2 * Copyright (c) 2012-2018, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
38 #include <tr_config.h>
39 #include <tr_cfgwatch.h>
44 * If the key does not exist in the src object, returns success but does fill in *dest.
46 * @param src JSON object to pull a value from
47 * @param key key to pull
48 * @param dest (output) pointer to an allocated integer
49 * @return TR_CFG_SUCCESS or an error code
51 static TR_CFG_RC tr_cfg_parse_boolean(json_t *src, const char *key, int *dest)
55 /* Validate parameters */
56 if ((src == NULL) || (key == NULL) || (dest == NULL))
57 return TR_CFG_BAD_PARAMS;
59 /* See if we have a value for this key; do nothing if not */
60 jtmp = json_object_get(src, key);
62 if (json_is_boolean(jtmp)) {
63 *dest = json_boolean_value(jtmp);
65 tr_debug("tr_cfg_parse_unsigned: Parsing error, %s is not a boolean.", key);
66 return TR_CFG_NOPARSE;
70 return TR_CFG_SUCCESS;
74 * Parse an unsigned integer
76 * If the key does not exist in the src object, returns success but does fill in *dest.
78 * @param src JSON object to pull a value from
79 * @param key key to pull
80 * @param dest (output) pointer to an allocated unsigned integer
81 * @return TR_CFG_SUCCESS or an error code
83 static TR_CFG_RC tr_cfg_parse_unsigned(json_t *src, const char *key, unsigned int *dest)
87 /* Validate parameters */
88 if ((src == NULL) || (key == NULL) || (dest == NULL))
89 return TR_CFG_BAD_PARAMS;
91 /* See if we have a value for this key; do nothing if not */
92 jtmp = json_object_get(src, key);
94 if (! json_is_number(jtmp)) {
95 tr_debug("tr_cfg_parse_unsigned: Parsing error, %s is not a number.", key);
96 return TR_CFG_NOPARSE;
97 } else if (json_integer_value(jtmp) < 0) {
98 tr_debug("tr_cfg_parse_unsigned: Value %d < 0.", json_integer_value(jtmp));
99 return TR_CFG_NOPARSE;
101 *dest = (unsigned int) json_integer_value(jtmp);
105 return TR_CFG_SUCCESS;
111 * If the key does not exist in the src object, returns success but does not allocate
112 * a return value in dest. Nulls the destination pointer if there is no return value.
114 * Return value is allocated in talloc's NULL context and must be freed with talloc_free()
115 * or put into a non-NULL context with talloc_steal()
117 * @param src JSON object to pull a value from
118 * @param key key to pull
119 * @param dest (output) pointer to a pointer that will hold the newly allocated return value
120 * @return TR_CFG_SUCCESS or an error code
122 static TR_CFG_RC tr_cfg_parse_string(json_t *src, const char *key, const char **dest)
126 /* Validate parameters */
127 if ((src == NULL) || (key == NULL) || (dest == NULL))
128 return TR_CFG_BAD_PARAMS;
130 /* See if we have a value for this key; do nothing if not */
131 jtmp = json_object_get(src, key);
133 *dest = NULL; /* No return value, null this out */
135 if (json_is_string(jtmp)) {
136 *dest = talloc_strdup(NULL, json_string_value(jtmp));
138 tr_debug("tr_cfg_parse_string: Parsing error, %s is not a string.", key);
139 return TR_CFG_NOPARSE;
143 return TR_CFG_SUCCESS;
147 * Set default values for settings that have them
149 * @param cfg configuration structure to fill in, not null
151 static void set_defaults(TR_CFG_INTERNAL *cfg)
153 cfg->max_tree_depth = TR_DEFAULT_MAX_TREE_DEPTH;
154 cfg->tids_port = TR_DEFAULT_TIDS_PORT;
155 cfg->trps_port = TR_DEFAULT_TRPS_PORT;
156 cfg->monitoring_port = TR_DEFAULT_MONITORING_PORT;
157 cfg->cfg_poll_interval = TR_CFGWATCH_DEFAULT_POLL;
158 cfg->cfg_settling_time = TR_CFGWATCH_DEFAULT_SETTLE;
159 cfg->trp_connect_interval = TR_DEFAULT_TRP_CONNECT_INTERVAL;
160 cfg->trp_sweep_interval = TR_DEFAULT_TRP_SWEEP_INTERVAL;
161 cfg->trp_update_interval = TR_DEFAULT_TRP_UPDATE_INTERVAL;
162 cfg->tid_req_timeout = TR_DEFAULT_TID_REQ_TIMEOUT;
163 cfg->tid_resp_numer = TR_DEFAULT_TID_RESP_NUMER;
164 cfg->tid_resp_denom = TR_DEFAULT_TID_RESP_DENOM;
165 cfg->log_threshold = TR_DEFAULT_LOG_THRESHOLD;
166 cfg->console_threshold = TR_DEFAULT_CONSOLE_THRESHOLD;
167 cfg->monitoring_credentials = NULL;
170 /* Helper that checks return value of a parse fn and returns if it failed */
171 #define NOPARSE_UNLESS(x) \
173 if ((x) != TR_CFG_SUCCESS) \
174 return TR_CFG_NOPARSE; \
177 static TR_CFG_RC tr_cfg_parse_monitoring(TR_CFG *trc, json_t *jmon)
179 int enabled = 1; /* assume we are enabled unless we are told not to be */
181 NOPARSE_UNLESS(tr_cfg_parse_boolean(jmon, "enabled", &enabled));
183 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jmon, "port", &(trc->internal->monitoring_port)));
184 NOPARSE_UNLESS(tr_cfg_parse_gss_names(trc->internal,
185 json_object_get(jmon, "authorized_credentials"),
186 &(trc->internal->monitoring_credentials)));
189 return TR_CFG_SUCCESS;
193 * Parse internal configuration JSON
195 * @param trc configuration structure to fill in
196 * @param jint internal configuration JSON object
197 * @return TR_CFG_SUCCESS or an error code
199 TR_CFG_RC tr_cfg_parse_internal(TR_CFG *trc, json_t *jint)
202 const char *s = NULL;
204 if ((!trc) || (!jint))
205 return TR_CFG_BAD_PARAMS;
207 /* If we don't yet have an internal config, allocate one and set defaults. If it
208 * already exists, do not disturb existing settings. */
209 if (NULL == trc->internal) {
210 if (NULL == (trc->internal = talloc_zero(trc, TR_CFG_INTERNAL)))
212 set_defaults(trc->internal); /* Install defaults for any unspecified settings */
215 NOPARSE_UNLESS(tr_cfg_parse_string(jint, "hostname", &(trc->internal->hostname)));
216 talloc_steal(trc->internal, trc->internal->hostname);
218 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "max_tree_depth", &(trc->internal->max_tree_depth)));
219 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "tids_port", &(trc->internal->tids_port)));
220 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "trps_port", &(trc->internal->trps_port)));
221 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "cfg_poll_interval", &(trc->internal->cfg_poll_interval)));
222 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "cfg_settling_time", &(trc->internal->cfg_settling_time)));
223 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "trp_connect_interval", &(trc->internal->trp_connect_interval)));
224 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "trp_sweep_interval", &(trc->internal->trp_sweep_interval)));
225 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "trp_update_interval", &(trc->internal->trp_update_interval)));
226 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "tid_request_timeout", &(trc->internal->tid_req_timeout)));
227 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "tid_response_numerator", &(trc->internal->tid_resp_numer)));
228 NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "tid_response_denominator", &(trc->internal->tid_resp_denom)));
230 /* Parse the logging section */
231 if (NULL != (jtmp = json_object_get(jint, "logging"))) {
232 NOPARSE_UNLESS(tr_cfg_parse_string(jtmp, "log_threshold", &s));
234 trc->internal->log_threshold = str2sev(s);
235 talloc_free((void *) s);
238 NOPARSE_UNLESS(tr_cfg_parse_string(jtmp, "console_threshold", &s));
240 trc->internal->console_threshold = str2sev(s);
241 talloc_free((void *) s);
245 /* Parse the monitoring section */
246 if (NULL != (jtmp = json_object_get(jint, "monitoring"))) {
247 NOPARSE_UNLESS(tr_cfg_parse_monitoring(trc, jtmp));
250 tr_debug("tr_cfg_parse_internal: Internal config parsed.");
251 return TR_CFG_SUCCESS;
254 static int invalid_port(int port)
256 return ((port <= 0) || (port > 65536));
260 * Validate the internal configuration of the trust router
262 * Validates fields, emitting errors if there are any. Safe to call with
263 * a null int_cfg, but this results in an error being returned.
265 * @param int_cfg pointer to an internal configuration (NULL is safe)
266 * @return success or error
268 TR_CFG_RC tr_cfg_validate_internal(TR_CFG_INTERNAL *int_cfg)
272 /* ensure we have an internal configuration and exit if not */
273 if (NULL == int_cfg) {
274 tr_debug("tr_cfg_validate_internal: No internal configuration present.");
275 return TR_CFG_BAD_PARAMS;
278 /* Assume we are going to succeed. If any errors are encountered, emit a message
279 * and set the return code to an error. Don't exit early, emit all the errors
280 * at once if we can. */
283 /*** Validate hostname ***/
284 if (NULL == int_cfg->hostname) {
285 tr_debug("tr_cfg_validate_internal: No hostname specified.");
289 /*** Validate various intervals ***/
290 if (TR_MIN_TRP_CONNECT_INTERVAL > int_cfg->trp_connect_interval) {
292 "tr_cfg_validate_internal: Error: trp_connect_interval must be at least %d (currently %d).",
293 TR_MIN_TRP_CONNECT_INTERVAL, int_cfg->trp_connect_interval);
297 if (TR_MIN_TRP_SWEEP_INTERVAL > int_cfg->trp_sweep_interval) {
299 "tr_cfg_validate_internal: Error: trp_sweep_interval must be at least %d (currently %d).",
300 TR_MIN_TRP_SWEEP_INTERVAL, int_cfg->trp_sweep_interval);
304 if (TR_MIN_TRP_UPDATE_INTERVAL > int_cfg->trp_update_interval) {
306 "tr_cfg_validate_internal: Error: trp_update_interval must be at least %d (currently %d).",
307 TR_MIN_TRP_UPDATE_INTERVAL, int_cfg->trp_update_interval);
311 if (TR_MIN_CFG_POLL_INTERVAL > int_cfg->cfg_poll_interval) {
313 "tr_cfg_validate_internal: Error: cfg_poll_interval must be at least %d (currently %d).",
314 TR_MIN_CFG_POLL_INTERVAL, int_cfg->cfg_poll_interval);
318 if (TR_MIN_CFG_SETTLING_TIME > int_cfg->cfg_settling_time) {
320 "tr_cfg_validate_internal: Error: cfg_settling_time must be at least %d (currently %d).",
321 TR_MIN_CFG_SETTLING_TIME, int_cfg->cfg_settling_time);
325 /*** Validate ports ***/
326 if (invalid_port(int_cfg->tids_port)) {
327 tr_debug("tr_cfg_validate_internal: Error: invalid tids_port (%d).", int_cfg->tids_port);
331 if (invalid_port(int_cfg->trps_port)) {
332 tr_debug("tr_cfg_validate_internal: Error: invalid trps_port (%d).", int_cfg->trps_port);
336 if (invalid_port(int_cfg->monitoring_port)) {
337 tr_debug("tr_cfg_validate_internal: Error: invalid monitoring port (%d).", int_cfg->monitoring_port);
341 /*** Validate tid request timeout ***/
342 if (TR_MIN_TID_REQ_TIMEOUT > int_cfg->tid_req_timeout) {
343 tr_debug("tr_cfg_validate_internal: Error: tid_request_timeout must be at least %d (currently %d).",
344 TR_MIN_TID_REQ_TIMEOUT, int_cfg->tid_req_timeout);
348 /*** Validate tid response parameters ***/
349 if ((int_cfg->tid_resp_numer <= 0)
350 || (int_cfg->tid_resp_denom <= 0)
351 || (int_cfg->tid_resp_numer > int_cfg->tid_resp_denom)) {
352 tr_debug("tr_cfg_validate_internal: Error: invalid tid_response_numerator / tid_response_denominator. Both must be positive and the numerator/denominator ratio must be <= 1 (currently %d/%d).",
353 int_cfg->tid_resp_numer, int_cfg->tid_resp_denom);
projects / trust_router.git / blob