From 637726123ce2c9262da724f94e48619e46ca7182 Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Fri, 22 Sep 2006 16:24:03 +0000 Subject: [PATCH] Added the capability of configuring the ATS Address, port, and whether or not SSL should be used for communications. --- CASA-auth-token/non-java/client/authmech.c | 2 - CASA-auth-token/non-java/client/client.conf | 48 ++++++ CASA-auth-token/non-java/client/engine.c | 143 +++++++++++++----- CASA-auth-token/non-java/client/internal.h | 5 +- .../non-java/client/windows/dllsup.c | 12 +- .../non-java/client/windows/platform.c | 4 + CASA-auth-token/non-java/client/windows/rpc.c | 8 +- 7 files changed, 171 insertions(+), 51 deletions(-) create mode 100644 CASA-auth-token/non-java/client/client.conf diff --git a/CASA-auth-token/non-java/client/authmech.c b/CASA-auth-token/non-java/client/authmech.c index 991a64bb..467259be 100644 --- a/CASA-auth-token/non-java/client/authmech.c +++ b/CASA-auth-token/non-java/client/authmech.c @@ -76,7 +76,6 @@ GetAuthTokenIf( CasaStatus retStatus; ConfigIf *pModuleConfigIf; - DbgTrace(2, "-GetAuthTokenIf- Start\n", 0); // Get the configuration for the module @@ -268,7 +267,6 @@ GetAuthMechToken( CASA_STATUS_UNSUCCESSFUL); AuthTokenIf *pAuthTokenIf; - DbgTrace(1, "-GetAuthMechToken- Start\n", 0); // Initialize output parameter diff --git a/CASA-auth-token/non-java/client/client.conf b/CASA-auth-token/non-java/client/client.conf new file mode 100644 index 00000000..278de62d --- /dev/null +++ b/CASA-auth-token/non-java/client/client.conf @@ -0,0 +1,48 @@ +####################################################### +# # +# CASA Authentication Token System configuration file # +# for client. # +# # +####################################################### + +# +# ATS-hostname setting. +# +# Description: Used to configure the address of the +# ATS that should be used for obtaining +# authentication tokens. +# +# If this parameter is not set, the client +# assummes that the ATS resides in the same +# host as the authentication token consuming +# services. +# +#ATS-hostname hostname or IP address + +# +# ATS-port setting. +# +# Description: Used to configure the port utilized by the +# ATS to listen for connections. +# +# If this parameter is not set, the client +# assummes that the ATS is listening for +# connections on port 443 if configured to +# use SSL, otherwise it assumes that it is +# listening for connections on port 80. +# +ATS-port 8080 + +# +# UseSSL setting. +# +# Description: Used to specify that communications to the ATS +# should occur over SSL to ensure security. +# +# If this parameter is not set, the client +# defaults to using SSL when communicating with +# ATSs. +# +UseSSL false + + diff --git a/CASA-auth-token/non-java/client/engine.c b/CASA-auth-token/non-java/client/engine.c index 827fa441..9e8c875b 100644 --- a/CASA-auth-token/non-java/client/engine.c +++ b/CASA-auth-token/non-java/client/engine.c @@ -43,8 +43,11 @@ int DebugLevel = 0; // // Operating parameter // -bool secureRpcSetting = false; -bool g_bInitialized = FALSE; +bool g_bInitialized = FALSE; +bool g_secureRpcSetting = true; +char *g_pATSHostName = NULL; +uint16_t g_ATSPort = 443; // Default HTTPS + //++======================================================================= static @@ -147,7 +150,7 @@ ObtainSessionToken( // Issue rpc retStatus = Rpc(pRpcSession, "Authenticate", - secureRpcSetting, + g_secureRpcSetting, pReqMsg, &pRespMsg, &respLen); @@ -276,7 +279,8 @@ ObtainAuthTokenFromServer( *ppAuthToken = NULL; // Open Rpc Session to the auth service at the specified host - pRpcSession = OpenRpcSession(pHostName); + pRpcSession = OpenRpcSession((g_pATSHostName != NULL) ? g_pATSHostName : pHostName, + g_ATSPort); if (pRpcSession) { char *pReqMsg = NULL; @@ -294,7 +298,7 @@ ObtainAuthTokenFromServer( // Issue rpc retStatus = Rpc(pRpcSession, "GetAuthPolicy", - secureRpcSetting, + g_secureRpcSetting, pReqMsg, &pRespMsg, &respLen); @@ -326,7 +330,7 @@ ObtainAuthTokenFromServer( // Issue rpc retStatus = Rpc(pRpcSession, "GetAuthToken", - secureRpcSetting, + g_secureRpcSetting, pReqMsg, &pRespMsg, &respLen); @@ -474,7 +478,6 @@ ObtainAuthToken( unsigned char *pToken; HANDLE hUserMutex = NULL; - DbgTrace(1, "-ObtainAuthToken- Start\n", 0); // Verify the input parameters @@ -494,19 +497,18 @@ ObtainAuthToken( DbgTrace(1, "-ObtainAuthToken- HostName = %s\n", pHostName); DbgTrace(1, "-ObtainAuthToken- BufferLength = %d\n", *pAuthTokenBufLen); - // Make sure we are initialized // Obtain our synchronization mutex AcquireInitializationMutex(); // Create user synchronization mutex retStatus = CreateUserMutex(&hUserMutex); - if (retStatus != CASA_STATUS_SUCCESS) { - DbgTrace(0, "-ObtainAuthToken- Error creating mutex for the user\n", 0); + DbgTrace(0, "-ObtainAuthToken- Error creating mutex for the user\n", 0); goto exit; } + // Make sure we are fully initialized if (g_bInitialized == FALSE) { retStatus = InitializeLibrary(); @@ -627,6 +629,96 @@ exit: } +//++======================================================================= +int +InitializeLibrary(void) +// +// Arguments: +// +// Returns: +// +// Abstract: +// +// Notes: +// +// L2 +//=======================================================================-- +{ + int retStatus = -1; + int getConfigStatus = -1; + ConfigIf *pClientConfigIf; + char *pATSPortSetting; + char *pUseSSLSetting; + + DbgTrace(1, "-InitializeLibrary- Start\n", 0); + + // Try to obtain client configuration settings + getConfigStatus = GetConfigInterface(clientConfigFolder, + "client", + &pClientConfigIf); + if (CASA_SUCCESS(getConfigStatus) + && CasaStatusCode(getConfigStatus) != CASA_STATUS_OBJECT_NOT_FOUND) + { + // Check if an ATS hostname has been configured + g_pATSHostName = pClientConfigIf->getEntryValue(pClientConfigIf, "ATS-hostname"); + if (g_pATSHostName != NULL) + { + DbgTrace(0, "-InitializeLibrary- ATS hostname %s configured\n", g_pATSHostName); + } + + // Check if the UseSSL setting has been configured + pUseSSLSetting = pClientConfigIf->getEntryValue(pClientConfigIf, "UseSSL"); + if (pUseSSLSetting != NULL) + { + DbgTrace(0, "-InitializeLibrary- UseSSL setting %s configured\n", pUseSSLSetting); + + // Set the g_secureRpcSetting variable based on the setting + if (stricmp(pUseSSLSetting, "false") == 0) + { + g_secureRpcSetting = false; + + // Change the default ATS port to 80 from 443 + g_ATSPort = 80; + } + else if (stricmp(pUseSSLSetting, "true") == 0) + { + g_secureRpcSetting = true; + } + + // Free the buffer holding the UseSSL setting + free(pUseSSLSetting); + } + + // Check if an ATS port number has been configured + pATSPortSetting = pClientConfigIf->getEntryValue(pClientConfigIf, "ATS-port"); + if (pATSPortSetting != NULL) + { + DbgTrace(0, "-InitializeLibrary- ATS port number %s configured\n", pATSPortSetting); + + // Convert the number to hex + g_ATSPort = (int) dtoul(pATSPortSetting, strlen(pATSPortSetting)); + + // Free the buffer holding the port number + free(pATSPortSetting); + } + + // Release config interface instance + pClientConfigIf->releaseReference(pClientConfigIf); + } + + // Initialize the host name normalization + retStatus = InitializeHostNameNormalization(); + if (CASA_SUCCESS(retStatus)) + { + retStatus = InitializeAuthCache(); + } + + DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus); + + return retStatus; +} + + //++======================================================================= int Initialize(void) @@ -654,37 +746,6 @@ Initialize(void) } -//++======================================================================= -int -InitializeLibrary(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus = -1; - - DbgTrace(1, "-InitializeLibrary- Start\n", 0); - - // Initialize the host name normalization - retStatus = InitializeHostNameNormalization(); - if (CASA_SUCCESS(retStatus)) - { - retStatus = InitializeAuthCache(); - } - - DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - //++======================================================================= //++======================================================================= //++======================================================================= diff --git a/CASA-auth-token/non-java/client/internal.h b/CASA-auth-token/non-java/client/internal.h index c4588c96..24ccf669 100644 --- a/CASA-auth-token/non-java/client/internal.h +++ b/CASA-auth-token/non-java/client/internal.h @@ -106,6 +106,8 @@ typedef struct _AuthenticateResp extern int DebugLevel; +extern char clientConfigFolder[]; + extern char mechConfigFolder[]; extern char pathCharString[]; @@ -345,7 +347,8 @@ InitializeHostNameNormalization(void); extern RpcSession* OpenRpcSession( - IN char *pHostName); + IN char *pHostName, + IN uint16_t hostPort); extern void diff --git a/CASA-auth-token/non-java/client/windows/dllsup.c b/CASA-auth-token/non-java/client/windows/dllsup.c index 9a50c46d..b9321be5 100644 --- a/CASA-auth-token/non-java/client/windows/dllsup.c +++ b/CASA-auth-token/non-java/client/windows/dllsup.c @@ -29,6 +29,9 @@ #include //===[ External data ]===================================================== +extern +char clientConfigFolderPartialPath[]; + extern char mechConfigFolderPartialPath[]; @@ -54,6 +57,7 @@ BOOL APIENTRY DllMain( //=======================================================================-- { BOOL retStatus = TRUE; + char programFilesFolder[MAX_PATH]; switch (ul_reason_for_call) { @@ -61,13 +65,17 @@ BOOL APIENTRY DllMain( { g_hModule = hModule; - // Setup the path to the auth mechanisms config folder + // Setup the path to the client and auth mechanisms config folders if (SHGetFolderPath(NULL, CSIDL_PROGRAM_FILES, NULL, 0, - mechConfigFolder) == 0) + programFilesFolder) == 0) { + strcpy(clientConfigFolder, programFilesFolder); + PathAppend(clientConfigFolder, clientConfigFolderPartialPath); + + strcpy(mechConfigFolder, programFilesFolder); PathAppend(mechConfigFolder, mechConfigFolderPartialPath); // Initialize the library diff --git a/CASA-auth-token/non-java/client/windows/platform.c b/CASA-auth-token/non-java/client/windows/platform.c index 2c83eb1c..f45d192f 100644 --- a/CASA-auth-token/non-java/client/windows/platform.c +++ b/CASA-auth-token/non-java/client/windows/platform.c @@ -53,6 +53,10 @@ LIST_ENTRY normalizedHostNameCacheListHead; static HANDLE hNormalizedHostNameCacheMutex; +// Client configuration file folder +char clientConfigFolder[MAX_PATH]; +char clientConfigFolderPartialPath[] = "Novell\\Casa\\Etc\\Auth"; + // Authentication mechanism configuration file folder char mechConfigFolder[MAX_PATH]; char mechConfigFolderPartialPath[] = "Novell\\Casa\\Etc\\Auth\\Mechanisms"; diff --git a/CASA-auth-token/non-java/client/windows/rpc.c b/CASA-auth-token/non-java/client/windows/rpc.c index 96b4716f..f5286cbc 100644 --- a/CASA-auth-token/non-java/client/windows/rpc.c +++ b/CASA-auth-token/non-java/client/windows/rpc.c @@ -38,7 +38,6 @@ //===[ Global variables ]================================================== - //++======================================================================= static CasaStatus @@ -62,7 +61,6 @@ CopyMultiToWideAlloc( int retStatus; int size, i; - DbgTrace(2, "-CopyMultiToWideAlloc- Start\n", 0); size = (multiSize + 1) * sizeof(WCHAR); @@ -99,7 +97,8 @@ CopyMultiToWideAlloc( //++======================================================================= RpcSession* OpenRpcSession( - IN char *pHostName) + IN char *pHostName, + IN uint16_t hostPort) // // Arguments: // @@ -114,7 +113,6 @@ OpenRpcSession( { RpcSession *pSession; - DbgTrace(1, "-OpenRpcSession- Start\n", 0); // Allocate space for the session @@ -145,7 +143,7 @@ OpenRpcSession( // Now open connection pSession->hConnection = WinHttpConnect(pSession->hSession, pWideHostName, - 8080, /*INTERNET_DEFAULT_HTTP_PORT,*/ + hostPort, 0); if (pSession->hConnection == NULL) {