X-Git-Url: http://www.project-moonshot.org/gitweb/?p=trust_router.git;a=blobdiff_plain;f=tr%2Ftr_trp.c;h=9f9c558d4707c6b23d5c8fd04e6447ef24f80d5e;hp=9ca0b2f48fd53df0e0ed2f61c5059edd2e2b778b;hb=81a61f8c6064bf52ff2a40a3d28e6ee5b2e478d4;hpb=491ba8ca58cc643662a8f01dee0939dce835c22f diff --git a/tr/tr_trp.c b/tr/tr_trp.c index 9ca0b2f..9f9c558 100644 --- a/tr/tr_trp.c +++ b/tr/tr_trp.c @@ -47,7 +47,9 @@ #include #include #include +#include #include +#include #include #include #include @@ -112,7 +114,7 @@ static int tr_trps_gss_handler(gss_name_t client_name, gss_buffer_t gss_name, tr_debug("tr_trps_gss_handler()"); - if ((!client_name) || (!gss_name) || (!trps) || (!cfg_mgr)) { + if ((!client_name) || (!trps) || (!cfg_mgr)) { tr_debug("tr_trps_gss_handler: Bad parameters."); return -1; } @@ -182,23 +184,22 @@ static void tr_trps_event_cb(int listener, short event, void *arg) tr_debug("tr_trps_event_cb: unexpected event on TRPS socket (event=0x%X)", event); } else { /* create a thread to handle this connection */ - if (asprintf(&name, "trustrouter@%s", trps->hostname)==-1) { + name = talloc_asprintf(tmp_ctx, "trustrouter@%s", trps->hostname); + if (name == NULL) goto cleanup; - } - gssname=tr_new_name(name); - free(name); name=NULL; + gssname=tr_new_name(name); /* name cleaned up with tmp_ctx */ + conn=trp_connection_accept(tmp_ctx, listener, gssname); if (conn!=NULL) { /* need to monitor this fd and trigger events when read becomes possible */ thread_data=talloc(conn, struct trps_thread_data); if (thread_data==NULL) { tr_err("tr_trps_event_cb: unable to allocate trps_thread_data"); - talloc_free(tmp_ctx); - return; + goto cleanup; } thread_data->conn=conn; thread_data->trps=trps; - trps_add_connection(trps, conn); /* remember the connection */ + trps_add_connection(trps, conn); /* remember the connection - this puts conn and the thread data in trps's talloc context */ pthread_create(trp_connection_get_thread(conn), NULL, tr_trps_thread, thread_data); } } @@ -226,79 +227,108 @@ static void tr_trps_cleanup_trpc(TRPS_INSTANCE *trps, TRPC_INSTANCE *trpc) tr_debug("tr_trps_cleanup_trpc: deleted connection"); } -static void tr_trps_print_route_table(TRPS_INSTANCE *trps, FILE *f) +/** + * Get a dynamically allocated string with a description of the route table. + * Caller must free the string using talloc_free(). + * + * @param memctx talloc context for the string + * @param trps trps instance containing the route table + * @return pointer to the output, or NULL on error + */ +static char *tr_trps_route_table_to_str(TALLOC_CTX *memctx, TRPS_INSTANCE *trps) { - char *table=trp_rtable_to_str(NULL, trps->rtable, " | ", NULL); - if (table==NULL) - fprintf(f, "Unable to print route table.\n"); - else { - fprintf(f, "%s\n", table); - talloc_free(table); - } + return trp_rtable_to_str(memctx, trps->rtable, " | ", NULL); +} + +/** + * Get a dynamically allocated string with a description of the community table. + * Caller must free the string using talloc_free(). + * + * @param memctx talloc context for the string + * @param trps trps instance containing the community table + * @return pointer to the output, or NULL on error + */ +static char *tr_trps_comm_table_to_str(TALLOC_CTX *memctx, TRPS_INSTANCE *trps) +{ + return tr_comm_table_to_str(memctx, trps->ctable); } +/** + * Event handler to process TRP messages from connection threads. These + * are added to the message queue (mq) in tr_trps_msg_handler(), which + * runs in the other threads. + * + * @param socket Ignored + * @param event Ignored + * @param arg Pointer to the TRPS_INSTANCE + */ static void tr_trps_process_mq(int socket, short event, void *arg) { TRPS_INSTANCE *trps=talloc_get_type_abort(arg, TRPS_INSTANCE); TR_MQ_MSG *msg=NULL; const char *s=NULL; + TRP_PEER *peer = NULL; + char *tmp = NULL; msg=trps_mq_pop(trps); while (msg!=NULL) { s=tr_mq_msg_get_message(msg); if (0==strcmp(s, TR_MQMSG_TRPS_CONNECTED)) { - TR_NAME *gssname=(TR_NAME *)tr_mq_msg_get_payload(msg); - TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname); + TR_NAME *peer_gssname=(TR_NAME *)tr_mq_msg_get_payload(msg); + peer=trps_get_peer_by_gssname(trps, peer_gssname); /* get the peer record */ + tmp = tr_name_strdup(peer_gssname); /* get the name as a null-terminated string */ if (peer==NULL) - tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) reported.", gssname->buf); + tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) reported.", tmp); else { trp_peer_set_incoming_status(peer, PEER_CONNECTED); - tr_err("tr_trps_process_mq: incoming connection from %s established.", gssname->buf); + tr_notice("tr_trps_process_mq: incoming connection from %s established.", tmp); } + free(tmp); } else if (0==strcmp(s, TR_MQMSG_TRPS_DISCONNECTED)) { TRP_CONNECTION *conn=talloc_get_type_abort(tr_mq_msg_get_payload(msg), TRP_CONNECTION); - TR_NAME *gssname=trp_connection_get_gssname(conn); - TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname); + TR_NAME *peer_gssname=trp_connection_get_peer(conn); + peer=trps_get_peer_by_gssname(trps, peer_gssname); /* get the peer record */ + tmp = tr_name_strdup(peer_gssname); /* get the name as a null-terminated string */ if (peer==NULL) { - tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) lost.", - trp_connection_get_gssname(conn)->buf); + tr_err("tr_trps_process_mq: incoming connection from unknown peer (%.*s) lost.", tmp); } else { trp_peer_set_incoming_status(peer, PEER_DISCONNECTED); tr_trps_cleanup_conn(trps, conn); - tr_err("tr_trps_process_mq: incoming connection from %s lost.", gssname->buf); + tr_notice("tr_trps_process_mq: incoming connection from %s lost.", tmp); } + free(tmp); } else if (0==strcmp(s, TR_MQMSG_TRPC_CONNECTED)) { TR_NAME *svcname=(TR_NAME *)tr_mq_msg_get_payload(msg); - TRP_PEER *peer=trps_get_peer_by_servicename(trps, svcname); + peer=trps_get_peer_by_servicename(trps, svcname); + tmp = tr_name_strdup(svcname); if (peer==NULL) - tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) reported.", svcname->buf); + tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) reported.", tmp); else { trp_peer_set_outgoing_status(peer, PEER_CONNECTED); - tr_err("tr_trps_process_mq: outgoing connection to %s established.", svcname->buf); + tr_notice("tr_trps_process_mq: outgoing connection to %s established.", tmp); } + free(tmp); } else if (0==strcmp(s, TR_MQMSG_TRPC_DISCONNECTED)) { - /* trpc connection died */ TRPC_INSTANCE *trpc=talloc_get_type_abort(tr_mq_msg_get_payload(msg), TRPC_INSTANCE); - TR_NAME *gssname=trpc_get_gssname(trpc); - TRP_PEER *peer=trps_get_peer_by_servicename(trps, gssname); + TR_NAME *svcname=trpc_get_gssname(trpc); + peer=trps_get_peer_by_servicename(trps, svcname); + tmp = tr_name_strdup(svcname); if (peer==NULL) - tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) lost.", gssname->buf); + tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) lost.", tmp); else { trp_peer_set_outgoing_status(peer, PEER_DISCONNECTED); - tr_err("tr_trps_process_mq: outgoing connection to %s lost.", gssname->buf); + tr_notice("tr_trps_process_mq: outgoing connection to %s lost.", tmp); tr_trps_cleanup_trpc(trps, trpc); } + free(tmp); } else if (0==strcmp(s, TR_MQMSG_MSG_RECEIVED)) { if (trps_handle_tr_msg(trps, tr_mq_msg_get_payload(msg))!=TRP_SUCCESS) tr_notice("tr_trps_process_mq: error handling message."); - else { - tr_trps_print_route_table(trps, stderr); - } } else tr_notice("tr_trps_process_mq: unknown message '%s' received.", tr_mq_msg_get_message(msg)); @@ -317,6 +347,7 @@ static void tr_trps_update(int listener, short event, void *arg) tr_debug("tr_trps_update: sending scheduled route/community updates."); trps_update(trps, TRP_UPDATE_SCHEDULED); event_add(ev, &(trps->update_interval)); + tr_debug("tr_trps_update: update interval=%d", trps->update_interval.tv_sec); } static void tr_trps_sweep(int listener, short event, void *arg) @@ -324,10 +355,23 @@ static void tr_trps_sweep(int listener, short event, void *arg) struct tr_trps_event_cookie *cookie=talloc_get_type_abort(arg, struct tr_trps_event_cookie); TRPS_INSTANCE *trps=cookie->trps; struct event *ev=cookie->ev; + char *table_str=NULL; tr_debug("tr_trps_sweep: sweeping routes."); trps_sweep_routes(trps); - tr_trps_print_route_table(trps, stderr); + tr_debug("tr_trps_sweep: sweeping communities."); + trps_sweep_ctable(trps); + table_str=tr_trps_route_table_to_str(NULL, trps); + if (table_str!=NULL) { + tr_debug(table_str); + talloc_free(table_str); + } + + table_str=tr_trps_comm_table_to_str(NULL, trps); + if (table_str!=NULL) { + tr_debug(table_str); + talloc_free(table_str); + } /* schedule the event to run again */ event_add(ev, &(trps->sweep_interval)); } @@ -393,6 +437,7 @@ TRP_RC tr_trps_event_init(struct event_base *base, TR_INSTANCE *tr) struct tr_trps_event_cookie *sweep_cookie=NULL; struct timeval zero_time={0,0}; TRP_RC retval=TRP_ERROR; + size_t ii=0; if (tr->events != NULL) { tr_notice("tr_trps_event_init: tr->events was not null. Freeing before reallocating.."); @@ -423,28 +468,31 @@ TRP_RC tr_trps_event_init(struct event_base *base, TR_INSTANCE *tr) trps_cookie->cfg_mgr=tr->cfg_mgr; /* get a trps listener */ - listen_ev->sock_fd=trps_get_listener(tr->trps, - tr_trps_msg_handler, - tr_trps_gss_handler, - tr->cfg_mgr->active->internal->hostname, - tr->cfg_mgr->active->internal->trps_port, - (void *)trps_cookie); - if (listen_ev->sock_fd < 0) { + listen_ev->n_sock_fd=trps_get_listener(tr->trps, + tr_trps_msg_handler, + tr_trps_gss_handler, + tr->cfg_mgr->active->internal->hostname, + tr->cfg_mgr->active->internal->trps_port, + (void *)trps_cookie, + listen_ev->sock_fd, + TR_MAX_SOCKETS); + if (listen_ev->n_sock_fd==0) { tr_crit("Error opening TRP server socket."); retval=TRP_ERROR; tr_trps_events_free(tr->events); tr->events=NULL; goto cleanup; } - trps_cookie->ev=listen_ev->ev; /* in case it needs to frob the event */ - - /* and its event */ - listen_ev->ev=event_new(base, - listen_ev->sock_fd, - EV_READ|EV_PERSIST, - tr_trps_event_cb, - (void *)(tr->trps)); - event_add(listen_ev->ev, NULL); + + /* Set up events for the sockets */ + for (ii=0; iin_sock_fd; ii++) { + listen_ev->ev[ii]=event_new(base, + listen_ev->sock_fd[ii], + EV_READ|EV_PERSIST, + tr_trps_event_cb, + (void *)(tr->trps)); + event_add(listen_ev->ev[ii], NULL); + } /* now set up message queue processing event, only triggered by * tr_trps_mq_cb() */ @@ -509,29 +557,27 @@ cleanup: return retval; } - -struct trpc_notify_cb_data { - int msg_ready; - pthread_cond_t cond; - pthread_mutex_t mutex; -}; - -static void tr_trpc_mq_cb(TR_MQ *mq, void *arg) -{ - struct trpc_notify_cb_data *cb_data=(struct trpc_notify_cb_data *) arg; - pthread_mutex_lock(&(cb_data->mutex)); - if (!cb_data->msg_ready) { - cb_data->msg_ready=1; - pthread_cond_signal(&(cb_data->cond)); - } - pthread_mutex_unlock(&(cb_data->mutex)); -} - /* data passed to thread */ struct trpc_thread_data { TRPC_INSTANCE *trpc; TRPS_INSTANCE *trps; }; + +/** + * Thread for handling TRPC (outgoing) connections + * + * Opens a connection to a peer. If successful, notifies the trps thread by + * posting a TR_MQMSG_TRPC_CONNECTED message to the trps message queue. + * It then waits for messages on trpc->mq. Normally these will be TR_MQMSG_TRPC_SEND + * messages, which this thread forwards to the peer. If its connection is lost or + * a TR_MQMSG_ABORT message is received on trpc->mq, the thread sends a + * TR_MQMSG_TRPC_DISCONNECTED message to the trps thread, then cleans up and + * terminates. + * + * The trps may continue queueing messages for this client even when the + * connection is down. To prevent the queue from growing endlessly, this thread + * should clear its queue after failed connection attempts. + */ static void *tr_trpc_thread(void *arg) { TALLOC_CTX *tmp_ctx=talloc_new(NULL); @@ -543,35 +589,28 @@ static void *tr_trpc_thread(void *arg) const char *msg_type=NULL; char *encoded_msg=NULL; TR_NAME *peer_gssname=NULL; - int n_sent=0; + struct timespec wait_until = {0}; int exit_loop=0; - struct trpc_notify_cb_data cb_data={0, - PTHREAD_COND_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER}; - tr_debug("tr_trpc_thread: started"); - /* set up the mq for receiving */ - pthread_mutex_lock(&(cb_data.mutex)); /* hold this lock until we enter the main loop */ - - tr_mq_lock(trpc->mq); - tr_mq_set_notify_cb(trpc->mq, tr_trpc_mq_cb, (void *) &cb_data); - tr_mq_unlock(trpc->mq); - + /* Try to make the outgoing connection */ rc=trpc_connect(trpc); if (rc!=TRP_SUCCESS) { tr_notice("tr_trpc_thread: failed to initiate connection to %s:%d.", trpc_get_server(trpc), trpc_get_port(trpc)); + trpc_mq_clear(trpc); /* clear the queue even though we did not connect */ } else { + /* Retrieve the GSS name used by the peer for authentication */ peer_gssname=trp_connection_get_peer(trpc_get_conn(trpc)); if (peer_gssname==NULL) { tr_err("tr_trpc_thread: could not duplicate peer_gssname."); talloc_free(tmp_ctx); return NULL; } - tr_debug("tr_trpc_thread: connected to peer %s", peer_gssname->buf); + tr_debug("tr_trpc_thread: connected to peer %.*s", + peer_gssname->len, peer_gssname->buf); msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_CONNECTED, TR_MQ_PRIO_HIGH); tr_mq_msg_set_payload(msg, (void *)tr_dup_name(peer_gssname), tr_free_name_helper); @@ -583,55 +622,60 @@ static void *tr_trpc_thread(void *arg) trps_mq_add(trps, msg); /* steals msg context */ msg=NULL; + /* Loop until we get an abort message or until the connection is lost. */ while(!exit_loop) { - cb_data.msg_ready=0; - pthread_cond_wait(&(cb_data.cond), &(cb_data.mutex)); - /* verify the condition */ - if (cb_data.msg_ready) { - for (msg=trpc_mq_pop(trpc),n_sent=0; msg!=NULL; msg=trpc_mq_pop(trpc),n_sent++) { - msg_type=tr_mq_msg_get_message(msg); - - if (0==strcmp(msg_type, TR_MQMSG_ABORT)) { - exit_loop=1; - break; - } - else if (0==strcmp(msg_type, TR_MQMSG_TRPC_SEND)) { - encoded_msg=tr_mq_msg_get_payload(msg); - if (encoded_msg==NULL) - tr_notice("tr_trpc_thread: null outgoing TRP message."); - else { - rc = trpc_send_msg(trpc, encoded_msg); - if (rc!=TRP_SUCCESS) { - tr_notice("tr_trpc_thread: trpc_send_msg failed."); - exit_loop=1; - break; - } + /* Wait up to 10 minutes for a message to be queued to send to the peer. + * Log a warning if we go longer than that, but don't give up. */ + if (tr_mq_pop_timeout(10 * 60, &wait_until) != 0) { + tr_err("tr_trpc_thread: unable to set abort timeout"); + break; /* immediately exit the loop, don't go through cleanup */ + } + + /* Pop a message from the queue. */ + msg = trpc_mq_pop(trpc, &wait_until); + if (msg) { + msg_type = tr_mq_msg_get_message(msg); + if (0 == strcmp(msg_type, TR_MQMSG_ABORT)) { + tr_debug("tr_trpc_thread: received abort message from main thread."); + exit_loop = 1; + } else if (0 == strcmp(msg_type, TR_MQMSG_TRPC_SEND)) { + encoded_msg = tr_mq_msg_get_payload(msg); + if (encoded_msg == NULL) + tr_notice("tr_trpc_thread: null outgoing TRP message."); + else { + rc = trpc_send_msg(trpc, encoded_msg); + if (rc == TRP_SUCCESS) { + tr_debug("tr_trpc_thread: sent message."); + } else { + tr_notice("tr_trpc_thread: trpc_send_msg failed."); + /* Assume this means we lost the connection. */ + exit_loop = 1; } } - else - tr_notice("tr_trpc_thread: unknown message '%s' received.", msg_type); - - tr_mq_msg_free(msg); - } - if (n_sent==0) - tr_err("tr_trpc_thread: notified of msg, but queue empty"); - else - tr_debug("tr_trpc_thread: sent %d messages.", n_sent); + } else + tr_notice("tr_trpc_thread: unknown message '%s' received.", msg_type); + + tr_mq_msg_free(msg); + } else { + tr_warning("tr_trpc_thread: no outgoing messages to %.*s for 10 minutes", + peer_gssname->len, peer_gssname->buf); } } } - tr_debug("tr_trpc_thread: exiting."); - msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_DISCONNECTED, TR_MQ_PRIO_HIGH); + /* Send a DISCONNECTED message to the main thread */ + tr_debug("tr_trpc_thread: notifying main thread of disconnection."); + msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_DISCONNECTED, TR_MQ_PRIO_NORMAL); tr_mq_msg_set_payload(msg, (void *)trpc, NULL); /* do not pass a free routine */ - if (msg==NULL) + if (msg==NULL) { + /* can't notify main thread */ tr_err("tr_trpc_thread: error allocating TR_MQ_MSG"); - else + } else { trps_mq_add(trps, msg); - - trpc_mq_clear(trpc); /* clear any queued messages */ + } talloc_free(tmp_ctx); + tr_debug("tr_trpc_thread: thread terminating."); return NULL; } @@ -754,7 +798,7 @@ TRP_RC tr_add_local_routes(TRPS_INSTANCE *trps, TR_CFG *cfg) if (trust_router_name==NULL) return TRP_NOMEM; - for (cur=cfg->idp_realms; cur!=NULL; cur=cur->next) { + for (cur=cfg->ctable->idp_realms; cur!=NULL; cur=cur->next) { local_routes=tr_make_local_routes(tmp_ctx, cur, trust_router_name, &n_routes); for (ii=0; iitrps; + char *table_str=NULL; tr->cfgwatch->poll_interval.tv_sec=new_cfg->internal->cfg_poll_interval; tr->cfgwatch->poll_interval.tv_usec=0; @@ -830,10 +875,28 @@ void tr_config_changed(TR_CFG *new_cfg, void *cookie) tr->cfgwatch->settling_time.tv_sec=new_cfg->internal->cfg_settling_time; tr->cfgwatch->settling_time.tv_usec=0; + /* These need to be updated */ + tr->tids->hostname = new_cfg->internal->hostname; + tr->mons->hostname = new_cfg->internal->hostname; + + /* Update the authorized monitoring gss names */ + if (tr->mons->authorized_gss_names) { + tr_debug("tr_config_changed: freeing tr->mons->authorized_gss_names"); + tr_gss_names_free(tr->mons->authorized_gss_names); + } + if (new_cfg->internal->monitoring_credentials != NULL) { + tr->mons->authorized_gss_names = tr_gss_names_dup(tr->mons, new_cfg->internal->monitoring_credentials); + } else { + tr->mons->authorized_gss_names = tr_gss_names_new(tr->mons); + } + if (tr->mons->authorized_gss_names == NULL) { + tr_err("tr_config_changed: Error configuring monitoring credentials"); + } + trps_set_connect_interval(trps, new_cfg->internal->trp_connect_interval); trps_set_update_interval(trps, new_cfg->internal->trp_update_interval); trps_set_sweep_interval(trps, new_cfg->internal->trp_sweep_interval); - trps_set_ctable(trps, new_cfg->comms); + trps_set_ctable(trps, new_cfg->ctable); trps_set_ptable(trps, new_cfg->peers); trps_set_peer_status_callback(trps, tr_peer_status_change, (void *)trps); trps_clear_rtable(trps); /* should we do this every time??? */ @@ -841,6 +904,15 @@ void tr_config_changed(TR_CFG *new_cfg, void *cookie) trps_update_active_routes(trps); /* find new routes */ trps_update(trps, TRP_UPDATE_TRIGGERED); /* send any triggered routes */ tr_print_config(new_cfg); - tr_trps_print_route_table(trps, stderr); + table_str=tr_trps_route_table_to_str(NULL, trps); + if (table_str!=NULL) { + tr_info(table_str); + talloc_free(table_str); + } + table_str=tr_trps_comm_table_to_str(NULL, trps); + if (table_str!=NULL) { + tr_info(table_str); + talloc_free(table_str); + } }