diff --git a/auth_token/client/authmsg.c b/auth_token/client/authmsg.c
index 850677dc..4e636065 100644
--- a/auth_token/client/authmsg.c
+++ b/auth_token/client/authmsg.c
@@ -99,6 +99,7 @@ BuildAuthenticateMsg(
*
*
* realm value
+ * mechanism id value
* authentication mechanism token data
*
*
@@ -118,6 +119,13 @@ BuildAuthenticateMsg(
+ strlen(REALM_ELEMENT_NAME)
+ 3 // >crlf
+ 1 // <
+ + strlen(MECHANISM_ELEMENT_NAME)
+ + 1 // >
+ + strlen(pAuthContext->pMechanism)
+ + 2 // crlf
+ + 1 // <
+ strlen(AUTH_MECH_TOKEN_ELEMENT_NAME)
+ 1 // >
+ strlen(pAuthMechToken)
@@ -147,6 +155,13 @@ BuildAuthenticateMsg(
strcat(pMsg, REALM_ELEMENT_NAME);
strcat(pMsg, ">\r\n");
strcat(pMsg, "<");
+ strcat(pMsg, MECHANISM_ELEMENT_NAME);
+ strcat(pMsg, ">");
+ strcat(pMsg, pAuthContext->pMechanism);
+ strcat(pMsg, "\r\n");
+ strcat(pMsg, "<");
strcat(pMsg, AUTH_MECH_TOKEN_ELEMENT_NAME);
strcat(pMsg, ">");
strcat(pMsg, pAuthMechToken);
@@ -422,6 +437,12 @@ AuthRespCharDataHandler(
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
}
+ else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE, s, len) == 0)
+ {
+ pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_CONFIGURATION_ERROR);
+ }
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0)
{
pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
diff --git a/auth_token/client/authtokenclient_msm/authtokenclient_msm.vdproj b/auth_token/client/authtokenclient_msm/authtokenclient_msm.vdproj
index 77a24e26..9fdb50be 100644
--- a/auth_token/client/authtokenclient_msm/authtokenclient_msm.vdproj
+++ b/auth_token/client/authtokenclient_msm/authtokenclient_msm.vdproj
@@ -40,7 +40,13 @@
"Entry"
{
"MsmKey" = "8:_71C343EBC4935F8914C3145115EDEC4A"
- "OwnerKey" = "8:_A6E7F30D430741F79B780AA6B1B8D3D3"
+ "OwnerKey" = "8:_7462FCD02DE146CFA809BCDC9FCFA3CC"
+ "MsmSig" = "8:_UNDEFINED"
+ }
+ "Entry"
+ {
+ "MsmKey" = "8:_7462FCD02DE146CFA809BCDC9FCFA3CC"
+ "OwnerKey" = "8:_UNDEFINED"
"MsmSig" = "8:_UNDEFINED"
}
"Entry"
@@ -63,14 +69,14 @@
}
"Entry"
{
- "MsmKey" = "8:_A6E7F30D430741F79B780AA6B1B8D3D3"
+ "MsmKey" = "8:_AD11D4F6DDB74221806A3D1AB47BDC41"
"OwnerKey" = "8:_UNDEFINED"
"MsmSig" = "8:_UNDEFINED"
}
"Entry"
{
- "MsmKey" = "8:_AD11D4F6DDB74221806A3D1AB47BDC41"
- "OwnerKey" = "8:_UNDEFINED"
+ "MsmKey" = "8:_FE85A5D48B5A23F3077871E9FD2378DE"
+ "OwnerKey" = "8:_0C0B5ECE6E9C47F1A1F13B58141B5DC8"
"MsmSig" = "8:_UNDEFINED"
}
}
@@ -198,7 +204,7 @@
"SharedLegacy" = "11:FALSE"
"PackageAs" = "3:1"
"Register" = "3:1"
- "Exclude" = "11:TRUE"
+ "Exclude" = "11:FALSE"
"IsDependency" = "11:TRUE"
"IsolateTo" = "8:"
}
@@ -262,6 +268,26 @@
"IsDependency" = "11:TRUE"
"IsolateTo" = "8:"
}
+ "{A582A373-4685-4296-BEFE-614B80A702C3}:_FE85A5D48B5A23F3077871E9FD2378DE"
+ {
+ "SourcePath" = "8:WINHTTP.dll"
+ "TargetName" = "8:WINHTTP.dll"
+ "Tag" = "8:"
+ "Folder" = "8:_01897726E7804A3B875B67A1C2692147"
+ "Condition" = "8:"
+ "Transitive" = "11:FALSE"
+ "Vital" = "11:TRUE"
+ "ReadOnly" = "11:FALSE"
+ "Hidden" = "11:FALSE"
+ "System" = "11:FALSE"
+ "Permanent" = "11:FALSE"
+ "SharedLegacy" = "11:FALSE"
+ "PackageAs" = "3:1"
+ "Register" = "3:1"
+ "Exclude" = "11:TRUE"
+ "IsDependency" = "11:TRUE"
+ "IsolateTo" = "8:"
+ }
}
"FileType"
{
@@ -393,7 +419,7 @@
{
"{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_0C0B5ECE6E9C47F1A1F13B58141B5DC8"
{
- "SourcePath" = "8:..\\windows\\release\\authtoken.dll"
+ "SourcePath" = "8:..\\windows\\Release\\authtoken.dll"
"TargetName" = "8:"
"Tag" = "8:"
"Folder" = "8:_01897726E7804A3B875B67A1C2692147"
@@ -419,9 +445,9 @@
{
}
}
- "{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_A6E7F30D430741F79B780AA6B1B8D3D3"
+ "{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_7462FCD02DE146CFA809BCDC9FCFA3CC"
{
- "SourcePath" = "8:..\\mechanisms\\pwd\\windows\\release\\pwmech.dll"
+ "SourcePath" = "8:..\\mechanisms\\pwd\\windows\\Release\\pwmech.dll"
"TargetName" = "8:"
"Tag" = "8:"
"Folder" = "8:_01897726E7804A3B875B67A1C2692147"
@@ -449,7 +475,7 @@
}
"{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_AD11D4F6DDB74221806A3D1AB47BDC41"
{
- "SourcePath" = "8:..\\mechanisms\\krb5\\windows\\release\\krb5mech.dll"
+ "SourcePath" = "8:..\\mechanisms\\krb5\\windows\\Release\\krb5mech.dll"
"TargetName" = "8:"
"Tag" = "8:"
"Folder" = "8:_01897726E7804A3B875B67A1C2692147"
diff --git a/auth_token/client/engine.c b/auth_token/client/engine.c
index 8ec47d6f..6fb756c8 100644
--- a/auth_token/client/engine.c
+++ b/auth_token/client/engine.c
@@ -38,7 +38,7 @@
//
// Debug tracing level
//
-int DebugLevel = 0;
+int DebugLevel = 3;
//
// Operating parameter
@@ -147,7 +147,7 @@ ObtainSessionToken(
{
// Issue rpc
retStatus = Rpc(pRpcSession,
- pAuthContext->pMechanism,
+ "Authenticate",
secureRpcSetting,
pReqMsg,
&pRespMsg,
@@ -422,15 +422,21 @@ ObtainAuthTokenFromServer(
//++=======================================================================
CasaStatus SSCS_CALL
ObtainAuthToken(
- IN const char *pServiceAtHostName,
+ IN const char *pServiceName,
+ IN const char *pHostName,
INOUT char *pAuthTokenBuf,
INOUT int *pAuthTokenBufLen)
//
// Arguments:
-// pServiceAtHostName -
+// pServiceName -
// Pointer to NULL terminated string that contains the
-// service@host name to which the client is trying to
-// authenticate. Note that the host portion of the name
+// name of the service to which the client is trying to
+// authenticate.
+//
+// pHostName -
+// Pointer to NULL terminated string that contains the
+// name of the host where resides the service to which the
+// client is trying to authenticate. Note that the name
// can either be a DNS name or a dotted IP address.
//
// pAuthTokenBuf -
@@ -458,13 +464,15 @@ ObtainAuthToken(
// L2
//=======================================================================--
{
- CasaStatus retStatus = CASA_STATUS_SUCCESS;
- char *pParseString;
+ CasaStatus retStatus = CASA_STATUS_SUCCESS;
+ AuthCacheEntry *pCacheEntry;
+ char *pNormalizedHostName;
DbgTrace(1, "-ObtainAuthToken- Start\n", 0);
// Verify the input parameters
- if (pServiceAtHostName == NULL
+ if (pServiceName == NULL
+ || pHostName == NULL
|| pAuthTokenBufLen == NULL
|| (*pAuthTokenBufLen != 0 && pAuthTokenBuf == NULL))
{
@@ -475,125 +483,93 @@ ObtainAuthToken(
goto exit;
}
- // Allocate space to copy the service name string
- pParseString = (char*) malloc(strlen(pServiceAtHostName) + 1);
- if (pParseString)
+ // Normalize the host name
+ pNormalizedHostName = NormalizeHostName(pHostName);
+ if (pNormalizedHostName)
{
- char *pServiceName, *pHostName;
+ // Start user process synchronization
+ AcquireUserMutex();
- // Space allocated, now copy the string onto it
- // and parse it into its components.
- strcpy(pParseString, pServiceAtHostName);
- pServiceName = strtok(pParseString, "@");
- pHostName = strtok(NULL, "@");
- if (pHostName == NULL)
+ // Try to find a cache entry for the service
+ pCacheEntry = FindEntryInAuthCache(pServiceName, pNormalizedHostName);
+ if (pCacheEntry == NULL)
{
- DbgTrace(0, "-ObtainAuthToken- Missing host name\n", 0);
- retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
- CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_INVALID_PARAMETER);
- }
- else
- {
- AuthCacheEntry *pCacheEntry;
- char *pNormalizedHostName;
-
- // Normalize the host name
- pNormalizedHostName = NormalizeHostName(pHostName);
- if (pNormalizedHostName)
+ // No entry found in the cache, create one.
+ pCacheEntry = CreateAuthCacheEntry(pServiceName, pNormalizedHostName);
+ if (pCacheEntry)
{
- // Start user process synchronization
- AcquireUserMutex();
+ int cacheEntryLifetime = retryLifetime; // Initialize to retry in case of failure
- // Try to find a cache entry for the service
- pCacheEntry = FindEntryInAuthCache(pServiceName, pNormalizedHostName);
- if (pCacheEntry == NULL)
+ // Cache entry created, now try to obtain auth token from the CASA Server
+ retStatus = ObtainAuthTokenFromServer(pServiceName,
+ pNormalizedHostName,
+ &pCacheEntry->pToken,
+ &cacheEntryLifetime);
+
+ // Add the entry to the cache if successful or if the reason that we failed
+ // was because the server was un-available.
+ if (CASA_SUCCESS(retStatus)
+ || CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
{
- // No entry found in the cache, create one.
- pCacheEntry = CreateAuthCacheEntry(pServiceName, pNormalizedHostName);
- if (pCacheEntry)
- {
- int cacheEntryLifetime = retryLifetime; // Initialize to retry in case of failure
-
- // Cache entry created, now try to obtain auth token from the CASA Server
- retStatus = ObtainAuthTokenFromServer(pServiceName,
- pNormalizedHostName,
- &pCacheEntry->pToken,
- &cacheEntryLifetime);
-
- // Add the entry to the cache if successful or if the reason that we failed
- // was because the server was un-available.
- if (CASA_SUCCESS(retStatus)
- || CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE)
- {
- pCacheEntry->status = retStatus;
- AddEntryToAuthCache(pCacheEntry, cacheEntryLifetime);
- }
- else
- {
- // Free the entry
- FreeAuthCacheEntry(pCacheEntry);
- }
- }
- else
- {
- DbgTrace(0, "-ObtainAuthToken- Cache entry creation failure\n", 0);
- retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
- CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_INSUFFICIENT_RESOURCES);
- }
+ pCacheEntry->status = retStatus;
+ AddEntryToAuthCache(pCacheEntry, cacheEntryLifetime);
}
else
{
- // Cache entry found, update the return status with the information saved in it.
- retStatus = pCacheEntry->status;
+ // Free the entry
+ FreeAuthCacheEntry(pCacheEntry);
}
-
- // Try to return auth token if we have one to return
- if (CASA_SUCCESS(retStatus))
- {
- int tokenLen = (int) strlen(pCacheEntry->pToken) + 1;
-
- // We have an authentication token, try to return it to the caller
- // after verifying that the supplied buffer is big enough.
- if (*pAuthTokenBufLen >= tokenLen)
- {
- // Return the auth token to the caller
- strcpy(pAuthTokenBuf, pCacheEntry->pToken);
- }
- else
- {
- DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0);
- retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
- CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_BUFFER_OVERFLOW);
- }
-
- // Return the token length to the caller
- *pAuthTokenBufLen = tokenLen;
- }
-
- // Stop user process synchronization
- ReleaseUserMutex();
-
- // Free the space allocated for the normalized host name
- free(pNormalizedHostName);
}
else
{
- DbgTrace(0, "-ObtainAuthToken- Host name normalization failed\n", 0);
+ DbgTrace(0, "-ObtainAuthToken- Cache entry creation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_UNSUCCESSFUL);
+ CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
+ else
+ {
+ // Cache entry found, update the return status with the information saved in it.
+ retStatus = pCacheEntry->status;
+ }
- // Free allocated space
- free(pParseString);
+ // Try to return auth token if we have one to return
+ if (CASA_SUCCESS(retStatus))
+ {
+ int tokenLen = (int) strlen(pCacheEntry->pToken) + 1;
+
+ // We have an authentication token, try to return it to the caller
+ // after verifying that the supplied buffer is big enough.
+ if (*pAuthTokenBufLen >= tokenLen)
+ {
+ // Return the auth token to the caller
+ strcpy(pAuthTokenBuf, pCacheEntry->pToken);
+ }
+ else
+ {
+ DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0);
+ retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_BUFFER_OVERFLOW);
+ }
+
+ // Return the token length to the caller
+ *pAuthTokenBufLen = tokenLen;
+ }
+
+ // Stop user process synchronization
+ ReleaseUserMutex();
+
+ // Free the space allocated for the normalized host name
+ free(pNormalizedHostName);
}
else
{
- DbgTrace(0, "-ObtainAuthToken- Buffer allocation error\n", 0);
+ DbgTrace(0, "-ObtainAuthToken- Host name normalization failed\n", 0);
+ retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_UNSUCCESSFUL);
}
exit:
diff --git a/auth_token/client/getpolicymsg.c b/auth_token/client/getpolicymsg.c
index 9f46d4bf..67137ad6 100644
--- a/auth_token/client/getpolicymsg.c
+++ b/auth_token/client/getpolicymsg.c
@@ -400,21 +400,27 @@ GetAuthPolicyRespCharDataHandler(
else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
- CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_AUTHENTICATION_FAILURE);
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_AUTHENTICATION_FAILURE);
+ }
+ else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE, s, len) == 0)
+ {
+ pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_NOT_CONFIGURED);
}
else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0)
{
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
- CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_SERVER_ERROR);
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_SERVER_ERROR);
}
else
{
DbgTrace(0, "-GetAuthPolicyRespCharDataHandler- Un-expected status\n", 0);
pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR,
- CASA_FACILITY_AUTHTOKEN,
- CASA_STATUS_UNSUCCESSFUL);
+ CASA_FACILITY_AUTHTOKEN,
+ CASA_STATUS_UNSUCCESSFUL);
}
// Advanced to the next state
diff --git a/auth_token/client/test/CASA_Auth.cpp b/auth_token/client/test/CASA_Auth.cpp
index 59803765..378da8ef 100644
--- a/auth_token/client/test/CASA_Auth.cpp
+++ b/auth_token/client/test/CASA_Auth.cpp
@@ -25,23 +25,139 @@
#include
#include "casa_c_authtoken.h"
+// Globals
+char usageString[] = "usage: test -a serverAddress -p serverPort [-h]\n";
-int main(int argc, char* argv[])
+char *pServerAddress = NULL;
+int serverPort = 0;
+BOOLEAN execHttpTest = FALSE;
+
+
+/***********************************************************************
+ *
+ * dtoul()
+ *
+ ***********************************************************************/
+int
+dtoul(
+ IN char *cp,
+ IN int len)
{
- int retStatus;
- char authToken[4096];
- int authTokenLen = sizeof(authToken);
+ int n = 0;
+ int i;
- // Now lets obtain a token for our service
- retStatus = ObtainAuthToken("testService@137.65.132.44", authToken, &authTokenLen);
- if (retStatus)
- printf("ObtainAuthToken failed with status %d\n", retStatus);
+ for (i = 0; i < len; i++, cp++)
+ {
+ // Verify that we are dealing with a valid digit
+ if (*cp >= '0' && *cp <= '9')
+ {
+ n = 10 * n + (*cp - '0');
+ }
+ else
+ {
+ printf("-dtoul- Found invalid digit\n");
+ break;
+ }
+ }
+
+ return n;
+}
+
+
+/***********************************************************************
+ *
+ * EncodeData()
+ *
+ ***********************************************************************/
+int
+EncodeData(
+ IN const void *pData,
+ IN const int32_t dataLen,
+ INOUT char **ppEncodedData,
+ INOUT int32_t *pEncodedDataLen)
+{
+ int8_t base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+ int retStatus;
+ int encodedSize;
+
+ char *pTmp;
+
+ // Determine the encoded size and allocate a buffer to hold the encoded data
+ encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4;
+ pTmp = (char*) malloc(encodedSize);
+ *ppEncodedData = pTmp;
+ if (*ppEncodedData)
+ {
+ uint8_t *pOut, *pIn;
+ int i;
+
+ // Setup pointers to move through the buffers
+ pIn = (uint8_t*) pData;
+ pOut = (uint8_t*) *ppEncodedData;
+
+ // Perform the encoding
+ for (i = 0; i < dataLen - 2; i += 3)
+ {
+ *pOut++ = base64[(pIn[i] >> 2) & 0x3F];
+ *pOut++ = base64[((pIn[i] & 0x3) << 4) |
+ ((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
+ *pOut++ = base64[((pIn[i + 1] & 0xF) << 2) |
+ ((int32_t)(pIn[i + 2] & 0xC0) >> 6)];
+ *pOut++ = base64[pIn[i + 2] & 0x3F];
+ }
+ if (i < dataLen)
+ {
+ *pOut++ = base64[(pIn[i] >> 2) & 0x3F];
+ if (i == (dataLen - 1))
+ {
+ *pOut++ = base64[((pIn[i] & 0x3) << 4)];
+ *pOut++ = '=';
+ }
+ else
+ {
+ *pOut++ = base64[((pIn[i] & 0x3) << 4) |
+ ((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
+ *pOut++ = base64[((pIn[i + 1] & 0xF) << 2)];
+ }
+ *pOut++ = '=';
+ }
+ *pOut++ = '\0';
+
+ // Return the encoded data length
+ *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData);
+
+ // Success
+ retStatus = 0;
+ }
+ else
+ {
+ printf("-EncodeData- Buffer allocation failure\n");
+ retStatus = -1;
+ }
+
+ return retStatus;
+}
+
+
+/***********************************************************************
+ *
+ * NonHttpTest()
+ *
+ ***********************************************************************/
+void NonHttpTest(void)
+{
+ CasaStatus retStatus;
+ char authToken[4096];
+ int authTokenLen = sizeof(authToken);
+
+ // Obtain an authentication token for the testService
+ retStatus = ObtainAuthToken("testService", pServerAddress, authToken, &authTokenLen);
+ if (!CASA_SUCCESS(retStatus))
+ {
+ printf("-NonHttpTest- ObtainAuthToken failed with status %d\n", retStatus);
+ }
else
{
- char serverAddr[] = "137.65.132.44";
- char *pServerAddress = serverAddr;
-// int serverPort = htons(4444);
- int serverPort = 27008;
SOCKET sock;
struct sockaddr_in localAddr = {0};
struct sockaddr_in remoteAddr = {0};
@@ -50,8 +166,7 @@ int main(int argc, char* argv[])
int winsockStartupResult;
WSADATA winsockData;
- //printf("ObtainAuthToken succedded, token = %s\n", authToken);
- printf("ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
+ printf("-NonHttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
// Send the token to the server
//
@@ -86,7 +201,6 @@ int main(int argc, char* argv[])
}
//printf("Found %d addresses\n", numAddressesFound);
-
// Setup the remote address structure with the lookup results
remoteAddr.sin_family = AF_INET;
remoteAddr.sin_port = serverPort;
@@ -98,19 +212,13 @@ int main(int argc, char* argv[])
(struct sockaddr*) &remoteAddr,
sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
- printf("main()- Connection creation failed, error = %d\n", WSAGetLastError());
+ printf("-NonHttpTest- Connection creation failed, error = %d\n", WSAGetLastError());
}
else
{
// Now the connection is setup, send the credentials to the server as one line.
// using our cheesy protocol followed by a hello string.
-
- // Send the username to the server (including NULL terminator)
- //send(sock, userName, userNameBufLen, 0);
-
- // Send new line
- //send(sock, "\n", 1, MSG_NOSIGNAL);
-
+ //
// Send the token to the server (including NULL terminator)
send(sock, authToken, (int) strlen(authToken) + 1, 0);
@@ -129,17 +237,17 @@ int main(int argc, char* argv[])
}
else
{
- printf("main()- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
+ printf("-NonHttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
}
}
else
{
- printf("main()- Lookup for %s failed\n", pServerAddress);
+ printf("-NonHttpTest- Lookup for %s failed\n", pServerAddress);
}
}
else
{
- printf("main()- Unable to bind socket, error = %d", errno);
+ printf("-NonHttpTest- Unable to bind socket, error = %d", errno);
}
// Close the socket
@@ -148,7 +256,7 @@ int main(int argc, char* argv[])
}
else
{
- printf("main()- Unable to open socket, error = %d\n", errno);
+ printf("-NonHttpTest- Unable to open socket, error = %d\n", errno);
}
// Close winsock
@@ -156,104 +264,31 @@ int main(int argc, char* argv[])
}
else
{
- printf("main()- WSAStartup failed, error = %d\n", winsockStartupResult);
+ printf("-NonHttpTest- WSAStartup failed, error = %d\n", winsockStartupResult);
}
}
-
- printf("Enter to exit application\n");
- getchar();
- return 0;
}
-/*
-int
-EncodeData(
- IN const void *pData,
- IN const int32_t dataLen,
- INOUT char **ppEncodedData,
- INOUT int32_t *pEncodedDataLen)
-{
- int8_t g_Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- int retStatus;
- int encodedSize;
-
- char *pTmp;
-
- // Determine the encoded size and allocate a buffer to hold the encoded data
- encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4;
- pTmp = (char*) malloc(encodedSize);
- *ppEncodedData = pTmp;
- if (*ppEncodedData)
- {
- uint8_t *pOut, *pIn;
- int i;
-
- // Setup pointers to move through the buffers
- pIn = (uint8_t*) pData;
- pOut = (uint8_t*) *ppEncodedData;
-
- // Perform the encoding
- for (i = 0; i < dataLen - 2; i += 3)
- {
- *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
- *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
- ((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
- *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) |
- ((int32_t)(pIn[i + 2] & 0xC0) >> 6)];
- *pOut++ = g_Base64[pIn[i + 2] & 0x3F];
- }
- if (i < dataLen)
- {
- *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
- if (i == (dataLen - 1))
- {
- *pOut++ = g_Base64[((pIn[i] & 0x3) << 4)];
- *pOut++ = '=';
- }
- else
- {
- *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
- ((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
- *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)];
- }
- *pOut++ = '=';
- }
- *pOut++ = '\0';
-
- // Return the encoded data length
- *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData);
-
- // Success
- retStatus = 0;
- }
- else
- {
- printf("-EncodeData- Buffer allocation failure\n");
-
- retStatus = -1;
- }
-
- return retStatus;
-}
-
-
-int main(int argc, char* argv[])
+/***********************************************************************
+ *
+ * HttpTest()
+ *
+ ***********************************************************************/
+void HttpTest(void)
{
- int retStatus;
- char authToken[4096];
- int authTokenLen = sizeof(authToken);
+ CasaStatus retStatus;
+ char authToken[4096];
+ int authTokenLen = sizeof(authToken);
- // Now lets obtain a token for our service
- retStatus = ObtainAuthToken("testService@137.65.132.44", authToken, &authTokenLen);
- if (retStatus)
- printf("ObtainAuthToken failed with status %d\n", retStatus);
+ // Obtain an authentication token for the testService
+ retStatus = ObtainAuthToken("testService", pServerAddress, authToken, &authTokenLen);
+ if (!CASA_SUCCESS(retStatus))
+ {
+ printf("-HttpTest- ObtainAuthToken failed with status %d\n", retStatus);
+ }
else
{
- char serverAddr[] = "137.65.132.44";
- char *pServerAddress = serverAddr;
-// int serverPort = htons(4444);
- int serverPort = htons(4096);
SOCKET sock;
struct sockaddr_in localAddr = {0};
struct sockaddr_in remoteAddr = {0};
@@ -263,7 +298,7 @@ int main(int argc, char* argv[])
WSADATA winsockData;
//printf("ObtainAuthToken succedded, token = %s\n", authToken);
- printf("ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
+ printf("-HttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen);
// Send the token to the server
//
@@ -310,7 +345,7 @@ int main(int argc, char* argv[])
(struct sockaddr*) &remoteAddr,
sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
- printf("main()- Connection creation failed, error = %d\n", WSAGetLastError());
+ printf("-HttpTest- Connection creation failed, error = %d\n", WSAGetLastError());
}
else
{
@@ -346,7 +381,7 @@ int main(int argc, char* argv[])
}
else
{
- printf("Error encoding credentials\n");
+ printf("-HttpTest- Error encoding credentials\n");
}
// Free the buffer containing the basic credentials
@@ -354,7 +389,7 @@ int main(int argc, char* argv[])
}
else
{
- printf("Buffer allocation failure\n");
+ printf("-HttpTest- Buffer allocation failure\n");
}
// Shutdown the connection
@@ -363,17 +398,17 @@ int main(int argc, char* argv[])
}
else
{
- printf("main()- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
+ printf("-HttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype);
}
}
else
{
- printf("main()- Lookup for %s failed\n", pServerAddress);
+ printf("-HttpTest- Lookup for %s failed\n", pServerAddress);
}
}
else
{
- printf("main()- Unable to bind socket, error = %d", errno);
+ printf("-HttpTest- Unable to bind socket, error = %d", errno);
}
// Close the socket
@@ -382,7 +417,7 @@ int main(int argc, char* argv[])
}
else
{
- printf("main()- Unable to open socket, error = %d\n", errno);
+ printf("-HttpTest- Unable to open socket, error = %d\n", errno);
}
// Close winsock
@@ -390,12 +425,89 @@ int main(int argc, char* argv[])
}
else
{
- printf("main()- WSAStartup failed, error = %d\n", winsockStartupResult);
+ printf("-HttpTest- WSAStartup failed, error = %d\n", winsockStartupResult);
}
}
+}
+
+
+/***********************************************************************
+ *
+ * main()
+ *
+ ***********************************************************************/
+int main(int argc, char* argv[])
+{
+ // Process input parameters
+ int i = 1;
+ while(argv[i] != NULL)
+ {
+ if (stricmp(argv[i], "-a") == 0)
+ {
+ // Server Address option, the next argument should
+ // contain the address.
+ i++;
+ if (argv[i] != NULL)
+ {
+ pServerAddress = argv[i];
+ }
+ else
+ {
+ printf(usageString);
+ return -1;
+ }
+ }
+ else if (stricmp(argv[i], "-p") == 0)
+ {
+ // Server port option, the next argument should
+ // contain the port.
+ i++;
+ if (argv[i] != NULL)
+ {
+ serverPort = htons(dtoul(argv[i], strlen(argv[i])));
+ }
+ else
+ {
+ printf(usageString);
+ return -1;
+ }
+ }
+ else if (stricmp(argv[i], "-h") == 0)
+ {
+ // Perform http test option
+ execHttpTest = TRUE;
+ }
+
+ // Advance to the next argument
+ i++;
+ }
+
+ // Verify that the server address and port were specified
+ if (pServerAddress && serverPort != 0)
+ {
+ // Repeat the test when indicated
+ printf("Press 'Enter' to run test or 'n + Enter' to stop.\n");
+ while(getchar() != 'n')
+ {
+ // Execute the appropriate test
+ if (execHttpTest)
+ {
+ HttpTest();
+ }
+ else
+ {
+ NonHttpTest();
+ }
+ printf("Press 'Enter' to run test or 'n + Enter' to stop.\n");
+ }
+ }
+ else
+ {
+ printf(usageString);
+ return -1;
+ }
- printf("Enter to exit application\n");
- getchar();
return 0;
}
-*/
\ No newline at end of file
+
+
diff --git a/auth_token/client/test/test.vcproj b/auth_token/client/test/test.vcproj
index 642d2b56..f513e4f0 100644
--- a/auth_token/client/test/test.vcproj
+++ b/auth_token/client/test/test.vcproj
@@ -35,7 +35,7 @@
AdditionalDependencies="authtoken.lib ws2_32.lib"
OutputFile="$(OutDir)/test.exe"
LinkIncremental="2"
- AdditionalLibraryDirectories="..\..\client\win32\Debug"
+ AdditionalLibraryDirectories=""C:\Program Files\novell\CASA\lib""
GenerateDebugInformation="TRUE"
ProgramDatabaseFile="$(OutDir)/test.pdb"
SubSystem="1"
@@ -44,7 +44,7 @@
Name="VCMIDLTool"/>
+ CommandLine="copy ..\windows\debug\authtoken.dll debug\authtoken.dll"/>
creationTime, pWrkEntry->expirationTime))
+ if (pWrkEntry->doesNotExpire == FALSE
+ && CacheEntryLifetimeExpired(pWrkEntry->creationTime, pWrkEntry->expirationTime))
{
// The lifetime of the entry has expired, remove it from the in-memory cache
// and free it.
@@ -342,6 +344,7 @@ FindEntryInAuthCache(
{
DWORD creationTime;
DWORD expirationTime;
+ BOOL doesNotExpire;
BOOL deleteCacheKeyNameKey = TRUE;
DWORD variableSz;
@@ -368,107 +371,124 @@ FindEntryInAuthCache(
&variableSz);
if (status == ERROR_SUCCESS)
{
- // Check if the extry lifetime has been exceeded
- if (CacheEntryLifetimeExpired(creationTime, expirationTime) == FALSE)
+ // Read the does not expire
+ variableSz = sizeof(doesNotExpire);
+ status = RegQueryValueExA(hCacheKeyNameRegKey,
+ EXPIRATION_TIME_REG_VALUE,
+ NULL,
+ NULL,
+ (LPBYTE) &doesNotExpire,
+ &variableSz);
+ if (status == ERROR_SUCCESS)
{
- // Create a AuthCacheEntry
- pEntry = CreateAuthCacheEntry(pCacheKeyName, pHostName);
- if (pEntry)
+ // Check if the extry lifetime has been exceeded
+ if (doesNotExpire == TRUE
+ || CacheEntryLifetimeExpired(creationTime, expirationTime) == FALSE)
{
- BOOL entryInitialized = FALSE;
-
- // Start setting up the AuthCacheEntry
- pEntry->creationTime = creationTime;
- pEntry->expirationTime = expirationTime;
-
- // Read the status
- variableSz = sizeof(pEntry->status);
- status = RegQueryValueExA(hCacheKeyNameRegKey,
- STATUS_REG_VALUE,
- NULL,
- NULL,
- (LPBYTE) &pEntry->status,
- &variableSz);
- if (status == ERROR_SUCCESS)
+ // Create a AuthCacheEntry
+ pEntry = CreateAuthCacheEntry(pCacheKeyName, pHostName);
+ if (pEntry)
{
- // Check if there is also an auth token associated with
- // this entry.
- if (pEntry->status == CASA_STATUS_SUCCESS)
- {
- DWORD tokenSz = 0;
+ BOOL entryInitialized = FALSE;
- // There should be an auth token associated with this CacheKeyName,
- // first determine what size buffer to allocate for it.
- status = RegQueryValueExA(hCacheKeyNameRegKey,
- TOKEN_REG_VALUE,
- NULL,
- NULL,
- (LPBYTE) pEntry->pToken,
- &tokenSz);
- if (status == ERROR_SUCCESS
- || status == ERROR_MORE_DATA)
+ // Start setting up the AuthCacheEntry
+ pEntry->creationTime = creationTime;
+ pEntry->expirationTime = expirationTime;
+ pEntry->doesNotExpire = doesNotExpire;
+
+ // Read the status
+ variableSz = sizeof(pEntry->status);
+ status = RegQueryValueExA(hCacheKeyNameRegKey,
+ STATUS_REG_VALUE,
+ NULL,
+ NULL,
+ (LPBYTE) &pEntry->status,
+ &variableSz);
+ if (status == ERROR_SUCCESS)
+ {
+ // Check if there is also an auth token associated with
+ // this entry.
+ if (pEntry->status == CASA_STATUS_SUCCESS)
{
- // Allocate buffer to hold the auth token
- pEntry->pToken = (char*) malloc(tokenSz);
- if (pEntry->pToken)
+ DWORD tokenSz = 0;
+
+ // There should be an auth token associated with this CacheKeyName,
+ // first determine what size buffer to allocate for it.
+ status = RegQueryValueExA(hCacheKeyNameRegKey,
+ TOKEN_REG_VALUE,
+ NULL,
+ NULL,
+ (LPBYTE) pEntry->pToken,
+ &tokenSz);
+ if (status == ERROR_SUCCESS
+ || status == ERROR_MORE_DATA)
{
- // Now read token into the allocated buffer
- status = RegQueryValueExA(hCacheKeyNameRegKey,
- TOKEN_REG_VALUE,
- NULL,
- NULL,
- (LPBYTE) pEntry->pToken,
- &tokenSz);
- if (status == ERROR_SUCCESS)
+ // Allocate buffer to hold the auth token
+ pEntry->pToken = (char*) malloc(tokenSz);
+ if (pEntry->pToken)
{
- // The cache entry has been properly initialized,
- // add it to the in-memory cache.
- entryInitialized = TRUE;
- deleteCacheKeyNameKey = FALSE;
- InsertHeadList(&g_authCacheListHead, &pEntry->listEntry);
+ // Now read token into the allocated buffer
+ status = RegQueryValueExA(hCacheKeyNameRegKey,
+ TOKEN_REG_VALUE,
+ NULL,
+ NULL,
+ (LPBYTE) pEntry->pToken,
+ &tokenSz);
+ if (status == ERROR_SUCCESS)
+ {
+ // The cache entry has been properly initialized,
+ // add it to the in-memory cache.
+ entryInitialized = TRUE;
+ deleteCacheKeyNameKey = FALSE;
+ InsertHeadList(&g_authCacheListHead, &pEntry->listEntry);
+ }
+ else
+ {
+ DbgTrace(0, "-FindEntryInAuthCache- Error reading token, status = %d\n", status);
+ }
}
else
{
- DbgTrace(0, "-FindEntryInAuthCache- Error reading token, status = %d\n", status);
+ DbgTrace(0, "-FindEntryInAuthCache- Unable to allocate buffer for token\n", 0);
}
}
else
{
- DbgTrace(0, "-FindEntryInAuthCache- Unable to allocate buffer for token\n", 0);
+ DbgTrace(0, "-FindEntryInAuthCache- Error reading token2, status = %d\n", status);
}
}
else
{
- DbgTrace(0, "-FindEntryInAuthCache- Error reading token2, status = %d\n", status);
+ // There is no auth token associated with this entry
+ //
+ // The cache entry has been properly initialized,
+ // add it to the in-memory cache.
+ entryInitialized = TRUE;
+ deleteCacheKeyNameKey = FALSE;
+ InsertHeadList(&g_authCacheListHead, &pEntry->listEntry);
}
}
else
{
- // There is no auth token associated with this entry
- //
- // The cache entry has been properly initialized,
- // add it to the in-memory cache.
- entryInitialized = TRUE;
- deleteCacheKeyNameKey = FALSE;
- InsertHeadList(&g_authCacheListHead, &pEntry->listEntry);
+ DbgTrace(0, "-FindEntryInAuthCache- Error reading status, status = %d\n", status);
+ }
+
+ // Free the auth cache entry if it was not successfully initialized
+ if (entryInitialized == FALSE)
+ {
+ FreeAuthCacheEntry(pEntry);
+ pEntry = NULL;
}
}
else
{
- DbgTrace(0, "-FindEntryInAuthCache- Error reading status, status = %d\n", status);
- }
-
- // Free the auth cache entry if it was not successfully initialized
- if (entryInitialized == FALSE)
- {
- FreeAuthCacheEntry(pEntry);
- pEntry = NULL;
+ DbgTrace(0, "-FindEntryInAuthCache- Error creating auth cache entry\n", 0);
}
}
- else
- {
- DbgTrace(0, "-FindEntryInAuthCache- Error creating auth cache entry\n", 0);
- }
+ }
+ else
+ {
+ DbgTrace(0, "-FindEntryInAuthCache- Error reading does not expire, status = %d\n", status);
}
}
else
@@ -514,7 +534,7 @@ FindEntryInAuthCache(
void
AddEntryToAuthCache(
IN AuthCacheEntry *pEntry,
- IN int entryLifetime) // seconds
+ IN int entryLifetime) // seconds (0 == Lives forever)
//
// Arguments:
//
@@ -536,7 +556,17 @@ AddEntryToAuthCache(
pEntry->creationTime = GetTickCount();
// First determine the time when the entry is due to expire
- pEntry->expirationTime = pEntry->creationTime + (entryLifetime * 1000);
+ if (entryLifetime != 0)
+ {
+ pEntry->expirationTime = pEntry->creationTime + (entryLifetime * 1000);
+ pEntry->doesNotExpire = FALSE;
+ }
+ else
+ {
+ // The entry does not expire
+ pEntry->expirationTime = 0;
+ pEntry->doesNotExpire = TRUE;
+ }
// Save the entry in our persistent cache (registry)
//
@@ -594,32 +624,45 @@ AddEntryToAuthCache(
if (status == ERROR_SUCCESS)
{
status = RegSetValueExA(hCacheKeyNameRegKey,
- STATUS_REG_VALUE,
+ DOES_NOT_EXPIRE_REG_VALUE,
0,
REG_DWORD,
- (LPBYTE) &pEntry->status,
- sizeof(pEntry->status));
+ (LPBYTE) &pEntry->doesNotExpire,
+ sizeof(pEntry->doesNotExpire));
if (status == ERROR_SUCCESS)
{
- // Check if there is also an auth token associated with this entry
- // this entry.
- if (pEntry->status == CASA_STATUS_SUCCESS)
+ status = RegSetValueExA(hCacheKeyNameRegKey,
+ STATUS_REG_VALUE,
+ 0,
+ REG_DWORD,
+ (LPBYTE) &pEntry->status,
+ sizeof(pEntry->status));
+ if (status == ERROR_SUCCESS)
{
- status = RegSetValueExA(hCacheKeyNameRegKey,
- TOKEN_REG_VALUE,
- 0,
- REG_SZ,
- (LPBYTE) pEntry->pToken,
- (DWORD) strlen(pEntry->pToken) + 1);
- if (status != ERROR_SUCCESS)
+ // Check if there is also an auth token associated with this entry
+ // this entry.
+ if (pEntry->status == CASA_STATUS_SUCCESS)
{
- DbgTrace(0, "-AddEntryToAuthCache- Error setting token, status = %d\n", status);
+ status = RegSetValueExA(hCacheKeyNameRegKey,
+ TOKEN_REG_VALUE,
+ 0,
+ REG_SZ,
+ (LPBYTE) pEntry->pToken,
+ (DWORD) strlen(pEntry->pToken) + 1);
+ if (status != ERROR_SUCCESS)
+ {
+ DbgTrace(0, "-AddEntryToAuthCache- Error setting token, status = %d\n", status);
+ }
}
}
+ else
+ {
+ DbgTrace(0, "-AddEntryToAuthCache- Error setting status, status = %d\n", status);
+ }
}
else
{
- DbgTrace(0, "-AddEntryToAuthCache- Error setting status, status = %d\n", status);
+ DbgTrace(0, "-AddEntryToAuthCache- Error setting does not expire, status = %d\n", status);
}
}
else
diff --git a/auth_token/client/windows/platform.h b/auth_token/client/windows/platform.h
index 50059975..2c63dae7 100644
--- a/auth_token/client/windows/platform.h
+++ b/auth_token/client/windows/platform.h
@@ -77,6 +77,7 @@ typedef struct _AuthCacheEntry
LIST_ENTRY listEntry;
DWORD creationTime;
DWORD expirationTime;
+ BOOL doesNotExpire;
char *pHostName;
char *pCacheKeyName;
char *pToken;
diff --git a/auth_token/client/windows/rpc.c b/auth_token/client/windows/rpc.c
index d7575ab7..96b4716f 100644
--- a/auth_token/client/windows/rpc.c
+++ b/auth_token/client/windows/rpc.c
@@ -251,7 +251,7 @@ InternalRpc(
*ppResponseData = NULL;
// Create rpc target string and convert it to a wide string
- sprintf(rpcTarget, "CasaAuthTokenSvc/%s", pMethod);
+ sprintf(rpcTarget, "CasaAuthTokenSvc/Rpc?method=%s", pMethod);
retStatus = CopyMultiToWideAlloc(rpcTarget,
(int) strlen(rpcTarget),
&pWideRpcTarget,