From 847b3dbd866aedd0a376524241981f029a1a8ff8 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Thu, 19 Apr 2018 19:35:20 -0400 Subject: [PATCH] Add encoders for tr_filters, include in peer and rp_client encoders --- CMakeLists.txt | 2 +- Makefile.am | 1 + common/tr_filter_encoders.c | 184 +++++++++++++++++++++++++++++++++++++++++ common/tr_rp_client_encoders.c | 5 +- include/tr_filter.h | 3 + trp/trp_peer_encoders.c | 2 + 6 files changed, 194 insertions(+), 3 deletions(-) create mode 100644 common/tr_filter_encoders.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 1619306..c031f68 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -96,7 +96,7 @@ set(SOURCE_FILES trp/trp_upd.c trp/trpc.c trp/trps.c include/tr_name_internal.h mon/mon_req.c mon/mon_req_encode.c mon/mon_req_decode.c - mon/mon_resp.c mon/mon_common.c mon/mon_resp_encode.c mon/mon_resp_decode.c tr/tr_mon.c mon/mons.c include/tr_socket.h common/tr_gss.c include/tr_gss.h common/tr_config_internal.c mon/mons_handlers.c include/mons_handlers.h tr/tr_tid_mons.c tr/tr_tid_mons.c trp/trp_route.c include/trp_route.h trp/trp_rtable_encoders.c trp/trp_route_encoders.c trp/trp_peer.c include/trp_peer.h trp/trp_peer_encoders.c trp/trp_ptable_encoders.c common/tr_idp_encoders.c common/tr_comm_encoders.c common/tr_rp_client.c include/tr_rp_client.h common/tr_rp_client_encoders.c) + mon/mon_resp.c mon/mon_common.c mon/mon_resp_encode.c mon/mon_resp_decode.c tr/tr_mon.c mon/mons.c include/tr_socket.h common/tr_gss.c include/tr_gss.h common/tr_config_internal.c mon/mons_handlers.c include/mons_handlers.h tr/tr_tid_mons.c tr/tr_tid_mons.c trp/trp_route.c include/trp_route.h trp/trp_rtable_encoders.c trp/trp_route_encoders.c trp/trp_peer.c include/trp_peer.h trp/trp_peer_encoders.c trp/trp_ptable_encoders.c common/tr_idp_encoders.c common/tr_comm_encoders.c common/tr_rp_client.c include/tr_rp_client.h common/tr_rp_client_encoders.c common/tr_filter_encoders.c) # Does not actually build! add_executable(trust_router ${SOURCE_FILES}) diff --git a/Makefile.am b/Makefile.am index 1178798..5ef3761 100644 --- a/Makefile.am +++ b/Makefile.am @@ -24,6 +24,7 @@ common_srcs = common/tr_name.c \ common/tr_idp.c \ common/tr_idp_encoders.c \ common/tr_filter.c \ + common/tr_filter_encoders.c \ common/tr_gss_names.c \ common/tr_socket.c \ $(mon_srcs) diff --git a/common/tr_filter_encoders.c b/common/tr_filter_encoders.c new file mode 100644 index 0000000..cc22b02 --- /dev/null +++ b/common/tr_filter_encoders.c @@ -0,0 +1,184 @@ +/* + * Copyright (c) 2018 JANET(UK) + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of JANET(UK) nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include +#include + +#include + +/* helper for below */ +#define OBJECT_SET_OR_FAIL(jobj, key, val) \ +do { \ + if (val) \ + json_object_set_new((jobj),(key),(val)); \ + else \ + goto cleanup; \ +} while (0) + +#define ARRAY_APPEND_OR_FAIL(jary, val) \ +do { \ + if (val) \ + json_array_append_new((jary),(val)); \ + else \ + goto cleanup; \ +} while (0) + + +typedef json_t *(ITEM_ENCODER_FUNC)(void *); + +static json_t *items_to_json_array(void *items[], ITEM_ENCODER_FUNC *item_encoder, size_t max_items) +{ + size_t ii; + json_t *jarray = json_array(); + json_t *retval = NULL; + + if (jarray == NULL) + goto cleanup; + + for (ii=0; iifield)); + OBJECT_SET_OR_FAIL(fspec_json, "matches", + items_to_json_array((void **)fspec->match, + (ITEM_ENCODER_FUNC *) tr_name_to_json_string, + TR_MAX_FILTER_SPEC_MATCHES)); + + /* succeeded - set the return value and increment the reference count */ + retval = fspec_json; + json_incref(retval); + +cleanup: + if (fspec_json) + json_decref(fspec_json); + return retval; +} + +static json_t *tr_fline_to_json(TR_FLINE *fline) +{ + json_t *fline_json = NULL; + json_t *retval = NULL; + + fline_json = json_object(); + if (fline_json == NULL) + goto cleanup; + + OBJECT_SET_OR_FAIL(fline_json, "action", + json_string( (fline->action == TR_FILTER_ACTION_ACCEPT) ? "accept" : "reject")); + OBJECT_SET_OR_FAIL(fline_json, "specs", + items_to_json_array((void **)fline->specs, + (ITEM_ENCODER_FUNC *) tr_fspec_to_json, + TR_MAX_FILTER_SPECS)); + if (fline->realm_cons) { + OBJECT_SET_OR_FAIL(fline_json, "realm_constraints", + items_to_json_array((void **) fline->realm_cons->matches, + (ITEM_ENCODER_FUNC *) tr_name_to_json_string, + TR_MAX_CONST_MATCHES)); + } + if (fline->domain_cons) { + OBJECT_SET_OR_FAIL(fline_json, "domain_constraints", + items_to_json_array((void **) fline->domain_cons->matches, + (ITEM_ENCODER_FUNC *) tr_name_to_json_string, + TR_MAX_CONST_MATCHES)); + } + + /* succeeded - set the return value and increment the reference count */ + retval = fline_json; + json_incref(retval); + +cleanup: + if (fline_json) + json_decref(fline_json); + return retval; +} + +json_t *tr_filter_set_to_json(TR_FILTER_SET *filter_set) +{ + json_t *fset_json = NULL; + json_t *retval = NULL; + TR_FILTER *filt = NULL; + TR_FILTER_TYPE *filt_type = NULL; + TR_FILTER_TYPE types[] = { + TR_FILTER_TYPE_TID_INBOUND, + TR_FILTER_TYPE_TRP_INBOUND, + TR_FILTER_TYPE_TRP_OUTBOUND, + TR_FILTER_TYPE_UNKNOWN /* list terminator */ + }; + + fset_json = json_object(); + if (fset_json == NULL) + goto cleanup; + + for (filt_type = types; *filt_type != TR_FILTER_TYPE_UNKNOWN; filt_type++) { + filt = tr_filter_set_get(filter_set, *filt_type); + if (filt) { + OBJECT_SET_OR_FAIL(fset_json, tr_filter_type_to_string(*filt_type), + items_to_json_array((void **)filt->lines, + (ITEM_ENCODER_FUNC *) tr_fline_to_json, + TR_MAX_FILTER_LINES)); + } + } + + /* succeeded - set the return value and increment the reference count */ + retval = fset_json; + json_incref(retval); + +cleanup: + if (fset_json) + json_decref(fset_json); + return retval; +} + diff --git a/common/tr_rp_client_encoders.c b/common/tr_rp_client_encoders.c index c97065b..d0a5cd0 100644 --- a/common/tr_rp_client_encoders.c +++ b/common/tr_rp_client_encoders.c @@ -65,7 +65,8 @@ static json_t *tr_rp_client_to_json(TR_RP_CLIENT *rp_client) goto cleanup; OBJECT_SET_OR_FAIL(client_json, "gss_names", tr_gss_names_to_json_array(rp_client->gss_names)); - + OBJECT_SET_OR_FAIL(client_json, "filters", tr_filter_set_to_json(rp_client->filters)); + /* succeeded - set the return value and increment the reference count */ retval = client_json; json_incref(retval); @@ -102,6 +103,6 @@ cleanup: if (iter) tr_rp_client_iter_free(iter); - + return retval; } diff --git a/include/tr_filter.h b/include/tr_filter.h index a7704d7..ece3650 100644 --- a/include/tr_filter.h +++ b/include/tr_filter.h @@ -144,4 +144,7 @@ int tr_filter_validate_spec_field(TR_FILTER_TYPE ftype, TR_FSPEC *fspec); const char *tr_filter_type_to_string(TR_FILTER_TYPE ftype); TR_FILTER_TYPE tr_filter_type_from_string(const char *s); +/* tr_filter_encoders.c */ +json_t *tr_filter_set_to_json(TR_FILTER_SET *filter_set); + #endif diff --git a/trp/trp_peer_encoders.c b/trp/trp_peer_encoders.c index 4e8d57e..8aafece 100644 --- a/trp/trp_peer_encoders.c +++ b/trp/trp_peer_encoders.c @@ -112,6 +112,8 @@ json_t *trp_peer_to_json(TRP_PEER *peer) last_attempt_to_json_string(peer)); OBJECT_SET_OR_FAIL(peer_json, "allowed_credentials", tr_gss_names_to_json_array(trp_peer_get_gss_names(peer))); + OBJECT_SET_OR_FAIL(peer_json, "filters", + tr_filter_set_to_json(peer->filters)); /* succeeded - set the return value and increment the reference count */ retval = peer_json; -- 2.1.4