}
/**
+ * Parse a signed integer
+ *
+ * If the key does not exist in the src object, returns success but does fill in *dest.
+ *
+ * @param src JSON object to pull a value from
+ * @param key key to pull
+ * @param dest (output) pointer to an allocated integer
+ * @return TR_CFG_SUCCESS or an error code
+ */
+static TR_CFG_RC tr_cfg_parse_integer(json_t *src, const char *key, int *dest)
+{
+ json_t *jtmp;
+
+ /* Validate parameters */
+ if ((src == NULL) || (key == NULL) || (dest == NULL))
+ return TR_CFG_BAD_PARAMS;
+
+ /* See if we have a value for this key; do nothing if not */
+ jtmp = json_object_get(src, key);
+ if (jtmp) {
+ if (json_is_number(jtmp)) {
+ *dest = (int) json_integer_value(jtmp);
+ } else {
+ tr_debug("tr_cfg_parse_unsigned: Parsing error, %s is not a number.", key);
+ return TR_CFG_NOPARSE;
+ }
+ }
+
+ return TR_CFG_SUCCESS;
+}
+
+/**
* Parse an unsigned integer
*
* If the key does not exist in the src object, returns success but does fill in *dest.
/* See if we have a value for this key; do nothing if not */
jtmp = json_object_get(src, key);
if (jtmp) {
- if (json_is_number(jtmp)) {
- *dest = (unsigned int) json_integer_value(jtmp);
- } else {
+ if (! json_is_number(jtmp)) {
tr_debug("tr_cfg_parse_unsigned: Parsing error, %s is not a number.", key);
return TR_CFG_NOPARSE;
+ } else if (json_integer_value(jtmp) < 0) {
+ tr_debug("tr_cfg_parse_unsigned: Value %d < 0.", json_integer_value(jtmp));
+ return TR_CFG_NOPARSE;
+ } else {
+ *dest = (unsigned int) json_integer_value(jtmp);
}
}
cfg->max_tree_depth = TR_DEFAULT_MAX_TREE_DEPTH;
cfg->tids_port = TR_DEFAULT_TIDS_PORT;
cfg->trps_port = TR_DEFAULT_TRPS_PORT;
- cfg->monitoring_port = TR_DEFAULT_MONITORING_PORT;
+ cfg->mons_port = TR_DEFAULT_MONITORING_PORT;
cfg->cfg_poll_interval = TR_CFGWATCH_DEFAULT_POLL;
cfg->cfg_settling_time = TR_CFGWATCH_DEFAULT_SETTLE;
cfg->trp_connect_interval = TR_DEFAULT_TRP_CONNECT_INTERVAL;
NOPARSE_UNLESS(tr_cfg_parse_boolean(jmon, "enabled", &enabled));
if (enabled) {
- NOPARSE_UNLESS(tr_cfg_parse_unsigned(jmon, "port", &(trc->internal->monitoring_port)));
+ NOPARSE_UNLESS(tr_cfg_parse_integer(jmon, "port", &(trc->internal->mons_port)));
NOPARSE_UNLESS(tr_cfg_parse_gss_names(trc->internal,
json_object_get(jmon, "authorized_credentials"),
&(trc->internal->monitoring_credentials)));
talloc_steal(trc->internal, trc->internal->hostname);
NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "max_tree_depth", &(trc->internal->max_tree_depth)));
- NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "tids_port", &(trc->internal->tids_port)));
- NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "trps_port", &(trc->internal->trps_port)));
+ NOPARSE_UNLESS(tr_cfg_parse_integer(jint, "tids_port", &(trc->internal->tids_port)));
+ NOPARSE_UNLESS(tr_cfg_parse_integer(jint, "trps_port", &(trc->internal->trps_port)));
NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "cfg_poll_interval", &(trc->internal->cfg_poll_interval)));
NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "cfg_settling_time", &(trc->internal->cfg_settling_time)));
NOPARSE_UNLESS(tr_cfg_parse_unsigned(jint, "trp_connect_interval", &(trc->internal->trp_connect_interval)));
tr_debug("tr_cfg_parse_internal: Internal config parsed.");
return TR_CFG_SUCCESS;
}
+
+ static int invalid_port(int port)
+ {
+ return ((port <= 0) || (port > 65536));
+ }
+
+ /**
+ * Validate the internal configuration of the trust router
+ *
+ * Validates fields, emitting errors if there are any. Safe to call with
+ * a null int_cfg, but this results in an error being returned.
+ *
+ * @param int_cfg pointer to an internal configuration (NULL is safe)
+ * @return success or error
+ */
+ TR_CFG_RC tr_cfg_validate_internal(TR_CFG_INTERNAL *int_cfg)
+ {
+ TR_CFG_RC rc;
+
+ /* ensure we have an internal configuration and exit if not */
+ if (NULL == int_cfg) {
+ tr_debug("tr_cfg_validate_internal: No internal configuration present.");
+ return TR_CFG_BAD_PARAMS;
+ }
+
+ /* Assume we are going to succeed. If any errors are encountered, emit a message
+ * and set the return code to an error. Don't exit early, emit all the errors
+ * at once if we can. */
+ rc = TR_CFG_SUCCESS;
+
+ /*** Validate hostname ***/
+ if (NULL == int_cfg->hostname) {
+ tr_debug("tr_cfg_validate_internal: No hostname specified.");
+ rc = TR_CFG_ERROR;
+ }
+
+ /*** Validate various intervals ***/
+ if (TR_MIN_TRP_CONNECT_INTERVAL > int_cfg->trp_connect_interval) {
+ tr_debug(
+ "tr_cfg_validate_internal: Error: trp_connect_interval must be at least %d (currently %d).",
+ TR_MIN_TRP_CONNECT_INTERVAL, int_cfg->trp_connect_interval);
+ rc = TR_CFG_ERROR;
+ }
+
+ if (TR_MIN_TRP_SWEEP_INTERVAL > int_cfg->trp_sweep_interval) {
+ tr_debug(
+ "tr_cfg_validate_internal: Error: trp_sweep_interval must be at least %d (currently %d).",
+ TR_MIN_TRP_SWEEP_INTERVAL, int_cfg->trp_sweep_interval);
+ rc = TR_CFG_ERROR;
+ }
+
+ if (TR_MIN_TRP_UPDATE_INTERVAL > int_cfg->trp_update_interval) {
+ tr_debug(
+ "tr_cfg_validate_internal: Error: trp_update_interval must be at least %d (currently %d).",
+ TR_MIN_TRP_UPDATE_INTERVAL, int_cfg->trp_update_interval);
+ rc = TR_CFG_ERROR;
+ }
+
+ if (TR_MIN_CFG_POLL_INTERVAL > int_cfg->cfg_poll_interval) {
+ tr_debug(
+ "tr_cfg_validate_internal: Error: cfg_poll_interval must be at least %d (currently %d).",
+ TR_MIN_CFG_POLL_INTERVAL, int_cfg->cfg_poll_interval);
+ rc = TR_CFG_ERROR;
+ }
+
+ if (TR_MIN_CFG_SETTLING_TIME > int_cfg->cfg_settling_time) {
+ tr_debug(
+ "tr_cfg_validate_internal: Error: cfg_settling_time must be at least %d (currently %d).",
+ TR_MIN_CFG_SETTLING_TIME, int_cfg->cfg_settling_time);
+ rc = TR_CFG_ERROR;
+ }
+
+ /*** Validate ports ***/
+ if (invalid_port(int_cfg->tids_port)) {
+ tr_debug("tr_cfg_validate_internal: Error: invalid tids_port (%d).", int_cfg->tids_port);
+ rc = TR_CFG_ERROR;
+ }
+
+ if (invalid_port(int_cfg->trps_port)) {
+ tr_debug("tr_cfg_validate_internal: Error: invalid trps_port (%d).", int_cfg->trps_port);
+ rc = TR_CFG_ERROR;
+ }
+
+ if (invalid_port(int_cfg->monitoring_port)) {
+ tr_debug("tr_cfg_validate_internal: Error: invalid monitoring port (%d).", int_cfg->monitoring_port);
+ rc = TR_CFG_ERROR;
+ }
+
+ /*** Validate tid request timeout ***/
+ if (TR_MIN_TID_REQ_TIMEOUT > int_cfg->tid_req_timeout) {
+ tr_debug("tr_cfg_validate_internal: Error: tid_request_timeout must be at least %d (currently %d).",
+ TR_MIN_TID_REQ_TIMEOUT, int_cfg->tid_req_timeout);
+ rc = TR_CFG_ERROR;
+ }
+
+ /*** Validate tid response parameters ***/
+ if ((int_cfg->tid_resp_numer <= 0)
+ || (int_cfg->tid_resp_denom <= 0)
+ || (int_cfg->tid_resp_numer > int_cfg->tid_resp_denom)) {
+ tr_debug("tr_cfg_validate_internal: Error: invalid tid_response_numerator / tid_response_denominator. Both must be positive and the numerator/denominator ratio must be <= 1 (currently %d/%d).",
+ int_cfg->tid_resp_numer, int_cfg->tid_resp_denom);
+ rc = TR_CFG_ERROR;
+ }
+ return rc;
+ }
TIDS_REQ_FUNC *req_handler,
tids_auth_func *auth_handler,
const char *hostname,
- unsigned int port,
+ int port,
void *cookie,
int *fd_out,
size_t max_fd)
n_fd = tr_sock_listen_all(port, fd_out, max_fd);
if (n_fd == 0)
- tr_err("tids_get_listener: Error opening port %d");
+ tr_err("tids_get_listener: Error opening port %d", port);
else {
/* opening port succeeded */
tr_info("tids_get_listener: Opened port %d.", port);
struct tid_process tp = {0};
if (0 > (conn = tr_sock_accept(listen))) {
- tr_err("tids_accept: Error accepting connection");
+ tr_debug("tids_accept: Error accepting connection");
return 1;
}
}
/* Process tids requests forever. Should not return except on error. */
-int tids_start (TIDS_INSTANCE *tids,
- TIDS_REQ_FUNC *req_handler,
- tids_auth_func *auth_handler,
- const char *hostname,
- unsigned int port,
- void *cookie)
+int tids_start(TIDS_INSTANCE *tids,
+ TIDS_REQ_FUNC *req_handler,
+ tids_auth_func *auth_handler,
+ const char *hostname,
+ int port,
+ void *cookie)
{
int fd[TR_MAX_SOCKETS]={0};
nfds_t n_fd=0;
if (poll_fd[ii].revents & POLLIN) {
if (tids_accept(tids, poll_fd[ii].fd))
- tr_err("tids_start: error in tids_accept().");
+ tr_debug("tids_start: error in tids_accept().");
}
}
}
projects / trust_router.git / commitdiff