--- /dev/null
+/*
+ * Copyright (c) 2012, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <trust_router/tr_name.h>
+#include <tr_rp.h>
+#include <tr_config.h>
+#include <tr.h>
+
+TR_RP_CLIENT *tr_rp_client_lookup(TR_INSTANCE *tr, TR_NAME *gss_name) {
+ TR_RP_CLIENT *rp = NULL;
+ int i = 0;
+
+ if ((!tr) || (!tr->active_cfg) || (!gss_name)) {
+ fprintf(stderr, "tr_rp_client_lookup: Bad parameters.\n");
+ return NULL;
+ }
+
+ for (rp = tr->active_cfg->rp_clients; NULL != rp; rp = rp->next) {
+ for (i = 0; i < TR_MAX_GSS_NAMES; i++) {
+ if (!strcmp(gss_name->buf, rp->gss_names[i]->buf)) {
+ return rp;
+ }
+ }
+ }
+ return NULL;
+ }
TID_REQ *orig_req;
} TR_RESP_COOKIE;
+
static void tr_tidc_resp_handler (TIDC_INSTANCE *tidc,
TID_REQ *req,
TID_RESP *resp,
return 0;
}
+static int tr_tidc_gss_handler(gss_name_t *clientName, TR_NAME *displayName,
+ void *tr)
+{
+ RP_CLIENT *rp;
+
+ if ((!client_name) || (!display_name) || (!tr)) {
+ fprintf(stderr, "tr_tidc_gss_handler: Bad parameters.\n");
+ return -1;
+ }
+
+ /* look up the RP client matching the GSS name */
+ if ((NULL == (rp = tr_rp_client_lookup(tr, gss_name)))) {
+ fprintf(stderr, "tr_tids_gss_handler: Unknown GSS name %s", gss_name->buf);
+ return -1;
+ }
+
+ /* check if the gss name matches the filter in the rp realm */
+ if (!tr_prefix_wildcard_match(gss_name->buf, rp->rp_match->buf)) {
+ fprintf(stderr, "tr_tids_gss_handler: RP realm does not match, realm %s, math %s\n", gss_name_buf, rp->rp_match->buf);
+ return -1;
+ }
+
+ /* Otherwise, all is well... */
+ return 0;
+}
+
+
int main (int argc, const char *argv[])
{
TR_INSTANCE *tr = NULL;
}
/* start the trust path query server, won't return unless fatal error. */
- if (0 != (err = tids_start(tr->tids, &tr_tids_req_handler, (void *)tr))) {
+ if (0 != (err = tids_start(tr->tids, &tr_tids_req_handler, &tr_tids_gss_handler, (void *)tr))) {
fprintf (stderr, "Error from Trust Path Query Server, err = %d.\n", err);
exit(err);
}
projects / trust_router.git / commitdiff