Made changes to deal with issues found during self-code review.

Added lock callback functionality for interfacing with OpenSSL in a multi-threaded environment.
2006-11-30 18:21:42 +00:00
parent a522f9d982
commit 1974ee9875
28 changed files with 1196 additions and 548 deletions
--- a/CASA-auth-token/client/lib/mechanisms/krb5/interface.c
+++ b/CASA-auth-token/client/lib/mechanisms/krb5/interface.c
@@ -75,7 +75,7 @@ AuthTokenIf_AddReference(
   pAuthTokenIfInstance->refCount ++;
   refCount = pAuthTokenIfInstance->refCount;

-   DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount);
+   DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %0X\n", refCount);

   return refCount;
 }
@@ -208,7 +208,7 @@ GET_AUTH_TOKEN_INTERFACE_RTN(

 exit:

-   DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus);
+   DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
--- a/CASA-auth-token/client/lib/mechanisms/krb5/linux/Krb5Authenticate.conf
+++ b/CASA-auth-token/client/lib/mechanisms/krb5/linux/Krb5Authenticate.conf
@@ -7,6 +7,27 @@
 #                                                     #
 #######################################################

+#
+# LibraryName setting.
+#
+# Description: Used to specify the path to the library
+#              implementing the authentication mechanism.
+#
 LibraryName		/usr/lib/CASA/authtoken/krb5mech.so

+#
+# DebugLevel setting.
+#
+# Description: Used to specify the level of logging utilized for debugging
+#              purposes. A level of zero being the lowest debugging level.
+#
+#              If this parameter is not set, the client defaults
+#              to use a debug level of zero.
+#
+#              Note: Debug statements can be viewed under Windows by using
+#              tools such as DbgView. Under Linux, debug statements are logged
+#              to /var/log/messages.
+#
+#DebugLevel	0
+

--- a/CASA-auth-token/client/lib/mechanisms/krb5/linux/Krb5Authenticate_lib64.conf
+++ b/CASA-auth-token/client/lib/mechanisms/krb5/linux/Krb5Authenticate_lib64.conf
@@ -7,6 +7,26 @@
 #                                                     #
 #######################################################

+#
+# LibraryName setting.
+#
+# Description: Used to specify the path to the library
+#              implementing the authentication mechanism.
+#
 LibraryName		/usr/lib64/CASA/authtoken/krb5mech.so

+#
+# DebugLevel setting.
+#
+# Description: Used to specify the level of logging utilized for debugging
+#              purposes. A level of zero being the lowest debugging level.
+#
+#              If this parameter is not set, the client defaults
+#              to use a debug level of zero.
+#
+#              Note: Debug statements can be viewed under Windows by using
+#              tools such as DbgView. Under Linux, debug statements are logged
+#              to /var/log/messages.
+#
+#DebugLevel	0

--- a/CASA-auth-token/client/lib/mechanisms/krb5/linux/get.c
+++ b/CASA-auth-token/client/lib/mechanisms/krb5/linux/get.c
@@ -75,8 +75,11 @@ LogGssStatuses(
      }

      // Trace this message
-      DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
-      DbgTrace(0, "%s\n", (char *)msg.value);
+      if (msg.value != NULL)
+      {
+         DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
+         DbgTrace(0, "%s\n", (char *)msg.value);
+      }

      if (msg.length != 0)
         gss_release_buffer(&gssMinStat, &msg);
@@ -102,8 +105,11 @@ LogGssStatuses(
      }

      // Trace this message
-      DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
-      DbgTrace(0, "%s\n", (char *)msg.value);
+      if (msg.value != NULL)
+      {
+         DbgTrace(0, "-LogGssStatuses- GSS-API error %s: ", operation);
+         DbgTrace(0, "%s\n", (char *)msg.value);
+      }

      if (msg.length != 0)
         gss_release_buffer(&gssMinStat, &msg);
@@ -226,7 +232,7 @@ AuthTokenIf_GetAuthToken(
   gssBuffer.length = strlen(pKrbServiceName) + 1;
   if (strchr(pKrbServiceName, '@') != NULL)
   {
-      // The name is of the form "servicename@hostname"
+      // The name is of the form "servicename@realmname"
      gssMajStat = gss_import_name(&gssMinStat,
                                   &gssBuffer,
                                   (gss_OID) GSS_C_NT_HOSTBASED_SERVICE,
@@ -290,7 +296,7 @@ AuthTokenIf_GetAuthToken(
            else
            {
               // The buffer provided is large enough, copy the data and return the actual size.
-               memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen +1);
+               memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen + 1);

               // Success
               retStatus = CASA_STATUS_SUCCESS;
--- a/CASA-auth-token/client/lib/mechanisms/krb5/util.c
+++ b/CASA-auth-token/client/lib/mechanisms/krb5/util.c
@@ -80,7 +80,6 @@ EncodeData(
 {
   CasaStatus  retStatus;
   int         encodedSize;
-
   char        *pTmp;

   DbgTrace(3, "-EncodeData- Start\n", 0);
@@ -141,7 +140,7 @@ EncodeData(
                                  CASA_STATUS_INSUFFICIENT_RESOURCES);
   }

-   DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
+   DbgTrace(3, "-EncodeData- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
@@ -270,7 +269,7 @@ DecodeData(
                                  CASA_STATUS_INSUFFICIENT_RESOURCES);
   }

-   DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
+   DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
@@ -312,7 +311,7 @@ dtoul(
      }
   }
      
-   DbgTrace(2, "-dtoul- End, result = %d\n", n);
+   DbgTrace(2, "-dtoul- End, result = %0X\n", n);

   return n;
 }
--- a/CASA-auth-token/client/lib/mechanisms/krb5/windows/Krb5Authenticate.conf
+++ b/CASA-auth-token/client/lib/mechanisms/krb5/windows/Krb5Authenticate.conf
@@ -7,6 +7,12 @@
 #                                                     #
 #######################################################

+#
+# LibraryName setting.
+#
+# Description: Used to specify the path to the library
+#              implementing the authentication mechanism.
+#
 LibraryName		\Program Files\novell\casa\lib\krb5mech.dll

 #
--- a/CASA-auth-token/client/lib/mechanisms/pwd/get.c
+++ b/CASA-auth-token/client/lib/mechanisms/pwd/get.c
@@ -106,13 +106,23 @@ GetUserCredentials(
         // There were no credentials for the realm, now try to obtain the
         // desktop credentials.
         secretId.len = sscs_Utf8Strlen("Desktop") + 1;
-         sscs_Utf8Strcpy((char*) secretId.id, "Desktop");
-         rcode = miCASAGetCredential(0,
-                                     &secretId,
-                                     NULL,
-                                     &credtype,
-                                     &credential,
-                                     (SSCS_EXT_T*) pCredStoreScope);
+         if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN)
+         {
+            sscs_Utf8Strcpy((char*) secretId.id, "Desktop");
+            rcode = miCASAGetCredential(0,
+                                        &secretId,
+                                        NULL,
+                                        &credtype,
+                                        &credential,
+                                        (SSCS_EXT_T*) pCredStoreScope);
+         }
+         else
+         {
+            DbgTrace(0, "-GetUserCredentials- Desktop name too long\n", 0);
+            retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
+                                        CASA_FACILITY_PWTOKEN,
+                                        CASA_STATUS_UNSUCCESSFUL);
+         }
      }
   }
   else
@@ -178,7 +188,7 @@ GetUserCredentials(
      *ppPassword = pPassword;
   }

-   DbgTrace(1, "-GetUserCredentials- End, retStatus = %08X\n", retStatus);
+   DbgTrace(1, "-GetUserCredentials- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
--- a/CASA-auth-token/client/lib/mechanisms/pwd/interface.c
+++ b/CASA-auth-token/client/lib/mechanisms/pwd/interface.c
@@ -75,7 +75,7 @@ AuthTokenIf_AddReference(
   pAuthTokenIfInstance->refCount ++;
   refCount = pAuthTokenIfInstance->refCount;

-   DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount);
+   DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %0X\n", refCount);

   return refCount;
 }
@@ -208,7 +208,7 @@ GET_AUTH_TOKEN_INTERFACE_RTN(

 exit:

-   DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus);
+   DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
--- a/CASA-auth-token/client/lib/mechanisms/pwd/linux/PwdAuthenticate.conf
+++ b/CASA-auth-token/client/lib/mechanisms/pwd/linux/PwdAuthenticate.conf
@@ -7,6 +7,25 @@
 #                                                     #
 #######################################################

+#
+# LibraryName setting.
+#
+# Description: Used to specify the path to the library
+#              implementing the authentication mechanism.
+#
 LibraryName		/usr/lib/CASA/authtoken/pwmech.so

-
+#
+# DebugLevel setting.
+#
+# Description: Used to specify the level of logging utilized for debugging
+#              purposes. A level of zero being the lowest debugging level.
+#
+#              If this parameter is not set, the client defaults
+#              to use a debug level of zero.
+#
+#              Note: Debug statements can be viewed under Windows by using
+#              tools such as DbgView. Under Linux, debug statements are logged
+#              to /var/log/messages.
+#
+#DebugLevel	0
--- a/CASA-auth-token/client/lib/mechanisms/pwd/linux/PwdAuthenticate_lib64.conf
+++ b/CASA-auth-token/client/lib/mechanisms/pwd/linux/PwdAuthenticate_lib64.conf
@@ -7,6 +7,25 @@
 #                                                     #
 #######################################################

+#
+# LibraryName setting.
+#
+# Description: Used to specify the path to the library
+#              implementing the authentication mechanism.
+#
 LibraryName		/usr/lib64/CASA/authtoken/pwmech.so

-
+#
+# DebugLevel setting.
+#
+# Description: Used to specify the level of logging utilized for debugging
+#              purposes. A level of zero being the lowest debugging level.
+#
+#              If this parameter is not set, the client defaults
+#              to use a debug level of zero.
+#
+#              Note: Debug statements can be viewed under Windows by using
+#              tools such as DbgView. Under Linux, debug statements are logged
+#              to /var/log/messages.
+#
+#DebugLevel	0
--- a/CASA-auth-token/client/lib/mechanisms/pwd/util.c
+++ b/CASA-auth-token/client/lib/mechanisms/pwd/util.c
@@ -80,7 +80,6 @@ EncodeData(
 {
   CasaStatus  retStatus;
   int         encodedSize;
-
   char        *pTmp;

   DbgTrace(3, "-EncodeData- Start\n", 0);
@@ -141,7 +140,7 @@ EncodeData(
                                  CASA_STATUS_INSUFFICIENT_RESOURCES);
   }

-   DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
+   DbgTrace(3, "-EncodeData- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
@@ -270,7 +269,7 @@ DecodeData(
                                  CASA_STATUS_INSUFFICIENT_RESOURCES);
   }

-   DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
+   DbgTrace(3, "-DecodeData- End, retStatus = %0X\n", retStatus);

   return retStatus;
 }
@@ -312,7 +311,7 @@ dtoul(
      }
   }
      
-   DbgTrace(2, "-dtoul- End, result = %d\n", n);
+   DbgTrace(2, "-dtoul- End, result = %0X\n", n);

   return n;
 }
--- a/CASA-auth-token/client/lib/mechanisms/pwd/windows/PwdAuthenticate.conf
+++ b/CASA-auth-token/client/lib/mechanisms/pwd/windows/PwdAuthenticate.conf
@@ -7,6 +7,12 @@
 #                                                     #
 #######################################################

+#
+# LibraryName setting.
+#
+# Description: Used to specify the path to the library
+#              implementing the authentication mechanism.
+#
 LibraryName		\Program Files\novell\casa\lib\pwmech.dll

 #