Context Navigation

source: libabac/prover_yap.c @ f89b991

mei_rt2

Last change on this file since f89b991 was 2e9455f, checked in by Mei <mei@…>, 11 years ago
1) added namespace 2) tweak ?This, 3) allowing linking role/oset as constraining conditions 4) adding access_tests regression testing that uses GENI's access policy 5) added couple multi contexts regression tests 6) add compression/uncompression calls to abac_encode_string/abac_decode_string (libstrongwan only allows 512 char for attribute rule storage) 7) add attribute_now option to creddy that takes a whole char string for attribute rule
Property mode set to `100644`
File size: 3.2 KB

Line
1	/**
2	** prover_yap.c
3	** implement a C prover using the libabac C interface
4	**/
5
6	#include <err.h>
7	#include <stdio.h>
8	#include <assert.h>
9
10	#include "abac.h"
11	#include "options.h"
12
13	int main(int argc, char **argv) {
14	int i, success=0;
15	abac_credential_t *cred=NULL;
16	abac_credential_t **credentials=NULL;
17	abac_id_credential_t *prin=NULL;
18	abac_id_credential_t **principals=NULL;
19	options_t opts = { 0, };
20	get_options(argc, argv, &opts);
21	abac_context_t *ctx = abac_context_new();
22	abac_context_load_directory(ctx, opts.keystore);
23	abac_context_set_no_partial_proof(ctx);
24
25	if(opts.filename) {
26	FILE *fp=fopen(opts.filename,"w+");
27
28	credentials = abac_context_credentials(ctx);
29	if (credentials != NULL) {
30	for (i = 0; credentials[i] != NULL; ++i) {
31	cred = credentials[i];
32	abac_print_cred_info(cred,fp);
33	}
34	abac_free_credentials(credentials);
35	}
36
37	principals = abac_context_principals(ctx);
38	if (principals != NULL) {
39	for (i = 0; principals[i] != NULL; ++i) {
40	prin = principals[i];
41	abac_print_prin_info(prin,fp);
42	}
43	abac_free_principals(principals);
44	}
45	fclose(fp);
46	return 0;
47	}
48
49	if(opts.dbdump) {
50	show_yap_db("yap db");
51	return 0;
52	}
53
54	char *query=NULL;
55	char *with=NULL;
56	if(opts.role && opts.principal) {
57	query=opts.role;
58	with=opts.principal;
59	} else {
60	if(opts.oset) {
61	query=opts.oset;
62	}
63	if(opts.principal) {
64	with=opts.principal;
65	} else if(opts.object) {
66	with=opts.object;
67	}
68	if(with==NULL \|\| query==NULL) {
69	puts("prover eeekkk \n");
70	assert(0);
71	}
72	}
73
74	credentials = abac_context_query(ctx,
75	query, with,
76	&success);
77	if (success)
78	puts("prover success!!");
79	else puts("prover failed!!");
80
81	/* if returning partial, success=0, and credential is not NULL */
82	if (credentials != NULL && credentials[0] != NULL) {
83	puts("credentials needed :");
84	for (i = 0; credentials[i] != NULL; ++i) {
85	cred = credentials[i];
86	abac_print_cred_info(cred,NULL);
87	}
88	}
89	if(credentials)
90	abac_free_credentials(credentials);
91
92	/ limit at most 2 more fact solution proof /
93	if(success && opts.all) {
94	int n=2;
95	while(n && success) {
96	credentials = abac_context_query_again(ctx, &success);
97	if (success)
98	puts("another proof!!");
99	else puts("no more!!");
100	if (credentials != NULL && success) {
101	puts("credentials needed :");
102	for (i = 0; credentials[i] != NULL; ++i) {
103	cred = credentials[i];
104	abac_print_cred_info(cred,NULL);
105	}
106	}
107	if(credentials)
108	abac_free_credentials(credentials);
109	n=n-1;
110	}
111	}
112
113	abac_context_free(ctx);
114
115	return 0;
116	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: