diff options
author | dimitri staessens <[email protected]> | 2017-02-21 08:02:37 +0100 |
---|---|---|
committer | dimitri staessens <[email protected]> | 2017-02-21 11:55:36 +0100 |
commit | adc6766221327f99ab484d66f6f92050ec9e62d7 (patch) | |
tree | cd0facb94108552b0b9e75619af4e42d77be1a17 | |
parent | 354554c76cc2f9f30c7fd8edaeb2e3cc91c85332 (diff) | |
download | ouroboros-adc6766221327f99ab484d66f6f92050ec9e62d7.tar.gz ouroboros-adc6766221327f99ab484d66f6f92050ec9e62d7.zip |
lib: Exchange protocol info during CACEP
This exchanges a protocol name, a protocol version and concrete syntax
for the protocol upon CACEP. For CDAP, only version 1 and GPB are
supported. No lists for other supported versions or syntaxes are
exchanged (but the proto file supports it). CACEP fails if there is a
mismatch between the protocol names, version and syntax specified by
the communicating parties.
-rw-r--r-- | include/ouroboros/cacep.h | 15 | ||||
-rw-r--r-- | include/ouroboros/cdap.h | 1 | ||||
-rw-r--r-- | src/ipcpd/normal/cdap_flow.c | 7 | ||||
-rw-r--r-- | src/ipcpd/normal/enroll.c | 36 | ||||
-rw-r--r-- | src/ipcpd/normal/gam.c | 57 | ||||
-rw-r--r-- | src/lib/CMakeLists.txt | 6 | ||||
-rw-r--r-- | src/lib/cacep.c | 35 | ||||
-rw-r--r-- | src/lib/pol/cacep_anonymous_auth.c | 129 | ||||
-rw-r--r-- | src/lib/pol/cacep_anonymous_auth.proto | 30 | ||||
-rw-r--r-- | src/lib/pol/cacep_proto.c | 52 | ||||
-rw-r--r-- | src/lib/pol/cacep_proto.h | 36 | ||||
-rw-r--r-- | src/lib/pol/cacep_proto.proto | 38 | ||||
-rw-r--r-- | src/lib/pol/cacep_simple_auth.c | 52 | ||||
-rw-r--r-- | src/lib/pol/cacep_simple_auth.proto | 7 |
14 files changed, 470 insertions, 31 deletions
diff --git a/include/ouroboros/cacep.h b/include/ouroboros/cacep.h index 63418bd3..e0737c47 100644 --- a/include/ouroboros/cacep.h +++ b/include/ouroboros/cacep.h @@ -26,12 +26,27 @@ #include <ouroboros/irm_config.h> +enum proto_concrete_syntax { + PROTO_GPB = 0, + PROTO_ASN_1, + PROTO_FIXED +}; + struct cacep_info { + struct { + char * protocol; + uint32_t pref_version; + enum proto_concrete_syntax pref_syntax; + } proto; char * name; uint64_t addr; void * data; }; +int cacep_info_init(struct cacep_info * info); + +void cacep_info_fini(struct cacep_info * info); + struct cacep_info * cacep_auth(int fd, enum pol_cacep pc, const struct cacep_info * info); diff --git a/include/ouroboros/cdap.h b/include/ouroboros/cdap.h index 9f6e2654..cc04cf27 100644 --- a/include/ouroboros/cdap.h +++ b/include/ouroboros/cdap.h @@ -31,6 +31,7 @@ #define F_SYNC 0x0001 #define INVALID_CDAP_KEY -1 +#define CDAP_PROTO "CDAP" enum cdap_opcode { CDAP_READ = 0, diff --git a/src/ipcpd/normal/cdap_flow.c b/src/ipcpd/normal/cdap_flow.c index 2895af0d..a94627c2 100644 --- a/src/ipcpd/normal/cdap_flow.c +++ b/src/ipcpd/normal/cdap_flow.c @@ -37,12 +37,9 @@ static void cdap_flow_destroy(struct cdap_flow * flow) if (flow->ci != NULL) cdap_destroy(flow->ci); - if (flow->info != NULL) { - if (flow->info->name != NULL) - free(flow->info->name); - if (flow->info->data != NULL) - free(flow->info->data); + cacep_info_fini(flow->info); + free(flow->info); } free(flow); diff --git a/src/ipcpd/normal/enroll.c b/src/ipcpd/normal/enroll.c index e8c085a8..ce6768fb 100644 --- a/src/ipcpd/normal/enroll.c +++ b/src/ipcpd/normal/enroll.c @@ -26,6 +26,7 @@ #include <ouroboros/dev.h> #include <ouroboros/logs.h> #include <ouroboros/rib.h> +#include <ouroboros/errno.h> #include "ae.h" #include "cdap_flow.h" @@ -43,6 +44,7 @@ int enroll_handle(int fd) { struct cdap_flow * flow; + struct cacep_info info; cdap_key_t key; enum cdap_opcode oc; char * name; @@ -59,13 +61,27 @@ int enroll_handle(int fd) char * members_ro = MEMBERS_PATH; char * dif_ro = DIF_PATH; - flow = cdap_flow_arr(fd, 0, ANONYMOUS_AUTH, NULL); + cacep_info_init(&info); + + info.proto.protocol = strdup(CDAP_PROTO); + if (info.proto.protocol == NULL) { + cacep_info_fini(&info); + return -ENOMEM; + } + + info.proto.pref_version = 1; + info.proto.pref_syntax = PROTO_GPB; + + flow = cdap_flow_arr(fd, 0, ANONYMOUS_AUTH, &info); if (flow == NULL) { log_err("Failed to auth enrollment request."); + cacep_info_fini(&info); flow_dealloc(fd); return -1; } + cacep_info_fini(&info); + while (!(boot_r && members_r && dif_name_r)) { key = cdap_request_wait(flow->ci, &oc, &name, &data, (size_t *) &len , &flags); @@ -140,6 +156,7 @@ int enroll_handle(int fd) int enroll_boot(char * dst_name) { struct cdap_flow * flow; + struct cacep_info info; cdap_key_t key; uint8_t * data; size_t len; @@ -153,12 +170,27 @@ int enroll_boot(char * dst_name) char * members_ro = MEMBERS_PATH; char * dif_ro = DIF_PATH; - flow = cdap_flow_alloc(dst_name, ENROLL_AE, NULL, ANONYMOUS_AUTH, NULL); + cacep_info_init(&info); + + info.proto.protocol = strdup(CDAP_PROTO); + if (info.proto.protocol == NULL) { + cacep_info_fini(&info); + return -ENOMEM; + } + + info.proto.pref_version = 1; + info.proto.pref_syntax = PROTO_GPB; + + flow = cdap_flow_alloc(dst_name, ENROLL_AE, NULL, ANONYMOUS_AUTH, + &info); if (flow == NULL) { log_err("Failed to allocate flow for enrollment request."); + cacep_info_fini(&info); return -1; } + cacep_info_fini(&info); + log_dbg("Getting boot information from %s.", dst_name); clock_gettime(CLOCK_REALTIME, &t0); diff --git a/src/ipcpd/normal/gam.c b/src/ipcpd/normal/gam.c index bc71f0d8..791cf34e 100644 --- a/src/ipcpd/normal/gam.c +++ b/src/ipcpd/normal/gam.c @@ -23,6 +23,7 @@ #define OUROBOROS_PREFIX "graph-adjacency-manager" #include <ouroboros/config.h> +#include <ouroboros/cdap.h> #include <ouroboros/dev.h> #include <ouroboros/logs.h> #include <ouroboros/list.h> @@ -181,32 +182,48 @@ int gam_flow_arr(struct gam * instance, struct cacep_info * rcv_info; struct cacep_info snd_info; - snd_info.name = ipcpi.name; - snd_info.addr = ipcpi.address; - snd_info.data = NULL; - if (flow_alloc_resp(fd, instance->ops->accept_new_flow(instance->ops_o)) < 0) { log_err("Could not respond to new flow."); return -1; } + cacep_info_init(&snd_info); + snd_info.proto.protocol = strdup(CDAP_PROTO); + if (snd_info.proto.protocol == NULL) { + cacep_info_fini(&snd_info); + return -ENOMEM; + } + + snd_info.proto.pref_version = 1; + snd_info.proto.pref_syntax = PROTO_GPB; + snd_info.addr = ipcpi.address; + snd_info.name = strdup(ipcpi.name); + if (snd_info.name == NULL) { + cacep_info_fini(&snd_info); + return -ENOMEM; + } + rcv_info = cacep_auth_wait(fd, SIMPLE_AUTH, &snd_info); if (rcv_info == NULL) { log_err("Other side failed to authenticate."); + cacep_info_fini(&snd_info); return -1; } + cacep_info_fini(&snd_info); + if (instance->ops->accept_flow(instance->ops_o, qs, rcv_info)) { flow_dealloc(fd); - free(rcv_info->name); + cacep_info_fini(rcv_info); free(rcv_info); return 0; } if (add_ga(instance, fd, qs, rcv_info)) { log_err("Failed to add ga to graph adjacency manager list."); - free(rcv_info->name); + flow_dealloc(fd); + cacep_info_fini(rcv_info); free(rcv_info); return -1; } @@ -222,9 +239,7 @@ int gam_flow_alloc(struct gam * instance, struct cacep_info snd_info; int fd; - snd_info.name = ipcpi.name; - snd_info.addr = ipcpi.address; - snd_info.data = NULL; + log_dbg("Allocating flow to %s.", dst_name); fd = flow_alloc(dst_name, instance->ae_name, NULL); if (fd < 0) { @@ -238,22 +253,42 @@ int gam_flow_alloc(struct gam * instance, return -1; } + cacep_info_init(&snd_info); + snd_info.proto.protocol = strdup(CDAP_PROTO); + if (snd_info.proto.protocol == NULL) { + cacep_info_fini(&snd_info); + return -ENOMEM; + } + + snd_info.proto.pref_version = 1; + snd_info.proto.pref_syntax = PROTO_GPB; + snd_info.addr = ipcpi.address; + snd_info.name = strdup(ipcpi.name); + if (snd_info.name == NULL) { + cacep_info_fini(&snd_info); + return -ENOMEM; + } + rcv_info = cacep_auth(fd, SIMPLE_AUTH, &snd_info); if (rcv_info == NULL) { log_err("Other side failed to authenticate."); + cacep_info_fini(&snd_info); return -1; } + cacep_info_fini(&snd_info); + if (instance->ops->accept_flow(instance->ops_o, qs, rcv_info)) { flow_dealloc(fd); - free(rcv_info->name); + cacep_info_fini(rcv_info); free(rcv_info); return 0; } if (add_ga(instance, fd, qs, rcv_info)) { log_err("Failed to add GA to graph adjacency manager list."); - free(rcv_info->name); + flow_dealloc(fd); + cacep_info_fini(rcv_info); free(rcv_info); return -1; } diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt index f823b2d1..fcea0fb2 100644 --- a/src/lib/CMakeLists.txt +++ b/src/lib/CMakeLists.txt @@ -10,6 +10,10 @@ protobuf_generate_c(DIF_CONFIG_PROTO_SRCS DIF_CONFIG_PROTO_HDRS dif_config.proto) protobuf_generate_c(CDAP_PROTO_SRCS CDAP_PROTO_HDRS cdap.proto) protobuf_generate_c(RO_PROTO_SRCS RO_PROTO_HDRS ro.proto) +protobuf_generate_c(CACEP_PROTO_PROTO_SRCS CACEP_CDAP_PROTO_HDRS + pol/cacep_proto.proto) +protobuf_generate_c(CACEP_ANONYMOUS_AUTH_PROTO_SRCS + CACEP_ANONYMOUS_AUTH_PROTO_HDRS pol/cacep_anonymous_auth.proto) protobuf_generate_c(CACEP_SIMPLE_AUTH_PROTO_SRCS CACEP_SIMPLE_AUTH_PROTO_HDRS pol/cacep_simple_auth.proto) @@ -51,12 +55,14 @@ set(SOURCE_FILES time_utils.c utils.c # Add policies last + pol/cacep_proto.c pol/cacep_anonymous_auth.c pol/cacep_simple_auth.c ) add_library(ouroboros SHARED ${SOURCE_FILES} ${IRM_PROTO_SRCS} ${IPCP_PROTO_SRCS} ${DIF_CONFIG_PROTO_SRCS} ${CDAP_PROTO_SRCS} + ${CACEP_PROTO_PROTO_SRCS} ${CACEP_ANONYMOUS_AUTH_PROTO_SRCS} ${CACEP_SIMPLE_AUTH_PROTO_SRCS} ${RO_PROTO_SRCS}) target_link_libraries(ouroboros ${LIBRT_LIBRARIES} diff --git a/src/lib/cacep.c b/src/lib/cacep.c index 3d556d8f..92c028af 100644 --- a/src/lib/cacep.c +++ b/src/lib/cacep.c @@ -36,10 +36,40 @@ #define BUF_SIZE 2048 +int cacep_info_init(struct cacep_info * info) +{ + if (info == NULL) + return -EINVAL; + + info->proto.protocol = NULL; + info->name = NULL; + info->data = NULL; + + return 0; +} + +void cacep_info_fini(struct cacep_info * info) +{ + if (info->proto.protocol != NULL) + free(info->proto.protocol); + if (info->name != NULL) + free(info->name); + if (info->data != NULL) + free(info->data); + + info->name = NULL; + info->data = NULL; +} + struct cacep_info * cacep_auth(int fd, enum pol_cacep pc, const struct cacep_info * info) { + if (info == NULL) { + log_err("No info provided."); + return NULL; + } + switch (pc) { case ANONYMOUS_AUTH: return cacep_anonymous_auth(fd, info); @@ -57,6 +87,11 @@ struct cacep_info * cacep_auth_wait(int fd, enum pol_cacep pc, const struct cacep_info * info) { + if (info == NULL) { + log_err("No info provided."); + return NULL; + } + switch (pc) { case ANONYMOUS_AUTH: return cacep_anonymous_auth_wait(fd, info); diff --git a/src/lib/pol/cacep_anonymous_auth.c b/src/lib/pol/cacep_anonymous_auth.c index d450fdc5..1ad8a533 100644 --- a/src/lib/pol/cacep_anonymous_auth.c +++ b/src/lib/pol/cacep_anonymous_auth.c @@ -24,7 +24,10 @@ #include <ouroboros/config.h> #include <ouroboros/cacep.h> #include <ouroboros/time_utils.h> +#include <ouroboros/dev.h> +#include <ouroboros/errno.h> +#include "cacep_proto.h" #include "cacep_anonymous_auth.h" #include <stdlib.h> @@ -32,6 +35,11 @@ #include <string.h> #include <stdio.h> +#include "cacep_anonymous_auth.pb-c.h" +typedef CacepAnonymousAuthMsg cacep_anonymous_auth_msg_t; +typedef CacepProtoMsg cacep_proto_msg_t; + +#define BUF_SIZE 2048 #define NAME_LEN 8 /* this policy generates a hex string */ @@ -61,21 +69,130 @@ static struct cacep_info * anonymous_info(void) return info; } +static struct cacep_info * read_msg(int fd) +{ + struct cacep_info * tmp; + uint8_t buf[BUF_SIZE]; + cacep_anonymous_auth_msg_t * msg; + ssize_t len; + + len = flow_read(fd, buf, BUF_SIZE); + if (len < 0) + return NULL; + + msg = cacep_anonymous_auth_msg__unpack(NULL, len, buf); + if (msg == NULL) + return NULL; + + tmp = anonymous_info(); + if (tmp == NULL) { + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.protocol = strdup(msg->proto->protocol); + if (tmp->proto.protocol == NULL) { + free(tmp); + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.pref_version = msg->proto->pref_version; + tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); + if (tmp->proto.pref_syntax < 0) { + free(tmp->proto.protocol); + free(tmp); + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + + return tmp; +} + +static int send_msg(int fd, + const struct cacep_info * info) +{ + cacep_anonymous_auth_msg_t msg = CACEP_ANONYMOUS_AUTH_MSG__INIT; + cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; + int ret = 0; + uint8_t * data = NULL; + size_t len = 0; + + cmsg.protocol = info->proto.protocol; + cmsg.pref_version = info->proto.pref_version; + cmsg.pref_syntax = syntax_to_code(info->proto.pref_syntax); + if (cmsg.pref_syntax < 0) + return -1; + + msg.proto = &cmsg; + + len = cacep_anonymous_auth_msg__get_packed_size(&msg); + if (len == 0) + return -1; + + data = malloc(len); + if (data == NULL) + return -ENOMEM; + + cacep_anonymous_auth_msg__pack(&msg, data); + + if (flow_write(fd, data, len) < 0) + ret = -1; + + free(data); + + return ret; +} + struct cacep_info * cacep_anonymous_auth(int fd, const struct cacep_info * info) { - (void) fd; - (void) info; + struct cacep_info * tmp; - return anonymous_info(); + if (send_msg(fd, info)) + return NULL; + + tmp = read_msg(fd); + if (tmp == NULL) + return NULL; + + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + free(tmp); + return NULL; + } + + tmp->data = NULL; + + return tmp; } struct cacep_info * cacep_anonymous_auth_wait(int fd, const struct cacep_info * info) { - (void) fd; - (void) info; + struct cacep_info * tmp; + + tmp = read_msg(fd); + if (tmp == NULL) + return NULL; + + if (send_msg(fd, info)) { + free(tmp); + return NULL; + } + + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + free(tmp); + return NULL; + } + + tmp->data = NULL; - return anonymous_info(); + return tmp; } diff --git a/src/lib/pol/cacep_anonymous_auth.proto b/src/lib/pol/cacep_anonymous_auth.proto new file mode 100644 index 00000000..79734e28 --- /dev/null +++ b/src/lib/pol/cacep_anonymous_auth.proto @@ -0,0 +1,30 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Message for no authentication CACEP policy + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +syntax = "proto2"; + +import "cacep_proto.proto"; + +message cacep_anonymous_auth_msg { + required cacep_proto_msg proto = 1; +}
\ No newline at end of file diff --git a/src/lib/pol/cacep_proto.c b/src/lib/pol/cacep_proto.c new file mode 100644 index 00000000..9990a05a --- /dev/null +++ b/src/lib/pol/cacep_proto.c @@ -0,0 +1,52 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * CACEP - Read/Write Protocol info + * + * Sander Vrijders <[email protected]> + * Dimitri Staessens <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#include "cacep_proto.h" + +enum proto_concrete_syntax code_to_syntax(int code) +{ + switch(code) { + case PROTO_CONCRETE_SYNTAX_CODE__GPB: + return PROTO_GPB; + case PROTO_CONCRETE_SYNTAX_CODE__ASN_1: + return PROTO_ASN_1; + case PROTO_CONCRETE_SYNTAX_CODE__FIXED: + return PROTO_FIXED; + default: + return -1; + } +} + +int syntax_to_code(enum proto_concrete_syntax stx) +{ + switch(stx) { + case PROTO_GPB: + return PROTO_CONCRETE_SYNTAX_CODE__GPB; + case PROTO_ASN_1: + return PROTO_CONCRETE_SYNTAX_CODE__ASN_1; + case PROTO_FIXED: + return PROTO_CONCRETE_SYNTAX_CODE__FIXED; + default: + return -1; + } +} diff --git a/src/lib/pol/cacep_proto.h b/src/lib/pol/cacep_proto.h new file mode 100644 index 00000000..bfb1b247 --- /dev/null +++ b/src/lib/pol/cacep_proto.h @@ -0,0 +1,36 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * CACEP - Convert syntax to msg code and back + * + * Sander Vrijders <[email protected]> + * Dimitri Staessens <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#ifndef OUROBOROS_LIB_CACEP_CDAP_H +#define OUROBOROS_LIB_CACEP_CDAP_H + +#include <ouroboros/cacep.h> +#include <ouroboros/irm_config.h> + +#include "cacep_proto.pb-c.h" + +enum proto_concrete_syntax code_to_syntax(int code); + +int syntax_to_code(enum proto_concrete_syntax stx); + +#endif /* OUROBOROS_LIB_CACEP_CDAP_H */ diff --git a/src/lib/pol/cacep_proto.proto b/src/lib/pol/cacep_proto.proto new file mode 100644 index 00000000..f313bfc1 --- /dev/null +++ b/src/lib/pol/cacep_proto.proto @@ -0,0 +1,38 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Message for setting Protocol information in CACEP + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +syntax = "proto2"; + +enum proto_concrete_syntax_code { + GPB = 1; + ASN_1 = 2; + FIXED = 3; +} + +message cacep_proto_msg { + required string protocol = 1; + required int32 pref_version = 2; + repeated int32 supp_version = 3; + required proto_concrete_syntax_code pref_syntax = 4; + repeated proto_concrete_syntax_code supp_syntax = 5; +} diff --git a/src/lib/pol/cacep_simple_auth.c b/src/lib/pol/cacep_simple_auth.c index 1e052f3d..b24a818b 100644 --- a/src/lib/pol/cacep_simple_auth.c +++ b/src/lib/pol/cacep_simple_auth.c @@ -26,6 +26,7 @@ #include <ouroboros/dev.h> #include <ouroboros/errno.h> +#include "cacep_proto.h" #include "cacep_simple_auth.h" #include <stdlib.h> @@ -33,6 +34,7 @@ #include "cacep_simple_auth.pb-c.h" typedef CacepSimpleAuthMsg cacep_simple_auth_msg_t; +typedef CacepProtoMsg cacep_proto_msg_t; #define BUF_SIZE 2048 @@ -65,6 +67,24 @@ static struct cacep_info * read_msg(int fd) return NULL; } + tmp->proto.protocol = strdup(msg->proto->protocol); + if (tmp->proto.protocol == NULL) { + free(tmp->name); + free(tmp); + cacep_simple_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.pref_version = msg->proto->pref_version; + tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); + if (tmp->proto.pref_syntax < 0) { + free(tmp->proto.protocol); + free(tmp->name); + free(tmp); + cacep_simple_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + cacep_simple_auth_msg__free_unpacked(msg, NULL); return tmp; @@ -73,13 +93,21 @@ static struct cacep_info * read_msg(int fd) static int send_msg(int fd, const struct cacep_info * info) { - cacep_simple_auth_msg_t msg = CACEP_SIMPLE_AUTH_MSG__INIT; - int ret = 0; + cacep_simple_auth_msg_t msg = CACEP_SIMPLE_AUTH_MSG__INIT; + cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; + int ret = 0; uint8_t * data = NULL; - size_t len = 0; + size_t len = 0; - msg.name = info->name; - msg.addr = info->addr; + cmsg.protocol = info->proto.protocol; + cmsg.pref_version = info->proto.pref_version; + cmsg.pref_syntax = syntax_to_code(info->proto.pref_syntax); + if (cmsg.pref_syntax < 0) + return -1; + + msg.proto = &cmsg; + msg.name = info->name; + msg.addr = info->addr; len = cacep_simple_auth_msg__get_packed_size(&msg); if (len == 0) @@ -113,6 +141,13 @@ struct cacep_info * cacep_simple_auth_auth(int fd, if (tmp == NULL) return NULL; + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + free(tmp); + return NULL; + } + return tmp; } @@ -133,5 +168,12 @@ struct cacep_info * cacep_simple_auth_auth_wait(int fd, return NULL; } + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + free(tmp); + return NULL; + } + return tmp; } diff --git a/src/lib/pol/cacep_simple_auth.proto b/src/lib/pol/cacep_simple_auth.proto index d20f8780..1a1e7ea8 100644 --- a/src/lib/pol/cacep_simple_auth.proto +++ b/src/lib/pol/cacep_simple_auth.proto @@ -23,7 +23,10 @@ syntax = "proto2"; +import "cacep_proto.proto"; + message cacep_simple_auth_msg { - required string name = 1; - required uint64 addr = 2; + required cacep_proto_msg proto = 1; + required string name = 2; + required uint64 addr = 3; } |