{
return tr_dup_name(apc->id);;
}
+
+
+char *tr_apc_to_str(TALLOC_CTX *mem_ctx, TR_APC *apc)
+{
+ return talloc_strndup(mem_ctx, apc->id->buf, apc->id->len);
+}
void tr_print_comm_idps (TR_IDP_REALM *idp_list) {
TR_IDP_REALM *idp = NULL;
+ char *s=NULL;
for (idp = idp_list; NULL != idp; idp = idp->comm_next) {
- tr_notice("tr_print_config: - @%s", idp->realm_id->buf);
+ s=tr_idp_realm_to_str(NULL, idp);
+ if (s!=NULL)
+ tr_notice("tr_print_config: - @%s", s);
+ else
+ tr_notice("tr_print_config: unable to allocate idp output string.");
}
}
}
return head;
}
+
+static int tr_idp_realm_apc_count(TR_IDP_REALM *idp)
+{
+ int ii=0;
+ TR_APC *apc=idp->apcs;
+ while (apc!=NULL) {
+ apc=apc->next;
+ ii++;
+ }
+ return ii;
+}
+
+static int tr_idp_realm_aaa_server_count(TR_IDP_REALM *idp)
+{
+ int ii=0;
+ TR_AAA_SERVER *aaa=idp->aaa_servers;
+ while (aaa!=NULL) {
+ aaa=aaa->next;
+ ii++;
+ }
+ return ii;
+}
+
+static char *tr_aaa_server_to_str(TALLOC_CTX *mem_ctx, TR_AAA_SERVER *aaa)
+{
+ return talloc_strndup(mem_ctx, aaa->hostname->buf, aaa->hostname->len);
+}
+
+char *tr_idp_realm_to_str(TALLOC_CTX *mem_ctx, TR_IDP_REALM *idp)
+{
+ TALLOC_CTX *tmp_ctx=talloc_new(NULL);
+ char **s_aaa=NULL, *aaa_servers=NULL;
+ char **s_apc=NULL, *apcs=NULL;
+ int ii=0, aaa_servers_strlen=0, apcs_strlen=0;
+ int n_aaa_servers=tr_idp_realm_aaa_server_count(idp);
+ int n_apcs=tr_idp_realm_apc_count(idp);
+ TR_AAA_SERVER *aaa=NULL;
+ TR_APC *apc=NULL;
+ char *result=NULL;
+
+ /* get the AAA servers */
+ if (n_aaa_servers<=0)
+ aaa_servers=talloc_strdup(tmp_ctx, "");
+ else {
+ s_aaa=talloc_array(tmp_ctx, char *, n_aaa_servers);
+ for (aaa=idp->aaa_servers,ii=0; aaa!=NULL; aaa=aaa->next,ii++) {
+ s_aaa[ii]=tr_aaa_server_to_str(s_aaa, aaa);
+ aaa_servers_strlen+=strlen(s_aaa[ii]);
+ }
+
+ /* add space for comma-space separators */
+ aaa_servers_strlen+=2*(n_aaa_servers-1);
+
+ aaa_servers=talloc_array(tmp_ctx, char, aaa_servers_strlen+1);
+ aaa_servers[0]='\0';
+ for (ii=0; ii<n_aaa_servers; ii++) {
+ strcat(aaa_servers, s_aaa[ii]);
+ if (ii<(n_aaa_servers-1))
+ strcat(aaa_servers, ", ");
+ }
+ talloc_free(s_aaa);
+ }
+
+ /* get the APCs */
+ if (n_apcs<=0)
+ apcs=talloc_strdup(tmp_ctx, "");
+ else {
+ s_apc=talloc_array(tmp_ctx, char *, n_apcs);
+ for (apc=idp->apcs,ii=0; apc!=NULL; apc=apc->next,ii++) {
+ s_apc[ii]=tr_apc_to_str(s_apc, apc);
+ apcs_strlen+=strlen(s_apc[ii]);
+ }
+
+ /* add space for comma-space separators */
+ apcs_strlen+=2*(n_apcs-1);
+
+ apcs=talloc_array(tmp_ctx, char, apcs_strlen+1);
+ apcs[0]='\0';
+ for (ii=0; ii<n_apcs; ii++) {
+ strcat(apcs, s_apc[ii]);
+ if (ii<(n_apcs-1))
+ strcat(apcs, ", ");
+ }
+ talloc_free(s_apc);
+ }
+
+ result=talloc_asprintf(mem_ctx,
+ "IDP realm: \"%.*s\"\n"
+ " shared: %s\n"
+ " local: %s\n"
+ " AAA servers: %s\n"
+ " APCs: %s\n",
+ idp->realm_id->len, idp->realm_id->buf,
+ (idp->shared_config)?"yes":"no",
+ (idp->origin==TR_REALM_LOCAL)?"yes":"no",
+ aaa_servers,
+ apcs);
+ talloc_free(tmp_ctx);
+ return result;
+}
char *tr_msg_encode(TR_MSG *msg)
{
- json_t *jmsg;
- json_t *jmsg_type;
- char *encoded;
+ json_t *jmsg=NULL;
+ json_t *jmsg_type=NULL;
+ char *encoded=NULL;
+ TID_RESP *tidresp=NULL;
+ TID_REQ *tidreq=NULL;
+ TRP_UPD *trpupd=NULL;
+ TRP_REQ *trpreq=NULL;
/* TBD -- add error handling */
jmsg = json_object();
case TID_REQUEST:
jmsg_type = json_string("tid_request");
json_object_set_new(jmsg, "msg_type", jmsg_type);
- json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidreq(tr_msg_get_req(msg)));
+ tidreq=tr_msg_get_req(msg);
+ json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidreq(tidreq));
break;
case TID_RESPONSE:
jmsg_type = json_string("tid_response");
json_object_set_new(jmsg, "msg_type", jmsg_type);
- json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidresp(tr_msg_get_resp(msg)));
+ tidresp=tr_msg_get_resp(msg);
+ json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidresp(tidresp));
break;
case TRP_UPDATE:
jmsg_type = json_string("trp_update");
json_object_set_new(jmsg, "msg_type", jmsg_type);
- json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_upd(tr_msg_get_trp_upd(msg)));
+ trpupd=tr_msg_get_trp_upd(msg);
+ json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_upd(trpupd));
break;
case TRP_REQUEST:
jmsg_type = json_string("trp_request");
json_object_set_new(jmsg, "msg_type", jmsg_type);
- json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_req(tr_msg_get_trp_req(msg)));
+ trpreq=tr_msg_get_trp_req(msg);
+ json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_req(trpreq));
break;
default:
TR_NAME *tr_apc_get_id(TR_APC *apc);
TR_NAME *tr_apc_dup_id(TR_APC *apc);
+char *tr_apc_to_str(TALLOC_CTX *mem_ctx, TR_APC *apc);
+
#endif
TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx);
TR_IDP_REALM *tr_idp_realm_add(TR_IDP_REALM *head, TR_IDP_REALM *new);
+char *tr_idp_realm_to_str(TALLOC_CTX *mem_ctx, TR_IDP_REALM *idp);
TR_AAA_SERVER *tr_aaa_server_new(TALLOC_CTX *mem_ctx, TR_NAME *hostname);
void tr_aaa_server_free(TR_AAA_SERVER *aaa);
#ifndef TR_TID_H
#define TR_TID_H
+#include <trp_internal.h>
#include <tr_event.h>
#include <tr_config.h>
int tr_tids_event_init(struct event_base *base,
TIDS_INSTANCE *tids,
TR_CFG_MGR *cfg_mgr,
+ TRPS_INSTANCE *trps,
struct tr_socket_event *tids_ev);
#endif /* TR_TID_H */
else
use_port = port;
+ tr_debug("tidc_open_connection: opening tidc connection to %s:%d", server, port);
err = gsscon_connect(server, use_port, "trustidentity", &conn, gssctx);
if (!err)
goto error;
}
- if (resp_handler)
+ if (resp_handler) {
/* Call the caller's response function */
+ tr_debug("tidc_fwd_request: calling response callback function.");
(*resp_handler)(tidc, tid_req, tr_msg_get_resp(resp_msg), cookie);
+ }
goto cleanup;
error:
static int tids_handle_request (TIDS_INSTANCE *tids, TR_MSG *mreq, TID_RESP *resp)
{
- int rc;
+ int rc=-1;
/* Check that this is a valid TID Request. If not, send an error return. */
if ((!tr_msg_get_req(mreq)) ||
return -1;
}
+ tr_debug("tids_handle_request: adding self to req path.");
tid_req_add_path(tr_msg_get_req(mreq), tids->hostname, tids->tids_port);
/* Call the caller's request handler */
/* TBD -- Handle different error returns/msgs */
if (0 > (rc = (*tids->req_handler)(tids, tr_msg_get_req(mreq), resp, tids->cookie))) {
/* set-up an error response */
+ tr_debug("tids_handle_request: req_handler returned error.");
resp->result = TID_ERROR;
if (!resp->err_msg) /* Use msg set by handler, if any */
resp->err_msg = tr_new_name("Internal processing error");
}
else {
/* set-up a success response */
+ tr_debug("tids_handle_request: req_handler returned success.");
resp->result = TID_SUCCESS;
resp->err_msg = NULL; /* No error msg on successful return */
}
if (0 != tr_tids_event_init(ev_base,
tr->tids,
tr->cfg_mgr,
+ tr->trps,
&tids_ev)) {
tr_crit("Error initializing Trust Path Query Server instance.");
return 1;
int oaction = TR_FILTER_ACTION_REJECT;
int rc = 0;
time_t expiration_interval=0;
- struct tr_tids_event_cookie *cookie=(struct tr_tids_event_cookie *)cookie_in;
- TR_CFG_MGR *cfg_mgr=talloc_get_type_abort(cookie, TR_CFG_MGR);
- TRPS_INSTANCE *trps=talloc_get_type_abort(cookie, TRPS_INSTANCE);
+ struct tr_tids_event_cookie *cookie=talloc_get_type_abort(cookie_in, struct tr_tids_event_cookie);
+ TR_CFG_MGR *cfg_mgr=cookie->cfg_mgr;
+ TRPS_INSTANCE *trps=cookie->trps;
TRP_ROUTE *route=NULL;
int retval=-1;
}
/* Look up the route for this community/realm. */
+ tr_debug("tr_tids_req_handler: looking up route.");
route=trps_get_selected_route(trps, orig_req->comm, orig_req->realm);
if (route==NULL) {
tr_notice("tr_tids_req_handler: no route table entry found for realm (%s) in community (%s).",
retval=-1;
goto cleanup;
}
+ tr_debug("tr_tids_req_handler: found route.");
if (trp_route_is_local(route)) {
+ tr_debug("tr_tids_req_handler: route is local.");
aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->idp_realms,
orig_req->realm,
orig_req->comm);
} else {
+ tr_debug("tr_tids_req_handler: route not local.");
aaa_servers = tr_aaa_server_new(tmp_ctx, trp_route_get_next_hop(route));
}
retval=-1;
goto cleanup;
}
+
+ /* success! */
+ retval=0;
cleanup:
talloc_free(tmp_ctx);
void *data)
{
TR_RP_CLIENT *rp;
- struct tr_tids_event_cookie *cookie=(struct tr_tids_event_cookie *)data;
+ struct tr_tids_event_cookie *cookie=talloc_get_type_abort(data, struct tr_tids_event_cookie);
TIDS_INSTANCE *tids = cookie->tids;
TR_CFG_MGR *cfg_mgr = cookie->cfg_mgr;
int tr_tids_event_init(struct event_base *base,
TIDS_INSTANCE *tids,
TR_CFG_MGR *cfg_mgr,
+ TRPS_INSTANCE *trps,
struct tr_socket_event *tids_ev)
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
}
cookie->tids=tids;
cookie->cfg_mgr=cfg_mgr;
+ cookie->trps=trps;
talloc_steal(tids, cookie);
/* get a tids listener */
tr_add_local_routes(trps, new_cfg); /* should we do this every time??? */
trps_update_active_routes(trps); /* find new routes */
trps_update(trps, TRP_UPDATE_TRIGGERED); /* send any triggered routes */
+ tr_print_config(new_cfg);
tr_trps_print_route_table(trps, stderr);
}
TRP_ROUTE **ret=NULL;
TR_NAME **peer=NULL;
+ tr_debug("trp_rtable_get_realm_entries: entered.");
peer=trp_rtable_get_comm_realm_peers(rtbl, comm, realm, n_out);
ret=talloc_array(NULL, TRP_ROUTE *, *n_out);
if (ret==NULL) {
if (n==0)
return NULL;
+ tr_debug("trp_rtable_get_selected_entry: looking through route table entries for realm %.*s.",
+ realm->len, realm->buf);
while(n-- && !trp_route_is_selected(entry[n])) { }
- selected=entry[n];
+ tr_debug("trp_rtable_get_selected_entry: n=%d.", n);
+
+ if (n>=0)
+ selected=entry[n];
+
talloc_free(entry);
return selected;
}
TRP_ROUTE *trps_get_selected_route(TRPS_INSTANCE *trps, TR_NAME *comm, TR_NAME *realm)
{
+ tr_debug("trps_get_selected_route: entered. trps=%p, comm=%p, realm=%p", trps, comm, realm);
return trp_rtable_get_selected_entry(trps->rtable, comm, realm);
}