Implement certificate delete
A deletion of a certificate is invoked by calling the DELETE verb on the
certificate REST endpoint. This application intercepts this and deletes
the certificate file. It also reloads/restarts the associated systemd
unit, which may generate a self-signed certificate.
Change-Id: I879551c1aff160cab0c07d1c73ae147f85a6e17e
Signed-off-by: Deepak Kodihalli <dkodihal@in.ibm.com>
diff --git a/certs_manager.cpp b/certs_manager.cpp
index 28b0957..4ebf71c 100644
--- a/certs_manager.cpp
+++ b/certs_manager.cpp
@@ -112,8 +112,6 @@
void Manager::copy(const std::string& src, const std::string& dst)
{
- namespace fs = std::experimental::filesystem;
-
try
{
auto path = fs::path(dst).parent_path();
@@ -329,5 +327,33 @@
return true;
}
+
+void Manager::delete_()
+{
+ try
+ {
+ if (!fs::remove(certPath))
+ {
+ log<level::INFO>("Certificate file not found!",
+ entry("PATH=%s", certPath.c_str()));
+ }
+ else
+ {
+ reloadOrReset(unit);
+ }
+ }
+ catch (const InternalFailure& e)
+ {
+ throw;
+ }
+ catch (const std::exception& e)
+ {
+ log<level::ERR>(
+ "Failed to delete certificate", entry("UNIT=%s", unit.c_str()),
+ entry("ERR=%s", e.what()), entry("PATH=%s", certPath.c_str()));
+ elog<InternalFailure>();
+ }
+}
+
} // namespace certs
} // namespace phosphor
diff --git a/certs_manager.hpp b/certs_manager.hpp
index 027317e..7d42d01 100644
--- a/certs_manager.hpp
+++ b/certs_manager.hpp
@@ -6,6 +6,7 @@
#include <sdbusplus/server/object.hpp>
#include <unordered_map>
#include <xyz/openbmc_project/Certs/Install/server.hpp>
+#include <xyz/openbmc_project/Object/Delete/server.hpp>
namespace phosphor
{
@@ -18,12 +19,13 @@
static constexpr auto SERVER = "server";
static constexpr auto CLIENT = "client";
-using CreateIface = sdbusplus::server::object::object<
- sdbusplus::xyz::openbmc_project::Certs::server::Install>;
+using Create = sdbusplus::xyz::openbmc_project::Certs::server::Install;
+using Delete = sdbusplus::xyz::openbmc_project::Object::server::Delete;
+using Ifaces = sdbusplus::server::object::object<Create, Delete>;
using InstallFunc = std::function<void()>;
using InputType = std::string;
-class Manager : public CreateIface
+class Manager : public Ifaces
{
public:
/* Define all of the basic class operations:
@@ -52,7 +54,7 @@
*/
Manager(sdbusplus::bus::bus& bus, const char* path, const std::string& type,
std::string&& unit, std::string&& certPath) :
- CreateIface(bus, path),
+ Ifaces(bus, path),
bus(bus), path(path), type(type), unit(std::move(unit)),
certPath(std::move(certPath))
{
@@ -70,6 +72,11 @@
*/
void install(const std::string path) override;
+ /** @brief Delete the certificate (and possibly revert
+ * to a self-signed certificate).
+ */
+ void delete_() override;
+
private:
/** @brief Client certificate Installation helper function **/
virtual void clientInstall();