From: Margaret Wasserman Date: Wed, 5 Dec 2012 01:46:17 +0000 (-0500) Subject: Authenticated conn between tpqs and tpqc works. X-Git-Tag: debian/1.3.1-1~55 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=trust_router.git;a=commitdiff_plain;h=5713b60c5e36d849a71580d127b8550f9de2dd52 Authenticated conn between tpqs and tpqc works. --- diff --git a/gsscon/test/gsscon_server.c b/gsscon/test/gsscon_server.c index 1e9232b..63b460a 100644 --- a/gsscon/test/gsscon_server.c +++ b/gsscon/test/gsscon_server.c @@ -144,6 +144,7 @@ int main (int argc, const char *argv[]) int authorizationError = 0; connectionFD = accept (listenFD, NULL, NULL); + if (connectionFD < 0) { if (errno != EINTR) { err = errno; diff --git a/include/tpq.h b/include/tpq.h index c2ec6e8..c1f93bb 100644 --- a/include/tpq.h +++ b/include/tpq.h @@ -72,6 +72,7 @@ typedef struct tpqs_instance { typedef void (TPQC_RESP_FUNC)(TPQC_INSTANCE *, TPQ_RESP *, void *); typedef int (TPQS_REQ_FUNC)(TPQS_INSTANCE *, TPQ_REQ *, TPQ_RESP *, void *); +TPQ_NAME *tpq_new_name (char *name); TPQ_NAME *tpq_dup_name (TPQ_NAME *from); TPQC_INSTANCE *tpqc_create (void); diff --git a/tpq/example/tpqc_main.c b/tpq/example/tpqc_main.c index 19369dd..55fdc64 100644 --- a/tpq/example/tpqc_main.c +++ b/tpq/example/tpqc_main.c @@ -32,6 +32,7 @@ * */ +#include #include #include @@ -65,8 +66,10 @@ int main (int argc, int rc; /* Parse command-line arguments */ - if (argc != 4) + if (argc != 4) { tpqc_print_usage(argv[0]); + exit(1); + } /* TBD -- validity checking, dealing with quotes, etc. */ server = (char *)argv[1]; @@ -86,7 +89,7 @@ int main (int argc, /* Send a TPQ request */ if (rc = tpqc_send_request(tpqc, conn, realm, coi, &tpqc_resp_handler, NULL)) { /* Handle error */ - printf("Error in tpqc_send_request, rc = &d.\n", rc); + printf("Error in tpqc_send_request, rc = %d.\n", rc); return 1; } diff --git a/tpq/example/tpqs_main.c b/tpq/example/tpqs_main.c index f843d2c..e9204f6 100644 --- a/tpq/example/tpqs_main.c +++ b/tpq/example/tpqs_main.c @@ -59,16 +59,22 @@ int main (int argc, const char *argv[]) { static TPQS_INSTANCE *tpqs; + int rc = 0; /* Parse command-line arguments */ if (argc != 1) printf("Unexpected arguments, ignored.\n"); /* Create a TPQ server instance */ - tpqs = tpqs_create(); + if (NULL == (tpqs = tpqs_create())) { + printf("Error in tpqs_create(). Exiting.\n"); + return 1; + } /* Start-up the server, won't return unless there is an error. */ - tpqs_start(tpqs, &tpqs_req_handler , NULL); + rc = tpqs_start(tpqs, &tpqs_req_handler , NULL); + + printf("Error in tpqs_start(), rc = %d. Exiting.\n"); /* Clean-up the TPQ server instance */ tpqs_destroy(tpqs); diff --git a/tpq/tpqs.c b/tpq/tpqs.c index 416b3b1..d819dfe 100644 --- a/tpq/tpqs.c +++ b/tpq/tpqs.c @@ -33,10 +33,117 @@ */ #include -#include +#include +#include +#include +#include +#include +#include +#include #include +static int tpqs_listen (int port) +{ + int rc = 0; + int conn = -1; + struct sockaddr_storage addr; + struct sockaddr_in *saddr = (struct sockaddr_in *) &addr; + + saddr->sin_port = htons (port); + saddr->sin_family = AF_INET; + saddr->sin_addr.s_addr = INADDR_ANY; + + if (0 > (conn = socket (AF_INET, SOCK_STREAM, 0))) + return conn; + + if (0 > (rc = bind (conn, (struct sockaddr *) saddr, sizeof(struct sockaddr_in)))) + return rc; + + if (0 > (rc = listen(conn, 512))) + return rc; + + fprintf (stdout, "TPQ Server listening on port %d\n", port); + return conn; +} + +static int tpqs_auth_connection (int conn, gss_ctx_id_t *gssctx) +{ + int rc = 0; + int auth, autherr = 0; + + if (rc = gsscon_passive_authenticate(conn, gssctx)) { + fprintf(stderr, "Error from gsscon_passive_authenticate(), rc = %d.\n", rc); + return -1; + } + + if (rc = gsscon_authorize(*gssctx, &auth, &autherr)) { + fprintf(stderr, "Error from gsscon_authorize, rc = %d, autherr = %d.\n", + rc, autherr); + return -1; + } + + if (auth) + fprintf(stdout, "Connection authenticated, conn = %d.\n", conn); + else + fprintf(stderr, "Authentication failed, conn %d.\n", conn); + + return auth; +} + +static int tpqs_read_request (int conn, gss_ctx_id_t *gssctx, TPQ_REQ *req) +{ + return -1; +} + +static int tpqs_handle_request (TPQ_REQ *req, TPQ_RESP *resp) +{ + return -1; +} + +static int tpqs_send_response (int conn, gss_ctx_id_t *gssctx, TPQ_RESP *resp) +{ + return -1; +} + +static void tpqs_handle_connection (int conn) +{ + TPQ_REQ req; + TPQ_RESP resp; + int rc; + gss_ctx_id_t gssctx = GSS_C_NO_CONTEXT; + + if (!tpqs_auth_connection(conn, &gssctx)) { + fprintf(stderr, "Error authorizing TPQ Server connection, rc = %d.\n", rc); + close(conn); + return; + } + + printf("Connection authorized!\n"); + + while (1) { /* continue until an error breaks us out */ + + if (0 > (rc = tpqs_read_request(conn, &gssctx, &req))) { + fprintf(stderr, "Error from tpqs_read_request(), rc = %d.\n", rc); + return; + } else if (0 == rc) { + continue; + } + + if (0 > (rc = tpqs_handle_request(&req, &resp))) { + fprintf(stderr, "Error from tpqs_handle_request(), rc = %d.\n", rc); + return; + } + + if (0 > (rc = tpqs_send_response(conn, &gssctx, &resp))) { + fprintf(stderr, "Error from tpqs_send_response(), rc = %d.\n", rc); + return; + } + } + + return; +} + TPQS_INSTANCE *tpqs_create () { TPQS_INSTANCE *tpqs = 0; @@ -49,8 +156,35 @@ int tpqs_start (TPQS_INSTANCE *tpqs, TPQS_REQ_FUNC *req_handler, void *cookie) { + int listen = -1; + int conn = -1; + pid_t pid; + + if (0 > (listen = tpqs_listen(TPQ_PORT))) + perror ("Error from tpqs_listen()"); + + while(1) { /* accept incoming conns until we are stopped */ + + if (0 > (conn = accept(listen, NULL, NULL))) { + perror("Error from TPQS Server accept()"); + return 1; + } + + if (0 > (pid = fork())) { + perror("Error on fork()"); + return 1; + } + + if (pid == 0) { + close(listen); + tpqs_handle_connection(conn); + exit(0); + } else { + close(conn); + } + } - return 1; + return 1; /* should never get here */ } void tpqs_destroy (TPQS_INSTANCE *tpqs)