return NULL;
}
- for (idp = comm->idp_realms; NULL != idp; idp = idp->next) {
+ for (idp = comm->idp_realms; NULL != idp; idp = idp->comm_next) {
if (!tr_name_cmp (idp_realm, idp->realm_id)) {
- tr_debug("tr_find_comm_idp: Found %s.", idp_realm->buf);
+ tr_debug("tr_find_comm_idp: Found IdP %s in community %s.", idp_realm->buf, comm->id->buf);
return idp;
}
}
for (rp = comm->rp_realms; NULL != rp; rp = rp->next) {
if (!tr_name_cmp (rp_realm, rp->realm_name)) {
- tr_debug("tr_find_comm_idp: Found %s.", rp_realm->buf);
+ tr_debug("tr_find_comm_rp: Found RP %s in community %s.", rp_realm->buf, comm->id->buf);
return rp;
}
}
#include <tr_idp.h>
#include <tr.h>
-void tr_print_config (FILE *stream, TR_CFG *cfg) {
- fprintf(stream, "tr_print_config: Not yet implemented.");
- return;
+void tr_print_config (TR_CFG *cfg) {
+ tr_notice("tr_print_config: Logging running trust router configuration.");
+ tr_print_comms(cfg->comms);
+}
+
+void tr_print_comms (TR_COMM *comm_list) {
+ TR_COMM *comm = NULL;
+
+ for (comm = comm_list; NULL != comm; comm = comm->next) {
+ tr_notice("tr_print_config: Community %s:", comm->id->buf);
+
+ tr_notice("tr_print_config: - Member IdPs:");
+ tr_print_comm_idps(comm->idp_realms);
+
+ tr_notice("tr_print_config: - Member RPs:");
+ tr_print_comm_rps(comm->rp_realms);
+ }
+}
+
+void tr_print_comm_idps (TR_IDP_REALM *idp_list) {
+ TR_IDP_REALM *idp = NULL;
+
+ for (idp = idp_list; NULL != idp; idp = idp->comm_next) {
+ tr_notice("tr_print_config: - @%s", idp->realm_id->buf);
+ }
+}
+
+void tr_print_comm_rps(TR_RP_REALM *rp_list) {
+ TR_RP_REALM *rp = NULL;
+
+ for (rp = rp_list; NULL != rp; rp = rp->next) {
+ tr_notice("tr_print_config: - %s", rp->realm_name->buf);
+ }
}
TR_CFG *tr_cfg_new(TALLOC_CTX *mem_ctx)
static TR_IDP_REALM *tr_cfg_parse_comm_idps (TR_CFG *trc, json_t *jidps, TR_CFG_RC *rc)
{
TR_IDP_REALM *idp = NULL;
+ TR_IDP_REALM *found_idp = NULL;
TR_IDP_REALM *temp_idp = NULL;
int i = 0;
}
for (i = 0; i < json_array_size(jidps); i++) {
- if (NULL == (temp_idp = (tr_cfg_find_idp(trc,
- tr_new_name((char *)json_string_value(json_array_get(jidps, i))),
- rc)))) {
+ if (NULL == (temp_idp = talloc(trc, TR_IDP_REALM))) {
+ tr_debug("tr_cfg_parse_comm_idps: Can't allocate memory for IdP Realm.");
+ if (rc)
+ *rc = TR_CFG_NOMEM;
+ return NULL;
+ }
+ memset (temp_idp, 0, sizeof(TR_IDP_REALM));
+
+ if (NULL == (found_idp = (tr_cfg_find_idp(trc,
+ tr_new_name((char *)json_string_value(json_array_get(jidps, i))),
+ rc)))) {
tr_debug("tr_cfg_parse_comm_idps: Unknown IDP %s.",
(char *)json_string_value(json_array_get(jidps, i)));
return NULL;
}
+ // We *MUST* do a dereferenced copy here or the second community will corrupt the linked list we create here.
+ *temp_idp = *found_idp;
+
temp_idp->comm_next = idp;
idp = temp_idp;
}
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
json_t *jcfg;
+ json_t *jser;
json_error_t rc;
char *file_with_path;
int ii;
cfg_rc=TR_CFG_NOPARSE;
goto cleanup;
}
+ talloc_free(file_with_path); /* done with filename */
+
+ // Look for serial number and log it if it exists
+ if (NULL != (jser = json_object_get(jcfg, "serial_number"))) {
+ if (json_is_number(jser)) {
+ tr_notice("tr_read_config: Attempting to load revision %" JSON_INTEGER_FORMAT " of '%s'.",
+ json_integer_value(jser),
+ cfg_files[n]->d_name);
+ }
+ }
if ((TR_CFG_SUCCESS != tr_cfg_parse_internal(cfg_mgr->new, jcfg)) ||
(TR_CFG_SUCCESS != tr_cfg_parse_rp_clients(cfg_mgr->new, jcfg)) ||
free (name->buf);
name->buf = NULL;
}
-
+
free(name);
}
-TR_NAME *tr_new_name (char *name)
+TR_NAME *tr_new_name (const char *name)
{
TR_NAME *new;
- if (new = malloc(sizeof(TR_NAME))) {
+ if (new = malloc(sizeof(TR_NAME))) {
new->len = strlen(name);
if (new->buf = malloc((new->len)+1)) {
strcpy(new->buf, name);
return new;
}
-TR_NAME *tr_dup_name (TR_NAME *from)
+TR_NAME *tr_dup_name (TR_NAME *from)
{
TR_NAME *to;
}
return s;
}
-
AC_PREREQ(2.63)
-AC_INIT([trust_router],[1.5.1],
+AC_INIT([trust_router],[1.5.2],
[bugs@project-moonshot.org])
AC_CONFIG_MACRO_DIR(m4)
AC_CONFIG_AUX_DIR(build-aux)
TR_CFG_MGR *tr_cfg_mgr_new(TALLOC_CTX *mem_ctx);
void tr_cfg_free(TR_CFG *cfg);
void tr_cfg_mgr_free(TR_CFG_MGR *cfg);
-void tr_print_config(FILE *stream, TR_CFG *cfg);
+
+void tr_print_config(TR_CFG *cfg);
+void tr_print_comms(TR_COMM *comm_list);
+void tr_print_comm_idps(TR_IDP_REALM *idp_list);
+void tr_print_comm_rps(TR_RP_REALM *rp_list);
TR_IDP_REALM *tr_cfg_find_idp (TR_CFG *cfg, TR_NAME *idp_id, TR_CFG_RC *rc);
TR_RP_CLIENT *tr_cfg_find_rp (TR_CFG *cfg, TR_NAME *rp_gss, TR_CFG_RC *rc);
/* TID Client functions, in tid/tidc.c */
TR_EXPORT TIDC_INSTANCE *tidc_create (void);
-TR_EXPORT int tidc_open_connection (TIDC_INSTANCE *tidc, char *server, unsigned int port, gss_ctx_id_t *gssctx);
-TR_EXPORT int tidc_send_request (TIDC_INSTANCE *tidc, int conn, gss_ctx_id_t gssctx, char *rp_realm, char *realm, char *coi, TIDC_RESP_FUNC *resp_handler, void *cookie);
+TR_EXPORT int tidc_open_connection (TIDC_INSTANCE *tidc, const char *server, unsigned int port, gss_ctx_id_t *gssctx);
+TR_EXPORT int tidc_send_request (TIDC_INSTANCE *tidc, int conn, gss_ctx_id_t gssctx, const char *rp_realm, const char *realm, const char *coi, TIDC_RESP_FUNC *resp_handler, void *cookie);
TR_EXPORT int tidc_fwd_request (TIDC_INSTANCE *tidc, TID_REQ *req, TIDC_RESP_FUNC *resp_handler, void *cookie);
TR_EXPORT DH *tidc_get_dh(TIDC_INSTANCE *);
TR_EXPORT DH *tidc_set_dh(TIDC_INSTANCE *, DH *);
int len;
} TR_NAME;
-TR_EXPORT TR_NAME *tr_new_name (char *name);
+TR_EXPORT TR_NAME *tr_new_name (const char *name);
TR_EXPORT TR_NAME *tr_dup_name (TR_NAME *from);
TR_EXPORT void tr_free_name (TR_NAME *name);
TR_EXPORT int tr_name_cmp (TR_NAME *one, TR_NAME *two);
{
TIDC_INSTANCE *tidc = NULL;
- if (NULL == (tidc = talloc_zero(NULL, TIDC_INSTANCE)))
+ if (NULL == (tidc = talloc_zero(NULL, TIDC_INSTANCE)))
return NULL;
return tidc;
}
int tidc_open_connection (TIDC_INSTANCE *tidc,
- char *server,
+ const char *server,
unsigned int port,
gss_ctx_id_t *gssctx)
{
if (0 == port)
use_port = TID_PORT;
- else
+ else
use_port = port;
err = gsscon_connect(server, use_port, "trustidentity", &conn, gssctx);
return -1;
}
-int tidc_send_request (TIDC_INSTANCE *tidc,
- int conn,
+int tidc_send_request (TIDC_INSTANCE *tidc,
+ int conn,
gss_ctx_id_t gssctx,
- char *rp_realm,
- char *realm,
- char *comm,
+ const char *rp_realm,
+ const char *realm,
+ const char *comm,
TIDC_RESP_FUNC *resp_handler,
void *cookie)
{
return rc;
}
-int tidc_fwd_request (TIDC_INSTANCE *tidc,
- TID_REQ *tid_req,
+int tidc_fwd_request (TIDC_INSTANCE *tidc,
+ TID_REQ *tid_req,
TIDC_RESP_FUNC *resp_handler,
void *cookie)
{
/* store the response function and cookie */
// tid_req->resp_func = resp_handler;
// tid_req->cookie = cookie;
-
+
/* Encode the request into a json string */
if (!(req_buf = tr_msg_encode(msg))) {
tr_debug( "%s\n", req_buf);
/* Send the request over the connection */
- if (err = gsscon_write_encrypted_token (tid_req->conn, tid_req->gssctx, req_buf,
+ if (err = gsscon_write_encrypted_token (tid_req->conn, tid_req->gssctx, req_buf,
strlen(req_buf))) {
tr_err( "tidc_fwd_request: Error sending request over connection.\n");
goto error;
tr_err( "tidc_fwd_request: Error, no response in the response!\n");
goto error;
}
-
+
if (resp_handler)
/* Call the caller's response function */
(*resp_handler)(tidc, tid_req, tr_msg_get_resp(resp_msg), cookie);
%global optflags %{optflags} -Wno-parentheses
Name: trust_router
-Version: 1.5.1
-Release: 2%{?dist}
+Version: 1.5.2
+Release: 1%{?dist}
Summary: Moonshot Trust Router
Group: System Environment/Libraries
Source0: %{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: krb5-devel , glib-devel
+BuildRequires: krb5-devel, glib2-devel
BuildRequires: jansson-devel >= 2.4
BuildRequires: sqlite-devel, openssl-devel, libtalloc-devel
+%{?el7:BuildRequires: systemd}
Requires: moonshot-gss-eap >= 0.9.3, sqlite
%description
%post
# Data directory
tr_home=/var/lib/trust_router
-tr_schema=${tr_home}/.schema_1.5.1
+tr_schema=${tr_home}/.schema_1.5.2
test -d ${tr_home} ||mkdir ${tr_home}
chown trustrouter:trustrouter ${tr_home}
test -e $tr_schema || rm -f $tr_home/keys
%doc README
%{_bindir}/*
%{_datadir}/trust_router/schema.sql
-#/lib/systemd/system/tids.service
%{_initrddir}/tids
%{_initrddir}/trust_router
+%{?el7:%{_unitdir}/tids.service}
+
%config(noreplace) %{_sysconfdir}/sysconfig/tids
%config(noreplace) %{_sysconfdir}/sysconfig/trust_router