diff options
Diffstat (limited to 'src/components/security_manager')
6 files changed, 17 insertions, 30 deletions
diff --git a/src/components/security_manager/include/security_manager/crypto_manager_impl.h b/src/components/security_manager/include/security_manager/crypto_manager_impl.h index c31e02cf48..228666d22f 100644 --- a/src/components/security_manager/include/security_manager/crypto_manager_impl.h +++ b/src/components/security_manager/include/security_manager/crypto_manager_impl.h @@ -152,15 +152,8 @@ class CryptoManagerImpl : public CryptoManager { private: bool set_certificate(const std::string& cert_data); - - /** - * @brief Sets initial certificate datetime - */ - void InitCertExpTime(); - const utils::SharedPtr<const CryptoManagerSettings> settings_; SSL_CTX* context_; - mutable struct tm expiration_time_; static uint32_t instance_count_; static sync_primitives::Lock instance_lock_; DISALLOW_COPY_AND_ASSIGN(CryptoManagerImpl); diff --git a/src/components/security_manager/include/security_manager/security_manager_impl.h b/src/components/security_manager/include/security_manager/security_manager_impl.h index dc0284c128..70b87de0ef 100644 --- a/src/components/security_manager/include/security_manager/security_manager_impl.h +++ b/src/components/security_manager/include/security_manager/security_manager_impl.h @@ -143,6 +143,7 @@ class SecurityManagerImpl : public SecurityManager, * Do not notify listeners, send security error on occure * \param connection_key Unique key used by other components as session * identifier + * @param cc_strategy - SSL context creation strategy * @return new \c SSLContext or \c NULL on any error */ SSLContext* CreateSSLContext(const uint32_t& connection_key, @@ -163,6 +164,7 @@ class SecurityManagerImpl : public SecurityManager, /** * @brief Checks whether certificate should be updated + * @param connection_key the connection identifier to check certificate for. * @return true if certificate should be updated otherwise false */ bool IsCertificateUpdateRequired(const uint32_t connection_key) OVERRIDE; diff --git a/src/components/security_manager/src/crypto_manager_impl.cc b/src/components/security_manager/src/crypto_manager_impl.cc index bdf266fda8..1e1b4ef44a 100644 --- a/src/components/security_manager/src/crypto_manager_impl.cc +++ b/src/components/security_manager/src/crypto_manager_impl.cc @@ -98,7 +98,6 @@ CryptoManagerImpl::CryptoManagerImpl( OpenSSL_add_all_algorithms(); SSL_library_init(); } - InitCertExpTime(); } CryptoManagerImpl::~CryptoManagerImpl() { @@ -360,18 +359,4 @@ bool CryptoManagerImpl::set_certificate(const std::string& cert_data) { return true; } -int CryptoManagerImpl::SSLContextImpl::get_number_from_char_buf( - char* buf, int* idx) const { - if (!idx) { - return 0; - } - const int val = ((buf[*idx] - '0') * 10) + buf[(*idx) + 1] - '0'; - *idx = *idx + 2; - return val; -} - -void CryptoManagerImpl::InitCertExpTime() { - strptime("1 Jan 1970 00:00:00", "%d %b %Y %H:%M:%S", &expiration_time_); -} - } // namespace security_manager diff --git a/src/components/security_manager/src/security_manager_impl.cc b/src/components/security_manager/src/security_manager_impl.cc index 66a85956a5..401491c5dc 100644 --- a/src/components/security_manager/src/security_manager_impl.cc +++ b/src/components/security_manager/src/security_manager_impl.cc @@ -60,7 +60,7 @@ SecurityManagerImpl::SecurityManagerImpl( } SecurityManagerImpl::~SecurityManagerImpl() { - system_time_handler_->UnSubscribeFromSystemTime(this); + system_time_handler_->UnsubscribeFromSystemTime(this); } void SecurityManagerImpl::OnMessageReceived( @@ -242,7 +242,7 @@ void SecurityManagerImpl::StartHandshake(uint32_t connection_key) { LOG4CXX_ERROR(logger_, "Security certificate is absent"); sync_primitives::AutoLock lock(waiters_lock_); waiting_for_certificate_ = true; - NotifyOnCertififcateUpdateRequired(); + NotifyOnCertificateUpdateRequired(); } { @@ -293,7 +293,7 @@ void SecurityManagerImpl::ProceedHandshake( waiting_for_certificate_ = true; } PostponeHandshake(connection_key); - NotifyOnCertififcateUpdateRequired(); + NotifyOnCertificateUpdateRequired(); return; } @@ -369,7 +369,7 @@ bool SecurityManagerImpl::OnCertificateUpdated(const std::string& data) { awaiting_certificate_connections_.end(), std::bind1st(std::mem_fun(&SecurityManagerImpl::ResumeHandshake), this)); - std::set<uint32_t>().swap(awaiting_certificate_connections_); + awaiting_certificate_connections_.clear(); return true; } @@ -385,7 +385,7 @@ void SecurityManagerImpl::OnSystemTimeArrived(const time_t utc_time) { awaiting_time_connections_.end(), std::bind1st(std::mem_fun(&SecurityManagerImpl::ResumeHandshake), this)); - std::set<uint32_t>().swap(awaiting_time_connections_); + awaiting_time_connections_.clear(); } void SecurityManagerImpl::NotifyListenersOnHandshakeDone( diff --git a/src/components/security_manager/src/ssl_context_impl.cc b/src/components/security_manager/src/ssl_context_impl.cc index bccb885511..866e825e0b 100644 --- a/src/components/security_manager/src/ssl_context_impl.cc +++ b/src/components/security_manager/src/ssl_context_impl.cc @@ -280,6 +280,16 @@ CryptoManagerImpl::SSLContextImpl::CheckCertContext() { return Handshake_Result_Success; } +int CryptoManagerImpl::SSLContextImpl::get_number_from_char_buf( + char* buf, int* idx) const { + if (!idx) { + return 0; + } + const int val = ((buf[*idx] - '0') * 10) + buf[(*idx) + 1] - '0'; + *idx = *idx + 2; + return val; +} + time_t CryptoManagerImpl::SSLContextImpl::convert_asn1_time_to_time_t( ASN1_TIME* time_to_convert) const { struct tm cert_time; diff --git a/src/components/security_manager/test/ssl_certificate_handshake_test.cc b/src/components/security_manager/test/ssl_certificate_handshake_test.cc index f6521c253a..dc335c8da2 100644 --- a/src/components/security_manager/test/ssl_certificate_handshake_test.cc +++ b/src/components/security_manager/test/ssl_certificate_handshake_test.cc @@ -335,9 +335,6 @@ class SSLHandshakeTest : public testing::Test { std::string client_certificate_; std::string client_ciphers_list_; std::string client_ca_certificate_path_; - - std::vector<int> forced_protected_services_; - std::vector<int> forced_unprotected_services_; }; TEST_F(SSLHandshakeTest, NoVerification) { |