tr/tr_main.c \
common/tr_config.c \
common/tr_idp.c \
+common/tr_apc.c \
common/tr_comm.c \
common/tr_filter.c \
common/tr_rp.c \
$(trp_srcs) \
$(tid_srcs)
-tr_trust_router_CFLAGS = $(AM_CFLAGS) -pthread
+tr_trust_router_CFLAGS = $(AM_CFLAGS) -pthread -v -da -Q
tr_trust_router_LDFLAGS = $(AM_LDFLAGS) -levent_pthreads
#tr_trust_router_LDADD = gsscon/libgsscon.la libtr_tid.la libtr_trp.la $(GLIB_LIBS)
tr_trust_router_LDADD = gsscon/libgsscon.la $(GLIB_LIBS)
common/tr_msg.c \
common/tr_name.c \
common/tr_idp.c \
+common/tr_apc.c \
common/tr_comm.c \
common/tr_filter.c \
common/tr_rp.c \
return rc;
}
-static TR_AAA_SERVER *tr_cfg_parse_one_aaa_server (TR_CFG *trc, json_t *jaddr, TR_CFG_RC *rc) {
+static TR_AAA_SERVER *tr_cfg_parse_one_aaa_server (TALLOC_CTX *mem_ctx, TR_CFG *trc, json_t *jaddr, TR_CFG_RC *rc) {
TR_AAA_SERVER *aaa = NULL;
+ TR_NAME *name=NULL;
if ((!trc) || (!jaddr) || (!json_is_string(jaddr))) {
tr_debug("tr_cfg_parse_one_aaa_server: Bad parameters.");
return NULL;
}
- if (NULL == (aaa = talloc_zero(trc, TR_AAA_SERVER))) {
- tr_debug("tr_cfg_parse_one_aaa_server: Out of memory.");
+ name=tr_new_name((char *)(json_string_value(jaddr)));
+ if (name==NULL) {
+ tr_debug("tr_cfg_parse_one_aaa_server: Out of memory allocating hostname.");
*rc = TR_CFG_NOMEM;
return NULL;
}
- aaa->hostname = tr_new_name((char *)(json_string_value(jaddr)));
+ aaa=tr_aaa_server_new(mem_ctx, name);
+ if (aaa==NULL) {
+ tr_free_name(name);
+ tr_debug("tr_cfg_parse_one_aaa_server: Out of memory allocating AAA server.");
+ *rc = TR_CFG_NOMEM;
+ return NULL;
+ }
return aaa;
}
-static TR_AAA_SERVER *tr_cfg_parse_aaa_servers (TR_CFG *trc, json_t *jaaas, TR_CFG_RC *rc)
+static TR_AAA_SERVER *tr_cfg_parse_aaa_servers (TALLOC_CTX *mem_ctx, TR_CFG *trc, json_t *jaaas, TR_CFG_RC *rc)
{
+ TALLOC_CTX *tmp_ctx=NULL;
TR_AAA_SERVER *aaa = NULL;
TR_AAA_SERVER *temp_aaa = NULL;
int i = 0;
for (i = 0; i < json_array_size(jaaas); i++) {
- if (NULL == (temp_aaa = tr_cfg_parse_one_aaa_server(trc, json_array_get(jaaas, i), rc))) {
+ if (NULL == (temp_aaa = tr_cfg_parse_one_aaa_server(mem_ctx, trc, json_array_get(jaaas, i), rc))) {
+ talloc_free(tmp_ctx);
return NULL;
}
/* TBD -- IPv6 addresses */
aaa = temp_aaa;
}
tr_debug("tr_cfg_parse_aaa_servers: Finished (rc=%d)", *rc);
+
+ for (temp_aaa=aaa; temp_aaa!=NULL; temp_aaa=temp_aaa->next)
+ talloc_steal(mem_ctx, temp_aaa);
+ talloc_free(tmp_ctx);
return aaa;
}
-static TR_APC *tr_cfg_parse_apcs (TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc)
+static TR_APC *tr_cfg_parse_apcs (TALLOC_CTX *mem_ctx, TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc)
{
TR_APC *apc;
return NULL;
}
- if (NULL == (apc = talloc_zero(trc, TR_APC))) {
+ apc=tr_apc_new(mem_ctx);
+ if (apc==NULL) {
tr_debug("tr_cfg_parse_apcs: Out of memory.");
*rc = TR_CFG_NOMEM;
return NULL;
/* TBD, deal with more than one APC. In the meantime, though... */
/* Only parse the first APC, because we only know how to deal with one, anyway. */
- if (0 == json_array_size(japcs))
+ if (0 == json_array_size(japcs)) {
+ talloc_free(apc);
return NULL;
+ }
if (NULL == (apc->id = tr_new_name((char *)json_string_value(json_array_get(japcs, 0))))) {
tr_debug("tr_cfg_parse_apcs: No memory for APC name.");
*rc = TR_CFG_NOMEM;
+ talloc_free(apc);
return NULL;
}
}
static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_CFG_RC *rc) {
+ TALLOC_CTX *tmp_ctx=talloc_new(NULL);
TR_IDP_REALM *idp = NULL;
json_t *jremote = NULL;
json_t *jrid = NULL;
return NULL;
}
- if (NULL == (idp = tr_idp_realm_new(trc))) {
+ if (NULL == (idp = tr_idp_realm_new(tmp_ctx))) {
tr_debug("tr_cfg_parse_one_idp_realm: Out of memory.");
*rc = TR_CFG_NOMEM;
+ talloc_free(tmp_ctx);
return NULL;
}
if ((jremote!=NULL) && (!json_is_number(jremote))) {
tr_debug("tr_cfg_parse_one_idp_realm: Error parsing IDP realm configuration (remote is not a number).");
*rc=TR_CFG_NOPARSE;
+ talloc_free(tmp_ctx);
return NULL;
}
(!json_is_string(jrid))) {
tr_debug("tr_cfg_parse_one_idp_realm: Error parsing IDP realm configuration (realm_id missing or invalid).");
*rc = TR_CFG_NOPARSE;
+ talloc_free(tmp_ctx);
return NULL;
}
(!json_is_array(jsrvrs))) {
tr_debug("tr_cfg_parse_one_idp_realm: Error parsing IDP realm configuration.");
*rc = TR_CFG_NOPARSE;
+ talloc_free(tmp_ctx);
return NULL;
}
if (NULL == (idp->realm_id = tr_new_name((char *)json_string_value(jrid)))) {
tr_debug("tr_cfg_parse_one_idp_realm: No memory for realm id.");
*rc = TR_CFG_NOMEM;
+ talloc_free(tmp_ctx);
return NULL;
}
if ((NULL != (japcs = json_object_get(jidp, "apcs"))) &&
(json_is_array(japcs))) {
- if (NULL == (idp->apcs = tr_cfg_parse_apcs(trc, japcs, rc))) {
+ if (NULL == (idp->apcs = tr_cfg_parse_apcs(idp, trc, japcs, rc))) {
tr_debug("tr_cfg_parse_one_idp_realm: Can't parse APCs for realm %s .", idp->realm_id->buf);
- tr_free_name(idp->realm_id);
- /* TBD -- free aaa_servers */
+ talloc_free(tmp_ctx);
return NULL;
}
}
if ((idp->origin==TR_REALM_LOCAL) &&
- (NULL == (idp->aaa_servers = tr_cfg_parse_aaa_servers(trc, jsrvrs, rc)))) {
+ (NULL == (idp->aaa_servers = tr_cfg_parse_aaa_servers(idp, trc, jsrvrs, rc)))) {
tr_debug("tr_cfg_parse_one_idp_realm: Can't parse AAA servers for realm %s.", idp->realm_id->buf);
- tr_free_name(idp->realm_id);
+ talloc_free(tmp_ctx);
return NULL;
}
+ talloc_steal(trc, idp);
+ talloc_free(tmp_ctx);
return idp;
}
(0 < json_array_size(jdss))) {
for (i = 0; i < json_array_size(jdss); i++) {
- if (NULL == (ds = tr_cfg_parse_one_aaa_server(trc,
+ if (NULL == (ds = tr_cfg_parse_one_aaa_server(trc, trc,
json_array_get(jdss, i),
&rc))) {
return rc;
comm->type = TR_COMM_APC;
} else if (0 == strcmp(json_string_value(jtype), "coi")) {
comm->type = TR_COMM_COI;
- if (NULL == (comm->apcs = tr_cfg_parse_apcs(trc, japcs, rc))) {
+ if (NULL == (comm->apcs = tr_cfg_parse_apcs(trc, trc, japcs, rc))) {
tr_debug("tr_cfg_parse_one_comm: Can't parse APCs for COI %s.", comm->id->buf);
tr_free_name(comm->id);
return NULL;
#include <tr_idp.h>
#include <tr_config.h>
+static int tr_aaa_server_destructor(void *obj)
+{
+ TR_AAA_SERVER *aaa=talloc_get_type_abort(obj, TR_AAA_SERVER);
+ if (aaa->hostname!=NULL)
+ tr_free_name(aaa->hostname);
+ return 0;
+}
+
+TR_AAA_SERVER *tr_aaa_server_new(TALLOC_CTX *mem_ctx, TR_NAME *hostname)
+{
+ TR_AAA_SERVER *aaa=talloc(mem_ctx, TR_AAA_SERVER);
+ if (aaa!=NULL) {
+ aaa->hostname=hostname;
+ talloc_set_destructor((void *)aaa, tr_aaa_server_destructor);
+ }
+ return aaa;
+}
+
+void tr_aaa_server_free(TR_AAA_SERVER *aaa)
+{
+ talloc_free(aaa);
+}
+
TR_AAA_SERVER *tr_idp_aaa_server_lookup(TR_IDP_REALM *idp_realms, TR_NAME *idp_realm_name, TR_NAME *comm)
{
TR_IDP_REALM *idp = NULL;
return(default_servers);
}
+static int tr_idp_realm_destructor(void *obj)
+{
+ TR_IDP_REALM *idp=talloc_get_type_abort(obj, TR_IDP_REALM);
+ if (idp->realm_id!=NULL)
+ tr_free_name(idp->realm_id);
+ return 0;
+}
TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx)
{
idp->aaa_servers=NULL;
idp->apcs=NULL;
idp->origin=TR_REALM_LOCAL;
+ talloc_set_destructor((void *)idp, tr_idp_realm_destructor);
}
return idp;
}
char *ipaddr;
const char *hostname;
TIDS_REQ_FUNC *req_handler;
- tids_auth_func *auth_handler;
+ TIDS_AUTH_FUNC *auth_handler;
void *cookie;
uint16_t tids_port;
struct tr_rp_client *rp_gss; /* Client matching GSS name */
#ifndef TR_APC_H
#define TR_APC_H
+#include <talloc.h>
+
+#include <trust_router/tr_name.h>
+
/* Used to hold lists of APC names in cfg. */
typedef struct tr_apc {
struct tr_apc *next;
TR_NAME *id;
} TR_APC;
+TR_APC *tr_apc_new(TALLOC_CTX *mem_ctx);
+void tr_apc_free(TR_APC *apc);
+void tr_apc_set_id(TR_APC *apc, TR_NAME *id);
+TR_NAME *tr_apc_get_id(TR_APC *apc);
+
#endif
#include <tr_comm.h>
#include <tr_rp.h>
#include <tr_idp.h>
+#include <trp_internal.h>
#define TR_DEFAULT_MAX_TREE_DEPTH 12
#define TR_DEFAULT_TR_PORT 12308
TR_COMM *comms; /* locally-known communities */
TR_AAA_SERVER *default_servers; /* default server list */
/* TBD -- Global Filters */
- /* TBD -- Trust Router Peers */
- /* TBD -- Trust Links */
} TR_CFG;
typedef struct tr_cfg_mgr {
TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx);
+TR_AAA_SERVER *tr_aaa_server_new(TALLOC_CTX *mem_ctx, TR_NAME *hostname);
+void tr_aaa_server_free(TR_AAA_SERVER *aaa);
+
TR_AAA_SERVER *tr_idp_aaa_server_lookup(TR_IDP_REALM *idp_realms, TR_NAME *idp_realm_name, TR_NAME *comm);
TR_AAA_SERVER *tr_default_server_lookup(TR_AAA_SERVER *default_servers, TR_NAME *comm);
#endif
/*typedef int (*TRP_AUTH_FUNC)(gss_name_t client_name, TR_NAME *display_name, void *cookie);*/
typedef client_cb_fn TRP_AUTH_FUNC;
+/* function to look up comm/realm entries */
+typedef TRP_ROUTE *(TRP_LOOKUP_FUNC)(TR_NAME *, TR_NAME *, void *);
+
+
/* TRP Client Instance Data */
typedef struct trpc_instance TRPC_INSTANCE;
struct trpc_instance {
#include <trp_internal.h>
typedef struct trp_route {
- TR_NAME *apc;
+ TR_NAME *comm;
TR_NAME *realm;
TR_NAME *peer;
unsigned int metric;
void trp_rtable_remove(TRP_RTABLE *rtbl, TRP_ROUTE *entry);
void trp_rtable_clear(TRP_RTABLE *rtbl);
size_t trp_rtable_size(TRP_RTABLE *rtbl);
-size_t trp_rtable_apc_size(TRP_RTABLE *rtbl, TR_NAME *apc);
-size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm);
+size_t trp_rtable_comm_size(TRP_RTABLE *rtbl, TR_NAME *comm);
+size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm);
TRP_ROUTE **trp_rtable_get_entries(TRP_RTABLE *rtbl, size_t *n_out);
-TR_NAME **trp_rtable_get_apcs(TRP_RTABLE *rtbl, size_t *n_out);
-TRP_ROUTE **trp_rtable_get_apc_entries(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out);
-TR_NAME **trp_rtable_get_apc_realms(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out);
-TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, size_t *n_out);
-TR_NAME **trp_rtable_get_apc_realm_peers(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, size_t *n_out);
-TRP_ROUTE *trp_rtable_get_entry(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, TR_NAME *peer);
-TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm);
+TR_NAME **trp_rtable_get_comms(TRP_RTABLE *rtbl, size_t *n_out);
+TRP_ROUTE **trp_rtable_get_comm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out);
+TR_NAME **trp_rtable_get_comm_realms(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out);
+TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, size_t *n_out);
+TR_NAME **trp_rtable_get_comm_realm_peers(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, size_t *n_out);
+TRP_ROUTE *trp_rtable_get_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, TR_NAME *peer);
+TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm);
void trp_rtable_clear_triggered(TRP_RTABLE *rtbl);
char *trp_rtable_to_str(TALLOC_CTX *mem_ctx, TRP_RTABLE *rtbl, const char *sep, const char *lineterm);
TRP_ROUTE *trp_route_new(TALLOC_CTX *mem_ctx);
void trp_route_free(TRP_ROUTE *entry);
-void trp_route_set_apc(TRP_ROUTE *entry, TR_NAME *apc);
-TR_NAME *trp_route_get_apc(TRP_ROUTE *entry);
-TR_NAME *trp_route_dup_apc(TRP_ROUTE *entry);
+void trp_route_set_comm(TRP_ROUTE *entry, TR_NAME *comm);
+TR_NAME *trp_route_get_comm(TRP_ROUTE *entry);
+TR_NAME *trp_route_dup_comm(TRP_ROUTE *entry);
void trp_route_set_realm(TRP_ROUTE *entry, TR_NAME *realm);
TR_NAME *trp_route_get_realm(TRP_ROUTE *entry);
TR_NAME *trp_route_dup_realm(TRP_ROUTE *entry);
typedef int (TIDS_REQ_FUNC)(TIDS_INSTANCE *, TID_REQ *, TID_RESP *, void *);
-typedef int (tids_auth_func)(gss_name_t client_name, TR_NAME *display_name, void *cookie);
+typedef int (TIDS_AUTH_FUNC)(gss_name_t client_name, TR_NAME *display_name, void *cookie);
/* TID Server functions, in tid/tids.c */
TR_EXPORT TIDS_INSTANCE *tids_create (TALLOC_CTX *mem_ctx);
TR_EXPORT int tids_start (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler,
- tids_auth_func *auth_handler, const char *hostname,
+ TIDS_AUTH_FUNC *auth_handler, const char *hostname,
unsigned int port, void *cookie);
TR_EXPORT int tids_get_listener (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler,
- tids_auth_func *auth_handler, const char *hostname,
+ TIDS_AUTH_FUNC *auth_handler, const char *hostname,
unsigned int port, void *cookie);
TR_EXPORT int tids_accept(TIDS_INSTANCE *tids, int listen);
TR_EXPORT int tids_send_response (TIDS_INSTANCE *tids, TID_REQ *req, TID_RESP *resp);
void trp_upd_set_inforec(TRP_UPD *upd, TRP_INFOREC *rec);
void trp_upd_add_inforec(TRP_UPD *upd, TRP_INFOREC *rec);
TR_EXPORT TR_NAME *trp_upd_get_peer(TRP_UPD *upd);
+TR_NAME *trp_upd_dup_peer(TRP_UPD *upd);
void trp_upd_set_peer(TRP_UPD *upd, TR_NAME *peer);
TR_EXPORT TRP_INFOREC *trp_inforec_new(TALLOC_CTX *mem_ctx, TRP_INFOREC_TYPE type);
void trp_inforec_free(TRP_INFOREC *rec);
gss_delete_sec_context( &minor, &req->gssctx, NULL);
}
}
+ if (req->rp_realm!=NULL)
+ tr_free_name(req->rp_realm);
+ if (req->realm!=NULL)
+ tr_free_name(req->realm);
+ if (req->comm!=NULL)
+ tr_free_name(req->comm);
+ if (req->orig_coi!=NULL)
+ tr_free_name(req->orig_coi);
return 0;
}
#include <tid_internal.h>
+static int tid_resp_destructor(void *obj)
+{
+ TID_RESP *resp=talloc_get_type_abort(obj, TID_RESP);
+ if (resp->err_msg!=NULL)
+ tr_free_name(resp->err_msg);
+ if (resp->rp_realm!=NULL)
+ tr_free_name(resp->rp_realm);
+ if (resp->realm!=NULL)
+ tr_free_name(resp->realm);
+ if (resp->comm!=NULL)
+ tr_free_name(resp->comm);
+ if (resp->orig_coi!=NULL)
+ tr_free_name(resp->orig_coi);
+ return 0;
+}
+
TID_RESP *tid_resp_new(TALLOC_CTX *mem_ctx)
{
- return talloc(mem_ctx, TID_RESP);
+ TID_RESP *resp=talloc(mem_ctx, TID_RESP);
+ if (resp!=NULL) {
+ talloc_set_destructor((void *)resp, tid_resp_destructor);
+ }
+ return resp;
}
void tid_resp_free(TID_RESP *resp)
tr_crit("tids_handle_connection: Error creating response structure.");
/* try to send an error */
tids_send_err_response(tids, tr_msg_get_req(mreq), "Error creating response.");
+ tr_msg_free_decoded(mreq);
return;
}
}
tids_destroy_response(tids, resp);
+ tr_msg_free_decoded(mreq);
return;
}
}
* connections with tids_accept() */
int tids_get_listener(TIDS_INSTANCE *tids,
TIDS_REQ_FUNC *req_handler,
- tids_auth_func *auth_handler,
+ TIDS_AUTH_FUNC *auth_handler,
const char *hostname,
unsigned int port,
void *cookie)
/* Process tids requests forever. Should not return except on error. */
int tids_start (TIDS_INSTANCE *tids,
TIDS_REQ_FUNC *req_handler,
- tids_auth_func *auth_handler,
+ TIDS_AUTH_FUNC *auth_handler,
const char *hostname,
unsigned int port,
void *cookie)
tr_crit("Unable to allocate new peer. Aborting.");
return 1;
}
- trp_peer_set_server(hc_peer, "epsilon.vmnet");
+ trp_peer_set_server(hc_peer, "epsilon-trpc.vmnet");
trp_peer_set_gssname(hc_peer, tr_new_name("trpc@apc.painless-security.com"));
trp_peer_set_port(hc_peer, 10002); /* not really used */
if (TRP_SUCCESS != trps_add_peer(tr->trps, hc_peer)) {
+#include <talloc.h>
+
#include <tid_internal.h>
#include <tr_filter.h>
#include <tr_comm.h>
#include <tr_event.h>
#include <tr_debug.h>
#include <gsscon.h>
+#include <trp_internal.h>
#include <tr_config.h>
#include <tr_tid.h>
struct tr_tids_event_cookie {
TIDS_INSTANCE *tids;
TR_CFG_MGR *cfg_mgr;
+ TRPS_INSTANCE *trps;
};
TID_RESP *resp,
void *cookie_in)
{
+ TALLOC_CTX *tmp_ctx=talloc_new(NULL);;
TIDC_INSTANCE *tidc = NULL;
TR_RESP_COOKIE resp_cookie;
TR_AAA_SERVER *aaa_servers = NULL;
TR_COMM *cfg_apc = NULL;
int oaction = TR_FILTER_ACTION_REJECT;
int rc = 0;
- time_t expiration_interval;
+ time_t expiration_interval=0;
struct tr_tids_event_cookie *cookie=(struct tr_tids_event_cookie *)cookie_in;
- TR_CFG_MGR *cfg_mgr=cookie->cfg_mgr;
+ TR_CFG_MGR *cfg_mgr=talloc_get_type_abort(cookie, TR_CFG_MGR);
+ TRPS_INSTANCE *trps=talloc_get_type_abort(cookie, TRPS_INSTANCE);
+ TRP_ROUTE *route=NULL;
+ int retval=-1;
if ((!tids) || (!orig_req) || (!resp)) {
tr_debug("tr_tids_req_handler: Bad parameters");
- return -1;
+ retval=-1;
+ goto cleanup;
}
tr_debug("tr_tids_req_handler: Request received (conn = %d)! Realm = %s, Comm = %s", orig_req->conn,
/* Duplicate the request, so we can modify and forward it */
if (NULL == (fwd_req = tid_dup_req(orig_req))) {
tr_debug("tr_tids_req_handler: Unable to duplicate request.");
- return -1;
+ retval=-1;
+ goto cleanup;
}
if (NULL == (cfg_comm = tr_comm_lookup(cfg_mgr->active->comms, orig_req->comm))) {
tr_notice("tr_tids_req_hander: Request for unknown comm: %s.", orig_req->comm->buf);
tids_send_err_response(tids, orig_req, "Unknown community");
- return -1;
+ retval=-1;
+ goto cleanup;
}
/* Check that the rp_realm matches the filter for the GSS name that
(!tids->rp_gss->filter)) {
tr_notice("tr_tids_req_handler: No GSS name for incoming request.");
tids_send_err_response(tids, orig_req, "No GSS name for request");
- return -1;
+ retval=-1;
+ goto cleanup;
}
if ((TR_FILTER_NO_MATCH == tr_filter_process_rp_permitted(orig_req->rp_realm,
(TR_FILTER_ACTION_REJECT == oaction)) {
tr_notice("tr_tids_req_handler: RP realm (%s) does not match RP Realm filter for GSS name", orig_req->rp_realm->buf);
tids_send_err_response(tids, orig_req, "RP Realm filter error");
- return -1;
+ retval=-1;
+ goto cleanup;
}
/* Check that the rp_realm is a member of the community in the request */
if (NULL == (tr_find_comm_rp(cfg_comm, orig_req->rp_realm))) {
tr_notice("tr_tids_req_handler: RP Realm (%s) not member of community (%s).", orig_req->rp_realm->buf, orig_req->comm->buf);
tids_send_err_response(tids, orig_req, "RP COI membership error");
- return -1;
+ retval=-1;
+ goto cleanup;
}
/* Map the comm in the request from a COI to an APC, if needed */
if ((!cfg_comm->apcs) || (!cfg_comm->apcs->id)) {
tr_notice("No valid APC for COI %s.", orig_req->comm->buf);
tids_send_err_response(tids, orig_req, "No valid APC for community");
- return -1;
+ retval=-1;
+ goto cleanup;
}
apc = tr_dup_name(cfg_comm->apcs->id);
if (NULL == (cfg_apc = tr_comm_lookup(cfg_mgr->active->comms, apc))) {
tr_notice("tr_tids_req_hander: Request for unknown comm: %s.", apc->buf);
tids_send_err_response(tids, orig_req, "Unknown APC");
- return -1;
+ retval=-1;
+ goto cleanup;
}
fwd_req->comm = apc;
if (NULL == (tr_find_comm_rp(cfg_apc, orig_req->rp_realm))) {
tr_notice("tr_tids_req_hander: RP Realm (%s) not member of community (%s).", orig_req->rp_realm->buf, orig_req->comm->buf);
tids_send_err_response(tids, orig_req, "RP APC membership error");
- return -1;
+ retval=-1;
+ goto cleanup;
}
}
+ /* Look up the route for this community/realm. */
+ route=trps_get_selected_route(trps, orig_req->comm, orig_req->realm);
+ if (route==NULL) {
+ tr_notice("tr_tids_req_handler: no route table entry found for realm (%s) in community (%s).",
+ orig_req->realm->buf, orig_req->comm->buf);
+ tids_send_err_response(tids, orig_req, "Missing trust route error");
+ retval=-1;
+ goto cleanup;
+ }
+ if (trp_route_is_local(route)) {
+ aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->idp_realms,
+ orig_req->realm,
+ orig_req->comm);
+ } else {
+ aaa_servers = tr_aaa_server_new(tmp_ctx, trp_route_get_next_hop(route));
+ }
+
/* Find the AAA server(s) for this request */
- if (NULL == (aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->idp_realms,
- orig_req->realm,
- orig_req->comm))) {
+ if (NULL == aaa_servers) {
tr_debug("tr_tids_req_handler: No AAA Servers for realm %s, defaulting.", orig_req->realm->buf);
if (NULL == (aaa_servers = tr_default_server_lookup (cfg_mgr->active->default_servers,
orig_req->comm))) {
tr_notice("tr_tids_req_handler: No default AAA servers, discarded.");
tids_send_err_response(tids, orig_req, "No path to AAA Server(s) for realm");
- return -1;
+ retval=-1;
+ goto cleanup;
}
} else {
/* if we aren't defaulting, check idp coi and apc membership */
if (NULL == (tr_find_comm_idp(cfg_comm, fwd_req->realm))) {
tr_notice("tr_tids_req_handler: IDP Realm (%s) not member of community (%s).", orig_req->realm->buf, orig_req->comm->buf);
tids_send_err_response(tids, orig_req, "IDP community membership error");
- return -1;
+ retval=-1;
+ goto cleanup;
}
if ( cfg_apc && (NULL == (tr_find_comm_idp(cfg_apc, fwd_req->realm)))) {
tr_notice("tr_tids_req_handler: IDP Realm (%s) not member of APC (%s).", orig_req->realm->buf, orig_req->comm->buf);
tids_send_err_response(tids, orig_req, "IDP APC membership error");
- return -1;
+ retval=-1;
+ goto cleanup;
}
}
if (NULL == (tidc = tidc_create())) {
tr_crit("tr_tids_req_hander: Unable to allocate TIDC instance.");
tids_send_err_response(tids, orig_req, "Memory allocation failure");
- return -1;
+ retval=-1;
+ goto cleanup;
}
/* Use the DH parameters from the original request */
/* TBD -- this needs to be fixed when we handle more than one req per conn */
&(fwd_req->gssctx)))) {
tr_notice("tr_tids_req_handler: Error in tidc_open_connection.");
tids_send_err_response(tids, orig_req, "Can't open connection to next hop TIDS");
- return -1;
+ retval=-1;
+ goto cleanup;
};
/* Send a TID request */
if (0 > (rc = tidc_fwd_request(tidc, fwd_req, &tr_tidc_resp_handler, (void *)&resp_cookie))) {
tr_notice("Error from tidc_fwd_request, rc = %d.", rc);
tids_send_err_response(tids, orig_req, "Can't forward request to next hop TIDS");
- tid_req_free(orig_req);
- return -1;
+ retval=-1;
+ goto cleanup;
}
- tid_req_free(orig_req);
- return 0;
+cleanup:
+ talloc_free(tmp_ctx);
+ return retval;
}
static int tr_tids_gss_handler(gss_name_t client_name, TR_NAME *gss_name,
-#include <stdio.h> /* TODO: remove this --jlr */
+#include <stdio.h>
#include <pthread.h>
#include <fcntl.h>
#include <event2/event.h>
TR_NAME *gssname=(TR_NAME *)tr_mq_msg_get_payload(msg);
TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname);
if (peer==NULL)
- tr_err("tr_trps_process_mq: incoming connection to unknown peer (%s) reported.", gssname->buf);
+ tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) reported.", gssname->buf);
else {
trp_peer_set_incoming_status(peer, PEER_CONNECTED);
- tr_err("tr_trps_process_mq: incoming connection to %s established.", gssname->buf);
+ tr_err("tr_trps_process_mq: incoming connection from %s established.", gssname->buf);
}
}
else if (0==strcmp(s, TR_MQMSG_TRPS_DISCONNECTED)) {
TR_NAME *gssname=trp_connection_get_gssname(conn);
TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname);
if (peer==NULL) {
- tr_err("tr_trps_process_mq: disconnection of unknown peer (%s) reported.",
+ tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) lost.",
trp_connection_get_gssname(conn)->buf);
} else {
trp_peer_set_incoming_status(peer, PEER_DISCONNECTED);
tr_trps_cleanup_conn(trps, conn);
- tr_err("tr_trps_process_mq: incoming connection to %s lost.", gssname->buf);
+ tr_err("tr_trps_process_mq: incoming connection from %s lost.", gssname->buf);
}
}
else if (0==strcmp(s, TR_MQMSG_TRPC_CONNECTED)) {
TR_NAME *svcname=(TR_NAME *)tr_mq_msg_get_payload(msg);
TRP_PEER *peer=trps_get_peer_by_servicename(trps, svcname);
if (peer==NULL)
- tr_err("tr_trps_process_mq: connection to unknown peer (%s) reported.", svcname->buf);
+ tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) reported.", svcname->buf);
else {
trp_peer_set_outgoing_status(peer, PEER_CONNECTED);
tr_err("tr_trps_process_mq: outgoing connection to %s established.", svcname->buf);
/* trpc connection died */
TRPC_INSTANCE *trpc=talloc_get_type_abort(tr_mq_msg_get_payload(msg), TRPC_INSTANCE);
TR_NAME *gssname=trpc_get_gssname(trpc);
- TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname);
+ TRP_PEER *peer=trps_get_peer_by_servicename(trps, gssname);
if (peer==NULL)
- tr_err("tr_trps_process_mq: disconnection of unknown peer (%s) reported.", gssname->buf);
+ tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) lost.", gssname->buf);
else {
trp_peer_set_outgoing_status(peer, PEER_DISCONNECTED);
tr_err("tr_trps_process_mq: outgoing connection to %s lost.", gssname->buf);
size_t *n_routes)
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
- TR_APC *apc=NULL;
+ TR_APC *comm=NULL;
TRP_ROUTE *new_entry=NULL;
TRP_ROUTE **entries=NULL;
- size_t n_apcs=0, ii=0;
+ size_t n_comms=0, ii=0;
*n_routes=0;
if ((realm==NULL) || (realm->origin!=TR_REALM_LOCAL))
goto cleanup;
- /* count apcs */
- for (apc=realm->apcs, n_apcs=0; apc!=NULL; apc=apc->next,n_apcs++) {}
+ /* count comms */
+ for (comm=realm->apcs, n_comms=0; comm!=NULL; comm=comm->next,n_comms++) {}
- entries=talloc_array(tmp_ctx, TRP_ROUTE *, n_apcs);
- for (apc=realm->apcs,ii=0; apc!=NULL; apc=apc->next, ii++) {
+ entries=talloc_array(tmp_ctx, TRP_ROUTE *, n_comms);
+ for (comm=realm->apcs,ii=0; comm!=NULL; comm=comm->next, ii++) {
new_entry=trp_route_new(entries);
if (new_entry==NULL) {
tr_crit("tr_make_local_routes: unable to allocate entry.");
talloc_free(entries);
goto cleanup;
}
- trp_route_set_apc(new_entry, tr_dup_name(apc->id));
+ trp_route_set_comm(new_entry, tr_dup_name(comm->id));
trp_route_set_realm(new_entry, tr_dup_name(realm->realm_id));
trp_route_set_peer(new_entry, tr_new_name("")); /* no peer, it's us */
trp_route_set_metric(new_entry, 0);
}
talloc_steal(mem_ctx, entries);
- *n_routes=n_apcs;
+ *n_routes=n_comms;
cleanup:
talloc_free(tmp_ctx);
return entries;
trpc_set_conn(trpc, conn);
trpc_set_server(trpc, talloc_strdup(trpc, trp_peer_get_server(peer)));
trpc_set_port(trpc, trp_peer_get_port(peer));
- trpc_set_gssname(trpc, trp_peer_dup_gssname(peer));
+ trpc_set_gssname(trpc, trp_peer_dup_servicename(peer));
tr_debug("tr_trpc_initiate: allocated connection");
/* start thread */
static int trp_route_destructor(void *obj)
{
TRP_ROUTE *entry=talloc_get_type_abort(obj, TRP_ROUTE);
- if (entry->apc!=NULL)
- tr_free_name(entry->apc);
+ if (entry->comm!=NULL)
+ tr_free_name(entry->comm);
if (entry->realm!=NULL)
tr_free_name(entry->realm);
if (entry->trust_router!=NULL)
{
TRP_ROUTE *entry=talloc(mem_ctx, TRP_ROUTE);
if (entry!=NULL) {
- entry->apc=NULL;
+ entry->comm=NULL;
entry->realm=NULL;
entry->trust_router=NULL;
entry->peer=NULL;
talloc_free(entry);
}
-void trp_route_set_apc(TRP_ROUTE *entry, TR_NAME *apc)
+void trp_route_set_comm(TRP_ROUTE *entry, TR_NAME *comm)
{
- if (entry->apc!=NULL)
- tr_free_name(entry->apc);
- entry->apc=apc;
+ if (entry->comm!=NULL)
+ tr_free_name(entry->comm);
+ entry->comm=comm;
}
-TR_NAME *trp_route_get_apc(TRP_ROUTE *entry)
+TR_NAME *trp_route_get_comm(TRP_ROUTE *entry)
{
- return entry->apc;
+ return entry->comm;
}
-TR_NAME *trp_route_dup_apc(TRP_ROUTE *entry)
+TR_NAME *trp_route_dup_comm(TRP_ROUTE *entry)
{
- return tr_dup_name(trp_route_get_apc(entry));
+ return tr_dup_name(trp_route_get_comm(entry));
}
void trp_route_set_realm(TRP_ROUTE *entry, TR_NAME *realm)
return equal;
}
-/* free a value to the top level rtable (a hash of all entries in the apc) */
+/* free a value to the top level rtable (a hash of all entries in the comm) */
static void trp_rtable_destroy_table(gpointer data)
{
g_hash_table_destroy(data);
void trp_rtable_add(TRP_RTABLE *rtbl, TRP_ROUTE *entry)
{
- GHashTable *apc_tbl=NULL;
+ GHashTable *comm_tbl=NULL;
GHashTable *realm_tbl=NULL;
- apc_tbl=trp_rtbl_get_or_add_table(rtbl, entry->apc, trp_rtable_destroy_table);
- realm_tbl=trp_rtbl_get_or_add_table(apc_tbl, entry->realm, trp_rtable_destroy_rentry);
+ comm_tbl=trp_rtbl_get_or_add_table(rtbl, entry->comm, trp_rtable_destroy_table);
+ realm_tbl=trp_rtbl_get_or_add_table(comm_tbl, entry->realm, trp_rtable_destroy_rentry);
g_hash_table_insert(realm_tbl, tr_dup_name(entry->peer), entry); /* destroys and replaces a duplicate */
/* the route entry should not belong to any context, we will manage it ourselves */
talloc_steal(NULL, entry);
/* note: the entry pointer passed in is invalid after calling this because the entry is freed */
void trp_rtable_remove(TRP_RTABLE *rtbl, TRP_ROUTE *entry)
{
- GHashTable *apc_tbl=NULL;
+ GHashTable *comm_tbl=NULL;
GHashTable *realm_tbl=NULL;
- apc_tbl=g_hash_table_lookup(rtbl, entry->apc);
- if (apc_tbl==NULL)
+ comm_tbl=g_hash_table_lookup(rtbl, entry->comm);
+ if (comm_tbl==NULL)
return;
- realm_tbl=g_hash_table_lookup(apc_tbl, entry->realm);
+ realm_tbl=g_hash_table_lookup(comm_tbl, entry->realm);
if (realm_tbl==NULL)
return;
g_hash_table_remove(realm_tbl, entry->peer);
/* if that was the last entry in the realm, remove the realm table */
if (g_hash_table_size(realm_tbl)==0)
- g_hash_table_remove(apc_tbl, entry->realm);
- /* if that was the last realm in the apc, remove the apc table */
- if (g_hash_table_size(apc_tbl)==0)
- g_hash_table_remove(rtbl, entry->apc);
+ g_hash_table_remove(comm_tbl, entry->realm);
+ /* if that was the last realm in the comm, remove the comm table */
+ if (g_hash_table_size(comm_tbl)==0)
+ g_hash_table_remove(rtbl, entry->comm);
}
void trp_rtable_clear(TRP_RTABLE *rtbl)
}
/* gets the actual hash table, for internal use only */
-static GHashTable *trp_rtable_get_apc_table(TRP_RTABLE *rtbl, TR_NAME *apc)
+static GHashTable *trp_rtable_get_comm_table(TRP_RTABLE *rtbl, TR_NAME *comm)
{
- return g_hash_table_lookup(rtbl, apc);
+ return g_hash_table_lookup(rtbl, comm);
}
/* gets the actual hash table, for internal use only */
-static GHashTable *trp_rtable_get_realm_table(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm)
+static GHashTable *trp_rtable_get_realm_table(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm)
{
- GHashTable *apc_tbl=trp_rtable_get_apc_table(rtbl, apc);
- if (apc_tbl==NULL)
+ GHashTable *comm_tbl=trp_rtable_get_comm_table(rtbl, comm);
+ if (comm_tbl==NULL)
return NULL;
else
- return g_hash_table_lookup(apc_tbl, realm);
+ return g_hash_table_lookup(comm_tbl, realm);
}
struct table_size_cookie {
static void trp_rtable_size_helper(gpointer key, gpointer value, gpointer user_data)
{
struct table_size_cookie *data=(struct table_size_cookie *)user_data;
- data->size += trp_rtable_apc_size(data->rtbl, (TR_NAME *)key);
+ data->size += trp_rtable_comm_size(data->rtbl, (TR_NAME *)key);
};
size_t trp_rtable_size(TRP_RTABLE *rtbl)
{
return data.size;
}
-struct table_apc_size_cookie {
- TR_NAME *apc;
+struct table_comm_size_cookie {
+ TR_NAME *comm;
TRP_RTABLE *rtbl;
size_t size;
};
-static void table_apc_size_helper(gpointer key, gpointer value, gpointer user_data)
+static void table_comm_size_helper(gpointer key, gpointer value, gpointer user_data)
{
- struct table_apc_size_cookie *data=(struct table_apc_size_cookie *)user_data;
- data->size += trp_rtable_realm_size(data->rtbl, data->apc, (TR_NAME *)key);
+ struct table_comm_size_cookie *data=(struct table_comm_size_cookie *)user_data;
+ data->size += trp_rtable_realm_size(data->rtbl, data->comm, (TR_NAME *)key);
}
-size_t trp_rtable_apc_size(TRP_RTABLE *rtbl, TR_NAME *apc)
+size_t trp_rtable_comm_size(TRP_RTABLE *rtbl, TR_NAME *comm)
{
- struct table_apc_size_cookie data={apc, rtbl, 0};
- GHashTable *apc_tbl=trp_rtable_get_apc_table(rtbl, apc);
- if (apc_tbl==NULL)
+ struct table_comm_size_cookie data={comm, rtbl, 0};
+ GHashTable *comm_tbl=trp_rtable_get_comm_table(rtbl, comm);
+ if (comm_tbl==NULL)
return 0;;
- g_hash_table_foreach(apc_tbl, table_apc_size_helper, &data);
+ g_hash_table_foreach(comm_tbl, table_comm_size_helper, &data);
return data.size;
}
-size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm)
+size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm)
{
- GHashTable *realm_tbl=trp_rtable_get_realm_table(rtbl, apc, realm);
+ GHashTable *realm_tbl=trp_rtable_get_realm_table(rtbl, comm, realm);
if (realm_tbl==NULL)
return 0;
else
return g_hash_table_size(g_hash_table_lookup(
- g_hash_table_lookup(rtbl, apc),
+ g_hash_table_lookup(rtbl, comm),
realm));
}
TRP_ROUTE **trp_rtable_get_entries(TRP_RTABLE *rtbl, size_t *n_out)
{
TRP_ROUTE **ret=NULL;
- TR_NAME **apc=NULL;
- size_t n_apc=0;
- TRP_ROUTE **apc_entries=NULL;
+ TR_NAME **comm=NULL;
+ size_t n_comm=0;
+ TRP_ROUTE **comm_entries=NULL;
size_t n_entries=0;
size_t ii_ret=0;
}
ii_ret=0; /* counts output entries */
- apc=trp_rtable_get_apcs(rtbl, &n_apc);
- while(n_apc--) {
- apc_entries=trp_rtable_get_apc_entries(rtbl, apc[n_apc], &n_entries);
+ comm=trp_rtable_get_comms(rtbl, &n_comm);
+ while(n_comm--) {
+ comm_entries=trp_rtable_get_comm_entries(rtbl, comm[n_comm], &n_entries);
while (n_entries--)
- ret[ii_ret++]=apc_entries[n_entries];
- talloc_free(apc_entries);
+ ret[ii_ret++]=comm_entries[n_entries];
+ talloc_free(comm_entries);
}
- talloc_free(apc);
+ talloc_free(comm);
if (ii_ret!=*n_out) {
tr_crit("trp_rtable_get_entries: found incorrect number of entries.");
/* Returns an array of pointers to TR_NAME, length of array in n_out.
* Caller must free the array (in the talloc NULL context). */
-TR_NAME **trp_rtable_get_apcs(TRP_RTABLE *rtbl, size_t *n_out)
+TR_NAME **trp_rtable_get_comms(TRP_RTABLE *rtbl, size_t *n_out)
{
- size_t len=g_hash_table_size(rtbl); /* known apcs are keys in top level hash table */
+ size_t len=g_hash_table_size(rtbl); /* known comms are keys in top level hash table */
size_t ii=0;
- GList *apcs=NULL;;
+ GList *comms=NULL;;
GList *p=NULL;
TR_NAME **ret=NULL;
ret=talloc_array(NULL, TR_NAME *, len);
if (ret==NULL) {
- tr_crit("trp_rtable_get_apcs: unable to allocate return array.");
+ tr_crit("trp_rtable_get_comms: unable to allocate return array.");
*n_out=0;
return NULL;
}
- apcs=g_hash_table_get_keys(rtbl);
- for (ii=0,p=apcs; p!=NULL; ii++,p=g_list_next(p))
+ comms=g_hash_table_get_keys(rtbl);
+ for (ii=0,p=comms; p!=NULL; ii++,p=g_list_next(p))
ret[ii]=(TR_NAME *)p->data;
- g_list_free(apcs);
+ g_list_free(comms);
*n_out=len;
return ret;
/* Returns an array of pointers to TR_NAME, length of array in n_out.
* Caller must free the array (in the talloc NULL context). */
-TR_NAME **trp_rtable_get_apc_realms(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out)
+TR_NAME **trp_rtable_get_comm_realms(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out)
{
size_t ii=0;
- TRP_RTABLE *apc_tbl=g_hash_table_lookup(rtbl, apc);;
+ TRP_RTABLE *comm_tbl=g_hash_table_lookup(rtbl, comm);;
GList *entries=NULL;
GList *p=NULL;
TR_NAME **ret=NULL;
- if (apc_tbl==NULL) {
+ if (comm_tbl==NULL) {
*n_out=0;
return NULL;
}
- *n_out=g_hash_table_size(apc_tbl); /* set output length */
+ *n_out=g_hash_table_size(comm_tbl); /* set output length */
ret=talloc_array(NULL, TR_NAME *, *n_out);
- entries=g_hash_table_get_keys(apc_tbl);
+ entries=g_hash_table_get_keys(comm_tbl);
for (ii=0,p=entries; p!=NULL; ii++,p=g_list_next(p))
ret[ii]=(TR_NAME *)p->data;
return ret;
}
-/* Get all entries in an apc. Returns an array of pointers in NULL talloc context.
+/* Get all entries in an comm. Returns an array of pointers in NULL talloc context.
* Caller must free this list with talloc_free, but must not free the entries in the
* list.. */
-TRP_ROUTE **trp_rtable_get_apc_entries(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out)
+TRP_ROUTE **trp_rtable_get_comm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out)
{
size_t ii=0, jj=0;
TR_NAME **realm=NULL;
TRP_ROUTE **ret=NULL;
size_t ii_ret=0;
- *n_out=trp_rtable_apc_size(rtbl, apc);
+ *n_out=trp_rtable_comm_size(rtbl, comm);
if (*n_out==0)
return NULL;
ret=talloc_array(NULL, TRP_ROUTE *, *n_out);
if (ret==NULL) {
- tr_crit("trp_rtable_get_apc_entries: could not allocate return array.");
+ tr_crit("trp_rtable_get_comm_entries: could not allocate return array.");
*n_out=0;
return NULL;
}
ii_ret=0; /* counts entries in the output array */
- realm=trp_rtable_get_apc_realms(rtbl, apc, &n_realms);
+ realm=trp_rtable_get_comm_realms(rtbl, comm, &n_realms);
for (ii=0; ii<n_realms; ii++) {
- realm_entries=trp_rtable_get_realm_entries(rtbl, apc, realm[ii], &n_entries);
+ realm_entries=trp_rtable_get_realm_entries(rtbl, comm, realm[ii], &n_entries);
for (jj=0; jj<n_entries; jj++)
ret[ii_ret++]=realm_entries[jj];
talloc_free(realm_entries);
talloc_free(realm);
if (ii_ret!=*n_out) {
- tr_crit("trp_rtable_get_apc_entries: found incorrect number of entries.");
+ tr_crit("trp_rtable_get_comm_entries: found incorrect number of entries.");
talloc_free(ret);
*n_out=0;
return NULL;
return ret;
}
-/* Get all entries in an apc/realm. Returns an array of pointers in NULL talloc context.
+/* Get all entries in an comm/realm. Returns an array of pointers in NULL talloc context.
* Caller must free this list with talloc_free, but must not free the entries in the
* list.. */
-TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, size_t *n_out)
+TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, size_t *n_out)
{
size_t ii=0;
TRP_ROUTE **ret=NULL;
TR_NAME **peer=NULL;
- peer=trp_rtable_get_apc_realm_peers(rtbl, apc, realm, n_out);
+ peer=trp_rtable_get_comm_realm_peers(rtbl, comm, realm, n_out);
ret=talloc_array(NULL, TRP_ROUTE *, *n_out);
if (ret==NULL) {
tr_crit("trp_rtable_get_realm_entries: could not allocate return array.");
return NULL;
}
for (ii=0; ii<*n_out; ii++)
- ret[ii]=trp_rtable_get_entry(rtbl, apc, realm, peer[ii]);
+ ret[ii]=trp_rtable_get_entry(rtbl, comm, realm, peer[ii]);
talloc_free(peer);
return ret;
}
-TR_NAME **trp_rtable_get_apc_realm_peers(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, size_t *n_out)
+TR_NAME **trp_rtable_get_comm_realm_peers(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, size_t *n_out)
{
TR_NAME **ret=NULL;
GHashTable *realm_tbl=NULL;
GList *p=NULL;
size_t ii=0;
- *n_out=trp_rtable_realm_size(rtbl, apc, realm);
+ *n_out=trp_rtable_realm_size(rtbl, comm, realm);
if (*n_out==0)
return NULL;
- realm_tbl=trp_rtable_get_realm_table(rtbl, apc, realm);
+ realm_tbl=trp_rtable_get_realm_table(rtbl, comm, realm);
ret=talloc_array(NULL, TR_NAME *, *n_out);
if (ret==NULL) {
- tr_crit("trp_rtable_get_apc_realm_peers: could not allocate return array.");
+ tr_crit("trp_rtable_get_comm_realm_peers: could not allocate return array.");
*n_out=0;
return NULL;
}
}
/* Gets a single entry. Do not free it. */
-TRP_ROUTE *trp_rtable_get_entry(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, TR_NAME *peer)
+TRP_ROUTE *trp_rtable_get_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, TR_NAME *peer)
{
GHashTable *realm_tbl=NULL;
- realm_tbl=trp_rtable_get_realm_table(rtbl, apc, realm);
+ realm_tbl=trp_rtable_get_realm_table(rtbl, comm, realm);
if (realm_tbl==NULL)
return NULL;
return s;
}
-TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm)
+TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm)
{
size_t n=0;
- TRP_ROUTE **entry=trp_rtable_get_realm_entries(rtbl, apc, realm, &n);
+ TRP_ROUTE **entry=trp_rtable_get_realm_entries(rtbl, comm, realm, &n);
TRP_ROUTE *selected=NULL;
if (n==0)
* returns comma+space separated string. */
char *trp_route_to_str(TALLOC_CTX *mem_ctx, TRP_ROUTE *entry, const char *sep)
{
- char *apc=tr_name_strdup(entry->apc);
+ char *comm=tr_name_strdup(entry->comm);
char *realm=tr_name_strdup(entry->realm);
char *peer=tr_name_strdup(entry->peer);
char *trust_router=tr_name_strdup(entry->trust_router);
result=talloc_asprintf(mem_ctx,
"%s%s%s%s%s%s%u%s%s%s%s%s%u%s%u%s%s%s%u",
- apc, sep,
+ comm, sep,
realm, sep,
peer, sep,
entry->metric, sep,
entry->local, sep,
expiry, sep,
entry->triggered);
- free(apc);
+ free(comm);
free(realm);
free(peer);
free(trust_router);
char *trp_rtable_to_str(TALLOC_CTX *mem_ctx, TRP_RTABLE *rtbl, const char *sep, const char *lineterm)
{
TALLOC_CTX *tmp_ctx=talloc_new(NULL);
- TR_NAME **apcs=NULL;
- size_t n_apcs=0;
+ TR_NAME **comms=NULL;
+ size_t n_comms=0;
TR_NAME **realms=NULL;
size_t n_realms=0;
TRP_ROUTE **entries=NULL;
goto cleanup;
}
- apcs=trp_rtable_get_apcs(rtbl, &n_apcs);
- talloc_steal(tmp_ctx, apcs);
- sort_tr_names(apcs, n_apcs);
+ comms=trp_rtable_get_comms(rtbl, &n_comms);
+ talloc_steal(tmp_ctx, comms);
+ sort_tr_names(comms, n_comms);
ii_tbl=0;
len=0;
- for (ii=0; ii<n_apcs; ii++) {
- realms=trp_rtable_get_apc_realms(rtbl, apcs[ii], &n_realms);
+ for (ii=0; ii<n_comms; ii++) {
+ realms=trp_rtable_get_comm_realms(rtbl, comms[ii], &n_realms);
talloc_steal(tmp_ctx, realms);
sort_tr_names(realms, n_realms);
for (jj=0; jj<n_realms; jj++) {
- entries=trp_rtable_get_realm_entries(rtbl, apcs[ii], realms[jj], &n_entries);
+ entries=trp_rtable_get_realm_entries(rtbl, comms[ii], realms[jj], &n_entries);
talloc_steal(tmp_ctx, entries);
for (kk=0; kk<n_entries; kk++) {
tbl_strings[ii_tbl]=trp_route_to_str(tmp_ctx, entries[kk], sep);
}
talloc_free(realms);
}
- talloc_free(apcs);
+ talloc_free(comms);
/* now combine all the strings */
len += tbl_size*strlen(lineterm); /* space for line terminations*/
return upd->peer;
}
+TR_NAME *trp_upd_dup_peer(TRP_UPD *upd)
+{
+ return tr_dup_name(upd->peer);
+}
+
void trp_upd_set_peer(TRP_UPD *upd, TR_NAME *peer)
{
TRP_INFOREC *rec=NULL;
return TRP_ERROR;
}
- tr_debug("trps_read_message(): Request Received, %u bytes.", (unsigned) buflen);
+ tr_debug("trps_read_message(): message received, %u bytes.", (unsigned) buflen);
tr_debug("trps_read_message(): %.*s", buflen, buf);
*msg=tr_msg_decode(buf, buflen);
return ts;
}
-static TRP_RC trps_accept_update(TRPS_INSTANCE *trps, TRP_INFOREC *rec)
+static TRP_RC trps_accept_update(TRPS_INSTANCE *trps, TRP_UPD *upd, TRP_INFOREC *rec)
{
TRP_ROUTE *entry=NULL;
return TRP_NOMEM;
}
- trp_route_set_apc(entry, tr_dup_name(trp_inforec_get_comm(rec)));
- trp_route_set_realm(entry, tr_dup_name(trp_inforec_get_realm(rec)));
- trp_route_set_peer(entry, tr_dup_name(trp_inforec_get_next_hop(rec)));
- trp_route_set_trust_router(entry, tr_dup_name(trp_inforec_get_trust_router(rec)));
- trp_route_set_next_hop(entry, tr_dup_name(trp_inforec_get_next_hop(rec)));
- if ((trp_route_get_apc(entry)==NULL)
+ trp_route_set_comm(entry, trp_inforec_dup_comm(rec));
+ trp_route_set_realm(entry, trp_inforec_dup_realm(rec));
+ trp_route_set_peer(entry, trp_upd_dup_peer(upd));
+ trp_route_set_trust_router(entry, trp_inforec_dup_trust_router(rec));
+ trp_route_set_next_hop(entry, trp_inforec_dup_next_hop(rec));
+ if ((trp_route_get_comm(entry)==NULL)
||(trp_route_get_realm(entry)==NULL)
||(trp_route_get_peer(entry)==NULL)
||(trp_route_get_trust_router(entry)==NULL)
route=trps_get_route(trps,
trp_inforec_get_comm(rec),
trp_inforec_get_realm(rec),
- trp_inforec_get_next_hop(rec));
+ trp_upd_get_peer(upd));
if (route!=NULL) {
/* there was a route table entry already */
tr_debug("trps_handle_updates: route entry already exists.");
if (feas) {
/* Update is feasible. Accept it. */
- trps_accept_update(trps, rec);
+ trps_accept_update(trps, upd, rec);
} else {
/* Update is infeasible. Ignore it unless the trust router has changed. */
if (0!=tr_name_cmp(trp_route_get_trust_router(route),
/* No existing route table entry. Ignore it unless it is feasible and not a retraction. */
tr_debug("trps_handle_update: no route entry exists yet.");
if (feas && trp_metric_is_finite(trp_inforec_get_metric(rec)))
- trps_accept_update(trps, rec);
+ trps_accept_update(trps, upd, rec);
}
}
return TRP_SUCCESS;
* to avoid flapping between routers or routes. */
TRP_RC trps_update_active_routes(TRPS_INSTANCE *trps)
{
- size_t n_apc=0, ii=0;
- TR_NAME **apc=trp_rtable_get_apcs(trps->rtable, &n_apc);
+ size_t n_comm=0, ii=0;
+ TR_NAME **comm=trp_rtable_get_comms(trps->rtable, &n_comm);
size_t n_realm=0, jj=0;
TR_NAME **realm=NULL;
TRP_ROUTE *best_route=NULL, *cur_route=NULL;
unsigned int best_metric=0, cur_metric=0;
- for (ii=0; ii<n_apc; ii++) {
- realm=trp_rtable_get_apc_realms(trps->rtable, apc[ii], &n_realm);
+ for (ii=0; ii<n_comm; ii++) {
+ realm=trp_rtable_get_comm_realms(trps->rtable, comm[ii], &n_realm);
for (jj=0; jj<n_realm; jj++) {
- best_route=trps_find_best_route(trps, apc[ii], realm[jj], NULL);
+ best_route=trps_find_best_route(trps, comm[ii], realm[jj], NULL);
if (best_route==NULL)
best_metric=TRP_METRIC_INFINITY;
else
best_metric=trp_route_get_metric(best_route);
- cur_route=trps_get_selected_route(trps, apc[ii], realm[jj]);
+ cur_route=trps_get_selected_route(trps, comm[ii], realm[jj]);
if (cur_route!=NULL) {
cur_metric=trp_route_get_metric(cur_route);
if ((best_metric < cur_metric) && (trp_metric_is_finite(best_metric))) {
talloc_free(realm);
realm=NULL; n_realm=0;
}
- if (apc!=NULL)
- talloc_free(apc);
- apc=NULL; n_apc=0;
+ if (comm!=NULL)
+ talloc_free(comm);
+ comm=NULL; n_comm=0;
return TRP_SUCCESS;
}
int triggered,
size_t *n_update)
{
- size_t n_apc=0;
- TR_NAME **apc=trp_rtable_get_apcs(trps->rtable, &n_apc);
+ size_t n_comm=0;
+ TR_NAME **comm=trp_rtable_get_comms(trps->rtable, &n_comm);
TR_NAME **realm=NULL;
size_t n_realm=0;
size_t ii=0, jj=0;
* unlikely to be significant in the near future. */
result=talloc_array(memctx, TRP_ROUTE *, trp_rtable_size(trps->rtable));
if (result==NULL) {
- talloc_free(apc);
+ talloc_free(comm);
*n_update=0;
return NULL;
}
- for (ii=0; ii<n_apc; ii++) {
- realm=trp_rtable_get_apc_realms(trps->rtable, apc[ii], &n_realm);
+ for (ii=0; ii<n_comm; ii++) {
+ realm=trp_rtable_get_comm_realms(trps->rtable, comm[ii], &n_realm);
for (jj=0; jj<n_realm; jj++) {
- best=trps_select_realm_update(trps, apc[ii], realm[jj], peer_gssname);
+ best=trps_select_realm_update(trps, comm[ii], realm[jj], peer_gssname);
/* If we found a route, add it to the list. If triggered!=0, then only
* add triggered routes. */
if ((best!=NULL) && ((!triggered) || trp_route_is_triggered(best)))
realm=NULL;
n_realm=0;
}
- if (apc!=NULL)
- talloc_free(apc);
+ if (comm!=NULL)
+ talloc_free(comm);
*n_update=n_used;
return result;
linkcost=0;
else {
linkcost=trp_peer_get_linkcost(trps_get_peer_by_gssname(trps,
- trp_route_get_next_hop(route)));
+ trp_route_get_peer(route)));
}
/* Note that we leave the next hop empty since the recipient fills that in.
* This is where we add the link cost (currently always 1) to the next peer. */
- if ((trp_inforec_set_comm(rec, trp_route_dup_apc(route)) != TRP_SUCCESS)
+ if ((trp_inforec_set_comm(rec, trp_route_dup_comm(route)) != TRP_SUCCESS)
||(trp_inforec_set_realm(rec, trp_route_dup_realm(route)) != TRP_SUCCESS)
||(trp_inforec_set_trust_router(rec, trp_route_dup_trust_router(route)) != TRP_SUCCESS)
||(trp_inforec_set_metric(rec,
/* we have no actual update to send back, MUST send a retraction */
tr_debug("trps_update_one_peer: community/realm without route requested, sending mandatory retraction.");
*update_list=trp_route_new(update_list);
- trp_route_set_apc(*update_list, tr_dup_name(comm));
+ trp_route_set_comm(*update_list, tr_dup_name(comm));
trp_route_set_realm(*update_list, tr_dup_name(realm));
trp_route_set_peer(*update_list, tr_new_name(""));
trp_route_set_metric(*update_list, TRP_METRIC_INFINITY);
projects / trust_router.git / commitdiff