~moonshot/moonshot-tr/master

Viewing changes to tr/tr_trp.c

Committer: GitHub
Author(s): Jennifer Richards
Date: 2018-06-02 02:23:01 UTC
mfrom: (449.2.53)
Revision ID: git-v1:6f65c9cce86719147d0b4dcc9823b25443c2d185

Merge pull request #100 from painless-security/milestone/monitoring

Merge milestone/monitoring into master in preparation for release

files added:
CMakeLists.txt

common/tr_aaa_server.c

common/tr_comm_encoders.c

common/tr_config_comms.c

common/tr_config_encoders.c

common/tr_config_filters.c

common/tr_config_internal.c

common/tr_config_orgs.c

common/tr_config_realms.c

common/tr_config_rp_clients.c

common/tr_filter_encoders.c

common/tr_gss_client.c

common/tr_gss_names.c

common/tr_idp_encoders.c

common/tr_inet_util.c

common/tr_list.c

common/tr_rand_id.c

common/tr_rp_client.c

common/tr_rp_client_encoders.c

common/tr_socket.c

include/mon.h

include/mon_internal.h

include/mons_handlers.h

include/tr_aaa_server.h

include/tr_constraint_internal.h

include/tr_gss_client.h

include/tr_gss_names.h

include/tr_inet_util.h

include/tr_json_util.h

include/tr_list.h

include/tr_mon.h

include/tr_rand_id.h

include/tr_rp_client.h

include/tr_socket.h

include/trp_peer.h

include/trp_route.h

m4/.ignore-this-file

mon/mon_common.c

mon/mon_req.c

mon/mon_req_decode.c

mon/mon_req_encode.c

mon/mon_resp.c

mon/mon_resp_decode.c

mon/mon_resp_encode.c

mon/monc.c

mon/mons.c

mon/mons_handlers.c

mon/tests

mon/tests/req_show_all_options.test

mon/tests/req_show_no_options.test

mon/tests/resp_show_success.test

mon/tests/test_mon_req_decode.c

mon/tests/test_mon_req_encode.c

mon/tests/test_mon_resp_encode.c

tr/tr_mon.c

tr/tr_tid_mons.c

tr/tr_trp_mons.c

tr/trmon_main.c

trp/trp_peer.c

trp/trp_peer_encoders.c

trp/trp_ptable_encoders.c

trp/trp_route.c

trp/trp_route_encoders.c

trp/trp_rtable_encoders.c

files modified:
.gitignore

Makefile.am

common/tests/cfg_test.c

common/tests/commtest.c

common/tests/filt_test.c

common/tests/mq_test.c

common/tests/thread_test.c

common/tr_comm.c

common/tr_config.c

common/tr_constraint.c

common/tr_filter.c

common/tr_gss.c

common/tr_idp.c

common/tr_mq.c

common/tr_msg.c

common/tr_name.c

common/tr_rp.c

common/tr_util.c

configure.ac

gsscon/gsscon_active.c

gsscon/gsscon_common.c

gsscon/test/gsscon_client.c

gsscon/test/gsscon_server.c

include/tid_internal.h

include/tr_comm.h

include/tr_config.h

include/tr_event.h

include/tr_filter.h

include/tr_gss.h

include/tr_idp.h

include/tr_mq.h

include/tr_msg.h

include/tr_name_internal.h

include/tr_rp.h

include/tr_tid.h

include/tr_trp.h

include/tr_util.h

include/trp_internal.h

include/trp_ptable.h

include/trp_rtable.h

include/trust_router/tid.h

include/trust_router/tr_constraint.h

include/trust_router/tr_name.h

include/trust_router/trp.h

redhat/default-internal.cfg

redhat/organizations.cfg

tid/example/tidc_main.c

tid/example/tids_main.c

tid/tid_req.c

tid/tid_resp.c

tid/tidc.c

tid/tids.c

tr/tr_main.c

tr/tr_tid.c

tr/tr_trp.c

tr/trpc_main.c

trp/msgtst.c

trp/test/ptbl_test.c

trp/test/rtbl_test.c

trp/trp_conn.c

trp/trp_ptable.c

trp/trp_rtable.c

trp/trp_upd.c

trp/trpc.c

trp/trps.c

trust_router.spec

Show diffs side-by-side

added added

removed removed

tr/tr_trp.c

#include <tr.h>

#include <tr_mq.h>

#include <tr_rp.h>

#include <trp_route.h>

#include <trp_internal.h>

#include <trp_peer.h>

#include <trp_ptable.h>

#include <trp_rtable.h>

#include <tr_config.h>

/* n.b., conn is available here, but do not hold onto the reference

* because it may be cleaned up if the originating connection goes

* down before the message is processed */

mq_msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_MSG_RECEIVED, TR_MQ_PRIO_NORMAL);

mq_msg= tr_mq_msg_new(tmp_ctx, TR_MQMSG_MSG_RECEIVED);

if (mq_msg==NULL) {

return TRP_NOMEM;

}

112

114

113

115

tr_debug("tr_trps_gss_handler()");

114

116

115

if ((!client_name) || (!gss_name) || (!trps) || (!cfg_mgr)) {

117

if ((!client_name) || (!trps) || (!cfg_mgr)) {

116

118

tr_debug("tr_trps_gss_handler: Bad parameters.");

117

119

return -1;

118

120

}

145

147

if (trps_authorize_connection(trps, conn)!=TRP_SUCCESS)

146

148

goto cleanup;

147

149

148

msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPS_CONNECTED, TR_MQ_PRIO_HIGH);

150

msg= tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPS_CONNECTED);

149

151

tr_mq_msg_set_payload(msg, (void *)tr_dup_name(trp_connection_get_peer(conn)), tr_free_name_helper);

150

152

if (msg==NULL) {

151

153

tr_err("tr_trps_thread: error allocating TR_MQ_MSG");

157

159

trps_handle_connection(trps, conn);

158

160

159

161

cleanup:

160

msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPS_DISCONNECTED, TR_MQ_PRIO_HIGH);

162

msg= tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPS_DISCONNECTED);

161

163

tr_mq_msg_set_payload(msg, (void *)conn, NULL); /* do not pass a free routine */

162

164

if (msg==NULL)

163

165

tr_err("tr_trps_thread: error allocating TR_MQ_MSG");

182

184

tr_debug("tr_trps_event_cb: unexpected event on TRPS socket (event=0x%X)", event);

183

185

} else {

184

186

/* create a thread to handle this connection */

185

if (asprintf(&name, "trustrouter@%s", trps->hostname)==-1) {

187

name = talloc_asprintf(tmp_ctx, "trustrouter@%s", trps->hostname);

188

if (name == NULL)

186

189

goto cleanup;

187

}

188

gssname=tr_new_name(name);

189

free(name); name=NULL;

190

conn=trp_connection_accept(tmp_ctx, listener, gssname);

191

if (conn!=NULL) {

190

gssname=tr_new_name(name); /* name cleaned up with tmp_ctx but need to handl gssname ourselves */

191

192

conn=trp_connection_accept(tmp_ctx, listener, gssname); /* steals gssname unless it fails */

193

if (conn == NULL) {

194

tr_free_name(gssname);

195

} else {

192

196

/* need to monitor this fd and trigger events when read becomes possible */

193

197

thread_data=talloc(conn, struct trps_thread_data);

194

198

if (thread_data==NULL) {

195

199

tr_err("tr_trps_event_cb: unable to allocate trps_thread_data");

196

talloc_free(tmp_ctx);

197

return;

200

goto cleanup;

198

201

}

199

202

thread_data->conn=conn;

200

203

thread_data->trps=trps;

201

trps_add_connection(trps, conn); /* remember the connection */

204

trps_add_connection(trps, conn); /* remember the connection - this puts conn and the thread data in trps's talloc context */

202

205

pthread_create(trp_connection_get_thread(conn), NULL, tr_trps_thread, thread_data);

203

206

}

204

207

}

266

269

TRPS_INSTANCE *trps=talloc_get_type_abort(arg, TRPS_INSTANCE);

267

270

TR_MQ_MSG *msg=NULL;

268

271

const char *s=NULL;

272

TRP_PEER *peer = NULL;

273

char *tmp = NULL;

269

274

270

275

msg=trps_mq_pop(trps);

271

276

while (msg!=NULL) {

272

277

s=tr_mq_msg_get_message(msg);

273

278

if (0==strcmp(s, TR_MQMSG_TRPS_CONNECTED)) {

274

TR_NAME *gssname=(TR_NAME *)tr_mq_msg_get_payload(msg);

275

TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname);

276

if (peer==NULL)

277

tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) reported.", gssname->buf);

278

else {

279

trp_peer_set_incoming_status(peer, PEER_CONNECTED);

280

tr_err("tr_trps_process_mq: incoming connection from %s established.", gssname->buf);

279

TR_NAME *peer_gssname=(TR_NAME *)tr_mq_msg_get_payload(msg);

280

if (NULL == peer_gssname) {

281

/* This should not happen, we should not be able to establish a connection if we do not

282

* know their GSS name */

283

tr_err("tr_trps_process_mq: incoming connection from unknown GSS name reported.");

284

} else {

285

peer = trps_get_peer_by_gssname(trps, peer_gssname); /* get the peer record */

286

tmp = tr_name_strdup(peer_gssname); /* get the name as a null-terminated string */

287

if (peer == NULL)

288

tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) reported.", tmp);

289

else {

290

trp_peer_set_incoming_status(peer, PEER_CONNECTED);

291

tr_info("tr_trps_process_mq: incoming connection from %s established.", tmp);

292

}

293

free(tmp);

281

294

}

282

295

}

283

296

else if (0==strcmp(s, TR_MQMSG_TRPS_DISCONNECTED)) {

284

297

TRP_CONNECTION *conn=talloc_get_type_abort(tr_mq_msg_get_payload(msg), TRP_CONNECTION);

285

TR_NAME *gssname=trp_connection_get_gssname(conn);

286

TRP_PEER *peer=trps_get_peer_by_gssname(trps, gssname);

287

if (peer==NULL) {

288

tr_err("tr_trps_process_mq: incoming connection from unknown peer (%s) lost.",

289

trp_connection_get_gssname(conn)->buf);

298

TR_NAME *peer_gssname=trp_connection_get_peer(conn);

299

300

if (NULL == peer_gssname) {

301

/* If the GSS auth failed, then we don't know the peer's GSS name. */

302

tr_info("tr_trps_process_mq: incoming connection failed to auth.");

290

303

} else {

291

trp_peer_set_incoming_status(peer, PEER_DISCONNECTED);

292

tr_trps_cleanup_conn(trps, conn);

293

tr_err("tr_trps_process_mq: incoming connection from %s lost.", gssname->buf);

304

/* We do know the peer's GSS name, see if we recognize it. */

305

peer = trps_get_peer_by_gssname(trps, peer_gssname); /* get the peer record */

306

tmp = tr_name_strdup(peer_gssname); /* get the name as a null-terminated string */

307

if (peer == NULL) {

308

tr_err("tr_trps_process_mq: incoming connection from unknown peer (%.*s) lost.", tmp);

309

} else {

310

trp_peer_set_incoming_status(peer, PEER_DISCONNECTED);

311

tr_trps_cleanup_conn(trps, conn);

312

tr_info("tr_trps_process_mq: incoming connection from %s lost.", tmp);

313

}

314

free(tmp);

294

315

}

295

316

}

296

317

else if (0==strcmp(s, TR_MQMSG_TRPC_CONNECTED)) {

297

318

TR_NAME *svcname=(TR_NAME *)tr_mq_msg_get_payload(msg);

298

TRP_PEER *peer=trps_get_peer_by_servicename(trps, svcname);

299

if (peer==NULL)

300

tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) reported.", svcname->buf);

301

else {

302

trp_peer_set_outgoing_status(peer, PEER_CONNECTED);

303

tr_err("tr_trps_process_mq: outgoing connection to %s established.", svcname->buf);

319

if (NULL == svcname) {

320

/* This should not happen because we shouldn't be reporting a connection unless we were

321

* able to auth the service name. */

322

tr_err("tr_trps_process_mq: outgoing connection established to unknown GSS service name.");

323

} else {

324

peer = trps_get_peer_by_servicename(trps, svcname);

325

tmp = tr_name_strdup(svcname);

326

if (peer == NULL)

327

tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) reported.", tmp);

328

else {

329

trp_peer_set_outgoing_status(peer, PEER_CONNECTED);

330

tr_info("tr_trps_process_mq: outgoing connection to %s established.", tmp);

331

}

332

free(tmp);

304

333

}

305

334

}

306

335

else if (0==strcmp(s, TR_MQMSG_TRPC_DISCONNECTED)) {

307

/* trpc connection died */

308

336

TRPC_INSTANCE *trpc=talloc_get_type_abort(tr_mq_msg_get_payload(msg), TRPC_INSTANCE);

309

TR_NAME *gssname=trpc_get_gssname(trpc);

310

TRP_PEER *peer=trps_get_peer_by_servicename(trps, gssname);

311

if (peer==NULL)

312

tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) lost.", gssname->buf);

313

else {

314

trp_peer_set_outgoing_status(peer, PEER_DISCONNECTED);

315

tr_err("tr_trps_process_mq: outgoing connection to %s lost.", gssname->buf);

316

tr_trps_cleanup_trpc(trps, trpc);

337

TR_NAME *svcname=trpc_get_gssname(trpc);

338

if (NULL == svcname) {

339

tr_info("tr_trps_process_mq: outgoing connection to unknown GSS service name lost.");

340

} else {

341

peer = trps_get_peer_by_servicename(trps, svcname);

342

tmp = tr_name_strdup(svcname);

343

if (peer == NULL)

344

tr_err("tr_trps_process_mq: outgoing connection to unknown peer (%s) lost.", tmp);

345

else {

346

trp_peer_set_outgoing_status(peer, PEER_DISCONNECTED);

347

tr_info("tr_trps_process_mq: outgoing connection to %s lost.", tmp);

348

tr_trps_cleanup_trpc(trps, trpc);

349

}

350

free(tmp);

317

351

}

318

352

}

319

353

320

354

else if (0==strcmp(s, TR_MQMSG_MSG_RECEIVED)) {

321

355

if (trps_handle_tr_msg(trps, tr_mq_msg_get_payload(msg))!=TRP_SUCCESS)

322

tr_notice("tr_trps_process_mq: error handling message.");

356

tr_err("tr_trps_process_mq: error handling message.");

323

357

}

324

358

else

325

359

tr_notice("tr_trps_process_mq: unknown message '%s' received.", tr_mq_msg_get_message(msg));

548

582

return retval;

549

583

}

550

584

551

552

struct trpc_notify_cb_data {

553

int msg_ready;

554

pthread_cond_t cond;

555

pthread_mutex_t mutex;

556

};

557

558

static void tr_trpc_mq_cb(TR_MQ *mq, void *arg)

559

{

560

struct trpc_notify_cb_data *cb_data=(struct trpc_notify_cb_data *) arg;

561

pthread_mutex_lock(&(cb_data->mutex));

562

if (!cb_data->msg_ready) {

563

cb_data->msg_ready=1;

564

pthread_cond_signal(&(cb_data->cond));

565

}

566

pthread_mutex_unlock(&(cb_data->mutex));

567

}

568

569

585

/* data passed to thread */

570

586

struct trpc_thread_data {

571

587

TRPC_INSTANCE *trpc;

572

588

TRPS_INSTANCE *trps;

573

589

};

590

591

/**

592

* Thread for handling TRPC (outgoing) connections

593

594

* Opens a connection to a peer. If successful, notifies the trps thread by

595

* posting a TR_MQMSG_TRPC_CONNECTED message to the trps message queue.

596

* It then waits for messages on trpc->mq. Normally these will be TR_MQMSG_TRPC_SEND

597

* messages, which this thread forwards to the peer. If its connection is lost or

598

* a TR_MQMSG_ABORT message is received on trpc->mq, the thread sends a

599

* TR_MQMSG_TRPC_DISCONNECTED message to the trps thread, then cleans up and

600

* terminates.

601

602

* The trps may continue queueing messages for this client even when the

603

* connection is down. To prevent the queue from growing endlessly, this thread

604

* should clear its queue after failed connection attempts.

605

574

606

static void *tr_trpc_thread(void *arg)

575

607

{

576

608

TALLOC_CTX *tmp_ctx=talloc_new(NULL);

582

614

const char *msg_type=NULL;

583

615

char *encoded_msg=NULL;

584

616

TR_NAME *peer_gssname=NULL;

585

int n_sent=0;

617

struct timespec wait_until = {0};

586

618

int exit_loop=0;

587

619

588

struct trpc_notify_cb_data cb_data={0,

589

PTHREAD_COND_INITIALIZER,

590

PTHREAD_MUTEX_INITIALIZER};

591

592

620

tr_debug("tr_trpc_thread: started");

593

621

594

/* set up the mq for receiving */

595

pthread_mutex_lock(&(cb_data.mutex)); /* hold this lock until we enter the main loop */

596

597

tr_mq_lock(trpc->mq);

598

tr_mq_set_notify_cb(trpc->mq, tr_trpc_mq_cb, (void *) &cb_data);

599

tr_mq_unlock(trpc->mq);

600

622

/* Try to make the outgoing connection */

601

623

rc=trpc_connect(trpc);

602

624

if (rc!=TRP_SUCCESS) {

603

625

tr_notice("tr_trpc_thread: failed to initiate connection to %s:%d.",

604

626

trpc_get_server(trpc),

605

627

trpc_get_port(trpc));

628

trpc_mq_clear(trpc); /* clear the queue even though we did not connect */

606

629

} else {

630

/* Retrieve the GSS name used by the peer for authentication */

607

631

peer_gssname=trp_connection_get_peer(trpc_get_conn(trpc));

608

632

if (peer_gssname==NULL) {

609

633

tr_err("tr_trpc_thread: could not duplicate peer_gssname.");

610

634

talloc_free(tmp_ctx);

611

635

return NULL;

612

636

}

613

tr_debug("tr_trpc_thread: connected to peer %s", peer_gssname->buf);

637

tr_debug("tr_trpc_thread: connected to peer %.*s",

638

peer_gssname->len, peer_gssname->buf);

614

639

615

msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_CONNECTED, TR_MQ_PRIO_HIGH);

640

msg= tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_CONNECTED);

616

641

tr_mq_msg_set_payload(msg, (void *)tr_dup_name(peer_gssname), tr_free_name_helper);

617

642

if (msg==NULL) {

618

643

tr_err("tr_trpc_thread: error allocating TR_MQ_MSG");

622

647

trps_mq_add(trps, msg); /* steals msg context */

623

648

msg=NULL;

624

649

650

/* Loop until we get an abort message or until the connection is lost. */

625

651

while(!exit_loop) {

626

cb_data.msg_ready=0;

627

pthread_cond_wait(&(cb_data.cond), &(cb_data.mutex));

628

/* verify the condition */

629

if (cb_data.msg_ready) {

630

for (msg=trpc_mq_pop(trpc),n_sent=0; msg!=NULL; msg=trpc_mq_pop(trpc),n_sent++) {

631

msg_type=tr_mq_msg_get_message(msg);

652

/* Wait up to 10 minutes for a message to be queued to send to the peer.

653

* Log a warning if we go longer than that, but don't give up. */

654

if (tr_mq_pop_timeout(10 * 60, &wait_until) != 0) {

655

tr_err("tr_trpc_thread: unable to set abort timeout");

656

break; /* immediately exit the loop, don't go through cleanup */

657

}

632

658

633

if (0==strcmp(msg_type, TR_MQMSG_ABORT)) {

634

exit_loop=1;

635

break;

636

}

637

else if (0==strcmp(msg_type, TR_MQMSG_TRPC_SEND)) {

638

encoded_msg=tr_mq_msg_get_payload(msg);

639

if (encoded_msg==NULL)

640

tr_notice("tr_trpc_thread: null outgoing TRP message.");

641

else {

642

rc = trpc_send_msg(trpc, encoded_msg);

643

if (rc!=TRP_SUCCESS) {

644

tr_notice("tr_trpc_thread: trpc_send_msg failed.");

645

exit_loop=1;

646

break;

647

}

659

/* Pop a message from the queue. */

660

msg = trpc_mq_pop(trpc, &wait_until);

661

if (msg) {

662

msg_type = tr_mq_msg_get_message(msg);

663

if (0 == strcmp(msg_type, TR_MQMSG_ABORT)) {

664

tr_debug("tr_trpc_thread: received abort message from main thread.");

665

exit_loop = 1;

666

} else if (0 == strcmp(msg_type, TR_MQMSG_TRPC_SEND)) {

667

encoded_msg = tr_mq_msg_get_payload(msg);

668

if (encoded_msg == NULL)

669

tr_notice("tr_trpc_thread: null outgoing TRP message.");

670

else {

671

rc = trpc_send_msg(trpc, encoded_msg);

672

if (rc == TRP_SUCCESS) {

673

tr_debug("tr_trpc_thread: sent message.");

674

} else {

675

tr_notice("tr_trpc_thread: trpc_send_msg failed.");

676

/* Assume this means we lost the connection. */

677

exit_loop = 1;

648

678

}

649

679

}

650

else

651

tr_notice("tr_trpc_thread: unknown message '%s' received.", msg_type);

680

} else

681

tr_notice("tr_trpc_thread: unknown message '%s' received.", msg_type);

652

682

653

tr_mq_msg_free(msg);

654

}

655

if (n_sent==0)

656

tr_err("tr_trpc_thread: notified of msg, but queue empty");

657

else

658

tr_debug("tr_trpc_thread: sent %d messages.", n_sent);

683

tr_mq_msg_free(msg);

684

} else {

685

tr_warning("tr_trpc_thread: no outgoing messages to %.*s for 10 minutes",

686

peer_gssname->len, peer_gssname->buf);

659

687

}

660

688

}

661

689

}

662

690

663

tr_debug("tr_trpc_thread: exiting.");

664

msg=tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_DISCONNECTED, TR_MQ_PRIO_HIGH);

691

/* Send a DISCONNECTED message to the main thread */

692

msg= tr_mq_msg_new(tmp_ctx, TR_MQMSG_TRPC_DISCONNECTED);

665

693

tr_mq_msg_set_payload(msg, (void *)trpc, NULL); /* do not pass a free routine */

666

if (msg==NULL)

694

if (msg==NULL) {

695

/* can't notify main thread */

667

696

tr_err("tr_trpc_thread: error allocating TR_MQ_MSG");

668

else

697

} else {

669

698

trps_mq_add(trps, msg);

670

671

trpc_mq_clear(trpc); /* clear any queued messages */

699

}

672

700

673

701

talloc_free(tmp_ctx);

702

tr_debug("tr_trpc_thread: thread terminating.");

674

703

return NULL;

675

704

}

676

705

677

/* convert an IDP realm into routing table entries. Outputs number in *n_routes */

706

/**

707

* convert an IDP realm into routing table entries.

708

709

* @param mem_ctx talloc context for the result

710

* @param realm IDP realm whose routes should be generated

711

* @param trust_router hostname for TRP connections to us

712

* @param trust_router_port TRP port of our trust router

713

* @param n_routes (output) the number of routes in the returned array

714

* @return Pointer to an array of pointers to routes

715

678

716

static TRP_ROUTE **tr_make_local_routes(TALLOC_CTX *mem_ctx,

679

TR_IDP_REALM *realm,

680

char *trust_router,

681

size_t *n_routes)

717

TR_IDP_REALM *realm,

718

const char *trust_router,

719

int trust_router_port,

720

size_t *n_routes)

682

721

{

683

722

TALLOC_CTX *tmp_ctx=talloc_new(NULL);

684

723

TR_APC *comm=NULL;

707

746

trp_route_set_peer(new_entry, tr_new_name("")); /* no peer, it's us */

708

747

trp_route_set_metric(new_entry, 0);

709

748

trp_route_set_trust_router(new_entry, tr_new_name(trust_router));

710

trp_route_set_next_hop(new_entry, tr_new_name(""));

749

trp_route_set_trust_router_port(new_entry, trust_router_port);

750

trp_route_set_next_hop(new_entry, tr_new_name("")); /* no next hop */

751

trp_route_set_next_hop_port(new_entry, -1); /* no next hop */

711

752

trp_route_set_local(new_entry, 1);

712

753

entries[ii]=new_entry;

713

754

}

787

828

TRP_ROUTE **local_routes=NULL;

788

829

size_t n_routes=0;

789

830

size_t ii=0;

790

char *trust_router_name=talloc_asprintf(tmp_ctx, "%s:%d", cfg->internal->hostname, cfg->internal->trps_port);

791

792

/* determine our trust router name */

793

if (trust_router_name==NULL)

794

return TRP_NOMEM;

795

831

796

832

for (cur=cfg->ctable->idp_realms; cur!=NULL; cur=cur->next) {

797

local_routes=tr_make_local_routes(tmp_ctx, cur, trust_router_name, &n_routes);

833

local_routes= tr_make_local_routes(tmp_ctx, cur, cfg->internal->hostname, cfg->internal->trps_port, &n_routes);

798

834

for (ii=0; ii<n_routes; ii++)

799

835

trps_add_route(trps, local_routes[ii]);

800

836

870

906

tr->cfgwatch->settling_time.tv_sec=new_cfg->internal->cfg_settling_time;

871

907

tr->cfgwatch->settling_time.tv_usec=0;

872

908

909

/* These need to be updated */

910

tr->tids->hostname = new_cfg->internal->hostname;

911

tr->mons->hostname = new_cfg->internal->hostname;

912

913

/* Update the authorized monitoring gss names */

914

if (tr->mons->authorized_gss_names) {

915

tr_debug("tr_config_changed: freeing tr->mons->authorized_gss_names");

916

tr_gss_names_free(tr->mons->authorized_gss_names);

917

}

918

if (new_cfg->internal->monitoring_credentials != NULL) {

919

tr->mons->authorized_gss_names = tr_gss_names_dup(tr->mons, new_cfg->internal->monitoring_credentials);

920

} else {

921

tr->mons->authorized_gss_names = tr_gss_names_new(tr->mons);

922

}

923

if (tr->mons->authorized_gss_names == NULL) {

924

tr_err("tr_config_changed: Error configuring monitoring credentials");

925

}

926

873

927

trps_set_connect_interval(trps, new_cfg->internal->trp_connect_interval);

874

928

trps_set_update_interval(trps, new_cfg->internal->trp_update_interval);

875

929

trps_set_sweep_interval(trps, new_cfg->internal->trp_sweep_interval);

Older »