From 48599a14144725dedc45f7558d814950791d069d Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Fri, 24 Feb 2017 11:32:24 +0100 Subject: Revise CACEP API The information passed to CACEP is split between the information about the connection and the information to be used during the authentication exchange. --- src/lib/cacep.c | 50 +++++++++++++++++++++++++++----------------------- 1 file changed, 27 insertions(+), 23 deletions(-) (limited to 'src/lib/cacep.c') diff --git a/src/lib/cacep.c b/src/lib/cacep.c index 92c028af..89bd05e7 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -28,42 +28,45 @@ #include #include -#include -#include +#include "pol/cacep_anonymous_auth.h" +#include "pol/cacep_simple_auth.h" #include #include #define BUF_SIZE 2048 -int cacep_info_init(struct cacep_info * info) +int conn_info_init(struct conn_info * info) { if (info == NULL) return -EINVAL; info->proto.protocol = NULL; - info->name = NULL; - info->data = NULL; + info->name = NULL; return 0; } -void cacep_info_fini(struct cacep_info * info) +void conn_info_fini(struct conn_info * info) { - if (info->proto.protocol != NULL) + if (info == NULL) + return; + + if (info->proto.protocol != NULL) { free(info->proto.protocol); - if (info->name != NULL) - free(info->name); - if (info->data != NULL) - free(info->data); + info->proto.protocol = NULL; + } - info->name = NULL; - info->data = NULL; + if (info->name != NULL) { + free(info->name); + info->name = NULL; + } } -struct cacep_info * cacep_auth(int fd, - enum pol_cacep pc, - const struct cacep_info * info) +struct conn_info * cacep_auth(int fd, + enum pol_cacep pc, + const struct conn_info * info, + const void * auth) { if (info == NULL) { log_err("No info provided."); @@ -72,20 +75,21 @@ struct cacep_info * cacep_auth(int fd, switch (pc) { case ANONYMOUS_AUTH: - return cacep_anonymous_auth(fd, info); + return cacep_anonymous_auth(fd, info, auth); case SIMPLE_AUTH: if (info == NULL) return NULL; - return cacep_simple_auth_auth(fd, info); + return cacep_simple_auth_auth(fd, info, auth); default: log_err("Unsupported CACEP policy."); return NULL; } } -struct cacep_info * cacep_auth_wait(int fd, - enum pol_cacep pc, - const struct cacep_info * info) +struct conn_info * cacep_auth_wait(int fd, + enum pol_cacep pc, + const struct conn_info * info, + const void * auth) { if (info == NULL) { log_err("No info provided."); @@ -94,11 +98,11 @@ struct cacep_info * cacep_auth_wait(int fd, switch (pc) { case ANONYMOUS_AUTH: - return cacep_anonymous_auth_wait(fd, info); + return cacep_anonymous_auth_wait(fd, info, auth); case SIMPLE_AUTH: if (info == NULL) return NULL; - return cacep_simple_auth_auth_wait(fd, info); + return cacep_simple_auth_auth_wait(fd, info, auth); default: log_err("Unsupported CACEP policy."); return NULL; -- cgit v1.2.3 From d06cb62e111be1ac3f09398ae559f99e4833b4bf Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Mon, 27 Feb 2017 17:04:40 +0100 Subject: lib: Split authentication from CACEP By removing authentication as part of CACEP, all policies disappear. CACEP becomes a policy-free connection establishment protocol between Application Entities. Authentication can later be added cleanly as a pure policy function when needed. --- include/ouroboros/cacep.h | 37 +++--- include/ouroboros/irm_config.h | 5 - src/ipcpd/normal/cdap_flow.c | 25 ++-- src/ipcpd/normal/cdap_flow.h | 8 +- src/ipcpd/normal/enroll.c | 42 +++---- src/ipcpd/normal/fmgr.c | 11 -- src/ipcpd/normal/gam.c | 87 ++++++-------- src/ipcpd/normal/main.c | 11 -- src/ipcpd/normal/pol/complete.c | 6 +- src/ipcpd/normal/ribmgr.c | 10 -- src/lib/CMakeLists.txt | 14 +-- src/lib/cacep.c | 152 ++++++++++++++---------- src/lib/cacep.proto | 33 ++++++ src/lib/pol/cacep_anonymous_auth.c | 209 --------------------------------- src/lib/pol/cacep_anonymous_auth.h | 35 ------ src/lib/pol/cacep_anonymous_auth.proto | 30 ----- src/lib/pol/cacep_proto.c | 52 -------- src/lib/pol/cacep_proto.h | 36 ------ src/lib/pol/cacep_proto.proto | 38 ------ src/lib/pol/cacep_simple_auth.c | 190 ------------------------------ src/lib/pol/cacep_simple_auth.h | 35 ------ src/lib/pol/cacep_simple_auth.proto | 32 ----- 22 files changed, 210 insertions(+), 888 deletions(-) create mode 100644 src/lib/cacep.proto delete mode 100644 src/lib/pol/cacep_anonymous_auth.c delete mode 100644 src/lib/pol/cacep_anonymous_auth.h delete mode 100644 src/lib/pol/cacep_anonymous_auth.proto delete mode 100644 src/lib/pol/cacep_proto.c delete mode 100644 src/lib/pol/cacep_proto.h delete mode 100644 src/lib/pol/cacep_proto.proto delete mode 100644 src/lib/pol/cacep_simple_auth.c delete mode 100644 src/lib/pol/cacep_simple_auth.h delete mode 100644 src/lib/pol/cacep_simple_auth.proto (limited to 'src/lib/cacep.c') diff --git a/include/ouroboros/cacep.h b/include/ouroboros/cacep.h index f155023e..5ef66433 100644 --- a/include/ouroboros/cacep.h +++ b/include/ouroboros/cacep.h @@ -1,7 +1,7 @@ /* * Ouroboros - Copyright (C) 2016 - 2017 * - * The Common Application Connection Establishment Phase + * The Common Application Connection Establishment Protocol * * Sander Vrijders * Dimitri Staessens @@ -24,7 +24,7 @@ #ifndef OUROBOROS_CACEP_H #define OUROBOROS_CACEP_H -#include +#include enum proto_concrete_syntax { PROTO_GPB = 0, @@ -33,27 +33,22 @@ enum proto_concrete_syntax { }; struct conn_info{ - struct { - char * protocol; - uint32_t pref_version; - enum proto_concrete_syntax pref_syntax; - } proto; - char * name; - uint64_t addr; + char ae_name[64]; + char protocol[64]; + uint32_t pref_version; + enum proto_concrete_syntax pref_syntax; + union { + char name[64]; + uint64_t addr; + } ae; }; -int conn_info_init(struct conn_info * info); +int cacep_connect(int fd, + const struct conn_info * in, + struct conn_info * out); -void conn_info_fini(struct conn_info * info); - -struct conn_info * cacep_auth(int fd, - enum pol_cacep pc, - const struct conn_info * info, - const void * auth); - -struct conn_info * cacep_auth_wait(int fd, - enum pol_cacep pc, - const struct conn_info * info, - const void * auth); +int cacep_listen(int fd, + const struct conn_info * in, + struct conn_info * out); #endif /* OUROBOROS_CACEP_H */ diff --git a/include/ouroboros/irm_config.h b/include/ouroboros/irm_config.h index 9a05a434..5e3c84b4 100644 --- a/include/ouroboros/irm_config.h +++ b/include/ouroboros/irm_config.h @@ -47,11 +47,6 @@ enum pol_gam { COMPLETE = 0 }; -enum pol_cacep { - ANONYMOUS_AUTH = 0, - SIMPLE_AUTH -}; - struct dif_config { char * dif_name; enum ipcp_type type; diff --git a/src/ipcpd/normal/cdap_flow.c b/src/ipcpd/normal/cdap_flow.c index 3d1b2b22..d3d98884 100644 --- a/src/ipcpd/normal/cdap_flow.c +++ b/src/ipcpd/normal/cdap_flow.c @@ -29,6 +29,7 @@ #include "cdap_flow.h" #include +#include #include static void cdap_flow_destroy(struct cdap_flow * flow) @@ -37,20 +38,15 @@ static void cdap_flow_destroy(struct cdap_flow * flow) if (flow->ci != NULL) cdap_destroy(flow->ci); - if (flow->info != NULL) { - conn_info_fini(flow->info); - free(flow->info); - } free(flow); } -struct cdap_flow * cdap_flow_arr(int fd, +struct cdap_flow * cdap_flow_arr(int fd, int resp, - enum pol_cacep pc, const struct conn_info * info) { - struct cdap_flow * flow; + struct cdap_flow * flow; if (flow_alloc_resp(fd, resp) < 0) { log_err("Could not respond to new flow."); @@ -66,12 +62,13 @@ struct cdap_flow * cdap_flow_arr(int fd, return NULL; } + memset(&flow->info, 0, sizeof(flow->info)); + flow->fd = fd; flow->ci = NULL; - flow->info = cacep_auth_wait(fd, pc, info, NULL); - if (flow->info == NULL) { - log_err("Other side failed to authenticate."); + if (cacep_listen(fd, info, &flow->info)) { + log_err("Error establishing application connection."); cdap_flow_destroy(flow); return NULL; } @@ -88,7 +85,6 @@ struct cdap_flow * cdap_flow_arr(int fd, struct cdap_flow * cdap_flow_alloc(const char * dst_name, qosspec_t * qs, - enum pol_cacep pc, const struct conn_info * info) { struct cdap_flow * flow; @@ -119,12 +115,13 @@ struct cdap_flow * cdap_flow_alloc(const char * dst_name, return NULL; } + memset(&flow->info, 0, sizeof(flow->info)); + flow->fd = fd; flow->ci = NULL; - flow->info = cacep_auth(fd, pc, info, NULL); - if (flow->info == NULL) { - log_err("Failed to authenticate."); + if (cacep_connect(fd, info, &flow->info)) { + log_err("Failed to connect to application."); cdap_flow_dealloc(flow); return NULL; } diff --git a/src/ipcpd/normal/cdap_flow.h b/src/ipcpd/normal/cdap_flow.h index 8aa26dc0..761f3463 100644 --- a/src/ipcpd/normal/cdap_flow.h +++ b/src/ipcpd/normal/cdap_flow.h @@ -28,19 +28,17 @@ #include struct cdap_flow { - int fd; - struct cdap * ci; - struct conn_info * info; + int fd; + struct cdap * ci; + struct conn_info info; }; struct cdap_flow * cdap_flow_arr(int fd, int resp, - enum pol_cacep pc, const struct conn_info * info); struct cdap_flow * cdap_flow_alloc(const char * dst_name, qosspec_t * qs, - enum pol_cacep pc, const struct conn_info * info); void cdap_flow_dealloc(struct cdap_flow * flow); diff --git a/src/ipcpd/normal/enroll.c b/src/ipcpd/normal/enroll.c index b420533e..5c7ebd7e 100644 --- a/src/ipcpd/normal/enroll.c +++ b/src/ipcpd/normal/enroll.c @@ -44,7 +44,7 @@ int enroll_handle(int fd) { struct cdap_flow * flow; - struct conn_info info; + struct conn_info info; cdap_key_t key; enum cdap_opcode oc; char * name; @@ -61,27 +61,20 @@ int enroll_handle(int fd) char * members_ro = MEMBERS_PATH; char * dif_ro = DIF_PATH; - conn_info_init(&info); + memset(&info, 0, sizeof(info)); - info.proto.protocol = strdup(CDAP_PROTO); - if (info.proto.protocol == NULL) { - conn_info_fini(&info); - return -ENOMEM; - } - - info.proto.pref_version = 1; - info.proto.pref_syntax = PROTO_GPB; + strcpy(info.ae_name, ENROLL_AE); + strcpy(info.protocol, CDAP_PROTO); + info.pref_version = 1; + info.pref_syntax = PROTO_GPB; - flow = cdap_flow_arr(fd, 0, ANONYMOUS_AUTH, &info); + flow = cdap_flow_arr(fd, 0, &info); if (flow == NULL) { log_err("Failed to auth enrollment request."); - conn_info_fini(&info); flow_dealloc(fd); return -1; } - conn_info_fini(&info); - while (!(boot_r && members_r && dif_name_r)) { key = cdap_request_wait(flow->ci, &oc, &name, &data, (size_t *) &len , &flags); @@ -156,7 +149,7 @@ int enroll_handle(int fd) int enroll_boot(char * dst_name) { struct cdap_flow * flow; - struct conn_info info; + struct conn_info info; cdap_key_t key; uint8_t * data; size_t len; @@ -170,26 +163,19 @@ int enroll_boot(char * dst_name) char * members_ro = MEMBERS_PATH; char * dif_ro = DIF_PATH; - conn_info_init(&info); + memset(&info, 0, sizeof(info)); - info.proto.protocol = strdup(CDAP_PROTO); - if (info.proto.protocol == NULL) { - conn_info_fini(&info); - return -ENOMEM; - } - - info.proto.pref_version = 1; - info.proto.pref_syntax = PROTO_GPB; + strcpy(info.ae_name, ENROLL_AE); + strcpy(info.protocol, CDAP_PROTO); + info.pref_version = 1; + info.pref_syntax = PROTO_GPB; - flow = cdap_flow_alloc(dst_name, NULL, ANONYMOUS_AUTH, &info); + flow = cdap_flow_alloc(dst_name, NULL, &info); if (flow == NULL) { log_err("Failed to allocate flow for enrollment request."); - conn_info_fini(&info); return -1; } - conn_info_fini(&info); - log_dbg("Getting boot information from %s.", dst_name); clock_gettime(CLOCK_REALTIME, &t0); diff --git a/src/ipcpd/normal/fmgr.c b/src/ipcpd/normal/fmgr.c index 071a895f..0c927fc7 100644 --- a/src/ipcpd/normal/fmgr.c +++ b/src/ipcpd/normal/fmgr.c @@ -249,7 +249,6 @@ static void fmgr_destroy_flows(void) int fmgr_init(void) { - enum pol_cacep pc; enum pol_gam pg; int i; @@ -292,15 +291,6 @@ int fmgr_init(void) return -1; } - if (rib_read(BOOT_PATH "/dt/gam/cacep", &pc, sizeof(pc)) - != sizeof(pc)) { - log_err("Failed to read CACEP policy for ribmgr gam."); - return -1; - } - - /* FIXME: Implement cacep policies */ - (void) pc; - fmgr.gam = gam_create(pg); if (fmgr.gam == NULL) { log_err("Failed to create graph adjacency manager."); @@ -345,7 +335,6 @@ void fmgr_fini() flow_dealloc(flow->fd); ipcp_flow_get_qoscube(flow->fd, &cube); flow_set_del(fmgr.nm1_set[cube], flow->fd); - free(flow->info->name); free(flow->info); free(flow); } diff --git a/src/ipcpd/normal/gam.c b/src/ipcpd/normal/gam.c index 2479fa62..bdfc8cb9 100644 --- a/src/ipcpd/normal/gam.c +++ b/src/ipcpd/normal/gam.c @@ -120,7 +120,6 @@ void gam_destroy(struct gam * instance) list_for_each_safe(p, n, &instance->gas) { struct ga * e = list_entry(p, struct ga, next); list_del(&e->next); - free(e->info->name); free(e->info); free(e); } @@ -156,7 +155,7 @@ static int add_ga(struct gam * instance, pthread_cond_signal(&instance->gas_cond); pthread_mutex_unlock(&instance->gas_lock); - log_info("Added flow to %s.", info->name); + log_info("Added flow."); return 0; } @@ -166,7 +165,7 @@ int gam_flow_arr(struct gam * instance, qosspec_t qs) { struct conn_info * rcv_info; - struct conn_info snd_info; + struct conn_info snd_info; if (flow_alloc_resp(fd, instance->ops->accept_new_flow(instance->ops_o)) < 0) { @@ -174,34 +173,29 @@ int gam_flow_arr(struct gam * instance, return -1; } - conn_info_init(&snd_info); - snd_info.proto.protocol = strdup(CDAP_PROTO); - if (snd_info.proto.protocol == NULL) { - conn_info_fini(&snd_info); + rcv_info = malloc(sizeof(*rcv_info)); + if (rcv_info == NULL) return -ENOMEM; - } - snd_info.proto.pref_version = 1; - snd_info.proto.pref_syntax = PROTO_GPB; - snd_info.addr = ipcpi.address; - snd_info.name = strdup(ipcpi.name); - if (snd_info.name == NULL) { - conn_info_fini(&snd_info); - return -ENOMEM; - } + memset(&snd_info, 0, sizeof(snd_info)); + memset(rcv_info, 0, sizeof(*rcv_info)); + + /* FIXME: send correct AE */ + strcpy(snd_info.ae_name, "FIXME:CORRECT_AE"); + strcpy(snd_info.protocol, CDAP_PROTO); + snd_info.pref_version = 1; + snd_info.pref_syntax = PROTO_GPB; + snd_info.ae.addr = ipcpi.address; - rcv_info = cacep_auth_wait(fd, SIMPLE_AUTH, &snd_info, NULL); - if (rcv_info == NULL) { - log_err("Other side failed to authenticate."); - conn_info_fini(&snd_info); + if (cacep_listen(fd, &snd_info, rcv_info)) { + log_err("Failed to create application connection."); + flow_dealloc(fd); + free(rcv_info); return -1; } - conn_info_fini(&snd_info); - if (instance->ops->accept_flow(instance->ops_o, qs, rcv_info)) { flow_dealloc(fd); - conn_info_fini(rcv_info); free(rcv_info); return 0; } @@ -209,7 +203,6 @@ int gam_flow_arr(struct gam * instance, if (add_ga(instance, fd, qs, rcv_info)) { log_err("Failed to add ga to graph adjacency manager list."); flow_dealloc(fd); - conn_info_fini(rcv_info); free(rcv_info); return -1; } @@ -222,11 +215,15 @@ int gam_flow_alloc(struct gam * instance, qosspec_t qs) { struct conn_info * rcv_info; - struct conn_info snd_info; + struct conn_info snd_info; int fd; log_dbg("Allocating flow to %s.", dst_name); + rcv_info = malloc(sizeof(*rcv_info)); + if (rcv_info == NULL) + return -ENOMEM; + fd = flow_alloc(dst_name, NULL); if (fd < 0) { log_err("Failed to allocate flow to %s.", dst_name); @@ -239,34 +236,25 @@ int gam_flow_alloc(struct gam * instance, return -1; } - conn_info_init(&snd_info); - snd_info.proto.protocol = strdup(CDAP_PROTO); - if (snd_info.proto.protocol == NULL) { - conn_info_fini(&snd_info); - return -ENOMEM; - } + memset(&snd_info, 0, sizeof(snd_info)); + memset(rcv_info, 0, sizeof(*rcv_info)); - snd_info.proto.pref_version = 1; - snd_info.proto.pref_syntax = PROTO_GPB; - snd_info.addr = ipcpi.address; - snd_info.name = strdup(ipcpi.name); - if (snd_info.name == NULL) { - conn_info_fini(&snd_info); - return -ENOMEM; - } + /* FIXME: send correct AE */ + strcpy(snd_info.ae_name, "FIXME:CORRECT_AE"); + strcpy(snd_info.protocol, CDAP_PROTO); + snd_info.pref_version = 1; + snd_info.pref_syntax = PROTO_GPB; + snd_info.ae.addr = ipcpi.address; - rcv_info = cacep_auth(fd, SIMPLE_AUTH, &snd_info, NULL); - if (rcv_info == NULL) { - log_err("Other side failed to authenticate."); - conn_info_fini(&snd_info); + if (cacep_connect(fd, &snd_info, rcv_info)) { + log_err("Failed to create application connection."); + flow_dealloc(fd); + free(rcv_info); return -1; } - conn_info_fini(&snd_info); - if (instance->ops->accept_flow(instance->ops_o, qs, rcv_info)) { flow_dealloc(fd); - conn_info_fini(rcv_info); free(rcv_info); return 0; } @@ -274,7 +262,6 @@ int gam_flow_alloc(struct gam * instance, if (add_ga(instance, fd, qs, rcv_info)) { log_err("Failed to add GA to graph adjacency manager list."); flow_dealloc(fd); - conn_info_fini(rcv_info); free(rcv_info); return -1; } @@ -282,10 +269,10 @@ int gam_flow_alloc(struct gam * instance, return 0; } -int gam_flow_wait(struct gam * instance, - int * fd, +int gam_flow_wait(struct gam * instance, + int * fd, struct conn_info ** info, - qosspec_t * qs) + qosspec_t * qs) { struct ga * ga; diff --git a/src/ipcpd/normal/main.c b/src/ipcpd/normal/main.c index 939544c3..c75a74d6 100644 --- a/src/ipcpd/normal/main.c +++ b/src/ipcpd/normal/main.c @@ -336,11 +336,6 @@ int normal_rib_init(void) static int normal_ipcp_bootstrap(struct dif_config * conf) { - /* FIXME: get CACEP policies from conf */ - enum pol_cacep pol = SIMPLE_AUTH; - - (void) pol; - assert(conf); assert(conf->type == THIS_TYPE); @@ -388,12 +383,6 @@ static int normal_ipcp_bootstrap(struct dif_config * conf) rib_write(BOOT_PATH "/rm/gam/type", &conf->rm_gam_type, sizeof(conf->rm_gam_type)) || - rib_write(BOOT_PATH "/rm/gam/cacep", - &pol, - sizeof(pol)) || - rib_write(BOOT_PATH "/dt/gam/cacep", - &pol, - sizeof(pol)) || rib_write(BOOT_PATH "/addr_auth/type", &conf->addr_auth_type, sizeof(conf->addr_auth_type))) { diff --git a/src/ipcpd/normal/pol/complete.c b/src/ipcpd/normal/pol/complete.c index 1d4811d2..68f43e81 100644 --- a/src/ipcpd/normal/pol/complete.c +++ b/src/ipcpd/normal/pol/complete.c @@ -167,7 +167,8 @@ int complete_accept_flow(void * o, list_for_each(pos, &complete->neighbors) { struct neighbor * e = list_entry(pos, struct neighbor, next); - if (strcmp(e->neighbor, info->name) == 0) { + /* FIXME: figure out union type and check name or address */ + if (strcmp(e->neighbor, info->ae.name) == 0) { pthread_mutex_unlock(&complete->neighbors_lock); return -1; } @@ -185,7 +186,8 @@ int complete_accept_flow(void * o, list_head_init(&n->next); - n->neighbor = strdup(info->name); + /* FIXME: figure out union type and check name or address */ + n->neighbor = strdup(info->ae.name); if (n->neighbor == NULL) { pthread_mutex_unlock(&complete->neighbors_lock); free(n); diff --git a/src/ipcpd/normal/ribmgr.c b/src/ipcpd/normal/ribmgr.c index 1436a7d4..25f1687e 100644 --- a/src/ipcpd/normal/ribmgr.c +++ b/src/ipcpd/normal/ribmgr.c @@ -53,7 +53,6 @@ struct { int ribmgr_init(void) { - enum pol_cacep pc; enum pol_gam pg; if (rib_read(BOOT_PATH "/rm/gam/type", &pg, sizeof(pg)) @@ -62,15 +61,6 @@ int ribmgr_init(void) return -1; } - if (rib_read(BOOT_PATH "/rm/gam/cacep", &pc, sizeof(pc)) - != sizeof(pc)) { - log_err("Failed to read CACEP policy for ribmgr gam."); - return -1; - } - - /* FIXME: Implement cacep policies */ - (void) pc; - ribmgr.gam = gam_create(pg); if (ribmgr.gam == NULL) { log_err("Failed to create gam."); diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt index fcea0fb2..03452705 100644 --- a/src/lib/CMakeLists.txt +++ b/src/lib/CMakeLists.txt @@ -10,12 +10,7 @@ protobuf_generate_c(DIF_CONFIG_PROTO_SRCS DIF_CONFIG_PROTO_HDRS dif_config.proto) protobuf_generate_c(CDAP_PROTO_SRCS CDAP_PROTO_HDRS cdap.proto) protobuf_generate_c(RO_PROTO_SRCS RO_PROTO_HDRS ro.proto) -protobuf_generate_c(CACEP_PROTO_PROTO_SRCS CACEP_CDAP_PROTO_HDRS - pol/cacep_proto.proto) -protobuf_generate_c(CACEP_ANONYMOUS_AUTH_PROTO_SRCS - CACEP_ANONYMOUS_AUTH_PROTO_HDRS pol/cacep_anonymous_auth.proto) -protobuf_generate_c(CACEP_SIMPLE_AUTH_PROTO_SRCS CACEP_SIMPLE_AUTH_PROTO_HDRS - pol/cacep_simple_auth.proto) +protobuf_generate_c(CACEP_PROTO_SRCS CACEP_PROTO_HDRS cacep.proto) if(NOT APPLE) find_library(LIBRT_LIBRARIES rt) @@ -54,16 +49,11 @@ set(SOURCE_FILES sockets.c time_utils.c utils.c - # Add policies last - pol/cacep_proto.c - pol/cacep_anonymous_auth.c - pol/cacep_simple_auth.c ) add_library(ouroboros SHARED ${SOURCE_FILES} ${IRM_PROTO_SRCS} ${IPCP_PROTO_SRCS} ${DIF_CONFIG_PROTO_SRCS} ${CDAP_PROTO_SRCS} - ${CACEP_PROTO_PROTO_SRCS} ${CACEP_ANONYMOUS_AUTH_PROTO_SRCS} - ${CACEP_SIMPLE_AUTH_PROTO_SRCS} ${RO_PROTO_SRCS}) + ${CACEP_PROTO_SRCS} ${RO_PROTO_SRCS}) target_link_libraries(ouroboros ${LIBRT_LIBRARIES} ${LIBPTHREAD_LIBRARIES} ${PROTOBUF_C_LIBRARY}) diff --git a/src/lib/cacep.c b/src/lib/cacep.c index 89bd05e7..badeccc0 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -1,9 +1,10 @@ /* * Ouroboros - Copyright (C) 2016 - 2017 * - * The Common Application Connection Establishment Phase + * The Common Application Connection Establishment Protocol * - * Sander Vrijders + * Dimitri Staessens + * Sander Vrijders * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public License @@ -20,91 +21,118 @@ * 02110-1301 USA */ -#define OUROBOROS_PREFIX "cacep" - #include #include #include #include -#include - -#include "pol/cacep_anonymous_auth.h" -#include "pol/cacep_simple_auth.h" #include #include -#define BUF_SIZE 2048 +#include "cacep.pb-c.h" +typedef CacepMsg cacep_msg_t; -int conn_info_init(struct conn_info * info) +#define BUF_SIZE 64 + +int read_msg(int fd, + struct conn_info * info) { - if (info == NULL) - return -EINVAL; + uint8_t buf[BUF_SIZE]; + cacep_msg_t * msg; + ssize_t len; + + len = flow_read(fd, buf, BUF_SIZE); + if (len < 0) + return -1; + + msg = cacep_msg__unpack(NULL, len, buf); + if (msg == NULL) + return -1; + + strcpy(info->protocol, msg->protocol); + + info->pref_version = msg->pref_version; + info->pref_syntax = msg->pref_syntax; - info->proto.protocol = NULL; - info->name = NULL; + cacep_msg__free_unpacked(msg, NULL); return 0; } -void conn_info_fini(struct conn_info * info) +static int send_msg(int fd, + const struct conn_info * info) { - if (info == NULL) - return; + cacep_msg_t msg = CACEP_MSG__INIT; + uint8_t * data = NULL; + size_t len = 0; - if (info->proto.protocol != NULL) { - free(info->proto.protocol); - info->proto.protocol = NULL; - } + msg.ae_name = (char *) info->ae_name; + msg.protocol = (char *) info->protocol; + msg.pref_version = info->pref_version; + msg.pref_syntax = info->pref_syntax; + if (msg.pref_syntax < 0) + return -1; + + len = cacep_msg__get_packed_size(&msg); + if (len == 0) + return -1; + + data = malloc(len); + if (data == NULL) + return -ENOMEM; + + cacep_msg__pack(&msg, data); - if (info->name != NULL) { - free(info->name); - info->name = NULL; + if (flow_write(fd, data, len) < 0) { + free(data); + return -1; } + + free(data); + + return 0; } -struct conn_info * cacep_auth(int fd, - enum pol_cacep pc, - const struct conn_info * info, - const void * auth) +int cacep_connect(int fd, + const struct conn_info * in, + struct conn_info * out) { - if (info == NULL) { - log_err("No info provided."); - return NULL; - } + if (in == NULL || out == NULL) + return -EINVAL; - switch (pc) { - case ANONYMOUS_AUTH: - return cacep_anonymous_auth(fd, info, auth); - case SIMPLE_AUTH: - if (info == NULL) - return NULL; - return cacep_simple_auth_auth(fd, info, auth); - default: - log_err("Unsupported CACEP policy."); - return NULL; - } + if (send_msg(fd, in)) + return -1; + + if (read_msg(fd, out)) + return -1; + + if (strcmp(in->ae_name, out->ae_name) || + strcmp(in->protocol, out->protocol) || + in->pref_version != out->pref_version || + in->pref_syntax != out->pref_syntax) + return -EPROTO; + + return 0; } -struct conn_info * cacep_auth_wait(int fd, - enum pol_cacep pc, - const struct conn_info * info, - const void * auth) +int cacep_listen(int fd, + const struct conn_info * in, + struct conn_info * out) { - if (info == NULL) { - log_err("No info provided."); - return NULL; - } + if (in == NULL || out == NULL) + return -EINVAL; - switch (pc) { - case ANONYMOUS_AUTH: - return cacep_anonymous_auth_wait(fd, info, auth); - case SIMPLE_AUTH: - if (info == NULL) - return NULL; - return cacep_simple_auth_auth_wait(fd, info, auth); - default: - log_err("Unsupported CACEP policy."); - return NULL; - } + if (send_msg(fd, in)) + return -1; + + if (read_msg(fd, out)) + return -1; + + if (strcmp(in->ae_name, out->ae_name) || + strcmp(in->protocol, out->protocol) || + in->pref_version != out->pref_version || + in->pref_syntax != out->pref_syntax) + return -EPROTO; + + return 0; } diff --git a/src/lib/cacep.proto b/src/lib/cacep.proto new file mode 100644 index 00000000..3e1291f6 --- /dev/null +++ b/src/lib/cacep.proto @@ -0,0 +1,33 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Message for Connection Information in CACEP + * + * Dimitri Staessens + * Sander Vrijders + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +syntax = "proto2"; + +message cacep_msg { + required string ae_name = 1; + required string protocol = 2; + required int32 pref_version = 3; + repeated int32 supp_version = 4; + required int32 pref_syntax = 5; + repeated int32 supp_syntax = 6; +} \ No newline at end of file diff --git a/src/lib/pol/cacep_anonymous_auth.c b/src/lib/pol/cacep_anonymous_auth.c deleted file mode 100644 index 44c7bd17..00000000 --- a/src/lib/pol/cacep_anonymous_auth.c +++ /dev/null @@ -1,209 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Anonymous policy for CACEP - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -#include -#include -#include -#include -#include - -#include "cacep_proto.h" -#include "cacep_anonymous_auth.h" - -#include -#include -#include -#include - -#include "cacep_anonymous_auth.pb-c.h" -typedef CacepAnonymousAuthMsg cacep_anonymous_auth_msg_t; -typedef CacepProtoMsg cacep_proto_msg_t; - -#define BUF_SIZE 2048 -#define NAME_LEN 8 - -/* this policy generates a hex string */ -static struct conn_info * anonymous_info(void) -{ - struct conn_info * info; - struct timespec t; - - info = malloc(sizeof(*info)); - if (info == NULL) - return NULL; - - conn_info_init(info); - - info->name = malloc(NAME_LEN + 1); - if (info->name == NULL) { - free(info); - return NULL; - } - - clock_gettime(CLOCK_REALTIME, &t); - srand(t.tv_nsec); - - sprintf(info->name, "%8x", - (uint32_t)((rand() % RAND_MAX) & 0xFFFFFFFF)); - - info->addr = 0; - - return info; -} - -static struct conn_info * read_msg(int fd) -{ - struct conn_info * tmp; - uint8_t buf[BUF_SIZE]; - cacep_anonymous_auth_msg_t * msg; - ssize_t len; - - len = flow_read(fd, buf, BUF_SIZE); - if (len < 0) - return NULL; - - msg = cacep_anonymous_auth_msg__unpack(NULL, len, buf); - if (msg == NULL) - return NULL; - - tmp = anonymous_info(); - if (tmp == NULL) { - cacep_anonymous_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - tmp->proto.protocol = strdup(msg->proto->protocol); - if (tmp->proto.protocol == NULL) { - free(tmp); - cacep_anonymous_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - tmp->proto.pref_version = msg->proto->pref_version; - tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); - if (tmp->proto.pref_syntax < 0) { - free(tmp->proto.protocol); - free(tmp); - cacep_anonymous_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - cacep_anonymous_auth_msg__free_unpacked(msg, NULL); - - return tmp; -} - -static int send_msg(int fd, - const struct conn_info * info) -{ - cacep_anonymous_auth_msg_t msg = CACEP_ANONYMOUS_AUTH_MSG__INIT; - cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; - int ret = 0; - uint8_t * data = NULL; - size_t len = 0; - - cmsg.protocol = info->proto.protocol; - cmsg.pref_version = info->proto.pref_version; - cmsg.pref_syntax = syntax_to_code(info->proto.pref_syntax); - if (cmsg.pref_syntax < 0) - return -1; - - msg.proto = &cmsg; - - len = cacep_anonymous_auth_msg__get_packed_size(&msg); - if (len == 0) - return -1; - - data = malloc(len); - if (data == NULL) - return -ENOMEM; - - cacep_anonymous_auth_msg__pack(&msg, data); - - if (flow_write(fd, data, len) < 0) - ret = -1; - - free(data); - - return ret; -} - -struct conn_info * cacep_anonymous_auth(int fd, - const struct conn_info * info, - const void * auth) -{ - struct conn_info * tmp; - - assert(info); - - (void) auth; - - if (send_msg(fd, info)) - return NULL; - - tmp = read_msg(fd); - if (tmp == NULL) - return NULL; - - if (strcmp(info->proto.protocol, tmp->proto.protocol) || - info->proto.pref_version != tmp->proto.pref_version || - info->proto.pref_syntax != tmp->proto.pref_syntax) { - conn_info_fini(tmp); - free(tmp); - return NULL; - } - - return tmp; -} - - -struct conn_info * cacep_anonymous_auth_wait(int fd, - const struct conn_info * info, - const void * auth) -{ - struct conn_info * tmp; - - assert(info); - - (void) auth; - - tmp = read_msg(fd); - if (tmp == NULL) - return NULL; - - if (send_msg(fd, info)) { - conn_info_fini(tmp); - free(tmp); - return NULL; - } - - if (strcmp(info->proto.protocol, tmp->proto.protocol) || - info->proto.pref_version != tmp->proto.pref_version || - info->proto.pref_syntax != tmp->proto.pref_syntax) { - conn_info_fini(tmp); - free(tmp); - return NULL; - } - - return tmp; -} diff --git a/src/lib/pol/cacep_anonymous_auth.h b/src/lib/pol/cacep_anonymous_auth.h deleted file mode 100644 index ca47b1b8..00000000 --- a/src/lib/pol/cacep_anonymous_auth.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Anonymous policy for CACEP - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -#ifndef OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H -#define OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H - -struct conn_info * cacep_anonymous_auth(int fd, - const struct conn_info * info, - const void * auth); - -struct conn_info * cacep_anonymous_auth_wait(int fd, - const struct conn_info * info, - const void * auth); - -#endif /* OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H */ diff --git a/src/lib/pol/cacep_anonymous_auth.proto b/src/lib/pol/cacep_anonymous_auth.proto deleted file mode 100644 index 79734e28..00000000 --- a/src/lib/pol/cacep_anonymous_auth.proto +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Message for no authentication CACEP policy - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -syntax = "proto2"; - -import "cacep_proto.proto"; - -message cacep_anonymous_auth_msg { - required cacep_proto_msg proto = 1; -} \ No newline at end of file diff --git a/src/lib/pol/cacep_proto.c b/src/lib/pol/cacep_proto.c deleted file mode 100644 index 9990a05a..00000000 --- a/src/lib/pol/cacep_proto.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * CACEP - Read/Write Protocol info - * - * Sander Vrijders - * Dimitri Staessens - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -#include "cacep_proto.h" - -enum proto_concrete_syntax code_to_syntax(int code) -{ - switch(code) { - case PROTO_CONCRETE_SYNTAX_CODE__GPB: - return PROTO_GPB; - case PROTO_CONCRETE_SYNTAX_CODE__ASN_1: - return PROTO_ASN_1; - case PROTO_CONCRETE_SYNTAX_CODE__FIXED: - return PROTO_FIXED; - default: - return -1; - } -} - -int syntax_to_code(enum proto_concrete_syntax stx) -{ - switch(stx) { - case PROTO_GPB: - return PROTO_CONCRETE_SYNTAX_CODE__GPB; - case PROTO_ASN_1: - return PROTO_CONCRETE_SYNTAX_CODE__ASN_1; - case PROTO_FIXED: - return PROTO_CONCRETE_SYNTAX_CODE__FIXED; - default: - return -1; - } -} diff --git a/src/lib/pol/cacep_proto.h b/src/lib/pol/cacep_proto.h deleted file mode 100644 index bfb1b247..00000000 --- a/src/lib/pol/cacep_proto.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * CACEP - Convert syntax to msg code and back - * - * Sander Vrijders - * Dimitri Staessens - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -#ifndef OUROBOROS_LIB_CACEP_CDAP_H -#define OUROBOROS_LIB_CACEP_CDAP_H - -#include -#include - -#include "cacep_proto.pb-c.h" - -enum proto_concrete_syntax code_to_syntax(int code); - -int syntax_to_code(enum proto_concrete_syntax stx); - -#endif /* OUROBOROS_LIB_CACEP_CDAP_H */ diff --git a/src/lib/pol/cacep_proto.proto b/src/lib/pol/cacep_proto.proto deleted file mode 100644 index f313bfc1..00000000 --- a/src/lib/pol/cacep_proto.proto +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Message for setting Protocol information in CACEP - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -syntax = "proto2"; - -enum proto_concrete_syntax_code { - GPB = 1; - ASN_1 = 2; - FIXED = 3; -} - -message cacep_proto_msg { - required string protocol = 1; - required int32 pref_version = 2; - repeated int32 supp_version = 3; - required proto_concrete_syntax_code pref_syntax = 4; - repeated proto_concrete_syntax_code supp_syntax = 5; -} diff --git a/src/lib/pol/cacep_simple_auth.c b/src/lib/pol/cacep_simple_auth.c deleted file mode 100644 index 69189114..00000000 --- a/src/lib/pol/cacep_simple_auth.c +++ /dev/null @@ -1,190 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Simple authentication policy for CACEP - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -#include -#include -#include -#include - -#include "cacep_proto.h" -#include "cacep_simple_auth.h" - -#include -#include - -#include "cacep_simple_auth.pb-c.h" -typedef CacepSimpleAuthMsg cacep_simple_auth_msg_t; -typedef CacepProtoMsg cacep_proto_msg_t; - -#define BUF_SIZE 2048 - -static struct conn_info * read_msg(int fd) -{ - struct conn_info * tmp; - uint8_t buf[BUF_SIZE]; - cacep_simple_auth_msg_t * msg; - ssize_t len; - - len = flow_read(fd, buf, BUF_SIZE); - if (len < 0) - return NULL; - - msg = cacep_simple_auth_msg__unpack(NULL, len, buf); - if (msg == NULL) - return NULL; - - tmp = malloc(sizeof(*tmp)); - if (tmp == NULL) { - cacep_simple_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - conn_info_init(tmp); - - tmp->addr = msg->addr; - tmp->name = strdup(msg->name); - if (tmp->name == NULL) { - free(tmp); - cacep_simple_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - tmp->proto.protocol = strdup(msg->proto->protocol); - if (tmp->proto.protocol == NULL) { - conn_info_fini(tmp); - free(tmp); - cacep_simple_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - tmp->proto.pref_version = msg->proto->pref_version; - tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); - if (tmp->proto.pref_syntax < 0) { - conn_info_fini(tmp); - free(tmp); - cacep_simple_auth_msg__free_unpacked(msg, NULL); - return NULL; - } - - cacep_simple_auth_msg__free_unpacked(msg, NULL); - - return tmp; -} - -static int send_msg(int fd, - const struct conn_info * info) -{ - cacep_simple_auth_msg_t msg = CACEP_SIMPLE_AUTH_MSG__INIT; - cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; - int ret = 0; - uint8_t * data = NULL; - size_t len = 0; - - cmsg.protocol = info->proto.protocol; - cmsg.pref_version = info->proto.pref_version; - cmsg.pref_syntax = syntax_to_code(info->proto.pref_syntax); - if (cmsg.pref_syntax < 0) - return -1; - - msg.proto = &cmsg; - msg.name = info->name; - msg.addr = info->addr; - - len = cacep_simple_auth_msg__get_packed_size(&msg); - if (len == 0) - return -1; - - data = malloc(len); - if (data == NULL) - return -ENOMEM; - - cacep_simple_auth_msg__pack(&msg, data); - - if (flow_write(fd, data, len) < 0) - ret = -1; - - free(data); - - return ret; -} - -struct conn_info * cacep_simple_auth_auth(int fd, - const struct conn_info * info, - const void * auth) -{ - struct conn_info * tmp; - - assert(info); - - /* This policy does not need info to authenticate */ - (void) auth; - - if (send_msg(fd, info)) - return NULL; - - tmp = read_msg(fd); - if (tmp == NULL) - return NULL; - - if (strcmp(info->proto.protocol, tmp->proto.protocol) || - info->proto.pref_version != tmp->proto.pref_version || - info->proto.pref_syntax != tmp->proto.pref_syntax) { - conn_info_fini(tmp); - free(tmp); - return NULL; - } - - return tmp; -} - - -struct conn_info * cacep_simple_auth_auth_wait(int fd, - const struct conn_info * info, - const void * auth) -{ - struct conn_info * tmp; - - assert(info); - - (void) auth; - - tmp = read_msg(fd); - if (tmp == NULL) - return NULL; - - if (send_msg(fd, info)) { - conn_info_fini(tmp); - free(tmp); - return NULL; - } - - if (strcmp(info->proto.protocol, tmp->proto.protocol) || - info->proto.pref_version != tmp->proto.pref_version || - info->proto.pref_syntax != tmp->proto.pref_syntax) { - conn_info_fini(tmp); - free(tmp); - return NULL; - } - - return tmp; -} diff --git a/src/lib/pol/cacep_simple_auth.h b/src/lib/pol/cacep_simple_auth.h deleted file mode 100644 index 31398a68..00000000 --- a/src/lib/pol/cacep_simple_auth.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Simple authentication policy for CACEP - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -#ifndef OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H -#define OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H - -struct conn_info * cacep_simple_auth_auth(int fd, - const struct conn_info * info, - const void * auth); - -struct conn_info * cacep_simple_auth_auth_wait(int fd, - const struct conn_info * info, - const void * auth); - -#endif /* OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H */ diff --git a/src/lib/pol/cacep_simple_auth.proto b/src/lib/pol/cacep_simple_auth.proto deleted file mode 100644 index 1a1e7ea8..00000000 --- a/src/lib/pol/cacep_simple_auth.proto +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Ouroboros - Copyright (C) 2016 - 2017 - * - * Message for no authentication CACEP policy - * - * Dimitri Staessens - * Sander Vrijders - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301 USA - */ - -syntax = "proto2"; - -import "cacep_proto.proto"; - -message cacep_simple_auth_msg { - required cacep_proto_msg proto = 1; - required string name = 2; - required uint64 addr = 3; -} -- cgit v1.2.3 From e6f5d45855b4a8091b52b3fc91451d2d132a5a6d Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Mon, 27 Feb 2017 22:59:52 +0100 Subject: lib: Split CACEP into request/response protocol --- include/ouroboros/cacep.h | 10 ++++----- src/ipcpd/normal/cdap_flow.c | 48 ++++++++++++++++++++++++++++++++++++++++---- src/ipcpd/normal/gam.c | 43 ++++++++++++++++++++++++++++++++++++--- src/lib/cacep.c | 32 ++++++----------------------- 4 files changed, 94 insertions(+), 39 deletions(-) (limited to 'src/lib/cacep.c') diff --git a/include/ouroboros/cacep.h b/include/ouroboros/cacep.h index 5ef66433..c7b7f38c 100644 --- a/include/ouroboros/cacep.h +++ b/include/ouroboros/cacep.h @@ -43,12 +43,10 @@ struct conn_info{ } ae; }; -int cacep_connect(int fd, - const struct conn_info * in, - struct conn_info * out); +int cacep_snd(int fd, + const struct conn_info * in); -int cacep_listen(int fd, - const struct conn_info * in, - struct conn_info * out); +int cacep_rcv(int fd, + struct conn_info * out); #endif /* OUROBOROS_CACEP_H */ diff --git a/src/ipcpd/normal/cdap_flow.c b/src/ipcpd/normal/cdap_flow.c index d3d98884..c694e637 100644 --- a/src/ipcpd/normal/cdap_flow.c +++ b/src/ipcpd/normal/cdap_flow.c @@ -67,12 +67,32 @@ struct cdap_flow * cdap_flow_arr(int fd, flow->fd = fd; flow->ci = NULL; - if (cacep_listen(fd, info, &flow->info)) { + if (cacep_rcv(fd, &flow->info)) { log_err("Error establishing application connection."); cdap_flow_destroy(flow); return NULL; } + if (cacep_snd(fd, info)) { + log_err("Failed to respond to application connection request."); + cdap_flow_destroy(flow); + return NULL; + } + + if (strcmp(flow->info.ae_name, info->ae_name)) { + log_err("Received connection for wrong AE."); + cdap_flow_destroy(flow); + return NULL; + } + + if (strcmp(flow->info.protocol, info->protocol) || + flow->info.pref_version != info->pref_version || + flow->info.pref_syntax != info->pref_syntax) { + log_err("Unknown protocol."); + cdap_flow_destroy(flow); + return NULL; + } + flow->ci = cdap_create(fd); if (flow->ci == NULL) { log_err("Failed to create CDAP instance."); @@ -87,8 +107,8 @@ struct cdap_flow * cdap_flow_alloc(const char * dst_name, qosspec_t * qs, const struct conn_info * info) { - struct cdap_flow * flow; - int fd; + struct cdap_flow * flow; + int fd; log_dbg("Allocating flow to %s.", dst_name); @@ -120,12 +140,32 @@ struct cdap_flow * cdap_flow_alloc(const char * dst_name, flow->fd = fd; flow->ci = NULL; - if (cacep_connect(fd, info, &flow->info)) { + if (cacep_snd(fd, info)) { + log_err("Failed to send connection request."); + cdap_flow_dealloc(flow); + return NULL; + } + + if (cacep_rcv(fd, &flow->info)) { log_err("Failed to connect to application."); cdap_flow_dealloc(flow); return NULL; } + if (strcmp(flow->info.ae_name, info->ae_name)) { + log_err("Received connection for wrong AE."); + cdap_flow_destroy(flow); + return NULL; + } + + if (strcmp(flow->info.protocol, info->protocol) || + flow->info.pref_version != info->pref_version || + flow->info.pref_syntax != info->pref_syntax) { + log_err("Unknown protocol."); + cdap_flow_destroy(flow); + return NULL; + } + flow->ci = cdap_create(fd); if (flow->ci == NULL) { log_err("Failed to create CDAP instance."); diff --git a/src/ipcpd/normal/gam.c b/src/ipcpd/normal/gam.c index bdfc8cb9..f98c0d4f 100644 --- a/src/ipcpd/normal/gam.c +++ b/src/ipcpd/normal/gam.c @@ -187,8 +187,30 @@ int gam_flow_arr(struct gam * instance, snd_info.pref_syntax = PROTO_GPB; snd_info.ae.addr = ipcpi.address; - if (cacep_listen(fd, &snd_info, rcv_info)) { - log_err("Failed to create application connection."); + if (cacep_rcv(fd, rcv_info)) { + log_err("Error establishing application connection."); + flow_dealloc(fd); + free(rcv_info); + return -1; + } + + if (cacep_snd(fd, &snd_info)) { + log_err("Failed to respond to application connection request."); + flow_dealloc(fd); + free(rcv_info); + return -1; + } + + if (strcmp(snd_info.ae_name, rcv_info->ae_name)) { + log_err("Received connection for wrong AE."); + flow_dealloc(fd); + free(rcv_info); + return -1; + } + + if (strcmp(snd_info.protocol, rcv_info->protocol) || + snd_info.pref_version != rcv_info->pref_version || + snd_info.pref_syntax != rcv_info->pref_syntax) { flow_dealloc(fd); free(rcv_info); return -1; @@ -246,13 +268,28 @@ int gam_flow_alloc(struct gam * instance, snd_info.pref_syntax = PROTO_GPB; snd_info.ae.addr = ipcpi.address; - if (cacep_connect(fd, &snd_info, rcv_info)) { + if (cacep_snd(fd, &snd_info)) { log_err("Failed to create application connection."); flow_dealloc(fd); free(rcv_info); return -1; } + if (cacep_rcv(fd, rcv_info)) { + log_err("Failed to connect to application."); + flow_dealloc(fd); + free(rcv_info); + return -1; + } + + if (strcmp(snd_info.protocol, rcv_info->protocol) || + snd_info.pref_version != rcv_info->pref_version || + snd_info.pref_syntax != rcv_info->pref_syntax) { + flow_dealloc(fd); + free(rcv_info); + return -1; + } + if (instance->ops->accept_flow(instance->ops_o, qs, rcv_info)) { flow_dealloc(fd); free(rcv_info); diff --git a/src/lib/cacep.c b/src/lib/cacep.c index badeccc0..abff0aaa 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -93,46 +93,26 @@ static int send_msg(int fd, return 0; } -int cacep_connect(int fd, - const struct conn_info * in, - struct conn_info * out) +int cacep_snd(int fd, + const struct conn_info * in) { - if (in == NULL || out == NULL) + if (in == NULL) return -EINVAL; if (send_msg(fd, in)) return -1; - if (read_msg(fd, out)) - return -1; - - if (strcmp(in->ae_name, out->ae_name) || - strcmp(in->protocol, out->protocol) || - in->pref_version != out->pref_version || - in->pref_syntax != out->pref_syntax) - return -EPROTO; - return 0; } -int cacep_listen(int fd, - const struct conn_info * in, - struct conn_info * out) +int cacep_rcv(int fd, + struct conn_info * out) { - if (in == NULL || out == NULL) + if (out == NULL) return -EINVAL; - if (send_msg(fd, in)) - return -1; - if (read_msg(fd, out)) return -1; - if (strcmp(in->ae_name, out->ae_name) || - strcmp(in->protocol, out->protocol) || - in->pref_version != out->pref_version || - in->pref_syntax != out->pref_syntax) - return -EPROTO; - return 0; } -- cgit v1.2.3 From 9d2fbef7b8569aac930c95ca1afb92a5dec79dac Mon Sep 17 00:00:00 2001 From: Sander Vrijders Date: Thu, 2 Mar 2017 15:29:11 +0100 Subject: ipcpd: normal: Add connection manager This adds the connection manager which allows the different AEs of the normal IPCP to register with it. An AE can then use the connection manager to allocate a flow to a neighbor, or to wait for a new connection from a neighbor. --- include/ouroboros/cacep.h | 7 +- src/ipcpd/ipcp.h | 2 +- src/ipcpd/normal/CMakeLists.txt | 1 + src/ipcpd/normal/connmgr.c | 350 ++++++++++++++++++++++++++++++++++++++++ src/ipcpd/normal/connmgr.h | 57 +++++++ src/ipcpd/normal/enroll.c | 2 +- src/ipcpd/normal/fmgr.c | 2 +- src/ipcpd/normal/frct.c | 8 +- src/ipcpd/normal/gam.c | 4 +- src/ipcpd/normal/main.c | 93 +++-------- src/ipcpd/normal/pol/complete.c | 13 +- src/lib/cacep.c | 3 + src/lib/cacep.proto | 1 + 13 files changed, 452 insertions(+), 91 deletions(-) create mode 100644 src/ipcpd/normal/connmgr.c create mode 100644 src/ipcpd/normal/connmgr.h (limited to 'src/lib/cacep.c') diff --git a/include/ouroboros/cacep.h b/include/ouroboros/cacep.h index c7b7f38c..b6fb8625 100644 --- a/include/ouroboros/cacep.h +++ b/include/ouroboros/cacep.h @@ -32,15 +32,12 @@ enum proto_concrete_syntax { PROTO_FIXED }; -struct conn_info{ +struct conn_info { char ae_name[64]; char protocol[64]; uint32_t pref_version; enum proto_concrete_syntax pref_syntax; - union { - char name[64]; - uint64_t addr; - } ae; + uint64_t addr; }; int cacep_snd(int fd, diff --git a/src/ipcpd/ipcp.h b/src/ipcpd/ipcp.h index d0b5e022..07c72791 100644 --- a/src/ipcpd/ipcp.h +++ b/src/ipcpd/ipcp.h @@ -65,7 +65,7 @@ struct ipcp { enum ipcp_type type; char * dif_name; - uint64_t address; + uint64_t dt_addr; struct ipcp_ops * ops; int irmd_fd; diff --git a/src/ipcpd/normal/CMakeLists.txt b/src/ipcpd/normal/CMakeLists.txt index 7e10cc0d..70742336 100644 --- a/src/ipcpd/normal/CMakeLists.txt +++ b/src/ipcpd/normal/CMakeLists.txt @@ -20,6 +20,7 @@ set(SOURCE_FILES # Add source files here addr_auth.c cdap_flow.c + connmgr.c dir.c enroll.c fmgr.c diff --git a/src/ipcpd/normal/connmgr.c b/src/ipcpd/normal/connmgr.c new file mode 100644 index 00000000..387c38fd --- /dev/null +++ b/src/ipcpd/normal/connmgr.c @@ -0,0 +1,350 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Handles the different AP connections + * + * Sander Vrijders + * Dimitri Staessens + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#define OUROBOROS_PREFIX "normal-ipcp" + +#include +#include +#include +#include +#include +#include + +#include "ae.h" +#include "connmgr.h" +#include "enroll.h" +#include "fmgr.h" +#include "frct.h" +#include "ipcp.h" +#include "ribmgr.h" + +#include +#include +#include +#include + +#define FRCT_PROTO "frct" + +struct ae_conn { + struct list_head next; + struct conn conn; +}; + +struct ae { + struct list_head next; + struct conn_info info; + + struct list_head conn_list; + pthread_cond_t conn_cond; + pthread_mutex_t conn_lock; +}; + +struct { + pthread_t acceptor; + + struct list_head aes; + pthread_mutex_t aes_lock; +} connmgr; + +static int add_ae_conn(struct ae * ae, + int fd, + qosspec_t qs, + struct conn_info * rcv_info) +{ + struct ae_conn * ae_conn = NULL; + + ae_conn = malloc(sizeof(*ae_conn)); + if (ae_conn == NULL) { + log_err("Not enough memory."); + return -1; + } + + ae_conn->conn.conn_info = *rcv_info; + ae_conn->conn.flow_info.fd = fd; + ae_conn->conn.flow_info.qs = qs; + + list_head_init(&ae_conn->next); + + pthread_mutex_lock(&ae->conn_lock); + list_add(&ae_conn->next, &ae->conn_list); + pthread_cond_signal(&ae->conn_cond); + pthread_mutex_unlock(&ae->conn_lock); + + return 0; +} + +static struct ae * find_ae_by_name(char * name) +{ + struct list_head * p = NULL; + + list_for_each(p, &connmgr.aes) { + struct ae * ae = list_entry(p, struct ae, next); + if (strcmp(ae->info.ae_name, name) == 0) + return ae; + } + + return NULL; +} + +static void * flow_acceptor(void * o) +{ + int fd; + qosspec_t qs; + struct conn_info rcv_info; + struct conn_info fail_info; + struct ae * ae = NULL; + + (void) o; + + memset(&fail_info, 0, sizeof(fail_info)); + + while (true) { + pthread_rwlock_rdlock(&ipcpi.state_lock); + + if (ipcp_get_state() != IPCP_OPERATIONAL) { + pthread_rwlock_unlock(&ipcpi.state_lock); + log_info("Shutting down flow acceptor."); + return 0; + } + + pthread_rwlock_unlock(&ipcpi.state_lock); + + fd = flow_accept(&qs); + if (fd < 0) { + if (fd != -EIRMD) + log_warn("Flow accept failed: %d", fd); + continue; + } + + if (flow_alloc_resp(fd, 0)) { + log_err("Failed to respond to flow alloc request."); + continue; + } + + if (cacep_rcv(fd, &rcv_info)) { + log_err("Error establishing application connection."); + flow_dealloc(fd); + continue; + } + + pthread_mutex_lock(&connmgr.aes_lock); + ae = find_ae_by_name(rcv_info.ae_name); + pthread_mutex_unlock(&connmgr.aes_lock); + + if (ae != NULL) { + if (cacep_snd(fd, &ae->info)) { + log_err("Failed to respond to req."); + flow_dealloc(fd); + continue; + } + + if (add_ae_conn(ae, fd, qs, &rcv_info)) { + log_err("Failed to add ae conn."); + flow_dealloc(fd); + continue; + } + } else { + cacep_snd(fd, &fail_info); + flow_dealloc(fd); + } + } + + return (void *) 0; +} + +int connmgr_init(void) +{ + list_head_init(&connmgr.aes); + + if (pthread_mutex_init(&connmgr.aes_lock, NULL)) + return -1; + + return 0; +} + +int connmgr_start(void) +{ + pthread_create(&connmgr.acceptor, NULL, flow_acceptor, NULL); + + return 0; +} + +void connmgr_stop(void) +{ + pthread_cancel(connmgr.acceptor); + pthread_join(connmgr.acceptor, NULL); +} + +void connmgr_fini(void) +{ + struct list_head * p = NULL; + struct list_head * n = NULL; + + pthread_mutex_lock(&connmgr.aes_lock); + + list_for_each_safe(p, n, &connmgr.aes) { + struct ae * e = list_entry(p, struct ae, next); + connmgr_ae_destroy(e); + } + + pthread_mutex_unlock(&connmgr.aes_lock); + + pthread_mutex_destroy(&connmgr.aes_lock); +} + +struct ae * connmgr_ae_create(struct conn_info info) +{ + struct ae * ae; + + ae = malloc(sizeof(*ae)); + if (ae == NULL) + return NULL; + + list_head_init(&ae->next); + list_head_init(&ae->conn_list); + + ae->info = info; + + if (pthread_mutex_init(&ae->conn_lock, NULL)) { + free(ae); + return NULL; + } + + if (pthread_cond_init(&ae->conn_cond, NULL)) { + pthread_mutex_destroy(&ae->conn_lock); + free(ae); + return NULL; + } + + pthread_mutex_lock(&connmgr.aes_lock); + list_add(&ae->next, &connmgr.aes); + pthread_mutex_unlock(&connmgr.aes_lock); + + return ae; +} + +void connmgr_ae_destroy(struct ae * ae) +{ + struct list_head * p = NULL; + struct list_head * n = NULL; + + assert(ae); + + pthread_mutex_lock(&connmgr.aes_lock); + pthread_mutex_lock(&ae->conn_lock); + + list_for_each_safe(p, n, &ae->conn_list) { + struct ae_conn * e = list_entry(p, struct ae_conn, next); + list_del(&e->next); + free(e); + } + + pthread_mutex_unlock(&ae->conn_lock); + + pthread_cond_destroy(&ae->conn_cond); + pthread_mutex_destroy(&ae->conn_lock); + + list_del(&ae->next); + + pthread_mutex_unlock(&connmgr.aes_lock); + + free(ae); +} + +int connmgr_alloc(struct ae * ae, + char * dst_name, + qosspec_t qs, + struct conn * conn) +{ + assert(ae); + assert(dst_name); + assert(conn); + + memset(&conn->conn_info, 0, sizeof(conn->conn_info)); + + conn->flow_info.fd = flow_alloc(dst_name, &qs); + if (conn->flow_info.fd < 0) { + log_err("Failed to allocate flow to %s.", dst_name); + return -1; + } + + conn->flow_info.qs = qs; + + if (flow_alloc_res(conn->flow_info.fd)) { + log_err("Flow allocation to %s failed.", dst_name); + flow_dealloc(conn->flow_info.fd); + return -1; + } + + if (cacep_snd(conn->flow_info.fd, &ae->info)) { + log_err("Failed to create application connection."); + flow_dealloc(conn->flow_info.fd); + return -1; + } + + if (cacep_rcv(conn->flow_info.fd, &conn->conn_info)) { + log_err("Failed to connect to application."); + flow_dealloc(conn->flow_info.fd); + return -1; + } + + if (strcmp(ae->info.protocol, conn->conn_info.protocol) || + ae->info.pref_version != conn->conn_info.pref_version || + ae->info.pref_syntax != conn->conn_info.pref_syntax) { + flow_dealloc(conn->flow_info.fd); + return -1; + } + + return 0; +} + +int connmgr_wait(struct ae * ae, + struct conn * conn) +{ + struct ae_conn * ae_conn; + + assert(ae); + assert(conn); + + pthread_mutex_lock(&ae->conn_lock); + + pthread_cleanup_push((void(*)(void *))pthread_mutex_unlock, + (void *) &ae->conn_lock); + + while (list_is_empty(&ae->conn_list)) + pthread_cond_wait(&ae->conn_cond, &ae->conn_lock); + + ae_conn = list_first_entry((&ae->conn_list), struct ae_conn, next); + if (ae_conn == NULL) { + pthread_mutex_unlock(&ae->conn_lock); + return -1; + } + + *conn = ae_conn->conn; + + list_del(&ae_conn->next); + free(ae_conn); + + pthread_cleanup_pop(true); + + return 0; +} diff --git a/src/ipcpd/normal/connmgr.h b/src/ipcpd/normal/connmgr.h new file mode 100644 index 00000000..bfb3d762 --- /dev/null +++ b/src/ipcpd/normal/connmgr.h @@ -0,0 +1,57 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Handles the different AP connections + * + * Sander Vrijders + * Dimitri Staessens + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#ifndef OUROBOROS_IPCPD_NORMAL_CONNMGR_H +#define OUROBOROS_IPCPD_NORMAL_CONNMGR_H + +#include +#include + +struct conn { + struct conn_info conn_info; + struct flow_info { + int fd; + qosspec_t qs; + } flow_info; +}; + +int connmgr_init(void); + +void connmgr_fini(void); + +int connmgr_start(void); + +void connmgr_stop(void); + +struct ae * connmgr_ae_create(struct conn_info info); + +void connmgr_ae_destroy(struct ae * ae); + +int connmgr_alloc(struct ae * ae, + char * dst_name, + qosspec_t qs, + struct conn * conn); + +int connmgr_wait(struct ae * ae, + struct conn * conn); + +#endif /* OUROBOROS_IPCPD_NORMAL_CONNMGR_H */ diff --git a/src/ipcpd/normal/enroll.c b/src/ipcpd/normal/enroll.c index 5c7ebd7e..9c3b9973 100644 --- a/src/ipcpd/normal/enroll.c +++ b/src/ipcpd/normal/enroll.c @@ -197,7 +197,7 @@ int enroll_boot(char * dst_name) delta_t = ts_diff_ms(&t0, &rtt); - assert (len == 2 * sizeof (uint64_t)); + assert(len == 2 * sizeof (uint64_t)); rtt.tv_sec = ntoh64(((uint64_t *) data)[0]); rtt.tv_nsec = ntoh64(((uint64_t *) data)[1]); diff --git a/src/ipcpd/normal/fmgr.c b/src/ipcpd/normal/fmgr.c index 0c927fc7..34724ddd 100644 --- a/src/ipcpd/normal/fmgr.c +++ b/src/ipcpd/normal/fmgr.c @@ -162,7 +162,7 @@ void * fmgr_nm1_sdu_reader(void * o) shm_pci_des(sdb, &pci); - if (pci.dst_addr != ipcpi.address) { + if (pci.dst_addr != ipcpi.dt_addr) { log_dbg("PDU needs to be forwarded."); if (pci.ttl == 0) { diff --git a/src/ipcpd/normal/frct.c b/src/ipcpd/normal/frct.c index 915feaf8..c9b23060 100644 --- a/src/ipcpd/normal/frct.c +++ b/src/ipcpd/normal/frct.c @@ -285,7 +285,7 @@ cep_id_t frct_i_create(uint64_t address, pci.pdu_type = PDU_TYPE_MGMT; pci.dst_addr = address; - pci.src_addr = ipcpi.address; + pci.src_addr = ipcpi.dt_addr; pci.dst_cep_id = 0; pci.src_cep_id = id; pci.seqno = 0; @@ -330,7 +330,7 @@ int frct_i_accept(cep_id_t id, pci.pdu_type = PDU_TYPE_MGMT; pci.dst_addr = instance->r_address; - pci.src_addr = ipcpi.address; + pci.src_addr = ipcpi.dt_addr; pci.dst_cep_id = instance->r_cep_id; pci.src_cep_id = instance->cep_id; pci.seqno = 0; @@ -367,7 +367,7 @@ int frct_i_destroy(cep_id_t id, pci.pdu_type = PDU_TYPE_MGMT; pci.dst_addr = instance->r_address; - pci.src_addr = ipcpi.address; + pci.src_addr = ipcpi.dt_addr; pci.dst_cep_id = instance->r_cep_id; pci.src_cep_id = instance->cep_id; pci.seqno = 0; @@ -413,7 +413,7 @@ int frct_i_write_sdu(cep_id_t id, pci.pdu_type = PDU_TYPE_DTP; pci.dst_addr = instance->r_address; - pci.src_addr = ipcpi.address; + pci.src_addr = ipcpi.dt_addr; pci.dst_cep_id = instance->r_cep_id; pci.src_cep_id = instance->cep_id; pci.seqno = (instance->seqno)++; diff --git a/src/ipcpd/normal/gam.c b/src/ipcpd/normal/gam.c index f98c0d4f..212cfd83 100644 --- a/src/ipcpd/normal/gam.c +++ b/src/ipcpd/normal/gam.c @@ -185,7 +185,7 @@ int gam_flow_arr(struct gam * instance, strcpy(snd_info.protocol, CDAP_PROTO); snd_info.pref_version = 1; snd_info.pref_syntax = PROTO_GPB; - snd_info.ae.addr = ipcpi.address; + snd_info.addr = ipcpi.dt_addr; if (cacep_rcv(fd, rcv_info)) { log_err("Error establishing application connection."); @@ -266,7 +266,7 @@ int gam_flow_alloc(struct gam * instance, strcpy(snd_info.protocol, CDAP_PROTO); snd_info.pref_version = 1; snd_info.pref_syntax = PROTO_GPB; - snd_info.ae.addr = ipcpi.address; + snd_info.addr = ipcpi.dt_addr; if (cacep_snd(fd, &snd_info)) { log_err("Failed to create application connection."); diff --git a/src/ipcpd/normal/main.c b/src/ipcpd/normal/main.c index c75a74d6..3e5907a8 100644 --- a/src/ipcpd/normal/main.c +++ b/src/ipcpd/normal/main.c @@ -24,7 +24,6 @@ #include #include -#include #include #include #include @@ -33,11 +32,10 @@ #include #include "addr_auth.h" -#include "ae.h" +#include "connmgr.h" #include "dir.h" #include "enroll.h" #include "fmgr.h" -#include "frct.h" #include "ipcp.h" #include "ribconfig.h" #include "ribmgr.h" @@ -45,16 +43,11 @@ #include #include #include -#include #include #include #include -#define THIS_TYPE IPCP_NORMAL - -struct { - pthread_t acceptor; -} normal; +#define THIS_TYPE IPCP_NORMAL void ipcp_sig_handler(int sig, siginfo_t * info, @@ -82,53 +75,6 @@ void ipcp_sig_handler(int sig, } } -static void * flow_acceptor(void * o) -{ - int fd; - qosspec_t qs; - /* FIXME: Remove once correct AE is known. */ - char * ae_name = ENROLL_AE; - - (void) o; - - while (true) { - pthread_rwlock_rdlock(&ipcpi.state_lock); - - if (ipcp_get_state() != IPCP_OPERATIONAL) { - pthread_rwlock_unlock(&ipcpi.state_lock); - log_info("Shutting down flow acceptor."); - return 0; - } - - pthread_rwlock_unlock(&ipcpi.state_lock); - - fd = flow_accept(&qs); - if (fd < 0) { - if (fd != -EIRMD) - log_warn("Flow accept failed: %d", fd); - continue; - } - - /* FIXME: Perform CACEP at this point */ - - if (strcmp(ae_name, ENROLL_AE) == 0) { - enroll_handle(fd); - } else if (strcmp(ae_name, MGMT_AE) == 0) { - ribmgr_flow_arr(fd, qs); - } else if (strcmp(ae_name, DT_AE) == 0) { - fmgr_nm1_flow_arr(fd, qs); - } else { - log_dbg("Flow allocation request for unknown AE %s.", - ae_name); - if (flow_alloc_resp(fd, -1)) - log_warn("Failed to reply to flow allocation."); - flow_dealloc(fd); - } - } - - return (void *) 0; -} - /* * Boots the IPCP off information in the rib. * Common function after bootstrap or enroll. @@ -153,15 +99,21 @@ static int boot_components(void) } if (rib_add(MEMBERS_PATH, ipcpi.name)) { - log_warn("Failed to add name to " MEMBERS_PATH); + log_err("Failed to add name to " MEMBERS_PATH); return -1; } log_dbg("Starting components."); + if (connmgr_init()) { + log_err("Failed to init ap connection manager"); + return -1; + } + if (rib_read(BOOT_PATH "/addr_auth/type", &pa, sizeof(pa)) != sizeof(pa)) { log_err("Failed to read policy for address authority."); + connmgr_fini(); return -1; } @@ -170,20 +122,22 @@ static int boot_components(void) return -1; } - ipcpi.address = addr_auth_address(); - if (ipcpi.address == 0) { + ipcpi.dt_addr = addr_auth_address(); + if (ipcpi.dt_addr == 0) { log_err("Failed to get a valid address."); addr_auth_fini(); + connmgr_fini(); return -1; } - log_dbg("IPCP got address %" PRIu64 ".", ipcpi.address); + log_dbg("IPCP got address %" PRIu64 ".", ipcpi.dt_addr); log_dbg("Starting ribmgr."); if (ribmgr_init()) { log_err("Failed to initialize RIB manager."); addr_auth_fini(); + connmgr_fini(); return -1; } @@ -191,6 +145,7 @@ static int boot_components(void) log_err("Failed to initialize directory."); ribmgr_fini(); addr_auth_fini(); + connmgr_fini(); return -1; } @@ -200,6 +155,7 @@ static int boot_components(void) dir_fini(); ribmgr_fini(); addr_auth_fini(); + connmgr_fini(); log_err("Failed to start flow manager."); return -1; } @@ -209,19 +165,21 @@ static int boot_components(void) dir_fini(); ribmgr_fini(); addr_auth_fini(); + connmgr_fini(); log_err("Failed to initialize FRCT."); return -1; } ipcp_set_state(IPCP_OPERATIONAL); - if (pthread_create(&normal.acceptor, NULL, flow_acceptor, NULL)) { + if (connmgr_start()) { ipcp_set_state(IPCP_INIT); fmgr_fini(); dir_fini(); ribmgr_fini(); addr_auth_fini(); - log_err("Failed to create acceptor thread."); + connmgr_fini(); + log_err("Failed to start AP connection manager."); return -1; } @@ -230,8 +188,7 @@ static int boot_components(void) void shutdown_components(void) { - pthread_cancel(normal.acceptor); - pthread_join(normal.acceptor, NULL); + connmgr_stop(); frct_fini(); @@ -242,6 +199,8 @@ void shutdown_components(void) ribmgr_fini(); addr_auth_fini(); + + connmgr_fini(); } static int normal_ipcp_enroll(char * dst_name) @@ -410,9 +369,9 @@ static struct ipcp_ops normal_ops = { .ipcp_name_reg = dir_name_reg, .ipcp_name_unreg = dir_name_unreg, .ipcp_name_query = dir_name_query, - .ipcp_flow_alloc = NULL, /* fmgr_np1_alloc, */ - .ipcp_flow_alloc_resp = NULL, /* fmgr_np1_alloc_resp, */ - .ipcp_flow_dealloc = NULL, /* fmgr_np1_dealloc */ + .ipcp_flow_alloc = fmgr_np1_alloc, + .ipcp_flow_alloc_resp = fmgr_np1_alloc_resp, + .ipcp_flow_dealloc = fmgr_np1_dealloc }; int main(int argc, diff --git a/src/ipcpd/normal/pol/complete.c b/src/ipcpd/normal/pol/complete.c index 68f43e81..daf8c9bf 100644 --- a/src/ipcpd/normal/pol/complete.c +++ b/src/ipcpd/normal/pol/complete.c @@ -38,7 +38,7 @@ struct neighbor { struct list_head next; - char * neighbor; + uint64_t neighbor; }; struct complete { @@ -135,7 +135,6 @@ void complete_destroy(void * o) list_for_each_safe(p, n, &complete->neighbors) { struct neighbor * e = list_entry(p, struct neighbor, next); list_del(&e->next); - free(e->neighbor); free(e); } @@ -168,7 +167,7 @@ int complete_accept_flow(void * o, list_for_each(pos, &complete->neighbors) { struct neighbor * e = list_entry(pos, struct neighbor, next); /* FIXME: figure out union type and check name or address */ - if (strcmp(e->neighbor, info->ae.name) == 0) { + if (e->neighbor == info->addr) { pthread_mutex_unlock(&complete->neighbors_lock); return -1; } @@ -186,13 +185,7 @@ int complete_accept_flow(void * o, list_head_init(&n->next); - /* FIXME: figure out union type and check name or address */ - n->neighbor = strdup(info->ae.name); - if (n->neighbor == NULL) { - pthread_mutex_unlock(&complete->neighbors_lock); - free(n); - return -1; - } + n->neighbor = info->addr; list_add(&n->next, &complete->neighbors); diff --git a/src/lib/cacep.c b/src/lib/cacep.c index abff0aaa..a2c5c3d2 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -49,10 +49,12 @@ int read_msg(int fd, if (msg == NULL) return -1; + strcpy(info->ae_name, msg->ae_name); strcpy(info->protocol, msg->protocol); info->pref_version = msg->pref_version; info->pref_syntax = msg->pref_syntax; + info->addr = msg->address; cacep_msg__free_unpacked(msg, NULL); @@ -68,6 +70,7 @@ static int send_msg(int fd, msg.ae_name = (char *) info->ae_name; msg.protocol = (char *) info->protocol; + msg.address = info->addr; msg.pref_version = info->pref_version; msg.pref_syntax = info->pref_syntax; if (msg.pref_syntax < 0) diff --git a/src/lib/cacep.proto b/src/lib/cacep.proto index 3e1291f6..cdeaa0b7 100644 --- a/src/lib/cacep.proto +++ b/src/lib/cacep.proto @@ -30,4 +30,5 @@ message cacep_msg { repeated int32 supp_version = 4; required int32 pref_syntax = 5; repeated int32 supp_syntax = 6; + required uint64 address = 7; } \ No newline at end of file -- cgit v1.2.3