From: Margaret Wasserman <margaret@moonshot-proxy>
Date: Tue, 2 Jul 2013 14:04:20 +0000 (-0400)
Subject: Merge branch 'master' of moonshot.suchdamage.org:/srv/git/trust_router
X-Git-Tag: 1.0~23
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=319c080f87aad7075352e256b89bbb723bdae279;hp=0b07614f88849adb93acb00d2a528b526f4d8147;p=trust_router.git

Merge branch 'master' of moonshot.suchdamage.org:/srv/git/trust_router
---

diff --git a/Makefile.am b/Makefile.am
index 8b94d8e..10b9b43 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -13,6 +13,7 @@ tr_trust_router_SOURCES = tr/tr_main.c \
 common/tr_config.c \
 common/tr_idp.c \
 common/tr_comm.c \
+common/tr_filter.c \
 tr/tr.c
 
 tr_trust_router_LDADD = gsscon/libgsscon.la libtr_tid.la
@@ -43,7 +44,8 @@ noinst_HEADERS = include/gsscon.h include/tr_config.h \
 include/tr_msg.h \
 include/tr.h \
 	include/tr_idp.h include/tr_rp.h \
-	include/tr_comm.h include/tr_apc.h
+	include/tr_comm.h include/tr_apc.h \
+	include/tr_filter.h
 
 
 EXTRA_DIST = trust_router.spec
diff --git a/common/tr_config.c b/common/tr_config.c
index 09333c4..b5e12f0 100644
--- a/common/tr_config.c
+++ b/common/tr_config.c
@@ -90,10 +90,85 @@ static TR_CFG_RC tr_cfg_parse_internal (TR_INSTANCE *tr, json_t *jcfg) {
   return TR_CFG_SUCCESS;
 }
 
-static TR_CFG_RC tr_cfg_parse_rp_clients (TR_INSTANCE *tr, json_t *jcfg) {
-  //  json_t *jrpr = NULL;
+static TR_RP_CLIENT *tr_cfg_parse_one_rp_client (TR_INSTANCE *tr, json_t *jrp, TR_CFG_RC *rc) 
+{
+  TR_RP_CLIENT *rp = NULL;
+  json_t *jgns = NULL;
+  int i = 0;
+
+  if ((!jrp) || (!rc)) {
+    fprintf(stderr, "tr_cfg_parse_one_rp_realm: Bad parameters.\n");
+    if (rc)
+      *rc = TR_CFG_BAD_PARAMS;
+    return NULL;
+  }
+
+  if (NULL == (rp = malloc(sizeof(TR_RP_CLIENT)))) {
+    fprintf(stderr, "tr_config_parse_one_rp_realm: Out of memory.\n");
+    *rc = TR_CFG_NOMEM;
+    return NULL;
+  }
   
-  return TR_CFG_SUCCESS;
+  memset(rp, 0, sizeof(TR_RP_CLIENT));
+	 
+  /* TBD parse filters and constraints */
+
+  if ((NULL == (jgns = json_object_get(jrp, "gss_names"))) ||
+      (!json_is_array(jgns))) {
+    fprintf(stderr, "tr_cfg_parse_one_rp_client: Error parsing RP client configuration.\n");
+    free(rp);
+    *rc = TR_CFG_NOPARSE;
+    return NULL;
+  }
+
+  if (0 == json_array_size(jgns)) {
+    fprintf(stderr, "tr_cfg_parse_one_rp_client: RP Client has no GSS Names.\n");
+    *rc = TR_CFG_NOPARSE;
+    return NULL;
+  }
+
+  if (TR_MAX_GSS_NAMES < json_array_size(jgns)) {
+    fprintf(stderr, "tr_cfg_parse_one_rp_client: RP Client has too many GSS Names.\n");
+    *rc = TR_CFG_NOPARSE;
+    return NULL;
+  }
+
+  for (i = 0; i < json_array_size(jgns); i++) {
+    if (NULL == (rp->gss_names[i] = tr_new_name ((char *)json_string_value(json_array_get(jgns, i))))) {
+      fprintf(stderr, "tr_cfg_parse_one_rp_client: No memory for GSS Name.\n");
+      *rc = TR_CFG_NOMEM;
+      return NULL;
+    }
+  }
+  
+  return rp;
+}
+
+static TR_CFG_RC tr_cfg_parse_rp_clients (TR_INSTANCE *tr, json_t *jcfg) {
+  json_t *jrps = NULL;
+  TR_RP_CLIENT *rp = NULL;
+  TR_CFG_RC rc = TR_CFG_SUCCESS;
+  int i = 0;
+
+  if ((!tr) || (!tr->new_cfg) || (!jcfg))
+    return TR_CFG_BAD_PARAMS;
+
+  if ((NULL == (jrps = json_object_get(jcfg, "rp_clients"))) ||
+      (!json_is_array(jrps))) {
+    return TR_CFG_NOPARSE;
+  }
+
+  for (i = 0; i < json_array_size(jrps); i++) {
+    if (NULL == (rp = tr_cfg_parse_one_rp_client(tr, 
+						 json_array_get(jrps, i), 
+						 &rc))) {
+       return rc;
+    }
+    fprintf(stderr, "tr_cfg_parse_rp_clients: RP client configured: %s.\n", rp->gss_names[0]->buf);
+    rp->next = tr->new_cfg->rp_clients;
+    tr->new_cfg->rp_clients = rp;
+  }
+  return rc;
 }
 
 static TR_AAA_SERVER *tr_cfg_parse_one_aaa_server (TR_INSTANCE *tr, json_t *jaddr, TR_CFG_RC *rc) {
@@ -267,18 +342,71 @@ static TR_CFG_RC tr_cfg_parse_idp_realms (TR_INSTANCE *tr, json_t *jcfg)
   return rc;
 }
 
-static TR_IDP_REALM *tr_cfg_parse_comm_idps (TR_INSTANCE *tr, json_t *idps, TR_CFG_RC *rc)
+static TR_IDP_REALM *tr_cfg_parse_comm_idps (TR_INSTANCE *tr, json_t *jidps, TR_CFG_RC *rc)
 {
-  TR_IDP_REALM *idp;
+  TR_IDP_REALM *idp = NULL;
+  TR_IDP_REALM *temp_idp = NULL;
+  int i = 0;
+
+  if ((!tr) ||
+      (!jidps) ||
+      (!json_is_array(jidps))) {
+    if (rc)
+      *rc = TR_CFG_BAD_PARAMS;
+    return NULL;
+  }
 
-  return (idp = malloc(sizeof(TR_IDP_REALM)));
+  for (i = 0; i < json_array_size(jidps); i++) {
+    if (NULL == (temp_idp = (tr_cfg_find_idp(tr->new_cfg, 
+					     tr_new_name((char *)json_string_value(json_array_get(jidps, i))), 
+					     rc)))) {
+      fprintf(stderr, "tr_cfg_parse_comm_idps: Unknown IDP %s.\n", 
+	      (char *)json_string_value(json_array_get(jidps, i)));
+      return NULL;
+    }
+
+    temp_idp->comm_next = idp;
+    idp = temp_idp;
+  }
+
+  return idp;
 }
 
-static TR_RP_REALM *tr_cfg_parse_comm_rps (TR_INSTANCE *tr, json_t *rps, TR_CFG_RC *rc)
+static TR_RP_REALM *tr_cfg_parse_comm_rps (TR_INSTANCE *tr, json_t *jrps, TR_CFG_RC *rc)
 {
-  TR_RP_REALM *rp;
+  TR_RP_REALM *rp = NULL;
+  TR_RP_REALM *temp_rp = NULL;
+  int i = 0;
+
+  if ((!tr) ||
+      (!jrps) ||
+      (!json_is_array(jrps))) {
+    if (rc)
+      *rc = TR_CFG_BAD_PARAMS;
+    return NULL;
+  }
+
+  for (i = (json_array_size(jrps)-1); i >= 0; i--) {
+    if (NULL == (temp_rp = malloc(sizeof(TR_RP_REALM)))) {
+      fprintf(stderr, "tr_cfg_parse_comm_rps: Can't allocate memory for RP Realm.\n");
+      if (rc)
+	*rc = TR_CFG_NOMEM;
+      return NULL;
+    }
+    memset (temp_rp, 0, sizeof(TR_RP_REALM));
+
+    if (NULL == (temp_rp->realm_name = tr_new_name((char *)json_string_value(json_array_get(jrps, i))))) {
+      fprintf(stderr, "tr_cfg_parse_comm_rps: No memory for RP Realm Name.\n");
+      if (rc)
+	*rc = TR_CFG_NOMEM;
+      return NULL;
+    }
+
+    temp_rp->next = rp;
+    rp = temp_rp;
+  }
 
-  return (rp = malloc(sizeof(TR_RP_REALM)));
+  return rp;
 }
 
 static TR_COMM *tr_cfg_parse_one_comm (TR_INSTANCE *tr, json_t *jcomm, TR_CFG_RC *rc) {
@@ -423,6 +551,50 @@ TR_CFG_RC tr_parse_config (TR_INSTANCE *tr, json_t *jcfg) {
   return TR_CFG_SUCCESS;
 }
 
+TR_IDP_REALM *tr_cfg_find_idp (TR_CFG *tr_cfg, TR_NAME *idp_id, TR_CFG_RC *rc)
+{
+
+  TR_IDP_REALM *cfg_idp;
+
+  if ((!tr_cfg) || (!idp_id)) {
+    if (rc)
+      *rc = TR_CFG_BAD_PARAMS;
+    return NULL;
+  }
+
+  for (cfg_idp = tr_cfg->idp_realms; NULL != cfg_idp; cfg_idp = cfg_idp->next) {
+    if (!tr_name_cmp (idp_id, cfg_idp->realm_id)) {
+      fprintf(stderr, "tr_cfg_find_idp: Found %s.\n", idp_id->buf);
+      return cfg_idp;
+    }
+  }
+  /* if we didn't find one, return NULL */ 
+  return NULL;
+}
+
+TR_RP_CLIENT *tr_cfg_find_rp (TR_CFG *tr_cfg, TR_NAME *rp_gss, TR_CFG_RC *rc)
+{
+  TR_RP_CLIENT *cfg_rp;
+  int i;
+
+  if ((!tr_cfg) || (!rp_gss)) {
+    if (rc)
+      *rc = TR_CFG_BAD_PARAMS;
+    return NULL;
+  }
+
+  for (cfg_rp = tr_cfg->rp_clients; NULL != cfg_rp; cfg_rp = cfg_rp->next) {
+    for (i = 0; i < TR_MAX_GSS_NAMES; i++) {
+      if (!tr_name_cmp (rp_gss, cfg_rp->gss_names[i])) {
+	fprintf(stderr, "tr_cfg_find_rp: Found %s.\n", rp_gss->buf);
+	return cfg_rp;
+      }
+    }
+  }
+  /* if we didn't find one, return NULL */ 
+  return NULL;
+}
+
 json_t *tr_read_config (int n, struct dirent **cfg_files) {
   json_t *jcfg = NULL;
   json_t *temp = NULL;
diff --git a/common/tr_filter.c b/common/tr_filter.c
new file mode 100644
index 0000000..857ac5b
--- /dev/null
+++ b/common/tr_filter.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2012, 2013, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+#include <tr_filter.h>
+
+/* Returns TRUE (1) if the the string (str) matchs the wildcard string (wc_str), FALSE (0) if not.
+ */
+int tr_prefix_wildcard_match (char *str, char *wc_str) {
+  char *wc_post = wc_str;
+  size_t len = 0;
+  size_t wc_len = 0;
+
+  if ((!str) || (!wc_str))
+    return 0;
+
+  /* TBD -- skip leading white space? */
+  if ('*' == wc_str[0])
+    wc_post = &(wc_str[1]);
+
+  len = strlen(str);
+  /* Everything matches an empty string or "*" */
+  if (0 == (wc_len = strlen(wc_post))) 
+    return 1;
+  if (wc_len > len)
+    return 0;
+
+  if (!strcmp(&(str[len-wc_len]), wc_post)) {
+    return 1;
+  }
+  else
+    return 0;
+  }
diff --git a/common/tr_util.c b/common/tr_util.c
index c5c248b..9562d9c 100644
--- a/common/tr_util.c
+++ b/common/tr_util.c
@@ -48,3 +48,4 @@ void tr_bin_to_hex(const unsigned char * bin, size_t bin_len,
     hex_len -= 2;
   }
 }
+
diff --git a/include/tr_config.h b/include/tr_config.h
index 7dcf126..4ee5232 100644
--- a/include/tr_config.h
+++ b/include/tr_config.h
@@ -74,4 +74,7 @@ TR_CFG_RC tr_parse_config (TR_INSTANCE *tr, json_t *jcfg);
 TR_CFG_RC tr_apply_new_config (TR_INSTANCE *tr);
 void tr_cfg_free(TR_CFG *cfg);
 void tr_print_config(FILE *stream, TR_CFG *cfg);
+
+TR_IDP_REALM *tr_cfg_find_idp (TR_CFG *tr_cfg, TR_NAME *idp_id, TR_CFG_RC *rc);
+TR_RP_CLIENT *tr_cfg_find_rp (TR_CFG *tr_cfg, TR_NAME *rp_gss, TR_CFG_RC *rc);
 #endif
diff --git a/include/tr_filter.h b/include/tr_filter.h
new file mode 100644
index 0000000..8694469
--- /dev/null
+++ b/include/tr_filter.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2012, 2013, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef TR_CONFIG_H
+#define TR_CONFIG_H
+
+int tr_prefix_wildcard_match (char *str, char *wc_str);
+
+#endif
diff --git a/include/tr_idp.h b/include/tr_idp.h
index 8f68b67..c6807cd 100644
--- a/include/tr_idp.h
+++ b/include/tr_idp.h
@@ -46,6 +46,7 @@ typedef struct tr_aaa_server {
 
 typedef struct tr_idp_realm {
   struct tr_idp_realm *next;
+  struct tr_idp_realm *comm_next; /* for link list in comm config */
   TR_NAME *realm_id;
   int shared_config;
   TR_AAA_SERVER *aaa_servers;
diff --git a/include/tr_rp.h b/include/tr_rp.h
index edeeead..afb4175 100644
--- a/include/tr_rp.h
+++ b/include/tr_rp.h
@@ -37,17 +37,17 @@
 
 #define TR_MAX_GSS_NAMES 5
 
-/* TBD -- should these two structures be unified or linked? */
-
 typedef struct tr_rp_client {
   struct tr_rp_client *next;
-  TR_NAME gss_name[TR_MAX_GSS_NAMES];
+  struct tr_rp_client *comm_next;
+  TR_NAME *gss_names[TR_MAX_GSS_NAMES];
   // TR_FILTER *filters;
 } TR_RP_CLIENT;
 
+/* Structure to make a link list of RP realms by name for community config */
 typedef struct tr_rp_realm {
   struct tr_rp_realm *next;
-  TR_NAME *realm_id;
+  TR_NAME *realm_name;
 } TR_RP_REALM;
 
 #endif