From 0705cc5174a47715ade9e2b91b051d6c067f0bd5 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Thu, 1 Sep 2016 11:39:10 -0400 Subject: [PATCH] Fix several bugs preventing TID requests from functioning. - Partial implementation of config file print for debug - Fix a few possibly unitialized values - Pass TRPS_INSTANCE to tids event for route lookups - Return 0 on success from tr_tids_req_handler() - Return null on no match from trp_rtable_get_selected_entry() --- common/tr_apc.c | 6 ++++ common/tr_config.c | 7 +++- common/tr_idp.c | 100 +++++++++++++++++++++++++++++++++++++++++++++++++++++ common/tr_msg.c | 22 ++++++++---- include/tr_apc.h | 2 ++ include/tr_idp.h | 1 + include/tr_tid.h | 2 ++ tid/tidc.c | 5 ++- tid/tids.c | 5 ++- tr/tr_main.c | 1 + tr/tr_tid.c | 17 ++++++--- tr/tr_trp.c | 1 + trp/trp_rtable.c | 9 ++++- trp/trps.c | 1 + 14 files changed, 164 insertions(+), 15 deletions(-) diff --git a/common/tr_apc.c b/common/tr_apc.c index eb7da1f..b0a5c34 100644 --- a/common/tr_apc.c +++ b/common/tr_apc.c @@ -75,3 +75,9 @@ TR_NAME *tr_apc_dup_id(TR_APC *apc) { return tr_dup_name(apc->id);; } + + +char *tr_apc_to_str(TALLOC_CTX *mem_ctx, TR_APC *apc) +{ + return talloc_strndup(mem_ctx, apc->id->buf, apc->id->len); +} diff --git a/common/tr_config.c b/common/tr_config.c index 941f00f..695c82b 100644 --- a/common/tr_config.c +++ b/common/tr_config.c @@ -70,9 +70,14 @@ void tr_print_comms (TR_COMM *comm_list) { void tr_print_comm_idps (TR_IDP_REALM *idp_list) { TR_IDP_REALM *idp = NULL; + char *s=NULL; for (idp = idp_list; NULL != idp; idp = idp->comm_next) { - tr_notice("tr_print_config: - @%s", idp->realm_id->buf); + s=tr_idp_realm_to_str(NULL, idp); + if (s!=NULL) + tr_notice("tr_print_config: - @%s", s); + else + tr_notice("tr_print_config: unable to allocate idp output string."); } } diff --git a/common/tr_idp.c b/common/tr_idp.c index cec435a..2ef9e93 100644 --- a/common/tr_idp.c +++ b/common/tr_idp.c @@ -137,3 +137,103 @@ TR_IDP_REALM *tr_idp_realm_add(TR_IDP_REALM *head, TR_IDP_REALM *new) } return head; } + +static int tr_idp_realm_apc_count(TR_IDP_REALM *idp) +{ + int ii=0; + TR_APC *apc=idp->apcs; + while (apc!=NULL) { + apc=apc->next; + ii++; + } + return ii; +} + +static int tr_idp_realm_aaa_server_count(TR_IDP_REALM *idp) +{ + int ii=0; + TR_AAA_SERVER *aaa=idp->aaa_servers; + while (aaa!=NULL) { + aaa=aaa->next; + ii++; + } + return ii; +} + +static char *tr_aaa_server_to_str(TALLOC_CTX *mem_ctx, TR_AAA_SERVER *aaa) +{ + return talloc_strndup(mem_ctx, aaa->hostname->buf, aaa->hostname->len); +} + +char *tr_idp_realm_to_str(TALLOC_CTX *mem_ctx, TR_IDP_REALM *idp) +{ + TALLOC_CTX *tmp_ctx=talloc_new(NULL); + char **s_aaa=NULL, *aaa_servers=NULL; + char **s_apc=NULL, *apcs=NULL; + int ii=0, aaa_servers_strlen=0, apcs_strlen=0; + int n_aaa_servers=tr_idp_realm_aaa_server_count(idp); + int n_apcs=tr_idp_realm_apc_count(idp); + TR_AAA_SERVER *aaa=NULL; + TR_APC *apc=NULL; + char *result=NULL; + + /* get the AAA servers */ + if (n_aaa_servers<=0) + aaa_servers=talloc_strdup(tmp_ctx, ""); + else { + s_aaa=talloc_array(tmp_ctx, char *, n_aaa_servers); + for (aaa=idp->aaa_servers,ii=0; aaa!=NULL; aaa=aaa->next,ii++) { + s_aaa[ii]=tr_aaa_server_to_str(s_aaa, aaa); + aaa_servers_strlen+=strlen(s_aaa[ii]); + } + + /* add space for comma-space separators */ + aaa_servers_strlen+=2*(n_aaa_servers-1); + + aaa_servers=talloc_array(tmp_ctx, char, aaa_servers_strlen+1); + aaa_servers[0]='\0'; + for (ii=0; iiapcs,ii=0; apc!=NULL; apc=apc->next,ii++) { + s_apc[ii]=tr_apc_to_str(s_apc, apc); + apcs_strlen+=strlen(s_apc[ii]); + } + + /* add space for comma-space separators */ + apcs_strlen+=2*(n_apcs-1); + + apcs=talloc_array(tmp_ctx, char, apcs_strlen+1); + apcs[0]='\0'; + for (ii=0; iirealm_id->len, idp->realm_id->buf, + (idp->shared_config)?"yes":"no", + (idp->origin==TR_REALM_LOCAL)?"yes":"no", + aaa_servers, + apcs); + talloc_free(tmp_ctx); + return result; +} diff --git a/common/tr_msg.c b/common/tr_msg.c index b2964b6..9591cd4 100644 --- a/common/tr_msg.c +++ b/common/tr_msg.c @@ -872,9 +872,13 @@ cleanup: char *tr_msg_encode(TR_MSG *msg) { - json_t *jmsg; - json_t *jmsg_type; - char *encoded; + json_t *jmsg=NULL; + json_t *jmsg_type=NULL; + char *encoded=NULL; + TID_RESP *tidresp=NULL; + TID_REQ *tidreq=NULL; + TRP_UPD *trpupd=NULL; + TRP_REQ *trpreq=NULL; /* TBD -- add error handling */ jmsg = json_object(); @@ -884,25 +888,29 @@ char *tr_msg_encode(TR_MSG *msg) case TID_REQUEST: jmsg_type = json_string("tid_request"); json_object_set_new(jmsg, "msg_type", jmsg_type); - json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidreq(tr_msg_get_req(msg))); + tidreq=tr_msg_get_req(msg); + json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidreq(tidreq)); break; case TID_RESPONSE: jmsg_type = json_string("tid_response"); json_object_set_new(jmsg, "msg_type", jmsg_type); - json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidresp(tr_msg_get_resp(msg))); + tidresp=tr_msg_get_resp(msg); + json_object_set_new(jmsg, "msg_body", tr_msg_encode_tidresp(tidresp)); break; case TRP_UPDATE: jmsg_type = json_string("trp_update"); json_object_set_new(jmsg, "msg_type", jmsg_type); - json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_upd(tr_msg_get_trp_upd(msg))); + trpupd=tr_msg_get_trp_upd(msg); + json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_upd(trpupd)); break; case TRP_REQUEST: jmsg_type = json_string("trp_request"); json_object_set_new(jmsg, "msg_type", jmsg_type); - json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_req(tr_msg_get_trp_req(msg))); + trpreq=tr_msg_get_trp_req(msg); + json_object_set_new(jmsg, "msg_body", tr_msg_encode_trp_req(trpreq)); break; default: diff --git a/include/tr_apc.h b/include/tr_apc.h index a2c5095..80b35b3 100644 --- a/include/tr_apc.h +++ b/include/tr_apc.h @@ -54,6 +54,8 @@ void tr_apc_set_id(TR_APC *apc, TR_NAME *id); TR_NAME *tr_apc_get_id(TR_APC *apc); TR_NAME *tr_apc_dup_id(TR_APC *apc); +char *tr_apc_to_str(TALLOC_CTX *mem_ctx, TR_APC *apc); + #endif diff --git a/include/tr_idp.h b/include/tr_idp.h index 3ad742e..9af36d2 100644 --- a/include/tr_idp.h +++ b/include/tr_idp.h @@ -65,6 +65,7 @@ typedef struct tr_idp_realm { TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx); TR_IDP_REALM *tr_idp_realm_add(TR_IDP_REALM *head, TR_IDP_REALM *new); +char *tr_idp_realm_to_str(TALLOC_CTX *mem_ctx, TR_IDP_REALM *idp); TR_AAA_SERVER *tr_aaa_server_new(TALLOC_CTX *mem_ctx, TR_NAME *hostname); void tr_aaa_server_free(TR_AAA_SERVER *aaa); diff --git a/include/tr_tid.h b/include/tr_tid.h index fd01a10..8fc4b55 100644 --- a/include/tr_tid.h +++ b/include/tr_tid.h @@ -1,12 +1,14 @@ #ifndef TR_TID_H #define TR_TID_H +#include #include #include int tr_tids_event_init(struct event_base *base, TIDS_INSTANCE *tids, TR_CFG_MGR *cfg_mgr, + TRPS_INSTANCE *trps, struct tr_socket_event *tids_ev); #endif /* TR_TID_H */ diff --git a/tid/tidc.c b/tid/tidc.c index 895fce6..37a3712 100644 --- a/tid/tidc.c +++ b/tid/tidc.c @@ -74,6 +74,7 @@ int tidc_open_connection (TIDC_INSTANCE *tidc, else use_port = port; + tr_debug("tidc_open_connection: opening tidc connection to %s:%d", server, port); err = gsscon_connect(server, use_port, "trustidentity", &conn, gssctx); if (!err) @@ -184,9 +185,11 @@ int tidc_fwd_request (TIDC_INSTANCE *tidc, goto error; } - if (resp_handler) + if (resp_handler) { /* Call the caller's response function */ + tr_debug("tidc_fwd_request: calling response callback function."); (*resp_handler)(tidc, tid_req, tr_msg_get_resp(resp_msg), cookie); + } goto cleanup; error: diff --git a/tid/tids.c b/tid/tids.c index f650c40..47ecfcb 100644 --- a/tid/tids.c +++ b/tid/tids.c @@ -224,7 +224,7 @@ static int tids_read_request (TIDS_INSTANCE *tids, int conn, gss_ctx_id_t *gssct static int tids_handle_request (TIDS_INSTANCE *tids, TR_MSG *mreq, TID_RESP *resp) { - int rc; + int rc=-1; /* Check that this is a valid TID Request. If not, send an error return. */ if ((!tr_msg_get_req(mreq)) || @@ -237,18 +237,21 @@ static int tids_handle_request (TIDS_INSTANCE *tids, TR_MSG *mreq, TID_RESP *res return -1; } + tr_debug("tids_handle_request: adding self to req path."); tid_req_add_path(tr_msg_get_req(mreq), tids->hostname, tids->tids_port); /* Call the caller's request handler */ /* TBD -- Handle different error returns/msgs */ if (0 > (rc = (*tids->req_handler)(tids, tr_msg_get_req(mreq), resp, tids->cookie))) { /* set-up an error response */ + tr_debug("tids_handle_request: req_handler returned error."); resp->result = TID_ERROR; if (!resp->err_msg) /* Use msg set by handler, if any */ resp->err_msg = tr_new_name("Internal processing error"); } else { /* set-up a success response */ + tr_debug("tids_handle_request: req_handler returned success."); resp->result = TID_SUCCESS; resp->err_msg = NULL; /* No error msg on successful return */ } diff --git a/tr/tr_main.c b/tr/tr_main.c index e18945c..4630336 100644 --- a/tr/tr_main.c +++ b/tr/tr_main.c @@ -270,6 +270,7 @@ int main(int argc, char *argv[]) if (0 != tr_tids_event_init(ev_base, tr->tids, tr->cfg_mgr, + tr->trps, &tids_ev)) { tr_crit("Error initializing Trust Path Query Server instance."); return 1; diff --git a/tr/tr_tid.c b/tr/tr_tid.c index e740703..3e1577e 100644 --- a/tr/tr_tid.c +++ b/tr/tr_tid.c @@ -58,9 +58,9 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, int oaction = TR_FILTER_ACTION_REJECT; int rc = 0; time_t expiration_interval=0; - struct tr_tids_event_cookie *cookie=(struct tr_tids_event_cookie *)cookie_in; - TR_CFG_MGR *cfg_mgr=talloc_get_type_abort(cookie, TR_CFG_MGR); - TRPS_INSTANCE *trps=talloc_get_type_abort(cookie, TRPS_INSTANCE); + struct tr_tids_event_cookie *cookie=talloc_get_type_abort(cookie_in, struct tr_tids_event_cookie); + TR_CFG_MGR *cfg_mgr=cookie->cfg_mgr; + TRPS_INSTANCE *trps=cookie->trps; TRP_ROUTE *route=NULL; int retval=-1; @@ -151,6 +151,7 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, } /* Look up the route for this community/realm. */ + tr_debug("tr_tids_req_handler: looking up route."); route=trps_get_selected_route(trps, orig_req->comm, orig_req->realm); if (route==NULL) { tr_notice("tr_tids_req_handler: no route table entry found for realm (%s) in community (%s).", @@ -159,11 +160,14 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, retval=-1; goto cleanup; } + tr_debug("tr_tids_req_handler: found route."); if (trp_route_is_local(route)) { + tr_debug("tr_tids_req_handler: route is local."); aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->idp_realms, orig_req->realm, orig_req->comm); } else { + tr_debug("tr_tids_req_handler: route not local."); aaa_servers = tr_aaa_server_new(tmp_ctx, trp_route_get_next_hop(route)); } @@ -235,6 +239,9 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, retval=-1; goto cleanup; } + + /* success! */ + retval=0; cleanup: talloc_free(tmp_ctx); @@ -245,7 +252,7 @@ static int tr_tids_gss_handler(gss_name_t client_name, TR_NAME *gss_name, void *data) { TR_RP_CLIENT *rp; - struct tr_tids_event_cookie *cookie=(struct tr_tids_event_cookie *)data; + struct tr_tids_event_cookie *cookie=talloc_get_type_abort(data, struct tr_tids_event_cookie); TIDS_INSTANCE *tids = cookie->tids; TR_CFG_MGR *cfg_mgr = cookie->cfg_mgr; @@ -287,6 +294,7 @@ static void tr_tids_event_cb(int listener, short event, void *arg) int tr_tids_event_init(struct event_base *base, TIDS_INSTANCE *tids, TR_CFG_MGR *cfg_mgr, + TRPS_INSTANCE *trps, struct tr_socket_event *tids_ev) { TALLOC_CTX *tmp_ctx=talloc_new(NULL); @@ -309,6 +317,7 @@ int tr_tids_event_init(struct event_base *base, } cookie->tids=tids; cookie->cfg_mgr=cfg_mgr; + cookie->trps=trps; talloc_steal(tids, cookie); /* get a tids listener */ diff --git a/tr/tr_trp.c b/tr/tr_trp.c index ab391a5..11a2d30 100644 --- a/tr/tr_trp.c +++ b/tr/tr_trp.c @@ -801,6 +801,7 @@ void tr_config_changed(TR_CFG *new_cfg, void *cookie) tr_add_local_routes(trps, new_cfg); /* should we do this every time??? */ trps_update_active_routes(trps); /* find new routes */ trps_update(trps, TRP_UPDATE_TRIGGERED); /* send any triggered routes */ + tr_print_config(new_cfg); tr_trps_print_route_table(trps, stderr); } diff --git a/trp/trp_rtable.c b/trp/trp_rtable.c index fc11506..3e4434e 100644 --- a/trp/trp_rtable.c +++ b/trp/trp_rtable.c @@ -536,6 +536,7 @@ TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAM TRP_ROUTE **ret=NULL; TR_NAME **peer=NULL; + tr_debug("trp_rtable_get_realm_entries: entered."); peer=trp_rtable_get_comm_realm_peers(rtbl, comm, realm, n_out); ret=talloc_array(NULL, TRP_ROUTE *, *n_out); if (ret==NULL) { @@ -615,8 +616,14 @@ TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAM if (n==0) return NULL; + tr_debug("trp_rtable_get_selected_entry: looking through route table entries for realm %.*s.", + realm->len, realm->buf); while(n-- && !trp_route_is_selected(entry[n])) { } - selected=entry[n]; + tr_debug("trp_rtable_get_selected_entry: n=%d.", n); + + if (n>=0) + selected=entry[n]; + talloc_free(entry); return selected; } diff --git a/trp/trps.c b/trp/trps.c index 7f58644..409e541 100644 --- a/trp/trps.c +++ b/trp/trps.c @@ -244,6 +244,7 @@ TRP_ROUTE *trps_get_route(TRPS_INSTANCE *trps, TR_NAME *comm, TR_NAME *realm, TR TRP_ROUTE *trps_get_selected_route(TRPS_INSTANCE *trps, TR_NAME *comm, TR_NAME *realm) { + tr_debug("trps_get_selected_route: entered. trps=%p, comm=%p, realm=%p", trps, comm, realm); return trp_rtable_get_selected_entry(trps->rtable, comm, realm); } -- 2.1.4