From: Margaret Wasserman Date: Wed, 22 Jan 2014 20:05:58 +0000 (-0500) Subject: Added hostname to configuration and example code. X-Git-Tag: 1.3.1~59 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=trust_router.git;a=commitdiff_plain;h=1c8a3c798b2e18612222a5a2a347d8d769cf9613 Added hostname to configuration and example code. --- diff --git a/common/tr_config.c b/common/tr_config.c index 1caa911..f227796 100644 --- a/common/tr_config.c +++ b/common/tr_config.c @@ -66,6 +66,7 @@ TR_CFG_RC tr_apply_new_config (TR_INSTANCE *tr) { static TR_CFG_RC tr_cfg_parse_internal (TR_INSTANCE *tr, json_t *jcfg) { json_t *jint = NULL; json_t *jmtd = NULL; + json_t *jhname = NULL; if ((!tr) || (!tr->new_cfg) || (!jcfg)) return TR_CFG_BAD_PARAMS; @@ -87,16 +88,16 @@ static TR_CFG_RC tr_cfg_parse_internal (TR_INSTANCE *tr, json_t *jcfg) { /* If not configured, use the default */ tr->new_cfg->internal->max_tree_depth = TR_DEFAULT_MAX_TREE_DEPTH; } - if (NULL != (jrname = json_object_get(jint, "realm_name"))) { - if (json_is_string(jrname)) { - tr->new_cfg->internal->realm_name = json_integer_value(jrname); + if (NULL != (jhname = json_object_get(jint, "hostname"))) { + if (json_is_string(jhname)) { + tr->new_cfg->internal->hostname = json_string_value(jhname); } else { - fprintf(stderr,"tr_cfg_parse_internal: Parsing error, realm_name is not a string.\n"); + fprintf(stderr,"tr_cfg_parse_internal: Parsing error, hostname is not a string.\n"); return TR_CFG_NOPARSE; } } else { - fprintf(stderr, "tr_cfg_parse_internal: Parsing error, realm_name is not found.\n"); + fprintf(stderr, "tr_cfg_parse_internal: Parsing error, hostname is not found.\n"); return TR_CFG_NOPARSE; } fprintf(stderr, "tr_cfg_parse_internal: Internal config parsed.\n"); @@ -105,6 +106,7 @@ static TR_CFG_RC tr_cfg_parse_internal (TR_INSTANCE *tr, json_t *jcfg) { else { fprintf(stderr, "tr_cfg_parse_internal: Parsing error, tr_internal configuration section not found.\n"); return TR_CFG_NOPARSE; + } } static TR_FILTER *tr_cfg_parse_one_filter (TR_INSTANCE *tr, json_t *jfilt, TR_CFG_RC *rc) diff --git a/gsscon/test/gsscon_server.c b/gsscon/test/gsscon_server.c index d7d3847..be56372 100644 --- a/gsscon/test/gsscon_server.c +++ b/gsscon/test/gsscon_server.c @@ -132,7 +132,8 @@ int main (int argc, const char *argv[]) int listenFD = -1; gss_ctx_id_t gssContext = GSS_C_NO_CONTEXT; int i = 0; - + gss_buffer_desc nameBuffer = {0, "trustidentity"}; + for (i = 1; (i < argc) && !err; i++) { if ((strcmp (argv[i], "--port") == 0) && (i < (argc - 1))) { port = strtol (argv[++i], NULL, 0); @@ -166,7 +167,7 @@ int main (int argc, const char *argv[]) } printf ("Accepting new connection...\n"); - connectionErr = gsscon_passive_authenticate (connectionFD, &gssContext, + connectionErr = gsscon_passive_authenticate (connectionFD, nameBuffer, &gssContext, cb_print_names, NULL); if (!connectionErr) { diff --git a/include/tr_config.h b/include/tr_config.h index 3855dad..b973372 100644 --- a/include/tr_config.h +++ b/include/tr_config.h @@ -56,7 +56,7 @@ typedef enum tr_cfg_rc { typedef struct tr_cfg_internal { unsigned int max_tree_depth; - char *realm_name; + const char *hostname; } TR_CFG_INTERNAL; typedef struct tr_cfg { diff --git a/include/trust_router/tid.h b/include/trust_router/tid.h index 8759e6c..2e5d4ee 100644 --- a/include/trust_router/tid.h +++ b/include/trust_router/tid.h @@ -106,6 +106,7 @@ struct tids_instance { int req_count; char *priv_key; char *ipaddr; + const char *hostname; TIDS_REQ_FUNC *req_handler; tids_auth_func *auth_handler; void *cookie; @@ -163,7 +164,7 @@ TR_EXPORT void tidc_destroy (TIDC_INSTANCE *tidc); /* TID Server functions, in tid/tids.c */ TR_EXPORT TIDS_INSTANCE *tids_create (void); TR_EXPORT int tids_start (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - tids_auth_func *auth_handler, + tids_auth_func *auth_handler, const char *hostname, void *cookie); TR_EXPORT int tids_send_response (TIDS_INSTANCE *tids, TID_REQ *req, TID_RESP *resp); TR_EXPORT int tids_send_err_response (TIDS_INSTANCE *tids, TID_REQ *req, const char *err_msg); diff --git a/tid/example/tids_main.c b/tid/example/tids_main.c index f28a940..5495dc6 100644 --- a/tid/example/tids_main.c +++ b/tid/example/tids_main.c @@ -63,7 +63,7 @@ static int create_key_id(char *out_id, size_t len) return 0; } -static int tids_req_handler (TIDS_INSTANCE * tids, +static int tids_req_handler (TIDS_INSTANCE *tids, TID_REQ *req, TID_RESP **resp, void *cookie) @@ -162,41 +162,34 @@ int main (int argc, TIDS_INSTANCE *tids; int rc = 0; char *ipaddr = NULL; + const char *hostname = NULL; TR_NAME *gssname = NULL; /* Parse command-line arguments */ - if (argc > 4) - fprintf(stdout, "Usage: %s [ []]\n", argv[0]); - - if (argc >= 2) { - ipaddr = (char *)argv[1]; - } else { - ipaddr = "127.0.0.1"; + if (argc != 5) { + fprintf(stdout, "Usage: %s \n", argv[0]); + exit(1); } + ipaddr = (char *)argv[1]; gssname = tr_new_name((char *) argv[2]); - - /* TBD -- check that input is a valid IP address? */ - - /*If we have a database, open and prepare*/ - if (argc == 4) { - if (SQLITE_OK != sqlite3_open(argv[3], &db)) { - fprintf(stdout, "Error opening database %s\n", argv[2]); - exit(1); - } - sqlite3_prepare_v2(db, "insert into psk_keys (keyid, key) values(?, ?)", - -1, &insert_stmt, NULL); + hostname = argv[3]; + if (SQLITE_OK != sqlite3_open(argv[4], &db)) { + fprintf(stdout, "Error opening database %s\n", argv[4]); + exit(1); } + sqlite3_prepare_v2(db, "insert into psk_keys (keyid, key) values(?, ?)", + -1, &insert_stmt, NULL); /* Create a TID server instance */ if (NULL == (tids = tids_create())) { - fprintf(stdout, "Unable to create TIDS instance,exiting.\n"); + fprintf(stdout, "Unable to create TIDS instance, exiting.\n"); return 1; } tids->ipaddr = ipaddr; /* Start-up the server, won't return unless there is an error. */ - rc = tids_start(tids, &tids_req_handler , auth_handler, gssname); + rc = tids_start(tids, &tids_req_handler , auth_handler, hostname, gssname); fprintf(stdout, "Error in tids_start(), rc = %d. Exiting.\n", rc); diff --git a/tid/tids.c b/tid/tids.c index b16e380..0966aae 100644 --- a/tid/tids.c +++ b/tid/tids.c @@ -134,9 +134,14 @@ static int tids_auth_connection (struct tids_instance *inst, { int rc = 0; int auth, autherr = 0; - gss_buffer_desc nameBuffer = {NULL, 0}; - + gss_buffer_desc nameBuffer = {0, NULL}; + char *name = 0; + int nameLen = 0; + nameLen = sprintf(name, "trustidentity@%s", inst->hostname); + nameBuffer.length = nameLen; + nameBuffer.value = name; + if (rc = gsscon_passive_authenticate(conn, nameBuffer, gssctx, tids_auth_cb, inst)) { fprintf(stderr, "tids_auth_connection: Error from gsscon_passive_authenticate(), rc = %d.\n", rc); return -1; @@ -345,6 +350,7 @@ TIDS_INSTANCE *tids_create (void) int tids_start (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, tids_auth_func *auth_handler, + const char *hostname, void *cookie) { int listen = -1; @@ -357,6 +363,7 @@ int tids_start (TIDS_INSTANCE *tids, /* store the caller's request handler & cookie */ tids->req_handler = req_handler; tids->auth_handler = auth_handler; + tids->hostname = hostname; tids->cookie = cookie; while(1) { /* accept incoming conns until we are stopped */ diff --git a/tr/manual.cfg b/tr/manual.cfg index 9f7d451..3df6413 100644 --- a/tr/manual.cfg +++ b/tr/manual.cfg @@ -1 +1,2 @@ -{"tr_internal":{"max_tree_depth": 4}} \ No newline at end of file +{"tr_internal":{"max_tree_depth": 4, + "hostname":"tr.painless-security.com"}} \ No newline at end of file diff --git a/tr/tr_main.c b/tr/tr_main.c index cba8042..8b42b0d 100644 --- a/tr/tr_main.c +++ b/tr/tr_main.c @@ -283,7 +283,7 @@ int main (int argc, const char *argv[]) } /* start the trust path query server, won't return unless fatal error. */ - if (0 != (err = tids_start(tr->tids, &tr_tids_req_handler, &tr_tids_gss_handler, (void *)tr))) { + if (0 != (err = tids_start(tr->tids, &tr_tids_req_handler, &tr_tids_gss_handler, tr->active_cfg->internal->hostname, (void *)tr))) { fprintf (stderr, "Error from Trust Path Query Server, err = %d.\n", err); exit(err); }