/*
- * Copyright (c) 2012, JANET(UK)
+ * Copyright (c) 2012, 2015, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
return conn;
}
+/* returns EACCES if authorization is denied */
static int tids_auth_cb(gss_name_t clientName, gss_buffer_t displayName,
void *data)
{
struct tids_instance *inst = (struct tids_instance *) data;
TR_NAME name ={(char *) displayName->value,
displayName->length};
- return inst->auth_handler(clientName, &name, inst->cookie);
+ int result=0;
+
+ if (0!=inst->auth_handler(clientName, &name, inst->cookie)) {
+ tr_debug("tids_auth_cb: client '%.*s' denied authorization.", name.len, name.buf);
+ result=EACCES; /* denied */
+ }
+
+ return result;
}
+/* returns 0 on authorization success, 1 on failure, or -1 in case of error */
static int tids_auth_connection (struct tids_instance *inst,
int conn, gss_ctx_id_t *gssctx)
{
return -1;
}
+ tid_req_add_path(tr_msg_get_req(mreq), tids->hostname, tids->tids_port);
+
/* Call the caller's request handler */
/* TBD -- Handle different error returns/msgs */
if (0 > (rc = (*tids->req_handler)(tids, tr_msg_get_req(mreq), resp, tids->cookie))) {
return -1;
}
+
/* mark this as an error response, and include the error message */
resp->result = TID_ERROR;
resp->err_msg = tr_new_name((char *)err_msg);
+ resp->error_path = req->path;
rc = tids_send_response(tids, req, resp);
return tids;
}
+/* Process tids requests forever. Should not return except on error. */
int tids_start (TIDS_INSTANCE *tids,
TIDS_REQ_FUNC *req_handler,
tids_auth_func *auth_handler,
int conn = -1;
pid_t pid;
+ tids->tids_port = port;
if (0 > (listen = tids_listen(tids, port)))
perror ("Error from tids_listen()");
close(listen);
tids_handle_connection(tids, conn);
close(conn);
- return 0;
+ exit(0); /* exit to kill forked child process */
} else {
close(conn);
}
projects / trust_router.git / blobdiff