#include <unistd.h>
#include <sys/time.h>
#include <glib.h>
+#include <string.h>
#include <gsscon.h>
+#include <tr_comm.h>
#include <tr_apc.h>
#include <tr_rp.h>
-#include <trust_router/tr_name.h>
+#include <tr_name_internal.h>
#include <trp_internal.h>
#include <tr_gss.h>
#include <trp_ptable.h>
#include <trp_rtable.h>
#include <tr_debug.h>
-
+#include <tr_util.h>
static int trps_destructor(void *object)
{
TR_MQ_MSG *trps_mq_pop(TRPS_INSTANCE *trps)
{
- return tr_mq_pop(trps->mq);
+ return tr_mq_pop(trps->mq, 0);
}
void trps_mq_add(TRPS_INSTANCE *trps, TR_MQ_MSG *msg)
void trps_set_ctable(TRPS_INSTANCE *trps, TR_COMM_TABLE *comm)
{
- if (trps->ctable!=NULL)
- tr_comm_table_free(trps->ctable);
trps->ctable=comm;
}
return rc;
}
-static int trps_listen (TRPS_INSTANCE *trps, int port)
+/* Listens on all interfaces. Returns number of sockets opened. Their
+ * descriptors are stored in *fd_out, which should point to space for
+ * up to max_fd of them. */
+static size_t trps_listen(TRPS_INSTANCE *trps, int port, int *fd_out, size_t max_fd)
{
int rc = 0;
int conn = -1;
- int optval = 1;
-
- union {
- struct sockaddr_storage storage;
- struct sockaddr_in in4;
- } addr;
-
- struct sockaddr_in *saddr = (struct sockaddr_in *) &addr.in4;
+ int optval=0;
+ struct addrinfo *ai=NULL;
+ struct addrinfo *ai_head=NULL;
+ struct addrinfo hints={.ai_flags=AI_PASSIVE,
+ .ai_family=AF_UNSPEC,
+ .ai_socktype=SOCK_STREAM,
+ .ai_protocol=IPPROTO_TCP};
+ char *port_str=NULL;
+ size_t n_opened=0;
+
+ port_str=talloc_asprintf(NULL, "%d", port);
+ if (port_str==NULL) {
+ tr_debug("trps_listen: unable to allocate port.");
+ return -1;
+ }
+ getaddrinfo(NULL, port_str, &hints, &ai_head);
+ talloc_free(port_str);
+
+ for (ai=ai_head,n_opened=0; (ai!=NULL)&&(n_opened<max_fd); ai=ai->ai_next) {
+ if (0 > (conn = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol))) {
+ tr_debug("trps_listen: unable to open socket.");
+ continue;
+ }
- saddr->sin_port = htons (port);
- saddr->sin_family = AF_INET;
- saddr->sin_addr.s_addr = INADDR_ANY;
+ optval=1;
+ if (0!=setsockopt(conn, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval)))
+ tr_debug("trps_listen: unable to set SO_REUSEADDR."); /* not fatal? */
+
+ if (ai->ai_family==AF_INET6) {
+ /* don't allow IPv4-mapped IPv6 addresses (per RFC4942, not sure
+ * if still relevant) */
+ if (0!=setsockopt(conn, IPPROTO_IPV6, IPV6_V6ONLY, &optval, sizeof(optval))) {
+ tr_debug("trps_listen: unable to set IPV6_V6ONLY. Skipping interface.");
+ close(conn);
+ continue;
+ }
+ }
- if (0 > (conn = socket (AF_INET, SOCK_STREAM, 0)))
- return conn;
+ rc=bind(conn, ai->ai_addr, ai->ai_addrlen);
+ if (rc<0) {
+ tr_debug("trps_listen: unable to bind to socket.");
+ close(conn);
+ continue;
+ }
- setsockopt(conn, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
+ if (0>listen(conn, 512)) {
+ tr_debug("trps_listen: unable to listen on bound socket.");
+ close(conn);
+ continue;
+ }
- if (0 > (rc = bind (conn, (struct sockaddr *) saddr, sizeof(struct sockaddr_in))))
- return rc;
+ /* ok, this one worked. Save it */
+ fd_out[n_opened++]=conn;
+ }
+ freeaddrinfo(ai_head);
- if (0 > (rc = listen(conn, 512)))
- return rc;
+ if (n_opened==0) {
+ tr_debug("trps_listen: no addresses available for listening.");
+ return -1;
+ }
+
+ tr_debug("trps_listen: TRP Server listening on port %d on %d socket%s",
+ port,
+ n_opened,
+ (n_opened==1)?"":"s");
- tr_debug("trps_listen: TRP Server listening on port %d", port);
- return conn;
+ return n_opened;
}
/* get the currently selected route if available */
case TRP_UPDATE:
trp_upd_set_peer(tr_msg_get_trp_upd(*msg), tr_dup_name(conn_peer));
trp_upd_set_next_hop(tr_msg_get_trp_upd(*msg), trp_peer_get_server(peer), 0); /* TODO: 0 should be the configured TID port */
+ /* update provenance if necessary */
+ trp_upd_add_to_provenance(tr_msg_get_trp_upd(*msg), trp_peer_get_label(peer));
break;
case TRP_REQUEST:
TRP_AUTH_FUNC auth_handler,
const char *hostname,
unsigned int port,
- void *cookie)
+ void *cookie,
+ int *fd_out,
+ size_t max_fd)
{
- int listen = -1;
-
- if (0 > (listen = trps_listen(trps, port))) {
- char errbuf[256];
- if (0 == strerror_r(errno, errbuf, 256)) {
- tr_debug("trps_get_listener: Error opening port %d: %s.", port, errbuf);
- } else {
- tr_debug("trps_get_listener: Unknown error openining port %d.", port);
- }
- }
+ size_t n_fd=0;
+ size_t ii=0;
- if (listen > 0) {
+ n_fd=trps_listen(trps, port, fd_out, max_fd);
+ if (n_fd==0)
+ tr_err("trps_get_listener: Error opening port %d.");
+ else {
/* opening port succeeded */
- tr_debug("trps_get_listener: Opened port %d.", port);
+ tr_info("trps_get_listener: Opened port %d.", port);
- /* make this socket non-blocking */
- if (0 != fcntl(listen, F_SETFL, O_NONBLOCK)) {
- tr_debug("trps_get_listener: Error setting O_NONBLOCK.");
- close(listen);
- listen=-1;
+ /* make the sockets non-blocking */
+ for (ii=0; ii<n_fd; ii++) {
+ if (0 != fcntl(fd_out[ii], F_SETFL, O_NONBLOCK)) {
+ tr_err("trps_get_listener: Error setting O_NONBLOCK.");
+ for (ii=0; ii<n_fd; ii++) {
+ close(fd_out[ii]);
+ fd_out[ii]=-1;
+ }
+ n_fd=0;
+ break;
+ }
}
}
- if (listen > 0) {
+ if (n_fd>0) {
/* store the caller's request handler & cookie */
trps->msg_handler = msg_handler;
trps->auth_handler = auth_handler;
trps->cookie = cookie;
}
- return listen;
+ return n_fd;
}
TRP_RC trps_authorize_connection(TRPS_INSTANCE *trps, TRP_CONNECTION *conn)
static struct timespec *trps_compute_expiry(TRPS_INSTANCE *trps, unsigned int interval, struct timespec *ts)
{
const unsigned int small_factor=3; /* how many intervals we wait before expiring */
- if (0!=clock_gettime(CLOCK_REALTIME, ts)) {
+ if (0!=clock_gettime(TRP_CLOCK, ts)) {
tr_err("trps_compute_expiry: could not read realtime clock.");
ts->tv_sec=0;
ts->tv_nsec=0;
}
+ tr_debug("trps_compute_expiry: tv_sec=%u, interval=%u, small_factor*interval=%u", ts->tv_sec, interval, small_factor*interval);
ts->tv_sec += small_factor*interval;
return ts;
}
}
if (trps_name_in_provenance(our_peer_label, trp_inforec_get_provenance(rec)))
- tr_debug("trps_handle_inforec_comm: rejecting community inforec to avoid loop.");
+ tr_debug("trps_handle_inforec_comm: rejecting community inforec to avoid provenance loop.");
else {
/* no loop occurring, accept the update */
comm=tr_comm_table_find_comm(trps->ctable, comm_id);
* the next table sweep if it does not get any realms before that happens */
goto cleanup;
}
- tr_rp_realm_add(trps->ctable->rp_realms, rp_realm);
+ tr_comm_table_add_rp_realm(trps->ctable, rp_realm);
}
/* TODO: if realm existed, see if data match the new inforec and update or complain */
- tr_comm_add_rp_realm(trps->ctable, comm, rp_realm, trp_inforec_get_provenance(rec), &expiry);
+ tr_comm_add_rp_realm(trps->ctable, comm, rp_realm, trp_inforec_get_interval(rec), trp_inforec_get_provenance(rec), &expiry);
tr_debug("trps_handle_inforec_comm: added RP realm %.*s to comm %.*s (origin %.*s).",
realm_id->len, realm_id->buf,
comm_id->len, comm_id->buf,
* the next table sweep if it does not get any realms before that happens */
goto cleanup;
}
- tr_idp_realm_add(trps->ctable->idp_realms, idp_realm);
+ tr_comm_table_add_idp_realm(trps->ctable, idp_realm);
}
/* TODO: if realm existed, see if data match the new inforec and update or complain */
- tr_comm_add_idp_realm(trps->ctable, comm, idp_realm, trp_inforec_get_provenance(rec), &expiry);
+ tr_comm_add_idp_realm(trps->ctable, comm, idp_realm, trp_inforec_get_interval(rec), trp_inforec_get_provenance(rec), &expiry);
tr_debug("trps_handle_inforec_comm: added IDP realm %.*s to comm %.*s (origin %.*s).",
realm_id->len, realm_id->buf,
comm_id->len, comm_id->buf,
return rc;
}
+/**
+ * Apply applicable TRP_INBOUND filters to an inforec. Rejects everything if peer has no filters.
+ *
+ * @param trps Active TRPS instance
+ * @param upd TRP_UPD that contains the inforec to filter
+ * @param rec Inforec to filter
+ * @return 1 if accepted by the filter, 0 otherwise
+ */
+static int trps_filter_inbound_inforec(TRPS_INSTANCE *trps, TRP_UPD *upd, TRP_INFOREC *rec)
+{
+ TRP_PEER *peer=NULL;
+ TR_NAME *peer_name=NULL;
+ TR_FILTER_ACTION action=TR_FILTER_ACTION_REJECT;
+ TR_FILTER_TARGET *target=NULL;
+ int retval=0;
+
+ /* Look up the peer. For inbound messages, the peer is identified by its GSS name */
+ peer_name=trp_upd_get_peer(upd);
+ peer=trps_get_peer_by_gssname(trps, peer_name);
+ if (peer==NULL) {
+ tr_err("trps_filter_inbound_inforec: received inforec from unknown peer (%.*s), rejecting.",
+ peer_name->len,
+ peer_name->buf);
+ return 0;
+ }
+
+ /* tr_filter_apply() and tr_filter_set_get() handle null filter sets/filters by rejecting */
+ target= tr_filter_target_trp_inforec(NULL, upd, rec);
+ if (target==NULL) {
+ /* TODO: signal that filtering failed. Until then, just filter everything and give an error message. */
+ tr_crit("trps_filter_inbound_inforec: Unable to allocate filter target, cannot apply filter!");
+ }
+ if ((target==NULL)
+ || (TR_FILTER_NO_MATCH==tr_filter_apply(target,
+ tr_filter_set_get(peer->filters, TR_FILTER_TYPE_TRP_INBOUND),
+ NULL,
+ &action))
+ || (action!=TR_FILTER_ACTION_ACCEPT)) {
+ /* either the filter did not match or it matched a reject rule or allocating the target failed */
+ retval=0;
+ } else
+ retval=1;
+ if (target!=NULL)
+ tr_filter_target_free(target);
+
+ /* filter matched an accept rule */
+ return retval;
+}
+
+
static TRP_RC trps_handle_update(TRPS_INSTANCE *trps, TRP_UPD *upd)
{
TRP_INFOREC *rec=NULL;
}
for (rec=trp_upd_get_inforec(upd); rec!=NULL; rec=trp_inforec_get_next(rec)) {
+ if (!trps_filter_inbound_inforec(trps, upd, rec)) {
+ tr_debug("trps_handle_update: inforec rejected by filter.");
+ continue; /* just go on to the next record */
+ }
+
switch (trp_inforec_get_type(rec)) {
case TRP_INFOREC_TYPE_ROUTE:
+ tr_debug("trps_handle_update: handling route inforec.");
if (TRP_SUCCESS!=trps_handle_inforec_route(trps, upd, rec))
tr_notice("trps_handle_update: error handling route inforec.");
break;
case TRP_INFOREC_TYPE_COMMUNITY:
+ tr_debug("trps_handle_update: handling community inforec.");
if (TRP_SUCCESS!=trps_handle_inforec_comm(trps, upd, rec))
tr_notice("trps_handle_update: error handling community inforec.");
+
break;
default:
tr_notice("trps_handle_update: unsupported inforec in TRP update.");
/* true if curtime >= expiry */
static int trps_expired(struct timespec *expiry, struct timespec *curtime)
{
- return ((curtime->tv_sec > expiry->tv_sec)
- || ((curtime->tv_sec == expiry->tv_sec)
- &&(curtime->tv_nsec >= expiry->tv_nsec)));
+ return (tr_cmp_timespec(curtime, expiry) >= 0);
}
/* Sweep for expired routes. For each expired route, if its metric is infinite, the route is flushed.
size_t ii=0;
/* use a single time for the entire sweep */
- if (0!=clock_gettime(CLOCK_REALTIME, &sweep_time)) {
+ if (0!=clock_gettime(TRP_CLOCK, &sweep_time)) {
tr_err("trps_sweep_routes: could not read realtime clock.");
sweep_time.tv_sec=0;
sweep_time.tv_nsec=0;
return TRP_SUCCESS;
}
+
+static char *timespec_to_str(struct timespec *ts)
+{
+ struct tm tm;
+ char *s=NULL;
+
+ if (localtime_r(&(ts->tv_sec), &tm)==NULL)
+ return NULL;
+
+ s=malloc(40); /* long enough to contain strftime result */
+ if (s==NULL)
+ return NULL;
+
+ if (strftime(s, 40, "%F %T", &tm)==0) {
+ free(s);
+ return NULL;
+ }
+ return s;
+}
+
+
+/* Sweep for expired communities/realms/memberships. */
+TRP_RC trps_sweep_ctable(TRPS_INSTANCE *trps)
+{
+ TALLOC_CTX *tmp_ctx=talloc_new(NULL);
+ struct timespec sweep_time={0,0};
+ TR_COMM_MEMB *memb=NULL;
+ TR_COMM_ITER *iter=NULL;
+ TRP_RC rc=TRP_ERROR;
+
+ /* use a single time for the entire sweep */
+ if (0!=clock_gettime(TRP_CLOCK, &sweep_time)) {
+ tr_err("trps_sweep_ctable: could not read realtime clock.");
+ sweep_time.tv_sec=0;
+ sweep_time.tv_nsec=0;
+ goto cleanup;
+ }
+
+ /* iterate all memberships */
+ iter=tr_comm_iter_new(tmp_ctx);
+ if (iter==NULL) {
+ tr_err("trps_sweep_ctable: unable to allocate iterator.");
+ rc=TRP_NOMEM;
+ goto cleanup;
+ }
+ for (memb=tr_comm_memb_iter_all_first(iter, trps->ctable);
+ memb!=NULL;
+ memb=tr_comm_memb_iter_all_next(iter)) {
+ if (tr_comm_memb_get_origin(memb)==NULL)
+ continue; /* do not expire local entries */
+
+ if (tr_comm_memb_is_expired(memb, &sweep_time)) {
+ if (tr_comm_memb_get_times_expired(memb)>0) {
+ /* Already expired once; flush. */
+ tr_debug("trps_sweep_ctable: flushing expired community membership (%.*s in %.*s, origin %.*s, expired %s).",
+ tr_comm_memb_get_realm_id(memb)->len, tr_comm_memb_get_realm_id(memb)->buf,
+ tr_comm_get_id(tr_comm_memb_get_comm(memb))->len, tr_comm_get_id(tr_comm_memb_get_comm(memb))->buf,
+ tr_comm_memb_get_origin(memb)->len, tr_comm_memb_get_origin(memb)->buf,
+ timespec_to_str(tr_comm_memb_get_expiry(memb)));
+ tr_comm_table_remove_memb(trps->ctable, memb);
+ tr_comm_memb_free(memb);
+ } else {
+ /* This is the first expiration. Note this and reset the expiry time. */
+ tr_comm_memb_expire(memb);
+ trps_compute_expiry(trps, tr_comm_memb_get_interval(memb), tr_comm_memb_get_expiry(memb));
+ tr_debug("trps_sweep_ctable: community membership expired at %s, resetting expiry to %s (%.*s in %.*s, origin %.*s).",
+ timespec_to_str(&sweep_time),
+ timespec_to_str(tr_comm_memb_get_expiry(memb)),
+ tr_comm_memb_get_realm_id(memb)->len, tr_comm_memb_get_realm_id(memb)->buf,
+ tr_comm_get_id(tr_comm_memb_get_comm(memb))->len, tr_comm_get_id(tr_comm_memb_get_comm(memb))->buf,
+ tr_comm_memb_get_origin(memb)->len, tr_comm_memb_get_origin(memb)->buf);
+ }
+ }
+ }
+
+ /* get rid of any unreferenced realms, etc */
+ tr_comm_table_sweep(trps->ctable);
+
+cleanup:
+ talloc_free(tmp_ctx);
+ return rc;
+}
+
/* add metrics */
static unsigned int trps_metric_add(unsigned int m1, unsigned int m2)
{
goto cleanup;
}
- if (TRP_SUCCESS!=trp_inforec_set_interval(rec, tr_comm_memb_get_interval(memb))) {
+ if (TRP_SUCCESS!=trp_inforec_set_interval(rec, trps_get_update_interval(trps))) {
rec=NULL;
goto cleanup;
}
/* Find all community updates to send to a peer and add these as TR_UPD records
* to the updates GPtrArray. */
-static TRP_RC trps_select_comm_updates_for_peer(TALLOC_CTX *mem_ctx, GPtrArray *updates, TRPS_INSTANCE *trps, TR_NAME *peer_gssname)
+static TRP_RC trps_select_comm_updates_for_peer(TALLOC_CTX *mem_ctx,
+ GPtrArray *updates,
+ TRPS_INSTANCE *trps,
+ TR_NAME *peer_gssname,
+ int triggered)
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
TR_COMM_ITER *comm_iter=NULL;
TR_REALM *realm=NULL;
TRP_UPD *upd=NULL;
TRP_RC rc=TRP_ERROR;
-
+
+ /* currently do not send any communities on triggered updates */
+ if (triggered) {
+ rc=TRP_SUCCESS;
+ goto cleanup;
+ }
+
comm_iter=tr_comm_iter_new(tmp_ctx);
realm_iter=tr_comm_iter_new(tmp_ctx);
if ((comm_iter==NULL) || (realm_iter==NULL)) {
return rc;
}
+/**
+ * Filter the inforecs in a single update
+ *
+ * @param filt The filter to apply
+ * @param upd The update to filter
+ */
+static void trps_filter_one_outbound_update(TR_FILTER *filt, TRP_UPD *upd)
+{
+ TRP_INFOREC *this=NULL, *next=NULL;
+ TR_FILTER_ACTION action=TR_FILTER_ACTION_REJECT;
+ TR_FILTER_TARGET *target=NULL;
+
+ for(this=trp_upd_get_inforec(upd); this!=NULL; this=next) {
+ next=this->next;
+ target= tr_filter_target_trp_inforec(NULL, upd, this);
+ if (target==NULL) {
+ /* TODO: signal that filtering failed. Until then, just filter everything and give an error message. */
+ tr_crit("trps_filter_one_outbound_update: Unable to allocate filter target, cannot apply filter!");
+ }
+ if ((target==NULL)
+ || (TR_FILTER_NO_MATCH==tr_filter_apply(target, filt, NULL, &action))
+ || (action!=TR_FILTER_ACTION_ACCEPT)) {
+ /* Either no filter matched or one matched and rejected this record.
+ * Also filter out record if we were unable to allocate a target. */
+ trp_upd_remove_inforec(upd, this); /* "this" is now invalid */
+ }
+ if (target!=NULL)
+ tr_filter_target_free(target);
+ }
+}
+
+/**
+ * May shuffle the update list.
+ *
+ * @param filters The filter set for the relevant TRP peer
+ * @param updates GPtrArray of updates to filter
+ */
+static void trps_filter_outbound_updates(TR_FILTER_SET *filters, GPtrArray *updates)
+{
+ TRP_UPD *upd=NULL;
+ guint ii=0;
+
+ /* Walk backward through the array so we can remove elements. Careful about loop
+ * termination - remember that ii is unsigned. */
+ for (ii=updates->len; ii>0; ii--) {
+ upd=g_ptr_array_index(updates, ii-1);
+ trps_filter_one_outbound_update(tr_filter_set_get(filters, TR_FILTER_TYPE_TRP_OUTBOUND), upd);
+ /* see if we removed all the records from this update */
+ if (trp_upd_num_inforecs(upd)==0)
+ g_ptr_array_remove_index_fast(updates, ii-1); /* does not preserve order at index ii or higher */
+ }
+}
/* helper for trps_update_one_peer. Frees the TRP_UPD pointed to by a GPtrArray element */
static void trps_trp_upd_destroy(gpointer data)
static TRP_RC trps_update_one_peer(TRPS_INSTANCE *trps,
TRP_PEER *peer,
TRP_UPDATE_TYPE update_type,
- TR_NAME *comm,
- TR_NAME *realm)
+ TR_NAME *realm,
+ TR_NAME *comm)
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
TR_MSG msg; /* not a pointer! */
/* Second, gather community updates */
tr_debug("trps_update_one_peer: selecting community updates for %.*s.", peer_label->len, peer_label->buf);
- rc=trps_select_comm_updates_for_peer(tmp_ctx, updates, trps, peer_label);
+ rc=trps_select_comm_updates_for_peer(tmp_ctx, updates, trps, peer_label, update_type==TRP_UPDATE_TRIGGERED);
/* see if we have anything to send */
if (updates->len<=0)
tr_debug("trps_update_one_peer: no updates for %.*s", peer_label->len, peer_label->buf);
else {
- tr_debug("trps_update_one_peer: sending %d update messages.", updates->len);
- for (ii=0; ii<updates->len; ii++) {
- upd=(TRP_UPD *)g_ptr_array_index(updates, ii);
- /* now encode the update message */
- tr_msg_set_trp_upd(&msg, upd);
- encoded=tr_msg_encode(&msg);
- if (encoded==NULL) {
- tr_err("trps_update_one_peer: error encoding update.");
- rc=TRP_ERROR;
- goto cleanup;
- }
+ /* Apply outbound TRP filters for this peer */
+ trps_filter_outbound_updates(peer->filters, updates);
- tr_debug("trps_update_one_peer: adding message to queue.");
- if (trps_send_msg(trps, peer, encoded) != TRP_SUCCESS)
- tr_err("trps_update_one_peer: error queueing update.");
- else
- tr_debug("trps_update_one_peer: update queued successfully.");
+ if (updates->len<=0)
+ tr_debug("trps_update_one_peer: no updates for %.*s after filtering.", peer_label->len, peer_label->buf);
+ else {
+ tr_debug("trps_update_one_peer: sending %d update messages.", updates->len);
+ for (ii=0; ii<updates->len; ii++) {
+ upd = (TRP_UPD *) g_ptr_array_index(updates, ii);
+ /* now encode the update message */
+ tr_msg_set_trp_upd(&msg, upd);
+ encoded = tr_msg_encode(&msg);
+ if (encoded == NULL) {
+ tr_err("trps_update_one_peer: error encoding update.");
+ rc = TRP_ERROR;
+ goto cleanup;
+ }
+
+ tr_debug("trps_update_one_peer: adding message to queue.");
+ if (trps_send_msg(trps, peer, encoded) != TRP_SUCCESS)
+ tr_err("trps_update_one_peer: error queueing update.");
+ else
+ tr_debug("trps_update_one_peer: update queued successfully.");
- tr_msg_free_encoded(encoded);
- encoded=NULL;
+ tr_msg_free_encoded(encoded);
+ encoded = NULL;
+ }
}
}
}
for (peer=trp_ptable_iter_first(iter, trps->ptable);
- peer!=NULL && rc==TRP_SUCCESS;
+ (peer!=NULL) && (rc==TRP_SUCCESS);
peer=trp_ptable_iter_next(iter))
{
if (!trps_peer_connected(trps, peer)) {
return trps_update_one_peer(trps,
trps_get_peer_by_gssname(trps, trp_req_get_peer(req)),
TRP_UPDATE_REQUESTED,
- comm,
- realm);
+ realm,
+ comm);
}
projects / trust_router.git / blobdiff