#include <arpa/inet.h>
#include <string.h>
#include <openssl/dh.h>
+#include <openssl/crypto.h>
#include <jansson.h>
#include <assert.h>
#include <talloc.h>
#include <tr_apc.h>
#include <tr_comm.h>
#include <tr_msg.h>
-#include <trust_router/tr_name.h>
+#include <tr_name_internal.h>
#include <trp_internal.h>
#include <trust_router/tr_constraint.h>
+#include <trust_router/tr_dh.h>
#include <tr_debug.h>
/* JSON helpers */
/* Read attribute attr from msg as a string. Copies string into mem_ctx context so jmsg can
* be destroyed safely. Returns nonzero on error. */
-static int tr_msg_get_json_string(json_t *jmsg, const char *attr, char **dest, TALLOC_CTX *mem_ctx)
+static TRP_RC tr_msg_get_json_string(json_t *jmsg, const char *attr, char **dest, TALLOC_CTX *mem_ctx)
{
json_t *obj;
obj=json_object_get(jmsg, attr);
if (obj == NULL)
- return -1;
+ return TRP_ERROR;
/* check type */
if (!json_is_string(obj))
- return -1;
+ return TRP_ERROR;
*dest=talloc_strdup(mem_ctx, json_string_value(obj));
if (*dest==NULL)
- return -1;
+ return TRP_ERROR;
- return 0;
+ return TRP_SUCCESS;
}
enum msg_type tr_msg_get_msg_type(TR_MSG *msg)
{
json_t *jdh = NULL;
json_t *jbn = NULL;
+ char *s=NULL;
if ((!dh) || (!dh->p) || (!dh->g) || (!dh->pub_key))
return NULL;
jdh = json_object();
- jbn = json_string(BN_bn2hex(dh->p));
+ jbn = json_string(s=BN_bn2hex(dh->p));
+ OPENSSL_free(s);
json_object_set_new(jdh, "dh_p", jbn);
- jbn = json_string(BN_bn2hex(dh->g));
+ jbn = json_string(s=BN_bn2hex(dh->g));
+ OPENSSL_free(s);
json_object_set_new(jdh, "dh_g", jbn);
- jbn = json_string(BN_bn2hex(dh->pub_key));
+ jbn = json_string(s=BN_bn2hex(dh->pub_key));
+ OPENSSL_free(s);
json_object_set_new(jdh, "dh_pub_key", jbn);
return jdh;
json_t *jg = NULL;
json_t *jpub_key = NULL;
- if (!(dh = malloc(sizeof(DH)))) {
+ if (!(dh=tr_dh_new())) {
tr_crit("tr_msg_decode_dh(): Error allocating DH structure.");
return NULL;
}
- memset(dh, 0, sizeof(DH));
-
/* store required fields from dh object */
if ((NULL == (jp = json_object_get(jdh, "dh_p"))) ||
(NULL == (jg = json_object_get(jdh, "dh_g"))) ||
(NULL == (jpub_key = json_object_get(jdh, "dh_pub_key")))) {
tr_debug("tr_msg_decode_dh(): Error parsing dh_info.");
- free(dh);
+ tr_dh_destroy(dh);
return NULL;
}
assert(jreq = json_object());
- jstr = json_string(req->rp_realm->buf);
+ jstr = tr_name_to_json_string(req->rp_realm);
json_object_set_new(jreq, "rp_realm", jstr);
- jstr = json_string(req->realm->buf);
+ jstr = tr_name_to_json_string(req->realm);
json_object_set_new(jreq, "target_realm", jstr);
- jstr = json_string(req->comm->buf);
+ jstr = tr_name_to_json_string(req->comm);
json_object_set_new(jreq, "community", jstr);
if (req->orig_coi) {
- jstr = json_string(req->orig_coi->buf);
+ jstr = tr_name_to_json_string(req->orig_coi);
json_object_set_new(jreq, "orig_coi", jstr);
}
jsrvr = json_object();
- /* Server IP Address -- TBD handle IPv6 */
- jstr = json_string(inet_ntoa(srvr->aaa_server_addr));
+ jstr = json_string(srvr->aaa_server_addr);
json_object_set_new(jsrvr, "server_addr", jstr);
json_object_set_new(jsrvr,
"key_expiration", json_string(time_str));
g_free(time_str);
/* Server DH Block */
- jstr = json_string(srvr->key_name->buf);
+ jstr = tr_name_to_json_string(srvr->key_name);
json_object_set_new(jsrvr, "key_name", jstr);
json_object_set_new(jsrvr, "server_dh", tr_msg_encode_dh(srvr->aaa_server_dh));
if (srvr->path)
/* The path is owned by the srvr, so grab an extra ref*/
- json_object_set(jsrvr, "path", srvr->path);
+ json_object_set(jsrvr, "path", (json_t *)(srvr->path));
return jsrvr;
}
tr_notice("tr_msg_decode_one_server(): Error parsing required fields.");
return -1;
}
-
- /* TBD -- handle IPv6 Addresses */
- inet_aton(json_string_value(jsrvr_addr), &(srvr->aaa_server_addr));
+
+ srvr->aaa_server_addr=talloc_strdup(srvr, json_string_value(jsrvr_addr));
srvr->key_name = tr_new_name((char *)json_string_value(jsrvr_kn));
srvr->aaa_server_dh = tr_msg_decode_dh(jsrvr_dh);
- srvr->path = json_object_get(jsrvr, "path");
+ tid_srvr_blk_set_path(srvr, (TID_PATH *) json_object_get(jsrvr, "path"));
jsrvr_expire = json_object_get(jsrvr, "key_expiration");
if (jsrvr_expire && json_is_string(jsrvr_expire)) {
if (!g_time_val_from_iso8601(json_string_value(jsrvr_expire),
return jservers;
}
-static TID_SRVR_BLK *tr_msg_decode_servers(void * ctx, json_t *jservers, size_t *out_len)
+static TID_SRVR_BLK *tr_msg_decode_servers(TALLOC_CTX *mem_ctx, json_t *jservers)
{
- TID_SRVR_BLK *servers = NULL;
+ TALLOC_CTX *tmp_ctx=talloc_new(NULL);
+ TID_SRVR_BLK *servers=NULL;
+ TID_SRVR_BLK *new_srvr=NULL;
json_t *jsrvr;
size_t i, num_servers;
if (0 == num_servers) {
tr_debug("tr_msg_decode_servers(): Server array is empty.");
- return NULL;
+ goto cleanup;
}
- servers = talloc_zero_array(ctx, TID_SRVR_BLK, num_servers);
for (i = 0; i < num_servers; i++) {
jsrvr = json_array_get(jservers, i);
- if (0 != tr_msg_decode_one_server(jsrvr, &servers[i])) {
- talloc_free(servers);
- return NULL;
- }
+ new_srvr=tid_srvr_blk_new(tmp_ctx);
+ if (new_srvr==NULL) {
+ servers=NULL; /* it's all in tmp_ctx, so we can just let go */
+ goto cleanup;
+ }
+
+ if (0 != tr_msg_decode_one_server(jsrvr, new_srvr)) {
+ servers=NULL; /* it's all in tmp_ctx, so we can just let go */
+ goto cleanup;
+ }
+ tid_srvr_blk_add(servers, new_srvr);
}
- *out_len = num_servers;
+
+ talloc_steal(mem_ctx, servers);
+
+cleanup:
+ talloc_free(tmp_ctx);
return servers;
}
jstr = json_string("error");
json_object_set_new(jresp, "result", jstr);
if (resp->err_msg) {
- jstr = json_string(resp->err_msg->buf);
+ jstr = tr_name_to_json_string(resp->err_msg);
json_object_set_new(jresp, "err_msg", jstr);
}
}
json_object_set_new(jresp, "result", jstr);
}
- jstr = json_string(resp->rp_realm->buf);
+ jstr = tr_name_to_json_string(resp->rp_realm);
json_object_set_new(jresp, "rp_realm", jstr);
- jstr = json_string(resp->realm->buf);
+ jstr = tr_name_to_json_string(resp->realm);
json_object_set_new(jresp, "target_realm", jstr);
- jstr = json_string(resp->comm->buf);
+ jstr = tr_name_to_json_string(resp->comm);
json_object_set_new(jresp, "comm", jstr);
if (resp->orig_coi) {
- jstr = json_string(resp->orig_coi->buf);
+ jstr = tr_name_to_json_string(resp->orig_coi);
json_object_set_new(jresp, "orig_coi", jstr);
}
tr_debug("tr_msg_decode_tidresp(): Success! result = %s.", json_string_value(jresult));
if ((NULL != (jservers = json_object_get(jresp, "servers"))) ||
(!json_is_array(jservers))) {
- tresp->servers = tr_msg_decode_servers(tresp, jservers, &tresp->num_servers);
+ tresp->servers = tr_msg_decode_servers(tresp, jservers);
}
else {
talloc_free(tresp);
tr_debug("tr_msg_decode_tidresp(): Error! result = %s.", json_string_value(jresult));
if ((NULL != (jerr_msg = json_object_get(jresp, "err_msg"))) ||
(!json_is_string(jerr_msg))) {
- tresp->err_msg = tr_new_name((char *)json_string_value(jerr_msg));
- }
+ tresp->err_msg = tr_new_name(json_string_value(jerr_msg));
+ } else
+ tresp->err_msg = tr_new_name("No error message set.");
+
+ if (NULL !=(tresp->error_path = json_object_get(jresp, "error_path")))
+ json_incref(tresp->error_path);
}
- tresp->rp_realm = tr_new_name((char *)json_string_value(jrp_realm));
- tresp->realm = tr_new_name((char *)json_string_value(jrealm));
- tresp->comm = tr_new_name((char *)json_string_value(jcomm));
+ tresp->rp_realm = tr_new_name(json_string_value(jrp_realm));
+ tresp->realm = tr_new_name(json_string_value(jrealm));
+ tresp->comm = tr_new_name(json_string_value(jcomm));
/* store optional "orig_coi" field */
if ((NULL != (jorig_coi = json_object_get(jresp, "orig_coi"))) &&
(!json_is_object(jorig_coi))) {
- tresp->orig_coi = tr_new_name((char *)json_string_value(jorig_coi));
+ tresp->orig_coi = tr_new_name(json_string_value(jorig_coi));
}
return tresp;
*rc=TRP_SUCCESS;
if (apc_list!=NULL)
- talloc_steal(apc_list, mem_ctx);
+ talloc_steal(mem_ctx, apc_list);
cleanup:
talloc_free(tmp_ctx);
}
trp_inforec_set_apcs(rec, apcs);
- rc=tr_msg_get_json_string(jrecord, "owner_realm", &s, tmp_ctx);
- if (rc != TRP_SUCCESS)
- goto cleanup;
- if (TRP_SUCCESS!=trp_inforec_set_owner_realm(rec, tr_new_name(s))) {
- rc=TRP_ERROR;
+ rc=tr_msg_get_json_integer(jrecord, "interval", &num);
+ tr_debug("tr_msg_decode_trp_inforec_comm: interval=%u", num);
+ if ((rc != TRP_SUCCESS) || (TRP_SUCCESS!=trp_inforec_set_interval(rec,num)))
goto cleanup;
+
+ trp_inforec_set_provenance(rec, json_object_get(jrecord, "provenance"));
+
+ /* optional */
+ rc=tr_msg_get_json_string(jrecord, "owner_realm", &s, tmp_ctx);
+ if (rc == TRP_SUCCESS) {
+ if (TRP_SUCCESS!=trp_inforec_set_owner_realm(rec, tr_new_name(s))) {
+ rc=TRP_ERROR;
+ goto cleanup;
+ }
+ if (s!=NULL) {
+ talloc_free(s);
+ s=NULL;
+ }
}
- talloc_free(s); s=NULL;
rc=tr_msg_get_json_string(jrecord, "owner_contact", &s, tmp_ctx);
- if (rc != TRP_SUCCESS)
- goto cleanup;
- if (TRP_SUCCESS!=trp_inforec_set_owner_contact(rec, tr_new_name(s))) {
- rc=TRP_ERROR;
- goto cleanup;
+ if (rc == TRP_SUCCESS) {
+ if (TRP_SUCCESS!=trp_inforec_set_owner_contact(rec, tr_new_name(s))) {
+ rc=TRP_ERROR;
+ goto cleanup;
+ }
+ if (s!=NULL) {
+ talloc_free(s);
+ s=NULL;
+ }
}
- talloc_free(s); s=NULL;
-
- trp_inforec_set_provenance(rec, json_object_get(jrecord, "provenance"));
-
- rc=tr_msg_get_json_integer(jrecord, "interval", &num);
- if ((rc != TRP_SUCCESS) || (TRP_SUCCESS!=trp_inforec_set_interval(rec,num)))
- goto cleanup;
cleanup:
talloc_free(tmp_ctx);
TRP_RC rc=TRP_ERROR;
char *s=NULL;
- if (0!=tr_msg_get_json_string(jrecord, "record_type", &s, tmp_ctx))
+ if (TRP_SUCCESS!=tr_msg_get_json_string(jrecord, "record_type", &s, tmp_ctx))
goto cleanup;
rectype=trp_inforec_type_from_string(s);
return req;
}
-char *tr_msg_encode(TR_MSG *msg)
+char *tr_msg_encode(TALLOC_CTX *mem_ctx, TR_MSG *msg)
{
json_t *jmsg=NULL;
json_t *jmsg_type=NULL;
+ char *encoded_tmp=NULL;
char *encoded=NULL;
TID_RESP *tidresp=NULL;
TID_REQ *tidreq=NULL;
return NULL;
}
- encoded=json_dumps(jmsg, 0);
- json_decref(jmsg);
+ /* We should perhaps use json_set_alloc_funcs to automatically use talloc, but for
+ * now, we'll encode to a malloc'ed buffer, then copy that to a talloc'ed buffer. */
+ encoded_tmp=json_dumps(jmsg, 0); // malloc'ed version
+ json_decref(jmsg); // free the JSON structure
+ encoded = talloc_strdup(mem_ctx, encoded_tmp); // get the talloc'ed version
+ free(encoded_tmp); // free the malloc'ed version
+
+ tr_debug("tr_msg_encode: outgoing msg=%s", encoded);
return encoded;
}
-TR_MSG *tr_msg_decode(char *jbuf, size_t buflen)
+TR_MSG *tr_msg_decode(const char *jbuf, size_t buflen)
{
TR_MSG *msg=NULL;
json_t *jmsg = NULL;
msg->msg_type = TR_UNKNOWN;
msg->msg_rep = NULL;
}
+
+ json_decref(jmsg);
+
return msg;
}
void tr_msg_free_decoded(TR_MSG *msg)
{
if (msg) {
- switch (msg->msg_type) {
- case TID_REQUEST:
- tid_req_free(tr_msg_get_req(msg));
- break;
- case TID_RESPONSE:
- tid_resp_free(tr_msg_get_resp(msg));
- break;
- case TRP_UPDATE:
- trp_upd_free(tr_msg_get_trp_upd(msg));
- break;
- case TRP_REQUEST:
- trp_req_free(tr_msg_get_trp_req(msg));
- default:
- break;
+ if (msg->msg_rep!=NULL) {
+ switch (msg->msg_type) {
+ case TID_REQUEST:
+ tid_req_free(tr_msg_get_req(msg));
+ break;
+ case TID_RESPONSE:
+ tid_resp_free(tr_msg_get_resp(msg));
+ break;
+ case TRP_UPDATE:
+ trp_upd_free(tr_msg_get_trp_upd(msg));
+ break;
+ case TRP_REQUEST:
+ trp_req_free(tr_msg_get_trp_req(msg));
+ default:
+ break;
+ }
}
free (msg);
}