}
/* Hand off the request for processing and get the response */
- resp_msg = req_cb(tmp_ctx, req_msg, req_cookie);
+ rc = req_cb(tmp_ctx, req_msg, &resp_msg, req_cookie);
+ if (rc != TR_GSS_SUCCESS)
+ goto cleanup;
if (resp_msg == NULL) {
// no response, clean up
// System statistics
OPT_TYPE_SHOW_UPTIME,
- OPT_TYPE_SHOW_TID_REQ_COUNT,
- OPT_TYPE_SHOW_TID_REQ_ERR_COUNT,
- OPT_TYPE_SHOW_TID_REQ_PENDING,
+ OPT_TYPE_SHOW_TID_REQS_PROCESSED,
+ OPT_TYPE_SHOW_TID_REQS_FAILED,
+ OPT_TYPE_SHOW_TID_ERROR_COUNT,
+ OPT_TYPE_SHOW_TID_REQS_PENDING,
// Dynamic trust router state
OPT_TYPE_SHOW_ROUTES,
};
struct tids_instance {
- int req_count;
- int error_count;
+ int req_count; /* successful requests */
+ int req_error_count; /* unsuccessful requests */
+ int error_count; /* invalid requests or internal errors */
char *priv_key;
char *ipaddr;
const char *hostname;
#include <tr_msg.h>
typedef int (TR_GSS_AUTH_FN)(gss_name_t, TR_NAME *, void *);
-typedef TR_MSG *(TR_GSS_HANDLE_REQ_FN)(TALLOC_CTX *, TR_MSG *, void *);
+typedef enum tr_gss_rc (TR_GSS_HANDLE_REQ_FN)(TALLOC_CTX *, TR_MSG *, TR_MSG **, void *);
typedef enum tr_gss_rc {
TR_GSS_SUCCESS = 0, /* success */
+ TR_GSS_AUTH_FAILED, /* authorization failed */
+ TR_GSS_REQUEST_FAILED, /* request failed */
+ TR_GSS_INTERNAL_ERROR, /* internal error (memory allocation, etc) */
TR_GSS_ERROR, /* unspecified error */
} TR_GSS_RC;
case OPT_TYPE_SHOW_UPTIME:
return "uptime";
- case OPT_TYPE_SHOW_TID_REQ_COUNT:
+ case OPT_TYPE_SHOW_TID_REQS_PROCESSED:
return "tid_reqs_processed";
- case OPT_TYPE_SHOW_TID_REQ_ERR_COUNT:
+ case OPT_TYPE_SHOW_TID_REQS_FAILED:
+ return "tid_reqs_failed";
+
+ case OPT_TYPE_SHOW_TID_ERROR_COUNT:
return "tid_error_count";
- case OPT_TYPE_SHOW_TID_REQ_PENDING:
+ case OPT_TYPE_SHOW_TID_REQS_PENDING:
return "tid_reqs_pending";
case OPT_TYPE_SHOW_ROUTES:
return_if_matches(s, OPT_TYPE_SHOW_VERSION);
return_if_matches(s, OPT_TYPE_SHOW_CONFIG_FILES);
return_if_matches(s, OPT_TYPE_SHOW_UPTIME);
- return_if_matches(s, OPT_TYPE_SHOW_TID_REQ_COUNT);
- return_if_matches(s, OPT_TYPE_SHOW_TID_REQ_ERR_COUNT);
- return_if_matches(s, OPT_TYPE_SHOW_TID_REQ_PENDING);
+ return_if_matches(s, OPT_TYPE_SHOW_TID_REQS_PROCESSED);
+ return_if_matches(s, OPT_TYPE_SHOW_TID_ERROR_COUNT);
+ return_if_matches(s, OPT_TYPE_SHOW_TID_REQS_PENDING);
return_if_matches(s, OPT_TYPE_SHOW_ROUTES);
return_if_matches(s, OPT_TYPE_SHOW_PEERS);
return_if_matches(s, OPT_TYPE_SHOW_COMMUNITIES);
* @param data pointer to a MONS_INSTANCE
* @return pointer to the response string or null to send no response
*/
-static TR_MSG *mons_req_cb(TALLOC_CTX *mem_ctx, TR_MSG *req_msg, void *data)
+static TR_GSS_RC mons_req_cb(TALLOC_CTX *mem_ctx, TR_MSG *req_msg, TR_MSG **resp_msg, void *data)
{
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
MONS_INSTANCE *mons = talloc_get_type_abort(data, MONS_INSTANCE);
MON_REQ *req = NULL;
MON_RESP *resp = NULL;
- TR_MSG *resp_msg = NULL; /* This is the response value */
+ TR_GSS_RC rc = TR_GSS_ERROR;
/* Validate inputs */
if (req_msg == NULL)
}
/* Allocate a response message */
- resp_msg = talloc(tmp_ctx, TR_MSG);
- if (resp_msg == NULL) {
+ *resp_msg = talloc(tmp_ctx, TR_MSG);
+ if (*resp_msg == NULL) {
/* can't return a message, just emit an error */
tr_crit("mons_req_cb: Error allocating response message.");
goto cleanup;
}
/* Handle the request */
- resp = mons_handle_request(resp_msg, mons, req);
+ resp = mons_handle_request(*resp_msg, mons, req);
if (resp == NULL) {
/* error processing the request */
/* TODO send back an error */
}
/* Set the response message payload */
- tr_msg_set_mon_resp(resp_msg, resp);
+ tr_msg_set_mon_resp(*resp_msg, resp);
/* Put the response message in the caller's context so it does not get freed when we exit */
- talloc_steal(mem_ctx, resp_msg);
+ talloc_steal(mem_ctx, *resp_msg);
+ rc = TR_GSS_SUCCESS;
cleanup:
talloc_free(tmp_ctx);
- return resp_msg;
+ return rc;
}
/**
OPT_TYPE_SHOW_CONFIG_FILES,
OPT_TYPE_SHOW_VERSION,
OPT_TYPE_SHOW_UPTIME,
- OPT_TYPE_SHOW_TID_REQ_COUNT,
- OPT_TYPE_SHOW_TID_REQ_PENDING,
+ OPT_TYPE_SHOW_TID_REQS_PROCESSED,
+ OPT_TYPE_SHOW_TID_REQS_PENDING,
OPT_TYPE_SHOW_ROUTES,
OPT_TYPE_SHOW_COMMUNITIES,
OPT_TYPE_UNKNOWN // terminator
opts[0] = OPT_TYPE_SHOW_CONFIG_FILES;
opts[1] = OPT_TYPE_SHOW_VERSION;
opts[2] = OPT_TYPE_SHOW_UPTIME;
- opts[3] = OPT_TYPE_SHOW_TID_REQ_COUNT;
- opts[4] = OPT_TYPE_SHOW_TID_REQ_PENDING;
+ opts[3] = OPT_TYPE_SHOW_TID_REQS_PROCESSED;
+ opts[4] = OPT_TYPE_SHOW_TID_REQS_PENDING;
opts[5] = OPT_TYPE_SHOW_ROUTES;
opts[6] = OPT_TYPE_SHOW_COMMUNITIES;
opts[7] = OPT_TYPE_UNKNOWN;
mon_opt_type_to_string(OPT_TYPE_SHOW_CONFIG_FILES),
json_integer(86400)));
assert(! json_object_set_new(payload,
- mon_opt_type_to_string(OPT_TYPE_SHOW_TID_REQ_PENDING),
+ mon_opt_type_to_string(OPT_TYPE_SHOW_TID_REQS_PENDING),
json_integer(13)));
assert(! json_object_set_new(payload,
- mon_opt_type_to_string(OPT_TYPE_SHOW_TID_REQ_COUNT),
+ mon_opt_type_to_string(OPT_TYPE_SHOW_TID_REQS_PROCESSED),
json_integer(1432)));
resp = mon_resp_new(NULL, MON_RESP_SUCCESS, "success", payload);
* @param data pointer to a TIDS_INSTANCE
* @return pointer to the response string or null to send no response
*/
-static TR_MSG *tids_req_cb(TALLOC_CTX *mem_ctx, TR_MSG *mreq, void *data)
+static TR_GSS_RC tids_req_cb(TALLOC_CTX *mem_ctx, TR_MSG *mreq, TR_MSG **mresp, void *data)
{
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
TIDS_INSTANCE *tids = talloc_get_type_abort(data, TIDS_INSTANCE);
TID_REQ *req = NULL;
TID_RESP *resp = NULL;
- TR_MSG *resp_msg = NULL; /* this is the return value */
- int rc = 0;
+ TR_GSS_RC rc = TR_GSS_ERROR;
/* If this isn't a TID Request, just drop it. */
if (mreq->msg_type != TID_REQUEST) {
tr_debug("tids_req_cb: Not a TID request, dropped.");
+ rc = TR_GSS_INTERNAL_ERROR;
goto cleanup;
}
req = tr_msg_get_req(mreq);
/* Allocate a response message */
- resp_msg = talloc(tmp_ctx, TR_MSG);
- if (resp_msg == NULL) {
+ *mresp = talloc(tmp_ctx, TR_MSG);
+ if (*mresp == NULL) {
/* We cannot create a response message, so all we can really do is emit
* an error message and return. */
tr_crit("tids_req_cb: Error allocating response message.");
+ rc = TR_GSS_INTERNAL_ERROR;
goto cleanup;
}
/* Allocate a response structure and populate common fields. Put it in the
* response message's talloc context. */
- resp = tids_create_response(resp_msg, req);
+ resp = tids_create_response(mresp, req);
if (resp == NULL) {
/* If we were unable to create a response, we cannot reply. Log an
* error if we can, then drop the request. */
tr_crit("tids_req_cb: Error creating response structure.");
- resp_msg = NULL; /* the contents are in tmp_ctx, so they will still be cleaned up */
+ *mresp = NULL; /* the contents are in tmp_ctx, so they will still be cleaned up */
+ rc = TR_GSS_INTERNAL_ERROR;
goto cleanup;
}
/* Now officially assign the response to the message. */
- tr_msg_set_resp(resp_msg, resp);
+ tr_msg_set_resp(*mresp, resp);
/* Handle the request and fill in resp */
- rc = tids_handle_request(tids, req, resp);
- if (rc < 0) {
- tr_debug("tids_req_cb: Error from tids_handle_request(), rc = %d.", rc);
+ if (tids_handle_request(tids, req, resp) >= 0)
+ rc = TR_GSS_SUCCESS;
+ else {
+ /* The TID request was an error response */
+ tr_debug("tids_req_cb: Error from tids_handle_request");
+ rc = TR_GSS_REQUEST_FAILED;
/* Fall through, to send the response, either way */
}
/* put the response message in the caller's context */
- talloc_steal(mem_ctx, resp_msg);
+ talloc_steal(mem_ctx, *mresp);
cleanup:
talloc_free(tmp_ctx);
- return resp_msg;
+ return rc;
}
static int tids_destructor(void *object)
* TIDS_MAX_MESSAGE_LEN must be longer than the longest message, including
* null termination (i.e., strlen() + 1) */
#define TIDS_MAX_MESSAGE_LEN (10)
-#define TIDS_SUCCESS_MESSAGE "OK"
-#define TIDS_ERROR_MESSAGE "ERR"
+#define TIDS_SUCCESS_MESSAGE "OK" /* a success message was sent */
+#define TIDS_ERROR_MESSAGE "ERR" /* an error message was sent */
+#define TIDS_REQ_FAIL_MESSAGE "FAIL" /* sending failed */
/**
* Process to handle an incoming TIDS request
response_message = TIDS_SUCCESS_MESSAGE;
break;
+ case TR_GSS_REQUEST_FAILED:
+ response_message = TIDS_ERROR_MESSAGE;
+ break;
+
+ case TR_GSS_INTERNAL_ERROR:
case TR_GSS_ERROR:
default:
- response_message = TIDS_ERROR_MESSAGE;
+ response_message = TIDS_REQ_FAIL_MESSAGE;
break;
}
if ((result_len > 0) && (strcmp(result, TIDS_SUCCESS_MESSAGE) == 0)) {
tids->req_count++;
- tr_info("tids_sweep_procs: TID process %d exited successfully.", tp.pid);
+ tr_info("tids_sweep_procs: TID process %d exited after successful request.", tp.pid);
+ } else if ((result_len > 0) && (strcmp(result, TIDS_ERROR_MESSAGE) == 0)) {
+ tids->req_error_count++;
+ tr_info("tids_sweep_procs: TID process %d exited after unsuccessful request.", tp.pid);
} else {
tids->error_count++;
tr_info("tids_sweep_procs: TID process %d exited with an error.", tp.pid);
#include <mons_handlers.h>
/**
- * Get the count of completed TID requests
+ * Get the count of successfully completed TID requests
*/
static MON_RC handle_show_req_count(void *cookie, json_t **response_ptr)
{
return (*response_ptr == NULL) ? MON_NOMEM : MON_SUCCESS;
}
-static MON_RC handle_show_req_err_count(void *cookie, json_t **response_ptr)
+/**
+ * Get the count of completed TID requests that resulted in error responses
+ */
+static MON_RC handle_show_req_error_count(void *cookie, json_t **response_ptr)
+{
+ TIDS_INSTANCE *tids = talloc_get_type_abort(cookie, TIDS_INSTANCE);
+ *response_ptr = json_integer(tids->req_error_count);
+ return (*response_ptr == NULL) ? MON_NOMEM : MON_SUCCESS;
+}
+
+/**
+ * Get the count of TID requests that could not be completed
+ */
+static MON_RC handle_show_error_count(void *cookie, json_t **response_ptr)
{
TIDS_INSTANCE *tids = talloc_get_type_abort(cookie, TIDS_INSTANCE);
*response_ptr = json_integer(tids->error_count);
void tr_tid_register_mons_handlers(TIDS_INSTANCE *tids, MONS_INSTANCE *mons)
{
mons_register_handler(mons,
- MON_CMD_SHOW, OPT_TYPE_SHOW_TID_REQ_COUNT,
+ MON_CMD_SHOW, OPT_TYPE_SHOW_TID_REQS_PROCESSED,
handle_show_req_count, tids);
mons_register_handler(mons,
- MON_CMD_SHOW, OPT_TYPE_SHOW_TID_REQ_ERR_COUNT,
- handle_show_req_err_count, tids);
+ MON_CMD_SHOW, OPT_TYPE_SHOW_TID_REQS_FAILED,
+ handle_show_req_error_count, tids);
+ mons_register_handler(mons,
+ MON_CMD_SHOW, OPT_TYPE_SHOW_TID_ERROR_COUNT,
+ handle_show_error_count, tids);
mons_register_handler(mons,
- MON_CMD_SHOW, OPT_TYPE_SHOW_TID_REQ_PENDING,
+ MON_CMD_SHOW, OPT_TYPE_SHOW_TID_REQS_PENDING,
handle_show_req_pending, tids);
}
/* doc strings */
static const char doc[] =
PACKAGE_NAME " - Moonshot Trust Router Monitoring Client"
- "\v" /* options list goes here */
- "Supported monitoring commands:\n"
- "\n"
- " show [<option> ...]\n"
- "\n"
- " Show information about the Trust Router's current state.\n"
- "\n"
- " Options:\n"
- " version - current Trust Router software version\n"
- " config_files - currently loaded configuration files\n"
- " uptime - time, in seconds, since the Trust Router launched\n"
- " tid_reqs_processed - number of TID requests successfully processed\n"
- " tid_reqs_pending - number of TID requests currently being processed\n"
- " tid_error_count - number of TID failed connections\n"
- " routes - current TID routing table\n"
- " peers - dynamic Trust Router peer table\n"
- " communities - community table\n"
- " realms - known realm table\n"
- " rp_clients - authorized TID RP clients\n"
- "\n"
- " If no options are specified, data for all options will be retrieved.\n";
+ "\v" /* options list goes here */
+ "Supported monitoring commands:\n"
+ "\n"
+ " show [<option> ...]\n"
+ "\n"
+ " Show information about the Trust Router's current state.\n"
+ "\n"
+ " Options:\n"
+ " version - current Trust Router software version\n"
+ " config_files - currently loaded configuration files\n"
+ " uptime - time, in seconds, since the Trust Router launched\n"
+ " tid_reqs_processed - number of TID requests completed successfully\n"
+ " tid_reqs_failed - number of TID requests completed with errors\n"
+ " tid_reqs_pending - number of TID requests currently being processed\n"
+ " tid_error_count - number of unprocessable TID connections\n"
+ " routes - current TID routing table\n"
+ " peers - dynamic Trust Router peer table\n"
+ " communities - community table\n"
+ " realms - known realm table\n"
+ " rp_clients - authorized TID RP clients\n"
+ "\n"
+ " If no options are specified, data for all options will be retrieved.\n";
static const char arg_doc[]="<server> <port> <command> [<option> ...]"; /* string describing arguments, if any */