geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changes due to continue development effort.

Browse Source
This commit is contained in:
Juan Carlos Luciani 2006-04-28 18:58:25 +00:00
parent 492b8ee45c
commit fe756d9f5e
11 changed files with 1487 additions and 1016 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
auth_token/client/authmech.c
View File

@ -88,7 +88,7 @@ GetAuthTokenIf(
{
LIST_ENTRY *pListEntry;
AuthMechMod *pAuthMechMod = NULL;
int32_t authTypeNameLen = (int32_t) strlen(pAuthTypeName);
int authTypeNameLen = strlen(pAuthTypeName);
// Look if we already have the module in our list
pListEntry = g_authMechModuleListHead.Flink;
@ -260,14 +260,15 @@ GetAuthMechToken(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
AuthTokenIf *pAuthTokenIf;
DbgTrace(1, "-GetAuthMechToken- Start\n", 0);
// Initialize output parameter
@ -275,7 +276,7 @@ GetAuthMechToken(
// Obtain the appropriate token interface for the authentication type
retStatus = GetAuthTokenIf(pAuthContext->pMechanism,
&pAuthTokenIf);
&pAuthTokenIf);
if (CASA_SUCCESS(retStatus))
{
char *pAuthToken = NULL;
@ -284,10 +285,10 @@ GetAuthMechToken(
// We found a provider for the service, query it for the buffer size
// needed to obtain the authentication token.
retStatus = pAuthTokenIf->getAuthToken(pAuthTokenIf,
pAuthContext->pContext,
pAuthContext->pMechInfo,
pAuthToken,
&authTokenBufLen);
pAuthContext->pContext,
pAuthContext->pMechInfo,
pAuthToken,
&authTokenBufLen);
if (CasaStatusCode(retStatus) == CASA_STATUS_BUFFER_OVERFLOW)
{
// Allocate buffer to hold the authentication token
@ -296,10 +297,10 @@ GetAuthMechToken(
{
// Request the token from the provider
retStatus = pAuthTokenIf->getAuthToken(pAuthTokenIf,
pAuthContext->pContext,
pAuthContext->pMechInfo,
pAuthToken,
&authTokenBufLen);
pAuthContext->pContext,
pAuthContext->pMechInfo,
pAuthToken,
&authTokenBufLen);
if (CASA_SUCCESS(retStatus))
{
// Return the buffer containing the token to the caller
@ -331,3 +332,8 @@ GetAuthMechToken(
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

170
auth_token/client/authmsg.c
View File

@ -60,7 +60,7 @@ typedef struct _AuthRespParse
{
XML_Parser p;
int state;
int tokenDataProcessed;
int elementDataProcessed;
AuthenticateResp *pAuthenticateResp;
CasaStatus status;
@ -85,7 +85,7 @@ BuildAuthenticateMsg(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
char *pMsg = NULL;
@ -184,7 +184,7 @@ AuthRespStartElementHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-AuthRespStartElementHandler- Start\n", 0);
@ -278,6 +278,95 @@ AuthRespStartElementHandler(
}
//++=======================================================================
static
CasaStatus
ConsumeElementData(
IN AuthRespParse *pAuthRespParse,
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(3, "-ConsumeElementData- Start\n", 0);
// Proceed based on whether or not we have already consumed data
// for this element.
if (*ppElementData == NULL)
{
// We have not yet consumed data for this element
pAuthRespParse->elementDataProcessed = len;
// Allocate a buffer to hold this element data (null terminated).
*ppElementData = (char*) malloc(len + 1);
if (*ppElementData)
{
memset(*ppElementData, 0, len + 1);
memcpy(*ppElementData, s, len);
// Return the length of the element data buffer
*pElementDataLen = pAuthRespParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthRespParse->elementDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pAuthRespParse->elementDataProcessed + len + 1);
memcpy(pNewBuf,
*ppElementData,
pAuthRespParse->elementDataProcessed);
memcpy(pNewBuf + pAuthRespParse->elementDataProcessed, s, len);
pAuthRespParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
*pElementDataLen = pAuthRespParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
void XMLCALL
@ -294,7 +383,7 @@ AuthRespCharDataHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-AuthRespCharDataHandler- Start\n", 0);
@ -310,8 +399,10 @@ AuthRespCharDataHandler(
switch (pAuthRespParse->state)
{
case AWAITING_DESCRIPTION_DATA:
case AWAITING_DESCRIPTION_ELEMENT_END:
// Ignore the status description data for now.
// tbd
// Advanced to the next state
pAuthRespParse->state = AWAITING_DESCRIPTION_ELEMENT_END;
@ -361,58 +452,20 @@ AuthRespCharDataHandler(
case AWAITING_SESSION_TOKEN_DATA:
case AWAITING_SESSION_TOKEN_ELEMENT_END:
// Check if we have already processed token data
if (pAuthRespParse->tokenDataProcessed == 0)
// Consume the data
pAuthRespParse->status = ConsumeElementData(pAuthRespParse,
s,
len,
&pAuthRespParse->pAuthenticateResp->pToken,
&pAuthRespParse->pAuthenticateResp->tokenLen);
if (CASA_SUCCESS(pAuthRespParse->status))
{
// Keep a copy of the session token (null terminated)
pAuthRespParse->pAuthenticateResp->pToken = (char*) malloc(len + 1);
if (pAuthRespParse->pAuthenticateResp->pToken)
{
memset(pAuthRespParse->pAuthenticateResp->pToken, 0, len + 1);
memcpy(pAuthRespParse->pAuthenticateResp->pToken, s, len);
pAuthRespParse->tokenDataProcessed = len;
// Advanced to the next state
pAuthRespParse->state = AWAITING_SESSION_TOKEN_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthRespCharDataHandler- Buffer allocation failure\n", 0);
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
// Advanced to the next state
pAuthRespParse->state = AWAITING_SESSION_TOKEN_ELEMENT_END;
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthRespParse->tokenDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pAuthRespParse->tokenDataProcessed + len + 1);
memcpy(pNewBuf,
pAuthRespParse->pAuthenticateResp->pToken,
pAuthRespParse->tokenDataProcessed);
memcpy(pNewBuf + pAuthRespParse->tokenDataProcessed, s, len);
pAuthRespParse->tokenDataProcessed += len;
// Swap the buffers
free(pAuthRespParse->pAuthenticateResp->pToken);
pAuthRespParse->pAuthenticateResp->pToken = pNewBuf;
}
else
{
DbgTrace(0, "-AuthRespCharDataHandler- Buffer allocation failure\n", 0);
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
XML_StopParser(pAuthRespParse->p, XML_FALSE);
}
break;
@ -443,7 +496,7 @@ AuthRespEndElementHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-AuthRespEndElementHandler- Start\n", 0);
@ -560,7 +613,7 @@ CreateAuthenticateResp(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@ -580,7 +633,7 @@ CreateAuthenticateResp(
* </auth_resp>
*
* When an authentication request fails to be successfully processed, the server
* responds with an error and a error description string. The message format of
* responds with an error and an error description string. The message format of
* an unsuccessful reply is as follows:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
@ -709,7 +762,7 @@ RelAuthenticateResp(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(1, "-RelAuthenticateResp- Start\n", 0);
@ -723,3 +776,8 @@ RelAuthenticateResp(
DbgTrace(1, "-RelAuthenticateResp- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

802
auth_token/client/authpolicy.c Normal file
View File

@ -0,0 +1,802 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Parse states
//
#define AWAITING_ROOT_ELEMENT_START 0x0
#define AWAITING_ROOT_ELEMENT_END 0x1
#define AWAITING_AUTH_POLICY_ELEMENT_START 0x2
#define AWAITING_AUTH_POLICY_ELEMENT_END 0x3
#define AWAITING_AUTH_POLICY_DATA 0x4
#define AWAITING_AUTH_SOURCE_ELEMENT_START 0x5
#define AWAITING_AUTH_SOURCE_ELEMENT_END 0x6
#define AWAITING_AUTH_SOURCE_CHILD_START 0x7
#define AWAITING_REALM_DATA 0x8
#define AWAITING_REALM_ELEMENT_END 0x9
#define AWAITING_MECHANISM_DATA 0xA
#define AWAITING_MECHANISM_ELEMENT_END 0xB
#define AWAITING_MECHANISM_INFO_DATA 0xC
#define AWAITING_MECHANISM_INFO_ELEMENT_END 0xD
#define AWAITING_UNKNOWN_DATA 0xE
#define AWAITING_UNKNOWN_ELEMENT_END 0xF
#define DONE_PARSING 0x10
//
// Authentication Policy Parse Structure
//
typedef struct _AuthPolicyParse
{
XML_Parser p;
int state;
int elementDataProcessed;
AuthPolicy *pAuthPolicy;
CasaStatus status;
} AuthPolicyParse, *PAuthPolicyParse;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//++=======================================================================
static
void XMLCALL
AuthPolicyStartElementHandler(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *name,
IN const XML_Char **atts)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(2, "-AuthPolicyStartElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthPolicyParse->state)
{
case AWAITING_ROOT_ELEMENT_START:
// In this state, we are only expecting the Authentication
// Policy Element.
if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_SOURCE_ELEMENT_START:
case AWAITING_ROOT_ELEMENT_END:
// In this state, we are only expecting the start of an Authentication
// Source Element.
if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0)
{
AuthContext *pAuthContext;
// Create an authentication context structure
pAuthContext = (AuthContext*) malloc(sizeof(AuthContext));
if (pAuthContext)
{
// Initialize the allocated AuthContext structure and associate it
// with the AuthPolicy structure.
memset(pAuthContext, 0, sizeof(*pAuthContext));
InsertTailList(&pAuthPolicyParse->pAuthPolicy->authContextListHead, &pAuthContext->listEntry);
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Buffer allocation error\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_SOURCE_CHILD_START:
// Proceed based on the name of the element
if (strcmp(name, REALM_ELEMENT_NAME) == 0)
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_REALM_DATA;
}
else if (strcmp(name, MECHANISM_ELEMENT_NAME) == 0)
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_MECHANISM_DATA;
}
else if (strcmp(name, MECHANISM_INFO_ELEMENT_NAME) == 0)
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_MECHANISM_INFO_DATA;
}
else if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0)
{
// We are starting a new auth source entry, create an authentication
// context structure to hold its information.
AuthContext *pAuthContext;
// Create an authentication context structure
pAuthContext = (AuthContext*) malloc(sizeof(AuthContext));
if (pAuthContext)
{
// Initialize the allocated AuthContext structure and associate it
// with the AuthPolicy structure.
memset(pAuthContext, 0, sizeof(*pAuthContext));
InsertTailList(&pAuthPolicyParse->pAuthPolicy->authContextListHead, &pAuthContext->listEntry);
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Buffer allocation error\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
}
else
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_UNKNOWN_DATA;
}
break;
default:
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected state = %d\n", pAuthPolicyParse->state);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthPolicyStartElementHandler- End\n", 0);
}
//++=======================================================================
static
CasaStatus
ConsumeElementData(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(3, "-ConsumeElementData- Start\n", 0);
// Proceed based on whether or not we have already consumed data
// for this element.
if (*ppElementData == NULL)
{
// We have not yet consumed data for this element
pAuthPolicyParse->elementDataProcessed = len;
// Allocate a buffer to hold this element data (null terminated).
*ppElementData = (char*) malloc(len + 1);
if (*ppElementData)
{
memset(*ppElementData, 0, len + 1);
memcpy(*ppElementData, s, len);
// Return the length of the element data buffer
*pElementDataLen = pAuthPolicyParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthPolicyParse->elementDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pAuthPolicyParse->elementDataProcessed + len + 1);
memcpy(pNewBuf,
*ppElementData,
pAuthPolicyParse->elementDataProcessed);
memcpy(pNewBuf + pAuthPolicyParse->elementDataProcessed, s, len);
pAuthPolicyParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
*pElementDataLen = pAuthPolicyParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
void XMLCALL
AuthPolicyCharDataHandler(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *s,
IN int len)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthContext *pAuthContext;
DbgTrace(2, "-AuthPolicyCharDataHandler- Start\n", 0);
// Just exit if being called to process LF and CR characters
if (len == 1
&& ((*s == '\n') || (*s == '\r')))
{
goto exit;
}
// Proceed based on the state
switch (pAuthPolicyParse->state)
{
case AWAITING_REALM_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// Consume the data
pAuthPolicyParse->status = ConsumeElementData(pAuthPolicyParse,
s,
len,
&pAuthContext->pContext,
&pAuthContext->contextLen);
if (CASA_SUCCESS(pAuthPolicyParse->status))
{
// Advanced to the next state
pAuthPolicyParse->state = AWAITING_REALM_ELEMENT_END;
}
else
{
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// Consume the data
pAuthPolicyParse->status = ConsumeElementData(pAuthPolicyParse,
s,
len,
&pAuthContext->pMechanism,
&pAuthContext->mechanismLen);
if (CASA_SUCCESS(pAuthPolicyParse->status))
{
// Advanced to the next state
pAuthPolicyParse->state = AWAITING_MECHANISM_ELEMENT_END;
}
else
{
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_INFO_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// Consume the data
pAuthPolicyParse->status = ConsumeElementData(pAuthPolicyParse,
s,
len,
&pAuthContext->pMechInfo,
&pAuthContext->mechInfoLen);
if (CASA_SUCCESS(pAuthPolicyParse->status))
{
// Advanced to the next state
pAuthPolicyParse->state = AWAITING_MECHANISM_INFO_ELEMENT_END;
}
else
{
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_UNKNOWN_DATA:
// Just advance the state
pAuthPolicyParse->state = AWAITING_UNKNOWN_ELEMENT_END;
break;
default:
DbgTrace(0, "-AuthPolicyCharDataHandler- Un-expected state = %d\n", pAuthPolicyParse->state);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
exit:
DbgTrace(2, "-AuthPolicyCharDataHandler- End\n", 0);
}
//++=======================================================================
static
void XMLCALL
AuthPolicyEndElementHandler(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *name)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthContext *pAuthContext;
DbgTrace(2, "-AuthPolicyEndElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthPolicyParse->state)
{
case AWAITING_ROOT_ELEMENT_END:
// In this state, we are only expecting the Authentication
// Policy Element.
if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0)
{
// Done.
pAuthPolicyParse->state = DONE_PARSING;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_SOURCE_CHILD_START:
// In this state, we are only expecting the Authentication
// Source Response Element.
if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_ROOT_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthPolicyEndHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_REALM_ELEMENT_END:
// In this state, we are only expecting the Realm Element.
if (strcmp(name, REALM_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_ELEMENT_END:
// In this state, we are only expecting the Mechanism Element.
if (strcmp(name, MECHANISM_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_INFO_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// There was no mechanism info data. Set it to an empty string.
pAuthContext->pMechInfo = (char*) malloc(1);
if (pAuthContext->pMechInfo)
{
*pAuthContext->pMechInfo = '\0';
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Buffer allocation failure\n", 0);
pAuthPolicyParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
// Fall through
case AWAITING_MECHANISM_INFO_ELEMENT_END:
// In this state, we are only expecting the Mechanism Info Element.
if (strcmp(name, MECHANISM_INFO_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_UNKNOWN_ELEMENT_END:
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
break;
default:
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected state = %d\n", pAuthPolicyParse->state);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthPolicyEndElementHandler- End\n", 0);
}
//++=======================================================================
CasaStatus
CreateAuthPolicy(
IN char *pEncodedData,
IN int encodedDataLen,
INOUT AuthPolicy **ppAuthPolicy)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
AuthPolicy *pAuthPolicy = NULL;
AuthPolicyParse authPolicyParse = {0};
char *pData = NULL;
int dataLen = 0;
DbgTrace(1, "-CreateAuthPolicy- Start\n", 0);
/*
* An authentication policy document has the following format:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
* <auth_policy>
* <auth_source>
* <realm>realm name</realm>
* <mechanism>authentication mechanism type</mechanism>
* <mechanism_info>authentication mechanism context data</mechanism_info>
* </auth_source>
* ...
* </auth_policy>
*
* The authentication policy document can contain multiple auth_source
* elements. These auth_source elements can be for different authentication
* sources or for the same authentication source but specifying a different
* authentication mechanism.
*
* The following is a sample authentication policy document:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
* <auth_policy>
* <auth_source>
* <realm>Corp_eDirTree</realm>
* <mechanism>Krb5Authenticate</mechanism>
* <mechanism_info>host/hostname</mechanism_info>
* </auth_source>
* <auth_source>
* <realm>Corp_eDirTree</realm>
* <mechanism>PwdAuthenticate</mechanism>
* <mechanism_info></mechanism_info>
* </auth_source>
* </auth_policy>
*
* This authentication policy would tell the CASA client that it can
* authenticate to the CASA Authentication Token Service using
* credentials for the Corp_eDirTree and utilizing either the
* Krb5 authentication mechanism or the Pwd authentication mechanism.
* The Krb5 authentication mechanism context data specifies the
* name of the Kerberos service principal.
*
*/
// Initialize output parameter
*ppAuthPolicy = NULL;
// Decode the data
retStatus = DecodeData(pEncodedData,
encodedDataLen,
&pData,
&dataLen);
if (CASA_SUCCESS(retStatus))
{
// Allocate space for the AuthPolicy structure
pAuthPolicy = (AuthPolicy*) malloc(sizeof(*pAuthPolicy));
if (pAuthPolicy)
{
XML_Parser p;
// Initialize the AuthPolicy object
memset(pAuthPolicy, 0, sizeof(*pAuthPolicy));
InitializeListHead(&pAuthPolicy->authContextListHead);
// Set the AuthPolicy object in the parse object
authPolicyParse.pAuthPolicy = pAuthPolicy;
// Create parser
p = XML_ParserCreate(NULL);
if (p)
{
// Keep track of the parser in our parse object
authPolicyParse.p = p;
// Initialize the status within the parse object
authPolicyParse.status = CASA_STATUS_SUCCESS;
// Set the start and end element handlers
XML_SetElementHandler(p,
AuthPolicyStartElementHandler,
AuthPolicyEndElementHandler);
// Set the character data handler
XML_SetCharacterDataHandler(p, AuthPolicyCharDataHandler);
// Set our user data
XML_SetUserData(p, &authPolicyParse);
// Parse the document
if (XML_Parse(p, pData, dataLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (authPolicyParse.state == DONE_PARSING)
{
// The parse operation succeded
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Parse operation did not complete\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Parse error %d\n", XML_GetErrorCode(p));
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
// Free the parser
XML_ParserFree(p);
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Parser creation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the AuthPolicy object to the caller if necessary
if (CASA_SUCCESS(retStatus))
{
*ppAuthPolicy = pAuthPolicy;
// Forget about the AuthPolicy object so that it is not release down below
pAuthPolicy = NULL;
}
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Buffer allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Buffer allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Release necessary allocated resources
if (pAuthPolicy)
RelAuthPolicy(pAuthPolicy);
if (pData)
free(pData);
DbgTrace(1, "-CreateAuthPolicy- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
RelAuthPolicy(
IN AuthPolicy *pAuthPolicy)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
LIST_ENTRY *pListEntry;
DbgTrace(1, "-RelAuthPolicy- Start\n", 0);
// Free all of the associated AuthContexts
pListEntry = pAuthPolicy->authContextListHead.Flink;
while (pListEntry != &pAuthPolicy->authContextListHead)
{
AuthContext *pAuthContext;
// Get pointer to AuthContext structure
pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry);
// Free associated buffers
if (pAuthContext->pContext)
free(pAuthContext->pContext);
if (pAuthContext->pMechanism)
free(pAuthContext->pMechanism);
if (pAuthContext->pMechInfo)
free(pAuthContext->pMechInfo);
// Remove the entry from the list
RemoveEntryList(&pAuthContext->listEntry);
// Free the AuthContext
free(pAuthContext);
// Advance to the next entry
pListEntry = pAuthPolicy->authContextListHead.Flink;
}
// Free the AuthPolicy
free(pAuthPolicy);
DbgTrace(1, "-RelAuthPolicy- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

11
auth_token/client/client.vcproj
View File

@ -21,7 +21,7 @@
Name="VCCLCompilerTool"
AdditionalOptions="/D &quot;XML_STATIC&quot;"
Optimization="0"
AdditionalIncludeDirectories=".;win32;..\..\include;..\..\..\Expat-2.0.0\source\lib"
AdditionalIncludeDirectories=".;win32;..\include;..\..\include;..\..\..\Expat-2.0.0\source\lib"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
MinimalRebuild="TRUE"
BasicRuntimeChecks="3"
@ -81,7 +81,7 @@ copy $(OutDir)\authtoken.lib \&quot;Program Files&quot;\novell\casa\lib\authtoke
<Tool
Name="VCCLCompilerTool"
AdditionalOptions="/D &quot;XML_STATIC&quot;"
AdditionalIncludeDirectories=".;win32;..\..\include;..\..\..\Expat-2.0.0\source\lib"
AdditionalIncludeDirectories=".;win32;..\include;..\..\include;..\..\..\Expat-2.0.0\source\lib"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
RuntimeLibrary="4"
UsePrecompiledHeader="0"
@ -144,6 +144,9 @@ copy $(OutDir)\authtoken.lib \&quot;Program Files&quot;\novell\casa\lib\authtoke
<File
RelativePath=".\authmsg.c">
</File>
<File
RelativePath=".\authpolicy.c">
</File>
<File
RelativePath=".\win32\authtoken.def">
</File>
@ -183,7 +186,7 @@ copy $(OutDir)\authtoken.lib \&quot;Program Files&quot;\novell\casa\lib\authtoke
RelativePath=".\internal.h">
</File>
<File
RelativePath=".\list_entry.h">
RelativePath="..\include\list_entry.h">
</File>
<File
RelativePath=".\mech_if.h">
@ -192,7 +195,7 @@ copy $(OutDir)\authtoken.lib \&quot;Program Files&quot;\novell\casa\lib\authtoke
RelativePath=".\win32\platform.h">
</File>
<File
RelativePath=".\proto.h">
RelativePath="..\include\proto.h">
</File>
</Filter>
<Filter

120
auth_token/client/config_if.h Normal file
View File

@ -0,0 +1,120 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _CONFIG_IF_H_
#define _CONFIG_IF_H_
//===[ Include files ]=====================================================
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
/**************************************************************************
***************************************************************************
** **
** Configuration Object Interface Definitions **
** **
***************************************************************************
**************************************************************************/
//++=======================================================================
typedef
int
(SSCS_CALL *PFNConfiglIf_AddReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//=======================================================================--
//++=======================================================================
typedef
void
(SSCS_CALL *PFNConfiglIf_ReleaseReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//=======================================================================--
//++=======================================================================
typedef
char*
(SSCS_CALL *PFNConfiglIf_GetEntryValue)(
IN const void *pIfInstance,
IN const char *pKeyName);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pKeyName -
// Pointer to NULL terminated string that contains the
// name of the key whose value is being requested.
//
// Returns:
// Pointer to NULL terminated string with value being requested or NULL.
//
// Description:
// Gets value associated with a key for the configuration object.
//=======================================================================--
//
// Config Interface Object
//
typedef struct _ConfigIf
{
PFNConfiglIf_AddReference addReference;
PFNConfiglIf_ReleaseReference releaseReference;
PFNConfiglIf_GetEntryValue getEntryValue;
} ConfigIf, *PConfigIf;
#endif // #ifndef _CONFIG_IF_H_

270
auth_token/client/engine.c
View File

@ -52,7 +52,6 @@ static
CasaStatus
ObtainSessionToken(
IN RpcSession *pRpcSession,
IN char *pHostName,
IN AuthPolicy *pAuthPolicy,
INOUT char **ppSessionToken)
//
@ -64,14 +63,14 @@ ObtainSessionToken(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
LIST_ENTRY *pListEntry;
AuthCacheEntry *pCacheEntry = NULL;
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
LIST_ENTRY *pListEntry;
AuthCacheEntry *pCacheEntry = NULL;
DbgTrace(1, "-ObtainSessionToken- Start\n", 0);
@ -89,20 +88,23 @@ ObtainSessionToken(
pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry);
// Try to find a cache entry for the auth context
pCacheEntry = FindEntryInAuthCache(pAuthContext->pContext, pHostName);
pCacheEntry = FindEntryInAuthCache(pAuthContext->pContext, NULL);
if (pCacheEntry != NULL)
{
// Cache entry found, update the return status with the information
// saved in it and stop looking.
retStatus = pCacheEntry->status;
break;
// Cache entry found, check if it is of use to us.
if (CASA_SUCCESS(pCacheEntry->status))
{
// This entry can be used, stop looking.
retStatus = pCacheEntry->status;
break;
}
}
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
// If we did not find a cache entry that we can use, then Try to create one.
// If we did not find a cache entry that we can use, then try to create one.
pListEntry = pAuthPolicy->authContextListHead.Flink;
while (!CASA_SUCCESS(retStatus)
&& pListEntry != &pAuthPolicy->authContextListHead)
@ -113,98 +115,105 @@ ObtainSessionToken(
// Get pointer to AuthContext structure
pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry);
// Get authentication mechanism token
retStatus = GetAuthMechToken(pAuthContext, &pAuthMechToken);
if (!CASA_SUCCESS(retStatus))
// Only try to create cache entry for the auth context if there is not
// one already.
pCacheEntry = FindEntryInAuthCache(pAuthContext->pContext, NULL);
if (pCacheEntry == NULL)
{
// We were not able to obtain an authentication mechanism token
// for the context.
//
// Advance to the next entry
pListEntry = pListEntry->Flink;
continue;
}
// Create a cache entry for the auth context
pCacheEntry = CreateAuthCacheEntry(pAuthContext->pContext, pHostName);
if (pCacheEntry)
{
char *pReqMsg = NULL;
char *pRespMsg = NULL;
int respLen;
int cacheEntryLifetime = retryLifetime; // Initialize to retry in case of failure
// Request auth token for the service
pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken);
if (pReqMsg)
// Get authentication mechanism token
retStatus = GetAuthMechToken(pAuthContext, &pAuthMechToken);
if (!CASA_SUCCESS(retStatus))
{
// Issue rpc
retStatus = Rpc(pRpcSession,
pAuthContext->pMechanism,
secureRpcSetting,
pReqMsg,
&pRespMsg,
&respLen);
if (CASA_SUCCESS(retStatus))
{
AuthenticateResp *pAuthenticateResp;
// We were not able to obtain an authentication mechanism token
// for the context.
//
// Advance to the next entry
pListEntry = pListEntry->Flink;
continue;
}
// Create Authenticate response object
retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp);
// Create a cache entry for the auth context
pCacheEntry = CreateAuthCacheEntry(pAuthContext->pContext, NULL);
if (pCacheEntry)
{
char *pReqMsg = NULL;
char *pRespMsg = NULL;
int respLen;
int cacheEntryLifetime = retryLifetime; // Initialize to retry in case of failure
// Request auth token for the service
pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken);
if (pReqMsg)
{
// Issue rpc
retStatus = Rpc(pRpcSession,
pAuthContext->pMechanism,
secureRpcSetting,
pReqMsg,
&pRespMsg,
&respLen);
if (CASA_SUCCESS(retStatus))
{
// Return the auth token to the caller
pCacheEntry->pToken = pAuthenticateResp->pToken;
pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer
cacheEntryLifetime = pAuthenticateResp->tokenLifetime;
AuthenticateResp *pAuthenticateResp;
// Free the Authenticate response object
RelAuthenticateResp(pAuthenticateResp);
// Create Authenticate response object
retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp);
if (CASA_SUCCESS(retStatus))
{
// Return the auth token to the caller
pCacheEntry->pToken = pAuthenticateResp->pToken;
pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer
cacheEntryLifetime = pAuthenticateResp->tokenLifetime;
// Free the Authenticate response object
RelAuthenticateResp(pAuthenticateResp);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus);
}
// Free resources that may be hanging around
if (pRespMsg)
free(pRespMsg);
free(pReqMsg);
}
else
{
DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus);
DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Add the entry to the cache if successful or if the reason that we failed
// was because the server was unavailable.
if (CASA_SUCCESS(retStatus)
|| CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
pCacheEntry->status = retStatus;
AddEntryToAuthCache(pCacheEntry, cacheEntryLifetime);
}
else
{
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0);
DbgTrace(0, "-ObtainSessionToken- Cache entry creation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Add the entry to the cache if successful or if the reason that we failed
// was because the server was unavailable.
if (CASA_SUCCESS(retStatus)
|| CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
pCacheEntry->status = retStatus;
AddEntryToAuthCache(pCacheEntry, cacheEntryLifetime);
}
else
{
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Cache entry creation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
// Stop trying after freeing up the buffer associated with
// the authentication mechanism token.
// Free up the buffer associated with the authentication mechanism token
free(pAuthMechToken);
break;
}
// Free up the buffer associated with the authentication mechanism token
free(pAuthMechToken);
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
@ -251,7 +260,7 @@ ObtainAuthTokenFromServer(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@ -298,7 +307,7 @@ ObtainAuthTokenFromServer(
if (CASA_SUCCESS(retStatus))
{
// Now try to obtain a session token
retStatus = ObtainSessionToken(pRpcSession, pHostName, pAuthPolicy, &pSessionToken);
retStatus = ObtainSessionToken(pRpcSession, pAuthPolicy, &pSessionToken);
if (CASA_SUCCESS(retStatus))
{
// Request auth token for the service
@ -328,6 +337,10 @@ ObtainAuthTokenFromServer(
pGetAuthTokenResp->pToken = NULL; // To keep us from freeing the buffer
*pTokenLifetime = pGetAuthTokenResp->tokenLifetime;
}
else
{
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthTokenResp object, error = %08X\n", retStatus);
}
}
else
{
@ -344,9 +357,17 @@ ObtainAuthTokenFromServer(
}
else
{
DbgTrace(1, "-ObtainAuthTokenFromServer- Failed to obtain session token, error = %08X\n", retStatus);
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to obtain session token, error = %08X\n", retStatus);
}
}
else
{
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create AuthPolicy object, error = %08X\n", retStatus);
}
}
else
{
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthPolicyResp object, error = %08X\n", retStatus);
}
}
else
@ -406,14 +427,35 @@ ObtainAuthToken(
INOUT int *pAuthTokenBufLen)
//
// Arguments:
// pServiceAtHostName -
// Pointer to NULL terminated string that contains the
// service@host name to which the client is trying to
// authenticate. Note that the host portion of the name
// can either be a DNS name or a dotted IP address.
//
// pAuthTokenBuf -
// Pointer to buffer that will receive the authentication
// token. The length of this buffer is specified by the
// pAuthTokenBufLen parameter. Note that the the authentication
// token will be in the form of a NULL terminated string.
//
// Returns:
// pAuthTokenBufLen -
// Pointer to integer that contains the length of the
// buffer pointed at by pAuthTokenBuf. Upon return of the
// function, the integer will contain the actual length
// of the authentication token if the function successfully
// completes or the buffer length required if the function
// fails because the buffer pointed at by pAuthTokenBuf is
// not large enough.
//
// Returns:
// Casa Status
//
// Description:
// Get authentication token to authenticate user to specified
// service at host.
//
// Abstract:
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@ -461,7 +503,7 @@ ObtainAuthToken(
if (pNormalizedHostName)
{
// Start user process synchronization
LockUserMutex();
AcquireUserMutex();
// Try to find a cache entry for the service
pCacheEntry = FindEntryInAuthCache(pServiceName, pNormalizedHostName);
@ -512,36 +554,27 @@ ObtainAuthToken(
{
int tokenLen = (int) strlen(pCacheEntry->pToken) + 1;
// We have an authentication token, try to return it to the caller.
if (pAuthTokenBuf)
// We have an authentication token, try to return it to the caller
// after verifying that the supplied buffer is big enough.
if (*pAuthTokenBufLen >= tokenLen)
{
// Verify that the supplied buffer is big enough
if (*pAuthTokenBufLen >= tokenLen)
{
// Return the auth token to the caller
strcpy(pAuthTokenBuf, pCacheEntry->pToken);
}
else
{
DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
// Notify the caller about the token length
*pAuthTokenBufLen = tokenLen;
// Return the auth token to the caller
strcpy(pAuthTokenBuf, pCacheEntry->pToken);
}
else
{
// The caller just wants the length of buffer that is required to
// obtain the token.
*pAuthTokenBufLen = tokenLen;
DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
// Return the token length to the caller
*pAuthTokenBufLen = tokenLen;
}
// Stop user process synchronization
FreeUserMutex();
ReleaseUserMutex();
// Free the space allocated for the normalized host name
free(pNormalizedHostName);
@ -583,7 +616,7 @@ InitializeLibrary(void)
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
int retStatus = -1;
@ -622,3 +655,8 @@ InitializeLibrary(void)
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

811
auth_token/client/getpolicymsg.c
View File

@ -40,43 +40,13 @@
#define AWAITING_DESCRIPTION_ELEMENT_START 0x5
#define AWAITING_DESCRIPTION_ELEMENT_END 0x6
#define AWAITING_DESCRIPTION_DATA 0x7
#define AWAITING_SESSION_TOKEN_ELEMENT_START 0x8
#define AWAITING_SESSION_TOKEN_ELEMENT_END 0x9
#define AWAITING_SESSION_TOKEN_DATA 0xA
#define AWAITING_LIFETIME_DATA 0xB
#define AWAITING_LIFETIME_ELEMENT_START 0xC
#define AWAITING_LIFETIME_ELEMENT_END 0xD
#define AWAITING_AUTH_TOKEN_ELEMENT_START 0xE
#define AWAITING_AUTH_TOKEN_ELEMENT_END 0xF
#define AWAITING_AUTH_TOKEN_DATA 0x10
#define AWAITING_AUTH_POLICY_ELEMENT_START 0x11
#define AWAITING_AUTH_POLICY_ELEMENT_END 0x12
#define AWAITING_AUTH_POLICY_DATA 0x13
#define AWAITING_AUTH_SOURCE_ELEMENT_START 0x14
#define AWAITING_AUTH_SOURCE_ELEMENT_END 0x15
#define AWAITING_AUTH_SOURCE_CHILD_START 0x16
#define AWAITING_REALM_DATA 0x17
#define AWAITING_REALM_ELEMENT_END 0x18
#define AWAITING_MECHANISM_DATA 0x19
#define AWAITING_MECHANISM_ELEMENT_END 0x1A
#define AWAITING_MECHANISM_INFO_DATA 0x1B
#define AWAITING_MECHANISM_INFO_ELEMENT_END 0x1C
#define AWAITING_UNKNOWN_DATA 0x1D
#define AWAITING_UNKNOWN_ELEMENT_END 0x1E
#define DONE_PARSING 0x1F
//
// Authentication Policy Parse Structure
//
typedef struct _AuthPolicyParse
{
XML_Parser p;
int state;
AuthPolicy *pAuthPolicy;
CasaStatus status;
} AuthPolicyParse, *PAuthPolicyParse;
#define AWAITING_AUTH_TOKEN_ELEMENT_START 0x8
#define AWAITING_AUTH_TOKEN_ELEMENT_END 0x9
#define AWAITING_AUTH_TOKEN_DATA 0xA
#define AWAITING_AUTH_POLICY_ELEMENT_START 0xB
#define AWAITING_AUTH_POLICY_ELEMENT_END 0xC
#define AWAITING_AUTH_POLICY_DATA 0xD
#define DONE_PARSING 0xE
//
// Get Authentication Policy Response Parse Structure
@ -85,6 +55,7 @@ typedef struct _GetAuthPolicyRespParse
{
XML_Parser p;
int state;
int elementDataProcessed;
GetAuthPolicyResp *pGetAuthPolicyResp;
CasaStatus status;
@ -95,604 +66,6 @@ typedef struct _GetAuthPolicyRespParse
//===[ Global variables ]==================================================
//++=======================================================================
static
void XMLCALL
AuthPolicyStartElementHandler(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *name,
IN const XML_Char **atts)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
DbgTrace(2, "-AuthPolicyStartElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthPolicyParse->state)
{
case AWAITING_ROOT_ELEMENT_START:
// In this state, we are only expecting the Authentication
// Policy Element.
if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_SOURCE_ELEMENT_START:
case AWAITING_ROOT_ELEMENT_END:
// In this state, we are only expecting the Authentication
// Source Element.
if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0)
{
AuthContext *pAuthContext;
// Create an authentication context structure
pAuthContext = (AuthContext*) malloc(sizeof(AuthContext));
if (pAuthContext)
{
// Initialize the allocated AuthContext structure and associate it
// with the AuthPolicy structure.
memset(pAuthContext, 0, sizeof(*pAuthContext));
InsertTailList(&pAuthPolicyParse->pAuthPolicy->authContextListHead, &pAuthContext->listEntry);
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Buffer allocation error\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_SOURCE_CHILD_START:
// Proceed based on the name of the element
if (strcmp(name, REALM_ELEMENT_NAME) == 0)
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_REALM_DATA;
}
else if (strcmp(name, MECHANISM_ELEMENT_NAME) == 0)
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_MECHANISM_DATA;
}
else if (strcmp(name, MECHANISM_INFO_ELEMENT_NAME) == 0)
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_MECHANISM_INFO_DATA;
}
else if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0)
{
// We are starting a new auth source entry, create an authentication
// context structure to hold its information.
AuthContext *pAuthContext;
// Create an authentication context structure
pAuthContext = (AuthContext*) malloc(sizeof(AuthContext));
if (pAuthContext)
{
// Initialize the allocated AuthContext structure and associate it
// with the AuthPolicy structure.
memset(pAuthContext, 0, sizeof(*pAuthContext));
InsertTailList(&pAuthPolicyParse->pAuthPolicy->authContextListHead, &pAuthContext->listEntry);
}
else
{
DbgTrace(0, "-AuthPolicyStartElementHandler- Buffer allocation error\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
}
else
{
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_UNKNOWN_DATA;
}
break;
default:
DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected state = %d\n", pAuthPolicyParse->state);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthPolicyStartElementHandler- End\n", 0);
}
//++=======================================================================
static
void XMLCALL
AuthPolicyCharDataHandler(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *s,
IN int len)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
AuthContext *pAuthContext;
DbgTrace(2, "-AuthPolicyCharDataHandler- Start\n", 0);
// Just exit if being called to process LF and CR characters
if (len == 1
&& ((*s == '\n') || (*s == '\r')))
{
goto exit;
}
// Proceed based on the state
switch (pAuthPolicyParse->state)
{
case AWAITING_REALM_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// Keep a copy of the realm data (null terminated)
pAuthContext->pContext = (char*) malloc(len + 1);
if (pAuthContext->pContext)
{
memset(pAuthContext->pContext, 0, len + 1);
memcpy(pAuthContext->pContext, s, len);
// Advanced to the next state
pAuthPolicyParse->state = AWAITING_REALM_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthPolicyCharDataHandler- Buffer allocation failure\n", 0);
pAuthPolicyParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// Keep a copy of the mechanism data (null terminated)
pAuthContext->pMechanism = (char*) malloc(len + 1);
if (pAuthContext->pMechanism)
{
memset(pAuthContext->pMechanism, 0, len + 1);
memcpy(pAuthContext->pMechanism, s, len);
// Advanced to the next state
pAuthPolicyParse->state = AWAITING_MECHANISM_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthPolicyCharDataHandler- Buffer allocation failure\n", 0);
pAuthPolicyParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_INFO_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// Keep a copy of the mechanism info data (null terminated)
pAuthContext->pMechInfo = (char*) malloc(len + 1);
if (pAuthContext->pMechInfo)
{
memset(pAuthContext->pMechInfo, 0, len + 1);
memcpy(pAuthContext->pMechInfo, s, len);
// Advanced to the next state
pAuthPolicyParse->state = AWAITING_MECHANISM_INFO_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthPolicyCharDataHandler- Buffer allocation failure\n", 0);
pAuthPolicyParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_UNKNOWN_DATA:
// Just advance the state
pAuthPolicyParse->state = AWAITING_UNKNOWN_ELEMENT_END;
break;
default:
DbgTrace(0, "-AuthPolicyCharDataHandler- Un-expected state = %d\n", pAuthPolicyParse->state);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
exit:
DbgTrace(2, "-AuthPolicyCharDataHandler- End\n", 0);
}
//++=======================================================================
static
void XMLCALL
AuthPolicyEndElementHandler(
IN AuthPolicyParse *pAuthPolicyParse,
IN const XML_Char *name)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
AuthContext *pAuthContext;
DbgTrace(2, "-AuthPolicyEndElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthPolicyParse->state)
{
case AWAITING_ROOT_ELEMENT_END:
// In this state, we are only expecting the Authentication
// Policy Element.
if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0)
{
// Done.
pAuthPolicyParse->state = DONE_PARSING;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_AUTH_SOURCE_CHILD_START:
// In this state, we are only expecting the Authentication
// Source Response Element.
if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_ROOT_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthPolicyEndHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_REALM_ELEMENT_END:
// In this state, we are only expecting the Realm Element.
if (strcmp(name, REALM_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_ELEMENT_END:
// In this state, we are only expecting the Mechanism Element.
if (strcmp(name, MECHANISM_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_MECHANISM_INFO_DATA:
// Get access to the AuthContext at the tail of the list
pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink,
AuthContext,
listEntry);
// There was no mechanism info data. Set it to an empty string.
pAuthContext->pMechInfo = (char*) malloc(1);
if (pAuthContext->pMechInfo)
{
*pAuthContext->pMechInfo = '\0';
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Buffer allocation failure\n", 0);
pAuthPolicyParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
// Fall through
case AWAITING_MECHANISM_INFO_ELEMENT_END:
// In this state, we are only expecting the Mechanism Info Element.
if (strcmp(name, MECHANISM_INFO_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
}
else
{
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
}
break;
case AWAITING_UNKNOWN_ELEMENT_END:
// Advance to the next state.
pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START;
break;
default:
DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected state = %d\n", pAuthPolicyParse->state);
XML_StopParser(pAuthPolicyParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthPolicyEndElementHandler- End\n", 0);
}
//++=======================================================================
CasaStatus
CreateAuthPolicy(
IN char *pEncodedData,
IN int encodedDataLen,
INOUT AuthPolicy **ppAuthPolicy)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
CasaStatus retStatus;
AuthPolicy *pAuthPolicy = NULL;
AuthPolicyParse authPolicyParse = {0};
char *pData = NULL;
int dataLen = 0;
DbgTrace(1, "-CreateAuthPolicy- Start\n", 0);
// Initialize output parameter
*ppAuthPolicy = NULL;
// Decode the data
retStatus = DecodeData(pEncodedData,
encodedDataLen,
&pData,
&dataLen);
if (CASA_SUCCESS(retStatus))
{
// Allocate space for the AuthPolicy structure
pAuthPolicy = (AuthPolicy*) malloc(sizeof(*pAuthPolicy));
if (pAuthPolicy)
{
XML_Parser p;
// Initialize the list head within the structure
InitializeListHead(&pAuthPolicy->authContextListHead);
// Set the AuthPolicy object in the parse oject
authPolicyParse.pAuthPolicy = pAuthPolicy;
// Create parser
p = XML_ParserCreate(NULL);
if (p)
{
// Keep track of the parser in our parse object
authPolicyParse.p = p;
// Initialize the status within the parse object
authPolicyParse.status = CASA_STATUS_SUCCESS;
// Set the start and end element handlers
XML_SetElementHandler(p,
AuthPolicyStartElementHandler,
AuthPolicyEndElementHandler);
// Set the character data handler
XML_SetCharacterDataHandler(p, AuthPolicyCharDataHandler);
// Set our user data
XML_SetUserData(p, &authPolicyParse);
// Parse the document
if (XML_Parse(p, pData, dataLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (authPolicyParse.state == DONE_PARSING)
{
// The parse operation succeded
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Parse operation did not complete\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Parse error %d\n", XML_GetErrorCode(p));
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
// Free the parser
XML_ParserFree(p);
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Parser creation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the AuthPolicy object to the caller if necessary
if (CASA_SUCCESS(retStatus))
{
*ppAuthPolicy = pAuthPolicy;
}
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Buffer allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
DbgTrace(0, "-CreateAuthPolicy- Buffer allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Release allocated resources if not successful
if (!CASA_SUCCESS(retStatus)
&& pAuthPolicy)
RelAuthPolicy(pAuthPolicy);
DbgTrace(1, "-CreateAuthPolicy- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
RelAuthPolicy(
IN AuthPolicy *pAuthPolicy)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
LIST_ENTRY *pListEntry;
DbgTrace(1, "-RelAuthPolicy- Start\n", 0);
// Free all of the associated AuthContexts
pListEntry = pAuthPolicy->authContextListHead.Flink;
while (pListEntry != &pAuthPolicy->authContextListHead)
{
AuthContext *pAuthContext;
// Get pointer to AuthContext structure
pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry);
// Free associated buffers
if (pAuthContext->pContext)
free(pAuthContext->pContext);
if (pAuthContext->pMechanism)
free(pAuthContext->pMechanism);
if (pAuthContext->pMechInfo)
free(pAuthContext->pMechInfo);
// Remove the entry from the list
RemoveEntryList(&pAuthContext->listEntry);
// Free the AuthContext
free(pAuthContext);
// Advance to the next entry
pListEntry = pAuthPolicy->authContextListHead.Flink;
}
// Free the AuthPolicy
free(pAuthPolicy);
DbgTrace(1, "-RelAuthPolicy- End\n", 0);
}
//++=======================================================================
char*
@ -708,7 +81,7 @@ BuildGetAuthPolicyMsg(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
char *pMsg = NULL;
@ -807,7 +180,7 @@ GetAuthPolicyRespStartElementHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-GetAuthPolicyRespStartElementHandler- Start\n", 0);
@ -886,6 +259,95 @@ GetAuthPolicyRespStartElementHandler(
}
//++=======================================================================
static
CasaStatus
ConsumeElementData(
IN GetAuthPolicyRespParse *pGetAuthPolicyRespParse,
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(3, "-ConsumeElementData- Start\n", 0);
// Proceed based on whether or not we have already consumed data
// for this element.
if (*ppElementData == NULL)
{
// We have not yet consumed data for this element
pGetAuthPolicyRespParse->elementDataProcessed = len;
// Allocate a buffer to hold this element data (null terminated).
*ppElementData = (char*) malloc(len + 1);
if (*ppElementData)
{
memset(*ppElementData, 0, len + 1);
memcpy(*ppElementData, s, len);
// Return the length of the element data buffer
*pElementDataLen = pGetAuthPolicyRespParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pGetAuthPolicyRespParse->elementDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pGetAuthPolicyRespParse->elementDataProcessed + len + 1);
memcpy(pNewBuf,
*ppElementData,
pGetAuthPolicyRespParse->elementDataProcessed);
memcpy(pNewBuf + pGetAuthPolicyRespParse->elementDataProcessed, s, len);
pGetAuthPolicyRespParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
*pElementDataLen = pGetAuthPolicyRespParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
void XMLCALL
@ -902,7 +364,7 @@ GetAuthPolicyRespCharDataHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-GetAuthPolicyRespCharDataHandler- Start\n", 0);
@ -918,8 +380,10 @@ GetAuthPolicyRespCharDataHandler(
switch (pGetAuthPolicyRespParse->state)
{
case AWAITING_DESCRIPTION_DATA:
case AWAITING_DESCRIPTION_ELEMENT_END:
// Ignore the status description data for now.
// tbd
// Advanced to the next state
pGetAuthPolicyRespParse->state = AWAITING_DESCRIPTION_ELEMENT_END;
@ -960,58 +424,19 @@ GetAuthPolicyRespCharDataHandler(
case AWAITING_AUTH_POLICY_DATA:
case AWAITING_AUTH_POLICY_ELEMENT_END:
// Check if we have already processed policy data
if (pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen == 0)
pGetAuthPolicyRespParse->status = ConsumeElementData(pGetAuthPolicyRespParse,
s,
len,
&pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy,
&pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen);
if (CASA_SUCCESS(pGetAuthPolicyRespParse->status))
{
// Keep a copy of the policy (null terminated)
pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy = (char*) malloc(len + 1);
if (pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy)
{
memset(pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy, 0, len + 1);
memcpy(pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy, s, len);
pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen = len;
// Advanced to the next state
pGetAuthPolicyRespParse->state = AWAITING_AUTH_POLICY_ELEMENT_END;
}
else
{
DbgTrace(0, "-GetAuthPolicyRespCharDataHandler- Buffer allocation failure\n", 0);
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
// Advanced to the next state
pGetAuthPolicyRespParse->state = AWAITING_AUTH_POLICY_ELEMENT_END;
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen + len + 1);
memcpy(pNewBuf,
pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy,
pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen);
memcpy(pNewBuf + pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen, s, len);
pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen += len;
// Swap the buffers
free(pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy);
pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy = pNewBuf;
}
else
{
DbgTrace(0, "-GetAuthPolicyRespCharDataHandler- Buffer allocation failure\n", 0);
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE);
}
break;
@ -1042,7 +467,7 @@ GetAuthPolicyRespEndElementHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-GetAuthPolicyRespEndElementHandler- Start\n", 0);
@ -1144,7 +569,7 @@ CreateGetAuthPolicyResp(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@ -1164,7 +589,7 @@ CreateGetAuthPolicyResp(
* </get_auth_policy_resp>
*
* When a get authentication policy request fails to be successfully processed,
* the server responds with an error and a error description string. The message
* the server responds with an error and an error description string. The message
* format of an unsuccessful reply is as follows:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
@ -1273,6 +698,7 @@ CreateGetAuthPolicyResp(
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(1, "-CreateGetAuthPolicyResp- End, retStatus = %08X\n", retStatus);
return retStatus;
@ -1292,7 +718,7 @@ RelGetAuthPolicyResp(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(1, "-RelGetAuthPolicyResp- Start\n", 0);
@ -1307,3 +733,8 @@ RelGetAuthPolicyResp(
DbgTrace(1, "-RelGetAuthPolicyResp- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

174
auth_token/client/gettokenmsg.c
View File

@ -55,7 +55,7 @@ typedef struct _GetAuthTokenRespParse
{
XML_Parser p;
int state;
int tokenDataProcessed;
int elementDataProcessed;
GetAuthTokenResp *pGetAuthTokenResp;
CasaStatus status;
@ -81,7 +81,7 @@ BuildGetAuthTokenMsg(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
char *pMsg = NULL;
@ -115,14 +115,14 @@ BuildGetAuthTokenMsg(
+ 2 // </
+ strlen(SERVICE_ELEMENT_NAME)
+ 3 // >crlf
+ 2 // </
+ 1 // <
+ strlen(HOST_ELEMENT_NAME)
+ 1 // >
+ strlen(pHostName)
+ 2 // </
+ strlen(HOST_ELEMENT_NAME)
+ 3 // >crlf
+ 2 // </
+ 1 // <
+ strlen(SESSION_TOKEN_ELEMENT_NAME)
+ 1 // >
+ strlen(pSessionToken)
@ -196,7 +196,7 @@ GetAuthTokenRespStartElementHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-GetAuthTokenRespStartElementHandler- Start\n", 0);
@ -290,6 +290,95 @@ GetAuthTokenRespStartElementHandler(
}
//++=======================================================================
static
CasaStatus
ConsumeElementData(
IN GetAuthTokenRespParse *pGetAuthTokenRespParse,
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(3, "-ConsumeElementData- Start\n", 0);
// Proceed based on whether or not we have already consumed data
// for this element.
if (*ppElementData == NULL)
{
// We have not yet consumed data for this element
pGetAuthTokenRespParse->elementDataProcessed = len;
// Allocate a buffer to hold this element data (null terminated).
*ppElementData = (char*) malloc(len + 1);
if (*ppElementData)
{
memset(*ppElementData, 0, len + 1);
memcpy(*ppElementData, s, len);
// Return the length of the element data buffer
*pElementDataLen = pGetAuthTokenRespParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pGetAuthTokenRespParse->elementDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pGetAuthTokenRespParse->elementDataProcessed + len + 1);
memcpy(pNewBuf,
*ppElementData,
pGetAuthTokenRespParse->elementDataProcessed);
memcpy(pNewBuf + pGetAuthTokenRespParse->elementDataProcessed, s, len);
pGetAuthTokenRespParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
*pElementDataLen = pGetAuthTokenRespParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
void XMLCALL
@ -306,7 +395,7 @@ GetAuthTokenRespCharDataHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-GetAuthTokenRespCharDataHandler- Start\n", 0);
@ -322,8 +411,10 @@ GetAuthTokenRespCharDataHandler(
switch (pGetAuthTokenRespParse->state)
{
case AWAITING_DESCRIPTION_DATA:
case AWAITING_DESCRIPTION_ELEMENT_END:
// Ignore the status description data for now.
// tbd
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_DESCRIPTION_ELEMENT_END;
@ -373,58 +464,20 @@ GetAuthTokenRespCharDataHandler(
case AWAITING_AUTH_TOKEN_DATA:
case AWAITING_AUTH_TOKEN_ELEMENT_END:
// Check if we have already processed token data
if (pGetAuthTokenRespParse->tokenDataProcessed == 0)
// Consume the data
pGetAuthTokenRespParse->status = ConsumeElementData(pGetAuthTokenRespParse,
s,
len,
&pGetAuthTokenRespParse->pGetAuthTokenResp->pToken,
&pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLen);
if (CASA_SUCCESS(pGetAuthTokenRespParse->status))
{
// Keep a copy of the authentication token (null terminated)
pGetAuthTokenRespParse->pGetAuthTokenResp->pToken = (char*) malloc(len + 1);
if (pGetAuthTokenRespParse->pGetAuthTokenResp->pToken)
{
memset(pGetAuthTokenRespParse->pGetAuthTokenResp->pToken, 0, len + 1);
memcpy(pGetAuthTokenRespParse->pGetAuthTokenResp->pToken, s, len);
pGetAuthTokenRespParse->tokenDataProcessed = len;
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_ELEMENT_END;
}
else
{
DbgTrace(0, "-GetAuthTokenRespCharDataHandler- Buffer allocation failure\n", 0);
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
// Advanced to the next state
pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_ELEMENT_END;
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pGetAuthTokenRespParse->tokenDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pGetAuthTokenRespParse->tokenDataProcessed + len + 1);
memcpy(pNewBuf,
pGetAuthTokenRespParse->pGetAuthTokenResp->pToken,
pGetAuthTokenRespParse->tokenDataProcessed);
memcpy(pNewBuf + pGetAuthTokenRespParse->tokenDataProcessed, s, len);
pGetAuthTokenRespParse->tokenDataProcessed += len;
// Swap the buffers
free(pGetAuthTokenRespParse->pGetAuthTokenResp->pToken);
pGetAuthTokenRespParse->pGetAuthTokenResp->pToken = pNewBuf;
}
else
{
DbgTrace(0, "-GetAuthTokenRespCharDataHandler- Buffer allocation failure\n", 0);
pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE);
}
break;
@ -455,7 +508,7 @@ GetAuthTokenRespEndElementHandler(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(2, "-GetAuthTokenRespEndElementHandler- Start\n", 0);
@ -572,7 +625,7 @@ CreateGetAuthTokenResp(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@ -592,7 +645,7 @@ CreateGetAuthTokenResp(
* </get_auth_token_resp>
*
* When a get authentication token request fails to be successfully processed,
* the server responds with an error and a error description string. The message
* the server responds with an error and an error description string. The message
* format of an unsuccessful reply is as follows:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
@ -720,7 +773,7 @@ RelGetAuthTokenResp(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
DbgTrace(1, "-RelGetAuthTokenResp- Start\n", 0);
@ -734,3 +787,8 @@ RelGetAuthTokenResp(
DbgTrace(1, "-RelGetAuthTokenResp- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

40
auth_token/client/internal.h
View File

@ -31,8 +31,9 @@
#include <expat.h>
#include <micasa_types.h>
#include <casa_status.h>
#include <casa_auth_token.h>
#include <casa_c_authtoken.h>
#include "list_entry.h"
#include "config_if.h"
#include "mech_if.h"
#include "proto.h"
@ -45,8 +46,11 @@ typedef struct _AuthContext
{
LIST_ENTRY listEntry;
char *pContext;
int contextLen;
char *pMechanism;
int mechanismLen;
char *pMechInfo;
int mechInfoLen;
} AuthContext, *PAuthContext;
@ -75,6 +79,7 @@ typedef struct _GetAuthPolicyResp
typedef struct _GetAuthTokenResp
{
char *pToken;
int tokenLen;
int tokenLifetime;
} GetAuthTokenResp, *PGetAuthTokenResp;
@ -85,6 +90,7 @@ typedef struct _GetAuthTokenResp
typedef struct _AuthenticateResp
{
char *pToken;
int tokenLen;
int tokenLifetime;
} AuthenticateResp, *PAuthenticateResp;
@ -130,18 +136,6 @@ GetAuthMechToken(
// Functions exported by getpolicymsg.c
//
extern
CasaStatus
CreateAuthPolicy(
IN char *pEncodedData,
IN int encodedDataLen,
INOUT AuthPolicy **ppAuthPolicy);
extern
void
RelAuthPolicy(
IN AuthPolicy *pAuthPolicy);
extern
char*
BuildGetAuthPolicyMsg(
@ -160,6 +154,22 @@ void
RelGetAuthPolicyResp(
IN GetAuthPolicyResp *pGetAuthPolicyResp);
//
// Functions exported by authpolicy.c
//
extern
CasaStatus
CreateAuthPolicy(
IN char *pEncodedData,
IN int encodedDataLen,
INOUT AuthPolicy **ppAuthPolicy);
extern
void
RelAuthPolicy(
IN AuthPolicy *pAuthPolicy);
//
// Functions exported by authmsg.c
//
@ -257,11 +267,11 @@ CreateUserMutex(void);
extern
void
LockUserMutex(void);
AcquireUserMutex(void);
extern
void
FreeUserMutex(void);
ReleaseUserMutex(void);
extern
LIB_HANDLE

69
auth_token/client/mech_if.h
View File

@ -38,7 +38,7 @@
/**************************************************************************
***************************************************************************
** **
** Definitions common to all interfaces **
** Authentication Mechanism Token Interface Definitions **
** **
***************************************************************************
**************************************************************************/
@ -47,7 +47,7 @@
//++=======================================================================
typedef
int
(SSCS_CALL *PFN_AddReference)(
(SSCS_CALL *PFNAuthTokenIf_AddReference)(
IN const void *pIfInstance);
//
// Arguments:
@ -65,7 +65,7 @@ int
//++=======================================================================
typedef
void
(SSCS_CALL *PFN_ReleaseReference)(
(SSCS_CALL *PFNAuthTokenIf_ReleaseReference)(
IN const void *pIfInstance);
//
// Arguments:
@ -81,65 +81,10 @@ void
//=======================================================================--
/**************************************************************************
***************************************************************************
** **
** Configuration Object Interface Definitions **
** **
***************************************************************************
**************************************************************************/
//++=======================================================================
typedef
char*
(SSCS_CALL *PFN_GetEntryValue)(
IN const void *pIfInstance,
IN const char *pKeyName);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pKeyName -
// Pointer to NULL terminated string that contains the
// name of the key whose value is being requested.
//
// Returns:
// Pointer to NULL terminated string with value being requested or NULL.
//
// Description:
// Gets value associated with a key for the configuration object.
//=======================================================================--
//
// Config Interface Object
//
typedef struct _ConfigIf
{
PFN_AddReference addReference;
PFN_ReleaseReference releaseReference;
PFN_GetEntryValue getEntryValue;
} ConfigIf, *PConfigIf;
/**************************************************************************
***************************************************************************
** **
** Authentication Mechanism Token Interface Definitions **
** **
***************************************************************************
**************************************************************************/
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFN_GetAuthToken)(
(SSCS_CALL *PFNAuthTokenIf_GetAuthToken)(
IN const void *pIfInstance,
IN const char *pContext,
IN const char *pMechInfo,
@ -195,9 +140,9 @@ CasaStatus
//
typedef struct _AuthTokenIf
{
PFN_AddReference addReference;
PFN_ReleaseReference releaseReference;
PFN_GetAuthToken getAuthToken;
PFNAuthTokenIf_AddReference addReference;
PFNAuthTokenIf_ReleaseReference releaseReference;
PFNAuthTokenIf_GetAuthToken getAuthToken;
} AuthTokenIf, *PAuthTokenIf;

2
auth_token/client/util.c
View File

@ -287,7 +287,7 @@ dtoul(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
int n = 0;