From: Jennifer Richards <jennifer@painless-security.com>
Date: Wed, 10 Aug 2016 18:29:01 +0000 (-0400)
Subject: Merge branch 'master' into jennifer/trp-devel
X-Git-Tag: v2.0~22
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=trust_router.git;a=commitdiff_plain;h=e427f7d366115d72ded50c2d8de7e7c4c37a773f

Merge branch 'master' into jennifer/trp-devel

Conflicts:
	common/tr_config.c
	common/tr_name.c
	include/tr_config.h
	include/trust_router/tid.h
	tr/tr_main.c
---

e427f7d366115d72ded50c2d8de7e7c4c37a773f
diff --cc common/tr_config.c
index 59cdfdc,433f726..83eddf7
--- a/common/tr_config.c
+++ b/common/tr_config.c
@@@ -38,51 -38,63 +38,81 @@@
  #include <dirent.h>
  #include <talloc.h>
  
 +#include <tr_cfgwatch.h>
  #include <tr_config.h>
  #include <tr_debug.h>
 -#include <tr.h>
  #include <tr_filter.h>
  #include <trust_router/tr_constraint.h>
 +#include <tr_idp.h>
 +#include <tr.h>
  
- void tr_print_config (FILE *stream, TR_CFG *cfg) {
-   fprintf(stream, "tr_print_config: Not yet implemented.");
-   return;
+ void tr_print_config (TR_CFG *cfg) {
+   tr_notice("tr_print_config: Logging running trust router configuration.");
+   tr_print_comms(cfg->comms);
+ }
+ 
+ void tr_print_comms (TR_COMM *comm_list) {
+   TR_COMM *comm = NULL;
+ 
+   for (comm = comm_list; NULL != comm; comm = comm->next) {
+     tr_notice("tr_print_config: Community %s:", comm->id->buf);
+ 
+     tr_notice("tr_print_config:  - Member IdPs:");
+     tr_print_comm_idps(comm->idp_realms);
+ 
+     tr_notice("tr_print_config:  - Member RPs:");
+     tr_print_comm_rps(comm->rp_realms);
+   }
+ }
+ 
+ void tr_print_comm_idps (TR_IDP_REALM *idp_list) {
+   TR_IDP_REALM *idp = NULL;
+ 
+   for (idp = idp_list; NULL != idp; idp = idp->comm_next) {
+     tr_notice("tr_print_config:    - @%s", idp->realm_id->buf);
+   }
+ }
+ 
+ void tr_print_comm_rps(TR_RP_REALM *rp_list) {
+   TR_RP_REALM *rp = NULL;
+ 
+   for (rp = rp_list; NULL != rp; rp = rp->next) {
+     tr_notice("tr_print_config:    - %s", rp->realm_name->buf);
+   }
  }
  
 +TR_CFG *tr_cfg_new(TALLOC_CTX *mem_ctx)
 +{
 +  return talloc_zero(mem_ctx, TR_CFG);
 +}
 +
  void tr_cfg_free (TR_CFG *cfg) {
    talloc_free(cfg);
 -  return;
  }
  
 -TR_CFG_RC tr_apply_new_config (TR_INSTANCE *tr) {
 -  if (!tr)
 +TR_CFG_MGR *tr_cfg_mgr_new(TALLOC_CTX *mem_ctx)
 +{
 +  return talloc_zero(mem_ctx, TR_CFG_MGR);
 +}
 +
 +void tr_cfg_mgr_free (TR_CFG_MGR *cfg_mgr) {
 +  talloc_free(cfg_mgr);
 +}
 +
 +TR_CFG_RC tr_apply_new_config (TR_CFG_MGR *cfg_mgr)
 +{
 +  /* cfg_mgr->active is allowed to be null, but new cannot be */
 +  if ((cfg_mgr==NULL) || (cfg_mgr->new==NULL))
      return TR_CFG_BAD_PARAMS;
  
 -  if (tr->active_cfg)
 -    tr_cfg_free(tr->active_cfg);
 +  if (cfg_mgr->active != NULL)
 +    tr_cfg_free(cfg_mgr->active);
  
 -  tr->active_cfg = tr->new_cfg;
 +  cfg_mgr->active = cfg_mgr->new;
 +  cfg_mgr->new=NULL; /* only keep a single handle on the new configuration */
  
 -  tr_log_threshold(tr->active_cfg->internal->log_threshold);
 -  tr_console_threshold(tr->active_cfg->internal->console_threshold);
 +  tr_log_threshold(cfg_mgr->active->internal->log_threshold);
 +  tr_console_threshold(cfg_mgr->active->internal->console_threshold);
  
    return TR_CFG_SUCCESS;
  }
@@@ -993,57 -910,62 +1035,68 @@@ TR_CFG_RC tr_cfg_validate (TR_CFG *trc
  
  /* Join two paths and return a pointer to the result. This should be freed
   * via talloc_free. Returns NULL on failure. */
 -static char *join_paths(const char *p1, const char *p2) {
 -  return talloc_asprintf(NULL, "%s/%s", p1, p2); /* returns NULL on a failure */
 +static char *join_paths(TALLOC_CTX *mem_ctx, const char *p1, const char *p2) {
 +  return talloc_asprintf(mem_ctx, "%s/%s", p1, p2); /* returns NULL on a failure */
  }
  
 -/* Reads configuration files in config_dir ("" or "./" will use the current directory) */
 -TR_CFG_RC tr_parse_config (TR_INSTANCE *tr, const char *config_dir, int n, struct dirent **cfg_files) {
 +/* Reads configuration files in config_dir ("" or "./" will use the current directory). */
 +TR_CFG_RC tr_parse_config (TR_CFG_MGR *cfg_mgr, const char *config_dir, int n, struct dirent **cfg_files)
 +{
 +  TALLOC_CTX *tmp_ctx=talloc_new(NULL);
    json_t *jcfg;
+   json_t *jser;
    json_error_t rc;
    char *file_with_path;
 +  int ii;
 +  TR_CFG_RC cfg_rc=TR_CFG_ERROR;
  
 -  if ((!tr) || (!cfg_files) || (n<=0))
 -    return TR_CFG_BAD_PARAMS;
 -
 -  /* If there is a partial/abandoned config lying around, free it */
 -  if (tr->new_cfg) 
 -    tr_cfg_free(tr->new_cfg);
 -  
 -  if (NULL == (tr->new_cfg = talloc(NULL, TR_CFG)))
 -    return TR_CFG_NOMEM;
 +  if ((!cfg_mgr) || (!cfg_files) || (n<=0)) {
 +    cfg_rc=TR_CFG_BAD_PARAMS;
 +    goto cleanup;
 +  }
  
 -  memset(tr->new_cfg, 0, sizeof(TR_CFG));
 +  if (cfg_mgr->new != NULL)
 +    tr_cfg_free(cfg_mgr->new);
 +  cfg_mgr->new=tr_cfg_new(tmp_ctx); /* belongs to the temporary context for now */
 +  if (cfg_mgr->new == NULL) {
 +    cfg_rc=TR_CFG_NOMEM;
 +    goto cleanup;
 +  }
  
    /* Parse configuration information from each config file */
 -  while (n--) {
 -    file_with_path=join_paths(config_dir, cfg_files[n]->d_name); /* must free result with talloc_free */
 +  for (ii=0; ii<n; ii++) {
 +    file_with_path=join_paths(tmp_ctx, config_dir, cfg_files[ii]->d_name); /* must free result with talloc_free */
      if(file_with_path == NULL) {
        tr_crit("tr_parse_config: error joining path.");
 -      return TR_CFG_NOMEM;
 +      cfg_rc=TR_CFG_NOMEM;
 +      goto cleanup;
      }
 -    tr_debug("tr_parse_config: Parsing %s.", cfg_files[n]->d_name); /* print the filename without the path */
 +    tr_debug("tr_parse_config: Parsing %s.", cfg_files[ii]->d_name); /* print the filename without the path */
      if (NULL == (jcfg = json_load_file(file_with_path, 
                                         JSON_DISABLE_EOF_CHECK, &rc))) {
        tr_debug("tr_parse_config: Error parsing config file %s.", 
 -               cfg_files[n]->d_name);
 -      talloc_free(file_with_path);
 -      return TR_CFG_NOPARSE;
 +               cfg_files[ii]->d_name);
 +      cfg_rc=TR_CFG_NOPARSE;
 +      goto cleanup;
      }
+     talloc_free(file_with_path); /* done with filename */
+ 
+     // Look for serial number and log it if it exists
+     if (NULL != (jser = json_object_get(jcfg, "serial_number"))) {
+       if (json_is_number(jser)) {
+         tr_notice("tr_read_config: Attempting to load revision %" JSON_INTEGER_FORMAT " of '%s'.",
+                   json_integer_value(jser),
+                   cfg_files[n]->d_name);
+       }
+     }
  
 -    if ((TR_CFG_SUCCESS != tr_cfg_parse_internal(tr->new_cfg, jcfg)) ||
 -        (TR_CFG_SUCCESS != tr_cfg_parse_rp_clients(tr->new_cfg, jcfg)) ||
 -        (TR_CFG_SUCCESS != tr_cfg_parse_idp_realms(tr->new_cfg, jcfg)) ||
 -        (TR_CFG_SUCCESS != tr_cfg_parse_default_servers(tr->new_cfg, jcfg)) ||
 -        (TR_CFG_SUCCESS != tr_cfg_parse_comms(tr->new_cfg, jcfg))) {
 -      tr_cfg_free(tr->new_cfg);
 -      return TR_CFG_ERROR;
 +    if ((TR_CFG_SUCCESS != tr_cfg_parse_internal(cfg_mgr->new, jcfg)) ||
 +        (TR_CFG_SUCCESS != tr_cfg_parse_rp_clients(cfg_mgr->new, jcfg)) ||
 +        (TR_CFG_SUCCESS != tr_cfg_parse_idp_realms(cfg_mgr->new, jcfg)) ||
 +        (TR_CFG_SUCCESS != tr_cfg_parse_default_servers(cfg_mgr->new, jcfg)) ||
 +        (TR_CFG_SUCCESS != tr_cfg_parse_comms(cfg_mgr->new, jcfg))) {
 +      cfg_rc=TR_CFG_ERROR;
 +      goto cleanup;
      }
    }
  
diff --cc common/tr_name.c
index e048731,dccf0d4..8837b02
--- a/common/tr_name.c
+++ b/common/tr_name.c
@@@ -122,4 -109,5 +122,3 @@@ char * tr_name_strdup(TR_NAME *src
    }
    return s;
  }
 -
--
diff --cc include/tr_config.h
index 10b1cf5,8a04415..89777fd
--- a/include/tr_config.h
+++ b/include/tr_config.h
@@@ -85,25 -74,24 +85,29 @@@ typedef struct tr_cfg 
    TR_COMM *comms;			/* locally-known communities */
    TR_AAA_SERVER *default_servers;	/* default server list */
    /* TBD -- Global Filters */
 -  /* TBD -- Trust Router Peers */
 -  /* TBD -- Trust Links */
  } TR_CFG;
  
 +typedef struct tr_cfg_mgr {
 +  TR_CFG *active;
 +  TR_CFG *new;
 +} TR_CFG_MGR;
 +
  int tr_find_config_files (const char *config_dir, struct dirent ***cfg_files);
  void tr_free_config_file_list(int n, struct dirent ***cfg_files);
 -TR_CFG_RC tr_parse_config (TR_INSTANCE *tr, const char *config_dir, int n, struct dirent **cfg_files);
 -TR_CFG_RC tr_apply_new_config (TR_INSTANCE *tr);
 +TR_CFG_RC tr_parse_config (TR_CFG_MGR *cfg_mgr, const char *config_dir, int n, struct dirent **cfg_files);
 +TR_CFG_RC tr_apply_new_config (TR_CFG_MGR *cfg_mgr);
  TR_CFG_RC tr_cfg_validate (TR_CFG *trc);
 +TR_CFG *tr_cfg_new(TALLOC_CTX *mem_ctx);
 +TR_CFG_MGR *tr_cfg_mgr_new(TALLOC_CTX *mem_ctx);
  void tr_cfg_free(TR_CFG *cfg);
 +void tr_cfg_mgr_free(TR_CFG_MGR *cfg);
- void tr_print_config(FILE *stream, TR_CFG *cfg);
+ 
+ void tr_print_config(TR_CFG *cfg);
+ void tr_print_comms(TR_COMM *comm_list);
+ void tr_print_comm_idps(TR_IDP_REALM *idp_list);
+ void tr_print_comm_rps(TR_RP_REALM *rp_list);
  
 -TR_IDP_REALM *tr_cfg_find_idp (TR_CFG *tr_cfg, TR_NAME *idp_id, TR_CFG_RC *rc);
 -TR_RP_CLIENT *tr_cfg_find_rp (TR_CFG *tr_cfg, TR_NAME *rp_gss, TR_CFG_RC *rc);
 -TR_RP_CLIENT *tr_rp_client_lookup(TR_INSTANCE *tr, TR_NAME *gss_name);
 +TR_IDP_REALM *tr_cfg_find_idp (TR_CFG *cfg, TR_NAME *idp_id, TR_CFG_RC *rc);
 +TR_RP_CLIENT *tr_cfg_find_rp (TR_CFG *cfg, TR_NAME *rp_gss, TR_CFG_RC *rc);
  
  #endif