[2e9455f] | 1 | /** |
---|
| 2 | ** prover_yap.c |
---|
| 3 | ** implement a C prover using the libabac C interface |
---|
| 4 | **/ |
---|
[e95d652] | 5 | |
---|
| 6 | #include <err.h> |
---|
| 7 | #include <stdio.h> |
---|
[da5afdf] | 8 | #include <assert.h> |
---|
[e95d652] | 9 | |
---|
[2e9455f] | 10 | #include "abac.h" |
---|
[e95d652] | 11 | #include "options.h" |
---|
| 12 | |
---|
| 13 | int main(int argc, char **argv) { |
---|
[da5afdf] | 14 | int i, success=0; |
---|
| 15 | abac_credential_t *cred=NULL; |
---|
| 16 | abac_credential_t **credentials=NULL; |
---|
[5110d42] | 17 | abac_id_credential_t *prin=NULL; |
---|
| 18 | abac_id_credential_t **principals=NULL; |
---|
[e95d652] | 19 | options_t opts = { 0, }; |
---|
| 20 | get_options(argc, argv, &opts); |
---|
| 21 | abac_context_t *ctx = abac_context_new(); |
---|
| 22 | abac_context_load_directory(ctx, opts.keystore); |
---|
[646e57e] | 23 | abac_context_set_no_partial_proof(ctx); |
---|
[da5afdf] | 24 | |
---|
| 25 | if(opts.filename) { |
---|
| 26 | FILE *fp=fopen(opts.filename,"w+"); |
---|
| 27 | |
---|
[5110d42] | 28 | credentials = abac_context_credentials(ctx); |
---|
[da5afdf] | 29 | if (credentials != NULL) { |
---|
| 30 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
| 31 | cred = credentials[i]; |
---|
| 32 | abac_print_cred_info(cred,fp); |
---|
| 33 | } |
---|
[2e9455f] | 34 | abac_free_credentials(credentials); |
---|
[da5afdf] | 35 | } |
---|
[5110d42] | 36 | |
---|
| 37 | principals = abac_context_principals(ctx); |
---|
| 38 | if (principals != NULL) { |
---|
| 39 | for (i = 0; principals[i] != NULL; ++i) { |
---|
| 40 | prin = principals[i]; |
---|
| 41 | abac_print_prin_info(prin,fp); |
---|
| 42 | } |
---|
[2e9455f] | 43 | abac_free_principals(principals); |
---|
[5110d42] | 44 | } |
---|
[da5afdf] | 45 | fclose(fp); |
---|
| 46 | return 0; |
---|
| 47 | } |
---|
| 48 | |
---|
[2efdff5] | 49 | if(opts.dbdump) { |
---|
| 50 | show_yap_db("yap db"); |
---|
| 51 | return 0; |
---|
| 52 | } |
---|
| 53 | |
---|
[da5afdf] | 54 | char *query=NULL; |
---|
| 55 | char *with=NULL; |
---|
| 56 | if(opts.role && opts.principal) { |
---|
| 57 | query=opts.role; |
---|
| 58 | with=opts.principal; |
---|
| 59 | } else { |
---|
| 60 | if(opts.oset) { |
---|
| 61 | query=opts.oset; |
---|
[c586a3c] | 62 | } |
---|
| 63 | if(opts.principal) { |
---|
[da5afdf] | 64 | with=opts.principal; |
---|
| 65 | } else if(opts.object) { |
---|
| 66 | with=opts.object; |
---|
[c586a3c] | 67 | } |
---|
| 68 | if(with==NULL || query==NULL) { |
---|
[0d0c3a9] | 69 | puts("prover eeekkk \n"); |
---|
[da5afdf] | 70 | assert(0); |
---|
| 71 | } |
---|
| 72 | } |
---|
[abf8d5d] | 73 | |
---|
[da5afdf] | 74 | credentials = abac_context_query(ctx, |
---|
| 75 | query, with, |
---|
| 76 | &success); |
---|
[e95d652] | 77 | if (success) |
---|
| 78 | puts("prover success!!"); |
---|
[da5afdf] | 79 | else puts("prover failed!!"); |
---|
[e95d652] | 80 | |
---|
[646e57e] | 81 | /* if returning partial, success=0, and credential is not NULL */ |
---|
| 82 | if (credentials != NULL && credentials[0] != NULL) { |
---|
[e95d652] | 83 | puts("credentials needed :"); |
---|
| 84 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
[da5afdf] | 85 | cred = credentials[i]; |
---|
| 86 | abac_print_cred_info(cred,NULL); |
---|
[e95d652] | 87 | } |
---|
[da5afdf] | 88 | } |
---|
| 89 | if(credentials) |
---|
[2e9455f] | 90 | abac_free_credentials(credentials); |
---|
[2efdff5] | 91 | |
---|
[646e57e] | 92 | /** limit at most 2 more fact solution proof **/ |
---|
[abf8d5d] | 93 | if(success && opts.all) { |
---|
| 94 | int n=2; |
---|
| 95 | while(n && success) { |
---|
| 96 | credentials = abac_context_query_again(ctx, &success); |
---|
| 97 | if (success) |
---|
| 98 | puts("another proof!!"); |
---|
| 99 | else puts("no more!!"); |
---|
| 100 | if (credentials != NULL && success) { |
---|
| 101 | puts("credentials needed :"); |
---|
| 102 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
| 103 | cred = credentials[i]; |
---|
| 104 | abac_print_cred_info(cred,NULL); |
---|
| 105 | } |
---|
| 106 | } |
---|
| 107 | if(credentials) |
---|
[2e9455f] | 108 | abac_free_credentials(credentials); |
---|
[abf8d5d] | 109 | n=n-1; |
---|
| 110 | } |
---|
| 111 | } |
---|
| 112 | |
---|
[e95d652] | 113 | abac_context_free(ctx); |
---|
[da5afdf] | 114 | |
---|
[e95d652] | 115 | return 0; |
---|
| 116 | } |
---|