feat: tick up protocol minor version, always return response on shbc config so RPS can fall-back to non-shbc configuration.

activation.h

@@ -8,7 +8,7 @@
 
 #include <string>
 
-#define PROTOCOL_VERSION "4.0.0"
+#define PROTOCOL_VERSION "4.1.0"
 
 #ifdef _WIN32
 #define convertstring   to_utf16string

main.cpp

@@ -63,7 +63,7 @@ int main(int argc, char* argv[])
     std::string arg_info;
     bool arg_verbose = false;
     bool arg_nocertcheck = false;
-    bool secureHostBasedConfig = false;
+    bool shbc_config = false;
 
     if (argc == 1)
     {
@@ -187,7 +187,7 @@ int main(int argc, char* argv[])
     memset(&lms_socket, 0, sizeof(SOCKET));
 
     // set receive handler
-    client.set_message_handler([&client, &mx, &cv, &lms_socket, arg_verbose, &secureHostBasedConfig](web::websockets::client::websocket_incoming_message ret_msg)
+    client.set_message_handler([&client, &mx, &cv, &lms_socket, arg_verbose, &shbc_config](web::websockets::client::websocket_incoming_message ret_msg)
     {
         // kick the timer
         std::chrono::time_point<std::chrono::system_clock> now = std::chrono::system_clock::now();
@@ -292,11 +292,11 @@ int main(int argc, char* argv[])
                 config_host_based_settings amt_cert;
                 server_cert.algorithm = certAlgo;
                 server_cert.hash = certHash;
-                if (cmd_start_config_host_based(server_cert, amt_cert))
-                {
+                bool sbhc_success = cmd_start_config_host_based(server_cert, amt_cert);
+                
                 // create the response
                 std::string response;
-                    if (!shbc_create_response(amt_cert.algorithm, amt_cert.hash, response)) return;
+                if (!shbc_create_response(amt_cert.algorithm, amt_cert.hash, sbhc_success, response)) return;
 
                 // send it
                 web::websockets::client::websocket_outgoing_message send_websocket_msg;
@@ -305,11 +305,7 @@ int main(int argc, char* argv[])
                 client.send(send_websocket_msg).wait();
 
                 // use secure host post for LMS going forward
-                    secureHostBasedConfig = true;
-
-                    return;
-
-                }
+                shbc_config = sbhc_success;
                 
                 return;
             }
@@ -365,7 +361,7 @@ int main(int argc, char* argv[])
             try
             {
                 // conntect to lms
-                lms_socket = lms_connect(secureHostBasedConfig);
+                lms_socket = lms_connect(shbc_config);
             }
             catch (...)
             {

shbc.cpp

@@ -33,7 +33,7 @@ bool get_response_payload(std::string cert_algo, std::string cert_hash, web::jso
     return true;
 }
 
-bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::string& response)
+bool shbc_create_response(std::string cert_algo, std::string cert_hash, bool config_status, std::string& response)
 {
     web::json::value msg;
 
@@ -49,12 +49,11 @@ bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::str
     tmp = utility::conversions::convertstring(PROTOCOL_VERSION);
     msg[U("protocolVersion")] = web::json::value::string(tmp);
 
-    tmp = utility::conversions::convertstring("");
-    msg[U("status")] = web::json::value::string(tmp);
-
     tmp = utility::conversions::convertstring("");
     msg[U("message")] = web::json::value::string(tmp);
 
+    if (config_status)
+    {
         // get the activation payload
         web::json::value responsePayload;
         if (!get_response_payload(cert_algo, cert_hash, responsePayload)) return false;
@@ -65,6 +64,18 @@ bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::str
         utility::string_t payload = utility::conversions::to_string_t(encodedPayload);
         msg[U("payload")] = web::json::value::string(payload);
 
+        tmp = utility::conversions::convertstring("success");
+        msg[U("status")] = web::json::value::string(tmp);
+    }
+    else
+    {
+        tmp = utility::conversions::convertstring("");
+        msg[U("payload")] = web::json::value::string(tmp);
+
+        tmp = utility::conversions::convertstring("failed");
+        msg[U("status")] = web::json::value::string(tmp);
+    }
+
     // serialize the entire message
     response = utility::conversions::to_utf8string(msg.serialize());
 

shbc.h

@@ -14,6 +14,6 @@
 #define convertstring   to_utf8string
 #endif
 
-bool shbc_create_response(std::string cert_algo, std::string cert_hash, std::string& response);
+bool shbc_create_response(std::string cert_algo, std::string cert_hash, bool config_status, std::string& response);
 
 #endif