geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Made changes to deal with issues found during self-code review.

Browse Source 
Added lock callback functionality for interfacing with OpenSSL
in a multi-threaded environment.
This commit is contained in:
Juan Carlos Luciani 2006-11-30 18:21:42 +00:00
parent a522f9d982
commit 1974ee9875
28 changed files with 1196 additions and 548 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CASA-auth-token/client/lib/authmech.c
View File

@ -57,8 +57,8 @@ LIST_ENTRY g_authMechModuleListHead = {&g_authMechModuleListHead,
static
CasaStatus
GetAuthTokenIf(
IN const char *pAuthTypeName,
INOUT AuthTokenIf **ppAuthTokenIf)
IN const char *pAuthTypeName,
INOUT AuthTokenIf **ppAuthTokenIf)
//
// Arguments:
//

153
CASA-auth-token/client/lib/authmsg.c
View File

@ -61,6 +61,10 @@ typedef struct _AuthRespParse
XML_Parser p;
int state;
int elementDataProcessed;
char *pStatusData;
int statusDataLen;
char *pLifetimeData;
int lifetimeDataLen;
AuthenticateResp *pAuthenticateResp;
CasaStatus status;
@ -218,7 +222,7 @@ AuthRespStartElementHandler(
}
else
{
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -233,7 +237,7 @@ AuthRespStartElementHandler(
}
else
{
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -248,7 +252,7 @@ AuthRespStartElementHandler(
}
else
{
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -263,7 +267,7 @@ AuthRespStartElementHandler(
}
else
{
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -278,7 +282,7 @@ AuthRespStartElementHandler(
}
else
{
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -401,6 +405,8 @@ AuthRespCharDataHandler(
// L2
//=======================================================================--
{
CasaStatus status;
DbgTrace(2, "-AuthRespCharDataHandler- Start\n", 0);
// Just exit if being called to process white space
@ -423,68 +429,64 @@ AuthRespCharDataHandler(
break;
case AWAITING_STATUS_DATA:
case AWAITING_STATUS_ELEMENT_END:
// Set the appropriate status in the AuthenticationResp based on the
// returned status.
if (strncmp(HTTP_OK_STATUS_CODE, s, len) == 0)
// Consume the data
status = ConsumeElementData(pAuthRespParse,
s,
len,
&pAuthRespParse->pStatusData,
&pAuthRespParse->statusDataLen);
if (CASA_SUCCESS(status))
{
pAuthRespParse->status = CASA_STATUS_SUCCESS;
}
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE, s, len) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_CONFIGURATION_ERROR);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_SERVER_ERROR);
// Advanced to the next state
pAuthRespParse->state = AWAITING_STATUS_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthRespCharDataHandler- Un-expected status\n", 0);
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
pAuthRespParse->status = status;
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
// Advanced to the next state
pAuthRespParse->state = AWAITING_STATUS_ELEMENT_END;
break;
case AWAITING_LIFETIME_DATA:
case AWAITING_LIFETIME_ELEMENT_END:
// Convert the lifetime string to a numeric value
pAuthRespParse->pAuthenticateResp->tokenLifetime = dtoul(s, len);
// Advanced to the next state
pAuthRespParse->state = AWAITING_LIFETIME_ELEMENT_END;
// Consume the data
status = ConsumeElementData(pAuthRespParse,
s,
len,
&pAuthRespParse->pLifetimeData,
&pAuthRespParse->lifetimeDataLen);
if (CASA_SUCCESS(status))
{
// Advanced to the next state
pAuthRespParse->state = AWAITING_LIFETIME_ELEMENT_END;
}
else
{
pAuthRespParse->status = status;
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
case AWAITING_SESSION_TOKEN_DATA:
case AWAITING_SESSION_TOKEN_ELEMENT_END:
// Consume the data
pAuthRespParse->status = ConsumeElementData(pAuthRespParse,
s,
len,
&pAuthRespParse->pAuthenticateResp->pToken,
&pAuthRespParse->pAuthenticateResp->tokenLen);
if (CASA_SUCCESS(pAuthRespParse->status))
status = ConsumeElementData(pAuthRespParse,
s,
len,
&pAuthRespParse->pAuthenticateResp->pToken,
&pAuthRespParse->pAuthenticateResp->tokenLen);
if (CASA_SUCCESS(status))
{
// Advanced to the next state
pAuthRespParse->state = AWAITING_SESSION_TOKEN_ELEMENT_END;
}
else
{
pAuthRespParse->status = status;
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -535,7 +537,7 @@ AuthRespEndElementHandler(
}
else
{
DbgTrace(0, "-AuthRespEndHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthRespEndHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -550,7 +552,7 @@ AuthRespEndElementHandler(
}
else
{
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -560,11 +562,51 @@ AuthRespEndElementHandler(
// In this state, we are only expecting the Status Element.
if (strcmp(name, STATUS_ELEMENT_NAME) == 0)
{
// Set the appropriate status in the AuthenticationResp based on the returned status data
if (strncmp(HTTP_OK_STATUS_CODE,
pAuthRespParse->pStatusData,
pAuthRespParse->statusDataLen) == 0)
{
pAuthRespParse->status = CASA_STATUS_SUCCESS;
}
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE,
pAuthRespParse->pStatusData,
pAuthRespParse->statusDataLen) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE,
pAuthRespParse->pStatusData,
pAuthRespParse->statusDataLen) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_CONFIGURATION_ERROR);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE,
pAuthRespParse->pStatusData,
pAuthRespParse->statusDataLen) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_SERVER_ERROR);
}
else
{
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected status\n", 0);
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Good, advance to the next state based on the status code.
if (CASA_SUCCESS(pAuthRespParse->status))
{
// The request completed successfully
pAuthRespParse->state = AWAITING_SESSION_TOKEN_ELEMENT_START;
}
else
{
@ -573,7 +615,7 @@ AuthRespEndElementHandler(
}
else
{
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -583,12 +625,16 @@ AuthRespEndElementHandler(
// In this state, we are only expecting the Lifetime Element.
if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0)
{
// Convert the lifetime string to a numeric value
pAuthRespParse->pAuthenticateResp->tokenLifetime = dtoul(pAuthRespParse->pLifetimeData,
pAuthRespParse->lifetimeDataLen);
// Good, advance to the next state.
pAuthRespParse->state = AWAITING_SESSION_TOKEN_DATA;
}
else
{
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -603,7 +649,7 @@ AuthRespEndElementHandler(
}
else
{
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -736,6 +782,13 @@ CreateAuthenticateResp(
// Free the parser
XML_ParserFree(p);
// Free any buffers associated with the parse
if (authRespParse.pStatusData)
free(authRespParse.pStatusData);
if (authRespParse.pLifetimeData)
free(authRespParse.pLifetimeData);
}
else
{

14
CASA-auth-token/client/lib/authpolicy.c
View File

@ -103,7 +103,7 @@ AuthPolicyStartElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
@ -137,7 +137,7 @@ AuthPolicyStartElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
@ -448,7 +448,7 @@ AuthPolicyEndElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
@ -464,7 +464,7 @@ AuthPolicyEndElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyEndHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthPolicyEndHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
@ -479,7 +479,7 @@ AuthPolicyEndElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
@ -494,7 +494,7 @@ AuthPolicyEndElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
@ -533,7 +533,7 @@ AuthPolicyEndElementHandler(
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;

4
CASA-auth-token/client/lib/cache.c
View File

@ -18,7 +18,8 @@
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
* Authors: Juan Carlos Luciani <jluciani@novell.com>
* Todd Throne <tthrone@novell.com>
*
***********************************************************************/
@ -113,7 +114,6 @@ CreateAuthTokenCacheEntry(
keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2;
pKey = malloc(keySize);
if (pKey)
{
strncpy(pKey, pCacheKey, keySize);

138
CASA-auth-token/client/lib/config.c
View File

@ -208,7 +208,8 @@ LowerCaseString(
//
// Abstract:
//
// Notes:
// Notes: Function assumes that the caller has made sure that the destination
// string buffer has enough space to receive the resulting string.
//
// L2
//=======================================================================--
@ -448,7 +449,7 @@ GetConfigInterface(
//=======================================================================--
{
int configFolderLen = (int) strlen(pConfigFolder);
int configNameLen = (int)strlen(pConfigName);
int configNameLen = (int) strlen(pConfigName);
ConfigIfInstance *pConfigIfInstance;
LIST_ENTRY *pListEntry;
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
@ -490,7 +491,7 @@ GetConfigInterface(
char *pFilePath;
// Build a string containing the configuration file path
pFilePath = (char*) malloc(configFolderLen + 1 + configNameLen + sizeof(".conf"));
pFilePath = (char*) malloc(configFolderLen + 1 + configNameLen + sizeof(".conf") + 1);
if (pFilePath)
{
FILE *pConfigFile;
@ -546,90 +547,100 @@ GetConfigInterface(
// Now update the instance data with the information present in the file
if (fseek(pConfigFile, 0, SEEK_SET) == 0)
{
char line[512];
while (fgets(line, sizeof(line), pConfigFile) != NULL)
#define MAX_LINE_LEN 1024
char *pLine = (char*) malloc(MAX_LINE_LEN);
if (pLine)
{
int lineLength;
RemoveWhiteSpaceFromTheEnd(line);
lineLength = (int) strlen(line);
if (lineLength != 0)
while (fgets(pLine, MAX_LINE_LEN, pConfigFile) != NULL)
{
char *pKey;
char *pKeyEnd;
char *pValue;
ConfigKey *pConfigKey;
int lineLength;
// Attempt to find the key
pKey = SkipWhiteSpace(line);
RemoveWhiteSpaceFromTheEnd(pLine);
// Make sure that we are not dealing with an empty line or a comment
if (*pKey == '\0' || *pKey == '#')
continue;
// Go past the key
pKeyEnd = SkipNonWhiteSpace(pKey);
// Protect against a malformed line
if (*pKeyEnd == '\0')
lineLength = (int) strlen(pLine);
if (lineLength != 0)
{
DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0);
continue;
}
char *pKey;
char *pKeyEnd;
char *pValue;
ConfigKey *pConfigKey;
// Attempt to find the value
pValue = SkipWhiteSpace(pKeyEnd);
// Attempt to find the key
pKey = SkipWhiteSpace(pLine);
// Protect against a malformed line
if (*pValue == '\0')
{
DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0);
continue;
}
// Make sure that we are not dealing with an empty line or a comment
if (*pKey == '\0' || *pKey == '#')
continue;
// Delineate the key
*pKeyEnd = '\0';
// Go past the key
pKeyEnd = SkipNonWhiteSpace(pKey);
// Create a ConfigKey object for this key/value pair
pConfigKey = (ConfigKey*) malloc(sizeof(*pConfigKey));
if (pConfigKey)
{
pConfigKey->keyNameLen = (int) strlen(pKey);
pConfigKey->pKeyName = (char*) malloc(pConfigKey->keyNameLen + 1);
if (pConfigKey->pKeyName)
// Protect against a malformed line
if (*pKeyEnd == '\0')
{
// Save the key name in lower case
LowerCaseString(pConfigKey->pKeyName, pKey);
DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0);
continue;
}
pConfigKey->valueLen = (int) strlen(pValue);
pConfigKey->pValue = (char*) malloc(pConfigKey->valueLen + 1);
if (pConfigKey->pValue)
// Attempt to find the value
pValue = SkipWhiteSpace(pKeyEnd);
// Protect against a malformed line
if (*pValue == '\0')
{
DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0);
continue;
}
// Delineate the key
*pKeyEnd = '\0';
// Create a ConfigKey object for this key/value pair
pConfigKey = (ConfigKey*) malloc(sizeof(*pConfigKey));
if (pConfigKey)
{
pConfigKey->keyNameLen = (int) strlen(pKey);
pConfigKey->pKeyName = (char*) malloc(pConfigKey->keyNameLen + 1);
if (pConfigKey->pKeyName)
{
strcpy(pConfigKey->pValue, pValue);
// Save the key name in lower case
LowerCaseString(pConfigKey->pKeyName, pKey);
// The entry is ready, now associate it with the instance data.
InsertTailList(&pConfigIfInstance->configKeyListHead, &pConfigKey->listEntry);
pConfigKey->valueLen = (int) strlen(pValue);
pConfigKey->pValue = (char*) malloc(pConfigKey->valueLen + 1);
if (pConfigKey->pValue)
{
strcpy(pConfigKey->pValue, pValue);
// The entry is ready, now associate it with the instance data.
InsertTailList(&pConfigIfInstance->configKeyListHead, &pConfigKey->listEntry);
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
free(pConfigKey->pKeyName);
free(pConfigKey);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
free(pConfigKey->pKeyName);
free(pConfigKey);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
free(pConfigKey);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
}
}
// Free the buffer allocated for holding line strings
free(pLine);
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
}
}
else
@ -667,6 +678,9 @@ GetConfigInterface(
DbgTrace(0, "-GetConfigInterface- Unable to open config file, errno = %d\n", errno);
DbgTrace(0, "-GetConfigInterface- Config file unable to open = %s\n", pFilePath);
}
// Free the buffer allocated for the file path
free(pFilePath);
}
else
{
@ -682,5 +696,5 @@ GetConfigInterface(
//++=======================================================================
//++=======================================================================
//++=======================================================================
//++=======================================================================

129
CASA-auth-token/client/lib/engine.c
View File

@ -108,7 +108,7 @@ ObtainSessionToken(
}
else
{
// Free the entry
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
}
}
@ -153,82 +153,82 @@ ObtainSessionToken(
continue;
}
// Authenticate to the ATS
pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken);
if (pReqMsg)
{
// Issue rpc
retStatus = Rpc(pRpcSession,
"Authenticate",
g_rpcFlags,
pReqMsg,
&pRespMsg,
&respLen);
if (CASA_SUCCESS(retStatus))
// Authenticate to the ATS
pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken);
if (pReqMsg)
{
AuthenticateResp *pAuthenticateResp;
// Create Authenticate response object
retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp);
// Issue rpc
retStatus = Rpc(pRpcSession,
"Authenticate",
g_rpcFlags,
pReqMsg,
&pRespMsg,
&respLen);
if (CASA_SUCCESS(retStatus))
{
// Return the auth token to the caller
pCacheEntry = CreateSessionTokenCacheEntry(pAuthContext->pContext,
retStatus,
pAuthenticateResp->pToken,
pAuthenticateResp->tokenLifetime,
pCredStoreScope);
pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer
// Free the Authenticate response object
RelAuthenticateResp(pAuthenticateResp);
AuthenticateResp *pAuthenticateResp;
// Create Authenticate response object
retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp);
if (CASA_SUCCESS(retStatus))
{
// Return the auth token to the caller
pCacheEntry = CreateSessionTokenCacheEntry(pAuthContext->pContext,
retStatus,
pAuthenticateResp->pToken,
pAuthenticateResp->tokenLifetime,
pCredStoreScope);
pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer
// Free the Authenticate response object
RelAuthenticateResp(pAuthenticateResp);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus);
}
// Free resources that may be hanging around
if (pRespMsg)
free(pRespMsg);
free(pReqMsg);
}
else
{
DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus);
DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Free resources that may be hanging around
if (pRespMsg)
free(pRespMsg);
free(pReqMsg);
}
else
{
DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Add the entry to the cache if successful or if the reason that we failed
// was because the server was unavailable.
if (CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
pCacheEntry = CreateSessionTokenCacheEntry(pAuthContext->pContext,
retStatus,
NULL,
DEFAULT_RETRY_LIFETIME,
pCredStoreScope);
}
// Release the cache entry if the resulting status is not successful
if (!CASA_SUCCESS(retStatus))
{
FreeAuthCacheEntry(pCacheEntry);
}
// Add the entry to the cache if successful or if the reason that we failed
// was because the server was unavailable.
if (CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
pCacheEntry = CreateSessionTokenCacheEntry(pAuthContext->pContext,
retStatus,
NULL,
DEFAULT_RETRY_LIFETIME,
pCredStoreScope);
}
// Release the cache entry if the resulting status is not successful
if (!CASA_SUCCESS(retStatus))
{
FreeAuthCacheEntry(pCacheEntry);
}
// Free up the buffer associated with the authentication mechanism token
free(pAuthMechToken);
}
else
{
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
}
// Advance to the next entry
@ -564,7 +564,7 @@ ObtainAuthTokenInt(
if (pCacheEntry == NULL)
{
// Initialize to retry in case of failure
int cacheEntryLifetime = DEFAULT_RETRY_LIFETIME;
int cacheEntryLifetime = DEFAULT_RETRY_LIFETIME;
// Cache entry created, now try to obtain auth token from the CASA Server
retStatus = ObtainAuthTokenFromServer(pServiceName,
@ -782,9 +782,6 @@ InitializeLibrary(void)
if (stricmp(pDisableSecureConnections, "true") == 0)
{
g_rpcFlags &= ~SECURE_RPC_FLAG;
// Change the default ATS port to 80 from 443
g_ATSPort = 80;
}
else if (stricmp(pDisableSecureConnections, "false") == 0)
{

118
CASA-auth-token/client/lib/getpolicymsg.c
View File

@ -56,6 +56,8 @@ typedef struct _GetAuthPolicyRespParse
XML_Parser p;
int state;
int elementDataProcessed;
char *pStatusData;
int statusDataLen;
GetAuthPolicyResp *pGetAuthPolicyResp;
CasaStatus status;
@ -199,7 +201,7 @@ GetAuthPolicyRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -214,7 +216,7 @@ GetAuthPolicyRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -229,7 +231,7 @@ GetAuthPolicyRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -244,7 +246,7 @@ GetAuthPolicyRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -367,6 +369,8 @@ GetAuthPolicyRespCharDataHandler(
// L2
//=======================================================================--
{
CasaStatus status;
DbgTrace(2, "-GetAuthPolicyRespCharDataHandler- Start\n", 0);
// Just exit if being called to process white space
@ -389,58 +393,42 @@ GetAuthPolicyRespCharDataHandler(
break;
case AWAITING_STATUS_DATA:
case AWAITING_STATUS_ELEMENT_END:
// Set the appropriate status in the AuthenticationResp based on the
// returned status.
if (strncmp(HTTP_OK_STATUS_CODE, s, len) == 0)
// Consume the data
status = ConsumeElementData(pGetAuthPolicyRespParse,
s,
len,
&pGetAuthPolicyRespParse->pStatusData,
&pGetAuthPolicyRespParse->statusDataLen);
if (CASA_SUCCESS(status))
{
pGetAuthPolicyRespParse->status = CASA_STATUS_SUCCESS;
}
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE, s, len) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_NOT_CONFIGURED);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_SERVER_ERROR);
// Advanced to the next state
pGetAuthPolicyRespParse->state = AWAITING_STATUS_ELEMENT_END;
}
else
{
DbgTrace(0, "-GetAuthPolicyRespCharDataHandler- Un-expected status\n", 0);
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
pGetAuthPolicyRespParse->status = status;
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
// Advanced to the next state
pGetAuthPolicyRespParse->state = AWAITING_STATUS_ELEMENT_END;
break;
case AWAITING_AUTH_POLICY_DATA:
case AWAITING_AUTH_POLICY_ELEMENT_END:
pGetAuthPolicyRespParse->status = ConsumeElementData(pGetAuthPolicyRespParse,
s,
len,
&pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy,
&pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen);
if (CASA_SUCCESS(pGetAuthPolicyRespParse->status))
status = ConsumeElementData(pGetAuthPolicyRespParse,
s,
len,
&pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy,
&pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen);
if (CASA_SUCCESS(status))
{
// Advanced to the next state
pGetAuthPolicyRespParse->state = AWAITING_AUTH_POLICY_ELEMENT_END;
}
else
{
pGetAuthPolicyRespParse->status = status;
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -491,7 +479,7 @@ GetAuthPolicyRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespEndHandler- Un-expected end element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespEndHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -506,7 +494,7 @@ GetAuthPolicyRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -516,6 +504,45 @@ GetAuthPolicyRespEndElementHandler(
// In this state, we are only expecting the Status Element.
if (strcmp(name, STATUS_ELEMENT_NAME) == 0)
{
// Set the appropriate status in the GetAuthPolicyResp based on the returned status data
if (strncmp(HTTP_OK_STATUS_CODE,
pGetAuthPolicyRespParse->pStatusData,
pGetAuthPolicyRespParse->statusDataLen) == 0)
{
pGetAuthPolicyRespParse->status = CASA_STATUS_SUCCESS;
}
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE,
pGetAuthPolicyRespParse->pStatusData,
pGetAuthPolicyRespParse->statusDataLen) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE,
pGetAuthPolicyRespParse->pStatusData,
pGetAuthPolicyRespParse->statusDataLen) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_NOT_CONFIGURED);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE,
pGetAuthPolicyRespParse->pStatusData,
pGetAuthPolicyRespParse->statusDataLen) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_SERVER_ERROR);
}
else
{
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected status\n", 0);
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Good, advance to the next state based on the status code.
if (CASA_SUCCESS(pGetAuthPolicyRespParse->status))
{
@ -529,7 +556,7 @@ GetAuthPolicyRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -544,7 +571,7 @@ GetAuthPolicyRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -636,7 +663,6 @@ CreateGetAuthPolicyResp(
// Set the character data handler
XML_SetCharacterDataHandler(p, (XML_CharacterDataHandler) GetAuthPolicyRespCharDataHandler);
// Set our user data
XML_SetUserData(p, &getAuthPolicyRespParse);
@ -677,6 +703,10 @@ CreateGetAuthPolicyResp(
// Free the parser
XML_ParserFree(p);
// Free any buffers associated with the parse
if (getAuthPolicyRespParse.pStatusData)
free(getAuthPolicyRespParse.pStatusData);
}
else
{

149
CASA-auth-token/client/lib/gettokenmsg.c
View File

@ -53,11 +53,15 @@
//
typedef struct _GetAuthTokenRespParse
{
XML_Parser p;
int state;
int elementDataProcessed;
GetAuthTokenResp *pGetAuthTokenResp;
CasaStatus status;
XML_Parser p;
int state;
int elementDataProcessed;
char *pStatusData;
int statusDataLen;
char *pLifetimeData;
int lifetimeDataLen;
GetAuthTokenResp *pGetAuthTokenResp;
CasaStatus status;
} GetAuthTokenRespParse, *PGetAuthTokenRespParse;
@ -215,7 +219,7 @@ GetAuthTokenRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -230,7 +234,7 @@ GetAuthTokenRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -245,7 +249,7 @@ GetAuthTokenRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -260,7 +264,7 @@ GetAuthTokenRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -275,7 +279,7 @@ GetAuthTokenRespStartElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -398,6 +402,8 @@ GetAuthTokenRespCharDataHandler(
// L2
//=======================================================================--
{
CasaStatus status;
DbgTrace(2, "-GetAuthTokenRespCharDataHandler- Start\n", 0);
// Just exit if being called to process white space
@ -420,62 +426,64 @@ GetAuthTokenRespCharDataHandler(
break;
case AWAITING_STATUS_DATA:
case AWAITING_STATUS_ELEMENT_END:
// Set the appropriate status in the AuthenticationResp based on the
// returned status.
if (strncmp(HTTP_OK_STATUS_CODE, s, len) == 0)
// Consume the data
status = ConsumeElementData(pGetAuthTokenRespParse,
s,
len,
&pGetAuthTokenRespParse->pStatusData,
&pGetAuthTokenRespParse->statusDataLen);
if (CASA_SUCCESS(status))
{
pGetAuthTokenRespParse->status = CASA_STATUS_SUCCESS;
}
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0)
{
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0)
{
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_SERVER_ERROR);
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_STATUS_ELEMENT_END;
}
else
{
DbgTrace(0, "-GetAuthTokenRespCharDataHandler- Un-expected status\n", 0);
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
pGetAuthTokenRespParse->status = status;
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_STATUS_ELEMENT_END;
break;
case AWAITING_LIFETIME_DATA:
case AWAITING_LIFETIME_ELEMENT_END:
// Convert the lifetime string to a numeric value
pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLifetime = dtoul(s, len);
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_LIFETIME_ELEMENT_END;
// Consume the data
status = ConsumeElementData(pGetAuthTokenRespParse,
s,
len,
&pGetAuthTokenRespParse->pLifetimeData,
&pGetAuthTokenRespParse->lifetimeDataLen);
if (CASA_SUCCESS(status))
{
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_LIFETIME_ELEMENT_END;
}
else
{
pGetAuthTokenRespParse->status = status;
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_TOKEN_DATA:
case AWAITING_AUTH_TOKEN_ELEMENT_END:
// Consume the data
pGetAuthTokenRespParse->status = ConsumeElementData(pGetAuthTokenRespParse,
s,
len,
&pGetAuthTokenRespParse->pGetAuthTokenResp->pToken,
&pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLen);
if (CASA_SUCCESS(pGetAuthTokenRespParse->status))
status = ConsumeElementData(pGetAuthTokenRespParse,
s,
len,
&pGetAuthTokenRespParse->pGetAuthTokenResp->pToken,
&pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLen);
if (CASA_SUCCESS(status))
{
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_ELEMENT_END;
}
else
{
pGetAuthTokenRespParse->status = status;
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -526,7 +534,7 @@ GetAuthTokenRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespEndHandler- Un-expected end element\n", 0);
DbgTrace(0, "-GetAuthTokenRespEndHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -541,7 +549,7 @@ GetAuthTokenRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected end element\n", 0);
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -551,6 +559,37 @@ GetAuthTokenRespEndElementHandler(
// In this state, we are only expecting the Status Element.
if (strcmp(name, STATUS_ELEMENT_NAME) == 0)
{
// Set the appropriate status in the GetAuthTokenResp based on the returned status data
if (strncmp(HTTP_OK_STATUS_CODE,
pGetAuthTokenRespParse->pStatusData,
pGetAuthTokenRespParse->statusDataLen) == 0)
{
pGetAuthTokenRespParse->status = CASA_STATUS_SUCCESS;
}
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE,
pGetAuthTokenRespParse->pStatusData,
pGetAuthTokenRespParse->statusDataLen) == 0)
{
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE,
pGetAuthTokenRespParse->pStatusData,
pGetAuthTokenRespParse->statusDataLen) == 0)
{
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_SERVER_ERROR);
}
else
{
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected status\n", 0);
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Good, advance to the next state based on the status code.
if (CASA_SUCCESS(pGetAuthTokenRespParse->status))
{
@ -564,7 +603,7 @@ GetAuthTokenRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -574,12 +613,16 @@ GetAuthTokenRespEndElementHandler(
// In this state, we are only expecting the Lifetime Element.
if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0)
{
// Convert the lifetime string to a numeric value
pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLifetime = dtoul(pGetAuthTokenRespParse->pLifetimeData,
pGetAuthTokenRespParse->lifetimeDataLen);
// Good, advance to the next state.
pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_DATA;
}
else
{
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -594,7 +637,7 @@ GetAuthTokenRespEndElementHandler(
}
else
{
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected start element\n", 0);
DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected element\n", 0);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -686,7 +729,6 @@ CreateGetAuthTokenResp(
// Set the character data handler
XML_SetCharacterDataHandler(p, (XML_CharacterDataHandler) GetAuthTokenRespCharDataHandler);
// Set our user data
XML_SetUserData(p, &getAuthTokenRespParse);
@ -727,6 +769,13 @@ CreateGetAuthTokenResp(
// Free the parser
XML_ParserFree(p);
// Free any buffers associated with the parse
if (getAuthTokenRespParse.pStatusData)
free(getAuthTokenRespParse.pStatusData);
if (getAuthTokenRespParse.pLifetimeData)
free(getAuthTokenRespParse.pLifetimeData);
}
else
{

1
CASA-auth-token/client/lib/linux/Makefile.am
View File

@ -57,6 +57,7 @@ CFILES = ../authmech.c \
../util.c \
../invalidcert.c \
rpc.c \
osslsupp.c \
platform.c
CSFILES_CSC :=

323
CASA-auth-token/client/lib/linux/osslsupp.c Normal file
View File

@ -0,0 +1,323 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// Number of static locks required by OpenSSL
static
int g_numStaticLocks = 0;
// Mutex array for OpenSSL static locks
static
pthread_mutex_t *g_staticLocks = NULL;
//++=======================================================================
static void
StaticLockFunction(
IN int mode,
IN int n,
IN const char *file,
IN int line)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(2, "-StaticLockFunction- Start\n", 0);
// Verify that the lock number is within range
if (n < g_numStaticLocks
&& n >= 0)
{
// Either set or release the nth lock
if (mode & CRYPTO_LOCK)
{
// Set the lock
pthread_mutex_lock(&g_staticLocks[n]);
}
else
{
// Release the lock
pthread_mutex_unlock(&g_staticLocks[n]);
}
}
else
{
DbgTrace(2, "-StaticLockFunction- n out of range\n", 0);
}
DbgTrace(2, "-StaticLockFunction- End\n", 0);
}
//++=======================================================================
static void
DynLockFunction(
IN int mode,
IN struct CRYPTO_dynlock_value *l,
IN const char *file,
IN int line)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(2, "-DynLockFunction- Start\n", 0);
if (l)
{
// Either set or release the lock
if (mode & CRYPTO_LOCK)
{
// Set the lock
pthread_mutex_lock((pthread_mutex_t*) l);
}
else
{
// Release the lock
pthread_mutex_unlock((pthread_mutex_t*) l);
}
}
else
{
DbgTrace(2, "-DynLockFunction- Invalid parameter\n", 0);
}
DbgTrace(2, "-DynLockFunction- End\n", 0);
}
//++=======================================================================
static struct CRYPTO_dynlock_value*
CreateDynLockFunction(
IN const char *file,
IN int line)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
struct CRYPTO_dynlock_value *l;
DbgTrace(1, "-CreateDynLockFunction- Start\n", 0);
// Allocate space for the lock
l = (struct CRYPTO_dynlock_value*) malloc(sizeof(pthread_mutex_t));
if (l)
{
pthread_mutex_init((pthread_mutex_t*) l, NULL);
}
else
{
DbgTrace(0, "-CreateDynLockFunction- Buffer allocation failure\n", 0);
}
DbgTrace(1, "-CreateDynLockFunction- End, l = %0lX\n", (long) l);
return l;
}
//++=======================================================================
static void
DestroyDynLockFunction(
IN struct CRYPTO_dynlock_value *l,
IN const char *file,
IN int line)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(1, "-DestroyDynLockFunction- Start, l = %0lX\n", (long) l);
if (l)
{
pthread_mutex_destroy((pthread_mutex_t*) l);
free(l);
}
DbgTrace(1, "-DestroyDynLockFunction- End\n", 0);
}
//++=======================================================================
static unsigned long
ThreadIdFunction(void)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
unsigned long threadId;
DbgTrace(2, "-ThreadIdFunction- Start\n", 0);
threadId = (unsigned long) pthread_self();
DbgTrace(2, "-ThreadIdFunction- End, id = %0lX\n", threadId);
return threadId;
}
//++=======================================================================
int
SetupOSSLSupport(void)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
int retStatus = -1;
int i;
DbgTrace(1, "-SetupOSSLSupport- Start\n", 0);
// Determine how many static locks are needed
g_numStaticLocks = CRYPTO_num_locks();
// Allocate space to hold the needed mutexes
g_staticLocks = malloc(sizeof(pthread_mutex_t) * g_numStaticLocks);
if (g_staticLocks)
{
for (i = 0; i < g_numStaticLocks; i++)
pthread_mutex_init(&g_staticLocks[i], NULL);
// Set callback functions
CRYPTO_set_id_callback(ThreadIdFunction);
CRYPTO_set_locking_callback(StaticLockFunction);
CRYPTO_set_dynlock_create_callback(CreateDynLockFunction);
CRYPTO_set_dynlock_destroy_callback(DestroyDynLockFunction);
CRYPTO_set_dynlock_lock_callback(DynLockFunction);
// Success
retStatus = 0;
}
else
{
DbgTrace(0, "-SetupOSSLSupport- Buffer allocation failure\n", 0);
}
DbgTrace(1, "-SetupOSSLSupport- End, retStatus = %0X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
CleanupOSSLSupport(void)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
int i;
DbgTrace(1, "-CleanupOSSLSupport- Start\n", 0);
// Clear our callback functions
CRYPTO_set_id_callback(NULL);
CRYPTO_set_locking_callback(NULL);
CRYPTO_set_dynlock_create_callback(NULL);
CRYPTO_set_dynlock_destroy_callback(NULL);
CRYPTO_set_dynlock_lock_callback(NULL);
// Now, cleanup the resources allocated for static locks
if (g_staticLocks)
{
for (i = 0; i < g_numStaticLocks; i++)
pthread_mutex_destroy(&g_staticLocks[i]);
free(g_staticLocks);
}
DbgTrace(1, "-CleanupOSSLSupport- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

87
CASA-auth-token/client/lib/linux/platform.c
View File

@ -42,6 +42,7 @@ typedef struct _NormalizedHostNameCacheEntry
//===[ Type definitions for Local_sem ]====================================
//
// Notes: Most of the code for this definitions and the Local_sem_xxxx
// functions was copied with minor modifications from W. Richard
@ -694,53 +695,65 @@ NormalizeHostName(
// Now try to resolve the normalized name
pLookupResult = gethostbyname(pHostName);
if (pLookupResult && pLookupResult->h_addrtype == AF_INET)
if (pLookupResult
&& pLookupResult->h_addrtype == AF_INET
&& pLookupResult->h_length > 0
&& pLookupResult->h_addr_list[0] != NULL)
{
char dnsHostName[NI_MAXHOST];
// Set up a sockaddr structure
sockAddr.sin_family = AF_INET;
sockAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]);
// Now try to resolve the name using DNS
if (getnameinfo((const struct sockaddr*) &sockAddr,
sizeof(sockAddr),
dnsHostName,
sizeof(dnsHostName),
NULL,
0,
NI_NAMEREQD) == 0)
char *pDnsHostName = (char*) malloc(NI_MAXHOST + 1);
if (pDnsHostName)
{
// We resolved the address to a DNS name, use it as the normalized name.
pEntry->buffLengthRequired = (int) strlen(dnsHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
// Set up a sockaddr structure
sockAddr.sin_family = AF_INET;
sockAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]);
// Now try to resolve the name using DNS
if (getnameinfo((const struct sockaddr*) &sockAddr,
sizeof(sockAddr),
pDnsHostName,
NI_MAXHOST,
NULL,
0,
NI_NAMEREQD) == 0)
{
// Copy the dns name
strcpy(pEntry->pNormalizedHostName, dnsHostName);
// We resolved the address to a DNS name, use it as the normalized name.
pEntry->buffLengthRequired = (int) strlen(pDnsHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{
// Copy the dns name
strcpy(pEntry->pNormalizedHostName, pDnsHostName);
}
else
{
DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0);
}
}
else
{
DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0);
DbgTrace(0, "-NormalizeHostName- getnameInfo failed, error %d\n", errno);
// Not able to resolve the name in DNS, just use the host name as
// the normalized name.
pEntry->buffLengthRequired = (int) strlen(pHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{
// Copy the host name
strcpy(pEntry->pNormalizedHostName, pHostName);
}
else
{
DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0);
}
}
// Free the buffer allocated to hold the DNS name
free(pDnsHostName);
}
else
{
DbgTrace(0, "-NormalizeHostName- getnameInfo failed, error %d\n", errno);
// Not able to resolve the name in DNS, just use the host name as
// the normalized name.
pEntry->buffLengthRequired = (int) strlen(pHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{
// Copy the host name
strcpy(pEntry->pNormalizedHostName, pHostName);
}
else
{
DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0);
}
DbgTrace(0, "-NormalizeHostName- Buffer allocation failure\n", 0);
}
}
else

1
CASA-auth-token/client/lib/linux/platform.h
View File

@ -45,6 +45,7 @@
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/sem.h>
#include <openssl/crypto.h>
//===[ Type definitions ]==================================================

48
CASA-auth-token/client/lib/linux/rpc.c
View File

@ -31,8 +31,19 @@
#define MAX_RPC_RETRIES 3
//===[ External prototypes ]===============================================
extern
int
SetupOSSLSupport(void);
extern
void
CleanupOSSLSupport(void);
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
@ -307,7 +318,9 @@ InternalRpc(
// L2
//=======================================================================--
{
#ifndef CASA_STATUS_INVALID_SERVER_CERTIFICATE
#define CASA_STATUS_INVALID_SERVER_CERTIFICATE CASA_STATUS_UNSUCCESSFUL // temporary until casa_status.h is updated
#endif
CasaStatus retStatus;
char *pPartialUrl;
@ -361,7 +374,6 @@ InternalRpc(
}
pUrl = (char*) malloc(partialUrlLen + strlen(pMethod) + 1);
if (pUrl)
{
strcpy(pUrl, pPartialUrl);
@ -465,7 +477,7 @@ InternalRpc(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(1, "-InternalRpc- End, retStatus = %d\n", retStatus);
DbgTrace(1, "-InternalRpc- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -514,7 +526,7 @@ Rpc(
} while (CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE
&& retries < MAX_RPC_RETRIES);
DbgTrace(1, "-Rpc- End, retStatus = %d\n", retStatus);
DbgTrace(1, "-Rpc- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -535,26 +547,34 @@ InitializeRpc(void)
// L2
//=======================================================================--
{
CasaStatus retStatus;
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
DbgTrace(1, "-InitializeRpc- Start\n", 0);
// Perform libcurl initializatoin
CURLcode curlStatus = curl_global_init(CURL_GLOBAL_SSL);
if (curlStatus != 0)
// Initialize OpenSSL support
if (SetupOSSLSupport() == 0)
{
DbgTrace(0, "-InitializeRpc- Error initializing libcurl, curlStatus = %08X\n", curlStatus);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
// Perform libcurl initializatoin
CURLcode curlStatus = curl_global_init(CURL_GLOBAL_SSL);
if (curlStatus != 0)
{
DbgTrace(0, "-InitializeRpc- Error initializing libcurl, curlStatus = %0X\n", curlStatus);
CleanupOSSLSupport();
}
else
{
// Success
retStatus = CASA_STATUS_SUCCESS;
}
}
else
{
// Success
retStatus = CASA_STATUS_SUCCESS;
DbgTrace(0, "-InitializeRpc- OpenSSL support setup failure\n", 0);
}
DbgTrace(1, "-InitializeRpc- End, retStatus = %08X\n", retStatus);
DbgTrace(1, "-InitializeRpc- End, retStatus = %0X\n", retStatus);
return retStatus;
}

4
CASA-auth-token/client/lib/mechanisms/krb5/interface.c
View File

@ -75,7 +75,7 @@ AuthTokenIf_AddReference(
pAuthTokenIfInstance->refCount ++;
refCount = pAuthTokenIfInstance->refCount;
DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount);
DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %0X\n", refCount);
return refCount;
}
@ -208,7 +208,7 @@ GET_AUTH_TOKEN_INTERFACE_RTN(
exit:
DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus);
DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %0X\n", retStatus);
return retStatus;
}

21
CASA-auth-token/client/lib/mechanisms/krb5/linux/Krb5Authenticate.conf
View File

@ -7,6 +7,27 @@
# #
#######################################################
#
# LibraryName setting.
#
# Description: Used to specify the path to the library
# implementing the authentication mechanism.
#
LibraryName /usr/lib/CASA/authtoken/krb5mech.so
#
# DebugLevel setting.
#
# Description: Used to specify the level of logging utilized for debugging
# purposes. A level of zero being the lowest debugging level.
#
# If this parameter is not set, the client defaults
# to use a debug level of zero.
#
# Note: Debug statements can be viewed under Windows by using
# tools such as DbgView. Under Linux, debug statements are logged
# to /var/log/messages.
#
#DebugLevel 0

20
CASA-auth-token/client/lib/mechanisms/krb5/linux/Krb5Authenticate_lib64.conf
View File

@ -7,6 +7,26 @@
# #
#######################################################
#
# LibraryName setting.
#
# Description: Used to specify the path to the library
# implementing the authentication mechanism.
#
LibraryName /usr/lib64/CASA/authtoken/krb5mech.so
#
# DebugLevel setting.
#
# Description: Used to specify the level of logging utilized for debugging
# purposes. A level of zero being the lowest debugging level.
#
# If this parameter is not set, the client defaults
# to use a debug level of zero.
#
# Note: Debug statements can be viewed under Windows by using
# tools such as DbgView. Under Linux, debug statements are logged
# to /var/log/messages.
#
#DebugLevel 0

18
CASA-auth-token/client/lib/mechanisms/krb5/linux/get.c
View File

@ -75,8 +75,11 @@ LogGssStatuses(
}
// Trace this message
DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
DbgTrace(0, "%s\n", (char *)msg.value);
if (msg.value != NULL)
{
DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
DbgTrace(0, "%s\n", (char *)msg.value);
}
if (msg.length != 0)
gss_release_buffer(&gssMinStat, &msg);
@ -102,8 +105,11 @@ LogGssStatuses(
}
// Trace this message
DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
DbgTrace(0, "%s\n", (char *)msg.value);
if (msg.value != NULL)
{
DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
DbgTrace(0, "%s\n", (char *)msg.value);
}
if (msg.length != 0)
gss_release_buffer(&gssMinStat, &msg);
@ -226,7 +232,7 @@ AuthTokenIf_GetAuthToken(
gssBuffer.length = strlen(pKrbServiceName) + 1;
if (strchr(pKrbServiceName, '@') != NULL)
{
// The name is of the form "servicename@hostname"
// The name is of the form "servicename@realmname"
gssMajStat = gss_import_name(&gssMinStat,
&gssBuffer,
(gss_OID) GSS_C_NT_HOSTBASED_SERVICE,
@ -290,7 +296,7 @@ AuthTokenIf_GetAuthToken(
else
{
// The buffer provided is large enough, copy the data and return the actual size.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen +1);
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen + 1);
// Success
retStatus = CASA_STATUS_SUCCESS;

7
CASA-auth-token/client/lib/mechanisms/krb5/util.c
View File

@ -80,7 +80,6 @@ EncodeData(
{
CasaStatus retStatus;
int encodedSize;
char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0);
@ -141,7 +140,7 @@ EncodeData(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
DbgTrace(3, "-EncodeData- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -270,7 +269,7 @@ DecodeData(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -312,7 +311,7 @@ dtoul(
}
}
DbgTrace(2, "-dtoul- End, result = %d\n", n);
DbgTrace(2, "-dtoul- End, result = %0X\n", n);
return n;
}

6
CASA-auth-token/client/lib/mechanisms/krb5/windows/Krb5Authenticate.conf
View File

@ -7,6 +7,12 @@
# #
#######################################################
#
# LibraryName setting.
#
# Description: Used to specify the path to the library
# implementing the authentication mechanism.
#
LibraryName \Program Files\novell\casa\lib\krb5mech.dll
#

26
CASA-auth-token/client/lib/mechanisms/pwd/get.c
View File

@ -106,13 +106,23 @@ GetUserCredentials(
// There were no credentials for the realm, now try to obtain the
// desktop credentials.
secretId.len = sscs_Utf8Strlen("Desktop") + 1;
sscs_Utf8Strcpy((char*) secretId.id, "Desktop");
rcode = miCASAGetCredential(0,
&secretId,
NULL,
&credtype,
&credential,
(SSCS_EXT_T*) pCredStoreScope);
if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN)
{
sscs_Utf8Strcpy((char*) secretId.id, "Desktop");
rcode = miCASAGetCredential(0,
&secretId,
NULL,
&credtype,
&credential,
(SSCS_EXT_T*) pCredStoreScope);
}
else
{
DbgTrace(0, "-GetUserCredentials- Desktop name too long\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
}
}
else
@ -178,7 +188,7 @@ GetUserCredentials(
*ppPassword = pPassword;
}
DbgTrace(1, "-GetUserCredentials- End, retStatus = %08X\n", retStatus);
DbgTrace(1, "-GetUserCredentials- End, retStatus = %0X\n", retStatus);
return retStatus;
}

4
CASA-auth-token/client/lib/mechanisms/pwd/interface.c
View File

@ -75,7 +75,7 @@ AuthTokenIf_AddReference(
pAuthTokenIfInstance->refCount ++;
refCount = pAuthTokenIfInstance->refCount;
DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount);
DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %0X\n", refCount);
return refCount;
}
@ -208,7 +208,7 @@ GET_AUTH_TOKEN_INTERFACE_RTN(
exit:
DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus);
DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %0X\n", retStatus);
return retStatus;
}

21
CASA-auth-token/client/lib/mechanisms/pwd/linux/PwdAuthenticate.conf
View File

@ -7,6 +7,25 @@
# #
#######################################################
#
# LibraryName setting.
#
# Description: Used to specify the path to the library
# implementing the authentication mechanism.
#
LibraryName /usr/lib/CASA/authtoken/pwmech.so
#
# DebugLevel setting.
#
# Description: Used to specify the level of logging utilized for debugging
# purposes. A level of zero being the lowest debugging level.
#
# If this parameter is not set, the client defaults
# to use a debug level of zero.
#
# Note: Debug statements can be viewed under Windows by using
# tools such as DbgView. Under Linux, debug statements are logged
# to /var/log/messages.
#
#DebugLevel 0

21
CASA-auth-token/client/lib/mechanisms/pwd/linux/PwdAuthenticate_lib64.conf
View File

@ -7,6 +7,25 @@
# #
#######################################################
#
# LibraryName setting.
#
# Description: Used to specify the path to the library
# implementing the authentication mechanism.
#
LibraryName /usr/lib64/CASA/authtoken/pwmech.so
#
# DebugLevel setting.
#
# Description: Used to specify the level of logging utilized for debugging
# purposes. A level of zero being the lowest debugging level.
#
# If this parameter is not set, the client defaults
# to use a debug level of zero.
#
# Note: Debug statements can be viewed under Windows by using
# tools such as DbgView. Under Linux, debug statements are logged
# to /var/log/messages.
#
#DebugLevel 0

7
CASA-auth-token/client/lib/mechanisms/pwd/util.c
View File

@ -80,7 +80,6 @@ EncodeData(
{
CasaStatus retStatus;
int encodedSize;
char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0);
@ -141,7 +140,7 @@ EncodeData(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
DbgTrace(3, "-EncodeData- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -270,7 +269,7 @@ DecodeData(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -312,7 +311,7 @@ dtoul(
}
}
DbgTrace(2, "-dtoul- End, result = %d\n", n);
DbgTrace(2, "-dtoul- End, result = %0X\n", n);
return n;
}

6
CASA-auth-token/client/lib/mechanisms/pwd/windows/PwdAuthenticate.conf
View File

@ -7,6 +7,12 @@
# #
#######################################################
#
# LibraryName setting.
#
# Description: Used to specify the path to the library
# implementing the authentication mechanism.
#
LibraryName \Program Files\novell\casa\lib\pwmech.dll
#

405
CASA-auth-token/client/lib/test/CASA_Auth.cpp
View File

@ -124,113 +124,135 @@ EncodeData(
void NonHttpTest(void)
{
CasaStatus retStatus;
char authToken[8192];
int authTokenLen = sizeof(authToken);
char *pAuthToken;
int authTokenLen = 0;
// Obtain an authentication token for the targeted service
retStatus = ObtainAuthToken(pServiceName, pServerAddress, authToken, &authTokenLen);
if (!CASA_SUCCESS(retStatus))
// First call to get the authentication token with no output buffer so
// that we can determine the buffer size necessary to hold the token.
retStatus = ObtainAuthToken(pServiceName, pServerAddress, NULL, &authTokenLen);
if (CasaStatusCode(retStatus) == CASA_STATUS_BUFFER_OVERFLOW)
{
printf("-NonHttpTest- ObtainAuthToken failed with status %d\n", retStatus);
}
else
{
SOCKET sock;
struct sockaddr_in localAddr = {0};
struct sockaddr_in remoteAddr = {0};
struct linger linger_opt = {1, 15};
struct hostent *pLookupResult;
printf("-NonHttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
// Send the token to the server
//
// Open socket
sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock != INVALID_SOCKET)
// Allocate buffer to receive the token
pAuthToken = (char*) malloc(authTokenLen);
if (pAuthToken)
{
// Setup the local address structure
localAddr.sin_family = AF_INET;
localAddr.sin_addr.s_addr = htonl(INADDR_ANY);
// Bind socket
if (!bind(sock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in)))
// Now get the token
retStatus = ObtainAuthToken(pServiceName, pServerAddress, pAuthToken, &authTokenLen);
if (!CASA_SUCCESS(retStatus))
{
// Resolve the server address
pLookupResult = gethostbyname(pServerAddress);
if (pLookupResult)
printf("-NonHttpTest- ObtainAuthToken failed with status %d\n", retStatus);
}
else
{
SOCKET sock;
struct sockaddr_in localAddr = {0};
struct sockaddr_in remoteAddr = {0};
struct linger linger_opt = {1, 15};
struct hostent *pLookupResult;
printf("-NonHttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
// Send the token to the server
//
// Open socket
sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock != INVALID_SOCKET)
{
// Validate the address type returned
if (pLookupResult->h_addrtype == AF_INET)
// Setup the local address structure
localAddr.sin_family = AF_INET;
localAddr.sin_addr.s_addr = htonl(INADDR_ANY);
// Bind socket
if (!bind(sock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in)))
{
int numAddressesFound = 0;
// Determine how many addresses where returned
while (pLookupResult->h_addr_list[numAddressesFound] != NULL)
// Resolve the server address
pLookupResult = gethostbyname(pServerAddress);
if (pLookupResult)
{
//printf("ServerAddress = %08X\n", *((int*) pLookupResult->h_addr_list[numAddressesFound]));
numAddressesFound ++;
}
//printf("Found %d addresses\n", numAddressesFound);
// Validate the address type returned
if (pLookupResult->h_addrtype == AF_INET)
{
int numAddressesFound = 0;
// Setup the remote address structure with the lookup results
remoteAddr.sin_family = AF_INET;
remoteAddr.sin_port = serverPort;
remoteAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]); // Short-cut
//printf("ServerAddress = %08X\n", remoteAddr.sin_addr.s_addr);
// Determine how many addresses where returned
while (pLookupResult->h_addr_list[numAddressesFound] != NULL)
{
//printf("ServerAddress = %08X\n", *((int*) pLookupResult->h_addr_list[numAddressesFound]));
numAddressesFound ++;
}
//printf("Found %d addresses\n", numAddressesFound);
// Perform connect operation
if (connect(sock,
(struct sockaddr*) &remoteAddr,
sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
printf("-NonHttpTest- Connection creation failed, error = %d\n", errno);
// Setup the remote address structure with the lookup results
remoteAddr.sin_family = AF_INET;
remoteAddr.sin_port = serverPort;
remoteAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]); // Short-cut
//printf("ServerAddress = %08X\n", remoteAddr.sin_addr.s_addr);
// Perform connect operation
if (connect(sock,
(struct sockaddr*) &remoteAddr,
sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
printf("-NonHttpTest- Connection creation failed, error = %d\n", errno);
}
else
{
// Now the connection is setup, send the credentials to the server as one line.
// using our cheesy protocol followed by a hello string.
//
// Send the token to the server (including NULL terminator)
send(sock, pAuthToken, (int) strlen(pAuthToken) + 1, 0);
// Send new line
send(sock, "\n", 1, 0);
// Send "hello"
//send(sock, helloString, strlen(helloString) + 1, MSG_NOSIGNAL);
// Send new line
//send(sock, "\n", 1, 0);
// Shutdown the connection
shutdown(sock, 0);
}
}
else
{
printf("-NonHttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
}
}
else
{
// Now the connection is setup, send the credentials to the server as one line.
// using our cheesy protocol followed by a hello string.
//
// Send the token to the server (including NULL terminator)
send(sock, authToken, (int) strlen(authToken) + 1, 0);
// Send new line
send(sock, "\n", 1, 0);
// Send "hello"
//send(sock, helloString, strlen(helloString) + 1, MSG_NOSIGNAL);
// Send new line
//send(sock, "\n", 1, 0);
// Shutdown the connection
shutdown(sock, 0);
printf("-NonHttpTest- Lookup for %s failed\n", pServerAddress);
}
}
else
{
printf("-NonHttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
printf("-NonHttpTest- Unable to bind socket, error = %d", errno);
}
// Close the socket
setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char*) &linger_opt, sizeof(linger_opt));
closesocket(sock);
}
else
{
printf("-NonHttpTest- Lookup for %s failed\n", pServerAddress);
printf("-NonHttpTest- Unable to open socket, error = %d\n", errno);
}
}
else
{
printf("-NonHttpTest- Unable to bind socket, error = %d", errno);
}
// Close the socket
setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char*) &linger_opt, sizeof(linger_opt));
closesocket(sock);
// Release the buffer allocated for the token
free(pAuthToken);
}
else
{
printf("-NonHttpTest- Unable to open socket, error = %d\n", errno);
printf("-NonHttpTest- Failed to allocate buffer for token\n", 0);
}
}
else
{
printf("-NonHttpTest- ObtainAuthToken failed with status %d\n", retStatus);
}
}
@ -242,141 +264,162 @@ void NonHttpTest(void)
void HttpTest(void)
{
CasaStatus retStatus;
char authToken[4096];
int authTokenLen = sizeof(authToken);
char *pAuthToken;
int authTokenLen = 0;
// Obtain an authentication token for the targeted service
retStatus = ObtainAuthToken(pServiceName, pServerAddress, authToken, &authTokenLen);
if (!CASA_SUCCESS(retStatus))
// First call to get the authentication token with no output buffer so
// that we can determine the buffer size necessary to hold the token.
retStatus = ObtainAuthToken(pServiceName, pServerAddress, NULL, &authTokenLen);
if (CasaStatusCode(retStatus) == CASA_STATUS_BUFFER_OVERFLOW)
{
printf("-HttpTest- ObtainAuthToken failed with status %d\n", retStatus);
}
else
{
SOCKET sock;
struct sockaddr_in localAddr = {0};
struct sockaddr_in remoteAddr = {0};
struct linger linger_opt = {1, 15};
struct hostent *pLookupResult;
//printf("ObtainAuthToken succedded, token = %s\n", authToken);
printf("-HttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
// Send the token to the server
// Open socket
sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock != INVALID_SOCKET)
// Allocate buffer to receive the token
pAuthToken = (char*) malloc(authTokenLen);
if (pAuthToken)
{
// Setup the local address structure
localAddr.sin_family = AF_INET;
localAddr.sin_addr.s_addr = htonl(INADDR_ANY);
// Bind socket
if (!bind(sock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in)))
// Now get the token
retStatus = ObtainAuthToken(pServiceName, pServerAddress, pAuthToken, &authTokenLen);
if (!CASA_SUCCESS(retStatus))
{
// Resolve the server address
pLookupResult = gethostbyname(pServerAddress);
if (pLookupResult)
printf("-HttpTest- ObtainAuthToken failed with status %0X\n", retStatus);
}
else
{
SOCKET sock;
struct sockaddr_in localAddr = {0};
struct sockaddr_in remoteAddr = {0};
struct linger linger_opt = {1, 15};
struct hostent *pLookupResult;
printf("-HttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
// Send the token to the server
// Open socket
sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock != INVALID_SOCKET)
{
// Validate the address type returned
if (pLookupResult->h_addrtype == AF_INET)
// Setup the local address structure
localAddr.sin_family = AF_INET;
localAddr.sin_addr.s_addr = htonl(INADDR_ANY);
// Bind socket
if (!bind(sock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in)))
{
int numAddressesFound = 0;
// Determine how many addresses where returned
while (pLookupResult->h_addr_list[numAddressesFound] != NULL)
// Resolve the server address
pLookupResult = gethostbyname(pServerAddress);
if (pLookupResult)
{
//printf("ServerAddress = %08X\n", *((int*) pLookupResult->h_addr_list[numAddressesFound]));
numAddressesFound ++;
}
//printf("Found %d addresses\n", numAddressesFound);
// Setup the remote address structure with the lookup results
remoteAddr.sin_family = AF_INET;
remoteAddr.sin_port = serverPort;
remoteAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]); // Short-cut
//printf("ServerAddress = %08X\n", remoteAddr.sin_addr.s_addr);
// Perform connect operation
if (connect(sock,
(struct sockaddr*) &remoteAddr,
sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
printf("-HttpTest- Connection creation failed, error = %d\n", errno);
}
else
{
char *pBasicCredentials;
char *pEncodedBasicCredentials;
int encodedLength;
char CasaPrincipal[] = "CasaPrincipal:";
char HTTPReqPart1[] = "GET /example-info HTTP/1.1\r\\nUser-Agent: CasaTestClient\r\nHost: jcstation.dnsdhcp.provo.novell.com:4096\r\nConnection: Keep-Alive\r\nAuthorization: Basic ";
// Now the connection is setup, send 1st part of HTTP request to the server.
send(sock, HTTPReqPart1, (int) strlen(HTTPReqPart1), 0);
// Now setup the HTTP Basic Credentials
pBasicCredentials = (char*) malloc(strlen(CasaPrincipal) + strlen(authToken) + 1);
if (pBasicCredentials)
// Validate the address type returned
if (pLookupResult->h_addrtype == AF_INET)
{
memcpy(pBasicCredentials, CasaPrincipal, sizeof(CasaPrincipal));
strcat(pBasicCredentials, authToken);
int numAddressesFound = 0;
// Now Base64 encode the credentials
if (EncodeData((const void*) pBasicCredentials,
(const int32_t) strlen(pBasicCredentials),
&pEncodedBasicCredentials,
(int32_t *) &encodedLength) == 0)
// Determine how many addresses where returned
while (pLookupResult->h_addr_list[numAddressesFound] != NULL)
{
// Send the encoded credentials
send(sock, pEncodedBasicCredentials, encodedLength - 1, 0);
//printf("ServerAddress = %08X\n", *((int*) pLookupResult->h_addr_list[numAddressesFound]));
numAddressesFound ++;
}
//printf("Found %d addresses\n", numAddressesFound);
// Send the rest of the header
send(sock, "\r\n\r\n", 4, 0);
// Free the buffer holding the encoded credentials
free(pEncodedBasicCredentials);
// Setup the remote address structure with the lookup results
remoteAddr.sin_family = AF_INET;
remoteAddr.sin_port = serverPort;
remoteAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]); // Short-cut
//printf("ServerAddress = %08X\n", remoteAddr.sin_addr.s_addr);
// Perform connect operation
if (connect(sock,
(struct sockaddr*) &remoteAddr,
sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
printf("-HttpTest- Connection creation failed, error = %d\n", errno);
}
else
{
printf("-HttpTest- Error encoding credentials\n");
}
char *pBasicCredentials;
char *pEncodedBasicCredentials;
int encodedLength;
char CasaPrincipal[] = "CasaPrincipal:";
char HTTPReqPart1[] = "GET /example-info HTTP/1.1\r\\nUser-Agent: CasaTestClient\r\nHost: jcstation.dnsdhcp.provo.novell.com:4096\r\nConnection: Keep-Alive\r\nAuthorization: Basic ";
// Free the buffer containing the basic credentials
free(pBasicCredentials);
// Now the connection is setup, send 1st part of HTTP request to the server.
send(sock, HTTPReqPart1, (int) strlen(HTTPReqPart1), 0);
// Now setup the HTTP Basic Credentials
pBasicCredentials = (char*) malloc(strlen(CasaPrincipal) + strlen(pAuthToken) + 1);
if (pBasicCredentials)
{
memcpy(pBasicCredentials, CasaPrincipal, sizeof(CasaPrincipal));
strcat(pBasicCredentials, pAuthToken);
// Now Base64 encode the credentials
if (EncodeData((const void*) pBasicCredentials,
(const int32_t) strlen(pBasicCredentials),
&pEncodedBasicCredentials,
(int32_t *) &encodedLength) == 0)
{
// Send the encoded credentials
send(sock, pEncodedBasicCredentials, encodedLength - 1, 0);
// Send the rest of the header
send(sock, "\r\n\r\n", 4, 0);
// Free the buffer holding the encoded credentials
free(pEncodedBasicCredentials);
}
else
{
printf("-HttpTest- Error encoding credentials\n");
}
// Free the buffer containing the basic credentials
free(pBasicCredentials);
}
else
{
printf("-HttpTest- Buffer allocation failure\n");
}
// Shutdown the connection
shutdown(sock, 0);
}
}
else
{
printf("-HttpTest- Buffer allocation failure\n");
printf("-HttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
}
// Shutdown the connection
shutdown(sock, 0);
}
else
{
printf("-HttpTest- Lookup for %s failed\n", pServerAddress);
}
}
else
{
printf("-HttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
printf("-HttpTest- Unable to bind socket, error = %d", errno);
}
// Close the socket
setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char*) &linger_opt, sizeof(linger_opt));
closesocket(sock);
}
else
{
printf("-HttpTest- Lookup for %s failed\n", pServerAddress);
printf("-HttpTest- Unable to open socket, error = %d\n", errno);
}
}
else
{
printf("-HttpTest- Unable to bind socket, error = %d", errno);
}
// Close the socket
setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char*) &linger_opt, sizeof(linger_opt));
closesocket(sock);
// Release the buffer allocated for the token
free(pAuthToken);
}
else
{
printf("-HttpTest- Unable to open socket, error = %d\n", errno);
printf("-HttpTest- Failed to allocate buffer for token\n", 0);
}
}
else
{
printf("-HttpTest- ObtainAuthToken failed with status %0X\n", retStatus);
}
}

7
CASA-auth-token/client/lib/util.c
View File

@ -77,7 +77,6 @@ EncodeData(
{
CasaStatus retStatus;
int encodedSize;
char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0);
@ -138,7 +137,7 @@ EncodeData(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
DbgTrace(3, "-EncodeData- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -267,7 +266,7 @@ DecodeData(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);
return retStatus;
}
@ -309,7 +308,7 @@ dtoul(
}
}
DbgTrace(2, "-dtoul- End, result = %d\n", n);
DbgTrace(2, "-dtoul- End, result = %0X\n", n);
return n;
}

2
CASA-auth-token/client/lib/windows/dllsup.c
View File

@ -113,7 +113,7 @@ ObtainAuthTokenEx(
pAuthTokenBufLen,
pCredStoreScope);
DbgTrace(1, "-ObtainAuthTokenEx- End, retStatus = %08X\n", retStatus);
DbgTrace(1, "-ObtainAuthTokenEx- End, retStatus = %0X\n", retStatus);
return retStatus;
}