* Add path as requests are received at a tids
* Calculate expiration in tids
* Insert expiration into database
* Update schema
* tids now requires glib
tid_example_tids_SOURCES = tid/example/tids_main.c
tid_example_tids_SOURCES = tid/example/tids_main.c
-tid_example_tids_LDADD = gsscon/libgsscon.la libtr_tid.la
+tid_example_tids_LDADD = gsscon/libgsscon.la libtr_tid.la $(GLIB_LIBS)
common_dh_test_tr_dh_test_SOURCES = common/tr_dh.c \
common/tr_debug.c \
common_dh_test_tr_dh_test_SOURCES = common/tr_dh.c \
common/tr_debug.c \
TIDS_REQ_FUNC *req_handler;
tids_auth_func *auth_handler;
void *cookie;
TIDS_REQ_FUNC *req_handler;
tids_auth_func *auth_handler;
void *cookie;
-create table if not exists psk_keys (keyid text primary key, key blob, client_dh_pub raw(20));
+create table if not exists psk_keys (keyid text primary key, key blob, client_dh_pub raw(20), key expiration timestamp);
create table if not exists authorizations( client_dh_pub raw(20), coi string, acceptor_realm string, hostname string, apc string);
create index if not exists authorizations_dhpub on authorizations( client_dh_pub);
CREATE VIEW if not exists authorizations_keys as select keyid, authorizations.* from psk_keys join authorizations on psk_keys.client_dh_pub = authorizations.client_dh_pub;
create table if not exists authorizations( client_dh_pub raw(20), coi string, acceptor_realm string, hostname string, apc string);
create index if not exists authorizations_dhpub on authorizations( client_dh_pub);
CREATE VIEW if not exists authorizations_keys as select keyid, authorizations.* from psk_keys join authorizations on psk_keys.client_dh_pub = authorizations.client_dh_pub;
- * Copyright (c) 2012, JANET(UK)
+ * Copyright (c) 2012, 2015, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
/* Allocate a new server block */
if (NULL == (resp->servers = malloc(sizeof(TID_SRVR_BLK)))){
tr_crit("tids_req_handler(): malloc failed.");
/* Allocate a new server block */
if (NULL == (resp->servers = malloc(sizeof(TID_SRVR_BLK)))){
tr_crit("tids_req_handler(): malloc failed.");
}
if (0 != handle_authorizations(req, pub_digest, pub_digest_len))
return -1;
}
if (0 != handle_authorizations(req, pub_digest, pub_digest_len))
return -1;
+ resp->servers->path = req->path;
+ if (req->expiration_interval < 1)
+ req->expiration_interval = 1;
+ g_get_current_time(&resp->servers->key_expiration);
+ resp->servers->key_expiration.tv_sec += req->expiration_interval;
+
if (NULL != insert_stmt) {
int sqlite3_result;
if (NULL != insert_stmt) {
int sqlite3_result;
- sqlite3_bind_text(insert_stmt, 1, key_id, -1, SQLITE_TRANSIENT);
+ gchar *expiration_str = g_time_val_to_iso8601(&resp->servers->key_expiration);
+ sqlite3_bind_text(insert_stmt, 1, key_id, -1, SQLITE_TRANSIENT);
sqlite3_bind_blob(insert_stmt, 2, s_keybuf, s_keylen, SQLITE_TRANSIENT);
sqlite3_bind_blob(insert_stmt, 3, pub_digest, pub_digest_len, SQLITE_TRANSIENT);
sqlite3_bind_blob(insert_stmt, 2, s_keybuf, s_keylen, SQLITE_TRANSIENT);
sqlite3_bind_blob(insert_stmt, 3, pub_digest, pub_digest_len, SQLITE_TRANSIENT);
+ sqlite3_bind_text(insert_stmt, 3, expiration_str, -1, SQLITE_TRANSIENT);
sqlite3_result = sqlite3_step(insert_stmt);
if (SQLITE_DONE != sqlite3_result)
tr_crit("sqlite3: failed to write to database");
sqlite3_result = sqlite3_step(insert_stmt);
if (SQLITE_DONE != sqlite3_result)
tr_crit("sqlite3: failed to write to database");
exit(1);
}
sqlite3_busy_timeout( db, 1000);
exit(1);
}
sqlite3_busy_timeout( db, 1000);
- sqlite3_prepare_v2(db, "insert into psk_keys (keyid, key, client_dh_pub) values(?, ?, ?)",
+ sqlite3_prepare_v2(db, "insert into psk_keys (keyid, key, client_dh_pub, key_expiration) values(?, ?, ?, ?)",
-1, &insert_stmt, NULL);
sqlite3_prepare_v2(db, "insert into authorizations (client_dh_pub, coi, acceptor_realm, hostname, apc) values(?, ?, ?, ?, ?)",
-1, &authorization_insert, NULL);
-1, &insert_stmt, NULL);
sqlite3_prepare_v2(db, "insert into authorizations (client_dh_pub, coi, acceptor_realm, hostname, apc) values(?, ?, ?, ?, ?)",
-1, &authorization_insert, NULL);
#include <stdio.h>
#include <jansson.h>
#include <stdio.h>
#include <jansson.h>
#include <trust_router/tr_dh.h>
#include <tid_internal.h>
#include <trust_router/tr_dh.h>
#include <tid_internal.h>
{
TIDC_INSTANCE *tidc = NULL;
{
TIDC_INSTANCE *tidc = NULL;
- if (tidc = malloc(sizeof(TIDC_INSTANCE)))
- memset(tidc, 0, sizeof(TIDC_INSTANCE));
- else
+ if (NULL == (tidc = talloc_zero(NULL, TIDC_INSTANCE)))
return NULL;
return tidc;
return NULL;
return tidc;
void tidc_destroy (TIDC_INSTANCE *tidc)
{
void tidc_destroy (TIDC_INSTANCE *tidc)
{
- if (tidc)
- free(tidc);
}
int tidc_open_connection (TIDC_INSTANCE *tidc,
}
int tidc_open_connection (TIDC_INSTANCE *tidc,
- * Copyright (c) 2012, JANET(UK)
+ * Copyright (c) 2012, 2015, JANET(UK)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
+ tid_req_add_path(tr_msg_get_req(mreq), tids->hostname, tids->tids_port);
+
/* Call the caller's request handler */
/* TBD -- Handle different error returns/msgs */
if (0 > (rc = (*tids->req_handler)(tids, tr_msg_get_req(mreq), resp, tids->cookie))) {
/* Call the caller's request handler */
/* TBD -- Handle different error returns/msgs */
if (0 > (rc = (*tids->req_handler)(tids, tr_msg_get_req(mreq), resp, tids->cookie))) {
/* mark this as an error response, and include the error message */
resp->result = TID_ERROR;
resp->err_msg = tr_new_name((char *)err_msg);
/* mark this as an error response, and include the error message */
resp->result = TID_ERROR;
resp->err_msg = tr_new_name((char *)err_msg);
+ resp->error_path = req->path;
rc = tids_send_response(tids, req, resp);
rc = tids_send_response(tids, req, resp);
int conn = -1;
pid_t pid;
int conn = -1;
pid_t pid;
+ tids->tids_port = port;
if (0 > (listen = tids_listen(tids, port)))
perror ("Error from tids_listen()");
if (0 > (listen = tids_listen(tids, port)))
perror ("Error from tids_listen()");
tids_send_err_response(tids, orig_req, "Memory allocation failure");
return -1;
}
tids_send_err_response(tids, orig_req, "Memory allocation failure");
return -1;
}
/* Use the DH parameters from the original request */
/* TBD -- this needs to be fixed when we handle more than one req per conn */
tidc->client_dh = orig_req->tidc_dh;
/* Use the DH parameters from the original request */
/* TBD -- this needs to be fixed when we handle more than one req per conn */
tidc->client_dh = orig_req->tidc_dh;