From 48599a14144725dedc45f7558d814950791d069d Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Fri, 24 Feb 2017 11:32:24 +0100 Subject: Revise CACEP API The information passed to CACEP is split between the information about the connection and the information to be used during the authentication exchange. --- src/lib/cacep.c | 50 ++++++++++++++++++++------------------ src/lib/pol/cacep_anonymous_auth.c | 40 ++++++++++++++++-------------- src/lib/pol/cacep_anonymous_auth.h | 10 +++++--- src/lib/pol/cacep_simple_auth.c | 39 +++++++++++++++++------------ src/lib/pol/cacep_simple_auth.h | 10 +++++--- 5 files changed, 84 insertions(+), 65 deletions(-) (limited to 'src/lib') diff --git a/src/lib/cacep.c b/src/lib/cacep.c index 92c028af..89bd05e7 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -28,42 +28,45 @@ #include #include -#include -#include +#include "pol/cacep_anonymous_auth.h" +#include "pol/cacep_simple_auth.h" #include #include #define BUF_SIZE 2048 -int cacep_info_init(struct cacep_info * info) +int conn_info_init(struct conn_info * info) { if (info == NULL) return -EINVAL; info->proto.protocol = NULL; - info->name = NULL; - info->data = NULL; + info->name = NULL; return 0; } -void cacep_info_fini(struct cacep_info * info) +void conn_info_fini(struct conn_info * info) { - if (info->proto.protocol != NULL) + if (info == NULL) + return; + + if (info->proto.protocol != NULL) { free(info->proto.protocol); - if (info->name != NULL) - free(info->name); - if (info->data != NULL) - free(info->data); + info->proto.protocol = NULL; + } - info->name = NULL; - info->data = NULL; + if (info->name != NULL) { + free(info->name); + info->name = NULL; + } } -struct cacep_info * cacep_auth(int fd, - enum pol_cacep pc, - const struct cacep_info * info) +struct conn_info * cacep_auth(int fd, + enum pol_cacep pc, + const struct conn_info * info, + const void * auth) { if (info == NULL) { log_err("No info provided."); @@ -72,20 +75,21 @@ struct cacep_info * cacep_auth(int fd, switch (pc) { case ANONYMOUS_AUTH: - return cacep_anonymous_auth(fd, info); + return cacep_anonymous_auth(fd, info, auth); case SIMPLE_AUTH: if (info == NULL) return NULL; - return cacep_simple_auth_auth(fd, info); + return cacep_simple_auth_auth(fd, info, auth); default: log_err("Unsupported CACEP policy."); return NULL; } } -struct cacep_info * cacep_auth_wait(int fd, - enum pol_cacep pc, - const struct cacep_info * info) +struct conn_info * cacep_auth_wait(int fd, + enum pol_cacep pc, + const struct conn_info * info, + const void * auth) { if (info == NULL) { log_err("No info provided."); @@ -94,11 +98,11 @@ struct cacep_info * cacep_auth_wait(int fd, switch (pc) { case ANONYMOUS_AUTH: - return cacep_anonymous_auth_wait(fd, info); + return cacep_anonymous_auth_wait(fd, info, auth); case SIMPLE_AUTH: if (info == NULL) return NULL; - return cacep_simple_auth_auth_wait(fd, info); + return cacep_simple_auth_auth_wait(fd, info, auth); default: log_err("Unsupported CACEP policy."); return NULL; diff --git a/src/lib/pol/cacep_anonymous_auth.c b/src/lib/pol/cacep_anonymous_auth.c index 1fcc730a..44c7bd17 100644 --- a/src/lib/pol/cacep_anonymous_auth.c +++ b/src/lib/pol/cacep_anonymous_auth.c @@ -43,16 +43,16 @@ typedef CacepProtoMsg cacep_proto_msg_t; #define NAME_LEN 8 /* this policy generates a hex string */ -static struct cacep_info * anonymous_info(void) +static struct conn_info * anonymous_info(void) { - struct cacep_info * info; + struct conn_info * info; struct timespec t; info = malloc(sizeof(*info)); if (info == NULL) return NULL; - cacep_info_init(info); + conn_info_init(info); info->name = malloc(NAME_LEN + 1); if (info->name == NULL) { @@ -71,9 +71,9 @@ static struct cacep_info * anonymous_info(void) return info; } -static struct cacep_info * read_msg(int fd) +static struct conn_info * read_msg(int fd) { - struct cacep_info * tmp; + struct conn_info * tmp; uint8_t buf[BUF_SIZE]; cacep_anonymous_auth_msg_t * msg; ssize_t len; @@ -113,8 +113,8 @@ static struct cacep_info * read_msg(int fd) return tmp; } -static int send_msg(int fd, - const struct cacep_info * info) +static int send_msg(int fd, + const struct conn_info * info) { cacep_anonymous_auth_msg_t msg = CACEP_ANONYMOUS_AUTH_MSG__INIT; cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; @@ -148,13 +148,16 @@ static int send_msg(int fd, return ret; } -struct cacep_info * cacep_anonymous_auth(int fd, - const struct cacep_info * info) +struct conn_info * cacep_anonymous_auth(int fd, + const struct conn_info * info, + const void * auth) { - struct cacep_info * tmp; + struct conn_info * tmp; assert(info); + (void) auth; + if (send_msg(fd, info)) return NULL; @@ -165,30 +168,31 @@ struct cacep_info * cacep_anonymous_auth(int fd, if (strcmp(info->proto.protocol, tmp->proto.protocol) || info->proto.pref_version != tmp->proto.pref_version || info->proto.pref_syntax != tmp->proto.pref_syntax) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); return NULL; } - tmp->data = NULL; - return tmp; } -struct cacep_info * cacep_anonymous_auth_wait(int fd, - const struct cacep_info * info) +struct conn_info * cacep_anonymous_auth_wait(int fd, + const struct conn_info * info, + const void * auth) { - struct cacep_info * tmp; + struct conn_info * tmp; assert(info); + (void) auth; + tmp = read_msg(fd); if (tmp == NULL) return NULL; if (send_msg(fd, info)) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); return NULL; } @@ -196,7 +200,7 @@ struct cacep_info * cacep_anonymous_auth_wait(int fd, if (strcmp(info->proto.protocol, tmp->proto.protocol) || info->proto.pref_version != tmp->proto.pref_version || info->proto.pref_syntax != tmp->proto.pref_syntax) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); return NULL; } diff --git a/src/lib/pol/cacep_anonymous_auth.h b/src/lib/pol/cacep_anonymous_auth.h index d0229b05..ca47b1b8 100644 --- a/src/lib/pol/cacep_anonymous_auth.h +++ b/src/lib/pol/cacep_anonymous_auth.h @@ -24,10 +24,12 @@ #ifndef OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H #define OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H -struct cacep_info * cacep_anonymous_auth(int fd, - const struct cacep_info * info); +struct conn_info * cacep_anonymous_auth(int fd, + const struct conn_info * info, + const void * auth); -struct cacep_info * cacep_anonymous_auth_wait(int fd, - const struct cacep_info * info); +struct conn_info * cacep_anonymous_auth_wait(int fd, + const struct conn_info * info, + const void * auth); #endif /* OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H */ diff --git a/src/lib/pol/cacep_simple_auth.c b/src/lib/pol/cacep_simple_auth.c index 65c510a2..69189114 100644 --- a/src/lib/pol/cacep_simple_auth.c +++ b/src/lib/pol/cacep_simple_auth.c @@ -38,9 +38,9 @@ typedef CacepProtoMsg cacep_proto_msg_t; #define BUF_SIZE 2048 -static struct cacep_info * read_msg(int fd) +static struct conn_info * read_msg(int fd) { - struct cacep_info * tmp; + struct conn_info * tmp; uint8_t buf[BUF_SIZE]; cacep_simple_auth_msg_t * msg; ssize_t len; @@ -59,7 +59,7 @@ static struct cacep_info * read_msg(int fd) return NULL; } - cacep_info_init(tmp); + conn_info_init(tmp); tmp->addr = msg->addr; tmp->name = strdup(msg->name); @@ -71,7 +71,7 @@ static struct cacep_info * read_msg(int fd) tmp->proto.protocol = strdup(msg->proto->protocol); if (tmp->proto.protocol == NULL) { - free(tmp->name); + conn_info_fini(tmp); free(tmp); cacep_simple_auth_msg__free_unpacked(msg, NULL); return NULL; @@ -80,7 +80,7 @@ static struct cacep_info * read_msg(int fd) tmp->proto.pref_version = msg->proto->pref_version; tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); if (tmp->proto.pref_syntax < 0) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); cacep_simple_auth_msg__free_unpacked(msg, NULL); return NULL; @@ -91,8 +91,8 @@ static struct cacep_info * read_msg(int fd) return tmp; } -static int send_msg(int fd, - const struct cacep_info * info) +static int send_msg(int fd, + const struct conn_info * info) { cacep_simple_auth_msg_t msg = CACEP_SIMPLE_AUTH_MSG__INIT; cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; @@ -128,13 +128,17 @@ static int send_msg(int fd, return ret; } -struct cacep_info * cacep_simple_auth_auth(int fd, - const struct cacep_info * info) +struct conn_info * cacep_simple_auth_auth(int fd, + const struct conn_info * info, + const void * auth) { - struct cacep_info * tmp; + struct conn_info * tmp; assert(info); + /* This policy does not need info to authenticate */ + (void) auth; + if (send_msg(fd, info)) return NULL; @@ -145,7 +149,7 @@ struct cacep_info * cacep_simple_auth_auth(int fd, if (strcmp(info->proto.protocol, tmp->proto.protocol) || info->proto.pref_version != tmp->proto.pref_version || info->proto.pref_syntax != tmp->proto.pref_syntax) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); return NULL; } @@ -154,19 +158,22 @@ struct cacep_info * cacep_simple_auth_auth(int fd, } -struct cacep_info * cacep_simple_auth_auth_wait(int fd, - const struct cacep_info * info) +struct conn_info * cacep_simple_auth_auth_wait(int fd, + const struct conn_info * info, + const void * auth) { - struct cacep_info * tmp; + struct conn_info * tmp; assert(info); + (void) auth; + tmp = read_msg(fd); if (tmp == NULL) return NULL; if (send_msg(fd, info)) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); return NULL; } @@ -174,7 +181,7 @@ struct cacep_info * cacep_simple_auth_auth_wait(int fd, if (strcmp(info->proto.protocol, tmp->proto.protocol) || info->proto.pref_version != tmp->proto.pref_version || info->proto.pref_syntax != tmp->proto.pref_syntax) { - cacep_info_fini(tmp); + conn_info_fini(tmp); free(tmp); return NULL; } diff --git a/src/lib/pol/cacep_simple_auth.h b/src/lib/pol/cacep_simple_auth.h index bbdbe9b9..31398a68 100644 --- a/src/lib/pol/cacep_simple_auth.h +++ b/src/lib/pol/cacep_simple_auth.h @@ -24,10 +24,12 @@ #ifndef OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H #define OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H -struct cacep_info * cacep_simple_auth_auth(int fd, - const struct cacep_info * info); +struct conn_info * cacep_simple_auth_auth(int fd, + const struct conn_info * info, + const void * auth); -struct cacep_info * cacep_simple_auth_auth_wait(int fd, - const struct cacep_info * info); +struct conn_info * cacep_simple_auth_auth_wait(int fd, + const struct conn_info * info, + const void * auth); #endif /* OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H */ -- cgit v1.2.3