Merge pull request #14 from vijs/feature/cli

Initial version of auto renew daemon
Comcast · Jul 29, 2022 · 1500bf2 · 1500bf2
2 parents 99c7fbe + fec70f0
commit 1500bf2
Show file tree

Hide file tree

Showing 12 changed files with 939 additions and 10 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -8,7 +8,7 @@ cmake_policy(SET CMP0048 NEW)
 # Increment MINOR when API/ABI is backward compatible but different (e.g., new features added)
 # Increment PATCH when API is unchanged (bug/internal fixes)
 set(MAJOR 2)
-set(MINOR 1)
+set(MINOR 2)
 set(PATCH 1)
 set(VERSION ${MAJOR}.${MINOR}.${PATCH})
 set(CMAKE_XCODE_GENERATE_SCHEME ON)
@@ -26,6 +26,7 @@ option(ENABLE_CMOCKA "Enables CMOCKA for unit tests (requires cmocka)" OFF)
 option(ENABLE_COVERAGE "Collect code coverage report with unit tests" OFF)
 option(ENABLE_MBEDTLS "Build with mBedTLS support instead of OpenSSL" OFF)
 option(ENABLE_MATTER_EXAMPLES "Build Matter SDK libCertifier Examples" OFF)
+option(SYSTEMV_DAEMON "Install libCertifier Daemon with SysV Support" OFF)
 
 option(ENABLE_CMAKE_VERBOSE_MAKEFILE OFF)
 
@@ -246,6 +247,7 @@ set(MEMORYCHECK_COMMAND_OPTIONS "--trace-children=yes --leak-check=full")
 message(STATUS "extra cflags: ${CMAKE_C_FLAGS}")
 
 add_subdirectory(tests/keymgr)
+add_subdirectory(daemon)
 
 if (${ENABLE_TESTS})
     project(certifierTests)
@@ -368,6 +370,7 @@ install(TARGETS certifier LIBRARY DESTINATION lib)
 install(DIRECTORY include/certifier DESTINATION include)
 install(TARGETS certifierUtil RUNTIME DESTINATION bin)
 install(FILES libcertifier.cfg.sample DESTINATION etc/certifier RENAME libcertifier.cfg)
+install(FILES libcertifier-cert.crt DESTINATION etc/certifier)
 
 if (ENABLE_TESTS)
     install(TARGETS certifierTests RUNTIME DESTINATION bin)

diff --git a/daemon/CMakeLists.txt b/daemon/CMakeLists.txt
@@ -0,0 +1,75 @@
+project(certifierd)
+
+file(GLOB SOURCES "*.c")
+
+add_executable(${PROJECT_NAME} ${SOURCES})
+target_link_libraries(${PROJECT_NAME} certifier)
+target_include_directories(${PROJECT_NAME} PRIVATE ${CMAKE_SOURCE_DIR}/include ${CMAKE_SOURCE_DIR}/internal_headers)
+
+# The rule to install daemon binary
+install (TARGETS ${PROJECT_NAME} RUNTIME DESTINATION bin)
+
+# Directory with systemd unit files
+set (SYSTEMD_UNIT_DIR "/usr/lib/systemd/system")
+
+set (SYSTEMV_UNIT_DIR "/etc/init.d")
+
+# Default directory for log file
+set (DAEMON_LOG_DIR "/var/log/certifier")
+
+# Default directory for PID file
+set (DAEMON_PID_DIR "/run/certifier")
+
+# Default directory for certificates
+set (DAEMON_CERTS_DIR "/etc/certifier/certificates")
+
+# Macro for installing configuration files
+function(install_conf src dest)
+  if(NOT IS_ABSOLUTE "${src}")
+    set(src "${CMAKE_CURRENT_SOURCE_DIR}/${src}")
+  endif()
+  get_filename_component(src_name "${src}" NAME)
+  if (NOT IS_ABSOLUTE "${dest}")
+    set(dest "${CMAKE_INSTALL_PREFIX}/${dest}")
+  endif()
+  install(CODE "
+    if(NOT EXISTS \"\$ENV{DESTDIR}${dest}/${src_name}\")
+      #file(INSTALL \"${src}\" DESTINATION \"${dest}\")
+      message(STATUS \"Installing: \$ENV{DESTDIR}${dest}/${src_name}\")
+      execute_process(COMMAND \${CMAKE_COMMAND} -E copy \"${src}\"
+                      \"\$ENV{DESTDIR}${dest}/${src_name}\"
+                      RESULT_VARIABLE copy_result
+                      ERROR_VARIABLE error_output)
+      if(copy_result)
+        message(FATAL_ERROR \${error_output})
+      endif()
+    else()
+      message(STATUS \"Skipping  : \$ENV{DESTDIR}${dest}/${src_name}\")
+    endif()
+  ")
+endfunction(install_conf)
+
+if (NOT ${SYSTEMV_DAEMON})
+  # Install systemd unit files
+  install_conf (./certifierd.service ${SYSTEMD_UNIT_DIR})
+elseif(${SYSTEMV_DAEMON})
+  set(PROGRAM_PERMISSIONS_DEFAULT
+      OWNER_WRITE OWNER_READ OWNER_EXECUTE
+      GROUP_READ GROUP_EXECUTE
+      WORLD_READ WORLD_EXECUTE)
+
+  # Install systemv unit files
+  install(FILES certifierd.init DESTINATION ${SYSTEMV_UNIT_DIR} PERMISSIONS ${PROGRAM_PERMISSIONS_DEFAULT} RENAME certifierd)
+
+  install(CODE "set(CMAKE_INSTALL_PREFIX \"${CMAKE_INSTALL_PREFIX}\")")
+  install(SCRIPT InstallScript.cmake ${SYSTEMV_UNIT_DIR})
+endif()
+
+# Create empty directory for default log file
+install(DIRECTORY DESTINATION ${DAEMON_LOG_DIR})
+
+# Create empty directory for default PID file
+install(DIRECTORY DESTINATION ${DAEMON_PID_DIR})
+
+# Create empty directory for certificates to be renewed
+install(DIRECTORY DESTINATION ${DAEMON_CERTS_DIR})
diff --git a/daemon/InstallScript.cmake b/daemon/InstallScript.cmake
@@ -0,0 +1,13 @@
+if("${CMAKE_INSTALL_PREFIX}" STREQUAL "/")
+  execute_process(COMMAND update-rc.d certifierd defaults
+                  RESULT_VARIABLE Result
+                  OUTPUT_VARIABLE Output
+                  ERROR_VARIABLE Error)
+  if(Result EQUAL 0)
+    message(STATUS "Ran update-rc.d as CMAKE_INSTALL_PREFIX == \"/\"")
+  else()
+    message(FATAL_ERROR "Result - ${Result}\nOutput - ${Output}\nError - Error")
+  endif()
+else()
+  message(STATUS "Not running update-rc.d as CMAKE_INSTALL_PREFIX != \"/\"")
+endif()
diff --git a/daemon/certifierd.init b/daemon/certifierd.init
@@ -0,0 +1,101 @@
+#!/bin/sh
+#
+#       /etc/init.d/certifierd
+#
+#       Init script for Certifier daemon
+#
+# chkconfig:   2345 20 80
+# description: LibCertifier Daemon that renews certificates automatically once a day
+
+### BEGIN INIT INFO
+# Provides:       certifierd
+# Required-Start: $rsyslog
+# Required-Stop:
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:  0 1 6
+# Short-Description: start and stop example of daemon
+# Description: Example of UNIX daemon
+### END INIT INFO
+
+# Source function library.
+. /lib/lsb/init-functions
+
+prog="certifierd"
+app="/usr/bin/$prog"
+lock_file="/var/lock/subsys/$prog"
+log_file="/var/log/$prog.log"
+conf_file="/etc/certifier/libcertifier.cfg"
+
+start() {
+    echo -n $"Starting $prog: "
+    start_daemon -p $lock_file $app --conf-file $conf_file --log-file $log_file --daemon
+    RETVAL=$?
+    [ $RETVAL -eq 0 ] && touch $lock_file
+    echo
+    return $RETVAL
+}
+
+stop() {
+    echo -n $"Stopping $prog: "
+    killproc -p $lock_file $prog -INT
+    RETVAL=$?
+    echo
+    [ $RETVAL -eq 0 ] && rm -f $lock_file
+    return $RETVAL
+}
+
+restart() {
+    stop
+    start
+}
+
+reload() {
+    restart
+}
+
+force_reload() {
+    restart
+}
+
+rh_status() {
+    status_of_proc -p $lock_file "$prog process"
+}
+
+rh_status_q() {
+    rh_status >/dev/null 2>&1
+}
+
+case "$1" in
+    start)
+        rh_status_q && exit 0
+        $1
+        ;;
+    stop)
+        rh_status_q || exit 0
+        $1
+        ;;
+    restart)
+        $1
+        ;;
+    reload)
+        rh_status_q || exit 7
+        $1
+        ;;
+    force-reload)
+        force_reload
+        ;;
+    status)
+        rh_status
+        ;;
+    condrestart|try-restart)
+        rh_status_q || exit 0
+        restart
+        ;;
+    *)
+        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
+        exit 2
+esac
+
+exit $?
diff --git a/daemon/certifierd.service b/daemon/certifierd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=LibCertifier Daemon that renews certificates automatically once a day
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/certifierd \
+	--conf-file /etc/certifier/libcertifier.cfg \
+	--log-file /var/log/certifier/certifierd.log
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target