Jennifer Richards [Fri, 25 May 2018 16:49:25 +0000 (12:49 -0400)]
Add signed integer parser to eliminate compiler errors
Jennifer Richards [Fri, 25 May 2018 15:59:57 +0000 (11:59 -0400)]
Use our hostname/TID port when sending a request, not our next_hop
Before this, we set the next_hop to ourselves for local routes, then
simply forwarded the next_hop to our peers in update messages. That is
incorrect - we need to fill in our own hostname/TID port every time, not
send the next_hop we forward to.
Also fixes a few port name / signed int changes that really belonged in
the previous commit.
Jennifer Richards [Fri, 25 May 2018 15:57:51 +0000 (11:57 -0400)]
Normalize port naming (tids_, trps_, and mons_port) and use signed int
This cleans up the port names in various functions and data structures.
Tries to get rid of ambiguous "port" fields. A few changes will be in
the next commit which has some functional updates as well.
Jennifer Richards [Fri, 25 May 2018 00:18:20 +0000 (20:18 -0400)]
Copy TID and TRP ports from inforec when accepting a route update
Jennifer Richards [Thu, 24 May 2018 22:30:11 +0000 (18:30 -0400)]
Support non-default TRP and TID ports
* Include trust_router and next_hop ports in inforecs, routes, and
update msgs
- affects encoders and decoders
- use next_hop from the inforec instead of assuming it is the
peer's server address
- default next_hop to the trust_router for backward compatibility
- default both ports to the standard well-known ports if not given
* fill in local routes with our hostname/port
- no longer permit empty next_hop fields
* Update filter handlers
- handle next_hop field
- use hostname:port format (or just hostname with default port)
- handle next_hop field
* Keep track of AAA server ports
* Be more careful with tr_msg JSON helper return values
* Use tr_name_strdup() to avoid ad hoc conversion from name to string
* Use signed int as port to allow -1 as an invalid port indicator
* Remove now-obsolete tr_aaa_server_from_name() function
Jennifer Richards [Thu, 24 May 2018 21:01:44 +0000 (17:01 -0400)]
Factor out hostname parsing for reuse
Jennifer Richards [Thu, 24 May 2018 18:05:39 +0000 (14:05 -0400)]
Fix typo, reorder methods in tr_aaa_server.c
Jennifer Richards [Thu, 24 May 2018 18:01:14 +0000 (14:01 -0400)]
Fix a leftover use of the old TR_AAA_SERVER structure
Jennifer Richards [Thu, 24 May 2018 18:00:56 +0000 (14:00 -0400)]
Use the port configured for a AAA server instead of assuming TID_PORT
* Pass TR_AAA_SERVER instead of hostname to TIDS forward threads
* Use the port set for the TR_AAA_SERVER instead of TID_PORT
Jennifer Richards [Thu, 24 May 2018 17:34:20 +0000 (13:34 -0400)]
Parse hostname/port for AAA server addresses
* Add methods to create a TR_AAA_SERVER from a hostname:port string
- also a version starting from a TR_NAME, which is a bit of a
misuse of the TR_NAME
* Update code to use the new methods instead
* tr_aaa_server_new() no longer sets the hostname
* tr_aaa_server_set_port() only uses default port when port == 0,
otherwise allows any value
* refactor tr_cfg_parse_one_aaa_server() to better use talloc
* Raise error in tr_tids_req_handler() if AAA server allocation fails
Jennifer Richards [Thu, 24 May 2018 15:43:31 +0000 (11:43 -0400)]
Move AAA server methods out of tr_idp.[ch] into their own files
* Create tr_aaa_server.[ch], move methods out of tr_idp.[ch]
- Existing methods unchanged
* Add port to TR_AAA_SERVER
* Add get/set methods for hostname/port
* Update makefiles
Jennifer Richards [Wed, 23 May 2018 20:41:26 +0000 (16:41 -0400)]
Add last few missing headers and clean up the order of the list
Jennifer Richards [Wed, 23 May 2018 20:26:52 +0000 (16:26 -0400)]
A few more forgotten headers in make dist
Jennifer Richards [Wed, 23 May 2018 20:22:16 +0000 (16:22 -0400)]
Add headers left out of make dist
Jennifer Richards [Wed, 23 May 2018 19:56:04 +0000 (15:56 -0400)]
Bump version in trust_router.spec to match configure.ac
Jennifer Richards [Wed, 23 May 2018 19:47:36 +0000 (15:47 -0400)]
Ensure the m4 directory exists so that autoreconf doesn't complain
* Add a throwaway hidden file so git creates the directory
* Add an exception in .gitignore so this file is not ignored
Jennifer Richards [Thu, 10 May 2018 16:15:06 +0000 (12:15 -0400)]
Prevent core dumps on intentional mons/tids subprocess abort()
Uses setrlimit() to set the core size limit to 0 for the subprocess
immediately before aborting.
Jennifer Richards [Tue, 8 May 2018 17:01:31 +0000 (13:01 -0400)]
Abort instead of exit from forked tids and mons subprocesses
Jennifer Richards [Mon, 7 May 2018 21:29:48 +0000 (17:29 -0400)]
Use the the peer table iterator correctly
Jennifer Richards [Mon, 7 May 2018 20:20:17 +0000 (16:20 -0400)]
Validate whether peer gss name is non-null before duplicating it
Jennifer Richards [Mon, 7 May 2018 19:04:41 +0000 (15:04 -0400)]
Fix Makefile.am for t_constraint so "make check" succeeds
Jennifer Richards [Mon, 7 May 2018 18:48:22 +0000 (14:48 -0400)]
Merge pull request #82 from painless-security/jennifer/pull_req_feedback
Incorporate feedback from monitoring code reviews
Jennifer Richards [Mon, 7 May 2018 18:48:05 +0000 (14:48 -0400)]
Rename TID count options to show
* tid_req_count -> tid_reqs_processed
* tid_req_pending -> tid_reqs_pending
* tid_req_error_count -> tid_error_count
Jennifer Richards [Mon, 7 May 2018 18:37:57 +0000 (14:37 -0400)]
Remove unsupported 'reconfigure' monitoring command
Jennifer Richards [Mon, 7 May 2018 18:20:10 +0000 (14:20 -0400)]
Include trmon in RPM, nudge version to 3.4.0~2
Jennifer Richards [Mon, 7 May 2018 18:11:43 +0000 (14:11 -0400)]
Miscellaneous minor code cleanup for MRW's review comments
* Remove generation of DH in trmon.c, it's not needed
* Check return value of mon_req_add_option() in a few places it had
been ignored
* Spell out "Trust Router" in trmon version/help description
* Rename _decode -> _encode after a copy/paste
* Fix a few incorrect comments describing file contents
* Fix function name in debug messages in tr_cfg_parse_config_files()
* Include glib.h instead of gmodule.h in a few files
Jennifer Richards [Mon, 7 May 2018 18:06:43 +0000 (14:06 -0400)]
Move repeated #defines into tr_json_util.h and add documentation
Jennifer Richards [Mon, 7 May 2018 17:45:51 +0000 (13:45 -0400)]
Move DH record from TR_GSSC_INSTANCE to TIDC_INSTANCE, where it belongs
Jennifer Richards [Mon, 7 May 2018 17:24:19 +0000 (13:24 -0400)]
Treat TID req as error if a response is not sent
* Return an error code from tr_gss_handle_connection()
* When TID process terminates, send "OK" or "ERR" over the pipe
* Refactor handling of the TID fork() and messaging
Jennifer Richards [Mon, 7 May 2018 16:16:15 +0000 (12:16 -0400)]
Update a tr_mq_msg_new() call that slipped through with a msg priority
Jennifer Richards [Mon, 7 May 2018 16:05:44 +0000 (12:05 -0400)]
Merge pull request #81 from painless-security/jennifer/no_mq_priorities
Remove TR_MQ message priorities
Jennifer Richards [Mon, 7 May 2018 16:05:23 +0000 (12:05 -0400)]
Merge branch 'milestone/monitoring' into jennifer/no_mq_priorities
mrw42 [Fri, 4 May 2018 20:59:05 +0000 (16:59 -0400)]
Merge pull request #79 from painless-security/jennifer/memory_leaks
Clean up several memory leaks detected by valgrind
mrw42 [Fri, 4 May 2018 20:58:06 +0000 (16:58 -0400)]
Merge pull request #76 from painless-security/jennifer/trpc_deadlock
Eliminate deadlock in TRPC messaging queueing
mrw42 [Fri, 4 May 2018 19:05:56 +0000 (15:05 -0400)]
Merge pull request #72 from painless-security/jennifer/peer_label_for_updates
Use peer labels instead of GSS names when considering updates
mrw42 [Fri, 4 May 2018 19:04:10 +0000 (15:04 -0400)]
Merge pull request #74 from painless-security/jennifer/set_realm_apcs
Handle APC correctly when a realm is discovered from an APC community update
mrw42 [Fri, 4 May 2018 19:01:37 +0000 (15:01 -0400)]
Merge pull request #73 from painless-security/jennifer/expire_utc
Report expiration times in UTC instead of local time
mrw42 [Fri, 4 May 2018 19:00:24 +0000 (15:00 -0400)]
Merge pull request #61 from painless-security/jennifer/request_id
Add a 'request_id' to TID requests and responses
mrw42 [Fri, 4 May 2018 18:50:16 +0000 (14:50 -0400)]
Merge pull request #62 from painless-security/jennifer/report_incoming_ipaddr
Report incoming IP address when a connection comes in
Jennifer Richards [Thu, 3 May 2018 21:36:30 +0000 (17:36 -0400)]
Correct a comment
Jennifer Richards [Thu, 3 May 2018 21:11:19 +0000 (17:11 -0400)]
Merge remote-tracking branch 'github/milestone/monitoring' into jennifer/request_id
Jennifer Richards [Thu, 3 May 2018 20:50:54 +0000 (16:50 -0400)]
Merge branch 'milestone/monitoring' into jennifer/request_id
# Conflicts:
# include/trust_router/tid.h
# tid/tidc.c
# tr/tr_tid.c
mrw42 [Thu, 3 May 2018 20:42:46 +0000 (16:42 -0400)]
Merge pull request #59 from painless-security/jennifer/datastructures
Replace fixed length arrays with dynamic lists
mrw42 [Thu, 3 May 2018 20:13:15 +0000 (16:13 -0400)]
Merge pull request #48 from painless-security/jennifer/monitoring
Monitoring interface and back end support (pull request 10)
mrw42 [Thu, 3 May 2018 20:11:35 +0000 (16:11 -0400)]
Merge pull request #57 from painless-security/jennifer/show_rp_clients
Add show rp_clients command (pull request 9)
mrw42 [Thu, 3 May 2018 20:10:13 +0000 (16:10 -0400)]
Merge pull request #56 from painless-security/jennifer/show_realms
Add show realms command (pull request 8)
mrw42 [Thu, 3 May 2018 20:09:12 +0000 (16:09 -0400)]
Merge pull request #55 from painless-security/jennifer/show_communities
Add show communities command (pull request 7)
mrw42 [Thu, 3 May 2018 20:08:08 +0000 (16:08 -0400)]
Merge pull request #54 from painless-security/jennifer/show_peers
Add the show peers command (pull request 6)
mrw42 [Thu, 3 May 2018 20:07:11 +0000 (16:07 -0400)]
Merge pull request #53 from painless-security/jennifer/show_routes
Add show routes message support (pull request 5)
mrw42 [Thu, 3 May 2018 20:05:51 +0000 (16:05 -0400)]
Merge pull request #52 from painless-security/jennifer/subprocess_status
Report whether TID requests succeed and better clean up zombie TID / MON processes (pull request 4)
mrw42 [Thu, 3 May 2018 20:03:15 +0000 (16:03 -0400)]
Merge pull request #51 from painless-security/jennifer/monitoring_client_and_server
First functioning monitoring client/server (pull request 3)
mrw42 [Thu, 3 May 2018 20:02:05 +0000 (16:02 -0400)]
Merge pull request #50 from painless-security/jennifer/refactoring_tids
TID refactoring (pull request 2)
mrw42 [Thu, 3 May 2018 20:00:42 +0000 (16:00 -0400)]
Merge pull request #49 from painless-security/jennifer/mon_msg_encoders
Add encoders for monitoring messages (pull request 1)
Jennifer Richards [Thu, 3 May 2018 13:16:08 +0000 (09:16 -0400)]
Eliminate message priority from TR_MQ / TR_MQ_MSG
This was an unnecessary feature that had caused several bugs, most
recently #80. Rather than debug that, this removes the priorities,
returning to a simple queue.
Jennifer Richards [Wed, 2 May 2018 22:11:29 +0000 (18:11 -0400)]
Do not allocate return array if there are no return values
Calling talloc_array() with length 0 still allocates memory to track
the zero-length chunk. Return NULL because that is what we mean.
Jennifer Richards [Wed, 2 May 2018 21:49:05 +0000 (17:49 -0400)]
Remove unused variable
Jennifer Richards [Wed, 2 May 2018 21:24:50 +0000 (17:24 -0400)]
Free GSS service name after a failed incoming connection
Jennifer Richards [Wed, 2 May 2018 14:31:03 +0000 (10:31 -0400)]
Fix memory leak when setting next hop for community inforecs
* Return TRP_UNSUPPORTED when setting next hop on an inforec that
does not accept it (i.e., community inforecs)
* Free the next hop TR_NAME if it was not stored
Jennifer Richards [Wed, 2 May 2018 14:29:36 +0000 (10:29 -0400)]
Fix memory leak in gsscon_connect()
* Check for failure to allocate service name
* Free input name after importing to GSS
Jennifer Richards [Tue, 1 May 2018 19:36:33 +0000 (15:36 -0400)]
Remove last remnants of old trpc thread exit protocol, clear trpc queue
* Remove the shutting_down status in the TRPC_INSTANCE
* Clear the TRPC message queue after failed connections
* Add a few comments
Jennifer Richards [Tue, 1 May 2018 17:49:24 +0000 (13:49 -0400)]
Eliminate deadlock in trpc message handling
* Remove notify_cb for the trpc thread's TR_MQ
* Use trpc_mq_pop() directly in the tr_trpc_thread() instead of
trying to empty the queue every time
* Eliminate the complicated thread shutdown protocol needed to avoid
invalid accesses to data allocated in tr_trpc_thread()
This eliminates a deadlock that was possible due to misuse of the
callback mutex in conjunction with the TR_MQ mutex.
Jennifer Richards [Mon, 30 Apr 2018 17:12:41 +0000 (13:12 -0400)]
Fix JSON reference counting errors
Jennifer Richards [Mon, 30 Apr 2018 17:07:46 +0000 (13:07 -0400)]
Set APC correctly for community updates, reject routes for non-APC comms
When an APC community update is received, the "apcs" list is empty. The
APC for any realms described by that update should be the APC community
itself.
Also, the trust router previously accepted any realm/community pairs for
routing. That should have been APC communities only.
Finally, this also prevents configuring multiple communities with the
same ID.
Jennifer Richards [Sun, 29 Apr 2018 18:05:56 +0000 (14:05 -0400)]
Use peer_label instead of peer_gssname in community gathering
Currently this does nothing (loop prevention is done by the TR that
receives an update)
Jennifer Richards [Sun, 29 Apr 2018 17:52:59 +0000 (13:52 -0400)]
Properly check peer labels when finding alternate route to advertise
Jennifer Richards [Sun, 29 Apr 2018 17:23:46 +0000 (13:23 -0400)]
Consistently use peer label to ID peers when enforcing split horizon
We were incorrectly comparing the peer label (which is "hostname:port")
with the GSS name of our route's source (i.e., "credential@apc.x") when
checking whether we were about to advertise a route back to the trust
router that announced it to us. That broke split horizon enforcement.
Jennifer Richards [Fri, 27 Apr 2018 20:20:14 +0000 (16:20 -0400)]
Replace tr_comm_memb_iter_all methods with ones that actually work
The old iterator was completely broken, which was causing incomplete
cleanup of realms that should have been expired. This may have been
leaving the community membership table in an inconsistent state.
Jennifer Richards [Fri, 27 Apr 2018 02:09:24 +0000 (22:09 -0400)]
Add some comments, a bit of code clean up
Jennifer Richards [Fri, 27 Apr 2018 01:46:36 +0000 (21:46 -0400)]
Fix race condition on exit of trpc threads
The messaging between the main thread and the trpc (outgoing connection)
threads allowed the trpc data to be cleaned up before the message queue
was empty, causing incorrect mutex behavior and seg faults.
This is (I hope!) solved adding an additional shutdown phase in which
the main thread indicates that it has recognized that the trpc thread
is done and that the trpc thread can safely exit.
So far, I have not seen a failure of the system to handle a peer
disconnecting. Prior to these changes, it failed every time with my
current setup.
Jennifer Richards [Thu, 26 Apr 2018 23:33:01 +0000 (19:33 -0400)]
Don't display "last_connection_attempt" if there is not one
Jennifer Richards [Thu, 26 Apr 2018 20:51:33 +0000 (16:51 -0400)]
Correctly display RP realms in the 'show communities' response
Jennifer Richards [Thu, 26 Apr 2018 19:56:10 +0000 (15:56 -0400)]
Report community / route expiration times in UTC
* add utility methods for timespec math
* add method to convert between CLOCK_*
Jennifer Richards [Thu, 26 Apr 2018 16:05:15 +0000 (12:05 -0400)]
Log incoming IP address when accepting a connection
Jennifer Richards [Thu, 26 Apr 2018 01:02:06 +0000 (21:02 -0400)]
Add a 'request_id' to TID requests and responses
This adds a random hex string ID to each TID request. This is
propagated as the request is forwarded, then included in the response.
The field is not required, and is mostly an aid for debugging.
Adds two methods (tid_req_get_request_id and tid_resp_get_request_id)
to the public library interface.
Jennifer Richards [Wed, 25 Apr 2018 17:13:03 +0000 (13:13 -0400)]
Change -v/--validate-config to -C/--config-validate
There are enough things that use v, we'll accept Adam Bishop's hint and
copy FreeRADIUS's '-C' choice.
Jennifer Richards [Wed, 25 Apr 2018 17:08:06 +0000 (13:08 -0400)]
Merge pull request #60 from painless-security/jennifer/validate_config
Validate config with -v or --validate-config options
Jennifer Richards [Wed, 25 Apr 2018 17:05:30 +0000 (13:05 -0400)]
Validate config with -v or --validate-config options
Removes the -v short form for --version
Jennifer Richards [Wed, 25 Apr 2018 16:47:19 +0000 (12:47 -0400)]
Use TR_LIST for TR_GSS_NAMES
Jennifer Richards [Wed, 25 Apr 2018 16:04:37 +0000 (12:04 -0400)]
Change most while loops over TR_LISTs to for loops
The while loop patter (i = first(); while(i){blah; i = next()}) pattern
was error-prone -- too easy to overlook or forget the next() call.
Changed most of these to for loops to make the iteration more apparent.
Added a few comments. No intentional functional changes.
Jennifer Richards [Wed, 25 Apr 2018 15:43:35 +0000 (11:43 -0400)]
Add a few comments
Jennifer Richards [Tue, 24 Apr 2018 21:21:43 +0000 (17:21 -0400)]
Add missing %.*s so debug message includes GSS name
Jennifer Richards [Tue, 24 Apr 2018 15:48:27 +0000 (11:48 -0400)]
Use TR_LIST for domain/realm constraint matches
Jennifer Richards [Tue, 24 Apr 2018 01:48:34 +0000 (21:48 -0400)]
Use TR_LIST for TR_FILTER's 'flines' member
Jennifer Richards [Tue, 24 Apr 2018 01:42:42 +0000 (21:42 -0400)]
Use TR_LIST for TR_FLINE's 'fspec' member
* Replace custom iterators with generic iterator
* Add 'steal' option to steal (or not) an item's talloc context when
adding it to a TR_LIST
* Add tr_list_foreach() function to iterate over a TR_LIST
Jennifer Richards [Mon, 23 Apr 2018 15:01:55 +0000 (11:01 -0400)]
Add a generic TR_LIST type, use for TR_FILTER's 'lines' member
Jennifer Richards [Sat, 21 Apr 2018 06:04:27 +0000 (02:04 -0400)]
Refactor TR_FLINE using GPtrArray
Jennifer Richards [Sat, 21 Apr 2018 05:34:27 +0000 (01:34 -0400)]
Refactor TR_FSPEC using GPtrArray
Jennifer Richards [Sat, 21 Apr 2018 05:04:36 +0000 (01:04 -0400)]
Refactor TR_FILTER using a GPtrArray of filter lines
Jennifer Richards [Sat, 21 Apr 2018 04:17:35 +0000 (00:17 -0400)]
Reimplement TR_GSS_NAMES using GPtrArray
Jennifer Richards [Sat, 21 Apr 2018 04:17:04 +0000 (00:17 -0400)]
Add const modifier to TR_NAME functions
This should be backward compatible.
Jennifer Richards [Sat, 21 Apr 2018 00:48:25 +0000 (20:48 -0400)]
Bump versions to 3.4.0~1 (did not update ABI version yet)
Jennifer Richards [Sat, 21 Apr 2018 00:44:11 +0000 (20:44 -0400)]
Merge remote-tracking branch 'origin/v3.3.0' into jennifer/monitoring
# Conflicts:
# tr/tr_tid.c
# tr/tr_trp.c
Jennifer Richards [Sat, 21 Apr 2018 00:00:27 +0000 (20:00 -0400)]
Fix lines that were swapped accidentally
Jennifer Richards [Fri, 20 Apr 2018 23:50:49 +0000 (19:50 -0400)]
Check in changes that were accidentally omitted
Jennifer Richards [Fri, 20 Apr 2018 23:17:04 +0000 (19:17 -0400)]
Clean up monitoring format/naming
* change show "serial" to "config_files" to reflect its function
* suppress display of empty strings for unset / irrelevant values when
returning routes / communities
Jennifer Richards [Fri, 20 Apr 2018 22:38:59 +0000 (18:38 -0400)]
Rename acceptor_realm/name to _hostname/service, add some debug output
Jennifer Richards [Fri, 20 Apr 2018 22:32:38 +0000 (18:32 -0400)]
Read GSS credentials for monitoring service
Some refactoring here and there, too.
Jennifer Richards [Fri, 20 Apr 2018 21:03:22 +0000 (17:03 -0400)]
Bump version number (but not shared library version yet). Now 3.3.1~1
Jennifer Richards [Fri, 20 Apr 2018 20:41:40 +0000 (16:41 -0400)]
Bump version number (but not shared library version yet). Now 3.3.1~1
Jennifer Richards [Fri, 20 Apr 2018 19:17:36 +0000 (15:17 -0400)]
Break tr_config.c into smaller chunks
No functional changes