geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changes due to continue development effort.

Browse Source
This commit is contained in:
Juan Carlos Luciani
2006-04-28 18:58:25 +00:00
parent 492b8ee45c
commit fe756d9f5e
11 changed files with 1487 additions and 1016 deletions
Download Patch File Download Diff File Expand all files Collapse all files

270
auth_token/client/engine.c
View File

@@ -52,7 +52,6 @@ static
CasaStatus
ObtainSessionToken(
IN RpcSession *pRpcSession,
IN char *pHostName,
IN AuthPolicy *pAuthPolicy,
INOUT char **ppSessionToken)
//
@@ -64,14 +63,14 @@ ObtainSessionToken(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
LIST_ENTRY *pListEntry;
AuthCacheEntry *pCacheEntry = NULL;
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
LIST_ENTRY *pListEntry;
AuthCacheEntry *pCacheEntry = NULL;
DbgTrace(1, "-ObtainSessionToken- Start\n", 0);
@@ -89,20 +88,23 @@ ObtainSessionToken(
pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry);
// Try to find a cache entry for the auth context
pCacheEntry = FindEntryInAuthCache(pAuthContext->pContext, pHostName);
pCacheEntry = FindEntryInAuthCache(pAuthContext->pContext, NULL);
if (pCacheEntry != NULL)
{
// Cache entry found, update the return status with the information
// saved in it and stop looking.
retStatus = pCacheEntry->status;
break;
// Cache entry found, check if it is of use to us.
if (CASA_SUCCESS(pCacheEntry->status))
{
// This entry can be used, stop looking.
retStatus = pCacheEntry->status;
break;
}
}
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
// If we did not find a cache entry that we can use, then Try to create one.
// If we did not find a cache entry that we can use, then try to create one.
pListEntry = pAuthPolicy->authContextListHead.Flink;
while (!CASA_SUCCESS(retStatus)
&& pListEntry != &pAuthPolicy->authContextListHead)
@@ -113,98 +115,105 @@ ObtainSessionToken(
// Get pointer to AuthContext structure
pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry);
// Get authentication mechanism token
retStatus = GetAuthMechToken(pAuthContext, &pAuthMechToken);
if (!CASA_SUCCESS(retStatus))
// Only try to create cache entry for the auth context if there is not
// one already.
pCacheEntry = FindEntryInAuthCache(pAuthContext->pContext, NULL);
if (pCacheEntry == NULL)
{
// We were not able to obtain an authentication mechanism token
// for the context.
//
// Advance to the next entry
pListEntry = pListEntry->Flink;
continue;
}
// Create a cache entry for the auth context
pCacheEntry = CreateAuthCacheEntry(pAuthContext->pContext, pHostName);
if (pCacheEntry)
{
char *pReqMsg = NULL;
char *pRespMsg = NULL;
int respLen;
int cacheEntryLifetime = retryLifetime; // Initialize to retry in case of failure
// Request auth token for the service
pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken);
if (pReqMsg)
// Get authentication mechanism token
retStatus = GetAuthMechToken(pAuthContext, &pAuthMechToken);
if (!CASA_SUCCESS(retStatus))
{
// Issue rpc
retStatus = Rpc(pRpcSession,
pAuthContext->pMechanism,
secureRpcSetting,
pReqMsg,
&pRespMsg,
&respLen);
if (CASA_SUCCESS(retStatus))
{
AuthenticateResp *pAuthenticateResp;
// We were not able to obtain an authentication mechanism token
// for the context.
//
// Advance to the next entry
pListEntry = pListEntry->Flink;
continue;
}
// Create Authenticate response object
retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp);
// Create a cache entry for the auth context
pCacheEntry = CreateAuthCacheEntry(pAuthContext->pContext, NULL);
if (pCacheEntry)
{
char *pReqMsg = NULL;
char *pRespMsg = NULL;
int respLen;
int cacheEntryLifetime = retryLifetime; // Initialize to retry in case of failure
// Request auth token for the service
pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken);
if (pReqMsg)
{
// Issue rpc
retStatus = Rpc(pRpcSession,
pAuthContext->pMechanism,
secureRpcSetting,
pReqMsg,
&pRespMsg,
&respLen);
if (CASA_SUCCESS(retStatus))
{
// Return the auth token to the caller
pCacheEntry->pToken = pAuthenticateResp->pToken;
pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer
cacheEntryLifetime = pAuthenticateResp->tokenLifetime;
AuthenticateResp *pAuthenticateResp;
// Free the Authenticate response object
RelAuthenticateResp(pAuthenticateResp);
// Create Authenticate response object
retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp);
if (CASA_SUCCESS(retStatus))
{
// Return the auth token to the caller
pCacheEntry->pToken = pAuthenticateResp->pToken;
pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer
cacheEntryLifetime = pAuthenticateResp->tokenLifetime;
// Free the Authenticate response object
RelAuthenticateResp(pAuthenticateResp);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus);
}
// Free resources that may be hanging around
if (pRespMsg)
free(pRespMsg);
free(pReqMsg);
}
else
{
DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus);
DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Add the entry to the cache if successful or if the reason that we failed
// was because the server was unavailable.
if (CASA_SUCCESS(retStatus)
|| CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
pCacheEntry->status = retStatus;
AddEntryToAuthCache(pCacheEntry, cacheEntryLifetime);
}
else
{
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0);
DbgTrace(0, "-ObtainSessionToken- Cache entry creation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Add the entry to the cache if successful or if the reason that we failed
// was because the server was unavailable.
if (CASA_SUCCESS(retStatus)
|| CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
pCacheEntry->status = retStatus;
AddEntryToAuthCache(pCacheEntry, cacheEntryLifetime);
}
else
{
// Free the entry
FreeAuthCacheEntry(pCacheEntry);
}
}
else
{
DbgTrace(0, "-ObtainSessionToken- Cache entry creation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
// Stop trying after freeing up the buffer associated with
// the authentication mechanism token.
// Free up the buffer associated with the authentication mechanism token
free(pAuthMechToken);
break;
}
// Free up the buffer associated with the authentication mechanism token
free(pAuthMechToken);
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
@@ -251,7 +260,7 @@ ObtainAuthTokenFromServer(
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@@ -298,7 +307,7 @@ ObtainAuthTokenFromServer(
if (CASA_SUCCESS(retStatus))
{
// Now try to obtain a session token
retStatus = ObtainSessionToken(pRpcSession, pHostName, pAuthPolicy, &pSessionToken);
retStatus = ObtainSessionToken(pRpcSession, pAuthPolicy, &pSessionToken);
if (CASA_SUCCESS(retStatus))
{
// Request auth token for the service
@@ -328,6 +337,10 @@ ObtainAuthTokenFromServer(
pGetAuthTokenResp->pToken = NULL; // To keep us from freeing the buffer
*pTokenLifetime = pGetAuthTokenResp->tokenLifetime;
}
else
{
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthTokenResp object, error = %08X\n", retStatus);
}
}
else
{
@@ -344,9 +357,17 @@ ObtainAuthTokenFromServer(
}
else
{
DbgTrace(1, "-ObtainAuthTokenFromServer- Failed to obtain session token, error = %08X\n", retStatus);
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to obtain session token, error = %08X\n", retStatus);
}
}
else
{
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create AuthPolicy object, error = %08X\n", retStatus);
}
}
else
{
DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthPolicyResp object, error = %08X\n", retStatus);
}
}
else
@@ -406,14 +427,35 @@ ObtainAuthToken(
INOUT int *pAuthTokenBufLen)
//
// Arguments:
// pServiceAtHostName -
// Pointer to NULL terminated string that contains the
// service@host name to which the client is trying to
// authenticate. Note that the host portion of the name
// can either be a DNS name or a dotted IP address.
//
// pAuthTokenBuf -
// Pointer to buffer that will receive the authentication
// token. The length of this buffer is specified by the
// pAuthTokenBufLen parameter. Note that the the authentication
// token will be in the form of a NULL terminated string.
//
// Returns:
// pAuthTokenBufLen -
// Pointer to integer that contains the length of the
// buffer pointed at by pAuthTokenBuf. Upon return of the
// function, the integer will contain the actual length
// of the authentication token if the function successfully
// completes or the buffer length required if the function
// fails because the buffer pointed at by pAuthTokenBuf is
// not large enough.
//
// Returns:
// Casa Status
//
// Description:
// Get authentication token to authenticate user to specified
// service at host.
//
// Abstract:
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
@@ -461,7 +503,7 @@ ObtainAuthToken(
if (pNormalizedHostName)
{
// Start user process synchronization
LockUserMutex();
AcquireUserMutex();
// Try to find a cache entry for the service
pCacheEntry = FindEntryInAuthCache(pServiceName, pNormalizedHostName);
@@ -512,36 +554,27 @@ ObtainAuthToken(
{
int tokenLen = (int) strlen(pCacheEntry->pToken) + 1;
// We have an authentication token, try to return it to the caller.
if (pAuthTokenBuf)
// We have an authentication token, try to return it to the caller
// after verifying that the supplied buffer is big enough.
if (*pAuthTokenBufLen >= tokenLen)
{
// Verify that the supplied buffer is big enough
if (*pAuthTokenBufLen >= tokenLen)
{
// Return the auth token to the caller
strcpy(pAuthTokenBuf, pCacheEntry->pToken);
}
else
{
DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
// Notify the caller about the token length
*pAuthTokenBufLen = tokenLen;
// Return the auth token to the caller
strcpy(pAuthTokenBuf, pCacheEntry->pToken);
}
else
{
// The caller just wants the length of buffer that is required to
// obtain the token.
*pAuthTokenBufLen = tokenLen;
DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
// Return the token length to the caller
*pAuthTokenBufLen = tokenLen;
}
// Stop user process synchronization
FreeUserMutex();
ReleaseUserMutex();
// Free the space allocated for the normalized host name
free(pNormalizedHostName);
@@ -583,7 +616,7 @@ InitializeLibrary(void)
//
// Notes:
//
// L0
// L2
//=======================================================================--
{
int retStatus = -1;
@@ -622,3 +655,8 @@ InitializeLibrary(void)
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================