tls: moved class TlsResource to tls_conf.cc/.h

bareos · Nov 22, 2018 · 73dcef7 · 73dcef7
1 parent 054a49c
commit 73dcef7
Show file tree

Hide file tree

Showing 6 changed files with 142 additions and 74 deletions.
diff --git a/core/src/lib/bareos_resource.h b/core/src/lib/bareos_resource.h
@@ -0,0 +1,52 @@
+/*
+   BAREOS® - Backup Archiving REcovery Open Sourced
+
+   Copyright (C) 2000-2010 Free Software Foundation Europe e.V.
+   Copyright (C) 2011-2012 Planets Communications B.V.
+   Copyright (C) 2013-2018 Bareos GmbH & Co. KG
+
+   This program is Free Software; you can redistribute it and/or
+   modify it under the terms of version three of the GNU Affero General Public
+   License as published by the Free Software Foundation and included
+   in the file LICENSE.
+
+   This program is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+   Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301, USA.
+*/
+
+#ifndef BAREOS_LIB_BAREOS_RESOURCE_H_
+#define BAREOS_LIB_BAREOS_RESOURCE_H_
+
+#include "lib/common_resource_header.h"
+
+class PoolMem;
+class ConfigurationParser;
+
+/*
+ * Base Class for all Resource Classes
+ */
+class BareosResource {
+ public:
+  CommonResourceHeader hdr;
+
+  /* Methods */
+  inline char *name() const { return this->hdr.name; }
+  bool PrintConfig(PoolMem &buf,
+                   const ConfigurationParser &my_config,
+                   bool hide_sensitive_data = false,
+                   bool verbose             = false);
+  /*
+   * validate can be defined by inherited classes,
+   * when special rules for this resource type must be checked.
+   */
+  // virtual inline bool validate() { return true; };
+};
+
+#endif /* BAREOS_LIB_BAREOS_RESOURCE_H_ */
diff --git a/core/src/lib/bsock.cc b/core/src/lib/bsock.cc
@@ -477,7 +477,7 @@ bool BareosSocket::DoTlsHandshake(TlsPolicy remote_tls_policy,
 {
   if (tls_conn) { return true; }
 
-  int tls_policy = SelectTlsPolicy(tls_resource, remote_tls_policy);
+  int tls_policy = tls_resource->SelectTlsPolicy(remote_tls_policy);
 
   if (tls_policy == TlsPolicy::kBnetTlsDeny) { /* tls required but not configured */
     return false;

diff --git a/core/src/lib/common_resource_header.h b/core/src/lib/common_resource_header.h
@@ -0,0 +1,43 @@
+/*
+   BAREOS® - Backup Archiving REcovery Open Sourced
+
+   Copyright (C) 2000-2010 Free Software Foundation Europe e.V.
+   Copyright (C) 2011-2012 Planets Communications B.V.
+   Copyright (C) 2013-2018 Bareos GmbH & Co. KG
+
+   This program is Free Software; you can redistribute it and/or
+   modify it under the terms of version three of the GNU Affero General Public
+   License as published by the Free Software Foundation and included
+   in the file LICENSE.
+
+   This program is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+   Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+   02110-1301, USA.
+*/
+
+#ifndef BAREOS_LIB_COMMON_RESOURCE_HEADER_
+#define BAREOS_LIB_COMMON_RESOURCE_HEADER_
+
+#define MAX_RES_ITEMS 90 /* maximum resource items per CommonResourceHeader */
+
+/*
+ * This is the universal header that is at the beginning of every resource record.
+ */
+class CommonResourceHeader {
+ public:
+  CommonResourceHeader *next;          /* Pointer to next resource of this type */
+  char *name;                          /* Resource name */
+  char *desc;                          /* Resource description */
+  uint32_t rcode;                      /* Resource id or type */
+  int32_t refcnt;                      /* Reference count for releasing */
+  char item_present[MAX_RES_ITEMS];    /* Set if item is present in conf file */
+  char inherit_content[MAX_RES_ITEMS]; /* Set if item has inherited content */
+};
+
+#endif /* BAREOS_LIB_COMMON_RESOURCE_HEADER_ */
diff --git a/core/src/lib/parse_conf.h b/core/src/lib/parse_conf.h
@@ -151,22 +151,6 @@ struct ResourceItem {
 /* For storing name_addr items in res_items table */
 #define ITEM(x) {(char **)&res_all.x}
 
-#define MAX_RES_ITEMS 90                /* maximum resource items per CommonResourceHeader */
-
-/*
- * This is the universal header that is at the beginning of every resource record.
- */
-class CommonResourceHeader {
-public:
-   CommonResourceHeader *next;          /* Pointer to next resource of this type */
-   char *name;                          /* Resource name */
-   char *desc;                          /* Resource description */
-   uint32_t rcode;                      /* Resource id or type */
-   int32_t refcnt;                      /* Reference count for releasing */
-   char item_present[MAX_RES_ITEMS];    /* Set if item is present in conf file */
-   char inherit_content[MAX_RES_ITEMS]; /* Set if item has inherited content */
-};
-
 /*
  * Master Resource configuration structure definition
  * This is the structure that defines the resources that are available to this daemon.
@@ -297,57 +281,6 @@ struct DatatypeName {
    const char *description;
 };
 
-/*
- * Base Class for all Resource Classes
- */
-class BareosResource {
-public:
-   CommonResourceHeader hdr;
-
-   /* Methods */
-   inline char *name() const { return this->hdr.name; }
-   bool PrintConfig(PoolMem &buf, const ConfigurationParser &my_config,
-                    bool hide_sensitive_data = false, bool verbose = false);
-   /*
-    * validate can be defined by inherited classes,
-    * when special rules for this resource type must be checked.
-    */
-   // virtual inline bool validate() { return true; };
-};
-
-class TlsResource : public BareosResource {
-public:
-  s_password password_;     /* UA server password */
-  TlsConfigCert tls_cert_;  /* TLS structure */
-  std::string *cipherlist_; /* TLS Cipher List */
-  bool authenticate_;       /* Authenticate only with TLS */
-  bool tls_enable_;
-  bool tls_require_;
-
-  TlsResource()
-   : cipherlist_(nullptr)
-   , authenticate_(false)
-   , tls_enable_(false)
-   , tls_require_(false)
-   {}
-
-  bool IsTlsConfigured() const {
-    return tls_enable_ || tls_require_;
-  }
-
-  TlsPolicy GetPolicy() const
-  {
-   TlsPolicy result = TlsPolicy::kBnetTlsNone;
-   if (tls_enable_) {
-      result = TlsPolicy::kBnetTlsEnabled;
-   }
-   if (tls_require_) {
-      result = TlsPolicy::kBnetTlsRequired;
-   }
-   return result;
-  }
-};
-
 /*
  * Message Resource
  */

diff --git a/core/src/lib/tls_conf.cc b/core/src/lib/tls_conf.cc
@@ -18,15 +18,42 @@
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
    02110-1301, USA.
 */
+
 #include "include/bareos.h"
-#include "tls_conf.h"
+#include "lib/tls_conf.h"
+
+TlsResource::TlsResource()
+ : cipherlist_(nullptr)
+ , authenticate_(false)
+ , tls_enable_(false)
+ , tls_require_(false)
+{
+  return;
+}
+
+bool TlsResource::IsTlsConfigured() const
+{
+  return tls_enable_ || tls_require_;
+}
+
+TlsPolicy TlsResource::GetPolicy() const
+{
+ TlsPolicy result = TlsPolicy::kBnetTlsNone;
+ if (tls_enable_) {
+    result = TlsPolicy::kBnetTlsEnabled;
+ }
+ if (tls_require_) {
+    result = TlsPolicy::kBnetTlsRequired;
+ }
+ return result;
+}
 
-int SelectTlsPolicy(TlsResource *tls_resource, TlsPolicy remote_policy)
+int TlsResource::SelectTlsPolicy(TlsPolicy remote_policy) const
 {
   if (remote_policy == TlsPolicy::kBnetTlsAuto) {
     return TlsPolicy::kBnetTlsAuto;
   }
-  TlsPolicy local_policy = tls_resource->GetPolicy();
+  TlsPolicy local_policy = GetPolicy();
 
   if ((remote_policy == 0 && local_policy == 0) || (remote_policy == 0 && local_policy == 1) ||
       (remote_policy == 1 && local_policy == 0)) {

diff --git a/core/src/lib/tls_conf.h b/core/src/lib/tls_conf.h
@@ -23,8 +23,9 @@
 #define BAREOS_LIB_TLS_CONF_H_
 
 #include "lib/tls_psk_credentials.h"
-#include "lib/tls_conf.h"
 #include "lib/tls_conf_cert.h"
+#include "lib/bareos_resource.h"
+#include "lib/s_password.h"
 
 enum TlsPolicy : uint32_t
 {
@@ -35,7 +36,19 @@ enum TlsPolicy : uint32_t
   kBnetTlsDeny     = 0xFF /*!< TLS connection not allowed */
 };
 
-class TlsResource;
-int SelectTlsPolicy(TlsResource *tls_resource, TlsPolicy remote_policy);
+class TlsResource : public BareosResource {
+ public:
+  s_password password_;     /* UA server password */
+  TlsConfigCert tls_cert_;  /* TLS structure */
+  std::string *cipherlist_; /* TLS Cipher List */
+  bool authenticate_;       /* Authenticate only with TLS */
+  bool tls_enable_;
+  bool tls_require_;
+
+  TlsResource();
+  bool IsTlsConfigured() const;
+  TlsPolicy GetPolicy() const;
+  int SelectTlsPolicy(TlsPolicy remote_policy) const;
+};
 
 #endif  // BAREOS_LIB_TLS_CONF_H_