From 637726123ce2c9262da724f94e48619e46ca7182 Mon Sep 17 00:00:00 2001
From: Juan Carlos Luciani <jluciani@novell.com>
Date: Fri, 22 Sep 2006 16:24:03 +0000
Subject: [PATCH] Added the capability of configuring the ATS Address, port,
 and whether or not SSL should be used for communications.

---
 CASA-auth-token/non-java/client/authmech.c    |   2 -
 CASA-auth-token/non-java/client/client.conf   |  48 ++++++
 CASA-auth-token/non-java/client/engine.c      | 143 +++++++++++++-----
 CASA-auth-token/non-java/client/internal.h    |   5 +-
 .../non-java/client/windows/dllsup.c          |  12 +-
 .../non-java/client/windows/platform.c        |   4 +
 CASA-auth-token/non-java/client/windows/rpc.c |   8 +-
 7 files changed, 171 insertions(+), 51 deletions(-)
 create mode 100644 CASA-auth-token/non-java/client/client.conf

diff --git a/CASA-auth-token/non-java/client/authmech.c b/CASA-auth-token/non-java/client/authmech.c
index 991a64bb..467259be 100644
--- a/CASA-auth-token/non-java/client/authmech.c
+++ b/CASA-auth-token/non-java/client/authmech.c
@@ -76,7 +76,6 @@ GetAuthTokenIf(
    CasaStatus  retStatus;
    ConfigIf    *pModuleConfigIf;
 
-
    DbgTrace(2, "-GetAuthTokenIf- Start\n", 0);
 
    // Get the configuration for the module
@@ -268,7 +267,6 @@ GetAuthMechToken(
                                              CASA_STATUS_UNSUCCESSFUL);
    AuthTokenIf   *pAuthTokenIf;
 
-
    DbgTrace(1, "-GetAuthMechToken- Start\n", 0);
 
    // Initialize output parameter
diff --git a/CASA-auth-token/non-java/client/client.conf b/CASA-auth-token/non-java/client/client.conf
new file mode 100644
index 00000000..278de62d
--- /dev/null
+++ b/CASA-auth-token/non-java/client/client.conf
@@ -0,0 +1,48 @@
+#######################################################
+#                                                     #
+# CASA Authentication Token System configuration file #
+# for client.                                         #
+#                                                     #
+#######################################################
+
+#
+# ATS-hostname setting.
+#
+# Description: Used to configure the address of the
+#              ATS that should be used for obtaining
+#              authentication tokens.
+#
+#              If this parameter is not set, the client
+#              assummes that the ATS resides in the same
+#              host as the authentication token consuming
+#              services.
+#
+#ATS-hostname	hostname or IP address
+
+#
+# ATS-port setting.
+#
+# Description: Used to configure the port utilized by the
+#              ATS to listen for connections.
+#
+#              If this parameter is not set, the client
+#              assummes that the ATS is listening for
+#              connections on port 443 if configured to
+#              use SSL, otherwise it assumes that it is
+#              listening for connections on port 80.
+#
+ATS-port		8080
+
+#
+# UseSSL setting.
+#
+# Description: Used to specify that communications to the ATS
+#              should occur over SSL to ensure security.
+#
+#              If this parameter is not set, the client
+#              defaults to using SSL when communicating with
+#              ATSs.
+#
+UseSSL			false
+
+
diff --git a/CASA-auth-token/non-java/client/engine.c b/CASA-auth-token/non-java/client/engine.c
index 827fa441..9e8c875b 100644
--- a/CASA-auth-token/non-java/client/engine.c
+++ b/CASA-auth-token/non-java/client/engine.c
@@ -43,8 +43,11 @@ int   DebugLevel = 0;
 //
 // Operating parameter
 // 
-bool  secureRpcSetting = false;
-bool  g_bInitialized = FALSE;
+bool        g_bInitialized = FALSE;
+bool        g_secureRpcSetting = true;
+char        *g_pATSHostName = NULL;
+uint16_t    g_ATSPort = 443; // Default HTTPS
+
 
 //++=======================================================================
 static
@@ -147,7 +150,7 @@ ObtainSessionToken(
          // Issue rpc
          retStatus = Rpc(pRpcSession,
                          "Authenticate",
-                         secureRpcSetting,
+                         g_secureRpcSetting,
                          pReqMsg,
                          &pRespMsg,
                          &respLen);
@@ -276,7 +279,8 @@ ObtainAuthTokenFromServer(
    *ppAuthToken = NULL;
 
    // Open Rpc Session to the auth service at the specified host
-   pRpcSession = OpenRpcSession(pHostName);
+   pRpcSession = OpenRpcSession((g_pATSHostName != NULL) ? g_pATSHostName : pHostName,
+                                g_ATSPort);
    if (pRpcSession)
    {
       char                 *pReqMsg = NULL;
@@ -294,7 +298,7 @@ ObtainAuthTokenFromServer(
          // Issue rpc
          retStatus = Rpc(pRpcSession,
                          "GetAuthPolicy",
-                         secureRpcSetting,
+                         g_secureRpcSetting,
                          pReqMsg,
                          &pRespMsg,
                          &respLen);
@@ -326,7 +330,7 @@ ObtainAuthTokenFromServer(
                         // Issue rpc
                         retStatus = Rpc(pRpcSession,
                                         "GetAuthToken",
-                                        secureRpcSetting,
+                                        g_secureRpcSetting,
                                         pReqMsg,
                                         &pRespMsg,
                                         &respLen);
@@ -474,7 +478,6 @@ ObtainAuthToken(
    unsigned char     *pToken;
    HANDLE            hUserMutex = NULL;
 
-
    DbgTrace(1, "-ObtainAuthToken- Start\n", 0);
 
    // Verify the input parameters
@@ -494,19 +497,18 @@ ObtainAuthToken(
    DbgTrace(1, "-ObtainAuthToken- HostName = %s\n", pHostName);
    DbgTrace(1, "-ObtainAuthToken- BufferLength = %d\n", *pAuthTokenBufLen);
 
-   // Make sure we are initialized
    // Obtain our synchronization mutex
    AcquireInitializationMutex();
 
    // Create user synchronization mutex
    retStatus = CreateUserMutex(&hUserMutex);
-
    if (retStatus != CASA_STATUS_SUCCESS)
    {
-     DbgTrace(0, "-ObtainAuthToken- Error creating mutex for the user\n", 0);
+      DbgTrace(0, "-ObtainAuthToken- Error creating mutex for the user\n", 0);
       goto exit;
    }
 
+   // Make sure we are fully initialized
    if (g_bInitialized == FALSE)
    {
      retStatus = InitializeLibrary();
@@ -627,6 +629,96 @@ exit:
 }
 
 
+//++=======================================================================
+int
+InitializeLibrary(void)
+//
+//  Arguments: 
+//
+//  Returns:   
+//
+//  Abstract:  
+//
+//  Notes:
+//
+// L2
+//=======================================================================--
+{
+   int         retStatus = -1;
+   int         getConfigStatus = -1;
+   ConfigIf    *pClientConfigIf;
+   char        *pATSPortSetting;
+   char        *pUseSSLSetting;
+
+   DbgTrace(1, "-InitializeLibrary- Start\n", 0);
+
+   // Try to obtain client configuration settings
+   getConfigStatus = GetConfigInterface(clientConfigFolder,
+                                        "client",
+                                        &pClientConfigIf);
+   if (CASA_SUCCESS(getConfigStatus)
+       && CasaStatusCode(getConfigStatus) != CASA_STATUS_OBJECT_NOT_FOUND)
+   {
+      // Check if an ATS hostname has been configured
+      g_pATSHostName = pClientConfigIf->getEntryValue(pClientConfigIf, "ATS-hostname");
+      if (g_pATSHostName != NULL)
+      {
+         DbgTrace(0, "-InitializeLibrary- ATS hostname %s configured\n", g_pATSHostName);
+      }
+
+      // Check if the UseSSL setting has been configured
+      pUseSSLSetting = pClientConfigIf->getEntryValue(pClientConfigIf, "UseSSL");
+      if (pUseSSLSetting != NULL)
+      {
+         DbgTrace(0, "-InitializeLibrary- UseSSL setting %s configured\n", pUseSSLSetting);
+
+         // Set the g_secureRpcSetting variable based on the setting
+         if (stricmp(pUseSSLSetting, "false") == 0)
+         {
+            g_secureRpcSetting = false;
+
+            // Change the default ATS port to 80 from 443
+            g_ATSPort = 80;
+         }
+         else if (stricmp(pUseSSLSetting, "true") == 0)
+         {
+            g_secureRpcSetting = true;
+         }
+
+         // Free the buffer holding the UseSSL setting
+         free(pUseSSLSetting);
+      }
+
+      // Check if an ATS port number has been configured
+      pATSPortSetting = pClientConfigIf->getEntryValue(pClientConfigIf, "ATS-port");
+      if (pATSPortSetting != NULL)
+      {
+         DbgTrace(0, "-InitializeLibrary- ATS port number %s configured\n", pATSPortSetting);
+         
+         // Convert the number to hex
+         g_ATSPort = (int) dtoul(pATSPortSetting, strlen(pATSPortSetting));
+
+         // Free the buffer holding the port number
+         free(pATSPortSetting);
+      }
+
+      // Release config interface instance
+      pClientConfigIf->releaseReference(pClientConfigIf);
+   }
+
+   // Initialize the host name normalization
+   retStatus = InitializeHostNameNormalization();
+   if (CASA_SUCCESS(retStatus))
+   {
+     retStatus = InitializeAuthCache();
+   }
+
+   DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus);
+
+   return retStatus;
+}
+
+
 //++=======================================================================
 int
 Initialize(void)
@@ -654,37 +746,6 @@ Initialize(void)
 }
 
 
-//++=======================================================================
-int
-InitializeLibrary(void)
-//
-//  Arguments: 
-//
-//  Returns:   
-//
-//  Abstract:  
-//
-//  Notes:
-//
-// L2
-//=======================================================================--
-{
-   int   retStatus = -1;
-
-   DbgTrace(1, "-InitializeLibrary- Start\n", 0);
-
-   // Initialize the host name normalization
-   retStatus = InitializeHostNameNormalization();
-   if (CASA_SUCCESS(retStatus))
-   {
-     retStatus = InitializeAuthCache();
-   }
-
-   DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus);
-
-   return retStatus;
-}
-
 //++=======================================================================
 //++=======================================================================
 //++=======================================================================
diff --git a/CASA-auth-token/non-java/client/internal.h b/CASA-auth-token/non-java/client/internal.h
index c4588c96..24ccf669 100644
--- a/CASA-auth-token/non-java/client/internal.h
+++ b/CASA-auth-token/non-java/client/internal.h
@@ -106,6 +106,8 @@ typedef struct _AuthenticateResp
 
 extern int  DebugLevel;
 
+extern char  clientConfigFolder[];
+
 extern char  mechConfigFolder[];
 
 extern char  pathCharString[];
@@ -345,7 +347,8 @@ InitializeHostNameNormalization(void);
 extern
 RpcSession*
 OpenRpcSession(
-   IN    char *pHostName);
+   IN    char *pHostName,
+   IN    uint16_t hostPort);
 
 extern
 void
diff --git a/CASA-auth-token/non-java/client/windows/dllsup.c b/CASA-auth-token/non-java/client/windows/dllsup.c
index 9a50c46d..b9321be5 100644
--- a/CASA-auth-token/non-java/client/windows/dllsup.c
+++ b/CASA-auth-token/non-java/client/windows/dllsup.c
@@ -29,6 +29,9 @@
 #include <shlwapi.h>
 
 //===[ External data ]=====================================================
+extern
+char  clientConfigFolderPartialPath[];
+
 extern
 char  mechConfigFolderPartialPath[];
 
@@ -54,6 +57,7 @@ BOOL APIENTRY DllMain(
 //=======================================================================--
 {
    BOOL  retStatus = TRUE;
+   char  programFilesFolder[MAX_PATH];
 
    switch (ul_reason_for_call)
    {
@@ -61,13 +65,17 @@ BOOL APIENTRY DllMain(
       {
          g_hModule = hModule;
 
-         // Setup the path to the auth mechanisms config folder
+         // Setup the path to the client and auth mechanisms config folders
          if (SHGetFolderPath(NULL,
                              CSIDL_PROGRAM_FILES,
                              NULL,
                              0,
-                             mechConfigFolder) == 0)
+                             programFilesFolder) == 0)
          {
+            strcpy(clientConfigFolder, programFilesFolder);
+            PathAppend(clientConfigFolder, clientConfigFolderPartialPath);
+
+            strcpy(mechConfigFolder, programFilesFolder);
             PathAppend(mechConfigFolder, mechConfigFolderPartialPath);
 
             // Initialize the library
diff --git a/CASA-auth-token/non-java/client/windows/platform.c b/CASA-auth-token/non-java/client/windows/platform.c
index 2c83eb1c..f45d192f 100644
--- a/CASA-auth-token/non-java/client/windows/platform.c
+++ b/CASA-auth-token/non-java/client/windows/platform.c
@@ -53,6 +53,10 @@ LIST_ENTRY  normalizedHostNameCacheListHead;
 static
 HANDLE   hNormalizedHostNameCacheMutex;
 
+// Client configuration file folder
+char  clientConfigFolder[MAX_PATH];
+char  clientConfigFolderPartialPath[] = "Novell\\Casa\\Etc\\Auth";
+
 // Authentication mechanism configuration file folder
 char  mechConfigFolder[MAX_PATH];
 char  mechConfigFolderPartialPath[] = "Novell\\Casa\\Etc\\Auth\\Mechanisms";
diff --git a/CASA-auth-token/non-java/client/windows/rpc.c b/CASA-auth-token/non-java/client/windows/rpc.c
index 96b4716f..f5286cbc 100644
--- a/CASA-auth-token/non-java/client/windows/rpc.c
+++ b/CASA-auth-token/non-java/client/windows/rpc.c
@@ -38,7 +38,6 @@
 
 //===[ Global variables ]==================================================
 
-
 //++=======================================================================
 static
 CasaStatus
@@ -62,7 +61,6 @@ CopyMultiToWideAlloc(
    int      retStatus;
    int      size, i;
 
-
    DbgTrace(2, "-CopyMultiToWideAlloc- Start\n", 0);
 
    size = (multiSize + 1) * sizeof(WCHAR);
@@ -99,7 +97,8 @@ CopyMultiToWideAlloc(
 //++=======================================================================
 RpcSession*
 OpenRpcSession(
-   IN    char *pHostName)
+   IN    char *pHostName,
+   IN    uint16_t hostPort)
 //
 //  Arguments: 
 //
@@ -114,7 +113,6 @@ OpenRpcSession(
 {
    RpcSession  *pSession;
 
-
    DbgTrace(1, "-OpenRpcSession- Start\n", 0);
 
    // Allocate space for the session
@@ -145,7 +143,7 @@ OpenRpcSession(
             // Now open connection
             pSession->hConnection = WinHttpConnect(pSession->hSession,
                                                    pWideHostName,
-                                                   8080, /*INTERNET_DEFAULT_HTTP_PORT,*/
+                                                   hostPort,
                                                    0);
             if (pSession->hConnection == NULL)
             {