Asterisk - The Open Source Telephony Project GIT-master-3dee037
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Properties Macros Modules Pages
Data Structures | Macros | Enumerations | Functions
common_config.h File Reference
#include <openssl/evp.h>
#include "asterisk.h"
#include "asterisk/paths.h"
#include "asterisk/sorcery.h"
#include "asterisk/stringfields.h"
Include dependency graph for common_config.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  attestation_cfg
 
struct  attestation_cfg_common
 Attestation Service configuration for stir/shaken. More...
 
struct  config_object_cli_data
 
struct  profile_cfg
 Profile configuration for stir/shaken. More...
 
struct  tn_cfg
 TN configuration for stir/shaken. More...
 
struct  verification_cfg
 
struct  verification_cfg_common
 Verification Service configuration for stir/shaken. More...
 

Macros

#define cfg_enum_copy(__cfg_dst, __cfg_src, __field)    cfg_enum_copy_ex(__cfg_dst, __cfg_src, __field, __field ## _NOT_SET, __field ## _UNKNOWN)
 
#define cfg_enum_copy_ex(__cfg_dst, __cfg_src, __field, __not_set, __unknown)
 cfg_enum_copy More...
 
#define cfg_sf_copy_wrapper(id, __cfg_dst, __cfg_src, __field)
 cfg_copy_wrapper More...
 
#define cfg_stringfield_copy(__cfg_dst, __cfg_src, __field)
 Common config copy utilities. More...
 
#define cfg_uint_copy(__cfg_dst, __cfg_src, __field)
 cfg_uint_copy More...
 
#define EFFECTIVE_ENUM(__enum1, __enum2, __field, __default)
 
#define EFFECTIVE_ENUM_BOOL(__enum1, __enum2, __field, __default)
 
#define ENUM_BOOL(__enum1, __field)    (__enum1 == ( __field ## _ ## YES ))
 
#define enum_option_register(sorcery, CONFIG_TYPE, name, nodoc)    enum_option_register_ex(sorcery, CONFIG_TYPE, name, name, name, nodoc)
 
#define enum_option_register_ex(sorcery, CONFIG_TYPE, name, field, function_prefix, nodoc)
 
#define generate_acfg_common_sorcery_handlers(object)
 
#define generate_bool_string_prototypes(param_name)
 Boolean field to/from string prototype generator. More...
 
#define generate_enum_string_prototypes(param_name, ...)
 Enum field to/from string prototype generator. More...
 
#define generate_sorcery_acl_from_str(__struct, __lc_param, __unknown)
 
#define generate_sorcery_acl_to_str(__struct, __lc_param)
 
#define generate_sorcery_enum_from_str(__struct, __substruct, __lc_param, __unknown)    generate_sorcery_enum_from_str_ex(__struct, __substruct, __lc_param, __lc_param, __unknown) \
 
#define generate_sorcery_enum_from_str_ex(__struct, __substruct, __lc_param, __base_enum, __unknown)
 
#define generate_sorcery_enum_to_str(__struct, __substruct, __lc_param)    generate_sorcery_enum_to_str_ex(__struct, __substruct, __lc_param, __lc_param)
 
#define generate_sorcery_enum_to_str_ex(__struct, __substruct, __lc_param, __base_enum)
 Enum sorcery handler generator. More...
 
#define generate_vcfg_common_sorcery_handlers(object)
 
#define PROFILE_ALLOW_ATTEST(__profile)
 
#define PROFILE_ALLOW_VERIFY(__profile)
 
#define register_common_attestation_fields(sorcery, object, CONFIG_TYPE, nodoc)
 
#define register_common_verification_fields(sorcery, object, CONFIG_TYPE, nodoc)
 
#define stringfield_option_register(sorcery, CONFIG_TYPE, object, name, field, nodoc)
 Sorcery fields register helpers. More...
 
#define uint_option_register(sorcery, CONFIG_TYPE, object, name, field, nodoc)
 

Enumerations

enum  config_object_type { config_object_type_attestation = 0 , config_object_type_verification , config_object_type_profile , config_object_type_tn }
 

Functions

void acfg_cleanup (struct attestation_cfg_common *cfg)
 
int as_check_common_config (const char *id, struct attestation_cfg_common *acfg_common)
 
int as_config_load (void)
 
int as_config_reload (void)
 
int as_config_unload (void)
 
int as_copy_cfg_common (const char *id, struct attestation_cfg_common *cfg_dst, struct attestation_cfg_common *cfg_src)
 
struct attestation_cfgas_get_cfg (void)
 
int as_is_config_loaded (void)
 
char * canonicalize_tn (const char *tn, char *dest_tn)
 Canonicalize a TN. More...
 
char * canonicalize_tn_alloc (const char *tn)
 Canonicalize a TN into nre buffer. More...
 
int common_config_load (void)
 
int common_config_reload (void)
 
int common_config_unload (void)
 
int config_object_cli_show (void *obj, void *arg, void *data, int flags)
 Output configuration settings to the Asterisk CLI. More...
 
char * config_object_tab_complete_name (const char *word, struct ao2_container *container)
 Tab completion for name matching with STIR/SHAKEN CLI commands. More...
 
struct ao2_containereprofile_get_all (void)
 
struct profile_cfgeprofile_get_cfg (const char *id)
 
 generate_bool_string_prototypes (check_tn_cert_public_url)
 
 generate_bool_string_prototypes (load_system_certs)
 
 generate_bool_string_prototypes (relax_x5u_path_restrictions)
 
 generate_bool_string_prototypes (relax_x5u_port_scheme_restrictions)
 
 generate_bool_string_prototypes (send_mky)
 
 generate_bool_string_prototypes (use_rfc9410_responses)
 
 generate_enum_string_prototypes (attest_level, attest_level_UNKNOWN=-1, attest_level_NOT_SET=0, attest_level_A, attest_level_B, attest_level_C,)
 
 generate_enum_string_prototypes (endpoint_behavior, endpoint_behavior_UNKNOWN=-1, endpoint_behavior_OFF=0, endpoint_behavior_ATTEST, endpoint_behavior_VERIFY, endpoint_behavior_ON, endpoint_behavior_NOT_SET)
 
struct ast_acl_listget_default_acl_list (void)
 
struct ao2_containerprofile_get_all (void)
 
struct profile_cfgprofile_get_cfg (const char *id)
 
int profile_load (void)
 
int profile_reload (void)
 
int profile_unload (void)
 
enum stir_shaken_failure_action_enum stir_shaken_failure_action_from_str (const char *action_str)
 
const char * stir_shaken_failure_action_to_str (enum stir_shaken_failure_action_enum action)
 
int tn_config_load (void)
 
int tn_config_reload (void)
 
int tn_config_unload (void)
 
struct tn_cfgtn_get_cfg (const char *tn)
 
struct tn_cfgtn_get_etn (const char *tn, struct profile_cfg *eprofile)
 
enum attest_level_enum unknown_tn_attest_level_from_str (const char *value)
 
const char * unknown_tn_attest_level_to_str (enum attest_level_enum value)
 
void vcfg_cleanup (struct verification_cfg_common *cfg)
 
int vs_check_common_config (const char *id, struct verification_cfg_common *vcfg_common)
 
int vs_config_load (void)
 
int vs_config_reload (void)
 
int vs_config_unload (void)
 
int vs_copy_cfg_common (const char *id, struct verification_cfg_common *cfg_dst, struct verification_cfg_common *cfg_src)
 
struct verification_cfgvs_get_cfg (void)
 
int vs_is_config_loaded (void)
 

Macro Definition Documentation

◆ cfg_enum_copy

#define cfg_enum_copy (   __cfg_dst,
  __cfg_src,
  __field 
)     cfg_enum_copy_ex(__cfg_dst, __cfg_src, __field, __field ## _NOT_SET, __field ## _UNKNOWN)

Definition at line 283 of file common_config.h.

◆ cfg_enum_copy_ex

#define cfg_enum_copy_ex (   __cfg_dst,
  __cfg_src,
  __field,
  __not_set,
  __unknown 
)

cfg_enum_copy

Copy an enum from the source to the dest only if the source is neither NOT_SET nor UNKNOWN

Definition at line 275 of file common_config.h.

◆ cfg_sf_copy_wrapper

#define cfg_sf_copy_wrapper (   id,
  __cfg_dst,
  __cfg_src,
  __field 
)

cfg_copy_wrapper

Invoke cfg_stringfield_copy and cause the calling runction to return a -1 of the copy fails.

Definition at line 246 of file common_config.h.

◆ cfg_stringfield_copy

#define cfg_stringfield_copy (   __cfg_dst,
  __cfg_src,
  __field 
)

Common config copy utilities.

These macros are designed to be called from as_copy_cfg_common and vs_copy_cfg_common only. They'll only copy a field if the field contains a vaild value. Thus a NOT_SET value in the source won't override a pre-existing good value in the dest. A good value in the source WILL overwrite a good value in the dest.

Definition at line 231 of file common_config.h.

◆ cfg_uint_copy

#define cfg_uint_copy (   __cfg_dst,
  __cfg_src,
  __field 
)
Value:
({ \
if (__cfg_src->__field > 0) { \
__cfg_dst->__field = __cfg_src->__field; \
} \
})

cfg_uint_copy

Copy a uint from the source to the dest only if the source > 0. For stir-shaken, 0 isn't a valid value for any uint fields.

Definition at line 262 of file common_config.h.

◆ EFFECTIVE_ENUM

#define EFFECTIVE_ENUM (   __enum1,
  __enum2,
  __field,
  __default 
)
Value:
( __enum1 != ( __field ## _ ## NOT_SET ) ? __enum1 : \
(__enum2 != __field ## _ ## NOT_SET ? \
__enum2 : __default ))
#define _(msgid)

Definition at line 208 of file common_config.h.

◆ EFFECTIVE_ENUM_BOOL

#define EFFECTIVE_ENUM_BOOL (   __enum1,
  __enum2,
  __field,
  __default 
)
Value:
(( __enum1 != ( __field ## _ ## NOT_SET ) ? __enum1 : \
(__enum2 != __field ## _ ## NOT_SET ? \
__enum2 : __field ## _ ## __default )) == __field ## _ ## YES)

Definition at line 213 of file common_config.h.

◆ ENUM_BOOL

#define ENUM_BOOL (   __enum1,
  __field 
)     (__enum1 == ( __field ## _ ## YES ))

Definition at line 218 of file common_config.h.

◆ enum_option_register

#define enum_option_register (   sorcery,
  CONFIG_TYPE,
  name,
  nodoc 
)     enum_option_register_ex(sorcery, CONFIG_TYPE, name, name, name, nodoc)

Definition at line 509 of file common_config.h.

◆ enum_option_register_ex

#define enum_option_register_ex (   sorcery,
  CONFIG_TYPE,
  name,
  field,
  function_prefix,
  nodoc 
)
Value:
#name, function_prefix ## _to_str(DEFAULT_ ## field), \
sorcery_ ## field ## _from_str, sorcery_ ## field ## _to_str, NULL, 0, 0)
#define CONFIG_TYPE
static const char name[]
Definition: format_mp3.c:68
static struct ast_sorcery * sorcery
#define NULL
Definition: resample.c:96
#define ast_sorcery_object_field_register_custom(sorcery, type, name, default_val, config_handler, sorcery_handler, multiple_handler, flags,...)
Register a field within an object with custom handlers.
Definition: sorcery.h:1005

Definition at line 504 of file common_config.h.

◆ generate_acfg_common_sorcery_handlers

#define generate_acfg_common_sorcery_handlers (   object)

Definition at line 304 of file common_config.h.

◆ generate_bool_string_prototypes

#define generate_bool_string_prototypes (   param_name)

Boolean field to/from string prototype generator.

Most of the boolean fields that appear in the verification and attestation objects can be ovrridden in the profile object; "use_rfc9410_responses" for instance. If they were registered as normal YESNO types, we couldn't tell if a "0" value in the profile object meant the user set it to "no" to override a value of "yes" in the verification object, or it just defaulted to "0". By making the _NOT_SET enum a non-0/1 and making it the default value, we can tell the difference. The _UNKNOWN enum gets set if the string value provided to the _from_str function wasn't recognized as one of the values acceptable to ast_true() or ast_false().

The result of calling the generator for a field will look like:

enum use_rfc9410_responses_enum {
use_rfc9410_responses_UNKNOWN = -1,
use_rfc9410_responses_NO = 0,
use_rfc9410_responses_YES,
use_rfc9410_responses_NOT_SET,
};
enum use_rfc9410_responses_enum
use_rfc9410_responses_from_str(const char *value);
const char *use_rfc9410_responses_to_str(enum use_rfc9410_responses_enum value);
int value
Definition: syslog.c:37

Most of the macros that follow depend on enum values formatted as <param_name>SOMETHING and their defaults as DEFAULT<param_name>.

Definition at line 60 of file common_config.h.

◆ generate_enum_string_prototypes

#define generate_enum_string_prototypes (   param_name,
  ... 
)

Enum field to/from string prototype generator.

This operates like the bool generator except you supply a list of the enum values. The first one MUST be param_name_UNKNOWN with a value of -1 and the rest running sequentially with the last being param_name_NOT_SET.

Definition at line 94 of file common_config.h.

◆ generate_sorcery_acl_from_str

#define generate_sorcery_acl_from_str (   __struct,
  __lc_param,
  __unknown 
)

Definition at line 192 of file common_config.h.

◆ generate_sorcery_acl_to_str

#define generate_sorcery_acl_to_str (   __struct,
  __lc_param 
)

Definition at line 173 of file common_config.h.

◆ generate_sorcery_enum_from_str

#define generate_sorcery_enum_from_str (   __struct,
  __substruct,
  __lc_param,
  __unknown 
)     generate_sorcery_enum_from_str_ex(__struct, __substruct, __lc_param, __lc_param, __unknown) \

Definition at line 169 of file common_config.h.

◆ generate_sorcery_enum_from_str_ex

#define generate_sorcery_enum_from_str_ex (   __struct,
  __substruct,
  __lc_param,
  __base_enum,
  __unknown 
)

Definition at line 156 of file common_config.h.

◆ generate_sorcery_enum_to_str

#define generate_sorcery_enum_to_str (   __struct,
  __substruct,
  __lc_param 
)     generate_sorcery_enum_to_str_ex(__struct, __substruct, __lc_param, __lc_param)

Definition at line 153 of file common_config.h.

◆ generate_sorcery_enum_to_str_ex

#define generate_sorcery_enum_to_str_ex (   __struct,
  __substruct,
  __lc_param,
  __base_enum 
)

Enum sorcery handler generator.

These macros can create the two functions needed to register an enum field with sorcery as long as there are _to_str and _from_str functions defined elsewhere.

Definition at line 145 of file common_config.h.

◆ generate_vcfg_common_sorcery_handlers

#define generate_vcfg_common_sorcery_handlers (   object)

Definition at line 373 of file common_config.h.

◆ PROFILE_ALLOW_ATTEST

#define PROFILE_ALLOW_ATTEST (   __profile)
Value:
(__profile->endpoint_behavior == endpoint_behavior_ON || \
__profile->endpoint_behavior == endpoint_behavior_ATTEST)

Definition at line 441 of file common_config.h.

◆ PROFILE_ALLOW_VERIFY

#define PROFILE_ALLOW_VERIFY (   __profile)
Value:
(__profile->endpoint_behavior == endpoint_behavior_ON || \
__profile->endpoint_behavior == endpoint_behavior_VERIFY)

Definition at line 445 of file common_config.h.

◆ register_common_attestation_fields

#define register_common_attestation_fields (   sorcery,
  object,
  CONFIG_TYPE,
  nodoc 
)

Definition at line 542 of file common_config.h.

◆ register_common_verification_fields

#define register_common_verification_fields (   sorcery,
  object,
  CONFIG_TYPE,
  nodoc 
)

Definition at line 512 of file common_config.h.

◆ stringfield_option_register

#define stringfield_option_register (   sorcery,
  CONFIG_TYPE,
  object,
  name,
  field,
  nodoc 
)
Value:
DEFAULT_ ## name, OPT_STRINGFIELD_T, 0, \
STRFLDSET(struct object, field))
#define STRFLDSET(type,...)
Convert a struct and a list of stringfield fields to an argument list of field offsets.
@ OPT_STRINGFIELD_T
Type for default option handler for stringfields.
#define ast_sorcery_object_field_register(sorcery, type, name, default_val, opt_type, flags,...)
Register a field within an object.
Definition: sorcery.h:955

Sorcery fields register helpers.

Most of the fields on attestation_cfg and verification_cfg are also in profile_cfg. To prevent having to maintain duplicate sets of sorcery register statements, we can do this once here and call register_common_verification_fields() from both profile_config and verification_config and call register_common_attestation_fields() from profile_cfg and attestation_config.

Most of the fields in question are in sub-structures like verification_cfg.vcfg_common which is why there are separate name and field parameters. For verification_cfg.vcfg_common.ca_file for instance, name would be ca_file and field would be vcfg_common.ca_file.

Note
These macros depend on default values being defined in the 4 config.c files as DEFAULT<field_name>.

Definition at line 494 of file common_config.h.

◆ uint_option_register

#define uint_option_register (   sorcery,
  CONFIG_TYPE,
  object,
  name,
  field,
  nodoc 
)
Value:
__stringify(DEFAULT_ ## name), OPT_UINT_T, 0, \
FLDSET(struct object, field))
#define __stringify(x)
Definition: asterisk.h:216
#define FLDSET(type,...)
Convert a struct and list of fields to an argument list of field offsets.
@ OPT_UINT_T
Type for default option handler for unsigned integers.

Definition at line 499 of file common_config.h.

Enumeration Type Documentation

◆ config_object_type

Enumerator
config_object_type_attestation 
config_object_type_verification 
config_object_type_profile 
config_object_type_tn 

Definition at line 555 of file common_config.h.

555 {
560};
@ config_object_type_attestation
@ config_object_type_tn
@ config_object_type_profile
@ config_object_type_verification

Function Documentation

◆ acfg_cleanup()

void acfg_cleanup ( struct attestation_cfg_common cfg)

Definition at line 68 of file attestation_config.c.

69{
70 if (!acfg_common) {
71 return;
72 }
74 ao2_cleanup(acfg_common->raw_key);
75}
#define ao2_cleanup(obj)
Definition: astobj2.h:1934
#define ast_string_field_free_memory(x)
free all memory - to be called before destroying the object
Definition: stringfields.h:374

References attestation_cfg::acfg_common, ao2_cleanup, ast_string_field_free_memory, and attestation_cfg_common::raw_key.

Referenced by attestation_destructor(), profile_destructor(), and tn_destructor().

◆ as_check_common_config()

int as_check_common_config ( const char *  id,
struct attestation_cfg_common acfg_common 
)

Definition at line 139 of file attestation_config.c.

140{
141 SCOPE_ENTER(3, "%s: Checking common config\n", id);
142
143 if (!ast_strlen_zero(acfg_common->private_key_file)
144 && !ast_file_is_readable(acfg_common->private_key_file)) {
145 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: default_private_key_path %s is missing or not readable\n", id,
146 acfg_common->private_key_file);
147 }
148
149 if (ENUM_BOOL(acfg_common->check_tn_cert_public_url,
150 check_tn_cert_public_url)
151 && !ast_strlen_zero(acfg_common->public_cert_url)) {
152 RAII_VAR(char *, public_cert_data, NULL, ast_std_free);
153 X509 *public_cert;
154 size_t public_cert_len;
155 int rc = 0;
156 long http_code;
157 SCOPE_ENTER(3 , "%s: Checking public cert url '%s'\n",
158 id, acfg_common->public_cert_url);
159
160 http_code = curl_download_to_memory(acfg_common->public_cert_url,
161 &public_cert_len, &public_cert_data, NULL);
162 if (http_code / 100 != 2) {
163 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: public_cert '%s' could not be downloaded\n", id,
164 acfg_common->public_cert_url);
165 }
166
167 public_cert = crypto_load_cert_from_memory(public_cert_data,
168 public_cert_len);
169 if (!public_cert) {
170 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: public_cert '%s' could not be parsed as a certificate\n", id,
171 acfg_common->public_cert_url);
172 }
173 rc = crypto_is_cert_time_valid(public_cert, 0);
174 X509_free(public_cert);
175 if (!rc) {
176 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: public_cert '%s' is not valid yet or has expired\n", id,
177 acfg_common->public_cert_url);
178 }
179
180 rc = crypto_has_private_key_from_memory(public_cert_data, public_cert_len);
181 if (rc) {
182 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: DANGER!!! public_cert_url '%s' has a private key in the file!!!\n", id,
183 acfg_common->public_cert_url);
184 }
185 SCOPE_EXIT("%s: Done\n", id);
186 }
187
188 if (!ast_strlen_zero(acfg_common->private_key_file)) {
189 EVP_PKEY *private_key;
190 RAII_VAR(unsigned char *, raw_key, NULL, ast_free);
191
192 private_key = crypto_load_privkey_from_file(acfg_common->private_key_file);
193 if (!private_key) {
194 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: Could not extract raw private key from file '%s'\n", id,
195 acfg_common->private_key_file);
196 }
197
198 acfg_common->raw_key_length = crypto_extract_raw_privkey(private_key, &raw_key);
199 EVP_PKEY_free(private_key);
200 if (acfg_common->raw_key_length == 0 || raw_key == NULL) {
201 SCOPE_EXIT_LOG_RTN_VALUE(-1, LOG_ERROR, "%s: Could not extract raw private key from file '%s'\n", id,
202 acfg_common->private_key_file);
203 }
204
205 /*
206 * We're making this an ao2 object so it can be referenced
207 * by a profile instead of having to copy it.
208 */
209 acfg_common->raw_key = ao2_alloc(acfg_common->raw_key_length, NULL);
210 if (!acfg_common->raw_key) {
212 "%s: Could not allocate memory for raw private key\n", id);
213 }
214 memcpy(acfg_common->raw_key, raw_key, acfg_common->raw_key_length);
215
216 }
217
218 SCOPE_EXIT_RTN_VALUE(0, "%s: Done\n", id);
219}
void ast_std_free(void *ptr)
Definition: astmm.c:1734
#define ast_free(a)
Definition: astmm.h:180
#define ao2_alloc(data_size, destructor_fn)
Definition: astobj2.h:409
#define ENUM_BOOL(__enum1, __field)
X509 * crypto_load_cert_from_memory(const char *buffer, size_t size)
Load an X509 Cert from a NULL terminated buffer.
Definition: crypto_utils.c:213
EVP_PKEY * crypto_load_privkey_from_file(const char *filename)
Load a private key from a file.
Definition: crypto_utils.c:141
int crypto_extract_raw_privkey(EVP_PKEY *key, unsigned char **buffer)
Extract raw private key from EVP_PKEY.
Definition: crypto_utils.c:320
int crypto_is_cert_time_valid(X509 *cert, time_t reftime)
Check if the reftime is within the cert's valid dates.
Definition: crypto_utils.c:721
int crypto_has_private_key_from_memory(const char *buffer, size_t size)
Check if the supplied buffer has a private key.
Definition: crypto_utils.c:266
#define SCOPE_EXIT_RTN_VALUE(__return_value,...)
#define SCOPE_EXIT_LOG_RTN_VALUE(__value, __log_level,...)
#define SCOPE_ENTER(level,...)
#define SCOPE_EXIT(...)
long curl_download_to_memory(const char *url, size_t *returned_length, char **returned_data, struct ast_variable **headers)
Really simple document retrieval to memory.
Definition: curl_utils.c:300
#define LOG_ERROR
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition: strings.h:65
enum check_tn_cert_public_url_enum check_tn_cert_public_url
unsigned char * raw_key
const ast_string_field public_cert_url
const ast_string_field private_key_file
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
Definition: utils.h:941
int ast_file_is_readable(const char *filename)
Test that a file exists and is readable by the effective user.
Definition: utils.c:3107

References attestation_cfg::acfg_common, ao2_alloc, ast_file_is_readable(), ast_free, ast_std_free(), ast_strlen_zero(), attestation_cfg_common::check_tn_cert_public_url, crypto_extract_raw_privkey(), crypto_has_private_key_from_memory(), crypto_is_cert_time_valid(), crypto_load_cert_from_memory(), crypto_load_privkey_from_file(), curl_download_to_memory(), ENUM_BOOL, LOG_ERROR, NULL, attestation_cfg_common::private_key_file, attestation_cfg_common::public_cert_url, RAII_VAR, attestation_cfg_common::raw_key, attestation_cfg_common::raw_key_length, SCOPE_ENTER, SCOPE_EXIT, SCOPE_EXIT_LOG_RTN_VALUE, and SCOPE_EXIT_RTN_VALUE.

Referenced by attestation_apply(), profile_apply(), and tn_apply().

◆ as_config_load()

int as_config_load ( void  )

Definition at line 300 of file attestation_config.c.

301{
302 struct ast_sorcery *sorcery = get_sorcery();
303
305 "stir_shaken.conf,criteria=type=" CONFIG_TYPE ",single_object=yes,explicit_name=" CONFIG_TYPE);
306
309 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
310 return -1;
311 }
312
314 "", OPT_NOOP_T, 0, 0);
315
317 DEFAULT_global_disable ? "yes" : "no",
318 OPT_YESNO_T, 1, FLDSET(struct attestation_cfg, global_disable));
319
320 enum_option_register_ex(sorcery, CONFIG_TYPE, unknown_tn_attest_level,
321 unknown_tn_attest_level, attest_level,);
322
324
326
327 if (!as_is_config_loaded()) {
328 ast_log(LOG_WARNING,"Stir/Shaken attestation service disabled. Either there were errors in the 'attestation' object in stir_shaken.conf or it was missing altogether.\n");
329 }
330 if (!empty_cfg) {
332 if (!empty_cfg) {
333 return -1;
334 }
336 }
337
340
341 return 0;
342}
#define ast_log
Definition: astobj2.c:42
static struct ast_cli_entry attestation_cli[]
static struct attestation_cfg * empty_cfg
#define DEFAULT_global_disable
int as_is_config_loaded(void)
static void * attestation_alloc(const char *name)
static int attestation_apply(const struct ast_sorcery *sorcery, void *obj)
#define ast_cli_register_multiple(e, len)
Register multiple commands.
Definition: cli.h:265
struct ast_sorcery * get_sorcery(void)
Retrieve the stir/shaken sorcery context.
Definition: common_config.c:34
#define register_common_attestation_fields(sorcery, object, CONFIG_TYPE, nodoc)
#define enum_option_register_ex(sorcery, CONFIG_TYPE, name, field, function_prefix, nodoc)
@ OPT_NOOP_T
Type for a default handler that should do nothing.
@ OPT_YESNO_T
Type for default option handler for bools (ast_true/ast_false)
#define LOG_WARNING
#define ast_sorcery_object_field_register_nodoc(sorcery, type, name, default_val, opt_type, flags,...)
Register a field within an object without documentation.
Definition: sorcery.h:987
#define ast_sorcery_object_register(sorcery, type, alloc, transform, apply)
Register an object type.
Definition: sorcery.h:837
void ast_sorcery_load_object(const struct ast_sorcery *sorcery, const char *type)
Inform any wizards of a specific object type to load persistent objects.
Definition: sorcery.c:1393
#define ast_sorcery_apply_default(sorcery, type, name, data)
Definition: sorcery.h:476
Full structure for sorcery.
Definition: sorcery.c:230
#define ARRAY_LEN(a)
Definition: utils.h:666

References ARRAY_LEN, as_is_config_loaded(), ast_cli_register_multiple, ast_log, ast_sorcery_apply_default, ast_sorcery_load_object(), ast_sorcery_object_field_register, ast_sorcery_object_field_register_nodoc, ast_sorcery_object_register, attestation_alloc(), attestation_apply(), attestation_cli, CONFIG_TYPE, DEFAULT_global_disable, empty_cfg, enum_option_register_ex, FLDSET, get_sorcery(), attestation_cfg::global_disable, LOG_ERROR, LOG_WARNING, NULL, OPT_NOOP_T, OPT_YESNO_T, register_common_attestation_fields, and sorcery.

Referenced by as_load().

◆ as_config_reload()

int as_config_reload ( void  )

Definition at line 272 of file attestation_config.c.

273{
274 struct ast_sorcery *sorcery = get_sorcery();
276
277 if (!as_is_config_loaded()) {
278 ast_log(LOG_WARNING,"Stir/Shaken attestation service disabled. Either there were errors in the 'attestation' object in stir_shaken.conf or it was missing altogether.\n");
279 }
280 if (!empty_cfg) {
282 if (!empty_cfg) {
283 return -1;
284 }
286 }
287
288 return 0;
289}
void ast_sorcery_force_reload_object(const struct ast_sorcery *sorcery, const char *type)
Inform any wizards of a specific object type to reload persistent objects even if no changes determin...
Definition: sorcery.c:1457

References as_is_config_loaded(), ast_log, ast_sorcery_force_reload_object(), attestation_alloc(), CONFIG_TYPE, empty_cfg, get_sorcery(), attestation_cfg::global_disable, LOG_WARNING, and sorcery.

Referenced by as_reload().

◆ as_config_unload()

int as_config_unload ( void  )

Definition at line 291 of file attestation_config.c.

292{
296
297 return 0;
298}
int ast_cli_unregister_multiple(struct ast_cli_entry *e, int len)
Unregister multiple commands.
Definition: clicompat.c:30

References ao2_cleanup, ARRAY_LEN, ast_cli_unregister_multiple(), attestation_cli, and empty_cfg.

Referenced by as_unload().

◆ as_copy_cfg_common()

int as_copy_cfg_common ( const char *  id,
struct attestation_cfg_common cfg_dst,
struct attestation_cfg_common cfg_src 
)

Definition at line 113 of file attestation_config.c.

115{
116 int rc = 0;
117
118 if (!cfg_dst || !cfg_src) {
119 return -1;
120 }
121
122 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, private_key_file);
123 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, public_cert_url);
124
125 cfg_enum_copy(cfg_dst, cfg_src, attest_level);
126 cfg_enum_copy(cfg_dst, cfg_src, check_tn_cert_public_url);
127 cfg_enum_copy(cfg_dst, cfg_src, send_mky);
128
129 if (cfg_src->raw_key) {
130 /* Free and overwrite the destination */
131 ao2_cleanup(cfg_dst->raw_key);
132 cfg_dst->raw_key = ao2_bump(cfg_src->raw_key);
133 cfg_dst->raw_key_length = cfg_src->raw_key_length;
134 }
135
136 return rc;
137}
#define ao2_bump(obj)
Bump refcount on an AO2 object by one, returning the object.
Definition: astobj2.h:480
#define cfg_sf_copy_wrapper(id, __cfg_dst, __cfg_src, __field)
cfg_copy_wrapper
#define cfg_enum_copy(__cfg_dst, __cfg_src, __field)

References ao2_bump, ao2_cleanup, cfg_enum_copy, cfg_sf_copy_wrapper, attestation_cfg_common::raw_key, and attestation_cfg_common::raw_key_length.

Referenced by create_effective_profile(), and tn_get_etn().

◆ as_get_cfg()

struct attestation_cfg * as_get_cfg ( void  )

Definition at line 43 of file attestation_config.c.

44{
47 if (cfg) {
48 return cfg;
49 }
50
51 return empty_cfg ? ao2_bump(empty_cfg) : NULL;
52}
void * ast_sorcery_retrieve_by_id(const struct ast_sorcery *sorcery, const char *type, const char *id)
Retrieve an object using its unique identifier.
Definition: sorcery.c:1853

References ao2_bump, ast_sorcery_retrieve_by_id(), CONFIG_TYPE, empty_cfg, get_sorcery(), and NULL.

Referenced by ast_stir_shaken_as_ctx_create(), attestation_show(), and create_effective_profile().

◆ as_is_config_loaded()

int as_is_config_loaded ( void  )

◆ canonicalize_tn()

char * canonicalize_tn ( const char *  tn,
char *  dest_tn 
)

Canonicalize a TN.

Parameters
tnTN to canonicalize
dest_tnPointer to destination buffer to receive the new TN
Return values
dest_tnor NULL on failure

Definition at line 266 of file common_config.c.

267{
268 int i;
269 const char *s = tn;
270 size_t len = tn ? strlen(tn) : 0;
271 char *new_tn = dest_tn;
272 SCOPE_ENTER(3, "tn: %s\n", S_OR(tn, "(null)"));
273
274 if (ast_strlen_zero(tn)) {
275 *dest_tn = '\0';
276 SCOPE_EXIT_RTN_VALUE(NULL, "Empty TN\n");
277 }
278
279 if (!dest_tn) {
280 SCOPE_EXIT_RTN_VALUE(NULL, "No destination buffer\n");
281 }
282
283 for (i = 0; i < len; i++) {
284 if (isdigit(*s) || *s == '#' || *s == '*') { /* Only characters allowed */
285 *new_tn++ = *s;
286 }
287 s++;
288 }
289 *new_tn = '\0';
290 SCOPE_EXIT_RTN_VALUE(dest_tn, "Canonicalized '%s' -> '%s'\n", tn, dest_tn);
291}
static int len(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t buflen)
#define S_OR(a, b)
returns the equivalent of logic or for strings: first one if not empty, otherwise second one.
Definition: strings.h:80

References ast_strlen_zero(), len(), NULL, S_OR, SCOPE_ENTER, and SCOPE_EXIT_RTN_VALUE.

Referenced by canonicalize_tn_alloc().

◆ canonicalize_tn_alloc()

char * canonicalize_tn_alloc ( const char *  tn)

Canonicalize a TN into nre buffer.

Parameters
tnTN to canonicalize
Return values
dest_tn(which must be freed with ast_free) or NULL on failure

Definition at line 293 of file common_config.c.

294{
295 char *canon_tn = ast_strlen_zero(tn) ? NULL : ast_malloc(strlen(tn) + 1);
296 if (!canon_tn) {
297 return NULL;
298 }
299 return canonicalize_tn(tn, canon_tn);
300}
#define ast_malloc(len)
A wrapper for malloc()
Definition: astmm.h:191
char * canonicalize_tn(const char *tn, char *dest_tn)
Canonicalize a TN.

References ast_malloc, ast_strlen_zero(), canonicalize_tn(), and NULL.

Referenced by ast_stir_shaken_as_ctx_create(), and ast_stir_shaken_vs_ctx_create().

◆ common_config_load()

int common_config_load ( void  )

Definition at line 420 of file common_config.c.

421{
422 SCOPE_ENTER(2, "Stir Shaken Load\n");
423
424 if (!(sorcery = ast_sorcery_open())) {
426 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken sorcery load failed\n");
427 }
428
429 if (vs_load()) {
431 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken VS load failed\n");
432 }
433
434 if (as_load()) {
436 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken AS load failed\n");
437 }
438
439 if (tn_config_load()) {
441 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken TN load failed\n");
442 }
443
444 if (profile_load()) {
446 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken profile load failed\n");
447 }
448
454 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken acl change subscribe failed\n");
455 }
458 }
459
461
462 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_SUCCESS, "Stir Shaken Load Done\n");
463}
struct stasis_message_type * ast_named_acl_change_type(void)
a stasis_message_type for changes against a named ACL or the set of all named ACLs
int as_load()
Load the stir/shaken attestation service.
Definition: attestation.c:440
int common_config_unload(void)
static struct ast_cli_entry cli_commands[]
struct stasis_subscription * named_acl_changed_sub
Definition: common_config.c:32
static void named_acl_changed_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
static struct ast_sorcery * sorcery
Definition: common_config.c:31
int profile_load(void)
int tn_config_load(void)
Definition: tn_config.c:268
@ AST_MODULE_LOAD_SUCCESS
Definition: module.h:70
@ AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
Definition: module.h:78
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
#define ast_sorcery_open()
Open a new sorcery structure.
Definition: sorcery.h:406
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
Definition: stasis.c:1024
#define stasis_subscribe(topic, callback, data)
Definition: stasis.h:649
int vs_load()
Load the stir/shaken verification service.

References ARRAY_LEN, as_load(), ast_cli_register_multiple, AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_named_acl_change_type(), ast_security_topic(), ast_sorcery_open, cli_commands, common_config_unload(), named_acl_changed_cb(), named_acl_changed_sub, NULL, profile_load(), SCOPE_ENTER, SCOPE_EXIT_RTN_VALUE, sorcery, stasis_subscribe, stasis_subscription_accept_message_type(), tn_config_load(), and vs_load().

Referenced by load_module().

◆ common_config_reload()

int common_config_reload ( void  )

Definition at line 369 of file common_config.c.

370{
371 SCOPE_ENTER(2, "Stir Shaken Reload\n");
372 if (vs_reload()) {
373 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken VS Reload failed\n");
374 }
375
376 if (as_reload()) {
377 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken AS Reload failed\n");
378 }
379
380 if (tn_config_reload()) {
381 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken TN Reload failed\n");
382 }
383
384 if (profile_reload()) {
385 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken Profile Reload failed\n");
386 }
387
388 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_SUCCESS, "Stir Shaken Reload Done\n");
389}
int as_reload()
Load the stir/shaken attestation service.
Definition: attestation.c:427
int tn_config_reload(void)
Definition: tn_config.c:253
int profile_reload(void)
int vs_reload()
Reload the stir/shaken verification service.

References as_reload(), AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, profile_reload(), SCOPE_ENTER, SCOPE_EXIT_RTN_VALUE, tn_config_reload(), and vs_reload().

Referenced by named_acl_changed_cb(), and reload_module().

◆ common_config_unload()

int common_config_unload ( void  )

Definition at line 391 of file common_config.c.

392{
394
397 as_unload();
398 vs_unload();
399
403 }
405 sorcery = NULL;
406
407 return 0;
408}
int as_unload()
Load the stir/shaken attestation service.
Definition: attestation.c:434
int profile_unload(void)
int tn_config_unload(void)
Definition: tn_config.c:260
#define ast_sorcery_unref(sorcery)
Decrease the reference count of a sorcery structure.
Definition: sorcery.h:1500
struct stasis_subscription * stasis_unsubscribe(struct stasis_subscription *subscription)
Cancel a subscription.
Definition: stasis.c:972
int vs_unload()
Unload the stir/shaken verification service.

References ARRAY_LEN, as_unload(), ast_cli_unregister_multiple(), ast_sorcery_unref, cli_commands, named_acl_changed_sub, NULL, profile_unload(), sorcery, stasis_unsubscribe(), tn_config_unload(), and vs_unload().

Referenced by common_config_load(), and unload_module().

◆ config_object_cli_show()

int config_object_cli_show ( void *  obj,
void *  arg,
void *  data,
int  flags 
)

Output configuration settings to the Asterisk CLI.

Parameters
objA sorcery object containing configuration data
argAsterisk CLI argument object
flagsao2 container flags
Return values
0

Definition at line 172 of file common_config.c.

173{
174 struct ast_cli_args *a = arg;
175 struct config_object_cli_data *cli_data = data;
176 struct ast_variable *options;
177 struct ast_variable *i;
178 const char *title = NULL;
179 const char *cfg_name = NULL;
180 int max_name_len = 0;
181
182 if (!obj) {
183 ast_cli(a->fd, "No stir/shaken configuration found\n");
184 return 0;
185 }
186
187 if (!ast_strlen_zero(cli_data->title)) {
188 title = cli_data->title;
189 } else {
190 title = ast_sorcery_object_get_type(obj);
191 }
192 max_name_len = strlen(title);
193
195 || cli_data->object_type == config_object_type_tn) {
196 cfg_name = ast_sorcery_object_get_id(obj);
197 max_name_len += strlen(cfg_name) + 2 /* ": " */;
198 }
199
202 if (!options) {
203 return 0;
204 }
205
206 for (i = options; i; i = i->next) {
207 int nlen = strlen(i->name);
208 max_name_len = (nlen > max_name_len) ? nlen : max_name_len;
209 }
210
211 ast_cli(a->fd, "\n==============================================================================\n");
212 if (ast_strlen_zero(cfg_name)) {
213 ast_cli(a->fd, "%s\n", title);
214 } else {
215 ast_cli(a->fd, "%s: %s\n", title, cfg_name);
216 }
217 ast_cli(a->fd, "------------------------------------------------------------------------------\n");
218
219 for (i = options; i; i = i->next) {
220 if (!ast_strings_equal(i->name, "x5u_acl")) {
221 ast_cli(a->fd, "%-*s: %s\n", max_name_len, i->name,
223 }
224 }
225
227
228 if (cli_data->object_type == config_object_type_profile) {
229 struct profile_cfg *cfg = obj;
230 print_acl_cert_store(cfg, a, max_name_len);
231 } else if (cli_data->object_type == config_object_type_verification) {
232 struct verification_cfg *cfg = obj;
233 print_acl_cert_store(cfg, a, max_name_len);
234 }
235 ast_cli(a->fd, "---------------------------------------------\n\n"); \
236
237 return 0;
238}
void ast_cli(int fd, const char *fmt,...)
Definition: clicompat.c:6
static const char * translate_value(const char *val)
#define print_acl_cert_store(cfg, a, max_name_len)
struct ast_variable * ast_variable_list_sort(struct ast_variable *head)
Performs an in-place sort on the variable list by ascending name.
Definition: main/config.c:621
void ast_variables_destroy(struct ast_variable *var)
Free variable list.
Definition: extconf.c:1262
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
Definition: sorcery.c:2317
const char * ast_sorcery_object_get_type(const void *object)
Get the type of a sorcery object.
Definition: sorcery.c:2329
@ AST_HANDLER_ONLY_STRING
Use string handler only.
Definition: sorcery.h:137
struct ast_variable * ast_sorcery_objectset_create2(const struct ast_sorcery *sorcery, const void *object, enum ast_sorcery_field_handler_flags flags)
Create an object set (KVP list) for an object.
Definition: sorcery.c:1511
int ast_strings_equal(const char *str1, const char *str2)
Compare strings for equality checking for NULL.
Definition: strings.c:238
Structure for variables, used for configurations and for channel variables.
struct ast_variable * next
enum config_object_type object_type
Profile configuration for stir/shaken.
static struct test_options options
static struct test_val a

References a, ast_cli(), AST_HANDLER_ONLY_STRING, ast_sorcery_object_get_id(), ast_sorcery_object_get_type(), ast_sorcery_objectset_create2(), ast_strings_equal(), ast_strlen_zero(), ast_variable_list_sort(), ast_variables_destroy(), config_object_type_profile, config_object_type_tn, config_object_type_verification, get_sorcery(), ast_variable::name, ast_variable::next, NULL, config_object_cli_data::object_type, options, print_acl_cert_store, config_object_cli_data::title, translate_value(), and ast_variable::value.

Referenced by attestation_show(), cli_eprofile_show(), cli_eprofile_show_all(), cli_profile_show(), cli_profile_show_all(), cli_tn_show(), cli_tn_show_all(), and cli_verification_show().

◆ config_object_tab_complete_name()

char * config_object_tab_complete_name ( const char *  word,
struct ao2_container container 
)

Tab completion for name matching with STIR/SHAKEN CLI commands.

Parameters
wordThe word to tab complete on
containerThe sorcery container to iterate through
Return values
Thetab completion options

Definition at line 240 of file common_config.c.

241{
242 void *obj;
243 struct ao2_iterator it;
244 int wordlen = strlen(word);
245 int ret;
246
248 while ((obj = ao2_iterator_next(&it))) {
249 if (!strncasecmp(word, ast_sorcery_object_get_id(obj), wordlen)) {
251 if (ret) {
252 ao2_ref(obj, -1);
253 break;
254 }
255 }
256 ao2_ref(obj, -1);
257 }
259
260 return NULL;
261}
#define ast_strdup(str)
A wrapper for strdup()
Definition: astmm.h:241
#define ao2_iterator_next(iter)
Definition: astobj2.h:1911
struct ao2_iterator ao2_iterator_init(struct ao2_container *c, int flags) attribute_warn_unused_result
Create an iterator for a container.
#define ao2_ref(o, delta)
Reference/unreference an object and return the old refcount.
Definition: astobj2.h:459
void ao2_iterator_destroy(struct ao2_iterator *iter)
Destroy a container iterator.
int ast_cli_completion_add(char *value)
Add a result to a request for completion options.
Definition: main/cli.c:2768
short word
struct ao2_container * container
Definition: res_fax.c:501
When we need to walk through a container, we use an ao2_iterator to keep track of the current positio...
Definition: astobj2.h:1821

References ao2_iterator_destroy(), ao2_iterator_init(), ao2_iterator_next, ao2_ref, ast_cli_completion_add(), ast_sorcery_object_get_id(), ast_strdup, container, and NULL.

Referenced by cli_eprofile_show(), cli_profile_show(), cli_tn_show(), and cli_verify_cert().

◆ eprofile_get_all()

struct ao2_container * eprofile_get_all ( void  )

Definition at line 120 of file profile_config.c.

121{
122 return ast_sorcery_retrieve_by_fields(get_sorcery(), "eprofile",
124}
@ AST_RETRIEVE_FLAG_MULTIPLE
Return all matching objects.
Definition: sorcery.h:120
@ AST_RETRIEVE_FLAG_ALL
Perform no matching, return all objects.
Definition: sorcery.h:123
void * ast_sorcery_retrieve_by_fields(const struct ast_sorcery *sorcery, const char *type, unsigned int flags, struct ast_variable *fields)
Retrieve an object or multiple objects using specific fields.
Definition: sorcery.c:1897

References AST_RETRIEVE_FLAG_ALL, AST_RETRIEVE_FLAG_MULTIPLE, ast_sorcery_retrieve_by_fields(), get_sorcery(), and NULL.

Referenced by cli_eprofile_show(), and cli_eprofile_show_all().

◆ eprofile_get_cfg()

struct profile_cfg * eprofile_get_cfg ( const char *  id)

Definition at line 126 of file profile_config.c.

127{
128 if (ast_strlen_zero(id)) {
129 return NULL;
130 }
131 return ast_sorcery_retrieve_by_id(get_sorcery(), "eprofile", id);
132}

References ast_sorcery_retrieve_by_id(), ast_strlen_zero(), get_sorcery(), and NULL.

Referenced by ast_stir_shaken_as_ctx_create(), ast_stir_shaken_vs_ctx_create(), and cli_eprofile_show().

◆ generate_bool_string_prototypes() [1/6]

generate_bool_string_prototypes ( check_tn_cert_public_url  )

◆ generate_bool_string_prototypes() [2/6]

generate_bool_string_prototypes ( load_system_certs  )

◆ generate_bool_string_prototypes() [3/6]

generate_bool_string_prototypes ( relax_x5u_path_restrictions  )

◆ generate_bool_string_prototypes() [4/6]

generate_bool_string_prototypes ( relax_x5u_port_scheme_restrictions  )

◆ generate_bool_string_prototypes() [5/6]

generate_bool_string_prototypes ( send_mky  )

◆ generate_bool_string_prototypes() [6/6]

generate_bool_string_prototypes ( use_rfc9410_responses  )

◆ generate_enum_string_prototypes() [1/2]

generate_enum_string_prototypes ( attest_level  ,
attest_level_UNKNOWN  = -1,
attest_level_NOT_SET  = 0,
attest_level_A  ,
attest_level_B  ,
attest_level_C   
)

◆ generate_enum_string_prototypes() [2/2]

generate_enum_string_prototypes ( endpoint_behavior  ,
endpoint_behavior_UNKNOWN  = -1,
endpoint_behavior_OFF  = 0,
endpoint_behavior_ATTEST  ,
endpoint_behavior_VERIFY  ,
endpoint_behavior_ON  ,
endpoint_behavior_NOT_SET   
)

◆ get_default_acl_list()

struct ast_acl_list * get_default_acl_list ( void  )

◆ profile_get_all()

struct ao2_container * profile_get_all ( void  )

◆ profile_get_cfg()

struct profile_cfg * profile_get_cfg ( const char *  id)

Definition at line 112 of file profile_config.c.

113{
114 if (ast_strlen_zero(id)) {
115 return NULL;
116 }
118}

References ast_sorcery_retrieve_by_id(), ast_strlen_zero(), CONFIG_TYPE, get_sorcery(), and NULL.

Referenced by cli_profile_show(), and cli_verify_cert().

◆ profile_load()

int profile_load ( void  )

Definition at line 439 of file profile_config.c.

440{
441 struct ast_sorcery *sorcery = get_sorcery();
442 enum ast_sorcery_apply_result apply_rc;
443
444 /*
445 * eprofile MUST be registered first because profile needs it.
446 */
447 apply_rc = ast_sorcery_apply_default(sorcery, "eprofile", "memory", NULL);
448 if (apply_rc != AST_SORCERY_APPLY_SUCCESS) {
449 abort();
450 }
453 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", "eprofile");
454 return -1;
455 }
456
457 ast_sorcery_object_field_register_nodoc(sorcery, "eprofile", "type", "", OPT_NOOP_T, 0, 0);
458 enum_option_register(sorcery, "eprofile", endpoint_behavior, _nodoc);
459 enum_option_register_ex(sorcery, "eprofile", unknown_tn_attest_level,
460 unknown_tn_attest_level, attest_level,_nodoc);
461
464
465 /*
466 * Now we can do profile
467 */
468 ast_sorcery_apply_default(sorcery, CONFIG_TYPE, "config", "stir_shaken.conf,criteria=type=profile");
471 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
472 return -1;
473 }
474
476 enum_option_register(sorcery, CONFIG_TYPE, endpoint_behavior,);
477 enum_option_register_ex(sorcery, CONFIG_TYPE, unknown_tn_attest_level,
478 unknown_tn_attest_level, attest_level,);
479
482
484 ast_sorcery_load_object(sorcery, "eprofile");
485
488
489 return 0;
490}
#define register_common_verification_fields(sorcery, object, CONFIG_TYPE, nodoc)
#define enum_option_register(sorcery, CONFIG_TYPE, name, nodoc)
static int eprofile_apply(const struct ast_sorcery *sorcery, void *obj)
static void * profile_alloc(const char *name)
static struct ast_cli_entry stir_shaken_profile_cli[]
static int profile_apply(const struct ast_sorcery *sorcery, void *obj)
#define ast_sorcery_internal_object_register(sorcery, type, alloc, transform, apply)
Register an internal, hidden object type.
Definition: sorcery.h:867
ast_sorcery_apply_result
Definition: sorcery.h:423
@ AST_SORCERY_APPLY_SUCCESS
Definition: sorcery.h:427

References ARRAY_LEN, ast_cli_register_multiple, ast_log, ast_sorcery_apply_default, AST_SORCERY_APPLY_SUCCESS, ast_sorcery_internal_object_register, ast_sorcery_load_object(), ast_sorcery_object_field_register, ast_sorcery_object_field_register_nodoc, ast_sorcery_object_register, CONFIG_TYPE, enum_option_register, enum_option_register_ex, eprofile_apply(), get_sorcery(), LOG_ERROR, NULL, OPT_NOOP_T, profile_alloc(), profile_apply(), register_common_attestation_fields, register_common_verification_fields, sorcery, and stir_shaken_profile_cli.

Referenced by common_config_load().

◆ profile_reload()

int profile_reload ( void  )

◆ profile_unload()

int profile_unload ( void  )

◆ stir_shaken_failure_action_from_str()

enum stir_shaken_failure_action_enum stir_shaken_failure_action_from_str ( const char *  action_str)

◆ stir_shaken_failure_action_to_str()

const char * stir_shaken_failure_action_to_str ( enum stir_shaken_failure_action_enum  action)

◆ tn_config_load()

int tn_config_load ( void  )

Definition at line 268 of file tn_config.c.

269{
270 struct ast_sorcery *sorcery = get_sorcery();
271
272 ast_sorcery_apply_default(sorcery, CONFIG_TYPE, "config", "stir_shaken.conf,criteria=type=tn");
273
275 NULL, tn_apply)) {
276 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
278 }
279
281 OPT_NOOP_T, 0, 0);
282
284
286
289
291}
TN configuration for stir/shaken.
static struct ast_cli_entry stir_shaken_certificate_cli[]
Definition: tn_config.c:248
static void * tn_alloc(const char *name)
Definition: tn_config.c:79
#define CONFIG_TYPE
Definition: tn_config.c:31
static int tn_apply(const struct ast_sorcery *sorcery, void *obj)
Definition: tn_config.c:164

References ARRAY_LEN, ast_cli_register_multiple, ast_log, AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_sorcery_apply_default, ast_sorcery_load_object(), ast_sorcery_object_field_register, ast_sorcery_object_register, CONFIG_TYPE, get_sorcery(), LOG_ERROR, NULL, OPT_NOOP_T, register_common_attestation_fields, sorcery, stir_shaken_certificate_cli, tn_alloc(), and tn_apply().

Referenced by common_config_load().

◆ tn_config_reload()

int tn_config_reload ( void  )

◆ tn_config_unload()

int tn_config_unload ( void  )

◆ tn_get_cfg()

struct tn_cfg * tn_get_cfg ( const char *  tn)

Definition at line 39 of file tn_config.c.

References ast_sorcery_retrieve_by_id(), CONFIG_TYPE, and get_sorcery().

Referenced by cli_tn_show().

◆ tn_get_etn()

struct tn_cfg * tn_get_etn ( const char *  tn,
struct profile_cfg eprofile 
)

Definition at line 111 of file tn_config.c.

112{
113 const char *profile_id = eprofile ? ast_sorcery_object_get_id(eprofile) : "unknown";
114 RAII_VAR(struct tn_cfg *, tn,
117 RAII_VAR(struct tn_cfg *, etn, etn_alloc(id), ao2_cleanup);
118 enum attest_level_enum effective_al = attest_level_NOT_SET;
119 int rc = 0;
120 SCOPE_ENTER(3, "%s:%s: Getting effective TN\n", profile_id, S_OR(id, ""));
121
122 if (ast_strlen_zero(id) || !eprofile || !etn) {
123 SCOPE_EXIT_RTN_VALUE(NULL, "Missing params\n");
124 }
125
126 if (!tn) {
127 if (eprofile->unknown_tn_attest_level != attest_level_NOT_SET
128 && eprofile->unknown_tn_attest_level != attest_level_UNKNOWN) {
129 effective_al = eprofile->unknown_tn_attest_level;
130 ast_trace(-1, "%s:%s: TN not found. Using unknown_tn_attest_level %s\n",
131 profile_id, id, attest_level_to_str(effective_al));
132 } else {
133 SCOPE_EXIT_RTN_VALUE(NULL, "%s:%s: TN not found and unknown_tn_attest_level not set\n", profile_id, id);
134 }
135 }
136
137 /* Initialize with the acfg from the eprofile first */
138 rc = as_copy_cfg_common(id, &etn->acfg_common,
139 &eprofile->acfg_common);
140 if (rc != 0) {
141 SCOPE_EXIT_RTN_VALUE(NULL, "%s:%s: Couldn't copy from eprofile\n", profile_id, id);
142 }
143
144 /* Overwrite with anything in the TN itself */
145 if (tn) {
146 rc = as_copy_cfg_common(id, &etn->acfg_common,
147 &tn->acfg_common);
148 if (rc != 0) {
149 SCOPE_EXIT_RTN_VALUE(NULL, "%s:%s: Couldn't copy from tn\n", profile_id, id);
150 }
151 } else {
152 etn->acfg_common.attest_level = effective_al;
153 }
154
155 /*
156 * Unlike profile, we're not going to actually add a
157 * new object to sorcery because, although unlikely,
158 * the same TN could be used with multiple profiles.
159 */
160
161 SCOPE_EXIT_RTN_VALUE(ao2_bump(etn), "%s:%s: Done\n", profile_id, id);
162}
int as_copy_cfg_common(const char *id, struct attestation_cfg_common *cfg_dst, struct attestation_cfg_common *cfg_src)
#define ast_trace(level,...)
struct attestation_cfg_common acfg_common
enum attest_level_enum unknown_tn_attest_level
static void * etn_alloc(const char *name)
Definition: tn_config.c:95

References profile_cfg::acfg_common, ao2_bump, ao2_cleanup, as_copy_cfg_common(), ast_sorcery_object_get_id(), ast_sorcery_retrieve_by_id(), ast_strlen_zero(), ast_trace, CONFIG_TYPE, etn_alloc(), get_sorcery(), NULL, RAII_VAR, S_OR, SCOPE_ENTER, SCOPE_EXIT_RTN_VALUE, and profile_cfg::unknown_tn_attest_level.

Referenced by ast_stir_shaken_as_ctx_create().

◆ unknown_tn_attest_level_from_str()

enum attest_level_enum unknown_tn_attest_level_from_str ( const char *  value)

◆ unknown_tn_attest_level_to_str()

const char * unknown_tn_attest_level_to_str ( enum attest_level_enum  value)

◆ vcfg_cleanup()

void vcfg_cleanup ( struct verification_cfg_common cfg)

Definition at line 76 of file verification_config.c.

77{
78 if (!vcfg_common) {
79 return;
80 }
82 if (vcfg_common->tcs) {
83 crypto_free_cert_store(vcfg_common->tcs);
84 }
85 ast_free_acl_list(vcfg_common->acl);
86}
struct ast_acl_list * ast_free_acl_list(struct ast_acl_list *acl)
Free a list of ACLs.
Definition: acl.c:233
#define crypto_free_cert_store(store)
Free an X509 store.
Definition: crypto_utils.h:195

References verification_cfg_common::acl, ast_free_acl_list(), ast_string_field_free_memory, crypto_free_cert_store, verification_cfg_common::tcs, and verification_cfg::vcfg_common.

Referenced by profile_destructor(), and verification_destructor().

◆ vs_check_common_config()

int vs_check_common_config ( const char *  id,
struct verification_cfg_common vcfg_common 
)

Definition at line 165 of file verification_config.c.

167{
168 SCOPE_ENTER(3, "%s: Checking common config\n", id);
169
170 if (!ast_strlen_zero(vcfg_common->ca_file)
171 && !ast_file_is_readable(vcfg_common->ca_file)) {
173 "%s: ca_file '%s' not found, or is unreadable\n",
174 id, vcfg_common->ca_file);
175 }
176
177 if (!ast_strlen_zero(vcfg_common->ca_path)
178 && !ast_file_is_readable(vcfg_common->ca_path)) {
180 "%s: ca_path '%s' not found, or is unreadable\n",
181 id, vcfg_common->ca_path);
182 }
183
184 if (!ast_strlen_zero(vcfg_common->crl_file)
185 && !ast_file_is_readable(vcfg_common->crl_file)) {
187 "%s: crl_file '%s' not found, or is unreadable\n",
188 id, vcfg_common->crl_file);
189 }
190
191 if (!ast_strlen_zero(vcfg_common->crl_path)
192 && !ast_file_is_readable(vcfg_common->crl_path)) {
194 "%s: crl_path '%s' not found, or is unreadable\n",
195 id, vcfg_common->crl_path);
196 }
197
198 if (!ast_strlen_zero(vcfg_common->untrusted_cert_file)
199 && !ast_file_is_readable(vcfg_common->untrusted_cert_file)) {
201 "%s: untrusted_cert_file '%s' not found, or is unreadable\n",
202 id, vcfg_common->untrusted_cert_file);
203 }
204
205 if (!ast_strlen_zero(vcfg_common->untrusted_cert_path)
206 && !ast_file_is_readable(vcfg_common->untrusted_cert_path)) {
208 "%s: untrusted_cert_path '%s' not found, or is unreadable\n",
209 id, vcfg_common->untrusted_cert_path);
210 }
211
212 if (!ast_strlen_zero(vcfg_common->ca_file)
213 || !ast_strlen_zero(vcfg_common->ca_path)) {
214 int rc = 0;
215
216 if (!vcfg_common->tcs) {
217 vcfg_common->tcs = crypto_create_cert_store();
218 if (!vcfg_common->tcs) {
220 "%s: Unable to create CA cert store\n", id);
221 }
222 }
223 rc = crypto_load_cert_store(vcfg_common->tcs,
224 vcfg_common->ca_file, vcfg_common->ca_path);
225 if (rc != 0) {
227 "%s: Unable to load CA cert store from '%s' or '%s'\n",
228 id, vcfg_common->ca_file, vcfg_common->ca_path);
229 }
230 }
231
232 if (!ast_strlen_zero(vcfg_common->crl_file)
233 || !ast_strlen_zero(vcfg_common->crl_path)) {
234 int rc = 0;
235
236 if (!vcfg_common->tcs) {
237 vcfg_common->tcs = crypto_create_cert_store();
238 if (!vcfg_common->tcs) {
240 "%s: Unable to create CA cert store\n", id);
241 }
242 }
243 rc = crypto_load_crl_store(vcfg_common->tcs,
244 vcfg_common->crl_file, vcfg_common->crl_path);
245 if (rc != 0) {
247 "%s: Unable to load CA CRL store from '%s' or '%s'\n",
248 id, vcfg_common->crl_file, vcfg_common->crl_path);
249 }
250 }
251
252 if (!ast_strlen_zero(vcfg_common->untrusted_cert_file)
253 || !ast_strlen_zero(vcfg_common->untrusted_cert_path)) {
254 int rc = 0;
255
256 if (!vcfg_common->tcs) {
257 vcfg_common->tcs = crypto_create_cert_store();
258 if (!vcfg_common->tcs) {
260 "%s: Unable to create CA cert store\n", id);
261 }
262 }
263 rc = crypto_load_untrusted_cert_store(vcfg_common->tcs,
264 vcfg_common->untrusted_cert_file, vcfg_common->untrusted_cert_path);
265 if (rc != 0) {
267 "%s: Unable to load CA CRL store from '%s' or '%s'\n",
268 id, vcfg_common->untrusted_cert_file, vcfg_common->untrusted_cert_path);
269 }
270 }
271
272 if (vcfg_common->tcs) {
273 if (ENUM_BOOL(vcfg_common->load_system_certs, load_system_certs)) {
274 X509_STORE_set_default_paths(vcfg_common->tcs->certs);
275 }
276
277 if (!ast_strlen_zero(vcfg_common->crl_file)
278 || !ast_strlen_zero(vcfg_common->crl_path)) {
279 X509_STORE_set_flags(vcfg_common->tcs->certs, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_EXTENDED_CRL_SUPPORT);
280 }
281 }
282
283 if (!ast_strlen_zero(vcfg_common->cert_cache_dir)) {
284 FILE *fp;
285 char *testfile;
286
287 if (ast_asprintf(&testfile, "%s/testfile", vcfg_common->cert_cache_dir) <= 0) {
289 "%s: Unable to allocate memory for testfile\n", id);
290 }
291
292 fp = fopen(testfile, "w+");
293 if (!fp) {
294 ast_free(testfile);
296 "%s: cert_cache_dir '%s' was not writable\n",
297 id, vcfg_common->cert_cache_dir);
298 }
299 fclose(fp);
300 remove(testfile);
301 ast_free(testfile);
302 }
303
304 SCOPE_EXIT_RTN_VALUE(0, "%s: Done\n", id);
305}
#define ast_asprintf(ret, fmt,...)
A wrapper for asprintf()
Definition: astmm.h:267
int crypto_load_crl_store(struct crypto_cert_store *store, const char *file, const char *path)
Load an X509 Store with certificate revocation lists.
Definition: crypto_utils.c:622
int crypto_load_untrusted_cert_store(struct crypto_cert_store *store, const char *file, const char *path)
Load an X509 Store with untrusted certificates.
Definition: crypto_utils.c:579
struct crypto_cert_store * crypto_create_cert_store(void)
Create an empty X509 store.
Definition: crypto_utils.c:390
int crypto_load_cert_store(struct crypto_cert_store *store, const char *file, const char *path)
Load an X509 Store with either certificates or CRLs.
Definition: crypto_utils.c:563
#define remove
X509_STORE * certs
Definition: crypto_utils.h:180
struct crypto_cert_store * tcs
const ast_string_field cert_cache_dir
const ast_string_field ca_path
const ast_string_field crl_file
const ast_string_field crl_path
enum load_system_certs_enum load_system_certs
const ast_string_field ca_file
const ast_string_field untrusted_cert_file
const ast_string_field untrusted_cert_path

References ast_asprintf, ast_file_is_readable(), ast_free, ast_strlen_zero(), verification_cfg_common::ca_file, verification_cfg_common::ca_path, verification_cfg_common::cert_cache_dir, crypto_cert_store::certs, verification_cfg_common::crl_file, verification_cfg_common::crl_path, crypto_create_cert_store(), crypto_load_cert_store(), crypto_load_crl_store(), crypto_load_untrusted_cert_store(), ENUM_BOOL, verification_cfg_common::load_system_certs, LOG_ERROR, remove, SCOPE_ENTER, SCOPE_EXIT_LOG_RTN_VALUE, SCOPE_EXIT_RTN_VALUE, verification_cfg_common::tcs, verification_cfg_common::untrusted_cert_file, verification_cfg_common::untrusted_cert_path, and verification_cfg::vcfg_common.

Referenced by profile_apply(), and verification_apply().

◆ vs_config_load()

int vs_config_load ( void  )

Definition at line 444 of file verification_config.c.

445{
446 struct ast_sorcery *sorcery = get_sorcery();
447
448 snprintf(DEFAULT_cert_cache_dir, sizeof(DEFAULT_cert_cache_dir), "%s/keys/%s/cache",
450
452 "stir_shaken.conf,criteria=type=" CONFIG_TYPE ",single_object=yes,explicit_name=" CONFIG_TYPE);
453
456 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
457 return -1;
458 }
459
461 OPT_NOOP_T, 0, 0);
462
464 DEFAULT_global_disable ? "yes" : "no",
465 OPT_YESNO_T, 1, FLDSET(struct verification_cfg, global_disable));
466
468
470
471 if (!vs_is_config_loaded()) {
472 ast_log(LOG_WARNING,"Stir/Shaken verification service disabled. Either there were errors in the 'verification' object in stir_shaken.conf or it was missing altogether.\n");
473 }
474 if (!empty_cfg) {
476 if (!empty_cfg) {
477 return -1;
478 }
480 }
481
484
485 return 0;
486}
const char * ast_config_AST_DATA_DIR
Definition: options.c:158
static int verification_apply(const struct ast_sorcery *sorcery, void *obj)
static struct ast_cli_entry verification_cli[]
int vs_is_config_loaded(void)
#define STIR_SHAKEN_DIR_NAME
static void * verification_alloc(const char *name)
static char DEFAULT_cert_cache_dir[PATH_MAX]
#define DEFAULT_global_disable
static struct verification_cfg * empty_cfg
#define CONFIG_TYPE

References ARRAY_LEN, ast_cli_register_multiple, ast_config_AST_DATA_DIR, ast_log, ast_sorcery_apply_default, ast_sorcery_load_object(), ast_sorcery_object_field_register, ast_sorcery_object_field_register_nodoc, ast_sorcery_object_register, CONFIG_TYPE, DEFAULT_cert_cache_dir, DEFAULT_global_disable, empty_cfg, FLDSET, get_sorcery(), verification_cfg::global_disable, LOG_ERROR, LOG_WARNING, NULL, OPT_NOOP_T, OPT_YESNO_T, register_common_verification_fields, sorcery, STIR_SHAKEN_DIR_NAME, verification_alloc(), verification_apply(), verification_cli, and vs_is_config_loaded().

Referenced by vs_load().

◆ vs_config_reload()

int vs_config_reload ( void  )

Definition at line 416 of file verification_config.c.

417{
418 struct ast_sorcery *sorcery = get_sorcery();
420
421 if (!vs_is_config_loaded()) {
422 ast_log(LOG_WARNING,"Stir/Shaken verification service disabled. Either there were errors in the 'verification' object in stir_shaken.conf or it was missing altogether.\n");
423 }
424 if (!empty_cfg) {
426 if (!empty_cfg) {
427 return -1;
428 }
430 }
431
432 return 0;
433}

References ast_log, ast_sorcery_force_reload_object(), CONFIG_TYPE, empty_cfg, get_sorcery(), verification_cfg::global_disable, LOG_WARNING, sorcery, verification_alloc(), and vs_is_config_loaded().

Referenced by vs_reload().

◆ vs_config_unload()

int vs_config_unload ( void  )

◆ vs_copy_cfg_common()

int vs_copy_cfg_common ( const char *  id,
struct verification_cfg_common cfg_dst,
struct verification_cfg_common cfg_src 
)

Definition at line 123 of file verification_config.c.

125{
126 int rc = 0;
127
128 if (!cfg_dst || !cfg_src) {
129 return -1;
130 }
131
132 if (!cfg_dst->tcs && cfg_src->tcs) {
133 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, ca_file);
134 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, ca_path);
135 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, crl_file);
136 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, crl_path);
137 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, untrusted_cert_file);
138 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, untrusted_cert_path);
139 ao2_bump(cfg_src->tcs);
140 cfg_dst->tcs = cfg_src->tcs;
141 }
142
143 cfg_sf_copy_wrapper(id, cfg_dst, cfg_src, cert_cache_dir);
144
145 cfg_uint_copy(cfg_dst, cfg_src, curl_timeout);
146 cfg_uint_copy(cfg_dst, cfg_src, max_iat_age);
147 cfg_uint_copy(cfg_dst, cfg_src, max_date_header_age);
148 cfg_uint_copy(cfg_dst, cfg_src, max_cache_entry_age);
149 cfg_uint_copy(cfg_dst, cfg_src, max_cache_size);
150
151 cfg_enum_copy(cfg_dst, cfg_src, stir_shaken_failure_action);
152 cfg_enum_copy(cfg_dst, cfg_src, use_rfc9410_responses);
153 cfg_enum_copy(cfg_dst, cfg_src, relax_x5u_port_scheme_restrictions);
154 cfg_enum_copy(cfg_dst, cfg_src, relax_x5u_path_restrictions);
155 cfg_enum_copy(cfg_dst, cfg_src, load_system_certs);
156
157 if (cfg_src->acl) {
158 ast_free_acl_list(cfg_dst->acl);
159 cfg_dst->acl = ast_duplicate_acl_list(cfg_src->acl);
160 }
161
162 return rc;
163}
struct ast_acl_list * ast_duplicate_acl_list(struct ast_acl_list *original)
Duplicates the contests of a list of lists of host access rules.
Definition: acl.c:315
#define cfg_uint_copy(__cfg_dst, __cfg_src, __field)
cfg_uint_copy
struct ast_acl_list * acl

References verification_cfg_common::acl, ao2_bump, ast_duplicate_acl_list(), ast_free_acl_list(), cfg_enum_copy, cfg_sf_copy_wrapper, cfg_uint_copy, and verification_cfg_common::tcs.

Referenced by create_effective_profile().

◆ vs_get_cfg()

struct verification_cfg * vs_get_cfg ( void  )

◆ vs_is_config_loaded()

int vs_is_config_loaded ( void  )