From ee6787f44e1c2507add20b083a2d652b34632f32 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Wed, 10 Aug 2016 08:38:21 -0400 Subject: [PATCH] Attempt to route TID requests using routing table. Unstable. Checking in before beginning configuration file work. Connections between trust routers are unreliable and need to be debugged. --- Makefile.am | 4 +- common/tr_config.c | 59 ++++++++++---- common/tr_idp.c | 31 ++++++++ include/tid_internal.h | 2 +- include/tr_apc.h | 9 +++ include/tr_config.h | 3 +- include/tr_idp.h | 3 + include/trp_internal.h | 4 + include/trp_rtable.h | 26 +++---- include/trust_router/tid.h | 6 +- include/trust_router/trp.h | 1 + tid/tid_req.c | 8 ++ tid/tid_resp.c | 22 +++++- tid/tids.c | 6 +- tr/tr_main.c | 2 +- tr/tr_tid.c | 84 ++++++++++++++------ tr/tr_trp.c | 34 ++++---- trp/trp_rtable.c | 190 ++++++++++++++++++++++----------------------- trp/trp_upd.c | 5 ++ trp/trps.c | 62 +++++++-------- 20 files changed, 354 insertions(+), 207 deletions(-) diff --git a/Makefile.am b/Makefile.am index c6c5222..add053d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -38,6 +38,7 @@ tr_trust_router_SOURCES = $(common_srcs) \ tr/tr_main.c \ common/tr_config.c \ common/tr_idp.c \ +common/tr_apc.c \ common/tr_comm.c \ common/tr_filter.c \ common/tr_rp.c \ @@ -50,7 +51,7 @@ tr/tr_trp.c \ $(trp_srcs) \ $(tid_srcs) -tr_trust_router_CFLAGS = $(AM_CFLAGS) -pthread +tr_trust_router_CFLAGS = $(AM_CFLAGS) -pthread -v -da -Q tr_trust_router_LDFLAGS = $(AM_LDFLAGS) -levent_pthreads #tr_trust_router_LDADD = gsscon/libgsscon.la libtr_tid.la libtr_trp.la $(GLIB_LIBS) tr_trust_router_LDADD = gsscon/libgsscon.la $(GLIB_LIBS) @@ -74,6 +75,7 @@ tid/tid_resp.c \ common/tr_msg.c \ common/tr_name.c \ common/tr_idp.c \ +common/tr_apc.c \ common/tr_comm.c \ common/tr_filter.c \ common/tr_rp.c \ diff --git a/common/tr_config.c b/common/tr_config.c index 299643b..59cdfdc 100644 --- a/common/tr_config.c +++ b/common/tr_config.c @@ -531,8 +531,9 @@ static TR_CFG_RC tr_cfg_parse_rp_clients (TR_CFG *trc, json_t *jcfg) { return rc; } -static TR_AAA_SERVER *tr_cfg_parse_one_aaa_server (TR_CFG *trc, json_t *jaddr, TR_CFG_RC *rc) { +static TR_AAA_SERVER *tr_cfg_parse_one_aaa_server (TALLOC_CTX *mem_ctx, TR_CFG *trc, json_t *jaddr, TR_CFG_RC *rc) { TR_AAA_SERVER *aaa = NULL; + TR_NAME *name=NULL; if ((!trc) || (!jaddr) || (!json_is_string(jaddr))) { tr_debug("tr_cfg_parse_one_aaa_server: Bad parameters."); @@ -540,25 +541,34 @@ static TR_AAA_SERVER *tr_cfg_parse_one_aaa_server (TR_CFG *trc, json_t *jaddr, T return NULL; } - if (NULL == (aaa = talloc_zero(trc, TR_AAA_SERVER))) { - tr_debug("tr_cfg_parse_one_aaa_server: Out of memory."); + name=tr_new_name((char *)(json_string_value(jaddr))); + if (name==NULL) { + tr_debug("tr_cfg_parse_one_aaa_server: Out of memory allocating hostname."); *rc = TR_CFG_NOMEM; return NULL; } - aaa->hostname = tr_new_name((char *)(json_string_value(jaddr))); + aaa=tr_aaa_server_new(mem_ctx, name); + if (aaa==NULL) { + tr_free_name(name); + tr_debug("tr_cfg_parse_one_aaa_server: Out of memory allocating AAA server."); + *rc = TR_CFG_NOMEM; + return NULL; + } return aaa; } -static TR_AAA_SERVER *tr_cfg_parse_aaa_servers (TR_CFG *trc, json_t *jaaas, TR_CFG_RC *rc) +static TR_AAA_SERVER *tr_cfg_parse_aaa_servers (TALLOC_CTX *mem_ctx, TR_CFG *trc, json_t *jaaas, TR_CFG_RC *rc) { + TALLOC_CTX *tmp_ctx=NULL; TR_AAA_SERVER *aaa = NULL; TR_AAA_SERVER *temp_aaa = NULL; int i = 0; for (i = 0; i < json_array_size(jaaas); i++) { - if (NULL == (temp_aaa = tr_cfg_parse_one_aaa_server(trc, json_array_get(jaaas, i), rc))) { + if (NULL == (temp_aaa = tr_cfg_parse_one_aaa_server(mem_ctx, trc, json_array_get(jaaas, i), rc))) { + talloc_free(tmp_ctx); return NULL; } /* TBD -- IPv6 addresses */ @@ -567,10 +577,14 @@ static TR_AAA_SERVER *tr_cfg_parse_aaa_servers (TR_CFG *trc, json_t *jaaas, TR_C aaa = temp_aaa; } tr_debug("tr_cfg_parse_aaa_servers: Finished (rc=%d)", *rc); + + for (temp_aaa=aaa; temp_aaa!=NULL; temp_aaa=temp_aaa->next) + talloc_steal(mem_ctx, temp_aaa); + talloc_free(tmp_ctx); return aaa; } -static TR_APC *tr_cfg_parse_apcs (TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc) +static TR_APC *tr_cfg_parse_apcs (TALLOC_CTX *mem_ctx, TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc) { TR_APC *apc; @@ -583,7 +597,8 @@ static TR_APC *tr_cfg_parse_apcs (TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc) return NULL; } - if (NULL == (apc = talloc_zero(trc, TR_APC))) { + apc=tr_apc_new(mem_ctx); + if (apc==NULL) { tr_debug("tr_cfg_parse_apcs: Out of memory."); *rc = TR_CFG_NOMEM; return NULL; @@ -591,12 +606,15 @@ static TR_APC *tr_cfg_parse_apcs (TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc) /* TBD, deal with more than one APC. In the meantime, though... */ /* Only parse the first APC, because we only know how to deal with one, anyway. */ - if (0 == json_array_size(japcs)) + if (0 == json_array_size(japcs)) { + talloc_free(apc); return NULL; + } if (NULL == (apc->id = tr_new_name((char *)json_string_value(json_array_get(japcs, 0))))) { tr_debug("tr_cfg_parse_apcs: No memory for APC name."); *rc = TR_CFG_NOMEM; + talloc_free(apc); return NULL; } @@ -605,6 +623,7 @@ static TR_APC *tr_cfg_parse_apcs (TR_CFG *trc, json_t *japcs, TR_CFG_RC *rc) } static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_CFG_RC *rc) { + TALLOC_CTX *tmp_ctx=talloc_new(NULL); TR_IDP_REALM *idp = NULL; json_t *jremote = NULL; json_t *jrid = NULL; @@ -619,9 +638,10 @@ static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_C return NULL; } - if (NULL == (idp = tr_idp_realm_new(trc))) { + if (NULL == (idp = tr_idp_realm_new(tmp_ctx))) { tr_debug("tr_cfg_parse_one_idp_realm: Out of memory."); *rc = TR_CFG_NOMEM; + talloc_free(tmp_ctx); return NULL; } @@ -630,6 +650,7 @@ static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_C if ((jremote!=NULL) && (!json_is_number(jremote))) { tr_debug("tr_cfg_parse_one_idp_realm: Error parsing IDP realm configuration (remote is not a number)."); *rc=TR_CFG_NOPARSE; + talloc_free(tmp_ctx); return NULL; } @@ -637,6 +658,7 @@ static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_C (!json_is_string(jrid))) { tr_debug("tr_cfg_parse_one_idp_realm: Error parsing IDP realm configuration (realm_id missing or invalid)."); *rc = TR_CFG_NOPARSE; + talloc_free(tmp_ctx); return NULL; } @@ -649,6 +671,7 @@ static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_C (!json_is_array(jsrvrs))) { tr_debug("tr_cfg_parse_one_idp_realm: Error parsing IDP realm configuration."); *rc = TR_CFG_NOPARSE; + talloc_free(tmp_ctx); return NULL; } @@ -663,26 +686,28 @@ static TR_IDP_REALM *tr_cfg_parse_one_idp_realm (TR_CFG *trc, json_t *jidp, TR_C if (NULL == (idp->realm_id = tr_new_name((char *)json_string_value(jrid)))) { tr_debug("tr_cfg_parse_one_idp_realm: No memory for realm id."); *rc = TR_CFG_NOMEM; + talloc_free(tmp_ctx); return NULL; } if ((NULL != (japcs = json_object_get(jidp, "apcs"))) && (json_is_array(japcs))) { - if (NULL == (idp->apcs = tr_cfg_parse_apcs(trc, japcs, rc))) { + if (NULL == (idp->apcs = tr_cfg_parse_apcs(idp, trc, japcs, rc))) { tr_debug("tr_cfg_parse_one_idp_realm: Can't parse APCs for realm %s .", idp->realm_id->buf); - tr_free_name(idp->realm_id); - /* TBD -- free aaa_servers */ + talloc_free(tmp_ctx); return NULL; } } if ((idp->origin==TR_REALM_LOCAL) && - (NULL == (idp->aaa_servers = tr_cfg_parse_aaa_servers(trc, jsrvrs, rc)))) { + (NULL == (idp->aaa_servers = tr_cfg_parse_aaa_servers(idp, trc, jsrvrs, rc)))) { tr_debug("tr_cfg_parse_one_idp_realm: Can't parse AAA servers for realm %s.", idp->realm_id->buf); - tr_free_name(idp->realm_id); + talloc_free(tmp_ctx); return NULL; } + talloc_steal(trc, idp); + talloc_free(tmp_ctx); return idp; } @@ -702,7 +727,7 @@ static TR_CFG_RC tr_cfg_parse_default_servers (TR_CFG *trc, json_t *jcfg) (0 < json_array_size(jdss))) { for (i = 0; i < json_array_size(jdss); i++) { - if (NULL == (ds = tr_cfg_parse_one_aaa_server(trc, + if (NULL == (ds = tr_cfg_parse_one_aaa_server(trc, trc, json_array_get(jdss, i), &rc))) { return rc; @@ -859,7 +884,7 @@ static TR_COMM *tr_cfg_parse_one_comm (TR_CFG *trc, json_t *jcomm, TR_CFG_RC *rc comm->type = TR_COMM_APC; } else if (0 == strcmp(json_string_value(jtype), "coi")) { comm->type = TR_COMM_COI; - if (NULL == (comm->apcs = tr_cfg_parse_apcs(trc, japcs, rc))) { + if (NULL == (comm->apcs = tr_cfg_parse_apcs(trc, trc, japcs, rc))) { tr_debug("tr_cfg_parse_one_comm: Can't parse APCs for COI %s.", comm->id->buf); tr_free_name(comm->id); return NULL; diff --git a/common/tr_idp.c b/common/tr_idp.c index 542505e..b041ffb 100644 --- a/common/tr_idp.c +++ b/common/tr_idp.c @@ -38,6 +38,29 @@ #include #include +static int tr_aaa_server_destructor(void *obj) +{ + TR_AAA_SERVER *aaa=talloc_get_type_abort(obj, TR_AAA_SERVER); + if (aaa->hostname!=NULL) + tr_free_name(aaa->hostname); + return 0; +} + +TR_AAA_SERVER *tr_aaa_server_new(TALLOC_CTX *mem_ctx, TR_NAME *hostname) +{ + TR_AAA_SERVER *aaa=talloc(mem_ctx, TR_AAA_SERVER); + if (aaa!=NULL) { + aaa->hostname=hostname; + talloc_set_destructor((void *)aaa, tr_aaa_server_destructor); + } + return aaa; +} + +void tr_aaa_server_free(TR_AAA_SERVER *aaa) +{ + talloc_free(aaa); +} + TR_AAA_SERVER *tr_idp_aaa_server_lookup(TR_IDP_REALM *idp_realms, TR_NAME *idp_realm_name, TR_NAME *comm) { TR_IDP_REALM *idp = NULL; @@ -62,6 +85,13 @@ TR_AAA_SERVER *tr_default_server_lookup(TR_AAA_SERVER *default_servers, TR_NAME return(default_servers); } +static int tr_idp_realm_destructor(void *obj) +{ + TR_IDP_REALM *idp=talloc_get_type_abort(obj, TR_IDP_REALM); + if (idp->realm_id!=NULL) + tr_free_name(idp->realm_id); + return 0; +} TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx) { @@ -74,6 +104,7 @@ TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx) idp->aaa_servers=NULL; idp->apcs=NULL; idp->origin=TR_REALM_LOCAL; + talloc_set_destructor((void *)idp, tr_idp_realm_destructor); } return idp; } diff --git a/include/tid_internal.h b/include/tid_internal.h index 6fa8e38..f415da6 100644 --- a/include/tid_internal.h +++ b/include/tid_internal.h @@ -95,7 +95,7 @@ struct tids_instance { char *ipaddr; const char *hostname; TIDS_REQ_FUNC *req_handler; - tids_auth_func *auth_handler; + TIDS_AUTH_FUNC *auth_handler; void *cookie; uint16_t tids_port; struct tr_rp_client *rp_gss; /* Client matching GSS name */ diff --git a/include/tr_apc.h b/include/tr_apc.h index a417459..08f9c34 100644 --- a/include/tr_apc.h +++ b/include/tr_apc.h @@ -35,12 +35,21 @@ #ifndef TR_APC_H #define TR_APC_H +#include + +#include + /* Used to hold lists of APC names in cfg. */ typedef struct tr_apc { struct tr_apc *next; TR_NAME *id; } TR_APC; +TR_APC *tr_apc_new(TALLOC_CTX *mem_ctx); +void tr_apc_free(TR_APC *apc); +void tr_apc_set_id(TR_APC *apc, TR_NAME *id); +TR_NAME *tr_apc_get_id(TR_APC *apc); + #endif diff --git a/include/tr_config.h b/include/tr_config.h index 448e3e4..10b1cf5 100644 --- a/include/tr_config.h +++ b/include/tr_config.h @@ -45,6 +45,7 @@ #include #include #include +#include #define TR_DEFAULT_MAX_TREE_DEPTH 12 #define TR_DEFAULT_TR_PORT 12308 @@ -84,8 +85,6 @@ typedef struct tr_cfg { TR_COMM *comms; /* locally-known communities */ TR_AAA_SERVER *default_servers; /* default server list */ /* TBD -- Global Filters */ - /* TBD -- Trust Router Peers */ - /* TBD -- Trust Links */ } TR_CFG; typedef struct tr_cfg_mgr { diff --git a/include/tr_idp.h b/include/tr_idp.h index f06f3dd..9e56b98 100644 --- a/include/tr_idp.h +++ b/include/tr_idp.h @@ -65,6 +65,9 @@ typedef struct tr_idp_realm { TR_IDP_REALM *tr_idp_realm_new(TALLOC_CTX *mem_ctx); +TR_AAA_SERVER *tr_aaa_server_new(TALLOC_CTX *mem_ctx, TR_NAME *hostname); +void tr_aaa_server_free(TR_AAA_SERVER *aaa); + TR_AAA_SERVER *tr_idp_aaa_server_lookup(TR_IDP_REALM *idp_realms, TR_NAME *idp_realm_name, TR_NAME *comm); TR_AAA_SERVER *tr_default_server_lookup(TR_AAA_SERVER *default_servers, TR_NAME *comm); #endif diff --git a/include/trp_internal.h b/include/trp_internal.h index f9978cc..ca870c1 100644 --- a/include/trp_internal.h +++ b/include/trp_internal.h @@ -76,6 +76,10 @@ typedef void (*TRP_RESP_FUNC)(); /*typedef int (*TRP_AUTH_FUNC)(gss_name_t client_name, TR_NAME *display_name, void *cookie);*/ typedef client_cb_fn TRP_AUTH_FUNC; +/* function to look up comm/realm entries */ +typedef TRP_ROUTE *(TRP_LOOKUP_FUNC)(TR_NAME *, TR_NAME *, void *); + + /* TRP Client Instance Data */ typedef struct trpc_instance TRPC_INSTANCE; struct trpc_instance { diff --git a/include/trp_rtable.h b/include/trp_rtable.h index 7ccbfb3..a8f66be 100644 --- a/include/trp_rtable.h +++ b/include/trp_rtable.h @@ -8,7 +8,7 @@ #include typedef struct trp_route { - TR_NAME *apc; + TR_NAME *comm; TR_NAME *realm; TR_NAME *peer; unsigned int metric; @@ -29,24 +29,24 @@ void trp_rtable_add(TRP_RTABLE *rtbl, TRP_ROUTE *entry); /* adds or updates */ void trp_rtable_remove(TRP_RTABLE *rtbl, TRP_ROUTE *entry); void trp_rtable_clear(TRP_RTABLE *rtbl); size_t trp_rtable_size(TRP_RTABLE *rtbl); -size_t trp_rtable_apc_size(TRP_RTABLE *rtbl, TR_NAME *apc); -size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm); +size_t trp_rtable_comm_size(TRP_RTABLE *rtbl, TR_NAME *comm); +size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm); TRP_ROUTE **trp_rtable_get_entries(TRP_RTABLE *rtbl, size_t *n_out); -TR_NAME **trp_rtable_get_apcs(TRP_RTABLE *rtbl, size_t *n_out); -TRP_ROUTE **trp_rtable_get_apc_entries(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out); -TR_NAME **trp_rtable_get_apc_realms(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out); -TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, size_t *n_out); -TR_NAME **trp_rtable_get_apc_realm_peers(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, size_t *n_out); -TRP_ROUTE *trp_rtable_get_entry(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm, TR_NAME *peer); -TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm); +TR_NAME **trp_rtable_get_comms(TRP_RTABLE *rtbl, size_t *n_out); +TRP_ROUTE **trp_rtable_get_comm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out); +TR_NAME **trp_rtable_get_comm_realms(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out); +TRP_ROUTE **trp_rtable_get_realm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, size_t *n_out); +TR_NAME **trp_rtable_get_comm_realm_peers(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, size_t *n_out); +TRP_ROUTE *trp_rtable_get_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm, TR_NAME *peer); +TRP_ROUTE *trp_rtable_get_selected_entry(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm); void trp_rtable_clear_triggered(TRP_RTABLE *rtbl); char *trp_rtable_to_str(TALLOC_CTX *mem_ctx, TRP_RTABLE *rtbl, const char *sep, const char *lineterm); TRP_ROUTE *trp_route_new(TALLOC_CTX *mem_ctx); void trp_route_free(TRP_ROUTE *entry); -void trp_route_set_apc(TRP_ROUTE *entry, TR_NAME *apc); -TR_NAME *trp_route_get_apc(TRP_ROUTE *entry); -TR_NAME *trp_route_dup_apc(TRP_ROUTE *entry); +void trp_route_set_comm(TRP_ROUTE *entry, TR_NAME *comm); +TR_NAME *trp_route_get_comm(TRP_ROUTE *entry); +TR_NAME *trp_route_dup_comm(TRP_ROUTE *entry); void trp_route_set_realm(TRP_ROUTE *entry, TR_NAME *realm); TR_NAME *trp_route_get_realm(TRP_ROUTE *entry); TR_NAME *trp_route_dup_realm(TRP_ROUTE *entry); diff --git a/include/trust_router/tid.h b/include/trust_router/tid.h index 33ab294..6950f26 100644 --- a/include/trust_router/tid.h +++ b/include/trust_router/tid.h @@ -71,7 +71,7 @@ typedef void (TIDC_RESP_FUNC)(TIDC_INSTANCE *, TID_REQ *, TID_RESP *, void *); typedef int (TIDS_REQ_FUNC)(TIDS_INSTANCE *, TID_REQ *, TID_RESP *, void *); -typedef int (tids_auth_func)(gss_name_t client_name, TR_NAME *display_name, void *cookie); +typedef int (TIDS_AUTH_FUNC)(gss_name_t client_name, TR_NAME *display_name, void *cookie); @@ -151,10 +151,10 @@ TR_EXPORT void tidc_destroy (TIDC_INSTANCE *tidc); /* TID Server functions, in tid/tids.c */ TR_EXPORT TIDS_INSTANCE *tids_create (TALLOC_CTX *mem_ctx); TR_EXPORT int tids_start (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - tids_auth_func *auth_handler, const char *hostname, + TIDS_AUTH_FUNC *auth_handler, const char *hostname, unsigned int port, void *cookie); TR_EXPORT int tids_get_listener (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - tids_auth_func *auth_handler, const char *hostname, + TIDS_AUTH_FUNC *auth_handler, const char *hostname, unsigned int port, void *cookie); TR_EXPORT int tids_accept(TIDS_INSTANCE *tids, int listen); TR_EXPORT int tids_send_response (TIDS_INSTANCE *tids, TID_REQ *req, TID_RESP *resp); diff --git a/include/trust_router/trp.h b/include/trust_router/trp.h index 9b2381d..57f0a83 100644 --- a/include/trust_router/trp.h +++ b/include/trust_router/trp.h @@ -43,6 +43,7 @@ TR_EXPORT TRP_INFOREC *trp_upd_get_inforec(TRP_UPD *upd); void trp_upd_set_inforec(TRP_UPD *upd, TRP_INFOREC *rec); void trp_upd_add_inforec(TRP_UPD *upd, TRP_INFOREC *rec); TR_EXPORT TR_NAME *trp_upd_get_peer(TRP_UPD *upd); +TR_NAME *trp_upd_dup_peer(TRP_UPD *upd); void trp_upd_set_peer(TRP_UPD *upd, TR_NAME *peer); TR_EXPORT TRP_INFOREC *trp_inforec_new(TALLOC_CTX *mem_ctx, TRP_INFOREC_TYPE type); void trp_inforec_free(TRP_INFOREC *rec); diff --git a/tid/tid_req.c b/tid/tid_req.c index 1da8338..a068c40 100644 --- a/tid/tid_req.c +++ b/tid/tid_req.c @@ -55,6 +55,14 @@ static int destroy_tid_req(TID_REQ *req) gss_delete_sec_context( &minor, &req->gssctx, NULL); } } + if (req->rp_realm!=NULL) + tr_free_name(req->rp_realm); + if (req->realm!=NULL) + tr_free_name(req->realm); + if (req->comm!=NULL) + tr_free_name(req->comm); + if (req->orig_coi!=NULL) + tr_free_name(req->orig_coi); return 0; } diff --git a/tid/tid_resp.c b/tid/tid_resp.c index 44a866a..3c40b3f 100644 --- a/tid/tid_resp.c +++ b/tid/tid_resp.c @@ -39,9 +39,29 @@ #include +static int tid_resp_destructor(void *obj) +{ + TID_RESP *resp=talloc_get_type_abort(obj, TID_RESP); + if (resp->err_msg!=NULL) + tr_free_name(resp->err_msg); + if (resp->rp_realm!=NULL) + tr_free_name(resp->rp_realm); + if (resp->realm!=NULL) + tr_free_name(resp->realm); + if (resp->comm!=NULL) + tr_free_name(resp->comm); + if (resp->orig_coi!=NULL) + tr_free_name(resp->orig_coi); + return 0; +} + TID_RESP *tid_resp_new(TALLOC_CTX *mem_ctx) { - return talloc(mem_ctx, TID_RESP); + TID_RESP *resp=talloc(mem_ctx, TID_RESP); + if (resp!=NULL) { + talloc_set_destructor((void *)resp, tid_resp_destructor); + } + return resp; } void tid_resp_free(TID_RESP *resp) diff --git a/tid/tids.c b/tid/tids.c index 14c708d..984cb48 100644 --- a/tid/tids.c +++ b/tid/tids.c @@ -345,6 +345,7 @@ static void tids_handle_connection (TIDS_INSTANCE *tids, int conn) tr_crit("tids_handle_connection: Error creating response structure."); /* try to send an error */ tids_send_err_response(tids, tr_msg_get_req(mreq), "Error creating response."); + tr_msg_free_decoded(mreq); return; } @@ -362,6 +363,7 @@ static void tids_handle_connection (TIDS_INSTANCE *tids, int conn) } tids_destroy_response(tids, resp); + tr_msg_free_decoded(mreq); return; } } @@ -375,7 +377,7 @@ TIDS_INSTANCE *tids_create (TALLOC_CTX *mem_ctx) * connections with tids_accept() */ int tids_get_listener(TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - tids_auth_func *auth_handler, + TIDS_AUTH_FUNC *auth_handler, const char *hostname, unsigned int port, void *cookie) @@ -449,7 +451,7 @@ int tids_accept(TIDS_INSTANCE *tids, int listen) /* Process tids requests forever. Should not return except on error. */ int tids_start (TIDS_INSTANCE *tids, TIDS_REQ_FUNC *req_handler, - tids_auth_func *auth_handler, + TIDS_AUTH_FUNC *auth_handler, const char *hostname, unsigned int port, void *cookie) diff --git a/tr/tr_main.c b/tr/tr_main.c index 9a84a5c..2810edc 100644 --- a/tr/tr_main.c +++ b/tr/tr_main.c @@ -315,7 +315,7 @@ int main(int argc, char *argv[]) tr_crit("Unable to allocate new peer. Aborting."); return 1; } - trp_peer_set_server(hc_peer, "epsilon.vmnet"); + trp_peer_set_server(hc_peer, "epsilon-trpc.vmnet"); trp_peer_set_gssname(hc_peer, tr_new_name("trpc@apc.painless-security.com")); trp_peer_set_port(hc_peer, 10002); /* not really used */ if (TRP_SUCCESS != trps_add_peer(tr->trps, hc_peer)) { diff --git a/tr/tr_tid.c b/tr/tr_tid.c index c03e80a..e740703 100644 --- a/tr/tr_tid.c +++ b/tr/tr_tid.c @@ -1,3 +1,5 @@ +#include + #include #include #include @@ -6,6 +8,7 @@ #include #include #include +#include #include #include @@ -19,6 +22,7 @@ typedef struct tr_resp_cookie { struct tr_tids_event_cookie { TIDS_INSTANCE *tids; TR_CFG_MGR *cfg_mgr; + TRPS_INSTANCE *trps; }; @@ -43,6 +47,7 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, TID_RESP *resp, void *cookie_in) { + TALLOC_CTX *tmp_ctx=talloc_new(NULL);; TIDC_INSTANCE *tidc = NULL; TR_RESP_COOKIE resp_cookie; TR_AAA_SERVER *aaa_servers = NULL; @@ -52,13 +57,17 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, TR_COMM *cfg_apc = NULL; int oaction = TR_FILTER_ACTION_REJECT; int rc = 0; - time_t expiration_interval; + time_t expiration_interval=0; struct tr_tids_event_cookie *cookie=(struct tr_tids_event_cookie *)cookie_in; - TR_CFG_MGR *cfg_mgr=cookie->cfg_mgr; + TR_CFG_MGR *cfg_mgr=talloc_get_type_abort(cookie, TR_CFG_MGR); + TRPS_INSTANCE *trps=talloc_get_type_abort(cookie, TRPS_INSTANCE); + TRP_ROUTE *route=NULL; + int retval=-1; if ((!tids) || (!orig_req) || (!resp)) { tr_debug("tr_tids_req_handler: Bad parameters"); - return -1; + retval=-1; + goto cleanup; } tr_debug("tr_tids_req_handler: Request received (conn = %d)! Realm = %s, Comm = %s", orig_req->conn, @@ -68,13 +77,15 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, /* Duplicate the request, so we can modify and forward it */ if (NULL == (fwd_req = tid_dup_req(orig_req))) { tr_debug("tr_tids_req_handler: Unable to duplicate request."); - return -1; + retval=-1; + goto cleanup; } if (NULL == (cfg_comm = tr_comm_lookup(cfg_mgr->active->comms, orig_req->comm))) { tr_notice("tr_tids_req_hander: Request for unknown comm: %s.", orig_req->comm->buf); tids_send_err_response(tids, orig_req, "Unknown community"); - return -1; + retval=-1; + goto cleanup; } /* Check that the rp_realm matches the filter for the GSS name that @@ -84,7 +95,8 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, (!tids->rp_gss->filter)) { tr_notice("tr_tids_req_handler: No GSS name for incoming request."); tids_send_err_response(tids, orig_req, "No GSS name for request"); - return -1; + retval=-1; + goto cleanup; } if ((TR_FILTER_NO_MATCH == tr_filter_process_rp_permitted(orig_req->rp_realm, @@ -95,13 +107,15 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, (TR_FILTER_ACTION_REJECT == oaction)) { tr_notice("tr_tids_req_handler: RP realm (%s) does not match RP Realm filter for GSS name", orig_req->rp_realm->buf); tids_send_err_response(tids, orig_req, "RP Realm filter error"); - return -1; + retval=-1; + goto cleanup; } /* Check that the rp_realm is a member of the community in the request */ if (NULL == (tr_find_comm_rp(cfg_comm, orig_req->rp_realm))) { tr_notice("tr_tids_req_handler: RP Realm (%s) not member of community (%s).", orig_req->rp_realm->buf, orig_req->comm->buf); tids_send_err_response(tids, orig_req, "RP COI membership error"); - return -1; + retval=-1; + goto cleanup; } /* Map the comm in the request from a COI to an APC, if needed */ @@ -111,7 +125,8 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, if ((!cfg_comm->apcs) || (!cfg_comm->apcs->id)) { tr_notice("No valid APC for COI %s.", orig_req->comm->buf); tids_send_err_response(tids, orig_req, "No valid APC for community"); - return -1; + retval=-1; + goto cleanup; } apc = tr_dup_name(cfg_comm->apcs->id); @@ -119,7 +134,8 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, if (NULL == (cfg_apc = tr_comm_lookup(cfg_mgr->active->comms, apc))) { tr_notice("tr_tids_req_hander: Request for unknown comm: %s.", apc->buf); tids_send_err_response(tids, orig_req, "Unknown APC"); - return -1; + retval=-1; + goto cleanup; } fwd_req->comm = apc; @@ -129,32 +145,51 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, if (NULL == (tr_find_comm_rp(cfg_apc, orig_req->rp_realm))) { tr_notice("tr_tids_req_hander: RP Realm (%s) not member of community (%s).", orig_req->rp_realm->buf, orig_req->comm->buf); tids_send_err_response(tids, orig_req, "RP APC membership error"); - return -1; + retval=-1; + goto cleanup; } } + /* Look up the route for this community/realm. */ + route=trps_get_selected_route(trps, orig_req->comm, orig_req->realm); + if (route==NULL) { + tr_notice("tr_tids_req_handler: no route table entry found for realm (%s) in community (%s).", + orig_req->realm->buf, orig_req->comm->buf); + tids_send_err_response(tids, orig_req, "Missing trust route error"); + retval=-1; + goto cleanup; + } + if (trp_route_is_local(route)) { + aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->idp_realms, + orig_req->realm, + orig_req->comm); + } else { + aaa_servers = tr_aaa_server_new(tmp_ctx, trp_route_get_next_hop(route)); + } + /* Find the AAA server(s) for this request */ - if (NULL == (aaa_servers = tr_idp_aaa_server_lookup(cfg_mgr->active->idp_realms, - orig_req->realm, - orig_req->comm))) { + if (NULL == aaa_servers) { tr_debug("tr_tids_req_handler: No AAA Servers for realm %s, defaulting.", orig_req->realm->buf); if (NULL == (aaa_servers = tr_default_server_lookup (cfg_mgr->active->default_servers, orig_req->comm))) { tr_notice("tr_tids_req_handler: No default AAA servers, discarded."); tids_send_err_response(tids, orig_req, "No path to AAA Server(s) for realm"); - return -1; + retval=-1; + goto cleanup; } } else { /* if we aren't defaulting, check idp coi and apc membership */ if (NULL == (tr_find_comm_idp(cfg_comm, fwd_req->realm))) { tr_notice("tr_tids_req_handler: IDP Realm (%s) not member of community (%s).", orig_req->realm->buf, orig_req->comm->buf); tids_send_err_response(tids, orig_req, "IDP community membership error"); - return -1; + retval=-1; + goto cleanup; } if ( cfg_apc && (NULL == (tr_find_comm_idp(cfg_apc, fwd_req->realm)))) { tr_notice("tr_tids_req_handler: IDP Realm (%s) not member of APC (%s).", orig_req->realm->buf, orig_req->comm->buf); tids_send_err_response(tids, orig_req, "IDP APC membership error"); - return -1; + retval=-1; + goto cleanup; } } @@ -171,7 +206,8 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, if (NULL == (tidc = tidc_create())) { tr_crit("tr_tids_req_hander: Unable to allocate TIDC instance."); tids_send_err_response(tids, orig_req, "Memory allocation failure"); - return -1; + retval=-1; + goto cleanup; } /* Use the DH parameters from the original request */ /* TBD -- this needs to be fixed when we handle more than one req per conn */ @@ -188,19 +224,21 @@ static int tr_tids_req_handler (TIDS_INSTANCE *tids, &(fwd_req->gssctx)))) { tr_notice("tr_tids_req_handler: Error in tidc_open_connection."); tids_send_err_response(tids, orig_req, "Can't open connection to next hop TIDS"); - return -1; + retval=-1; + goto cleanup; }; /* Send a TID request */ if (0 > (rc = tidc_fwd_request(tidc, fwd_req, &tr_tidc_resp_handler, (void *)&resp_cookie))) { tr_notice("Error from tidc_fwd_request, rc = %d.", rc); tids_send_err_response(tids, orig_req, "Can't forward request to next hop TIDS"); - tid_req_free(orig_req); - return -1; + retval=-1; + goto cleanup; } - tid_req_free(orig_req); - return 0; +cleanup: + talloc_free(tmp_ctx); + return retval; } static int tr_tids_gss_handler(gss_name_t client_name, TR_NAME *gss_name, diff --git a/tr/tr_trp.c b/tr/tr_trp.c index cbc57a3..0d87439 100644 --- a/tr/tr_trp.c +++ b/tr/tr_trp.c @@ -1,4 +1,4 @@ -#include /* TODO: remove this --jlr */ +#include #include #include #include @@ -214,10 +214,10 @@ static void tr_trps_process_mq(int socket, short event, void *arg) TR_NAME *gssname=(TR_NAME *)tr_mq_msg_get_payload(msg); TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname); if (peer==NULL) - tr_err("tr_trps_process_mq: incoming connection to unknown peer (%s) reported.", gssname->buf); + tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) reported.", gssname->buf); else { trp_peer_set_incoming_status(peer, PEER_CONNECTED); - tr_err("tr_trps_process_mq: incoming connection to %s established.", gssname->buf); + tr_err("tr_trps_process_mq: incoming connection from %s established.", gssname->buf); } } else if (0==strcmp(s, TR_MQMSG_TRPS_DISCONNECTED)) { @@ -225,19 +225,19 @@ static void tr_trps_process_mq(int socket, short event, void *arg) TR_NAME *gssname=trp_connection_get_gssname(conn); TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname); if (peer==NULL) { - tr_err("tr_trps_process_mq: disconnection of unknown peer (%s) reported.", + tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) lost.", trp_connection_get_gssname(conn)->buf); } else { trp_peer_set_incoming_status(peer, PEER_DISCONNECTED); tr_trps_cleanup_conn(trps, conn); - tr_err("tr_trps_process_mq: incoming connection to %s lost.", gssname->buf); + tr_err("tr_trps_process_mq: incoming connection from %s lost.", gssname->buf); } } else if (0==strcmp(s, TR_MQMSG_TRPC_CONNECTED)) { TR_NAME *svcname=(TR_NAME *)tr_mq_msg_get_payload(msg); TRP_PEER *peer=trps_get_peer_by_servicename(trps, svcname); if (peer==NULL) - tr_err("tr_trps_process_mq: connection to unknown peer (%s) reported.", svcname->buf); + tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) reported.", svcname->buf); else { trp_peer_set_outgoing_status(peer, PEER_CONNECTED); tr_err("tr_trps_process_mq: outgoing connection to %s established.", svcname->buf); @@ -247,9 +247,9 @@ static void tr_trps_process_mq(int socket, short event, void *arg) /* trpc connection died */ TRPC_INSTANCE *trpc=talloc_get_type_abort(tr_mq_msg_get_payload(msg), TRPC_INSTANCE); TR_NAME *gssname=trpc_get_gssname(trpc); - TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname); + TRP_PEER *peer=trps_get_peer_by_servicename(trps, gssname); if (peer==NULL) - tr_err("tr_trps_process_mq: disconnection of unknown peer (%s) reported.", gssname->buf); + tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) lost.", gssname->buf); else { trp_peer_set_outgoing_status(peer, PEER_DISCONNECTED); tr_err("tr_trps_process_mq: outgoing connection to %s lost.", gssname->buf); @@ -605,28 +605,28 @@ static TRP_ROUTE **tr_make_local_routes(TALLOC_CTX *mem_ctx, size_t *n_routes) { TALLOC_CTX *tmp_ctx=talloc_new(NULL); - TR_APC *apc=NULL; + TR_APC *comm=NULL; TRP_ROUTE *new_entry=NULL; TRP_ROUTE **entries=NULL; - size_t n_apcs=0, ii=0; + size_t n_comms=0, ii=0; *n_routes=0; if ((realm==NULL) || (realm->origin!=TR_REALM_LOCAL)) goto cleanup; - /* count apcs */ - for (apc=realm->apcs, n_apcs=0; apc!=NULL; apc=apc->next,n_apcs++) {} + /* count comms */ + for (comm=realm->apcs, n_comms=0; comm!=NULL; comm=comm->next,n_comms++) {} - entries=talloc_array(tmp_ctx, TRP_ROUTE *, n_apcs); - for (apc=realm->apcs,ii=0; apc!=NULL; apc=apc->next, ii++) { + entries=talloc_array(tmp_ctx, TRP_ROUTE *, n_comms); + for (comm=realm->apcs,ii=0; comm!=NULL; comm=comm->next, ii++) { new_entry=trp_route_new(entries); if (new_entry==NULL) { tr_crit("tr_make_local_routes: unable to allocate entry."); talloc_free(entries); goto cleanup; } - trp_route_set_apc(new_entry, tr_dup_name(apc->id)); + trp_route_set_comm(new_entry, tr_dup_name(comm->id)); trp_route_set_realm(new_entry, tr_dup_name(realm->realm_id)); trp_route_set_peer(new_entry, tr_new_name("")); /* no peer, it's us */ trp_route_set_metric(new_entry, 0); @@ -637,7 +637,7 @@ static TRP_ROUTE **tr_make_local_routes(TALLOC_CTX *mem_ctx, } talloc_steal(mem_ctx, entries); - *n_routes=n_apcs; + *n_routes=n_comms; cleanup: talloc_free(tmp_ctx); return entries; @@ -679,7 +679,7 @@ TRP_RC tr_trpc_initiate(TRPS_INSTANCE *trps, TRP_PEER *peer, struct event *ev) trpc_set_conn(trpc, conn); trpc_set_server(trpc, talloc_strdup(trpc, trp_peer_get_server(peer))); trpc_set_port(trpc, trp_peer_get_port(peer)); - trpc_set_gssname(trpc, trp_peer_dup_gssname(peer)); + trpc_set_gssname(trpc, trp_peer_dup_servicename(peer)); tr_debug("tr_trpc_initiate: allocated connection"); /* start thread */ diff --git a/trp/trp_rtable.c b/trp/trp_rtable.c index 69f845c..fc11506 100644 --- a/trp/trp_rtable.c +++ b/trp/trp_rtable.c @@ -14,8 +14,8 @@ static int trp_route_destructor(void *obj) { TRP_ROUTE *entry=talloc_get_type_abort(obj, TRP_ROUTE); - if (entry->apc!=NULL) - tr_free_name(entry->apc); + if (entry->comm!=NULL) + tr_free_name(entry->comm); if (entry->realm!=NULL) tr_free_name(entry->realm); if (entry->trust_router!=NULL) @@ -31,7 +31,7 @@ TRP_ROUTE *trp_route_new(TALLOC_CTX *mem_ctx) { TRP_ROUTE *entry=talloc(mem_ctx, TRP_ROUTE); if (entry!=NULL) { - entry->apc=NULL; + entry->comm=NULL; entry->realm=NULL; entry->trust_router=NULL; entry->peer=NULL; @@ -57,21 +57,21 @@ void trp_route_free(TRP_ROUTE *entry) talloc_free(entry); } -void trp_route_set_apc(TRP_ROUTE *entry, TR_NAME *apc) +void trp_route_set_comm(TRP_ROUTE *entry, TR_NAME *comm) { - if (entry->apc!=NULL) - tr_free_name(entry->apc); - entry->apc=apc; + if (entry->comm!=NULL) + tr_free_name(entry->comm); + entry->comm=comm; } -TR_NAME *trp_route_get_apc(TRP_ROUTE *entry) +TR_NAME *trp_route_get_comm(TRP_ROUTE *entry) { - return entry->apc; + return entry->comm; } -TR_NAME *trp_route_dup_apc(TRP_ROUTE *entry) +TR_NAME *trp_route_dup_comm(TRP_ROUTE *entry) { - return tr_dup_name(trp_route_get_apc(entry)); + return tr_dup_name(trp_route_get_comm(entry)); } void trp_route_set_realm(TRP_ROUTE *entry, TR_NAME *realm) @@ -237,7 +237,7 @@ static gboolean trp_tr_name_equal(gconstpointer key1, gconstpointer key2) return equal; } -/* free a value to the top level rtable (a hash of all entries in the apc) */ +/* free a value to the top level rtable (a hash of all entries in the comm) */ static void trp_rtable_destroy_table(gpointer data) { g_hash_table_destroy(data); @@ -284,11 +284,11 @@ static GHashTable *trp_rtbl_get_or_add_table(GHashTable *tbl, TR_NAME *key, GDes void trp_rtable_add(TRP_RTABLE *rtbl, TRP_ROUTE *entry) { - GHashTable *apc_tbl=NULL; + GHashTable *comm_tbl=NULL; GHashTable *realm_tbl=NULL; - apc_tbl=trp_rtbl_get_or_add_table(rtbl, entry->apc, trp_rtable_destroy_table); - realm_tbl=trp_rtbl_get_or_add_table(apc_tbl, entry->realm, trp_rtable_destroy_rentry); + comm_tbl=trp_rtbl_get_or_add_table(rtbl, entry->comm, trp_rtable_destroy_table); + realm_tbl=trp_rtbl_get_or_add_table(comm_tbl, entry->realm, trp_rtable_destroy_rentry); g_hash_table_insert(realm_tbl, tr_dup_name(entry->peer), entry); /* destroys and replaces a duplicate */ /* the route entry should not belong to any context, we will manage it ourselves */ talloc_steal(NULL, entry); @@ -297,14 +297,14 @@ void trp_rtable_add(TRP_RTABLE *rtbl, TRP_ROUTE *entry) /* note: the entry pointer passed in is invalid after calling this because the entry is freed */ void trp_rtable_remove(TRP_RTABLE *rtbl, TRP_ROUTE *entry) { - GHashTable *apc_tbl=NULL; + GHashTable *comm_tbl=NULL; GHashTable *realm_tbl=NULL; - apc_tbl=g_hash_table_lookup(rtbl, entry->apc); - if (apc_tbl==NULL) + comm_tbl=g_hash_table_lookup(rtbl, entry->comm); + if (comm_tbl==NULL) return; - realm_tbl=g_hash_table_lookup(apc_tbl, entry->realm); + realm_tbl=g_hash_table_lookup(comm_tbl, entry->realm); if (realm_tbl==NULL) return; @@ -312,10 +312,10 @@ void trp_rtable_remove(TRP_RTABLE *rtbl, TRP_ROUTE *entry) g_hash_table_remove(realm_tbl, entry->peer); /* if that was the last entry in the realm, remove the realm table */ if (g_hash_table_size(realm_tbl)==0) - g_hash_table_remove(apc_tbl, entry->realm); - /* if that was the last realm in the apc, remove the apc table */ - if (g_hash_table_size(apc_tbl)==0) - g_hash_table_remove(rtbl, entry->apc); + g_hash_table_remove(comm_tbl, entry->realm); + /* if that was the last realm in the comm, remove the comm table */ + if (g_hash_table_size(comm_tbl)==0) + g_hash_table_remove(rtbl, entry->comm); } void trp_rtable_clear(TRP_RTABLE *rtbl) @@ -324,19 +324,19 @@ void trp_rtable_clear(TRP_RTABLE *rtbl) } /* gets the actual hash table, for internal use only */ -static GHashTable *trp_rtable_get_apc_table(TRP_RTABLE *rtbl, TR_NAME *apc) +static GHashTable *trp_rtable_get_comm_table(TRP_RTABLE *rtbl, TR_NAME *comm) { - return g_hash_table_lookup(rtbl, apc); + return g_hash_table_lookup(rtbl, comm); } /* gets the actual hash table, for internal use only */ -static GHashTable *trp_rtable_get_realm_table(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm) +static GHashTable *trp_rtable_get_realm_table(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm) { - GHashTable *apc_tbl=trp_rtable_get_apc_table(rtbl, apc); - if (apc_tbl==NULL) + GHashTable *comm_tbl=trp_rtable_get_comm_table(rtbl, comm); + if (comm_tbl==NULL) return NULL; else - return g_hash_table_lookup(apc_tbl, realm); + return g_hash_table_lookup(comm_tbl, realm); } struct table_size_cookie { @@ -346,7 +346,7 @@ struct table_size_cookie { static void trp_rtable_size_helper(gpointer key, gpointer value, gpointer user_data) { struct table_size_cookie *data=(struct table_size_cookie *)user_data; - data->size += trp_rtable_apc_size(data->rtbl, (TR_NAME *)key); + data->size += trp_rtable_comm_size(data->rtbl, (TR_NAME *)key); }; size_t trp_rtable_size(TRP_RTABLE *rtbl) { @@ -355,34 +355,34 @@ size_t trp_rtable_size(TRP_RTABLE *rtbl) return data.size; } -struct table_apc_size_cookie { - TR_NAME *apc; +struct table_comm_size_cookie { + TR_NAME *comm; TRP_RTABLE *rtbl; size_t size; }; -static void table_apc_size_helper(gpointer key, gpointer value, gpointer user_data) +static void table_comm_size_helper(gpointer key, gpointer value, gpointer user_data) { - struct table_apc_size_cookie *data=(struct table_apc_size_cookie *)user_data; - data->size += trp_rtable_realm_size(data->rtbl, data->apc, (TR_NAME *)key); + struct table_comm_size_cookie *data=(struct table_comm_size_cookie *)user_data; + data->size += trp_rtable_realm_size(data->rtbl, data->comm, (TR_NAME *)key); } -size_t trp_rtable_apc_size(TRP_RTABLE *rtbl, TR_NAME *apc) +size_t trp_rtable_comm_size(TRP_RTABLE *rtbl, TR_NAME *comm) { - struct table_apc_size_cookie data={apc, rtbl, 0}; - GHashTable *apc_tbl=trp_rtable_get_apc_table(rtbl, apc); - if (apc_tbl==NULL) + struct table_comm_size_cookie data={comm, rtbl, 0}; + GHashTable *comm_tbl=trp_rtable_get_comm_table(rtbl, comm); + if (comm_tbl==NULL) return 0;; - g_hash_table_foreach(apc_tbl, table_apc_size_helper, &data); + g_hash_table_foreach(comm_tbl, table_comm_size_helper, &data); return data.size; } -size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm) +size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *comm, TR_NAME *realm) { - GHashTable *realm_tbl=trp_rtable_get_realm_table(rtbl, apc, realm); + GHashTable *realm_tbl=trp_rtable_get_realm_table(rtbl, comm, realm); if (realm_tbl==NULL) return 0; else return g_hash_table_size(g_hash_table_lookup( - g_hash_table_lookup(rtbl, apc), + g_hash_table_lookup(rtbl, comm), realm)); } @@ -392,9 +392,9 @@ size_t trp_rtable_realm_size(TRP_RTABLE *rtbl, TR_NAME *apc, TR_NAME *realm) TRP_ROUTE **trp_rtable_get_entries(TRP_RTABLE *rtbl, size_t *n_out) { TRP_ROUTE **ret=NULL; - TR_NAME **apc=NULL; - size_t n_apc=0; - TRP_ROUTE **apc_entries=NULL; + TR_NAME **comm=NULL; + size_t n_comm=0; + TRP_ROUTE **comm_entries=NULL; size_t n_entries=0; size_t ii_ret=0; @@ -410,14 +410,14 @@ TRP_ROUTE **trp_rtable_get_entries(TRP_RTABLE *rtbl, size_t *n_out) } ii_ret=0; /* counts output entries */ - apc=trp_rtable_get_apcs(rtbl, &n_apc); - while(n_apc--) { - apc_entries=trp_rtable_get_apc_entries(rtbl, apc[n_apc], &n_entries); + comm=trp_rtable_get_comms(rtbl, &n_comm); + while(n_comm--) { + comm_entries=trp_rtable_get_comm_entries(rtbl, comm[n_comm], &n_entries); while (n_entries--) - ret[ii_ret++]=apc_entries[n_entries]; - talloc_free(apc_entries); + ret[ii_ret++]=comm_entries[n_entries]; + talloc_free(comm_entries); } - talloc_free(apc); + talloc_free(comm); if (ii_ret!=*n_out) { tr_crit("trp_rtable_get_entries: found incorrect number of entries."); @@ -430,11 +430,11 @@ TRP_ROUTE **trp_rtable_get_entries(TRP_RTABLE *rtbl, size_t *n_out) /* Returns an array of pointers to TR_NAME, length of array in n_out. * Caller must free the array (in the talloc NULL context). */ -TR_NAME **trp_rtable_get_apcs(TRP_RTABLE *rtbl, size_t *n_out) +TR_NAME **trp_rtable_get_comms(TRP_RTABLE *rtbl, size_t *n_out) { - size_t len=g_hash_table_size(rtbl); /* known apcs are keys in top level hash table */ + size_t len=g_hash_table_size(rtbl); /* known comms are keys in top level hash table */ size_t ii=0; - GList *apcs=NULL;; + GList *comms=NULL;; GList *p=NULL; TR_NAME **ret=NULL; @@ -445,15 +445,15 @@ TR_NAME **trp_rtable_get_apcs(TRP_RTABLE *rtbl, size_t *n_out) ret=talloc_array(NULL, TR_NAME *, len); if (ret==NULL) { - tr_crit("trp_rtable_get_apcs: unable to allocate return array."); + tr_crit("trp_rtable_get_comms: unable to allocate return array."); *n_out=0; return NULL; } - apcs=g_hash_table_get_keys(rtbl); - for (ii=0,p=apcs; p!=NULL; ii++,p=g_list_next(p)) + comms=g_hash_table_get_keys(rtbl); + for (ii=0,p=comms; p!=NULL; ii++,p=g_list_next(p)) ret[ii]=(TR_NAME *)p->data; - g_list_free(apcs); + g_list_free(comms); *n_out=len; return ret; @@ -461,21 +461,21 @@ TR_NAME **trp_rtable_get_apcs(TRP_RTABLE *rtbl, size_t *n_out) /* Returns an array of pointers to TR_NAME, length of array in n_out. * Caller must free the array (in the talloc NULL context). */ -TR_NAME **trp_rtable_get_apc_realms(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out) +TR_NAME **trp_rtable_get_comm_realms(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out) { size_t ii=0; - TRP_RTABLE *apc_tbl=g_hash_table_lookup(rtbl, apc);; + TRP_RTABLE *comm_tbl=g_hash_table_lookup(rtbl, comm);; GList *entries=NULL; GList *p=NULL; TR_NAME **ret=NULL; - if (apc_tbl==NULL) { + if (comm_tbl==NULL) { *n_out=0; return NULL; } - *n_out=g_hash_table_size(apc_tbl); /* set output length */ + *n_out=g_hash_table_size(comm_tbl); /* set output length */ ret=talloc_array(NULL, TR_NAME *, *n_out); - entries=g_hash_table_get_keys(apc_tbl); + entries=g_hash_table_get_keys(comm_tbl); for (ii=0,p=entries; p!=NULL; ii++,p=g_list_next(p)) ret[ii]=(TR_NAME *)p->data; @@ -483,10 +483,10 @@ TR_NAME **trp_rtable_get_apc_realms(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_ou return ret; } -/* Get all entries in an apc. Returns an array of pointers in NULL talloc context. +/* Get all entries in an comm. Returns an array of pointers in NULL talloc context. * Caller must free this list with talloc_free, but must not free the entries in the * list.. */ -TRP_ROUTE **trp_rtable_get_apc_entries(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n_out) +TRP_ROUTE **trp_rtable_get_comm_entries(TRP_RTABLE *rtbl, TR_NAME *comm, size_t *n_out) { size_t ii=0, jj=0; TR_NAME **realm=NULL; @@ -496,21 +496,21 @@ TRP_ROUTE **trp_rtable_get_apc_entries(TRP_RTABLE *rtbl, TR_NAME *apc, size_t *n TRP_ROUTE **ret=NULL; size_t ii_ret=0; - *n_out=trp_rtable_apc_size(rtbl, apc); + *n_out=trp_rtable_comm_size(rtbl, comm); if (*n_out==0) return NULL; ret=talloc_array(NULL, TRP_ROUTE *, *n_out); if (ret==NULL) { - tr_crit("trp_rtable_get_apc_entries: could not allocate return array."); + tr_crit("trp_rtable_get_comm_entries: could not allocate return array."); *n_out=0; return NULL; } ii_ret=0; /* counts entries in the output array */ - realm=trp_rtable_get_apc_realms(rtbl, apc, &n_realms); + realm=trp_rtable_get_comm_realms(rtbl, comm, &n_realms); for (ii=0; iiapc); + char *comm=tr_name_strdup(entry->comm); char *realm=tr_name_strdup(entry->realm); char *peer=tr_name_strdup(entry->peer); char *trust_router=tr_name_strdup(entry->trust_router); @@ -638,7 +638,7 @@ char *trp_route_to_str(TALLOC_CTX *mem_ctx, TRP_ROUTE *entry, const char *sep) result=talloc_asprintf(mem_ctx, "%s%s%s%s%s%s%u%s%s%s%s%s%u%s%u%s%s%s%u", - apc, sep, + comm, sep, realm, sep, peer, sep, entry->metric, sep, @@ -648,7 +648,7 @@ char *trp_route_to_str(TALLOC_CTX *mem_ctx, TRP_ROUTE *entry, const char *sep) entry->local, sep, expiry, sep, entry->triggered); - free(apc); + free(comm); free(realm); free(peer); free(trust_router); @@ -685,8 +685,8 @@ static void sort_tr_names(TR_NAME **names, size_t n_names) char *trp_rtable_to_str(TALLOC_CTX *mem_ctx, TRP_RTABLE *rtbl, const char *sep, const char *lineterm) { TALLOC_CTX *tmp_ctx=talloc_new(NULL); - TR_NAME **apcs=NULL; - size_t n_apcs=0; + TR_NAME **comms=NULL; + size_t n_comms=0; TR_NAME **realms=NULL; size_t n_realms=0; TRP_ROUTE **entries=NULL; @@ -714,17 +714,17 @@ char *trp_rtable_to_str(TALLOC_CTX *mem_ctx, TRP_RTABLE *rtbl, const char *sep, goto cleanup; } - apcs=trp_rtable_get_apcs(rtbl, &n_apcs); - talloc_steal(tmp_ctx, apcs); - sort_tr_names(apcs, n_apcs); + comms=trp_rtable_get_comms(rtbl, &n_comms); + talloc_steal(tmp_ctx, comms); + sort_tr_names(comms, n_comms); ii_tbl=0; len=0; - for (ii=0; iipeer; } +TR_NAME *trp_upd_dup_peer(TRP_UPD *upd) +{ + return tr_dup_name(upd->peer); +} + void trp_upd_set_peer(TRP_UPD *upd, TR_NAME *peer) { TRP_INFOREC *rec=NULL; diff --git a/trp/trps.c b/trp/trps.c index 201935c..1997c54 100644 --- a/trp/trps.c +++ b/trp/trps.c @@ -287,7 +287,7 @@ static TRP_RC trps_read_message(TRPS_INSTANCE *trps, TRP_CONNECTION *conn, TR_MS return TRP_ERROR; } - tr_debug("trps_read_message(): Request Received, %u bytes.", (unsigned) buflen); + tr_debug("trps_read_message(): message received, %u bytes.", (unsigned) buflen); tr_debug("trps_read_message(): %.*s", buflen, buf); *msg=tr_msg_decode(buf, buflen); @@ -514,7 +514,7 @@ static struct timespec *trps_compute_expiry(TRPS_INSTANCE *trps, unsigned int in return ts; } -static TRP_RC trps_accept_update(TRPS_INSTANCE *trps, TRP_INFOREC *rec) +static TRP_RC trps_accept_update(TRPS_INSTANCE *trps, TRP_UPD *upd, TRP_INFOREC *rec) { TRP_ROUTE *entry=NULL; @@ -529,12 +529,12 @@ static TRP_RC trps_accept_update(TRPS_INSTANCE *trps, TRP_INFOREC *rec) return TRP_NOMEM; } - trp_route_set_apc(entry, tr_dup_name(trp_inforec_get_comm(rec))); - trp_route_set_realm(entry, tr_dup_name(trp_inforec_get_realm(rec))); - trp_route_set_peer(entry, tr_dup_name(trp_inforec_get_next_hop(rec))); - trp_route_set_trust_router(entry, tr_dup_name(trp_inforec_get_trust_router(rec))); - trp_route_set_next_hop(entry, tr_dup_name(trp_inforec_get_next_hop(rec))); - if ((trp_route_get_apc(entry)==NULL) + trp_route_set_comm(entry, trp_inforec_dup_comm(rec)); + trp_route_set_realm(entry, trp_inforec_dup_realm(rec)); + trp_route_set_peer(entry, trp_upd_dup_peer(upd)); + trp_route_set_trust_router(entry, trp_inforec_dup_trust_router(rec)); + trp_route_set_next_hop(entry, trp_inforec_dup_next_hop(rec)); + if ((trp_route_get_comm(entry)==NULL) ||(trp_route_get_realm(entry)==NULL) ||(trp_route_get_peer(entry)==NULL) ||(trp_route_get_trust_router(entry)==NULL) @@ -600,13 +600,13 @@ static TRP_RC trps_handle_update(TRPS_INSTANCE *trps, TRP_UPD *upd) route=trps_get_route(trps, trp_inforec_get_comm(rec), trp_inforec_get_realm(rec), - trp_inforec_get_next_hop(rec)); + trp_upd_get_peer(upd)); if (route!=NULL) { /* there was a route table entry already */ tr_debug("trps_handle_updates: route entry already exists."); if (feas) { /* Update is feasible. Accept it. */ - trps_accept_update(trps, rec); + trps_accept_update(trps, upd, rec); } else { /* Update is infeasible. Ignore it unless the trust router has changed. */ if (0!=tr_name_cmp(trp_route_get_trust_router(route), @@ -619,7 +619,7 @@ static TRP_RC trps_handle_update(TRPS_INSTANCE *trps, TRP_UPD *upd) /* No existing route table entry. Ignore it unless it is feasible and not a retraction. */ tr_debug("trps_handle_update: no route entry exists yet."); if (feas && trp_metric_is_finite(trp_inforec_get_metric(rec))) - trps_accept_update(trps, rec); + trps_accept_update(trps, upd, rec); } } return TRP_SUCCESS; @@ -684,23 +684,23 @@ static TRP_ROUTE *trps_find_best_route(TRPS_INSTANCE *trps, * to avoid flapping between routers or routes. */ TRP_RC trps_update_active_routes(TRPS_INSTANCE *trps) { - size_t n_apc=0, ii=0; - TR_NAME **apc=trp_rtable_get_apcs(trps->rtable, &n_apc); + size_t n_comm=0, ii=0; + TR_NAME **comm=trp_rtable_get_comms(trps->rtable, &n_comm); size_t n_realm=0, jj=0; TR_NAME **realm=NULL; TRP_ROUTE *best_route=NULL, *cur_route=NULL; unsigned int best_metric=0, cur_metric=0; - for (ii=0; iirtable, apc[ii], &n_realm); + for (ii=0; iirtable, comm[ii], &n_realm); for (jj=0; jjrtable, &n_apc); + size_t n_comm=0; + TR_NAME **comm=trp_rtable_get_comms(trps->rtable, &n_comm); TR_NAME **realm=NULL; size_t n_realm=0; size_t ii=0, jj=0; @@ -824,15 +824,15 @@ static TRP_ROUTE **trps_select_updates_for_peer(TALLOC_CTX *memctx, * unlikely to be significant in the near future. */ result=talloc_array(memctx, TRP_ROUTE *, trp_rtable_size(trps->rtable)); if (result==NULL) { - talloc_free(apc); + talloc_free(comm); *n_update=0; return NULL; } - for (ii=0; iirtable, apc[ii], &n_realm); + for (ii=0; iirtable, comm[ii], &n_realm); for (jj=0; jj