- Check idp_realm APC membership in TR
- Map a COI to an APC in TR (incl config & lookup code)
IN PROGRESS - TIDS integration with freeradius server (Sam)
-IN PROGRESS - TIDC integration with freeradius proxy (incl default comm config)
+IN PROGRESS - TIDC integration with freeradius proxy (w/default comm config)
- Handle per-request community configuration in AAA proxy
- Resolve TBDs for error handling and memory deallocation
- Keep single connection open between AAA proxy & TR for TID requests
- Normalize/configure logging for info msgs, warnings and errors (log4c)
- Clean-up gsscon API and messages
+- Figure out what to do about commented-out checks in gsscon_passive.c
- Handle IPv6 addresses in TID req/resp (use getaddrinfo())
- Implement rp_permitted filters (incl. general filtering mechanism)
- Add constraints to TID req in TR, store and use them in AAA Server
return -1;
}
- /* Hard-code the IP Address in the response. If this were a AAA server, we'd expect
- * this to be set by the Trust Router before calling us.
- */
- if (0 == inet_aton("127.0.0.1", &((*resp)->servers->aaa_server_addr))) {
+ if (0 == inet_aton(tids->ipaddr, &((*resp)->servers->aaa_server_addr))) {
printf("tids_req_handler(): inet_aton() failed.\n");
return -1;
}
{
TIDS_INSTANCE *tids;
int rc = 0;
+ char *ipaddr = NULL;
/* Parse command-line arguments */
- if (argc > 2)
- printf("Unexpected arguments, ignored.\n");
+ if (argc > 3)
+ printf("Usage: %s [<ip-address> [<database-name>]]\n", argv[0]);
- /*If we have a database, open and prepare*/
if (argc >= 2) {
- if (SQLITE_OK != sqlite3_open(argv[1], &db)) {
- printf("Error opening database\n");
+ ipaddr = (char *)argv[1];
+ } else {
+ ipaddr = "127.0.0.1";
+ }
+
+ /* TBD -- check that input is a valid IP address? */
+
+ /*If we have a database, open and prepare*/
+ if (argc == 3) {
+ if (SQLITE_OK != sqlite3_open(argv[2], &db)) {
+ printf("Error opening database %s\n", argv[2]);
exit(1);
}
sqlite3_prepare_v2(db, "insert into psk_keys (keyid, key) values(?, ?)",
return 1;
}
+ tids->ipaddr = ipaddr;
+
/* Start-up the server, won't return unless there is an error. */
rc = tids_start(tids, &tids_req_handler , NULL);
req->resp_rcvd = 1;
/* TBD -- handle concatentation of multiple responses to single req */
- tids_send_response(((TR_RESP_COOKIE *)resp_cookie)->tr->tids, ((TR_RESP_COOKIE *)resp_cookie)->orig_req->conn, ((TR_RESP_COOKIE *)resp_cookie)->orig_req->gssctx, resp);
+ tids_send_response(((TR_RESP_COOKIE *)resp_cookie)->tr->tids, ((TR_RESP_COOKIE *)resp_cookie)->orig_req->conn, &((TR_RESP_COOKIE *)resp_cookie)->orig_req->gssctx, resp);
return;
}