1 | |
---|
2 | #include <err.h> |
---|
3 | #include <stdio.h> |
---|
4 | #include <assert.h> |
---|
5 | |
---|
6 | |
---|
7 | #include "abac_internal.h" |
---|
8 | |
---|
9 | #include "options.h" |
---|
10 | |
---|
11 | extern void abac_print_cred_info(abac_credential_t*, FILE*); |
---|
12 | extern void abac_print_prin_info(abac_id_credential_t*, FILE*); |
---|
13 | |
---|
14 | int main(int argc, char **argv) { |
---|
15 | int i, success=0; |
---|
16 | abac_credential_t *cred=NULL; |
---|
17 | abac_credential_t **credentials=NULL; |
---|
18 | abac_id_credential_t *prin=NULL; |
---|
19 | abac_id_credential_t **principals=NULL; |
---|
20 | options_t opts = { 0, }; |
---|
21 | get_options(argc, argv, &opts); |
---|
22 | abac_context_t *ctx = abac_context_new(); |
---|
23 | abac_context_load_directory(ctx, opts.keystore); |
---|
24 | abac_context_set_no_partial_proof(ctx); |
---|
25 | |
---|
26 | if(opts.filename) { |
---|
27 | FILE *fp=fopen(opts.filename,"w+"); |
---|
28 | |
---|
29 | credentials = abac_context_credentials(ctx); |
---|
30 | if (credentials != NULL) { |
---|
31 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
32 | cred = credentials[i]; |
---|
33 | abac_print_cred_info(cred,fp); |
---|
34 | } |
---|
35 | abac_context_credentials_free(credentials); |
---|
36 | } |
---|
37 | |
---|
38 | principals = abac_context_principals(ctx); |
---|
39 | if (principals != NULL) { |
---|
40 | for (i = 0; principals[i] != NULL; ++i) { |
---|
41 | prin = principals[i]; |
---|
42 | abac_print_prin_info(prin,fp); |
---|
43 | } |
---|
44 | abac_context_principals_free(principals); |
---|
45 | } |
---|
46 | fclose(fp); |
---|
47 | return 0; |
---|
48 | } |
---|
49 | |
---|
50 | if(opts.dbdump) { |
---|
51 | show_yap_db("yap db"); |
---|
52 | return 0; |
---|
53 | } |
---|
54 | |
---|
55 | char *query=NULL; |
---|
56 | char *with=NULL; |
---|
57 | if(opts.role && opts.principal) { |
---|
58 | query=opts.role; |
---|
59 | with=opts.principal; |
---|
60 | } else { |
---|
61 | if(opts.oset) { |
---|
62 | query=opts.oset; |
---|
63 | } |
---|
64 | if(opts.principal) { |
---|
65 | with=opts.principal; |
---|
66 | } else if(opts.object) { |
---|
67 | with=opts.object; |
---|
68 | } |
---|
69 | if(with==NULL || query==NULL) { |
---|
70 | puts("prover eeekkk \n"); |
---|
71 | assert(0); |
---|
72 | } |
---|
73 | } |
---|
74 | |
---|
75 | credentials = abac_context_query(ctx, |
---|
76 | query, with, |
---|
77 | &success); |
---|
78 | if (success) |
---|
79 | puts("prover success!!"); |
---|
80 | else puts("prover failed!!"); |
---|
81 | |
---|
82 | /* if returning partial, success=0, and credential is not NULL */ |
---|
83 | if (credentials != NULL && credentials[0] != NULL) { |
---|
84 | puts("credentials needed :"); |
---|
85 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
86 | cred = credentials[i]; |
---|
87 | abac_print_cred_info(cred,NULL); |
---|
88 | } |
---|
89 | } |
---|
90 | if(credentials) |
---|
91 | abac_context_credentials_free(credentials); |
---|
92 | |
---|
93 | /** limit at most 2 more fact solution proof **/ |
---|
94 | if(success && opts.all) { |
---|
95 | int n=2; |
---|
96 | while(n && success) { |
---|
97 | credentials = abac_context_query_again(ctx, &success); |
---|
98 | if (success) |
---|
99 | puts("another proof!!"); |
---|
100 | else puts("no more!!"); |
---|
101 | if (credentials != NULL && success) { |
---|
102 | puts("credentials needed :"); |
---|
103 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
104 | cred = credentials[i]; |
---|
105 | abac_print_cred_info(cred,NULL); |
---|
106 | } |
---|
107 | } |
---|
108 | if(credentials) |
---|
109 | abac_context_credentials_free(credentials); |
---|
110 | n=n-1; |
---|
111 | } |
---|
112 | } |
---|
113 | |
---|
114 | abac_context_free(ctx); |
---|
115 | |
---|
116 | return 0; |
---|
117 | } |
---|