Browse Source

Fixed a bug where the rulebase path was not determined correctly when license id was provided only through the run-time interface.

Modified the configuration log generator to protect security key information when it is provided through the run-time interface.


git-svn-id: https://svn.microneil.com/svn/SNFMulti/trunk@19 dc71a809-1921-45c4-985c-09c81d0142d9
wx
madscientist 15 years ago
parent
commit
c73adfe320
1 changed files with 28 additions and 6 deletions
  1. 28
    6
      snfCFGmgr.cpp

+ 28
- 6
snfCFGmgr.cpp View File

@@ -556,13 +556,33 @@ void snfCFGmgr::initialize(
InitLicenseId = (NULL==LicenseId)?"":LicenseId; // any time load() is called.
InitAuthentication = (NULL==Authentication)?"":Authentication;
}
//// When the license ID and security string come from an OEM application they
//// may not appear in the configuration files. If that is the case we will assume
//// that they developer wants to keep the security string secret by encrypting it
//// in their application and providing it to SNF at runtime. In that case we will
//// not display the security key in the configuration log.
////
//// To prevent hacking attempts, if the authentication information appears to be
//// provided by configuration data then we will build the string from that data.
//// that way an attacker can't trick the application into disclosing the true
//// authentication string -- they will only get out what they put in.
string SecurityKeyDisplayString(snfCFGData& D) { // Returns appropriate SecurityKey: data
string ConfigLogSecurityKey = "************************"; // Start with a masked display.
if(0 < D.node_licenseid.length()) { // If auth info is in the config files then
ConfigLogSecurityKey = D.node_licenseid + D.node_authentication; // build up the key from that data so it
} // can be displayed in the config log.
return ConfigLogSecurityKey;
}

void logCFGData(snfCFGData& D) { // Log interpreted cfg data (debug aid).

try {
string CFGLogPath; // Build the snf_cfg log path.
CFGLogPath = D.paths_log_path +
D.node_licenseid + "_snf_engine_cfg.log";
D.node_licenseid + "_snf_engine_cfg.log";

ofstream cfgl(CFGLogPath.c_str(), ios::trunc); // Open and truncate the cfg log file.
cfgl // Report important cfg information.
<< "SNF Engine Configuration" << endl
@@ -571,7 +591,7 @@ void logCFGData(snfCFGData& D) {
<< " License: " << D.node_licenseid << endl
<< " ConfigFilePath: " << D.ConfigFilePath << endl
<< " IdentityFilePath: " << D.node_identity << endl
<< " SecurityKey: " << D.SecurityKey << endl
<< " SecurityKey: " << SecurityKeyDisplayString(D) << endl
<< "_____" << endl
<< "Paths" << endl
<< " Log Path: " << D.paths_log_path << endl
@@ -973,12 +993,14 @@ void snfCFGmgr::load() {
}

//// The SecurityKey is built from the licenseID and the Authentication
if(InitLicenseIdIsProvided) { // If the LicenseID has been provided then
CFGData.SecurityKey = InitLicenseId; // the first part of our security key is that.
} else { // If it was not provided then we will get
CFGData.SecurityKey = CFGData.node_licenseid; // the LicenseID from our config file.
}
string LicenseIDToUse = CFGData.SecurityKey; // Grab the License ID we want to use.

if(InitAuthenticationIsProvided) { // If the Authentication has been provided then
CFGData.SecurityKey += InitAuthentication; // we use it for the second part of our
@@ -990,11 +1012,11 @@ void snfCFGmgr::load() {

if(InitPathIsRulebase) { // If the Rulebase path was provided
CFGData.RuleFilePath = InitFileName; // then we have our rulebase path.
} else { // If not then we must figure it out...
} else { // If not then we must figure it out...
CFGData.RuleFilePath = // We build the path from the base
CFGData.paths_rulebase_path + // rulebase path concattonated with
CFGData.node_licenseid + // the license id concattonated with
SNFExt; // the rulebase extension.
LicenseIDToUse + // the license id concattonated with
SNFExt; // the rulebase extension.
}

// Once all of the configuration data is correct we make it active.

Loading…
Cancel
Save