asprintf not sprintf

[trust_router.git] / tid / tids.c

diff --git a/tid/tids.c b/tid/tids.c
index 56fe596..acdf332 100644 (file)
--- a/tid/tids.c
+++ b/tid/tids.c
@@ -32,6 +32,7 @@
  *
  */
 
+#include <assert.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <string.h>
@@ -91,10 +92,13 @@ static int tids_listen (TIDS_INSTANCE *tids, int port)
 {
     int rc = 0;
     int conn = -1;
+    int optval = 1;
+
     union {
       struct sockaddr_storage storage;
       struct sockaddr_in in4;
     } addr;
+
     struct sockaddr_in *saddr = (struct sockaddr_in *) &addr.in4;
     
     saddr->sin_port = htons (port);
@@ -104,6 +108,8 @@ static int tids_listen (TIDS_INSTANCE *tids, int port)
     if (0 > (conn = socket (AF_INET, SOCK_STREAM, 0)))
       return conn;
         
+    setsockopt(conn, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
+
     if (0 > (rc = bind (conn, (struct sockaddr *) saddr, sizeof(struct sockaddr_in))))
       return rc;
         
@@ -114,12 +120,29 @@ static int tids_listen (TIDS_INSTANCE *tids, int port)
     return conn; 
 }
 
-static int tids_auth_connection (int conn, gss_ctx_id_t *gssctx)
+static int tids_auth_cb(gss_name_t clientName, gss_buffer_t displayName,
+                       void *data)
+{
+  struct tids_instance *inst = (struct tids_instance *) data;
+  TR_NAME name ={(char *) displayName->value,
+                displayName->length};
+  return inst->auth_handler(clientName, &name, inst->cookie);
+}
+
+static int tids_auth_connection (struct tids_instance *inst,
+                                int conn, gss_ctx_id_t *gssctx)
 {
   int rc = 0;
   int auth, autherr = 0;
+  gss_buffer_desc nameBuffer = {0, NULL};
+  char *name = 0;
+  int nameLen = 0;
 
-  if (rc = gsscon_passive_authenticate(conn, gssctx)) {
+  nameLen = asprintf(&name, "trustidentity@%s", inst->hostname);
+  nameBuffer.length = nameLen;
+  nameBuffer.value = name;
+  
+  if (rc = gsscon_passive_authenticate(conn, nameBuffer, gssctx, tids_auth_cb, inst)) {
     fprintf(stderr, "tids_auth_connection: Error from gsscon_passive_authenticate(), rc = %d.\n", rc);
     return -1;
   }
@@ -269,7 +292,7 @@ static void tids_handle_connection (TIDS_INSTANCE *tids, int conn)
   int rc = 0;
   gss_ctx_id_t gssctx = GSS_C_NO_CONTEXT;
 
-  if (tids_auth_connection(conn, &gssctx)) {
+  if (tids_auth_connection(tids, conn, &gssctx)) {
     fprintf(stderr, "tids_handle_connection: Error authorizing TID Server connection.\n");
     close(conn);
     return;
@@ -326,20 +349,21 @@ TIDS_INSTANCE *tids_create (void)
 
 int tids_start (TIDS_INSTANCE *tids, 
                TIDS_REQ_FUNC *req_handler,
+               tids_auth_func *auth_handler,
+               const char *hostname,
                void *cookie)
 {
   int listen = -1;
   int conn = -1;
   pid_t pid;
-  int optval = 1;
 
   if (0 > (listen = tids_listen(tids, TID_PORT)))
     perror ("Error from tids_listen()");
 
-  setsockopt(listen, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
-
   /* store the caller's request handler & cookie */
   tids->req_handler = req_handler;
+  tids->auth_handler = auth_handler;
+  tids->hostname = hostname;
   tids->cookie = cookie;
 
   while(1) {   /* accept incoming conns until we are stopped */
@@ -358,7 +382,7 @@ int tids_start (TIDS_INSTANCE *tids,
       close(listen);
       tids_handle_connection(tids, conn);
       close(conn);
-      exit(0);
+      return 0;
     } else {
       close(conn);
     }