1 martin 1.243 //%LICENSE////////////////////////////////////////////////////////////////
|
2 martin 1.244 //
|
3 martin 1.243 // Licensed to The Open Group (TOG) under one or more contributor license
4 // agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
5 // this work for additional information regarding copyright ownership.
6 // Each contributor licenses this file to you under the OpenPegasus Open
7 // Source License; you may not use this file except in compliance with the
8 // License.
|
9 martin 1.244 //
|
10 martin 1.243 // Permission is hereby granted, free of charge, to any person obtaining a
11 // copy of this software and associated documentation files (the "Software"),
12 // to deal in the Software without restriction, including without limitation
13 // the rights to use, copy, modify, merge, publish, distribute, sublicense,
14 // and/or sell copies of the Software, and to permit persons to whom the
15 // Software is furnished to do so, subject to the following conditions:
|
16 martin 1.244 //
|
17 martin 1.243 // The above copyright notice and this permission notice shall be included
18 // in all copies or substantial portions of the Software.
|
19 martin 1.244 //
|
20 martin 1.243 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
21 martin 1.244 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22 martin 1.243 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27 martin 1.244 //
|
28 martin 1.243 //////////////////////////////////////////////////////////////////////////
|
29 mike 1.42 //
30 //%/////////////////////////////////////////////////////////////////////////////
31
|
32 mike 1.50 #include <Pegasus/Common/Config.h>
33
|
34 mike 1.42 #include <cstdio>
35 #include <cctype>
|
36 mike 1.50 #include <ctime>
|
37 kumpf 1.169
38 #if (defined(PEGASUS_OS_HPUX) || defined(PEGASUS_OS_LINUX)) \
39 && defined(PEGASUS_USE_RELEASE_DIRS)
40 # include <unistd.h>
|
41 kumpf 1.215 # include <errno.h>
|
42 kumpf 1.115 #endif
|
43 kumpf 1.169
|
44 kumpf 1.75 #include <Pegasus/Common/Constants.h>
|
45 mike 1.42 #include <Pegasus/Common/FileSystem.h>
|
46 mike 1.183 #include <Pegasus/Common/Signal.h>
|
47 mike 1.50 #include <Pegasus/Common/HTTPAcceptor.h>
|
48 kumpf 1.54 #include <Pegasus/Common/Tracer.h>
|
49 marek 1.194 #include <Pegasus/Common/Logger.h>
|
50 mday 1.58 #include <Pegasus/Common/Cimom.h>
|
51 kumpf 1.78 #include <Pegasus/Common/PegasusVersion.h>
|
52 kumpf 1.188 #include <Pegasus/Common/Time.h>
|
53 kumpf 1.195 #include <Pegasus/Common/MessageLoader.h>
|
54 kumpf 1.216 #include <Pegasus/Common/AuditLogger.h>
|
55 marek 1.261 #include <Pegasus/Common/StringConversion.h>
|
56 kumpf 1.78
|
57 thilo.boehm 1.249 #include <Pegasus/General/SSLContextManager.h>
58
|
59 mike 1.42 #include <Pegasus/Repository/CIMRepository.h>
|
60 mike 1.50 #include <Pegasus/ExportServer/CIMExportRequestDispatcher.h>
61 #include <Pegasus/ExportServer/CIMExportResponseEncoder.h>
62 #include <Pegasus/ExportServer/CIMExportRequestDecoder.h>
|
63 kumpf 1.54 #include <Pegasus/Config/ConfigManager.h>
|
64 mike 1.50 #include <Pegasus/Security/UserManager/UserManager.h>
|
65 kumpf 1.62 #include <Pegasus/HandlerService/IndicationHandlerService.h>
66 #include <Pegasus/IndicationService/IndicationService.h>
|
67 kumpf 1.184 #include <Pegasus/ProviderManagerService/ProviderManagerService.h>
|
68 mike 1.179 #include <Pegasus/ProviderManager2/Default/DefaultProviderManager.h>
|
69 karl 1.262 #include "reg_table.h"
|
70 chip 1.114
|
71 r.kieninger 1.239 #if defined PEGASUS_OS_ZOS
|
72 r.kieninger 1.209 # include "ConsoleManager_zOS.h"
73 #endif
74
|
75 tony 1.134 #ifdef PEGASUS_ENABLE_SLP
|
76 kumpf 1.195 # include <Pegasus/Client/CIMClient.h>
|
77 tony 1.134 #endif
78
|
79 mike 1.47 #include "CIMServer.h"
|
80 mike 1.50 #include "CIMOperationRequestDispatcher.h"
81 #include "CIMOperationResponseEncoder.h"
82 #include "CIMOperationRequestDecoder.h"
|
83 kumpf 1.54 #include "CIMOperationRequestAuthorizer.h"
|
84 mike 1.50 #include "HTTPAuthenticatorDelegator.h"
|
85 kumpf 1.79 #include "ShutdownProvider.h"
|
86 kumpf 1.101 #include "ShutdownService.h"
|
87 kumpf 1.69 #include <Pegasus/Common/ModuleController.h>
|
88 kumpf 1.71 #include <Pegasus/ControlProviders/UserAuthProvider/UserAuthProvider.h>
|
89 kumpf 1.215 #include <Pegasus/ControlProviders/ConfigSettingProvider/\
90 ConfigSettingProvider.h>
91 #include <Pegasus/ControlProviders/ProviderRegistrationProvider/\
92 ProviderRegistrationProvider.h>
|
93 karl 1.80 #include <Pegasus/ControlProviders/NamespaceProvider/NamespaceProvider.h>
|
94 humberto 1.110
|
95 karl 1.158 #ifndef PEGASUS_DISABLE_PERFINST
|
96 kumpf 1.195 # include <Pegasus/ControlProviders/Statistic/CIMOMStatDataProvider.h>
|
97 w.white 1.142 #endif
98
|
99 h.sterling 1.154 #ifdef PEGASUS_HAS_SSL
|
100 kumpf 1.195 # include <Pegasus/ControlProviders/CertificateProvider/CertificateProvider.h>
|
101 h.sterling 1.154 #endif
|
102 w.white 1.142
|
103 karl 1.226 #ifdef PEGASUS_ENABLE_CQL
|
104 kumpf 1.215 # include <Pegasus/ControlProviders/QueryCapabilitiesProvider/\
105 CIMQueryCapabilitiesProvider.h>
|
106 a.arora 1.156 #endif
107
|
108 karl 1.210 #if defined PEGASUS_ENABLE_INTEROP_PROVIDER
|
109 kumpf 1.195 # include <Pegasus/ControlProviders/InteropProvider/InteropProvider.h>
|
110 tony 1.134 #endif
111
|
112 kumpf 1.228 #ifdef PEGASUS_ENABLE_PROTOCOL_WSMAN
113 # include <Pegasus/WsmServer/WsmProcessor.h>
114 #endif
115
|
116 mike 1.42 PEGASUS_NAMESPACE_BEGIN
|
117 karl 1.262
|
118 dave.sudlik 1.197 #ifdef PEGASUS_SLP_REG_TIMEOUT
119 ThreadReturnType PEGASUS_THREAD_CDECL registerPegasusWithSLP(void *parm);
120 // Configurable SLP port to be handeled in a separate bug.
121 # define SLP_DEFAULT_PORT 427
122 # define LOCALHOST_IP "127.0.0.1"
123 #endif
|
124 mike 1.42
|
125 kumpf 1.195 static CIMServer* _cimserver = NULL;
|
126 a.arora 1.143
|
127 kumpf 1.100 // Need a static method to act as a callback for the control provider.
128 // This doesn't belong here, but I don't have a better place to put it.
|
129 kumpf 1.195 static Message* controlProviderReceiveMessageCallback(
130 Message* message,
131 void* instance)
|
132 kumpf 1.69 {
|
133 kumpf 1.185 CIMRequestMessage* request = dynamic_cast<CIMRequestMessage*>(message);
134 PEGASUS_ASSERT(request != 0);
135
|
136 kumpf 1.220 Thread::setLanguages(
|
137 kumpf 1.185 ((AcceptLanguageListContainer) request->operationContext.get(
138 AcceptLanguageListContainer::NAME)).getLanguages());
139
140 ProviderMessageHandler* pmh =
141 reinterpret_cast<ProviderMessageHandler*>(instance);
|
142 venkat.puvvada 1.256
143 MessageType reqType = request->getType();
144 if (reqType == CIM_STOP_ALL_PROVIDERS_REQUEST_MESSAGE)
145 {
146 pmh->terminate();
147 return 0;
148 }
149 else if (reqType == CIM_SUBSCRIPTION_INIT_COMPLETE_REQUEST_MESSAGE)
150 {
151 pmh->subscriptionInitComplete();
152 return 0;
153 }
154 else if (reqType == CIM_INDICATION_SERVICE_DISABLED_REQUEST_MESSAGE)
155 {
156 pmh->indicationServiceDisabled();
157 return 0;
158 }
|
159 kumpf 1.185 return pmh->processMessage(request);
|
160 kumpf 1.73 }
|
161 kumpf 1.71
|
162 kumpf 1.137 //
163 // Signal handler for shutdown signals, currently SIGHUP and SIGTERM
164 //
|
165 kumpf 1.108 Boolean handleShutdownSignal = false;
|
166 kumpf 1.195 void shutdownSignalHandler(int s_n, PEGASUS_SIGINFO_T* s_info, void* sig)
|
167 kumpf 1.101 {
|
168 kumpf 1.108 PEG_METHOD_ENTER(TRC_SERVER, "shutdownSignalHandler");
|
169 marek 1.231 PEG_TRACE((TRC_SERVER, Tracer::LEVEL3, "Signal %d received.", s_n));
|
170 kumpf 1.101
|
171 a.arora 1.143 CIMServer::shutdownSignal();
|
172 kumpf 1.101
173 PEG_METHOD_EXIT();
174 }
175
|
176 s.hills 1.123 void CIMServer::shutdownSignal()
177 {
178 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::shutdownSignal()");
179 handleShutdownSignal = true;
|
180 a.arora 1.143 _cimserver->tickle_monitor();
|
181 s.hills 1.123 PEG_METHOD_EXIT();
182 }
183
|
184 ouyang.jian 1.212 #ifdef PEGASUS_OS_PASE
185 static void _synchronousSignalHandler(int s_n, PEGASUS_SIGINFO_T* s_info,
186 void* sig)
187 {
188 static bool mark = false;
189 if (mark)
190 return;
191
192 mark = true;
193
194 Logger::put_l(Logger::ERROR_LOG, "CIMServer", Logger::SEVERE,
|
195 kumpf 1.233 MessageLoaderParms(
196 "Pegasus.Server.CIMServer.RECEIVE_SYN_SIGNAL.PEGASUS_OS_PASE",
197 "Synchronous signal received."));
|
198 ouyang.jian 1.212
199 CIMServer::shutdownSignal();
200 }
201
202 static void _asynchronousSignalHandler(int s_n, PEGASUS_SIGINFO_T* s_info,
203 void* sig)
204 {
205 static bool mark = false;
206 if (mark)
207 return;
208
209 mark = true;
210
211 Logger::put_l(Logger::ERROR_LOG, "CIMServer", Logger::SEVERE,
|
212 kumpf 1.233 MessageLoaderParms(
213 "Pegasus.Server.CIMServer.RECEIVE_ASYN_SIGNAL.PEGASUS_OS_PASE",
214 "Asynchronous signal received."));
|
215 ouyang.jian 1.212
216 CIMServer::shutdownSignal();
217 }
218 #endif
219
|
220 kumpf 1.206 CIMServer::CIMServer()
221 : _dieNow(false)
|
222 mike 1.43 {
|
223 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::CIMServer()");
|
224 yi.zhou 1.192 _cimserver = this;
|
225 mday 1.111 _init();
|
226 yi.zhou 1.192
|
227 mday 1.111 PEG_METHOD_EXIT();
228 }
229
|
230 kumpf 1.195 void CIMServer::tickle_monitor()
231 {
|
232 a.arora 1.143 _monitor->tickle();
233 }
|
234 mike 1.179
|
235 thilo.boehm 1.252 SCMOClass CIMServer::_scmoClassCache_GetClass(
236 const CIMNamespaceName& nameSpace,
237 const CIMName& className)
238 {
239 CIMClass cc;
240
241 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::_scmoClassCache_GetClass()");
|
242 karl 1.262 try
|
243 thilo.boehm 1.252 {
244 cc = _cimserver->_repository->getClass(
245 nameSpace,
246 className,
247 false, // localOnly
248 true, // includeQualifiers
249 true, // includeClassOrigin
250 CIMPropertyList());
251 }
252 catch (Exception& e)
253 {
254 PEG_TRACE((TRC_DISCARDED_DATA, Tracer::LEVEL2,
|
255 thilo.boehm 1.253 "The class '%s' in the name space '%s' was not found. "
256 "The repository throws the following exception: %s",
257 (const char*)className.getString().getCString(),
258 (const char*)nameSpace.getString().getCString(),
|
259 thilo.boehm 1.252 (const char*)e.getMessage().getCString()));
260 // Return a empty class.
261 PEG_METHOD_EXIT();
|
262 karl 1.262 return SCMOClass("","");
|
263 thilo.boehm 1.252 }
264
265 if (cc.isUninitialized())
266 {
267 // The requested class was not found !
268 // Return a empty class.
269 PEG_METHOD_EXIT();
270 return SCMOClass("","");
271 }
272 PEG_METHOD_EXIT();
273 return SCMOClass(cc,(const char*)nameSpace.getString().getCString());
274
275 }
276
277
|
278 kumpf 1.195 void CIMServer::_init()
|
279 mday 1.111 {
|
280 thilo.boehm 1.254
281 // pre-initialize the hostname.
282 System::getHostName();
283
|
284 kumpf 1.206 _monitor.reset(new Monitor());
285
|
286 kumpf 1.167 #if (defined(PEGASUS_OS_HPUX) || defined(PEGASUS_OS_LINUX)) \
287 && defined(PEGASUS_USE_RELEASE_DIRS)
|
288 kumpf 1.215 if (chdir(PEGASUS_CORE_DIR) != 0)
289 {
290 PEG_TRACE((TRC_SERVER, Tracer::LEVEL2,
291 "chdir(\"%s\") failed with errno %d.", PEGASUS_CORE_DIR, errno));
292 }
|
293 kumpf 1.115 #endif
|
294 kumpf 1.60
|
295 mike 1.43 // -- Create a repository:
296
|
297 kumpf 1.193 String repositoryRootPath =
298 ConfigManager::getHomedPath(
299 ConfigManager::getInstance()->getCurrentValue("repositoryDir"));
300
|
301 kumpf 1.81 #ifdef DO_NOT_CREATE_REPOSITORY_ON_STARTUP
302 // If this code is enable, the CIMServer will fail to start
|
303 kumpf 1.206 // if the repository directory does not exist. If called,
|
304 kumpf 1.81 // the Repository will create an empty repository.
305
|
306 chip 1.112 // This check has been disabled to allow cimmof to call
|
307 kumpf 1.81 // the CIMServer to build the initial repository.
|
308 kumpf 1.60 if (!FileSystem::isDirectory(repositoryRootPath))
|
309 kumpf 1.54 {
|
310 kumpf 1.195 throw NoSuchDirectory(repositoryRootPath);
|
311 kumpf 1.54 }
|
312 kumpf 1.81 #endif
|
313 mike 1.43
|
314 kumpf 1.193 _repository = new CIMRepository(repositoryRootPath);
|
315 mike 1.50
|
316 kumpf 1.76 // -- Create a UserManager object:
|
317 marek 1.260 UserManager::getInstance(_repository);
|
318 kumpf 1.76
|
319 thilo.boehm 1.252 // -- Create a SCMOClass Cache and set call back for the repository
320
321 SCMOClassCache::getInstance()->setCallBack(_scmoClassCache_GetClass);
322
|
323 mike 1.50 // -- Create a CIMServerState object:
324
|
325 a.arora 1.133 _serverState.reset(new CIMServerState());
|
326 mike 1.50
|
327 kumpf 1.67 _providerRegistrationManager = new ProviderRegistrationManager(_repository);
328
|
329 mike 1.50 // -- Create queue inter-connections:
|
330 schuur 1.127
|
331 mike 1.179 _providerManager = new ProviderManagerService(
|
332 kumpf 1.195 _providerRegistrationManager,
333 _repository,
334 DefaultProviderManager::createDefaultProviderManagerCallback);
|
335 mike 1.179
336 // Create IndicationHandlerService:
|
337 kumpf 1.159
|
338 kumpf 1.67 _handlerService = new IndicationHandlerService(_repository);
|
339 kumpf 1.69
|
340 sushma.fernandes 1.208 _cimOperationRequestDispatcher = new CIMOperationRequestDispatcher(
341 _repository, _providerRegistrationManager);
342
|
343 kumpf 1.71 // Create the control service
|
344 kumpf 1.99 _controlService = new ModuleController(PEGASUS_QUEUENAME_CONTROLSERVICE);
|
345 kumpf 1.71
|
346 kumpf 1.195 // Jump this number up when there are more control providers.
347 _controlProviders.reserveCapacity(16);
|
348 kumpf 1.185
|
349 kumpf 1.71 // Create the Configuration control provider
|
350 kumpf 1.185 ProviderMessageHandler* configProvider = new ProviderMessageHandler(
|
351 dmitry.mikulin 1.211 "CIMServerControlProvider", "ConfigSettingProvider",
352 new ConfigSettingProvider(), 0, 0, false);
|
353 konrad.r 1.171
|
354 kumpf 1.185 _controlProviders.append(configProvider);
|
355 venkat.puvvada 1.237 _controlService->register_module(
|
356 kumpf 1.195 PEGASUS_MODULENAME_CONFIGPROVIDER,
357 configProvider,
|
358 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
359 kumpf 1.71
360 // Create the User/Authorization control provider
|
361 kumpf 1.185 ProviderMessageHandler* userAuthProvider = new ProviderMessageHandler(
|
362 dmitry.mikulin 1.211 "CIMServerControlProvider", "UserAuthProvider",
363 new UserAuthProvider(_repository), 0, 0, false);
|
364 kumpf 1.185 _controlProviders.append(userAuthProvider);
|
365 venkat.puvvada 1.237 _controlService->register_module(
|
366 kumpf 1.195 PEGASUS_MODULENAME_USERAUTHPROVIDER,
367 userAuthProvider,
|
368 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
369 mike 1.50
|
370 kumpf 1.74 // Create the Provider Registration control provider
|
371 kumpf 1.185 ProviderMessageHandler* provRegProvider = new ProviderMessageHandler(
|
372 dmitry.mikulin 1.211 "CIMServerControlProvider", "ProviderRegistrationProvider",
|
373 kumpf 1.185 new ProviderRegistrationProvider(_providerRegistrationManager),
|
374 venkat.puvvada 1.256 ModuleController::indicationCallback, 0, false);
|
375 kumpf 1.185 // Warning: The ProviderRegistrationProvider destructor deletes
376 // _providerRegistrationManager
377 _controlProviders.append(provRegProvider);
|
378 venkat.puvvada 1.237 _controlService->register_module(
|
379 kumpf 1.195 PEGASUS_MODULENAME_PROVREGPROVIDER,
380 provRegProvider,
|
381 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
382 kumpf 1.79
|
383 kumpf 1.185 // Create the Shutdown control provider
384 ProviderMessageHandler* shutdownProvider = new ProviderMessageHandler(
|
385 dmitry.mikulin 1.211 "CIMServerControlProvider", "ShutdownProvider",
386 new ShutdownProvider(this), 0, 0, false);
|
387 kumpf 1.185 _controlProviders.append(shutdownProvider);
|
388 venkat.puvvada 1.237 _controlService->register_module(
|
389 kumpf 1.195 PEGASUS_MODULENAME_SHUTDOWNPROVIDER,
390 shutdownProvider,
|
391 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
392 karl 1.80
|
393 kumpf 1.185 // Create the namespace control provider
394 ProviderMessageHandler* namespaceProvider = new ProviderMessageHandler(
|
395 dmitry.mikulin 1.211 "CIMServerControlProvider", "NamespaceProvider",
396 new NamespaceProvider(_repository), 0, 0, false);
|
397 kumpf 1.185 _controlProviders.append(namespaceProvider);
|
398 venkat.puvvada 1.237 _controlService->register_module(
|
399 kumpf 1.195 PEGASUS_MODULENAME_NAMESPACEPROVIDER,
400 namespaceProvider,
|
401 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
402 kumpf 1.195
403 //
404 // Create a SSLContextManager object
405 //
406 _sslContextMgr = new SSLContextManager();
|
407 nag.boranna 1.161
|
408 h.sterling 1.154 #ifdef PEGASUS_HAS_SSL
|
409 kumpf 1.195 // Because this provider allows management of the cimserver truststore
410 // it needs to be available regardless of the value
411 // of sslClientVerificationMode config property.
|
412 kumpf 1.185 ProviderMessageHandler* certificateProvider = new ProviderMessageHandler(
|
413 dmitry.mikulin 1.211 "CIMServerControlProvider", "CertificateProvider",
|
414 kumpf 1.185 new CertificateProvider(_repository, _sslContextMgr),
415 0, 0, false);
416 _controlProviders.append(certificateProvider);
|
417 venkat.puvvada 1.237 _controlService->register_module(
|
418 kumpf 1.195 PEGASUS_MODULENAME_CERTIFICATEPROVIDER,
419 certificateProvider,
|
420 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
421 h.sterling 1.154 #endif
|
422 h.sterling 1.153
|
423 karl 1.158 #ifndef PEGASUS_DISABLE_PERFINST
|
424 kumpf 1.185 // Create the Statistical Data control provider
425 ProviderMessageHandler* cimomstatdataProvider = new ProviderMessageHandler(
|
426 dmitry.mikulin 1.211 "CIMServerControlProvider", "CIMOMStatDataProvider",
427 new CIMOMStatDataProvider(), 0, 0, false);
|
428 kumpf 1.185 _controlProviders.append(cimomstatdataProvider);
|
429 venkat.puvvada 1.237 _controlService->register_module(
|
430 kumpf 1.195 PEGASUS_MODULENAME_CIMOMSTATDATAPROVIDER,
431 cimomstatdataProvider,
|
432 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
433 w.white 1.142 #endif
434
|
435 karl 1.226 #ifdef PEGASUS_ENABLE_CQL
|
436 a.arora 1.156
|
437 kumpf 1.185 // Create the Query Capabilities control provider
438 ProviderMessageHandler* cimquerycapprovider = new ProviderMessageHandler(
|
439 dmitry.mikulin 1.211 "CIMServerControlProvider", "CIMQueryCapabilitiesProvider",
|
440 kumpf 1.185 new CIMQueryCapabilitiesProvider(),
441 0, 0, false);
442 _controlProviders.append(cimquerycapprovider);
|
443 venkat.puvvada 1.237 _controlService->register_module(
|
444 kumpf 1.195 PEGASUS_MODULENAME_CIMQUERYCAPPROVIDER,
445 cimquerycapprovider,
|
446 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
447 a.arora 1.156 #endif
448
|
449 karl 1.210 #if defined PEGASUS_ENABLE_INTEROP_PROVIDER
|
450 w.white 1.149
|
451 kumpf 1.185 // Create the interop control provider
452 ProviderMessageHandler* interopProvider = new ProviderMessageHandler(
|
453 dmitry.mikulin 1.211 "CIMServerControlProvider", "InteropProvider",
|
454 venkat.puvvada 1.251 new InteropProvider(
|
455 thilo.boehm 1.252 _repository,
|
456 venkat.puvvada 1.251 _providerRegistrationManager),
457 0, 0, false);
458
|
459 kumpf 1.185 _controlProviders.append(interopProvider);
|
460 venkat.puvvada 1.237 _controlService->register_module(
|
461 kumpf 1.195 PEGASUS_MODULENAME_INTEROPPROVIDER,
462 interopProvider,
|
463 venkat.puvvada 1.237 controlProviderReceiveMessageCallback);
|
464 tony 1.134 #endif
|
465 kumpf 1.74
|
466 kumpf 1.195 _cimOperationResponseEncoder = new CIMOperationResponseEncoder;
|
467 mike 1.50
|
468 kumpf 1.54 //
469 // get the configured authentication and authorization flags
470 //
471 ConfigManager* configManager = ConfigManager::getInstance();
472
|
473 kumpf 1.182 Boolean enableAuthentication = ConfigManager::parseBooleanValue(
474 configManager->getCurrentValue("enableAuthentication"));
|
475 kumpf 1.54
|
476 sahana.prabhakar 1.248 MessageQueue* cimOperationProcessorQueue = 0;
|
477 kumpf 1.228
|
478 kumpf 1.54 //
|
479 kumpf 1.104 // Create Authorization queue only if authentication is enabled
|
480 kumpf 1.54 //
|
481 kumpf 1.104 if ( enableAuthentication )
|
482 kumpf 1.54 {
483 _cimOperationRequestAuthorizer = new CIMOperationRequestAuthorizer(
484 _cimOperationRequestDispatcher);
|
485 kumpf 1.228 cimOperationProcessorQueue = _cimOperationRequestAuthorizer;
|
486 kumpf 1.54 }
487 else
488 {
|
489 kumpf 1.99 _cimOperationRequestAuthorizer = 0;
|
490 kumpf 1.228 cimOperationProcessorQueue = _cimOperationRequestDispatcher;
491 }
|
492 kumpf 1.99
|
493 kumpf 1.228 _cimOperationRequestDecoder = new CIMOperationRequestDecoder(
494 cimOperationProcessorQueue,
495 _cimOperationResponseEncoder->getQueueId());
|
496 mike 1.43
|
497 kumpf 1.195 _cimExportRequestDispatcher = new CIMExportRequestDispatcher();
|
498 mike 1.43
|
499 kumpf 1.195 _cimExportResponseEncoder = new CIMExportResponseEncoder;
|
500 mike 1.43
|
501 mike 1.50 _cimExportRequestDecoder = new CIMExportRequestDecoder(
|
502 kumpf 1.195 _cimExportRequestDispatcher,
503 _cimExportResponseEncoder->getQueueId());
|
504 mike 1.43
|
505 kumpf 1.99 _httpAuthenticatorDelegator = new HTTPAuthenticatorDelegator(
|
506 mike 1.50 _cimOperationRequestDecoder->getQueueId(),
|
507 h.sterling 1.153 _cimExportRequestDecoder->getQueueId(),
|
508 nag.boranna 1.161 _repository);
|
509 mike 1.43
|
510 kumpf 1.228 #ifdef PEGASUS_ENABLE_PROTOCOL_WSMAN
511 _wsmProcessor = new WsmProcessor(
512 cimOperationProcessorQueue,
513 _repository);
514 _httpAuthenticatorDelegator->setWsmQueueId(
515 _wsmProcessor->getWsmRequestDecoderQueueId());
516 #endif
517
|
518 kumpf 1.82 // IMPORTANT-NU-20020513: Indication service must start after ExportService
519 // otherwise HandlerService started by indicationService will never
520 // get ExportQueue to export indications for existing subscriptions
521
|
522 venkat.puvvada 1.250 _indicationService = new IndicationService(
523 _repository,
524 _providerRegistrationManager);
|
525 mike 1.50
|
526 karl 1.262 // Build the Control Provider and Service internal routing table. This must
527 // be called after MessageQueueService initialized and ServiceQueueIds
528 // installed.
529
530 DynamicRoutingTable::buildRoutingTable();
531
|
532 kumpf 1.108 // Enable the signal handler to shutdown gracefully on SIGHUP and SIGTERM
533 getSigHandle()->registerHandler(PEGASUS_SIGHUP, shutdownSignalHandler);
|
534 kumpf 1.107 getSigHandle()->activate(PEGASUS_SIGHUP);
|
535 kumpf 1.108 getSigHandle()->registerHandler(PEGASUS_SIGTERM, shutdownSignalHandler);
536 getSigHandle()->activate(PEGASUS_SIGTERM);
|
537 ouyang.jian 1.212 #ifdef PEGASUS_OS_PASE
538 getSigHandle()->registerHandler(SIGFPE, _synchronousSignalHandler);
539 getSigHandle()->activate(SIGFPE);
540 getSigHandle()->registerHandler(SIGILL, _synchronousSignalHandler);
541 getSigHandle()->activate(SIGILL);
542 getSigHandle()->registerHandler(SIGSEGV, _synchronousSignalHandler);
543 getSigHandle()->activate(SIGSEGV);
544 getSigHandle()->registerHandler(SIGIO, _asynchronousSignalHandler);
545 getSigHandle()->activate(SIGIO);
546 #endif
|
547 marek 1.223 #ifdef PEGASUS_OS_ZOS
548 // Establish handling signal send to us on USS shutdown
549 getSigHandle()->registerHandler(PEGASUS_SIGDANGER, shutdownSignalHandler);
550 getSigHandle()->activate(PEGASUS_SIGDANGER);
551 // enable process to receive SIGDANGER on USS shutdown
552 __shutdown_registration(_SDR_NOTIFY, _SDR_REGPROCESS, _SDR_SENDSIGDANGER);
553 #endif
|
554 marek 1.194
555 //
|
556 r.kieninger 1.209 // Set up an additional thread waiting for commands from the
557 // system console
|
558 marek 1.194 //
|
559 r.kieninger 1.239 #if defined PEGASUS_OS_ZOS
|
560 r.kieninger 1.209 ZOSConsoleManager::startConsoleWatchThread();
|
561 marek 1.194 #endif
562
|
563 kumpf 1.216 #ifdef PEGASUS_ENABLE_AUDIT_LOGGER
|
564 yi.zhou 1.192
565 // Register audit logger initialize callback
566 AuditLogger::setInitializeCallback(auditLogInitializeCallback);
567
568 Boolean enableAuditLog = ConfigManager::parseBooleanValue(
569 configManager->getCurrentValue("enableAuditLog"));
570
571 if (enableAuditLog)
572 {
573 AuditLogger::setEnabled(enableAuditLog);
574 }
575
576 #endif
|
577 mike 1.43 }
578
|
579 venkat.puvvada 1.247 void CIMServer::initComplete()
580 {
581 // CIMServer initialization is now complete. Inform indication service
582 // to send CIMSubscriptionInitCompleteRequestMessage.
583 if (_indicationService)
584 {
585 _indicationService->sendSubscriptionInitComplete();
586 }
|
587 venkat.puvvada 1.256 _providerRegistrationManager->setInitComplete();
|
588 venkat.puvvada 1.247 }
|
589 mday 1.111
|
590 konrad.r 1.171 CIMServer::~CIMServer ()
591 {
|
592 kumpf 1.175 PEG_METHOD_ENTER (TRC_SERVER, "CIMServer::~CIMServer()");
|
593 mday 1.111
|
594 kumpf 1.175 // Wait until the Shutdown provider request has cleared through the
|
595 kumpf 1.195 // system.
|
596 kumpf 1.175 ShutdownService::getInstance(this)->waitUntilNoMoreRequests(false);
|
597 mday 1.111
|
598 kumpf 1.245 // Make sure no providers are running (since they might depend on the
599 // services we are about to delete).
600 ShutdownService::getInstance(this)->shutdownProviders();
601
|
602 kumpf 1.175 // Ok, shutdown all the MQSs. This shuts their communication channel.
603 ShutdownService::getInstance(this)->shutdownCimomServices();
|
604 kumpf 1.54
|
605 kumpf 1.175 // Start deleting the objects.
606 // The order is very important.
607
608 // The HTTPAcceptor depends on HTTPAuthenticationDelegator
609 for (Uint32 i = 0, n = _acceptors.size (); i < n; i++)
|
610 konrad.r 1.171 {
|
611 kumpf 1.195 HTTPAcceptor* p = _acceptors[i];
|
612 kumpf 1.175 delete p;
|
613 konrad.r 1.171 }
|
614 kumpf 1.99
|
615 kumpf 1.175 // IndicationService depends on ProviderManagerService,
616 // IndicationHandlerService, and ProviderRegistrationManager, and thus
617 // should be deleted before the ProviderManagerService,
618 // IndicationHandlerService, and ProviderRegistrationManager are deleted.
619 delete _indicationService;
620
621 // HTTPAuthenticationDelegator depends on CIMRepository,
622 // CIMOperationRequestDecoder and CIMExportRequestDecoder
623 delete _httpAuthenticatorDelegator;
624
625 delete _cimExportRequestDecoder;
626
627 delete _cimExportResponseEncoder;
628
629 delete _cimExportRequestDispatcher;
630
631 // CIMOperationRequestDecoder depends on CIMOperationRequestAuthorizer
632 // and CIMOperationResponseEncoder
633 delete _cimOperationRequestDecoder;
|
634 kumpf 1.228 delete _cimOperationResponseEncoder;
|
635 kumpf 1.175
|
636 kumpf 1.228 #ifdef PEGASUS_ENABLE_PROTOCOL_WSMAN
637 // WsmProcessor depends on CIMOperationRequestAuthorizer/Dispatcher and
638 // CIMRepository
639 delete _wsmProcessor;
640 #endif
|
641 kumpf 1.175
642 // CIMOperationRequestAuthorizer depends on
643 // CIMOperationRequestDispatcher
644 delete _cimOperationRequestAuthorizer;
645
646 // IndicationHandlerService uses CIMOperationRequestDispatcher
647 delete _handlerService;
648
|
649 kumpf 1.195 // CIMOperationRequestDispatcher depends on
|
650 kumpf 1.175 // CIMRepository and ProviderRegistrationManager.
651 // CIMOperationRequestDispatcher keeps an internal list of control
652 // providers. Must delete this before ModuleController.
653 delete _cimOperationRequestDispatcher;
654
655 // ModuleController takes care of deleting all wrappers around
656 // the control providers.
657 delete _controlService;
658
659 // Find all of the control providers (module)
660 // Must delete CIMOperationRequestDispatcher _before_ deleting each
661 // of the control provider. The CIMOperationRequestDispatcher keeps
662 // its own table of the internal providers (pointers).
663 for (Uint32 i = 0, n = _controlProviders.size(); i < n; i++)
|
664 konrad.r 1.171 {
|
665 kumpf 1.195 ProviderMessageHandler* p = _controlProviders[i];
|
666 kumpf 1.196 delete p->getProvider();
|
667 kumpf 1.175 delete p;
|
668 konrad.r 1.171 }
669
|
670 kumpf 1.195 // The SSL control providers use the SSL context manager.
|
671 kumpf 1.175 delete _sslContextMgr;
672
673 // ProviderManagerService depends on ProviderRegistrationManager.
674 // Note that deleting the ProviderManagerService causes the
675 // DefaultProviderManager (if loaded) to get unloaded. Dynamically
676 // unloading the DefaultProviderManager library affects (on HP-UX, at
677 // least) the statically loaded version of this library used by the
|
678 kumpf 1.185 // ProviderMessageHandler wrapper for the control providers. Deleting
|
679 kumpf 1.175 // the ProviderManagerService after the control providers is a
680 // workaround for this problem.
681 delete _providerManager;
682
683 delete _providerRegistrationManager;
|
684 konrad.r 1.171
|
685 kumpf 1.175 // Almost everybody uses the CIMRepository.
686 delete _repository;
|
687 kumpf 1.99
|
688 kumpf 1.175 // Destroy the singleton services
|
689 thilo.boehm 1.252 SCMOClassCache::destroy();
|
690 kumpf 1.175 UserManager::destroy();
691 ShutdownService::destroy();
|
692 konrad.r 1.172
|
693 kumpf 1.175 PEG_METHOD_EXIT ();
|
694 mike 1.43 }
695
|
696 kumpf 1.101 void CIMServer::addAcceptor(
|
697 dave.sudlik 1.207 Uint16 connectionType,
|
698 kumpf 1.101 Uint32 portNumber,
|
699 dev.meetei 1.259 Boolean useSSL,
700 HostAddress *ipAddress)
|
701 kumpf 1.101 {
702 HTTPAcceptor* acceptor;
|
703 sushma.fernandes 1.189
704 acceptor = new HTTPAcceptor(
|
705 kumpf 1.206 _monitor.get(),
|
706 kumpf 1.195 _httpAuthenticatorDelegator,
|
707 dave.sudlik 1.207 connectionType,
|
708 kumpf 1.195 portNumber,
709 useSSL ? _getSSLContext() : 0,
|
710 karl 1.262 useSSL ? _sslContextMgr->getSSLContextObjectLock() : 0,
|
711 dev.meetei 1.259 ipAddress);
|
712 marek 1.180
|
713 kumpf 1.101 _acceptors.append(acceptor);
714 }
715
716 void CIMServer::bind()
|
717 mike 1.43 {
|
718 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::bind()");
|
719 kumpf 1.54
|
720 kumpf 1.157 if (_acceptors.size() == 0)
721 {
722 MessageLoaderParms mlp = MessageLoaderParms(
723 "Server.CIMServer.BIND_FAILED",
724 "No CIM Server connections are enabled.");
|
725 chip 1.112
|
726 kumpf 1.157 throw BindFailedException(mlp);
727 }
|
728 chip 1.112
|
729 kumpf 1.157 for (Uint32 i=0; i<_acceptors.size(); i++)
730 {
731 _acceptors[i]->bind();
|
732 kumpf 1.101 }
|
733 chip 1.112
|
734 kumpf 1.75 PEG_METHOD_EXIT();
|
735 mike 1.43 }
736
737 void CIMServer::runForever()
738 {
|
739 mday 1.111 // Note: Trace code in this method will be invoked frequently.
|
740 kumpf 1.101
|
741 kumpf 1.195 if (!_dieNow)
|
742 kumpf 1.157 {
|
743 kumpf 1.195 _monitor->run(500000);
744 static struct timeval lastIdleCleanupTime = {0, 0};
|
745 venkat.puvvada 1.227 struct timeval now;
|
746 kumpf 1.195 Time::gettimeofday(&now);
|
747 kumpf 1.186
|
748 kumpf 1.195 if (now.tv_sec - lastIdleCleanupTime.tv_sec > 300)
749 {
750 lastIdleCleanupTime.tv_sec = now.tv_sec;
|
751 kumpf 1.186
|
752 kumpf 1.195 try
753 {
|
754 sahana.prabhakar 1.255 _providerManager->idleTimeCleanup();
|
755 kumpf 1.195 MessageQueueService::get_thread_pool()->cleanupIdleThreads();
|
756 kumpf 1.238 #ifdef PEGASUS_ENABLE_PROTOCOL_WSMAN
757 _wsmProcessor->cleanupExpiredContexts();
758 #endif
|
759 kumpf 1.195 }
760 catch (...)
761 {
762 }
763 }
|
764 nag.boranna 1.161
|
765 kumpf 1.195 if (handleShutdownSignal)
766 {
|
767 marek 1.199 PEG_TRACE_CSTRING(TRC_SERVER, Tracer::LEVEL3,
|
768 kumpf 1.195 "CIMServer::runForever - signal received. Shutting down.");
|
769 dl.meetei 1.263
770 //same statement as that of getShutdownTimeout
771 //TODO: DL consolidate in one place
772 ConfigManager *cfgManager = ConfigManager::getInstance();
773 String shutdnTimestr = cfgManager ->getCurrentValue(
774 "shutdownTimeout");
775
776 Uint64 shutdownTimeout = 0;
777
778 StringConversion::decimalStringToUint64(
779 shutdnTimestr.getCString(), shutdownTimeout);
780
781 ShutdownService::getInstance(this)->shutdown(
782 true,
783 (Uint32)shutdownTimeout,
784 false);
785
786
|
787 kumpf 1.195 // Set to false must be after call to shutdown. See
788 // stopClientConnection.
789 handleShutdownSignal = false;
790 }
|
791 kumpf 1.157 }
|
792 mike 1.50 }
|
793 mday 1.118
|
794 mike 1.50 void CIMServer::stopClientConnection()
795 {
|
796 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::stopClientConnection()");
|
797 kumpf 1.54
|
798 kumpf 1.157 // tell Monitor to stop listening for client connections
799 if (handleShutdownSignal)
800 // If shutting down, this is in the same thread as runForever.
801 // No need to wait for the thread to see the stop flag.
802 _monitor->stopListeningForConnections(false);
803 else
804 // If not shutting down, this is not in the same thread as runForever.
805 // Need to wait for the thread to see the stop flag.
806 _monitor->stopListeningForConnections(true);
807
808 //
|
809 kumpf 1.195 // Wait 150 milliseconds to allow time for the Monitor to stop
810 // listening for client connections.
|
811 kumpf 1.157 //
812 // This wait time is the timeout value for the select() call
|
813 kumpf 1.195 // in the Monitor's run() method (currently set to 100
|
814 kumpf 1.157 // milliseconds) plus a delta of 50 milliseconds. The reason
815 // for the wait here is to make sure that the Monitor entries
816 // are updated before closing the connection sockets.
817 //
|
818 marek 1.199 // PEG_TRACE_CSTRING(TRC_SERVER, Tracer::LEVEL4, "Wait 150 milliseconds.");
|
819 mike 1.183 // Threads::sleep(150); not needed anymore due to the semaphore
|
820 kumpf 1.157 // in the monitor
821
822 for (Uint32 i=0; i<_acceptors.size(); i++)
|
823 kumpf 1.117 {
|
824 kumpf 1.157 _acceptors[i]->closeConnectionSocket();
|
825 kumpf 1.101 }
|
826 chip 1.112
|
827 kumpf 1.75 PEG_METHOD_EXIT();
|
828 mike 1.50 }
829
830 void CIMServer::shutdown()
831 {
|
832 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::shutdown()");
|
833 kumpf 1.54
|
834 dave.sudlik 1.176 #ifdef PEGASUS_DEBUG
835 _repository->DisplayCacheStatistics();
|
836 thilo.boehm 1.252 SCMOClassCache::getInstance()->DisplayCacheStatistics();
|
837 dave.sudlik 1.176 #endif
838
|
839 mike 1.50 _dieNow = true;
|
840 kumpf 1.157 _cimserver->tickle_monitor();
|
841 kumpf 1.54
|
842 kumpf 1.75 PEG_METHOD_EXIT();
|
843 mike 1.50 }
844
845 void CIMServer::resume()
846 {
|
847 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::resume()");
|
848 kumpf 1.54
|
849 kumpf 1.101 for (Uint32 i=0; i<_acceptors.size(); i++)
850 {
851 _acceptors[i]->reopenConnectionSocket();
852 }
|
853 kumpf 1.54
|
854 kumpf 1.75 PEG_METHOD_EXIT();
|
855 mike 1.50 }
856
857 void CIMServer::setState(Uint32 state)
858 {
|
859 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::setState()");
|
860 kumpf 1.54
|
861 mike 1.50 _serverState->setState(state);
|
862 chip 1.53
|
863 kumpf 1.85 //
864 // get the configured authentication and authorization flags
865 //
866 ConfigManager* configManager = ConfigManager::getInstance();
867
|
868 kumpf 1.182 Boolean enableAuthentication = ConfigManager::parseBooleanValue(
869 configManager->getCurrentValue("enableAuthentication"));
870 Boolean enableNamespaceAuthorization = ConfigManager::parseBooleanValue(
871 configManager->getCurrentValue("enableNamespaceAuthorization"));
|
872 kumpf 1.85
|
873 mike 1.50 if (state == CIMServerState::TERMINATING)
874 {
875 // tell decoder that CIMServer is terminating
876 _cimOperationRequestDecoder->setServerTerminating(true);
877 _cimExportRequestDecoder->setServerTerminating(true);
|
878 kumpf 1.228 #ifdef PEGASUS_ENABLE_PROTOCOL_WSMAN
879 _wsmProcessor->setServerTerminating(true);
880 #endif
|
881 kumpf 1.85
882 // tell authorizer that CIMServer is terminating ONLY if
883 // authentication and authorization are enabled
884 //
|
885 kumpf 1.87 if ( enableAuthentication && enableNamespaceAuthorization )
|
886 kumpf 1.85 {
887 _cimOperationRequestAuthorizer->setServerTerminating(true);
888 }
|
889 mike 1.50 }
890 else
891 {
892 // tell decoder that CIMServer is not terminating
893 _cimOperationRequestDecoder->setServerTerminating(false);
894 _cimExportRequestDecoder->setServerTerminating(false);
|
895 kumpf 1.228 #ifdef PEGASUS_ENABLE_PROTOCOL_WSMAN
896 _wsmProcessor->setServerTerminating(false);
897 #endif
|
898 kumpf 1.85
899 // tell authorizer that CIMServer is terminating ONLY if
900 // authentication and authorization are enabled
901 //
|
902 kumpf 1.87 if ( enableAuthentication && enableNamespaceAuthorization )
|
903 kumpf 1.85 {
904 _cimOperationRequestAuthorizer->setServerTerminating(false);
905 }
|
906 mike 1.50 }
|
907 kumpf 1.75 PEG_METHOD_EXIT();
|
908 mike 1.50 }
909
910 Uint32 CIMServer::getOutstandingRequestCount()
911 {
|
912 kumpf 1.75 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::getOutstandingRequestCount()");
|
913 kumpf 1.54
|
914 kumpf 1.101 Uint32 requestCount = 0;
|
915 mday 1.111
|
916 kumpf 1.157 for (Uint32 i=0; i<_acceptors.size(); i++)
917 {
918 requestCount += _acceptors[i]->getOutstandingRequestCount();
|
919 kumpf 1.101 }
|
920 chip 1.112
|
921 kumpf 1.75 PEG_METHOD_EXIT();
922 return requestCount;
|
923 kumpf 1.101 }
924
|
925 nag.boranna 1.163 //
|
926 sushma.fernandes 1.189 SSLContext* CIMServer::_getSSLContext()
|
927 nag.boranna 1.163 {
928 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::_getSSLContext()");
929
930 static const String PROPERTY_NAME__SSL_CERT_FILEPATH =
|
931 kumpf 1.195 "sslCertificateFilePath";
932 static const String PROPERTY_NAME__SSL_KEY_FILEPATH = "sslKeyFilePath";
933 static const String PROPERTY_NAME__SSL_TRUST_STORE = "sslTrustStore";
934 static const String PROPERTY_NAME__SSL_CRL_STORE = "crlStore";
|
935 nag.boranna 1.163 static const String PROPERTY_NAME__SSL_CLIENT_VERIFICATION =
|
936 kumpf 1.195 "sslClientVerificationMode";
|
937 nag.boranna 1.163 static const String PROPERTY_NAME__SSL_AUTO_TRUST_STORE_UPDATE =
|
938 kumpf 1.195 "enableSSLTrustStoreAutoUpdate";
|
939 nag.boranna 1.163 static const String PROPERTY_NAME__SSL_TRUST_STORE_USERNAME =
|
940 kumpf 1.195 "sslTrustStoreUserName";
|
941 nag.boranna 1.163 static const String PROPERTY_NAME__HTTP_ENABLED =
|
942 kumpf 1.195 "enableHttpConnection";
|
943 rohini.deshpande 1.257 static const String PROPERTY_NAME__SSL_CIPHER_SUITE = "sslCipherSuite";
|
944 nag.boranna 1.163
|
945 kumpf 1.201 String verifyClient;
946 String trustStore;
|
947 nag.boranna 1.163 SSLContext* sslContext = 0;
948
949 //
950 // Get a config manager instance
951 //
952 ConfigManager* configManager = ConfigManager::getInstance();
953
|
954 sushma.fernandes 1.189 // Note that if invalid values were set for either sslKeyFilePath,
955 // sslCertificateFilePath, crlStore or sslTrustStore, the invalid
956 // paths would have been detected in SecurityPropertyOwner and
957 // terminated the server startup. This happens regardless of whether
958 // or not HTTPS is enabled (not a great design, but that seems to
959 // be how other properties are validated as well)
960 //
961 // Get the sslClientVerificationMode property from the Config
962 // Manager.
963 //
964 verifyClient = configManager->getCurrentValue(
|
965 kumpf 1.195 PROPERTY_NAME__SSL_CLIENT_VERIFICATION);
|
966 sushma.fernandes 1.189
967 //
968 // Get the sslTrustStore property from the Config Manager.
969 //
970 trustStore = configManager->getCurrentValue(
|
971 kumpf 1.195 PROPERTY_NAME__SSL_TRUST_STORE);
|
972 sushma.fernandes 1.189
973 if (trustStore != String::EMPTY)
|
974 nag.boranna 1.163 {
|
975 sushma.fernandes 1.189 trustStore = ConfigManager::getHomedPath(trustStore);
976 }
|
977 nag.boranna 1.163
|
978 thilo.boehm 1.236 PEG_TRACE((TRC_SERVER, Tracer::LEVEL4,"Server trust store name: %s",
979 (const char*)trustStore.getCString()));
|
980 nag.boranna 1.163
|
981 sushma.fernandes 1.189 //
982 // Get the sslTrustStoreUserName property from the Config Manager.
983 //
|
984 kumpf 1.201 String trustStoreUserName;
|
985 sushma.fernandes 1.189 trustStoreUserName = configManager->getCurrentValue(
|
986 kumpf 1.195 PROPERTY_NAME__SSL_TRUST_STORE_USERNAME);
|
987 nag.boranna 1.163
|
988 sushma.fernandes 1.189 if (!String::equal(verifyClient, "disabled"))
989 {
|
990 nag.boranna 1.163 //
|
991 mreddy 1.191 // 'required' and 'optional' settings must have a valid truststore
|
992 nag.boranna 1.163 //
|
993 sushma.fernandes 1.189 if (trustStore == String::EMPTY)
|
994 nag.boranna 1.163 {
|
995 mreddy 1.191 MessageLoaderParms parms(
|
996 kumpf 1.206 "Pegasus.Server.SSLContextManager."
|
997 kumpf 1.195 "SSL_CLIENT_VERIFICATION_EMPTY_TRUSTSTORE",
998 "The \"sslTrustStore\" configuration property must be set "
999 "if \"sslClientVerificationMode\" is 'required' or "
|
1000 kumpf 1.206 "'optional'.");
|
1001 mreddy 1.191 PEG_METHOD_EXIT();
1002 throw SSLException(parms);
|
1003 sushma.fernandes 1.189 }
|
1004 h.sterling 1.165
|
1005 h.sterling 1.168 #ifdef PEGASUS_DISABLE_LOCAL_DOMAIN_SOCKET
|
1006 sushma.fernandes 1.189 //
1007 // ATTN: 'required' setting must have http port enabled.
1008 // If only https is enabled, and a call to shutdown the
1009 // cimserver is given, the call will hang and a forced shutdown
1010 // will ensue. This is because the CIMClient::connectLocal call
1011 // cannot specify a certificate for authentication against
1012 // the local server. This limitation is being investigated.
1013 // See Bugzilla 2995.
1014 //
1015 if (String::equal(verifyClient, "required"))
1016 {
1017 if (!ConfigManager::parseBooleanValue(
1018 configManager->getCurrentValue(
1019 PROPERTY_NAME__HTTP_ENABLED)))
|
1020 nag.boranna 1.163 {
|
1021 sushma.fernandes 1.189 MessageLoaderParms parms(
|
1022 kumpf 1.195 "Pegasus.Server.SSLContextManager."
1023 "INVALID_CONF_HTTPS_REQUIRED",
|
1024 sushma.fernandes 1.189 "The \"sslClientVerificationMode\" property cannot be "
1025 "set to \"required\" if HTTP is disabled, as the "
1026 "cimserver will be unable to properly shutdown. "
1027 "The recommended course of action is to change "
|
1028 kumpf 1.206 "the property value to \"optional\".");
|
1029 sushma.fernandes 1.189 PEG_METHOD_EXIT();
1030 throw SSLException(parms);
|
1031 nag.boranna 1.163 }
|
1032 sushma.fernandes 1.189 }
|
1033 h.sterling 1.165 #endif
|
1034 nag.boranna 1.163 //
|
1035 sushma.fernandes 1.189 // A truststore username must be specified if
1036 // sslClientVerificationMode is enabled and the truststore is a
1037 // single CA file. If the truststore is a directory, then the
1038 // CertificateProvider should be used to register users with
1039 // certificates.
|
1040 nag.boranna 1.163 //
|
1041 a.rachapudi 1.241
|
1042 kumpf 1.246 if (trustStore != String::EMPTY)
|
1043 nag.boranna 1.163 {
|
1044 a.rachapudi 1.241 if (!FileSystem::exists(trustStore))
|
1045 sushma.fernandes 1.189 {
1046 MessageLoaderParms parms(
|
1047 kumpf 1.206 "Pegasus.Server.SSLContextManager."
|
1048 a.rachapudi 1.241 "COULD_NOT_ACCESS_TRUST_STORE",
1049 "Could not access the trust store."
1050 "Check the permissions of the truststore path \"$0\".",
|
1051 kumpf 1.246 trustStore);
|
1052 sushma.fernandes 1.189 PEG_METHOD_EXIT();
1053 throw SSLException(parms);
1054 }
|
1055 kumpf 1.246
|
1056 a.rachapudi 1.241 if (!FileSystem::isDirectory(trustStore))
1057 {
1058 if (trustStoreUserName == String::EMPTY)
1059 {
1060 MessageLoaderParms parms(
1061 "Pegasus.Server.SSLContextManager."
1062 "SSL_CLIENT_VERIFICATION_EMPTY_USERNAME",
1063 "The \"sslTrustStoreUserName\" property must specify a "
1064 "valid username if \"sslClientVerificationMode\" "
1065 "is 'required' or 'optional' and the truststore is "
1066 "a single CA file. To register individual "
1067 "certificates to users, you must use a truststore "
1068 "directory along with the CertificateProvider.");
1069 PEG_METHOD_EXIT();
1070 throw SSLException(parms);
1071 }
1072 }
|
1073 nag.boranna 1.163 }
1074 }
1075
|
1076 sushma.fernandes 1.178 #ifdef PEGASUS_ENABLE_SSL_CRL_VERIFICATION
|
1077 nag.boranna 1.163 //
1078 // Get the crlStore property from the Config Manager.
1079 //
1080 String crlStore = configManager->getCurrentValue(
|
1081 kumpf 1.195 PROPERTY_NAME__SSL_CRL_STORE);
|
1082 nag.boranna 1.163
1083 if (crlStore != String::EMPTY)
1084 {
1085 crlStore = ConfigManager::getHomedPath(crlStore);
1086 }
|
1087 sushma.fernandes 1.178 #else
|
1088 kumpf 1.195 String crlStore;
|
1089 sushma.fernandes 1.178 #endif
|
1090 nag.boranna 1.163
1091 //
1092 // Get the sslCertificateFilePath property from the Config Manager.
1093 //
1094 String certPath;
1095 certPath = ConfigManager::getHomedPath(
1096 configManager->getCurrentValue(PROPERTY_NAME__SSL_CERT_FILEPATH));
1097
1098 //
1099 // Get the sslKeyFilePath property from the Config Manager.
1100 //
1101 String keyPath;
1102 keyPath = ConfigManager::getHomedPath(
1103 configManager->getCurrentValue(PROPERTY_NAME__SSL_KEY_FILEPATH));
1104
|
1105 kumpf 1.201 String randFile;
|
1106 nag.boranna 1.163
1107 #ifdef PEGASUS_SSL_RANDOMFILE
1108 // NOTE: It is technically not necessary to set up a random file on
1109 // the server side, but it is easier to use a consistent interface
1110 // on the client and server than to optimize out the random file on
1111 // the server side.
1112 randFile = ConfigManager::getHomedPath(PEGASUS_SSLSERVER_RANDOMFILE);
1113 #endif
1114
|
1115 sushma.fernandes 1.189 //
|
1116 rohini.deshpande 1.257 // Get the cipherSuite property from the Config Manager.
1117 //
1118 String cipherSuite = configManager->getCurrentValue(
1119 PROPERTY_NAME__SSL_CIPHER_SUITE);
|
1120 karl 1.262 PEG_TRACE((TRC_SERVER, Tracer::LEVEL4, "Cipher suite is %s",
1121 (const char*)cipherSuite.getCString()));
|
1122 rohini.deshpande 1.257
1123 //
|
1124 sushma.fernandes 1.189 // Create the SSLContext defined by the configuration properties
1125 //
1126 if (String::equal(verifyClient, "required"))
|
1127 nag.boranna 1.163 {
|
1128 marek 1.231 PEG_TRACE_CSTRING(TRC_SERVER, Tracer::LEVEL3,
|
1129 sushma.fernandes 1.189 "SSL Client verification REQUIRED.");
|
1130 nag.boranna 1.163
|
1131 sushma.fernandes 1.189 _sslContextMgr->createSSLContext(
|
1132 rohini.deshpande 1.257 trustStore, certPath, keyPath, crlStore, false, randFile,
1133 cipherSuite);
|
1134 sushma.fernandes 1.189 }
1135 else if (String::equal(verifyClient, "optional"))
1136 {
|
1137 marek 1.231 PEG_TRACE_CSTRING(TRC_SERVER, Tracer::LEVEL3,
|
1138 sushma.fernandes 1.189 "SSL Client verification OPTIONAL.");
|
1139 nag.boranna 1.163
|
1140 sushma.fernandes 1.189 _sslContextMgr->createSSLContext(
|
1141 rohini.deshpande 1.257 trustStore, certPath, keyPath, crlStore, true, randFile,
1142 cipherSuite);
|
1143 nag.boranna 1.163 }
|
1144 sushma.fernandes 1.189 else if (String::equal(verifyClient, "disabled") ||
1145 verifyClient == String::EMPTY)
|
1146 nag.boranna 1.163 {
|
1147 marek 1.231 PEG_TRACE_CSTRING(TRC_SERVER, Tracer::LEVEL3,
|
1148 sushma.fernandes 1.189 "SSL Client verification DISABLED.");
|
1149 nag.boranna 1.163
|
1150 sushma.fernandes 1.189 _sslContextMgr->createSSLContext(
|
1151 rohini.deshpande 1.257 String::EMPTY, certPath, keyPath, crlStore, false, randFile,
1152 cipherSuite);
|
1153 nag.boranna 1.163 }
|
1154 sushma.fernandes 1.189 sslContext = _sslContextMgr->getSSLContext();
|
1155 nag.boranna 1.163
|
1156 kumpf 1.229 try
1157 {
|
1158 kumpf 1.230 sslContext->_validateCertificate();
|
1159 kumpf 1.229 }
1160 catch (SSLException& e)
1161 {
1162 Logger::put(
1163 Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
1164 e.getMessage());
1165 }
1166
|
1167 nag.boranna 1.163 PEG_METHOD_EXIT();
1168 return sslContext;
1169 }
|
1170 h.sterling 1.130
|
1171 yi.zhou 1.192 void CIMServer::auditLogInitializeCallback()
1172 {
|
1173 kumpf 1.216 #ifdef PEGASUS_ENABLE_AUDIT_LOGGER
|
1174 yi.zhou 1.192
1175 Array<String> propertyNames;
1176 Array<String> propertyValues;
1177
1178 // Get all current property names and values
1179 ConfigManager* configManager = ConfigManager::getInstance();
1180
1181 configManager->getAllPropertyNames(propertyNames, false);
|
1182 kumpf 1.195
|
1183 yi.zhou 1.192 for (Uint32 i = 0; i < propertyNames.size(); i++)
|
1184 kumpf 1.195 {
|
1185 yi.zhou 1.192 propertyValues.append(configManager->getCurrentValue(propertyNames[i]));
1186 }
1187
1188 AuditLogger::logCurrentConfig(propertyNames, propertyValues);
1189
1190 // get currently registered provider module instances
1191 Array<CIMInstance> moduleInstances;
1192
|
1193 kumpf 1.195 moduleInstances =
|
1194 yi.zhou 1.192 _cimserver->_providerRegistrationManager->enumerateInstancesForClass(
1195 CIMObjectPath("PG_ProviderModule"));
1196
1197 AuditLogger::logCurrentRegProvider(moduleInstances);
1198
1199 AuditLogger::logCurrentEnvironmentVar();
1200
1201 #endif
1202 }
1203
|
1204 tony 1.134 #ifdef PEGASUS_ENABLE_SLP
1205
|
1206 kumpf 1.195 ThreadReturnType PEGASUS_THREAD_CDECL _callSLPProvider(void* parm);
|
1207 tony 1.134
1208 // This is a control function that starts a new thread which issues a
|
1209 kumpf 1.246 // cim operation to start the slp provider. Used for both External and
|
1210 venkat.puvvada 1.227 // Embedded SLP registrations.
|
1211 dave.sudlik 1.197 //
1212
|
1213 tony 1.134 void CIMServer::startSLPProvider()
1214 {
|
1215 marek 1.204 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::startSLPProvider");
|
1216 tony 1.134
1217 // Get Config parameter to determine if we should start SLP.
1218 ConfigManager* configManager = ConfigManager::getInstance();
|
1219 venkat.puvvada 1.227 Boolean _runSLP = ConfigManager::parseBooleanValue(
|
1220 kumpf 1.182 configManager->getCurrentValue("slp"));
|
1221 tony 1.134
1222 // If false, do not start slp provider
1223 if (!_runSLP)
1224 {
|
1225 marek 1.224 PEG_METHOD_EXIT();
|
1226 tony 1.134 return;
1227 }
|
1228 kumpf 1.195 // Create a separate thread, detach and call function to execute the
1229 // startup.
|
1230 tony 1.134 Thread t( _callSLPProvider, 0, true );
1231 t.run();
1232
1233 PEG_METHOD_EXIT();
1234 return;
1235 }
1236
1237
1238 // startSLPProvider is a function to get the slp provider kicked off
|
1239 kumpf 1.195 // during startup. It is placed in the provider manager simply because
|
1240 tony 1.134 // the provider manager is the only component of the system is
1241 // driven by a timer after startup. It should never be here and must be
1242 // moved to somewhere more logical or really replaced. We simply needed
1243 // something that was run shortly after system startup.
|
1244 kumpf 1.195 // This function is assumed to operate in a separate thread and
|
1245 tony 1.134 // KS 15 February 2004.
1246
|
1247 kumpf 1.195 ThreadReturnType PEGASUS_THREAD_CDECL _callSLPProvider(void* parm)
|
1248 tony 1.134 {
|
1249 kumpf 1.195 PEG_METHOD_ENTER(TRC_SERVER, "CIMServer::_callSLPProvider()");
1250
|
1251 tony 1.134 CIMClient client;
1252 String hostStr = System::getHostName();
1253
1254 try
1255 {
1256 client.connectLocal();
|
1257 marek 1.261
1258 String timeoutStr=
1259 ConfigManager::getInstance()->getCurrentValue(
1260 "slpProviderStartupTimeout");
1261 Uint64 timeOut;
1262
1263 StringConversion::decimalStringToUint64(
1264 timeoutStr.getCString(),
1265 timeOut);
1266 client.setTimeout(timeOut & 0xFFFFFFFF);
|
1267 karl 1.262
|
1268 tony 1.134 String referenceStr = "//";
1269 referenceStr.append(hostStr);
|
1270 kumpf 1.195 referenceStr.append("/");
|
1271 tony 1.134 referenceStr.append(PEGASUS_NAMESPACENAME_INTERNAL.getString());
1272 referenceStr.append(":");
1273 referenceStr.append(PEGASUS_CLASSNAME_WBEMSLPTEMPLATE.getString());
1274 CIMObjectPath reference(referenceStr);
1275 //
1276 // issue the invokeMethod request on the register method
1277 //
1278 Array<CIMParamValue> inParams;
1279 Array<CIMParamValue> outParams;
1280
|
1281 marek 1.261 Uint32 retries = 3;
1282
1283 while (retries > 0)
1284 {
1285 try
1286 {
1287 CIMValue retValue = client.invokeMethod(
1288 PEGASUS_NAMESPACENAME_INTERNAL,
1289 reference,
1290 CIMName("register"),
1291 inParams,
1292 outParams);
1293 break;
1294 }
1295 catch(ConnectionTimeoutException&)
1296 {
1297 retries--;
1298 if (retries == 0)
1299 {
1300 throw;
1301 }
1302 marek 1.261 }
1303 }
|
1304 dave.sudlik 1.197
|
1305 kumpf 1.200 Logger::put_l(
1306 Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION,
|
1307 kumpf 1.233 MessageLoaderParms(
1308 "Pegasus.Server.SLP.SLP_REGISTRATION_INITIATED",
1309 "SLP Registration Initiated"));
|
1310 tony 1.134 }
1311
|
1312 dave.sudlik 1.197 catch(Exception& e)
|
1313 tony 1.134 {
|
1314 venkat.puvvada 1.227 #ifdef PEGASUS_SLP_REG_TIMEOUT
|
1315 kumpf 1.233 Logger::put_l(
1316 Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
1317 MessageLoaderParms(
1318 "Pegasus.Server.SLP.EXTERNAL_SLP_REGISTRATION_FAILED_EXCEPTION",
1319 "CIM Server registration with External SLP Failed. "
1320 "Exception: $0",
|
1321 kumpf 1.235 e.getMessage()));
|
1322 venkat.puvvada 1.227 #else
|
1323 kumpf 1.233 Logger::put_l(
1324 Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
1325 MessageLoaderParms(
1326 "Pegasus.Server.SLP.INTERNAL_SLP_REGISTRATION_FAILED_EXCEPTION",
1327 "CIM Server registration with Internal SLP Failed. "
1328 "Exception: $0",
|
1329 kumpf 1.234 e.getMessage()));
|
1330 venkat.puvvada 1.227 #endif
|
1331 tony 1.134 }
|
1332 dave.sudlik 1.197
1333 catch(...)
|
1334 tony 1.134 {
|
1335 venkat.puvvada 1.227 #ifdef PEGASUS_SLP_REG_TIMEOUT
|
1336 kumpf 1.233 Logger::put_l(Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
1337 MessageLoaderParms(
1338 "Pegasus.Server.SLP.EXTERNAL_SLP_REGISTRATION_FAILED_ERROR",
1339 "CIM Server registration with External SLP Failed."));
|
1340 venkat.puvvada 1.227 #else
|
1341 dave.sudlik 1.197 Logger::put_l(Logger::STANDARD_LOG, System::CIMSERVER, Logger::WARNING,
|
1342 kumpf 1.233 MessageLoaderParms(
1343 "Pegasus.Server.SLP.INTERNAL_SLP_REGISTRATION_FAILED_ERROR",
1344 "CIM Server registration with Internal SLP Failed."));
|
1345 venkat.puvvada 1.227 #endif
|
1346 tony 1.134 }
1347
1348 client.disconnect();
1349
|
1350 dave.sudlik 1.197 PEG_METHOD_EXIT();
1351 return( (ThreadReturnType)32 );
1352 }
|
1353 tony 1.134 #endif
1354
|
1355 mike 1.42 PEGASUS_NAMESPACE_END
|