From f3ab2108e32d6b0d6d24769aaf160bed8e2e48aa Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Tue, 10 Jan 2017 16:19:39 -0500 Subject: [PATCH] Restore interface compatibility with libtr_tid.so.2 --- common/tr_dh.c | 7 ++++++- common/tr_msg.c | 6 +++--- common/tr_util.c | 2 +- include/tid_internal.h | 6 +++--- include/tr_util.h | 2 -- include/trust_router/tid.h | 22 +++++++++++++--------- include/trust_router/tr_dh.h | 6 +++++- tid/example/tidc_main.c | 4 ++-- tid/example/tids_main.c | 4 ++-- tid/tid_req.c | 5 +++-- tid/tid_resp.c | 19 +++++++++---------- tid/tidc.c | 7 ++++--- tid/tids.c | 7 +++---- tr/tr_main.c | 3 ++- tr/tr_tid.c | 11 ++++++++--- 15 files changed, 64 insertions(+), 47 deletions(-) diff --git a/common/tr_dh.c b/common/tr_dh.c index e8f2b79..031b404 100644 --- a/common/tr_dh.c +++ b/common/tr_dh.c @@ -286,7 +286,12 @@ int tr_dh_pub_hash(TID_REQ *request, return 0; } -void tr_dh_free(DH *dh) +void tr_dh_free(unsigned char *dh_buf) +{ + free(dh_buf); +} + +void tr_dh_destroy(DH *dh) { DH_free(dh); } diff --git a/common/tr_msg.c b/common/tr_msg.c index f8a462c..9b205d3 100644 --- a/common/tr_msg.c +++ b/common/tr_msg.c @@ -197,7 +197,7 @@ static DH *tr_msg_decode_dh(json_t *jdh) (NULL == (jg = json_object_get(jdh, "dh_g"))) || (NULL == (jpub_key = json_object_get(jdh, "dh_pub_key")))) { tr_debug("tr_msg_decode_dh(): Error parsing dh_info."); - tr_dh_free(dh); + tr_dh_destroy(dh); return NULL; } @@ -334,7 +334,7 @@ static json_t *tr_msg_encode_one_server(TID_SRVR_BLK *srvr) json_object_set_new(jsrvr, "server_dh", tr_msg_encode_dh(srvr->aaa_server_dh)); if (srvr->path) /* The path is owned by the srvr, so grab an extra ref*/ - json_object_set(jsrvr, "path", srvr->path); + json_object_set(jsrvr, "path", (json_t *)(srvr->path)); return jsrvr; } @@ -359,7 +359,7 @@ static int tr_msg_decode_one_server(json_t *jsrvr, TID_SRVR_BLK *srvr) srvr->aaa_server_addr=talloc_strdup(srvr, json_string_value(jsrvr_addr)); srvr->key_name = tr_new_name((char *)json_string_value(jsrvr_kn)); srvr->aaa_server_dh = tr_msg_decode_dh(jsrvr_dh); - tid_srvr_blk_set_path(srvr, json_object_get(jsrvr, "path")); + tid_srvr_blk_set_path(srvr, (TID_PATH *) json_object_get(jsrvr, "path")); jsrvr_expire = json_object_get(jsrvr, "key_expiration"); if (jsrvr_expire && json_is_string(jsrvr_expire)) { if (!g_time_val_from_iso8601(json_string_value(jsrvr_expire), diff --git a/common/tr_util.c b/common/tr_util.c index decac2f..2ce3c82 100644 --- a/common/tr_util.c +++ b/common/tr_util.c @@ -36,7 +36,7 @@ #include #include #include -/*#include */ +#include #include void tr_bin_to_hex(const unsigned char * bin, size_t bin_len, diff --git a/include/tid_internal.h b/include/tid_internal.h index bce7ab2..10c6eac 100644 --- a/include/tid_internal.h +++ b/include/tid_internal.h @@ -46,7 +46,7 @@ struct tid_srvr_blk { TR_NAME *key_name; DH *aaa_server_dh; /* AAA server's public dh information */ GTimeVal key_expiration; /**< absolute time at which key expires*/ - json_t *path;/**< Path of trust routers that the request traversed*/ + TID_PATH *path;/**< Path of trust routers that the request traversed*/ }; struct tid_resp { @@ -95,7 +95,7 @@ struct tids_instance { char *ipaddr; const char *hostname; TIDS_REQ_FUNC *req_handler; - TIDS_AUTH_FUNC *auth_handler; + tids_auth_func *auth_handler; void *cookie; uint16_t tids_port; struct tr_rp_client *rp_gss; /* Client matching GSS name */ @@ -113,7 +113,7 @@ void tid_srvr_blk_free(TID_SRVR_BLK *srvr); TID_SRVR_BLK *tid_srvr_blk_dup(TALLOC_CTX *mem_ctx, TID_SRVR_BLK *srvr); TID_SRVR_BLK *tid_srvr_blk_add_func(TID_SRVR_BLK *head, TID_SRVR_BLK *new); #define tid_srvr_blk_add(head, new) ((head)=tid_srvr_blk_add_func((head),(new))) -void tid_srvr_blk_set_path(TID_SRVR_BLK *block, json_t *path); +void tid_srvr_blk_set_path(TID_SRVR_BLK *block, TID_PATH *path); void tid_resp_set_cons(TID_RESP *resp, TR_CONSTRAINT_SET *cons); void tid_resp_set_error_path(TID_RESP *resp, json_t *ep); diff --git a/include/tr_util.h b/include/tr_util.h index 372c8ec..3a3f7bc 100644 --- a/include/tr_util.h +++ b/include/tr_util.h @@ -37,8 +37,6 @@ #include -TR_EXPORT void tr_bin_to_hex(const unsigned char * bin, size_t binlen, - char * hex_out, size_t hex_len); TR_EXPORT int tr_cmp_timespec(struct timespec *ts1, struct timespec *ts2); #endif /* TR_UTIL_H */ diff --git a/include/trust_router/tid.h b/include/trust_router/tid.h index 34ef426..0475d4d 100644 --- a/include/trust_router/tid.h +++ b/include/trust_router/tid.h @@ -57,6 +57,7 @@ typedef struct tid_srvr_blk TID_SRVR_BLK; typedef struct _tr_constraint_set TR_CONSTRAINT_SET; +typedef struct _tid_path TID_PATH; typedef struct tid_resp TID_RESP; @@ -70,7 +71,7 @@ typedef void (TIDC_RESP_FUNC)(TIDC_INSTANCE *, TID_REQ *, TID_RESP *, void *); typedef int (TIDS_REQ_FUNC)(TIDS_INSTANCE *, TID_REQ *, TID_RESP *, void *); -typedef int (TIDS_AUTH_FUNC)(gss_name_t client_name, TR_NAME *display_name, void *cookie); +typedef int (tids_auth_func)(gss_name_t client_name, TR_NAME *display_name, void *cookie); @@ -98,7 +99,7 @@ TR_EXPORT TIDC_RESP_FUNC *tid_req_get_resp_func(TID_REQ *req); void tid_req_set_resp_func(TID_REQ *req, TIDC_RESP_FUNC *resp_func); TR_EXPORT void *tid_req_get_cookie(TID_REQ *req); void tid_req_set_cookie(TID_REQ *req, void *cookie); -TR_EXPORT TID_REQ *tid_dup_req (TALLOC_CTX *mem_ctx, TID_REQ *orig_req); +TR_EXPORT TID_REQ *tid_dup_req (TID_REQ *orig_req); TR_EXPORT void tid_req_free( TID_REQ *req); /* Utility functions for TID_RESP structure, in tid/tid_resp.c */ @@ -120,17 +121,17 @@ TR_EXPORT TR_NAME *tid_resp_get_orig_coi(TID_RESP *resp); void tid_resp_set_orig_coi(TID_RESP *resp, TR_NAME *orig_coi); TR_EXPORT TID_SRVR_BLK *tid_resp_get_server(TID_RESP *resp, size_t index); TR_EXPORT size_t tid_resp_get_num_servers(const TID_RESP *resp); -TR_EXPORT json_t *tid_resp_get_error_path(const TID_RESP *); +TR_EXPORT const TID_PATH *tid_resp_get_error_path(const TID_RESP *); /** Get either the error_path or the path of the first server block for * a successful response*/ -TR_EXPORT json_t *tid_resp_get_a_path(const TID_RESP *); +TR_EXPORT const TID_PATH *tid_resp_get_a_path(const TID_RESP *); /* Server blocks*/ TR_EXPORT void tid_srvr_get_address(const TID_SRVR_BLK *, const struct sockaddr **out_addr, size_t *out_sa_len); TR_EXPORT DH *tid_srvr_get_dh(TID_SRVR_BLK *); TR_EXPORT const TR_NAME *tid_srvr_get_key_name(const TID_SRVR_BLK *); -TR_EXPORT const json_t *tid_srvr_get_path(const TID_SRVR_BLK *); +TR_EXPORT const TID_PATH *tid_srvr_get_path(const TID_SRVR_BLK *); #define tid_resp_servers_foreach(RESP, SERVER, INDEX) \ @@ -140,18 +141,21 @@ TR_EXPORT const json_t *tid_srvr_get_path(const TID_SRVR_BLK *); /* TID Client functions, in tid/tidc.c */ -TR_EXPORT TIDC_INSTANCE *tidc_create (TALLOC_CTX *mem_ctx); +TR_EXPORT TIDC_INSTANCE *tidc_create (void); TR_EXPORT int tidc_open_connection (TIDC_INSTANCE *tidc, const char *server, unsigned int port, gss_ctx_id_t *gssctx); TR_EXPORT int tidc_send_request (TIDC_INSTANCE *tidc, int conn, gss_ctx_id_t gssctx, const char *rp_realm, const char *realm, const char *coi, TIDC_RESP_FUNC *resp_handler, void *cookie); TR_EXPORT int tidc_fwd_request (TIDC_INSTANCE *tidc, TID_REQ *req, TIDC_RESP_FUNC *resp_handler, void *cookie); TR_EXPORT DH *tidc_get_dh(TIDC_INSTANCE *); TR_EXPORT DH *tidc_set_dh(TIDC_INSTANCE *, DH *); -TR_EXPORT void tidc_free(TIDC_INSTANCE *tidc); +TR_EXPORT void tidc_destroy(TIDC_INSTANCE *tidc); /* TID Server functions, in tid/tids.c */ -TR_EXPORT TIDS_INSTANCE *tids_create (TALLOC_CTX *mem_ctx); +TR_EXPORT TIDS_INSTANCE *tids_create (void); +TR_EXPORT int tids_start (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, + tids_auth_func *auth_handler, const char *hostname, + unsigned int port, void *cookie); TR_EXPORT int tids_get_listener (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - TIDS_AUTH_FUNC *auth_handler, const char *hostname, + tids_auth_func *auth_handler, const char *hostname, unsigned int port, void *cookie, int *fd_out, size_t max_fd); TR_EXPORT int tids_accept(TIDS_INSTANCE *tids, int listen); TR_EXPORT int tids_send_response (TIDS_INSTANCE *tids, TID_REQ *req, TID_RESP *resp); diff --git a/include/trust_router/tr_dh.h b/include/trust_router/tr_dh.h index 7de6249..f4ec7fb 100644 --- a/include/trust_router/tr_dh.h +++ b/include/trust_router/tr_dh.h @@ -41,16 +41,20 @@ #include TR_EXPORT DH *tr_dh_new(void); -TR_EXPORT void tr_dh_free(DH *dh); +TR_EXPORT void tr_dh_destroy(DH *dh); /* called destroy because free is already used */ TR_EXPORT DH *tr_create_dh_params(unsigned char *key, size_t len); TR_EXPORT DH *tr_create_matching_dh(unsigned char *key, size_t len, DH *in_dh); TR_EXPORT void tr_destroy_dh_params(DH *dh); TR_EXPORT DH *tr_dh_dup(DH *in); TR_EXPORT int tr_compute_dh_key(unsigned char **pbuf, BIGNUM *pub_key, DH *priv_dh); +TR_EXPORT void tr_dh_free(unsigned char *dh_buf); int TR_EXPORT tr_dh_pub_hash(TID_REQ *request, unsigned char **out_digest, size_t *out_llen); +TR_EXPORT void tr_bin_to_hex(const unsigned char * bin, size_t binlen, + char * hex_out, size_t hex_len); + #endif diff --git a/tid/example/tidc_main.c b/tid/example/tidc_main.c index 92056c2..96e1d07 100644 --- a/tid/example/tidc_main.c +++ b/tid/example/tidc_main.c @@ -190,7 +190,7 @@ int main (int argc, printf("TIDC Client:\nServer = %s, rp_realm = %s, target_realm = %s, community = %s, port = %i\n", opts.server, opts.rp_realm, opts.target_realm, opts.community, opts.port); /* Create a TID client instance & the client DH */ - tidc = tidc_create(NULL); + tidc = tidc_create(); if (NULL == (tidc->client_dh = tr_create_dh_params(NULL, 0))) { printf("Error creating client DH params.\n"); return 1; @@ -212,7 +212,7 @@ int main (int argc, } /* Clean-up the TID client instance, and exit */ - tidc_free(tidc); + tidc_destroy(tidc); return 0; } diff --git a/tid/example/tids_main.c b/tid/example/tids_main.c index 000b0f3..9b87ef7 100644 --- a/tid/example/tids_main.c +++ b/tid/example/tids_main.c @@ -227,7 +227,7 @@ static int tids_req_handler (TIDS_INSTANCE *tids, } if (0 != handle_authorizations(req, pub_digest, pub_digest_len)) return -1; - tid_srvr_blk_set_path(resp->servers, req->path); + tid_srvr_blk_set_path(resp->servers, (TID_PATH *)(req->path)); if (req->expiration_interval < 1) req->expiration_interval = 1; @@ -385,7 +385,7 @@ int main (int argc, -1, &authorization_insert, NULL); /* Create a TID server instance */ - if (NULL == (tids = tids_create(NULL))) { + if (NULL == (tids = tids_create())) { tr_crit("Unable to create TIDS instance, exiting."); return 1; } diff --git a/tid/tid_req.c b/tid/tid_req.c index 8f68e33..c3f1a27 100644 --- a/tid/tid_req.c +++ b/tid/tid_req.c @@ -189,11 +189,12 @@ void tid_req_set_cookie(TID_REQ *req, void *cookie) req->cookie = cookie; } -TID_REQ *tid_dup_req (TALLOC_CTX *mem_ctx, TID_REQ *orig_req) +/* struct is allocated in talloc null context */ +TID_REQ *tid_dup_req (TID_REQ *orig_req) { TID_REQ *new_req = NULL; - if (NULL == (new_req = talloc_zero(mem_ctx, TID_REQ))) { + if (NULL == (new_req = talloc_zero(NULL, TID_REQ))) { tr_crit("tid_dup_req: Can't allocated duplicate request."); return NULL; } diff --git a/tid/tid_resp.c b/tid/tid_resp.c index 03118b3..c6ee2e8 100644 --- a/tid/tid_resp.c +++ b/tid/tid_resp.c @@ -196,7 +196,7 @@ static int tid_srvr_blk_destructor(void *obj) if (srvr->aaa_server_dh!=NULL) tr_destroy_dh_params(srvr->aaa_server_dh); if (srvr->path!=NULL) - json_decref(srvr->path); + json_decref((json_t *)(srvr->path)); return 0; } @@ -262,16 +262,16 @@ TR_EXPORT TID_SRVR_BLK *tid_srvr_blk_add_func(TID_SRVR_BLK *head, TID_SRVR_BLK * return head; } -TR_EXPORT void tid_srvr_blk_set_path(TID_SRVR_BLK *block, json_t *path) +TR_EXPORT void tid_srvr_blk_set_path(TID_SRVR_BLK *block, TID_PATH *path) { if (block->path!=NULL) - json_decref(block->path); + json_decref((json_t *)(block->path)); block->path=path; if (block->path!=NULL) - json_incref(block->path); + json_incref((json_t *)(block->path)); } -TR_EXPORT const json_t *tid_srvr_get_path( const TID_SRVR_BLK *block) +TR_EXPORT const TID_PATH *tid_srvr_get_path( const TID_SRVR_BLK *block) { if (!block) return NULL; @@ -299,14 +299,14 @@ TR_EXPORT void tid_resp_set_error_path(TID_RESP *resp, json_t *ep) json_incref(resp->error_path); } -TR_EXPORT json_t *tid_resp_get_error_path(const TID_RESP *resp) +TR_EXPORT const TID_PATH *tid_resp_get_error_path(const TID_RESP *resp) { if (!resp) return NULL; - return resp->error_path; + return (const TID_PATH *)(resp->error_path); } -TR_EXPORT json_t *tid_resp_get_a_path(const TID_RESP *const_resp) +TR_EXPORT const TID_PATH *tid_resp_get_a_path(const TID_RESP *const_resp) { size_t index; TID_SRVR_BLK *server; @@ -314,9 +314,8 @@ TR_EXPORT json_t *tid_resp_get_a_path(const TID_RESP *const_resp) if (!resp) return NULL; - if (resp->error_path) - return resp->error_path; + return (const TID_PATH *)(resp->error_path); tid_resp_servers_foreach( resp, server, index) { if (server->path) return server->path; diff --git a/tid/tidc.c b/tid/tidc.c index de3295b..d724322 100644 --- a/tid/tidc.c +++ b/tid/tidc.c @@ -55,9 +55,10 @@ static int tidc_destructor(void *obj) return 0; } -TIDC_INSTANCE *tidc_create(TALLOC_CTX *mem_ctx) +/* creates struct in talloc null context */ +TIDC_INSTANCE *tidc_create(void) { - TIDC_INSTANCE *tidc=talloc(mem_ctx, TIDC_INSTANCE); + TIDC_INSTANCE *tidc=talloc(NULL, TIDC_INSTANCE); if (tidc!=NULL) { tidc->client_dh=NULL; talloc_set_destructor((void *)tidc, tidc_destructor); @@ -65,7 +66,7 @@ TIDC_INSTANCE *tidc_create(TALLOC_CTX *mem_ctx) return tidc; } -void tidc_free(TIDC_INSTANCE *tidc) +void tidc_destroy(TIDC_INSTANCE *tidc) { talloc_free(tidc); } diff --git a/tid/tids.c b/tid/tids.c index 77714cd..b0a6789 100644 --- a/tid/tids.c +++ b/tid/tids.c @@ -294,7 +294,6 @@ int tids_send_err_response (TIDS_INSTANCE *tids, TID_REQ *req, const char *err_m tr_crit("tids_send_err_response: Can't create response."); return -1; } - /* mark this as an error response, and include the error message */ resp->result = TID_ERROR; @@ -410,16 +409,16 @@ static void tids_handle_connection (TIDS_INSTANCE *tids, int conn) } } -TIDS_INSTANCE *tids_create (TALLOC_CTX *mem_ctx) +TIDS_INSTANCE *tids_create (void) { - return talloc_zero(mem_ctx, TIDS_INSTANCE); + return talloc_zero(NULL, TIDS_INSTANCE); } /* Get a listener for tids requests, returns its socket fd. Accept * connections with tids_accept() */ int tids_get_listener(TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - TIDS_AUTH_FUNC *auth_handler, + tids_auth_func *auth_handler, const char *hostname, unsigned int port, void *cookie, diff --git a/tr/tr_main.c b/tr/tr_main.c index 1ff56da..1f2e2de 100644 --- a/tr/tr_main.c +++ b/tr/tr_main.c @@ -174,10 +174,11 @@ int main(int argc, char *argv[]) } /***** initialize the trust path query server instance *****/ - if (NULL == (tr->tids = tids_create (tr))) { + if (NULL == (tr->tids = tids_create())) { tr_crit("Error initializing Trust Path Query Server instance."); return 1; } + talloc_steal(tr, tr->tids); /***** initialize the trust router protocol server instance *****/ if (NULL == (tr->trps = trps_new(tr))) { diff --git a/tr/tr_tid.c b/tr/tr_tid.c index 32d7b37..64c0a16 100644 --- a/tr/tr_tid.c +++ b/tr/tr_tid.c @@ -130,7 +130,7 @@ static void *tr_tids_req_fwd_thread(void *arg) { TALLOC_CTX *tmp_ctx=talloc_new(NULL); struct tr_tids_fwd_cookie *args=talloc_get_type_abort(arg, struct tr_tids_fwd_cookie); - TIDC_INSTANCE *tidc=tidc_create(tmp_ctx); + TIDC_INSTANCE *tidc=tidc_create(); TR_MQ_MSG *msg=NULL; TR_RESP_COOKIE *cookie=NULL; int rc=0; @@ -138,6 +138,9 @@ static void *tr_tids_req_fwd_thread(void *arg) talloc_steal(tmp_ctx, args); /* take responsibility for the cookie */ + if (tidc!=NULL) + talloc_steal(tmp_ctx, tidc); + /* create the cookie we will use for our response */ cookie=talloc(tmp_ctx, TR_RESP_COOKIE); if (cookie==NULL) { @@ -272,11 +275,12 @@ static int tr_tids_req_handler(TIDS_INSTANCE *tids, tids->req_count++; /* Duplicate the request, so we can modify and forward it */ - if (NULL == (fwd_req=tid_dup_req(tmp_ctx, orig_req))) { + if (NULL == (fwd_req=tid_dup_req(orig_req))) { tr_debug("tr_tids_req_handler: Unable to duplicate request."); retval=-1; goto cleanup; } + talloc_steal(tmp_ctx, fwd_req); if (NULL == (cfg_comm=tr_comm_table_find_comm(cfg_mgr->active->ctable, orig_req->comm))) { tr_notice("tr_tids_req_hander: Request for unknown comm: %s.", orig_req->comm->buf); @@ -455,7 +459,8 @@ static int tr_tids_req_handler(TIDS_INSTANCE *tids, aaa_cookie[n_aaa]->mq=mq; aaa_cookie[n_aaa]->aaa_hostname=tr_dup_name(this_aaa->hostname); aaa_cookie[n_aaa]->dh_params=tr_dh_dup(orig_req->tidc_dh); - aaa_cookie[n_aaa]->fwd_req=tid_dup_req(aaa_cookie[n_aaa], fwd_req); + aaa_cookie[n_aaa]->fwd_req=tid_dup_req(fwd_req); + talloc_steal(aaa_cookie[n_aaa], aaa_cookie[n_aaa]->fwd_req); tr_debug("tr_tids_req_handler: cookie %d initialized.", n_aaa); /* Take the cookie out of tmp_ctx before starting thread. If thread starts, it becomes -- 2.1.4