From 654de007a2cc2ec83cec7180c473cc2df31e770e Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Thu, 27 Jul 2006 18:21:27 +0000 Subject: [PATCH] Continuing project split changes. --- CASA-auth-token/AUTHORS | 2 - CASA-auth-token/COPYING | 459 ------ CASA-auth-token/ChangeLog | 0 CASA-auth-token/Makefile.am | 38 - CASA-auth-token/NEWS | 0 CASA-auth-token/auth.sln | 60 - CASA-auth-token/autogen.sh | 130 -- CASA-auth-token/client/README | 67 - CASA-auth-token/client/TODO | 18 - CASA-auth-token/client/authmech.c | 339 ---- CASA-auth-token/client/authmsg.c | 803 --------- CASA-auth-token/client/authpolicy.c | 801 --------- .../authtokenclient_msi.vdproj | 694 -------- .../authtokenclient_msm.vdproj | 438 ----- CASA-auth-token/client/cache.c | 615 ------- CASA-auth-token/client/client.vcproj | 221 --- CASA-auth-token/client/config.c | 685 -------- CASA-auth-token/client/config_if.h | 120 -- CASA-auth-token/client/engine.c | 696 -------- CASA-auth-token/client/getpolicymsg.c | 745 --------- CASA-auth-token/client/gettokenmsg.c | 793 --------- CASA-auth-token/client/internal.h | 395 ----- CASA-auth-token/client/mech_if.h | 177 -- .../mechanisms/krb5/Krb5Authenticate.conf | 12 - CASA-auth-token/client/mechanisms/krb5/README | 30 - CASA-auth-token/client/mechanisms/krb5/TODO | 14 - .../client/mechanisms/krb5/interface.c | 207 --- .../client/mechanisms/krb5/internal.h | 90 - .../client/mechanisms/krb5/krb5.vcproj | 182 -- CASA-auth-token/client/mechanisms/krb5/util.c | 282 ---- .../client/mechanisms/krb5/windows/dllsup.c | 132 -- .../client/mechanisms/krb5/windows/get.c | 272 --- .../mechanisms/krb5/windows/krb5mech.def | 10 - .../client/mechanisms/krb5/windows/platform.c | 35 - .../client/mechanisms/krb5/windows/platform.h | 83 - .../mechanisms/pwd/PwdAuthenticate.conf | 12 - CASA-auth-token/client/mechanisms/pwd/README | 27 - CASA-auth-token/client/mechanisms/pwd/TODO | 14 - CASA-auth-token/client/mechanisms/pwd/get.c | 359 ---- .../client/mechanisms/pwd/interface.c | 207 --- .../client/mechanisms/pwd/internal.h | 92 -- .../client/mechanisms/pwd/pwd.vcproj | 183 --- CASA-auth-token/client/mechanisms/pwd/util.c | 282 ---- .../client/mechanisms/pwd/windows/dllsup.c | 132 -- .../client/mechanisms/pwd/windows/platform.c | 35 - .../client/mechanisms/pwd/windows/platform.h | 81 - .../client/mechanisms/pwd/windows/pwmech.def | 10 - CASA-auth-token/client/test/CASA_Auth.cpp | 513 ------ CASA-auth-token/client/test/test.vcproj | 142 -- CASA-auth-token/client/util.c | 321 ---- CASA-auth-token/client/windows/authtoken.def | 10 - CASA-auth-token/client/windows/dllsup.c | 132 -- CASA-auth-token/client/windows/platform.c | 665 -------- CASA-auth-token/client/windows/platform.h | 114 -- CASA-auth-token/client/windows/rpc.c | 498 ------ CASA-auth-token/configure.in | 291 ---- CASA-auth-token/include/Makefile.am | 40 - CASA-auth-token/include/casa_c_authtoken.h | 102 -- CASA-auth-token/include/casa_s_authtoken.h | 305 ---- CASA-auth-token/include/list_entry.h | 187 --- CASA-auth-token/include/proto.h | 70 - .../server/ApacheSupport/2.2/Makefile.am | 37 - .../server/ApacheSupport/2.2/README | 108 -- CASA-auth-token/server/ApacheSupport/2.2/TODO | 13 - .../ApacheSupport/2.2/linux/Makefile.am | 114 -- .../server/ApacheSupport/2.2/mod_authn_casa.c | 478 ------ .../server/ApacheSupport/Makefile.am | 37 - CASA-auth-token/server/AuthTokenSvc/.project | 42 - .../server/AuthTokenSvc/Makefile.am | 141 -- CASA-auth-token/server/AuthTokenSvc/README | 292 ---- CASA-auth-token/server/AuthTokenSvc/TODO | 21 - .../server/AuthTokenSvc/authtoken.settings | 4 - .../server/AuthTokenSvc/identoken.settings | 6 - .../AuthTokenSvc/sampleConf/auth.policy | 13 - .../Krb5Authenticate/mechanism.settings | 6 - .../PwdAuthenticate/mechanism.settings | 5 - .../sampleConf/authtoken.settings | 4 - .../testService/auth.policy | 13 - .../testService/authtoken.settings | 4 - .../testService/identoken.settings | 6 - .../AuthTokenSvc/sampleConf/iaRealms.xml | 25 - .../sampleConf/identoken.settings | 6 - .../AuthTokenSvc/sampleConf/svc.settings | 5 - .../server/AuthTokenSvc/src/Makefile.am | 37 - .../server/AuthTokenSvc/src/com/Makefile.am | 37 - .../AuthTokenSvc/src/com/novell/Makefile.am | 37 - .../src/com/novell/casa/Makefile.am | 37 - .../casa/authtoksvc/AuthMechConfig.java | 258 --- .../novell/casa/authtoksvc/AuthMechanism.java | 53 - .../novell/casa/authtoksvc/AuthReqMsg.java | 328 ---- .../novell/casa/authtoksvc/AuthRespMsg.java | 113 -- .../com/novell/casa/authtoksvc/AuthToken.java | 466 ------ .../casa/authtoksvc/AuthTokenConfig.java | 298 ---- .../novell/casa/authtoksvc/Authenticate.java | 341 ---- .../novell/casa/authtoksvc/Base64Coder.java | 121 -- .../casa/authtoksvc/CasaIdentityToken.java | 774 --------- .../casa/authtoksvc/EnabledSvcsConfig.java | 388 ----- .../novell/casa/authtoksvc/GetAuthPolicy.java | 127 -- .../casa/authtoksvc/GetAuthPolicyReqMsg.java | 282 ---- .../casa/authtoksvc/GetAuthPolicyRespMsg.java | 111 -- .../casa/authtoksvc/GetAuthTokReqMsg.java | 331 ---- .../casa/authtoksvc/GetAuthTokRespMsg.java | 115 -- .../novell/casa/authtoksvc/GetAuthToken.java | 146 -- .../casa/authtoksvc/IdenTokenConfig.java | 294 ---- .../novell/casa/authtoksvc/IdentityToken.java | 93 -- .../casa/authtoksvc/Krb5Authenticate.java | 257 --- .../casa/authtoksvc/Krb5_mechanism.settings | 7 - .../com/novell/casa/authtoksvc/Makefile.am | 63 - .../com/novell/casa/authtoksvc/ProtoDefs.java | 86 - .../casa/authtoksvc/PwdAuthenticate.java | 223 --- .../casa/authtoksvc/Pwd_mechanism.settings | 6 - .../src/com/novell/casa/authtoksvc/Rpc.java | 285 ---- .../com/novell/casa/authtoksvc/RpcMethod.java | 53 - .../novell/casa/authtoksvc/SessionToken.java | 416 ----- .../com/novell/casa/authtoksvc/SvcConfig.java | 299 ---- .../server/AuthTokenSvc/svc.settings | 5 - CASA-auth-token/server/AuthTokenSvc/web.xml | 27 - .../server/AuthTokenValidate/Makefile.am | 37 - .../server/AuthTokenValidate/README | 77 - CASA-auth-token/server/AuthTokenValidate/TODO | 15 - .../server/AuthTokenValidate/authtoken.c | 693 -------- .../server/AuthTokenValidate/config.c | 764 --------- .../server/AuthTokenValidate/config_if.h | 120 -- .../idenTokenProviders/Makefile.am | 37 - .../idenTokenProviders/casa/Makefile.am | 37 - .../idenTokenProviders/casa/README | 39 - .../idenTokenProviders/casa/TODO | 13 - .../idenTokenProviders/casa/identoken.c | 1458 ----------------- .../casa/identokenprovider.c | 346 ---- .../idenTokenProviders/casa/internal.h | 122 -- .../casa/linux/CasaIdentityToken.conf | 15 - .../idenTokenProviders/casa/linux/Makefile.am | 114 -- .../idenTokenProviders/casa/linux/platform.c | 178 -- .../idenTokenProviders/casa/linux/platform.h | 93 -- .../idenTokenProviders/casa/util.c | 321 ---- .../iden_token_provider_if.h | 356 ---- .../server/AuthTokenValidate/identoken.c | 320 ---- .../server/AuthTokenValidate/internal.h | 222 --- .../AuthTokenValidate/linux/Makefile.am | 116 -- .../server/AuthTokenValidate/linux/platform.c | 268 --- .../server/AuthTokenValidate/linux/platform.h | 100 -- .../server/AuthTokenValidate/principal.c | 482 ------ .../server/AuthTokenValidate/util.c | 321 ---- .../server/AuthTokenValidate/validate.c | 244 --- CASA-auth-token/server/JaasSupport/.classpath | 8 - CASA-auth-token/server/JaasSupport/.project | 17 - .../server/JaasSupport/Makefile.am | 81 - CASA-auth-token/server/JaasSupport/README | 82 - CASA-auth-token/server/JaasSupport/TODO | 13 - .../server/JaasSupport/make_and_run_test.sh | 17 - .../server/JaasSupport/src/Makefile.am | 37 - .../server/JaasSupport/src/com/Makefile.am | 37 - .../JaasSupport/src/com/novell/Makefile.am | 37 - .../src/com/novell/casa/Makefile.am | 37 - .../com/novell/casa/jaas/CasaLoginModule.java | 257 --- .../com/novell/casa/jaas/CasaPrincipal.java | 87 - .../src/com/novell/casa/jaas/Makefile.am | 39 - .../novell/casa/jaas/sample/SampleApp.conf | 3 - .../novell/casa/jaas/sample/SampleApp.java | 193 --- .../jaas/sample/SampleAppCallbackHandler.java | 71 - CASA-auth-token/server/Makefile.am | 38 - CASA-auth-token/server/PamSupport/Makefile.am | 37 - CASA-auth-token/server/PamSupport/README | 80 - CASA-auth-token/server/PamSupport/TODO | 13 - .../server/PamSupport/linux/Makefile.am | 112 -- .../server/PamSupport/pam_authtoken.c | 649 -------- CASA-auth-token/server/PamSupport/test/README | 32 - .../server/PamSupport/test/make.sh | 2 - CASA-auth-token/server/PamSupport/test/test.c | 520 ------ .../server/PamSupport/test/testservice | 6 - 170 files changed, 31776 deletions(-) delete mode 100644 CASA-auth-token/AUTHORS delete mode 100644 CASA-auth-token/COPYING delete mode 100644 CASA-auth-token/ChangeLog delete mode 100644 CASA-auth-token/Makefile.am delete mode 100644 CASA-auth-token/NEWS delete mode 100644 CASA-auth-token/auth.sln delete mode 100755 CASA-auth-token/autogen.sh delete mode 100644 CASA-auth-token/client/README delete mode 100644 CASA-auth-token/client/TODO delete mode 100644 CASA-auth-token/client/authmech.c delete mode 100644 CASA-auth-token/client/authmsg.c delete mode 100644 CASA-auth-token/client/authpolicy.c delete mode 100644 CASA-auth-token/client/authtokenclient_msi/authtokenclient_msi.vdproj delete mode 100644 CASA-auth-token/client/authtokenclient_msm/authtokenclient_msm.vdproj delete mode 100644 CASA-auth-token/client/cache.c delete mode 100644 CASA-auth-token/client/client.vcproj delete mode 100644 CASA-auth-token/client/config.c delete mode 100644 CASA-auth-token/client/config_if.h delete mode 100644 CASA-auth-token/client/engine.c delete mode 100644 CASA-auth-token/client/getpolicymsg.c delete mode 100644 CASA-auth-token/client/gettokenmsg.c delete mode 100644 CASA-auth-token/client/internal.h delete mode 100644 CASA-auth-token/client/mech_if.h delete mode 100644 CASA-auth-token/client/mechanisms/krb5/Krb5Authenticate.conf delete mode 100644 CASA-auth-token/client/mechanisms/krb5/README delete mode 100644 CASA-auth-token/client/mechanisms/krb5/TODO delete mode 100644 CASA-auth-token/client/mechanisms/krb5/interface.c delete mode 100644 CASA-auth-token/client/mechanisms/krb5/internal.h delete mode 100644 CASA-auth-token/client/mechanisms/krb5/krb5.vcproj delete mode 100644 CASA-auth-token/client/mechanisms/krb5/util.c delete mode 100644 CASA-auth-token/client/mechanisms/krb5/windows/dllsup.c delete mode 100644 CASA-auth-token/client/mechanisms/krb5/windows/get.c delete mode 100644 CASA-auth-token/client/mechanisms/krb5/windows/krb5mech.def delete mode 100644 CASA-auth-token/client/mechanisms/krb5/windows/platform.c delete mode 100644 CASA-auth-token/client/mechanisms/krb5/windows/platform.h delete mode 100644 CASA-auth-token/client/mechanisms/pwd/PwdAuthenticate.conf delete mode 100644 CASA-auth-token/client/mechanisms/pwd/README delete mode 100644 CASA-auth-token/client/mechanisms/pwd/TODO delete mode 100644 CASA-auth-token/client/mechanisms/pwd/get.c delete mode 100644 CASA-auth-token/client/mechanisms/pwd/interface.c delete mode 100644 CASA-auth-token/client/mechanisms/pwd/internal.h delete mode 100644 CASA-auth-token/client/mechanisms/pwd/pwd.vcproj delete mode 100644 CASA-auth-token/client/mechanisms/pwd/util.c delete mode 100644 CASA-auth-token/client/mechanisms/pwd/windows/dllsup.c delete mode 100644 CASA-auth-token/client/mechanisms/pwd/windows/platform.c delete mode 100644 CASA-auth-token/client/mechanisms/pwd/windows/platform.h delete mode 100644 CASA-auth-token/client/mechanisms/pwd/windows/pwmech.def delete mode 100644 CASA-auth-token/client/test/CASA_Auth.cpp delete mode 100644 CASA-auth-token/client/test/test.vcproj delete mode 100644 CASA-auth-token/client/util.c delete mode 100644 CASA-auth-token/client/windows/authtoken.def delete mode 100644 CASA-auth-token/client/windows/dllsup.c delete mode 100644 CASA-auth-token/client/windows/platform.c delete mode 100644 CASA-auth-token/client/windows/platform.h delete mode 100644 CASA-auth-token/client/windows/rpc.c delete mode 100644 CASA-auth-token/configure.in delete mode 100644 CASA-auth-token/include/Makefile.am delete mode 100644 CASA-auth-token/include/casa_c_authtoken.h delete mode 100644 CASA-auth-token/include/casa_s_authtoken.h delete mode 100644 CASA-auth-token/include/list_entry.h delete mode 100644 CASA-auth-token/include/proto.h delete mode 100644 CASA-auth-token/server/ApacheSupport/2.2/Makefile.am delete mode 100644 CASA-auth-token/server/ApacheSupport/2.2/README delete mode 100644 CASA-auth-token/server/ApacheSupport/2.2/TODO delete mode 100644 CASA-auth-token/server/ApacheSupport/2.2/linux/Makefile.am delete mode 100644 CASA-auth-token/server/ApacheSupport/2.2/mod_authn_casa.c delete mode 100644 CASA-auth-token/server/ApacheSupport/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/.project delete mode 100644 CASA-auth-token/server/AuthTokenSvc/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/README delete mode 100644 CASA-auth-token/server/AuthTokenSvc/TODO delete mode 100644 CASA-auth-token/server/AuthTokenSvc/authtoken.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/identoken.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/auth.policy delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/Krb5Authenticate/mechanism.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/PwdAuthenticate/mechanism.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/authtoken.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/auth.policy delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/authtoken.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/identoken.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/iaRealms.xml delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/identoken.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/sampleConf/svc.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechConfig.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechanism.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthReqMsg.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthRespMsg.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthToken.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthTokenConfig.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Base64Coder.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicy.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyReqMsg.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyRespMsg.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokReqMsg.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokRespMsg.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthToken.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdenTokenConfig.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdentityToken.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/ProtoDefs.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/RpcMethod.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SessionToken.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java delete mode 100644 CASA-auth-token/server/AuthTokenSvc/svc.settings delete mode 100644 CASA-auth-token/server/AuthTokenSvc/web.xml delete mode 100644 CASA-auth-token/server/AuthTokenValidate/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenValidate/README delete mode 100644 CASA-auth-token/server/AuthTokenValidate/TODO delete mode 100644 CASA-auth-token/server/AuthTokenValidate/authtoken.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/config.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/config_if.h delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/README delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/TODO delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identoken.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identokenprovider.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/internal.h delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.h delete mode 100644 CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/util.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/iden_token_provider_if.h delete mode 100644 CASA-auth-token/server/AuthTokenValidate/identoken.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/internal.h delete mode 100644 CASA-auth-token/server/AuthTokenValidate/linux/Makefile.am delete mode 100644 CASA-auth-token/server/AuthTokenValidate/linux/platform.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/linux/platform.h delete mode 100644 CASA-auth-token/server/AuthTokenValidate/principal.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/util.c delete mode 100644 CASA-auth-token/server/AuthTokenValidate/validate.c delete mode 100644 CASA-auth-token/server/JaasSupport/.classpath delete mode 100644 CASA-auth-token/server/JaasSupport/.project delete mode 100644 CASA-auth-token/server/JaasSupport/Makefile.am delete mode 100644 CASA-auth-token/server/JaasSupport/README delete mode 100644 CASA-auth-token/server/JaasSupport/TODO delete mode 100755 CASA-auth-token/server/JaasSupport/make_and_run_test.sh delete mode 100644 CASA-auth-token/server/JaasSupport/src/Makefile.am delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/Makefile.am delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/Makefile.am delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/Makefile.am delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaLoginModule.java delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaPrincipal.java delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/Makefile.am delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.conf delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.java delete mode 100644 CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java delete mode 100644 CASA-auth-token/server/Makefile.am delete mode 100644 CASA-auth-token/server/PamSupport/Makefile.am delete mode 100644 CASA-auth-token/server/PamSupport/README delete mode 100644 CASA-auth-token/server/PamSupport/TODO delete mode 100644 CASA-auth-token/server/PamSupport/linux/Makefile.am delete mode 100644 CASA-auth-token/server/PamSupport/pam_authtoken.c delete mode 100644 CASA-auth-token/server/PamSupport/test/README delete mode 100755 CASA-auth-token/server/PamSupport/test/make.sh delete mode 100644 CASA-auth-token/server/PamSupport/test/test.c delete mode 100644 CASA-auth-token/server/PamSupport/test/testservice diff --git a/CASA-auth-token/AUTHORS b/CASA-auth-token/AUTHORS deleted file mode 100644 index ba13017c..00000000 --- a/CASA-auth-token/AUTHORS +++ /dev/null @@ -1,2 +0,0 @@ -Juan Carlos Luciani - jluciani@novell.com - diff --git a/CASA-auth-token/COPYING b/CASA-auth-token/COPYING deleted file mode 100644 index b0ab9a23..00000000 --- a/CASA-auth-token/COPYING +++ /dev/null @@ -1,459 +0,0 @@ - GNU LESSER GENERAL PUBLIC LICENSE - Version 2.1, February 1999 - - Copyright (C) 1991, 1999 Free Software Foundation, Inc. - 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - -[This is the first released version of the Lesser GPL. It also counts - as the successor of the GNU Library Public License, version 2, hence - the version number 2.1.] - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -Licenses are intended to guarantee your freedom to share and change -free software--to make sure the software is free for all its users. - - This license, the Lesser General Public License, applies to some -specially designated software packages--typically libraries--of the -Free Software Foundation and other authors who decide to use it. You -can use it too, but we suggest you first think carefully about whether -this license or the ordinary General Public License is the better -strategy to use in any particular case, based on the explanations below. - - When we speak of free software, we are referring to freedom of use, -not price. Our General Public Licenses are designed to make sure that -you have the freedom to distribute copies of free software (and charge -for this service if you wish); that you receive source code or can get -it if you want it; that you can change the software and use pieces of -it in new free programs; and that you are informed that you can do -these things. - - To protect your rights, we need to make restrictions that forbid -distributors to deny you these rights or to ask you to surrender these -rights. These restrictions translate to certain responsibilities for -you if you distribute copies of the library or if you modify it. - - For example, if you distribute copies of the library, whether gratis -or for a fee, you must give the recipients all the rights that we gave -you. You must make sure that they, too, receive or can get the source -code. If you link other code with the library, you must provide -complete object files to the recipients, so that they can relink them -with the library after making changes to the library and recompiling -it. And you must show them these terms so they know their rights. - - We protect your rights with a two-step method: (1) we copyright the -library, and (2) we offer you this license, which gives you legal -permission to copy, distribute and/or modify the library. - - To protect each distributor, we want to make it very clear that -there is no warranty for the free library. Also, if the library is -modified by someone else and passed on, the recipients should know -that what they have is not the original version, so that the original -author's reputation will not be affected by problems that might be -introduced by others. - - Finally, software patents pose a constant threat to the existence of -any free program. We wish to make sure that a company cannot -effectively restrict the users of a free program by obtaining a -restrictive license from a patent holder. Therefore, we insist that -any patent license obtained for a version of the library must be -consistent with the full freedom of use specified in this license. - - Most GNU software, including some libraries, is covered by the -ordinary GNU General Public License. This license, the GNU Lesser -General Public License, applies to certain designated libraries, and -is quite different from the ordinary General Public License. We use -this license for certain libraries in order to permit linking those -libraries into non-free programs. - - When a program is linked with a library, whether statically or using -a shared library, the combination of the two is legally speaking a -combined work, a derivative of the original library. The ordinary -General Public License therefore permits such linking only if the -entire combination fits its criteria of freedom. The Lesser General -Public License permits more lax criteria for linking other code with -the library. - - We call this license the "Lesser" General Public License because it -does Less to protect the user's freedom than the ordinary General -Public License. It also provides other free software developers Less -of an advantage over competing non-free programs. These disadvantages -are the reason we use the ordinary General Public License for many -libraries. However, the Lesser license provides advantages in certain -special circumstances. - - For example, on rare occasions, there may be a special need to -encourage the widest possible use of a certain library, so that it becomes -a de-facto standard. To achieve this, non-free programs must be -allowed to use the library. A more frequent case is that a free -library does the same job as widely used non-free libraries. In this -case, there is little to gain by limiting the free library to free -software only, so we use the Lesser General Public License. - - In other cases, permission to use a particular library in non-free -programs enables a greater number of people to use a large body of -free software. For example, permission to use the GNU C Library in -non-free programs enables many more people to use the whole GNU -operating system, as well as its variant, the GNU/Linux operating -system. - - Although the Lesser General Public License is Less protective of the -users' freedom, it does ensure that the user of a program that is -linked with the Library has the freedom and the wherewithal to run -that program using a modified version of the Library. - - The precise terms and conditions for copying, distribution and -modification follow. Pay close attention to the difference between a -"work based on the library" and a "work that uses the library". The -former contains code derived from the library, whereas the latter must -be combined with the library in order to run. - - GNU LESSER GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License Agreement applies to any software library or other -program which contains a notice placed by the copyright holder or -other authorized party saying it may be distributed under the terms of -this Lesser General Public License (also called "this License"). -Each licensee is addressed as "you". - - A "library" means a collection of software functions and/or data -prepared so as to be conveniently linked with application programs -(which use some of those functions and data) to form executables. - - The "Library", below, refers to any such software library or work -which has been distributed under these terms. A "work based on the -Library" means either the Library or any derivative work under -copyright law: that is to say, a work containing the Library or a -portion of it, either verbatim or with modifications and/or translated -straightforwardly into another language. (Hereinafter, translation is -included without limitation in the term "modification".) - - "Source code" for a work means the preferred form of the work for -making modifications to it. For a library, complete source code means -all the source code for all modules it contains, plus any associated -interface definition files, plus the scripts used to control compilation -and installation of the library. - - Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running a program using the Library is not restricted, and output from -such a program is covered only if its contents constitute a work based -on the Library (independent of the use of the Library in a tool for -writing it). Whether that is true depends on what the Library does -and what the program that uses the Library does. - - 1. You may copy and distribute verbatim copies of the Library's -complete source code as you receive it, in any medium, provided that -you conspicuously and appropriately publish on each copy an -appropriate copyright notice and disclaimer of warranty; keep intact -all the notices that refer to this License and to the absence of any -warranty; and distribute a copy of this License along with the -Library. - - You may charge a fee for the physical act of transferring a copy, -and you may at your option offer warranty protection in exchange for a -fee. - - 2. You may modify your copy or copies of the Library or any portion -of it, thus forming a work based on the Library, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) The modified work must itself be a software library. - - b) You must cause the files modified to carry prominent notices - stating that you changed the files and the date of any change. - - c) You must cause the whole of the work to be licensed at no - charge to all third parties under the terms of this License. - - d) If a facility in the modified Library refers to a function or a - table of data to be supplied by an application program that uses - the facility, other than as an argument passed when the facility - is invoked, then you must make a good faith effort to ensure that, - in the event an application does not supply such function or - table, the facility still operates, and performs whatever part of - its purpose remains meaningful. - - (For example, a function in a library to compute square roots has - a purpose that is entirely well-defined independent of the - application. Therefore, Subsection 2d requires that any - application-supplied function or table used by this function must - be optional: if the application does not supply it, the square - root function must still compute square roots.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Library, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Library, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote -it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Library. - -In addition, mere aggregation of another work not based on the Library -with the Library (or with a work based on the Library) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may opt to apply the terms of the ordinary GNU General Public -License instead of this License to a given copy of the Library. To do -this, you must alter all the notices that refer to this License, so -that they refer to the ordinary GNU General Public License, version 2, -instead of to this License. (If a newer version than version 2 of the -ordinary GNU General Public License has appeared, then you can specify -that version instead if you wish.) Do not make any other change in -these notices. - - Once this change is made in a given copy, it is irreversible for -that copy, so the ordinary GNU General Public License applies to all -subsequent copies and derivative works made from that copy. - - This option is useful when you wish to copy part of the code of -the Library into a program that is not a library. - - 4. You may copy and distribute the Library (or a portion or -derivative of it, under Section 2) in object code or executable form -under the terms of Sections 1 and 2 above provided that you accompany -it with the complete corresponding machine-readable source code, which -must be distributed under the terms of Sections 1 and 2 above on a -medium customarily used for software interchange. - - If distribution of object code is made by offering access to copy -from a designated place, then offering equivalent access to copy the -source code from the same place satisfies the requirement to -distribute the source code, even though third parties are not -compelled to copy the source along with the object code. - - 5. A program that contains no derivative of any portion of the -Library, but is designed to work with the Library by being compiled or -linked with it, is called a "work that uses the Library". Such a -work, in isolation, is not a derivative work of the Library, and -therefore falls outside the scope of this License. - - However, linking a "work that uses the Library" with the Library -creates an executable that is a derivative of the Library (because it -contains portions of the Library), rather than a "work that uses the -library". The executable is therefore covered by this License. -Section 6 states terms for distribution of such executables. - - When a "work that uses the Library" uses material from a header file -that is part of the Library, the object code for the work may be a -derivative work of the Library even though the source code is not. -Whether this is true is especially significant if the work can be -linked without the Library, or if the work is itself a library. The -threshold for this to be true is not precisely defined by law. - - If such an object file uses only numerical parameters, data -structure layouts and accessors, and small macros and small inline -functions (ten lines or less in length), then the use of the object -file is unrestricted, regardless of whether it is legally a derivative -work. (Executables containing this object code plus portions of the -Library will still fall under Section 6.) - - Otherwise, if the work is a derivative of the Library, you may -distribute the object code for the work under the terms of Section 6. -Any executables containing that work also fall under Section 6, -whether or not they are linked directly with the Library itself. - - 6. As an exception to the Sections above, you may also combine or -link a "work that uses the Library" with the Library to produce a -work containing portions of the Library, and distribute that work -under terms of your choice, provided that the terms permit -modification of the work for the customer's own use and reverse -engineering for debugging such modifications. - - You must give prominent notice with each copy of the work that the -Library is used in it and that the Library and its use are covered by -this License. You must supply a copy of this License. If the work -during execution displays copyright notices, you must include the -copyright notice for the Library among them, as well as a reference -directing the user to the copy of this License. Also, you must do one -of these things: - - a) Accompany the work with the complete corresponding - machine-readable source code for the Library including whatever - changes were used in the work (which must be distributed under - Sections 1 and 2 above); and, if the work is an executable linked - with the Library, with the complete machine-readable "work that - uses the Library", as object code and/or source code, so that the - user can modify the Library and then relink to produce a modified - executable containing the modified Library. (It is understood - that the user who changes the contents of definitions files in the - Library will not necessarily be able to recompile the application - to use the modified definitions.) - - b) Use a suitable shared library mechanism for linking with the - Library. A suitable mechanism is one that (1) uses at run time a - copy of the library already present on the user's computer system, - rather than copying library functions into the executable, and (2) - will operate properly with a modified version of the library, if - the user installs one, as long as the modified version is - interface-compatible with the version that the work was made with. - - c) Accompany the work with a written offer, valid for at - least three years, to give the same user the materials - specified in Subsection 6a, above, for a charge no more - than the cost of performing this distribution. - - d) If distribution of the work is made by offering access to copy - from a designated place, offer equivalent access to copy the above - specified materials from the same place. - - e) Verify that the user has already received a copy of these - materials or that you have already sent this user a copy. - - For an executable, the required form of the "work that uses the -Library" must include any data and utility programs needed for -reproducing the executable from it. However, as a special exception, -the materials to be distributed need not include anything that is -normally distributed (in either source or binary form) with the major -components (compiler, kernel, and so on) of the operating system on -which the executable runs, unless that component itself accompanies -the executable. - - It may happen that this requirement contradicts the license -restrictions of other proprietary libraries that do not normally -accompany the operating system. Such a contradiction means you cannot -use both them and the Library together in an executable that you -distribute. - - 7. You may place library facilities that are a work based on the -Library side-by-side in a single library together with other library -facilities not covered by this License, and distribute such a combined -library, provided that the separate distribution of the work based on -the Library and of the other library facilities is otherwise -permitted, and provided that you do these two things: - - a) Accompany the combined library with a copy of the same work - based on the Library, uncombined with any other library - facilities. This must be distributed under the terms of the - Sections above. - - b) Give prominent notice with the combined library of the fact - that part of it is a work based on the Library, and explaining - where to find the accompanying uncombined form of the same work. - - 8. You may not copy, modify, sublicense, link with, or distribute -the Library except as expressly provided under this License. Any -attempt otherwise to copy, modify, sublicense, link with, or -distribute the Library is void, and will automatically terminate your -rights under this License. However, parties who have received copies, -or rights, from you under this License will not have their licenses -terminated so long as such parties remain in full compliance. - - 9. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Library or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Library (or any work based on the -Library), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Library or works based on it. - - 10. Each time you redistribute the Library (or any work based on the -Library), the recipient automatically receives a license from the -original licensor to copy, distribute, link with or modify the Library -subject to these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties with -this License. - - 11. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Library at all. For example, if a patent -license would not permit royalty-free redistribution of the Library by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Library. - -If any portion of this section is held invalid or unenforceable under any -particular circumstance, the balance of the section is intended to apply, -and the section as a whole is intended to apply in other circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 12. If the distribution and/or use of the Library is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Library under this License may add -an explicit geographical distribution limitation excluding those countries, -so that distribution is permitted only in or among countries not thus -excluded. In such case, this License incorporates the limitation as if -written in the body of this License. - - 13. The Free Software Foundation may publish revised and/or new -versions of the Lesser General Public License from time to time. -Such new versions will be similar in spirit to the present version, -but may differ in detail to address new problems or concerns. - -Each version is given a distinguishing version number. If the Library -specifies a version number of this License which applies to it and -"any later version", you have the option of following the terms and -conditions either of that version or of any later version published by -the Free Software Foundation. If the Library does not specify a -license version number, you may choose any version ever published by -the Free Software Foundation. - - 14. If you wish to incorporate parts of the Library into other free -programs whose distribution conditions are incompatible with these, -write to the author to ask for permission. For software which is -copyrighted by the Free Software Foundation, write to the Free -Software Foundation; we sometimes make exceptions for this. Our -decision will be guided by the two goals of preserving the free status -of all derivatives of our free software and of promoting the sharing -and reuse of software generally. - - NO WARRANTY - - 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO -WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. -EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR -OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY -KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE -LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME -THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY -AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU -FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR -CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE -LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING -RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A -FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF -SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH -DAMAGES. - - END OF TERMS AND CONDITIONS - diff --git a/CASA-auth-token/ChangeLog b/CASA-auth-token/ChangeLog deleted file mode 100644 index e69de29b..00000000 diff --git a/CASA-auth-token/Makefile.am b/CASA-auth-token/Makefile.am deleted file mode 100644 index 84e5e7ff..00000000 --- a/CASA-auth-token/Makefile.am +++ /dev/null @@ -1,38 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = server package - -DIST_SUBDIRS = include server package - -EXTRA_DIST = autogen.sh - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C package $@ - -clean-local: - if [ -d lib ]; then rm -rf lib; fi - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/NEWS b/CASA-auth-token/NEWS deleted file mode 100644 index e69de29b..00000000 diff --git a/CASA-auth-token/auth.sln b/CASA-auth-token/auth.sln deleted file mode 100644 index 5eb33a93..00000000 --- a/CASA-auth-token/auth.sln +++ /dev/null @@ -1,60 +0,0 @@ -Microsoft Visual Studio Solution File, Format Version 8.00 -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "client\client.vcproj", "{7BD9A5DB-DE7D-40B7-A397-04182DC2F632}" - ProjectSection(ProjectDependencies) = postProject - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test", "client\test\test.vcproj", "{6034EBF1-0838-45C4-A538-A41A31EC8F46}" - ProjectSection(ProjectDependencies) = postProject - {7BD9A5DB-DE7D-40B7-A397-04182DC2F632} = {7BD9A5DB-DE7D-40B7-A397-04182DC2F632} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "krb5", "client\mechanisms\krb5\krb5.vcproj", "{5499F624-F371-4559-B4C2-A484BCE892FD}" - ProjectSection(ProjectDependencies) = postProject - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pwd", "client\mechanisms\pwd\pwd.vcproj", "{5499F624-F371-4559-B4C2-A484BCE892FD}" - ProjectSection(ProjectDependencies) = postProject - EndProjectSection -EndProject -Project("{54435603-DBB4-11D2-8724-00A0C9A8B90C}") = "authtokenclient_msm", "client\authtokenclient_msm\authtokenclient_msm.vdproj", "{70ED319E-F496-4F07-878C-1921426DD399}" - ProjectSection(ProjectDependencies) = postProject - EndProjectSection -EndProject -Project("{54435603-DBB4-11D2-8724-00A0C9A8B90C}") = "authtokenclient_msi", "client\authtokenclient_msi\authtokenclient_msi.vdproj", "{AA014EB3-8AD3-49B8-92E3-F8AA0FBCEE9B}" - ProjectSection(ProjectDependencies) = postProject - EndProjectSection -EndProject -Global - GlobalSection(SolutionConfiguration) = preSolution - Debug = Debug - Release = Release - EndGlobalSection - GlobalSection(ProjectConfiguration) = postSolution - {7BD9A5DB-DE7D-40B7-A397-04182DC2F632}.Debug.ActiveCfg = Debug|Win32 - {7BD9A5DB-DE7D-40B7-A397-04182DC2F632}.Debug.Build.0 = Debug|Win32 - {7BD9A5DB-DE7D-40B7-A397-04182DC2F632}.Release.ActiveCfg = Release|Win32 - {7BD9A5DB-DE7D-40B7-A397-04182DC2F632}.Release.Build.0 = Release|Win32 - {6034EBF1-0838-45C4-A538-A41A31EC8F46}.Debug.ActiveCfg = Debug|Win32 - {6034EBF1-0838-45C4-A538-A41A31EC8F46}.Debug.Build.0 = Debug|Win32 - {6034EBF1-0838-45C4-A538-A41A31EC8F46}.Release.ActiveCfg = Release|Win32 - {6034EBF1-0838-45C4-A538-A41A31EC8F46}.Release.Build.0 = Release|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Debug.ActiveCfg = Debug|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Debug.Build.0 = Debug|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Release.ActiveCfg = Release|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Release.Build.0 = Release|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Debug.ActiveCfg = Debug|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Debug.Build.0 = Debug|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Release.ActiveCfg = Release|Win32 - {5499F624-F371-4559-B4C2-A484BCE892FD}.Release.Build.0 = Release|Win32 - {70ED319E-F496-4F07-878C-1921426DD399}.Debug.ActiveCfg = Debug - {70ED319E-F496-4F07-878C-1921426DD399}.Debug.Build.0 = Debug - {70ED319E-F496-4F07-878C-1921426DD399}.Release.ActiveCfg = Release - {70ED319E-F496-4F07-878C-1921426DD399}.Release.Build.0 = Release - {AA014EB3-8AD3-49B8-92E3-F8AA0FBCEE9B}.Debug.ActiveCfg = Debug - {AA014EB3-8AD3-49B8-92E3-F8AA0FBCEE9B}.Release.ActiveCfg = Release - EndGlobalSection - GlobalSection(ExtensibilityGlobals) = postSolution - EndGlobalSection - GlobalSection(ExtensibilityAddIns) = postSolution - EndGlobalSection -EndGlobal diff --git a/CASA-auth-token/autogen.sh b/CASA-auth-token/autogen.sh deleted file mode 100755 index 56e0f00c..00000000 --- a/CASA-auth-token/autogen.sh +++ /dev/null @@ -1,130 +0,0 @@ -#!/bin/sh -# Run this to generate all the initial makefiles, etc. - -srcdir=`dirname $0` -test -z "$srcdir" && srcdir=. - -ORIGDIR=`pwd` -cd $srcdir -PROJECT=CASA -TEST_TYPE=-f -FILE=server/AuthTokenSvc/authtoken.settings - -DIE=0 - -(autoconf --version) < /dev/null > /dev/null 2>&1 || { - echo - echo "You must have autoconf installed to compile $PROJECT." - echo "Download the appropriate package for your distribution," - echo "or get the source tarball at ftp://ftp.gnu.org/pub/gnu/" - DIE=1 -} - -AUTOMAKE=automake-1.9 -ACLOCAL=aclocal-1.9 - -($AUTOMAKE --version) < /dev/null > /dev/null 2>&1 || { - AUTOMAKE=automake - ACLOCAL=aclocal -} - -($AUTOMAKE --version) < /dev/null > /dev/null 2>&1 || { - echo - echo "You must have automake installed to compile $PROJECT." - echo "Download the appropriate package for your distribution," - echo "or get the source tarball at ftp://ftp.gnu.org/pub/gnu/" - DIE=1 -} - -if test "$DIE" -eq 1; then - exit 1 -fi - -test $TEST_TYPE $FILE || { - echo "You must run this script in the top-level $PROJECT directory" - exit 1 -} - -if test -z "$*"; then - echo "I am going to run ./configure with no arguments - if you wish " - echo "to pass any to it, please specify them on the $0 command line." -fi - -case $CC in -*xlc | *xlc\ * | *lcc | *lcc\ *) am_opt=--include-deps;; -esac - -for coin in `find $srcdir -name configure.in -print` -do - dr=`dirname $coin` - if test -f $dr/NO-AUTO-GEN; then - echo skipping $dr -- flagged as no auto-gen - else - echo processing $dr - macrodirs=`sed -n -e 's,AM_ACLOCAL_INCLUDE(\(.*\)),\1,gp' < $coin` - ( cd $dr - aclocalinclude="$ACLOCAL_FLAGS" - for k in $macrodirs; do - if test -d $k; then - aclocalinclude="$aclocalinclude -I $k" - ##else - ## echo "**Warning**: No such directory \`$k'. Ignored." - fi - done - if grep "^AM_GNU_GETTEXT" configure.in >/dev/null; then - if grep "sed.*POTFILES" configure.in >/dev/null; then - : do nothing -- we still have an old unmodified configure.in - else - echo "Creating $dr/aclocal.m4 ..." - test -r $dr/aclocal.m4 || touch $dr/aclocal.m4 - echo "Running gettextize... Ignore non-fatal messages." - echo "no" | gettextize --force --copy - echo "Making $dr/aclocal.m4 writable ..." - test -r $dr/aclocal.m4 && chmod u+w $dr/aclocal.m4 - fi - fi - if grep "^AM_GNOME_GETTEXT" configure.in >/dev/null; then - echo "Creating $dr/aclocal.m4 ..." - test -r $dr/aclocal.m4 || touch $dr/aclocal.m4 - echo "Running gettextize... Ignore non-fatal messages." - echo "no" | gettextize --force --copy - echo "Making $dr/aclocal.m4 writable ..." - test -r $dr/aclocal.m4 && chmod u+w $dr/aclocal.m4 - fi - if grep "^AM_GLIB_GNU_GETTEXT" configure.in >/dev/null; then - echo "Creating $dr/aclocal.m4 ..." - test -r $dr/aclocal.m4 || touch $dr/aclocal.m4 - echo "Running gettextize... Ignore non-fatal messages." - echo "no" | glib-gettextize --force --copy - echo "Making $dr/aclocal.m4 writable ..." - test -r $dr/aclocal.m4 && chmod u+w $dr/aclocal.m4 - fi - if grep "^AM_PROG_LIBTOOL" configure.in >/dev/null; then - echo "Running libtoolize..." - libtoolize --force --copy - fi - echo "Running $ACLOCAL $aclocalinclude ..." - $ACLOCAL $aclocalinclude - if grep "^AM_CONFIG_HEADER" configure.in >/dev/null; then - echo "Running autoheader..." - autoheader - fi - echo "Running $AUTOMAKE --gnu $am_opt ..." - $AUTOMAKE --add-missing --gnu $am_opt - echo "Running autoconf ..." - autoconf - ) - fi -done - -conf_flags="--config-cache --enable-maintainer-mode --enable-compile-warnings" #--enable-iso-c - -cd "$ORIGDIR" - -if test x$NOCONFIGURE = x; then - echo Running $srcdir/configure $conf_flags "$@" ... - $srcdir/configure $conf_flags "$@" \ - && echo Now type \`make\' to compile $PROJECT || exit 1 -else - echo Skipping configure process. -fi diff --git a/CASA-auth-token/client/README b/CASA-auth-token/client/README deleted file mode 100644 index 66ed0620..00000000 --- a/CASA-auth-token/client/README +++ /dev/null @@ -1,67 +0,0 @@ -/*********************************************************************** - * - * README for libcasa_c_authtoken - * - ***********************************************************************/ - -INTRODUCTION - -libcasa_c_authtoken is the client auth_token engine. It is responsible for -interacting with ATSs, invoking the authentication mechanism plug-ins, and -managing the authentication token cache. libcasa_c_authtoken also provides -the Get Authentication Token API. - -CONFIGURING ADDITIONAL AUTHENTICATION MECHANISM MODULES - -libcasa_c_authtoken utilizes mechanism plug-ins for authenticating to ATSs. -The client auth_token package installs mechanisms for the support of Kerberos5 -and Username/Password authentication. To configure additional authentication mechanism -plug-ins, place their configuration file in the folder for CASA Authentication Token module -configuration. The path to this folder under linux is /etc/opt/novell/CASA/authtoken.d/modules.d. -The path to this folder under Windows is \Program Files\novell\CASA\auth\mechanisms. The name of -the plug-in configuration file is related to the authentication mechanism type in the following -manner: AuthenticationMechanismTypeName.conf. - -Authentication Mechanism plug-in configuration files must must contain a directive indicating the -path to the library implementing the Authentication Mechanism (See the configuration file -for the Kr5Authenticate plug-in for an example). - -CLIENT APPLICATION PROGRAMMING NOTES - -The Get CASA Authentication Token API is defined in casa_c_authtoken.h. - -The API consists of a call to obtain authentication tokens. The caller must supply the name of the -service to which it wants to authenticate along with the name of the host where it resides. The -returned authentication token is a Base64 encoded string. - -Applications utilizing CASA Authentication Tokens as passwords in protocols that require the -transfer of user name and password credentials should verify or remove any password length limits -as the length of CASA Authentication Tokens may be over 1K bytes. The size of the CASA Authentication -Tokens is directly dependent on the amount of identity information configured as required by the -consuming service. These applications should also set the user name to "CasaPrincipal". - -For examples of code which uses the Get CASA Authentication Token API look at the test application -under the test folder. - -AUTHENTICATION MECHANISM PROGRAMMING NOTES - -The Authentication Mechanism API is defined in mech_if.h. - -For example implementations see the code for the krb5 and the pwd mechanisms. - -SECURITY CONSIDERATIONS - -CASA Authentication Tokens when compromised can be used to either impersonate -a user or to obtain identity information about the user. Because of this it is -important that the tokens be secured by applications making use of them. It is -recommended that the tokens be transmitted using SSL. - - - - - - - - - - diff --git a/CASA-auth-token/client/TODO b/CASA-auth-token/client/TODO deleted file mode 100644 index a96f51d3..00000000 --- a/CASA-auth-token/client/TODO +++ /dev/null @@ -1,18 +0,0 @@ -/*********************************************************************** - * - * TODO for libcasa_c_authtoken - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for libcasa_c_authtoken. - -OUTSTANDING ITEMS - -- Implementation of Linux specific code. -- Re-structure the token cache to differentiate between Session Tokens and Authentication Tokens. -- Use the CASA cache as the token store. -- Switch Client/Server protocol to use SOAP Messages. -- Enable communications over HTTPS instead of over HTTP. - diff --git a/CASA-auth-token/client/authmech.c b/CASA-auth-token/client/authmech.c deleted file mode 100644 index 991a64bb..00000000 --- a/CASA-auth-token/client/authmech.c +++ /dev/null @@ -1,339 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// AuthMechMod definition -// -typedef struct _AuthMechMod -{ - LIST_ENTRY listEntry; - char *pAuthTypeName; - int authTypeNameLen; - LIB_HANDLE libHandle; - AuthTokenIf *pAuthTokenIf; - -} AuthMechMod, *PAuthMechMod; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// AuthMechModule List and syncronizing mutex -static -LIST_ENTRY g_authMechModuleListHead = {&g_authMechModuleListHead, - &g_authMechModuleListHead}; - - -//++======================================================================= -static -CasaStatus -GetAuthTokenIf( - IN const char *pAuthTypeName, - INOUT AuthTokenIf **ppAuthTokenIf) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - ConfigIf *pModuleConfigIf; - - - DbgTrace(2, "-GetAuthTokenIf- Start\n", 0); - - // Get the configuration for the module - retStatus = GetConfigInterface(mechConfigFolder, - pAuthTypeName, - &pModuleConfigIf); - if (CASA_SUCCESS(retStatus) - && CasaStatusCode(retStatus) != CASA_STATUS_OBJECT_NOT_FOUND) - { - LIST_ENTRY *pListEntry; - AuthMechMod *pAuthMechMod = NULL; - int authTypeNameLen = strlen(pAuthTypeName); - - // Look if we already have the module in our list - pListEntry = g_authMechModuleListHead.Flink; - while (pListEntry != &g_authMechModuleListHead) - { - // Get pointer to the current entry - pAuthMechMod = CONTAINING_RECORD(pListEntry, AuthMechMod, listEntry); - - // Check if this is the module that we need - if (pAuthMechMod->authTypeNameLen == authTypeNameLen - && memcmp(pAuthTypeName, pAuthMechMod->pAuthTypeName, authTypeNameLen) == 0) - { - // This is the module that we need, stop looking. - break; - } - else - { - // This is not the module that we are looking for - pAuthMechMod = NULL; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Proceed based on whether or not a module was found - if (pAuthMechMod) - { - // Module found in our list, provide the caller with its AuthTokenIf - // instance after we have incremented its reference count. - pAuthMechMod->pAuthTokenIf->addReference(pAuthMechMod->pAuthTokenIf); - *ppAuthTokenIf = pAuthMechMod->pAuthTokenIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - // Needed module not found in our list, create an entry. - pAuthMechMod = (AuthMechMod*) malloc(sizeof(*pAuthMechMod)); - if (pAuthMechMod) - { - // Allocate buffer to contain the authentication type name within the module entry - pAuthMechMod->pAuthTypeName = (char*) malloc(authTypeNameLen + 1); - if (pAuthMechMod->pAuthTypeName) - { - char *pLibraryName; - - // Initialize the library handle field - pAuthMechMod->libHandle = NULL; - - // Save the auth type name within the entry - strcpy(pAuthMechMod->pAuthTypeName, pAuthTypeName); - pAuthMechMod->authTypeNameLen = authTypeNameLen; - - // Obtain the name of the library that we must load - pLibraryName = pModuleConfigIf->getEntryValue(pModuleConfigIf, "LibraryName"); - if (pLibraryName) - { - // Load the library - pAuthMechMod->libHandle = OpenLibrary(pLibraryName); - if (pAuthMechMod->libHandle) - { - PFN_GetAuthTokenIfRtn pGetAuthTokenIfRtn; - - // Library has been loaded, now get a pointer to its GetAuthTokenInterface routine - pGetAuthTokenIfRtn = (PFN_GetAuthTokenIfRtn) GetFunctionPtr(pAuthMechMod->libHandle, - GET_AUTH_TOKEN_INTERFACE_RTN_SYMBOL); - if (pGetAuthTokenIfRtn) - { - // Now, obtain the modules AuthTokenIf. - retStatus = (pGetAuthTokenIfRtn)(pModuleConfigIf, &pAuthMechMod->pAuthTokenIf); - } - else - { - DbgTrace(0, "-GetAuthTokenIf- GetFunctionPtr\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_LIBRARY_LOAD_FAILURE); - } - } - else - { - DbgTrace(0, "-GetAuthTokenIf- OpenLibrary error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Free the buffer holding the library name - free(pLibraryName); - } - else - { - DbgTrace(0, "-GetAuthTokenIf- Library name not configured\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_CONFIGURATION_ERROR); - } - - // Check if we were successful at obtaining the AuthTokenIf instance for the - // module. - if (CASA_SUCCESS(retStatus)) - { - // Insert the entry in the list, provide the caller with its AuthTokenIf - // instance after we have incremented its reference count. - InsertTailList(&g_authMechModuleListHead, &pAuthMechMod->listEntry); - pAuthMechMod->pAuthTokenIf->addReference(pAuthMechMod->pAuthTokenIf); - *ppAuthTokenIf = pAuthMechMod->pAuthTokenIf; - } - else - { - // Failed, free resources. - free(pAuthMechMod->pAuthTypeName); - if (pAuthMechMod->libHandle) - CloseLibrary(pAuthMechMod->libHandle); - free(pAuthMechMod); - } - } - else - { - DbgTrace(0, "GetAuthTokenIf-GetAuthTokenIf- Unable to allocate buffer\n", 0); - - // Free buffer allocated for entry - free(pAuthMechMod); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - DbgTrace(0, "-GetAuthTokenIf- Unable to allocate buffer\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - // Release config interface instance - pModuleConfigIf->releaseReference(pModuleConfigIf); - } - else - { - DbgTrace(0, "-GetAuthTokenIf- Unable to obtain config interface\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_CONFIGURATION_ERROR); - } - - DbgTrace(2, "-GetAuthTokenIf- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -GetAuthMechToken( - IN AuthContext *pAuthContext, - INOUT char **ppAuthToken) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - AuthTokenIf *pAuthTokenIf; - - - DbgTrace(1, "-GetAuthMechToken- Start\n", 0); - - // Initialize output parameter - *ppAuthToken = NULL; - - // Obtain the appropriate token interface for the authentication type - retStatus = GetAuthTokenIf(pAuthContext->pMechanism, - &pAuthTokenIf); - if (CASA_SUCCESS(retStatus)) - { - char *pAuthToken = NULL; - int authTokenBufLen = 0; - - // We found a provider for the service, query it for the buffer size - // needed to obtain the authentication token. - retStatus = pAuthTokenIf->getAuthToken(pAuthTokenIf, - pAuthContext->pContext, - pAuthContext->pMechInfo, - pAuthToken, - &authTokenBufLen); - if (CasaStatusCode(retStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - // Allocate buffer to hold the authentication token - pAuthToken = (char*) malloc(authTokenBufLen); - if (pAuthToken) - { - // Request the token from the provider - retStatus = pAuthTokenIf->getAuthToken(pAuthTokenIf, - pAuthContext->pContext, - pAuthContext->pMechInfo, - pAuthToken, - &authTokenBufLen); - if (CASA_SUCCESS(retStatus)) - { - // Return the buffer containing the token to the caller - *ppAuthToken = pAuthToken; - } - else - { - // Free the allocated buffer - free(pAuthToken); - } - } - else - { - DbgTrace(0, "-GetAuthMechToken- Buffer allocation failure\n", 0); - } - } - - // Release token interface - pAuthTokenIf->releaseReference(pAuthTokenIf); - } - else - { - // No authentication token interface available for authentication type - DbgTrace(0, "-GetAuthMechToken- Failed to obtain auth mech token interface\n", 0); - } - - DbgTrace(1, "-GetAuthMechToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/authmsg.c b/CASA-auth-token/client/authmsg.c deleted file mode 100644 index 96329276..00000000 --- a/CASA-auth-token/client/authmsg.c +++ /dev/null @@ -1,803 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Parse states -// -#define AWAITING_ROOT_ELEMENT_START 0x0 -#define AWAITING_ROOT_ELEMENT_END 0x1 -#define AWAITING_STATUS_ELEMENT_START 0x2 -#define AWAITING_STATUS_ELEMENT_END 0x3 -#define AWAITING_STATUS_DATA 0x4 -#define AWAITING_DESCRIPTION_ELEMENT_START 0x5 -#define AWAITING_DESCRIPTION_ELEMENT_END 0x6 -#define AWAITING_DESCRIPTION_DATA 0x7 -#define AWAITING_SESSION_TOKEN_ELEMENT_START 0x8 -#define AWAITING_SESSION_TOKEN_ELEMENT_END 0x9 -#define AWAITING_SESSION_TOKEN_DATA 0xA -#define AWAITING_LIFETIME_DATA 0xB -#define AWAITING_LIFETIME_ELEMENT_START 0xC -#define AWAITING_LIFETIME_ELEMENT_END 0xD -#define AWAITING_AUTH_TOKEN_ELEMENT_START 0xE -#define AWAITING_AUTH_TOKEN_ELEMENT_END 0xF -#define AWAITING_AUTH_TOKEN_DATA 0x10 -#define AWAITING_REALM_DATA 0x12 -#define AWAITING_REALM_ELEMENT_END 0x13 -#define DONE_PARSING 0x14 - -// -// Authentication Response Parse Structure -// -typedef struct _AuthRespParse -{ - XML_Parser p; - int state; - int elementDataProcessed; - AuthenticateResp *pAuthenticateResp; - CasaStatus status; - -} AuthRespParse, *PAuthRespParse; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//++======================================================================= -char* -BuildAuthenticateMsg( - IN AuthContext *pAuthContext, - IN char *pAuthMechToken) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pMsg = NULL; - int bufferSize; - - DbgTrace(1, "-BuildAuthenticateMsg- Start\n", 0); - - /* - * The format of the authentication request message is as follows: - * - * - * - * realm value - * mechanism id value - * authentication mechanism token data - * - * - */ - - // Determine the buffer size necessary to hold the msg - bufferSize = strlen(XML_DECLARATION) - + 2 // crlf - + 1 // < - + strlen(AUTH_REQUEST_ELEMENT_NAME) - + 3 // >crlf - + 1 // < - + strlen(REALM_ELEMENT_NAME) - + 1 // > - + strlen(pAuthContext->pContext) - + 2 // crlf - + 1 // < - + strlen(MECHANISM_ELEMENT_NAME) - + 1 // > - + strlen(pAuthContext->pMechanism) - + 2 // crlf - + 1 // < - + strlen(AUTH_MECH_TOKEN_ELEMENT_NAME) - + 1 // > - + strlen(pAuthMechToken) - + 2 // crlf - + 2 // null - - // Allocate the msg buffer - pMsg = (char*) malloc(bufferSize); - if (pMsg) - { - // Now build the message - memset(pMsg, 0, bufferSize); - strcat(pMsg, XML_DECLARATION); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, AUTH_REQUEST_ELEMENT_NAME); - strcat(pMsg, ">\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, REALM_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pAuthContext->pContext); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, MECHANISM_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pAuthContext->pMechanism); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, AUTH_MECH_TOKEN_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pAuthMechToken); - strcat(pMsg, "\r\n"); - strcat(pMsg, ""); - } - else - { - DbgTrace(0, "-BuildAuthenticateMsg- Buffer allocation error\n", 0); - } - - DbgTrace(1, "-BuildAuthenticateMsg- End, pMsg = %08X\n", pMsg); - - return pMsg; -} - - -//++======================================================================= -static -void XMLCALL -AuthRespStartElementHandler( - IN AuthRespParse *pAuthRespParse, - IN const XML_Char *name, - IN const XML_Char **atts) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-AuthRespStartElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pAuthRespParse->state) - { - case AWAITING_ROOT_ELEMENT_START: - - // In this state, we are only expecting the Authentication - // Response Element. - if (strcmp(name, AUTH_RESPONSE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_STATUS_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_STATUS_ELEMENT_START: - - // In this state, we are only expecting the Status Element. - if (strcmp(name, STATUS_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_DESCRIPTION_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_DESCRIPTION_ELEMENT_START: - - // In this state, we are only expecting the Description Element. - if (strcmp(name, DESCRIPTION_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_DESCRIPTION_DATA; - } - else - { - DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_SESSION_TOKEN_ELEMENT_START: - - // In this state, we are only expecting the Session Token Element. - if (strcmp(name, SESSION_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_LIFETIME_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_ELEMENT_START: - - // In this state, we are only expecting the Lifetime Element. - if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_LIFETIME_DATA; - } - else - { - DbgTrace(0, "-AuthRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-AuthRespStartElementHandler- Un-expected state = %d\n", pAuthRespParse->state); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-AuthRespStartElementHandler- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -ConsumeElementData( - IN AuthRespParse *pAuthRespParse, - IN const XML_Char *s, - IN int len, - INOUT char **ppElementData, - INOUT int *pElementDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(3, "-ConsumeElementData- Start\n", 0); - - // Proceed based on whether or not we have already consumed data - // for this element. - if (*ppElementData == NULL) - { - // We have not yet consumed data for this element - pAuthRespParse->elementDataProcessed = len; - - // Allocate a buffer to hold this element data (null terminated). - *ppElementData = (char*) malloc(len + 1); - if (*ppElementData) - { - memset(*ppElementData, 0, len + 1); - memcpy(*ppElementData, s, len); - - // Return the length of the element data buffer - *pElementDataLen = pAuthRespParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - char *pNewBuf; - - // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pAuthRespParse->elementDataProcessed + len + 1); - if (pNewBuf) - { - memset(pNewBuf, - 0, - pAuthRespParse->elementDataProcessed + len + 1); - memcpy(pNewBuf, - *ppElementData, - pAuthRespParse->elementDataProcessed); - memcpy(pNewBuf + pAuthRespParse->elementDataProcessed, s, len); - pAuthRespParse->elementDataProcessed += len; - - // Swap the buffers - free(*ppElementData); - *ppElementData = pNewBuf; - - // Return the length of the element data buffer - *pElementDataLen = pAuthRespParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -void XMLCALL -AuthRespCharDataHandler( - IN AuthRespParse *pAuthRespParse, - IN const XML_Char *s, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-AuthRespCharDataHandler- Start\n", 0); - - // Just exit if being called to process white space - if (*s == '\n' || *s == '\r' || *s == '\t' || *s == ' ') - { - goto exit; - } - - // Proceed based on the state - switch (pAuthRespParse->state) - { - case AWAITING_DESCRIPTION_DATA: - case AWAITING_DESCRIPTION_ELEMENT_END: - - // Ignore the status description data for now. - // tbd - - // Advanced to the next state - pAuthRespParse->state = AWAITING_DESCRIPTION_ELEMENT_END; - break; - - case AWAITING_STATUS_DATA: - - // Set the appropriate status in the AuthenticationResp based on the - // returned status. - if (strncmp(HTTP_OK_STATUS_CODE, s, len) == 0) - { - pAuthRespParse->status = CASA_STATUS_SUCCESS; - } - else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0) - { - pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_AUTHENTICATION_FAILURE); - } - else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE, s, len) == 0) - { - pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_CONFIGURATION_ERROR); - } - else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0) - { - pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_SERVER_ERROR); - } - else - { - DbgTrace(0, "-AuthRespCharDataHandler- Un-expected status\n", 0); - pAuthRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Advanced to the next state - pAuthRespParse->state = AWAITING_STATUS_ELEMENT_END; - break; - - case AWAITING_LIFETIME_DATA: - - // Convert the lifetime string to a numeric value - pAuthRespParse->pAuthenticateResp->tokenLifetime = dtoul(s, len); - - // Advanced to the next state - pAuthRespParse->state = AWAITING_LIFETIME_ELEMENT_END; - break; - - case AWAITING_SESSION_TOKEN_DATA: - case AWAITING_SESSION_TOKEN_ELEMENT_END: - - // Consume the data - pAuthRespParse->status = ConsumeElementData(pAuthRespParse, - s, - len, - &pAuthRespParse->pAuthenticateResp->pToken, - &pAuthRespParse->pAuthenticateResp->tokenLen); - if (CASA_SUCCESS(pAuthRespParse->status)) - { - // Advanced to the next state - pAuthRespParse->state = AWAITING_SESSION_TOKEN_ELEMENT_END; - } - else - { - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-AuthRespCharDataHandler- Un-expected state = %d\n", pAuthRespParse->state); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - break; - } - -exit: - - DbgTrace(2, "-AuthRespCharDataHandler- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -AuthRespEndElementHandler( - IN AuthRespParse *pAuthRespParse, - IN const XML_Char *name) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-AuthRespEndElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pAuthRespParse->state) - { - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the Authentication - // Response Element. - if (strcmp(name, AUTH_RESPONSE_ELEMENT_NAME) == 0) - { - // Done. - pAuthRespParse->state = DONE_PARSING; - } - else - { - DbgTrace(0, "-AuthRespEndHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_DESCRIPTION_ELEMENT_END: - - // In this state, we are only expecting the Description Element. - if (strcmp(name, DESCRIPTION_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_STATUS_DATA; - } - else - { - DbgTrace(0, "-AuthRespEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_STATUS_ELEMENT_END: - - // In this state, we are only expecting the Status Element. - if (strcmp(name, STATUS_ELEMENT_NAME) == 0) - { - // Good, advance to the next state based on the status code. - if (CASA_SUCCESS(pAuthRespParse->status)) - { - // The request completed successfully - pAuthRespParse->state = AWAITING_SESSION_TOKEN_ELEMENT_START; - } - else - { - pAuthRespParse->state = AWAITING_ROOT_ELEMENT_END; - } - } - else - { - DbgTrace(0, "-AuthRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_ELEMENT_END: - - // In this state, we are only expecting the Lifetime Element. - if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_SESSION_TOKEN_DATA; - } - else - { - DbgTrace(0, "-AuthRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - case AWAITING_SESSION_TOKEN_ELEMENT_END: - - // In this state, we are only expecting the Session Token Element. - if (strcmp(name, SESSION_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthRespParse->state = AWAITING_ROOT_ELEMENT_END; - } - else - { - DbgTrace(0, "-AuthRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-AuthRespEndElementHandler- Un-expected state = %d\n", pAuthRespParse->state); - XML_StopParser(pAuthRespParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-AuthRespEndElementHandler- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CreateAuthenticateResp( - IN char *pRespMsg, - IN int respLen, - INOUT AuthenticateResp **ppAuthenticateResp) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - AuthRespParse authRespParse = {0}; - AuthenticateResp *pAuthenticateResp; - - DbgTrace(1, "-CreateAuthenticateResp- Start\n", 0); - - /* - * When an authentication request is processed successfully, the server replies to - * the client with a message with the following format: - * - * - * - * ok200 - * lifetime valuesession token data - * - * - * When an authentication request fails to be successfully processed, the server - * responds with an error and an error description string. The message format of - * an unsuccessful reply is as follows: - * - * - * - * status descriptionstatus code - * - * - * Plase note that the protocol utilizes the status codes defined - * in the HTTP 1.1 Specification. - * - */ - - // Allocate AuthenticateResp object - pAuthenticateResp = malloc(sizeof(*pAuthenticateResp)); - if (pAuthenticateResp) - { - XML_Parser p; - - // Initialize the AuthenticateResp object and set it in the - // authentication response parse oject. - memset(pAuthenticateResp, 0, sizeof(*pAuthenticateResp)); - authRespParse.pAuthenticateResp = pAuthenticateResp; - - // Create parser - p = XML_ParserCreate(NULL); - if (p) - { - // Keep track of the parser in our parse object - authRespParse.p = p; - - // Initialize the status within the parse object - authRespParse.status = CASA_STATUS_SUCCESS; - - // Set the start and end element handlers - XML_SetElementHandler(p, - AuthRespStartElementHandler, - AuthRespEndElementHandler); - - // Set the character data handler - XML_SetCharacterDataHandler(p, AuthRespCharDataHandler); - - - // Set our user data - XML_SetUserData(p, &authRespParse); - - // Parse the document - if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK) - { - // Verify that the parse operation completed successfully - if (authRespParse.state == DONE_PARSING) - { - // The parse operation succeded, obtain the status returned - // by the server. - retStatus = authRespParse.status; - } - else - { - DbgTrace(0, "-CreateAuthenticateResp- Parse operation did not complete\n", 0); - - // Check if a status has been recorded - if (authRespParse.status != CASA_STATUS_SUCCESS) - { - retStatus = authRespParse.status; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - } - } - else - { - DbgTrace(0, "-CreateAuthenticateResp- Parse error %d\n", XML_GetErrorCode(p)); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - - // Free the parser - XML_ParserFree(p); - } - else - { - DbgTrace(0, "-CreateAuthenticateResp- Parser creation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Return the AuthenticationResp object to the caller if necessary - if (CASA_SUCCESS(retStatus)) - { - *ppAuthenticateResp = pAuthenticateResp; - } - else - { - free(pAuthenticateResp); - } - } - else - { - DbgTrace(0, "-CreateAuthenticateResp- Memory allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(1, "-CreateAuthenticateResp- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -RelAuthenticateResp( - IN AuthenticateResp *pAuthenticateResp) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-RelAuthenticateResp- Start\n", 0); - - // Free the resources associated with the object - if (pAuthenticateResp->pToken) - free(pAuthenticateResp->pToken); - - free(pAuthenticateResp); - - DbgTrace(1, "-RelAuthenticateResp- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/authpolicy.c b/CASA-auth-token/client/authpolicy.c deleted file mode 100644 index b69ce2b0..00000000 --- a/CASA-auth-token/client/authpolicy.c +++ /dev/null @@ -1,801 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Parse states -// -#define AWAITING_ROOT_ELEMENT_START 0x0 -#define AWAITING_ROOT_ELEMENT_END 0x1 -#define AWAITING_AUTH_POLICY_ELEMENT_START 0x2 -#define AWAITING_AUTH_POLICY_ELEMENT_END 0x3 -#define AWAITING_AUTH_POLICY_DATA 0x4 -#define AWAITING_AUTH_SOURCE_ELEMENT_START 0x5 -#define AWAITING_AUTH_SOURCE_ELEMENT_END 0x6 -#define AWAITING_AUTH_SOURCE_CHILD_START 0x7 -#define AWAITING_REALM_DATA 0x8 -#define AWAITING_REALM_ELEMENT_END 0x9 -#define AWAITING_MECHANISM_DATA 0xA -#define AWAITING_MECHANISM_ELEMENT_END 0xB -#define AWAITING_MECHANISM_INFO_DATA 0xC -#define AWAITING_MECHANISM_INFO_ELEMENT_END 0xD -#define AWAITING_UNKNOWN_DATA 0xE -#define AWAITING_UNKNOWN_ELEMENT_END 0xF -#define DONE_PARSING 0x10 - -// -// Authentication Policy Parse Structure -// -typedef struct _AuthPolicyParse -{ - XML_Parser p; - int state; - int elementDataProcessed; - AuthPolicy *pAuthPolicy; - CasaStatus status; - -} AuthPolicyParse, *PAuthPolicyParse; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//++======================================================================= -static -void XMLCALL -AuthPolicyStartElementHandler( - IN AuthPolicyParse *pAuthPolicyParse, - IN const XML_Char *name, - IN const XML_Char **atts) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-AuthPolicyStartElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pAuthPolicyParse->state) - { - case AWAITING_ROOT_ELEMENT_START: - - // In this state, we are only expecting the Authentication - // Policy Element. - if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_SOURCE_ELEMENT_START: - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the start of an Authentication - // Source Element. - if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0) - { - AuthContext *pAuthContext; - - // Create an authentication context structure - pAuthContext = (AuthContext*) malloc(sizeof(AuthContext)); - if (pAuthContext) - { - // Initialize the allocated AuthContext structure and associate it - // with the AuthPolicy structure. - memset(pAuthContext, 0, sizeof(*pAuthContext)); - InsertTailList(&pAuthPolicyParse->pAuthPolicy->authContextListHead, &pAuthContext->listEntry); - - // Good, advance to the next state. - pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START; - } - else - { - DbgTrace(0, "-AuthPolicyStartElementHandler- Buffer allocation error\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - } - else - { - DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_SOURCE_CHILD_START: - - // Proceed based on the name of the element - if (strcmp(name, REALM_ELEMENT_NAME) == 0) - { - // Advance to the next state. - pAuthPolicyParse->state = AWAITING_REALM_DATA; - } - else if (strcmp(name, MECHANISM_ELEMENT_NAME) == 0) - { - // Advance to the next state. - pAuthPolicyParse->state = AWAITING_MECHANISM_DATA; - } - else if (strcmp(name, MECHANISM_INFO_ELEMENT_NAME) == 0) - { - // Advance to the next state. - pAuthPolicyParse->state = AWAITING_MECHANISM_INFO_DATA; - } - else if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0) - { - // We are starting a new auth source entry, create an authentication - // context structure to hold its information. - AuthContext *pAuthContext; - - // Create an authentication context structure - pAuthContext = (AuthContext*) malloc(sizeof(AuthContext)); - if (pAuthContext) - { - // Initialize the allocated AuthContext structure and associate it - // with the AuthPolicy structure. - memset(pAuthContext, 0, sizeof(*pAuthContext)); - InsertTailList(&pAuthPolicyParse->pAuthPolicy->authContextListHead, &pAuthContext->listEntry); - } - else - { - DbgTrace(0, "-AuthPolicyStartElementHandler- Buffer allocation error\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - } - else - { - // Advance to the next state. - pAuthPolicyParse->state = AWAITING_UNKNOWN_DATA; - } - break; - - default: - DbgTrace(0, "-AuthPolicyStartElementHandler- Un-expected state = %d\n", pAuthPolicyParse->state); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-AuthPolicyStartElementHandler- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -ConsumeElementData( - IN AuthPolicyParse *pAuthPolicyParse, - IN const XML_Char *s, - IN int len, - INOUT char **ppElementData, - INOUT int *pElementDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(3, "-ConsumeElementData- Start\n", 0); - - // Proceed based on whether or not we have already consumed data - // for this element. - if (*ppElementData == NULL) - { - // We have not yet consumed data for this element - pAuthPolicyParse->elementDataProcessed = len; - - // Allocate a buffer to hold this element data (null terminated). - *ppElementData = (char*) malloc(len + 1); - if (*ppElementData) - { - memset(*ppElementData, 0, len + 1); - memcpy(*ppElementData, s, len); - - // Return the length of the element data buffer - *pElementDataLen = pAuthPolicyParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - char *pNewBuf; - - // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pAuthPolicyParse->elementDataProcessed + len + 1); - if (pNewBuf) - { - memset(pNewBuf, - 0, - pAuthPolicyParse->elementDataProcessed + len + 1); - memcpy(pNewBuf, - *ppElementData, - pAuthPolicyParse->elementDataProcessed); - memcpy(pNewBuf + pAuthPolicyParse->elementDataProcessed, s, len); - pAuthPolicyParse->elementDataProcessed += len; - - // Swap the buffers - free(*ppElementData); - *ppElementData = pNewBuf; - - // Return the length of the element data buffer - *pElementDataLen = pAuthPolicyParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -void XMLCALL -AuthPolicyCharDataHandler( - IN AuthPolicyParse *pAuthPolicyParse, - IN const XML_Char *s, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - AuthContext *pAuthContext; - - DbgTrace(2, "-AuthPolicyCharDataHandler- Start\n", 0); - - // Just exit if being called to process white space - if (*s == '\n' || *s == '\r' || *s == '\t' || *s == ' ') - { - goto exit; - } - - // Proceed based on the state - switch (pAuthPolicyParse->state) - { - case AWAITING_REALM_DATA: - - // Get access to the AuthContext at the tail of the list - pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink, - AuthContext, - listEntry); - - // Consume the data - pAuthPolicyParse->status = ConsumeElementData(pAuthPolicyParse, - s, - len, - &pAuthContext->pContext, - &pAuthContext->contextLen); - if (CASA_SUCCESS(pAuthPolicyParse->status)) - { - // Advanced to the next state - pAuthPolicyParse->state = AWAITING_REALM_ELEMENT_END; - } - else - { - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_MECHANISM_DATA: - - // Get access to the AuthContext at the tail of the list - pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink, - AuthContext, - listEntry); - - // Consume the data - pAuthPolicyParse->status = ConsumeElementData(pAuthPolicyParse, - s, - len, - &pAuthContext->pMechanism, - &pAuthContext->mechanismLen); - if (CASA_SUCCESS(pAuthPolicyParse->status)) - { - // Advanced to the next state - pAuthPolicyParse->state = AWAITING_MECHANISM_ELEMENT_END; - } - else - { - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_MECHANISM_INFO_DATA: - - // Get access to the AuthContext at the tail of the list - pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink, - AuthContext, - listEntry); - - // Consume the data - pAuthPolicyParse->status = ConsumeElementData(pAuthPolicyParse, - s, - len, - &pAuthContext->pMechInfo, - &pAuthContext->mechInfoLen); - if (CASA_SUCCESS(pAuthPolicyParse->status)) - { - // Advanced to the next state - pAuthPolicyParse->state = AWAITING_MECHANISM_INFO_ELEMENT_END; - } - else - { - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_UNKNOWN_DATA: - - // Just advance the state - pAuthPolicyParse->state = AWAITING_UNKNOWN_ELEMENT_END; - break; - - default: - DbgTrace(0, "-AuthPolicyCharDataHandler- Un-expected state = %d\n", pAuthPolicyParse->state); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - break; - } - -exit: - - DbgTrace(2, "-AuthPolicyCharDataHandler- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -AuthPolicyEndElementHandler( - IN AuthPolicyParse *pAuthPolicyParse, - IN const XML_Char *name) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - AuthContext *pAuthContext; - - DbgTrace(2, "-AuthPolicyEndElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pAuthPolicyParse->state) - { - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the Authentication - // Policy Element. - if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0) - { - // Done. - pAuthPolicyParse->state = DONE_PARSING; - } - else - { - DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_SOURCE_CHILD_START: - - // In this state, we are only expecting the Authentication - // Source Response Element. - if (strcmp(name, AUTH_SOURCE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthPolicyParse->state = AWAITING_ROOT_ELEMENT_END; - } - else - { - DbgTrace(0, "-AuthPolicyEndHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_REALM_ELEMENT_END: - - // In this state, we are only expecting the Realm Element. - if (strcmp(name, REALM_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START; - } - else - { - DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_MECHANISM_ELEMENT_END: - - // In this state, we are only expecting the Mechanism Element. - if (strcmp(name, MECHANISM_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START; - } - else - { - DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_MECHANISM_INFO_DATA: - - // Get access to the AuthContext at the tail of the list - pAuthContext = CONTAINING_RECORD(pAuthPolicyParse->pAuthPolicy->authContextListHead.Blink, - AuthContext, - listEntry); - - // There was no mechanism info data. Set it to an empty string. - pAuthContext->pMechInfo = (char*) malloc(1); - if (pAuthContext->pMechInfo) - { - *pAuthContext->pMechInfo = '\0'; - } - else - { - DbgTrace(0, "-AuthPolicyEndElementHandler- Buffer allocation failure\n", 0); - pAuthPolicyParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - break; - } - // Fall through - - case AWAITING_MECHANISM_INFO_ELEMENT_END: - - // In this state, we are only expecting the Mechanism Info Element. - if (strcmp(name, MECHANISM_INFO_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START; - } - else - { - DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - } - break; - - case AWAITING_UNKNOWN_ELEMENT_END: - - // Advance to the next state. - pAuthPolicyParse->state = AWAITING_AUTH_SOURCE_CHILD_START; - break; - - default: - DbgTrace(0, "-AuthPolicyEndElementHandler- Un-expected state = %d\n", pAuthPolicyParse->state); - XML_StopParser(pAuthPolicyParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-AuthPolicyEndElementHandler- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CreateAuthPolicy( - IN char *pEncodedData, - IN int encodedDataLen, - INOUT AuthPolicy **ppAuthPolicy) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - AuthPolicy *pAuthPolicy = NULL; - AuthPolicyParse authPolicyParse = {0}; - char *pData = NULL; - int dataLen = 0; - - DbgTrace(1, "-CreateAuthPolicy- Start\n", 0); - - /* - * An authentication policy document has the following format: - * - * - * - * - * realm name - * authentication mechanism type - * authentication mechanism context data - * - * ... - * - * - * The authentication policy document can contain multiple auth_source - * elements. These auth_source elements can be for different authentication - * sources or for the same authentication source but specifying a different - * authentication mechanism. - * - * The following is a sample authentication policy document: - * - * - * - * - * Corp_eDirTree - * Krb5Authenticate - * host/hostname - * - * - * Corp_eDirTree - * PwdAuthenticate - * - * - * - * - * This authentication policy would tell the CASA client that it can - * authenticate to the CASA Authentication Token Service using - * credentials for the Corp_eDirTree and utilizing either the - * Krb5 authentication mechanism or the Pwd authentication mechanism. - * The Krb5 authentication mechanism context data specifies the - * name of the Kerberos service principal. - * - */ - - // Initialize output parameter - *ppAuthPolicy = NULL; - - // Decode the data - retStatus = DecodeData(pEncodedData, - encodedDataLen, - &pData, - &dataLen); - if (CASA_SUCCESS(retStatus)) - { - // Allocate space for the AuthPolicy structure - pAuthPolicy = (AuthPolicy*) malloc(sizeof(*pAuthPolicy)); - if (pAuthPolicy) - { - XML_Parser p; - - // Initialize the AuthPolicy object - memset(pAuthPolicy, 0, sizeof(*pAuthPolicy)); - InitializeListHead(&pAuthPolicy->authContextListHead); - - // Set the AuthPolicy object in the parse object - authPolicyParse.pAuthPolicy = pAuthPolicy; - - // Create parser - p = XML_ParserCreate(NULL); - if (p) - { - // Keep track of the parser in our parse object - authPolicyParse.p = p; - - // Initialize the status within the parse object - authPolicyParse.status = CASA_STATUS_SUCCESS; - - // Set the start and end element handlers - XML_SetElementHandler(p, - AuthPolicyStartElementHandler, - AuthPolicyEndElementHandler); - - // Set the character data handler - XML_SetCharacterDataHandler(p, AuthPolicyCharDataHandler); - - // Set our user data - XML_SetUserData(p, &authPolicyParse); - - // Parse the document - if (XML_Parse(p, pData, dataLen, 1) == XML_STATUS_OK) - { - // Verify that the parse operation completed successfully - if (authPolicyParse.state == DONE_PARSING) - { - // The parse operation succeded - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-CreateAuthPolicy- Parse operation did not complete\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - } - else - { - DbgTrace(0, "-CreateAuthPolicy- Parse error %d\n", XML_GetErrorCode(p)); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - - // Free the parser - XML_ParserFree(p); - } - else - { - DbgTrace(0, "-CreateAuthPolicy- Parser creation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Return the AuthPolicy object to the caller if necessary - if (CASA_SUCCESS(retStatus)) - { - *ppAuthPolicy = pAuthPolicy; - - // Forget about the AuthPolicy object so that it is not release down below - pAuthPolicy = NULL; - } - } - else - { - DbgTrace(0, "-CreateAuthPolicy- Buffer allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - DbgTrace(0, "-CreateAuthPolicy- Buffer allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Release necessary allocated resources - if (pAuthPolicy) - RelAuthPolicy(pAuthPolicy); - - if (pData) - free(pData); - - DbgTrace(1, "-CreateAuthPolicy- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -RelAuthPolicy( - IN AuthPolicy *pAuthPolicy) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - LIST_ENTRY *pListEntry; - - DbgTrace(1, "-RelAuthPolicy- Start\n", 0); - - // Free all of the associated AuthContexts - pListEntry = pAuthPolicy->authContextListHead.Flink; - while (pListEntry != &pAuthPolicy->authContextListHead) - { - AuthContext *pAuthContext; - - // Get pointer to AuthContext structure - pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry); - - // Free associated buffers - if (pAuthContext->pContext) - free(pAuthContext->pContext); - - if (pAuthContext->pMechanism) - free(pAuthContext->pMechanism); - - if (pAuthContext->pMechInfo) - free(pAuthContext->pMechInfo); - - // Remove the entry from the list - RemoveEntryList(&pAuthContext->listEntry); - - // Free the AuthContext - free(pAuthContext); - - // Advance to the next entry - pListEntry = pAuthPolicy->authContextListHead.Flink; - } - - // Free the AuthPolicy - free(pAuthPolicy); - - DbgTrace(1, "-RelAuthPolicy- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/authtokenclient_msi/authtokenclient_msi.vdproj b/CASA-auth-token/client/authtokenclient_msi/authtokenclient_msi.vdproj deleted file mode 100644 index 07135092..00000000 --- a/CASA-auth-token/client/authtokenclient_msi/authtokenclient_msi.vdproj +++ /dev/null @@ -1,694 +0,0 @@ -"DeployProject" -{ -"VSVersion" = "3:701" -"ProjectType" = "8:{2C2AF0D9-9B47-4FE5-BEF2-169778172667}" -"IsWebType" = "8:FALSE" -"ProjectName" = "8:authtokenclient_msi" -"LanguageId" = "3:1033" -"CodePage" = "3:1252" -"UILanguageId" = "3:1033" -"SccProjectName" = "8:" -"SccLocalPath" = "8:" -"SccAuxPath" = "8:" -"SccProvider" = "8:" - "Hierarchy" - { - "Entry" - { - "MsmKey" = "8:_C9C2CAF6FE7A41938101D843D18673B7" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - } - "Configurations" - { - "Debug" - { - "DisplayName" = "8:Debug" - "IsDebugOnly" = "11:TRUE" - "IsReleaseOnly" = "11:FALSE" - "OutputFilename" = "8:Debug\\authtokenclient_msi.msi" - "PackageFilesAs" = "3:2" - "PackageFileSize" = "3:-2147483648" - "CabType" = "3:1" - "Compression" = "3:2" - "SignOutput" = "11:FALSE" - "CertificateFile" = "8:" - "PrivateKeyFile" = "8:" - "TimeStampServer" = "8:" - "InstallerBootstrapper" = "3:2" - } - "Release" - { - "DisplayName" = "8:Release" - "IsDebugOnly" = "11:FALSE" - "IsReleaseOnly" = "11:TRUE" - "OutputFilename" = "8:Release\\authtokenclient_msi.msi" - "PackageFilesAs" = "3:2" - "PackageFileSize" = "3:-2147483648" - "CabType" = "3:1" - "Compression" = "3:2" - "SignOutput" = "11:FALSE" - "CertificateFile" = "8:" - "PrivateKeyFile" = "8:" - "TimeStampServer" = "8:" - "InstallerBootstrapper" = "3:2" - } - } - "Deployable" - { - "CustomAction" - { - } - "DefaultFeature" - { - "Name" = "8:DefaultFeature" - "Title" = "8:" - "Description" = "8:" - } - "ExternalPersistence" - { - "LaunchCondition" - { - } - } - "Feature" - { - } - "File" - { - } - "FileType" - { - } - "Folder" - { - "{78BAF5CE-F2E5-45BE-83BC-DB6AF387E941}:_5822614DE62647039F8AF6B0781851A7" - { - "Name" = "8:#1916" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:DesktopFolder" - "Folders" - { - } - } - "{58C0ADA3-3CEA-43BD-A3B3-2EA121BC8217}:_BADBE39F262C4F79B42417C62DF02E55" - { - "DefaultLocation" = "8:[ProgramFilesFolder][Manufacturer]\\[ProductName]" - "Name" = "8:#1925" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:TARGETDIR" - "Folders" - { - } - } - "{78BAF5CE-F2E5-45BE-83BC-DB6AF387E941}:_CA7A8DC7331A4C47A8C7CDE8C53FE9FA" - { - "Name" = "8:#1919" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:ProgramMenuFolder" - "Folders" - { - } - } - } - "LaunchCondition" - { - } - "Locator" - { - } - "MsiBootstrapper" - { - "LangId" = "3:1033" - } - "Product" - { - "Name" = "8:Microsoft Visual Studio" - "ProductName" = "8:authtokenclient" - "ProductCode" = "8:{6D3AAA36-871A-4427-9311-FC3FE2F17511}" - "PackageCode" = "8:{197B9AC3-1D6A-4EA8-AC8A-C7695F57A28F}" - "UpgradeCode" = "8:{69C5F129-788A-4487-9397-331C0A313A2D}" - "RestartWWWService" = "11:FALSE" - "RemovePreviousVersions" = "11:FALSE" - "DetectNewerInstalledVersion" = "11:TRUE" - "ProductVersion" = "8:1.0.0" - "Manufacturer" = "8:Novell" - "ARPHELPTELEPHONE" = "8:" - "ARPHELPLINK" = "8:" - "Title" = "8:authtokenclient" - "Subject" = "8:" - "ARPCONTACT" = "8:Novell" - "Keywords" = "8:" - "ARPCOMMENTS" = "8:" - "ARPURLINFOABOUT" = "8:" - "ARPPRODUCTICON" = "8:" - "ARPIconIndex" = "3:0" - "SearchPath" = "8:" - "UseSystemSearchPath" = "11:TRUE" - } - "Registry" - { - "HKLM" - { - "Keys" - { - "{6A471EEF-D31B-40F8-BCF6-C9E8EC783F36}:_3C4408A91276415C99DB57B858A91555" - { - "Name" = "8:Software" - "Condition" = "8:" - "AlwaysCreate" = "11:FALSE" - "DeleteAtUninstall" = "11:FALSE" - "Transitive" = "11:FALSE" - "Keys" - { - "{6A471EEF-D31B-40F8-BCF6-C9E8EC783F36}:_22714EABC4F3412BB3230B8EA95CFB08" - { - "Name" = "8:[Manufacturer]" - "Condition" = "8:" - "AlwaysCreate" = "11:FALSE" - "DeleteAtUninstall" = "11:FALSE" - "Transitive" = "11:FALSE" - "Keys" - { - } - "Values" - { - } - } - } - "Values" - { - } - } - } - } - "HKCU" - { - "Keys" - { - "{6A471EEF-D31B-40F8-BCF6-C9E8EC783F36}:_93C508CBDBB34C95B9C890F165C081F1" - { - "Name" = "8:Software" - "Condition" = "8:" - "AlwaysCreate" = "11:FALSE" - "DeleteAtUninstall" = "11:FALSE" - "Transitive" = "11:FALSE" - "Keys" - { - "{6A471EEF-D31B-40F8-BCF6-C9E8EC783F36}:_B7A9FC8108DB4E249F31D12A434C1844" - { - "Name" = "8:[Manufacturer]" - "Condition" = "8:" - "AlwaysCreate" = "11:FALSE" - "DeleteAtUninstall" = "11:FALSE" - "Transitive" = "11:FALSE" - "Keys" - { - } - "Values" - { - } - } - } - "Values" - { - } - } - } - } - "HKCR" - { - "Keys" - { - } - } - "HKU" - { - "Keys" - { - } - } - "HKPU" - { - "Keys" - { - } - } - } - "Sequences" - { - } - "Shortcut" - { - } - "UserInterface" - { - "{B654A020-6903-4E6A-A86C-75DC463DB54B}:_1240F250BDDA45B084738491D53CCA13" - { - "UseDynamicProperties" = "11:FALSE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdUserInterface.wim" - } - "{8D9DEE8B-DD8B-4F48-9072-C4364E4F4011}:_2873941BB49A4737AF72ED5E788318F7" - { - "Name" = "8:#1902" - "Sequence" = "3:1" - "Attributes" = "3:3" - "Dialogs" - { - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_10695426506044F6B667E02B3E33A00E" - { - "Sequence" = "3:100" - "DisplayName" = "8:Finished" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdFinishedDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - "UpdateText" - { - "Name" = "8:UpdateText" - "DisplayName" = "8:#1058" - "Description" = "8:#1158" - "Type" = "3:15" - "ContextData" = "8:" - "Attributes" = "3:0" - "Setting" = "3:1" - "Value" = "8:#1258" - "DefaultValue" = "8:#1258" - "UsePlugInResources" = "11:TRUE" - } - } - } - } - } - "{8D9DEE8B-DD8B-4F48-9072-C4364E4F4011}:_353966B93CCA47F89005110A192B33E0" - { - "Name" = "8:#1900" - "Sequence" = "3:2" - "Attributes" = "3:1" - "Dialogs" - { - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_A41DEF6D91134F42BA300A817856F7C2" - { - "Sequence" = "3:300" - "DisplayName" = "8:Confirm Installation" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdAdminConfirmDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_D915672F6CE04B29A5482A7E9297CE42" - { - "Sequence" = "3:100" - "DisplayName" = "8:Welcome" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdAdminWelcomeDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - "CopyrightWarning" - { - "Name" = "8:CopyrightWarning" - "DisplayName" = "8:#1002" - "Description" = "8:#1102" - "Type" = "3:3" - "ContextData" = "8:" - "Attributes" = "3:0" - "Setting" = "3:1" - "Value" = "8:#1202" - "DefaultValue" = "8:#1202" - "UsePlugInResources" = "11:TRUE" - } - "Welcome" - { - "Name" = "8:Welcome" - "DisplayName" = "8:#1003" - "Description" = "8:#1103" - "Type" = "3:3" - "ContextData" = "8:" - "Attributes" = "3:0" - "Setting" = "3:1" - "Value" = "8:#1203" - "DefaultValue" = "8:#1203" - "UsePlugInResources" = "11:TRUE" - } - } - } - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_E8BB0C75759A4ECA9292D5EB62A4B1DD" - { - "Sequence" = "3:200" - "DisplayName" = "8:Installation Folder" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdAdminFolderDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - } - } - "{8D9DEE8B-DD8B-4F48-9072-C4364E4F4011}:_72EFC743AB3B42B6994F5EC55E41631F" - { - "Name" = "8:#1901" - "Sequence" = "3:1" - "Attributes" = "3:2" - "Dialogs" - { - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_9D455462808342AE837694F103194C3E" - { - "Sequence" = "3:100" - "DisplayName" = "8:Progress" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdProgressDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - "ShowProgress" - { - "Name" = "8:ShowProgress" - "DisplayName" = "8:#1009" - "Description" = "8:#1109" - "Type" = "3:5" - "ContextData" = "8:1;True=1;False=0" - "Attributes" = "3:0" - "Setting" = "3:0" - "Value" = "3:1" - "DefaultValue" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - } - } - "{B654A020-6903-4E6A-A86C-75DC463DB54B}:_A0A8360C0E0D46ACB472E47806B666D5" - { - "UseDynamicProperties" = "11:FALSE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdBasicDialogs.wim" - } - "{8D9DEE8B-DD8B-4F48-9072-C4364E4F4011}:_D708D6BFB2C946BB9BCCC9F6F2CAE0FA" - { - "Name" = "8:#1902" - "Sequence" = "3:2" - "Attributes" = "3:3" - "Dialogs" - { - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_964E18CF17534E789061E20F26EE5EDA" - { - "Sequence" = "3:100" - "DisplayName" = "8:Finished" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdAdminFinishedDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - } - } - "{8D9DEE8B-DD8B-4F48-9072-C4364E4F4011}:_E294259CC9424A6EB901523FCAD0D0CC" - { - "Name" = "8:#1900" - "Sequence" = "3:1" - "Attributes" = "3:1" - "Dialogs" - { - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_7F0506CDE05C426E9A69E1F0F6A1B9A4" - { - "Sequence" = "3:200" - "DisplayName" = "8:Installation Folder" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdFolderDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_E227037047AF41C394E3138699F6DD62" - { - "Sequence" = "3:300" - "DisplayName" = "8:Confirm Installation" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdConfirmDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_EF6CBFADEBBA4F4BA427709FD0C72385" - { - "Sequence" = "3:100" - "DisplayName" = "8:Welcome" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdWelcomeDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - "CopyrightWarning" - { - "Name" = "8:CopyrightWarning" - "DisplayName" = "8:#1002" - "Description" = "8:#1102" - "Type" = "3:3" - "ContextData" = "8:" - "Attributes" = "3:0" - "Setting" = "3:1" - "Value" = "8:#1202" - "DefaultValue" = "8:#1202" - "UsePlugInResources" = "11:TRUE" - } - "Welcome" - { - "Name" = "8:Welcome" - "DisplayName" = "8:#1003" - "Description" = "8:#1103" - "Type" = "3:3" - "ContextData" = "8:" - "Attributes" = "3:0" - "Setting" = "3:1" - "Value" = "8:#1203" - "DefaultValue" = "8:#1203" - "UsePlugInResources" = "11:TRUE" - } - } - } - } - } - "{8D9DEE8B-DD8B-4F48-9072-C4364E4F4011}:_FC54039B5B444B8C8D7C64B693C25B14" - { - "Name" = "8:#1901" - "Sequence" = "3:2" - "Attributes" = "3:2" - "Dialogs" - { - "{18ADD6EC-89FE-4ED7-AD3E-211C40278470}:_E79C486A92E54E4881FBD841C4649B83" - { - "Sequence" = "3:100" - "DisplayName" = "8:Progress" - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:\\VsdAdminProgressDlg.wid" - "Properties" - { - "BannerBitmap" - { - "Name" = "8:BannerBitmap" - "DisplayName" = "8:#1001" - "Description" = "8:#1101" - "Type" = "3:8" - "ContextData" = "8:Bitmap" - "Attributes" = "3:4" - "Setting" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - "ShowProgress" - { - "Name" = "8:ShowProgress" - "DisplayName" = "8:#1009" - "Description" = "8:#1109" - "Type" = "3:5" - "ContextData" = "8:1;True=1;False=0" - "Attributes" = "3:0" - "Setting" = "3:0" - "Value" = "3:1" - "DefaultValue" = "3:1" - "UsePlugInResources" = "11:TRUE" - } - } - } - } - } - } - "MergeModule" - { - } - "ProjectOutput" - { - "{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_C9C2CAF6FE7A41938101D843D18673B7" - { - "SourcePath" = "8:..\\authtokenclient_msm\\Debug\\authtokenclient_msm.msm" - "TargetName" = "8:" - "Tag" = "8:" - "Folder" = "8:_BADBE39F262C4F79B42417C62DF02E55" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - "ProjectOutputGroupRegister" = "3:1" - "OutputConfiguration" = "8:" - "OutputGroupCanonicalName" = "8:Built" - "OutputProjectGuid" = "8:{70ED319E-F496-4F07-878C-1921426DD399}" - "ShowKeyOutput" = "11:TRUE" - "ExcludeFilters" - { - } - "KeyOutputModule" - { - "UseDynamicProperties" = "11:TRUE" - "IsDependency" = "11:FALSE" - "SourcePath" = "8:..\\authtokenclient_msm\\Release\\authtokenclient_msm.msm" - "Properties" - { - "_F5F5F604B81645F8B6463F7A7D6A53AD.375AEECA1C3A4EC3AF37E3E5BE6711DD" - { - "Name" = "8:_F5F5F604B81645F8B6463F7A7D6A53AD.375AEECA1C3A4EC3AF37E3E5BE6711DD" - "DisplayName" = "8:Module Retargetable Folder" - "Description" = "8:" - "Type" = "3:32769" - "ContextData" = "8:_RetargetableFolder" - "Attributes" = "3:6" - "Setting" = "3:1" - "UsePlugInResources" = "11:FALSE" - } - } - "LanguageId" = "3:1033" - "Exclude" = "11:FALSE" - "Folder" = "8:_BADBE39F262C4F79B42417C62DF02E55" - "Feature" = "8:" - "IsolateTo" = "8:" - } - } - } - "VJSharpPlugin" - { - } - } -} diff --git a/CASA-auth-token/client/authtokenclient_msm/authtokenclient_msm.vdproj b/CASA-auth-token/client/authtokenclient_msm/authtokenclient_msm.vdproj deleted file mode 100644 index 420a9086..00000000 --- a/CASA-auth-token/client/authtokenclient_msm/authtokenclient_msm.vdproj +++ /dev/null @@ -1,438 +0,0 @@ -"DeployProject" -{ -"VSVersion" = "3:701" -"ProjectType" = "8:{DD7A5B58-C2F9-40FF-B2EF-0773356FB978}" -"IsWebType" = "8:FALSE" -"ProjectName" = "8:authtokenclient_msm" -"LanguageId" = "3:1033" -"CodePage" = "3:1252" -"UILanguageId" = "3:1033" -"SccProjectName" = "8:" -"SccLocalPath" = "8:" -"SccAuxPath" = "8:" -"SccProvider" = "8:" - "Hierarchy" - { - "Entry" - { - "MsmKey" = "8:_0C000CB7C5FA4E2BB6A6CB1C204EABA6" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - "Entry" - { - "MsmKey" = "8:_0C0B5ECE6E9C47F1A1F13B58141B5DC8" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - "Entry" - { - "MsmKey" = "8:_1231718055D14020BF756DCF44D2BF22" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - "Entry" - { - "MsmKey" = "8:_1ED6B3F7C91A4BBE875FC4621FC3CD97" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - "Entry" - { - "MsmKey" = "8:_677B016062384F4C8A73EC952CBCFD76" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - "Entry" - { - "MsmKey" = "8:_9A2FC85FE99C48E8AD1E4813BE33A03A" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - "Entry" - { - "MsmKey" = "8:_DB9D7F0710B44F858325E4EFCCB2EEB3" - "OwnerKey" = "8:_UNDEFINED" - "MsmSig" = "8:_UNDEFINED" - } - } - "Configurations" - { - "Debug" - { - "DisplayName" = "8:Debug" - "IsDebugOnly" = "11:TRUE" - "IsReleaseOnly" = "11:FALSE" - "OutputFilename" = "8:Debug\\authtokenclient_msm.msm" - "PackageFilesAs" = "3:2" - "PackageFileSize" = "3:-2147483648" - "CabType" = "3:1" - "Compression" = "3:2" - "SignOutput" = "11:FALSE" - "CertificateFile" = "8:" - "PrivateKeyFile" = "8:" - "TimeStampServer" = "8:" - "InstallerBootstrapper" = "3:1" - } - "Release" - { - "DisplayName" = "8:Release" - "IsDebugOnly" = "11:FALSE" - "IsReleaseOnly" = "11:TRUE" - "OutputFilename" = "8:Release\\authtokenclient_msm.msm" - "PackageFilesAs" = "3:2" - "PackageFileSize" = "3:-2147483648" - "CabType" = "3:1" - "Compression" = "3:2" - "SignOutput" = "11:FALSE" - "CertificateFile" = "8:" - "PrivateKeyFile" = "8:" - "TimeStampServer" = "8:" - "InstallerBootstrapper" = "3:1" - } - } - "Deployable" - { - "CustomAction" - { - } - "DefaultFeature" - { - "Name" = "8:DefaultFeature" - "Title" = "8:" - "Description" = "8:" - } - "File" - { - "{A582A373-4685-4296-BEFE-614B80A702C3}:_0C000CB7C5FA4E2BB6A6CB1C204EABA6" - { - "SourcePath" = "8:..\\mechanisms\\pwd\\PwdAuthenticate.conf" - "TargetName" = "8:PwdAuthenticate.conf" - "Tag" = "8:" - "Folder" = "8:_DEA051CA331E4FEA83D99711FB584664" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - } - "{A582A373-4685-4296-BEFE-614B80A702C3}:_1231718055D14020BF756DCF44D2BF22" - { - "SourcePath" = "8:..\\mechanisms\\krb5\\Krb5Authenticate.conf" - "TargetName" = "8:Krb5Authenticate.conf" - "Tag" = "8:" - "Folder" = "8:_DEA051CA331E4FEA83D99711FB584664" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - } - "{A582A373-4685-4296-BEFE-614B80A702C3}:_1ED6B3F7C91A4BBE875FC4621FC3CD97" - { - "SourcePath" = "8:..\\..\\include\\casa_c_authtoken.h" - "TargetName" = "8:casa_c_authtoken.h" - "Tag" = "8:" - "Folder" = "8:_9568FCF514C14B54BAB7D1D5D183D3C5" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - } - "{A582A373-4685-4296-BEFE-614B80A702C3}:_677B016062384F4C8A73EC952CBCFD76" - { - "SourcePath" = "8:..\\windows\\authtoken.lib" - "TargetName" = "8:authtoken.lib" - "Tag" = "8:" - "Folder" = "8:_01897726E7804A3B875B67A1C2692147" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - } - } - "FileType" - { - } - "Folder" - { - "{78BAF5CE-F2E5-45BE-83BC-DB6AF387E941}:_DB481DA18FE347988F44E459AD84EDE9" - { - "Name" = "8:#1912" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:ProgramFilesFolder" - "Folders" - { - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_00A3E8736D134835AD0537E00F100987" - { - "Name" = "8:Novell" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_6F4D982C87CA4DF991766D49335B6669" - "Folders" - { - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_7911DA52FBB24F3DB6BAF4B8BD9E57BF" - { - "Name" = "8:CASA" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_5C00DF0C10DE42D887AF2473050E45C9" - "Folders" - { - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_01897726E7804A3B875B67A1C2692147" - { - "Name" = "8:lib" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_9CB2846430C044D4A85E07E79ED81EC6" - "Folders" - { - } - } - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_9568FCF514C14B54BAB7D1D5D183D3C5" - { - "Name" = "8:include" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_E75CE2ED8E574BD6BDBF415E739623A2" - "Folders" - { - } - } - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_B639068B7BE1480495ADAF8B2461A075" - { - "Name" = "8:etc" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_B04A2882FFAA4A959983F9D9750066CB" - "Folders" - { - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_24DA90392089420889094EC07EB4F28C" - { - "Name" = "8:auth" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_AE09329FDCD54A98A0A90DDD67FE7E50" - "Folders" - { - "{F27BD5C5-A65D-4608-96D4-7C5DA1F76302}:_DEA051CA331E4FEA83D99711FB584664" - { - "Name" = "8:mechanisms" - "AlwaysCreate" = "11:FALSE" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Property" = "8:_DA97A45985F64232A6DEAD78C88EDEE5" - "Folders" - { - } - } - } - } - } - } - } - } - } - } - } - } - "{29CD8198-A6F0-4B93-8B90-AC03CFEAD328}:_F5F5F604B81645F8B6463F7A7D6A53AD" - { - "DefaultLocation" = "8:[ProgramFilesFolder]\\novell\\casa\\lib" - "DisplayName" = "8:Module Retargetable Folder" - "Description" = "8:" - "Name" = "8:Module Retargetable Folder" - "AlwaysCreate" = "11:TRUE" - "Condition" = "8:" - "Transitive" = "11:TRUE" - "Property" = "8:NEWRETARGETABLEPROPERTY1" - "Folders" - { - } - } - } - "Sequences" - { - } - "MergeModule" - { - } - "Module" - { - "ModuleSignature" = "8:MergeModule.375AEECA1C3A4EC3AF37E3E5BE6711DD" - "Version" = "8:1.0.0.0" - "Title" = "8:authtokenclient_msm" - "Subject" = "8:" - "Author" = "8:Novell" - "Keywords" = "8:" - "Comments" = "8:" - "SearchPath" = "8:" - "UseSystemSearchPath" = "11:TRUE" - } - "ProjectOutput" - { - "{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_0C0B5ECE6E9C47F1A1F13B58141B5DC8" - { - "SourcePath" = "8:..\\windows\\Debug\\authtoken.dll" - "TargetName" = "8:" - "Tag" = "8:" - "Folder" = "8:_01897726E7804A3B875B67A1C2692147" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - "ProjectOutputGroupRegister" = "3:1" - "OutputConfiguration" = "8:" - "OutputGroupCanonicalName" = "8:Built" - "OutputProjectGuid" = "8:{7BD9A5DB-DE7D-40B7-A397-04182DC2F632}" - "ShowKeyOutput" = "11:FALSE" - "ExcludeFilters" - { - } - } - "{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_9A2FC85FE99C48E8AD1E4813BE33A03A" - { - "SourcePath" = "8:..\\mechanisms\\krb5\\windows\\Debug\\krb5mech.dll" - "TargetName" = "8:" - "Tag" = "8:" - "Folder" = "8:_F5F5F604B81645F8B6463F7A7D6A53AD" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - "ProjectOutputGroupRegister" = "3:1" - "OutputConfiguration" = "8:" - "OutputGroupCanonicalName" = "8:Built" - "OutputProjectGuid" = "8:{5499F624-F371-4559-B4C2-A484BCE892FD}" - "ShowKeyOutput" = "11:FALSE" - "ExcludeFilters" - { - } - } - "{8062640A-2EEE-46E9-AB67-688E9A886E9F}:_DB9D7F0710B44F858325E4EFCCB2EEB3" - { - "SourcePath" = "8:..\\mechanisms\\krb5\\windows\\Debug\\krb5mech.dll" - "TargetName" = "8:" - "Tag" = "8:" - "Folder" = "8:_F5F5F604B81645F8B6463F7A7D6A53AD" - "Condition" = "8:" - "Transitive" = "11:FALSE" - "Vital" = "11:TRUE" - "ReadOnly" = "11:FALSE" - "Hidden" = "11:FALSE" - "System" = "11:FALSE" - "Permanent" = "11:FALSE" - "SharedLegacy" = "11:FALSE" - "PackageAs" = "3:1" - "Register" = "3:1" - "Exclude" = "11:FALSE" - "IsDependency" = "11:FALSE" - "IsolateTo" = "8:" - "ProjectOutputGroupRegister" = "3:1" - "OutputConfiguration" = "8:" - "OutputGroupCanonicalName" = "8:Built" - "OutputProjectGuid" = "8:{5499F624-F371-4559-B4C2-A484BCE892FD}" - "ShowKeyOutput" = "11:FALSE" - "ExcludeFilters" - { - } - } - } - "Registry" - { - "HKLM" - { - "Keys" - { - } - } - "HKCU" - { - "Keys" - { - } - } - "HKCR" - { - "Keys" - { - } - } - "HKU" - { - "Keys" - { - } - } - "HKPU" - { - "Keys" - { - } - } - } - "Shortcut" - { - } - } -} diff --git a/CASA-auth-token/client/cache.c b/CASA-auth-token/client/cache.c deleted file mode 100644 index 81e8dab2..00000000 --- a/CASA-auth-token/client/cache.c +++ /dev/null @@ -1,615 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" -#include - -//===[ Type definitions ]================================================== - -// -// Registry Key/Value defines used in the AuthCache -// -#define CASA_AUTH_CACHE_REG_KEY "CASA_Auth_Cache" -#define CREATION_TIME_REG_VALUE "CreationTime" -#define EXPIRATION_TIME_REG_VALUE "ExpirationTime" -#define DOES_NOT_EXPIRE_REG_VALUE "DoesNotExpire" -#define STATUS_REG_VALUE "Status" -#define TOKEN_REG_VALUE "Token" - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Non-host specific key name -static -char g_allHosts[] = "AllHosts"; - -static -int g_cacheEntryCount = 0; - -HANDLE g_hCASAContext; - -//++======================================================================= -AuthCacheEntry* -CreateAuthTokenCacheEntry( - IN const char *pCacheKey, - IN const char *pGroupOrHostName, - IN CasaStatus status, - IN unsigned char *pToken, - IN int entryLifetime // seconds (0 == Lives forever) - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; - SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"}; - uint32_t tokenSize, entrySize, keySize; - AuthCacheEntry *pEntry = NULL; - unsigned char *pKey; - - - DbgTrace(1, "-CreateAuthTokenCacheEntry- Start\n", 0); - - if (status == CASA_STATUS_SUCCESS) - { - tokenSize = (uint32_t)strlen(pToken); - } - else - { - tokenSize = 0; - } - - entrySize = tokenSize + sizeof(AuthCacheEntry); - - // Allocate space for the entry - // The AuthCacheEntry structure contains room for the tokens NULL terminator - pEntry = (AuthCacheEntry*) malloc(entrySize); - if (pEntry) - { - // Set the status - pEntry->status = status; - - if (pEntry->status == CASA_STATUS_SUCCESS) - { - memcpy(&pEntry->token[0], pToken, tokenSize); - } - - pEntry->token[tokenSize] = '\0'; - - // Set the time when the entry was added to the cache - pEntry->creationTime = GetTickCount(); - - // First determine the time when the entry is due to expire - if (entryLifetime != 0) - { - pEntry->expirationTime = pEntry->creationTime + (entryLifetime * 1000); - pEntry->doesNotExpire = FALSE; - } - else - { - // The entry does not expire - pEntry->expirationTime = 0; - pEntry->doesNotExpire = TRUE; - } - - keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2; - - pKey = malloc(keySize); - - if (pKey) - { - strncpy(pKey, pCacheKey, keySize); - strncat(pKey, "@", keySize); - strncat(pKey, pGroupOrHostName, keySize); - - retStatus = miCASAWriteBinaryKey( - g_hCASAContext, - 0, - &sessionKeyChain, - &sharedId, - pKey, - keySize, - (uint8_t *)pEntry, - &entrySize, - NULL, - NULL); - - - free(pKey); - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(1, "-CreateAuthTokenCacheEntry- End, pEntry = %08X\n", pEntry); - - return pEntry; -} - - -//++======================================================================= -AuthCacheEntry* -CreateSessionTokenCacheEntry( - IN const char *pCacheKey, - IN CasaStatus status, - IN unsigned char *pToken, - IN int entryLifetime // seconds (0 == Lives forever) - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; - SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"}; - uint32_t tokenSize, entrySize; - AuthCacheEntry *pEntry = NULL; - - - DbgTrace(1, "-CreateSessionTokenCacheEntry- Start\n", 0); - - if (status == CASA_STATUS_SUCCESS) - { - tokenSize = (uint32_t)strlen(pToken); - } - else - { - tokenSize = 0; - } - - entrySize = tokenSize + sizeof(AuthCacheEntry); - - // Allocate space for the entry - // The AuthCacheEntry structure contains room for the tokens NULL terminator - pEntry = (AuthCacheEntry*) malloc(entrySize); - if (pEntry) - { - // Set the status - pEntry->status = status; - - if (pEntry->status == CASA_STATUS_SUCCESS) - { - memcpy(&pEntry->token[0], pToken, tokenSize); - } - - pEntry->token[tokenSize] = '\0'; - - // Set the time when the entry was added to the cache - pEntry->creationTime = GetTickCount(); - - // First determine the time when the entry is due to expire - if (entryLifetime != 0) - { - pEntry->expirationTime = pEntry->creationTime + (entryLifetime * 1000); - pEntry->doesNotExpire = FALSE; - } - else - { - // The entry does not expire - pEntry->expirationTime = 0; - pEntry->doesNotExpire = TRUE; - } - - retStatus = miCASAWriteBinaryKey( - g_hCASAContext, - 0, - &sessionKeyChain, - &sharedId, - (char *)pCacheKey, - (uint32_t)strlen(pCacheKey) + 1, - (uint8_t *)pEntry, - &entrySize, - NULL, - NULL); - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(1, "-CreateSessionTokenCacheEntry- End, pEntry = %08X\n", pEntry); - - return pEntry; -} - - -//++======================================================================= -void -FreeAuthCacheEntry( - IN AuthCacheEntry *pEntry - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-FreeAuthCacheEntry- Start, pEntry = %08X\n", pEntry); - - // Free the entry - free(pEntry); - - DbgTrace(1, "-FreeAuthCacheEntry- End\n", 0); -} - - -//++======================================================================= -static -BOOL -CacheEntryLifetimeExpired( - IN DWORD creationTime, - IN DWORD expirationTime - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DWORD currentTime = GetTickCount(); - BOOL expired = FALSE; - - DbgTrace(2, "-CacheEntryLifetimeExpired- Start\n", 0); - - // Check if the clock has wrapped - if (currentTime >= creationTime) - { - // The clock has not wrapped, check if the - // expiration time has wrapped. - if (expirationTime > creationTime) - { - // The expiration time also has not wrapped, - // do a straight compare against the current - // time. - if (currentTime >= expirationTime) - { - // It has expired - expired = TRUE; - } - } - } - else - { - // The clock has wrapped, check if the expiration - // time also wrapped. - if (expirationTime > creationTime) - { - // The expiration time did not wrap, therefore - // it has been exceeded since the clock wrapped. - expired = TRUE; - } - else - { - // The expiration time also wrapped, do a straight - // compare against the current time. - if (currentTime >= expirationTime) - { - // It has expired - expired = TRUE; - } - } - } - - DbgTrace(2, "-CacheEntryLifetimeExpired- End, result = %08X\n", expired); - - return expired; -} - - -//++======================================================================= -AuthCacheEntry* -FindSessionTokenEntryInCache( - IN const char *pCacheKey - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; - SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"}; - uint32_t valueLength, bytesRequired; - AuthCacheEntry *pEntry = NULL; - - - DbgTrace(1, "-FindSessionTokenEntryInCache- Start\n", 0); - - valueLength = 0; - bytesRequired = 0; - - retStatus = miCASAReadBinaryKey( - g_hCASAContext, - 0, - &sessionKeyChain, - &sharedId, - (char *)pCacheKey, - (uint32_t)strlen(pCacheKey) + 1, - NULL, - &valueLength, - NULL, - &bytesRequired, - NULL); - - if (retStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT - && bytesRequired != 0) - { - pEntry = (AuthCacheEntry*) malloc(bytesRequired); - - if (pEntry) - { - valueLength = bytesRequired; - bytesRequired = 0; - - retStatus = miCASAReadBinaryKey( - g_hCASAContext, - 0, - &sessionKeyChain, - &sharedId, - (char *)pCacheKey, - (uint32_t)strlen(pCacheKey) + 1, - (uint8_t *)pEntry, - &valueLength, - NULL, - &bytesRequired, - NULL); - - if (CASA_SUCCESS(retStatus)) - { - if (pEntry->doesNotExpire == FALSE - && CacheEntryLifetimeExpired(pEntry->creationTime, pEntry->expirationTime)) - { - // Remove the entry ??? - //miCASARemoveBinaryKey(); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - - if (!CASA_SUCCESS(retStatus)) - { - FreeAuthCacheEntry(pEntry); - pEntry = NULL; - } - } - } - - DbgTrace(1, "-FindSessionTokenEntryInCache- End, pEntry = %08X\n", pEntry); - - return pEntry; -} - -//++======================================================================= -AuthCacheEntry* -FindAuthTokenEntryInCache( - IN const char *pCacheKey, - IN const char *pGroupOrHostName - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; - SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"}; - uint32_t valueLength, bytesRequired, keySize; - AuthCacheEntry *pEntry = NULL; - unsigned char *pKey; - - - DbgTrace(1, "-FindAuthTokenEntryInCache- Start\n", 0); - - keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2; - - pKey = malloc(keySize); - - if (pKey) - { - strncpy(pKey, pCacheKey, keySize); - strncat(pKey, "@", keySize); - strncat(pKey, pGroupOrHostName, keySize); - - valueLength = 0; - bytesRequired = 0; - - retStatus = miCASAReadBinaryKey( - g_hCASAContext, - 0, - &sessionKeyChain, - &sharedId, - pKey, - keySize, - NULL, - &valueLength, - NULL, - &bytesRequired, - NULL); - - if (retStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT - && bytesRequired != 0) - { - pEntry = (AuthCacheEntry*) malloc(bytesRequired); - - if (pEntry) - { - valueLength = bytesRequired; - bytesRequired = 0; - - retStatus = miCASAReadBinaryKey( - g_hCASAContext, - 0, - &sessionKeyChain, - &sharedId, - pKey, - keySize, - (uint8_t *)pEntry, - &valueLength, - NULL, - &bytesRequired, - NULL); - - if (CASA_SUCCESS(retStatus)) - { - if (pEntry->doesNotExpire == FALSE - && CacheEntryLifetimeExpired(pEntry->creationTime, pEntry->expirationTime)) - { - // Remove the entry ??? - //miCASARemoveBinaryKey(); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - - if (!CASA_SUCCESS(retStatus)) - { - FreeAuthCacheEntry(pEntry); - pEntry = NULL; - } - } - } - - free(pKey); - } - - DbgTrace(1, "-FindAuthTokenEntryInCache- End, pEntry = %08X\n", pEntry); - - return pEntry; -} - - -//++======================================================================= -CasaStatus -InitializeAuthCache() -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - SSCS_SECRETSTORE_T ssId; - - DbgTrace(1, "-InitializeAuthCache- Start\n", 0); - - ssId.version = NSSCS_VERSION_NUMBER; - strcpy((char *)ssId.ssName, (char *)SSCS_DEFAULT_SECRETSTORE_ID); - - g_hCASAContext = miCASAOpenSecretStoreCache( - &ssId, - 0, - NULL); - - if (!g_hCASAContext) - { - retStatus = CasaStatusBuild( - CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - else - { - retStatus = CASA_STATUS_SUCCESS; - } - - DbgTrace(1, "-InitializeAuthCache- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/client.vcproj b/CASA-auth-token/client/client.vcproj deleted file mode 100644 index ad9dbe87..00000000 --- a/CASA-auth-token/client/client.vcproj +++ /dev/null @@ -1,221 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/CASA-auth-token/client/config.c b/CASA-auth-token/client/config.c deleted file mode 100644 index fa6c601b..00000000 --- a/CASA-auth-token/client/config.c +++ /dev/null @@ -1,685 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Config Key object -// -typedef struct _ConfigKey -{ - LIST_ENTRY listEntry; - char *pKeyName; - int keyNameLen; - char *pValue; - int valueLen; - -} ConfigKey, *pConfigKey; - -// -// Config Interface instance data -// -typedef struct _ConfigIfInstance -{ - LIST_ENTRY listEntry; - int refCount; - char *pConfigFolder; - int configFolderLen; - char *pConfigName; - int configNameLen; - LIST_ENTRY configKeyListHead; - ConfigIf configIf; - -} ConfigIfInstance, *PConfigIfInstance; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// ConfigIf variables -static -LIST_ENTRY g_configIfListHead = {&g_configIfListHead, &g_configIfListHead}; - -static -int g_numConfigIfObjs = 0; - - -//++======================================================================= -static void -RemoveWhiteSpaceFromTheEnd( - IN const char *pInString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pLineEnd = (char*) pInString + strlen(pInString) - 1; - - - DbgTrace(3, "-RemoveWhiteSpaceFromTheEnd- Start\n", 0); - - while (pLineEnd != pInString) - { - if (*pLineEnd == '\n' - || *pLineEnd == ' ' - || *pLineEnd == '\t') - { - // Strike this character - *pLineEnd = '\0'; - pLineEnd --; - } - else - { - // Found a non-white character - break; - } - } - - DbgTrace(3, "-RemoveWhiteSpaceFromTheEnd- End\n", 0); -} - - -//++======================================================================= -static char* -SkipWhiteSpace( - IN const char *pInString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pOutString = (char*) pInString; - - DbgTrace(3, "-SkipWhiteSpace- Start\n", 0); - - while (*pOutString != '\0') - { - if (*pOutString == '\n' - || *pOutString == ' ' - || *pOutString == '\t') - { - // Skip this character - pOutString ++; - } - else - { - // Found a non-white character - break; - } - } - - DbgTrace(3, "-SkipWhiteSpace- End\n", 0); - - return pOutString; -} - - -//++======================================================================= -static char* -SkipNonWhiteSpace( - IN const char *pInString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pOutString = (char*) pInString; - - DbgTrace(3, "-SkipNonWhiteSpace- Start\n", 0); - - while (*pOutString != '\0') - { - if (*pOutString == '\n' - || *pOutString == ' ' - || *pOutString == '\t') - { - // Found a white character - break; - } - else - { - // Skip this character - pOutString ++; - } - } - - DbgTrace(3, "-SkipNonWhiteSpace- End\n", 0); - - return pOutString; -} - - -//++======================================================================= -static void -LowerCaseString( - IN char *pDestString, - IN const char *pSrcString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int i; - - DbgTrace(3, "-LowerCaseString- Start\n", 0); - - // Copy the string as lower case - for (i = 0; pSrcString[i] != '\0'; i++) - { - if (isalpha(pSrcString[i])) - pDestString[i] = tolower(pSrcString[i]); - else - pDestString[i] = pSrcString[i]; - } - - // Null terminate the destination string - pDestString[i] = '\0'; - - DbgTrace(3, "-LowerCaseString- End\n", 0); -} - - -//++======================================================================= -int SSCS_CALL -ConfigIf_AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf); - - DbgTrace(2, "-ConfigIf_AddReference- Start\n", 0); - - // Increment the reference count on the object - pConfigIfInstance->refCount ++; - refCount = pConfigIfInstance->refCount; - - DbgTrace(2, "-ConfigIf_AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -void SSCS_CALL -ConfigIf_ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf); - - DbgTrace(2, "-ConfigIf_ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - pConfigIfInstance->refCount --; - if (pConfigIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numConfigIfObjs --; - RemoveEntryList(&pConfigIfInstance->listEntry); - } - - // Free object if necessary - if (freeObj) - { - // Free all of the config key objects associated with this configuration - // interface instance. - while (!IsListEmpty(&pConfigIfInstance->configKeyListHead)) - { - LIST_ENTRY *pListEntry; - ConfigKey *pConfigKey; - - // Get reference to entry at the head of the list - pListEntry = pConfigIfInstance->configKeyListHead.Flink; - pConfigKey = CONTAINING_RECORD(pListEntry, ConfigKey, listEntry); - - // Free the buffers associated with the ConfigKey - free(pConfigKey->pKeyName); - free(pConfigKey->pValue); - - // Remove the entry from the list - RemoveEntryList(&pConfigKey->listEntry); - - // Finish freeing the ConfigKey - free(pConfigKey); - } - - // Free the rest of the buffers associated with the interface instance data - free(pConfigIfInstance->pConfigFolder); - free(pConfigIfInstance->pConfigName); - free(pConfigIfInstance); - } - - DbgTrace(2, "-ConfigIf_ReleaseReference- End\n", 0); -} - - -//++======================================================================= -char* SSCS_CALL -ConfigIf_GetEntryValue( - IN const void *pIfInstance, - IN const char *pKeyName) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pKeyName - -// Pointer to NULL terminated string that contains the -// name of the key whose value is being requested. -// -// Returns: -// Pointer to NULL terminated string with value being requested or NULL. -// -// Description: -// Gets value associated with a key for the configuration object. -// -// L2 -//=======================================================================-- -{ - ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf); - char *pValue = NULL; - LIST_ENTRY *pListEntry; - ConfigKey *pConfigKey; - int keyNameLen = (int) strlen(pKeyName); - char *pKeyNameLowercase; - - DbgTrace(2, "-ConfigIf_GetEntryValue- Start\n", 0); - - // Allocate enough space to hold lower case version of the key name - pKeyNameLowercase = (char*) malloc(keyNameLen + 1); - if (pKeyNameLowercase) - { - // Lower case the key name - LowerCaseString(pKeyNameLowercase, pKeyName); - - // Try to find matching ConfigKey - pListEntry = pConfigIfInstance->configKeyListHead.Flink; - while (pListEntry != &pConfigIfInstance->configKeyListHead) - { - // Get pointer to the current entry - pConfigKey = CONTAINING_RECORD(pListEntry, ConfigKey, listEntry); - - // Check if we have a match - if (pConfigKey->keyNameLen == keyNameLen - && memcmp(pKeyNameLowercase, pConfigKey->pKeyName, keyNameLen) == 0) - { - // We found it, return its value. - pValue = (char*) malloc(pConfigKey->valueLen + 1); - if (pValue) - { - strcpy(pValue, pConfigKey->pValue); - } - else - { - DbgTrace(0, "-ConfigIf_GetEntryValue- Buffer allocation failure\n", 0); - } - break; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Free the lower case version of the key name - free(pKeyNameLowercase); - } - else - { - DbgTrace(0, "-ConfigIf_GetEntryValue- Buffer allocation failure\n", 0); - } - - DbgTrace(2, "-ConfigIf_GetEntryValue- End, pValue = %08X\n", (unsigned int) pValue); - - return pValue; -} - - - -//++======================================================================= -CasaStatus -GetConfigInterface( - IN const char *pConfigFolder, - IN const char *pConfigName, - INOUT ConfigIf **ppConfigIf) -// -// Arguments: -// pConfigFolder - -// Pointer to NULL terminated string that contains the name of -// the folder containing the configuration file. -// -// pConfigName - -// Pointer to NULL terminated string containing the name of the -// configuration entry. -// -// ppConfigIf - -// Pointer to variable that will receive pointer to ConfigIf -// instance. -// -// Returns: -// Casa Status -// -// Description: -// Get configuration interface to specified configuration entry. -// -// L2 -//=======================================================================-- -{ - int configFolderLen = (int) strlen(pConfigFolder); - int configNameLen = (int)strlen(pConfigName); - ConfigIfInstance *pConfigIfInstance; - LIST_ENTRY *pListEntry; - CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_OBJECT_NOT_FOUND); - - DbgTrace(2, "-GetConfigInterface- Start\n", 0); - - // Check if we already have an entry in our list for the configuration - pListEntry = g_configIfListHead.Flink; - while (pListEntry != &g_configIfListHead) - { - // Get pointer to the current entry - pConfigIfInstance = CONTAINING_RECORD(pListEntry, ConfigIfInstance, listEntry); - - // Check if we have a match - if (pConfigIfInstance->configFolderLen == configFolderLen - && pConfigIfInstance->configNameLen == configNameLen - && memcmp(pConfigFolder, pConfigIfInstance->pConfigFolder, configFolderLen) == 0 - && memcmp(pConfigName, pConfigIfInstance->pConfigName, configNameLen) == 0) - { - // We found it, return the ConfigIf associated with the instance data - // after incrementing its reference count. - pConfigIfInstance->refCount ++; - *ppConfigIf = &pConfigIfInstance->configIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - break; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Proceed to create interface instance data for the configuration if none was found - if (retStatus != CASA_STATUS_SUCCESS) - { - char *pFilePath; - - // Build a string containing the configuration file path - pFilePath = (char*) malloc(configFolderLen + 1 + configNameLen + sizeof(".conf")); - if (pFilePath) - { - FILE *pConfigFile; - - strcpy(pFilePath, pConfigFolder); - strcat(pFilePath, pathCharString); - strcat(pFilePath, pConfigName); - strcat(pFilePath, ".conf"); - - // Open the configuration file for reading - pConfigFile = fopen(pFilePath, "r"); - if (pConfigFile) - { - // Opened the file, create a ConfigIfInstance object for it. - pConfigIfInstance = (ConfigIfInstance*) malloc(sizeof(*pConfigIfInstance)); - if (pConfigIfInstance) - { - // Initialize the list head within the instance data - InitializeListHead(&pConfigIfInstance->configKeyListHead); - - // Initialize the ConfigIf within the instance data - pConfigIfInstance->configIf.addReference = ConfigIf_AddReference; - pConfigIfInstance->configIf.releaseReference = ConfigIf_ReleaseReference; - pConfigIfInstance->configIf.getEntryValue = ConfigIf_GetEntryValue; - - // Save the ConfigFolder and ConfigName information within the instance data - pConfigIfInstance->pConfigFolder = (char*) malloc(configFolderLen + 1); - if (pConfigIfInstance->pConfigFolder) - { - strcpy(pConfigIfInstance->pConfigFolder, pConfigFolder); - pConfigIfInstance->configFolderLen = configFolderLen; - - pConfigIfInstance->pConfigName = (char*) malloc(configNameLen + 1); - if (pConfigIfInstance->pConfigName) - { - strcpy(pConfigIfInstance->pConfigName, pConfigName); - pConfigIfInstance->configNameLen = configNameLen; - - // Add the instance data into our list and bump up its reference count - // since we did that. - InsertTailList(&g_configIfListHead, &pConfigIfInstance->listEntry); - pConfigIfInstance->refCount = 1; - - // At this point we want to return success to the caller even if we - // experience a read error. - retStatus = CASA_STATUS_SUCCESS; - - // Return the ConfigIf associated with the instance data after - // incrementing its reference count. - pConfigIfInstance->refCount ++; - *ppConfigIf = &pConfigIfInstance->configIf; - - // Now update the instance data with the information present in the file - if (fseek(pConfigFile, 0, SEEK_SET) == 0) - { - char line[512]; - - while (fgets(line, sizeof(line), pConfigFile) != NULL) - { - int lineLength; - - RemoveWhiteSpaceFromTheEnd(line); - - lineLength = (int) strlen(line); - if (lineLength != 0) - { - char *pKey; - char *pKeyEnd; - char *pValue; - ConfigKey *pConfigKey; - - // Attempt to find the key - pKey = SkipWhiteSpace(line); - - // Make sure that we are not dealing with an empty line or a comment - if (*pKey == '\0' || *pKey == '#') - continue; - - // Go past the key - pKeyEnd = SkipNonWhiteSpace(pKey); - - // Protect against a malformed line - if (*pKeyEnd == '\0') - { - DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0); - continue; - } - - // Attempt to find the value - pValue = SkipWhiteSpace(pKeyEnd); - - // Protect against a malformed line - if (*pValue == '\0') - { - DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0); - continue; - } - - // Delineate the key - *pKeyEnd = '\0'; - - // Create a ConfigKey object for this key/value pair - pConfigKey = (ConfigKey*) malloc(sizeof(*pConfigKey)); - if (pConfigKey) - { - pConfigKey->keyNameLen = (int) strlen(pKey); - pConfigKey->pKeyName = (char*) malloc(pConfigKey->keyNameLen + 1); - if (pConfigKey->pKeyName) - { - // Save the key name in lower case - LowerCaseString(pConfigKey->pKeyName, pKey); - - pConfigKey->valueLen = (int) strlen(pValue); - pConfigKey->pValue = (char*) malloc(pConfigKey->valueLen + 1); - if (pConfigKey->pValue) - { - strcpy(pConfigKey->pValue, pValue); - - // The entry is ready, now associate it with the instance data. - InsertTailList(&pConfigIfInstance->configKeyListHead, &pConfigKey->listEntry); - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - free(pConfigKey->pKeyName); - free(pConfigKey); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - free(pConfigKey); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - } - } - } - } - else - { - DbgTrace(0, "-GetConfigInterface- File seek error, errno = %d\n", errno); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - - // Free the buffers associated with the instance data - free(pConfigIfInstance->pConfigFolder); - free(pConfigIfInstance); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - - // Free the buffer allocated for the instance data - free(pConfigIfInstance); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - } - - // Close the file - fclose(pConfigFile); - } - else - { - DbgTrace(1, "-GetConfigInterface- Unable to open config file, errno = %d\n", errno); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation error\n", 0); - } - } - - DbgTrace(2, "-GetConfigInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/config_if.h b/CASA-auth-token/client/config_if.h deleted file mode 100644 index 0cdf31ce..00000000 --- a/CASA-auth-token/client/config_if.h +++ /dev/null @@ -1,120 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -#ifndef _CONFIG_IF_H_ -#define _CONFIG_IF_H_ - - -//===[ Include files ]===================================================== - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -/************************************************************************** -*************************************************************************** -** ** -** Configuration Object Interface Definitions ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -typedef -int -(SSCS_CALL *PFNConfiglIf_AddReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -//=======================================================================-- - - -//++======================================================================= -typedef -void -(SSCS_CALL *PFNConfiglIf_ReleaseReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -//=======================================================================-- - - -//++======================================================================= -typedef -char* -(SSCS_CALL *PFNConfiglIf_GetEntryValue)( - IN const void *pIfInstance, - IN const char *pKeyName); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pKeyName - -// Pointer to NULL terminated string that contains the -// name of the key whose value is being requested. -// -// Returns: -// Pointer to NULL terminated string with value being requested or NULL. -// -// Description: -// Gets value associated with a key for the configuration object. -//=======================================================================-- - - -// -// Config Interface Object -// -typedef struct _ConfigIf -{ - PFNConfiglIf_AddReference addReference; - PFNConfiglIf_ReleaseReference releaseReference; - PFNConfiglIf_GetEntryValue getEntryValue; - -} ConfigIf, *PConfigIf; - - -#endif // #ifndef _CONFIG_IF_H_ - diff --git a/CASA-auth-token/client/engine.c b/CASA-auth-token/client/engine.c deleted file mode 100644 index 8ecfc68f..00000000 --- a/CASA-auth-token/client/engine.c +++ /dev/null @@ -1,696 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -#define DEFAULT_RETRY_LIFETIME 5 // seconds - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// -// Debug tracing level -// -int DebugLevel = 0; - -// -// Operating parameter -// -bool secureRpcSetting = false; -bool g_bInitialized = FALSE; - -//++======================================================================= -static -CasaStatus -ObtainSessionToken( - IN RpcSession *pRpcSession, - IN AuthPolicy *pAuthPolicy, - INOUT char **ppSessionToken) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - LIST_ENTRY *pListEntry; - AuthCacheEntry *pCacheEntry = NULL; - - DbgTrace(1, "-ObtainSessionToken- Start\n", 0); - - // Initialize output parameter - *ppSessionToken = NULL; - - // Look in our cache for an entry that matches one of the auth - // contexts specified in the AuthPolicy object. - pListEntry = pAuthPolicy->authContextListHead.Flink; - while (pListEntry != &pAuthPolicy->authContextListHead) - { - AuthContext *pAuthContext; - - // Get pointer to AuthContext structure - pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry); - - // Try to find a cache entry for the auth context - pCacheEntry = FindSessionTokenEntryInCache(pAuthContext->pContext); - if (pCacheEntry != NULL) - { - // Cache entry found, check if it is of use to us. - if (CASA_SUCCESS(pCacheEntry->status)) - { - // This entry can be used, stop looking. - retStatus = pCacheEntry->status; - break; - } - else - { - // Free the entry - FreeAuthCacheEntry(pCacheEntry); - } - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // If we did not find a cache entry that we can use, then try to create one. - pListEntry = pAuthPolicy->authContextListHead.Flink; - while (!CASA_SUCCESS(retStatus) - && pListEntry != &pAuthPolicy->authContextListHead) - { - AuthContext *pAuthContext; - char *pAuthMechToken; - - // Get pointer to AuthContext structure - pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry); - - // Only try to create cache entry for the auth context if there is not - // one already. - pCacheEntry = FindSessionTokenEntryInCache(pAuthContext->pContext); - if (pCacheEntry == NULL) - { - char *pReqMsg = NULL; - char *pRespMsg = NULL; - int respLen; - - // Get authentication mechanism token - retStatus = GetAuthMechToken(pAuthContext, &pAuthMechToken); - if (!CASA_SUCCESS(retStatus)) - { - // We were not able to obtain an authentication mechanism token - // for the context. - // - // Advance to the next entry - pListEntry = pListEntry->Flink; - continue; - } - - // Authenticate to the ATS - pReqMsg = BuildAuthenticateMsg(pAuthContext, pAuthMechToken); - if (pReqMsg) - { - // Issue rpc - retStatus = Rpc(pRpcSession, - "Authenticate", - secureRpcSetting, - pReqMsg, - &pRespMsg, - &respLen); - if (CASA_SUCCESS(retStatus)) - { - AuthenticateResp *pAuthenticateResp; - - // Create Authenticate response object - retStatus = CreateAuthenticateResp(pRespMsg, respLen, &pAuthenticateResp); - if (CASA_SUCCESS(retStatus)) - { - // Return the auth token to the caller - pCacheEntry = CreateSessionTokenCacheEntry( - pAuthContext->pContext, - retStatus, - pAuthenticateResp->pToken, - pAuthenticateResp->tokenLifetime); - - pAuthenticateResp->pToken = NULL; // To keep us from freeing the buffer - - // Free the Authenticate response object - RelAuthenticateResp(pAuthenticateResp); - } - } - else - { - DbgTrace(0, "-ObtainSessionToken- Authenticate Rpc failure, error = %08X\n", retStatus); - } - - // Free resources that may be hanging around - if (pRespMsg) - free(pRespMsg); - - free(pReqMsg); - } - else - { - DbgTrace(0, "-ObtainSessionToken- Error building Authenticate msg\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Add the entry to the cache if successful or if the reason that we failed - // was because the server was unavailable. - if (CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE) - { - pCacheEntry = CreateSessionTokenCacheEntry( - pAuthContext->pContext, - retStatus, - NULL, - DEFAULT_RETRY_LIFETIME); - - } - - // Release the cache entry if the resulting status is not successful - if (!CASA_SUCCESS(retStatus)) - { - FreeAuthCacheEntry(pCacheEntry); - } - - // Free up the buffer associated with the authentication mechanism token - free(pAuthMechToken); - } - else - { - // Free the entry - FreeAuthCacheEntry(pCacheEntry); - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Return session token if successful - if (CASA_SUCCESS(retStatus)) - { - // Allocate a buffer for the return token - *ppSessionToken = (char*) malloc(strlen(pCacheEntry->token) + 1); - if (*ppSessionToken) - { - // Copy the token onto the allocated buffer - strcpy(*ppSessionToken, pCacheEntry->token); - } - else - { - DbgTrace(0, "-ObtainSessionToken- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - FreeAuthCacheEntry(pCacheEntry); - } - - DbgTrace(1, "-ObtainSessionToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus -ObtainAuthTokenFromServer( - IN const char *pServiceName, - IN const char *pHostName, - INOUT char **ppAuthToken, - INOUT int *pTokenLifetime) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - RpcSession *pRpcSession; - - DbgTrace(1, "-ObtainAuthTokenFromServer- Start\n", 0); - - // Initialize output parameter - *ppAuthToken = NULL; - - // Open Rpc Session to the auth service at the specified host - pRpcSession = OpenRpcSession(pHostName); - if (pRpcSession) - { - char *pReqMsg = NULL; - char *pRespMsg = NULL; - int respLen; - AuthPolicy *pAuthPolicy = NULL; - GetAuthPolicyResp *pGetAuthPolicyResp = NULL; - GetAuthTokenResp *pGetAuthTokenResp = NULL; - char *pSessionToken = NULL; - - // Request the auth parameters associated with this service - pReqMsg = BuildGetAuthPolicyMsg(pServiceName, pHostName); - if (pReqMsg) - { - // Issue rpc - retStatus = Rpc(pRpcSession, - "GetAuthPolicy", - secureRpcSetting, - pReqMsg, - &pRespMsg, - &respLen); - if (CASA_SUCCESS(retStatus)) - { - // Create GetAuthPolicy response object - retStatus = CreateGetAuthPolicyResp(pRespMsg, respLen, &pGetAuthPolicyResp); - if (CASA_SUCCESS(retStatus)) - { - // Create the AuthPolicy object - retStatus = CreateAuthPolicy(pGetAuthPolicyResp->pPolicy, - pGetAuthPolicyResp->policyLen, - &pAuthPolicy); - if (CASA_SUCCESS(retStatus)) - { - // Now try to obtain a session token - retStatus = ObtainSessionToken(pRpcSession, pAuthPolicy, &pSessionToken); - if (CASA_SUCCESS(retStatus)) - { - // Request auth token for the service - free(pReqMsg); - pReqMsg = BuildGetAuthTokenMsg(pServiceName, pHostName, pSessionToken); - if (pReqMsg) - { - // Free the previous response msg buffer - free(pRespMsg); - pRespMsg = NULL; - - // Issue rpc - retStatus = Rpc(pRpcSession, - "GetAuthToken", - secureRpcSetting, - pReqMsg, - &pRespMsg, - &respLen); - if (CASA_SUCCESS(retStatus)) - { - // Create GetAuthPolicy response object - retStatus = CreateGetAuthTokenResp(pRespMsg, respLen, &pGetAuthTokenResp); - if (CASA_SUCCESS(retStatus)) - { - // Return the auth token to the caller - *ppAuthToken = pGetAuthTokenResp->pToken; - pGetAuthTokenResp->pToken = NULL; // To keep us from freeing the buffer - *pTokenLifetime = pGetAuthTokenResp->tokenLifetime; - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthTokenResp object, error = %08X\n", retStatus); - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- GetAuthToken Rpc failure, error = %08X\n", retStatus); - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Error building GetAuthToken msg\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to obtain session token, error = %08X\n", retStatus); - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create AuthPolicy object, error = %08X\n", retStatus); - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthPolicyResp object, error = %08X\n", retStatus); - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- GetAuthPolicy Rpc failure, error = %08X\n", retStatus); - } - - // Free resources that may be hanging around - if (pReqMsg) - free(pReqMsg); - - if (pRespMsg) - free(pRespMsg); - - if (pSessionToken) - free(pSessionToken); - - if (pGetAuthTokenResp) - RelGetAuthTokenResp(pGetAuthTokenResp); - - if (pGetAuthPolicyResp) - RelGetAuthPolicyResp(pGetAuthPolicyResp); - - if (pAuthPolicy) - RelAuthPolicy(pAuthPolicy); - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Error building GetAuthPolicy msg\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Close the Rpc Session - CloseRpcSession(pRpcSession); - } - else - { - DbgTrace(0, "-ObtainAuthTokenFromServer- Error opening Rpc session\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(1, "-ObtainAuthTokenFromServer- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus SSCS_CALL -ObtainAuthToken( - IN const char *pServiceName, - IN const char *pHostName, - INOUT char *pAuthTokenBuf, - INOUT int *pAuthTokenBufLen) -// -// Arguments: -// pServiceName - -// Pointer to NULL terminated string that contains the -// name of the service to which the client is trying to -// authenticate. -// -// pHostName - -// Pointer to NULL terminated string that contains the -// name of the host where resides the service to which the -// client is trying to authenticate. Note that the name -// can either be a DNS name or a dotted IP address. -// -// pAuthTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pAuthTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// pAuthTokenBufLen - -// Pointer to integer that contains the length of the -// buffer pointed at by pAuthTokenBuf. Upon return of the -// function, the integer will contain the actual length -// of the authentication token if the function successfully -// completes or the buffer length required if the function -// fails because the buffer pointed at by pAuthTokenBuf is -// not large enough. -// -// Returns: -// Casa Status -// -// Description: -// Get authentication token to authenticate user to specified -// service at host. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - AuthCacheEntry *pCacheEntry; - char *pNormalizedHostName; - unsigned char *pToken; - HANDLE hUserMutex = NULL; - - - DbgTrace(1, "-ObtainAuthToken- Start\n", 0); - - // Verify the input parameters - if (pServiceName == NULL - || pHostName == NULL - || pAuthTokenBufLen == NULL - || (*pAuthTokenBufLen != 0 && pAuthTokenBuf == NULL)) - { - DbgTrace(0, "-ObtainAuthToken- Invalid parameter\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Make sure we are initialized - // Obtain our synchronization mutex - AcquireInitializationMutex(); - - // Create user synchronization mutex - retStatus = CreateUserMutex(&hUserMutex); - - if (retStatus != CASA_STATUS_SUCCESS) - { - DbgTrace(0, "-ObtainAuthToken- Error creating mutex for the user\n", 0); - goto exit; - } - - if (g_bInitialized == FALSE) - { - retStatus = InitializeLibrary(); - - if (retStatus == CASA_STATUS_SUCCESS) - { - g_bInitialized = TRUE; - } - else - { - goto exit; - } - } - - // Release our synchronization mutex - ReleaseInitializationMutex(); - - // Normalize the host name - pNormalizedHostName = NormalizeHostName(pHostName); - if (pNormalizedHostName) - { - // Start user process synchronization - AcquireUserMutex(hUserMutex); - - // Try to find a cache entry for the service - pCacheEntry = FindAuthTokenEntryInCache(pServiceName, pNormalizedHostName); - if (pCacheEntry == NULL) - { - // Initialize to retry in case of failure - int cacheEntryLifetime = DEFAULT_RETRY_LIFETIME; - - // Cache entry created, now try to obtain auth token from the CASA Server - retStatus = ObtainAuthTokenFromServer(pServiceName, - pNormalizedHostName, - &pToken, - &cacheEntryLifetime); - - // Add the entry to the cache if successful or if the reason that we failed - // was because the server was un-available. - if (CASA_SUCCESS(retStatus) - || CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE) - { - pCacheEntry = CreateAuthTokenCacheEntry( - pServiceName, - pNormalizedHostName, - retStatus, - pToken, - cacheEntryLifetime); - - if (pCacheEntry) - { - // Release the cache entry if the resulting status is not successful - if (!CASA_SUCCESS(retStatus)) - { - FreeAuthCacheEntry(pCacheEntry); - } - } - } - - } - else - { - // Cache entry found, update the return status with the information saved in it - // and release it if its status is not successful. - if (!CASA_SUCCESS(retStatus = pCacheEntry->status)) - { - FreeAuthCacheEntry(pCacheEntry); - } - } - - - // Try to return auth token if we have one to return - if (CASA_SUCCESS(retStatus)) - { - int tokenLen = (int) strlen(pCacheEntry->token) + 1; - - // We have an authentication token, try to return it to the caller - // after verifying that the supplied buffer is big enough. - if (*pAuthTokenBufLen >= tokenLen) - { - // Return the auth token to the caller - strcpy(pAuthTokenBuf, pCacheEntry->token); - } - else - { - DbgTrace(0, "-ObtainAuthToken- The supplied buffer is not large enough", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - - // Return the token length to the caller - *pAuthTokenBufLen = tokenLen; - - FreeAuthCacheEntry(pCacheEntry); - } - - // Stop user process synchronization - ReleaseUserMutex(hUserMutex); - - // Free the space allocated for the normalized host name - free(pNormalizedHostName); - } - else - { - DbgTrace(0, "-ObtainAuthToken- Host name normalization failed\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - -exit: - - if (hUserMutex != NULL) - { - DestroyUserMutex(hUserMutex); - } - - DbgTrace(1, "-ObtainAuthToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -Initialize(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus; - - DbgTrace(1, "-InitializeLibrary- Start\n", 0); - - retStatus = CreateInitializationMutex(); - - DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -InitializeLibrary(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus = -1; - - DbgTrace(1, "-InitializeLibrary- Start\n", 0); - - // Initialize the host name normalization - retStatus = InitializeHostNameNormalization(); - - - if (CASA_SUCCESS(retStatus)) - { - retStatus = InitializeAuthCache(); - } - - - DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/getpolicymsg.c b/CASA-auth-token/client/getpolicymsg.c deleted file mode 100644 index 5b568cc8..00000000 --- a/CASA-auth-token/client/getpolicymsg.c +++ /dev/null @@ -1,745 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Parse states -// -#define AWAITING_ROOT_ELEMENT_START 0x0 -#define AWAITING_ROOT_ELEMENT_END 0x1 -#define AWAITING_STATUS_ELEMENT_START 0x2 -#define AWAITING_STATUS_ELEMENT_END 0x3 -#define AWAITING_STATUS_DATA 0x4 -#define AWAITING_DESCRIPTION_ELEMENT_START 0x5 -#define AWAITING_DESCRIPTION_ELEMENT_END 0x6 -#define AWAITING_DESCRIPTION_DATA 0x7 -#define AWAITING_AUTH_TOKEN_ELEMENT_START 0x8 -#define AWAITING_AUTH_TOKEN_ELEMENT_END 0x9 -#define AWAITING_AUTH_TOKEN_DATA 0xA -#define AWAITING_AUTH_POLICY_ELEMENT_START 0xB -#define AWAITING_AUTH_POLICY_ELEMENT_END 0xC -#define AWAITING_AUTH_POLICY_DATA 0xD -#define DONE_PARSING 0xE - -// -// Get Authentication Policy Response Parse Structure -// -typedef struct _GetAuthPolicyRespParse -{ - XML_Parser p; - int state; - int elementDataProcessed; - GetAuthPolicyResp *pGetAuthPolicyResp; - CasaStatus status; - -} GetAuthPolicyRespParse, *PGetAuthPolicyRespParse; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -//++======================================================================= -char* -BuildGetAuthPolicyMsg( - IN char *pServiceName, - IN char *pHostName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pMsg = NULL; - int bufferSize; - - DbgTrace(1, "-BuildGetAuthPolicyMsg- Start\n", 0); - - /* - * The format of the get authentication policy request message is as follows: - * - * - * - * service name<\service> - * host name - * - * - */ - - // Determine the buffer size necessary to hold the msg - bufferSize = strlen(XML_DECLARATION) - + 2 // crlf - + 1 // < - + strlen(GET_AUTH_POLICY_REQUEST_ELEMENT_NAME) - + 3 // >crlf - + 1 // < - + strlen(SERVICE_ELEMENT_NAME) - + 1 // > - + strlen(pServiceName) - + 2 // crlf - + 2 // - + strlen(pHostName) - + 2 // crlf - + 2 // null - - // Allocate the msg buffer - pMsg = (char*) malloc(bufferSize); - if (pMsg) - { - // Now build the message - memset(pMsg, 0, bufferSize); - strcat(pMsg, XML_DECLARATION); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, GET_AUTH_POLICY_REQUEST_ELEMENT_NAME); - strcat(pMsg, ">\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, SERVICE_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pServiceName); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, HOST_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pHostName); - strcat(pMsg, "\r\n"); - strcat(pMsg, ""); - } - else - { - DbgTrace(0, "-BuildGetAuthPolicyMsg- Buffer allocation error\n", 0); - } - - DbgTrace(1, "-BuildGetAuthPolicyMsg- End, pMsg = %08X\n", pMsg); - - return pMsg; -} - - -//++======================================================================= -static -void XMLCALL -GetAuthPolicyRespStartElementHandler( - IN GetAuthPolicyRespParse *pGetAuthPolicyRespParse, - IN const XML_Char *name, - IN const XML_Char **atts) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-GetAuthPolicyRespStartElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pGetAuthPolicyRespParse->state) - { - case AWAITING_ROOT_ELEMENT_START: - - // In this state, we are only expecting the Get Authentication - // Policy Response Element. - if (strcmp(name, GET_AUTH_POLICY_RESPONSE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthPolicyRespParse->state = AWAITING_STATUS_ELEMENT_START; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - case AWAITING_STATUS_ELEMENT_START: - - // In this state, we are only expecting the Status Element. - if (strcmp(name, STATUS_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthPolicyRespParse->state = AWAITING_DESCRIPTION_ELEMENT_START; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - case AWAITING_DESCRIPTION_ELEMENT_START: - - // In this state, we are only expecting the Description Element. - if (strcmp(name, DESCRIPTION_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthPolicyRespParse->state = AWAITING_DESCRIPTION_DATA; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_POLICY_ELEMENT_START: - - // In this state, we are only expecting the Authentication Policy Element. - if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthPolicyRespParse->state = AWAITING_AUTH_POLICY_DATA; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-GetAuthPolicyRespStartElementHandler- Un-expected state = %d\n", pGetAuthPolicyRespParse->state); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-GetAuthPolicyRespStartElementHandler- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -ConsumeElementData( - IN GetAuthPolicyRespParse *pGetAuthPolicyRespParse, - IN const XML_Char *s, - IN int len, - INOUT char **ppElementData, - INOUT int *pElementDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(3, "-ConsumeElementData- Start\n", 0); - - // Proceed based on whether or not we have already consumed data - // for this element. - if (*ppElementData == NULL) - { - // We have not yet consumed data for this element - pGetAuthPolicyRespParse->elementDataProcessed = len; - - // Allocate a buffer to hold this element data (null terminated). - *ppElementData = (char*) malloc(len + 1); - if (*ppElementData) - { - memset(*ppElementData, 0, len + 1); - memcpy(*ppElementData, s, len); - - // Return the length of the element data buffer - *pElementDataLen = pGetAuthPolicyRespParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - char *pNewBuf; - - // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pGetAuthPolicyRespParse->elementDataProcessed + len + 1); - if (pNewBuf) - { - memset(pNewBuf, - 0, - pGetAuthPolicyRespParse->elementDataProcessed + len + 1); - memcpy(pNewBuf, - *ppElementData, - pGetAuthPolicyRespParse->elementDataProcessed); - memcpy(pNewBuf + pGetAuthPolicyRespParse->elementDataProcessed, s, len); - pGetAuthPolicyRespParse->elementDataProcessed += len; - - // Swap the buffers - free(*ppElementData); - *ppElementData = pNewBuf; - - // Return the length of the element data buffer - *pElementDataLen = pGetAuthPolicyRespParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -void XMLCALL -GetAuthPolicyRespCharDataHandler( - IN GetAuthPolicyRespParse *pGetAuthPolicyRespParse, - IN const XML_Char *s, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-GetAuthPolicyRespCharDataHandler- Start\n", 0); - - // Just exit if being called to process white space - if (*s == '\n' || *s == '\r' || *s == '\t' || *s == ' ') - { - goto exit; - } - - // Proceed based on the state - switch (pGetAuthPolicyRespParse->state) - { - case AWAITING_DESCRIPTION_DATA: - case AWAITING_DESCRIPTION_ELEMENT_END: - - // Ignore the status description data for now. - // tbd - - // Advanced to the next state - pGetAuthPolicyRespParse->state = AWAITING_DESCRIPTION_ELEMENT_END; - break; - - case AWAITING_STATUS_DATA: - - // Set the appropriate status in the AuthenticationResp based on the - // returned status. - if (strncmp(HTTP_OK_STATUS_CODE, s, len) == 0) - { - pGetAuthPolicyRespParse->status = CASA_STATUS_SUCCESS; - } - else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0) - { - pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_AUTHENTICATION_FAILURE); - } - else if (strncmp(HTTP_NOT_FOUND_STATUS_CODE, s, len) == 0) - { - pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_NOT_CONFIGURED); - } - else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0) - { - pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_SERVER_ERROR); - } - else - { - DbgTrace(0, "-GetAuthPolicyRespCharDataHandler- Un-expected status\n", 0); - pGetAuthPolicyRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Advanced to the next state - pGetAuthPolicyRespParse->state = AWAITING_STATUS_ELEMENT_END; - break; - - case AWAITING_AUTH_POLICY_DATA: - case AWAITING_AUTH_POLICY_ELEMENT_END: - - pGetAuthPolicyRespParse->status = ConsumeElementData(pGetAuthPolicyRespParse, - s, - len, - &pGetAuthPolicyRespParse->pGetAuthPolicyResp->pPolicy, - &pGetAuthPolicyRespParse->pGetAuthPolicyResp->policyLen); - if (CASA_SUCCESS(pGetAuthPolicyRespParse->status)) - { - // Advanced to the next state - pGetAuthPolicyRespParse->state = AWAITING_AUTH_POLICY_ELEMENT_END; - } - else - { - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-GetAuthPolicyRespCharDataHandler- Un-expected state = %d\n", pGetAuthPolicyRespParse->state); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - break; - } - -exit: - - DbgTrace(2, "-GetAuthPolicyRespCharDataHandler- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -GetAuthPolicyRespEndElementHandler( - IN GetAuthPolicyRespParse *pGetAuthPolicyRespParse, - IN const XML_Char *name) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-GetAuthPolicyRespEndElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pGetAuthPolicyRespParse->state) - { - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the Get Authentication - // Policy Response Element. - if (strcmp(name, GET_AUTH_POLICY_RESPONSE_ELEMENT_NAME) == 0) - { - // Done. - pGetAuthPolicyRespParse->state = DONE_PARSING; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespEndHandler- Un-expected end element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - case AWAITING_DESCRIPTION_ELEMENT_END: - - // In this state, we are only expecting the Description Element. - if (strcmp(name, DESCRIPTION_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthPolicyRespParse->state = AWAITING_STATUS_DATA; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - case AWAITING_STATUS_ELEMENT_END: - - // In this state, we are only expecting the Status Element. - if (strcmp(name, STATUS_ELEMENT_NAME) == 0) - { - // Good, advance to the next state based on the status code. - if (CASA_SUCCESS(pGetAuthPolicyRespParse->status)) - { - // The request completed successfully - pGetAuthPolicyRespParse->state = AWAITING_AUTH_POLICY_ELEMENT_START; - } - else - { - pGetAuthPolicyRespParse->state = AWAITING_ROOT_ELEMENT_END; - } - } - else - { - DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_POLICY_ELEMENT_END: - - // In this state, we are only expecting the Authentication Policy Element. - if (strcmp(name, AUTH_POLICY_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthPolicyRespParse->state = AWAITING_ROOT_ELEMENT_END; - } - else - { - DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-GetAuthPolicyRespEndElementHandler- Un-expected state = %d\n", pGetAuthPolicyRespParse->state); - XML_StopParser(pGetAuthPolicyRespParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-GetAuthPolicyRespEndElementHandler- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CreateGetAuthPolicyResp( - IN char *pRespMsg, - IN int respLen, - INOUT GetAuthPolicyResp **ppGetAuthPolicyResp) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - GetAuthPolicyRespParse getAuthPolicyRespParse = {0}; - GetAuthPolicyResp *pGetAuthPolicyResp; - - DbgTrace(1, "-CreateGetAuthPolicyResp- Start\n", 0); - - /* - * When a get authentication policy request is processed successfully, the - * server replies to the client with a message with the following format: - * - * - * - * ok200 - * authentication policy data - * - * - * When a get authentication policy request fails to be successfully processed, - * the server responds with an error and an error description string. The message - * format of an unsuccessful reply is as follows: - * - * - * - * status descriptionstatus code - * - * - * Plase note that the protocol utilizes the status codes defined - * in the HTTP 1.1 Specification. - * - */ - - // Allocate GetAuthPolicyResp object - pGetAuthPolicyResp = malloc(sizeof(*pGetAuthPolicyResp)); - if (pGetAuthPolicyResp) - { - XML_Parser p; - - // Initialize the GetAuthPolicyResp object and set it in the - // parse oject. - memset(pGetAuthPolicyResp, 0, sizeof(*pGetAuthPolicyResp)); - getAuthPolicyRespParse.pGetAuthPolicyResp = pGetAuthPolicyResp; - - // Create parser - p = XML_ParserCreate(NULL); - if (p) - { - // Keep track of the parser in our parse object - getAuthPolicyRespParse.p = p; - - // Initialize the status within the parse object - getAuthPolicyRespParse.status = CASA_STATUS_SUCCESS; - - // Set the start and end element handlers - XML_SetElementHandler(p, - GetAuthPolicyRespStartElementHandler, - GetAuthPolicyRespEndElementHandler); - - // Set the character data handler - XML_SetCharacterDataHandler(p, GetAuthPolicyRespCharDataHandler); - - - // Set our user data - XML_SetUserData(p, &getAuthPolicyRespParse); - - // Parse the document - if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK) - { - // Verify that the parse operation completed successfully - if (getAuthPolicyRespParse.state == DONE_PARSING) - { - // The parse operation succeded, obtain the status returned - // by the server. - retStatus = getAuthPolicyRespParse.status; - } - else - { - DbgTrace(0, "-CreateGetAuthPolicyResp- Parse operation did not complete\n", 0); - - // Check if a status has been recorded - if (getAuthPolicyRespParse.status != CASA_STATUS_SUCCESS) - { - retStatus = getAuthPolicyRespParse.status; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - } - } - else - { - DbgTrace(0, "-CreateGetAuthPolicyResp- Parse error %d\n", XML_GetErrorCode(p)); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - - // Free the parser - XML_ParserFree(p); - } - else - { - DbgTrace(0, "-CreateGetAuthPolicyResp- Parser creation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Return the AuthenticationResp object to the caller if necessary - if (CASA_SUCCESS(retStatus)) - { - *ppGetAuthPolicyResp = pGetAuthPolicyResp; - } - else - { - free(pGetAuthPolicyResp); - } - } - else - { - DbgTrace(0, "-CreateGetAuthPolicyResp- Memory allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(1, "-CreateGetAuthPolicyResp- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -RelGetAuthPolicyResp( - IN GetAuthPolicyResp *pGetAuthPolicyResp) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-RelGetAuthPolicyResp- Start\n", 0); - - // Free the buffer holding the authentication policy - if (pGetAuthPolicyResp->pPolicy) - free(pGetAuthPolicyResp->pPolicy); - - // Free the GetAuthPolicyResp - free(pGetAuthPolicyResp); - - DbgTrace(1, "-RelGetAuthPolicyResp- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/gettokenmsg.c b/CASA-auth-token/client/gettokenmsg.c deleted file mode 100644 index e25a7218..00000000 --- a/CASA-auth-token/client/gettokenmsg.c +++ /dev/null @@ -1,793 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Parse states -// -#define AWAITING_ROOT_ELEMENT_START 0x0 -#define AWAITING_ROOT_ELEMENT_END 0x1 -#define AWAITING_STATUS_ELEMENT_START 0x2 -#define AWAITING_STATUS_ELEMENT_END 0x3 -#define AWAITING_STATUS_DATA 0x4 -#define AWAITING_DESCRIPTION_ELEMENT_START 0x5 -#define AWAITING_DESCRIPTION_ELEMENT_END 0x6 -#define AWAITING_DESCRIPTION_DATA 0x7 -#define AWAITING_LIFETIME_DATA 0x8 -#define AWAITING_LIFETIME_ELEMENT_START 0x9 -#define AWAITING_LIFETIME_ELEMENT_END 0xA -#define AWAITING_AUTH_TOKEN_ELEMENT_START 0xB -#define AWAITING_AUTH_TOKEN_ELEMENT_END 0xC -#define AWAITING_AUTH_TOKEN_DATA 0xD -#define DONE_PARSING 0xE - -// -// Get Authentication Token Response Parse Structure -// -typedef struct _GetAuthTokenRespParse -{ - XML_Parser p; - int state; - int elementDataProcessed; - GetAuthTokenResp *pGetAuthTokenResp; - CasaStatus status; - -} GetAuthTokenRespParse, *PGetAuthTokenRespParse; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//++======================================================================= -char* -BuildGetAuthTokenMsg( - IN char *pServiceName, - IN char *pHostName, - IN char *pSessionToken) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pMsg = NULL; - int bufferSize; - - DbgTrace(1, "-BuildGetAuthTokenMsg- Start\n", 0); - - /* - * The format of the get authentication token request message - * is as follows: - * - * - * - * service name - * host name - * session token data - * - * - */ - - // Determine the buffer size necessary to hold the msg - bufferSize = strlen(XML_DECLARATION) - + 2 // crlf - + 1 // < - + strlen(GET_AUTH_TOKEN_REQUEST_ELEMENT_NAME) - + 3 // >crlf - + 1 // < - + strlen(SERVICE_ELEMENT_NAME) - + 1 // > - + strlen(pServiceName) - + 2 // crlf - + 1 // < - + strlen(HOST_ELEMENT_NAME) - + 1 // > - + strlen(pHostName) - + 2 // crlf - + 1 // < - + strlen(SESSION_TOKEN_ELEMENT_NAME) - + 1 // > - + strlen(pSessionToken) - + 2 // crlf - + 2 // null - - // Allocate the msg buffer - pMsg = (char*) malloc(bufferSize); - if (pMsg) - { - // Now build the message - memset(pMsg, 0, bufferSize); - strcat(pMsg, XML_DECLARATION); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, GET_AUTH_TOKEN_REQUEST_ELEMENT_NAME); - strcat(pMsg, ">\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, SERVICE_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pServiceName); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, HOST_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pHostName); - strcat(pMsg, "\r\n"); - strcat(pMsg, "<"); - strcat(pMsg, SESSION_TOKEN_ELEMENT_NAME); - strcat(pMsg, ">"); - strcat(pMsg, pSessionToken); - strcat(pMsg, "\r\n"); - strcat(pMsg, ""); - } - else - { - DbgTrace(0, "-BuildGetAuthTokenMsg- Buffer allocation error\n", 0); - } - - DbgTrace(1, "-BuildGetAuthTokenMsg- End, pMsg = %08X\n", pMsg); - - return pMsg; -} - - -//++======================================================================= -static -void XMLCALL -GetAuthTokenRespStartElementHandler( - IN GetAuthTokenRespParse *pGetAuthTokenRespParse, - IN const XML_Char *name, - IN const XML_Char **atts) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-GetAuthTokenRespStartElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pGetAuthTokenRespParse->state) - { - case AWAITING_ROOT_ELEMENT_START: - - // In this state, we are only expecting the Get Authentication - // Token Response Element. - if (strcmp(name, GET_AUTH_TOKEN_RESPONSE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_STATUS_ELEMENT_START; - } - else - { - DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_STATUS_ELEMENT_START: - - // In this state, we are only expecting the Status Element. - if (strcmp(name, STATUS_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_DESCRIPTION_ELEMENT_START; - } - else - { - DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_DESCRIPTION_ELEMENT_START: - - // In this state, we are only expecting the Description Element. - if (strcmp(name, DESCRIPTION_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_DESCRIPTION_DATA; - } - else - { - DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_TOKEN_ELEMENT_START: - - // In this state, we are only expecting the Authentication Token Element. - if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_LIFETIME_ELEMENT_START; - } - else - { - DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_ELEMENT_START: - - // In this state, we are only expecting the Lifetime Element. - if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_LIFETIME_DATA; - } - else - { - DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-GetAuthTokenRespStartElementHandler- Un-expected state = %d\n", pGetAuthTokenRespParse->state); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-GetAuthTokenRespStartElementHandler- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -ConsumeElementData( - IN GetAuthTokenRespParse *pGetAuthTokenRespParse, - IN const XML_Char *s, - IN int len, - INOUT char **ppElementData, - INOUT int *pElementDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(3, "-ConsumeElementData- Start\n", 0); - - // Proceed based on whether or not we have already consumed data - // for this element. - if (*ppElementData == NULL) - { - // We have not yet consumed data for this element - pGetAuthTokenRespParse->elementDataProcessed = len; - - // Allocate a buffer to hold this element data (null terminated). - *ppElementData = (char*) malloc(len + 1); - if (*ppElementData) - { - memset(*ppElementData, 0, len + 1); - memcpy(*ppElementData, s, len); - - // Return the length of the element data buffer - *pElementDataLen = pGetAuthTokenRespParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - char *pNewBuf; - - // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pGetAuthTokenRespParse->elementDataProcessed + len + 1); - if (pNewBuf) - { - memset(pNewBuf, - 0, - pGetAuthTokenRespParse->elementDataProcessed + len + 1); - memcpy(pNewBuf, - *ppElementData, - pGetAuthTokenRespParse->elementDataProcessed); - memcpy(pNewBuf + pGetAuthTokenRespParse->elementDataProcessed, s, len); - pGetAuthTokenRespParse->elementDataProcessed += len; - - // Swap the buffers - free(*ppElementData); - *ppElementData = pNewBuf; - - // Return the length of the element data buffer - *pElementDataLen = pGetAuthTokenRespParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -void XMLCALL -GetAuthTokenRespCharDataHandler( - IN GetAuthTokenRespParse *pGetAuthTokenRespParse, - IN const XML_Char *s, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-GetAuthTokenRespCharDataHandler- Start\n", 0); - - // Just exit if being called to process white space - if (*s == '\n' || *s == '\r' || *s == '\t' || *s == ' ') - { - goto exit; - } - - // Proceed based on the state - switch (pGetAuthTokenRespParse->state) - { - case AWAITING_DESCRIPTION_DATA: - case AWAITING_DESCRIPTION_ELEMENT_END: - - // Ignore the status description data for now. - // tbd - - // Advanced to the next state - pGetAuthTokenRespParse->state = AWAITING_DESCRIPTION_ELEMENT_END; - break; - - case AWAITING_STATUS_DATA: - - // Set the appropriate status in the AuthenticationResp based on the - // returned status. - if (strncmp(HTTP_OK_STATUS_CODE, s, len) == 0) - { - pGetAuthTokenRespParse->status = CASA_STATUS_SUCCESS; - } - else if (strncmp(HTTP_UNAUTHORIZED_STATUS_CODE, s, len) == 0) - { - pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_AUTHENTICATION_FAILURE); - } - else if (strncmp(HTTP_SERVER_ERROR_STATUS_CODE, s, len) == 0) - { - pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_SERVER_ERROR); - } - else - { - DbgTrace(0, "-GetAuthTokenRespCharDataHandler- Un-expected status\n", 0); - pGetAuthTokenRespParse->status = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Advanced to the next state - pGetAuthTokenRespParse->state = AWAITING_STATUS_ELEMENT_END; - break; - - case AWAITING_LIFETIME_DATA: - - // Convert the lifetime string to a numeric value - pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLifetime = dtoul(s, len); - - // Advanced to the next state - pGetAuthTokenRespParse->state = AWAITING_LIFETIME_ELEMENT_END; - break; - - case AWAITING_AUTH_TOKEN_DATA: - case AWAITING_AUTH_TOKEN_ELEMENT_END: - - // Consume the data - pGetAuthTokenRespParse->status = ConsumeElementData(pGetAuthTokenRespParse, - s, - len, - &pGetAuthTokenRespParse->pGetAuthTokenResp->pToken, - &pGetAuthTokenRespParse->pGetAuthTokenResp->tokenLen); - if (CASA_SUCCESS(pGetAuthTokenRespParse->status)) - { - // Advanced to the next state - pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_ELEMENT_END; - } - else - { - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-GetAuthTokenRespCharDataHandler- Un-expected state = %d\n", pGetAuthTokenRespParse->state); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - break; - } - -exit: - - DbgTrace(2, "-GetAuthTokenRespCharDataHandler- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -GetAuthTokenRespEndElementHandler( - IN GetAuthTokenRespParse *pGetAuthTokenRespParse, - IN const XML_Char *name) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-GetAuthTokenRespEndElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pGetAuthTokenRespParse->state) - { - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the Get Authentication - // Token Response Element. - if (strcmp(name, GET_AUTH_TOKEN_RESPONSE_ELEMENT_NAME) == 0) - { - // Done. - pGetAuthTokenRespParse->state = DONE_PARSING; - } - else - { - DbgTrace(0, "-GetAuthTokenRespEndHandler- Un-expected end element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_DESCRIPTION_ELEMENT_END: - - // In this state, we are only expecting the Description Element. - if (strcmp(name, DESCRIPTION_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_STATUS_DATA; - } - else - { - DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_STATUS_ELEMENT_END: - - // In this state, we are only expecting the Status Element. - if (strcmp(name, STATUS_ELEMENT_NAME) == 0) - { - // Good, advance to the next state based on the status code. - if (CASA_SUCCESS(pGetAuthTokenRespParse->status)) - { - // The request completed successfully - pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_ELEMENT_START; - } - else - { - pGetAuthTokenRespParse->state = AWAITING_ROOT_ELEMENT_END; - } - } - else - { - DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_ELEMENT_END: - - // In this state, we are only expecting the Lifetime Element. - if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_AUTH_TOKEN_DATA; - } - else - { - DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - case AWAITING_AUTH_TOKEN_ELEMENT_END: - - // In this state, we are only expecting the Authentication Token Element. - if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pGetAuthTokenRespParse->state = AWAITING_ROOT_ELEMENT_END; - } - else - { - DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected start element\n", 0); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-GetAuthTokenRespEndElementHandler- Un-expected state = %d\n", pGetAuthTokenRespParse->state); - XML_StopParser(pGetAuthTokenRespParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-GetAuthTokenRespEndElementHandler- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CreateGetAuthTokenResp( - IN char *pRespMsg, - IN int respLen, - INOUT GetAuthTokenResp **ppGetAuthTokenResp) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - GetAuthTokenRespParse getAuthTokenRespParse = {0}; - GetAuthTokenResp *pGetAuthTokenResp; - - DbgTrace(1, "-CreateGetAuthTokenResp- Start\n", 0); - - /* - * When a get authentication token request is processed successfully, the - * server replies to the client with a message with the following format: - * - * - * - * ok200 - * lifetime valuesession token data - * - * - * When a get authentication token request fails to be successfully processed, - * the server responds with an error and an error description string. The message - * format of an unsuccessful reply is as follows: - * - * - * - * status descriptionstatus code - * - * - * Plase note that the protocol utilizes the status codes defined - * in the HTTP 1.1 Specification. - * - */ - - // Allocate GetAuthTokenResp object - pGetAuthTokenResp = malloc(sizeof(*pGetAuthTokenResp)); - if (pGetAuthTokenResp) - { - XML_Parser p; - - // Initialize the GetAuthTokenResp object and set it in the - // parse oject. - memset(pGetAuthTokenResp, 0, sizeof(*pGetAuthTokenResp)); - getAuthTokenRespParse.pGetAuthTokenResp = pGetAuthTokenResp; - - // Create parser - p = XML_ParserCreate(NULL); - if (p) - { - // Keep track of the parser in our parse object - getAuthTokenRespParse.p = p; - - // Initialize the status within the parse object - getAuthTokenRespParse.status = CASA_STATUS_SUCCESS; - - // Set the start and end element handlers - XML_SetElementHandler(p, - GetAuthTokenRespStartElementHandler, - GetAuthTokenRespEndElementHandler); - - // Set the character data handler - XML_SetCharacterDataHandler(p, GetAuthTokenRespCharDataHandler); - - - // Set our user data - XML_SetUserData(p, &getAuthTokenRespParse); - - // Parse the document - if (XML_Parse(p, pRespMsg, respLen, 1) == XML_STATUS_OK) - { - // Verify that the parse operation completed successfully - if (getAuthTokenRespParse.state == DONE_PARSING) - { - // The parse operation succeded, obtain the status returned - // by the server. - retStatus = getAuthTokenRespParse.status; - } - else - { - DbgTrace(0, "-CreateGetAuthTokenResp- Parse operation did not complete\n", 0); - - // Check if a status has been recorded - if (getAuthTokenRespParse.status != CASA_STATUS_SUCCESS) - { - retStatus = getAuthTokenRespParse.status; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - } - } - else - { - DbgTrace(0, "-CreateGetAuthTokenResp- Parse error %d\n", XML_GetErrorCode(p)); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - - // Free the parser - XML_ParserFree(p); - } - else - { - DbgTrace(0, "-CreateGetAuthTokenResp- Parser creation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Return the AuthenticationResp object to the caller if necessary - if (CASA_SUCCESS(retStatus)) - { - *ppGetAuthTokenResp = pGetAuthTokenResp; - } - else - { - free(pGetAuthTokenResp); - } - } - else - { - DbgTrace(0, "-CreateGetAuthTokenResp- Memory allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - DbgTrace(1, "-CreateGetAuthTokenResp- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -RelGetAuthTokenResp( - IN GetAuthTokenResp *pGetAuthTokenResp) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-RelGetAuthTokenResp- Start\n", 0); - - // Free the resources associated with the object - if (pGetAuthTokenResp->pToken) - free(pGetAuthTokenResp->pToken); - - free(pGetAuthTokenResp); - - DbgTrace(1, "-RelGetAuthTokenResp- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/internal.h b/CASA-auth-token/client/internal.h deleted file mode 100644 index c4588c96..00000000 --- a/CASA-auth-token/client/internal.h +++ /dev/null @@ -1,395 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _INTERNAL_H_ -#define _INTERNAL_H_ - -//===[ Include files ]===================================================== - -#include "platform.h" -#include -#include -#include -#include -#include "list_entry.h" -#include "config_if.h" -#include "mech_if.h" -#include "proto.h" - -//===[ Type definitions ]================================================== - -// -// Authentication Context structure -// -typedef struct _AuthContext -{ - LIST_ENTRY listEntry; - char *pContext; - int contextLen; - char *pMechanism; - int mechanismLen; - char *pMechInfo; - int mechInfoLen; - -} AuthContext, *PAuthContext; - -// -// Authentication Policy structure -// -typedef struct _AuthPolicy -{ - LIST_ENTRY authContextListHead; - -} AuthPolicy, *PAuthPolicy; - -// -// Get Authentication Policy Response structure -// -typedef struct _GetAuthPolicyResp -{ - char *pPolicy; - int policyLen; - -} GetAuthPolicyResp, *PGetAuthPolicyResp; - -// -// Get Authentication Token Response structure -// -typedef struct _GetAuthTokenResp -{ - char *pToken; - int tokenLen; - int tokenLifetime; - -} GetAuthTokenResp, *PGetAuthTokenResp; - -// -// Authenticate Response structure -// -typedef struct _AuthenticateResp -{ - char *pToken; - int tokenLen; - int tokenLifetime; - -} AuthenticateResp, *PAuthenticateResp; - - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//===[ Global externals ]================================================== - -extern int DebugLevel; - -extern char mechConfigFolder[]; - -extern char pathCharString[]; - - - -//===[ External prototypes ]=============================================== - -// -// Functions exported by engine.c -// - -extern -int -Initialize(void); - -extern -int -InitializeLibrary(void); - -// -// Functions exported by authmech.c -// - -extern -CasaStatus -GetAuthMechToken( - IN AuthContext *pAuthContext, - INOUT char **ppAuthMechToken); - -// -// Functions exported by getpolicymsg.c -// - -extern -char* -BuildGetAuthPolicyMsg( - IN char *pServiceName, - IN char *pHostName); - -extern -CasaStatus -CreateGetAuthPolicyResp( - IN char *pRespMsg, - IN int respLen, - INOUT GetAuthPolicyResp **ppGetAuthPolicyResp); - -extern -void -RelGetAuthPolicyResp( - IN GetAuthPolicyResp *pGetAuthPolicyResp); - -// -// Functions exported by authpolicy.c -// - -extern -CasaStatus -CreateAuthPolicy( - IN char *pEncodedData, - IN int encodedDataLen, - INOUT AuthPolicy **ppAuthPolicy); - -extern -void -RelAuthPolicy( - IN AuthPolicy *pAuthPolicy); - -// -// Functions exported by authmsg.c -// - -extern -char* -BuildAuthenticateMsg( - IN AuthContext *pAuthContext, - IN char *pAuthMechToken); - -extern -CasaStatus -CreateAuthenticateResp( - IN char *pRespMsg, - IN int respLen, - INOUT AuthenticateResp **ppAuthenticateResp); - -extern -void -RelAuthenticateResp( - IN AuthenticateResp *pAuthenticateResp); - -// -// Functions exported by gettokenmsg.c -// - -extern -char* -BuildGetAuthTokenMsg( - IN char *pServiceName, - IN char *pHostName, - IN char *pSessionToken); - -extern -CasaStatus -CreateGetAuthTokenResp( - IN char *pRespMsg, - IN int respLen, - INOUT GetAuthTokenResp **ppGetAuthTokenResp); - -extern -void -RelGetAuthTokenResp( - IN GetAuthTokenResp *pGetAuthTokenResp); - -// -// Functions exported by cache.c -// - -extern -AuthCacheEntry* -CreateSessionTokenCacheEntry( - IN const char *pCacheKey, - IN CasaStatus status, - IN unsigned char *pToken, - IN int entryLifetime - ); - -extern -AuthCacheEntry* -CreateAuthTokenCacheEntry( - IN const char *pCacheKey, - IN const char *pHostName, - IN CasaStatus status, - IN unsigned char *pToken, - IN int entryLifetime - ); - -extern -void -FreeAuthCacheEntry( - IN AuthCacheEntry *pEntry); - -extern -AuthCacheEntry* -FindSessionTokenEntryInCache( - IN const char *pCacheKey); - -extern -AuthCacheEntry* -FindAuthTokenEntryInCache( - IN const char *pCacheKey, - IN const char *pGroupOrHostName); - -extern -CasaStatus -InitializeAuthCache(void); - -// -// Functions exported by config.c -// - -extern -CasaStatus -GetConfigInterface( - IN const char *pConfigFolder, - IN const char *pConfigName, - INOUT ConfigIf **ppConfigIf); - -// -// Functions exported by platform.c -// - -extern -CasaStatus -CreateUserMutex( - HANDLE *phMutex - ); - -extern -void -AcquireUserMutex( - HANDLE hMutex - ); - -extern -void -ReleaseUserMutex( - HANDLE hMutex - ); - -extern -void -DestroyUserMutex( - HANDLE hMutex - ); - -extern -CasaStatus -CreateInitializationMutex(void); - -extern -void -AcquireInitializationMutex(void); - -extern -void -ReleaseInitializationMutex(void); - -extern -LIB_HANDLE -OpenLibrary( - IN char *pFileName); - -extern -void -CloseLibrary( - IN LIB_HANDLE libHandle); - -extern -void* -GetFunctionPtr( - IN LIB_HANDLE libHandle, - IN char *pFunctionName); - -extern -char* -NormalizeHostName( - IN const char *pHostName); - -extern -CasaStatus -InitializeHostNameNormalization(void); - -// -// Functions exported by rpc.c -// - -extern -RpcSession* -OpenRpcSession( - IN char *pHostName); - -extern -void -CloseRpcSession( - IN RpcSession *pSession); - -extern -CasaStatus -Rpc( - IN RpcSession *pSession, - IN char *pMethod, - IN bool secure, - IN char *pRequestData, - INOUT char **ppResponseData, - INOUT int *pResponseDataLen); - -// -// Defined in utils.c -// - -extern -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); - -extern -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen); - -extern -int -dtoul( - IN const char *cp, - IN const int len); - - -//========================================================================= - -#endif // _INTERNAL_H_ - diff --git a/CASA-auth-token/client/mech_if.h b/CASA-auth-token/client/mech_if.h deleted file mode 100644 index 285d70a8..00000000 --- a/CASA-auth-token/client/mech_if.h +++ /dev/null @@ -1,177 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -#ifndef _MECH_IF_H_ -#define _MECH_IF_H_ - - -//===[ Include files ]===================================================== - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -/************************************************************************** -*************************************************************************** -** ** -** Authentication Mechanism Token Interface Definitions ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -typedef -int -(SSCS_CALL *PFNAuthTokenIf_AddReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -//=======================================================================-- - - -//++======================================================================= -typedef -void -(SSCS_CALL *PFNAuthTokenIf_ReleaseReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNAuthTokenIf_GetAuthToken)( - IN const void *pIfInstance, - IN const char *pContext, - IN const char *pMechInfo, - INOUT char *pTokenBuf, - INOUT int *pTokenBufLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pServiceConfigIf - -// Pointer to service config object to which the client is trying to -// authenticate. -// -// pContext - -// Pointer to null terminated string containing mechanism specific -// context information. Another name for context is Authentication -// Realm. -// -// pMechInfo - -// Pointer to null terminated string containing mechanism specific -// information. This is information is provided by the server to -// aid the mechanism to generate an authentication token. For -// example, the mechanism information for a Kerberos mechanism -// may be the service principal name to which the user will be -// authenticating. -// -// pTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// pTokenBufLen - -// Pointer to integer that contains the length of the -// buffer pointed at by pTokenBuf. Upon return of the -// function, the integer will contain the actual length -// of the authentication token if the function successfully -// completes or the buffer length required if the function -// fails because the buffer pointed at by pUserNameBuf is -// not large enough. -// -// Returns: -// Casa Status -// -// Description: -// Get authentication token to authenticate user to specified service. -//=======================================================================-- - - -// -// AuthMechToken Interface Object -// -typedef struct _AuthTokenIf -{ - PFNAuthTokenIf_AddReference addReference; - PFNAuthTokenIf_ReleaseReference releaseReference; - PFNAuthTokenIf_GetAuthToken getAuthToken; - -} AuthTokenIf, *PAuthTokenIf; - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFN_GetAuthTokenIfRtn)( - IN const ConfigIf *pModuleConfigIf, - INOUT AuthTokenIf **ppAuthTokenIf); -// -// Arguments: -// pModuleConfigIf - -// Pointer to configuration interface instance for the module. -// -// ppAuthTokenIf - -// Pointer to variable that will receive pointer to AuthTokenIf -// instance. -// -// Returns: -// Casa Status -// -// Description: -// Gets authentication token interface instance. -//=======================================================================-- - -#define GET_AUTH_TOKEN_INTERFACE_RTN_SYMBOL "GetAuthTokenInterface" -#define GET_AUTH_TOKEN_INTERFACE_RTN GetAuthTokenInterface - - -#endif // #ifndef _MECH_IF_H_ - diff --git a/CASA-auth-token/client/mechanisms/krb5/Krb5Authenticate.conf b/CASA-auth-token/client/mechanisms/krb5/Krb5Authenticate.conf deleted file mode 100644 index df843e9f..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/Krb5Authenticate.conf +++ /dev/null @@ -1,12 +0,0 @@ -####################################################### -# # -# CASA Authentication Token System configuration file # -# for module: # -# # -# Krb5Authenticate # -# # -####################################################### - -LibraryName \Program Files\novell\casa\lib\krb5mech.dll - - diff --git a/CASA-auth-token/client/mechanisms/krb5/README b/CASA-auth-token/client/mechanisms/krb5/README deleted file mode 100644 index 6b5f03b1..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/README +++ /dev/null @@ -1,30 +0,0 @@ -/*********************************************************************** - * - * README for krb5mech - * - ***********************************************************************/ - -INTRODUCTION - -krb5mech is a client authentication mechanism for the support of Kerberos 5 -authentication. The mechanism leverages the services of the native Kerberos 5 -client to obtain Kerberos Tokens that can be used for authenticating an entity -to a Kerberos service. - - -SECURITY CONSIDERATIONS - -The tokens that krb5mech generates are only utilized to authenticate the client -entity to the Kerberos service, because of this, auth_token relies on SSL for -server authentication. auth_token does not leverage the capabilities of GSSAPI -for data privacy and data integrity purposes. - - - - - - - - - - diff --git a/CASA-auth-token/client/mechanisms/krb5/TODO b/CASA-auth-token/client/mechanisms/krb5/TODO deleted file mode 100644 index c7b55ce1..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/TODO +++ /dev/null @@ -1,14 +0,0 @@ -/*********************************************************************** - * - * TODO for krb5mech - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for krb5mech. - -OUTSTANDING ITEMS - -- Implementation of Linux specific code. - diff --git a/CASA-auth-token/client/mechanisms/krb5/interface.c b/CASA-auth-token/client/mechanisms/krb5/interface.c deleted file mode 100644 index 2fbdf3f4..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/interface.c +++ /dev/null @@ -1,207 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Authentication Token Interface instance data -// -typedef struct _AuthTokenIfInstance -{ - int refCount; - AuthTokenIf authTokenIf; - -} AuthTokenIfInstance, *PAuthTokenIfInstance; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// AuthTokenIf variables -static -int g_numAuthTokenIfObjs = 0; - - -//++======================================================================= -static -int SSCS_CALL -AuthTokenIf_AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - AuthTokenIfInstance *pAuthTokenIfInstance = CONTAINING_RECORD(pIfInstance, AuthTokenIfInstance, authTokenIf); - - DbgTrace(2, "-AuthTokenIf_AddReference- Start\n", 0); - - // Increment the reference count on the object - pAuthTokenIfInstance->refCount ++; - refCount = pAuthTokenIfInstance->refCount; - - DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -static -void SSCS_CALL -AuthTokenIf_ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - AuthTokenIfInstance *pAuthTokenIfInstance = CONTAINING_RECORD(pIfInstance, AuthTokenIfInstance, authTokenIf); - - DbgTrace(2, "-AuthTokenIf_ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - pAuthTokenIfInstance->refCount --; - if (pAuthTokenIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numAuthTokenIfObjs --; - } - - // Free object if necessary - if (freeObj) - free(pAuthTokenIfInstance); - - DbgTrace(2, "-AuthTokenIf_ReleaseReference- End\n", 0); -} - - -//++======================================================================= -CasaStatus SSCS_CALL -GET_AUTH_TOKEN_INTERFACE_RTN( - IN const ConfigIf *pModuleConfigIf, - INOUT AuthTokenIf **ppAuthTokenIf) -// -// Arguments: -// pModuleConfigIf - -// Pointer to configuration interface instance for the module. -// -// ppAuthTokenIf - -// Pointer to variable that will receive pointer to AuthTokenIf -// instance. -// -// Returns: -// Casa Status -// -// Description: -// Gets authentication token interface instance. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - AuthTokenIfInstance *pAuthTokenIfInstance; - - - DbgTrace(1, "-GetAuthTokenInterface- Start\n", 0); - - // Validate input parameters - if (pModuleConfigIf == NULL - || ppAuthTokenIf == NULL) - { - DbgTrace(0, "-GetAuthTokenInterface- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Allocate space for the interface instance - pAuthTokenIfInstance = malloc(sizeof(*pAuthTokenIfInstance)); - if (pAuthTokenIfInstance) - { - // Initialize the interface instance data - pAuthTokenIfInstance->refCount = 1; - pAuthTokenIfInstance->authTokenIf.addReference = AuthTokenIf_AddReference; - pAuthTokenIfInstance->authTokenIf.releaseReference = AuthTokenIf_ReleaseReference; - pAuthTokenIfInstance->authTokenIf.getAuthToken = AuthTokenIf_GetAuthToken; - - // Keep track of this object - g_numAuthTokenIfObjs ++; - - // Return the interface to the caller - *ppAuthTokenIf = &pAuthTokenIfInstance->authTokenIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-GetAuthTokenInterface- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - -exit: - - DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/mechanisms/krb5/internal.h b/CASA-auth-token/client/mechanisms/krb5/internal.h deleted file mode 100644 index dad21ef1..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/internal.h +++ /dev/null @@ -1,90 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _INTERNAL_H_ -#define _INTERNAL_H_ - -//===[ Include files ]===================================================== - -#include "platform.h" -#include -#include -#include "config_if.h" -#include "mech_if.h" - -//===[ Type definitions ]================================================== - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//===[ Global externals ]================================================== - -extern int DebugLevel; - -//===[ External prototypes ]=============================================== - -// -// Defined in get.c -// - -extern -CasaStatus SSCS_CALL -AuthTokenIf_GetAuthToken( - IN const void *pIfInstance, - IN const char *pContext, - IN const char *pMechInfo, - INOUT char *pTokenBuf, - INOUT int *pTokenBufLen); - -extern -int -InitializeLibrary(void); - -// -// Defined in utils.c -// - -extern -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); - -extern -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen); - - -//========================================================================= - -#endif // _INTERNAL_H_ diff --git a/CASA-auth-token/client/mechanisms/krb5/krb5.vcproj b/CASA-auth-token/client/mechanisms/krb5/krb5.vcproj deleted file mode 100644 index 082bf892..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/krb5.vcproj +++ /dev/null @@ -1,182 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/CASA-auth-token/client/mechanisms/krb5/util.c b/CASA-auth-token/client/mechanisms/krb5/util.c deleted file mode 100644 index 90454c7a..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/util.c +++ /dev/null @@ -1,282 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Debug Level -int DebugLevel = 0; - -// Tables for Base64 encoding and decoding -static const int8_t g_Base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static const uint8_t g_Expand64[256] = -{ - /* ASCII table */ - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, - 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, - 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64 -}; - - -//++======================================================================= -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int encodedSize; - - char *pTmp; - - DbgTrace(3, "-EncodeData- Start\n", 0); - - // Determine the encoded size and allocate a buffer to hold the encoded data - encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4; - pTmp = (char*) malloc(encodedSize); - *ppEncodedData = pTmp; - if (*ppEncodedData) - { - uint8_t *pOut, *pIn; - int i; - - // Setup pointers to move through the buffers - pIn = (uint8_t*) pData; - pOut = (uint8_t*) *ppEncodedData; - - // Perform the encoding - for (i = 0; i < dataLen - 2; i += 3) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) | - ((int32_t)(pIn[i + 2] & 0xC0) >> 6)]; - *pOut++ = g_Base64[pIn[i + 2] & 0x3F]; - } - if (i < dataLen) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - if (i == (dataLen - 1)) - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4)]; - *pOut++ = '='; - } - else - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)]; - } - *pOut++ = '='; - } - *pOut++ = '\0'; - - // Return the encoded data length - *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int i, j; - int decodedSize; - - DbgTrace(3, "-DecodeData- Start\n", 0); - - // Determine the decoded size - for (i = 0, j = 0; i < encodedDataLen; i++) - if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64) - j++; - decodedSize = (j * 3 + 3) / 4; - - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) - { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) - { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); - - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; - } - if (!endReached) - { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); - } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/mechanisms/krb5/windows/dllsup.c b/CASA-auth-token/client/mechanisms/krb5/windows/dllsup.c deleted file mode 100644 index 1fbf8cc8..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/windows/dllsup.c +++ /dev/null @@ -1,132 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ External data ]===================================================== - -//===[ Manifest constants ]================================================ - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -UINT32 g_ulCount = 0; -UINT32 g_ulLock = 0; -HANDLE g_hModule; - - -//++======================================================================= -BOOL APIENTRY DllMain( - HANDLE hModule, - DWORD ul_reason_for_call, - LPVOID lpReserved - ) -//=======================================================================-- -{ - BOOL retStatus = TRUE; - - switch (ul_reason_for_call) - { - case DLL_PROCESS_ATTACH: - { - g_hModule = hModule; - - // Initialize the library - if (InitializeLibrary() != 0) - { - // Failed to initialize the library - OutputDebugString("CASA_KRB5_MECH -DllMain- Library initialization failed\n"); - retStatus = FALSE; - } - break; - } - - case DLL_THREAD_ATTACH: - { - g_hModule = hModule; - break; - } - - case DLL_THREAD_DETACH: - break; - - case DLL_PROCESS_DETACH: - { - /* Don't uninitialize on windows - tbd - */ - break; - } - } - - return retStatus; -} - -//++======================================================================= -// -// DllCanUnloadNow -// -// Synopsis -// -// -STDAPI -DllCanUnloadNow() -// -// Input Arguments -// -// Ouput Arguments -// -// Return Value -// S_OK The DLL can be unloaded. -// S_FALSE The DLL cannot be unloaded now. -// -// Description -// An Exported Function. -// DLLs that support the OLE Component Object Model (COM) should implement -// and export DllCanUnloadNow. -// A call to DllCanUnloadNow determines whether the DLL from which it is -// exported is still in use. A DLL is no longer in use when it is not -// managing any existing objects (the reference count on all of its objects -// is 0). -// DllCanUnloadNow returns S_FALSE if there are any existing references to -// objects that the DLL manages. -// -// Environment -// -// See Also -// -//=======================================================================-- -{ - // tbd - return ((g_ulCount == 0 && g_ulLock == 0) ? S_OK : S_FALSE); -} - -//========================================================================= -//========================================================================= - diff --git a/CASA-auth-token/client/mechanisms/krb5/windows/get.c b/CASA-auth-token/client/mechanisms/krb5/windows/get.c deleted file mode 100644 index a3ac6000..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/windows/get.c +++ /dev/null @@ -1,272 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -//++======================================================================= -CasaStatus SSCS_CALL -AuthTokenIf_GetAuthToken( - IN const void *pIfInstance, - IN const char *pContext, - IN const char *pMechInfo, - INOUT char *pTokenBuf, - INOUT int *pTokenBufLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pServiceConfigIf - -// Pointer to service config object to which the client is trying to -// authenticate. -// -// pContext - -// Pointer to null terminated string containing mechanism specific -// context information. Another name for context is Authentication -// Realm. -// -// pMechInfo - -// Pointer to null terminated string containing mechanism specific -// information. This is information is provided by the server to -// aid the mechanism to generate an authentication token. For -// example, the mechanism information for a Kerberos mechanism -// may be the service principal name to which the user will be -// authenticating. -// -// pTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// pTokenBufLen - -// Pointer to integer that contains the length of the -// buffer pointed at by pTokenBuf. Upon return of the -// function, the integer will contain the actual length -// of the authentication token if the function successfully -// completes or the buffer length required if the function -// fails because the buffer pointed at by pUserNameBuf is -// not large enough. -// -// Returns: -// Casa Status -// -// Description: -// Get authentication token to authenticate user to specified service. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - char *pKrbServiceName = pMechInfo; - SECURITY_STATUS secStatus; - TimeStamp expiry; - CredHandle hCredentials = {0}; - - - DbgTrace(1, "-AuthTokenIf_GetAuthToken- Start\n", 0); - - // Validate input parameters - if (pIfInstance == NULL - || pContext == NULL - || pMechInfo == NULL - || pTokenBufLen == NULL - || (pTokenBuf == NULL && *pTokenBufLen != 0)) - { - DbgTrace(0, "-AuthTokenIf_GetAuthToken- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Acquire a credential handle for the current user - secStatus = AcquireCredentialsHandle(NULL, // no principal name - "Kerberos", // package name - SECPKG_CRED_OUTBOUND, - NULL, // no logon id - NULL, // no auth data - NULL, // no get key fn - NULL, // noget key arg - &hCredentials, - &expiry); - if (secStatus == SEC_E_OK) - { - CtxtHandle hContext = {0}; - SecBuffer sendTok; - SecBufferDesc outputDesc; - ULONG retFlags; - - // We acquired the credential, now initialize a security context - // so that we can authenticate the user to the specified service. - // - // First ready an output descriptor so that we can receive the - // token buffer. - outputDesc.cBuffers = 1; - outputDesc.pBuffers = &sendTok; - outputDesc.ulVersion = SECBUFFER_VERSION; - - sendTok.BufferType = SECBUFFER_TOKEN; - sendTok.cbBuffer = 0; - sendTok.pvBuffer = NULL; - - // Initialize the security context for the specified service - secStatus = InitializeSecurityContext(&hCredentials, - NULL, - pKrbServiceName, - ISC_REQ_ALLOCATE_MEMORY, - 0, // reserved - SECURITY_NATIVE_DREP, - NULL, - 0, // reserved - &hContext, - &outputDesc, - &retFlags, - &expiry); - if (secStatus == SEC_E_OK) - { - char *pEncodedToken; - int encodedTokenLen; - - // The security context was initialized, now return it to the caller after base64 encoding it. - retStatus = EncodeData(sendTok.pvBuffer, - (const int) sendTok.cbBuffer, - &pEncodedToken, - &encodedTokenLen); - if (CASA_SUCCESS(retStatus)) - { - // Verify that the caller provided a buffer that is big enough - if (encodedTokenLen > *pTokenBufLen) - { - // The buffer is not big enough - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - else - { - // The buffer provided is large enough, copy the data. - memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - - // Return the actual size or the size required - *pTokenBufLen = encodedTokenLen; - - // Free the buffer containing the encoded token - free(pEncodedToken); - } - - // Delete the security context - DeleteSecurityContext(&hContext); - } - else - { - DbgTrace(0, "-AuthTokenIf_GetAuthToken- Failed to initialize the security context, error = %08X\n", secStatus); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Free any buffer associated with the sendToken - if (sendTok.pvBuffer) - FreeContextBuffer(sendTok.pvBuffer); - - // Free the credential handle obtained - FreeCredentialsHandle(&hCredentials); - - } - else - { - DbgTrace(1, "-AuthTokenIf_GetAuthToken- Failed to obtain the credentials handle, error = %08X\n", secStatus); - - // Set retStatus based on secStatus - if (secStatus == SEC_E_NOT_OWNER - || secStatus == SEC_E_NO_CREDENTIALS) - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_NO_CREDENTIALS); - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - -exit: - - DbgTrace(1, "-AuthTokenIf_GetAuthToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -InitializeLibrary(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus = 0; - - DbgTrace(1, "-InitializeLibrary- Start\n", 0); - - // Nothing to do at this time. - - DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/mechanisms/krb5/windows/krb5mech.def b/CASA-auth-token/client/mechanisms/krb5/windows/krb5mech.def deleted file mode 100644 index 1605afcf..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/windows/krb5mech.def +++ /dev/null @@ -1,10 +0,0 @@ -LIBRARY KRB5MECH -DESCRIPTION 'CASA Kerberos V Authentication Mechanism Library.' - - -EXPORTS -; DllRegisterServer PRIVATE -; DllUnregisterServer PRIVATE -; DllGetClassObject PRIVATE - GetAuthTokenInterface PRIVATE -; DllCanUnloadNow PRIVATE \ No newline at end of file diff --git a/CASA-auth-token/client/mechanisms/krb5/windows/platform.c b/CASA-auth-token/client/mechanisms/krb5/windows/platform.c deleted file mode 100644 index 869b581c..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/windows/platform.c +++ /dev/null @@ -1,35 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - diff --git a/CASA-auth-token/client/mechanisms/krb5/windows/platform.h b/CASA-auth-token/client/mechanisms/krb5/windows/platform.h deleted file mode 100644 index 1b3f0f7f..00000000 --- a/CASA-auth-token/client/mechanisms/krb5/windows/platform.h +++ /dev/null @@ -1,83 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _PLATFORM_H_ -#define _PLATFORM_H_ - -//===[ Include files ]===================================================== - -#include -#include -#include -#include -#include - -//===[ Type definitions ]================================================== - -#ifndef CONTAINING_RECORD -#define CONTAINING_RECORD(address, type, field) ((type *)( \ - (char*)(address) - \ - (char*)(&((type *)0)->field))) -#endif - -// -// DbgTrace macro define -// -//#define DbgTrace(LEVEL, X, Y) { \ -//char printBuff[256]; \ -// if (LEVEL == 0 || DebugLevel >= LEVEL) \ -// { \ -// _snprintf(printBuff, sizeof(printBuff), X, Y); \ -// printf("Krb5Mech %s", printBuff); \ -// } \ -//} -#define DbgTrace(LEVEL, X, Y) { \ -char formatBuff[128]; \ -char printBuff[256]; \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - strcpy(formatBuff, "Krb5Mech "); \ - strncat(formatBuff, X, sizeof(formatBuff) - 9); \ - _snprintf(printBuff, sizeof(printBuff), formatBuff, Y); \ - OutputDebugString(printBuff); \ - } \ -} - -#define bool BOOLEAN -#define true TRUE -#define false FALSE - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global externals ]================================================== - -//===[ External prototypes ]=============================================== - - -//========================================================================= - -#endif // _PLATFORM_H_ - diff --git a/CASA-auth-token/client/mechanisms/pwd/PwdAuthenticate.conf b/CASA-auth-token/client/mechanisms/pwd/PwdAuthenticate.conf deleted file mode 100644 index 171f06e0..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/PwdAuthenticate.conf +++ /dev/null @@ -1,12 +0,0 @@ -####################################################### -# # -# CASA Authentication Token System configuration file # -# for module: # -# # -# PwdAuthenticate # -# # -####################################################### - -LibraryName \Program Files\novell\casa\lib\pwmech.dll - - diff --git a/CASA-auth-token/client/mechanisms/pwd/README b/CASA-auth-token/client/mechanisms/pwd/README deleted file mode 100644 index 12f170d6..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/README +++ /dev/null @@ -1,27 +0,0 @@ -/*********************************************************************** - * - * README for pwmech - * - ***********************************************************************/ - -INTRODUCTION - -pwmech is a client authentication mechanism for the support of username -and password authenticaton. The mechanism leverages the credentials stored -in the miCASA cache and does not prompt the user for credentials. - -SECURITY CONSIDERATIONS - -The tokens that pwmech generates contain the user's username and password, -this mandates that the auth_token client utilize a secure channel when -transfering them to the ATS. - - - - - - - - - - diff --git a/CASA-auth-token/client/mechanisms/pwd/TODO b/CASA-auth-token/client/mechanisms/pwd/TODO deleted file mode 100644 index cf307b20..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/TODO +++ /dev/null @@ -1,14 +0,0 @@ -/*********************************************************************** - * - * TODO for pwmech - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for pwmech. - -OUTSTANDING ITEMS - -- Implementation of Linux specific code. - diff --git a/CASA-auth-token/client/mechanisms/pwd/get.c b/CASA-auth-token/client/mechanisms/pwd/get.c deleted file mode 100644 index f2b88546..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/get.c +++ /dev/null @@ -1,359 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -//++======================================================================= -static -CasaStatus -GetUserCredentials( - IN const char *pRealm, - INOUT char **ppUsername, - INOUT char **ppPassword) -// -// Arguments: -// pRealm - -// The realm to which the credentials apply. -// -// ppUsername - -// Pointer to variable that will receive buffer with the username. -// -// ppPassword - -// Pointer to variable that will receive buffer with the password. -// -// Returns: -// Casa Status -// -// Description: -// Get authentication credentials for the specified realm. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_UNSUCCESSFUL); - char *pUsername; - char *pPassword; - int rcode = NSSCS_E_OBJECT_NOT_FOUND; - int32_t credtype = SSCS_CRED_TYPE_BASIC_F; - SSCS_BASIC_CREDENTIAL credential = {0}; - SSCS_SECRET_ID_T secretId = {0}; - SSCS_SECRET_ID_T sharedSecretId = {0}; - - - DbgTrace(1, "-GetUserCredentials- Start\n", 0); - - // Initialize output parameters - *ppUsername = NULL; - *ppPassword = NULL; - - // Get the length of the realm string into the secret id structure - // and verify thatr it is not too long. - secretId.len = sscs_Utf8Strlen(pRealm) + 1; - if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN) - { - // Set the secret id in the structure - sscs_Utf8Strcpy(secretId.id, pRealm); - - // Specify that we want the common name - credential.unFlags = USERNAME_TYPE_CN_F; - - // Now try to get the credentials - rcode = miCASAGetCredential(0, - &secretId, - NULL, - &credtype, - &credential, - NULL); - if (rcode != NSSCS_SUCCESS) - { - // There were no credentials for the realm, now try to obtain the - // desktop credentials. - secretId.len = sscs_Utf8Strlen("Desktop") + 1; - sscs_Utf8Strcpy(secretId.id, "Desktop"); - rcode = miCASAGetCredential(0, - &secretId, - NULL, - &credtype, - &credential, - NULL); - } - } - else - { - DbgTrace(0, "-GetUserCredentials- Realm name too long\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Proceed based on the result of the operatiosn above - if (rcode == NSSCS_SUCCESS - && credential.username != NULL - && credential.password != NULL) - { - // Allocate a buffer to return the username - pUsername = (char*) malloc(strlen(credential.username) + 1); - if (pUsername) - { - // Copy the username into the buffer that we will be returning - strcpy(pUsername, credential.username); - - // Allocate a buffer to return the password - pPassword = (char*) malloc(strlen(credential.password) + 1); - if (pPassword) - { - // Copy the password into the buffer that we will be returning - strcpy(pPassword, credential.password); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-GetUserCredentials- Buffer allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - - // Free the buffer allocated for the username - free(pUsername); - } - } - else - { - DbgTrace(0, "-GetUserCredentials- Buffer allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - // Return the buffers to the caller if successful - if (CASA_SUCCESS(retStatus)) - { - *ppUsername = pUsername; - *ppPassword = pPassword; - } - - DbgTrace(1, "-GetUserCredentials- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus SSCS_CALL -AuthTokenIf_GetAuthToken( - IN const void *pIfInstance, - IN const char *pContext, - IN const char *pMechInfo, - INOUT char *pTokenBuf, - INOUT int *pTokenBufLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pServiceConfigIf - -// Pointer to service config object to which the client is trying to -// authenticate. -// -// pContext - -// Pointer to null terminated string containing mechanism specific -// context information. Another name for context is Authentication -// Realm. -// -// pMechInfo - -// Pointer to null terminated string containing mechanism specific -// information. This is information is provided by the server to -// aid the mechanism to generate an authentication token. For -// example, the mechanism information for a Kerberos mechanism -// may be the service principal name to which the user will be -// authenticating. -// -// pTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// pTokenBufLen - -// Pointer to integer that contains the length of the -// buffer pointed at by pTokenBuf. Upon return of the -// function, the integer will contain the actual length -// of the authentication token if the function successfully -// completes or the buffer length required if the function -// fails because the buffer pointed at by pUserNameBuf is -// not large enough. -// -// Returns: -// Casa Status -// -// Description: -// Get authentication token to authenticate user to specified service. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - char *pUsername = NULL; - char *pPassword = NULL; - char *pToken; - - DbgTrace(1, "-AuthTokenIf_GetAuthToken- Start\n", 0); - - // Validate input parameters - if (pIfInstance == NULL - || pContext == NULL - || pMechInfo == NULL - || pTokenBufLen == NULL - || (pTokenBuf == NULL && *pTokenBufLen != 0)) - { - DbgTrace(0, "-AuthTokenIf_GetAuthToken- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Get the user credentials - retStatus = GetUserCredentials(pContext, &pUsername, &pPassword); - if (CASA_SUCCESS(retStatus)) - { - // Now construct the PW token with the following format: - // "username\r\n" + "password\r\n" - // - // First allocate a buffer large enough to hold the token - pToken = (char*) malloc(strlen(pUsername) + 2 + strlen(pPassword) + 2 + 1); - if (pToken) - { - char *pEncodedToken; - int encodedTokenLen; - - // Now assemble the token - sprintf(pToken, "%s\r\n%s\r\n", pUsername, pPassword); - - // The token has been assembled, now encode it. - retStatus = EncodeData(pToken, - (const int) strlen(pToken), - &pEncodedToken, - &encodedTokenLen); - if (CASA_SUCCESS(retStatus)) - { - // Verify that the caller provided a buffer that is big enough - if (encodedTokenLen > *pTokenBufLen) - { - // The buffer is not big enough - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - else - { - // The buffer provided is large enough, copy the data. - memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - - // Return the actual size or the size required - *pTokenBufLen = encodedTokenLen; - - // Free the buffer containing the encoded token - free(pEncodedToken); - } - - // Free the buffer allocated for the token - free(pToken); - } - else - { - DbgTrace(0, "-AuthTokenIf_GetAuthToken- Buffer allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Free allocated buffers - free(pUsername); - free(pPassword); - } - else - { - DbgTrace(1, "-AuthTokenIf_GetAuthToken- Failed to obtain the user credentials\n", 0); - } - -exit: - - DbgTrace(1, "-AuthTokenIf_GetAuthToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -InitializeLibrary(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus = 0; - - DbgTrace(1, "-InitializeLibrary- Start\n", 0); - - // Nothing to do at this time. - - DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/mechanisms/pwd/interface.c b/CASA-auth-token/client/mechanisms/pwd/interface.c deleted file mode 100644 index 2fbdf3f4..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/interface.c +++ /dev/null @@ -1,207 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Authentication Token Interface instance data -// -typedef struct _AuthTokenIfInstance -{ - int refCount; - AuthTokenIf authTokenIf; - -} AuthTokenIfInstance, *PAuthTokenIfInstance; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// AuthTokenIf variables -static -int g_numAuthTokenIfObjs = 0; - - -//++======================================================================= -static -int SSCS_CALL -AuthTokenIf_AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - AuthTokenIfInstance *pAuthTokenIfInstance = CONTAINING_RECORD(pIfInstance, AuthTokenIfInstance, authTokenIf); - - DbgTrace(2, "-AuthTokenIf_AddReference- Start\n", 0); - - // Increment the reference count on the object - pAuthTokenIfInstance->refCount ++; - refCount = pAuthTokenIfInstance->refCount; - - DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -static -void SSCS_CALL -AuthTokenIf_ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - AuthTokenIfInstance *pAuthTokenIfInstance = CONTAINING_RECORD(pIfInstance, AuthTokenIfInstance, authTokenIf); - - DbgTrace(2, "-AuthTokenIf_ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - pAuthTokenIfInstance->refCount --; - if (pAuthTokenIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numAuthTokenIfObjs --; - } - - // Free object if necessary - if (freeObj) - free(pAuthTokenIfInstance); - - DbgTrace(2, "-AuthTokenIf_ReleaseReference- End\n", 0); -} - - -//++======================================================================= -CasaStatus SSCS_CALL -GET_AUTH_TOKEN_INTERFACE_RTN( - IN const ConfigIf *pModuleConfigIf, - INOUT AuthTokenIf **ppAuthTokenIf) -// -// Arguments: -// pModuleConfigIf - -// Pointer to configuration interface instance for the module. -// -// ppAuthTokenIf - -// Pointer to variable that will receive pointer to AuthTokenIf -// instance. -// -// Returns: -// Casa Status -// -// Description: -// Gets authentication token interface instance. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - AuthTokenIfInstance *pAuthTokenIfInstance; - - - DbgTrace(1, "-GetAuthTokenInterface- Start\n", 0); - - // Validate input parameters - if (pModuleConfigIf == NULL - || ppAuthTokenIf == NULL) - { - DbgTrace(0, "-GetAuthTokenInterface- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Allocate space for the interface instance - pAuthTokenIfInstance = malloc(sizeof(*pAuthTokenIfInstance)); - if (pAuthTokenIfInstance) - { - // Initialize the interface instance data - pAuthTokenIfInstance->refCount = 1; - pAuthTokenIfInstance->authTokenIf.addReference = AuthTokenIf_AddReference; - pAuthTokenIfInstance->authTokenIf.releaseReference = AuthTokenIf_ReleaseReference; - pAuthTokenIfInstance->authTokenIf.getAuthToken = AuthTokenIf_GetAuthToken; - - // Keep track of this object - g_numAuthTokenIfObjs ++; - - // Return the interface to the caller - *ppAuthTokenIf = &pAuthTokenIfInstance->authTokenIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-GetAuthTokenInterface- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - -exit: - - DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/mechanisms/pwd/internal.h b/CASA-auth-token/client/mechanisms/pwd/internal.h deleted file mode 100644 index 3ac0c0cd..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/internal.h +++ /dev/null @@ -1,92 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _INTERNAL_H_ -#define _INTERNAL_H_ - -//===[ Include files ]===================================================== - -#include "platform.h" -#include -#include -#include -#include -#include "config_if.h" -#include "mech_if.h" - -//===[ Type definitions ]================================================== - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//===[ Global externals ]================================================== - -extern int DebugLevel; - -//===[ External prototypes ]=============================================== - -// -// Defined in get.c -// - -extern -CasaStatus SSCS_CALL -AuthTokenIf_GetAuthToken( - IN const void *pIfInstance, - IN const char *pContext, - IN const char *pMechInfo, - INOUT char *pTokenBuf, - INOUT int *pTokenBufLen); - -extern -int -InitializeLibrary(void); - -// -// Defined in utils.c -// - -extern -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); - -extern -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen); - -//========================================================================= - -#endif // _INTERNAL_H_ - diff --git a/CASA-auth-token/client/mechanisms/pwd/pwd.vcproj b/CASA-auth-token/client/mechanisms/pwd/pwd.vcproj deleted file mode 100644 index 40ee722e..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/pwd.vcproj +++ /dev/null @@ -1,183 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/CASA-auth-token/client/mechanisms/pwd/util.c b/CASA-auth-token/client/mechanisms/pwd/util.c deleted file mode 100644 index 90454c7a..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/util.c +++ /dev/null @@ -1,282 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Debug Level -int DebugLevel = 0; - -// Tables for Base64 encoding and decoding -static const int8_t g_Base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static const uint8_t g_Expand64[256] = -{ - /* ASCII table */ - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, - 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, - 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64 -}; - - -//++======================================================================= -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int encodedSize; - - char *pTmp; - - DbgTrace(3, "-EncodeData- Start\n", 0); - - // Determine the encoded size and allocate a buffer to hold the encoded data - encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4; - pTmp = (char*) malloc(encodedSize); - *ppEncodedData = pTmp; - if (*ppEncodedData) - { - uint8_t *pOut, *pIn; - int i; - - // Setup pointers to move through the buffers - pIn = (uint8_t*) pData; - pOut = (uint8_t*) *ppEncodedData; - - // Perform the encoding - for (i = 0; i < dataLen - 2; i += 3) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) | - ((int32_t)(pIn[i + 2] & 0xC0) >> 6)]; - *pOut++ = g_Base64[pIn[i + 2] & 0x3F]; - } - if (i < dataLen) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - if (i == (dataLen - 1)) - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4)]; - *pOut++ = '='; - } - else - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)]; - } - *pOut++ = '='; - } - *pOut++ = '\0'; - - // Return the encoded data length - *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int i, j; - int decodedSize; - - DbgTrace(3, "-DecodeData- Start\n", 0); - - // Determine the decoded size - for (i = 0, j = 0; i < encodedDataLen; i++) - if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64) - j++; - decodedSize = (j * 3 + 3) / 4; - - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) - { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) - { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); - - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; - } - if (!endReached) - { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); - } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_PWTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/mechanisms/pwd/windows/dllsup.c b/CASA-auth-token/client/mechanisms/pwd/windows/dllsup.c deleted file mode 100644 index 8eecacef..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/windows/dllsup.c +++ /dev/null @@ -1,132 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ External data ]===================================================== - -//===[ Manifest constants ]================================================ - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -UINT32 g_ulCount = 0; -UINT32 g_ulLock = 0; -HANDLE g_hModule; - - -//++======================================================================= -BOOL APIENTRY DllMain( - HANDLE hModule, - DWORD ul_reason_for_call, - LPVOID lpReserved - ) -//=======================================================================-- -{ - BOOL retStatus = TRUE; - - switch (ul_reason_for_call) - { - case DLL_PROCESS_ATTACH: - { - g_hModule = hModule; - - // Initialize the library - if (InitializeLibrary() != 0) - { - // Failed to initialize the library - OutputDebugString("CASA_PW_MECH -DllMain- Library initialization failed\n"); - retStatus = FALSE; - } - break; - } - - case DLL_THREAD_ATTACH: - { - g_hModule = hModule; - break; - } - - case DLL_THREAD_DETACH: - break; - - case DLL_PROCESS_DETACH: - { - /* Don't uninitialize on windows - tbd - */ - break; - } - } - - return retStatus; -} - -//++======================================================================= -// -// DllCanUnloadNow -// -// Synopsis -// -// -STDAPI -DllCanUnloadNow() -// -// Input Arguments -// -// Ouput Arguments -// -// Return Value -// S_OK The DLL can be unloaded. -// S_FALSE The DLL cannot be unloaded now. -// -// Description -// An Exported Function. -// DLLs that support the OLE Component Object Model (COM) should implement -// and export DllCanUnloadNow. -// A call to DllCanUnloadNow determines whether the DLL from which it is -// exported is still in use. A DLL is no longer in use when it is not -// managing any existing objects (the reference count on all of its objects -// is 0). -// DllCanUnloadNow returns S_FALSE if there are any existing references to -// objects that the DLL manages. -// -// Environment -// -// See Also -// -//=======================================================================-- -{ - // tbd - return ((g_ulCount == 0 && g_ulLock == 0) ? S_OK : S_FALSE); -} - -//========================================================================= -//========================================================================= - diff --git a/CASA-auth-token/client/mechanisms/pwd/windows/platform.c b/CASA-auth-token/client/mechanisms/pwd/windows/platform.c deleted file mode 100644 index 869b581c..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/windows/platform.c +++ /dev/null @@ -1,35 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - diff --git a/CASA-auth-token/client/mechanisms/pwd/windows/platform.h b/CASA-auth-token/client/mechanisms/pwd/windows/platform.h deleted file mode 100644 index ece8baa3..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/windows/platform.h +++ /dev/null @@ -1,81 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _PLATFORM_H_ -#define _PLATFORM_H_ - -//===[ Include files ]===================================================== - -#include -#include -#include - -//===[ Type definitions ]================================================== - -#ifndef CONTAINING_RECORD -#define CONTAINING_RECORD(address, type, field) ((type *)( \ - (char*)(address) - \ - (char*)(&((type *)0)->field))) -#endif - -// -// DbgTrace macro define -// -//#define DbgTrace(LEVEL, X, Y) { \ -//char printBuff[256]; \ -// if (LEVEL == 0 || DebugLevel >= LEVEL) \ -// { \ -// _snprintf(printBuff, sizeof(printBuff), X, Y); \ -// printf("PwdMech %s", printBuff); \ -// } \ -//} -#define DbgTrace(LEVEL, X, Y) { \ -char formatBuff[128]; \ -char printBuff[256]; \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - strcpy(formatBuff, "PwdMech "); \ - strncat(formatBuff, X, sizeof(formatBuff) - 8); \ - _snprintf(printBuff, sizeof(printBuff), formatBuff, Y); \ - OutputDebugString(printBuff); \ - } \ -} - -#define bool BOOLEAN -#define true TRUE -#define false FALSE - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global externals ]================================================== - -//===[ External prototypes ]=============================================== - - -//========================================================================= - -#endif // _PLATFORM_H_ - diff --git a/CASA-auth-token/client/mechanisms/pwd/windows/pwmech.def b/CASA-auth-token/client/mechanisms/pwd/windows/pwmech.def deleted file mode 100644 index 0557e401..00000000 --- a/CASA-auth-token/client/mechanisms/pwd/windows/pwmech.def +++ /dev/null @@ -1,10 +0,0 @@ -LIBRARY PWMECH -DESCRIPTION 'CASA PW Authentication Mechanism Library.' - - -EXPORTS -; DllRegisterServer PRIVATE -; DllUnregisterServer PRIVATE -; DllGetClassObject PRIVATE - GetAuthTokenInterface PRIVATE -; DllCanUnloadNow PRIVATE \ No newline at end of file diff --git a/CASA-auth-token/client/test/CASA_Auth.cpp b/CASA-auth-token/client/test/CASA_Auth.cpp deleted file mode 100644 index 378da8ef..00000000 --- a/CASA-auth-token/client/test/CASA_Auth.cpp +++ /dev/null @@ -1,513 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#include -#include "casa_c_authtoken.h" - -// Globals -char usageString[] = "usage: test -a serverAddress -p serverPort [-h]\n"; - -char *pServerAddress = NULL; -int serverPort = 0; -BOOLEAN execHttpTest = FALSE; - - -/*********************************************************************** - * - * dtoul() - * - ***********************************************************************/ -int -dtoul( - IN char *cp, - IN int len) -{ - int n = 0; - int i; - - for (i = 0; i < len; i++, cp++) - { - // Verify that we are dealing with a valid digit - if (*cp >= '0' && *cp <= '9') - { - n = 10 * n + (*cp - '0'); - } - else - { - printf("-dtoul- Found invalid digit\n"); - break; - } - } - - return n; -} - - -/*********************************************************************** - * - * EncodeData() - * - ***********************************************************************/ -int -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) -{ - int8_t base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - int retStatus; - int encodedSize; - - char *pTmp; - - // Determine the encoded size and allocate a buffer to hold the encoded data - encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4; - pTmp = (char*) malloc(encodedSize); - *ppEncodedData = pTmp; - if (*ppEncodedData) - { - uint8_t *pOut, *pIn; - int i; - - // Setup pointers to move through the buffers - pIn = (uint8_t*) pData; - pOut = (uint8_t*) *ppEncodedData; - - // Perform the encoding - for (i = 0; i < dataLen - 2; i += 3) - { - *pOut++ = base64[(pIn[i] >> 2) & 0x3F]; - *pOut++ = base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = base64[((pIn[i + 1] & 0xF) << 2) | - ((int32_t)(pIn[i + 2] & 0xC0) >> 6)]; - *pOut++ = base64[pIn[i + 2] & 0x3F]; - } - if (i < dataLen) - { - *pOut++ = base64[(pIn[i] >> 2) & 0x3F]; - if (i == (dataLen - 1)) - { - *pOut++ = base64[((pIn[i] & 0x3) << 4)]; - *pOut++ = '='; - } - else - { - *pOut++ = base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = base64[((pIn[i + 1] & 0xF) << 2)]; - } - *pOut++ = '='; - } - *pOut++ = '\0'; - - // Return the encoded data length - *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData); - - // Success - retStatus = 0; - } - else - { - printf("-EncodeData- Buffer allocation failure\n"); - retStatus = -1; - } - - return retStatus; -} - - -/*********************************************************************** - * - * NonHttpTest() - * - ***********************************************************************/ -void NonHttpTest(void) -{ - CasaStatus retStatus; - char authToken[4096]; - int authTokenLen = sizeof(authToken); - - // Obtain an authentication token for the testService - retStatus = ObtainAuthToken("testService", pServerAddress, authToken, &authTokenLen); - if (!CASA_SUCCESS(retStatus)) - { - printf("-NonHttpTest- ObtainAuthToken failed with status %d\n", retStatus); - } - else - { - SOCKET sock; - struct sockaddr_in localAddr = {0}; - struct sockaddr_in remoteAddr = {0}; - struct linger linger_opt = {1, 15}; - struct hostent *pLookupResult; - int winsockStartupResult; - WSADATA winsockData; - - printf("-NonHttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen); - - // Send the token to the server - // - // First initialize winsock - if ((winsockStartupResult = WSAStartup(MAKEWORD(2,2), &winsockData)) == 0) - { - // Open socket - sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (sock != INVALID_SOCKET) - { - // Setup the local address structure - localAddr.sin_family = AF_INET; - localAddr.sin_addr.s_addr = htonl(INADDR_ANY); - - // Bind socket - if (!bind(sock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in))) - { - // Resolve the server address - pLookupResult = gethostbyname(pServerAddress); - if (pLookupResult) - { - // Validate the address type returned - if (pLookupResult->h_addrtype == AF_INET) - { - int numAddressesFound = 0; - - // Determine how many addresses where returned - while (pLookupResult->h_addr_list[numAddressesFound] != NULL) - { - //printf("ServerAddress = %08X\n", *((int*) pLookupResult->h_addr_list[numAddressesFound])); - numAddressesFound ++; - } - //printf("Found %d addresses\n", numAddressesFound); - - // Setup the remote address structure with the lookup results - remoteAddr.sin_family = AF_INET; - remoteAddr.sin_port = serverPort; - remoteAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]); // Short-cut - //printf("ServerAddress = %08X\n", remoteAddr.sin_addr.s_addr); - - // Perform connect operation - if (connect(sock, - (struct sockaddr*) &remoteAddr, - sizeof(struct sockaddr_in)) == SOCKET_ERROR) - { - printf("-NonHttpTest- Connection creation failed, error = %d\n", WSAGetLastError()); - } - else - { - // Now the connection is setup, send the credentials to the server as one line. - // using our cheesy protocol followed by a hello string. - // - // Send the token to the server (including NULL terminator) - send(sock, authToken, (int) strlen(authToken) + 1, 0); - - // Send new line - send(sock, "\n", 1, 0); - - // Send "hello" - //send(sock, helloString, strlen(helloString) + 1, MSG_NOSIGNAL); - - // Send new line - //send(sock, "\n", 1, 0); - - // Shutdown the connection - shutdown(sock, 0); - } - } - else - { - printf("-NonHttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype); - } - } - else - { - printf("-NonHttpTest- Lookup for %s failed\n", pServerAddress); - } - } - else - { - printf("-NonHttpTest- Unable to bind socket, error = %d", errno); - } - - // Close the socket - setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char*) &linger_opt, sizeof(linger_opt)); - closesocket(sock); - } - else - { - printf("-NonHttpTest- Unable to open socket, error = %d\n", errno); - } - - // Close winsock - WSACleanup(); - } - else - { - printf("-NonHttpTest- WSAStartup failed, error = %d\n", winsockStartupResult); - } - } -} - - -/*********************************************************************** - * - * HttpTest() - * - ***********************************************************************/ -void HttpTest(void) -{ - CasaStatus retStatus; - char authToken[4096]; - int authTokenLen = sizeof(authToken); - - // Obtain an authentication token for the testService - retStatus = ObtainAuthToken("testService", pServerAddress, authToken, &authTokenLen); - if (!CASA_SUCCESS(retStatus)) - { - printf("-HttpTest- ObtainAuthToken failed with status %d\n", retStatus); - } - else - { - SOCKET sock; - struct sockaddr_in localAddr = {0}; - struct sockaddr_in remoteAddr = {0}; - struct linger linger_opt = {1, 15}; - struct hostent *pLookupResult; - int winsockStartupResult; - WSADATA winsockData; - - //printf("ObtainAuthToken succedded, token = %s\n", authToken); - printf("-HttpTest- ObtainAuthToken succedded, tokenlen = %d\n", authTokenLen); - - // Send the token to the server - // - // First initialize winsock - if ((winsockStartupResult = WSAStartup(MAKEWORD(2,2), &winsockData)) == 0) - { - // Open socket - sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (sock != INVALID_SOCKET) - { - // Setup the local address structure - localAddr.sin_family = AF_INET; - localAddr.sin_addr.s_addr = htonl(INADDR_ANY); - - // Bind socket - if (!bind(sock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in))) - { - // Resolve the server address - pLookupResult = gethostbyname(pServerAddress); - if (pLookupResult) - { - // Validate the address type returned - if (pLookupResult->h_addrtype == AF_INET) - { - int numAddressesFound = 0; - - // Determine how many addresses where returned - while (pLookupResult->h_addr_list[numAddressesFound] != NULL) - { - //printf("ServerAddress = %08X\n", *((int*) pLookupResult->h_addr_list[numAddressesFound])); - numAddressesFound ++; - } - //printf("Found %d addresses\n", numAddressesFound); - - - // Setup the remote address structure with the lookup results - remoteAddr.sin_family = AF_INET; - remoteAddr.sin_port = serverPort; - remoteAddr.sin_addr.s_addr = *((int*) pLookupResult->h_addr_list[0]); // Short-cut - //printf("ServerAddress = %08X\n", remoteAddr.sin_addr.s_addr); - - // Perform connect operation - if (connect(sock, - (struct sockaddr*) &remoteAddr, - sizeof(struct sockaddr_in)) == SOCKET_ERROR) - { - printf("-HttpTest- Connection creation failed, error = %d\n", WSAGetLastError()); - } - else - { - char *pBasicCredentials; - char *pEncodedBasicCredentials; - int encodedLength; - char CasaPrincipal[] = "CasaPrincipal:"; - char HTTPReqPart1[] = "GET /example-info HTTP/1.1\r\\nUser-Agent: CasaTestClient\r\nHost: jcstation.dnsdhcp.provo.novell.com:4096\r\nConnection: Keep-Alive\r\nAuthorization: Basic "; - - // Now the connection is setup, send 1st part of HTTP request to the server. - send(sock, HTTPReqPart1, (int) strlen(HTTPReqPart1), 0); - - // Now setup the HTTP Basic Credentials - pBasicCredentials = (char*) malloc(strlen(CasaPrincipal) + strlen(authToken) + 1); - if (pBasicCredentials) - { - char *pEncodedCredentials; - - memcpy(pBasicCredentials, CasaPrincipal, sizeof(CasaPrincipal)); - strcat(pBasicCredentials, authToken); - - // Now Base64 encode the credentials - if (EncodeData(pBasicCredentials, strlen(pBasicCredentials), &pEncodedBasicCredentials, &encodedLength) == 0) - { - // Send the encoded credentials - send(sock, pEncodedBasicCredentials, encodedLength - 1, 0); - - // Send the rest of the header - send(sock, "\r\n\r\n", 4, 0); - - // Free the buffer holding the encoded credentials - free(pEncodedBasicCredentials); - } - else - { - printf("-HttpTest- Error encoding credentials\n"); - } - - // Free the buffer containing the basic credentials - free(pBasicCredentials); - } - else - { - printf("-HttpTest- Buffer allocation failure\n"); - } - - // Shutdown the connection - shutdown(sock, 0); - } - } - else - { - printf("-HttpTest- Unsupported address type returned %08X\n", pLookupResult->h_addrtype); - } - } - else - { - printf("-HttpTest- Lookup for %s failed\n", pServerAddress); - } - } - else - { - printf("-HttpTest- Unable to bind socket, error = %d", errno); - } - - // Close the socket - setsockopt(sock, SOL_SOCKET, SO_LINGER, (const char*) &linger_opt, sizeof(linger_opt)); - closesocket(sock); - } - else - { - printf("-HttpTest- Unable to open socket, error = %d\n", errno); - } - - // Close winsock - WSACleanup(); - } - else - { - printf("-HttpTest- WSAStartup failed, error = %d\n", winsockStartupResult); - } - } -} - - -/*********************************************************************** - * - * main() - * - ***********************************************************************/ -int main(int argc, char* argv[]) -{ - // Process input parameters - int i = 1; - while(argv[i] != NULL) - { - if (stricmp(argv[i], "-a") == 0) - { - // Server Address option, the next argument should - // contain the address. - i++; - if (argv[i] != NULL) - { - pServerAddress = argv[i]; - } - else - { - printf(usageString); - return -1; - } - } - else if (stricmp(argv[i], "-p") == 0) - { - // Server port option, the next argument should - // contain the port. - i++; - if (argv[i] != NULL) - { - serverPort = htons(dtoul(argv[i], strlen(argv[i]))); - } - else - { - printf(usageString); - return -1; - } - } - else if (stricmp(argv[i], "-h") == 0) - { - // Perform http test option - execHttpTest = TRUE; - } - - // Advance to the next argument - i++; - } - - // Verify that the server address and port were specified - if (pServerAddress && serverPort != 0) - { - // Repeat the test when indicated - printf("Press 'Enter' to run test or 'n + Enter' to stop.\n"); - while(getchar() != 'n') - { - // Execute the appropriate test - if (execHttpTest) - { - HttpTest(); - } - else - { - NonHttpTest(); - } - printf("Press 'Enter' to run test or 'n + Enter' to stop.\n"); - } - } - else - { - printf(usageString); - return -1; - } - - return 0; -} - - diff --git a/CASA-auth-token/client/test/test.vcproj b/CASA-auth-token/client/test/test.vcproj deleted file mode 100644 index b14c9a9f..00000000 --- a/CASA-auth-token/client/test/test.vcproj +++ /dev/null @@ -1,142 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/CASA-auth-token/client/util.c b/CASA-auth-token/client/util.c deleted file mode 100644 index b93a5508..00000000 --- a/CASA-auth-token/client/util.c +++ /dev/null @@ -1,321 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Tables for Base64 encoding and decoding -static const int8_t g_Base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static const uint8_t g_Expand64[256] = -{ - /* ASCII table */ - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, - 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, - 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64 -}; - - -//++======================================================================= -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int encodedSize; - - char *pTmp; - - DbgTrace(3, "-EncodeData- Start\n", 0); - - // Determine the encoded size and allocate a buffer to hold the encoded data - encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4; - pTmp = (char*) malloc(encodedSize); - *ppEncodedData = pTmp; - if (*ppEncodedData) - { - uint8_t *pOut, *pIn; - int i; - - // Setup pointers to move through the buffers - pIn = (uint8_t*) pData; - pOut = (uint8_t*) *ppEncodedData; - - // Perform the encoding - for (i = 0; i < dataLen - 2; i += 3) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) | - ((int32_t)(pIn[i + 2] & 0xC0) >> 6)]; - *pOut++ = g_Base64[pIn[i + 2] & 0x3F]; - } - if (i < dataLen) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - if (i == (dataLen - 1)) - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4)]; - *pOut++ = '='; - } - else - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)]; - } - *pOut++ = '='; - } - *pOut++ = '\0'; - - // Return the encoded data length - *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int i, j; - int decodedSize; - - DbgTrace(3, "-DecodeData- Start\n", 0); - - // Determine the decoded size - for (i = 0, j = 0; i < encodedDataLen; i++) - if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64) - j++; - decodedSize = (j * 3 + 3) / 4; - - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) - { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) - { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); - - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; - } - if (!endReached) - { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); - } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -dtoul( - IN const char *cp, - IN const int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int n = 0; - int i; - - DbgTrace(2, "-dtoul- Start\n", 0); - - for (i = 0; i < len; i++, cp++) - { - // Verify that we are dealing with a valid digit - if (*cp >= '0' && *cp <= '9') - { - n = 10 * n + (*cp - '0'); - } - else - { - DbgTrace(0, "-dtoul- Found invalid digit\n", 0); - break; - } - } - - DbgTrace(2, "-dtoul- End, result = %d\n", n); - - return n; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/windows/authtoken.def b/CASA-auth-token/client/windows/authtoken.def deleted file mode 100644 index 1862e07e..00000000 --- a/CASA-auth-token/client/windows/authtoken.def +++ /dev/null @@ -1,10 +0,0 @@ -LIBRARY AUTHTOKEN -DESCRIPTION 'CASA Authentication Token Library.' - - -EXPORTS -; DllRegisterServer PRIVATE -; DllUnregisterServer PRIVATE -; DllGetClassObject PRIVATE - ObtainAuthToken PRIVATE -; DllCanUnloadNow PRIVATE \ No newline at end of file diff --git a/CASA-auth-token/client/windows/dllsup.c b/CASA-auth-token/client/windows/dllsup.c deleted file mode 100644 index c30b3cb2..00000000 --- a/CASA-auth-token/client/windows/dllsup.c +++ /dev/null @@ -1,132 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ External data ]===================================================== - -//===[ Manifest constants ]================================================ - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -UINT32 g_ulCount = 0; -UINT32 g_ulLock = 0; -HANDLE g_hModule; - - -//++======================================================================= -BOOL APIENTRY DllMain( - HANDLE hModule, - DWORD ul_reason_for_call, - LPVOID lpReserved - ) -//=======================================================================-- -{ - BOOL retStatus = TRUE; - - switch (ul_reason_for_call) - { - case DLL_PROCESS_ATTACH: - { - g_hModule = hModule; - - // Initialize the library - if (Initialize() != 0) - { - // Failed to initialize the library - OutputDebugString("CASAAUTH -DllMain- Library initialization failed\n"); - retStatus = FALSE; - } - break; - } - - case DLL_THREAD_ATTACH: - { - g_hModule = hModule; - break; - } - - case DLL_THREAD_DETACH: - break; - - case DLL_PROCESS_DETACH: - { - /* Don't uninitialize on windows - tbd - */ - break; - } - } - - return retStatus; -} - -//++======================================================================= -// -// DllCanUnloadNow -// -// Synopsis -// -// -STDAPI -DllCanUnloadNow() -// -// Input Arguments -// -// Ouput Arguments -// -// Return Value -// S_OK The DLL can be unloaded. -// S_FALSE The DLL cannot be unloaded now. -// -// Description -// An Exported Function. -// DLLs that support the OLE Component Object Model (COM) should implement -// and export DllCanUnloadNow. -// A call to DllCanUnloadNow determines whether the DLL from which it is -// exported is still in use. A DLL is no longer in use when it is not -// managing any existing objects (the reference count on all of its objects -// is 0). -// DllCanUnloadNow returns S_FALSE if there are any existing references to -// objects that the DLL manages. -// -// Environment -// -// See Also -// -//=======================================================================-- -{ - // tbd - return ((g_ulCount == 0 && g_ulLock == 0) ? S_OK : S_FALSE); -} - -//========================================================================= -//========================================================================= - diff --git a/CASA-auth-token/client/windows/platform.c b/CASA-auth-token/client/windows/platform.c deleted file mode 100644 index 1003ece0..00000000 --- a/CASA-auth-token/client/windows/platform.c +++ /dev/null @@ -1,665 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Normalized Host Name Cache Entry definition -// -typedef struct _NormalizedHostNameCacheEntry -{ - LIST_ENTRY listEntry; - char *pHostName; - char *pNormalizedHostName; - int buffLengthRequired; - -} NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Normalized host name cache list head -static -LIST_ENTRY normalizedHostNameCacheListHead; - -// Synchronization mutex for the normalized host name cache -static -HANDLE hNormalizedHostNameCacheMutex; - -// Authentication mechanism configuration file folder -char mechConfigFolder[] = "\\Program Files\\Novell\\Casa\\Etc\\Auth\\Mechanisms"; - -// Synchronization mutex for the dll initialization -static -HANDLE g_hInitializationMutex; - -// Path separator -char pathCharString[] = "\\"; - -//++======================================================================= -CasaStatus -CreateUserMutex( - HANDLE *phMutex - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - char *pUsername = NULL; - DWORD nameLength = 0; - - DbgTrace(1, "-CreateUserMutex- Start\n", 0); - - // Get the size of the buffer required to obtain the user name - GetUserName(pUsername, &nameLength); - if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) - { - // Allocate buffer to hold the user name - pUsername = (char*) malloc(nameLength); - if (pUsername) - { - // Get the name of the user - if (GetUserName(pUsername, &nameLength)) - { - SECURITY_ATTRIBUTES mutexAttributes; - char mutexName[256]; - - // Now lets create a global semaphore for the - // user and allow its handle to be inherited. - mutexAttributes.nLength = sizeof(mutexAttributes); - mutexAttributes.lpSecurityDescriptor = NULL; - mutexAttributes.bInheritHandle = TRUE; - if (sprintf(mutexName, "Global\\CASA_Auth_Mutex_%s", pUsername) != -1) - { - *phMutex = CreateMutex(&mutexAttributes, - FALSE, - mutexName); - if (*phMutex == NULL) - { - DbgTrace(0, "-CreateUserMutex- CreteMutex failed, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - else - { - DbgTrace(0, "-CreateUserMutex- sprintf failed, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - else - { - DbgTrace(0, "-CreateUserMutex- GetUserName failed, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Free the buffer allocated to hold the user name - free(pUsername); - } - else - { - DbgTrace(0, "-CreateUserMutex- Buffer allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - DbgTrace(0, "-CreateUserMutex- Unexpected GetUserName error, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - DbgTrace(1, "-CreateUserMutex- End, retStatus\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -AcquireUserMutex( - HANDLE hMutex - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-AcquireUserMutex- Start\n", 0); - - WaitForSingleObject(hMutex, INFINITE); - - DbgTrace(2, "-AcquireUserMutex- End\n", 0); -} - - -//++======================================================================= -void -ReleaseUserMutex( - HANDLE hMutex - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-ReleaseUserMutex- Start\n", 0); - - if (ReleaseMutex(hMutex) == 0) - { - DbgTrace(0, "-ReleaseUserMutex- ReleaseMutex failed, error = %d\n", GetLastError()); - } - - DbgTrace(2, "-ReleaseUserMutex- End\n", 0); -} - - -//++======================================================================= -void -DestroyUserMutex( - HANDLE hMutex - ) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-DestroyUserMutex- Start\n", 0); - - if (CloseHandle(hMutex) == 0) - { - DbgTrace(0, "-DestroyUserMutex- CloseHandle failed, error = %d\n", GetLastError()); - } - - DbgTrace(2, "-DestroyUserMutex- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CreateInitializationMutex(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus = -1; - - - DbgTrace(2, "-CreateInitializationMutex- Start\n", 0); - - // Create a cache mutex only applicable to the current process - g_hInitializationMutex = CreateMutex(NULL, FALSE, NULL); - - if (g_hInitializationMutex != NULL) - { - retStatus = CASA_STATUS_SUCCESS; - } - - DbgTrace(2, "-CreateInitializationMutex- End\n", 0); - - return retStatus; -} - - -//++======================================================================= -void -AcquireInitializationMutex(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-AcquireInitializationMutex- Start\n", 0); - - WaitForSingleObject(g_hInitializationMutex, INFINITE); - - DbgTrace(2, "-AcquireInitializationMutex- End\n", 0); -} - - -//++======================================================================= -void -ReleaseInitializationMutex(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(2, "-ReleaseInitializationMutex- Start\n", 0); - - if (ReleaseMutex(g_hInitializationMutex) == 0) - { - DbgTrace(0, "-ReleaseInitializationMutex- ReleaseMutex failed, error\n", 0); - } - - DbgTrace(2, "-ReleaseInitializationMutex- End\n", 0); -} - - -//++======================================================================= -LIB_HANDLE -OpenLibrary( - IN char *pFileName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - LIB_HANDLE libHandle; - - - DbgTrace(1, "-OpenLibrary- Start\n", 0); - - libHandle = LoadLibrary(pFileName); - if (libHandle == NULL) - { - DbgTrace(0, "-OpenLibrary- Not able to load library, error = %d\n", GetLastError()); - } - - DbgTrace(1, "-OpenLibrary- End, handle = %08X\n", libHandle); - - return libHandle; -} - - -//++======================================================================= -void -CloseLibrary( - IN LIB_HANDLE libHandle) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-CloseLibrary- Start\n", 0); - - FreeLibrary(libHandle); - - DbgTrace(1, "-CloseLibrary- End\n", 0); -} - - -//++======================================================================= -void* -GetFunctionPtr( - IN LIB_HANDLE libHandle, - IN char *pFunctionName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - void *pFuncPtr; - - - DbgTrace(1, "-GetFunctionPtr- Start\n", 0); - - pFuncPtr = GetProcAddress(libHandle, pFunctionName); - if (pFuncPtr == NULL) - { - DbgTrace(0, "-GetFunctionPtr- Not able to obtain func ptr, error = %d\n", GetLastError()); - } - - DbgTrace(1, "-GetFunctionPtr- End, pFuncPtr = %08X\n", pFuncPtr); - - return pFuncPtr; -} - - -//++======================================================================= -char* -NormalizeHostName( - IN const char *pHostName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pNormalizedName = NULL; - LIST_ENTRY *pListEntry; - NormalizedHostNameCacheEntry *pEntry = NULL; - - - DbgTrace(1, "-NormalizeHostName- Start\n", 0); - - // Obtain our synchronization mutex - WaitForSingleObject(hNormalizedHostNameCacheMutex, INFINITE); - - // First try to find an entry in the normalized host name cache - // for the host name provided. - pListEntry = normalizedHostNameCacheListHead.Flink; - while (pListEntry != &normalizedHostNameCacheListHead) - { - // Get pointer to the entry - pEntry = CONTAINING_RECORD(pListEntry, NormalizedHostNameCacheEntry, listEntry); - - // Check if the entry is for the host name - if (strcmp(pHostName, pEntry->pHostName) == 0) - { - // This entry corresponds to the given host name - break; - } - else - { - // The entry does not correspond to the given host name - pEntry = NULL; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Check if we found an entry in our cache for the given host name - if (pEntry) - { - // Entry found, obtain the normalized name from it. - pNormalizedName = (char*) malloc(pEntry->buffLengthRequired); - if (pNormalizedName) - { - // Copy the normalized name onto the allocated buffer - strcpy(pNormalizedName, pEntry->pNormalizedHostName); - } - else - { - DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0); - } - } - else - { - // An entry was not found in our cache, create one. - pEntry = (NormalizedHostNameCacheEntry*) malloc(sizeof(NormalizedHostNameCacheEntry)); - if (pEntry) - { - // Zero the entry - memset(pEntry, 0, sizeof(*pEntry)); - - // Allocate a buffer to hold the host name in the entry - pEntry->pHostName = (char*) malloc(strlen(pHostName) + 1); - if (pEntry->pHostName) - { - struct hostent *pLookupResult; - struct sockaddr_in sockAddr = {0}; - - // Copy the host name given into the allocated buffer - strcpy(pEntry->pHostName, pHostName); - - // Now try to resolve the normalized name - pLookupResult = gethostbyname(pHostName); - if (pLookupResult && pLookupResult->h_addrtype == AF_INET) - { - char dnsHostName[NI_MAXHOST]; - - // Set up a sockaddr structure - sockAddr.sin_family = AF_INET; - sockAddr.sin_addr.S_un.S_addr = *((int*) pLookupResult->h_addr_list[0]); - - // Now try to resolve the name using DNS - if (getnameinfo((const struct sockaddr*) &sockAddr, - sizeof(sockAddr), - dnsHostName, - sizeof(dnsHostName), - NULL, - 0, - NI_NAMEREQD) == 0) - { - // We resolved the address to a DNS name, use it as the normalized name. - pEntry->buffLengthRequired = (int) strlen(dnsHostName) + 1; - pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired); - if (pEntry->pNormalizedHostName) - { - // Copy the dns name - strcpy(pEntry->pNormalizedHostName, dnsHostName); - } - else - { - DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0); - } - } - else - { - DbgTrace(0, "-NormalizeHostName- getnameInfo failed, error %d\n", WSAGetLastError()); - - // Not able to resolve the name in DNS, just use the host name as - // the normalized name. - pEntry->buffLengthRequired = (int) strlen(pHostName) + 1; - pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired); - if (pEntry->pNormalizedHostName) - { - // Copy the host name - strcpy(pEntry->pNormalizedHostName, pHostName); - } - else - { - DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0); - } - } - } - else - { - DbgTrace(0, "-NormalizeHostName- Name resolution failed, error = %d\n", WSAGetLastError()); - } - } - else - { - DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0); - - // Free the space allocated for the entry - free(pEntry); - } - - // Proceed based on whether or not we normalized the name - if (pEntry->pNormalizedHostName) - { - // The name was normalized, save the entry in our cache. - InsertHeadList(&normalizedHostNameCacheListHead, &pEntry->listEntry); - - // Return the normalized name present in the entry - pNormalizedName = (char*) malloc(pEntry->buffLengthRequired); - if (pNormalizedName) - { - // Copy the normalized name onto the allocated buffer - strcpy(pNormalizedName, pEntry->pNormalizedHostName); - } - else - { - DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0); - } - } - else - { - // The host name was not normalized, free allocated resources. - if (pEntry->pHostName) - free(pEntry->pHostName); - free(pEntry); - } - } - else - { - DbgTrace(0, "-NormalizeHostName- Buffer allocation error\n", 0); - } - } - - // Release our synchronization mutex - if (ReleaseMutex(hNormalizedHostNameCacheMutex) == 0) - { - DbgTrace(0, "-NormalizeHostName- ReleaseMutex failed, error\n", 0); - } - - DbgTrace(1, "-NormalizeHostName- End, pNormalizedName = %08X\n", pNormalizedName); - - return pNormalizedName; -} - - -//++======================================================================= -CasaStatus -InitializeHostNameNormalization(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - int winsockStartupResult; - WSADATA winsockData; - - DbgTrace(1, "-InitializeHostNameNormalization- Start\n", 0); - - // Initialize winsock - if ((winsockStartupResult = WSAStartup(MAKEWORD(2,2), &winsockData)) == 0) - { - // Initialize the cache list head - InitializeListHead(&normalizedHostNameCacheListHead); - - // Create a cache mutex only applicable to the current process - hNormalizedHostNameCacheMutex = CreateMutex(NULL, - FALSE, - NULL); - if (hNormalizedHostNameCacheMutex != NULL) - { - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-InitializeHostNameNormalization- CreateMutex failed, error = %d\n", GetLastError()); - } - } - else - { - DbgTrace(0, "-InitializeHostNameNormalization- WSAStartup failed, error = %d\n", winsockStartupResult); - } - - DbgTrace(1, "-InitializeHostNameNormalization- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/client/windows/platform.h b/CASA-auth-token/client/windows/platform.h deleted file mode 100644 index c40accce..00000000 --- a/CASA-auth-token/client/windows/platform.h +++ /dev/null @@ -1,114 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include -#include -#include -#include -#include -#include -#include - -//===[ Type definitions ]================================================== - -#ifndef CONTAINING_RECORD -#define CONTAINING_RECORD(address, type, field) ((type *)( \ - (char*)(address) - \ - (char*)(&((type *)0)->field))) -#endif - -// -// DbgTrace macro define -// -//#define DbgTrace(LEVEL, X, Y) { \ -//char printBuff[256]; \ -// if (LEVEL == 0 || DebugLevel >= LEVEL) \ -// { \ -// _snprintf(printBuff, sizeof(printBuff), X, Y); \ -// printf("AuthToken %s", printBuff); \ -// } \ -//} -#define DbgTrace(LEVEL, X, Y) { \ -char formatBuff[128]; \ -char printBuff[256]; \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - strcpy(formatBuff, "AuthToken "); \ - strncat(formatBuff, X, sizeof(formatBuff) - 10); \ - _snprintf(printBuff, sizeof(printBuff), formatBuff, Y); \ - OutputDebugString(printBuff); \ - } \ -} - - -#define bool BOOLEAN -#define true TRUE -#define false FALSE - -// -// Auth Cache Entry definition -// -typedef struct _AuthCacheEntry -{ -// LIST_ENTRY listEntry; -// int refCount; - int status; - DWORD creationTime; - DWORD expirationTime; - BOOL doesNotExpire; -// char *pHostName; -// char *pCacheKeyName; - char token[1]; - -} AuthCacheEntry, *PAuthCacheEntry; - -// -// Rpc Session definition -// -typedef struct _RpcSession -{ - HINTERNET hSession; - HINTERNET hConnection; - -} RpcSession, *PRpcSession; - -// -// Other definitions -// -#define LIB_HANDLE HMODULE - - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global externals ]================================================== - -//===[ External prototypes ]=============================================== - -//========================================================================= - diff --git a/CASA-auth-token/client/windows/rpc.c b/CASA-auth-token/client/windows/rpc.c deleted file mode 100644 index 96b4716f..00000000 --- a/CASA-auth-token/client/windows/rpc.c +++ /dev/null @@ -1,498 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -#define INITIAL_RESPONSE_DATA_BUF_SIZE 1028 -#define INCREMENT_RESPONSE_DATA_BUF_SIZE 256 - -#define MAX_RPC_RETRIES 3 - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -//++======================================================================= -static -CasaStatus -CopyMultiToWideAlloc( - IN char *pMulti, - IN int multiSize, - INOUT LPWSTR *ppWide, - INOUT int *pWideSize) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int retStatus; - int size, i; - - - DbgTrace(2, "-CopyMultiToWideAlloc- Start\n", 0); - - size = (multiSize + 1) * sizeof(WCHAR); - - if ((*ppWide = (PWCHAR) malloc(size)) != NULL) - { - for (i = 0; i < multiSize; i++) - { - *(*ppWide + i) = (unsigned char) *(pMulti + i); - } - - *(*ppWide + i) = L'\0'; - - if (pWideSize) - { - *pWideSize = size - sizeof(WCHAR); - } - - retStatus = CASA_STATUS_SUCCESS; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(2, "-CopyMultiToWideAlloc- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -RpcSession* -OpenRpcSession( - IN char *pHostName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - RpcSession *pSession; - - - DbgTrace(1, "-OpenRpcSession- Start\n", 0); - - // Allocate space for the session - pSession = (RpcSession*) malloc(sizeof(*pSession)); - if (pSession) - { - // Zero the session structure - memset(pSession, 0, sizeof(*pSession)); - - // Open a Winhttp session - pSession->hSession = WinHttpOpen(L"CASA Client/1.0", - WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, - WINHTTP_NO_PROXY_NAME, - WINHTTP_NO_PROXY_BYPASS, - 0); - if (pSession->hSession) - { - LPWSTR pWideHostName; - int wideHostLen; - - // Session opened, now convert the host name to Unicode so that - // we can open a connection. - if (CopyMultiToWideAlloc(pHostName, - (int) strlen(pHostName), - &pWideHostName, - &wideHostLen) == CASA_STATUS_SUCCESS) - { - // Now open connection - pSession->hConnection = WinHttpConnect(pSession->hSession, - pWideHostName, - 8080, /*INTERNET_DEFAULT_HTTP_PORT,*/ - 0); - if (pSession->hConnection == NULL) - { - DbgTrace(0, "-OpenRpcSession- Failed to open connection, error = %d\n", GetLastError()); - - // Free allocated resources - WinHttpCloseHandle(pSession->hSession); - free(pSession); - pSession = NULL; - } - - // Free the host name wide string buffer - free(pWideHostName); - } - else - { - DbgTrace(0, "-OpenRpcSession- Error converting host name to wide string\n", 0); - - // Free allocated resources - WinHttpCloseHandle(pSession->hSession); - free(pSession); - pSession = NULL; - } - } - else - { - DbgTrace(0, "-OpenRpcSession- Failed to open session, error = %d\n", GetLastError()); - } - } - else - { - DbgTrace(0, "-OpenRpcSession- Failed to allocate buffer for rpc session\n", 0); - } - - DbgTrace(2, "-OpenRpcSession- End, pSession = %08X\n", pSession); - - return pSession; -} - - -//++======================================================================= -void -CloseRpcSession( - IN RpcSession *pSession) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-CloseRpcSession- Start\n", 0); - - // Close the connection handle - WinHttpCloseHandle(pSession->hConnection); - - // Close the session handle - WinHttpCloseHandle(pSession->hSession); - - // Free the space allocated for the session - free(pSession); - - DbgTrace(1, "-CloseRpcSession- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -InternalRpc( - IN RpcSession *pSession, - IN char *pMethod, - IN bool secure, - IN char *pRequestData, - INOUT char **ppResponseData, - INOUT int *pResponseDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - char rpcTarget[256]; - LPWSTR pWideRpcTarget; - int wideRpcTargetLen; - WCHAR sendHeaders[] = L"Content-Type: text/html"; - - DbgTrace(1, "-InternalRpc- Start\n", 0); - - // Initialize output parameter - *ppResponseData = NULL; - - // Create rpc target string and convert it to a wide string - sprintf(rpcTarget, "CasaAuthTokenSvc/Rpc?method=%s", pMethod); - retStatus = CopyMultiToWideAlloc(rpcTarget, - (int) strlen(rpcTarget), - &pWideRpcTarget, - &wideRpcTargetLen); - if (CASA_SUCCESS(retStatus)) - { - HINTERNET hRequest; - - // Open a request handle - hRequest = WinHttpOpenRequest(pSession->hConnection, - L"POST", - pWideRpcTarget, - NULL, - WINHTTP_NO_REFERER, - WINHTTP_DEFAULT_ACCEPT_TYPES, - secure? WINHTTP_FLAG_REFRESH | WINHTTP_FLAG_SECURE : WINHTTP_FLAG_REFRESH); - if (hRequest) - { - int reqDataLen = (int) strlen(pRequestData); - - // Send the request - if (WinHttpSendRequest(hRequest, - sendHeaders, - -1, - pRequestData, - reqDataLen, - reqDataLen, - 0)) - { - // Request sent, now await for the response. - if (WinHttpReceiveResponse(hRequest, NULL)) - { - WCHAR httpCompStatus[4] = {0}; - DWORD httpCompStatusLen = sizeof(httpCompStatus); - - // Response received, make sure that it completed successfully. - if (WinHttpQueryHeaders(hRequest, - WINHTTP_QUERY_STATUS_CODE, - NULL, - &httpCompStatus, - &httpCompStatusLen, - WINHTTP_NO_HEADER_INDEX)) - { - // Check that the request completed successfully - if (memcmp(httpCompStatus, L"200", sizeof(httpCompStatus)) == 0) - { - char *pResponseData; - int responseDataBufSize = INITIAL_RESPONSE_DATA_BUF_SIZE; - int responseDataRead = 0; - - // Now read the response data, to do so we need to allocate a buffer. - pResponseData = (char*) malloc(INITIAL_RESPONSE_DATA_BUF_SIZE); - if (pResponseData) - { - char *pCurrLocation = pResponseData; - DWORD bytesRead; - - do - { - bytesRead = 0; - if (WinHttpReadData(hRequest, - (LPVOID) pCurrLocation, - responseDataBufSize - responseDataRead, - &bytesRead)) - { - pCurrLocation += bytesRead; - responseDataRead += bytesRead; - - // Check if we need to allocate a larger buffer - if (responseDataRead == responseDataBufSize) - { - char *pTmpBuf; - - // We need to upgrade the receive buffer - pTmpBuf = (char*) malloc(responseDataBufSize + INCREMENT_RESPONSE_DATA_BUF_SIZE); - if (pTmpBuf) - { - memcpy(pTmpBuf, pResponseData, responseDataBufSize); - free(pResponseData); - pResponseData = pTmpBuf; - pCurrLocation = pResponseData + responseDataBufSize; - responseDataBufSize += INCREMENT_RESPONSE_DATA_BUF_SIZE; - } - else - { - DbgTrace(0, "-InternalRpc- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - } - else - { - DbgTrace(0, "-InternalRpc- Failed reading response data, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } while (CASA_SUCCESS(retStatus) - && bytesRead != 0); - - // Check if the response data was successfully received - if (CASA_SUCCESS(retStatus)) - { - // The response data was received, return it to the caller. - *ppResponseData = pResponseData; - *pResponseDataLen = responseDataRead; - } - else - { - // Failed to receive the response data, free the allocated buffer. - free(pResponseData); - } - } - else - { - DbgTrace(0, "-InternalRpc- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - DbgTrace(0, "-InternalRpc- HTTP request did not complete successfully, status = %S\n", httpCompStatus); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - else - { - DbgTrace(0, "-InternalRpc- Unable to obtain http request completion status, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - else - { - DbgTrace(0, "-InternalRpc- Unable to receive response, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - else - { - int error = GetLastError(); - - DbgTrace(0, "-InternalRpc- Unsuccessful send http request, error = %d\n", error); - if (error == ERROR_WINHTTP_CANNOT_CONNECT) - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_AUTH_SERVER_UNAVAILABLE); - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - } - - // Close the request handle - WinHttpCloseHandle(hRequest); - } - else - { - DbgTrace(0, "-InternalRpc- Unable to open http request, error = %d\n", GetLastError()); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_UNSUCCESSFUL); - } - - // Free the rpc target wide string buffer - free(pWideRpcTarget); - } - else - { - DbgTrace(0, "-InternalRpc- Error converting method name to wide string\n", 0); - } - - DbgTrace(1, "-InternalRpc- End, retStatus = %d\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -Rpc( - IN RpcSession *pSession, - IN char *pMethod, - IN bool secure, - IN char *pRequestData, - INOUT char **ppResponseData, - INOUT int *pResponseDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int retries = 0; - - DbgTrace(1, "-Rpc- Start\n", 0); - - // Retry the RPC as needed - do - { - // Issue the RPC - retStatus = InternalRpc(pSession, - pMethod, - secure, - pRequestData, - ppResponseData, - pResponseDataLen); - - // Account for this try - retries ++; - - } while (CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE - && retries < MAX_RPC_RETRIES); - - DbgTrace(1, "-Rpc- End, retStatus = %d\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/configure.in b/CASA-auth-token/configure.in deleted file mode 100644 index 1c790173..00000000 --- a/CASA-auth-token/configure.in +++ /dev/null @@ -1,291 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# -####################################################################### - -AC_INIT(include/casa_s_authtoken.h) -AC_CANONICAL_SYSTEM -AM_INIT_AUTOMAKE(CASA-auth-token, 1.7.678) -RELEASE=`date +%Y%m%d_%H%M` -AC_SUBST(RELEASE) -AM_MAINTAINER_MODE - -# -# Check for a valid C# compiler -# -#AC_CHECK_PROG(CSC, csc, csc) -#test -z "$CSC" && AC_CHECK_PROG(CSC, mcs, mcs) -#test -z "$CSC" && AC_MSG_ERROR([no acceptable C Sharp compiler found in \$PATH]) - -# -# Check for valid C# compiler in linux -# -case $host_os in - cygwin*) - ;; - *) - AC_CHECK_PROG(CSC, csc, csc) - test -z "$CSC" && AC_CHECK_PROG(CSC, mcs, mcs) - test -z "$CSC" && AC_MSG_ERROR([no acceptable C Sharp compiler found in \$PATH]) - - ;; -esac - -case $CSC in - # - # Mono-specific configuration - # - mcs) - CSC_EXEFLAG=/target:exe - CSC_LIBFLAG=/target:library - CSC_EXEFLAG=/target:exe - CSC_WINEXEFLAG=/target:winexe - CSCFLAGS='/d:MONO /warn:4 /d:TRACE -d:LINUX' - CSCFLAGS_DEBUG="/debug+ /d:DEBUG" - CSCFLAGS_OPTIMIZE="/optimize+" - MONO=mono - MONO_DEBUG='mono --debug' - MONO_PATH= - SYSTEM_XML='System.Xml.dll' - ;; - # - # .NET-specific configuration - # - csc) - CSC_EXEFLAG=/target:exe - CSC_LIBFLAG=/target:library - CSC_EXEFLAG=/target:exe - CSC_WINEXEFLAG=/target:winexe - CSCFLAGS='/d:DOTNET /warn:4 /d:TRACE /nologo' - CSCFLAGS_DEBUG="/debug+ /d:DEBUG" - CSCFLAGS_OPTIMIZE="/optimize+" - MONO= - MONO_DEBUG= - MONO_PATH= - SYSTEM_XML='System.XML.dll' - ;; -esac - -AC_SUBST(CSC) -AC_SUBST(CSC_EXEFLAG) -AC_SUBST(CSC_LIBFLAG) -AC_SUBST(CSC_WINEXEFLAG) -AC_SUBST(CSCFLAGS) -AC_SUBST(CSCFLAGS_DEBUG) -AC_SUBST(MONO) -AC_SUBST(MONO_PATH) -AC_SUBST(SYSTEM_XML) - -SRCDIR='$(top_srcdir)' -DOCDIR="$SRCDIR/doc" -TOOLDIR='$(top_srcdir)/tools' -AC_SUBST(SRCDIR) -AC_SUBST(DOCDIR) -AC_SUBST(TOOLDIR) -EMPTY= -SPACE='$(EMPTY) $(EMPTY)' - -AC_SUBST(EMPTY) -AC_SUBST(SPACE) - -# -# Check for operating system and set TARGET_OS -# -case $host_os in - cygwin*) - TARGET_OS='windows' - ;; - *) - TARGET_OS='linux' - ;; -esac - -AC_SUBST(TARGET_OS) -AM_CONDITIONAL(LINUX, test "$TARGET_OS" = "linux") -AM_CONDITIONAL(WINDOWS, test "$TARGET_OS" = "windows") - -# -# Check for architecture and set TARGET_ARCH -# ia64 needs to be treated as non64. - -case $target_cpu in - x86_64|p*pc64|s390x) - LIB=lib64 - ;; - *ia64|*) - LIB=lib - ;; -esac - -AC_SUBST(LIB) -AM_CONDITIONAL(LIB64, test "$LIB" = lib64) - -# -# -# Set platform-specific variables -# -case $TARGET_OS in - # - # Linux-specific configuration - # - linux) - # - # Set variables - # - COMMON_CLEAN_FILES='' - ICON_EXT='.ico' - ICON_FLAG='/resource:' - PLATFORM_SUBDIRS=$LINUX_SUBDIRS - SEP='/' - LINK=gcc - ;; - # - # Windows-specific configuration - # - windows) - COMMON_CLEAN_FILES='*.suo */*.suo *.csproj.user */*.csproj.user bin obj */bin */obj *.xml */*.xml *.pdb */*.pdb' - ICON_EXT='.ico' - ICON_FLAG='/win32icon:' - PLATFORM_SUBDIRS=$WINDOWS_SUBDIRS - SEP='$(EMPTY)\\$(EMPTY)' - LINK=link.exe - ;; -esac -AC_SUBST(COMMON_CLEAN_FILES) -AC_SUBST(ICON_EXT) -AC_SUBST(ICON_FLAG) -AC_SUBST(PLATFORM_SUBDIRS) -AC_SUBST(SEP) -AC_SUBST(LINK) - -# -# Run standard macros -# -AM_PROG_CC_STDC -AC_PROG_INSTALL -AC_HEADER_STDC - -####### -# -# set CFLAGS -# -case $host_os in - linux*) - CFLAGS="$CFLAGS" - ;; - cygwin*) - CC=cl.exe - CFLAGS="-D WIN32 -D SSCS_WIN32_PLAT_F -D N_PLAT_CLIENT -MT -Ox" - ;; -esac - -# -# Handle --enable-debug -# -AC_ARG_ENABLE(debug, [ - --enable-debug configure the Makefiles to build in DEBUG mode], - [case "${enableval}" in - yes) enable_debug=true ;; - no) enable_debug=false ;; - *) AC_MSG_ERROR(bad value ${enableval} for --enable-debug) ;; - esac],[enable_debug=false]) -AM_CONDITIONAL(DEBUG, test x$enable_debug = xtrue) -if test "$enable_debug" = "true" -then - # Build debug version. - # CFLAGS="$CFLAGS_DEBUG $CFLAGS -DDBG -DDEBUG" - CFLAGS="$CFLAGS_DEBUG $CFLAGS -g -DDBG -DDEBUG \ --fPIC -DPIC -DSSCS_LINUX_PLAT_F -O2 -fmessage-length=0 -Wall \ --D_REENTRANT -DALIGNMENT -DN_PLAT_UNIX \ --DUNIX -DLINUX -DIAPX38" - CSCFLAGS="$CSCFLAGS_DEBUG $CSCFLAGS" - CXXFLAGS="$CXXFLAGS_DEBUG $CXXFLAGS" - DEVENV_CONFIGURATION=Debug - MONO=$MONO_DEBUG -else - # Build optimized version. - CFLAGS="$CFLAGS_OPTIMIZE $CFLAGS -g -fPIC -DPIC \ --DSSCS_LINUX_PLAT_F -O2 -fmessage-length=0 -Wall \ --D_REENTRANT -DALIGNMENT -DN_PLAT_UNIX \ --DUNIX -DLINUX -DIAPX38" - CSCFLAGS="$CSCFLAGS_OPTIMIZE $CSCFLAGS" - CXXFLAGS="$CXXFLAGS_OPTIMIZE $CXXFLAGS" - DEVENV_CONFIGURATION=Release -fi -AC_SUBST(CSCFLAGS) -AC_SUBST(DEVENV_CONFIGURATION) - -##comment out due to build failure -# Check for GCC version to add fstack-protector flag -# -#GCC_VER="`gcc -dumpversion`" -#case "$GCC_VER" in -# 3*) -# ;; -# 4*) -# CFLAGS="$CFLAGS -fstack-protector" -# ;; -# *) -# ;; -#esac - -AC_SUBST(GCC_VER) - -# -# Configure PKG_CONFIG -# -AC_PATH_PROG(PKG_CONFIG, pkg-config, no) -if test "x$PKG_CONFIG" = "xno"; then - AC_MSG_ERROR([You need to install pkg-config]) -fi - -# -# Configure files -# -AC_OUTPUT([ -Makefile -package/Makefile -package/linux/Makefile -package/linux/CASA-auth-token-service.spec -include/Makefile -server/Makefile -server/AuthTokenValidate/Makefile -server/AuthTokenValidate/linux/Makefile -server/AuthTokenValidate/idenTokenProviders/Makefile -server/AuthTokenValidate/idenTokenProviders/casa/Makefile -server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile -server/PamSupport/Makefile -server/PamSupport/linux/Makefile -server/ApacheSupport/Makefile -server/ApacheSupport/2.2/Makefile -server/ApacheSupport/2.2/linux/Makefile -server/AuthTokenSvc/Makefile -server/AuthTokenSvc/src/Makefile -server/AuthTokenSvc/src/com/Makefile -server/AuthTokenSvc/src/com/novell/Makefile -server/AuthTokenSvc/src/com/novell/casa/Makefile -server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Makefile -server/JaasSupport/Makefile -server/JaasSupport/src/Makefile -server/JaasSupport/src/com/Makefile -server/JaasSupport/src/com/novell/Makefile -server/JaasSupport/src/com/novell/casa/Makefile -server/JaasSupport/src/com/novell/casa/jaas/Makefile -]) - diff --git a/CASA-auth-token/include/Makefile.am b/CASA-auth-token/include/Makefile.am deleted file mode 100644 index f506f2fe..00000000 --- a/CASA-auth-token/include/Makefile.am +++ /dev/null @@ -1,40 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = - -DIST_SUBDIRS = - -CFILES = - -EXTRA_DIST = *.h - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -clean-local: - if [ -d lib ]; then rm -rf lib; fi - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/include/casa_c_authtoken.h b/CASA-auth-token/include/casa_c_authtoken.h deleted file mode 100644 index 4dd91ad3..00000000 --- a/CASA-auth-token/include/casa_c_authtoken.h +++ /dev/null @@ -1,102 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _CASA_C_AUTHTOKEN_H_ -#define _CASA_C_AUTHTOKEN_H_ - -#if defined(__cplusplus) || defined(c_plusplus) -extern "C" -{ -#endif - -//===[ Include files ]===================================================== - -#include -#include - -//===[ Type definitions ]================================================== - -#ifndef SSCS_CALL -#if defined(WIN32) -#define SSCS_CALL __stdcall -#else -#define SSCS_CALL -#endif -#endif - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -//++======================================================================= -extern CasaStatus SSCS_CALL -ObtainAuthToken( - IN const char *pServiceName, - IN const char *pHostName, - INOUT char *pAuthTokenBuf, - INOUT int *pAuthTokenBufLen); -// -// Arguments: -// pServiceName - -// Pointer to NULL terminated string that contains the -// name of the service to which the client is trying to -// authenticate. -// -// pHostName - -// Pointer to NULL terminated string that contains the -// name of the host where resides the service to which the -// client is trying to authenticate. Note that the name -// can either be a DNS name or a dotted IP address. -// -// pAuthTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pAuthTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// pAuthTokenBufLen - -// Pointer to integer that contains the length of the -// buffer pointed at by pAuthTokenBuf. Upon return of the -// function, the integer will contain the actual length -// of the authentication token if the function successfully -// completes or the buffer length required if the function -// fails because the buffer pointed at by pAuthTokenBuf is -// not large enough. -// -// Returns: -// Casa Status -// -// Description: -// Get authentication token to authenticate user to specified -// service at host. -//=======================================================================-- - - -#if defined(__cplusplus) || defined(c_plusplus) -} -#endif // #if defined(__cplusplus) || defined(c_plusplus) - -#endif // #ifndef _CASA_C_AUTHTOKEN_H_ - diff --git a/CASA-auth-token/include/casa_s_authtoken.h b/CASA-auth-token/include/casa_s_authtoken.h deleted file mode 100644 index b0d29954..00000000 --- a/CASA-auth-token/include/casa_s_authtoken.h +++ /dev/null @@ -1,305 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _CASA_S_AUTHTOKEN_H_ -#define _CASA_S_AUTHTOKEN_H_ - -#if defined(__cplusplus) || defined(c_plusplus) -extern "C" -{ -#endif - -//===[ Include files ]===================================================== - -#include -#include - -//===[ Type definitions ]================================================== - -#ifndef SSCS_CALL -#if defined(WIN32) -#define SSCS_CALL __stdcall -#else -#define SSCS_CALL -#endif -#endif - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -/************************************************************************** -*************************************************************************** -** ** -** Principal Interface Definition ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -typedef -int -(SSCS_CALL *PFNPrincipalIf_AddReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -//=======================================================================-- - - -//++======================================================================= -typedef -void -(SSCS_CALL *PFNPrincipalIf_ReleaseReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNPrincipalIf_GetIdentityId)( - IN const void *pIfInstance, - INOUT char *pIdentIdBuf, - INOUT int *pIdentIdLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pIdentIdBuf - -// Pointer to buffer that will receive the identity id. The returned -// id will be in the form of a NULL terminated string. -// -// pIdentIdBufLen - -// Pointer to variable with the length of the buffer pointed by -// pIdentIdBuf. On exit it contains the length of the returned id -// (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the identity id associated with the identity token. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNPrincipalIf_GetSourceName)( - IN const void *pIfInstance, - INOUT char *pSourceNameBuf, - INOUT int *pSourceNameLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceNameBuf - -// Pointer to buffer that will receive the name associated with the -// identity information source. The returned name will be in the form -// of a NULL terminated string. -// -// pSourceNameBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the name of the identity source associated with the identity token. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNPrincipalIf_GetSourceUrl)( - IN const void *pIfInstance, - INOUT char *pSourceUrlBuf, - INOUT int *pSourceUrlLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceUrlBuf - -// Pointer to buffer that will receive the URL associated with the -// identity information source. The returned URL will be in the form -// of a NULL terminated string. -// -// pSourceUrlBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceUrlBuf. On exit it contains the length of the returned -// URL (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the URL to the identity source associated with the identity token. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNPrincipalIf_AttributeEnumerate)( - IN const void *pIfInstance, - INOUT int *pEnumHandle, - INOUT char *pAttribNameBuf, - INOUT int *pAttribNameLen, - INOUT char *pAttribValueBuf, - INOUT int *pAttribValueLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pEnumHandle - -// Pointer to enumeration handle. Must be set to 0 to start an -// enumeration. Note the enumeration handle advances if the -// function returns success. -// -// pAttribNameBuf - -// Pointer to buffer that will receive the identity attribute name. The -// returned name will be in the form of a NULL terminated string. -// -// pAttribNameLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// pAttribValueBuf - -// Pointer to buffer that will receive the identity attribute value. The -// returned value will be in the form of a NULL terminated string. -// -// pAttribValueLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribValueBuf. On exit it contains the length of the returned -// value (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Enumerates through the attributes associated with the identity token. -//=======================================================================-- - - -// -// Principal Interface Object -// -typedef struct _PrincipalIf -{ - PFNPrincipalIf_AddReference addReference; - PFNPrincipalIf_ReleaseReference releaseReference; - PFNPrincipalIf_GetIdentityId getIdentityId; - PFNPrincipalIf_GetSourceName getSourceName; - PFNPrincipalIf_GetSourceUrl getSourceUrl; - PFNPrincipalIf_AttributeEnumerate attributeEnumerate; - -} PrincipalIf, *PPrincipalIf; - - -/************************************************************************** -*************************************************************************** -** ** -** Validate Authentication Token API ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -extern CasaStatus SSCS_CALL -ValidateAuthToken( - IN const char *pServiceName, - IN const char *pTokenBuf, - IN const int tokenBufLen, - INOUT PrincipalIf **ppPrincipalIf); -// -// Arguments: -// pServiceName - -// Pointer to NULL terminated string that contains the -// name of the service targeted by the token. -// -// pTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// tokenBufLen - -// Length of the data contained within the buffer pointed -// at by pTokenBuf. -// -// ppPrincipalIf - -// Pointer to variable that will receive a pointer to a principal -// interface with information about the authenticated entity. -// IMPORTANT NOTE: The caller is responsible for releasing the -// interface after it is done with it to avoid a resource leak. -// -// Returns: -// Casa status. -// -// Description: -// Validates authentication token. -// -//=======================================================================-- - - -#if defined(__cplusplus) || defined(c_plusplus) -} -#endif // #if defined(__cplusplus) || defined(c_plusplus) - -#endif // #ifndef _CASA_S_AUTHTOKEN_H_ - diff --git a/CASA-auth-token/include/list_entry.h b/CASA-auth-token/include/list_entry.h deleted file mode 100644 index f482b464..00000000 --- a/CASA-auth-token/include/list_entry.h +++ /dev/null @@ -1,187 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - ***********************************************************************/ - -#ifndef _LIST_ENTRY_H_ -#define _LIST_ENTRY_H_ - -#if defined(__cplusplus) || defined(c_plusplus) -extern "C" -{ -#endif - -//===[ Include files ]===================================================== - -//#include - -//===[ Type definitions ]================================================== - -#ifndef CSAPI -#if defined(WIN32) -#define CSAPI __stdcall -#else -#define CSAPI -#endif -#endif - -#ifndef IN -#define IN -#endif - -#ifndef OUT -#define OUT -#endif - -#ifndef INOUT -#define INOUT -#endif - -#ifndef WIN32 -// -// LIST_ENTRY Type -// Doubly linked list structure -// -typedef struct _LIST_ENTRY -{ - struct _LIST_ENTRY * volatile Flink; - struct _LIST_ENTRY * volatile Blink; -} LIST_ENTRY, *PLIST_ENTRY; -#endif - -//===[ Inlines functions ]=============================================== - -// -// Inline functions for operating on LIST_ENTRY double-linked lists -// - -__inline static void InitializeListHead( - IN PLIST_ENTRY pListEntry ) -{ - pListEntry->Flink = pListEntry->Blink = pListEntry; -} - -__inline static void InsertEntryAfter( - IN PLIST_ENTRY pListEntry, - IN PLIST_ENTRY pAfterEntry ) -{ - pListEntry->Flink = pAfterEntry->Flink; - pListEntry->Blink = pAfterEntry; - pListEntry->Flink->Blink = pAfterEntry->Flink = pListEntry; -} - -__inline static void InsertEntryBefore( - IN PLIST_ENTRY pListEntry, - IN PLIST_ENTRY pBeforeEntry ) -{ - pListEntry->Flink = pBeforeEntry; - pListEntry->Blink = pBeforeEntry->Blink; - pListEntry->Blink->Flink = pBeforeEntry->Blink = pListEntry; -} - -__inline static void InsertHeadList( - IN PLIST_ENTRY pListHead, - IN PLIST_ENTRY pListEntry ) -{ - pListEntry->Blink = pListHead; - pListEntry->Flink = pListHead->Flink; - pListEntry->Flink->Blink = pListHead->Flink = pListEntry; -} - -__inline static void InsertTailList( - IN PLIST_ENTRY pListHead, - IN PLIST_ENTRY pListEntry ) -{ - pListEntry->Flink = pListHead; - pListEntry->Blink = pListHead->Blink; - pListEntry->Blink->Flink = pListHead->Blink = pListEntry; -} - -__inline static bool IsListEmpty( - IN PLIST_ENTRY pListHead ) -{ - bool rc = false; - if(pListHead->Flink == pListHead) - rc = true; - return(rc); -} - -__inline static void RemoveEntryList( - IN PLIST_ENTRY pListEntry ) -{ - pListEntry->Flink->Blink = pListEntry->Blink; - pListEntry->Blink->Flink = pListEntry->Flink; - pListEntry->Flink = pListEntry->Blink = (PLIST_ENTRY) 0xbaadf00d; -} - -__inline static PLIST_ENTRY RemoveHeadList( - IN PLIST_ENTRY pListHead ) -{ - PLIST_ENTRY Entry = (PLIST_ENTRY)0; - if(pListHead->Flink != pListHead) - { - Entry = pListHead->Flink; - RemoveEntryList(Entry); - } - return(Entry); -} - -__inline static PLIST_ENTRY RemoveTailList( - IN PLIST_ENTRY pListHead ) -{ - PLIST_ENTRY Entry= (PLIST_ENTRY)0; - if(pListHead->Blink != pListHead) - { - Entry = pListHead->Blink; - RemoveEntryList(Entry); - } - return(Entry); -} - -__inline static PLIST_ENTRY GetFirstListEntry( - IN PLIST_ENTRY pList) -{ - PLIST_ENTRY Entry = (PLIST_ENTRY)0; - if(pList != pList->Flink) - Entry = pList->Flink; - return(Entry); -} - -__inline static PLIST_ENTRY GetNextListEntry( - IN PLIST_ENTRY pList, - IN PLIST_ENTRY pEntry) -{ - PLIST_ENTRY Entry = (PLIST_ENTRY)0; - if(pList != pEntry->Flink) - Entry = pEntry->Flink; - return(Entry); -} - - -//========================================================================= - - -#if defined(__cplusplus) || defined(c_plusplus) -} -#endif // #if defined(__cplusplus) || defined(c_plusplus) - -#endif // #ifndef _LIST_ENTRY_H_ - - diff --git a/CASA-auth-token/include/proto.h b/CASA-auth-token/include/proto.h deleted file mode 100644 index 87b90eb1..00000000 --- a/CASA-auth-token/include/proto.h +++ /dev/null @@ -1,70 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _PROTO_H_ -#define _PROTO_H_ - -//===[ Include files ]===================================================== - - -//===[ Type definitions ]================================================== - -// -// XML Constants for the documents exchanged between the CASA Client -// and the CASA Server. -// -#define XML_DECLARATION "" -#define AUTH_REQUEST_ELEMENT_NAME "auth_req" -#define AUTH_RESPONSE_ELEMENT_NAME "auth_resp" -#define GET_AUTH_POLICY_REQUEST_ELEMENT_NAME "get_auth_policy_req" -#define GET_AUTH_POLICY_RESPONSE_ELEMENT_NAME "get_auth_policy_resp" -#define GET_AUTH_TOKEN_REQUEST_ELEMENT_NAME "get_auth_tok_req" -#define GET_AUTH_TOKEN_RESPONSE_ELEMENT_NAME "get_auth_tok_resp" -#define AUTH_MECH_TOKEN_ELEMENT_NAME "auth_mech_token" -#define AUTH_TOKEN_ELEMENT_NAME "auth_token" -#define AUTH_POLICY_ELEMENT_NAME "auth_policy" -#define AUTH_SOURCE_ELEMENT_NAME "auth_source" -#define STATUS_ELEMENT_NAME "status" -#define SESSION_TOKEN_ELEMENT_NAME "session_token" -#define LIFETIME_ELEMENT_NAME "lifetime" -#define DESCRIPTION_ELEMENT_NAME "description" -#define SERVICE_ELEMENT_NAME "service" -#define HOST_ELEMENT_NAME "host" -#define REALM_ELEMENT_NAME "realm" -#define MECHANISM_ELEMENT_NAME "mechanism" -#define MECHANISM_INFO_ELEMENT_NAME "mechanism_info" -#define SIGNATURE_ELEMENT_NAME "signature" -#define TYPE_ELEMENT_NAME "type" -#define IDENTITY_TOKEN_ELEMENT_NAME "ident_token" - -// -// HTTP Status Codes -// -#define HTTP_OK_STATUS_CODE "200" -#define HTTP_UNAUTHORIZED_STATUS_CODE "401" -#define HTTP_NOT_FOUND_STATUS_CODE "404" -#define HTTP_SERVER_ERROR_STATUS_CODE "500" - - -#endif // _PROTO_H_ diff --git a/CASA-auth-token/server/ApacheSupport/2.2/Makefile.am b/CASA-auth-token/server/ApacheSupport/2.2/Makefile.am deleted file mode 100644 index 6184e626..00000000 --- a/CASA-auth-token/server/ApacheSupport/2.2/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = $(TARGET_OS) - -DIST_SUBDIRS = linux - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/ApacheSupport/2.2/README b/CASA-auth-token/server/ApacheSupport/2.2/README deleted file mode 100644 index 39fe47da..00000000 --- a/CASA-auth-token/server/ApacheSupport/2.2/README +++ /dev/null @@ -1,108 +0,0 @@ -/*********************************************************************** - * - * README for mod_authn_casa - * - ***********************************************************************/ - -INTRODUCTION - -mod_authn_casa is an Apache 2.2 Basic Authentication Provider that -can be configured to validate Basic Credentials carrying CASA -Authentication Tokens. - -Clients sending CASA Authentication Tokens as part of the Basic Credentials -will format them in the following manner: "username:CasaAuthenticationToken", -where the username is set to "CasaPrincipal" and the CasaAuthenticationToken -is the token string obtained from the CASA Get Authentication Token API.. - -CONFIGURATION - -To use mod_authn_casa as an authentication provider for a specific location -you must first tell Apache that it must load the module, you do this by -placing the module or a link to the module in the Apache server's modules -folder and by placing the following line in the server's httpd.conf file: - -LoadModule authn_casa_module modules/mod_authn_casa.so - -The following lines show how Apache is configured to use mod_authn_casa -for authenticating requests issued to mod_example: - - - SetHandler example-handler - AuthType Basic - AuthName "CASA-Authentication" - AuthBasicProvider casa - Require valid-user - - -Note that the name specified in the AuthName directive should match the name -configured under CASA for the authentication realm used by CASA to obtain -identity information for the service. - -mod_authn_casa supports the following configuration directives: - -UsernameCheck - This is a per-directory or per-location directive which - configures whether or not mod_authn_casa must verify that - the username is set to "CasaPrincipal". Possible values - for this directive are 'on' or 'off'. Default is 'off'. - - To enable UsernameChack for a particular location using - CASA Authentication, include the following line inside - the location configuration block: - - UsernameCheck on - -CLIENT PROGRAMMING NOTES - -HTTP Clients sending requests to a location being protected by the CASA -Authentication Provider must obtain an Authentication Token from the CASA -Client for authenticating to the Service identified as the "location" being -accessed in the HTTP Server. In the case of mod_example, the service name -would be "example-info". Once the client obtains an Authentication Token -from the CASA Client it must then include it in the HTTP Basic Authentication -header that it must include in the HTTP Request. The HTTP Basic Authentication -credentials should be in the following form: - -Base64("CasaPrincipal":"AuthenticationToken") - -SERVER PROGRAMMING NOTES - -Apache modules being protected by the CASA Authentication Provider can obtain -the following information about the authenticated identity: - -username - This is accessed via the r->user variable or by examining the IdentityId -environment variable associated with the request block. The username is the -user's unique id within the authentication realm. When the authentication realm -is an LDAP database, the username consists of the user's fdn. - -Name of the source of identity data (Authentication Realm) - This is accessed by -examining the IdentityDataSourceName environment variable associated with the -request block. - -URL to the source of identity data - This is accessed by examining the -IdentityDataSourceUrl environment variable associated with the request block. - -Attributes of the authenticated identity - The attributes are set as environment -variables associated with the request block. The environment variable names match -the names of the attributes. The attributes associated with the authenticated -identity and expressed as environment variables are configured at the time that -the service is enabled for CASA Authentication. - -Note that environment variables are contained in the r->subprocess_env table. - -SECURITY CONSIDERATIONS - -CASA Authenticatication Tokens when compromised can be used to either impersonate -a user or to obtain identity information about the user. Because of this it is -important that the tokens be secured by applications making use of them. It is -recommended that the tokens be transmitted using HTTPS. - - - - - - - - - - diff --git a/CASA-auth-token/server/ApacheSupport/2.2/TODO b/CASA-auth-token/server/ApacheSupport/2.2/TODO deleted file mode 100644 index 4145a4af..00000000 --- a/CASA-auth-token/server/ApacheSupport/2.2/TODO +++ /dev/null @@ -1,13 +0,0 @@ -/*********************************************************************** - * - * TODO for mod_authn_casa - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for mod_authn_casa. - -OUTSTANDING ITEMS - -None. diff --git a/CASA-auth-token/server/ApacheSupport/2.2/linux/Makefile.am b/CASA-auth-token/server/ApacheSupport/2.2/linux/Makefile.am deleted file mode 100644 index 243c5d6f..00000000 --- a/CASA-auth-token/server/ApacheSupport/2.2/linux/Makefile.am +++ /dev/null @@ -1,114 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -if DEBUG -TARGET_CFG = Debug -CFLAGS += -v -w -else -TARGET_CFG = Release -endif - -SUBDIRS = - -DIST_SUBDIRS = - -ROOT = ../../../.. - -LIBDIR = $(ROOT)/$(LIB) -APACHEINCLUDE = /usr/include/apache2 -APACHELIB = /usr/lib/apache2 -APRINCLUDE = /usr/include/apr-1 -APRLIB = /usr/lib/apr-1 - -# handle Mono secondary dependencies -export MONO_PATH := $(MONO_PATH) - -PLATFORMINDEPENDENTSOURCEDIR = .. -PLATFORMDEPENDENTSOURCEDIR = . - -MODULE_NAME = mod_authn_casa -MODULE_EXT = so - -CFILES = ../mod_authn_casa.c - -CSFILES_CSC := -INCLUDES = -I. -I$(ROOT)/include -I$(APACHEINCLUDE) -I$(APRINCLUDE) -RESOURCES = -DEFINES = -Wno-format-extra-args -fno-strict-aliasing - -CFLAGS += $(INCLUDES) $(DEFINES) -D_LARGEFILE64_SOURCE -LIBS = -lpthread -lcasa_s_authtoken -lapr-1 -laprutil-1 -LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) -L$(LIBDIR)/$(TARGET_CFG) -L$(APACHELIB) -L$(APRLIB) -Xlinker -rpath -Xlinker /opt/novell/CASA/lib - -OBJDIR = ./$(TARGET_CFG)/$(LIB) -OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) - -EXTRA_DIST = $(CFILES) - -CUR_DIR := $(shell pwd) - -all: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - -# -# Pattern based rules. -# -vpath %.c $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) -vpath %.cpp $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) - -$(OBJDIR)/%.o: %.c - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/%.o: %.cpp - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT): $(OBJDIR) $(OBJS) - @echo [======== Linking $@ ========] - $(LINK) -o $@ $(LDFLAGS) $(OBJS) $(LIBS) - cp -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/$(TARGET_CFG)/$(MODULE_NAME).$(MODULE_EXT) - -$(OBJDIR): - [ -d $(OBJDIR) ] || mkdir -p $(OBJDIR) - [ -d $(LIBDIR) ] || mkdir -p $(LIBDIR) - [ -d $(LIBDIR)/$(TARGET_CFG) ] || mkdir -p $(LIBDIR)/$(TARGET_CFG) - -install-exec-local: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - $(mkinstalldirs) $(DESTDIR)$(libdir) - $(INSTALL_PROGRAM) $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(DESTDIR)$(libdir)/ - -uninstall-local: - cd $(DESTDIR)$(libdir); rm -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - rmdir $(DESTDIR)$(libdir) - -#installcheck-local: install -# $(mkinstalldirs) $(DESTDIR)$(libdir) -# $(INSTALL_PROGRAM) $(DESTDIR)$(libdir) -# cd $(DESTDIR)$(libdir); $(MONO) - -clean-local: -#cd $(TARGET_CFG); rm -rf *.dbg *.exe *.dll *.o *.so; cd ..; rmdir $(OBJDIR) - rm -rf $(TARGET_CFG) - -distclean-local: - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/ApacheSupport/2.2/mod_authn_casa.c b/CASA-auth-token/server/ApacheSupport/2.2/mod_authn_casa.c deleted file mode 100644 index a0bb0342..00000000 --- a/CASA-auth-token/server/ApacheSupport/2.2/mod_authn_casa.c +++ /dev/null @@ -1,478 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#include - -#include "apr_strings.h" -#include "ap_config.h" -#include "ap_provider.h" -#include "httpd.h" -#include "http_config.h" -#include "http_core.h" -#include "http_log.h" -#include "http_protocol.h" -#include "http_request.h" - -#include "mod_auth.h" - -#include "casa_s_authtoken.h" - -// -// Module per-dir configuration structure. -// -typedef struct _authn_casa_dir_cfg -{ - int performUsernameCheck; - -} authn_casa_dir_cfg; - - -// -// Forward declaration of our module structure. -// -module AP_MODULE_DECLARE_DATA authn_casa_module; - -// -// Environment variables set by module -// -static char CasaIdentityIdEnvVar[] = "IdentityId"; -static char CasaIdentitySourceNameEnvVar[] = "IdentityDataSourceName"; -static char CasaIdentitySourceUrlEnvVar[] = "IdentityDataSourceUrl"; - -// -// Function: create_per_dir_config() -// -// Create per-dir configuration structure. -// -static void* -create_per_dir_config( - apr_pool_t *p, - char *x) -{ - authn_casa_dir_cfg *pDirConfig; - - // Allocate space for our configuration structure - pDirConfig = (authn_casa_dir_cfg*) apr_palloc(p, sizeof(*pDirConfig)); - - // Return our new configuration structure - return (void*) pDirConfig; -} - -/* ************************************************************************ - * set_authn_casa_uname_check() - * - * Process UsernameCheck configuration directive.. - * - * L2 - * ************************************************************************/ -static const char* -set_authn_casa_uname_check( - cmd_parms *cmd, - void *cfg, - int arg) -{ - authn_casa_dir_cfg *pDirConfig = (authn_casa_dir_cfg*) cfg; - - // Record the value in our structure - pDirConfig->performUsernameCheck = arg; - - return NULL; -} - -// -// Configuration directives array structure. -// -static const command_rec authn_casa_cmds[] = -{ - AP_INIT_FLAG("UsernameCheck", // tbd - May be this directive should be on a per-directory or per-location basis - set_authn_casa_uname_check, - NULL, - OR_AUTHCFG, - "Check for username == CasaPrincipal (Value limited to 'on' or 'off')"), - {NULL} -}; - -/* ************************************************************************ - * check_password() - * - * Given a user and password, expected to return AUTH_GRANTED if we - * can validate the user/password combination. - * - * L2 - * ************************************************************************/ -static authn_status -check_password( - request_rec *r, - const char *user, - const char *password) -{ - authn_status retStatus; - authn_casa_dir_cfg *pDirConfig; - bool userNameChecked = false; - int i; - char *pLocationName; - - // First determine the length of the name of the location being protected - i = 0; - while (r->uri[i] != '\0') - { - if (r->uri[i] == '/') - { - // Ignore the slash if it is at the beginning of the uri - if (i != 0) - { - // The slash is not at the beggining of the uri, stop. - break; - } - } - - i++; - } - - // Now get a copy of the location being protected - if (i > 1) - { - pLocationName = apr_palloc(r->pool, i); - if (pLocationName) - { - memset(pLocationName, 0, i); - memcpy(pLocationName, &(r->uri[1]), i - 1); // Do not include the slashes - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Memory allocation failure"); - return AUTH_GENERAL_ERROR; - } - } - else - { - // We are protecting the server root - pLocationName = "apache_root"; - } - - // Get access to our per-dir configuration structure - pDirConfig = ap_get_module_config(r->per_dir_config, - &authn_casa_module); - if (pDirConfig) - { - // Assume success - retStatus = AUTH_GRANTED; - - // Check if we must perform the username check - if (pDirConfig->performUsernameCheck != 0) - { - // Remember that we performed this check - userNameChecked = true; - - // Check if the username matches the name what we are expecting - if (strcmp(user, "CasaPrincipal") != 0) - { - // The username does not match, allow other providers to get - // a crack to it. - retStatus = AUTH_USER_NOT_FOUND; - } - } - - // Check the token if a problem has not been found - if (retStatus == AUTH_GRANTED) - { - CasaStatus casaStatus; - PrincipalIf *pPrincipalIf; - - // Validate the token - casaStatus = ValidateAuthToken(pLocationName, - password, - strlen(password), - &pPrincipalIf); - if (CASA_SUCCESS(casaStatus)) - { - - int buffLen = 0; - apr_table_t *e = r->subprocess_env; - - // Associate necessary environment variables with the request block - casaStatus = pPrincipalIf->getIdentityId(pPrincipalIf, - NULL, - &buffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - char *pBuff; - - // Allocate buffer to obtain the Identity Id - pBuff = apr_pcalloc(r->pool, buffLen); - if (pBuff) - { - // Read the value into our buffer - if (CASA_SUCCESS(pPrincipalIf->getIdentityId(pPrincipalIf, - pBuff, - &buffLen))) - { - // Now set the environment variable - apr_table_setn(e, CasaIdentityIdEnvVar, pBuff); - - // Also, update the username within the request block with the identity id - r->user = pBuff; - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Unable to obtain identity id"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Memory allocation failure"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Un-expected error obtaining identity id, %08X", casaStatus); - retStatus = AUTH_GENERAL_ERROR; - } - - if (retStatus == AUTH_GRANTED) - { - buffLen = 0; - casaStatus = pPrincipalIf->getSourceName(pPrincipalIf, - NULL, - &buffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - char *pBuff; - - // Allocate buffer to obtain the Identity Source Name - pBuff = apr_pcalloc(r->pool, buffLen); - if (pBuff) - { - // Read the value into our buffer - if (CASA_SUCCESS(pPrincipalIf->getSourceName(pPrincipalIf, - pBuff, - &buffLen))) - { - // Now set the environment variable - apr_table_setn(e, CasaIdentitySourceNameEnvVar, pBuff); - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Unable to obtain identity source name"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Memory allocation failure"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Un-expected error obtaining identity source name, %08X", casaStatus); - retStatus = AUTH_GENERAL_ERROR; - } - } - - if (retStatus == AUTH_GRANTED) - { - buffLen = 0; - casaStatus = pPrincipalIf->getSourceUrl(pPrincipalIf, - NULL, - &buffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - char *pBuff; - - // Allocate buffer to obtain the Identity Source Url - pBuff = apr_pcalloc(r->pool, buffLen); - if (pBuff) - { - // Read the value into our buffer - if (CASA_SUCCESS(pPrincipalIf->getSourceUrl(pPrincipalIf, - pBuff, - &buffLen))) - { - // Now set the environment variable - apr_table_setn(e, CasaIdentitySourceUrlEnvVar, pBuff); - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Unable to obtain identity source url"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Memory allocation failure"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Un-expected error obtaining identity source url, %08X", casaStatus); - retStatus = AUTH_GENERAL_ERROR; - } - } - - if (retStatus == AUTH_GRANTED) - { - char *pAttribNameBuff, *pAttribValueBuff; - int enumHandle = 0; - int attribNameBuffLen, attribValueBuffLen; - - while (retStatus == AUTH_GRANTED) - { - // Get attribute lengths - attribNameBuffLen = attribValueBuffLen = 0; - casaStatus = pPrincipalIf->attributeEnumerate(pPrincipalIf, - &enumHandle, - NULL, - &attribNameBuffLen, - NULL, - &attribValueBuffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - // Allocate buffers to obtain the attribute data - pAttribNameBuff = apr_pcalloc(r->pool, attribNameBuffLen); - pAttribValueBuff = apr_pcalloc(r->pool, attribValueBuffLen); - if (pAttribNameBuff && pAttribValueBuff) - { - // Read the attribute into our buffer - if (CASA_SUCCESS(pPrincipalIf->attributeEnumerate(pPrincipalIf, - &enumHandle, - pAttribNameBuff, - &attribNameBuffLen, - pAttribValueBuff, - &attribValueBuffLen))) - { - // Now set the environment variable - apr_table_setn(e, pAttribNameBuff, pAttribValueBuff); - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Unable to obtain identity attribute"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Memory allocation failure"); - retStatus = AUTH_GENERAL_ERROR; - } - } - else - { - // Check if we are done going through the attributes - if (CasaStatusCode(casaStatus) == CASA_STATUS_NO_MORE_ENTRIES) - { - // Done - break; - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Un-expected error during attribute enumeration, %08X", casaStatus); - retStatus = AUTH_GENERAL_ERROR; - } - } - } - } - - // Release the principal interface instance - pPrincipalIf->releaseReference(pPrincipalIf); - } - else - { - // Check if the token validation failed for a CasaPrincipal - if (userNameChecked) - { - // Token validation failed for a CasaPrincipal, always return AUTH_DENIED. - retStatus = AUTH_DENIED; - } - else - { - // We did not check the username, set the return status based on the status - // returned by ValidateAuthToken(). - if (CasaStatusCode(casaStatus) == CASA_STATUS_AUTHENTICATION_FAILURE) - { - // Authentication failed - retStatus = AUTH_DENIED; - } - else - { - // Allow other providers to get a crack to it - retStatus = AUTH_USER_NOT_FOUND; - } - } - } - } - } - else - { - ap_log_rerror(APLOG_MARK, APLOG_ALERT, 0, r, "Did not get module per-server config structure"); - retStatus = AUTH_GENERAL_ERROR; - } - - return retStatus; -} - -// -// Authentication Provider Function Table -// -static const authn_provider authn_casa_provider = -{ - &check_password, - NULL, // We do not support Digest Authentication -}; - -/* ************************************************************************ - * register_hooks() - * - * Register all of the module hooks. - * - * L2 - * ************************************************************************/ -static void -register_hooks( - apr_pool_t *p) -{ - // Register as an authentication provider - ap_register_provider(p, - AUTHN_PROVIDER_GROUP, // Provider group - "casa", // Provider name - "0", // Provider version - &authn_casa_provider); // Authentication Provider function table -} - -// -// Declare ourselves to the HTTPD core. -// -module AP_MODULE_DECLARE_DATA authn_casa_module = -{ - STANDARD20_MODULE_STUFF, - create_per_dir_config, // Create per-dir config structures - NULL, // merge per-dir config structures - NULL, // Create per-server config structures - NULL, // merge per-server config structures - authn_casa_cmds, // command handlers - register_hooks // register hooks -}; diff --git a/CASA-auth-token/server/ApacheSupport/Makefile.am b/CASA-auth-token/server/ApacheSupport/Makefile.am deleted file mode 100644 index 5478d49a..00000000 --- a/CASA-auth-token/server/ApacheSupport/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = 2.2 - -DIST_SUBDIRS = 2.2 - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenSvc/.project b/CASA-auth-token/server/AuthTokenSvc/.project deleted file mode 100644 index a5fb4a20..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/.project +++ /dev/null @@ -1,42 +0,0 @@ - - - CasaAuthServer - - - - - - org.eclipse.jdt.core.javabuilder - - - - - org.eclipse.wst.common.project.facet.core.builder - - - - - org.eclipse.wst.validation.validationbuilder - - - - - org.eclipse.jst.j2ee.ejb.annotations.xdoclet.xdocletbuilder - - - - - - org.eclipse.wst.common.project.facet.core.nature - org.eclipse.jdt.core.javanature - org.eclipse.wst.common.modulecore.ModuleCoreNature - org.eclipse.jem.workbench.JavaEMFNature - - - - identity-abstraction.jar - 1 - /home/jluciani/dev-local/bandit/trunk/IdentityAbstraction/build/identity-abstraction.jar - - - diff --git a/CASA-auth-token/server/AuthTokenSvc/Makefile.am b/CASA-auth-token/server/AuthTokenSvc/Makefile.am deleted file mode 100644 index 74d7ce0b..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/Makefile.am +++ /dev/null @@ -1,141 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# -####################################################################### - -SUBDIRS = src -DIST_SUBDIRS = src - -EXTRA_DIST = authtoken.settings \ - identoken.settings \ - README \ - svc.settings \ - TODO \ - web.xml - -ROOT = ../.. - -LIBDIR = $(ROOT)/$(LIB) - -IDENT_ABSTRACTION_DIR = /usr/share/java/identity-abstraction -IDENT_ABSTRACTION_DEPENDANCIES_DIR = /usr/share/java/identity-abstraction/dependancies - -JAVAROOT = . -JAVAC= javac - -WEBAPP_NAME = CasaAuthTokenSvc -WEBAPP_EXT = war -MODULE_NAME = CasaAuthToken -MODULE_EXT = jar - -JAVAFILES = src/com/novell/casa/authtoksvc/ProtoDefs.java \ - src/com/novell/casa/authtoksvc/AuthMechConfig.java \ - src/com/novell/casa/authtoksvc/SvcConfig.java \ - src/com/novell/casa/authtoksvc/IdenTokenConfig.java \ - src/com/novell/casa/authtoksvc/AuthTokenConfig.java \ - src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java \ - src/com/novell/casa/authtoksvc/AuthMechanism.java \ - src/com/novell/casa/authtoksvc/Authenticate.java \ - src/com/novell/casa/authtoksvc/RpcMethod.java \ - src/com/novell/casa/authtoksvc/Rpc.java \ - src/com/novell/casa/authtoksvc/GetAuthPolicy.java \ - src/com/novell/casa/authtoksvc/Base64Coder.java \ - src/com/novell/casa/authtoksvc/AuthReqMsg.java \ - src/com/novell/casa/authtoksvc/AuthRespMsg.java \ - src/com/novell/casa/authtoksvc/IdentityToken.java \ - src/com/novell/casa/authtoksvc/CasaIdentityToken.java \ - src/com/novell/casa/authtoksvc/AuthToken.java \ - src/com/novell/casa/authtoksvc/GetAuthPolicyReqMsg.java \ - src/com/novell/casa/authtoksvc/GetAuthPolicyRespMsg.java \ - src/com/novell/casa/authtoksvc/GetAuthToken.java \ - src/com/novell/casa/authtoksvc/GetAuthTokReqMsg.java \ - src/com/novell/casa/authtoksvc/GetAuthTokRespMsg.java \ - src/com/novell/casa/authtoksvc/Krb5Authenticate.java \ - src/com/novell/casa/authtoksvc/PwdAuthenticate.java \ - src/com/novell/casa/authtoksvc/SessionToken.java - -BUILDDIR = build - -WEBAPP = $(WEBAPP_NAME).$(WEBAPP_EXT) - -AUTHTOKEN_FILES = -C $(BUILDDIR)/webapp/WEB-INF/classes com - -CLASSES = $(addprefix $(BUILDDIR)/, $(JAVAFILES:%.java=%.class)) - -LIBS = /usr/share/java/servletapi5.jar -CLASSPATH = $(IDENT_ABSTRACTION_DIR)/identity-abstraction.jar:$(LIBS) - -CUR_DIR := $(shell pwd) - -all: $(BUILDDIR)/$(WEBAPP) $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) - -$(BUILDDIR)/%.class: %.java - @echo [======== Compiling $@ ========] - $(JAVAC) -sourcepath src -classpath $(CLASSPATH) -d $(BUILDDIR)/webapp/WEB-INF/classes $< - -$(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES) - @echo [======== Creating Webapp $@ ========] - cp web.xml $(BUILDDIR)/webapp/WEB-INF/web.xml - cp svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings - cp authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings - cp identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings - cp src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings - cp src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings - cp $(IDENT_ABSTRACTION_DIR)/*.jar $(BUILDDIR)/webapp/WEB-INF/lib/ - cp $(IDENT_ABSTRACTION_DEPENDANCIES_DIR)/*.jar $(BUILDDIR)/webapp/WEB-INF/lib/ - jar cvf $(BUILDDIR)/$(WEBAPP) -C $(BUILDDIR)/webapp . - cp $(BUILDDIR)/$(WEBAPP) $(LIBDIR)/java/ - -$(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT): $(BUILDDIR) $(CLASSES) - @echo [======== Jarring $@ ========] - jar cvf $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) $(AUTHTOKEN_FILES) - cp $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/java/ - -$(BUILDDIR): - [ -d $(BUILDDIR) ] || mkdir -p $(BUILDDIR) - [ -d $(BUILDDIR)/webapp ] || mkdir -p $(BUILDDIR)/webapp - [ -d $(BUILDDIR)/webapp/WEB-INF ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF - [ -d $(BUILDDIR)/webapp/WEB-INF/classes ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/classes - [ -d $(BUILDDIR)/webapp/WEB-INF/lib ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/lib - [ -d $(BUILDDIR)/webapp/WEB-INF/conf ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/conf - [ -d $(BUILDDIR)/webapp/WEB-INF/conf/enabled_services ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/conf/enabled_services - [ -d $(BUILDDIR)/webapp/WEB-INF/conf/auth_mechanisms ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/conf/auth_mechanisms - [ -d $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms - [ -d $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate - [ -d $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate ] || mkdir -p $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate - [ -d $(LIBDIR) ] || mkdir -p $(LIBDIR) - [ -d $(LIBDIR)/java ] || mkdir -p $(LIBDIR)/java - -install-exec-local: - -uninstall-local: - -#installcheck-local: install - -clean-local: - if [ -d $(BUILDDIR) ]; then rm -rf $(BUILDDIR); fi - if [ -f $(LIBDIR)/java/$(MODULE_NAME).$(MODULE_EXT) ]; then rm -f $(LIBDIR)/java/$(MODULE_NAME).$(MODULE_EXT); fi - if [ -f $(LIBDIR)/java/$(WEBAPP) ]; then rm -f $(LIBDIR)/java/$(WEBAPP); fi - -distclean-local: - -maintainer-clean-local: - rm -f Makefile.in - rm -f Makefile - diff --git a/CASA-auth-token/server/AuthTokenSvc/README b/CASA-auth-token/server/AuthTokenSvc/README deleted file mode 100644 index 6b83201b..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/README +++ /dev/null @@ -1,292 +0,0 @@ -/*********************************************************************** - * - * README for AuthTokenSvc - * - ***********************************************************************/ - -INTRODUCTION - -AuthTokenSvc is the CASA Authentication Token Service (ATS). It is implemented -as a Java servlet and supporting classes that execute in the Tomcat environment. - -The ATS is responsible for providing clients with the necessary authentication -policy information, for authenticating client entities, and for providing -clients with Authentication Tokens that they can then use for authenticating -to CASA Authentication enabled services. - -The ATS utilizes mechanism plug-ins for authenticating client entities as well -Identity Token Providers for the generation of Identity Tokens. - -ENVIRONMENT SETTINGS - -The following options must be set in the JAVA_OPTS setting before starting Tomcat -to allow the Kerberos authentication mechanism to work properly: - --Djavax.security.auth.useSubjectCredsOnly=false --Djava.security.auth.login.config={replace with the path for JAAS configuration - file for the service} - -After setting the above values in the JAVA_OPTS variable you must export it for -Tomcat to be able to make use of it. - -The following entry should be included in the JAAS configuration file specified -in the java.security.auth.login.config option above to enable the Krb5 authentication -mechanism to work correctly: - -other { -com.sun.security.auth.module.Krb5LoginModule required - useTicketCache=true - ticketCache="/var/cache/tomcat5/base/temp/ticket.cache" - useKeyTab=true - principal="host/server.company.com" - doNotPrompt=true - storeKey=true - keyTab="/etc/krb5.keytab"; -} - -Please adjust the ticketCache and principal setting to match your installation. - -CONFIGURATION - -AuthTokenSvc configuration consists of multiple entities. Most of the AuthTokenSvc -configuration is contained within the "conf" folder under the WEB-INF folder of the -application. For an example configuration setup for the AuthTokenSvc see the -sampleConf folder. - -The location of the AuthTokenSvc configuration folder can be over-ridden by specifying -a different path via the com.novell.casa.authtoksvc.config system property. - -CONFIGURING THE BASE SERVICE - -The ATS base settings are configured in the svc.settings file under the conf folder. - -Thhe following is an example svc.settings file: - - - - 43200 - 10 - /home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml - 60 - o=novell - - -Note the following about the sample svc.settings file: - -- The settngs that you can specify in the svc.settings file are: SessionLifetime, - LifetimeShorter, IAConfigFile, and startSearchContext. - -- The SessionTokenLifetime setting specifies the number of seconds for which a - session token is good for after being issued. The default value for this setting - is 43200 seconds. Note that a larger value reduces overhead. - -- The LifetimeShorter setting specifies the number of seconds that should be substracted - from the SessionTokenLifetime when calculating the number of seconds that clients are - told that the session tokens are good for. The default value for this setting is 5 - seconds. - -- The IAConfigFile settings specifies the path to the identity abstraction - configuration file. The identity abstraction configuration file configures - the different realms (contexts) that the ATS can utilize to authenticate - entities and resolve identities. In the future the configuration of this - settng will be optional. - -- The ReconfigureInterval setting specifies how often the ATS should refresh its - configuration. The default value for this setting is 60 seconds. A ReconfigureInterval - value of 0 means that the ATS will not refresh its configuration once it has been - initialized, thus requiring that the servlet be re-initialized to make configuration - changes take effect. - -- The startSearchContext setting specifies the begin location for initiating - context searches. The absence of this setting will result in searches ocurring - from the root of the tree. This setting or an equivalent setting will be moved - to the identity abstraction configuration file where it belongs. Once this is done, - the setting will no longer be recognized within the svc.settings file. - -CONFIGURING SERVICES TO CONSUME CASA AUTHENTICATION TOKENS - -Services are configured to consume CASA authentication tokens by creating folders -under the conf/enabled_services folders. Since CASA distinguishes between services -of the same name existing in different hosts, the first folder that must be created -is one for the host where the service resides. The host folder name must match the -DNS name of the host where the service resides. Services are configured by creating -a folder under the appropriate host folder with a name matching the service name. - -Note when configuring services that the service name and the host names must match -the service and host names specified by the client applications when requesting -tokens to authenticate to them. - -The services folder must contain an auth.policy file, an authtoken.settings file, -and an identoken.settings file. In the absence of any one of those files, the ATS -will default to utilizing the files present under its conf folder. - -The auth.policy file specifies the authentication realms (or contexts) to which -entities can authenticate to gain access to the service. The auth.policy file also -specifies the authentication mechanisms that can be utilized to authenticate to the -realms. - -The following is an example auth.policy file: - - - - - CorpTree - Krb5Authenticate - host@tokenserver.company.novell.com - - - CorpTree - PwdAuthenticate - - - - -Note the following about the sample auth.policy file: - -- An authentication realm is specified in the auth.policy file by creating an - auth_policy entry for it. An auth_policy entry must contain the realm name along - with the entries for the authentication mechanisms. - -- When a realm supports more than one authentication mechanism, you must create - an auth_source entry for each supported mechanism. - -- The realm names correspond to the realmIDs configured in the Identity Abstraction - configuration file for the desired context entry. - -- The authentication mechanism entries are: mechanism and mechanism_info. The mechanism - entry specifies the name of the authentication mechanism. The mechanism_info specifies - some mechanism specific information. Both authentication mechanism entries must be - specified for an auth_source entry. - -- The name of the Krb5 Authentication mechanism is "Krb5Authenticate". This mechanism - requires that you specify the service's kerberos principal name under the mechanism_info - key. - -- The name of the username/password authentication mechanism is "PwdAuthenticate" and - it does not require any information to be included under the mechanism_info key. - -The authtoken.settings file contains settings that should be applied to authentication -tokens issued to authenticate to the service. - -The following is an example authtoken.settings file: - - - - 3600 - 10 - CasaIdentityToken - - -Note the following about the sample authtoken.settings file: - -- The settings that you can specify in the authtoken.settings file are: TokenLifetime, - LifetimeShorter, and IdentityTokenType. If one of this tokens is not specified then - its default value is utilized. - -- The TokenLifetime setting specifies the number of seconds for which a token is good - for after being issued. The default value for this setting is 3600 seconds. Note that - a larger value reduces overhead, but it also gives more time for an intruder to - utilize the token if it becomes compromized. - -- The LifetimeShorter setting specifies the number of seconds that should be substracted - from the TokenLifetime when calculating the number of seconds that clients are told - that the tokens are good for. The default value for this setting is 5 seconds. - -- The IdentityTokenType specifies the type of identity tokens that must be embedded in - the authentication tokens with identity information. The default value for this - setting is CasaIdentityToken. - -The identoken.settings file contains settings that should be applied to identity tokens -embedded in authentication tokens. - -The following is an example identoken.settings file: - - - - sn,groupMembership,guid - false - Base64 encoded certificate - - -Note the following about the sample identoken.settings file: - -- The settings that you can specify in the identoken.settings file are: Attributes. - EncryptAttributes, and Certificate. - -- The Attributes setting specifies the identity attributes that must be included - as part of the identity token, The attributes are specified in the form of a coma - delimited list. The default velue for this setting is "sn". - -- The EncryptAtributes setting specifies whether or not the identity information - contained in the identity token should be emcrypted with the services's Public - Certificate. The default value for this setting is "false". Please note that - to enable identity attribute encryption you must not allow the ATS to default to - the file present in its conf folder (Attribute encryption is not yet supported - by the Casa identity token provider). - -- The Certificate setting specifies the certificate that must be utilized to encrypt - identity attribute data. The certificate contains the public key of the targeted - service. The certificate data is Base64 encoded. - -- The identoken.settings file can also contain additional identity token provider - specific settings. - -CONFIGURING AUTHENTICATION MECHANISMS - -Authentication mechanisms available to the AuthTokenSvc are configured by creating -a sub-folder named after the authentication mechanism type under the -conf/auth_mechanisms folder. The authentication mechanism folders must contain a -settings file named mechanism.settings. The mechanism.settings file must contain the -name of the class implementing the mechanism along with path information which -can be utilized by the ATS to load the class. The mechanism.settings file can -also contain mechanism specific settings. - -The following setting is mandatory: - -ClassName - This is the name of the class implementing the authentication mechanism. - -One of the following settings must be included: - -RelativeClassPath - This is a relative path from the web application's root folder -to the folder containing the class implementing the mechanism. - -ClassPath - This is an absolute path to the folder containing the path to the class -implementing the mechanism. - -The following is an example mechanism.settings file for the Krb5Authentication -mechanism: - - - - com.novell.casa.authtoksvc.Krb5Authenticate - WEB-INF/classes - host@authtokenserver.company.com - - -The base AuthTokenSvc package contains two authentication mechanisms, these are -Krb5Authenticate and PwdAuthenticate. The configuration under sampleConf is set up -to allow an AuthTokenSvc to leverage both mechanisms. - -The Krb5Authenticate mechanism requires that the following setting also be included -in its mechanism.settings file: - -ServicePrincipalName - This is the name of the Kerberos Service Principal that the -Authentication Token Service runs as when authenticating other entities. - -CONFIGURING ADDITIONAL IDENTITY TOKEN PROVIDERS - -- TBD - - -SECURITY CONSIDERATIONS - -- TBD - - - - - - - - - - - diff --git a/CASA-auth-token/server/AuthTokenSvc/TODO b/CASA-auth-token/server/AuthTokenSvc/TODO deleted file mode 100644 index 7d10724a..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/TODO +++ /dev/null @@ -1,21 +0,0 @@ -/*********************************************************************** - * - * TODO for AuthTokenSvc - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for AuthTokenSvc. - -OUTSTANDING ITEMS - -- Switch to a Web Services model where the Client/Server protocol uses SOAP. -- Switch to use WS-Security, WS-Policy, and WS-Conversation for Authentication Tokens and Session Tokens. -- Add code to verify that client/server communications occur over HTTPS. -- Add logging. -- Create plug-in API for Identity Token Providers. -- Integrate into CASA build environment. -- Review Code. -- Change printfs used for debugging into a suitable mechanism. - diff --git a/CASA-auth-token/server/AuthTokenSvc/authtoken.settings b/CASA-auth-token/server/AuthTokenSvc/authtoken.settings deleted file mode 100644 index 75f4b75c..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/authtoken.settings +++ /dev/null @@ -1,4 +0,0 @@ - - - 3600 - diff --git a/CASA-auth-token/server/AuthTokenSvc/identoken.settings b/CASA-auth-token/server/AuthTokenSvc/identoken.settings deleted file mode 100644 index ac54afb5..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/identoken.settings +++ /dev/null @@ -1,6 +0,0 @@ - - - false - sn - - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth.policy b/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth.policy deleted file mode 100644 index d688b944..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth.policy +++ /dev/null @@ -1,13 +0,0 @@ - - - - CorpTree - Krb5Authenticate - host@authtokenserver.company.com - - - CorpTree - PwdAuthenticate - - - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/Krb5Authenticate/mechanism.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/Krb5Authenticate/mechanism.settings deleted file mode 100644 index 56110b52..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/Krb5Authenticate/mechanism.settings +++ /dev/null @@ -1,6 +0,0 @@ - - - com.novell.casa.authtoksvc.Krb5Authenticate - WEB-INF/classes - host@tokenserver.company.novell.com - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/PwdAuthenticate/mechanism.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/PwdAuthenticate/mechanism.settings deleted file mode 100644 index 2a5f60f0..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/auth_mechanisms/PwdAuthenticate/mechanism.settings +++ /dev/null @@ -1,5 +0,0 @@ - - - com.novell.casa.authtoksvc.PwdAuthenticate - WEB-INF/classes - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/authtoken.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/authtoken.settings deleted file mode 100644 index 75f4b75c..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/authtoken.settings +++ /dev/null @@ -1,4 +0,0 @@ - - - 3600 - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/auth.policy b/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/auth.policy deleted file mode 100644 index 0f7de72b..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/auth.policy +++ /dev/null @@ -1,13 +0,0 @@ - - - - CorpTree - Krb5Authenticate - host@tokenserver.company.novell.com - - - CorpTree - PwdAuthenticate - - - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/authtoken.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/authtoken.settings deleted file mode 100644 index 75f4b75c..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/authtoken.settings +++ /dev/null @@ -1,4 +0,0 @@ - - - 3600 - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/identoken.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/identoken.settings deleted file mode 100644 index b1d40db3..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/enabled_services/appserver.companyname.com/testService/identoken.settings +++ /dev/null @@ -1,6 +0,0 @@ - - - false - sn,groupMembership - - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/iaRealms.xml b/CASA-auth-token/server/AuthTokenSvc/sampleConf/iaRealms.xml deleted file mode 100644 index bc49eb2b..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/iaRealms.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - ldap://dirserver.companyname.com:389 - - simple - cn=admin,o=companyname - password - - - - - - CorpTree - - - - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/identoken.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/identoken.settings deleted file mode 100644 index ac54afb5..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/identoken.settings +++ /dev/null @@ -1,6 +0,0 @@ - - - false - sn - - diff --git a/CASA-auth-token/server/AuthTokenSvc/sampleConf/svc.settings b/CASA-auth-token/server/AuthTokenSvc/sampleConf/svc.settings deleted file mode 100644 index c1465cc0..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/sampleConf/svc.settings +++ /dev/null @@ -1,5 +0,0 @@ - - - /home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml - 43200 - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/Makefile.am b/CASA-auth-token/server/AuthTokenSvc/src/Makefile.am deleted file mode 100644 index 00e1ef35..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = com - -DIST_SUBDIRS = com - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/Makefile.am b/CASA-auth-token/server/AuthTokenSvc/src/com/Makefile.am deleted file mode 100644 index 34a83b0d..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = novell - -DIST_SUBDIRS = novell - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/Makefile.am b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/Makefile.am deleted file mode 100644 index 2fb64053..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = casa - -DIST_SUBDIRS = casa - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/Makefile.am b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/Makefile.am deleted file mode 100644 index 2ebc7e01..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = authtoksvc - -DIST_SUBDIRS = authtoksvc - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechConfig.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechConfig.java deleted file mode 100644 index 6d08dd58..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechConfig.java +++ /dev/null @@ -1,258 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.util.*; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -/** - * AuthMechConfig Class. - * - * This class obtains and maintains authentication token configuration. - * - */ -public class AuthMechConfig -{ - // Well known authentication token configuration settings - public final static String ClassName = "ClassName"; - public final static String RelativeClassPath = "RelativeClassPath"; - public final static String ClassPath = "ClassPath"; - - private Map m_mechSettingsMap; - - /* - * Class for handling parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_SETTING_ELEMENT_START = 1; - private final static int AWAITING_SETTING_ELEMENT_DATA = 2; - private final static int AWAITING_SETTING_ELEMENT_END = 3; - private final static int DONE_PARSING = 4; - - private final static String m_rootElementName = "settings"; - - private Map m_keyMap; - private int m_state; - private String m_currentKey; - - /* - * Constructor - */ - public SAXHandler(Map keyMap) - { - super(); - - // Initialize our members - m_keyMap = keyMap; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we are not in an invalid state - if (m_state != DONE_PARSING) - { - System.err.println("AuthMechConfig SAXHandler.endDocument()- Invalid state" + m_state); - throw new SAXException("Invalid state at endDocument"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - } - else - { - System.err.println("AuthMechConfig SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SETTING_ELEMENT_START: - // Keep track of the key name - m_currentKey = qName; - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_DATA; - break; - - default: - System.err.println("AuthMechConfig SAXHandler.startElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at startElement"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_SETTING_ELEMENT_DATA: - case AWAITING_SETTING_ELEMENT_END: - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - break; - - case AWAITING_SETTING_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("AuthMechConfig SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("AuthMechConfig SAXHandler.endElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at endElement"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Consume the data if in the right state - if (m_state == AWAITING_SETTING_ELEMENT_DATA) - { - // Consume the data and add the key to map - m_keyMap.put(m_currentKey, new String(ch, start, length)); - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_END; - } - } - } - - /* - * Constructor which sets default configuration values. - */ - public AuthMechConfig() throws Exception - { - System.err.println("AuthMechConfig()- Default"); - - // Create a map to keep track of the token settings - m_mechSettingsMap = new HashMap(); - } - - /* - * Constructor. - */ - public AuthMechConfig(String mechSettingsFileName) throws Exception - { - System.err.println("AuthMechConfig()-"); - - // Create a map to keep track of the token settings - m_mechSettingsMap = new HashMap(); - - try - { - // Get an input stream to read from the token settings file - File f = new File(mechSettingsFileName); - FileInputStream inStream = new FileInputStream(f); - - // Parse the file - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(m_mechSettingsMap); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - - inStream.close(); - } - catch (SAXException e) - { - System.err.println("AuthMechConfig()- " + mechSettingsFileName + " format error, exception: " + e.toString()); - throw new Exception("AuthMechConfig()- authtoken.settings format error"); - } - catch (SecurityException e) - { - System.err.println("AuthMechConfig()- SecurityException accessing " + mechSettingsFileName + " Exception=" + e.toString()); - throw new Exception("AuthMechConfig()- Not able to access file"); - } - catch (FileNotFoundException e) - { - System.err.println("AuthMechConfig()- File " + mechSettingsFileName + " not found"); - throw new Exception("AuthMechConfig()- File not found"); - } - catch (IOException e) - { - System.err.println("AuthMechConfig()- IOException accessing " + mechSettingsFileName + " Exception=" + e.toString()); - throw new Exception("AuthMechConfig()- Read error"); - } - } - - /* - * Returns the value associated with the specified setting. - */ - public String getSetting(String settingName) throws Exception - { - // Try to find the setting in our map - String value = (String) m_mechSettingsMap.get(settingName); - if (value == null) - { - System.err.println("AuthMechConfig.getSetting()- Did not find setting " + settingName); - } - else - { - System.err.println("AuthMechConfig.getSetting()- Found setting " + settingName); - System.err.println("AuthMechConfig.getSetting()- Setting value = " + value); - } - - return value; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechanism.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechanism.java deleted file mode 100644 index a03dc277..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthMechanism.java +++ /dev/null @@ -1,53 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -/* - * AuthMechanism Interface. - * - * This is the interface implemented by Authentication Mechanisms. - * - * Please note that Authentication Machanisms must also implement the - * Serializable interface. - * - */ -public interface AuthMechanism -{ - /* - * Initialize the authentication mechanism. - */ - void init(SvcConfig svcConfig, AuthMechConfig mechConfig) throws Exception; - - /* - * Process authenticate request. If successful, return the Id of the - * authenticated identity. - */ - String invoke(AuthReqMsg authReqMsg) throws Exception; - - /* - * Return the mechanism id. - */ - String getId(); -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthReqMsg.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthReqMsg.java deleted file mode 100644 index c220efd0..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthReqMsg.java +++ /dev/null @@ -1,328 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.InputStream; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - - -/** - * AuthReqMsg Class. - * - * This class deals with the message sent by Casa Client when requesting - * that an entity be authenticated. The format of the message is as - * follows: - * - * - * - * realm value - * mechanism id - * mechanism token data - * - * - */ -public class AuthReqMsg -{ - - protected String m_realm = null; - protected String m_authMechToken = null; - protected String m_authMechanism = null; - - /* - * Class for handling Authentication Request parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_ROOT_ELEMENT_END = 1; - private final static int AWAITING_REALM_ELEMENT_START = 2; - private final static int AWAITING_REALM_ELEMENT_END = 3; - private final static int AWAITING_REALM_DATA = 4; - private final static int AWAITING_MECH_ELEMENT_START = 5; - private final static int AWAITING_MECH_ELEMENT_END = 6; - private final static int AWAITING_MECH_DATA = 7; - private final static int AWAITING_AUTH_MECH_TOKEN_ELEMENT_START = 8; - private final static int AWAITING_AUTH_MECH_TOKEN_ELEMENT_END = 9; - private final static int AWAITING_AUTH_MECH_TOKEN_DATA = 10; - private final static int DONE_PARSING = 11; - - private AuthReqMsg m_authReqMsg; - private int m_state; - - /* - * Constructor - */ - public SAXHandler (AuthReqMsg authReqMsg) - { - super(); - - // Initialize our members - m_authReqMsg = authReqMsg; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we obtained all of the required elements - if (m_state != DONE_PARSING) - { - System.err.println("AuthReqMsg SAXHandler.endDocument()- Missing element"); - throw new SAXException("Missing element"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.authRequestElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_REALM_ELEMENT_START; - } - else - { - System.err.println("AuthReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_REALM_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.realmElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_REALM_DATA; - } - else - { - System.err.println("AuthReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_MECH_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.mechanismElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_MECH_DATA; - } - else - { - System.err.println("AuthReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_AUTH_MECH_TOKEN_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.authMechTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_AUTH_MECH_TOKEN_DATA; - } - else - { - System.err.println("AuthReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("AuthReqMsg SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_ROOT_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.authRequestElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("AuthReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_REALM_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.realmElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_MECH_ELEMENT_START; - } - else - { - System.err.println("AuthReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_MECH_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.mechanismElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_AUTH_MECH_TOKEN_ELEMENT_START; - } - else - { - System.err.println("AuthReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_AUTH_MECH_TOKEN_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.authMechTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ROOT_ELEMENT_END; - } - else - { - System.err.println("AuthReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("AuthReqMsg SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_REALM_DATA: - // Consume the data - m_authReqMsg.m_realm = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_REALM_ELEMENT_END; - break; - - case AWAITING_MECH_DATA: - // Consume the data - m_authReqMsg.m_authMechanism = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_MECH_ELEMENT_END; - break; - - case AWAITING_AUTH_MECH_TOKEN_DATA: - // Consume the data - m_authReqMsg.m_authMechToken = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_AUTH_MECH_TOKEN_ELEMENT_END; - break; - - default: - // Do nothing - break; - } - } - } - - /* - * Constructor - */ - public AuthReqMsg (InputStream inStream) throws Exception - { - try - { - // Parse the AuthReqMsg - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(this); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - } - catch (SAXException e) - { - System.err.println("AuthReqMsg()- Parse exception: " + e.toString()); - throw new Exception("Protocol error"); - } - } - - /* - * Method to get the authentication realm. - */ - public String getRealm() throws Exception - { - return m_realm; - } - - /* - * Method to get the authentication mechanism token. - */ - public String getAuthMechToken() throws Exception - { - return m_authMechToken; - } - - /* - * Method to get the authentication mechanism id. - */ - public String getMechanismId() throws Exception - { - return m_authMechanism; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthRespMsg.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthRespMsg.java deleted file mode 100644 index 6e1bc49f..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthRespMsg.java +++ /dev/null @@ -1,113 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -/** - * AuthRespMsg Class. - * - * This class deals with the message sent to the CASA Client as a - * response to an authentication request. The format of the message is - * as follows when the response includes a session token: - * - * - * - * OK200 - * lifetime valuesession token data - * - * - * The format of the message is as follows when the response does not - * include a session token. - * - * - * - * status descriptionstatus code - * - * - * Plase note that the protocol utilizes the status codes defined - * in the HTTP 1.1 Specification. - * - */ -public class AuthRespMsg -{ - - String m_msg; - - /* - * Constructor for a msg that does not include the session token. - */ - public AuthRespMsg ( - String statusDescription, - String statusCode) throws Exception - { - // Get a StringBuffer to help us with the construction of the message - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.authResponseElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.statusElementName + ">" - + "<" + ProtoDefs.descriptionElementName + ">" + statusDescription + "" - + statusCode + "" + "\r\n"); - sb.append("" + "\r\n"); - - // The message has now been built, save it. - m_msg = sb.toString(); - } - - /* - * Constructor for a msg that includes the session token. - */ - public AuthRespMsg ( - String statusDescription, - String statusCode, - String sessionToken, - String sessionTokenLifetime) throws Exception - { - // Get a StringBuffer to help us with the construction of the message - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.authResponseElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.statusElementName + ">" - + "<" + ProtoDefs.descriptionElementName + ">" + ProtoDefs.httpOkStatusMsg + "" - + ProtoDefs.httpOkStatusCode + "" + "\r\n"); - sb.append("<" + ProtoDefs.sessionTokenElementName + ">" - + "<" + ProtoDefs.lifetimeElementName + ">" + sessionTokenLifetime + "" - + sessionToken + "" + "\r\n"); - sb.append("" + "\r\n"); - - // The message has now been built, save it. - m_msg = sb.toString(); - } - - /* - * Returns a string containing the AuthRespMsg. - */ - public String toString() - { - return m_msg; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthToken.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthToken.java deleted file mode 100644 index b081ea8a..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthToken.java +++ /dev/null @@ -1,466 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.ByteArrayInputStream; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - - -/* - * AuthToken Class. - * - * This class constructs authentication tokens that clients can present - * to services for authentication. The format of the authentication token - * is as follows: - * - * - * - * signature value - * lifetime value - * Identity Token typeidentity token data - * - * - */ -public class AuthToken -{ - - private String m_token; - private String m_lifetime; - private String m_lifetimeShorter; - private String m_identityTokenType; - private StringBuffer m_identityToken; - private String m_signature; - - /* - * Class for handling parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_ROOT_ELEMENT_END = 1; - private final static int AWAITING_SIGNATURE_ELEMENT_START = 2; - private final static int AWAITING_SIGNATURE_ELEMENT_END = 3; - private final static int AWAITING_SIGNATURE_DATA = 4; - private final static int AWAITING_LIFETIME_ELEMENT_START = 5; - private final static int AWAITING_LIFETIME_ELEMENT_END = 6; - private final static int AWAITING_LIFETIME_DATA = 7; - private final static int AWAITING_IDENT_TOKEN_ELEMENT_START = 8; - private final static int AWAITING_IDENT_TOKEN_ELEMENT_END = 9; - private final static int AWAITING_IDENT_TOKEN_DATA = 10; - private final static int AWAITING_TYPE_ELEMENT_START = 11; - private final static int AWAITING_TYPE_ELEMENT_END = 12; - private final static int AWAITING_TYPE_DATA = 13; - private final static int DONE_PARSING = 14; - - private AuthToken m_AuthToken; - private int m_state; - - /* - * Constructor - */ - public SAXHandler (AuthToken AuthToken) - { - super(); - - // Initialize our members - m_AuthToken = AuthToken; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we obtained all of the required elements - if (m_state != DONE_PARSING) - { - System.err.println("AuthToken SAXHandler.endDocument()- Missing element"); - throw new SAXException("Missing element"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.authTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SIGNATURE_ELEMENT_START; - } - else - { - System.err.println("AuthToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SIGNATURE_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.signatureElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SIGNATURE_DATA; - } - else - { - System.err.println("AuthToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_LIFETIME_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.lifetimeElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_LIFETIME_DATA; - } - else - { - System.err.println("AuthToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - - break; - - case AWAITING_IDENT_TOKEN_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.identTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_TYPE_ELEMENT_START; - } - else - { - System.err.println("AuthToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_TYPE_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.typeElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_TYPE_DATA; - } - else - { - System.err.println("AuthToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("AuthToken SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.authTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("AuthToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SIGNATURE_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.signatureElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_LIFETIME_ELEMENT_START; - } - else - { - System.err.println("AuthToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_LIFETIME_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.lifetimeElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_IDENT_TOKEN_ELEMENT_START; - } - else - { - System.err.println("AuthToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_TYPE_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.typeElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_IDENT_TOKEN_DATA; - } - else - { - System.err.println("AuthToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_IDENT_TOKEN_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.identTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ROOT_ELEMENT_END; - } - else - { - System.err.println("AuthToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("AuthToken SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_SIGNATURE_DATA: - // Consume the data - m_AuthToken.m_signature = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SIGNATURE_ELEMENT_END; - break; - - case AWAITING_LIFETIME_DATA: - // Consume the data - m_AuthToken.m_lifetime = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_LIFETIME_ELEMENT_END; - break; - - case AWAITING_TYPE_DATA: - // Consume the data - m_AuthToken.m_identityTokenType = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_TYPE_ELEMENT_END; - break; - - case AWAITING_IDENT_TOKEN_DATA: - case AWAITING_IDENT_TOKEN_ELEMENT_END: - // Consume the data - m_AuthToken.m_identityToken.append(ch, start, length); - - // Advance to the next state - m_state = AWAITING_IDENT_TOKEN_ELEMENT_END; - break; - - default: - // Do nothing - break; - } - } - } - - /* - * Constructor. - */ - public AuthToken(String identityId, - String realm, - String targetService, - String targetHost, - SvcConfig svcConfig, - EnabledSvcsConfig enabledSvcsConfig) throws Exception - { - // Get access to the authentication token configuration for this service - AuthTokenConfig authTokenConfig = enabledSvcsConfig.getAuthTokenConfig(targetHost, targetService); - if (authTokenConfig != null) - { - try - { - // For now lets use the services of the only IdentityToken provider - // that we have. - // - // tbd - Add code to allow for the consumption of tokens - // from different providers. - CasaIdentityToken identityToken = new CasaIdentityToken(enabledSvcsConfig.getIdenTokenConfig(targetHost, targetService)); - identityToken.initialize(identityId, - realm, - targetService, - targetHost, - svcConfig); - - m_identityToken = new StringBuffer(); - m_identityToken.append(identityToken.getEncodedToken()); - m_identityTokenType = identityToken.getProviderType(); - - m_lifetime = authTokenConfig.getSetting(AuthTokenConfig.TokenLifetime); - m_lifetimeShorter = authTokenConfig.getSetting(AuthTokenConfig.LifetimeShorter); - - // Generate a signature - // tbd - Over identToken, identToken type, and lifetime data. - m_signature = "tbd"; - - // Get a StringBuffer to help us with the construction of the token - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.authTokenElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.signatureElementName + ">" + m_signature + "" + "\r\n"); - sb.append("<" + ProtoDefs.lifetimeElementName + ">" + m_lifetime + "" + "\r\n"); - sb.append("<" + ProtoDefs.identTokenElementName + ">" - + "<" + ProtoDefs.typeElementName + ">" + m_identityTokenType + "" - + m_identityToken + "" + "\r\n"); - sb.append("" + "\r\n"); - - // Save the token - m_token = sb.toString(); - } - catch (Exception e) - { - // tbd - System.err.println("AuthToken()- Exception: " + e.toString()); - } - } - else - { - throw new Exception("Error: Missing authentication token config for " + targetService); - } - } - - /* - * Constructor given an authentication token string. The constructor - * validates the token as part of its processing. - */ - public AuthToken(String token) throws Exception - { - // Decode the token string - m_token = Base64Coder.decode(token); - - // Instantiate string buffer for the identity token - m_identityToken = new StringBuffer(); - - // Now parse the token into its elements - try - { - // Parse the AuthToken - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(this); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - ByteArrayInputStream inStream = new ByteArrayInputStream(m_token.getBytes()); - InputSource source = new InputSource(inStream); - xr.parse(source); - - // Verify the signature - // tbd - - // Verify that the token has not expired - // tbd - } - catch (SAXException e) - { - System.err.println("AuthToken()- Parse exception: " + e.toString()); - throw new Exception("Protocol error"); - } - } - - /* - * Returns a string containing the Base64 encode token. - */ - public String toString() - { - return Base64Coder.encode(m_token); - } - - /* - * Returns the lifetime of the token. - */ - public String getLifetime() - { - // tbd - Convert to tokenLifetime and lifetimeShorter to ints, substractand then convert result to string - return "60"; - } - - /* - * Returns the identity token. - */ - public String getIdentityToken() - { - return m_identityToken.toString(); - } - - /* - * Returns the identity token type. - */ - public String getIdentityTokenType() - { - return m_identityTokenType; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthTokenConfig.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthTokenConfig.java deleted file mode 100644 index 27d40aa3..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/AuthTokenConfig.java +++ /dev/null @@ -1,298 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.util.*; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -/** - * AuthTokenConfig Class. - * - * This class obtains and maintains authentication token configuration. - * - */ -public class AuthTokenConfig -{ - // Well known authentication token configuration settings - public final static String TokenLifetime = "TokenLifetime"; - public final static String LifetimeShorter = "LifetimeShorter"; - public final static String IdentityTokenType = "IdentityTokenType"; - - // Default configuration values - private String m_defaultTokenLifetimeValue = "3600"; // Seconds - private String m_defaultLifetimeShorterValue = "5"; // Seconds - private String m_defaultIdentityTokenTypeValue = "CasaIdentityToken"; - - private Map m_tokenSettingsMap; - - /* - * Class for handling parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_SETTING_ELEMENT_START = 1; - private final static int AWAITING_SETTING_ELEMENT_DATA = 2; - private final static int AWAITING_SETTING_ELEMENT_END = 3; - private final static int DONE_PARSING = 4; - - private final static String m_rootElementName = "settings"; - - private Map m_keyMap; - private int m_state; - private String m_currentKey; - - /* - * Constructor - */ - public SAXHandler(Map keyMap) - { - super(); - - // Initialize our members - m_keyMap = keyMap; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we are not in an invalid state - if (m_state != DONE_PARSING) - { - System.err.println("AuthTokenConfig SAXHandler.endDocument()- Invalid state" + m_state); - throw new SAXException("Invalid state at endDocument"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - } - else - { - System.err.println("AuthTokenConfig SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SETTING_ELEMENT_START: - // Keep track of the key name - m_currentKey = qName; - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_DATA; - break; - - default: - System.err.println("AuthTokenConfig SAXHandler.startElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at startElement"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_SETTING_ELEMENT_DATA: - case AWAITING_SETTING_ELEMENT_END: - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - break; - - case AWAITING_SETTING_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("AuthTokenConfig SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("AuthTokenConfig SAXHandler.endElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at endElement"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Consume the data if in the right state - if (m_state == AWAITING_SETTING_ELEMENT_DATA) - { - // Consume the data and add the key to map - m_keyMap.put(m_currentKey, new String(ch, start, length)); - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_END; - } - } - } - - /* - * Constructor which sets default configuration values. - */ - public AuthTokenConfig() throws Exception - { - System.err.println("AuthTokenConfig()- Default"); - - // Create a map to keep track of the token settings - m_tokenSettingsMap = new HashMap(); - - // Set the default settings in our map - m_tokenSettingsMap.put(TokenLifetime, m_defaultTokenLifetimeValue); - m_tokenSettingsMap.put(LifetimeShorter, m_defaultLifetimeShorterValue); - m_tokenSettingsMap.put(IdentityTokenType, m_defaultIdentityTokenTypeValue); - } - - /* - * Constructor. - */ - public AuthTokenConfig(String authTokenSettingsFileName) throws Exception - { - System.err.println("AuthTokenConfig()-"); - - // Create a map to keep track of the token settings - m_tokenSettingsMap = new HashMap(); - - try - { - // Get an input stream to read from the token settings file - File f = new File(authTokenSettingsFileName); - FileInputStream inStream = new FileInputStream(f); - - // Parse the file - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(m_tokenSettingsMap); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - - inStream.close(); - } - catch (SAXException e) - { - System.err.println("AuthTokenConfig()- " + authTokenSettingsFileName + " format error, exception: " + e.toString()); - throw new Exception("AuthTokenConfig()- authtoken.settings format error"); - } - catch (SecurityException e) - { - System.err.println("AuthTokenConfig()- SecurityException accessing " + authTokenSettingsFileName + " Exception=" + e.toString()); - throw new Exception("AuthTokenConfig()- Not able to access file"); - } - catch (FileNotFoundException e) - { - System.err.println("AuthTokenConfig()- File " + authTokenSettingsFileName + " not found"); - throw new Exception("AuthTokenConfig()- File not found"); - } - catch (IOException e) - { - System.err.println("AuthTokenConfig()- IOException accessing " + authTokenSettingsFileName + " Exception=" + e.toString()); - throw new Exception("AuthTokenConfig()- Read error"); - } - } - - /* - * Returns the value associated with the specified setting. - */ - public String getSetting(String settingName) throws Exception - { - // Try to find the setting in our map - String value = (String) m_tokenSettingsMap.get(settingName); - if (value == null) - { - System.err.println("AuthTokenConfig.getSetting()- Did not find setting " + settingName); - - // The setting is not in our map, check if it is one to - // which we have defaults. - if (settingName.equals(TokenLifetime) == true) - { - value = m_defaultTokenLifetimeValue; - System.err.println("AuthTokenConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_tokenSettingsMap.put(TokenLifetime, m_defaultTokenLifetimeValue); - } - else if (settingName.equals(LifetimeShorter) == true) - { - value = m_defaultLifetimeShorterValue; - System.err.println("AuthTokenConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_tokenSettingsMap.put(LifetimeShorter, m_defaultLifetimeShorterValue); - } - else if (settingName.equals(IdentityTokenType) == true) - { - value = m_defaultLifetimeShorterValue; - System.err.println("AuthTokenConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_tokenSettingsMap.put(IdentityTokenType, m_defaultIdentityTokenTypeValue); - } - } - else - { - System.err.println("AuthTokenConfig.getSetting()- Found setting " + settingName); - System.err.println("AuthTokenConfig.getSetting()- Setting value = " + value); - - // Do some sanity checking - // tbd - Make sure that the token lifetime values are greater than the LifetimeShorter - } - - return value; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java deleted file mode 100644 index fb4a24da..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java +++ /dev/null @@ -1,341 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.util.*; -import java.io.*; - -import java.io.ObjectOutputStream; -import java.io.ObjectInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.PrintWriter; - -import java.net.URL; -import java.net.MalformedURLException; -import java.net.URLClassLoader; - -/** - * Authenticate Class. - * - * This class processes authentication requests. - * - */ -public class Authenticate implements RpcMethod -{ - private static final String m_mechanismSettingsFileName = "mechanism.settings"; - - private Map m_authMechanismMap; - - private SvcConfig m_svcConfig; - private EnabledSvcsConfig m_enabledSvcsConfig; - - /* - * Constructor - */ - public Authenticate() throws Exception - { - // Create a map to keep track of the authentication mechanisms - m_authMechanismMap = new HashMap(); - } - - /* - * Initialize the Rpc method. - */ - public void init(SvcConfig svcConfig, EnabledSvcsConfig enabledSvcsConfig) throws Exception - { - m_svcConfig = svcConfig; - m_enabledSvcsConfig = enabledSvcsConfig; - - // Now go through the configured authentication mechanisms, as we do so, instantiate - // the mechanisms and place them in our map. Note that the mechanisms config folder - // contains folders for each installed authentication mechanism. The name of these - // folders usually match the name of the Authentication mechanisms. - String svcConfigPath = svcConfig.getSetting(SvcConfig.ConfigFolderPath); - File mechanismsConfigFolder = new File(svcConfigPath, "auth_mechanisms"); - try - { - String[] mechanismsConfigFolderObjs = mechanismsConfigFolder.list(); - if (mechanismsConfigFolderObjs != null) - { - for (int i = 0; i < mechanismsConfigFolderObjs.length; i++) - { - // Check if we are dealing with a file or a folder - File mechanismFolder = new File(mechanismsConfigFolder, mechanismsConfigFolderObjs[i]); - try - { - if (mechanismFolder.isDirectory() == true) - { - System.err.println("Authenticate.init()- Mechanism folder " + mechanismFolder + " is directory"); - - // Try to obtain the mechanism settings - try - { - AuthMechConfig mechConfig = new AuthMechConfig(mechanismFolder + File.separator + m_mechanismSettingsFileName); - - // Mechanism settings obtained, now instantiate it and place it in our map. - // - String mechClassName = mechConfig.getSetting(AuthMechConfig.ClassName); - if (mechClassName != null) - { - // We now know the name of the class implementing the mechanism, now lets - // get the relative path to the class file. Note that the path is relative - // to the root folder of our application. - String relativePath = mechConfig.getSetting(AuthMechConfig.RelativeClassPath); - if (relativePath != null) - { - // Create a file object to the folder containing the class file. Note that we need to - // ultimately instantiate objects from a class loaded by the same class loader that - // loads the AuthMechanism class to avoid ClassCastExceptions. - File mechClassPathFile = new File(svcConfig.getSetting(SvcConfig.AppRootPath) + relativePath); - System.err.println("Authenticate.init()- Mechanism path = " + mechClassPathFile); - try - { - URL methClassPathUrl = mechClassPathFile.toURL(); - URL[] urls = new URL[]{methClassPathUrl}; - - // Create a class loader for the folder - ClassLoader customClassLoader = new URLClassLoader(urls); - - // Load the mech class using our custom loader - Class mechClass = customClassLoader.loadClass(mechClassName); - FileOutputStream fos = new FileOutputStream(svcConfig.getSetting(SvcConfig.AppRootPath) + "tmp"); - ObjectOutputStream oos = new ObjectOutputStream(fos); - oos.writeObject(mechClass); - oos.close(); - fos.close(); - FileInputStream fis = new FileInputStream(svcConfig.getSetting(SvcConfig.AppRootPath) + "tmp"); - ObjectInputStream ois = new ObjectInputStream(fis); - mechClass = (Class) ois.readObject(); - ois.close(); - fis.close(); - - // Now reload the class using the class loader for our AuthMechanism class - AuthMechanism mechanism = (AuthMechanism) mechClass.newInstance(); - mechanism.init(svcConfig, mechConfig); - m_authMechanismMap.put(mechanism.getId(), mechanism); - } - catch (MalformedURLException e) - { - System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (ClassNotFoundException e) - { - System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (InstantiationException e) - { - System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (IllegalAccessException e) - { - System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - } - else - { - // A relative path was not configured, check if instead a full path was configured. - String classPath = mechConfig.getSetting(AuthMechConfig.ClassPath); - if (classPath != null) - { - // Create a file object to the folder containing the class file. Note that we need to - // ultimately instantiate objects from a class loaded by the same class loader that - // loads the AuthMechanism class to avoid ClassCastExceptions. - File mechClassPathFile = new File(classPath); - System.err.println("Authenticate.init()- Mechanism path = " + mechClassPathFile); - try - { - URL methClassPathUrl = mechClassPathFile.toURL(); - URL[] urls = new URL[]{methClassPathUrl}; - - // Create a class loader for the folder - ClassLoader customClassLoader = new URLClassLoader(urls); - - // Load the mech class using our custom loader - Class mechClass = customClassLoader.loadClass(mechClassName); - FileOutputStream fos = new FileOutputStream(svcConfig.getSetting(SvcConfig.AppRootPath) + "tmp"); - ObjectOutputStream oos = new ObjectOutputStream(fos); - oos.writeObject(mechClass); - oos.close(); - fos.close(); - FileInputStream fis = new FileInputStream(svcConfig.getSetting(SvcConfig.AppRootPath) + "tmp"); - ObjectInputStream ois = new ObjectInputStream(fis); - mechClass = (Class) ois.readObject(); - ois.close(); - fis.close(); - - // Now reload the class using the class loader for our AuthMechanism class - AuthMechanism mechanism = (AuthMechanism) mechClass.newInstance(); - mechanism.init(svcConfig, mechConfig); - m_authMechanismMap.put(mechanism.getId(), mechanism); - } - catch (MalformedURLException e) - { - System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (ClassNotFoundException e) - { - System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (InstantiationException e) - { - System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (IllegalAccessException e) - { - System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - } - else - { - System.err.println("Authenticate.init()- No configuration to find class path to load " + mechanismFolder + File.separator + m_mechanismSettingsFileName); - } - } - } - else - { - System.err.println("Authenticate.init()- No configured mechanism class name for " + mechanismFolder + File.separator + m_mechanismSettingsFileName); - } - } - catch (SecurityException e) - { - System.err.println("Authenticate.init()- SecurityException accessing " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (FileNotFoundException e) - { - System.err.println("Authenticate.init()- No authentication policy file for " + mechanismFolder); - } - catch (IOException e) - { - System.err.println("Authenticate.init()- IOException reading " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - catch (Exception e) - { - System.err.println("Authenticate.init()- Exception instantiating mechConfig or mechanism " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); - } - } - } - catch (SecurityException e) - { - System.err.println("Authenticate.init()- SecurityException accessing " + mechanismFolder + " Exception=" + e.toString()); - } - } - } - else - { - System.err.println("Authenticate.init()- Unable to obtain mechanisms folder " + mechanismsConfigFolder + " objects"); - } - } - catch (SecurityException e) - { - System.err.println("Authenticate.init()- SecurityException accessing " + mechanismsConfigFolder + " Exception=" + e.toString()); - } - } - - /* - * Process Rpc. - */ - public void invoke(InputStream inStream, PrintWriter out) throws IOException - { - try - { - System.err.println("Authenticate.invoke()"); - - // Parse the AuthReqMsg sent from the client - AuthReqMsg authReqMsg = new AuthReqMsg(inStream); - - // Get the necessary authentication mechanism - AuthMechanism authMechanism = (AuthMechanism) m_authMechanismMap.get(authReqMsg.getMechanismId()); - if (authMechanism != null) - { - // Invoke the mechanism to authenticate the entity - String identId = authMechanism.invoke(authReqMsg); - - // Create response based on the identity resolution results - if (identId != null && identId.length() != 0) - { - System.err.println("Authenticate.invoke()- identId resolved, " + identId); - - // An identity was resolved, get a SessionToken for it. - SessionToken sessionToken = new SessionToken(identId, - authReqMsg.getRealm(), - m_svcConfig.getSetting(SvcConfig.SessionTokenLifetime)); - - // Write out the response - AuthRespMsg authRespMsg = new AuthRespMsg(ProtoDefs.httpOkStatusMsg, - ProtoDefs.httpOkStatusCode, - sessionToken.toString(), - m_svcConfig.getSetting(SvcConfig.SessionTokenLifetime)); - // tbd - Convert to ints, perform calculation, and then convert result to string - //m_svcConfig.getSetting(SvcConfig.SessionTokenLifetime) - //- m_svcConfig.getSetting(SvcConfig.LifetimeShorter)); - out.println(authRespMsg.toString()); - } - else - { - System.err.println("Authenticate.invoke()- identId not resolved"); - - // Write out the response - AuthRespMsg authRespMsg = new AuthRespMsg(ProtoDefs.httpUnauthorizedStatusMsg, - ProtoDefs.httpUnauthorizedStatusCode); - out.println(authRespMsg.toString()); - } - } - else - { - System.err.println("Authenticate.invoke()- Unsupported mechanism " + authReqMsg.getMechanismId()); - - // Write out the response - AuthRespMsg authRespMsg = new AuthRespMsg(ProtoDefs.httpNotFoundStatusMsg, - ProtoDefs.httpNotFoundStatusCode); - out.println(authRespMsg.toString()); - } - } - catch (Exception e) - { - System.err.println("Authenticate.invoke()- Exception: " + e.toString()); - - // Write out the response - try - { - AuthRespMsg authRespMsg = new AuthRespMsg(ProtoDefs.httpServerErrorStatusMsg, - ProtoDefs.httpServerErrorStatusCode); - out.println(authRespMsg.toString()); - } - catch (Exception e2) - { - System.err.println("Authenticate.invoke()- Exception trying to construct response msg: " + e2.toString()); - } - } - } - - /* - * Return the method id. - */ - public String getId() - { - return "Authenticate"; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Base64Coder.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Base64Coder.java deleted file mode 100644 index 5584b692..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Base64Coder.java +++ /dev/null @@ -1,121 +0,0 @@ -/************************************************************************** -* -* A Base64 Encoder/Decoder. -* -* This class is used to encode and decode data in Base64 format -* as described in RFC 1521. -* -*

-* Copyright 2003: Christian d'Heureuse, Inventec Informatik AG, Switzerland.
-* License: This is "Open Source" software and released under the GNU/LGPL license. -* It is provided "as is" without warranty of any kind. Please contact the author for other licensing arrangements.
-* Home page: www.source-code.biz
-* -*

-* Version history:
-* 2003-07-22 Christian d'Heureuse (chdh): Module created.
-* 2005-08-11 chdh: Lincense changed from GPL to LGPL. -* -**************************************************************************/ - -package com.novell.casa.authtoksvc; - -public class Base64Coder { - -// Mapping table from 6-bit nibbles to Base64 characters. -private static char[] map1 = new char[64]; - static { - int i=0; - for (char c='A'; c<='Z'; c++) map1[i++] = c; - for (char c='a'; c<='z'; c++) map1[i++] = c; - for (char c='0'; c<='9'; c++) map1[i++] = c; - map1[i++] = '+'; map1[i++] = '/'; } - -// Mapping table from Base64 characters to 6-bit nibbles. -private static byte[] map2 = new byte[128]; - static { - for (int i=0; i>> 2; - int o1 = ((i0 & 3) << 4) | (i1 >>> 4); - int o2 = ((i1 & 0xf) << 2) | (i2 >>> 6); - int o3 = i2 & 0x3F; - out[op++] = map1[o0]; - out[op++] = map1[o1]; - out[op] = op < oDataLen ? map1[o2] : '='; op++; - out[op] = op < oDataLen ? map1[o3] : '='; op++; } - return out; } - -/** -* Decodes a Base64 string. -* @param s a Base64 String to be decoded. -* @return A String containing the decoded data. -* @throws IllegalArgumentException if the input is not valid Base64 encoded data. -*/ -public static String decode (String s) { - return new String(decode(s.toCharArray())); } - -/** -* Decodes Base64 data. -* No blanks or line breaks are allowed within the Base64 encoded data. -* @param in a character array containing the Base64 encoded data. -* @return An array containing the decoded data bytes. -* @throws IllegalArgumentException if the input is not valid Base64 encoded data. -*/ -public static byte[] decode (char[] in) { - int iLen = in.length; - if (iLen%4 != 0) throw new IllegalArgumentException ("Length of Base64 encoded input string is not a multiple of 4."); - while (iLen > 0 && in[iLen-1] == '=') iLen--; - int oLen = (iLen*3) / 4; - byte[] out = new byte[oLen]; - int ip = 0; - int op = 0; - while (ip < iLen) { - int i0 = in[ip++]; - int i1 = in[ip++]; - int i2 = ip < iLen ? in[ip++] : 'A'; - int i3 = ip < iLen ? in[ip++] : 'A'; - if (i0 > 127 || i1 > 127 || i2 > 127 || i3 > 127) - throw new IllegalArgumentException ("Illegal character in Base64 encoded data."); - int b0 = map2[i0]; - int b1 = map2[i1]; - int b2 = map2[i2]; - int b3 = map2[i3]; - if (b0 < 0 || b1 < 0 || b2 < 0 || b3 < 0) - throw new IllegalArgumentException ("Illegal character in Base64 encoded data."); - int o0 = ( b0 <<2) | (b1>>>4); - int o1 = ((b1 & 0xf)<<4) | (b2>>>2); - int o2 = ((b2 & 3)<<6) | b3; - out[op++] = (byte)o0; - if (op - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.ByteArrayInputStream; -import java.util.HashSet; -import java.util.Hashtable; -import java.util.Set; - -import javax.naming.Context; -import javax.naming.NamingEnumeration; -import javax.naming.NamingException; -import javax.naming.directory.Attributes; -import javax.naming.directory.DirContext; -import javax.naming.directory.InitialDirContext; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -import org.bandit.ia.IAContext; - -/* - * CasaIdentityToken Class. - * - * This class constructs Casa Identity tokens. - * - * A Casa Identity Token is a simple XML Document - * with information about an identity in the form - * of: - * - * - * - * identity id - * identity data source name - * identity data source url - * target service name - * target host name - * - * attribute value - * attribute2 value - * ... - * - * - * - * - * attribute/values pairs. The attribute names - * being the XML elements of the documents. - * - */ -public class CasaIdentityToken implements IdentityToken -{ - /* - * XML Element Name Constants for the documents exchanged between the - * Casa Client and the Casa Server. - */ - private final static String casaIdentTokElementName = "casa_ident_tok"; - private final static String idElementName = "id"; - private final static String sourceNameElementName = "source_name"; - private final static String sourceUrlElementName = "source_url"; - private final static String targetServiceElementName = "target_service"; - private final static String targetHostElementName = "target_host"; - private final static String attributesElementName = "attributes"; - - private IdenTokenConfig m_idenTokenConfig; - - private String m_identityId = null; - private String m_sourceName = null; - private String m_sourceUrl = null; - private String m_service = null; - private String m_host = null; - private String m_token = null; - private javax.naming.directory.Attributes m_attributes = null; - - /* - * Class for handling Authentication Request parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_ROOT_ELEMENT_END = 1; - private final static int AWAITING_ID_ELEMENT_START = 2; - private final static int AWAITING_ID_ELEMENT_END = 3; - private final static int AWAITING_ID_DATA = 4; - private final static int AWAITING_SOURCE_NAME_ELEMENT_START = 5; - private final static int AWAITING_SOURCE_NAME_ELEMENT_END = 6; - private final static int AWAITING_SOURCE_NAME_DATA = 7; - private final static int AWAITING_SOURCE_URL_ELEMENT_START = 8; - private final static int AWAITING_SOURCE_URL_ELEMENT_END = 9; - private final static int AWAITING_SOURCE_URL_DATA = 10; - private final static int AWAITING_TARGET_SERVICE_ELEMENT_START = 11; - private final static int AWAITING_TARGET_SERVICE_ELEMENT_END = 12; - private final static int AWAITING_TARGET_SERVICE_DATA = 13; - private final static int AWAITING_TARGET_HOST_ELEMENT_START = 14; - private final static int AWAITING_TARGET_HOST_ELEMENT_END = 15; - private final static int AWAITING_TARGET_HOST_DATA = 16; - private final static int AWAITING_ATTRIBUTES_ELEMENT_START = 17; - private final static int AWAITING_ATTRIBUTE_START = 18; - private final static int AWAITING_ATTRIBUTE_END = 19; - private final static int AWAITING_ATTRIBUTE_DATA = 20; - private final static int AWAITING_BINARY_ATTRIBUTE_DATA = 21; - private final static int DONE_PARSING = 22; - - private CasaIdentityToken m_casaIdentToken; - private int m_state; - private String m_currAttribute; - private boolean m_encryptedAttrs; - - /* - * Constructor - */ - public SAXHandler (CasaIdentityToken casaIdentityToken) - { - super(); - - // Initialize our members - m_casaIdentToken = casaIdentityToken; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we obtained all of the required elements - if (m_state != DONE_PARSING) - { - System.err.println("CasaIdentityToken SAXHandler.endDocument()- Missing element"); - throw new SAXException("Missing element"); - } - } - - /* - * - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (casaIdentTokElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ID_ELEMENT_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_ID_ELEMENT_START: - // Verify that we are processing the expected tag - if (idElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ID_DATA; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SOURCE_NAME_ELEMENT_START: - // Verify that we are processing the expected tag - if (sourceNameElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SOURCE_NAME_DATA; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - - break; - - case AWAITING_SOURCE_URL_ELEMENT_START: - // Verify that we are processing the expected tag - if (sourceUrlElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SOURCE_URL_DATA; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_TARGET_SERVICE_ELEMENT_START: - // Verify that we are processing the expected tag - if (targetServiceElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_TARGET_SERVICE_DATA; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_TARGET_HOST_ELEMENT_START: - // Verify that we are processing the expected tag - if (targetHostElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_TARGET_HOST_DATA; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_ATTRIBUTES_ELEMENT_START: - // Verify that we are processing the expected tag - if (attributesElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ATTRIBUTE_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_ATTRIBUTE_START: - // Save the element name as the current attribute - m_currAttribute = qName; - - // Advance to the next state based on the attribute type - String attrType = atts.getValue("type"); - if (attrType != null && attrType.equals("binary")) - { - // We are dealing with a binary attribute. We are going to - // assume that binary attributes are always base64 encoded. - m_state = AWAITING_BINARY_ATTRIBUTE_DATA; - } - else - { - // Assume we are dealing with an attribute of type string - m_state = AWAITING_ATTRIBUTE_DATA; - } - break; - - default: - System.err.println("CasaIdentityToken SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_END: - // Verify that we are processing the expected tag - if (casaIdentTokElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_ID_ELEMENT_END: - // Verify that we are processing the expected tag - if (idElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SOURCE_NAME_ELEMENT_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SOURCE_NAME_ELEMENT_END: - // Verify that we are processing the expected tag - if (sourceNameElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SOURCE_URL_ELEMENT_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SOURCE_URL_ELEMENT_END: - // Verify that we are processing the expected tag - if (sourceUrlElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_TARGET_SERVICE_ELEMENT_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_TARGET_SERVICE_ELEMENT_END: - // Verify that we are processing the expected tag - if (targetServiceElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_TARGET_HOST_ELEMENT_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_TARGET_HOST_ELEMENT_END: - // Verify that we are processing the expected tag - if (targetHostElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ATTRIBUTES_ELEMENT_START; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_ATTRIBUTE_END: - // Advance to the next state - m_state = AWAITING_ATTRIBUTE_START; - break; - - case AWAITING_ATTRIBUTE_START: - // Verify that we are processing the expected tag - if (attributesElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ROOT_ELEMENT_END; - } - else - { - System.err.println("CasaIdentityToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("CasaIdentityToken SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ID_DATA: - // Consume the data - m_casaIdentToken.m_identityId = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_ID_ELEMENT_END; - break; - - case AWAITING_SOURCE_NAME_DATA: - // Consume the data - m_casaIdentToken.m_sourceName = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SOURCE_NAME_ELEMENT_END; - break; - - case AWAITING_SOURCE_URL_DATA: - // Consume the data - m_casaIdentToken.m_sourceUrl = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SOURCE_URL_ELEMENT_END; - break; - - case AWAITING_TARGET_SERVICE_DATA: - // Consume the data - m_casaIdentToken.m_service = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_TARGET_SERVICE_ELEMENT_END; - break; - - case AWAITING_TARGET_HOST_DATA: - // Consume the data - m_casaIdentToken.m_host = new String(ch, start, length); - - // At this point we now have the target service and host names, - // check if our configuration says that the attributes have been - // encrypted. - // tbd - Need to come up with a solution for obtaining configuration - // information when instanstiated using a stream. May be the token should - // carry an indication that the attributes are encrypted. - m_encryptedAttrs = false; - - // Advance to the next state - m_state = AWAITING_TARGET_HOST_ELEMENT_END; - break; - - case AWAITING_ATTRIBUTE_DATA: - // Consume the data - // - // Decrypt the attribute data if necessary - if (m_encryptedAttrs) - { - // tbd - Decrypt the attribute key and value with the private key of the service - // using the configured mechanism. - } - else - { - m_casaIdentToken.m_attributes.put(m_currAttribute, new String(ch, start, length)); - } - - // Advance to the next state - m_state = AWAITING_ATTRIBUTE_END; - break; - - case AWAITING_BINARY_ATTRIBUTE_DATA: - // Consume the data - // - // Decrypt the attribute data if necessary - if (m_encryptedAttrs) - { - // tbd - Decrypt the attribute key and value with the private key of the service - // using the configured mechanism. - } - else - { - // The data is base64 encoded - char[] encodedChars = new char[length]; - System.arraycopy(ch, start, encodedChars, 0, length); - m_casaIdentToken.m_attributes.put(m_currAttribute, Base64Coder.decode(encodedChars)); - } - - // Advance to the next state - m_state = AWAITING_ATTRIBUTE_END; - break; - - default: - // Do nothing - break; - } - } - } - - /* - * Constructor. - */ - public CasaIdentityToken (IdenTokenConfig idenTokenConfig) - { - // Initialize our members - m_token = null; - m_attributes = new javax.naming.directory.BasicAttributes(); - m_idenTokenConfig = idenTokenConfig; - } - - /* - * Constructor. - */ - public CasaIdentityToken () - { - // Initialize our members - m_token = null; - m_attributes = new javax.naming.directory.BasicAttributes(); - m_idenTokenConfig = null; - } - - /* - * Initialize with parameters. - */ - public void initialize (String identityId, - String sourceName, - String targetService, - String targetHost, - SvcConfig svcConfig) throws Exception - { - // Save input parameters - m_identityId = identityId; - m_sourceName = sourceName; - m_sourceUrl = "ldap://myldaphost.novell.com:389"; // tbd - Obtain from Identity Abstraction layer - m_service = targetService; - m_host = targetHost; - - try - { - // Open a directory context and use it to read the identity attributes. - Hashtable env = new Hashtable(); - env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory"); - env.put(IAContext.IA_REALM_CONFIG_LOCATION, svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile)); - env.put(IAContext.IA_REALM_SELECTOR, sourceName); - - DirContext ctx = new InitialDirContext(env); - - // Setup a string buffer for building the IdentityToken, notice for now - // we are not going to wrap the identity token. - StringBuffer sb = new StringBuffer(); - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + casaIdentTokElementName + ">" + "\r\n"); - sb.append("<" + idElementName + ">" + identityId + "\r\n"); - sb.append("<" + sourceNameElementName + ">" + sourceName + "\r\n"); - sb.append("<" + sourceUrlElementName + ">" + m_sourceUrl + "\r\n"); - sb.append("<" + targetServiceElementName + ">" + m_service + "\r\n"); - sb.append("<" + targetHostElementName + ">" + m_host + "\r\n"); - sb.append("<" + attributesElementName + ">" + "\r\n"); - - // Get the necessary attributes of the specified services in the identity token - String[] attributesNeeded = m_idenTokenConfig.getAttributes(); - boolean encryptAttributes = "true".equals(m_idenTokenConfig.getSetting(IdenTokenConfig.EncryptAttributes)); - Attributes attrs = ctx.getAttributes(identityId, attributesNeeded); - - // Now append the attributes to the token - for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();) - { - javax.naming.directory.Attribute attr = (javax.naming.directory.Attribute) ae.next(); - - NamingEnumeration enumeration = attr.getAll(); - while (enumeration.hasMore()) - { - Object attrValue = enumeration.next(); - m_attributes.put(attr.getID(), attrValue); - System.err.println("CasaIdentityToken.initialize()- Including attribute " + attr.getID()); - - // Encrypt the attribute if necessary - if (encryptAttributes == true) - { - // tbd - Encrypt the attributes using the services public key, let the mechanism - // be configurable. The service's certificate should be Base64 encoded as a setting - // of the identoken.settings file. - } - else - { - // Proceed based on the attribute value type - if (attrValue instanceof byte[]) - { - // The attribute value is of type byte[], we need to encode it. - sb.append("<" + attr.getID() + " type=\"binary\" encoding=\"base64\">" + new String(Base64Coder.encode((byte[]) attrValue)) + "" + "\r\n"); - System.err.println("Attribute " + attr.getID() + "included as " + new String(Base64Coder.encode((byte[]) attrValue))); - } - else - { - // Assume the attribute value is of type String - sb.append("<" + attr.getID() + ">" + (String) attrValue + "" + "\r\n"); - } - } - } - } - sb.append("" + "\r\n"); - sb.append("" + "\r\n"); - - m_token = sb.toString(); - } - catch (NamingException e) - { - // tbd - Log the event??? - System.err.println("CasaIdentityToken.initialize()- Exception: " + e.getExplanation()); - } - catch (Exception e) - { - // tbd - System.err.println("CasaIdentityToken.initialize()- Exception: " + e.toString()); - } - } - - /* - * Initialize the token object with an ecoded token string. - */ - public void initialize (String encodedToken) throws Exception - { - // Save copy of the token - m_token = Base64Coder.decode(encodedToken); - - // Now parse the token into its elements - try - { - // Parse the AuthReqMsg - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(this); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - - ByteArrayInputStream inStream = new ByteArrayInputStream(m_token.getBytes()); - InputSource source = new InputSource(inStream); - xr.parse(source); - } - catch (SAXException e) - { - // tbd - Log this. - System.err.println("CasaIdentityToken()- Parse exception: " + e.toString()); - throw new Exception("Token error"); - } - } - - /* - * Returns encoded token string. - * - * IMPORTANT: The token string can not contain the substring "]]>" - * within it. - */ - public String getEncodedToken () throws Exception - { - if (m_token != null) - { - return Base64Coder.encode(m_token); - } - else - { - System.err.println("CasaIdentityToken.toString()- Not initialized"); - throw new Exception("Not initialized"); - } - } - - /* - * Returns a string containing our type of identity token provider. - */ - public String getProviderType () throws Exception - { - // tbd - Change to a GUID - return "CasaIdentityToken"; - } - - /* - * Returns a string containing the identity id. - */ - public String getIdentityId () throws Exception - { - if (m_identityId != null) - return m_identityId; - else - { - System.err.println("CasaIdentityToken.getIdentityId()- Not initialized"); - throw new Exception("Not initialized"); - } - } - - /* - * Returns a string containing the name associated with the - * identity source. - */ - public String getSourceName () throws Exception - { - if (m_sourceName != null) - return m_sourceName; - else - { - System.err.println("CasaIdentityToken.getSourceName()- Not initialized"); - throw new Exception("Not initialized"); - } - } - - /* - * Returns a string containing the url associated with the - * identity source. - */ - public String getSourceUrl () throws Exception - { - if (m_sourceUrl != null) - return m_sourceUrl; - else - { - System.err.println("CasaIdentityToken.getSourceUrl()- Not initialized"); - throw new Exception("Not initialized"); - } - } - - /* - * Returns a string containing the name of the targeted service. - */ - public String getTargetService () throws Exception - { - if (m_service != null) - return m_service; - else - { - System.err.println("CasaIdentityToken.getTargetService()- Not initialized"); - throw new Exception("Not initialized"); - } - } - - /* - * Returns a string containig the name of the host where the - * targeted service resides. - */ - public String getTargetHost () throws Exception - { - if (m_host != null) - return m_host; - else - { - System.err.println("CasaIdentityToken.getTargetHost()- Not initialized"); - throw new Exception("Not initialized"); - } - } - - /* - * Returns the attributes of the identity. - */ - public javax.naming.directory.Attributes getAttributes () throws Exception - { - if (m_attributes != null) - return m_attributes; - else - { - System.err.println("CasaIdentityToken.getIdentityAttributes()- Not initialized"); - throw new Exception("Not initialized"); - } - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java deleted file mode 100644 index 59301e54..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java +++ /dev/null @@ -1,388 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.util.*; - -/** - * EnabledSvcsConfig Class. - * - * This class obtains and maintains configuration and policy information about - * the services enabled to use Authentication Tokens. - * - */ -public class EnabledSvcsConfig -{ - private static final String m_authPolicyFileName = "auth.policy"; - private static final String m_authTokenSettingsFileName = "authtoken.settings"; - private static final String m_idenTokenSettingsFileName = "identoken.settings"; - - private Map m_hostsMap; - - /** - * SvcConfigEntry Class. - * - * This class is used to maintain the configuration and policy associated with an - * enabled service. - * - */ - private class SvcConfigEntry - { - protected byte[] m_authPolicyFileData; - protected AuthTokenConfig m_authTokenConfig; - protected IdenTokenConfig m_idenTokenConfig; - - /* - * Constructor. - */ - public SvcConfigEntry(byte[] authPolicyFileData, - AuthTokenConfig authTokenConfig, - IdenTokenConfig idenTokenConfig) - { - m_authPolicyFileData = authPolicyFileData; - m_authTokenConfig = authTokenConfig; - m_idenTokenConfig = idenTokenConfig; - } - } - - /* - * Constructor. - */ - public EnabledSvcsConfig(String svcConfigPath) throws Exception - { - System.err.println("EnabledSvcsConfig()-"); - System.err.println("EnabledSvcsConfig()- SvcConfigPath = " + svcConfigPath); - - // Initialize the default auth policy, authtoken, and identtoken configs. - byte[] defaultAuthPolicyData = null; - AuthTokenConfig defaultAuthTokenConfig = null; - IdenTokenConfig defaultIdenTokenConfig = null; - - // Create a map to keep track of the enabled services and their configuration - // for each configured host. - m_hostsMap = new HashMap(); - - // Get access to the configuration folder for the service - File configFolder = new File(svcConfigPath); - try - { - // Try to obtain the default authentication policy - try - { - File f = new File(configFolder, m_authPolicyFileName); - defaultAuthPolicyData = new byte[(int) f.length()]; - FileInputStream inStream = new FileInputStream(f); - int bytesRead = inStream.read(defaultAuthPolicyData); - inStream.close(); - if (bytesRead != defaultAuthPolicyData.length) - { - System.err.println("EnabledSvcsConfig()- Error reading default policy file"); - } - } - catch (SecurityException e) - { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + configFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); - } - catch (FileNotFoundException e) - { - System.err.println("EnabledSvcsConfig()- File " + configFolder + File.separator + m_authPolicyFileName + " not found"); - } - catch (IOException e) - { - System.err.println("EnabledSvcsConfig()- IOException reading " + configFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); - } - - // Try to obtain the default authentication token settings - try - { - defaultAuthTokenConfig = new AuthTokenConfig(configFolder + File.separator + m_authTokenSettingsFileName); - } - catch (Exception e) - { - // Not able to create authentication token configuration using the default - // file. Create one using default parameters. - defaultAuthTokenConfig = new AuthTokenConfig(); - } - - // Try to obtain the default identity token settings - try - { - defaultIdenTokenConfig = new IdenTokenConfig(configFolder + File.separator + m_idenTokenSettingsFileName); - } - catch (Exception e) - { - // Not able to create identity token configuration using the default - // file. Create one using default parameters. - defaultIdenTokenConfig = new IdenTokenConfig(); - } - - // Now go through the configured hosts. Note that the services config folder - // contains folders for each host for which there are enabled services. The folders - // in the services config folder must match the DNS name of the hosts where - // the enabled services reside. - File servicesConfigFolder = new File(svcConfigPath, "enabled_services"); - try - { - String[] servicesConfigFolderObjs = servicesConfigFolder.list(); - if (servicesConfigFolderObjs != null) - { - for (int i = 0; i < servicesConfigFolderObjs.length; i++) - { - // Check if we are dealing with a file or a folder - File hostFolder = new File(servicesConfigFolder, servicesConfigFolderObjs[i]); - try - { - if (hostFolder.isDirectory() == true) - { - System.err.println("EnabledSvcsConfig()- Host folder " + hostFolder + " is directory"); - - // Now go through the services configured for this host - String[] hostFolderObjs = hostFolder.list(); - if (hostFolderObjs != null) - { - // Create a Map object to hold the service configurations for this host - Map enabledSvcsConfigMap = new HashMap(); - - for (int ii = 0; ii < hostFolderObjs.length; ii++) - { - // Check if we are dealing with a file or a folder - File serviceFolder = new File(hostFolder, hostFolderObjs[ii]); - System.err.println("EnabledSvcsConfig()- Service folder " + serviceFolder); - try - { - if (serviceFolder.isDirectory() == true) - { - System.err.println("EnabledSvcsConfig()- Service folder " + serviceFolder + " is directory"); - - // We are dealing with a folder, remember that the folder name matches the name - // of the enabled service. Check and see if there are authentication policy and - // authtoken and identoken setting files configured for it. - byte[] authPolicyData = null; - AuthTokenConfig authTokenConfig = null; - IdenTokenConfig idenTokenConfig = null; - - try - { - File policyFile = new File(serviceFolder, m_authPolicyFileName); - authPolicyData = new byte[(int) policyFile.length()]; - FileInputStream inStream = new FileInputStream(policyFile); - int bytesRead = inStream.read(authPolicyData); - inStream.close(); - if (bytesRead != authPolicyData.length) - { - System.err.println("EnabledSvcsConfig()- Error reading policy file for " + servicesConfigFolderObjs[i] + " " + hostFolderObjs[ii]); - } - } - catch (SecurityException e) - { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + serviceFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); - } - catch (FileNotFoundException e) - { - System.err.println("EnabledSvcsConfig()- No authentication policy file for " + serviceFolder); - } - catch (IOException e) - { - System.err.println("EnabledSvcsConfig()- IOException reading " + serviceFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); - } - - try - { - authTokenConfig = new AuthTokenConfig(serviceFolder + File.separator + m_authTokenSettingsFileName); - } - catch (Exception e) - { - System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + File.separator + m_authTokenSettingsFileName + " Exception=" + e.toString()); - } - - try - { - idenTokenConfig = new IdenTokenConfig(serviceFolder + File.separator + m_idenTokenSettingsFileName); - } - catch (Exception e) - { - System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + File.separator + m_idenTokenSettingsFileName + " Exception=" + e.toString()); - } - - // Make sure that we have a policy file - if ((authPolicyData != null && authPolicyData.length != 0) - || (defaultAuthPolicyData != null && defaultAuthPolicyData.length != 0)) - { - // Instantiate SvcConfigEntry for this service and place it in our map - SvcConfigEntry svcConfigEntry = new SvcConfigEntry((authPolicyData != null && authPolicyData.length != 0) ? authPolicyData : defaultAuthPolicyData, - (authTokenConfig != null) ? authTokenConfig : defaultAuthTokenConfig, - (idenTokenConfig != null) ? idenTokenConfig : defaultIdenTokenConfig); - - // Add this entry to our map - System.err.println("EnabledSvcsConfig()- Adding entry in map for " + servicesConfigFolderObjs[i] + " " + hostFolderObjs[ii]); - enabledSvcsConfigMap.put(hostFolderObjs[ii], svcConfigEntry); - } - else - { - System.err.println("EnabledSvcsConfig()- Unable to enable " + servicesConfigFolderObjs[i] + " " + hostFolderObjs[ii] + " due to no configured authentication policy"); - } - } - } - catch (SecurityException e) - { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + serviceFolder + " Exception=" + e.toString()); - } - - // Add this hosts enabled services configuration map to the hosts map - m_hostsMap.put(servicesConfigFolderObjs[i], enabledSvcsConfigMap); - } - } - else - { - System.err.println("EnabledSvcsConfig()- No services configured for " + hostFolder); - } - } - } - catch (SecurityException e) - { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + hostFolder + " Exception=" + e.toString()); - } - } - } - else - { - System.err.println("EnabledSvcsConfig()- Unable to obtain services folder " + servicesConfigFolder + " objects"); - } - } - catch (SecurityException e) - { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + servicesConfigFolder + " Exception=" + e.toString()); - } - } - catch (SecurityException e) - { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + configFolder + " Exception=" + e.toString()); - } - } - - /* - * Returns true if the specified service has been enabled to use authentication - * tokens. - */ - public boolean svcEnabled(String hostName, String serviceName) - { - // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = (Map) m_hostsMap.get(hostName); - if (enabledSvcsConfigMap != null) - { - return enabledSvcsConfigMap.containsKey(serviceName); - } - else - { - return false; - } - } - - /* - * Returns the data associated with the authentication policy file - * associated with the specified service. - */ - public byte[] getAuthPolicyFileDataForSvc(String hostName, String serviceName) - { - // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = (Map) m_hostsMap.get(hostName); - if (enabledSvcsConfigMap != null) - { - // Retrieve SvcConfigEntry for the service from the map for the host - SvcConfigEntry svcConfigEntry = (SvcConfigEntry) enabledSvcsConfigMap.get(serviceName); - if (svcConfigEntry != null) - { - return svcConfigEntry.m_authPolicyFileData; - } - else - { - return null; - } - } - else - { - return null; - } - } - - /* - * Returns the authentication token configuration associated with the - * specified service. - */ - public AuthTokenConfig getAuthTokenConfig(String hostName, String serviceName) - { - // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = (Map) m_hostsMap.get(hostName); - if (enabledSvcsConfigMap != null) - { - // Retrieve SvcConfigEntry for the service from the map for the host - SvcConfigEntry svcConfigEntry = (SvcConfigEntry) enabledSvcsConfigMap.get(serviceName); - if (svcConfigEntry != null) - { - return svcConfigEntry.m_authTokenConfig; - } - else - { - return null; - } - } - else - { - return null; - } - } - - /* - * Returns the identity token configuration associated with the - * specified service. - */ - public IdenTokenConfig getIdenTokenConfig(String hostName, String serviceName) - { - // First try to obtain the Map of enabled services for the host - // tbd - Should we make this case insensitive? - Map enabledSvcsConfigMap = (Map) m_hostsMap.get(hostName); - if (enabledSvcsConfigMap != null) - { - // Retrieve SvcConfigEntry for the service from the map for the host - SvcConfigEntry svcConfigEntry = (SvcConfigEntry) enabledSvcsConfigMap.get(serviceName); - if (svcConfigEntry != null) - { - return svcConfigEntry.m_idenTokenConfig; - } - else - { - return null; - } - } - else - { - return null; - } - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicy.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicy.java deleted file mode 100644 index 20654539..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicy.java +++ /dev/null @@ -1,127 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.io.PrintWriter; -import java.util.*; - -/** - * GetAuthPolicy Class. - * - * This class processes get authentication policy requests for a particular - * service. - * - */ -public class GetAuthPolicy implements RpcMethod -{ - private SvcConfig m_svcConfig; - private EnabledSvcsConfig m_enabledSvcsConfig; - - /* - * Constructor. - */ - public GetAuthPolicy() throws Exception - { - // Nothing to do at this time - } - - /* - * Initialize the Rpc method. - */ - public void init(SvcConfig svcConfig, EnabledSvcsConfig enabledSvcsConfig) throws Exception - { - m_svcConfig = svcConfig; - m_enabledSvcsConfig = enabledSvcsConfig; - } - - /* - * Process Rpc. - */ - public void invoke(InputStream inStream, PrintWriter out) throws IOException - { - try - { - System.err.println("GetAuthPolicy.invoke()"); - - // Read and parse the GetAuthPolicyReqMsg sent from the client - GetAuthPolicyReqMsg getAuthPolicyReqMsg = new GetAuthPolicyReqMsg(inStream); - - // Verify that the service is enabled - if (m_enabledSvcsConfig.svcEnabled(getAuthPolicyReqMsg.getHostName(), getAuthPolicyReqMsg.getServiceName())) - { - // Get the auth policy for the service - byte[] authPolicy = m_enabledSvcsConfig.getAuthPolicyFileDataForSvc(getAuthPolicyReqMsg.getHostName(), - getAuthPolicyReqMsg.getServiceName()); - if (authPolicy != null) - { - // Write out the response - GetAuthPolicyRespMsg getAuthPolicyRespMsg = new GetAuthPolicyRespMsg(ProtoDefs.httpOkStatusMsg, - ProtoDefs.httpOkStatusCode, - new String(Base64Coder.encode(authPolicy))); - out.println(getAuthPolicyRespMsg.toString()); - } - else - { - System.err.println("GetAuthPolicy.invoke()- authPolicy is null for enabled service: " + getAuthPolicyReqMsg.getServiceName()); - GetAuthPolicyRespMsg getAuthPolicyRespMsg = new GetAuthPolicyRespMsg(ProtoDefs.httpServerErrorStatusMsg, - ProtoDefs.httpServerErrorStatusCode); - out.println(getAuthPolicyRespMsg.toString()); - } - } - else - { - // The service has not been enabled to utilize our authentication tokens - GetAuthPolicyRespMsg getAuthPolicyRespMsg = new GetAuthPolicyRespMsg(ProtoDefs.httpNotFoundStatusMsg, - ProtoDefs.httpNotFoundStatusCode); - out.println(getAuthPolicyRespMsg.toString()); - } - } - catch (Exception e) - { - System.err.println("GetAuthPolicy.invoke()- Exception: " + e.toString()); - - // Write out the response - try - { - GetAuthPolicyRespMsg getAuthPolicyRespMsg = new GetAuthPolicyRespMsg(ProtoDefs.httpServerErrorStatusMsg, - ProtoDefs.httpServerErrorStatusCode); - out.println(getAuthPolicyRespMsg.toString()); - } - catch (Exception e2) - { - System.err.println("GetAuthPolicy.invoke()- Exception trying to construct response msg: " + e2.toString()); - } - } - } - - /* - * Return the method id. - */ - public String getId() - { - return "GetAuthPolicy"; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyReqMsg.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyReqMsg.java deleted file mode 100644 index 73815f00..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyReqMsg.java +++ /dev/null @@ -1,282 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.InputStream; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -/** - * GetAuthPolicyReqMsg Class. - * - * This class deals with the message sent by Casa Client when requesting - * authenication policy to authenticate an entity to a particular service. - * The format of the the message is as follows: - * - * - * - * service name - * host name - * - * - */ -public class GetAuthPolicyReqMsg -{ - - protected String m_serviceName = null; - protected String m_hostName = null; - - /* - * Class for handling GetAuthPolicyReq msg parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_ROOT_ELEMENT_END = 1; - private final static int AWAITING_SERVICE_ELEMENT_START = 2; - private final static int AWAITING_SERVICE_ELEMENT_END = 3; - private final static int AWAITING_SERVICE_DATA = 4; - private final static int AWAITING_HOST_ELEMENT_START = 5; - private final static int AWAITING_HOST_ELEMENT_END = 6; - private final static int AWAITING_HOST_DATA = 7; - private final static int DONE_PARSING = 8; - - private GetAuthPolicyReqMsg m_GetAuthPolicyReqMsg; - private int m_state; - - /* - * Constructor - */ - public SAXHandler (GetAuthPolicyReqMsg GetAuthPolicyReqMsg) - { - super(); - - // Initialize our members - m_GetAuthPolicyReqMsg = GetAuthPolicyReqMsg; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we obtained all of the required elements - if (m_state != DONE_PARSING) - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.endDocument()- Missing element"); - throw new SAXException("Missing element"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.getAuthPolicyRequestElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SERVICE_ELEMENT_START; - } - else - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SERVICE_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.serviceElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SERVICE_DATA; - } - else - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_HOST_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.hostElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_HOST_DATA; - } - else - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - - break; - - default: - System.err.println("GetAuthPolicyReqMsg SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.getAuthPolicyRequestElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SERVICE_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.serviceElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_HOST_ELEMENT_START; - } - else - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_HOST_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.hostElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ROOT_ELEMENT_END; - } - else - { - System.err.println("GetAuthPolicyReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("GetAuthPolicyReqMsg SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_SERVICE_DATA: - // Consume the data - m_GetAuthPolicyReqMsg.m_serviceName = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SERVICE_ELEMENT_END; - break; - - case AWAITING_HOST_DATA: - // Consume the data - m_GetAuthPolicyReqMsg.m_hostName = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_HOST_ELEMENT_END; - break; - - default: - // Do nothing - break; - } - } - } - - /* - * Constructor - */ - public GetAuthPolicyReqMsg (InputStream inStream) throws Exception - { - try - { - // Parse the GetAuthPolicyReqMsg - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(this); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - } - catch (SAXException e) - { - System.err.println("GetAuthPolicyReqMsg()- Parse exception: " + e.toString()); - throw new Exception("Protocol error"); - } - } - - /* - * Method to get the service name. - */ - public String getServiceName() throws Exception - { - return m_serviceName; - } - - /* - * Method to get the host name. - */ - public String getHostName() throws Exception - { - return m_hostName; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyRespMsg.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyRespMsg.java deleted file mode 100644 index 7b122473..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthPolicyRespMsg.java +++ /dev/null @@ -1,111 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -/** - * GetAuthPolicyRespMsg Class. - * - * This class deals with the message sent to the Casa Client as a - * response to a get authentication token request. The format of - * the message is as follows when the response includes an - * authentication token: - * - * - * - * OK200 - * authentication policy data - * - * - * The format of the message is as follows when the response does not - * include an authentication token. - * - * - * - * status descriptionstatus code - * - * - * Plase note that the protocol utilizes the status codes defined - * in the HTTP 1.1 Specification. - * - */ -public class GetAuthPolicyRespMsg -{ - - String m_msg; - - /* - * Constructor for a msg that does not include the authentication policy. - */ - public GetAuthPolicyRespMsg ( - String statusDescription, - String statusCode) throws Exception - { - // Get a StringBuffer to help us with the construction of the message - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.getAuthPolicyResponseElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.statusElementName + ">" - + "<" + ProtoDefs.descriptionElementName + ">" + statusDescription + "" - + statusCode + "" + "\r\n"); - sb.append("" + "\r\n"); - - // The message has now been built, save it. - m_msg = sb.toString(); - } - - /* - * Constructor for a msg that includes the authentication policy. - */ - public GetAuthPolicyRespMsg ( - String statusDescription, - String statusCode, - String authPolicy) throws Exception - { - // Get a StringBuffer to help us with the construction of the message - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.getAuthPolicyResponseElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.statusElementName + ">" - + "<" + ProtoDefs.descriptionElementName + ">" + ProtoDefs.httpOkStatusMsg + "" - + ProtoDefs.httpOkStatusCode + "" + "\r\n"); - sb.append("<" + ProtoDefs.authPolicyElementName + ">" + authPolicy + "" + "\r\n"); - sb.append("" + "\r\n"); - - // The message has now been built, save it. - m_msg = sb.toString(); - } - - /* - * Returns a string containing the GetAuthPolicyRespMsg. - */ - public String toString() - { - return m_msg; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokReqMsg.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokReqMsg.java deleted file mode 100644 index 52ecee00..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokReqMsg.java +++ /dev/null @@ -1,331 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.InputStream; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -/** - * GetAuthTokReqMsg Class. - * - * This class deals with the message sent by Casa Client when requesting - * a token to authenticate an entity to a particular service. The format of - * the message is as follows: - * - * - * - * service name - * host name - * session token data - * - * - */ -public class GetAuthTokReqMsg -{ - - protected String m_serviceName = null; - protected String m_hostName = null; - protected String m_sessionToken = null; - - /* - * Class for handling GetAuthTokReq msg parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_ROOT_ELEMENT_END = 1; - private final static int AWAITING_SERVICE_ELEMENT_START = 2; - private final static int AWAITING_SERVICE_ELEMENT_END = 3; - private final static int AWAITING_SERVICE_DATA = 4; - private final static int AWAITING_HOST_ELEMENT_START = 5; - private final static int AWAITING_HOST_ELEMENT_END = 6; - private final static int AWAITING_HOST_DATA = 7; - private final static int AWAITING_SESSION_TOKEN_ELEMENT_START = 8; - private final static int AWAITING_SESSION_TOKEN_ELEMENT_END = 9; - private final static int AWAITING_SESSION_TOKEN_DATA = 10; - private final static int DONE_PARSING = 11; - - private GetAuthTokReqMsg m_GetAuthTokReqMsg; - private int m_state; - - /* - * Constructor - */ - public SAXHandler (GetAuthTokReqMsg GetAuthTokReqMsg) - { - super(); - - // Initialize our members - m_GetAuthTokReqMsg = GetAuthTokReqMsg; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we obtained all of the required elements - if (m_state != DONE_PARSING) - { - System.err.println("GetAuthTokReqMsg SAXHandler.endDocument()- Missing element"); - throw new SAXException("Missing element"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.getAuthTokRequestElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SERVICE_ELEMENT_START; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SERVICE_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.serviceElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SERVICE_DATA; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_HOST_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.hostElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_HOST_DATA; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - - break; - - case AWAITING_SESSION_TOKEN_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.sessionTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SESSION_TOKEN_DATA; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("GetAuthTokReqMsg SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.getAuthTokRequestElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SERVICE_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.serviceElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_HOST_ELEMENT_START; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_HOST_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.hostElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SESSION_TOKEN_ELEMENT_START; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SESSION_TOKEN_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.sessionTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ROOT_ELEMENT_END; - } - else - { - System.err.println("GetAuthTokReqMsg SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("GetAuthTokReqMsg SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_SERVICE_DATA: - // Consume the data - m_GetAuthTokReqMsg.m_serviceName = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SERVICE_ELEMENT_END; - break; - - case AWAITING_HOST_DATA: - // Consume the data - m_GetAuthTokReqMsg.m_hostName = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_HOST_ELEMENT_END; - break; - - case AWAITING_SESSION_TOKEN_DATA: - // Consume the data - m_GetAuthTokReqMsg.m_sessionToken = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SESSION_TOKEN_ELEMENT_END; - break; - - default: - // Do nothing - break; - } - } - } - - /* - * Constructor - */ - public GetAuthTokReqMsg (InputStream inStream) throws Exception - { - try - { - // Parse the GetAuthTokReqMsg - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(this); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - } - catch (SAXException e) - { - System.err.println("GetAuthTokReqMsg()- Parse exception: " + e.toString()); - throw new Exception("Protocol error"); - } - } - - /* - * Method to get the service name. - */ - public String getServiceName() throws Exception - { - return m_serviceName; - } - - /* - * Method to get the host name. - */ - public String getHostName() throws Exception - { - return m_hostName; - } - - /* - * Method to get the session token. - */ - public String getSessionToken() throws Exception - { - return m_sessionToken; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokRespMsg.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokRespMsg.java deleted file mode 100644 index 01dd193d..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthTokRespMsg.java +++ /dev/null @@ -1,115 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -/** - * GetAuthTokRespMsg Class. - * - * This class deals with the message sent to the Casa Client as a - * response to a get authentication token request. The format of - * the message is as follows when the response includes an - * authentication token: - * - * - * - * OK200 - * lifetime valueauthentication token data - * - * - * The format of the message is as follows when the response does not - * include an authentication token. - * - * - * - * status descriptionstatus code - * - * - * Plase note that the protocol utilizes the status codes defined - * in the HTTP 1.1 Specification. - * - */ -public class GetAuthTokRespMsg -{ - - String m_msg; - - /* - * Constructor for a msg that does not include the authentication token. - */ - public GetAuthTokRespMsg ( - String statusDescription, - String statusCode) throws Exception - { - // Get a StringBuffer to help us with the construction of the message - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.getAuthTokResponseElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.statusElementName + ">" - + "<" + ProtoDefs.descriptionElementName + ">" + statusDescription + "" - + statusCode + "" + "\r\n"); - sb.append("" + "\r\n"); - - // The message has now been built, save it. - m_msg = sb.toString(); - } - - /* - * Constructor for a msg that includes the authentication token. - */ - public GetAuthTokRespMsg ( - String statusDescription, - String statusCode, - String authToken, - String authTokenLifetime) throws Exception - { - // Get a StringBuffer to help us with the construction of the message - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.getAuthTokResponseElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.statusElementName + ">" - + "<" + ProtoDefs.descriptionElementName + ">" + ProtoDefs.httpOkStatusMsg + "" - + ProtoDefs.httpOkStatusCode + "" + "\r\n"); - sb.append("<" + ProtoDefs.authTokenElementName + ">" - + "<" + ProtoDefs.lifetimeElementName + ">" + authTokenLifetime + "" - + authToken + "" + "\r\n"); - sb.append("" + "\r\n"); - - // The message has now been built, save it. - m_msg = sb.toString(); - } - - /* - * Returns a string containing the GetAuthTokRespMsg. - */ - public String toString() - { - return m_msg; - } -} - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthToken.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthToken.java deleted file mode 100644 index 9f6a1a56..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/GetAuthToken.java +++ /dev/null @@ -1,146 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.IOException; -import java.io.InputStream; -import java.io.PrintWriter; - -/** - * GetAuthToken Class. - * - * This class processes requests for tokens to authenticate an entity - * to a particular service. - * - */ -public class GetAuthToken implements RpcMethod -{ - private SvcConfig m_svcConfig; - private EnabledSvcsConfig m_enabledSvcsConfig; - - /* - * Constructor. - */ - public GetAuthToken() throws Exception - { - // Nothing to do at this time - } - - /* - * Initialize the Rpc method. - */ - public void init(SvcConfig svcConfig, EnabledSvcsConfig enabledSvcsConfig) throws Exception - { - m_svcConfig = svcConfig; - m_enabledSvcsConfig = enabledSvcsConfig; - } - - /* - * Process Rpc. - */ - public void invoke(InputStream inStream, PrintWriter out) throws IOException - { - try - { - System.err.println("GetAuthToken.invoke()"); - - // Parse the GetAuthTokReqMsg sent from the client - GetAuthTokReqMsg getAuthTokReqMsg = new GetAuthTokReqMsg(inStream); - - // Verify that the service is enabled - if (m_enabledSvcsConfig.svcEnabled(getAuthTokReqMsg.getHostName(), - getAuthTokReqMsg.getServiceName())) - { - // Now create a session token (This validates the session token provided). - SessionToken sessionToken = new SessionToken(getAuthTokReqMsg.getSessionToken()); - - try - { - // Create the Authentication Token - AuthToken authToken = new AuthToken(sessionToken.getIdentId(), - sessionToken.getRealm(), - getAuthTokReqMsg.getServiceName(), - getAuthTokReqMsg.getHostName(), - m_svcConfig, - m_enabledSvcsConfig); - - // Write out the response - GetAuthTokRespMsg getAuthTokRespMsg = new GetAuthTokRespMsg(ProtoDefs.httpOkStatusMsg, - ProtoDefs.httpOkStatusCode, - authToken.toString(), - authToken.getLifetime()); - out.println(getAuthTokRespMsg.toString()); - } - catch (Exception e) - { - System.err.println("GetAuthToken.invoke()- Exception: " + e.toString()); - - // Write out the response - try - { - GetAuthTokRespMsg getAuthTokRespMsg = new GetAuthTokRespMsg(ProtoDefs.httpUnauthorizedStatusMsg, - ProtoDefs.httpUnauthorizedStatusCode); - out.println(getAuthTokRespMsg.toString()); - } - catch (Exception e2) - { - System.err.println("GetAuthToken.invoke()- Exception trying to construct response msg: " + e2.toString()); - } - } - } - else - { - // The service has not been enabled to utilize our authentication tokens - GetAuthTokRespMsg getAuthTokRespMsg = new GetAuthTokRespMsg(ProtoDefs.httpNotFoundStatusMsg, - ProtoDefs.httpNotFoundStatusCode); - out.println(getAuthTokRespMsg.toString()); - } - } - catch (Exception e) - { - System.err.println("GetAuthToken.invoke()- Exception: " + e.toString()); - - // Write out the response - try - { - GetAuthTokRespMsg getAuthTokRespMsg = new GetAuthTokRespMsg(ProtoDefs.httpServerErrorStatusMsg, - ProtoDefs.httpServerErrorStatusCode); - out.println(getAuthTokRespMsg.toString()); - } - catch (Exception e2) - { - System.err.println("GetAuthToken.invoke()- Exception trying to construct response msg: " + e2.toString()); - } - } - } - - /* - * Return the method id. - */ - public String getId() - { - return "GetAuthToken"; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdenTokenConfig.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdenTokenConfig.java deleted file mode 100644 index d1b77f29..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdenTokenConfig.java +++ /dev/null @@ -1,294 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.util.*; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -/** - * IdenTokenConfig Class. - * - * This class obtains and maintains identity token configuration. - * - */ -public class IdenTokenConfig -{ - // Well known identity token configuration settings - public final static String EncryptAttributes = "EncryptAttributes"; - public final static String Attributes = "Attributes"; - - // Default configuration values - private String m_defaultEncryptAttributesValue = "false"; - private String m_defaultAttributesValue = "sn"; - - private Map m_tokenSettingsMap; - private String[] m_identityAttributes; - - /* - * Class for handling parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_SETTING_ELEMENT_START = 1; - private final static int AWAITING_SETTING_ELEMENT_DATA = 2; - private final static int AWAITING_SETTING_ELEMENT_END = 3; - private final static int DONE_PARSING = 4; - - private final static String m_rootElementName = "settings"; - - private Map m_keyMap; - private int m_state; - private String m_currentKey; - - /* - * Constructor - */ - public SAXHandler(Map keyMap) - { - super(); - - // Initialize our members - m_keyMap = keyMap; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we are not in an invalid state - if (m_state != DONE_PARSING) - { - System.err.println("IdenTokenConfig SAXHandler.endDocument()- Invalid state" + m_state); - throw new SAXException("Invalid state at endDocument"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - } - else - { - System.err.println("IdenTokenConfig SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SETTING_ELEMENT_START: - // Keep track of the key name - m_currentKey = qName; - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_DATA; - break; - - default: - System.err.println("IdenTokenConfig SAXHandler.startElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at startElement"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_SETTING_ELEMENT_DATA: - case AWAITING_SETTING_ELEMENT_END: - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - break; - - case AWAITING_SETTING_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("IdenTokenConfig SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("IdenTokenConfig SAXHandler.endElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at endElement"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Consume the data if in the right state - if (m_state == AWAITING_SETTING_ELEMENT_DATA) - { - // Consume the data and add the key to map - // tbd - Add code to aggregate attributes specified as multiple elements - m_keyMap.put(m_currentKey, new String(ch, start, length)); - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_END; - } - } - } - - /* - * Constructor which sets default configuration values. - */ - public IdenTokenConfig() throws Exception - { - System.err.println("IdenTokenConfig()- Default"); - - // Create a map to keep track of the token settings - m_tokenSettingsMap = new HashMap(); - - // Set the default settings in our map - m_tokenSettingsMap.put(Attributes, m_defaultAttributesValue); - } - - /* - * Constructor. - */ - public IdenTokenConfig(String idenTokenSettingsFileName) throws Exception - { - System.err.println("IdenTokenConfig()-"); - - // Create a map to keep track of the token settings - m_tokenSettingsMap = new HashMap(); - - try - { - // Get an input stream to read from the token settings file - File f = new File(idenTokenSettingsFileName); - FileInputStream inStream = new FileInputStream(f); - - // Parse the file - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(m_tokenSettingsMap); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - - inStream.close(); - - // Process the specified attributes - if (m_tokenSettingsMap.containsKey(Attributes) == false) - { - System.err.println("IdenTokenConfig()- Attributes not configured, defaulting them."); - m_tokenSettingsMap.put(Attributes, m_defaultAttributesValue); - } - String attributes = (String) m_tokenSettingsMap.get(Attributes); - m_identityAttributes = attributes.split(","); - } - catch (SAXException e) - { - System.err.println("IdenTokenConfig()- " + idenTokenSettingsFileName + " format error, exception: " + e.toString()); - throw new Exception("IdenTokenConfig()- authtoken.settings format error"); - } - catch (SecurityException e) - { - System.err.println("IdenTokenConfig()- SecurityException accessing " + idenTokenSettingsFileName + " Exception=" + e.toString()); - throw new Exception("IdenTokenConfig()- Not able to access file"); - } - catch (FileNotFoundException e) - { - System.err.println("IdenTokenConfig()- File " + idenTokenSettingsFileName + " not found"); - throw new Exception("IdenTokenConfig()- File not found"); - } - catch (IOException e) - { - System.err.println("IdenTokenConfig()- IOException accessing " + idenTokenSettingsFileName + " Exception=" + e.toString()); - throw new Exception("IdenTokenConfig()- Read error"); - } - } - - /* - * Returns the value associated with the specified setting. - */ - public String getSetting(String settingName) throws Exception - { - // Try to find the setting in our map - String value = (String) m_tokenSettingsMap.get(settingName); - if (value == null) - { - System.err.println("IdenTokenConfig.getSetting()- Did not find setting " + settingName); - - // The setting is not in our map, check if it is one to - // which we have defaults. - if (settingName.equals(EncryptAttributes) == true) - { - value = m_defaultEncryptAttributesValue; - System.err.println("AuthTokenConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_tokenSettingsMap.put(EncryptAttributes, m_defaultEncryptAttributesValue); - } - } - else - { - System.err.println("IdenTokenConfig.getSetting()- Found setting " + settingName); - System.err.println("IdenTokenConfig.getSetting()- Setting value = " + value); - } - - return value; - } - - /* - * Returns the identity attributes that must be included in the token. - */ - public String[] getAttributes() throws Exception - { - return m_identityAttributes; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdentityToken.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdentityToken.java deleted file mode 100644 index 721157e7..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/IdentityToken.java +++ /dev/null @@ -1,93 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -/* - * IdentityToken Interface. - * - * This is the interface implemented by Identity Token Providers. - */ -public interface IdentityToken -{ - /* - * Initialize the token with parameters. - */ - void initialize(String identityId, - String sourceName, - String targetService, - String targetHost, - SvcConfig svcConfig) throws Exception; - - /* - * Initialize the token object with encoded token string. - */ - void initialize(String encodedToken) throws Exception; - - /* - * Returns encoded token string. - * - * IMPORTANT: The token string can not contain the substring "]]>" - * within it. - */ - String getEncodedToken() throws Exception; - - /* - * Returns a string containing the identity token provider type. - */ - String getProviderType() throws Exception; - - /* - * Returns a string containing the identity id. - */ - String getIdentityId() throws Exception; - - /* - * Returns a string containing the name associated with the - * identity source. - */ - String getSourceName() throws Exception; - - /* - * Returns a string containing the url associated with the - * identity source. - */ - String getSourceUrl() throws Exception; - - /* - * Returns a string containing the name of the targeted service. - */ - String getTargetService() throws Exception; - - /* - * Returns a string containig the name of the host where the - * targeted service resides. - */ - String getTargetHost() throws Exception; - - /* - * Returns the attributes of the identity. - */ - javax.naming.directory.Attributes getAttributes() throws Exception; -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java deleted file mode 100644 index 5814e0f4..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java +++ /dev/null @@ -1,257 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.Serializable; -import java.io.IOException; -import java.io.InputStream; -import java.io.PrintWriter; -import java.util.Hashtable; - -import javax.naming.Context; -import javax.naming.NamingEnumeration; -import javax.naming.NamingException; -import javax.naming.directory.Attributes; -import javax.naming.directory.BasicAttribute; -import javax.naming.directory.BasicAttributes; -import javax.naming.directory.DirContext; -import javax.naming.directory.InitialDirContext; -import javax.naming.directory.SearchResult; -import javax.naming.directory.SearchControls; - -import org.ietf.jgss.GSSContext; -import org.ietf.jgss.GSSCredential; -import org.ietf.jgss.GSSException; -import org.ietf.jgss.GSSManager; -import org.ietf.jgss.GSSName; -import org.ietf.jgss.Oid; - -import org.bandit.ia.IAContext; - -/** - * Krb5Authenticate Class. - * - * This class implementes an authentication mechanism for - * the processing of authentication requests utilizing a - * Kerberos5 token. - * - */ -public class Krb5Authenticate implements AuthMechanism, Serializable -{ - private static final String ServicePrincipalNameSetting = "ServicePrincipalName"; - - private SvcConfig m_svcConfig; - private AuthMechConfig m_mechConfig; - - /* - * GSS Long Lived variables - */ - protected GSSManager m_manager; - protected Oid m_krb5; - protected GSSName m_svcName; - protected GSSCredential m_credential; - - /* - * Krb5 Token Class. - */ - private class Krb5Token - { - private String m_principalName = ""; - - /* - * The format of the Krb5 token is as follows: - * - * Base64.encode(GSS-API Token data)); - */ - public Krb5Token(String encodedToken, Krb5Authenticate parent) throws Exception - { - // Decode the token - char[] tokenChars = new char[encodedToken.length()]; - encodedToken.getChars(0, tokenChars.length, tokenChars, 0); - byte[] tokenBytes = Base64Coder.decode(tokenChars); - - try - { - // Create a context and validate the token - GSSContext context = parent.m_manager.createContext(parent.m_credential); - System.err.println("tokenLength = " + tokenBytes.length); - context.acceptSecContext(tokenBytes, 0, tokenBytes.length); - - // Save the principal name of the authenticated entity - GSSName principalName = context.getSrcName(); - m_principalName = principalName.toString(); - - // Clean up - context.dispose(); - } - catch (GSSException e) - { - System.err.println("Krb5Authenticate Krb5Token()- GSS Exception caught: " + e.getLocalizedMessage()); - throw new Exception("Authentication Failure"); - } - } - - /* - * Returns the name of the authenticated principal - */ - public String getPrincipalName() - { - return m_principalName; - } - } - - /* - * Constructor - */ - public Krb5Authenticate() throws Exception - { - // Nothing to do at this time - } - - /* - * Initialize the mechanism. - */ - public void init(SvcConfig svcConfig, AuthMechConfig mechConfig) throws Exception - { - m_svcConfig = svcConfig; - m_mechConfig = mechConfig; - - String servicePrincipal = mechConfig.getSetting(ServicePrincipalNameSetting); - if (servicePrincipal != null) - { - try - { - // Initalize our GSS variables - // - // Get an instance of the default GSSManager - m_manager = GSSManager.getInstance(); - - // Create an OID specifying the Krb5 mechanism - m_krb5 = new Oid("1.2.840.113554.1.2.2"); - - // Create our host based service name - m_svcName = m_manager.createName(servicePrincipal, - GSSName.NT_HOSTBASED_SERVICE, - m_krb5); - - // Now acquire our credentials - m_credential = m_manager.createCredential(m_svcName, - GSSCredential.INDEFINITE_LIFETIME, - m_krb5, - GSSCredential.ACCEPT_ONLY); - } - catch (GSSException e) - { - System.err.println("Krb5Authenticate()- GSS Exception caught: " + e.getLocalizedMessage()); - throw new Exception("Failed to instantiate needed GSS objects"); - } - } - else - { - System.err.println("Krb5Authenticate()- Service Principal Name not configured"); - throw new Exception("Service Principal Name not configured"); - } - } - - /* - * invoke() implementation. - */ - public String invoke(AuthReqMsg authReqMsg) throws Exception - { - String identId = null; - - try - { - System.err.println("Krb5Authenticate.invoke()"); - - // Now parse the Kerberos Token - Krb5Token krb5Token = new Krb5Token(authReqMsg.getAuthMechToken(), this); - - // Open a directory context and use it to identify the users - // associated with the specified surname. - Hashtable env = new Hashtable(); - env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory"); - env.put(IAContext.IA_REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile)); - env.put(IAContext.IA_REALM_SELECTOR, authReqMsg.getRealm()); - - DirContext ctx = new InitialDirContext(env); - - // Now search for a user with a matching kerberos principal name. - // - // Set up a search control so that the search is scoped to the sub-tree - SearchControls controls = new SearchControls(); - controls.setSearchScope(SearchControls.SUBTREE_SCOPE); - - // Obtain the start search context - tbd - this will be removed once the functionality flows into Bandit - String searchContext = m_svcConfig.getSetting(SvcConfig.StartSearchContext); - if (searchContext == null) - { - // A start search context was not configured, start from the root. - searchContext = ""; - } - - // Perform the search - NamingEnumeration answer = ctx.search(searchContext, - "(krbPrincipalName={0})", - new String[] {krb5Token.getPrincipalName()}, - controls); - - // Proceed based on the result of the search - if (answer.hasMore()) - { - // The search succeeded, set the identity id. - SearchResult sr = (SearchResult)answer.next(); - if (searchContext.equals("")) - { - identId = sr.getNameInNamespace(); - } - else - { - identId = sr.getName() + "," + searchContext; - } - } - } - catch (NamingException e) - { - // Log the error - System.err.println("Krb5Authenticate.invoke()- NamingException: " + e.getExplanation()); - } - catch (Exception e) - { - System.err.println("Krb5Authenticate.invoke()- Exception: " + e.toString()); - } - - // Return the authentication result - return identId; - } - - /* - * Return the mechanism id. - */ - public String getId() - { - return "Krb5Authenticate"; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings deleted file mode 100644 index 6aa16259..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings +++ /dev/null @@ -1,7 +0,0 @@ - - - This is the authentication mechanism for the Krb5Authenticate scheme. The Krb5Authenticate scheme authenticates entities using Kerberos-V tokens. - com.novell.casa.authtoksvc.Krb5Authenticate - WEB-INF/classes - Specify the service's kerberos principal name - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Makefile.am b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Makefile.am deleted file mode 100644 index 34a945e4..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Makefile.am +++ /dev/null @@ -1,63 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = - -DIST_SUBDIRS = - -JAVAFILES = ProtoDefs.java \ - AuthMechConfig.java \ - SvcConfig.java \ - IdenTokenConfig.java \ - AuthTokenConfig.java \ - EnabledSvcsConfig.java \ - AuthMechanism.java \ - Authenticate.java \ - RpcMethod.java \ - Rpc.java \ - GetAuthPolicy.java \ - Base64Coder.java \ - AuthReqMsg.java \ - AuthRespMsg.java \ - IdentityToken.java \ - CasaIdentityToken.java \ - AuthToken.java \ - GetAuthPolicyReqMsg.java \ - GetAuthPolicyRespMsg.java \ - GetAuthToken.java \ - GetAuthTokReqMsg.java \ - GetAuthTokRespMsg.java \ - Krb5Authenticate.java \ - PwdAuthenticate.java \ - SessionToken.java - -EXTRA_DIST = $(JAVAFILES) \ - Krb5_mechanism.settings \ - Pwd_mechanism.settings - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/ProtoDefs.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/ProtoDefs.java deleted file mode 100644 index e878a02d..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/ProtoDefs.java +++ /dev/null @@ -1,86 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -/* - * ProDefs Class. - * - * This class contains constants utilized in the Casa Client/Server - * protocol. - * - */ -public class ProtoDefs -{ - - /* - * XML Declaration used in the Casa Client/Server protocol - */ - public final static String xmlDeclaration = ""; - - /* - * XML Element Name Constants for the documents exchanged between the - * Casa Client and the Casa Server. - */ - public final static String authRequestElementName = "auth_req"; - public final static String authResponseElementName = "auth_resp"; - public final static String getAuthPolicyRequestElementName = "get_auth_policy_req"; - public final static String getAuthPolicyResponseElementName = "get_auth_policy_resp"; - public final static String getAuthTokRequestElementName = "get_auth_tok_req"; - public final static String getAuthTokResponseElementName = "get_auth_tok_resp"; - public final static String authMechTokenElementName = "auth_mech_token"; - public final static String statusElementName = "status"; - public final static String sessionTokenElementName = "session_token"; - public final static String authTokenElementName = "auth_token"; - public final static String authPolicyElementName = "auth_policy"; - public final static String identTokenElementName = "ident_token"; - public final static String lifetimeElementName = "lifetime"; - public final static String signatureElementName = "signature"; - public final static String typeElementName = "type"; - public final static String descriptionElementName = "description"; - public final static String serviceElementName = "service"; - public final static String hostElementName = "host"; - public final static String identIdElementName = "ident_id"; - public final static String realmElementName = "realm"; - public final static String authSourceElementName = "auth_source"; - public final static String mechanismElementName = "mechanism"; - public final static String mechanismInfoElementName = "mechanism_info"; - - /* - * Configurable operating parameters - */ - public String sessionTokenLifetime = "360"; - - /* - * HTTP Status Codes and Messages - */ - public final static String httpOkStatusCode = "200"; - public final static String httpOkStatusMsg = "OK"; - public final static String httpUnauthorizedStatusCode = "401"; - public final static String httpUnauthorizedStatusMsg = "Unauthorized"; - public final static String httpNotFoundStatusCode = "404"; - public final static String httpNotFoundStatusMsg = "Not Found"; - public final static String httpServerErrorStatusCode = "500"; - public final static String httpServerErrorStatusMsg = "Internal Server Error"; -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java deleted file mode 100644 index 8a2443c9..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java +++ /dev/null @@ -1,223 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.Serializable; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.PrintWriter; -import java.io.StringReader; -import java.util.Hashtable; - -import javax.naming.Context; -import javax.naming.NamingEnumeration; -import javax.naming.directory.BasicAttribute; -import javax.naming.directory.BasicAttributes; -import javax.naming.directory.InitialDirContext; -import javax.naming.directory.DirContext; -import javax.naming.directory.Attributes; -import javax.naming.directory.SearchResult; -import javax.naming.directory.SearchControls; -import javax.naming.NamingException; - -import org.bandit.ia.IAContext; - - -/** - * PwdAuthenticate Class. - * - * This class implementes an authentication mechanism for - * the processing of authentication requests utilizing a - * username/password token. - * - */ -public class PwdAuthenticate implements AuthMechanism, Serializable -{ - private SvcConfig m_svcConfig; - private AuthMechConfig m_mechConfig; - - /* - * Password Token Class. - */ - private class PwToken - { - private String m_username = ""; - private String m_password = ""; - - /* - * The format of the Pw token is as follows: - * - * Base64.encode(new String("username\r\n" + "password\r\n")); - */ - public PwToken(String encodedToken) throws IOException - { - // Decode the token - String token = Base64Coder.decode(encodedToken); - - BufferedReader tokenReader = new BufferedReader(new StringReader(token)); - - // The second line contains the "username" - m_username = tokenReader.readLine(); - - // The third line contains the "password" - m_password = tokenReader.readLine(); - } - - /* - * Returns the username - */ - public String getUsername() - { - return m_username; - } - - /* - * Returns the password - */ - public String getPassword() - { - return m_password; - } - } - - /* - * Constructor - */ - public PwdAuthenticate() throws Exception - { - // Nothing to do at this time - } - - /* - * Initialize the mechanism. - */ - public void init(SvcConfig svcConfig, AuthMechConfig mechConfig) throws Exception - { - m_svcConfig = svcConfig; - m_mechConfig = mechConfig; - } - - /* - * invoke() implementation. - */ - public String invoke(AuthReqMsg authReqMsg) throws Exception - { - String identId = null; - - try - { - System.err.println("PwdAuthenticate.invoke()"); - - // Now parse the PW Token - PwToken pwToken = new PwToken(authReqMsg.getAuthMechToken()); - - // Open a directory context and use it to identify the users - // associated with the specified surname. - Hashtable env = new Hashtable(); - env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory"); - env.put(IAContext.IA_REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile)); - env.put(IAContext.IA_REALM_SELECTOR, authReqMsg.getRealm()); - - DirContext ctx = new InitialDirContext(env); - - // Now search for a user with a matching surname. - // - // Set up a search control so that the search is scoped to the sub-tree - SearchControls controls = new SearchControls(); - controls.setSearchScope(SearchControls.SUBTREE_SCOPE); - - // Obtain the start search context - tbd - this will be removed once the functionality flows into Bandit - String searchContext = m_svcConfig.getSetting(SvcConfig.StartSearchContext); - if (searchContext == null) - { - // A start search context was not configured, start from the root. - searchContext = ""; - } - - // Perform the search - NamingEnumeration answer = ctx.search(searchContext, - "(cn={0})", - new String[] {pwToken.getUsername()}, - controls); - - // Enumerate through the users returned checking the password - while (answer.hasMore()) - { - SearchResult sr = (SearchResult)answer.next(); - - // Open a directory context for the user as a way of verifying its password - try - { - Hashtable env2 = new Hashtable(); - env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory"); - env2.put(IAContext.IA_REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile)); - env2.put(IAContext.IA_REALM_SELECTOR, authReqMsg.getRealm()); - env2.put(Context.SECURITY_AUTHENTICATION, "simple"); - env2.put(Context.SECURITY_PRINCIPAL, sr.getNameInNamespace()); - env2.put(Context.SECURITY_CREDENTIALS, pwToken.getPassword()); - - if ((new InitialDirContext(env2)) != null) - { - // The password must be valid, set the identity Id. - if (searchContext.equals("")) - { - identId = sr.getName(); - } - else - { - identId = sr.getName() + "," + searchContext; - } - break; - } - } - catch (NamingException e) - { - System.err.println("PwdAuthenticate.invoke()- NamingException: " + e.getExplanation()); - } - } - } - catch (NamingException e) - { - // Log the error - System.err.println("PwdAuthenticate.invoke()- NamingException on Proxy User: " + e.getExplanation()); - } - catch (Exception e) - { - System.err.println("PwdAuthenticate.invoke()- Exception: " + e.toString()); - } - - // Return the authentication result - return identId; - } - - /* - * Return the mechanism id. - */ - public String getId() - { - return "PwdAuthenticate"; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings deleted file mode 100644 index 5532e361..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings +++ /dev/null @@ -1,6 +0,0 @@ - - - This is the authentication mechanism for the PwdAuthenticate scheme. The PwdAuthenticate scheme authenticates entities using username/password tokens. - com.novell.casa.authtoksvc.PwdAuthenticate - WEB-INF/classes - diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java deleted file mode 100644 index 6da2ca7c..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java +++ /dev/null @@ -1,285 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.util.*; - -import java.io.*; -import java.io.PrintWriter; - -import javax.servlet.*; -import javax.servlet.ServletException; -import javax.servlet.http.*; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - - -/** - * Rpc Servlet Class. - * - * This class processes Rpcs to the Authentication Token Service. - * - */ -public class Rpc extends javax.servlet.http.HttpServlet implements javax.servlet.Servlet -{ - private static final long serialVersionUID = -8264027868130334613L; - - private String m_appFolderPath = null; - private String m_configFolderPath = null; - - protected ReconfigureThread m_reconfigureThread = null; - protected int m_reconfigureInterval; // seconds - - private Map m_methodsMap; - - /* - * Reconfigure Thread Class. - * - * This class implements a runnable thread that reconfigures an Rpc Servlet instance. - * - */ - private class ReconfigureThread implements Runnable - { - private Rpc m_rpc; - private Thread m_thread; - - /* - * Constructor. - */ - public ReconfigureThread (Rpc rpc) - { - m_rpc = rpc; - m_thread = new Thread(this); - m_thread.start(); - } - - /* - * run() implementation. - */ - public void run () - { - System.err.println("ReconfigureThread.run()- Running"); - - while (true) - { - // Sleep an ammount equal the reconfigure interval for the Rpc - try - { - m_thread.sleep(m_rpc.m_reconfigureInterval * 1000); - } - catch (InterruptedException e) { /* nothing to do */ } - - // Re-configure the Rpc servlet. - try - { - m_rpc.configureServlet(); - - // Check if it is no longer necessary to re-configure the servlet - if (m_rpc.m_reconfigureInterval == 0) - { - System.err.println("ReconfigureTask.run()- Configuration changed to no longer perform timed re-configuration"); - break; - } - } - catch (Exception e) - { - System.err.println("ReconfigureTask.run()- Exception caught during re-configure process, " + e.toString()); - } - } - } - - /* - * stop() implementation. - */ - public void stop () - { - m_thread.stop(); - } - } - - /* - * Constructor. - */ - public Rpc () - { - super(); - } - - /* - * configureServlet() implementation. - */ - protected void configureServlet () throws Exception - { - // Read service configuration - SvcConfig svcConfig = new SvcConfig(m_appFolderPath, m_configFolderPath); - - // Get the reconfigure interval - try - { - m_reconfigureInterval = Integer.parseInt(svcConfig.getSetting(SvcConfig.ReconfigureInterval)); - } - catch (NumberFormatException e) - { - System.err.println("Rpc.configureServlet()- Invalid reconfigure interval value format"); - m_reconfigureInterval = Integer.parseInt(SvcConfig.DefaultReconfigureIntervalValue); - } - - // Read enabled services configuration - EnabledSvcsConfig enabledSvcsConfig = new EnabledSvcsConfig(m_configFolderPath); - - // Create a map to keep track of the Rpc methods - Map methodsMap = new HashMap(); - - // Instantiate the Rpc Methods - RpcMethod getAuthPolicy = new GetAuthPolicy(); - getAuthPolicy.init(svcConfig, enabledSvcsConfig); - methodsMap.put(getAuthPolicy.getId(), getAuthPolicy); - - RpcMethod authenticate = new Authenticate(); - authenticate.init(svcConfig, enabledSvcsConfig); - methodsMap.put(authenticate.getId(), authenticate); - - RpcMethod getAuthToken = new GetAuthToken(); - getAuthToken.init(svcConfig, enabledSvcsConfig); - methodsMap.put(getAuthToken.getId(), getAuthToken); - - // Set the map as the methods map used by the servlet - m_methodsMap = methodsMap; - } - - /* - * init() implementation. - */ - public void init (ServletConfig config) throws ServletException - { - super.init(config); - - System.err.println("Rpc.init()"); - - try - { - // Get the path to our configuration folder - // - // First check if it has been specified via a system property - ServletContext context = config.getServletContext(); - m_appFolderPath = context.getRealPath(File.separator); - m_configFolderPath = System.getProperty("com.novell.casa.authtoksvc.config"); - if (m_configFolderPath == null) - { - // The path to the svc config folder was not specified via a system - // property, assume that it's location is off the WEB-INF folder for - // our web application. - m_configFolderPath = m_appFolderPath + "WEB-INF/conf"; - } - - // Configure ourselves - configureServlet(); - - // Check if we must start a thread to periodically reconfigure ourselves - if (m_reconfigureInterval != 0) - { - m_reconfigureThread = new ReconfigureThread(this); - } - } - catch (Exception e) - { - System.err.println("Rpc.init()- Exception caught: " + e.toString()); - throw new ServletException("Exception caught while instantiating Rpc methods"); - } - } - - /* - * destroy() implementation. - */ - public void destroy () - { - super.destroy(); - - System.err.println("Rpc.destroy()"); - - // Stop our re-configure thread - if (m_reconfigureThread != null) - { - m_reconfigureThread.stop(); - } - } - - /* - * doGet() implementation. - */ - protected void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - doPost(request, response); - } - - /* - * doPost() implementation. - */ - protected void doPost (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - // Get ready to send back a reply - response.setContentType("text/html"); - PrintWriter out = response.getWriter(); - - try - { - // Obtain the input stream and execute the requested method - InputStream inStream = request.getInputStream(); - - String requestedMethod = request.getParameter("method"); - if (requestedMethod != null) - { - // Get the necessary method - RpcMethod method = (RpcMethod) m_methodsMap.get(requestedMethod); - if (method != null) - { - // Invoke the method to process the Rpc - method.invoke(inStream, out); - } - else - { - // Unsupported method - System.err.println("Rpc.doPost()- Unsupported method"); - response.sendError(response.SC_BAD_REQUEST); - } - } - else - { - // Missing method parameter - System.err.println("Rpc.doPost()- Missing method parameter"); - response.sendError(response.SC_BAD_REQUEST); - } - } - catch (Exception e) - { - // tbd - System.err.println("Rpc.doPost()- Exception caught: " + e.toString()); - response.sendError(response.SC_INTERNAL_SERVER_ERROR); - } - - // Done sending out the reply - out.close(); - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/RpcMethod.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/RpcMethod.java deleted file mode 100644 index 3e23a49b..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/RpcMethod.java +++ /dev/null @@ -1,53 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.io.PrintWriter; -import java.util.*; - - -/* - * RpcMethod Interface. - * - * This is the interface implemented by Rpc Methods. - */ -public interface RpcMethod -{ - /* - * Initialize the Rpc method. - */ - void init(SvcConfig svcConfig, EnabledSvcsConfig enabledSvcsConfig) throws Exception; - - /* - * Process Rpc. - */ - void invoke(InputStream inStream, PrintWriter out) throws IOException; - - /* - * Return the method id. - */ - String getId(); -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SessionToken.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SessionToken.java deleted file mode 100644 index 7f9fc29a..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SessionToken.java +++ /dev/null @@ -1,416 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.ByteArrayInputStream; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - - -/* -* SessionToken class. -* -* This class constructs session tokens that Casa clients can present to -* the Casa server to prove that an entity has been authenticated to -* a particular realm. The format of the session token is as follows: -* -* -* -* signature value -* lifetime value -* realm value -* identity id value -* -* -*/ -public class SessionToken -{ - - private String m_id; - private String m_realm; - private String m_lifetime; - private String m_signature; - private String m_token; - - /* - * Class for handling parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_ROOT_ELEMENT_END = 1; - private final static int AWAITING_SIGNATURE_ELEMENT_START = 2; - private final static int AWAITING_SIGNATURE_ELEMENT_END = 3; - private final static int AWAITING_SIGNATURE_DATA = 4; - private final static int AWAITING_LIFETIME_ELEMENT_START = 5; - private final static int AWAITING_LIFETIME_ELEMENT_END = 6; - private final static int AWAITING_LIFETIME_DATA = 7; - private final static int AWAITING_REALM_ELEMENT_START = 8; - private final static int AWAITING_REALM_ELEMENT_END = 9; - private final static int AWAITING_REALM_DATA = 10; - private final static int AWAITING_IDENT_ID_ELEMENT_START = 11; - private final static int AWAITING_IDENT_ID_ELEMENT_END = 12; - private final static int AWAITING_IDENT_ID_DATA = 13; - private final static int DONE_PARSING = 14; - - private SessionToken m_SessionToken; - private int m_state; - - /* - * Constructor - */ - public SAXHandler (SessionToken SessionToken) - { - super(); - - // Initialize our members - m_SessionToken = SessionToken; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we obtained all of the required elements - if (m_state != DONE_PARSING) - { - System.err.println("SessionToken SAXHandler.endDocument()- Missing element"); - throw new SAXException("Missing element"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.sessionTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SIGNATURE_ELEMENT_START; - } - else - { - System.err.println("SessionToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SIGNATURE_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.signatureElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SIGNATURE_DATA; - } - else - { - System.err.println("SessionToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_LIFETIME_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.lifetimeElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_LIFETIME_DATA; - } - else - { - System.err.println("SessionToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - - break; - - case AWAITING_REALM_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.realmElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_REALM_DATA; - } - else - { - System.err.println("SessionToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_IDENT_ID_ELEMENT_START: - // Verify that we are processing the expected tag - if (ProtoDefs.identIdElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_IDENT_ID_DATA; - } - else - { - System.err.println("SessionToken SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("SessionToken SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_ROOT_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.sessionTokenElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("SessionToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SIGNATURE_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.signatureElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_LIFETIME_ELEMENT_START; - } - else - { - System.err.println("SessionToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_LIFETIME_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.lifetimeElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_REALM_ELEMENT_START; - } - else - { - System.err.println("SessionToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_REALM_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.realmElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_IDENT_ID_ELEMENT_START; - } - else - { - System.err.println("SessionToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_IDENT_ID_ELEMENT_END: - // Verify that we are processing the expected tag - if (ProtoDefs.identIdElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_ROOT_ELEMENT_END; - } - else - { - System.err.println("SessionToken SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("SessionToken SAXHandler.startElement()- State error"); - throw new SAXException("State error"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - - case AWAITING_SIGNATURE_DATA: - // Consume the data - m_SessionToken.m_signature = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_SIGNATURE_ELEMENT_END; - break; - - case AWAITING_LIFETIME_DATA: - // Consume the data - m_SessionToken.m_lifetime = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_LIFETIME_ELEMENT_END; - break; - - case AWAITING_REALM_DATA: - // Consume the data - m_SessionToken.m_realm = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_REALM_ELEMENT_END; - break; - - case AWAITING_IDENT_ID_DATA: - // Consume the data - m_SessionToken.m_id = new String(ch, start, length); - - // Advance to the next state - m_state = AWAITING_IDENT_ID_ELEMENT_END; - break; - - default: - // Do nothing - break; - } - } - } - - /* - * Constructor - */ - public SessionToken(String id, String realm, String lifetime) throws Exception - { - // Save copies of the input parameters - m_id = id; - m_realm = realm; - m_lifetime = lifetime; - - // Generate a signature - // tbd - Over id, realm, and lifetime data. - m_signature = "tbd"; - - // Get a StringBuffer to help us with the construction of the token - StringBuffer sb = new StringBuffer(); - - // Start building the message - sb.append(ProtoDefs.xmlDeclaration + "\r\n"); - sb.append("<" + ProtoDefs.sessionTokenElementName + ">" + "\r\n"); - sb.append("<" + ProtoDefs.signatureElementName + ">" + m_signature + "" + "\r\n"); - sb.append("<" + ProtoDefs.lifetimeElementName + ">" + m_lifetime + "" + "\r\n"); - sb.append("<" + ProtoDefs.realmElementName + ">" + m_realm + "" + "\r\n"); - sb.append("<" + ProtoDefs.identIdElementName + ">" + m_id + "" + "\r\n"); - sb.append("" + "\r\n"); - - // Save the token - m_token = sb.toString(); - } - - /* - * Constructor given a session token string. The constructor - * validates the token as part of its processing. - */ - public SessionToken(String token) throws Exception - { - // Decode the token string - m_token = Base64Coder.decode(token); - - // Now parse the token into its elements - try - { - // Parse the SessionToken - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(this); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - ByteArrayInputStream inStream = new ByteArrayInputStream(m_token.getBytes()); - InputSource source = new InputSource(inStream); - xr.parse(source); - - // Verify the signature - // tbd - - // Verify that the token has not expired - // tbd - } - catch (SAXException e) - { - System.err.println("SessionToken()- Parse exception: " + e.toString()); - throw new Exception("Protocol error"); - } - } - - /* - * Returns a string containing the session token. - */ - public String toString() - { - return Base64Coder.encode(m_token); - } - - /* - * Method to get the Identity Id - */ - public String getIdentId() throws Exception - { - return m_id; - } - - /* - * Method to get the Identity Repository Reference (Realm). - */ - public String getRealm() throws Exception - { - return m_realm; - } -} diff --git a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java b/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java deleted file mode 100644 index a9c34e50..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java +++ /dev/null @@ -1,299 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.authtoksvc; - -import java.io.*; -import java.util.*; - -import org.xml.sax.InputSource; -import org.xml.sax.SAXException; -import org.xml.sax.XMLReader; -import org.xml.sax.helpers.XMLReaderFactory; - -/** - * SvcConfig Class. - * - * This class obtains and maintains the service configuration. - * - */ -public class SvcConfig -{ - // Well known service configuration settings - // - // The LifetimeShorter value is the value by which token lifetime - // values are shorten when specified to clients to make sure that - // the clients detect token expirations before issuing the tokens - // to a service for authentication purposes. - public final static String SessionTokenLifetime = "SessionTokenLifetime"; - public final static String LifetimeShorter = "LifetimeShorter"; - public final static String IdentityAbstractionConfigFile = "IAConfigFile"; - public final static String StartSearchContext = "startSearchContext"; - public final static String ConfigFolderPath = "ConfigFolderPath"; - public final static String AppRootPath = "AppRootPath"; - public final static String ReconfigureInterval = "ReconfigureInterval"; - - // Default configuration values - public final static String DefaultSessionTokenLifetimeValue = "43200"; // Seconds - public final static String DefaultLifetimeShorterValue = "5"; // Seconds - public final static String DefaultReconfigureIntervalValue = "60"; // Seconds - - private static final String m_svcSettingsFileName = "svc.settings"; - private Map m_svcSettingsMap; - - /* - * Class for handling Authentication Request parsing events. - */ - private class SAXHandler extends org.xml.sax.helpers.DefaultHandler - { - private final static int AWAITING_ROOT_ELEMENT_START = 0; - private final static int AWAITING_SETTING_ELEMENT_START = 1; - private final static int AWAITING_SETTING_ELEMENT_DATA = 2; - private final static int AWAITING_SETTING_ELEMENT_END = 3; - private final static int DONE_PARSING = 4; - - private final static String m_rootElementName = "settings"; - - private Map m_keyMap; - private int m_state; - private String m_currentKey; - - /* - * Constructor - */ - public SAXHandler(Map keyMap) - { - super(); - - // Initialize our members - m_keyMap = keyMap; - m_state = AWAITING_ROOT_ELEMENT_START; - } - - /* - * endDocument() implementation. - */ - public void endDocument () throws SAXException - { - // Verify that we are not in an invalid state - if (m_state != DONE_PARSING) - { - System.err.println("SvcConfig SAXHandler.endDocument()- Invalid state" + m_state); - throw new SAXException("Invalid state at endDocument"); - } - } - - /* - * startElement() implementation. - */ - public void startElement (String uri, String name, String qName, org.xml.sax.Attributes atts) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_ROOT_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - } - else - { - System.err.println("SvcConfig SAXHandler.startElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - case AWAITING_SETTING_ELEMENT_START: - // Keep track of the key name - m_currentKey = qName; - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_DATA; - break; - - default: - System.err.println("SvcConfig SAXHandler.startElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at startElement"); - } - } - - /* - * endElement() immplementation. - */ - public void endElement (String uri, String name, String qName) throws SAXException - { - // Proceed based on our state - switch (m_state) - { - case AWAITING_SETTING_ELEMENT_DATA: - case AWAITING_SETTING_ELEMENT_END: - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_START; - break; - - case AWAITING_SETTING_ELEMENT_START: - // Verify that we are processing the expected tag - if (m_rootElementName.equals(qName)) - { - // Advance to the next state - m_state = DONE_PARSING; - } - else - { - System.err.println("SvcConfig SAXHandler.endElement()- Un-expected element"); - throw new SAXException("Un-expected element"); - } - break; - - default: - System.err.println("SvcConfig SAXHandler.endElement()- Invalid state " + m_state); - throw new SAXException("Invalid state at endElement"); - } - } - - /* - * character() implementation. - */ - public void characters (char ch[], int start, int length) throws SAXException - { - // Consume the data if in the right state - if (m_state == AWAITING_SETTING_ELEMENT_DATA) - { - // Consume the data and add the key to map - m_keyMap.put(m_currentKey, new String(ch, start, length)); - - // Advance to the next state - m_state = AWAITING_SETTING_ELEMENT_END; - } - } - } - - /* - * Constructor. - */ - public SvcConfig(String appRootPath, String svcConfigPath) throws Exception - { - System.err.println("SvcConfig()-"); - - System.err.println("SvcConfig()- SvcConfigPath = " + svcConfigPath); - - // Create a map to keep track of the service settings - m_svcSettingsMap = new HashMap(); - - try - { - // Get an input stream to services settings file - File settingsFile = new File(svcConfigPath, m_svcSettingsFileName); - FileInputStream inStream = new FileInputStream(settingsFile); - - // Parse the file - XMLReader xr = XMLReaderFactory.createXMLReader(); - SAXHandler handler = new SAXHandler(m_svcSettingsMap); - xr.setContentHandler(handler); - xr.setErrorHandler(handler); - - InputSource source = new InputSource(inStream); - xr.parse(source); - inStream.close(); - - // Add the application and config folder path settings to our map - m_svcSettingsMap.put(AppRootPath, appRootPath); - m_svcSettingsMap.put(ConfigFolderPath, svcConfigPath); - } - catch (SAXException e) - { - System.err.println("SvcConfig()- Parse exception: " + e.toString()); - throw new Exception("SvcConfig()- svc.settings format error"); - } - catch (SecurityException e) - { - System.err.println("SvcConfig()- SecurityException caught while accessing " + svcConfigPath + File.separator + m_svcSettingsFileName + " Exception=" + e.toString()); - } - catch (FileNotFoundException e) - { - System.err.println("SvcConfig()- File " + svcConfigPath + File.separator + m_svcSettingsFileName + " not found"); - } - catch (IOException e) - { - System.err.println("SvcConfig()- IOException caught while trying to read " + svcConfigPath + File.separator + m_svcSettingsFileName + " Exception=" + e.toString()); - } - } - - /* - * Returns the value associated with the specified setting. - */ - public String getSetting(String settingName) throws Exception - { - // Try to find the setting in our map - String value = (String) m_svcSettingsMap.get(settingName); - if (value == null) - { - System.err.println("SvcConfig.getSetting()- Did not find setting " + settingName); - - // The setting is not in our map, check if it is one to - // which we have defaults. - if (settingName.equals(SessionTokenLifetime) == true) - { - value = DefaultSessionTokenLifetimeValue; - System.err.println("SvcConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_svcSettingsMap.put(SessionTokenLifetime, DefaultSessionTokenLifetimeValue); - } - else if (settingName.equals(LifetimeShorter) == true) - { - value = DefaultLifetimeShorterValue; - System.err.println("SvcConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_svcSettingsMap.put(LifetimeShorter, DefaultLifetimeShorterValue); - } - else if (settingName.equals(ReconfigureInterval) == true) - { - value = DefaultReconfigureIntervalValue; - System.err.println("SvcConfig.getSetting()- Assigning default value " + value); - - // Add the key to the map so that it can be found quicker next time - m_svcSettingsMap.put(ReconfigureInterval, DefaultReconfigureIntervalValue); - } - else if (settingName.equals(IdentityAbstractionConfigFile) == true) - { - System.err.println("SvcConfig.getSetting()- Mandatory setting " + IdentityAbstractionConfigFile + " not set"); - throw new Exception("Missing mandatory configuration setting"); - } - } - else - { - System.err.println("SvcConfig.getSetting()- Found setting " + settingName); - System.err.println("SvcConfig.getSetting()- Setting value = " + value); - - // Do some sanity checking - // tbd - Make sure that the token lifetime values are greater than the LifetimeShorter - } - - return value; - } -} \ No newline at end of file diff --git a/CASA-auth-token/server/AuthTokenSvc/svc.settings b/CASA-auth-token/server/AuthTokenSvc/svc.settings deleted file mode 100644 index f028fef5..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/svc.settings +++ /dev/null @@ -1,5 +0,0 @@ - - - Replace with path to the Identity Abstraction Realms Configuration File. - 43200 - diff --git a/CASA-auth-token/server/AuthTokenSvc/web.xml b/CASA-auth-token/server/AuthTokenSvc/web.xml deleted file mode 100644 index 9cefa768..00000000 --- a/CASA-auth-token/server/AuthTokenSvc/web.xml +++ /dev/null @@ -1,27 +0,0 @@ - - - - CasaAuthTokenSvc - - - The CasaAuthTokenSvc provides authentication tokens. - - - Rpc - Rpc - - com.novell.casa.authtoksvc.Rpc - - - Rpc - /Rpc - - - index.html - index.htm - index.jsp - default.html - default.htm - default.jsp - - diff --git a/CASA-auth-token/server/AuthTokenValidate/Makefile.am b/CASA-auth-token/server/AuthTokenValidate/Makefile.am deleted file mode 100644 index 42a71e9f..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = $(TARGET_OS) idenTokenProviders - -DIST_SUBDIRS = linux idenTokenProviders - -CFILES = - -EXTRA_DIST = $(CFILES) *.h - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenValidate/README b/CASA-auth-token/server/AuthTokenValidate/README deleted file mode 100644 index 287f9dfc..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/README +++ /dev/null @@ -1,77 +0,0 @@ -/*********************************************************************** - * - * README for libcasa_s_authtoken - * - ***********************************************************************/ - -INTRODUCTION - -libcasa_s_authtoken provides an API for the validation of CASA Authentication Tokens. -The API provides a means for obtaining identity information about authenticated -entities. - -Applications should avoid calling directly into this library's APIs. Instead, applications -should code to the PAM API to validate authentication credentials or allow an external -module to perform the credential validation. To facilitate this, CASA Authentication -provides PAM, Apache, and JAAS modules that can be used to validate credentials containing -CASA Authentication tokens, - -CONFIGURING TRUSTED AUTHENTICATION TOKEN SERVICES - -tbd. Add info about the installation of public certificates and trusted certificate authorities. - -CONFIGURING ADDITIONAL IDENTITY TOKEN PROVIDER MODULES - -CASA Authentication Tokens contain Identity Tokens. The Identity Tokens contain the identity -information about the entity being authenticated. Identity Tokens can be of different types, -the type utilized for use with a particular service is configured at the time that the service -is configured for CASA Authentication. The default identity token type is CasaIdentityToken. - -libcasa_s_authtoken supports different identity token types through an API that allows for the -configuration of different Identity Token Provider plug-ins. An Identity Token Provider plug-in -is configured by placing a configuration file for the plug-ins in the -/etc/opt/CASA/authtoken.d/modules.d folder. The name of the plug-in configuration file is related -to the identity token type in the following manner: IdentityTokenTypeName.conf. - -Identity Token Provider plug-in configuration files must must contain a directive indicating the -path to the library implementing the Identity Token Provider plug-in (See the configuration file -for the CasaIdentityToken plug-in for an example). - -SERVER APPLICATION PROGRAMMING NOTES - -The Validate CASA Authentication Token API is defined in casa_s_authtoken.h. - -The API consists of a call to validate authentication tokens. The caller must supply a service -name which must match the service name provided by the client when requesting the authentication -token. Successful calls to the validate authentication token API will return a handle to a principal -interface object. The principal interface object handle can be used to obtain identity information -about the authenticated entity as well as information about the authentication realm. The principal -interface object must be released after it is no longer needed. The amount and type of identity -information associated with the principal interface is dependent on what is configured at the -time that the service is enabled for CASA Authentication. - -For examples of code which uses the Validate CASA Authentication Token API look at the implementations -of the CASA Authentication PAM module and the CASA Authentication Provider Apache module. - -IDENTITY TOKEN PROVIDER PROGRAMMING NOTES - -The Identity Token Provider API is defined in iden_token_provider.h. - -For an example see the implementation of the CASA Identity Token Provider. - -SECURITY CONSIDERATIONS - -CASA Authentication Tokens when compromised can be used to either impersonate -a user or to obtain identity information about the user. Because of this it is -important that the tokens be secured by applications making use of them. It is -recommended that the tokens be transmitted using SSL. - - - - - - - - - - diff --git a/CASA-auth-token/server/AuthTokenValidate/TODO b/CASA-auth-token/server/AuthTokenValidate/TODO deleted file mode 100644 index 2bf53b7a..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/TODO +++ /dev/null @@ -1,15 +0,0 @@ -/*********************************************************************** - * - * TODO for libcasa_s_authtoken - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for libcasa_s_authtoken. - -OUTSTANDING ITEMS - -- Change AuthTokens to be SOAP messages secured with WS-Security and WS-Trust. -- Implement CheckAuthToken(). -- Finish README documentation. diff --git a/CASA-auth-token/server/AuthTokenValidate/authtoken.c b/CASA-auth-token/server/AuthTokenValidate/authtoken.c deleted file mode 100644 index d4ded26d..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/authtoken.c +++ /dev/null @@ -1,693 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Parse states -// -#define AWAITING_ROOT_ELEMENT_START 0x0 -#define AWAITING_ROOT_ELEMENT_END 0x1 -#define AWAITING_SIGNATURE_DATA 0x2 -#define AWAITING_SIGNATURE_ELEMENT_START 0x3 -#define AWAITING_SIGNATURE_ELEMENT_END 0x4 -#define AWAITING_LIFETIME_DATA 0x5 -#define AWAITING_LIFETIME_ELEMENT_START 0x6 -#define AWAITING_LIFETIME_ELEMENT_END 0x7 -#define AWAITING_IDENT_TOKEN_ELEMENT_START 0x8 -#define AWAITING_IDENT_TOKEN_ELEMENT_END 0x9 -#define AWAITING_IDENT_TOKEN_DATA 0xA -#define AWAITING_TYPE_ELEMENT_START 0xB -#define AWAITING_TYPE_ELEMENT_END 0xC -#define AWAITING_TYPE_DATA 0xD -#define DONE_PARSING 0xE - -// -// Authentication Token Parse Structure -// -typedef struct _AuthTokenParse -{ - XML_Parser p; - int state; - int elementDataProcessed; - AuthToken *pAuthToken; - CasaStatus status; - -} AuthTokenParse, *PAuthTokenParse; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//++======================================================================= -static -void XMLCALL -AuthTokenStartElementHandler( - IN void *pUserData, - IN const XML_Char *name, - IN const XML_Char **atts) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData; - - DbgTrace(2, "-AuthTokenStartElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pAuthTokenParse->state) - { - case AWAITING_ROOT_ELEMENT_START: - - // In this state, we are only expecting the Authentication - // Response Element. - if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_SIGNATURE_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SIGNATURE_ELEMENT_START: - - // In this state, we are only expecting the Signature Element. - if (strcmp(name, SIGNATURE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_SIGNATURE_DATA; - } - else - { - DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_ELEMENT_START: - - // In this state, we are only expecting the Lifetime Element. - if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_LIFETIME_DATA; - } - else - { - DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_IDENT_TOKEN_ELEMENT_START: - - // In this state, we are only expecting the Identity Token Element. - if (strcmp(name, IDENTITY_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_TYPE_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TYPE_ELEMENT_START: - - // In this state, we are only expecting the Type Element. - if (strcmp(name, TYPE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_TYPE_DATA; - } - else - { - DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected state = %d\n", pAuthTokenParse->state); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-AuthTokenStartElementHandler- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -ConsumeElementData( - IN AuthTokenParse *pAuthTokenParse, - IN const XML_Char *s, - IN int len, - INOUT char **ppElementData, - INOUT int *pElementDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(3, "-ConsumeElementData- Start\n", 0); - - // Proceed based on whether or not we have already consumed data - // for this element. - if (*ppElementData == NULL) - { - // We have not yet consumed data for this element - pAuthTokenParse->elementDataProcessed = len; - - // Allocate a buffer to hold this element data (null terminated). - *ppElementData = (char*) malloc(len + 1); - if (*ppElementData) - { - memset(*ppElementData, 0, len + 1); - memcpy(*ppElementData, s, len); - - // Return the length of the element data buffer - *pElementDataLen = pAuthTokenParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - char *pNewBuf; - - // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pAuthTokenParse->elementDataProcessed + len + 1); - if (pNewBuf) - { - memset(pNewBuf, - 0, - pAuthTokenParse->elementDataProcessed + len + 1); - memcpy(pNewBuf, - *ppElementData, - pAuthTokenParse->elementDataProcessed); - memcpy(pNewBuf + pAuthTokenParse->elementDataProcessed, s, len); - pAuthTokenParse->elementDataProcessed += len; - - // Swap the buffers - free(*ppElementData); - *ppElementData = pNewBuf; - - // Return the length of the element data buffer - *pElementDataLen = pAuthTokenParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -void XMLCALL -AuthTokenCharDataHandler( - IN void *pUserData, - IN const XML_Char *s, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData; - - DbgTrace(2, "-AuthTokenCharDataHandler- Start\n", 0); - - // Just exit if being called to process LF and CR characters - if (len == 1 - && ((*s == '\n') || (*s == '\r'))) - { - goto exit; - } - - // Proceed based on the state - switch (pAuthTokenParse->state) - { - case AWAITING_SIGNATURE_DATA: - case AWAITING_SIGNATURE_ELEMENT_END: - - pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse, - s, - len, - &pAuthTokenParse->pAuthToken->pSignature, - &pAuthTokenParse->pAuthToken->signatureLen); - if (CASA_SUCCESS(pAuthTokenParse->status)) - { - // Advanced to the next state - pAuthTokenParse->state = AWAITING_SIGNATURE_ELEMENT_END; - } - else - { - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_DATA: - case AWAITING_LIFETIME_ELEMENT_END: - - // Convert the lifetime string to a numeric value - pAuthTokenParse->pAuthToken->tokenLifetime = dtoul((char*) s, len); - - // Advanced to the next state - pAuthTokenParse->state = AWAITING_LIFETIME_ELEMENT_END; - break; - - case AWAITING_TYPE_DATA: - case AWAITING_TYPE_ELEMENT_END: - - pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse, - s, - len, - &pAuthTokenParse->pAuthToken->pIdenTokenType, - &pAuthTokenParse->pAuthToken->idenTokenTypeLen); - if (CASA_SUCCESS(pAuthTokenParse->status)) - { - // Advanced to the next state - pAuthTokenParse->state = AWAITING_TYPE_ELEMENT_END; - } - else - { - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_IDENT_TOKEN_DATA: - case AWAITING_IDENT_TOKEN_ELEMENT_END: - - pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse, - s, - len, - &pAuthTokenParse->pAuthToken->pIdenToken, - &pAuthTokenParse->pAuthToken->idenTokenLen); - if (CASA_SUCCESS(pAuthTokenParse->status)) - { - // Advanced to the next state - pAuthTokenParse->state = AWAITING_IDENT_TOKEN_ELEMENT_END; - } - else - { - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-AuthTokenCharDataHandler- Un-expected state = %d\n", pAuthTokenParse->state); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - break; - } - -exit: - - DbgTrace(2, "-AuthTokenCharDataHandler- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -AuthTokenEndElementHandler( - IN void *pUserData, - IN const XML_Char *name) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData; - - DbgTrace(2, "-AuthTokenEndElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pAuthTokenParse->state) - { - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the Authentication - // Token Element. - if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0) - { - // Done. - pAuthTokenParse->state = DONE_PARSING; - } - else - { - DbgTrace(0, "-AuthTokenEndHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SIGNATURE_ELEMENT_END: - - // In this state, we are only expecting the Signature Element. - if (strcmp(name, SIGNATURE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_LIFETIME_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_LIFETIME_ELEMENT_END: - - // In this state, we are only expecting the Lifetime Element. - if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_IDENT_TOKEN_ELEMENT_START; - } - else - { - DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TYPE_ELEMENT_END: - - // In this state, we are only expecting the Type Element. - if (strcmp(name, TYPE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_IDENT_TOKEN_DATA; - } - else - { - DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_IDENT_TOKEN_ELEMENT_END: - - // In this state, we are only expecting the Identity Token Element. - if (strcmp(name, IDENTITY_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pAuthTokenParse->state = AWAITING_ROOT_ELEMENT_END; - } - else - { - DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected state = %d\n", pAuthTokenParse->state); - XML_StopParser(pAuthTokenParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-AuthTokenEndElementHandler- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CreateAuthToken( - IN char *pTokenBuf, - IN int tokenBufLen, - INOUT AuthToken **ppAuthToken) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - AuthTokenParse authTokenParse = {0}; - AuthToken *pAuthToken; - - DbgTrace(1, "-CreateAuthToken- Start\n", 0); - - /* - * Authentication tokens have the following format: - * - * - * - * signature value - * lifetime value - * identity token typeidentity token data - * - * - */ - - // Allocate AuthToken object - pAuthToken = malloc(sizeof(*pAuthToken)); - if (pAuthToken) - { - XML_Parser p; - - // Initialize the AuthToken object and set it in the - // authentication response parse object. - memset(pAuthToken, 0, sizeof(*pAuthToken)); - authTokenParse.pAuthToken = pAuthToken; - - // Create parser - p = XML_ParserCreate(NULL); - if (p) - { - // Keep track of the parser in our parse object - authTokenParse.p = p; - - // Initialize the status within the parse object - authTokenParse.status = CASA_STATUS_SUCCESS; - - // Set the start and end element handlers - XML_SetElementHandler(p, - AuthTokenStartElementHandler, - AuthTokenEndElementHandler); - - // Set the character data handler - XML_SetCharacterDataHandler(p, AuthTokenCharDataHandler); - - - // Set our user data - XML_SetUserData(p, &authTokenParse); - - // Parse the document - if (XML_Parse(p, pTokenBuf, tokenBufLen, 1) == XML_STATUS_OK) - { - // Verify that the parse operation completed successfully - if (authTokenParse.state == DONE_PARSING) - { - // The parse operation succeded. - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-CreateAuthToken- Parse operation did not complete\n", 0); - - // Check if a status has been recorded - if (authTokenParse.status != CASA_STATUS_SUCCESS) - { - retStatus = authTokenParse.status; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - } - } - else - { - DbgTrace(0, "-CreateAuthToken- Parse error %d\n", XML_GetErrorCode(p)); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - - // Free the parser - XML_ParserFree(p); - } - else - { - DbgTrace(0, "-CreateAuthToken- Parser creation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - // Return the AuthenticationResp object to the caller if necessary - if (CASA_SUCCESS(retStatus)) - { - *ppAuthToken = pAuthToken; - } - else - { - free(pAuthToken); - } - } - else - { - DbgTrace(0, "-CreateAuthToken- Memory allocation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(1, "-CreateAuthToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -RelAuthToken( - IN AuthToken *pAuthToken) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-RelAuthToken- Start\n", 0); - - // Free the resources associated with the object - if (pAuthToken->pSignature) - free(pAuthToken->pSignature); - - if (pAuthToken->pIdenTokenType) - free(pAuthToken->pIdenTokenType); - - if (pAuthToken->pIdenToken) - free(pAuthToken->pIdenToken); - - free(pAuthToken); - - DbgTrace(1, "-RelAuthToken- End\n", 0); -} - - -//++======================================================================= -CasaStatus -CheckAuthToken( - IN AuthToken *pAuthToken, - IN const char *pServiceName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L0 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(1, "-CheckuthToken- Start\n", 0); - - // tbd - - DbgTrace(1, "-CheckAuthToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - diff --git a/CASA-auth-token/server/AuthTokenValidate/config.c b/CASA-auth-token/server/AuthTokenValidate/config.c deleted file mode 100644 index 0fe71332..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/config.c +++ /dev/null @@ -1,764 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Config Key object -// -typedef struct _ConfigKey -{ - LIST_ENTRY listEntry; - char *pKeyName; - int keyNameLen; - char *pValue; - int valueLen; - -} ConfigKey, *pConfigKey; - -// -// Config Interface instance data -// -typedef struct _ConfigIfInstance -{ - LIST_ENTRY listEntry; - int refCount; - char *pConfigFolder; - int configFolderLen; - char *pConfigName; - int configNameLen; - LIST_ENTRY configKeyListHead; - ConfigIf configIf; - -} ConfigIfInstance, *PConfigIfInstance; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// ConfigIf variables -static -LIST_ENTRY g_configIfListHead = {&g_configIfListHead, &g_configIfListHead}; - -static -int g_numConfigIfObjs = 0; - -// Synchronization mutex -static -HANDLE g_configIfMutex = NULL; - - -//++======================================================================= -static -void -RemoveWhiteSpaceFromTheEnd( - IN const char *pInString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pLineEnd = (char*) pInString + strlen(pInString) - 1; - - - DbgTrace(3, "-RemoveWhiteSpaceFromTheEnd- Start\n", 0); - - while (pLineEnd != pInString) - { - if (*pLineEnd == '\n' - || *pLineEnd == ' ' - || *pLineEnd == '\t') - { - // Strike this character - *pLineEnd = '\0'; - pLineEnd --; - } - else - { - // Found a non-white character - break; - } - } - - DbgTrace(3, "-RemoveWhiteSpaceFromTheEnd- End\n", 0); -} - - -//++======================================================================= -static -char* -SkipWhiteSpace( - IN const char *pInString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pOutString = (char*) pInString; - - DbgTrace(3, "-SkipWhiteSpace- Start\n", 0); - - while (*pOutString != '\0') - { - if (*pOutString == '\n' - || *pOutString == ' ' - || *pOutString == '\t') - { - // Skip this character - pOutString ++; - } - else - { - // Found a non-white character - break; - } - } - - DbgTrace(3, "-SkipWhiteSpace- End\n", 0); - - return pOutString; -} - - -//++======================================================================= -static -char* -SkipNonWhiteSpace( - IN const char *pInString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - char *pOutString = (char*) pInString; - - DbgTrace(3, "-SkipNonWhiteSpace- Start\n", 0); - - while (*pOutString != '\0') - { - if (*pOutString == '\n' - || *pOutString == ' ' - || *pOutString == '\t') - { - // Found a white character - break; - } - else - { - // Skip this character - pOutString ++; - } - } - - DbgTrace(3, "-SkipNonWhiteSpace- End\n", 0); - - return pOutString; -} - - -//++======================================================================= -static -void -LowerCaseString( - IN char *pDestString, - IN const char *pSrcString) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int i; - - DbgTrace(3, "-LowerCaseString- Start\n", 0); - - // Copy the string as lower case - for (i = 0; pSrcString[i] != '\0'; i++) - { - if (isalpha(pSrcString[i])) - pDestString[i] = tolower(pSrcString[i]); - else - pDestString[i] = pSrcString[i]; - } - - // Null terminate the destination string - pDestString[i] = '\0'; - - DbgTrace(3, "-LowerCaseString- End\n", 0); -} - - -//++======================================================================= -static -int SSCS_CALL -AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf); - - DbgTrace(2, "-AddReference- Start\n", 0); - - // Increment the reference count on the object - PlatAcquireMutex(g_configIfMutex); - pConfigIfInstance->refCount ++; - refCount = pConfigIfInstance->refCount; - PlatReleaseMutex(g_configIfMutex); - - DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -static -void SSCS_CALL -ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf); - - DbgTrace(2, "-ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - PlatAcquireMutex(g_configIfMutex); - pConfigIfInstance->refCount --; - if (pConfigIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numConfigIfObjs --; - RemoveEntryList(&pConfigIfInstance->listEntry); - } - PlatReleaseMutex(g_configIfMutex); - - // Free object if necessary - if (freeObj) - { - // Free all of the config key objects associated with this configuration - // interface instance. - while (!IsListEmpty(&pConfigIfInstance->configKeyListHead)) - { - LIST_ENTRY *pListEntry; - ConfigKey *pConfigKey; - - // Get reference to entry at the head of the list - pListEntry = pConfigIfInstance->configKeyListHead.Flink; - pConfigKey = CONTAINING_RECORD(pListEntry, ConfigKey, listEntry); - - // Free the buffers associated with the ConfigKey - free(pConfigKey->pKeyName); - free(pConfigKey->pValue); - - // Remove the entry from the list - RemoveEntryList(&pConfigKey->listEntry); - - // Finish freeing the ConfigKey - free(pConfigKey); - } - - // Free the rest of the buffers associated with the interface instance data - free(pConfigIfInstance->pConfigFolder); - free(pConfigIfInstance->pConfigName); - free(pConfigIfInstance); - } - - DbgTrace(2, "-ReleaseReference- End\n", 0); -} - - -//++======================================================================= -static -char* SSCS_CALL -GetEntryValue( - IN const void *pIfInstance, - IN const char *pKeyName) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pKeyName - -// Pointer to NULL terminated string that contains the -// name of the key whose value is being requested. -// -// Returns: -// Pointer to NULL terminated string with value being requested or NULL. -// -// Description: -// Gets value associated with a key for the configuration object. -// -// L2 -//=======================================================================-- -{ - ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf); - char *pValue = NULL; - LIST_ENTRY *pListEntry; - ConfigKey *pConfigKey; - int keyNameLen = strlen(pKeyName); - char *pKeyNameLowercase; - - DbgTrace(2, "-GetEntryValue- Start\n", 0); - - // Allocate enough space to hold lower case version of the key name - pKeyNameLowercase = malloc(keyNameLen + 1); - if (pKeyNameLowercase) - { - // Lower case the key name - LowerCaseString(pKeyNameLowercase, pKeyName); - - // Try to find matching ConfigKey - pListEntry = pConfigIfInstance->configKeyListHead.Flink; - while (pListEntry != &pConfigIfInstance->configKeyListHead) - { - // Get pointer to the current entry - pConfigKey = CONTAINING_RECORD(pListEntry, ConfigKey, listEntry); - - // Check if we have a match - if (pConfigKey->keyNameLen == keyNameLen - && memcmp(pKeyNameLowercase, pConfigKey->pKeyName, keyNameLen) == 0) - { - // We found it, return its value. - pValue = malloc(pConfigKey->valueLen + 1); - if (pValue) - { - strcpy(pValue, pConfigKey->pValue); - } - else - { - DbgTrace(0, "-GetEntryValue- Buffer allocation failure\n", 0); - } - break; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Free the lower case version of the key name - free(pKeyNameLowercase); - } - else - { - DbgTrace(0, "-GetEntryValue- Buffer allocation failure\n", 0); - } - - DbgTrace(2, "-GetEntryValue- End, pValue = %08X\n", (unsigned int) pValue); - - return pValue; -} - - -//++======================================================================= -CasaStatus -GetConfigInterface( - IN const char *pConfigFolder, - IN const char *pConfigName, - INOUT ConfigIf **ppConfigIf) -// -// Arguments: -// pConfigFolder - -// Pointer to NULL terminated string that contains the name of -// the folder containing the configuration file. -// -// pConfigName - -// Pointer to NULL terminated string containing the name of the -// configuration entry. -// -// ppConfigIf - -// Pointer to variable that will receive pointer to ConfigIf -// instance. -// -// Returns: -// Casa Status -// -// Description: -// Get configuration interface to specified configuration entry. -// -// L2 -//=======================================================================-- -{ - int configFolderLen = strlen(pConfigFolder); - int configNameLen = strlen(pConfigName); - ConfigIfInstance *pConfigIfInstance; - LIST_ENTRY *pListEntry; - CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_OBJECT_NOT_FOUND); - - DbgTrace(2, "-GetConfigInterface- Start\n", 0); - - PlatAcquireMutex(g_configIfMutex); - - // Check if we already have an entry in our list for the configuration - pListEntry = g_configIfListHead.Flink; - while (pListEntry != &g_configIfListHead) - { - // Get pointer to the current entry - pConfigIfInstance = CONTAINING_RECORD(pListEntry, ConfigIfInstance, listEntry); - - // Check if we have a match - if (pConfigIfInstance->configFolderLen == configFolderLen - && pConfigIfInstance->configNameLen == configNameLen - && memcmp(pConfigFolder, pConfigIfInstance->pConfigFolder, configFolderLen) == 0 - && memcmp(pConfigName, pConfigIfInstance->pConfigName, configNameLen) == 0) - { - // We found it, return the ConfigIf associated with the instance data - // after incrementing its reference count. - pConfigIfInstance->refCount ++; - *ppConfigIf = &pConfigIfInstance->configIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - break; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Proceed to create interface instance data for the configuration if none was found - if (retStatus != CASA_STATUS_SUCCESS) - { - char *pFilePath; - - // Build a string containing the configuration file path - pFilePath = malloc(configFolderLen + 1 + configNameLen + sizeof(".conf")); - if (pFilePath) - { - FILE *pConfigFile; - - strcpy(pFilePath, pConfigFolder); - strcat(pFilePath, "/"); - strcat(pFilePath, pConfigName); - strcat(pFilePath, ".conf"); - - // Open the configuration file for reading - pConfigFile = fopen(pFilePath, "r"); - if (pConfigFile) - { - // Opened the file, create a ConfigIfInstance object for it. - pConfigIfInstance = malloc(sizeof(*pConfigIfInstance)); - if (pConfigIfInstance) - { - // Initialize the list head within the instance data - InitializeListHead(&pConfigIfInstance->configKeyListHead); - - // Initialize the ConfigIf within the instance data - pConfigIfInstance->configIf.addReference = AddReference; - pConfigIfInstance->configIf.releaseReference = ReleaseReference; - pConfigIfInstance->configIf.getEntryValue = GetEntryValue; - - // Save the ConfigFolder and ConfigName information within the instance data - pConfigIfInstance->pConfigFolder = malloc(configFolderLen + 1); - if (pConfigIfInstance->pConfigFolder) - { - strcpy(pConfigIfInstance->pConfigFolder, pConfigFolder); - pConfigIfInstance->configFolderLen = configFolderLen; - - pConfigIfInstance->pConfigName = malloc(configNameLen + 1); - if (pConfigIfInstance->pConfigName) - { - strcpy(pConfigIfInstance->pConfigName, pConfigName); - pConfigIfInstance->configNameLen = configNameLen; - - // Add the instance data into our list and bump up its reference count - // since we did that. - InsertTailList(&g_configIfListHead, &pConfigIfInstance->listEntry); - pConfigIfInstance->refCount = 1; - - // At this point we want to return success to the caller even if we - // experience a read error. - retStatus = CASA_STATUS_SUCCESS; - - // Return the ConfigIf associated with the instance data after - // incrementing its reference count. - pConfigIfInstance->refCount ++; - *ppConfigIf = &pConfigIfInstance->configIf; - - // Now update the instance data with the information present in the file - if (fseek(pConfigFile, 0, SEEK_SET) == 0) - { - char line[512]; - - while (fgets(line, sizeof(line), pConfigFile) != NULL) - { - int lineLength; - - RemoveWhiteSpaceFromTheEnd(line); - - lineLength = strlen(line); - if (lineLength != 0) - { - char *pKey; - char *pKeyEnd; - char *pValue; - ConfigKey *pConfigKey; - - // Attempt to find the key - pKey = SkipWhiteSpace(line); - - // Make sure that we are not dealing with an empty line or a comment - if (*pKey == '\0' || *pKey == '#') - continue; - - // Go past the key - pKeyEnd = SkipNonWhiteSpace(pKey); - - // Protect against a malformed line - if (*pKeyEnd == '\0') - { - DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0); - continue; - } - - // Attempt to find the value - pValue = SkipWhiteSpace(pKeyEnd); - - // Protect against a malformed line - if (*pValue == '\0') - { - DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0); - continue; - } - - // Delineate the key - *pKeyEnd = '\0'; - - // Create a ConfigKey object for this key/value pair - pConfigKey = malloc(sizeof(*pConfigKey)); - if (pConfigKey) - { - pConfigKey->keyNameLen = strlen(pKey); - pConfigKey->pKeyName = malloc(pConfigKey->keyNameLen + 1); - if (pConfigKey->pKeyName) - { - // Save the key name in lower case - LowerCaseString(pConfigKey->pKeyName, pKey); - - pConfigKey->valueLen = strlen(pValue); - pConfigKey->pValue = malloc(pConfigKey->valueLen + 1); - if (pConfigKey->pValue) - { - strcpy(pConfigKey->pValue, pValue); - - // The entry is ready, now associate it with the instance data. - InsertTailList(&pConfigIfInstance->configKeyListHead, &pConfigKey->listEntry); - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - free(pConfigKey->pKeyName); - free(pConfigKey); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - free(pConfigKey); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - } - } - } - } - else - { - DbgTrace(0, "-GetConfigInterface- File seek error, errno = %d\n", errno); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - - // Free the buffers associated with the instance data - free(pConfigIfInstance->pConfigFolder); - free(pConfigIfInstance); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - - // Free the buffer allocated for the instance data - free(pConfigIfInstance); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0); - } - - // Close the file - fclose(pConfigFile); - } - else - { - DbgTrace(1, "-GetConfigInterface- Unable to open config file, errno = %d\n", errno); - } - } - else - { - DbgTrace(0, "-GetConfigInterface- Buffer allocation error\n", 0); - } - } - - PlatReleaseMutex(g_configIfMutex); - - DbgTrace(2, "-GetConfigInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -ConfigIfInit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Initializes the configuration interface complex. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - - DbgTrace(1, "-ConfigIfInit- Start\n", 0); - - // Allocate mutex - if ((g_configIfMutex = PlatAllocMutex()) != NULL) - retStatus = CASA_STATUS_SUCCESS; - else - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - - DbgTrace(1, "-ConfigIfInit- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -ConfigIfUninit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Uninitializes the configuration interface complex. -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-ConfigIfUninit- Start\n", 0); - - // Free mutex if necessary - if (g_configIfMutex) - { - PlatDestroyMutex(g_configIfMutex); - g_configIfMutex = NULL; - } - - DbgTrace(1, "-ConfigIfUninit- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/config_if.h b/CASA-auth-token/server/AuthTokenValidate/config_if.h deleted file mode 100644 index 0cdf31ce..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/config_if.h +++ /dev/null @@ -1,120 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -#ifndef _CONFIG_IF_H_ -#define _CONFIG_IF_H_ - - -//===[ Include files ]===================================================== - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -/************************************************************************** -*************************************************************************** -** ** -** Configuration Object Interface Definitions ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -typedef -int -(SSCS_CALL *PFNConfiglIf_AddReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -//=======================================================================-- - - -//++======================================================================= -typedef -void -(SSCS_CALL *PFNConfiglIf_ReleaseReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -//=======================================================================-- - - -//++======================================================================= -typedef -char* -(SSCS_CALL *PFNConfiglIf_GetEntryValue)( - IN const void *pIfInstance, - IN const char *pKeyName); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pKeyName - -// Pointer to NULL terminated string that contains the -// name of the key whose value is being requested. -// -// Returns: -// Pointer to NULL terminated string with value being requested or NULL. -// -// Description: -// Gets value associated with a key for the configuration object. -//=======================================================================-- - - -// -// Config Interface Object -// -typedef struct _ConfigIf -{ - PFNConfiglIf_AddReference addReference; - PFNConfiglIf_ReleaseReference releaseReference; - PFNConfiglIf_GetEntryValue getEntryValue; - -} ConfigIf, *PConfigIf; - - -#endif // #ifndef _CONFIG_IF_H_ - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/Makefile.am b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/Makefile.am deleted file mode 100644 index 2fb64053..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = casa - -DIST_SUBDIRS = casa - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/Makefile.am b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/Makefile.am deleted file mode 100644 index 331523b2..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = $(TARGET_OS) - -DIST_SUBDIRS = linux - -CFILES = - -EXTRA_DIST = $(CFILES) *.h - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/README b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/README deleted file mode 100644 index e40a2516..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/README +++ /dev/null @@ -1,39 +0,0 @@ -/*********************************************************************** - * - * README for casa_identoken - * - ***********************************************************************/ - -INTRODUCTION - -casa_identoken is the Identity Token Provider plug-in for tokens of type -CasaIdentityToken. This are the default identity tokens utilized by CASA -Authentication. - -CONFIGURATION - -The path to the casa_identoken plug-in is configured by placing the file -CasaIdentityToken.conf in the /etc/opt/CASA/authtoken.d/modules.d folder. - -PROGRAMMING NOTES - -This module does not provide APIs to components outside of the CASA -Authentication framework. - -SECURITY CONSIDERATIONS - -CasaIdentityTokens are embedded inside CASA Authentication Tokens. CasaIdentityTokens -contain identity information which may be confidential and no attempts are made to -ensure the confidentiality of the data. Because of this it is important that CASA -Authentication Tokens be secured by applications making use of them. It is recommended -that CASA authentication tokens be transmitted using SSL. - - - - - - - - - - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/TODO b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/TODO deleted file mode 100644 index 1a79afa0..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/TODO +++ /dev/null @@ -1,13 +0,0 @@ -/*********************************************************************** - * - * TODO for casa_identoken - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for casa_identoken. - -OUTSTANDING ITEMS - -None. diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identoken.c b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identoken.c deleted file mode 100644 index f9636b6b..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identoken.c +++ /dev/null @@ -1,1458 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// XML Constants for the CASA Identity Token -// -#define CASA_IDENT_TOKEN_ELEMENT_NAME "casa_ident_tok" -#define ID_ELEMENT_NAME "id" -#define SOURCE_NAME_ELEMENT_NAME "source_name" -#define SOURCE_URL_ELEMENT_NAME "source_url" -#define TARGET_SERVICE_ELEMENT_NAME "target_service" -#define TARGET_HOST_ELEMENT_NAME "target_host" -#define ATTRIBUTES_ELEMENT_NAME "attributes" - -// -// Parse states -// -#define AWAITING_ROOT_ELEMENT_START 0x0 -#define AWAITING_ROOT_ELEMENT_END 0x1 -#define AWAITING_ID_DATA 0x2 -#define AWAITING_ID_ELEMENT_START 0x3 -#define AWAITING_ID_ELEMENT_END 0x4 -#define AWAITING_SOURCE_NAME_DATA 0x5 -#define AWAITING_SOURCE_NAME_ELEMENT_START 0x6 -#define AWAITING_SOURCE_NAME_ELEMENT_END 0x7 -#define AWAITING_SOURCE_URL_DATA 0x8 -#define AWAITING_SOURCE_URL_ELEMENT_START 0x9 -#define AWAITING_SOURCE_URL_ELEMENT_END 0xA -#define AWAITING_TARGET_SERVICE_DATA 0xB -#define AWAITING_TARGET_SERVICE_ELEMENT_START 0xC -#define AWAITING_TARGET_SERVICE_ELEMENT_END 0xD -#define AWAITING_TARGET_HOST_DATA 0xE -#define AWAITING_TARGET_HOST_ELEMENT_START 0xF -#define AWAITING_TARGET_HOST_ELEMENT_END 0x10 -#define AWAITING_ATTRIBUTES_ELEMENT_START 0x11 -#define AWAITING_ATTRIBUTE_DATA 0x12 -#define AWAITING_ATTRIBUTE_START 0x13 -#define AWAITING_ATTRIBUTE_END 0x14 -#define DONE_PARSING 0x15 - -// -// Attribute structure -// -typedef struct _Attribute -{ - LIST_ENTRY listEntry; - char *pAttribName; - int attribNameLen; - char *pAttribValue; - int attribValueLen; - -} Attribute, *PAttribute; - - -// -// Identity Token Interface instance data -// -typedef struct _IdenTokenIfInstance -{ - int refCount; - char *pIdentId; - int identIdLen; - char *pIdentSourceName; - int identSourceNameLen; - char *pIdentSourceUrl; - int identSourceUrlLen; - char *pTargetService; - int targetServiceLen; - char *pTargetHost; - int targetHostLen; - LIST_ENTRY attributeListHead; - IdenTokenIf idenTokenIf; - -} IdenTokenIfInstance, *PIdenTokenIfInstance; - - -// -// Identity Token Parse Structure -// -typedef struct _IdenTokenParse -{ - XML_Parser p; - int state; - int elementDataProcessed; - IdenTokenIfInstance *pIdenTokenIfInstance; - CasaStatus status; - -} IdenTokenParse, *PIdenTokenParse; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// IdenTokenIf variables -static -int g_numIdenTokenIfObjs = 0; - -// Synchronization mutex -static -HANDLE g_idenTokenIfMutex = NULL; - - -//++======================================================================= -static -void -FreeIdenTokenIfInstance( - IN IdenTokenIfInstance *pIdenTokenIfInstance) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - LIST_ENTRY *pListEntry; - - DbgTrace(2, "-FreeIdenTokenIfInstance- Start\n", 0); - - // Free all of the resources associated with the IdenTokenIfInstance - if (pIdenTokenIfInstance->pIdentId) - free(pIdenTokenIfInstance->pIdentId); - - if (pIdenTokenIfInstance->pIdentSourceName) - free(pIdenTokenIfInstance->pIdentSourceName); - - if (pIdenTokenIfInstance->pIdentSourceUrl) - free(pIdenTokenIfInstance->pIdentSourceUrl); - - if (pIdenTokenIfInstance->pTargetService) - free(pIdenTokenIfInstance->pTargetService); - - if (pIdenTokenIfInstance->pTargetHost) - free(pIdenTokenIfInstance->pTargetHost); - - // Go through all of the associated attributes - pListEntry = pIdenTokenIfInstance->attributeListHead.Flink; - while (pListEntry != &pIdenTokenIfInstance->attributeListHead) - { - Attribute *pAttribute = CONTAINING_RECORD(pListEntry, Attribute, listEntry); - - // Free resources associated with the attribute - if (pAttribute->pAttribName) - free(pAttribute->pAttribName); - - if (pAttribute->pAttribValue) - free(pAttribute->pAttribValue); - - // Forget about this attribute - RemoveEntryList(&pAttribute->listEntry); - free(pAttribute); - - // Start from the top again - pListEntry = pIdenTokenIfInstance->attributeListHead.Flink; - } - - // Free the identity token if instance structure - free(pIdenTokenIfInstance); - - DbgTrace(2, "-FreeIdenTokenIfInstance- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -IdenTokenStartElementHandler( - IN void *pUserData, - IN const XML_Char *name, - IN const XML_Char **atts) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - IdenTokenParse *pIdenTokenParse = (IdenTokenParse*) pUserData; - Attribute *pAttribute; - - DbgTrace(2, "-IdenTokenStartElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pIdenTokenParse->state) - { - case AWAITING_ROOT_ELEMENT_START: - - // In this state, we are only expecting the CASA Identity - // Token Element. - if (strcmp(name, CASA_IDENT_TOKEN_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ID_ELEMENT_START; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_ID_ELEMENT_START: - - // In this state, we are only expecting the ID Element. - if (strcmp(name, ID_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ID_DATA; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SOURCE_NAME_ELEMENT_START: - - // In this state, we are only expecting the Source Name Element. - if (strcmp(name, SOURCE_NAME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_SOURCE_NAME_DATA; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SOURCE_URL_ELEMENT_START: - - // In this state, we are only expecting the Source Url Element. - if (strcmp(name, SOURCE_URL_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_SOURCE_URL_DATA; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TARGET_SERVICE_ELEMENT_START: - - // In this state, we are only expecting the Target Service Element. - if (strcmp(name, TARGET_SERVICE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_TARGET_SERVICE_DATA; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TARGET_HOST_ELEMENT_START: - - // In this state, we are only expecting the Target Host Element. - if (strcmp(name, TARGET_HOST_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_TARGET_HOST_DATA; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_ATTRIBUTES_ELEMENT_START: - - // In this state, we are only expecting the Attributes Element. - if (strcmp(name, ATTRIBUTES_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ATTRIBUTE_START; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected start element\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_ATTRIBUTE_START: - - // Allocate an initialize Attribute structure - pAttribute = malloc(sizeof(*pAttribute)); - if (pAttribute) - { - memset(pAttribute, 0, sizeof(*pAttribute)); - InsertTailList(&pIdenTokenParse->pIdenTokenIfInstance->attributeListHead, - &pAttribute->listEntry); - - // Now save the attribute name - pAttribute->attribNameLen = strlen(name) + 1; - pAttribute->pAttribName = malloc(pAttribute->attribNameLen); - if (pAttribute->pAttribName) - { - strcpy(pAttribute->pAttribName, name); - - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ATTRIBUTE_DATA; - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Buffer allocation failure\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - } - else - { - DbgTrace(0, "-IdenTokenStartElementHandler- Buffer allocation failure\n", 0); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-IdenTokenStartElementHandler- Un-expected state = %d\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-IdenTokenStartElementHandler- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -ConsumeElementData( - IN IdenTokenParse *pIdenTokenParse, - IN const XML_Char *s, - IN int len, - INOUT char **ppElementData, - INOUT int *pElementDataLen) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus = CASA_STATUS_SUCCESS; - - DbgTrace(3, "-ConsumeElementData- Start\n", 0); - - // Proceed based on whether or not we have already consumed data - // for this element. - if (*ppElementData == NULL) - { - // We have not yet consumed data for this element - pIdenTokenParse->elementDataProcessed = len; - - // Allocate a buffer to hold this element data (null terminated). - *ppElementData = (char*) malloc(len + 1); - if (*ppElementData) - { - memset(*ppElementData, 0, len + 1); - memcpy(*ppElementData, s, len); - - // Return the length of the element data buffer - *pElementDataLen = pIdenTokenParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - char *pNewBuf; - - // We have already received token data, append this data to it. - pNewBuf = (char*) malloc(pIdenTokenParse->elementDataProcessed + len + 1); - if (pNewBuf) - { - memset(pNewBuf, - 0, - pIdenTokenParse->elementDataProcessed + len + 1); - memcpy(pNewBuf, - *ppElementData, - pIdenTokenParse->elementDataProcessed); - memcpy(pNewBuf + pIdenTokenParse->elementDataProcessed, s, len); - pIdenTokenParse->elementDataProcessed += len; - - // Swap the buffers - free(*ppElementData); - *ppElementData = pNewBuf; - - // Return the length of the element data buffer - *pElementDataLen = pIdenTokenParse->elementDataProcessed + 1; - } - else - { - DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -void XMLCALL -IdenTokenCharDataHandler( - IN void *pUserData, - IN const XML_Char *s, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - IdenTokenParse *pIdenTokenParse = (IdenTokenParse*) pUserData; - Attribute *pAttribute; - - DbgTrace(2, "-IdenTokenCharDataHandler- Start\n", 0); - - // Just exit if being called to process LF and CR characters - if (len == 1 - && ((*s == '\n') || (*s == '\r'))) - { - goto exit; - } - - // Proceed based on the state - switch (pIdenTokenParse->state) - { - case AWAITING_ID_DATA: - case AWAITING_ID_ELEMENT_END: - - pIdenTokenParse->status = ConsumeElementData(pIdenTokenParse, - s, - len, - &pIdenTokenParse->pIdenTokenIfInstance->pIdentId, - &pIdenTokenParse->pIdenTokenIfInstance->identIdLen); - if (CASA_SUCCESS(pIdenTokenParse->status)) - { - // Advanced to the next state - pIdenTokenParse->state = AWAITING_ID_ELEMENT_END; - } - else - { - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SOURCE_NAME_DATA: - case AWAITING_SOURCE_NAME_ELEMENT_END: - - pIdenTokenParse->status = ConsumeElementData(pIdenTokenParse, - s, - len, - &pIdenTokenParse->pIdenTokenIfInstance->pIdentSourceName, - &pIdenTokenParse->pIdenTokenIfInstance->identSourceNameLen); - if (CASA_SUCCESS(pIdenTokenParse->status)) - { - // Advanced to the next state - pIdenTokenParse->state = AWAITING_SOURCE_NAME_ELEMENT_END; - } - else - { - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SOURCE_URL_DATA: - case AWAITING_SOURCE_URL_ELEMENT_END: - - pIdenTokenParse->status = ConsumeElementData(pIdenTokenParse, - s, - len, - &pIdenTokenParse->pIdenTokenIfInstance->pIdentSourceUrl, - &pIdenTokenParse->pIdenTokenIfInstance->identSourceUrlLen); - if (CASA_SUCCESS(pIdenTokenParse->status)) - { - // Advanced to the next state - pIdenTokenParse->state = AWAITING_SOURCE_URL_ELEMENT_END; - } - else - { - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TARGET_SERVICE_DATA: - case AWAITING_TARGET_SERVICE_ELEMENT_END: - - pIdenTokenParse->status = ConsumeElementData(pIdenTokenParse, - s, - len, - &pIdenTokenParse->pIdenTokenIfInstance->pTargetService, - &pIdenTokenParse->pIdenTokenIfInstance->targetServiceLen); - if (CASA_SUCCESS(pIdenTokenParse->status)) - { - // Advanced to the next state - pIdenTokenParse->state = AWAITING_TARGET_SERVICE_ELEMENT_END; - } - else - { - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TARGET_HOST_DATA: - case AWAITING_TARGET_HOST_ELEMENT_END: - - pIdenTokenParse->status = ConsumeElementData(pIdenTokenParse, - s, - len, - &pIdenTokenParse->pIdenTokenIfInstance->pTargetHost, - &pIdenTokenParse->pIdenTokenIfInstance->targetHostLen); - if (CASA_SUCCESS(pIdenTokenParse->status)) - { - // Advanced to the next state - pIdenTokenParse->state = AWAITING_TARGET_HOST_ELEMENT_END; - } - else - { - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_ATTRIBUTE_DATA: - case AWAITING_ATTRIBUTE_END: - - // Get a pointer to current attribute structure - pAttribute = CONTAINING_RECORD(pIdenTokenParse->pIdenTokenIfInstance->attributeListHead.Blink, - Attribute, - listEntry); - - pIdenTokenParse->status = ConsumeElementData(pIdenTokenParse, - s, - len, - &pAttribute->pAttribValue, - &pAttribute->attribValueLen); - if (CASA_SUCCESS(pIdenTokenParse->status)) - { - // Advanced to the next state - pIdenTokenParse->state = AWAITING_ATTRIBUTE_END; - } - else - { - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-IdenTokenCharDataHandler- Un-expected state = %d\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - break; - } - -exit: - - DbgTrace(2, "-IdenTokenCharDataHandler- End\n", 0); -} - - -//++======================================================================= -static -void XMLCALL -IdenTokenEndElementHandler( - IN void *pUserData, - IN const XML_Char *name) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - IdenTokenParse *pIdenTokenParse = (IdenTokenParse*) pUserData; - - DbgTrace(2, "-IdenTokenEndElementHandler- Start\n", 0); - - // Proceed based on the state - switch (pIdenTokenParse->state) - { - case AWAITING_ROOT_ELEMENT_END: - - // In this state, we are only expecting the CASA Identity - // Token Element. - if (strcmp(name, CASA_IDENT_TOKEN_ELEMENT_NAME) == 0) - { - // Done. - pIdenTokenParse->state = DONE_PARSING; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_ID_ELEMENT_END: - - // In this state, we are only expecting the Id Element. - if (strcmp(name, ID_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_SOURCE_NAME_ELEMENT_START; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SOURCE_NAME_ELEMENT_END: - - // In this state, we are only expecting the Source Name Element. - if (strcmp(name, SOURCE_NAME_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_SOURCE_URL_ELEMENT_START; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_SOURCE_URL_ELEMENT_END: - - // In this state, we are only expecting the Source URL Element. - if (strcmp(name, SOURCE_URL_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_TARGET_SERVICE_ELEMENT_START; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TARGET_SERVICE_ELEMENT_END: - - // In this state, we are only expecting the Target Service Element. - if (strcmp(name, TARGET_SERVICE_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_TARGET_HOST_ELEMENT_START; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_TARGET_HOST_ELEMENT_END: - - // In this state, we are only expecting the Target Host Element. - if (strcmp(name, TARGET_HOST_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ATTRIBUTES_ELEMENT_START; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - case AWAITING_ATTRIBUTE_END: - - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ATTRIBUTE_START; - break; - - case AWAITING_ATTRIBUTE_START: - - // We should we done with the attributes, in this state we are only expecting - // the Attributes element. - if (strcmp(name, ATTRIBUTES_ELEMENT_NAME) == 0) - { - // Good, advance to the next state. - pIdenTokenParse->state = AWAITING_ROOT_ELEMENT_END; - } - else - { - DbgTrace(0, "-IdenTokenEndHandler- Un-expected end element, state = %08x\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - } - break; - - default: - DbgTrace(0, "-IdenTokenEndElementHandler- Un-expected state = %d\n", pIdenTokenParse->state); - XML_StopParser(pIdenTokenParse->p, XML_FALSE); - break; - } - - DbgTrace(2, "-IdenTokenEndElementHandler- End\n", 0); -} - - -//++======================================================================= -static -int SSCS_CALL -AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - IdenTokenIfInstance *pIdenTokenIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenIfInstance, idenTokenIf); - - DbgTrace(2, "-AddReference- Start\n", 0); - - // Increment the reference count on the object - PlatAcquireMutex(g_idenTokenIfMutex); - pIdenTokenIfInstance->refCount ++; - refCount = pIdenTokenIfInstance->refCount; - PlatReleaseMutex(g_idenTokenIfMutex); - - DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -static -void SSCS_CALL -ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - IdenTokenIfInstance *pIdenTokenIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenIfInstance, idenTokenIf); - - DbgTrace(2, "-ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - PlatAcquireMutex(g_idenTokenIfMutex); - pIdenTokenIfInstance->refCount --; - if (pIdenTokenIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numIdenTokenIfObjs --; - } - PlatReleaseMutex(g_idenTokenIfMutex); - - // Free object if necessary - if (freeObj) - { - FreeIdenTokenIfInstance(pIdenTokenIfInstance); - } - - DbgTrace(2, "-ReleaseReference- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -GetIdentityId( - IN const void *pIfInstance, - INOUT char *pIdentIdBuf, - INOUT int *pIdentIdLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pIdentIdBuf - -// Pointer to buffer that will receive the identity id. The returned -// id will be in the form of a NULL terminated string. -// -// pIdentIdBufLen - -// Pointer to variable with the length of the buffer pointed by -// pIdentIdBuf. On exit it contains the length of the returned id -// (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the identity id associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - IdenTokenIfInstance *pIdenTokenIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenIfInstance, idenTokenIf); - - DbgTrace(2, "-GetIdentityId- Start\n", 0); - - // Check the input parameters - if (pIfInstance == NULL - || pIdentIdLen == NULL - || (pIdentIdBuf == NULL && *pIdentIdLen != 0)) - { - DbgTrace(0, "-GetIdentityId- Invalid parameter\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Determine if the caller's buffer is large enough - if (*pIdentIdLen >= pIdenTokenIfInstance->identIdLen) - { - // Return the data to the caller - memcpy(pIdentIdBuf, pIdenTokenIfInstance->pIdentId, pIdenTokenIfInstance->identIdLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - - // Return the lenght of the id - *pIdentIdLen = pIdenTokenIfInstance->identIdLen; - -exit: - - DbgTrace(2, "-GetIdentityId- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -GetSourceName( - IN const void *pIfInstance, - INOUT char *pSourceNameBuf, - INOUT int *pSourceNameLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceNameBuf - -// Pointer to buffer that will receive the name associated with the -// identity information source. The returned name will be in the form -// of a NULL terminated string. -// -// pSourceNameBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the name of the identity source associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - IdenTokenIfInstance *pIdenTokenIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenIfInstance, idenTokenIf); - - DbgTrace(2, "-GetSourceName- Start\n", 0); - - // Check the input parameters - if (pIfInstance == NULL - || pSourceNameLen == NULL - || (pSourceNameBuf == NULL && *pSourceNameLen != 0)) - { - DbgTrace(0, "-GetSourceName- Invalid parameter\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Determine if the caller's buffer is large enough - if (*pSourceNameLen >= pIdenTokenIfInstance->identSourceNameLen) - { - // Return the data to the caller - memcpy(pSourceNameBuf, pIdenTokenIfInstance->pIdentSourceName, pIdenTokenIfInstance->identSourceNameLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - - // Return the lenght of the source name - *pSourceNameLen = pIdenTokenIfInstance->identSourceNameLen; - -exit: - - DbgTrace(2, "-GetSourceName- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -GetSourceUrl( - IN const void *pIfInstance, - INOUT char *pSourceUrlBuf, - INOUT int *pSourceUrlLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceUrlBuf - -// Pointer to buffer that will receive the URL associated with the -// identity information source. The returned URL will be in the form -// of a NULL terminated string. -// -// pSourceUrlBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceUrlBuf. On exit it contains the length of the returned -// URL (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the URL to the identity source associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - IdenTokenIfInstance *pIdenTokenIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenIfInstance, idenTokenIf); - - DbgTrace(2, "-GetSourceUrl- Start\n", 0); - - // Check the input parameters - if (pIfInstance == NULL - || pSourceUrlLen == NULL - || (pSourceUrlBuf == NULL && *pSourceUrlLen != 0)) - { - DbgTrace(0, "-GetSourceUrl- Invalid parameter\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Determine if the caller's buffer is large enough - if (*pSourceUrlLen >= pIdenTokenIfInstance->identSourceUrlLen) - { - // Return the data to the caller - memcpy(pSourceUrlBuf, pIdenTokenIfInstance->pIdentSourceUrl, pIdenTokenIfInstance->identSourceUrlLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - - // Return the lenght of the source url - *pSourceUrlLen = pIdenTokenIfInstance->identSourceUrlLen; - -exit: - - DbgTrace(2, "-GetSourceUrl- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -AttributeEnumerate( - IN const void *pIfInstance, - INOUT int *pEnumHandle, - INOUT char *pAttribNameBuf, - INOUT int *pAttribNameLen, - INOUT char *pAttribValueBuf, - INOUT int *pAttribValueLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pEnumHandle - -// Pointer to enumeration handle. Must be set to 0 to start an -// enumeration. Note the enumeration handle advances if the -// function returns success. -// -// pAttribNameBuf - -// Pointer to buffer that will receive the identity attribute name. The -// returned name will be in the form of a NULL terminated string. -// -// pAttribNameLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// pAttribValueBuf - -// Pointer to buffer that will receive the identity attribute value. The -// returned value will be in the form of a NULL terminated string. -// -// pAttribValueLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribValueBuf. On exit it contains the length of the returned -// value (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Enumerates through the attributes associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - IdenTokenIfInstance *pIdenTokenIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenIfInstance, idenTokenIf); - LIST_ENTRY *pListEntry; - int i; - Attribute *pAttribute; - - DbgTrace(2, "-AttributeEnumerate- Start\n", 0); - - // Check the input parameters - if (pIfInstance == NULL - || pEnumHandle == NULL - || pAttribNameLen == NULL - || pAttribValueLen == NULL - || (pAttribNameBuf == NULL && *pAttribNameLen != 0) - || (pAttribValueBuf == NULL && *pAttribValueLen != 0)) - { - DbgTrace(0, "-AttributeEnumerate- Invalid parameter\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Find the appropriate attribute based on the enum handle which is used as - // an index. - i = 0; - pAttribute = NULL; - pListEntry = pIdenTokenIfInstance->attributeListHead.Flink; - while (pListEntry != &pIdenTokenIfInstance->attributeListHead) - { - // Is this the attribute needed - if (i == *pEnumHandle) - { - // This is the attribute needed - pAttribute = CONTAINING_RECORD(pListEntry, Attribute, listEntry); - break; - } - else - { - // No, try the next one. - pListEntry = pListEntry->Flink; - i++; - } - } - - // Check if we found an attribute for the indicated enum handle - if (pAttribute) - { - // Try to return the attribute name - if (*pAttribNameLen >= pAttribute->attribNameLen) - { - // Return the attribute name - memcpy(pAttribNameBuf, pAttribute->pAttribName, pAttribute->attribNameLen); - - // Now, try to return the attribute value - if (*pAttribValueLen >= pAttribute->attribValueLen) - { - // Return the attribute value - memcpy(pAttribValueBuf, pAttribute->pAttribValue, pAttribute->attribValueLen); - - // Success - retStatus = CASA_STATUS_SUCCESS; - - // Advance the enum handle - *pEnumHandle = *pEnumHandle + 1; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_BUFFER_OVERFLOW); - } - - // Return the attribute lengths - *pAttribNameLen = pAttribute->attribNameLen; - *pAttribValueLen = pAttribute->attribValueLen; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_NO_MORE_ENTRIES); - } - -exit: - - DbgTrace(2, "-AttributeEnumerate- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -GetIdenTokenInterface( - IN const char *pTokenBuf, - IN const int tokenLen, - INOUT IdenTokenIf **ppIdenTokenIf) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Get principal interface instanced for the identity associated -// with specified identity token. -// -// L2 -//=======================================================================-- -{ - IdenTokenIfInstance *pIdenTokenIfInstance; - CasaStatus retStatus; - - DbgTrace(2, "-GetIdenTokenInterface- Start\n", 0); - - // Create a IdenTokenIfInstance object for it. - pIdenTokenIfInstance = malloc(sizeof(*pIdenTokenIfInstance)); - if (pIdenTokenIfInstance) - { - XML_Parser p; - IdenTokenParse idenTokenParse = {0}; - - /* - * CASA identity tokens have the following format: - * - * - * - * identity id - * identity data source name - * identity data source url - * target service name - * target host name - * - * attribute value - * attribute value - * ... - * - * - * - */ - - // Initialize the IdentTokenIfInstance object and set it in the - // idenTokenParse object. - memset(pIdenTokenIfInstance, 0, sizeof(*pIdenTokenIfInstance)); - InitializeListHead(&pIdenTokenIfInstance->attributeListHead); - pIdenTokenIfInstance->idenTokenIf.addReference = AddReference; - pIdenTokenIfInstance->idenTokenIf.releaseReference = ReleaseReference; - pIdenTokenIfInstance->idenTokenIf.getIdentityId = GetIdentityId; - pIdenTokenIfInstance->idenTokenIf.getSourceName = GetSourceName; - pIdenTokenIfInstance->idenTokenIf.getSourceUrl = GetSourceUrl; - pIdenTokenIfInstance->idenTokenIf.attributeEnumerate = AttributeEnumerate; - - idenTokenParse.pIdenTokenIfInstance = pIdenTokenIfInstance; - - // Create parser - p = XML_ParserCreate(NULL); - if (p) - { - // Keep track of the parser in our parse object - idenTokenParse.p = p; - - // Initialize the status within the parse object - idenTokenParse.status = CASA_STATUS_SUCCESS; - - // Set the start and end element handlers - XML_SetElementHandler(p, - IdenTokenStartElementHandler, - IdenTokenEndElementHandler); - - // Set the character data handler - XML_SetCharacterDataHandler(p, IdenTokenCharDataHandler); - - - // Set our user data - XML_SetUserData(p, &idenTokenParse); - - // Parse the document - if (XML_Parse(p, pTokenBuf, tokenLen, 1) == XML_STATUS_OK) - { - // Verify that the parse operation completed successfully - if (idenTokenParse.state == DONE_PARSING) - { - // The parse operation succeded. - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-GetIdenTokenInterface- Parse operation did not complete\n", 0); - - // Check if a status has been recorded - if (idenTokenParse.status != CASA_STATUS_SUCCESS) - { - retStatus = idenTokenParse.status; - } - else - { - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - } - } - else - { - DbgTrace(0, "-GetIdenTokenInterface- Parse error %d\n", XML_GetErrorCode(p)); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_PROTOCOL_ERROR); - } - - // Free the parser - XML_ParserFree(p); - } - else - { - DbgTrace(0, "-CreateAuthToken- Parser creation error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - - // Return the Identity Token Interface to the caller if successful - if (CASA_SUCCESS(retStatus)) - { - // Return the IdenTokenIf associated with the instance data after - // incrementing its reference count. - pIdenTokenIfInstance->refCount ++; - *ppIdenTokenIf = &pIdenTokenIfInstance->idenTokenIf; - - // Bump up our interface instance count - PlatAcquireMutex(g_idenTokenIfMutex); - g_numIdenTokenIfObjs ++; - PlatReleaseMutex(g_idenTokenIfMutex); - } - else - { - FreeIdenTokenIfInstance(pIdenTokenIfInstance); - } - } - else - { - DbgTrace(0, "-GetIdenTokenInterface- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(2, "-GetIdenTokenInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -IdenTokenIfInit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Initializes the identity token interface complex. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - - DbgTrace(1, "-IdenTokenIfInit- Start\n", 0); - - // Allocate mutex - if ((g_idenTokenIfMutex = PlatAllocMutex()) != NULL) - retStatus = CASA_STATUS_SUCCESS; - else - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - - DbgTrace(1, "-IdenTokenIfInit- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -IdenTokenIfUninit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Uninitializes the configuration interface complex. -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-IdenTokenIfUninit- Start\n", 0); - - // Free mutex if necessary - if (g_idenTokenIfMutex) - { - PlatDestroyMutex(g_idenTokenIfMutex); - g_idenTokenIfMutex = NULL; - } - - DbgTrace(1, "-IdenTokenIfUninit- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identokenprovider.c b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identokenprovider.c deleted file mode 100644 index 072f6372..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identokenprovider.c +++ /dev/null @@ -1,346 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Identity Token Provider Interface instance data -// -typedef struct _IdenTokenProviderIfInstance -{ - int refCount; - IdenTokenProviderIf idenTokenProviderIf; - -} IdenTokenProviderIfInstance, *PIdenTokenProviderIfInstance; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// IdenTokenProviderIf variables -static -int g_numIdenTokenProviderIfObjs = 0; - -// Debug Level -int DebugLevel = 0; - -// -// Initialization variables -// -static -bool g_moduleInitialized = false; - -// Synchronization mutex -static -HANDLE g_idenTokenProviderIfMutex = NULL; - - -//++======================================================================= -static -int SSCS_CALL -AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - IdenTokenProviderIfInstance *pIdenTokenProviderIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenProviderIfInstance, idenTokenProviderIf); - - DbgTrace(2, "-AddReference- Start\n", 0); - - // Increment the reference count on the object - PlatAcquireMutex(g_idenTokenProviderIfMutex); - pIdenTokenProviderIfInstance->refCount ++; - refCount = pIdenTokenProviderIfInstance->refCount; - PlatReleaseMutex(g_idenTokenProviderIfMutex); - - DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -static -void SSCS_CALL -ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - IdenTokenProviderIfInstance *pIdenTokenProviderIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenProviderIfInstance, idenTokenProviderIf); - - DbgTrace(2, "-ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - PlatAcquireMutex(g_idenTokenProviderIfMutex); - pIdenTokenProviderIfInstance->refCount --; - if (pIdenTokenProviderIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numIdenTokenProviderIfObjs --; - } - PlatReleaseMutex(g_idenTokenProviderIfMutex); - - // Free object if necessary - if (freeObj) - free(pIdenTokenProviderIfInstance); - - DbgTrace(2, "-ReleaseReference- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus -GetIdentityTokenIf( - IN const void *pIfInstance, - IN const char *pTokenBuf, - IN const int tokenLen, - INOUT IdenTokenIf **ppIdenTokenIf) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pTokenBuf - -// Pointer to null terminated string containing an identity token. -// -// tokenLen - -// Length of the token contained in the token buffer. -// -// ppIdenTokenIf - -// Pointer to variable that will receive pointer to identity -// token interface. -// -// Returns: -// Casa Status -// -// Description: -// Get identity token interface instance for the specified token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - char *pDecodedTokenBuf; - int decodedTokenBufLen; - - DbgTrace(2, "-GetIdentityTokenIf- Start\n", 0); - - // Validate input parameters - if (pIfInstance == NULL - || pTokenBuf == NULL - || tokenLen == 0 - || ppIdenTokenIf == NULL) - { - DbgTrace(0, "-GetIdentityTokenIf- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // First decode the token string - retStatus = DecodeData(pTokenBuf, - tokenLen, - (void**) &pDecodedTokenBuf, - &decodedTokenBufLen); - if (CASA_SUCCESS(retStatus)) - { - // Get the identity token interface - retStatus = GetIdenTokenInterface(pDecodedTokenBuf, - decodedTokenBufLen, - ppIdenTokenIf); - - // Free the decoded token buffer - free(pDecodedTokenBuf); - } - else - { - DbgTrace(0, "-GetIdentityTokenIf- Token decode failure\n", 0); - } - -exit: - - DbgTrace(2, "-GetIdentityTokenIf- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus SSCS_CALL -GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN( - IN const ConfigIf *pModuleConfigIf, - INOUT IdenTokenProviderIf **ppIdenTokenProviderIf) -// -// Arguments: -// pModuleConfigIf - -// Pointer to configuration interface instance for the module. -// -// ppIdenTokenProviderIf - -// Pointer to variable that will receive pointer to -// IdentityTokenProviderIf instance. -// -// Returns: -// Casa Status -// -// Description: -// Gets identity token provider interface instance. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - IdenTokenProviderIfInstance *pIdenTokenProviderIfInstance; - - DbgTrace(1, "-GetIdenTokenProviderInterface- Start\n", 0); - - // Validate input parameters - if (pModuleConfigIf == NULL - || ppIdenTokenProviderIf == NULL) - { - DbgTrace(0, "-GetIdenTokenProviderInterface- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Make sure that the module has been initialized - if (g_moduleInitialized == false) - { - // The module has not been initialized, synchronize access thought this section - // to avoid having two threads performing initialization. - AcquireModuleMutex; - - // Assume success - retStatus = CASA_STATUS_SUCCESS; - - // Check again in case another thread pre-empted us. - if (g_moduleInitialized == false) - { - // Initialize the IdenTokenIf complex - retStatus = IdenTokenIfInit(); - if (CASA_SUCCESS(retStatus)) - { - // Allocate mutex - if ((g_idenTokenProviderIfMutex = PlatAllocMutex()) != NULL) - { - // Success - g_moduleInitialized = true; - } - else - { - IdenTokenIfUninit(); - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - } - - // Stop synchronization - ReleaseModuleMutex; - - // Exit if we failed - if (g_moduleInitialized == false) - goto exit; - } - - // Allocate space for the interface instance - pIdenTokenProviderIfInstance = malloc(sizeof(*pIdenTokenProviderIfInstance)); - if (pIdenTokenProviderIfInstance) - { - // Initialize the interface instance data - pIdenTokenProviderIfInstance->refCount = 1; - pIdenTokenProviderIfInstance->idenTokenProviderIf.addReference = AddReference; - pIdenTokenProviderIfInstance->idenTokenProviderIf.releaseReference = ReleaseReference; - pIdenTokenProviderIfInstance->idenTokenProviderIf.getIdentityTokenIf = GetIdentityTokenIf; - - // Keep track of this object - PlatAcquireMutex(g_idenTokenProviderIfMutex); - g_numIdenTokenProviderIfObjs ++; - PlatReleaseMutex(g_idenTokenProviderIfMutex); - - // Return the interface to the caller - *ppIdenTokenProviderIf = &pIdenTokenProviderIfInstance->idenTokenProviderIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_KRB5TOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - -exit: - - DbgTrace(1, "-GetIdenTokenProviderInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/internal.h b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/internal.h deleted file mode 100644 index 13b200c9..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/internal.h +++ /dev/null @@ -1,122 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _INTERNAL_H_ -#define _INTERNAL_H_ - -//===[ Include files ]===================================================== - -#include "platform.h" -#include -#include -#include -#include -#include "config_if.h" -#include "iden_token_provider_if.h" -#include "list_entry.h" - -//===[ Type definitions ]================================================== - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//===[ Global externals ]================================================== - -extern int DebugLevel; - -//===[ External prototypes ]=============================================== - -// -// Defined in identoken.c -// - -extern -CasaStatus -GetIdenTokenInterface( - IN const char *pTokenBuf, - IN const int tokenLen, - INOUT IdenTokenIf **ppIdenTokenIf); - -extern -CasaStatus -IdenTokenIfInit(void); - -extern -void -IdenTokenIfUninit(void); - -// -// Defined in utils.c -// - -extern -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); - -extern -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen); - -extern -int -dtoul( - IN char *cp, - IN int len); - -// -// Functions exported by platform.c -// - -extern -HANDLE -PlatAllocMutex(void); - -extern -void -PlatDestroyMutex(HANDLE hMutex); - -extern -void -PlatAcquireMutex(HANDLE hMutex); - -extern -void -PlatReleaseMutex(HANDLE hMutex); - - -//========================================================================= - -#endif // _INTERNAL_H_ - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf deleted file mode 100644 index dec6372d..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf +++ /dev/null @@ -1,15 +0,0 @@ -####################################################### -# # -# CASA Authentication Token System configuration file # -# for module: # -# # -# CasaIdentityToken # -# # -# Note: This module is the provider of Casa Identity # -# tokens. # -# # -####################################################### - -LibraryName /opt/novell/CASA/lib/casa_iden_token.so - - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile.am b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile.am deleted file mode 100644 index 9350ed4d..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile.am +++ /dev/null @@ -1,114 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -if DEBUG -TARGET_CFG = Debug -CFLAGS += -v -w -else -TARGET_CFG = Release -endif - -SUBDIRS = - -DIST_SUBDIRS = - -ROOT = ../../../../.. - -CASAINCLUDE = ../../../../../../CASA/include - -LIBDIR = $(ROOT)/$(LIB) - -# handle Mono secondary dependencies -export MONO_PATH := $(MONO_PATH) - -PLATFORMINDEPENDENTSOURCEDIR = .. -PLATFORMDEPENDENTSOURCEDIR = . - -MODULE_NAME = casa_iden_token -MODULE_EXT = so - -CFILES = ../identokenprovider.c \ - ../identoken.c \ - ../util.c \ - platform.c - -CSFILES_CSC := -INCLUDES = -I. -I.. -I../../.. -I$(CASAINCLUDE) -I../../../../../include -RESOURCES = -DEFINES = -Wno-format-extra-args -fno-strict-aliasing -CFLAGS += $(INCLUDES) $(DEFINES) -LIBS = -lpthread -ldl -lexpat -LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) - -OBJDIR = ./$(TARGET_CFG)/$(LIB) -OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) - -EXTRA_DIST = $(CFILES) *.h - -CUR_DIR := $(shell pwd) - -all: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - -# -# Pattern based rules. -# -vpath %.c $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) -vpath %.cpp $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) - -$(OBJDIR)/%.o: %.c - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/%.o: %.cpp - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT): $(OBJDIR) $(OBJS) - @echo [======== Linking $@ ========] - $(LINK) -o $@ $(LDFLAGS) $(OBJS) $(LIBS) - cp -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/$(TARGET_CFG)/$(MODULE_NAME).$(MODULE_EXT) - -$(OBJDIR): - [ -d $(OBJDIR) ] || mkdir -p $(OBJDIR) - [ -d $(LIBDIR) ] || mkdir -p $(LIBDIR) - [ -d $(LIBDIR)/$(TARGET_CFG) ] || mkdir -p $(LIBDIR)/$(TARGET_CFG) - - -install-exec-local: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - $(mkinstalldirs) $(DESTDIR)$(libdir) - $(INSTALL_PROGRAM) $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(DESTDIR)$(libdir)/ - -uninstall-local: - cd $(DESTDIR)$(libdir); rm -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - rmdir $(DESTDIR)$(libdir) - -#installcheck-local: install -# $(mkinstalldirs) $(DESTDIR)$(libdir) -# $(INSTALL_PROGRAM) $(DESTDIR)$(libdir) -# cd $(DESTDIR)$(libdir); $(MONO) - -clean-local: - if [ -d $(TARGET_CFG) ]; then rm -rf $(TARGET_CFG); fi - -distclean-local: - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.c b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.c deleted file mode 100644 index 75bafc2b..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.c +++ /dev/null @@ -1,178 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Platform Mutex structure -// -typedef struct _PlatformMutex -{ - pthread_mutex_t mutex; - -} PlatformMutex, *PPlatformMutex; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// -// Module synchronization mutex -// -pthread_mutex_t g_hModuleMutex = PTHREAD_MUTEX_INITIALIZER; - - -//++======================================================================= -HANDLE -PlatAllocMutex(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex; - pthread_mutexattr_t mutexAttr = {PTHREAD_MUTEX_RECURSIVE}; - - DbgTrace(2, "-PlatAllocMutex- Start\n", 0); - - // Allocate space for our mutex structure - pPlatMutex = malloc(sizeof(*pPlatMutex)); - if (pPlatMutex) - { - // Finish initializing the mutex - pthread_mutex_init(&pPlatMutex->mutex, &mutexAttr); - } - else - { - DbgTrace(0, "-PlatAllocMutex- Memory allocation failure\n", 0); - } - - DbgTrace(2, "-PlatAllocMutex- End, retHandle = %08X\n", (unsigned int) pPlatMutex); - - return (HANDLE) pPlatMutex; -} - - -//++======================================================================= -void -PlatDestroyMutex(HANDLE hMutex) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex; - - DbgTrace(2, "-PlatDestroyMutex- Start\n", 0); - - // Free the resources associated with the mutex - pthread_mutex_destroy(&pPlatMutex->mutex); - free(pPlatMutex); - - DbgTrace(2, "-PlatDestroyMutex- End\n", 0); -} - - -//++======================================================================= -void -PlatAcquireMutex(HANDLE hMutex) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex; - - DbgTrace(2, "-PlatAcquireMutex- Start\n", 0); - - // Acquire the mutex - pthread_mutex_lock(&pPlatMutex->mutex); - - DbgTrace(2, "-PlatAcquireMutex- End\n", 0); -} - - -//++======================================================================= -void -PlatReleaseMutex(HANDLE hMutex) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex; - - DbgTrace(2, "-PlatReleaseMutex- Start\n", 0); - - // Release the mutex - pthread_mutex_unlock(&pPlatMutex->mutex); - - DbgTrace(2, "-PlatRelease- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.h b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.h deleted file mode 100644 index cc32cd17..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.h +++ /dev/null @@ -1,93 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#define _GNU_SOURCE - -//===[ Include files ]===================================================== - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -//===[ Type definitions ]================================================== - -#define HANDLE void* - -#ifndef CONTAINING_RECORD -#define CONTAINING_RECORD(address, type, field) ((type *)( \ - (char*)(address) - \ - (char*)(&((type *)0)->field))) -#endif - -// -// DbgTrace macro define -// -#define DbgTrace(LEVEL, X, Y) { \ -char printBuff[256]; \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - _snprintf(printBuff, sizeof(printBuff), X, Y); \ - fprintf(stderr, "CASA_IdenToken %s", printBuff); \ - } \ -} -/*#define DbgTrace(LEVEL, X, Y) { \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - openlog("CASA_IdenToken", LOG_CONS | LOG_NOWAIT | LOG_ODELAY, LOG_USER); \ - syslog(LOG_USER | LOG_INFO, X, Y); \ - closelog(); \ - } \ -}*/ - - -// Deal with function name mapping issues -#define _snprintf snprintf - - -// -// Module synchronization -// -extern pthread_mutex_t g_hModuleMutex; - -#define AcquireModuleMutex pthread_mutex_lock(&g_hModuleMutex) -#define ReleaseModuleMutex pthread_mutex_unlock(&g_hModuleMutex) - - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global externals ]================================================== - -//===[ External prototypes ]=============================================== - -//========================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/util.c b/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/util.c deleted file mode 100644 index 4e887979..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/util.c +++ /dev/null @@ -1,321 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Tables for Base64 encoding and decoding -static const int8_t g_Base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static const uint8_t g_Expand64[256] = -{ - /* ASCII table */ - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, - 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, - 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64 -}; - - -//++======================================================================= -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int encodedSize; - - char *pTmp; - - DbgTrace(3, "-EncodeData- Start\n", 0); - - // Determine the encoded size and allocate a buffer to hold the encoded data - encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4; - pTmp = (char*) malloc(encodedSize); - *ppEncodedData = pTmp; - if (*ppEncodedData) - { - uint8_t *pOut, *pIn; - int i; - - // Setup pointers to move through the buffers - pIn = (uint8_t*) pData; - pOut = (uint8_t*) *ppEncodedData; - - // Perform the encoding - for (i = 0; i < dataLen - 2; i += 3) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) | - ((int32_t)(pIn[i + 2] & 0xC0) >> 6)]; - *pOut++ = g_Base64[pIn[i + 2] & 0x3F]; - } - if (i < dataLen) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - if (i == (dataLen - 1)) - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4)]; - *pOut++ = '='; - } - else - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)]; - } - *pOut++ = '='; - } - *pOut++ = '\0'; - - // Return the encoded data length - *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int i, j; - int decodedSize; - - DbgTrace(3, "-DecodeData- Start\n", 0); - - // Determine the decoded size - for (i = 0, j = 0; i < encodedDataLen; i++) - if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64) - j++; - decodedSize = (j * 3 + 3) / 4; - - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) - { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) - { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); - - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; - } - if (!endReached) - { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); - } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -dtoul( - IN char *cp, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L0 -//=======================================================================-- -{ - int n = 0; - int i; - - DbgTrace(2, "-dtoul- Start\n", 0); - - for (i = 0; i < len; i++, cp++) - { - // Verify that we are dealing with a valid digit - if (*cp >= '0' && *cp <= '9') - { - n = 10 * n + (*cp - '0'); - } - else - { - DbgTrace(0, "-dtoul- Found invalid digit\n", 0); - break; - } - } - - DbgTrace(2, "-dtoul- End, result = %d\n", n); - - return n; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/iden_token_provider_if.h b/CASA-auth-token/server/AuthTokenValidate/iden_token_provider_if.h deleted file mode 100644 index 9f9a6339..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/iden_token_provider_if.h +++ /dev/null @@ -1,356 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _IDEN_TOKEN_PROVIDER_IF_H_ -#define _IDEN_TOKEN_PROVIDER_IF_H_ - - -//===[ Include files ]===================================================== - -#include "config_if.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - - -/************************************************************************** -*************************************************************************** -** ** -** Identity Token Interface Definitions ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -typedef -int -(SSCS_CALL *PFNIdenTokenIf_AddReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -//=======================================================================-- - - -//++======================================================================= -typedef -void -(SSCS_CALL *PFNIdenTokenIf_ReleaseReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNIdenTokenIf_GetIdentityId)( - IN const void *pIfInstance, - INOUT char *pIdentIdBuf, - INOUT int *pIdentIdLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pIdentIdBuf - -// Pointer to buffer that will receive the identity id. The returned -// id will be in the form of a NULL terminated string. -// -// pIdentIdBufLen - -// Pointer to variable with the length of the buffer pointed by -// pIdentIdBuf. On exit it contains the length of the returned id -// (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the identity id associated with the identity token. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNIdenTokenIf_GetSourceName)( - IN const void *pIfInstance, - INOUT char *pSourceNameBuf, - INOUT int *pSourceNameLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceNameBuf - -// Pointer to buffer that will receive the name associated with the -// identity information source. The returned name will be in the form -// of a NULL terminated string. -// -// pSourceNameBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the name of the identity source associated with the identity token. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNIdenTokenIf_GetSourceUrl)( - IN const void *pIfInstance, - INOUT char *pSourceUrlBuf, - INOUT int *pSourceUrlLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceUrlBuf - -// Pointer to buffer that will receive the URL associated with the -// identity information source. The returned URL will be in the form -// of a NULL terminated string. -// -// pSourceUrlBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceUrlBuf. On exit it contains the length of the returned -// URL (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the URL to the identity source associated with the identity token. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNIdenTokenIf_AttributeEnumerate)( - IN const void *pIfInstance, - INOUT int *pEnumHandle, - INOUT char *pAttribNameBuf, - INOUT int *pAttribNameLen, - INOUT char *pAttribValueBuf, - INOUT int *pAttribValueLen); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pEnumHandle - -// Pointer to enumeration handle. Must be set to 0 to start an -// enumeration. Note the enumeration handle advances if the -// function returns success. -// -// pAttribNameBuf - -// Pointer to buffer that will receive the identity attribute name. The -// returned name will be in the form of a NULL terminated string. -// -// pAttribNameLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// pAttribValueBuf - -// Pointer to buffer that will receive the identity attribute value. The -// returned value will be in the form of a NULL terminated string. -// -// pAttribValueLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribValueBuf. On exit it contains the length of the returned -// value (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Enumerates through the attributes associated with the identity token. -//=======================================================================-- - - -// -// Identity Token Interface Object -// -typedef struct _IdenTokenIf -{ - PFNIdenTokenIf_AddReference addReference; - PFNIdenTokenIf_ReleaseReference releaseReference; - PFNIdenTokenIf_GetIdentityId getIdentityId; - PFNIdenTokenIf_GetSourceName getSourceName; - PFNIdenTokenIf_GetSourceUrl getSourceUrl; - PFNIdenTokenIf_AttributeEnumerate attributeEnumerate; - -} IdenTokenIf, *PIdenTokenIf; - - -/************************************************************************** -*************************************************************************** -** ** -** Identity Token Provider Interface Definitions ** -** ** -*************************************************************************** -**************************************************************************/ - - -//++======================================================================= -typedef -int -(SSCS_CALL *PFNIdenTokenProviderIf_AddReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -//=======================================================================-- - - -//++======================================================================= -typedef -void -(SSCS_CALL *PFNIdenTokenProviderIf_ReleaseReference)( - IN const void *pIfInstance); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -//=======================================================================-- - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFNIdenTokenProviderIf_GetIdentityTokenIf)( - IN const void *pIfInstance, - IN const char *pTokenBuf, - IN const int tokenLen, - INOUT IdenTokenIf **ppIdenTokenIf); -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pTokenBuf - -// Pointer to null terminated string containing an identity token. -// -// tokenLen - -// Length of the token contained in the token buffer. -// -// ppIdenTokenIf - -// Pointer to variable that will receive pointer to identity -// token interface. -// -// Returns: -// Casa Status -// -// Description: -// Get identity token interface instance for the specified token. -//=======================================================================-- - - -// -// Identity Token Provider Interface Object -// -typedef struct _IdenTokenProviderIf -{ - PFNIdenTokenProviderIf_AddReference addReference; - PFNIdenTokenProviderIf_ReleaseReference releaseReference; - PFNIdenTokenProviderIf_GetIdentityTokenIf getIdentityTokenIf; - -} IdenTokenProviderIf, *PIdenTokenProviderIf; - - -//++======================================================================= -typedef -CasaStatus -(SSCS_CALL *PFN_GetIdenTokenProviderIfRtn)( - IN const ConfigIf *pModuleConfigIf, - INOUT IdenTokenProviderIf **ppIdenTokenProviderIf); -// -// Arguments: -// pModuleConfigIf - -// Pointer to configuration interface instance for the module. -// -// ppIdenTokenProviderIf - -// Pointer to variable that will receive pointer to -// IdentityTokenProviderIf instance. -// -// Returns: -// Casa Status -// -// Description: -// Gets identity token provider interface instance. -//=======================================================================-- - -#define GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN_SYMBOL "GetIdenTokenProviderInterface" -#define GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN GetIdenTokenProviderInterface - - -#endif // #ifndef _IDEN_TOKEN_PROVIDER_IF_H_ - diff --git a/CASA-auth-token/server/AuthTokenValidate/identoken.c b/CASA-auth-token/server/AuthTokenValidate/identoken.c deleted file mode 100644 index f9ff26d9..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/identoken.c +++ /dev/null @@ -1,320 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Identity Token Module definition -// -typedef struct _IdenTokenProviderModule -{ - LIST_ENTRY listEntry; - char *pTypeName; - int typeNameLen; - LIB_HANDLE libHandle; - IdenTokenProviderIf *pIdenTokenProviderIf; - -} IdenTokenProviderModule, *PIdenTokenProviderModule; - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// -// IdenTokenProviderModule list and syncronization mutex -// -static -LIST_ENTRY g_IdenTokenProviderModuleListHead = {&g_IdenTokenProviderModuleListHead, &g_IdenTokenProviderModuleListHead}; - -static -HANDLE g_idenTokenMutex = NULL; - - -//++======================================================================= -CasaStatus -GetIdenTokenProviderInterface( - IN const char *pIdenTokenTypeName, - INOUT IdenTokenProviderIf **ppIdenTokenProviderIf) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - ConfigIf *pModuleConfigIf; - - DbgTrace(2, "-GetIdenTokenProviderInterface- Start\n", 0); - - // Get the configuration for the module - retStatus = GetConfigInterface("/etc/opt/novell/CASA/authtoken.d/modules.d", - pIdenTokenTypeName, - &pModuleConfigIf); - if (CASA_SUCCESS(retStatus) - && CasaStatusCode(retStatus) != CASA_STATUS_OBJECT_NOT_FOUND) - { - LIST_ENTRY *pListEntry; - IdenTokenProviderModule *pIdenTokenProviderModule = NULL; - int32_t idenTokenTypeNameLen = strlen(pIdenTokenTypeName); - - // Gain exclusive access to our mutex - PlatAcquireMutex(g_idenTokenMutex); - - // Look if we already have the module in our list - pListEntry = g_IdenTokenProviderModuleListHead.Flink; - while (pListEntry != &g_IdenTokenProviderModuleListHead) - { - // Get pointer to the current entry - pIdenTokenProviderModule = CONTAINING_RECORD(pListEntry, IdenTokenProviderModule, listEntry); - - // Check if this is the module that we need - if (pIdenTokenProviderModule->typeNameLen == idenTokenTypeNameLen - && memcmp(pIdenTokenTypeName, pIdenTokenProviderModule->pTypeName, idenTokenTypeNameLen) == 0) - { - // This is the module that we need, stop looking. - break; - } - else - { - // This is not the module that we are looking for - pIdenTokenProviderModule = NULL; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Proceed based on whether or not a module was found - if (pIdenTokenProviderModule) - { - // Module found in our list, provide the caller with its IdenTokenProviderIf - // instance after we have incremented its reference count. - pIdenTokenProviderModule->pIdenTokenProviderIf->addReference(pIdenTokenProviderModule->pIdenTokenProviderIf); - *ppIdenTokenProviderIf = pIdenTokenProviderModule->pIdenTokenProviderIf; - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - // Needed module not found in our list, create an entry. - pIdenTokenProviderModule = malloc(sizeof(*pIdenTokenProviderModule)); - if (pIdenTokenProviderModule) - { - // Allocate buffer to contain the authentication type name within the module entry - pIdenTokenProviderModule->pTypeName = malloc(idenTokenTypeNameLen + 1); - if (pIdenTokenProviderModule->pTypeName) - { - char *pLibraryName; - - // Initialize the library handle field - pIdenTokenProviderModule->libHandle = NULL; - - // Save the auth type name within the entry - strcpy(pIdenTokenProviderModule->pTypeName, pIdenTokenTypeName); - pIdenTokenProviderModule->typeNameLen = idenTokenTypeNameLen; - - // Obtain the name of the library that we must load - pLibraryName = pModuleConfigIf->getEntryValue(pModuleConfigIf, "LibraryName"); - if (pLibraryName) - { - // Load the library - pIdenTokenProviderModule->libHandle = OpenLibrary(pLibraryName); - if (pIdenTokenProviderModule->libHandle) - { - PFN_GetIdenTokenProviderIfRtn pGetIdenTokenProviderIfRtn; - - // Library has been loaded, now get a pointer to its GetIdenTokenProviderProviderInterface routine - pGetIdenTokenProviderIfRtn = (PFN_GetIdenTokenProviderIfRtn) GetFunctionPtr(pIdenTokenProviderModule->libHandle, - GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN_SYMBOL); - if (pGetIdenTokenProviderIfRtn) - { - // Now, obtain the modules IdenTokenProviderIf. - retStatus = (pGetIdenTokenProviderIfRtn)(pModuleConfigIf, &pIdenTokenProviderModule->pIdenTokenProviderIf); - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- GetFunctionPtr error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_LIBRARY_LOAD_FAILURE); - } - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- OpenLibrary error\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_LIBRARY_LOAD_FAILURE); - } - - // Free the buffer holding the library name - free(pLibraryName); - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- Library name not configured\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_CONFIGURATION_ERROR); - } - - // Check if we were successful at obtaining the IdenTokenProviderIf instance for the - // module. - if (CASA_SUCCESS(retStatus)) - { - // Insert the entry in the list, provide the caller with its IdenTokenProviderIf - // instance after we have incremented its reference count. - InsertTailList(&g_IdenTokenProviderModuleListHead, &pIdenTokenProviderModule->listEntry); - pIdenTokenProviderModule->pIdenTokenProviderIf->addReference(pIdenTokenProviderModule->pIdenTokenProviderIf); - *ppIdenTokenProviderIf = pIdenTokenProviderModule->pIdenTokenProviderIf; - } - else - { - // Failed, free resources. - free(pIdenTokenProviderModule->pTypeName); - if (pIdenTokenProviderModule->libHandle) - CloseLibrary(pIdenTokenProviderModule->libHandle); - free(pIdenTokenProviderModule); - } - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- Unable to allocate buffer\n", 0); - - // Free buffer allocated for entry - free(pIdenTokenProviderModule); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- Unable to allocate buffer\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - } - - // Release exclusive access to our mutex - PlatReleaseMutex(g_idenTokenMutex); - - // Release config interface instance - pModuleConfigIf->releaseReference(pModuleConfigIf); - } - else - { - DbgTrace(0, "-GetIdenTokenProviderInterface- Unable to obtain config interface\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_CONFIGURATION_ERROR); - } - - DbgTrace(2, "-GetIdenTokenProviderInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -IdenTokenInit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Initializes the identity token complex. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - - DbgTrace(1, "-IdenTokenInit- Start\n", 0); - - // Allocate mutex - if ((g_idenTokenMutex = PlatAllocMutex()) != NULL) - retStatus = CASA_STATUS_SUCCESS; - else - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - - DbgTrace(1, "-IdenTokenInit- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -IdenTokenUninit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Uninitializes the indentity token complex. -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-IdenTokenUninit- Start\n", 0); - - // Free mutex if necessary - if (g_idenTokenMutex) - { - PlatDestroyMutex(g_idenTokenMutex); - g_idenTokenMutex = NULL; - } - - DbgTrace(1, "-IdenTokenUninit- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/internal.h b/CASA-auth-token/server/AuthTokenValidate/internal.h deleted file mode 100644 index eff9cc93..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/internal.h +++ /dev/null @@ -1,222 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#ifndef _INTERNAL_H_ -#define _INTERNAL_H_ - -//===[ Include files ]===================================================== - -#include "platform.h" -#include -#include -#include -#include -#include "proto.h" -#include "list_entry.h" -#include "config_if.h" -#include "iden_token_provider_if.h" - -//===[ Type definitions ]================================================== - -// -// Authentication Token structure -// -typedef struct _AuthToken -{ - int tokenLifetime; - char *pSignature; - int signatureLen; - char *pIdenTokenType; - int idenTokenTypeLen; - char *pIdenToken; - int idenTokenLen; - -} AuthToken, *PAuthToken; - - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -//===[ Global externals ]================================================== - -extern int DebugLevel; - -//===[ External prototypes ]=============================================== - -// -// Functions exported by config.c -// -extern -CasaStatus -GetConfigInterface( - IN const char *pConfigFolder, - IN const char *pConfigName, - INOUT ConfigIf **ppConfigIf); - -extern -CasaStatus -ConfigIfInit(void); - -extern -void -ConfigIfUninit(void); - -// -// Functions exported by identoken.c -// -extern -CasaStatus -GetIdenTokenProviderInterface( - IN const char *pIdenTokenTypeName, - INOUT IdenTokenProviderIf **ppIdenTokenProviderIf); - -extern -CasaStatus -IdenTokenInit(void); - -extern -void -IdenTokenUninit(void); - -// -// Functions exported by platform.c -// -extern -HANDLE -PlatAllocMutex(void); - -extern -void -PlatDestroyMutex(HANDLE hMutex); - -extern -void -PlatAcquireMutex(HANDLE hMutex); - -extern -void -PlatReleaseMutex(HANDLE hMutex); - -extern -LIB_HANDLE -OpenLibrary( - IN char *pFileName); - -extern -void -CloseLibrary( - IN LIB_HANDLE libHandle); - -extern -void* -GetFunctionPtr( - IN LIB_HANDLE libHandle, - IN char *pFunctionName); - -// -// Functions exported by principal.c -// - -extern -CasaStatus -GetPrincipalInterface( - IN IdenTokenIf *pIdenTokenIf, - INOUT PrincipalIf **ppPrincipalIf); - -extern -CasaStatus -PrincipalIfInit(void); - -extern -void -PrincipalIfUninit(void); - -// -// Functions exported by validate.c -// - -extern -CasaStatus SSCS_CALL -ValidateAuthToken( - IN const char *pServiceName, - IN const char *pTokenBuf, - IN const int tokenBufLen, - INOUT PrincipalIf **ppPrincipalIf); - -// -// Functions exported by authtoken.c -// - -extern -CasaStatus -CreateAuthToken( - IN char *pTokenBuf, - IN int tokenBufLen, - INOUT AuthToken **ppAuthToken); - -extern -void -RelAuthToken( - IN AuthToken *pAuthToken); - -extern -CasaStatus -CheckAuthToken( - IN AuthToken *pAuthToken, - IN const char *pServiceName); - -// -// Defined in utils.c -// - -extern -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen); - -extern -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen); - -extern -int -dtoul( - IN char *cp, - IN int len); - - -//========================================================================= - -#endif // _INTERNAL_H_ - diff --git a/CASA-auth-token/server/AuthTokenValidate/linux/Makefile.am b/CASA-auth-token/server/AuthTokenValidate/linux/Makefile.am deleted file mode 100644 index 6811ab26..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/linux/Makefile.am +++ /dev/null @@ -1,116 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -if DEBUG -TARGET_CFG = Debug -CFLAGS += -v -w -else -TARGET_CFG = Release -endif - -SUBDIRS = - -DIST_SUBDIRS = - -ROOT = ../../.. -CASAINCLUDE = ../../../../CASA/include - -LIBDIR = $(ROOT)/$(LIB) - -# handle Mono secondary dependencies -export MONO_PATH := $(MONO_PATH) - -PLATFORMINDEPENDENTSOURCEDIR = .. -PLATFORMDEPENDENTSOURCEDIR = . - -MODULE_NAME = libcasa_s_authtoken -MODULE_EXT = so - -CFILES = ../config.c \ - ../authtoken.c \ - ../principal.c \ - ../util.c \ - ../validate.c \ - ../identoken.c \ - platform.c - -CSFILES_CSC := -INCLUDES = -I. -I.. -I$(CASAINCLUDE) -I../../../include -RESOURCES = -DEFINES = -Wno-format-extra-args -fno-strict-aliasing -CFLAGS += $(INCLUDES) $(DEFINES) -LIBS = -lpthread -ldl -lexpat -LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) - -OBJDIR = ./$(TARGET_CFG)/$(LIB) -OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) - -EXTRA_DIST = $(CFILES) *.h - -CUR_DIR := $(shell pwd) - -all: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - -# -# Pattern based rules. -# -vpath %.c $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) -vpath %.cpp $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) - -$(OBJDIR)/%.o: %.c - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/%.o: %.cpp - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT): $(OBJDIR) $(OBJS) - @echo [======== Linking $@ ========] - $(LINK) -o $@ $(LDFLAGS) $(OBJS) $(LIBS) - cp -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/$(TARGET_CFG)/$(MODULE_NAME).$(MODULE_EXT) - -$(OBJDIR): - [ -d $(OBJDIR) ] || mkdir -p $(OBJDIR) - [ -d $(LIBDIR) ] || mkdir -p $(LIBDIR) - [ -d $(LIBDIR)/$(TARGET_CFG) ] || mkdir -p $(LIBDIR)/$(TARGET_CFG) - - -install-exec-local: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - $(mkinstalldirs) $(DESTDIR)$(libdir) - $(INSTALL_PROGRAM) $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(DESTDIR)$(libdir)/ - -uninstall-local: - cd $(DESTDIR)$(libdir); rm -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - rmdir $(DESTDIR)$(libdir) - -#installcheck-local: install -# $(mkinstalldirs) $(DESTDIR)$(libdir) -# $(INSTALL_PROGRAM) $(DESTDIR)$(libdir) -# cd $(DESTDIR)$(libdir); $(MONO) - -clean-local: - if [ -d $(TARGET_CFG) ]; then rm -rf $(TARGET_CFG); fi - -distclean-local: - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/AuthTokenValidate/linux/platform.c b/CASA-auth-token/server/AuthTokenValidate/linux/platform.c deleted file mode 100644 index d24762b8..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/linux/platform.c +++ /dev/null @@ -1,268 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Platform Mutex structure -// -typedef struct _PlatformMutex -{ - pthread_mutex_t mutex; - -} PlatformMutex, *PPlatformMutex; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// -// Module synchronization mutex -// -pthread_mutex_t g_hModuleMutex = PTHREAD_MUTEX_INITIALIZER; - - -//++======================================================================= -HANDLE -PlatAllocMutex(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex; - pthread_mutexattr_t mutexAttr = {PTHREAD_MUTEX_RECURSIVE}; - - DbgTrace(2, "-PlatAllocMutex- Start\n", 0); - - // Allocate space for our mutex structure - pPlatMutex = malloc(sizeof(*pPlatMutex)); - if (pPlatMutex) - { - // Finish initializing the mutex - pthread_mutex_init(&pPlatMutex->mutex, &mutexAttr); - } - else - { - DbgTrace(0, "-PlatAllocMutex- Memory allocation failure\n", 0); - } - - DbgTrace(2, "-PlatAllocMutex- End, retHandle = %08X\n", (unsigned int) pPlatMutex); - - return (HANDLE) pPlatMutex; -} - - -//++======================================================================= -void -PlatDestroyMutex(HANDLE hMutex) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex; - - DbgTrace(2, "-PlatDestroyMutex- Start\n", 0); - - // Free the resources associated with the mutex - pthread_mutex_destroy(&pPlatMutex->mutex); - free(pPlatMutex); - - DbgTrace(2, "-PlatDestroyMutex- End\n", 0); -} - - -//++======================================================================= -void -PlatAcquireMutex(HANDLE hMutex) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex; - - DbgTrace(2, "-PlatAcquireMutex- Start\n", 0); - - // Acquire the mutex - pthread_mutex_lock(&pPlatMutex->mutex); - - DbgTrace(2, "-PlatAcquireMutex- End\n", 0); -} - - -//++======================================================================= -void -PlatReleaseMutex(HANDLE hMutex) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -// L2 -//=======================================================================-- -{ - PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex; - - DbgTrace(2, "-PlatReleaseMutex- Start\n", 0); - - // Release the mutex - pthread_mutex_unlock(&pPlatMutex->mutex); - - DbgTrace(2, "-PlatRelease- End\n", 0); -} - - -//++======================================================================= -LIB_HANDLE -OpenLibrary( - IN char *pFileName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - LIB_HANDLE libHandle; - - - DbgTrace(1, "-OpenLibrary- Start\n", 0); - - libHandle = dlopen(pFileName, RTLD_LAZY); - if (libHandle == NULL) - { - DbgTrace(0, "-OpenLibrary- Not able to load library, error = %d\n", dlerror()); - } - - DbgTrace(1, "-OpenLibrary- End, handle = %08X\n", libHandle); - - return libHandle; -} - - -//++======================================================================= -void -CloseLibrary( - IN LIB_HANDLE libHandle) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-CloseLibrary- Start\n", 0); - - dlclose(libHandle); - - DbgTrace(1, "-CloseLibrary- End\n", 0); -} - - -//++======================================================================= -void* -GetFunctionPtr( - IN LIB_HANDLE libHandle, - IN char *pFunctionName) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - void *pFuncPtr; - - DbgTrace(1, "-GetFunctionPtr- Start\n", 0); - - pFuncPtr = dlsym(libHandle, pFunctionName); - if (pFuncPtr == NULL) - { - DbgTrace(0, "-GetFunctionPtr- Not able to obtain func ptr, error = %d\n", dlerror()); - } - - DbgTrace(1, "-GetFunctionPtr- End, pFuncPtr = %08X\n", pFuncPtr); - - return pFuncPtr; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/linux/platform.h b/CASA-auth-token/server/AuthTokenValidate/linux/platform.h deleted file mode 100644 index 447efe82..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/linux/platform.h +++ /dev/null @@ -1,100 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#define _GNU_SOURCE - -//===[ Include files ]===================================================== - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -//===[ Type definitions ]================================================== - -#define HANDLE void* - -#ifndef CONTAINING_RECORD -#define CONTAINING_RECORD(address, type, field) ((type *)( \ - (char*)(address) - \ - (char*)(&((type *)0)->field))) -#endif - - -// -// DbgTrace macro define -// -#define DbgTrace(LEVEL, X, Y) { \ -char printBuff[256]; \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - _snprintf(printBuff, sizeof(printBuff), X, Y); \ - fprintf(stderr, "CASA_AuthTokenValidate %s", printBuff); \ - } \ -} -/*#define DbgTrace(LEVEL, X, Y) { \ - if (LEVEL == 0 || DebugLevel >= LEVEL) \ - { \ - openlog("CASA_AuthTokenValidate", LOG_CONS | LOG_NOWAIT | LOG_ODELAY, LOG_USER); \ - syslog(LOG_USER | LOG_INFO, X, Y); \ - closelog(); \ - } \ -}*/ - - -// -// Deal with function name mapping issues -// -#define _snprintf snprintf - -// -// Module synchronization -// -extern pthread_mutex_t g_hModuleMutex; - -#define AcquireModuleMutex pthread_mutex_lock(&g_hModuleMutex) -#define ReleaseModuleMutex pthread_mutex_unlock(&g_hModuleMutex) - -// -// Other definitions -// -#define LIB_HANDLE void* - - -//===[ Inlines functions ]=============================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global externals ]================================================== - -//===[ External prototypes ]=============================================== - -//========================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/principal.c b/CASA-auth-token/server/AuthTokenValidate/principal.c deleted file mode 100644 index e4361731..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/principal.c +++ /dev/null @@ -1,482 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -// -// Config Interface instance data -// -typedef struct _PrincipalIfInstance -{ - int refCount; - IdenTokenIf *pIdenTokenIf; - PrincipalIf principalIf; - -} PrincipalIfInstance, *PPrincipalIfInstance; - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// PrincipalIf variables -static -int g_numPrincipalIfObjs = 0; - -// Synchronization mutex -static -HANDLE g_principalIfMutex = NULL; - - -//++======================================================================= -static -int SSCS_CALL -AddReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Interface reference count. -// -// Description: -// Increases interface reference count. -// -// L2 -//=======================================================================-- -{ - int refCount; - PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf); - - DbgTrace(2, "-AddReference- Start\n", 0); - - // Increment the reference count on the object - PlatAcquireMutex(g_principalIfMutex); - pPrincipalIfInstance->refCount ++; - refCount = pPrincipalIfInstance->refCount; - PlatReleaseMutex(g_principalIfMutex); - - DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount); - - return refCount; -} - - -//++======================================================================= -static -void SSCS_CALL -ReleaseReference( - IN const void *pIfInstance) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// Returns: -// Nothing. -// -// Description: -// Decreases interface reference count. The interface is deallocated if -// the reference count becomes zero. -// -// L2 -//=======================================================================-- -{ - bool freeObj = false; - PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf); - - DbgTrace(2, "-ReleaseReference- Start\n", 0); - - // Decrement the reference count on the object and determine if it needs to - // be released. - PlatAcquireMutex(g_principalIfMutex); - pPrincipalIfInstance->refCount --; - if (pPrincipalIfInstance->refCount == 0) - { - // The object needs to be released, forget about it. - freeObj = true; - g_numPrincipalIfObjs --; - } - PlatReleaseMutex(g_principalIfMutex); - - // Free object if necessary - if (freeObj) - { - // Release the identity token interface associated with our instance - pPrincipalIfInstance->pIdenTokenIf->releaseReference(pPrincipalIfInstance->pIdenTokenIf); - - // Free our instance data - free(pPrincipalIfInstance); - } - - DbgTrace(2, "-ReleaseReference- End\n", 0); -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -GetIdentityId( - IN const void *pIfInstance, - INOUT char *pIdentIdBuf, - INOUT int *pIdentIdLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pIdentIdBuf - -// Pointer to buffer that will receive the identity id. The returned -// id will be in the form of a NULL terminated string. -// -// pIdentIdBufLen - -// Pointer to variable with the length of the buffer pointed by -// pIdentIdBuf. On exit it contains the length of the returned id -// (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the identity id associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf); - - DbgTrace(2, "-GetIdentityId- Start\n", 0); - - // Just call into the identity token - retStatus = pPrincipalIfInstance->pIdenTokenIf->getIdentityId(pPrincipalIfInstance->pIdenTokenIf, - pIdentIdBuf, - pIdentIdLen); - - DbgTrace(2, "-GetIdentityId- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -GetSourceName( - IN const void *pIfInstance, - INOUT char *pSourceNameBuf, - INOUT int *pSourceNameLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceNameBuf - -// Pointer to buffer that will receive the name associated with the -// identity information source. The returned name will be in the form -// of a NULL terminated string. -// -// pSourceNameBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the name of the identity source associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf); - - DbgTrace(2, "-GetSourceName- Start\n", 0); - - // Just call into the identity token - retStatus = pPrincipalIfInstance->pIdenTokenIf->getSourceName(pPrincipalIfInstance->pIdenTokenIf, - pSourceNameBuf, - pSourceNameLen); - - DbgTrace(2, "-GetSourceName- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -GetSourceUrl( - IN const void *pIfInstance, - INOUT char *pSourceUrlBuf, - INOUT int *pSourceUrlLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pSourceUrlBuf - -// Pointer to buffer that will receive the URL associated with the -// identity information source. The returned URL will be in the form -// of a NULL terminated string. -// -// pSourceUrlBufLen - -// Pointer to variable with the length of the buffer pointed by -// pSourceUrlBuf. On exit it contains the length of the returned -// URL (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Get the URL to the identity source associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf); - - DbgTrace(2, "-GetSourceUrl- Start\n", 0); - - // Just call into the identity token - retStatus = pPrincipalIfInstance->pIdenTokenIf->getSourceUrl(pPrincipalIfInstance->pIdenTokenIf, - pSourceUrlBuf, - pSourceUrlLen); - - DbgTrace(2, "-GetSourceUrl- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -static -CasaStatus SSCS_CALL -AttributeEnumerate( - IN const void *pIfInstance, - INOUT int *pEnumHandle, - INOUT char *pAttribNameBuf, - INOUT int *pAttribNameLen, - INOUT char *pAttribValueBuf, - INOUT int *pAttribValueLen) -// -// Arguments: -// pIfInstance - -// Pointer to interface object. -// -// pEnumHandle - -// Pointer to enumeration handle. Must be set to 0 to start an -// enumeration. -// -// pAttribNameBuf - -// Pointer to buffer that will receive the identity attribute name. The -// returned name will be in the form of a NULL terminated string. -// -// pAttribNameLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribNameBuf. On exit it contains the length of the returned -// name (including the NULL terminator). -// -// pAttribValueBuf - -// Pointer to buffer that will receive the identity attribute value. The -// returned value will be in the form of a NULL terminated string. -// -// pAttribValueLen - -// Pointer to variable with the length of the buffer pointed by -// pAttribValueBuf. On exit it contains the length of the returned -// value (including the NULL terminator). -// -// -// Returns: -// Casa Status -// -// Description: -// Enumerates through the attributes associated with the identity token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf); - - DbgTrace(2, "-AttributeEnumerate- Start\n", 0); - - // Just call into the identity token - retStatus = pPrincipalIfInstance->pIdenTokenIf->attributeEnumerate(pPrincipalIfInstance->pIdenTokenIf, - pEnumHandle, - pAttribNameBuf, - pAttribNameLen, - pAttribValueBuf, - pAttribValueLen); - - DbgTrace(2, "-AttributeEnumerate- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -GetPrincipalInterface( - IN IdenTokenIf *pIdenTokenIf, - INOUT PrincipalIf **ppPrincipalIf) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Get principal interface instanced for the identity associated -// with specified identity token. -// -// L2 -//=======================================================================-- -{ - PrincipalIfInstance *pPrincipalIfInstance; - CasaStatus retStatus; - - DbgTrace(2, "-GetPrincipalInterface- Start\n", 0); - - // Create a PrincipalIfInstance object for it. - pPrincipalIfInstance = malloc(sizeof(*pPrincipalIfInstance)); - if (pPrincipalIfInstance) - { - // Initialize the PrincipalIf within the instance data - pPrincipalIfInstance->principalIf.addReference = AddReference; - pPrincipalIfInstance->principalIf.releaseReference = ReleaseReference; - pPrincipalIfInstance->principalIf.getIdentityId = GetIdentityId; - pPrincipalIfInstance->principalIf.getSourceName = GetSourceName; - pPrincipalIfInstance->principalIf.getSourceUrl = GetSourceUrl; - pPrincipalIfInstance->principalIf.attributeEnumerate = AttributeEnumerate; - - // Keep reference to the identity token interface instance - pPrincipalIfInstance->pIdenTokenIf = pIdenTokenIf; - pIdenTokenIf->addReference(pIdenTokenIf); - - // Return the PrincipalIf associated with the instance data after - // incrementing its reference count. - pPrincipalIfInstance->refCount ++; - *ppPrincipalIf = &pPrincipalIfInstance->principalIf; - - // Bump up our interface instance count - PlatAcquireMutex(g_principalIfMutex); - g_numPrincipalIfObjs ++; - PlatReleaseMutex(g_principalIfMutex); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-GetPrincipalInterface- Buffer allocation failure\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(2, "-GetPrincipalInterface- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -PrincipalIfInit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Initializes the principal interface complex. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - - DbgTrace(1, "-PrincipalIfInit- Start\n", 0); - - // Allocate mutex - if ((g_principalIfMutex = PlatAllocMutex()) != NULL) - retStatus = CASA_STATUS_SUCCESS; - else - retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - - DbgTrace(1, "-PrincipalIfInit- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -void -PrincipalIfUninit(void) -// -// Arguments: -// -// Returns: -// Casa Status -// -// Description: -// Uninitializes the configuration interface complex. -// -// L2 -//=======================================================================-- -{ - DbgTrace(1, "-PrincipalIfUninit- Start\n", 0); - - // Free mutex if necessary - if (g_principalIfMutex) - { - PlatDestroyMutex(g_principalIfMutex); - g_principalIfMutex = NULL; - } - - DbgTrace(1, "-PrincipalIfUninit- End\n", 0); -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/util.c b/CASA-auth-token/server/AuthTokenValidate/util.c deleted file mode 100644 index bf6a48b6..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/util.c +++ /dev/null @@ -1,321 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Tables for Base64 encoding and decoding -static const int8_t g_Base64[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static const uint8_t g_Expand64[256] = -{ - /* ASCII table */ - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64, - 64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, - 64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64 -}; - - -//++======================================================================= -CasaStatus -EncodeData( - IN const void *pData, - IN const int32_t dataLen, - INOUT char **ppEncodedData, - INOUT int32_t *pEncodedDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int encodedSize; - - char *pTmp; - - DbgTrace(3, "-EncodeData- Start\n", 0); - - // Determine the encoded size and allocate a buffer to hold the encoded data - encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4; - pTmp = (char*) malloc(encodedSize); - *ppEncodedData = pTmp; - if (*ppEncodedData) - { - uint8_t *pOut, *pIn; - int i; - - // Setup pointers to move through the buffers - pIn = (uint8_t*) pData; - pOut = (uint8_t*) *ppEncodedData; - - // Perform the encoding - for (i = 0; i < dataLen - 2; i += 3) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) | - ((int32_t)(pIn[i + 2] & 0xC0) >> 6)]; - *pOut++ = g_Base64[pIn[i + 2] & 0x3F]; - } - if (i < dataLen) - { - *pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F]; - if (i == (dataLen - 1)) - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4)]; - *pOut++ = '='; - } - else - { - *pOut++ = g_Base64[((pIn[i] & 0x3) << 4) | - ((int32_t)(pIn[i + 1] & 0xF0) >> 4)]; - *pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)]; - } - *pOut++ = '='; - } - *pOut++ = '\0'; - - // Return the encoded data length - *pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -CasaStatus -DecodeData( - IN const char *pEncodedData, - IN const int32_t encodedDataLen, // Does not include NULL terminator - INOUT void **ppData, - INOUT int32_t *pDataLen) -// -// Arguments: -// -// Returns: -// -// Description: -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - int i, j; - int decodedSize; - - DbgTrace(3, "-DecodeData- Start\n", 0); - - // Determine the decoded size - for (i = 0, j = 0; i < encodedDataLen; i++) - if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64) - j++; - decodedSize = (j * 3 + 3) / 4; - - // Allocate buffer to hold the decoded data - *ppData = malloc(decodedSize); - if (*ppData) - { - bool endReached = false; - uint8_t c0, c1, c2, c3; - uint8_t *p, *q; - - // Initialize parameters that will be used during the decode operation - c0 = c1 = c2 = c3 = 0; - p = (uint8_t*) pEncodedData; - q = (uint8_t*) *ppData; - - // Decode the data - // - // Loop through the data, piecing back information. Any newlines, and/or - // carriage returns need to be skipped. - while (j > 4) - { - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - endReached = true; - break; - } - c0 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2); - j--; - endReached = true; - break; - } - c1 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4); - j -= 2; - endReached = true; - break; - } - c2 = *(p++); - - while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p))) - p++; - if (64 == g_Expand64[*p]) - { - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6); - j -= 3; - endReached = true; - break; - } - c3 = *(p++); - - *(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4); - *(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2); - *(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]); - j -= 4; - } - if (!endReached) - { - if (j > 1) - *(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4); - if (j > 2) - *(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2); - if (j > 3) - *(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]); - } - - // Return the length of the decoded data - *pDataLen = (int32_t)(q - (uint8_t*)*ppData); - - // Success - retStatus = CASA_STATUS_SUCCESS; - } - else - { - DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INSUFFICIENT_RESOURCES); - } - - DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -int -dtoul( - IN char *cp, - IN int len) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int n = 0; - int i; - - DbgTrace(2, "-dtoul- Start\n", 0); - - for (i = 0; i < len; i++, cp++) - { - // Verify that we are dealing with a valid digit - if (*cp >= '0' && *cp <= '9') - { - n = 10 * n + (*cp - '0'); - } - else - { - DbgTrace(0, "-dtoul- Found invalid digit\n", 0); - break; - } - } - - DbgTrace(2, "-dtoul- End, result = %d\n", n); - - return n; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/AuthTokenValidate/validate.c b/CASA-auth-token/server/AuthTokenValidate/validate.c deleted file mode 100644 index 24c9dcb7..00000000 --- a/CASA-auth-token/server/AuthTokenValidate/validate.c +++ /dev/null @@ -1,244 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include "internal.h" - -//===[ Type definitions ]================================================== - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Debug Level -int DebugLevel = 0; - -// -// Initialization variables -// -static -bool g_moduleInitialized = false; - - -//++======================================================================= -CasaStatus SSCS_CALL -ValidateAuthToken( - IN const char *pServiceName, - IN const char *pTokenBuf, - IN const int tokenBufLen, - INOUT PrincipalIf **ppPrincipalIf) -// -// Arguments: -// pServiceName - -// Pointer to NULL terminated string that contains the -// name of the service targeted by the token. -// -// pTokenBuf - -// Pointer to buffer that will receive the authentication -// token. The length of this buffer is specified by the -// pTokenBufLen parameter. Note that the the authentication -// token will be in the form of a NULL terminated string. -// -// tokenBufLen - -// Length of the data contained within the buffer pointed -// at by pTokenBuf. -// -// ppPrincipalIf - -// Pointer to variable that will receive a pointer to a principal -// interface with information about the authenticated entity. -// IMPORTANT NOTE: The caller is responsible for releasing the -// interface after it is done with it to avoid a resource leak. -// -// Returns: -// Casa status. -// -// Description: -// Validates authentication token. -// -// L2 -//=======================================================================-- -{ - CasaStatus retStatus; - char *pDecodedTokenBuf; - int decodedTokenBufLen; - PrincipalIf *pPrincipalIf; - - DbgTrace(1, "-ValidateAuthToken- Start\n", 0); - - // Validate input parameters - if (pServiceName == NULL - || pTokenBuf == NULL - || tokenBufLen == 0 - || ppPrincipalIf == NULL) - { - DbgTrace(0, "-ValidateAuthToken- Invalid input parameter\n", 0); - - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_INVALID_PARAMETER); - goto exit; - } - - // Make sure that the module has been initialized - if (g_moduleInitialized == false) - { - // The module has not been initialized, synchronize access thought this section - // to avoid having two threads performing initialization. - AcquireModuleMutex; - - // Assume success - retStatus = CASA_STATUS_SUCCESS; - - // Check again in case another thread pre-empted us. - if (g_moduleInitialized == false) - { - // Initialize the ConfigIf complex - retStatus = ConfigIfInit(); - if (CASA_SUCCESS(retStatus)) - { - // Initialize the PrincipalIf complex - retStatus = PrincipalIfInit(); - if (CASA_SUCCESS(retStatus)) - { - // Initialize the IdenToken complex - retStatus = IdenTokenInit(); - if (CASA_SUCCESS(retStatus)) - { - // Success - g_moduleInitialized = true; - } - else - { - PrincipalIfUninit(); - ConfigIfUninit(); - } - } - else - { - ConfigIfUninit(); - } - } - } - - // Stop synchronization - ReleaseModuleMutex; - - // Exit if we failed - if (g_moduleInitialized == false) - goto exit; - } - - // First decode the token string - retStatus = DecodeData(pTokenBuf, - tokenBufLen, - (void**) &pDecodedTokenBuf, - &decodedTokenBufLen); - if (CASA_SUCCESS(retStatus)) - { - AuthToken *pAuthToken; - - // Token was decoded successfully, now create an authentication token object with it. - retStatus = CreateAuthToken(pDecodedTokenBuf, decodedTokenBufLen, &pAuthToken); - if (CASA_SUCCESS(retStatus)) - { - // Now check the validity of the token - retStatus = CheckAuthToken(pAuthToken, pServiceName); - if (CASA_SUCCESS(retStatus)) - { - IdenTokenProviderIf *pIdenTokenProviderIf; - - // The token was validated, now - // Obtain Identity Token Provider interface - retStatus = GetIdenTokenProviderInterface(pAuthToken->pIdenTokenType, - &pIdenTokenProviderIf); - if (CASA_SUCCESS(retStatus)) - { - IdenTokenIf *pIdenTokenIf; - - // Use the Identity Token Provider to get an Identity Token Interface instance - retStatus = pIdenTokenProviderIf->getIdentityTokenIf(pIdenTokenProviderIf, - pAuthToken->pIdenToken, - pAuthToken->idenTokenLen, - &pIdenTokenIf); - if (CASA_SUCCESS(retStatus)) - { - // Now create a principal interface instance with the identity information present in - // the identity token. - retStatus = GetPrincipalInterface(pIdenTokenIf, &pPrincipalIf); - if (CASA_SUCCESS(retStatus)) - { - // Success, return the principal interface to the caller. - *ppPrincipalIf = pPrincipalIf; - } - else - { - DbgTrace(0, "-ValidateAuthToken- Failed to instantiate principal interface\n", 0); - } - - // Release identity token interface - pIdenTokenIf->releaseReference(pIdenTokenIf); - } - else - { - DbgTrace(0, "-ValidateAuthToken- Failed to instantiate identity token\n", 0); - } - - // Release identity token provider interface - pIdenTokenProviderIf->releaseReference(pIdenTokenProviderIf); - } - else - { - DbgTrace(0, "-ValidateAuthToken- Failed to obtain identity token provider interface\n", 0); - } - } - - // Free the AuthToken object - RelAuthToken(pAuthToken); - } - else - { - DbgTrace(0, "-ValidateAuthToken- Failed to create authentication token object\n", 0); - } - - // Free the decoded token buffer - free(pDecodedTokenBuf); - } - else - { - DbgTrace(0, "-ValidateAuthToken- Token decode failure\n", 0); - } - -exit: - - DbgTrace(1, "-ValidateAuthToken- End, retStatus = %08X\n", retStatus); - - return retStatus; -} - - -//++======================================================================= -//++======================================================================= -//++======================================================================= - diff --git a/CASA-auth-token/server/JaasSupport/.classpath b/CASA-auth-token/server/JaasSupport/.classpath deleted file mode 100644 index e487b600..00000000 --- a/CASA-auth-token/server/JaasSupport/.classpath +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - diff --git a/CASA-auth-token/server/JaasSupport/.project b/CASA-auth-token/server/JaasSupport/.project deleted file mode 100644 index cdeff8ac..00000000 --- a/CASA-auth-token/server/JaasSupport/.project +++ /dev/null @@ -1,17 +0,0 @@ - - - CasaJaasSupport - - - - - - org.eclipse.jdt.core.javabuilder - - - - - - org.eclipse.jdt.core.javanature - - diff --git a/CASA-auth-token/server/JaasSupport/Makefile.am b/CASA-auth-token/server/JaasSupport/Makefile.am deleted file mode 100644 index 8c05e9c9..00000000 --- a/CASA-auth-token/server/JaasSupport/Makefile.am +++ /dev/null @@ -1,81 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# -####################################################################### - -SUBDIRS = src -DIST_SUBDIRS = src - -EXTRA_DIST = $(JAVAFILES) - -ROOT = ../.. - -LIBDIR = $(ROOT)/$(LIB) - -JAVAROOT = . -JAVAC= javac - -MODULE_NAME = CasaJaasSupport -MODULE_EXT = jar - -JAVAFILES = src/com/novell/casa/jaas/CasaLoginModule.java \ - src/com/novell/casa/jaas/CasaPrincipal.java - -BUILDDIR = build - -CLASSES = $(addprefix $(BUILDDIR)/, $(JAVAFILES:%.java=%.class)) - -LIBS = -CLASSPATH = $(LIBDIR)/java/CasaAuthToken.jar:$(LIBS) - -CUR_DIR := $(shell pwd) - -all: $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) - -$(BUILDDIR)/%.class: %.java - @echo [======== Compiling $@ ========] - $(JAVAC) -sourcepath src -classpath $(CLASSPATH) -d $(BUILDDIR)/classes $< - -$(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT): $(BUILDDIR) $(CLASSES) - @echo [======== Jarring $@ ========] - jar cvf $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) -C $(BUILDDIR)/classes . - cp $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/java/ - -$(BUILDDIR): - [ -d $(BUILDDIR) ] || mkdir -p $(BUILDDIR) - [ -d $(BUILDDIR)/classes ] || mkdir -p $(BUILDDIR)/classes - [ -d $(LIBDIR) ] || mkdir -p $(LIBDIR) - [ -d $(LIBDIR)/java ] || mkdir -p $(LIBDIR)/java - -install-exec-local: - -uninstall-local: - -#installcheck-local: install - -clean-local: - if [ -d $(BUILDDIR) ]; then rm -rf $(BUILDDIR); fi - if [ -f $(LIBDIR)/java/$(MODULE_NAME).$(MODULE_EXT) ]; then rm -f $(LIBDIR)/java/$(MODULE_NAME).$(MODULE_EXT); fi - -distclean-local: - -maintainer-clean-local: - rm -f Makefile.in - rm -f Makefile - diff --git a/CASA-auth-token/server/JaasSupport/README b/CASA-auth-token/server/JaasSupport/README deleted file mode 100644 index fae61bc0..00000000 --- a/CASA-auth-token/server/JaasSupport/README +++ /dev/null @@ -1,82 +0,0 @@ -/*********************************************************************** - * - * README for JaasSupport - * - ***********************************************************************/ - -INTRODUCTION - -CasaLoginModule is a JAAS login module which can be configured -to validate credentials consisting of CASA Authentication Tokens. - -CONFIGURATION - -To use CasaLoginModule for your service, set the java.security.auth.login.config -property to point to the JAAS configuration file for your application. You must -also set the org.xml.sax.driver property to point to an appropriate SAX Parser. -The Xerces SAX Parser is a good option (org.apache.xerces.parsers.SAXParser). - -The JAAS configuration file should include the following line: - -com.novell.casa.jaas.CasaLoginModule Required; - -The CasaLoginModule supports the following parameters: - -PerformUsernameCheck - This parameter when set to true tells the CasaLoginModule -that it must verify that the username is set to "CasaPrincipal". If the parameter -is not specified the username is not checked. - -CLIENT PROGRAMMING NOTES - -Clients must specify the same service name when requesting Authentication -Tokens from the CASA Client as the service name specified by the server -when opening a JAAS Context. - -SERVER PROGRAMMING NOTES - -Server applications validating credentials containing CASA Authentication -tokens can obtain information about the authenticated identity by getting -access to the CasaPrincipal that gets associated with the Subject object -returned from a successful JAAS login. The CasaPrincipal provides the -following information: username, name of the identity data source (realm), -and an URL to the identity data source. The CasaPrincipal also contains -the attributes of the authenticated identity configured as required by the -service in the Authentication Token Service. - -EXAMPLE SERVER APPLICATION - -See src/com/novell/casa/jaas/sample/SampleApp.java for an example application -using JAAS to authenticate credentials consisting of CASA Authentication Tokens. - -Note that to get the application to run you must set the path to the JAAS configuration -file as the JAVA property java.security.auth.login.config. You must also make sure that -the JAVA property org.xml.sax.driver.org is set to a valid SAX parser. The following shows -the JAVA options that you would set to run the test application: -Djava.security.auth.login. -config=/home/user/SampleApp/SampleApp.conf -Dorg.xml.sax.driver=org.apache.xerces.parsers. -SAXParser - -The SampleApp.conf file should have the following contents: - -SampleApp { - com.novell.casa.jaas.CasaLoginModule Required debug=true; -}; - -You must also include the CasaJaasSupport.jar and CasaAuthToken.jar files in the -CLASSPATH of the application. - -SECURITY CONSIDERATIONS - -CASA Authenticatication Tokens when compromised can be used to either impersonate -a user or to obtain identity information about the user. Because of this it is -important that the tokens be secured by applications making use of them. It is -recommended that the tokens be transmitted using SSL. - - - - - - - - - - diff --git a/CASA-auth-token/server/JaasSupport/TODO b/CASA-auth-token/server/JaasSupport/TODO deleted file mode 100644 index 87b7c803..00000000 --- a/CASA-auth-token/server/JaasSupport/TODO +++ /dev/null @@ -1,13 +0,0 @@ -/*********************************************************************** - * - * TODO for JaasSupport - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for JaasSupport. - -OUTSTANDING ITEMS - -- Change printfs used for debugging into a suitable mechanism. diff --git a/CASA-auth-token/server/JaasSupport/make_and_run_test.sh b/CASA-auth-token/server/JaasSupport/make_and_run_test.sh deleted file mode 100755 index 5b1a233b..00000000 --- a/CASA-auth-token/server/JaasSupport/make_and_run_test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -if [ ! -d build-test ]; then - mkdir build-test - mkdir build-test/classes -else - if [ ! -d build-test/classes ]; then - mkdir build-test/classes - fi -fi -echo "*** Compiling the test application ***" -javac -sourcepath src -classpath ../../../lib/java/CasaJaasSupport.jar:../../../lib/java/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java -echo "*** Done compiling ***" -echo "" -echo "*** Starting the test application ***" -java -classpath build-test/classes:../../../lib/java/CasaJaasSupport.jar:../../../lib/java/CasaAuthToken.jar:/usr/share/java/xerces-j2.jar -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf com.novell.casa.jaas.sample.SampleApp -#jdb -sourcepath src:../AuthTokenSvc/src -classpath build-test/classes:../../../lib/java/CasaJaasSupport.jar:../../../lib/java/CasaAuthToken.jar:/usr/share/java/xerces-j2.jar -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf com.novell.casa.jaas.sample.SampleApp - diff --git a/CASA-auth-token/server/JaasSupport/src/Makefile.am b/CASA-auth-token/server/JaasSupport/src/Makefile.am deleted file mode 100644 index 00e1ef35..00000000 --- a/CASA-auth-token/server/JaasSupport/src/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = com - -DIST_SUBDIRS = com - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/JaasSupport/src/com/Makefile.am b/CASA-auth-token/server/JaasSupport/src/com/Makefile.am deleted file mode 100644 index 34a83b0d..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = novell - -DIST_SUBDIRS = novell - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/Makefile.am b/CASA-auth-token/server/JaasSupport/src/com/novell/Makefile.am deleted file mode 100644 index 2fb64053..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = casa - -DIST_SUBDIRS = casa - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/Makefile.am b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/Makefile.am deleted file mode 100644 index 0c89b23b..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = jaas - -DIST_SUBDIRS = jaas - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaLoginModule.java b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaLoginModule.java deleted file mode 100644 index 51db3a0d..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaLoginModule.java +++ /dev/null @@ -1,257 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.jaas; - -import java.util.Map; -import java.util.Set; - -import javax.security.auth.Subject; -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.login.FailedLoginException; -import javax.security.auth.login.LoginException; -import javax.security.auth.spi.LoginModule; - -import com.novell.casa.authtoksvc.AuthToken; -import com.novell.casa.authtoksvc.CasaIdentityToken; - -/* - * CasaLoginModule Class. - * - * This class implements a LoginModule which performs - * authentication via the Casa Authentication Token - * infrastructure. - * - */ -public class CasaLoginModule implements LoginModule -{ - private final static String casaUsername = "CasaIdentityUser"; - - private Subject m_subject = null; - private CasaPrincipal m_principal = null; - private CallbackHandler m_callbackHandler = null; - private Map m_sharedState = null; - private Map m_options = null; - - /* - * (non-Javadoc) - * @see javax.security.auth.spi.LoginModule#abort() - */ - public boolean abort() throws LoginException - { - // Clear out all of our state - m_subject = null; - m_principal = null; - m_callbackHandler = null; - m_sharedState = null; - m_options = null; - - return true; - } - - /* - * (non-Javadoc) - * @see javax.security.auth.spi.LoginModule#commit() - */ - public boolean commit() throws LoginException - { - // Check if we instantiated a principal to associate - // with the subject. - if (m_principal != null) - { - try - { - // Add our principal to the set associated with - // the subject. - m_subject.getPrincipals().add(m_principal); - return true; - } - catch (Exception e) - { - System.err.println("CasaLoginModule.commit()- Exception caught associating principal, msg: " + e.getMessage()); - throw new LoginException("Error encountered"); - } - } - else - { - // Allways return since authentication failed or was not - // performed by us. - return false; - } - } - - /* - * (non-Javadoc) - * @see javax.security.auth.spi.LoginModule#login() - */ - public boolean login() throws LoginException - { - // Verify that a CallbackHandler was specified - if (m_callbackHandler == null) - { - System.err.println("CasaLoginModule.login()- Null CallbackHandler"); - throw new LoginException("Null CallbackHandler"); - } - - // Do not perform the username check unless configured to do it. - boolean performUsernameCheck = false; - if (m_options != null - && m_options.containsKey((String) "PerformUsernameCheck") == true) - { - String keyVal = (String) m_options.get("PerformUsernameCheck"); - if (keyVal != null && keyVal.equals("true")) - performUsernameCheck = true; - } - - if (performUsernameCheck) - { - // Verify that the username is CasaIdentityUser, for this - // we first need to obtain it. - // - // Try to obtain the user name from the shared state - String username = (String) m_sharedState.get("javax.security.auth.login.name"); - if (username == null) - { - // The usename was not stored in the shared state, request it. - try - { - NameCallback nameCallback = new NameCallback("Enter username:"); - Callback[] callbacks = new Callback[1]; - callbacks[0] = nameCallback; - m_callbackHandler.handle(callbacks); - username = nameCallback.getName(); - } - catch (Exception e) - { - System.err.println("CasaLoginModule.login()- Exception caught during nameCallback, msg: " + e.getMessage()); - } - - // Check the username - if (username == null) - return false; - else - { - // Save the retrieved username in the shared state and then check it. - m_sharedState.put("javax.security.auth.login.name", username); - if (username.equals(casaUsername) == false) - return false; - } - } - else - { - // Check the username - if (username.equals(casaUsername) == false) - return false; - } - } - - // Obtain the CasaAuthenticationToken - char[] authTokenChars = null; - try - { - PasswordCallback passwordCallback = new PasswordCallback("Enter CasaAuthenticationToken:", false); - Callback[] callbacks = new Callback[1]; - callbacks[0] = passwordCallback; - m_callbackHandler.handle(callbacks); - authTokenChars = passwordCallback.getPassword(); - } - catch (Exception e) - { - System.err.println("CasaLoginModule.login()- Exception caught during passwordCallback, msg: " + e.getMessage()); - } - - // Check the CasaAuthenticationToken - if (authTokenChars != null) - { - // Instantiate the AuthToken, this validates the token itself. - try - { - AuthToken authToken = new AuthToken(new String(authTokenChars)); - - // Instantiate the appropriate IdentityToken based on the IdentityTokenProvider type - // tbd - For now use the CasaIdentityToken - CasaIdentityToken identityToken = new CasaIdentityToken(); - identityToken.initialize(authToken.getIdentityToken()); - - // Now instantiate the CasaPrincipal - m_principal = new CasaPrincipal(identityToken); - } - catch (Exception e) - { - // The validation of one of the tokens failed - // tbd - Log - System.err.println("CasaLoginModule.login()- Exception caught during token processing, msg: " + e.getMessage()); - throw new FailedLoginException("Token validation failed"); - } - } - else - { - // Token not provided - // tbd - Log - System.err.println("CasaLoginModule.login()- Token not provided"); - throw new FailedLoginException("CasaAuthenticationToken not obtained"); - } - - // User validated - // tbd - Log - return true; - } - - /* - * (non-Javadoc) - * @see javax.security.auth.spi.LoginModule#logout() - */ - public boolean logout() throws LoginException - { - // Check if we must try to remove our principal - // from the associated subject. - if (m_principal != null - && m_subject.isReadOnly() == false) - { - Set principalSet = m_subject.getPrincipals(); - principalSet.remove(m_principal); - } - return true; - } - - /* - * (non-Javadoc) - * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map) - */ - public void initialize( - Subject subject, - CallbackHandler callbackHandler, - Map sharedState, - Map options) - { - // Save the input parameters for later use - m_subject = subject; - m_callbackHandler = callbackHandler; - m_sharedState = sharedState; - m_options = options; - } -} diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaPrincipal.java b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaPrincipal.java deleted file mode 100644 index ef97808e..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/CasaPrincipal.java +++ /dev/null @@ -1,87 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - ***********************************************************************/ - -package com.novell.casa.jaas; - -import java.security.Principal; - -import com.novell.casa.authtoksvc.IdentityToken; - -/* - * CasaPrincipal class. - * - * This class implements the principal class for - * identities authenticated by Casa. - * - */ -public class CasaPrincipal implements Principal -{ - private String m_name; - private String m_realm; - private String m_identStoreUrl; - private javax.naming.directory.Attributes m_attributes; - - /* - * Constructor - */ - public CasaPrincipal(IdentityToken identityToken) throws Exception - { - // Get the necessary information from the identity token - m_name = identityToken.getIdentityId(); - m_realm = identityToken.getSourceName(); - m_identStoreUrl = identityToken.getSourceUrl(); - m_attributes = identityToken.getAttributes(); - } - - /* - * (non-Javadoc) - * @see java.security.Principal#getName() - */ - public String getName() - { - return m_name; - } - - /* - * Returns the name associated with the source of the identity data. - */ - public String getRealm() - { - return m_realm; - } - - /* - * Returns the url associated with the source of the identity data. - */ - public String getIdentStoreUrl() - { - return m_identStoreUrl; - } - - /* - * Returns the identity attributes. - */ - public javax.naming.directory.Attributes getAttributes() - { - return m_attributes; - } -} diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/Makefile.am b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/Makefile.am deleted file mode 100644 index 8dec38a9..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/Makefile.am +++ /dev/null @@ -1,39 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = - -DIST_SUBDIRS = - -JAVAFILES = CasaLoginModule.java \ - CasaPrincipal.java - - -EXTRA_DIST = $(JAVAFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.conf b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.conf deleted file mode 100644 index c2fb8fc9..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.conf +++ /dev/null @@ -1,3 +0,0 @@ -testService { - com.novell.casa.jaas.CasaLoginModule Required debug=true; -}; \ No newline at end of file diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.java b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.java deleted file mode 100644 index 0cd43c85..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleApp.java +++ /dev/null @@ -1,193 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.jaas.sample; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.net.ServerSocket; -import java.net.Socket; -import java.util.Iterator; -import java.util.Set; - -import javax.naming.NamingEnumeration; -import javax.security.auth.Subject; -import javax.security.auth.login.LoginContext; -import javax.security.auth.login.LoginException; - -import com.novell.casa.jaas.CasaPrincipal; - - -/* - * This is a sample application which demonstrates the use of - * JAAS and Casa to authenticate a connection. - */ -public class SampleApp -{ - /** - * @param args - */ - public static void main(String[] args) - { - Socket sock = null; - ServerSocket listenSock = null; - - try - { - // Create a socket to listen for connections - int port = 4444; - int queueLen = 6; - System.out.println("Listen port = " + port); - listenSock = new ServerSocket(port, queueLen); - - // Service connections - while (true) - { - BufferedReader in = null; - try - { - // Wait for the next connection - System.out.println("Waiting for connection"); - sock = listenSock.accept(); - System.out.println(); - System.out.println("********Connection received*********"); - - // Get socket I/O streams - in = new BufferedReader(new InputStreamReader(sock.getInputStream())); - //PrintStream out = new PrintStream(sock.getOutputStream()); - - // Get the authentication token from the client - String authToken = in.readLine(); - //System.out.println("Token received from client, length = " + authToken.length()); - - // Authenticate the token and print out the information available to our service - // about the authenticated identity. - LoginContext lc = new LoginContext("testService", new SampleAppCallbackHandler(authToken)); - try - { - System.out.println("Authenticating the user"); - lc.login(); - - System.out.println(" Authentication succeeded"); - - // Now get the subject associated with the context - Subject subject = lc.getSubject(); - - // Now get the CasaPrincipals that represent the authenticated - // identity or identities. - Set principalSet = subject.getPrincipals(CasaPrincipal.class); - //System.out.println("The number of CasaPrincipals is: " + principalSet.size()); - Iterator principalIter = principalSet.iterator(); - System.out.println(); - System.out.println("Authenticated Identity Information"); - System.out.println(); - while (principalIter.hasNext() == true) - { - CasaPrincipal principal = (CasaPrincipal) principalIter.next(); - - // Print out information about the principal - System.out.println(" Source of the identity information: " + principal.getIdentStoreUrl()); - System.out.println(" Realm name associated with identity source: " + principal.getRealm()); - System.out.println(" Principal name (unique within identity source realm): " + principal.getName()); - System.out.println(); - System.out.println("Authenticated Identity Attributes"); - System.out.println(); - javax.naming.directory.Attributes attrs = principal.getAttributes(); - for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();) - { - javax.naming.directory.Attribute attr = (javax.naming.directory.Attribute) ae.next(); - - NamingEnumeration enumeration = attr.getAll(); - while (enumeration.hasMore()) - { - System.out.print(" Attribute Name: " + attr.getID()); - Object attrValue = enumeration.next(); - if (attrValue instanceof byte[]) - { - // The attribute value is binary data - StringBuffer buf = new StringBuffer(); - char[] hex = "0123456789ABCDEF".toCharArray(); - for (int i = 0; i < ((byte[]) attrValue).length; i++) - { - buf.append(hex[(((byte[]) attrValue)[i] >> 4) & 0xF]); - buf.append(hex[((byte[]) attrValue)[i] & 0xF]); - } - System.out.println(" :: Attribute Value: " + buf.toString()); - } - else - { - // The attribute value is contained in a string - System.out.println(" :: Attribute Value: " + (String) attrValue); - } - } - } - } - System.out.println(); - } - catch (LoginException e) - { - System.out.println(" Authentication failed, LoginException: " + e.getMessage()); - } - } - finally - { - if (sock != null) - { - sock.close(); - sock = null; - } - if (in != null) - in.close(); - } - } - } - catch (IOException e) - { - System.out.println("IOException: " + e.getMessage()); - } - catch (Exception e) - { - System.out.println("Exception: " + e.getMessage()); - } - finally - { - try - { - if (sock != null) - { - sock.close(); - } - if (listenSock != null) - { - listenSock.close(); - } - } - catch (Exception e) - { - System.out.println("Exception: " + e.getMessage()); - } - } - } -} diff --git a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java b/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java deleted file mode 100644 index 990ec5b2..00000000 --- a/CASA-auth-token/server/JaasSupport/src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java +++ /dev/null @@ -1,71 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -package com.novell.casa.jaas.sample; - -import java.io.IOException; - -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; - - -public class SampleAppCallbackHandler implements CallbackHandler -{ - private String m_authToken; - - /* - * Constructor - * - */ - public SampleAppCallbackHandler(String authToken) - { - m_authToken = authToken; - } - - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException - { - for (int i = 0; i < callbacks.length; i++) - { - if (callbacks[i] instanceof NameCallback) { - NameCallback nc = (NameCallback) callbacks[i]; - nc.setName("CasaIdentityUser"); - } else if (callbacks[i] instanceof PasswordCallback) { - PasswordCallback pc = (PasswordCallback) callbacks[i]; - //System.out.println("SampleAppCallbackHandler.handle()- Token length = " + m_authToken.length()); - char[] allChars = m_authToken.toCharArray(); - - // Remove the null terminator - char[] tokenChars = new char[allChars.length - 1]; - for (int ii = 0; ii < tokenChars.length; ii++) - tokenChars[ii] = allChars[ii]; - pc.setPassword(tokenChars); - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } - } -} diff --git a/CASA-auth-token/server/Makefile.am b/CASA-auth-token/server/Makefile.am deleted file mode 100644 index 58613019..00000000 --- a/CASA-auth-token/server/Makefile.am +++ /dev/null @@ -1,38 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -#SUBDIRS = AuthTokenValidate ApacheSupport PamSupport -SUBDIRS = AuthTokenValidate ApacheSupport PamSupport AuthTokenSvc JaasSupport - -DIST_SUBDIRS = AuthTokenValidate ApacheSupport PamSupport AuthTokenSvc JaasSupport - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/PamSupport/Makefile.am b/CASA-auth-token/server/PamSupport/Makefile.am deleted file mode 100644 index 6184e626..00000000 --- a/CASA-auth-token/server/PamSupport/Makefile.am +++ /dev/null @@ -1,37 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -SUBDIRS = $(TARGET_OS) - -DIST_SUBDIRS = linux - -CFILES = - -EXTRA_DIST = $(CFILES) - -.PHONY: package package-clean package-install package-uninstall -package package-clean package-install package-uninstall: - $(MAKE) -C $(TARGET_OS) $@ - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/PamSupport/README b/CASA-auth-token/server/PamSupport/README deleted file mode 100644 index 3996c09d..00000000 --- a/CASA-auth-token/server/PamSupport/README +++ /dev/null @@ -1,80 +0,0 @@ -/*********************************************************************** - * - * README for pam_casaauthtok - * - ***********************************************************************/ - -INTRODUCTION - -pam_casaauthtok is a PAM authentication module which can be configured -to validate credentials consisting of CASA Authentication Tokens. - -CONFIGURATION - -To use pam_casaauthtok as a PAM authentication module for your service, -add the following line to the service's PAM configuration file: - -auth required pam_casaauthtok.so - -pam_casaauthtok supports the following input parameters: - -U - This parameter tells pam_casaauthtok that it must verify that - the username is set to "CasaPrincipal". If the parameter is not - specified then pam_casaauthtok does not check the username. - -CLIENT PROGRAMMING NOTES - -Clients must specify the same service name when requesting Authentication -Tokens from the CASA Client as the service name specified by the server -when opening a PAM handle. - -SERVER PROGRAMMING NOTES - -Server applications validating credentials containing CASA Authentication -tokens can obtain the following information about the authenticated identity: - -username - This is obtained by querying PAM using the pam_get_item() call with -the item type set to PAM_USER. This can also be obtained by querying PAM -using the pam_getenv() call with the variable name set to "IdentityId". The -username is the user's unique id within the authentication realm. When the -authentication realm is an LDAP database, the username consists of the user's fdn. -Note that PAM applications using pam_casaauthtok need to set username to -"CasaPrincipal" when opening a PAM handle and then the variable is updated by -pam_casaauthtok during the authentication process with the identity information -of the authenticated entity. - -Name of the source of identity data (Authentication Realm) - This is obtained -by querying PAM using the pam_getenv() call with the variable name set to -"IdentityDataSourceName". - -URL to the source of identity data - This is obtained -by querying PAM using the pam_getenv() call with the variable name set to -"IdentityDataSourceUrl". - -Attributes of the authenticated identity - The attributes are set as environment -variables associated with the PAM handle. The environment variable names match -the names of the attributes. The attributes associated with the authenticated -identity and expressed as environment variables are configured at the time that -the service is enabled for CASA Authentication. - -EXAMPLE SERVER APPLICATION - -See test/test.c for an example application using PAM to authenticate credentials -consisting of CASA Authentication Tokens. - -SECURITY CONSIDERATIONS - -CASA Authenticatication Tokens when compromised can be used to either impersonate -a user or to obtain identity information about the user. Because of this it is -important that the tokens be secured by applications making use of them. It is -recommended that the tokens be transmitted using SSL. - - - - - - - - - - diff --git a/CASA-auth-token/server/PamSupport/TODO b/CASA-auth-token/server/PamSupport/TODO deleted file mode 100644 index 90fb8aeb..00000000 --- a/CASA-auth-token/server/PamSupport/TODO +++ /dev/null @@ -1,13 +0,0 @@ -/*********************************************************************** - * - * TODO for pam_casaauthtok - * - ***********************************************************************/ - -INTRODUCTION - -This file contains a list of the items still outstanding for pam_casaauthtok. - -OUTSTANDING ITEMS - -None. diff --git a/CASA-auth-token/server/PamSupport/linux/Makefile.am b/CASA-auth-token/server/PamSupport/linux/Makefile.am deleted file mode 100644 index 6d9685b9..00000000 --- a/CASA-auth-token/server/PamSupport/linux/Makefile.am +++ /dev/null @@ -1,112 +0,0 @@ -####################################################################### -# -# Copyright (C) 2006 Novell, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public -# License as published by the Free Software Foundation; either -# version 2 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# -# Author: Juan Carlos Luciani -# -####################################################################### - -if DEBUG -TARGET_CFG = Debug -CFLAGS += -v -w -else -TARGET_CFG = Release -endif - -SUBDIRS = - -DIST_SUBDIRS = - -ROOT = ../../.. - -CASAINCLUDE = ../../../../CASA/include - -LIBDIR = $(ROOT)/$(LIB) - -# handle Mono secondary dependencies -export MONO_PATH := $(MONO_PATH) - -PLATFORMINDEPENDENTSOURCEDIR = .. -PLATFORMDEPENDENTSOURCEDIR = . - -MODULE_NAME = pam_casaauthtok -MODULE_EXT = so - -CFILES = ../pam_authtoken.c - -CSFILES_CSC := -INCLUDES = -I. -I$(CASAINCLUDE) -I../../../include -RESOURCES = -DEFINES = -Wno-format-extra-args -fno-strict-aliasing - -CFLAGS += $(INCLUDES) $(DEFINES) -LIBS = -lpthread -lpam -lcasa_s_authtoken -LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) -L$(LIBDIR)/$(TARGET_CFG) - -OBJDIR = ./$(TARGET_CFG)/$(LIB) -OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) - -EXTRA_DIST = $(CFILES) - -CUR_DIR := $(shell pwd) - -all: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - -# -# Pattern based rules. -# -vpath %.c $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) -vpath %.cpp $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR) - -$(OBJDIR)/%.o: %.c - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/%.o: %.cpp - $(CC) -c $(CFLAGS) -o $@ $< - -$(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT): $(OBJDIR) $(OBJS) - @echo [======== Linking $@ ========] - $(LINK) -o $@ $(LDFLAGS) $(OBJS) $(LIBS) - cp -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/$(TARGET_CFG)/$(MODULE_NAME).$(MODULE_EXT) - -$(OBJDIR): - [ -d $(OBJDIR) ] || mkdir -p $(OBJDIR) - [ -d $(LIBDIR) ] || mkdir -p $(LIBDIR) - [ -d $(LIBDIR)/$(TARGET_CFG) ] || mkdir -p $(LIBDIR)/$(TARGET_CFG) - -install-exec-local: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - $(mkinstalldirs) $(DESTDIR)$(libdir) - $(INSTALL_PROGRAM) $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(DESTDIR)$(libdir)/ - -uninstall-local: - cd $(DESTDIR)$(libdir); rm -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) - rmdir $(DESTDIR)$(libdir) - -#installcheck-local: install -# $(mkinstalldirs) $(DESTDIR)$(libdir) -# $(INSTALL_PROGRAM) $(DESTDIR)$(libdir) -# cd $(DESTDIR)$(libdir); $(MONO) - -clean-local: -#cd $(TARGET_CFG); rm -rf *.dbg *.exe *.dll *.o *.so; cd ..; rmdir $(OBJDIR) - rm -rf $(TARGET_CFG) - -distclean-local: - -maintainer-clean-local: - rm -f Makefile.in - diff --git a/CASA-auth-token/server/PamSupport/pam_authtoken.c b/CASA-auth-token/server/PamSupport/pam_authtoken.c deleted file mode 100644 index 44f2b296..00000000 --- a/CASA-auth-token/server/PamSupport/pam_authtoken.c +++ /dev/null @@ -1,649 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -#define _GNU_SOURCE - -#include -#include -#include - -#ifndef LINUX -#include -#endif - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_PASSWORD -#define PAM_SM_SESSION - -#include -#include - -#include - -// -// Environment variables set by module -// -static char CasaIdentityIdEnvVar[] = "IdentityId= "; -static char CasaIdentitySourceNameEnvVar[] = "IdentityDataSourceName= "; -static char CasaIdentitySourceUrlEnvVar[] = "IdentityDataSourceUrl= "; - - -/* ************************************************************************ - * LogError() - * - * Logs error to syslog. - * - * L2 - * ************************************************************************/ -static void -LogError(char *pFormatStr, ... ) -{ - va_list args; - - openlog("pam_casaauthtok", LOG_CONS | LOG_NOWAIT | LOG_ODELAY, LOG_USER); - va_start(args, pFormatStr); - vsyslog(LOG_USER | LOG_INFO, pFormatStr, args); - va_end(args); - closelog(); -} - - -/* ************************************************************************ - * pam_sm_authenticate() - * - * Service provider implementation for pam_authenticate(). - * - * This is a PAM authentication management function. - * - * We are going to validate the credentials using the CASA Authentication - * Token Credential APIs. - * - * L2 - * ************************************************************************/ -PAM_EXTERN int -pam_sm_authenticate(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - int retStatus = PAM_SUCCESS; - bool performUsernameCheck = false; - int i; - char *pServicename = NULL; - char *pAuthToken = NULL; - - // Determine if we are supposed to perform the username check - // based on the arguments specified. - for (i = 0; i < argc; i++) - { - if (*(argv[i]) == 'U') - { - // The arguments indicate that we should check the username - performUsernameCheck = true; - - // No need to keep going through the arguments - break; - } - } - - // Get the servicename. - if (pam_get_item(pamh, PAM_SERVICE, (void*) &pServicename) == PAM_SUCCESS - && pServicename != NULL) - { - // We got the service name, now check if it is necessary to perform - // the username check. - if (performUsernameCheck) - { - char *pUsername; - struct pam_response *responses = NULL; - - // Obtain the username so that it can be checked. - // . - // Note that we are not calling pam_get_user() because we - // assume that the service has set it before calling PAM_Authenticate. - if (pam_get_item(pamh, PAM_USER, (void*) &pUsername) == PAM_SUCCESS - && pUsername != NULL) - { - // Check if the username matches the name that we are expecting - if (strcmp(pUsername, "CasaPrincipal") != 0) - { - LogError("Un-expected username, %s", pUsername); - retStatus = PAM_USER_UNKNOWN; - } - } - else - { - struct pam_conv *pConv; - - // The username has not been set, try to obtain it from the - // application through the use of the conversation function. - if (pam_get_item(pamh, PAM_CONV, (void*) &pConv) == PAM_SUCCESS) - { - struct pam_message msg; - struct pam_message *messages = &msg; - - // Obtained the conversation structure, now query the conversation - // function for the username. - msg.msg_style = PAM_PROMPT_ECHO_ON; - if (pConv->conv(1, - (const struct pam_message **) &messages, - &responses, - pConv->appdata_ptr) == PAM_SUCCESS) - { - // Check if we have a successful response - if (responses[0].resp_retcode == PAM_SUCCESS - && responses[0].resp) - { - // Check if the username matches the name that we are expecting - if (strcmp(responses[0].resp, "CasaPrincipal") != 0) - { - LogError("Un-expected username, %s", responses[0].resp); - retStatus = PAM_USER_UNKNOWN; - } - } - else - { - LogError("Username not returned"); - retStatus = PAM_CRED_INSUFFICIENT; - } - } - else - { - LogError("Conversation function error"); - retStatus = PAM_AUTH_ERR; - } - } - else - { - LogError("Unable to obtain conversation structure"); - retStatus = PAM_AUTH_ERR; - } - } - - // Free conversation function response buffers if necessary - if (responses) - { - if (responses[0].resp) - free(responses[0].resp); - free(responses); - } - } - - // Proceed with the authentication token check if we have not encountered any - // problems. - if (retStatus == PAM_SUCCESS) - { - struct pam_response *responses = NULL; - - // Now obtain the authentication token. - if (pam_get_item(pamh, PAM_AUTHTOK, (void*) &pAuthToken) != PAM_SUCCESS - || pAuthToken == NULL) - { - struct pam_conv *pConv; - - // The authentication token has not been set, try to obtain it from the - // application through the use of the conversation function. - if (pam_get_item(pamh, PAM_CONV, (void*) &pConv) == PAM_SUCCESS) - { - struct pam_message msg; - struct pam_message *messages = &msg; - - // Obtained the conversation structure, now query the conversation - // function for the authentication token. - msg.msg_style = PAM_PROMPT_ECHO_OFF; - if (pConv->conv(1, - (const struct pam_message **) &messages, - &responses, - pConv->appdata_ptr) == PAM_SUCCESS) - { - // Check if we have a successful response - if (responses[0].resp_retcode == PAM_SUCCESS - && responses[0].resp) - { - // Set the authentication token with PAM - if (pam_set_item(pamh, PAM_AUTHTOK, responses[0].resp) == PAM_SUCCESS) - { - // Use the buffer returned by the caller as the authentication token - pAuthToken = responses[0].resp; - } - else - { - LogError("Unable to set the authentication token"); - } - } - else - { - LogError("Token not returned"); - } - } - else - { - LogError("Conversation function error"); - } - } - else - { - LogError("Unable to obtain conversation structure"); - } - } - - // Check if we succeeded at obtaining the authentication token - if (pAuthToken) - { - CasaStatus casaStatus; - PrincipalIf *pPrincipalIf; - - // Validate the token - casaStatus = ValidateAuthToken(pServicename, - pAuthToken, - strlen(pAuthToken), - &pPrincipalIf); - if (CASA_SUCCESS(casaStatus)) - { - int buffLen; - - // Assume success - retStatus = PAM_SUCCESS; - - // Associate necessary environment variables with the PAM Handle - buffLen = 0; - casaStatus = pPrincipalIf->getIdentityId(pPrincipalIf, - NULL, - &buffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - char *pBuff; - - // Allocate buffer to contain the Identity Id Environment Variable - pBuff = malloc(sizeof(CasaIdentityIdEnvVar) + buffLen); - if (pBuff) - { - // Start constructing the environment variable - memcpy(pBuff, CasaIdentityIdEnvVar, sizeof(CasaIdentityIdEnvVar) - 1); - - // Read the value into our buffer - if (CASA_SUCCESS(pPrincipalIf->getIdentityId(pPrincipalIf, - pBuff + sizeof(CasaIdentityIdEnvVar) - 1, - &buffLen))) - { - // Now set the environment variable - if (pam_putenv(pamh, pBuff) != PAM_SUCCESS) - { - LogError("Unable to set identity id environment variable"); - retStatus = PAM_SYSTEM_ERR; - } - - // Also set the identity id as the username - if (pam_set_item(pamh, PAM_USER, pBuff + sizeof(CasaIdentityIdEnvVar) - 1) != PAM_SUCCESS) - { - LogError("Error setting the username"); - } - } - else - { - LogError("Unable to obtain identity id"); - retStatus = PAM_SYSTEM_ERR; - } - - // Free allocated buffer - free(pBuff); - } - else - { - LogError("Buffer allocation failure"); - retStatus = PAM_BUF_ERR; - } - } - else - { - LogError("Un-expected error obtaining identity id, %08X", casaStatus); - retStatus = PAM_SYSTEM_ERR; - } - - if (retStatus == PAM_SUCCESS) - { - buffLen = 0; - casaStatus = pPrincipalIf->getSourceName(pPrincipalIf, - NULL, - &buffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - char *pBuff; - - // Allocate buffer to contain the Identity Source Name Environment Variable - pBuff = malloc(sizeof(CasaIdentitySourceNameEnvVar) + buffLen); - if (pBuff) - { - // Start constructing the environment variable - memcpy(pBuff, CasaIdentitySourceNameEnvVar, sizeof(CasaIdentitySourceNameEnvVar) - 1); - - // Read the value into our buffer - if (CASA_SUCCESS(pPrincipalIf->getSourceName(pPrincipalIf, - pBuff + sizeof(CasaIdentitySourceNameEnvVar) - 1, - &buffLen))) - { - // Now set the environment variable - if (pam_putenv(pamh, pBuff) != PAM_SUCCESS) - { - LogError("Unable to set identity source name environment variable"); - retStatus = PAM_SYSTEM_ERR; - } - } - else - { - LogError("Unable to obtain identity source name"); - retStatus = PAM_SYSTEM_ERR; - } - - // Free allocated buffer - free(pBuff); - } - else - { - LogError("Buffer allocation failure"); - retStatus = PAM_BUF_ERR; - } - } - else - { - LogError("Un-expected error obtaining identity source name, %08X", casaStatus); - retStatus = PAM_SYSTEM_ERR; - } - } - - if (retStatus == PAM_SUCCESS) - { - buffLen = 0; - casaStatus = pPrincipalIf->getSourceUrl(pPrincipalIf, - NULL, - &buffLen); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - char *pBuff; - - // Allocate buffer to contain the Identity Source Url Environment Variable - pBuff = malloc(sizeof(CasaIdentitySourceUrlEnvVar) + buffLen); - if (pBuff) - { - // Start constructing the environment variable - memcpy(pBuff, CasaIdentitySourceUrlEnvVar, sizeof(CasaIdentitySourceUrlEnvVar) - 1); - - // Read the value into our buffer - if (CASA_SUCCESS(pPrincipalIf->getSourceUrl(pPrincipalIf, - pBuff + sizeof(CasaIdentitySourceUrlEnvVar) - 1, - &buffLen))) - { - // Now set the environment variable - if (pam_putenv(pamh, pBuff) != PAM_SUCCESS) - { - LogError("Unable to set identity source url environment variable"); - retStatus = PAM_SYSTEM_ERR; - } - } - else - { - LogError("Unable to obtain identity source url"); - retStatus = PAM_SYSTEM_ERR; - } - - // Free allocated buffer - free(pBuff); - } - else - { - LogError("Buffer allocation failure"); - retStatus = PAM_BUF_ERR; - } - } - else - { - LogError("Un-expected error obtaining identity source url, %08X", casaStatus); - retStatus = PAM_SYSTEM_ERR; - } - } - - if (retStatus == PAM_SUCCESS) - { - char *pBuff; - int enumHandle = 0; - int buff2Len; - - while (retStatus == PAM_SUCCESS) - { - // Get attribute lengths - buffLen = buff2Len = 0; - casaStatus = pPrincipalIf->attributeEnumerate(pPrincipalIf, - &enumHandle, - NULL, - &buffLen, - NULL, - &buff2Len); - if (CasaStatusCode(casaStatus) == CASA_STATUS_BUFFER_OVERFLOW) - { - // Allocate buffer to contain the Identity attribute Environment Variable - pBuff = malloc(buffLen + 2 + buff2Len); - if (pBuff) - { - // Read the attribute into our buffer - if (CASA_SUCCESS(pPrincipalIf->attributeEnumerate(pPrincipalIf, - &enumHandle, - pBuff, - &buffLen, - pBuff + buffLen + 1, // This includes the NULL terminator - &buff2Len))) - { - // Finish constructing the environment variable string - *(pBuff + buffLen - 1) = '='; - *(pBuff + buffLen) = ' '; - - // Now set the environment variable - if (pam_putenv(pamh, pBuff) != PAM_SUCCESS) - { - LogError("Unable to set identity attribute environment variable"); - retStatus = PAM_SYSTEM_ERR; - } - } - else - { - LogError("Unable to obtain identity attribute"); - retStatus = PAM_SYSTEM_ERR; - } - - // Free allocated buffer - free(pBuff); - } - else - { - LogError("Buffer allocation failure"); - retStatus = PAM_BUF_ERR; - } - } - else - { - // Check if we are done going through the attributes - if (CasaStatusCode(casaStatus) == CASA_STATUS_NO_MORE_ENTRIES) - { - // Done - break; - } - else - { - LogError("Un-expected error during attribute enumeration, %08X", casaStatus); - retStatus = PAM_SYSTEM_ERR; - } - } - } - } - - // Release the principal interface instance - pPrincipalIf->releaseReference(pPrincipalIf); - } - else - { - LogError("Service %s failed to authenticate with status = %08X", pServicename, casaStatus); - retStatus = PAM_AUTH_ERR; - } - } - else - { - LogError("Unable to obtain authentication token"); - retStatus = PAM_CRED_INSUFFICIENT; - } - - // Free conversation function response buffers if necessary - if (responses) - { - if (responses[0].resp) - free(responses[0].resp); - free(responses); - } - } - } - else - { - LogError("Unable to obtain servicename"); - retStatus = PAM_SYSTEM_ERR; - } - - return retStatus; -} - - -/* ************************************************************************ - * pam_sm_setcred() - * - * Service provider implementation for pam_setcred(). - * - * This is a PAM authentication management function. - * - * This function is here just for completedness and to protect against - * PAM misconfiguration. - * - * ************************************************************************/ -PAM_EXTERN int -pam_sm_setcred(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - - -/* ************************************************************************ - * pam_sm_acct_mgmt() - * - * Service provider implementation for pam_acct_mgmt(). - * - * This is a PAM account management function. - * - * This function is here just for completedness and to protect against - * PAM misconfiguration. - * - * ************************************************************************/ -PAM_EXTERN int -pam_sm_acct_mgmt(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - - -/* ************************************************************************ - * pam_sm_chauthtok() - * - * Service provider implementation for pam_chauthtok(). - * - * This is a PAM password management function. - * - * This function is here just for completedness and to protect against - * PAM misconfiguration. - * - * ************************************************************************/ -PAM_EXTERN int -pam_sm_chauthtok(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - - -/* ************************************************************************ - * pam_sm_open_session() - * - * Service provider implementation for pam_open_session(). - * - * This is a PAM session management function. - * - * This function is here just for completedness and to protect against - * PAM misconfiguration. - * - * ************************************************************************/ -PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - - -/* ************************************************************************ - * pam_sm_close_session() - * - * Service provider implementation for pam_close_session(). - * - * This is a PAM session management function. - * - * This function is here just for completedness and to protect against - * PAM misconfiguration. - * - * ************************************************************************/ -PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - - -/* static module data */ -#ifdef PAM_STATIC -struct pam_module _pam_casa_authtoken_modstruct = { - "pam_casa_authtoken", - pam_sm_authenticate, - pam_sm_setcred, - pam_sm_acct_mgmt, - pam_sm_chauthtok, - pam_sm_open_session, - pam_sm_close_session -}; -#endif - diff --git a/CASA-auth-token/server/PamSupport/test/README b/CASA-auth-token/server/PamSupport/test/README deleted file mode 100644 index 5f975062..00000000 --- a/CASA-auth-token/server/PamSupport/test/README +++ /dev/null @@ -1,32 +0,0 @@ -/*********************************************************************** - * - * README for pamTest - * - ***********************************************************************/ - -INTRODUCTION - -pamTest is a PAM application which tests using CASA authentication tokens -for authentication. - -CONFIGURATION - -Place a copy of file testservice in the /etc/pam.d folder. - -BUILDING APPLICATION - -Execute script: make.sh. - -RUNNING APPLICATION - -Execute the following command: ./pamTest -s testService - - - - - - - - - - diff --git a/CASA-auth-token/server/PamSupport/test/make.sh b/CASA-auth-token/server/PamSupport/test/make.sh deleted file mode 100755 index bb7d2da9..00000000 --- a/CASA-auth-token/server/PamSupport/test/make.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -gcc -o pamTest test.c -g -I"../../.." -I"../../../../include" -DN_PLAT_UNIX -L"../../../lib/Release" -lpam diff --git a/CASA-auth-token/server/PamSupport/test/test.c b/CASA-auth-token/server/PamSupport/test/test.c deleted file mode 100644 index fb1b45b7..00000000 --- a/CASA-auth-token/server/PamSupport/test/test.c +++ /dev/null @@ -1,520 +0,0 @@ -/*********************************************************************** - * - * Copyright (C) 2006 Novell, Inc. All Rights Reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; version 2.1 - * of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Library Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, Novell, Inc. - * - * To contact Novell about this file by physical or electronic mail, - * you may find current contact information at www.novell.com. - * - * Author: Juan Carlos Luciani - * - ***********************************************************************/ - -//===[ Include files ]===================================================== - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -//===[ Type definitions ]================================================== - -typedef struct _AppUserData -{ - char *pUserName; - char *pAuthToken; - -} AppUserData, *PAppUserData; - -// -// DbgTrace macro define -// -#define DbgTrace(LEVEL, X, Y) { \ - if (LEVEL == 0) \ - printf(X, Y); \ - else if (DebugLevel >= LEVEL) \ - printf(X, Y); \ -} - -// -// Socket Mapping definitions -// -#define INVALID_SOCKET -1 -#define SOCKET_ERROR -1 -#define LINGER struct linger -#define SOCKADDR_IN struct sockaddr_in -#define closesocket close - - -//===[ Function prototypes ]=============================================== - -//===[ Global variables ]================================================== - -// Usage string -char usage[] = "\nPamTest: usage: -s serviceName [-D DebugLevel]\n"; - -// Debug Level -int DebugLevel = 3; - -char *pServiceName = NULL; - -//++======================================================================= -int -Converse(int num_msg, - const struct pam_message **msg, - struct pam_response **resp, - void *appdata_ptr) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -//=======================================================================-- -{ - int retStatus = PAM_SUCCESS; - int replies = 0; - struct pam_response *reply = NULL; - AppUserData *pAppUserData = (PAppUserData) appdata_ptr; - - // Initialize output parameters - *resp = NULL; - - // Check input parameters - if (num_msg <= 0 || appdata_ptr == NULL) - return PAM_CONV_ERR; - - // Allocate enough space for the replies - reply = malloc(sizeof(struct pam_response) * num_msg); - if (!reply) - return PAM_CONV_ERR; - - // Zero the reply buffer - memset(reply, 0, sizeof(struct pam_response) * num_msg); - - for (replies = 0; - replies < num_msg && retStatus == PAM_SUCCESS; - replies++) - { - switch (msg[replies]->msg_style) - { - case PAM_PROMPT_ECHO_ON: - - // The caller wants the username - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = malloc(strlen(pAppUserData->pUserName) + 1); - if (reply[replies].resp) - strcpy(reply[replies].resp, pAppUserData->pUserName); - else - { - DbgTrace(0, "Converse- Buffer allocation failure\n", 0); - retStatus = PAM_CONV_ERR; - } - break; - - case PAM_PROMPT_ECHO_OFF: - - // The caller wants the authentication token - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = malloc(strlen(pAppUserData->pAuthToken) + 1); - if (reply[replies].resp) - { - strcpy(reply[replies].resp, pAppUserData->pAuthToken); - } - else - { - DbgTrace(0, "Converse- Buffer allocation failure\n", 0); - retStatus = PAM_CONV_ERR; - } - break; - - case PAM_TEXT_INFO: - case PAM_ERROR_MSG: - - // Just return success - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = NULL; - break; - - default: - - // Un-expected - retStatus = PAM_CONV_ERR; - } - } - - // Proceed based on the status - if (retStatus == PAM_SUCCESS) - { - *resp = reply; - } - else - { - // Free buffers allocated for the reply - for (replies = 0; - replies < num_msg && retStatus == PAM_SUCCESS; - replies++) - { - if (reply[replies].resp != NULL) - free(reply[replies].resp); - } - free(reply); - } - - return retStatus; -} - - -//++======================================================================= -int -ReadLineIntoBuffer(int connSock, char *pBuffer) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -//=======================================================================-- -{ - int i = 0; - char c; - int bytesReceived = 0; - - DbgTrace(2, "ReadLineIntoBuffer- Start\n", 0); - - // Receive the line - while ((bytesReceived = recv(connSock, &c, 1, 0)) == 1) - { - if (c == '\n') - break; - else - { - pBuffer[i] = c; - i ++; - } - } - - // Check for a socket error - if (bytesReceived == 0) - { - DbgTrace(0, "ReadLineIntoBuffer- Socket error\n", 0); - } - - DbgTrace(2, "ReadLineIntoBuffer- End, lineLength = %d\n", i); - - return i; -} - - -//++======================================================================= -void -ProcessConnection(int connSock) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -//=======================================================================-- -{ - char userName[] = "CasaPrincipal"; - char token[4096] = {0}; - char helloString[100] = {0}; - AppUserData appUserData = {userName, token}; - struct pam_conv conv = {Converse, &appUserData}; - pam_handle_t *pamh; - int pam_status; - - DbgTrace(1, "ProcessConnection- Start\n", 0); - - // We have received a connection - printf("\n\nConnection received\n"); - - // Receive the token - if (ReadLineIntoBuffer(connSock, token) == 0) - { - DbgTrace(0, "ProcessConnection- Error receiving token\n", 0); - goto exit; - } - //printf("Token received = %s\n", token); - - // We obtained authentication token credentials to authenticate - // to the service, now verify the credentials using PAM_Authenticate. - // - // Open a PAM Handle - pam_status = pam_start(pServiceName, userName, &conv, &pamh); - if (pam_status == PAM_SUCCESS) - { - // Now authenticate the user - pam_status = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK); - if (pam_status == PAM_SUCCESS) - { - char **pam_envlist; - char **pam_env; - char *pUsername; - - DbgTrace(1, "ProcessConnection- pam_authenticate success\n", 0); - printf("Authentication succeeded\n"); - printf("The DUDE is cool\n"); - - // Get the identity information about the DUDE - - // Notice that the username may have been updated during the authentication process - if (pam_get_item(pamh, PAM_USER, (void*) &pUsername) == PAM_SUCCESS - && pUsername != NULL) - { - printf("The username of the authenticated identity is %s\n", pUsername); - } - else - { - DbgTrace(0, "ProcessConnection- pam_get_item did not return the username\n", 0); - } - - // Show identity information obtained during the authentication process and maintained - // as PAM environment variables. - pam_envlist = pam_getenvlist(pamh); - if (pam_envlist != NULL) - { - // Display the environment variables and free the memory associated - // with them. - for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) - { - printf("%s\n", *pam_env); - free(*pam_env); - } - free(pam_envlist); - } - else - { - DbgTrace(0, "ProcessConnection- pam_getenvlist did not return any data\n", 0); - } - } - else - { - DbgTrace(0, "ProcessConnection- pam_authenticate failure, error = %s\n", pam_strerror(pamh, pam_status)); - printf("The DUDE is a fake\n"); - } - - // Close the PAM Handle - pam_end(pamh, pam_status | PAM_DATA_SILENT); - } - else - { - DbgTrace(0, "ProcessConnection- pam_start failure, status = %08X\n", pam_status); - } - -exit: - - DbgTrace(1, "ProcessConnection- End\n", 0); -} - - -//++======================================================================= -void -ExecuteTests(void) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// Environment: -// -//=======================================================================-- -{ - int connSock; - int listenSock; - struct sockaddr_in localAddr = {0}; - struct sockaddr_in boundAddr = {0}; - struct sockaddr_in remoteAddr = {0}; - struct linger linger_opt = {1, 15}; - int on = 1; - socklen_t addrLen = sizeof(struct sockaddr_in); - - DbgTrace(1, "ExecuteTests- Start\n", 0); - - // Open listen socket - listenSock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (listenSock != INVALID_SOCKET) - { - // Setup the local address structure - localAddr.sin_family = AF_INET; - localAddr.sin_addr.s_addr = htonl(INADDR_ANY); - - // Set the SO_REUSEADDR option on the socket to avoid - // problems in case of a re-start. - setsockopt(listenSock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); - - // Bind socket - if (!bind(listenSock, (const struct sockaddr*) &localAddr, sizeof(struct sockaddr_in))) - { - // Display the local address information - if (getsockname(listenSock, - (struct sockaddr*) &boundAddr, - &addrLen) != SOCKET_ERROR) - { - printf("Listen port = %d\n", boundAddr.sin_port); - - // Now start linstening for connections - if (listen(listenSock, SOMAXCONN) != SOCKET_ERROR) - { - // Loop accepting connections - while (1) - { - addrLen = sizeof(remoteAddr); - connSock = accept(listenSock, - (struct sockaddr*) &remoteAddr, - &addrLen); - if (connSock != INVALID_SOCKET) - { - ProcessConnection(connSock); - - // Close the connection socket - closesocket(connSock); - } - else - { - DbgTrace(0, "ExecuteTests- - Accept failed, error = %08X\n", errno); - break; - } - } - } - else - { - DbgTrace(0, "ExecuteTests- Unable to start listening, error = %d", errno); - } - } - else - { - DbgTrace(0, "ExecuteTests- Unable to obtain local address information, error = %d", errno); - } - } - else - { - DbgTrace(0, "ExecuteTests- Unable to bind socket, error = %d", errno); - } - - // Close the listen socket - closesocket(listenSock); - } - else - { - DbgTrace(0, "ExecuteTests- Unable to open socket, error = %d\n", errno); - } - - DbgTrace(1, "ExecuteTests- End\n", 0); -} - - -//++======================================================================= -int -main( - int argc, - char* argv[]) -// -// Arguments: -// -// Returns: -// -// Abstract: -// -// Notes: -// -// L2 -//=======================================================================-- -{ - int optionsSpecified = 0; - bool doneScanning = false; - bool invalidOption = false; - int option; - - printf("**** server auth_token test ****\n"); - - // Scan through the options specified - while (!doneScanning) - { - opterr = 0; - option = getopt(argc, argv, "s:D:"); - - // Proceed based on the result - switch (option) - { - case 'D': - // Set the debug level - printf("DebugLevel = %s\n", optarg); - DebugLevel = atoi(optarg); - optionsSpecified++; - break; - - case 's': - // Set the service name - printf("Service name = %s\n", optarg); - pServiceName = optarg; - optionsSpecified++; - break; - - case '?': - // Invalid option detected - doneScanning = true; - invalidOption = true; - break; - - default: - // Done scanning - doneScanning = true; - break; - } - } - - // Do some sanity checking - if (!invalidOption - && pServiceName != NULL) - { - ExecuteTests(); - } - else - { - // Invalid option detected - printf(usage, argv[0]); - } - - return 0; - -} /*-- main() --*/ - diff --git a/CASA-auth-token/server/PamSupport/test/testservice b/CASA-auth-token/server/PamSupport/test/testservice deleted file mode 100644 index 452e1efb..00000000 --- a/CASA-auth-token/server/PamSupport/test/testservice +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth required pam_casaauthtok.so U -account required pam_casaauthtok.so -password required pam_casaauthtok.so -session required pam_casaauthtok.so -