From 112c685ae48d7cf939e3d2147453de1719862ec6 Mon Sep 17 00:00:00 2001
From: AKalinich-Luxoft <AKalinich@luxoft.com>
Date: Mon, 4 Jun 2018 17:19:21 +0300
Subject: Move out unrelated to feature changes

There was included some changes related to
certificate processing. They will be included
into related pull request
---
 .../src/policies/policy_handler.cc                 | 10 +--
 .../src/connection_handler_impl.cc                 |  8 ++
 .../include/protocol_handler/session_observer.h    |  7 +-
 .../policy_external/src/policy_manager_impl.cc     | 16 ++--
 .../protocol_handler/protocol_handler_impl.h       |  6 ++
 .../protocol_handler/src/protocol_handler_impl.cc  | 91 +++++++++++++++++++++-
 6 files changed, 123 insertions(+), 15 deletions(-)

diff --git a/src/components/application_manager/src/policies/policy_handler.cc b/src/components/application_manager/src/policies/policy_handler.cc
index 98fb6bae65..bbf391a9f1 100644
--- a/src/components/application_manager/src/policies/policy_handler.cc
+++ b/src/components/application_manager/src/policies/policy_handler.cc
@@ -1765,11 +1765,11 @@ void PolicyHandler::OnCertificateDecrypted(bool is_succeeded) {
 void PolicyHandler::OnCertificateUpdated(const std::string& certificate_data) {
   LOG4CXX_AUTO_TRACE(logger_);
   sync_primitives::AutoLock lock(listeners_lock_);
-  std::for_each(
-      listeners_.begin(),
-      listeners_.end(),
-      std::bind2nd(std::mem_fun(&PolicyHandlerObserver::OnCertificateUpdated),
-                   certificate_data));
+  HandlersCollection::const_iterator it = listeners_.begin();
+  for (; it != listeners_.end(); ++it) {
+    PolicyHandlerObserver* observer = *it;
+    observer->OnCertificateUpdated(certificate_data);
+  }
 }
 #endif  // EXTERNAL_PROPRIETARY_MODE
 
diff --git a/src/components/connection_handler/src/connection_handler_impl.cc b/src/components/connection_handler/src/connection_handler_impl.cc
index 59865ac4b2..b97c6eacd4 100644
--- a/src/components/connection_handler/src/connection_handler_impl.cc
+++ b/src/components/connection_handler/src/connection_handler_impl.cc
@@ -467,6 +467,14 @@ void ConnectionHandlerImpl::OnSessionStartedCallback(
     const uint32_t session_key =
         KeyFromPair(connection_handle, context.new_session_id_);
 
+    uint32_t app_id = 0;
+    GetDataOnSessionKey(
+        session_key, &app_id, NULL, static_cast<DeviceHandle*>(NULL));
+    if (app_id > 0) {
+      context.is_ptu_required_ =
+          !connection_handler_observer_->CheckAppIsNavi(app_id);
+    }
+
     {
       sync_primitives::AutoLock auto_lock(start_service_context_map_lock_);
       start_service_context_map_[session_key] = context;
diff --git a/src/components/include/protocol_handler/session_observer.h b/src/components/include/protocol_handler/session_observer.h
index 242775bf25..3482c6569c 100644
--- a/src/components/include/protocol_handler/session_observer.h
+++ b/src/components/include/protocol_handler/session_observer.h
@@ -66,6 +66,7 @@ struct SessionContext {
   uint32_t hash_id_;
   bool is_protected_;
   bool is_new_service_;
+  bool is_ptu_required_;
 
   /**
    * @brief Constructor
@@ -77,7 +78,8 @@ struct SessionContext {
       , service_type_(protocol_handler::kInvalidServiceType)
       , hash_id_(0)
       , is_protected_(false)
-      , is_new_service_(false) {}
+      , is_new_service_(false)
+      , is_ptu_required_(false) {}
 
   /**
    * @brief Constructor
@@ -103,7 +105,8 @@ struct SessionContext {
       , service_type_(service_type)
       , hash_id_(hash_id)
       , is_protected_(is_protected)
-      , is_new_service_(false) {}
+      , is_new_service_(false)
+      , is_ptu_required_(false) {}
 };
 
 /**
diff --git a/src/components/policy/policy_external/src/policy_manager_impl.cc b/src/components/policy/policy_external/src/policy_manager_impl.cc
index f84df92dba..cc5e64d254 100644
--- a/src/components/policy/policy_external/src/policy_manager_impl.cc
+++ b/src/components/policy/policy_external/src/policy_manager_impl.cc
@@ -588,7 +588,8 @@ void PolicyManagerImpl::CheckPermissions(const PTString& app_id,
     policy_table::FunctionalGroupings functional_groupings;
     cache_->GetFunctionalGroupings(functional_groupings);
 
-    policy_table::Strings app_groups = GetGroupsNames(app_group_permissions);
+    policy_table::Strings app_groups =
+        GetGroupsNames(app_group_permissions);
 
     // Undefined groups (without user consent) disallowed by default, since
     // OnPermissionsChange notification has no "undefined" section
@@ -620,7 +621,8 @@ void PolicyManagerImpl::CheckPermissions(const PTString& app_id,
   }
 
   const bool known_rpc = rpc_permissions.end() != rpc_permissions.find(rpc);
-  LOG4CXX_DEBUG(logger_, "Is known rpc " << (known_rpc ? "true" : "false"));
+  LOG4CXX_DEBUG(logger_, "Is known rpc " <<
+                (known_rpc ? "true" : "false"));
   if (!known_rpc) {
     // RPC not found in list == disallowed by backend
     result.hmi_level_permitted = kRpcDisallowed;
@@ -642,9 +644,7 @@ void PolicyManagerImpl::CheckPermissions(const PTString& app_id,
              rpc_permissions[rpc].hmi_permissions[kUserDisallowedKey].find(
                  hmi_level)) {
     // RPC found in allowed == allowed by backend, but disallowed by user
-    LOG4CXX_DEBUG(
-        logger_,
-        "RPC found in allowed == allowed by backend, but disallowed by user");
+    LOG4CXX_DEBUG(logger_, "RPC found in allowed == allowed by backend, but disallowed by user");
     result.hmi_level_permitted = kRpcUserDisallowed;
   } else {
     LOG4CXX_DEBUG(logger_,
@@ -984,6 +984,7 @@ void PolicyManagerImpl::SetUserConsentForApp(
     const PermissionConsent& permissions, const NotificationMode mode) {
   LOG4CXX_AUTO_TRACE(logger_);
 
+
   cache_->ResetCalculatedPermissions();
   PermissionConsent verified_permissions =
       EnsureCorrectPermissionConsent(permissions);
@@ -1766,6 +1767,11 @@ StatusNotifier PolicyManagerImpl::AddApplication(
                                                device_consent);
   } else {
     PromoteExistedApplication(application_id, device_consent);
+    if (helpers::in_range(hmi_types, policy_table::AHT_NAVIGATION) &&
+        !HasCertificate()) {
+      LOG4CXX_DEBUG(logger_, "Certificate does not exist, scheduling update.");
+      update_status_manager_.ScheduleUpdate();
+    }
     return utils::MakeShared<utils::CallNothing>();
   }
 }
diff --git a/src/components/protocol_handler/include/protocol_handler/protocol_handler_impl.h b/src/components/protocol_handler/include/protocol_handler/protocol_handler_impl.h
index e03e29d9bc..4d86a78688 100644
--- a/src/components/protocol_handler/include/protocol_handler/protocol_handler_impl.h
+++ b/src/components/protocol_handler/include/protocol_handler/protocol_handler_impl.h
@@ -685,6 +685,12 @@ class ProtocolHandlerImpl
 
 #ifdef ENABLE_SECURITY
   security_manager::SecurityManager* security_manager_;
+
+  bool is_ptu_triggered_;
+  std::list<std::shared_ptr<HandshakeHandler> > ptu_pending_handlers_;
+  std::list<std::shared_ptr<HandshakeHandler> > handshake_handlers_;
+  sync_primitives::Lock ptu_handlers_lock_;
+  sync_primitives::Lock handshake_handlers_lock_;
 #endif  // ENABLE_SECURITY
 
   // Thread that pumps non-parsed messages coming from mobile side.
diff --git a/src/components/protocol_handler/src/protocol_handler_impl.cc b/src/components/protocol_handler/src/protocol_handler_impl.cc
index 4cc4f883f0..e5bacdbf6f 100644
--- a/src/components/protocol_handler/src/protocol_handler_impl.cc
+++ b/src/components/protocol_handler/src/protocol_handler_impl.cc
@@ -75,6 +75,7 @@ ProtocolHandlerImpl::ProtocolHandlerImpl(
     ,
 #ifdef ENABLE_SECURITY
     security_manager_(NULL)
+    , is_ptu_triggered_(false)
     ,
 #endif  // ENABLE_SECURITY
     raw_ford_messages_from_mobile_(
@@ -148,6 +149,7 @@ ProtocolHandlerImpl::~ProtocolHandlerImpl() {
                  "Not all observers have unsubscribed"
                  " from ProtocolHandlerImpl");
   }
+  handshake_handlers_.clear();
 }
 
 void ProtocolHandlerImpl::AddProtocolObserver(ProtocolObserver* observer) {
@@ -843,7 +845,60 @@ void ProtocolHandlerImpl::NotifyOnFailedHandshake() {
   security_manager_->NotifyListenersOnHandshakeFailed();
 }
 
-void ProtocolHandlerImpl::OnPTUFinished(const bool ptu_result) {}
+void ProtocolHandlerImpl::OnPTUFinished(const bool ptu_result) {
+  LOG4CXX_AUTO_TRACE(logger_);
+
+#ifdef ENABLE_SECURITY
+  sync_primitives::AutoLock lock(ptu_handlers_lock_);
+
+  if (!is_ptu_triggered_) {
+    LOG4CXX_ERROR(logger_,
+                  "PTU was not triggered by service starting. Ignored");
+    return;
+  }
+
+  for (auto handler : ptu_pending_handlers_) {
+    const bool is_cert_expired = security_manager_->IsCertificateUpdateRequired(
+        handler->connection_key());
+    security_manager::SSLContext* ssl_context =
+        is_cert_expired ? NULL
+                        : security_manager_->CreateSSLContext(
+                              handler->connection_key(),
+                              security_manager::SecurityManager::kUseExisting);
+
+    if (!ssl_context) {
+      const std::string error("CreateSSLContext failed");
+      LOG4CXX_ERROR(logger_, error);
+      security_manager_->SendInternalError(
+          handler->connection_key(),
+          security_manager::SecurityManager::ERROR_INTERNAL,
+          error);
+
+      handler->OnHandshakeDone(
+          handler->connection_key(),
+          security_manager::SSLContext::Handshake_Result_Fail);
+
+      continue;
+    }
+
+    if (ssl_context->IsInitCompleted()) {
+      handler->OnHandshakeDone(
+          handler->connection_key(),
+          security_manager::SSLContext::Handshake_Result_Success);
+    } else {
+      security_manager_->AddListener(new HandshakeHandler(*handler));
+      if (!ssl_context->IsHandshakePending()) {
+        // Start handshake process
+        security_manager_->StartHandshake(handler->connection_key());
+      }
+    }
+  }
+
+  LOG4CXX_DEBUG(logger_, "Handshake handlers were notified");
+  ptu_pending_handlers_.clear();
+  is_ptu_triggered_ = false;
+#endif  // ENABLE_SECURITY
+}
 
 RESULT_CODE ProtocolHandlerImpl::SendFrame(const ProtocolFramePtr packet) {
   LOG4CXX_AUTO_TRACE(logger_);
@@ -1517,10 +1572,40 @@ void ProtocolHandlerImpl::NotifySessionStarted(
                                            context,
                                            packet->protocol_version(),
                                            bson_object_bytes);
+    handshake_handlers_.push_back(handler);
+
+    const bool is_certificate_empty =
+        security_manager_->IsPolicyCertificateDataEmpty();
+
+    if (context.is_ptu_required_ && is_certificate_empty) {
+      LOG4CXX_DEBUG(logger_,
+                    "PTU for StartSessionHandler "
+                        << handler.get()
+                        << " is required and certificate data is empty");
+
+      sync_primitives::AutoLock lock(ptu_handlers_lock_);
+      if (!is_ptu_triggered_) {
+        LOG4CXX_DEBUG(logger_,
+                      "PTU is not triggered yet. "
+                          << "Starting PTU and postponing SSL handshake");
+
+        ptu_pending_handlers_.push_back(handler);
+        is_ptu_triggered_ = true;
+        security_manager_->NotifyOnCertificateUpdateRequired();
+        security_manager_->PostponeHandshake(connection_key);
+      } else {
+        LOG4CXX_DEBUG(logger_, "PTU has been triggered. Added to pending.");
+        ptu_pending_handlers_.push_back(handler);
+      }
+      return;
+    }
 
     security_manager::SSLContext* ssl_context =
-        security_manager_->CreateSSLContext(
-            connection_key, security_manager::SecurityManager::kUseExisting);
+        is_certificate_empty
+            ? NULL
+            : security_manager_->CreateSSLContext(
+                  connection_key,
+                  security_manager::SecurityManager::kUseExisting);
     if (!ssl_context) {
       const std::string error("CreateSSLContext failed");
       LOG4CXX_ERROR(logger_, error);
-- 
cgit v1.2.1