From d06cb62e111be1ac3f09398ae559f99e4833b4bf Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Mon, 27 Feb 2017 17:04:40 +0100 Subject: lib: Split authentication from CACEP By removing authentication as part of CACEP, all policies disappear. CACEP becomes a policy-free connection establishment protocol between Application Entities. Authentication can later be added cleanly as a pure policy function when needed. --- src/lib/cacep.c | 152 +++++++++++++++++++++++++++++++++----------------------- 1 file changed, 90 insertions(+), 62 deletions(-) (limited to 'src/lib/cacep.c') diff --git a/src/lib/cacep.c b/src/lib/cacep.c index 89bd05e7..badeccc0 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -1,9 +1,10 @@ /* * Ouroboros - Copyright (C) 2016 - 2017 * - * The Common Application Connection Establishment Phase + * The Common Application Connection Establishment Protocol * - * Sander Vrijders + * Dimitri Staessens + * Sander Vrijders * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public License @@ -20,91 +21,118 @@ * 02110-1301 USA */ -#define OUROBOROS_PREFIX "cacep" - #include #include #include #include -#include - -#include "pol/cacep_anonymous_auth.h" -#include "pol/cacep_simple_auth.h" #include #include -#define BUF_SIZE 2048 +#include "cacep.pb-c.h" +typedef CacepMsg cacep_msg_t; -int conn_info_init(struct conn_info * info) +#define BUF_SIZE 64 + +int read_msg(int fd, + struct conn_info * info) { - if (info == NULL) - return -EINVAL; + uint8_t buf[BUF_SIZE]; + cacep_msg_t * msg; + ssize_t len; + + len = flow_read(fd, buf, BUF_SIZE); + if (len < 0) + return -1; + + msg = cacep_msg__unpack(NULL, len, buf); + if (msg == NULL) + return -1; + + strcpy(info->protocol, msg->protocol); + + info->pref_version = msg->pref_version; + info->pref_syntax = msg->pref_syntax; - info->proto.protocol = NULL; - info->name = NULL; + cacep_msg__free_unpacked(msg, NULL); return 0; } -void conn_info_fini(struct conn_info * info) +static int send_msg(int fd, + const struct conn_info * info) { - if (info == NULL) - return; + cacep_msg_t msg = CACEP_MSG__INIT; + uint8_t * data = NULL; + size_t len = 0; - if (info->proto.protocol != NULL) { - free(info->proto.protocol); - info->proto.protocol = NULL; - } + msg.ae_name = (char *) info->ae_name; + msg.protocol = (char *) info->protocol; + msg.pref_version = info->pref_version; + msg.pref_syntax = info->pref_syntax; + if (msg.pref_syntax < 0) + return -1; + + len = cacep_msg__get_packed_size(&msg); + if (len == 0) + return -1; + + data = malloc(len); + if (data == NULL) + return -ENOMEM; + + cacep_msg__pack(&msg, data); - if (info->name != NULL) { - free(info->name); - info->name = NULL; + if (flow_write(fd, data, len) < 0) { + free(data); + return -1; } + + free(data); + + return 0; } -struct conn_info * cacep_auth(int fd, - enum pol_cacep pc, - const struct conn_info * info, - const void * auth) +int cacep_connect(int fd, + const struct conn_info * in, + struct conn_info * out) { - if (info == NULL) { - log_err("No info provided."); - return NULL; - } + if (in == NULL || out == NULL) + return -EINVAL; - switch (pc) { - case ANONYMOUS_AUTH: - return cacep_anonymous_auth(fd, info, auth); - case SIMPLE_AUTH: - if (info == NULL) - return NULL; - return cacep_simple_auth_auth(fd, info, auth); - default: - log_err("Unsupported CACEP policy."); - return NULL; - } + if (send_msg(fd, in)) + return -1; + + if (read_msg(fd, out)) + return -1; + + if (strcmp(in->ae_name, out->ae_name) || + strcmp(in->protocol, out->protocol) || + in->pref_version != out->pref_version || + in->pref_syntax != out->pref_syntax) + return -EPROTO; + + return 0; } -struct conn_info * cacep_auth_wait(int fd, - enum pol_cacep pc, - const struct conn_info * info, - const void * auth) +int cacep_listen(int fd, + const struct conn_info * in, + struct conn_info * out) { - if (info == NULL) { - log_err("No info provided."); - return NULL; - } + if (in == NULL || out == NULL) + return -EINVAL; - switch (pc) { - case ANONYMOUS_AUTH: - return cacep_anonymous_auth_wait(fd, info, auth); - case SIMPLE_AUTH: - if (info == NULL) - return NULL; - return cacep_simple_auth_auth_wait(fd, info, auth); - default: - log_err("Unsupported CACEP policy."); - return NULL; - } + if (send_msg(fd, in)) + return -1; + + if (read_msg(fd, out)) + return -1; + + if (strcmp(in->ae_name, out->ae_name) || + strcmp(in->protocol, out->protocol) || + in->pref_version != out->pref_version || + in->pref_syntax != out->pref_syntax) + return -EPROTO; + + return 0; } -- cgit v1.2.3