phosphor-ldap-conf: handle "PropertiesChanged" signal on the ldap cert object
When LDAP client certificate is changed through Replace method on the cert object.
Object would emit the signal "PropertiesChanged". Upon receiving the
signal, config file would be updated with below given info if
secure ldap is enabled:
tls_cert <path client certificate file>
tls_key <path to client certificate file>
Tested By: Unit Tested
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I5347b13e0bf76742d39dc7a26c96ec5d4dd5a2c6
diff --git a/phosphor-ldap-config/ldap_config.cpp b/phosphor-ldap-config/ldap_config.cpp
index 80b8c9c..ed40d17 100644
--- a/phosphor-ldap-config/ldap_config.cpp
+++ b/phosphor-ldap-config/ldap_config.cpp
@@ -27,7 +27,10 @@
constexpr auto nscdService = "nscd.service";
constexpr auto LDAPscheme = "ldap";
constexpr auto LDAPSscheme = "ldaps";
-constexpr auto certObjPath = "/xyz/openbmc_project/certs/client/ldap";
+constexpr auto certObjPath = "/xyz/openbmc_project/certs/client/ldap/1";
+constexpr auto certRootPath = "/xyz/openbmc_project/certs/client/ldap";
+constexpr auto certIface = "xyz.openbmc_project.Certs.Certificate";
+constexpr auto certProperty = "CertificateString";
using namespace phosphor::logging;
using namespace sdbusplus::xyz::openbmc_project::Common::Error;
@@ -57,8 +60,13 @@
tlsCacertFile(caCertFile), tlsCertFile(certFile), configFilePath(filePath),
objectPath(path), bus(bus), parent(parent),
certificateInstalledSignal(
- bus, sdbusplus::bus::match::rules::interfacesAdded(certObjPath),
+ bus, sdbusplus::bus::match::rules::interfacesAdded(certRootPath),
std::bind(std::mem_fn(&Config::certificateInstalled), this,
+ std::placeholders::_1)),
+ certificateChangedSignal(
+ bus,
+ sdbusplus::bus::match::rules::propertiesChanged(certObjPath, certIface),
+ std::bind(std::mem_fn(&Config::certificateChanged), this,
std::placeholders::_1))
{
ConfigIface::lDAPServerURI(lDAPServerURI);
@@ -97,14 +105,19 @@
}
Config::Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath,
- const char* caCertFile, ConfigIface::Type lDAPType,
- ConfigMgr& parent) :
+ const char* caCertFile, const char* certFile,
+ ConfigIface::Type lDAPType, ConfigMgr& parent) :
Ifaces(bus, path, true),
- tlsCacertFile(caCertFile), configFilePath(filePath), objectPath(path),
- bus(bus), parent(parent),
+ tlsCacertFile(caCertFile), tlsCertFile(certFile), configFilePath(filePath),
+ objectPath(path), bus(bus), parent(parent),
certificateInstalledSignal(
- bus, sdbusplus::bus::match::rules::interfacesAdded(certObjPath),
+ bus, sdbusplus::bus::match::rules::interfacesAdded(certRootPath),
std::bind(std::mem_fn(&Config::certificateInstalled), this,
+ std::placeholders::_1)),
+ certificateChangedSignal(
+ bus,
+ sdbusplus::bus::match::rules::propertiesChanged(certObjPath, certIface),
+ std::bind(std::mem_fn(&Config::certificateChanged), this,
std::placeholders::_1))
{
ConfigIface::lDAPType(lDAPType);
@@ -145,6 +158,29 @@
}
}
+void Config::certificateChanged(sdbusplus::message::message& msg)
+{
+ // TODO: Property filtering needs to be done, we need to write
+ // the config only when the property is "Certificate String".
+ try
+ {
+ if (enabled())
+ {
+ writeConfig();
+ }
+ parent.startOrStopService(nslcdService, enabled());
+ }
+ catch (const InternalFailure& e)
+ {
+ throw;
+ }
+ catch (const std::exception& e)
+ {
+ log<level::ERR>(e.what());
+ elog<InternalFailure>();
+ }
+}
+
void Config::writeConfig()
{
std::stringstream confData;