CPKIFRevocationStatusMediator2.cpp

Go to the documentation of this file.

#include "CPKIFRevocationStatusMediator2.h"
#include "ScopeGuard.h"
#include "PKIFX509CRLChecker.h"

#include "boost/thread/recursive_mutex.hpp"

#include "ToolkitUtils.h"
#include "PKIFPathException.h"
#include "PKIFErrors.h"
#include "PKIFLog.h"
#include "CertStatusCache.h"

#ifdef _WIN32
#ifdef _DEBUG
#include "crtdbg.h"
#endif //_DEBUG
#endif //_WIN32

using namespace std;
using namespace boost;

struct CPKIFRevocationStatusMediator2Impl 
{
    CPKIFCertStatusCachePtr m_certStatusCache;
    bool m_bCacheCertStatus;
  
    CPKIFRevocationStatusMediator2Impl ():m_me() 
    {
        m_bCacheCertStatus = true;
        CPKIFCertStatusCachePtr tempCache(new CPKIFCertStatusCache);
        m_certStatusCache = tempCache;
    }

    //CACMonitorDataPtr m_md;
    boost::recursive_mutex m_me;

    //Declare a vector to contain pointers to all colleagues associated with this instance.
    std::vector<IPKIFColleaguePtr> m_vModules;

    //Declare a vector to contain pointers to colleagues that should be deleted when this
    //instance is destroyed, i.e. those added by calling AddColleague with transferOwnership
    //equal to true.
    //std::vector<IPKIFColleague*> m_vModulesToDelete;

    std::vector<IPKIFRevocationStatusPtr> m_vRevocStatModules;

    bool m_addDefaultColleagues;
};
//added interface stuff 8/21/2004
IPKIFRevocationStatus::IPKIFRevocationStatus()
{
}

void CPKIFRevocationStatusMediator2::SetCacheCertStatus(bool bCacheCertStatus)
{
    if(bCacheCertStatus && !m_impl->m_bCacheCertStatus)
    {
        //create a new cache object
        CPKIFCertStatusCachePtr tempCache(new CPKIFCertStatusCache);
        m_impl->m_certStatusCache = tempCache;
    }
    else if(!bCacheCertStatus)
    {
        //set cache to NULL
        CPKIFCertStatusCachePtr tempCache;
        m_impl->m_certStatusCache = tempCache;
    }

    m_impl->m_bCacheCertStatus = bCacheCertStatus;
}

bool CPKIFRevocationStatusMediator2::GetCacheCertStatus() const
{
    return m_impl->m_bCacheCertStatus;
}

CPKIFRevocationStatusMediator2::CPKIFRevocationStatusMediator2(
    bool addDefaultColleagues)
    : m_impl(new CPKIFRevocationStatusMediator2Impl)
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::CPKIFRevocationStatusMediator2(void)", TOOLKIT_PATH_MEDIATOR, 0, this);

    m_impl->m_addDefaultColleagues = addDefaultColleagues;
}
CPKIFRevocationStatusMediator2::~CPKIFRevocationStatusMediator2(void)
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::~CPKIFRevocationStatusMediator2(void)", TOOLKIT_PATH_MEDIATOR, 0, this);

    Terminate();

    delete m_impl;
    m_impl = '\0';
}

void CPKIFRevocationStatusMediator2::Terminate()
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::Terminate()", TOOLKIT_PATH_MEDIATOR, 0, this);

    //CCACSynchronizedObject so(m_impl->m_md);
    boost::recursive_mutex::scoped_lock(m_impl->m_me);
    try
    {
        //inform our children that we are dying
        RemoveParentRelationships(m_impl->m_vModules, this);

        RemoveMediatorAssociations();

        //clean up any modules that were added using AddColleague
//      FreeAdditionalModules(m_impl->m_vModulesToDelete, this);

        //added 7/17/2004
        IPKIFMediator::Terminate();

        m_impl->m_vModules.clear();
        m_impl->m_vRevocStatModules.clear();
    }
    catch(CPKIFException& )
    {
        //EXCEPTION DELETION
        //no purpose is served by passing on this exception - log it and forget it
        LOG_STRING_ERROR("CPKIFException encountered during CPKIFRevocationStatusMediator2 mediator termination", thisComponent, COMMON_TERMINATION_ERROR, this);
        //delete e;
        _ASSERT(false);
    }
    catch(...)
    {
        LOG_STRING_FATAL("Unknown exception encountered during CPKIFRevocationStatusMediator2 mediator termination", thisComponent, COMMON_TERMINATION_ERROR, this);
        _ASSERT(false);
    }
}

void CPKIFRevocationStatusMediator2::Initialize()
{
    InitializeMediator(NULL);
}
void CPKIFRevocationStatusMediator2::InitializeMediator(
    std::vector<CPKIFException*>* errorInfo)
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::Initialize", TOOLKIT_PATH_MEDIATOR, 0, this);

    //CCACSynchronizedObject so(m_impl->m_md);
    boost::recursive_mutex::scoped_lock(m_impl->m_me);
    LOG_STRING_DEBUG("Initializing CPKIFRevocationStatusMediator2 mediator", thisComponent, 0, this);
    if(!m_impl->m_vModules.empty())
        throw CPKIFPathException(thisComponent, COMMON_ALREADY_INITIALIZED, "This instance has already been initialized.  Call Terminate prior to re-initializing.");

    if(m_impl->m_addDefaultColleagues)
    {
        CPKIFX509CRLCheckerPtr crlChecker(new CPKIFX509CRLChecker());
        // GCC doesn't see the result of the dynamic_pointer_cast as a reference when used
        // inside the function call
        IPKIFColleaguePtr cp = dynamic_pointer_cast<IPKIFColleague,CPKIFX509CRLChecker>(crlChecker);
        AddColleague(cp);
    }
}

void CPKIFRevocationStatusMediator2::AddColleague(
    IPKIFColleaguePtr& module)
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::AddColleague", TOOLKIT_PATH_MEDIATOR, 0, this);

    //CCACSynchronizedObject so(m_impl->m_md);
    boost::recursive_mutex::scoped_lock(m_impl->m_me);
    if(!module)
        return;

    //if the module throws an exception let the caller catch it
    module->Initialize();
    module->AddParent(this);

    try
    {
        //set up a vector containing pointers that we will need to delete
        //if(transferOwnership)
        //  m_impl->m_vModulesToDelete.push_back(module);

        //create a guard on the vector so if the push onto the primary vector fails we can
        //pop the one off of m_impl->m_vModulesToDelete
//      ScopeGuard guard = MakeObjGuard(m_impl->m_vModulesToDelete, &vector<IPKIFColleague*>::pop_back);
        m_impl->m_vModules.push_back(module);
        if(dynamic_pointer_cast<IPKIFRevocationStatus, IPKIFColleague>(module))
            m_impl->m_vRevocStatModules.push_back(dynamic_pointer_cast<IPKIFRevocationStatus, IPKIFColleague>(module));
//      guard.Dismiss();
    }
    catch(...)
    {
        throw;
    }
}

//GENERAL PHILOSOPHY OF FOLLOWING FUNCTIONS
//  This mediator catches all exceptions that emanate from lower-level PKIF objects.  Exception
//contents are recorded in the audit log but the exceptions are NOT throw to the application.  The
//application will remain unaware of the exception.  This allows other colleagues an opportunity to
//satisfy the request.  In the event that an unsatisfied request leaves results in the failure of
//a higher level operation, the application will be notified of the higher level failure, possibly
//by an exception.  If no colleague supports the requested operation an exception is thrown indicating
//that the operation was not handled.
//  The bools returned by the colleagues indicated whether or not revocation status could be determined
//NOT whether or not the status of the cert or path.  This mediator iterates over colleagues until a 
//colleague reports that a definitive answer was determined.

bool CPKIFRevocationStatusMediator2::CheckStatus(
    const CPKIFCertificatePtr& cert,
    const CPKIFCertificatePtr& issuersCert, 
    RevocationStatus& status, 
    CPKIFCertStatusPtr& certStatus)
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::CheckStatus", TOOLKIT_PATH_MEDIATOR, 0, this);

    //CCACSynchronizedObject so(m_impl->m_md);
    boost::recursive_mutex::scoped_lock(m_impl->m_me);
    bool retVal = false;
    vector<IPKIFRevocationStatusPtr>::iterator pos;
    vector<IPKIFRevocationStatusPtr>::iterator end = m_impl->m_vRevocStatModules.end();
    bool opAttempted = false;

    if(m_impl->m_bCacheCertStatus && m_impl->m_certStatusCache)
    {
        if(m_impl->m_certStatusCache->CheckStatus(cert, issuersCert, status, certStatus))
            return true;
    }

    //iterate over all until someone returns a definitive answer
    for(pos = m_impl->m_vRevocStatModules.begin(); pos != end; ++pos)
    {
            opAttempted = true;
            try
            {
                bool b = (*pos)->CheckStatus(cert, issuersCert, status, certStatus);
                if(b)
                {
                    if(m_impl->m_bCacheCertStatus && m_impl->m_certStatusCache)
                    {
                        m_impl->m_certStatusCache->PutObject(cert, issuersCert, status, certStatus);
                    }

                    retVal = true;
                    break;
                }
            }
            catch(CPKIFException& e)
            {
                std::string reason = "A revocation status check-related exception was thrown.  ";
                reason.append(*e.print());
                AuditString(EVENTLOG_WARNING_TYPE, CAT_PKIF_PATH, PKIF_UNEXPECTED_EXCEPTION, reason.c_str(), thisComponent, COMMON_UNKNOWN_ERROR, this);
                //delete e;
            }
    }

    if(!opAttempted)
        throw CPKIFPathException(thisComponent, COMMON_OPERATION_NOT_HANDLED);

    return retVal;
}


bool CPKIFRevocationStatusMediator2::CheckStatusPath(
    CPKIFCertificatePath& path, 
    RevocationStatus& status)
{
    LOG_STRING_DEBUG("CPKIFRevocationStatusMediator2::CheckStatusPath", TOOLKIT_PATH_MEDIATOR, 0, this);

    //CCACSynchronizedObject so(m_impl->m_md);
    boost::recursive_mutex::scoped_lock(m_impl->m_me);
    bool retVal = false;
    vector<IPKIFRevocationStatusPtr>::iterator pos;
    vector<IPKIFRevocationStatusPtr>::iterator end = m_impl->m_vRevocStatModules.end();
    bool opAttempted = false;

    if(m_impl->m_bCacheCertStatus && m_impl->m_certStatusCache)
    {
        if(m_impl->m_certStatusCache->CheckStatusPath(path, status))
            return true;
    }

    //iterate over all until someone returns a definitive answer
    for(pos = m_impl->m_vRevocStatModules.begin(); pos != end; ++pos)
    {
            opAttempted = true;

            try
            {
                if((*pos)->CheckStatusPath(path, status))
                {
                    retVal = true;

                    if(m_impl->m_bCacheCertStatus && m_impl->m_certStatusCache)
                    {
                        m_impl->m_certStatusCache->PutObjectsInPath(path);
                    }

                    break;
                }
            }
            catch(CPKIFException& e)
            {
                std::string reason = "A revocation status check-related exception was thrown.  ";
                reason.append(*e.print());
                AuditString(EVENTLOG_WARNING_TYPE, CAT_PKIF_PATH, PKIF_UNEXPECTED_EXCEPTION, reason.c_str(), thisComponent, COMMON_UNKNOWN_ERROR, this);
                //delete e;
            }
    }

    if(!opAttempted)
        throw CPKIFPathException(thisComponent, COMMON_OPERATION_NOT_HANDLED);

    return retVal;
}
void CPKIFRevocationStatusMediator2::GetColleagues(
    std::vector<IPKIFColleaguePtr>& v) const
{
    copy(m_impl->m_vModules.begin(),m_impl->m_vModules.end(), back_inserter(v));
}