") SET(CMAKE_C_FLAGS_CCOV "-g -O2 --coverage") SET(CMAKE_CXX_FLAGS_CCOV "-g -std=c++0x -O2 --coverage") -# If supported for the target machine, emit position-independent code,suitable -# for dynamic linking and avoiding any limit on the size of the global offset -# table. This option makes a difference on the m68k, PowerPC and SPARC. -ADD_DEFINITIONS("-fPIC") - # Set compiler warning flags ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings diff --git a/src/admin/CMakeLists.txt b/src/admin/CMakeLists.txt index 9f53d55..e435d29 100644 --- a/src/admin/CMakeLists.txt +++ b/src/admin/CMakeLists.txt @@ -36,7 +36,7 @@ ADD_LIBRARY(${TARGET_LIB_CYNARA_ADMIN} SHARED ${LIB_CYNARA_ADMIN_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_LIB_CYNARA_ADMIN} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=hidden" + COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=hidden" SOVERSION ${LIB_CYNARA_ADMIN_VERSION_MAJOR} VERSION ${LIB_CYNARA_ADMIN_VERSION} ) diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index aef2ae7..3113784 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -58,7 +58,7 @@ ADD_LIBRARY(${TARGET_CYNARA_COMMON} SHARED ${COMMON_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_CYNARA_COMMON} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=default" + COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=default" SOVERSION ${CYNARA_COMMON_VERSION_MAJOR} VERSION ${CYNARA_COMMON_VERSION} ) -- 2.7.4 From 21175a334b806bf50f53d4aab1db2c8daa04015f Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Mon, 1 Sep 2014 18:34:17 +0200 Subject: [PATCH 11/16] build: rename ambiguous "build" directory to "pkgconfig" Directory supporting generation of package config files was named "build" for no good reason. It was inherited from security-server code base. Change-Id: I17bba90c9de09b2637b50d7d60b436170f3631df Signed-off-by: Rafal Krypa --- CMakeLists.txt | 2 +- {build => pkgconfig}/CMakeLists.txt | 0 {build => pkgconfig}/cynara-admin/CMakeLists.txt | 2 +- {build => pkgconfig}/cynara-admin/cynara-admin.pc.in | 0 {build => pkgconfig}/cynara-client/CMakeLists.txt | 2 +- {build => pkgconfig}/cynara-client/cynara-client.pc.in | 0 6 files changed, 3 insertions(+), 3 deletions(-) rename {build => pkgconfig}/CMakeLists.txt (100%) rename {build => pkgconfig}/cynara-admin/CMakeLists.txt (93%) rename {build => pkgconfig}/cynara-admin/cynara-admin.pc.in (100%) rename {build => pkgconfig}/cynara-client/CMakeLists.txt (93%) rename {build => pkgconfig}/cynara-client/cynara-client.pc.in (100%) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7fc747b..e4da838 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -57,5 +57,5 @@ SET(TARGET_CYNARA_TESTS "cynara-tests") ADD_SUBDIRECTORY(src) ADD_SUBDIRECTORY(test) -ADD_SUBDIRECTORY(build) +ADD_SUBDIRECTORY(pkgconfig) ADD_SUBDIRECTORY(systemd) diff --git a/build/CMakeLists.txt b/pkgconfig/CMakeLists.txt similarity index 100% rename from build/CMakeLists.txt rename to pkgconfig/CMakeLists.txt diff --git a/build/cynara-admin/CMakeLists.txt b/pkgconfig/cynara-admin/CMakeLists.txt similarity index 93% rename from build/cynara-admin/CMakeLists.txt rename to pkgconfig/cynara-admin/CMakeLists.txt index 215d6d7..6adc6b9 100644 --- a/build/cynara-admin/CMakeLists.txt +++ b/pkgconfig/cynara-admin/CMakeLists.txt @@ -20,7 +20,7 @@ CONFIGURE_FILE(cynara-admin.pc.in cynara-admin.pc @ONLY) INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/cynara-admin/cynara-admin.pc + cynara-admin.pc DESTINATION ${LIB_INSTALL_DIR}/pkgconfig ) diff --git a/build/cynara-admin/cynara-admin.pc.in b/pkgconfig/cynara-admin/cynara-admin.pc.in similarity index 100% rename from build/cynara-admin/cynara-admin.pc.in rename to pkgconfig/cynara-admin/cynara-admin.pc.in diff --git a/build/cynara-client/CMakeLists.txt b/pkgconfig/cynara-client/CMakeLists.txt similarity index 93% rename from build/cynara-client/CMakeLists.txt rename to pkgconfig/cynara-client/CMakeLists.txt index b23c222..ecb78c7 100644 --- a/build/cynara-client/CMakeLists.txt +++ b/pkgconfig/cynara-client/CMakeLists.txt @@ -20,7 +20,7 @@ CONFIGURE_FILE(cynara-client.pc.in cynara-client.pc @ONLY) INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/cynara-client/cynara-client.pc + cynara-client.pc DESTINATION ${LIB_INSTALL_DIR}/pkgconfig ) diff --git a/build/cynara-client/cynara-client.pc.in b/pkgconfig/cynara-client/cynara-client.pc.in similarity index 100% rename from build/cynara-client/cynara-client.pc.in rename to pkgconfig/cynara-client/cynara-client.pc.in -- 2.7.4 From def3b0096e1e90ba3541037ca668fb5884cae432 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Mon, 1 Sep 2014 18:38:08 +0200 Subject: [PATCH 12/16] build: install systemd files under CMAKE_INSTALL_PREFIX Don't use absolute path for installation of systemd config files. Change-Id: If796cad7a0fdcd32d8179a0de7bc0958f173e35b Signed-off-by: Rafal Krypa --- systemd/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt index 4076688..8fc27e7 100644 --- a/systemd/CMakeLists.txt +++ b/systemd/CMakeLists.txt @@ -22,6 +22,6 @@ INSTALL(FILES ${CMAKE_SOURCE_DIR}/systemd/cynara.socket ${CMAKE_SOURCE_DIR}/systemd/cynara-admin.socket DESTINATION - /usr/lib/systemd/system + lib/systemd/system ) -- 2.7.4 From b8e1998ecd034e8bf2b028ede186d6a32d7758f9 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Wed, 3 Sep 2014 14:03:02 +0200 Subject: [PATCH 13/16] build: drop D_GNU_SOURCE flag, refactor symbol visibility setting Cynara code doesn't use GNU specific features. There is no need to define _GNU_SOURCE. Also set -fvisibility=hidden by default for all targets and change it only where needed (for building common library). Change-Id: Ie8f46522866b4f475c09b4e6e57f824defed0e5c Signed-off-by: Rafal Krypa --- CMakeLists.txt | 3 +++ src/admin/CMakeLists.txt | 1 - src/client-common/CMakeLists.txt | 3 ++- src/client/CMakeLists.txt | 1 - src/common/CMakeLists.txt | 3 ++- src/service/CMakeLists.txt | 5 ----- 6 files changed, 7 insertions(+), 9 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index e4da838..98ae1ae 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -41,6 +41,9 @@ ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings +# Don't export symbols by default +ADD_DEFINITIONS("-fvisibility=hidden") + STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}") ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"") diff --git a/src/admin/CMakeLists.txt b/src/admin/CMakeLists.txt index e435d29..cc3d7ac 100644 --- a/src/admin/CMakeLists.txt +++ b/src/admin/CMakeLists.txt @@ -36,7 +36,6 @@ ADD_LIBRARY(${TARGET_LIB_CYNARA_ADMIN} SHARED ${LIB_CYNARA_ADMIN_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_LIB_CYNARA_ADMIN} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=hidden" SOVERSION ${LIB_CYNARA_ADMIN_VERSION_MAJOR} VERSION ${LIB_CYNARA_ADMIN_VERSION} ) diff --git a/src/client-common/CMakeLists.txt b/src/client-common/CMakeLists.txt index fdc41c6..dd05c79 100644 --- a/src/client-common/CMakeLists.txt +++ b/src/client-common/CMakeLists.txt @@ -30,12 +30,13 @@ SET(LIB_CYNARA_COMMON_SOURCES ${LIB_CYNARA_COMMON_PATH}/cache/CapacityCache.cpp ) +ADD_DEFINITIONS("-fvisibility=default") + ADD_LIBRARY(${TARGET_LIB_CYNARA_COMMON} SHARED ${LIB_CYNARA_COMMON_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_LIB_CYNARA_COMMON} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE" SOVERSION ${LIB_CYNARA_CLIENT_COMMON_VERSION_MAJOR} VERSION ${LIB_CYNARA_CLIENT_COMMON_VERSION} ) diff --git a/src/client/CMakeLists.txt b/src/client/CMakeLists.txt index 09a023e..d364e2d 100644 --- a/src/client/CMakeLists.txt +++ b/src/client/CMakeLists.txt @@ -38,7 +38,6 @@ ADD_LIBRARY(${TARGET_LIB_CYNARA} SHARED ${LIB_CYNARA_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_LIB_CYNARA} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=hidden" SOVERSION ${LIB_CYNARA_VERSION_MAJOR} VERSION ${LIB_CYNARA_VERSION} ) diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index 3113784..f489b44 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -53,12 +53,13 @@ SET(COMMON_SOURCES ${COMMON_SOURCES} ) ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG") +ADD_DEFINITIONS("-fvisibility=default") + ADD_LIBRARY(${TARGET_CYNARA_COMMON} SHARED ${COMMON_SOURCES}) SET_TARGET_PROPERTIES( ${TARGET_CYNARA_COMMON} PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=default" SOVERSION ${CYNARA_COMMON_VERSION_MAJOR} VERSION ${CYNARA_COMMON_VERSION} ) diff --git a/src/service/CMakeLists.txt b/src/service/CMakeLists.txt index 9f11ab8..47482eb 100644 --- a/src/service/CMakeLists.txt +++ b/src/service/CMakeLists.txt @@ -31,11 +31,6 @@ SET(CYNARA_SOURCES ${CYNARA_SERVICE_PATH}/storage/StorageSerializer.cpp ) -SET_SOURCE_FILES_PROPERTIES( - ${CYNARA_SOURCES} - PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fvisibility=hidden") - INCLUDE_DIRECTORIES( ${CYNARA_SERVICE_PATH} ) -- 2.7.4 From 7b0c554437300f2e836270324786ef54a9d06d94 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Mon, 1 Sep 2014 18:31:04 +0200 Subject: [PATCH 14/16] build: drop unused definition of API_VERSION This is probably copied from some template, but never used. Change-Id: I455bb316b65121ff9ed509884d40c0c14668efce Signed-off-by: Rafal Krypa --- CMakeLists.txt | 2 -- packaging/cynara.spec | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 98ae1ae..c8f1482 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -44,8 +44,6 @@ ADD_DEFINITIONS("-Wextra") # Generate even more extra warni # Don't export symbols by default ADD_DEFINITIONS("-fvisibility=hidden") -STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}") -ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"") IF (CMAKE_BUILD_TYPE MATCHES "DEBUG") ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG") diff --git a/packaging/cynara.spec b/packaging/cynara.spec index 77759cb..5890e9b 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -135,7 +135,7 @@ export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE" export CXXFLAGS="$CXXFLAGS -DCYNARA_STATE_PATH=\\\"%{state_path}\\\"" export LDFLAGS+="-Wl,--rpath=%{_libdir}" -%cmake . -DVERSION=%{version} \ +%cmake . \ -DCMAKE_BUILD_TYPE=%{?build_type} \ -DCMAKE_VERBOSE_MAKEFILE=ON make %{?jobs:-j%jobs} -- 2.7.4 From 2298a060e825301181c7c865424fa1f4ea0abb46 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Tue, 2 Sep 2014 10:48:12 +0200 Subject: [PATCH 15/16] build: clean up settings of compiler flags Compiler flags are set in main CMakeLists.txt. This part of the file looks like a template inherited from other projects and requires some clean up: - drop C flags, there are no C source files. - move fortify flags to spec, they are specific to Tizen build system. - use Cmake built-in features for detection of compiler support for C++11 Change-Id: I40cb76934334c31d7ac59328eed217e08902b187 Signed-off-by: Rafal Krypa --- CMakeLists.txt | 24 ++++++++++++++++-------- packaging/cynara.spec | 6 ++++-- 2 files changed, 20 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c8f1482..ab478f9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -24,17 +24,25 @@ PROJECT("cynara") ############################# cmake packages ################################## INCLUDE(FindPkgConfig) +INCLUDE(CheckCXXCompilerFlag) ############################# compiler flags ################################## -SET(CMAKE_C_FLAGS_PROFILING "-g -O0 -pg") -SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++0x -O0 -pg -Wp,-U_FORTIFY_SOURCE") -SET(CMAKE_C_FLAGS_DEBUG "-g -O0 -ggdb") -SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++0x -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") -SET(CMAKE_C_FLAGS_RELEASE "-g -O2") -SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2") -SET(CMAKE_C_FLAGS_CCOV "-g -O2 --coverage") -SET(CMAKE_CXX_FLAGS_CCOV "-g -std=c++0x -O2 --coverage") +SET(CMAKE_CXX_FLAGS_PROFILING "-O0 -g -pg") +SET(CMAKE_CXX_FLAGS_DEBUG "-O0 -g -ggdb") +SET(CMAKE_CXX_FLAGS_RELEASE "-O2 -g") +SET(CMAKE_CXX_FLAGS_CCOV "-O2 -g --coverage") + +# Check for C++11 support and enable proper compilation flags +CHECK_CXX_COMPILER_FLAG("-std=c++11" COMPILER_SUPPORTS_CXX11) +CHECK_CXX_COMPILER_FLAG("-std=c++0x" COMPILER_SUPPORTS_CXX0X) +IF(COMPILER_SUPPORTS_CXX11) + SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") +ELSEIF(COMPILER_SUPPORTS_CXX0X) + SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++0x") +ELSE() + MESSAGE(STATUS "The compiler ${CMAKE_CXX_COMPILER} has no C++11 support. Please use a different C++ compiler.") +ENDIF() # Set compiler warning flags ADD_DEFINITIONS("-Werror") # Make all warnings into errors. diff --git a/packaging/cynara.spec b/packaging/cynara.spec index 5890e9b..f2a8d72 100644 --- a/packaging/cynara.spec +++ b/packaging/cynara.spec @@ -127,9 +127,11 @@ cp -a %{SOURCE1006} . %build %if 0%{?sec_build_binary_debug_enable} -export CFLAGS="$CFLAGS -DTIZEN_DEBUG_ENABLE" export CXXFLAGS="$CXXFLAGS -DTIZEN_DEBUG_ENABLE" -export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE" +%endif + +%if %{?build_type} == "DEBUG" +export CXXFLAGS="$CXXFLAGS -Wp,-U_FORTIFY_SOURCE" %endif export CXXFLAGS="$CXXFLAGS -DCYNARA_STATE_PATH=\\\"%{state_path}\\\"" -- 2.7.4 From 274687f9228b4395c48a359babb73c83a85ba4ca Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Mon, 1 Sep 2014 18:49:40 +0200 Subject: [PATCH 16/16] Fix inclusion of libunwind when not building for debug Conditional inclusion of libunwind.h didn't properly depend on definition of BUILD_TYPE_DEBUG. But only debug build checks for libunwind dependency. Change-Id: I2158d09ae2880e9869246d75049aa1f23b8c4bcc Signed-off-by: Rafal Krypa --- src/common/log/Backtrace.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/log/Backtrace.h b/src/common/log/Backtrace.h index df023ba..c96f29d 100644 --- a/src/common/log/Backtrace.h +++ b/src/common/log/Backtrace.h @@ -25,7 +25,7 @@ #ifndef SRC_COMMON_LOG_BACKTRACE_H_ #define SRC_COMMON_LOG_BACKTRACE_H_ -#ifndef CYNARA_NO_LOGS +#if defined(BUILD_TYPE_DEBUG) && !defined(CYNARA_NO_LOGS) #define UNW_LOCAL_ONLY #include #endif @@ -53,7 +53,7 @@ private: void operator=(Backtrace const &) = delete; const std::string buildBacktrace(void); -#ifndef CYNARA_NO_LOGS +#if defined(BUILD_TYPE_DEBUG) && !defined(CYNARA_NO_LOGS) void getSourceInfo(unw_word_t proc_address); #endif -- 2.7.4