X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=tid%2Ftids.c;h=8d2274937a9e43be41748fa29db996f4ebe2dbd4;hb=6e1647f2f4714d8c0c4c27ef376302bab1ae4bb3;hp=082904cc80ed3afd15a59da6a9607ad34242088b;hpb=b3ee5bdac5c9cf89305f655f25ae783f5bb541fd;p=trust_router.git

diff --git a/tid/tids.c b/tid/tids.c
index 082904c..8d22749 100644
--- a/tid/tids.c
+++ b/tid/tids.c
@@ -44,6 +44,7 @@
 #include <netinet/in.h>
 #include <jansson.h>
 #include <talloc.h>
+#include <poll.h>
 #include <tid_internal.h>
 #include <gsscon.h>
 #include <tr_debug.h>
@@ -54,7 +55,7 @@ static TID_RESP *tids_create_response (TIDS_INSTANCE *tids, TID_REQ *req)
   TID_RESP *resp=NULL;
   int success=0;
 
-  if ((NULL == (resp = talloc_zero(req, TID_RESP)))) {
+  if (NULL == (resp = tid_resp_new(req))) {
     tr_crit("tids_create_response: Error allocating response structure.");
     return NULL;
   }
@@ -72,42 +73,23 @@ static TID_RESP *tids_create_response (TIDS_INSTANCE *tids, TID_REQ *req)
       goto cleanup;
     }
   }
+  if (req->request_id) {
+    if (NULL == (resp->request_id = tr_dup_name(req->request_id))) {
+      tr_crit("tids_create_response: Error allocating fields in response.");
+      goto cleanup;
+    }
+  }
 
   success=1;
 
 cleanup:
   if ((!success) && (resp!=NULL)) {
-    if (resp->rp_realm!=NULL)
-      tr_free_name(resp->rp_realm);
-    if (resp->realm!=NULL)
-      tr_free_name(resp->realm);
-    if (resp->comm!=NULL)
-      tr_free_name(resp->comm);
-    if (resp->orig_coi!=NULL)
-      tr_free_name(resp->orig_coi);
     talloc_free(resp);
     resp=NULL;
   }
   return resp;
 }
 
-static void tids_destroy_response(TIDS_INSTANCE *tids, TID_RESP *resp) 
-{
-  if (resp) {
-    if (resp->err_msg)
-      tr_free_name(resp->err_msg);
-    if (resp->rp_realm)
-      tr_free_name(resp->rp_realm);
-    if (resp->realm)
-      tr_free_name(resp->realm);
-    if (resp->comm)
-      tr_free_name(resp->comm);
-    if (resp->orig_coi)
-      tr_free_name(resp->orig_coi);
-    talloc_free(resp);
-  }
-}
-
 static int tids_listen(TIDS_INSTANCE *tids, int port, int *fd_out, size_t max_fd) 
 {
   int rc = 0;
@@ -121,15 +103,17 @@ static int tids_listen(TIDS_INSTANCE *tids, int port, int *fd_out, size_t max_fd
                          .ai_protocol=IPPROTO_TCP};
   char *port_str=NULL;
   size_t n_opened=0;
-  
+
+  tr_debug("tids_listen: started!");
   port_str=talloc_asprintf(NULL, "%d", port);
   if (port_str==NULL) {
     tr_debug("tids_listen: unable to allocate port.");
     return -1;
   }
 
-  getaddrinfo(NULL, port_str, &hints, &ai_head);
+  tr_debug("getaddrinfo()=%d", getaddrinfo(NULL, port_str, &hints, &ai_head));
   talloc_free(port_str);
+  tr_debug("tids_listen: got address info");
 
   /* TODO: listen on all ports */
   for (ai=ai_head,n_opened=0; (ai!=NULL)&&(n_opened<max_fd); ai=ai->ai_next) {
@@ -217,8 +201,11 @@ static int tids_auth_connection (TIDS_INSTANCE *inst,
 
   if (rc = gsscon_passive_authenticate(conn, nameBuffer, gssctx, tids_auth_cb, inst)) {
     tr_debug("tids_auth_connection: Error from gsscon_passive_authenticate(), rc = %d.", rc);
+    free(name);
     return -1;
   }
+  free(name);
+  nameBuffer.value=NULL; nameBuffer.length=0;
 
   if (rc = gsscon_authorize(*gssctx, &auth, &autherr)) {
     tr_debug("tids_auth_connection: Error from gsscon_authorize, rc = %d, autherr = %d.", 
@@ -314,7 +301,6 @@ int tids_send_err_response (TIDS_INSTANCE *tids, TID_REQ *req, const char *err_m
     tr_crit("tids_send_err_response: Can't create response.");
     return -1;
   }
-
   
   /* mark this as an error response, and include the error message */
   resp->result = TID_ERROR;
@@ -323,7 +309,7 @@ int tids_send_err_response (TIDS_INSTANCE *tids, TID_REQ *req, const char *err_m
 
   rc = tids_send_response(tids, req, resp);
   
-  tids_destroy_response(tids, resp);
+  tid_resp_free(resp);
   return rc;
 }
 
@@ -345,7 +331,7 @@ int tids_send_response (TIDS_INSTANCE *tids, TID_REQ *req, TID_RESP *resp)
 
   if (NULL == (resp_buf = tr_msg_encode(&mresp))) {
 
-    fprintf(stderr, "tids_send_response: Error encoding json response.\n");
+    tr_err("tids_send_response: Error encoding json response.");
     tr_audit_req(req);
 
     return -1;
@@ -421,26 +407,25 @@ static void tids_handle_connection (TIDS_INSTANCE *tids, int conn)
       tr_debug("tids_handle_connection: Error from tids_send_response(), rc = %d.", rc);
       /* if we didn't already send a response, try to send a generic error. */
       if (!tr_msg_get_req(mreq)->resp_sent)
-	tids_send_err_response(tids, tr_msg_get_req(mreq), "Error sending response.");
+        tids_send_err_response(tids, tr_msg_get_req(mreq), "Error sending response.");
       /* Fall through to free the response, either way. */
     }
     
-    tids_destroy_response(tids, resp);
-    tr_msg_free_decoded(mreq);
+    tr_msg_free_decoded(mreq); /* takes resp with it */
     return;
   } 
 }
 
-TIDS_INSTANCE *tids_create (TALLOC_CTX *mem_ctx)
+TIDS_INSTANCE *tids_create (void)
 {
-  return talloc_zero(mem_ctx, TIDS_INSTANCE);
+  return talloc_zero(NULL, TIDS_INSTANCE);
 }
 
 /* Get a listener for tids requests, returns its socket fd. Accept
  * connections with tids_accept() */
 int tids_get_listener(TIDS_INSTANCE *tids, 
                       TIDS_REQ_FUNC *req_handler,
-                      TIDS_AUTH_FUNC *auth_handler,
+                      tids_auth_func *auth_handler,
                       const char *hostname,
                       unsigned int port,
                       void *cookie,
@@ -452,16 +437,16 @@ int tids_get_listener(TIDS_INSTANCE *tids,
 
   tids->tids_port = port;
   n_fd=tids_listen(tids, port, fd_out, max_fd);
-  if (n_fd==0)
-    tr_debug("tids_get_listener: Error opening port %d");
+  if (n_fd<=0)
+    tr_err("tids_get_listener: Error opening port %d");
   else {
     /* opening port succeeded */
-    tr_debug("tids_get_listener: Opened port %d.", port);
+    tr_info("tids_get_listener: Opened port %d.", port);
     
     /* make this socket non-blocking */
     for (ii=0; ii<n_fd; ii++) {
       if (0 != fcntl(fd_out[ii], F_SETFL, O_NONBLOCK)) {
-        tr_debug("tids_get_listener: Error setting O_NONBLOCK.");
+        tr_err("tids_get_listener: Error setting O_NONBLOCK.");
         for (ii=0; ii<n_fd; ii++) {
           close(fd_out[ii]);
           fd_out[ii]=-1;
@@ -514,6 +499,66 @@ int tids_accept(TIDS_INSTANCE *tids, int listen)
   return 0;
 }
 
+/* Process tids requests forever. Should not return except on error. */
+#define MAX_SOCKETS 10
+int tids_start (TIDS_INSTANCE *tids, 
+                TIDS_REQ_FUNC *req_handler,
+                tids_auth_func *auth_handler,
+                const char *hostname,
+                unsigned int port,
+                void *cookie)
+{
+  int fd[MAX_SOCKETS]={0};
+  size_t n_fd=0;
+  struct pollfd poll_fd[MAX_SOCKETS]={{0}};
+  int ii=0;
+
+  n_fd=tids_get_listener(tids, req_handler, auth_handler, hostname, port, cookie, fd, MAX_SOCKETS);
+  if (n_fd <= 0) {
+    perror ("Error from tids_listen()");
+    return 1;
+  }
+
+  tr_info("Trust Path Query Server starting on host %s:%d.", hostname, port);
+
+  /* set up the poll structs */
+  for (ii=0; ii<n_fd; ii++) {
+    poll_fd[ii].fd=fd[ii];
+    poll_fd[ii].events=POLLIN;
+  }
+
+  while(1) {	/* accept incoming conns until we are stopped */
+    /* clear out events from previous iteration */
+    for (ii=0; ii<n_fd; ii++)
+      poll_fd[ii].revents=0;
+
+    /* wait indefinitely for a connection */
+    if (poll(poll_fd, n_fd, -1) < 0) {
+      perror("Error from poll()");
+      return 1;
+    }
+
+    /* fork handlers for any sockets that have data */
+    for (ii=0; ii<n_fd; ii++) {
+      if (poll_fd[ii].revents == 0)
+        continue;
+
+      if ((poll_fd[ii].revents & POLLERR) || (poll_fd[ii].revents & POLLNVAL)) {
+        perror("Error polling fd");
+        continue;
+      }
+
+      if (poll_fd[ii].revents & POLLIN) {
+        if (tids_accept(tids, poll_fd[ii].fd))
+          tr_err("tids_start: error in tids_accept().");
+      }
+    }
+  }
+
+  return 1;	/* should never get here, loops "forever" */
+}
+#undef MAX_SOCKETS
+
 void tids_destroy (TIDS_INSTANCE *tids)
 {
   /* clean up logfiles */