From 9aec821b9c185cbb646402cbd97cc2ba3b16c058 Mon Sep 17 00:00:00 2001
From: Jennifer Richards <jennifer@painless-security.com>
Date: Thu, 26 May 2016 15:55:08 -0400
Subject: [PATCH] Add stub of TRP client test program, trpc.

---
 Makefile.am      |   8 ++-
 include/tr_trp.h |  13 ++++
 tr/tr_trp.c      |  82 ++++++++++++++++++++++
 tr/trpc_main.c   | 208 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 310 insertions(+), 1 deletion(-)
 create mode 100644 tr/trpc_main.c

diff --git a/Makefile.am b/Makefile.am
index 83a3478..35d4815 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,6 +1,6 @@
 DISTCHECK_CONFIGURE_FLAGS = \
 	--with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
-bin_PROGRAMS= tr/trust_router tid/example/tidc tid/example/tids common/dh_test/tr_dh_test
+bin_PROGRAMS= tr/trust_router tr/trpc tid/example/tidc tid/example/tids common/dh_test/tr_dh_test
 AM_CPPFLAGS=-I$(srcdir)/include $(GLIB_CFLAGS)
 AM_CFLAGS = -Wall -Werror=missing-prototypes -Werror -Wno-parentheses $(GLIB_CFLAGS)
 SUBDIRS = gsscon 
@@ -35,6 +35,12 @@ tr/tr_trp.c
 
 tr_trust_router_LDADD = gsscon/libgsscon.la libtr_tid.la $(GLIB_LIBS)
 
+tr_trpc_SOURCES = tr/trpc_main.c \
+common/tr_rp.c \
+tr/tr_trp.c
+
+tr_trpc_LDADD = gsscon/libgsscon.la libtr_tid.la $(GLIB_LIBS)
+
 tid_example_tidc_SOURCES = tid/example/tidc_main.c 
 
 tid_example_tidc_LDADD = gsscon/libgsscon.la libtr_tid.la $(GLIB_LIBS)
diff --git a/include/tr_trp.h b/include/tr_trp.h
index 3ec12dc..f96f211 100644
--- a/include/tr_trp.h
+++ b/include/tr_trp.h
@@ -5,7 +5,9 @@
 
 #include <tr_config.h>
 #include <tr_event.h>
+#include <trust_router/tr_dh.h>
 
+#define TRP_PORT 12310
 
 typedef struct trp_req {
   int msg;
@@ -22,6 +24,11 @@ typedef void (TRPS_RESP_FUNC)(TRPS_INSTANCE *, TRP_REQ *, TRP_RESP *, void *);
 typedef int (trps_auth_func)(gss_name_t client_name, TR_NAME *display_name, void *cookie);
 
 
+/* TRP Client Instance Data */
+typedef struct trpc_instance {
+  DH *client_dh;			/* Client's DH struct with priv and pub keys */
+} TRPC_INSTANCE;
+
 /* TRP Server Instance Data */
 struct trps_instance {
   char *hostname;
@@ -34,6 +41,12 @@ struct trps_instance {
 
 
 /* prototypes */
+TRPC_INSTANCE *trpc_create (TALLOC_CTX *mem_ctx);
+void trpc_destroy (TRPC_INSTANCE *trpc);
+int trpc_open_connection (TRPC_INSTANCE *trpc, char *server, unsigned int port, gss_ctx_id_t *gssctx);
+int trpc_send_msg (TRPC_INSTANCE *trpc, int conn, gss_ctx_id_t gssctx, const char *msg_content,
+                   int *resp_handler(), void *cookie);
+
 TRPS_INSTANCE *trps_create (TALLOC_CTX *mem_ctx);
 void trps_destroy (TRPS_INSTANCE *trps);
 int tr_trps_event_init(struct event_base *base, TRPS_INSTANCE *trps, TR_CFG_MGR *cfg_mgr,
diff --git a/tr/tr_trp.c b/tr/tr_trp.c
index 1269c80..4d4316b 100644
--- a/tr/tr_trp.c
+++ b/tr/tr_trp.c
@@ -17,6 +17,88 @@ struct tr_trps_event_cookie {
   TR_CFG_MGR *cfg_mgr;
 };
 
+/********** Ersatz TRPC implementation **********/
+TRPC_INSTANCE *trpc_create (TALLOC_CTX *mem_ctx)
+{
+  return talloc_zero(mem_ctx, TRPC_INSTANCE);
+}
+
+void trpc_destroy (TRPC_INSTANCE *trpc)
+{
+  if (trpc)
+    talloc_free(trpc);
+}
+
+/* Connect to a TRP server */
+int trpc_open_connection (TRPC_INSTANCE *trpc, 
+                          char *server,
+                          unsigned int port,
+                          gss_ctx_id_t *gssctx)
+{
+  int err = 0;
+  int conn = -1;
+  unsigned int use_port = 0;
+
+  if (0 == port)
+    use_port = TRP_PORT;
+  else 
+    use_port = port;
+
+  tr_debug("trpc_open_connection: opening GSS connection to %s:%d", server, use_port);
+  err = gsscon_connect(server, use_port, "trustrouter", &conn, gssctx);
+
+  if (!err)
+    return conn;
+  else
+    return -1;
+}
+
+
+/* simple function, based on tidc_send_req */
+int trpc_send_msg (TRPC_INSTANCE *trpc, 
+                   int conn, 
+                   gss_ctx_id_t gssctx,
+                   const char *msg_content,
+                   int *resp_handler(),
+                   void *cookie)
+{
+  char *resp_buf=NULL;
+  size_t resp_buflen=0;
+  int err=0;
+  int rc=0;
+
+  /* Send the request over the connection */
+  if (err = gsscon_write_encrypted_token (conn,
+                                          gssctx,
+                                          msg_content, 
+                                          strlen(msg_content))) {
+    tr_err( "trpc_send_msg: Error sending message over connection.\n");
+    goto error;
+  }
+
+  /* Read the response from the connection */
+  if (err = gsscon_read_encrypted_token(conn, gssctx, &resp_buf, &resp_buflen)) {
+    if (resp_buf)
+      free(resp_buf);
+    goto error;
+  }
+
+  tr_debug( "trpc_send_msg: Response Received (%u bytes).\n", (unsigned) resp_buflen);
+  tr_debug( "%s\n", resp_buf);
+
+  if (resp_handler)
+    /* Call the caller's response function */
+    (*resp_handler)(trpc, resp_buf, cookie);
+  goto cleanup;
+
+ error:
+  rc = -1;
+ cleanup:
+  if (resp_buf)
+    free(resp_buf);
+  return rc;
+}
+
 
 /********** Ersatz TRPS implementation **********/
 TRPS_INSTANCE *trps_create (TALLOC_CTX *mem_ctx)
diff --git a/tr/trpc_main.c b/tr/trpc_main.c
new file mode 100644
index 0000000..088a2d6
--- /dev/null
+++ b/tr/trpc_main.c
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 2012, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <talloc.h>
+#include <argp.h>
+
+#include <gsscon.h>
+#include <tr_debug.h>
+#include <tr_trp.h>
+#include <trust_router/tr_dh.h>
+
+#if 0
+static void tidc_resp_handler (TIDC_INSTANCE * tidc, 
+			TID_REQ *req,
+			TID_RESP *resp, 
+			void *cookie) 
+{
+  int c_keylen = 0;
+  unsigned char *c_keybuf = NULL;
+  int i;
+
+  printf ("Response received! Realm = %s, Community = %s.\n", resp->realm->buf, resp->comm->buf);
+
+  /* Generate the client key -- TBD, handle more than one server */
+  if (TID_SUCCESS != resp->result) {
+    fprintf(stderr, "tidc_resp_handler: Response is an error.\n");
+    return;
+  }
+
+  if (!resp->servers) {
+    fprintf(stderr, "tidc_resp_handler: Response does not contain server info.\n");
+    return;
+  }
+  
+  if (0 > (c_keylen = tr_compute_dh_key(&c_keybuf, 
+				      resp->servers->aaa_server_dh->pub_key, 
+				      req->tidc_dh))) {
+    
+    printf("tidc_resp_handler: Error computing client key.\n");
+    return;
+  }
+  
+  /* Print out the client key. */
+  printf("Client Key Generated (len = %d):\n", c_keylen);
+  for (i = 0; i < c_keylen; i++) {
+    printf("%.2x", c_keybuf[i]); 
+  }
+  printf("\n");
+
+  return;
+}
+#endif
+
+/* command-line option setup */
+
+/* argp global parameters */
+const char *argp_program_bug_address=PACKAGE_BUGREPORT; /* bug reporting address */
+
+/* doc strings */
+static const char doc[]=PACKAGE_NAME " - TRP Client";
+static const char arg_doc[]="<message> <server> [<port>]"; /* string describing arguments, if any */
+
+/* define the options here. Fields are:
+ * { long-name, short-name, variable name, options, help description } */
+static const struct argp_option cmdline_options[] = {
+  { NULL }
+};
+
+/* structure for communicating with option parser */
+struct cmdline_args {
+  char *msg;
+  char *server;
+  int port; /* optional */
+};
+
+/* parser for individual options - fills in a struct cmdline_args */
+static error_t parse_option(int key, char *arg, struct argp_state *state)
+{
+  /* get a shorthand to the command line argument structure, part of state */
+  struct cmdline_args *arguments=state->input;
+
+  switch (key) {
+  case ARGP_KEY_ARG: /* handle argument (not option) */
+    switch (state->arg_num) {
+    case 0:
+      arguments->msg=arg;
+      break;
+
+    case 1:
+      arguments->server=arg;
+      break;
+
+    case 2:
+      arguments->port=strtol(arg, NULL, 10); /* optional */
+      break;
+
+    default:
+      /* too many arguments */
+      argp_usage(state);
+    }
+    break;
+
+  case ARGP_KEY_END: /* no more arguments */
+    if (state->arg_num < 2) {
+      /* not enough arguments encountered */
+      argp_usage(state);
+    }
+    break;
+
+  default:
+    return ARGP_ERR_UNKNOWN;
+  }
+
+  return 0; /* success */
+}
+
+/* assemble the argp parser */
+static struct argp argp = {cmdline_options, parse_option, arg_doc, doc};
+
+int main (int argc, 
+          char *argv[]) 
+{
+  TALLOC_CTX *main_ctx=talloc_new(NULL);
+  TRPC_INSTANCE *trpc=NULL;
+  int conn = 0;
+  int rc;
+  gss_ctx_id_t gssctx;
+  struct cmdline_args opts;
+
+  /* parse the command line*/
+  /* set defaults */
+  opts.msg=NULL;
+  opts.server=NULL;
+  opts.port=TRP_PORT;
+
+  argp_parse(&argp, argc, argv, 0, 0, &opts);
+  /* TBD -- validity checking, dealing with quotes, etc. */
+
+  /* Use standalone logging */
+  tr_log_open();
+
+  /* set logging levels */
+  talloc_set_log_stderr();
+  tr_log_threshold(LOG_CRIT);
+  tr_console_threshold(LOG_DEBUG);
+
+  printf("TRPC Client:\nServer = %s, port = %i\n", opts.server, opts.port);
+ 
+  /* Create a TRP client instance & the client DH */
+  trpc = trpc_create(main_ctx);
+  if (NULL == (trpc->client_dh = tr_create_dh_params(NULL, 0))) {
+    printf("Error creating client DH params.\n");
+    return 1;
+  }
+
+  /* Set-up TRP connection */
+  if (-1 == (conn = trpc_open_connection(trpc, opts.server, opts.port, &gssctx))) {
+    /* Handle error */
+    printf("Error in trpc_open_connection.\n");
+    return 1;
+  };
+
+  /* Send a TRP message */
+  if (0 > (rc = trpc_send_msg(trpc, conn, gssctx, opts.msg, NULL, NULL))) {
+    /* Handle error */
+    printf("Error in trpc_send_request, rc = %d.\n", rc);
+    return 1;
+  }
+    
+  /* Clean-up the TRP client instance, and exit */
+  trpc_destroy(trpc);
+
+  return 0;
+}
+
-- 
2.1.4