*/
#include <stdio.h>
-#include <stdlib.h>
#include <jansson.h>
-#include <gsscon.h>
#include <trust_router/tr_dh.h>
#include <trust_router/tid.h>
#include <tr_msg.h>
#include <gsscon.h>
-/* char tmp_key[32] =
- {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x19, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
-*/
-
int tmp_len = 32;
TIDC_INSTANCE *tidc_create ()
else
return NULL;
- if (NULL == (tidc->priv_dh = tr_create_dh_params(NULL, 0))) {
- free (tidc);
- return NULL;
- }
-
- fprintf(stderr, "TIDC DH Parameters:\n");
- DHparams_print_fp(stdout, tidc->priv_dh);
- fprintf(stderr, "\n");
-
return tidc;
}
int tidc_open_connection (TIDC_INSTANCE *tidc,
char *server,
+ unsigned int port,
gss_ctx_id_t *gssctx)
{
int err = 0;
int conn = -1;
+ unsigned int use_port = 0;
- err = gsscon_connect(server, TID_PORT, &conn);
+ if (0 == port)
+ use_port = TID_PORT;
+ else
+ use_port = port;
- if (!err)
- err = gsscon_active_authenticate(conn, NULL, "trustidentity", gssctx);
+ fprintf(stderr, "tidc_open_connection: Opening GSS connection to %s:%u.", server, use_port);
+ err = gsscon_connect(server, use_port, "trustidentity", &conn, gssctx);
if (!err)
return conn;
void *cookie)
{
- int err = 0;
+ TID_REQ *tid_req = NULL;
+
+ /* Create and populate a TID req structure */
+ if (!(tid_req = malloc(sizeof(TID_REQ))))
+ return -1;
+
+ memset(tid_req, 0, sizeof(TID_REQ));
+
+ tid_req->conn = conn;
+ tid_req->gssctx = gssctx;
+
+ if ((NULL == (tid_req->rp_realm = tr_new_name(rp_realm))) ||
+ (NULL == (tid_req->realm = tr_new_name(realm))) ||
+ (NULL == (tid_req->comm = tr_new_name(comm)))) {
+ fprintf (stderr, "tidc_send_request: Error duplicating names.\n");
+ return -1;
+ }
+
+ tid_req->tidc_dh = tidc->client_dh;
+
+ return (tidc_fwd_request(tidc, tid_req, resp_handler, cookie));
+}
+
+int tidc_fwd_request (TIDC_INSTANCE *tidc,
+ TID_REQ *tid_req,
+ TIDC_RESP_FUNC *resp_handler,
+ void *cookie)
+
+{
char *req_buf = NULL;
char *resp_buf = NULL;
size_t resp_buflen = 0;
TR_MSG *msg = NULL;
- TID_REQ *tid_req = NULL;
TR_MSG *resp_msg = NULL;
- int c_keylen = 0;
- unsigned char *c_keybuf = NULL;
- int i;
+ int err;
/* Create and populate a TID msg structure */
- if ((!(msg = malloc(sizeof(TR_MSG)))) ||
- (!(tid_req = malloc(sizeof(TID_REQ)))))
+ if (!(msg = malloc(sizeof(TR_MSG))))
return -1;
- memset(tid_req, 0, sizeof(tid_req));
-
msg->msg_type = TID_REQUEST;
-
msg->tid_req = tid_req;
- tid_req->conn = conn;
- tid_req->gssctx = gssctx;
-
- /* TBD -- error handling */
- tid_req->rp_realm = tr_new_name(rp_realm);
- tid_req->realm = tr_new_name(realm);
- tid_req->comm = tr_new_name(comm);
-
- tid_req->tidc_dh = tidc->priv_dh;
+ /* store the response function and cookie */
+ // tid_req->resp_func = resp_handler;
+ // tid_req->cookie = cookie;
- tid_req->resp_func = resp_handler;
- tid_req->cookie = cookie;
/* Encode the request into a json string */
if (!(req_buf = tr_msg_encode(msg))) {
- printf("Error encoding TID request.\n");
+ fprintf(stderr, "tidc_fwd_request: Error encoding TID request.\n");
return -1;
}
- printf ("Sending TID request:\n");
- printf ("%s\n", req_buf);
+ fprintf (stderr, "tidc_fwd_request: Sending TID request:\n");
+ fprintf (stderr, "%s\n", req_buf);
/* Send the request over the connection */
- if (err = gsscon_write_encrypted_token (conn, gssctx, req_buf,
+ if (err = gsscon_write_encrypted_token (tid_req->conn, tid_req->gssctx, req_buf,
strlen(req_buf))) {
- fprintf(stderr, "Error sending request over connection.\n");
+ fprintf(stderr, "tidc_fwd_request: Error sending request over connection.\n");
return -1;
}
- /* TBD -- should queue request on instance, resps read in separate thread */
- /* Read the response from the connection */
+ /* TBD -- queue request on instance, read resps in separate thread */
- if (err = gsscon_read_encrypted_token(conn, gssctx, &resp_buf, &resp_buflen)) {
+ /* Read the response from the connection */
+ /* TBD -- timeout? */
+ if (err = gsscon_read_encrypted_token(tid_req->conn, tid_req->gssctx, &resp_buf, &resp_buflen)) {
if (resp_buf)
free(resp_buf);
return -1;
}
- fprintf(stdout, "Response Received (%d bytes).\n", resp_buflen);
+ fprintf(stdout, "tidc_fwd_request: Response Received (%u bytes).\n", (unsigned) resp_buflen);
fprintf(stdout, "%s\n", resp_buf);
if (NULL == (resp_msg = tr_msg_decode(resp_buf, resp_buflen))) {
- fprintf(stderr, "Error decoding response.\n");
+ fprintf(stderr, "tidc_fwd_request: Error decoding response.\n");
return -1;
}
/* TBD -- Check if this is actually a valid response */
if (!resp_msg->tid_resp) {
- fprintf(stderr, "Error: No response in the response!\n");
+ fprintf(stderr, "tidc_fwd_request: Error, no response in the response!\n");
return -1;
}
- /* Call the caller's response function */
- (*tid_req->resp_func)(tidc, tid_req, resp_msg->tid_resp, cookie);
-
-
- /* Generate the client key -- TBD, handle more than one server */
- if (TID_SUCCESS != resp_msg->tid_resp->result) {
- fprintf(stderr, "Response is an error.\n");
- return -1;
- }
-
- if (!resp_msg->tid_resp->servers) {
- fprintf(stderr, "Response does not contain server info.\n");
- return -1;
- }
-
- if (0 > (c_keylen = tr_compute_dh_key(&c_keybuf,
- resp_msg->tid_resp->servers->aaa_server_dh->pub_key,
- tid_req->tidc_dh))) {
-
- printf("Error computing client key.\n");
- return -1;
- }
-
- /* Print out the client key. */
- printf("Client Key Generated (len = %d):\n", c_keylen);
- for (i = 0; i < c_keylen; i++) {
- printf("%x", c_keybuf[i]);
- }
- printf("\n");
+ if (resp_handler)
+ /* Call the caller's response function */
+ (*resp_handler)(tidc, tid_req, resp_msg->tid_resp, cookie);
+ else
+ fprintf(stderr, "tidc_fwd_request: NULL response function.\n");
if (msg)
free(msg);
if (tid_req)
- free(tid_req);
+ tid_req_free(tid_req);
if (req_buf)
free(req_buf);
if (resp_buf)
return 0;
}
-
-
-
-