Changeset 5d06689 for libabac/abac_verifier.c

Timestamp:

05/24/12 16:23:21 (12 months ago)

Author:

Mei <mei@…>

Branches:

mei_rt2, mei_rt2_fix_1

Children:

7211a95

Parents:

6e8997e

git-author:

Mei <mei@…> (05/24/12 16:23:21)

git-committer:

Mei <mei@…> (05/24/12 16:23:21)

Message:

1) modify abac.hh and added abac_c.c to unify the c and c++ api

interface (almost)

2) add new API
3) tweak the tests
4) filling missing code for abac_verifier_load_attribute_cert_attribute

File:

• libabac/abac_verifier.c (modified) (6 diffs)

libabac/abac_verifier.c

@@ -27 +27 @@
 
 static int debug=0;
+ 
+/* from abac_attribute.c */
+extern char *get_cred_encoding(abac_attribute_t *ptr);
 
 extern abac_aspect_t *abac_yy_get_rule_head_aspect();
@@ -34 +37 @@
 extern void abac_yy_free_rule_clauses();
 extern char *generate_pl_type_clause(char *, int);
+extern abac_list_t *generate_pl_clauses(abac_aspect_t *, abac_aspect_t *);
 
 extern void abac_print_aspect_string_with_condition(abac_aspect_t *role, FILE*);
@@ -665 +669 @@
 /****************************************************************************/
 
-static int _verify_valid_credential(certificate_t *cert,
+static int _verify_valid_credential_string(certificate_t *cert,
 abac_credential_t **cred_ret, char *encoded_attr_string)
 {
@@ -738 +742 @@
  * Returns true only if the certificate is valid and is issued by the proper
  * authority.
+ * attribute string is parsed via yyparse call
  */
 static int _load_attribute_cert(certificate_t *cert, abac_credential_t **cred_ret) {
@@ -771 +776 @@
     }
 
-    ret=_verify_valid_credential(cert,cred_ret,encoded_attr_string);
+    ret=_verify_valid_credential_string(cert,cred_ret,encoded_attr_string);
 
     if(ret != ABAC_CERT_SUCCESS) {
@@ -790 +795 @@
 /**
  * Load an attribute cert from a abac_attribute_t.
- */
-int abac_verifier_load_attribute_cert_attribute(abac_attribute_t *attr, abac_credential_t **cred) {
-    // load the cert
-    certificate_t *cert = abac_attribute_cert(attr);
-    if (cert == NULL)
-        return ABAC_CERT_INVALID;
-   
-    // XXX need to skip the parsing part 
-    return _load_attribute_cert(cert, cred);
+ * attr should be all checked out before arriving here
+ */
+int abac_verifier_load_attribute_cert_attribute(abac_attribute_t *ptr, abac_credential_t **cred_ret) {
+    // get the attr
+    abac_aspect_t *head=abac_attribute_head(ptr);
+    abac_aspect_t *tail=abac_attribute_tail(ptr);
+
+    // preprocess for constraint part
+    preprocess_pl_head(head);
+    preprocess_pl_tail(tail);
+
+/* XXX collect up type clauses, constraint clauses and
+   generate rule clauses */
+    abac_list_t *clauses=generate_pl_clauses(head,tail);
+    char *encoded_attr_string=get_cred_encoding(ptr);
+
+    abac_credential_t *cred = abac_xmalloc(sizeof(abac_credential_t));
+    cred->hashkeyid=abac_xstrdup(encoded_attr_string);
+    cred->attr=abac_attribute_dup(ptr);
+    cred->pl_clauses = clauses;
+    *cred_ret = cred;
+
+    // success, add the key to the map of certificates
+    HASH_ADD_KEYPTR(hh, attr_creds, cred->hashkeyid, strlen(cred->hashkeyid), cred);
+
+    assert(attr_hashkeyid_list);
+    abac_list_add(attr_hashkeyid_list, abac_xstrdup(cred->hashkeyid));
+    return ABAC_CERT_SUCCESS;
 }