abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
|
Last change
on this file since 461541a was
461541a,
checked in by Mei <mei@…>, 11 years ago
|
|
1) updated original rt0 to remove libstrongswan dependency
a) identity credential being made/accessed with openssl api calls
(X509/EVP_PKEY pem)
b) attribute credential being made/access via xmlsec1 (custom XML
structure)
2) refactored libcreddy into libabac and now one ABAC namespace for
libabac
3) added attribute_rule suboption to creddy's attribute as another way
to insert access rule
4) added some regression tests into example directory
5) updated some docs.
|
-
Property mode set to
100644
|
|
File size:
1.6 KB
|
| Line | |
|---|
| 1 | #include <err.h> |
|---|
| 2 | #include <stdio.h> |
|---|
| 3 | |
|---|
| 4 | #include <abac.h> |
|---|
| 5 | |
|---|
| 6 | #include "options.h" |
|---|
| 7 | |
|---|
| 8 | int main(int argc, char **argv) { |
|---|
| 9 | int i, success; |
|---|
| 10 | abac_credential_t *cred; |
|---|
| 11 | |
|---|
| 12 | options_t opts = { 0, }; |
|---|
| 13 | get_options(argc, argv, &opts); |
|---|
| 14 | |
|---|
| 15 | abac_context_t *ctx = abac_context_new(); |
|---|
| 16 | abac_context_load_directory(ctx, opts.keystore); |
|---|
| 17 | |
|---|
| 18 | if(opts.rulefile) { |
|---|
| 19 | FILE *fp=fopen(opts.rulefile,"w+"); |
|---|
| 20 | if(fp) { |
|---|
| 21 | abac_credential_t **credentials = abac_context_credentials(ctx); |
|---|
| 22 | if (credentials != NULL) |
|---|
| 23 | for (i = 0; credentials[i] != NULL; ++i) { |
|---|
| 24 | cred = credentials[i]; |
|---|
| 25 | fprintf(fp,"%s <- %s\n", |
|---|
| 26 | abac_role_string(abac_credential_head(cred)), |
|---|
| 27 | abac_role_string(abac_credential_tail(cred)) |
|---|
| 28 | ); |
|---|
| 29 | } |
|---|
| 30 | abac_context_credentials_free(credentials); |
|---|
| 31 | fclose(fp); |
|---|
| 32 | } |
|---|
| 33 | } |
|---|
| 34 | |
|---|
| 35 | abac_credential_t **credentials = abac_context_query(ctx, |
|---|
| 36 | opts.role, opts.principal, |
|---|
| 37 | &success |
|---|
| 38 | ); |
|---|
| 39 | |
|---|
| 40 | if (success) |
|---|
| 41 | puts("success"); |
|---|
| 42 | else |
|---|
| 43 | puts("fail, here's a partial proof"); |
|---|
| 44 | |
|---|
| 45 | if (credentials != NULL) |
|---|
| 46 | for (i = 0; credentials[i] != NULL; ++i) { |
|---|
| 47 | cred = credentials[i]; |
|---|
| 48 | printf("credential %s <- %s\n", |
|---|
| 49 | abac_role_string(abac_credential_head(cred)), |
|---|
| 50 | abac_role_string(abac_credential_tail(cred)) |
|---|
| 51 | ); |
|---|
| 52 | } |
|---|
| 53 | |
|---|
| 54 | abac_context_credentials_free(credentials); |
|---|
| 55 | |
|---|
| 56 | abac_context_free(ctx); |
|---|
| 57 | |
|---|
| 58 | return 0; |
|---|
| 59 | } |
|---|
Note: See
TracBrowser
for help on using the repository browser.
