X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=tr%2Ftr_tid.c;h=464ebd43beb9902ad106fb054b94ae4c60e7f340;hb=1a3ad555c6b58de28efb85e7ab07c2f35208ab0d;hp=dffa46bca29464a800a9b1f7c0a96e9961b572a6;hpb=fa5f69b296b9fa27f374a51b66d84ff4de3f3559;p=trust_router.git

diff --git a/tr/tr_tid.c b/tr/tr_tid.c
index dffa46b..464ebd4 100644
--- a/tr/tr_tid.c
+++ b/tr/tr_tid.c
@@ -399,38 +399,32 @@ static int tr_tids_req_handler(TIDS_INSTANCE *tids,
   tr_debug("tr_tids_req_handler: looking up route.");
   route=trps_get_selected_route(trps, orig_req->comm, orig_req->realm);
   if (route==NULL) {
-    tr_notice("tr_tids_req_handler: no route table entry found for realm (%s) in community (%s).",
-              orig_req->realm->buf, orig_req->comm->buf);
-    tids_send_err_response(tids, orig_req, "Missing trust route error");
-    retval=-1;
-    goto cleanup;
-  }
-  tr_debug("tr_tids_req_handler: found route.");
-  if (trp_route_is_local(route)) {
-    tr_debug("tr_tids_req_handler: route is local.");
-    aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->ctable->idp_realms, 
-                                           orig_req->realm, 
-                                           orig_req->comm,
-                                          &idp_shared);
-  } else {
-    tr_debug("tr_tids_req_handler: route not local.");
-    aaa_servers = tr_aaa_server_new(tmp_ctx, trp_route_get_next_hop(route));
-    idp_shared=0;
-  }
-
-  /* Find the AAA server(s) for this request */
-  if (NULL == aaa_servers) {
-    tr_debug("tr_tids_req_handler: No AAA Servers for realm %s, defaulting.", orig_req->realm->buf);
-    if (NULL == (aaa_servers = tr_default_server_lookup (cfg_mgr->active->default_servers,
-                                                         orig_req->comm))) {
+    /* No route. Use default AAA servers if we have them. */
+    tr_debug("tr_tids_req_handler: No route for realm %s, defaulting.", orig_req->realm->buf);
+    if (NULL == (aaa_servers = tr_default_server_lookup(cfg_mgr->active->default_servers,
+                                                        orig_req->comm))) {
       tr_notice("tr_tids_req_handler: No default AAA servers, discarded.");
       tids_send_err_response(tids, orig_req, "No path to AAA Server(s) for realm");
-      retval=-1;
+      retval = -1;
       goto cleanup;
     }
-    idp_shared=0;
+    idp_shared = 0;
   } else {
-    /* if we aren't defaulting, check idp coi and apc membership */
+    /* Found a route. Determine the AAA servers or next hop address. */
+    tr_debug("tr_tids_req_handler: found route.");
+    if (trp_route_is_local(route)) {
+      tr_debug("tr_tids_req_handler: route is local.");
+      aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->ctable->idp_realms,
+                                             orig_req->realm,
+                                             orig_req->comm,
+                                             &idp_shared);
+    } else {
+      tr_debug("tr_tids_req_handler: route not local.");
+      aaa_servers = tr_aaa_server_new(tmp_ctx, trp_route_get_next_hop(route));
+      idp_shared = 0;
+    }
+
+    /* Since we aren't defaulting, check idp coi and apc membership */
     if (NULL == (tr_comm_find_idp(cfg_mgr->active->ctable, cfg_comm, fwd_req->realm))) {
       tr_notice("tr_tids_req_handler: IDP Realm (%s) not member of community (%s).", orig_req->realm->buf, orig_req->comm->buf);
       tids_send_err_response(tids, orig_req, "IDP community membership error");
@@ -445,6 +439,15 @@ static int tr_tids_req_handler(TIDS_INSTANCE *tids,
     }
   }
 
+  /* Make sure we came through with a AAA server. If not, we can't handle the request. */
+  if (NULL == aaa_servers) {
+    tr_notice("tr_tids_req_handler: no route or AAA server for realm (%s) in community (%s).",
+              orig_req->realm->buf, orig_req->comm->buf);
+    tids_send_err_response(tids, orig_req, "Missing trust route error");
+    retval = -1;
+    goto cleanup;
+  }
+
   /* send a TID request to the AAA server(s), and get the answer(s) */
   tr_debug("tr_tids_req_handler: sending TID request(s).");
   if (cfg_apc)
@@ -673,7 +676,7 @@ int tr_tids_event_init(struct event_base *base,
   TALLOC_CTX *tmp_ctx=talloc_new(NULL);
   struct tr_tids_event_cookie *cookie=NULL;
   int retval=0;
-  size_t ii=0;
+  int ii=0;
 
   if (tids_ev == NULL) {
     tr_debug("tr_tids_event_init: Null tids_ev.");
@@ -695,14 +698,14 @@ int tr_tids_event_init(struct event_base *base,
   talloc_steal(tids, cookie);
 
   /* get a tids listener */
-  tids_ev->n_sock_fd=tids_get_listener(tids,
-                                       tr_tids_req_handler,
-                                       tr_tids_gss_handler,
-                                       cfg_mgr->active->internal->hostname,
-                                       cfg_mgr->active->internal->tids_port,
-                                       (void *)cookie,
-                                       tids_ev->sock_fd,
-                                       TR_MAX_SOCKETS);
+  tids_ev->n_sock_fd = tids_get_listener(tids,
+                                         tr_tids_req_handler,
+                                         tr_tids_gss_handler,
+                                         cfg_mgr->active->internal->hostname,
+                                         cfg_mgr->active->internal->tids_port,
+                                         (void *)cookie,
+                                         tids_ev->sock_fd,
+                                         TR_MAX_SOCKETS);
   if (tids_ev->n_sock_fd==0) {
     tr_crit("Error opening TID server socket.");
     retval=1;