summaryrefslogtreecommitdiff
path: root/src/components/protocol_handler/src/handshake_handler.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/components/protocol_handler/src/handshake_handler.cc')
-rw-r--r--src/components/protocol_handler/src/handshake_handler.cc93
1 files changed, 66 insertions, 27 deletions
diff --git a/src/components/protocol_handler/src/handshake_handler.cc b/src/components/protocol_handler/src/handshake_handler.cc
index 3b4ae6ef1f..4d306fd330 100644
--- a/src/components/protocol_handler/src/handshake_handler.cc
+++ b/src/components/protocol_handler/src/handshake_handler.cc
@@ -42,7 +42,7 @@
namespace protocol_handler {
-CREATE_LOGGERPTR_GLOBAL(logger_, "ProtocolHandler")
+SDL_CREATE_LOG_VARIABLE("ProtocolHandler")
HandshakeHandler::HandshakeHandler(
ProtocolHandlerImpl& protocol_handler,
@@ -61,7 +61,7 @@ HandshakeHandler::HandshakeHandler(
, service_status_update_handler_(service_status_update_handler) {}
HandshakeHandler::~HandshakeHandler() {
- LOG4CXX_DEBUG(logger_, "Destroying of HandshakeHandler: " << this);
+ SDL_LOG_DEBUG("Destroying of HandshakeHandler: " << this);
}
uint32_t HandshakeHandler::connection_key() const {
@@ -79,14 +79,16 @@ bool HandshakeHandler::GetPolicyCertificateData(std::string& data) const {
}
void HandshakeHandler::OnCertificateUpdateRequired() {
- LOG4CXX_AUTO_TRACE(logger_);
+ SDL_LOG_AUTO_TRACE();
}
#if defined(EXTERNAL_PROPRIETARY_MODE) && defined(ENABLE_SECURITY)
bool HandshakeHandler::OnCertDecryptFailed() {
- LOG4CXX_AUTO_TRACE(logger_);
+ SDL_LOG_AUTO_TRACE();
if (payload_) {
- ProcessFailedHandshake(*payload_, ServiceStatus::CERT_INVALID);
+ ProcessFailedHandshake(*payload_,
+ ServiceStatus::CERT_INVALID,
+ "Failed to decrypt the certificate");
}
return true;
@@ -94,7 +96,7 @@ bool HandshakeHandler::OnCertDecryptFailed() {
#endif
bool HandshakeHandler::OnGetSystemTimeFailed() {
- LOG4CXX_AUTO_TRACE(logger_);
+ SDL_LOG_AUTO_TRACE();
if (payload_) {
ProcessFailedHandshake(*payload_, ServiceStatus::INVALID_TIME);
@@ -109,7 +111,7 @@ bool HandshakeHandler::OnGetSystemTimeFailed() {
}
bool HandshakeHandler::OnPTUFailed() {
- LOG4CXX_AUTO_TRACE(logger_);
+ SDL_LOG_AUTO_TRACE();
if (payload_) {
ProcessFailedHandshake(*payload_, ServiceStatus::PTU_FAILED);
}
@@ -120,14 +122,12 @@ bool HandshakeHandler::OnPTUFailed() {
bool HandshakeHandler::OnHandshakeDone(
uint32_t connection_key,
security_manager::SSLContext::HandshakeResult result) {
- LOG4CXX_AUTO_TRACE(logger_);
+ SDL_LOG_AUTO_TRACE();
- LOG4CXX_DEBUG(logger_,
- "OnHandshakeDone for service : " << context_.service_type_);
+ SDL_LOG_DEBUG("OnHandshakeDone for service : " << context_.service_type_);
if (connection_key != this->primary_connection_key()) {
- LOG4CXX_DEBUG(logger_,
- "Listener " << this
+ SDL_LOG_DEBUG("Listener " << this
<< " expects notification for connection id: "
<< this->primary_connection_key()
<< ". Received notification for connection id "
@@ -138,11 +138,34 @@ bool HandshakeHandler::OnHandshakeDone(
const bool success =
result == security_manager::SSLContext::Handshake_Result_Success;
+ auto getInvalidCertReason =
+ [](const security_manager::SSLContext::HandshakeResult& result) {
+ switch (result) {
+ case security_manager::SSLContext::Handshake_Result_CertExpired:
+ return "Certificate already expired";
+ case security_manager::SSLContext::Handshake_Result_NotYetValid:
+ return "Certificate is not yet valid";
+ case security_manager::SSLContext::Handshake_Result_CertNotSigned:
+ return "Certificate is not signed";
+ case security_manager::SSLContext::Handshake_Result_AppIDMismatch:
+ return "Trying to run handshake with wrong app id";
+ case security_manager::SSLContext::Handshake_Result_AppNameMismatch:
+ return "Trying to run handshake with wrong app name";
+ case security_manager::SSLContext::Handshake_Result_AbnormalFail:
+ return "Error occurred during handshake";
+ case security_manager::SSLContext::Handshake_Result_Fail:
+ return "";
+ default:
+ return "";
+ }
+ };
+
if (payload_) {
if (success) {
ProcessSuccessfulHandshake(connection_key, *payload_);
} else {
- ProcessFailedHandshake(*payload_, ServiceStatus::CERT_INVALID);
+ ProcessFailedHandshake(
+ *payload_, ServiceStatus::CERT_INVALID, getInvalidCertReason(result));
}
} else {
BsonObject params;
@@ -150,7 +173,8 @@ bool HandshakeHandler::OnHandshakeDone(
if (success) {
ProcessSuccessfulHandshake(connection_key, params);
} else {
- ProcessFailedHandshake(params, ServiceStatus::CERT_INVALID);
+ ProcessFailedHandshake(
+ params, ServiceStatus::CERT_INVALID, getInvalidCertReason(result));
}
bson_object_deinitialize(&params);
}
@@ -172,14 +196,13 @@ bool HandshakeHandler::IsAlreadyProtected() const {
void HandshakeHandler::ProcessSuccessfulHandshake(const uint32_t connection_key,
BsonObject& params) {
- LOG4CXX_AUTO_TRACE(logger_);
+ SDL_LOG_AUTO_TRACE();
const bool is_service_already_protected = IsAlreadyProtected();
const bool can_be_protected = CanBeProtected();
- LOG4CXX_DEBUG(logger_,
- "Service can be protected: " << can_be_protected
+ SDL_LOG_DEBUG("Service can be protected: " << can_be_protected
<< " and service was protected: "
<< is_service_already_protected);
@@ -202,17 +225,22 @@ void HandshakeHandler::ProcessSuccessfulHandshake(const uint32_t connection_key,
this->connection_key(),
context_.service_type_,
ServiceStatus::SERVICE_START_FAILED);
+
protocol_handler_.SendStartSessionNAck(context_.connection_id_,
context_.new_session_id_,
protocol_version_,
- context_.service_type_);
+ context_.service_type_,
+ (is_service_already_protected)
+ ? "Service is already protected"
+ : "Service cannot be protected");
}
}
void HandshakeHandler::ProcessFailedHandshake(BsonObject& params,
- ServiceStatus service_status) {
- LOG4CXX_AUTO_TRACE(logger_);
- LOG4CXX_DEBUG(logger_, "Handshake failed");
+ ServiceStatus service_status,
+ std::string err_reason) {
+ SDL_LOG_AUTO_TRACE();
+ SDL_LOG_DEBUG("Handshake failed");
const std::vector<int>& force_protected =
protocol_handler_.get_settings().force_protected_service();
@@ -221,8 +249,7 @@ void HandshakeHandler::ProcessFailedHandshake(BsonObject& params,
force_protected.end(),
context_.service_type_) == force_protected.end();
- LOG4CXX_DEBUG(logger_,
- "Service can be unprotected: " << can_be_unprotected
+ SDL_LOG_DEBUG("Service can be unprotected: " << can_be_unprotected
<< " and this is a new service: "
<< context_.is_new_service_);
@@ -242,10 +269,22 @@ void HandshakeHandler::ProcessFailedHandshake(BsonObject& params,
} else {
service_status_update_handler_.OnServiceUpdate(
this->connection_key(), context_.service_type_, service_status);
- protocol_handler_.SendStartSessionNAck(context_.connection_id_,
- context_.new_session_id_,
- protocol_version_,
- context_.service_type_);
+
+ std::string reason_msg =
+ (service_status == ServiceStatus::PTU_FAILED)
+ ? "Policy Table Update failed"
+ : (service_status == ServiceStatus::CERT_INVALID)
+ ? "Invalid certificate"
+ : (service_status == ServiceStatus::INVALID_TIME)
+ ? "Failed to get system time"
+ : "Unknown cause of failure";
+
+ protocol_handler_.SendStartSessionNAck(
+ context_.connection_id_,
+ context_.new_session_id_,
+ protocol_version_,
+ context_.service_type_,
+ reason_msg + (err_reason.empty() ? "" : ": " + err_reason));
}
}
View Lorry Controller Status