#include <unistd.h>
#include <sys/time.h>
#include <glib.h>
+#include <string.h>
#include <gsscon.h>
+#include <tr_comm.h>
#include <tr_apc.h>
#include <tr_rp.h>
#include <trust_router/tr_name.h>
return rc;
}
-static int trps_listen (TRPS_INSTANCE *trps, int port)
+/* Listens on all interfaces */
+static int trps_listen(TRPS_INSTANCE *trps, int port)
{
int rc = 0;
int conn = -1;
- int optval = 1;
-
- union {
- struct sockaddr_storage storage;
- struct sockaddr_in in4;
- } addr;
-
- struct sockaddr_in *saddr = (struct sockaddr_in *) &addr.in4;
-
- saddr->sin_port = htons (port);
- saddr->sin_family = AF_INET;
- saddr->sin_addr.s_addr = INADDR_ANY;
-
- if (0 > (conn = socket (AF_INET, SOCK_STREAM, 0)))
- return conn;
+ int optval=0;
+ struct addrinfo *ai=NULL;
+ struct addrinfo *ai_head=NULL;
+ struct addrinfo hints={.ai_flags=AI_PASSIVE,
+ .ai_family=AF_UNSPEC,
+ .ai_socktype=SOCK_STREAM,
+ .ai_protocol=IPPROTO_TCP};
+ char *port_str=NULL;
+
+ port_str=talloc_asprintf(NULL, "%d", port);
+ if (port_str==NULL) {
+ tr_debug("trps_listen: unable to allocate port.");
+ return -1;
+ }
+ rc=getaddrinfo(NULL, port_str, &hints, &ai_head);
+ talloc_free(port_str);
+
+ /* TODO: listen on all ports */
+ for (ai=ai_head; ai!=NULL; ai=ai->ai_next) {
+ if (ai->ai_family==AF_INET6) {
+ ai=talloc_memdup(NULL, ai, sizeof(struct addrinfo)); /* get a permanent copy of this */
+ break;
+ }
+ }
+ freeaddrinfo(ai_head);
+ if (ai==NULL) {
+ tr_debug("trps_listen: no addresses available for listening.");
+ return -1;
+ }
+
+ if (0 > (conn = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol))) {
+ tr_debug("trps_listen: unable to open socket.");
+ talloc_free(ai);
+ return -1;
+ }
+
+ optval=1;
setsockopt(conn, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
+/* setsockopt(conn, IPPROTO_IPV6, IPV6_V6ONLY, &optval, sizeof(optval)); */
- if (0 > (rc = bind (conn, (struct sockaddr *) saddr, sizeof(struct sockaddr_in))))
- return rc;
+ rc=bind(conn, ai->ai_addr, ai->ai_addrlen);
+ talloc_free(ai);
+
+ if (rc<0) {
+ char errmsg[255];
+ tr_debug("trps_listen: unable to bind to socket (%s).", strerror_r(errno, errmsg, 255));
+ close(conn);
+ return -1;
+ }
- if (0 > (rc = listen(conn, 512)))
- return rc;
+ if (0>listen(conn, 512)) {
+ tr_debug("trps_listen: unable to listen on bound socket.");
+ close(conn);
+ return -1;
+ }
tr_debug("trps_listen: TRP Server listening on port %d", port);
return conn;
* the next table sweep if it does not get any realms before that happens */
goto cleanup;
}
- tr_rp_realm_add(trps->ctable->rp_realms, rp_realm);
+ tr_comm_table_add_rp_realm(trps->ctable, rp_realm);
}
/* TODO: if realm existed, see if data match the new inforec and update or complain */
- tr_comm_add_rp_realm(trps->ctable, comm, rp_realm, trp_inforec_get_provenance(rec), &expiry);
+ tr_comm_add_rp_realm(trps->ctable, comm, rp_realm, trp_inforec_get_interval(rec), trp_inforec_get_provenance(rec), &expiry);
tr_debug("trps_handle_inforec_comm: added RP realm %.*s to comm %.*s (origin %.*s).",
realm_id->len, realm_id->buf,
comm_id->len, comm_id->buf,
* the next table sweep if it does not get any realms before that happens */
goto cleanup;
}
- tr_idp_realm_add(trps->ctable->idp_realms, idp_realm);
+ tr_comm_table_add_idp_realm(trps->ctable, idp_realm);
}
/* TODO: if realm existed, see if data match the new inforec and update or complain */
- tr_comm_add_idp_realm(trps->ctable, comm, idp_realm, trp_inforec_get_provenance(rec), &expiry);
+ tr_comm_add_idp_realm(trps->ctable, comm, idp_realm, trp_inforec_get_interval(rec), trp_inforec_get_provenance(rec), &expiry);
tr_debug("trps_handle_inforec_comm: added IDP realm %.*s to comm %.*s (origin %.*s).",
realm_id->len, realm_id->buf,
comm_id->len, comm_id->buf,
return TRP_SUCCESS;
}
+
+static char *timespec_to_str(struct timespec *ts)
+{
+ struct tm tm;
+ char *s=NULL;
+
+ if (localtime_r(&(ts->tv_sec), &tm)==NULL)
+ return NULL;
+
+ s=malloc(40); /* long enough to contain strftime result */
+ if (s==NULL)
+ return NULL;
+
+ if (strftime(s, 40, "%F %T", &tm)==0) {
+ free(s);
+ return NULL;
+ }
+ return s;
+}
+
+
+/* Sweep for expired communities/realms/memberships. */
+TRP_RC trps_sweep_ctable(TRPS_INSTANCE *trps)
+{
+ TALLOC_CTX *tmp_ctx=talloc_new(NULL);
+ struct timespec sweep_time={0,0};
+ TR_COMM_MEMB *memb=NULL;
+ TR_COMM_ITER *iter=NULL;
+ TRP_RC rc=TRP_ERROR;
+
+ /* use a single time for the entire sweep */
+ if (0!=clock_gettime(CLOCK_REALTIME, &sweep_time)) {
+ tr_err("trps_sweep_ctable: could not read realtime clock.");
+ sweep_time.tv_sec=0;
+ sweep_time.tv_nsec=0;
+ goto cleanup;
+ }
+
+ /* iterate all memberships */
+ iter=tr_comm_iter_new(tmp_ctx);
+ if (iter==NULL) {
+ tr_err("trps_sweep_ctable: unable to allocate iterator.");
+ rc=TRP_NOMEM;
+ goto cleanup;
+ }
+ for (memb=tr_comm_memb_iter_all_first(iter, trps->ctable);
+ memb!=NULL;
+ memb=tr_comm_memb_iter_all_next(iter)) {
+ if (tr_comm_memb_get_origin(memb)==NULL)
+ continue; /* do not expire local entries */
+
+ if (tr_comm_memb_is_expired(memb, &sweep_time)) {
+ if (tr_comm_memb_get_times_expired(memb)>0) {
+ /* Already expired once; flush. */
+ tr_debug("trps_sweep_ctable: flushing expired community membership (%.*s in %.*s, origin %.*s, expired %s).",
+ tr_comm_memb_get_realm_id(memb)->len, tr_comm_memb_get_realm_id(memb)->buf,
+ tr_comm_get_id(tr_comm_memb_get_comm(memb))->len, tr_comm_get_id(tr_comm_memb_get_comm(memb))->buf,
+ tr_comm_memb_get_origin(memb)->len, tr_comm_memb_get_origin(memb)->buf,
+ timespec_to_str(tr_comm_memb_get_expiry(memb)));
+ tr_comm_table_remove_memb(trps->ctable, memb);
+ tr_comm_memb_free(memb);
+ } else {
+ /* This is the first expiration. Note this and reset the expiry time. */
+ tr_comm_memb_expire(memb);
+ trps_compute_expiry(trps, tr_comm_memb_get_interval(memb), tr_comm_memb_get_expiry(memb));
+ tr_debug("trps_sweep_ctable: community membership expired, resetting expiry to %s (%.*s in %.*s, origin %.*s).",
+ timespec_to_str(tr_comm_memb_get_expiry(memb)),
+ tr_comm_memb_get_realm_id(memb)->len, tr_comm_memb_get_realm_id(memb)->buf,
+ tr_comm_get_id(tr_comm_memb_get_comm(memb))->len, tr_comm_get_id(tr_comm_memb_get_comm(memb))->buf,
+ tr_comm_memb_get_origin(memb)->len, tr_comm_memb_get_origin(memb)->buf);
+ }
+ }
+ }
+
+ /* get rid of any unreferenced realms, etc */
+ tr_comm_table_sweep(trps->ctable);
+
+cleanup:
+ talloc_free(tmp_ctx);
+ return rc;
+}
+
/* add metrics */
static unsigned int trps_metric_add(unsigned int m1, unsigned int m2)
{
goto cleanup;
}
- if (TRP_SUCCESS!=trp_inforec_set_interval(rec, tr_comm_memb_get_interval(memb))) {
+ if (TRP_SUCCESS!=trp_inforec_set_interval(rec, trps_get_update_interval(trps))) {
rec=NULL;
goto cleanup;
}
projects / trust_router.git / blobdiff