cryptops-api.c

#include <includes/common-includes.h>
#include <includes/settings.h>

#define FIFO_PATH "/tmp/cryptops-api-stop"

#include <auxiliary.c>
#include <encryption_functions.c>
#include <api/default.c>
#include <api/encryption_get.c>
#include <api/encryption_init_post.c>
#include <api/encryption_remove_post.c>
#include <api/encryption_unlock_post.c>
#include <api/encryption_keys_get.c>
#include <api/encryption_keys_delete.c>
#include <api/encryption_keys_put_post.c>
#include <api/ssh_keys_get.c>
#include <api/ssh_keys_put.c>
#include <api/ssh_keys_post.c>
#include <api/ssh_keys_delete.c>

int main(int argc, char ** argv)
{
    y_init_logs("cryptops-api", Y_LOG_MODE_CONSOLE, Y_LOG_LEVEL_DEBUG,
        NULL, "Starting cryptops-api");

    // Set address to bind to.
    struct sockaddr_in address;
    bzero(&address, sizeof(address));
    address.sin_family = AF_INET;
    address.sin_port = htons((unsigned short)PORT);
    inet_pton(AF_INET, BIND_ADDRESS, &address.sin_addr);

    struct _u_instance instance;
    if (ulfius_init_instance(&instance, PORT, &address, NULL) != U_OK)
    {
        y_log_message(Y_LOG_LEVEL_ERROR, "Error ulfius_init_instance, abort");
        return(1);
    }

    u_map_put(instance.default_headers, "Access-Control-Allow-Origin", "*");

    // Maximum body size sent by the client is 1 Kb.
    instance.max_post_body_size = 1024;

    // Add api endpoints.
    bool reboot = false;
    ulfius_add_endpoint_by_val(&instance, "GET" , PREFIX,
        "/encryption",
        0, &callback_encryption_get, NULL);
    ulfius_add_endpoint_by_val(&instance, "POST", PREFIX,
        "/encryption/init",
        0, &callback_encryption_init_post, &reboot);
    ulfius_add_endpoint_by_val(&instance, "POST", PREFIX,
        "/encryption/remove",
        0, &callback_encryption_remove_post, &reboot);
    ulfius_add_endpoint_by_val(&instance, "POST", PREFIX,
        "/encryption/unlock",
        0, &callback_encryption_unlock_post, NULL);
    ulfius_add_endpoint_by_val(&instance, "GET" , PREFIX,
        "/encryption/keys",
        0, &callback_encryption_keys_get, NULL);
    ulfius_add_endpoint_by_val(&instance, "POST" , PREFIX,
        "/encryption/keys",
        0, &callback_encryption_keys_post, NULL);
    ulfius_add_endpoint_by_val(&instance, "PUT" , PREFIX,
        "/encryption/keys/:slot",
        0, &callback_encryption_keys_put, NULL);
    ulfius_add_endpoint_by_val(&instance, "DELETE" , PREFIX,
        "/encryption/keys/:slot",
        0, &callback_encryption_keys_delete, NULL);
    ulfius_add_endpoint_by_val(&instance, "GET" , PREFIX,
        "/ssh/keys",
        0, &callback_ssh_keys_get, NULL);
    ulfius_add_endpoint_by_val(&instance, "PUT" , PREFIX,
        "/ssh/keys/:id",
        0, &callback_ssh_keys_put, NULL);
    ulfius_add_endpoint_by_val(&instance, "POST" , PREFIX,
        "/ssh/keys",
        0, &callback_ssh_keys_post, NULL);
    ulfius_add_endpoint_by_val(&instance, "DELETE" , PREFIX,
        "/ssh/keys/:id",
        0, &callback_ssh_keys_delete, NULL);

    // Add default endpoint.
    ulfius_set_default_endpoint(&instance, &callback_default, NULL);

    // Start the framework.
    int ret;
    if (argc == 4 && strcmp("-secure", argv[1]) == 0)
    {
        // If command-line options are -secure <key_file> <cert_file>,
        // then listen for https connections.
        char * key_pem = read_file(argv[2]);
        char * cert_pem = read_file(argv[3]);
        ret = ulfius_start_secure_framework(&instance, key_pem, cert_pem);
        o_free(key_pem);
        o_free(cert_pem);
    }
    else
    {
        // Listen for http connections.
        ret = ulfius_start_framework(&instance);
    }

    if (ret == U_OK)
    {
        y_log_message(Y_LOG_LEVEL_DEBUG, "Start %sframework on port %d",
            ((argc == 4 && strcmp("-secure", argv[1]) == 0) ? "secure " : ""),
            instance.port);

        // Wait for signal from fifo to quit.
        y_init_logs("cryptops-api", Y_LOG_MODE_CONSOLE, Y_LOG_LEVEL_DEBUG,
            NULL, "Waiting for fifo signal to quit");
        int fifo = 0;
        char buf[4];
        char fifo_path[] = FIFO_PATH;
        mkfifo(fifo_path, 0600);
        fifo = open(fifo_path, O_RDONLY);
        // This will block until the fifo is written to.
        read(fifo, &buf, 4);
    }
    else
    {
        y_log_message(Y_LOG_LEVEL_DEBUG, "Error starting framework");
    }
    y_log_message(Y_LOG_LEVEL_DEBUG, "End framework");

    // Give request handlers that have called for the stop a chance to
    // send their response to the client.
    sleep(1);

    y_close_logs();

    ulfius_stop_framework(&instance);
    ulfius_clean_instance(&instance);

    // Check if the encryption/init handler said that we should reboot.
    if (reboot)
    {
        y_log_message(Y_LOG_LEVEL_INFO, "rebooting...");
        reboot_initrd();
    }

    return 0;
}