geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Continuing project split changes.

Browse Source
This commit is contained in:
Juan Carlos Luciani
2006-07-27 18:21:27 +00:00
parent f5ae5315f2
commit 654de007a2
170 changed files with 0 additions and 31776 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
CASA-auth-token/server/AuthTokenValidate/Makefile.am
View File

@@ -1,37 +0,0 @@
#######################################################################
#
# Copyright (C) 2006 Novell, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# Author: Juan Carlos Luciani <jluciani@novell.com>
#
#######################################################################
SUBDIRS = $(TARGET_OS) idenTokenProviders
DIST_SUBDIRS = linux idenTokenProviders
CFILES =
EXTRA_DIST = $(CFILES) *.h
.PHONY: package package-clean package-install package-uninstall
package package-clean package-install package-uninstall:
$(MAKE) -C $(TARGET_OS) $@
maintainer-clean-local:
rm -f Makefile.in

77
CASA-auth-token/server/AuthTokenValidate/README
View File

@@ -1,77 +0,0 @@
/***********************************************************************
*
* README for libcasa_s_authtoken
*
***********************************************************************/
INTRODUCTION
libcasa_s_authtoken provides an API for the validation of CASA Authentication Tokens.
The API provides a means for obtaining identity information about authenticated
entities.
Applications should avoid calling directly into this library's APIs. Instead, applications
should code to the PAM API to validate authentication credentials or allow an external
module to perform the credential validation. To facilitate this, CASA Authentication
provides PAM, Apache, and JAAS modules that can be used to validate credentials containing
CASA Authentication tokens,
CONFIGURING TRUSTED AUTHENTICATION TOKEN SERVICES
tbd. Add info about the installation of public certificates and trusted certificate authorities.
CONFIGURING ADDITIONAL IDENTITY TOKEN PROVIDER MODULES
CASA Authentication Tokens contain Identity Tokens. The Identity Tokens contain the identity
information about the entity being authenticated. Identity Tokens can be of different types,
the type utilized for use with a particular service is configured at the time that the service
is configured for CASA Authentication. The default identity token type is CasaIdentityToken.
libcasa_s_authtoken supports different identity token types through an API that allows for the
configuration of different Identity Token Provider plug-ins. An Identity Token Provider plug-in
is configured by placing a configuration file for the plug-ins in the
/etc/opt/CASA/authtoken.d/modules.d folder. The name of the plug-in configuration file is related
to the identity token type in the following manner: IdentityTokenTypeName.conf.
Identity Token Provider plug-in configuration files must must contain a directive indicating the
path to the library implementing the Identity Token Provider plug-in (See the configuration file
for the CasaIdentityToken plug-in for an example).
SERVER APPLICATION PROGRAMMING NOTES
The Validate CASA Authentication Token API is defined in casa_s_authtoken.h.
The API consists of a call to validate authentication tokens. The caller must supply a service
name which must match the service name provided by the client when requesting the authentication
token. Successful calls to the validate authentication token API will return a handle to a principal
interface object. The principal interface object handle can be used to obtain identity information
about the authenticated entity as well as information about the authentication realm. The principal
interface object must be released after it is no longer needed. The amount and type of identity
information associated with the principal interface is dependent on what is configured at the
time that the service is enabled for CASA Authentication.
For examples of code which uses the Validate CASA Authentication Token API look at the implementations
of the CASA Authentication PAM module and the CASA Authentication Provider Apache module.
IDENTITY TOKEN PROVIDER PROGRAMMING NOTES
The Identity Token Provider API is defined in iden_token_provider.h.
For an example see the implementation of the CASA Identity Token Provider.
SECURITY CONSIDERATIONS
CASA Authentication Tokens when compromised can be used to either impersonate
a user or to obtain identity information about the user. Because of this it is
important that the tokens be secured by applications making use of them. It is
recommended that the tokens be transmitted using SSL.

15
CASA-auth-token/server/AuthTokenValidate/TODO
View File

@@ -1,15 +0,0 @@
/***********************************************************************
*
* TODO for libcasa_s_authtoken
*
***********************************************************************/
INTRODUCTION
This file contains a list of the items still outstanding for libcasa_s_authtoken.
OUTSTANDING ITEMS
- Change AuthTokens to be SOAP messages secured with WS-Security and WS-Trust.
- Implement CheckAuthToken().
- Finish README documentation.

693
CASA-auth-token/server/AuthTokenValidate/authtoken.c
View File

@@ -1,693 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Parse states
//
#define AWAITING_ROOT_ELEMENT_START 0x0
#define AWAITING_ROOT_ELEMENT_END 0x1
#define AWAITING_SIGNATURE_DATA 0x2
#define AWAITING_SIGNATURE_ELEMENT_START 0x3
#define AWAITING_SIGNATURE_ELEMENT_END 0x4
#define AWAITING_LIFETIME_DATA 0x5
#define AWAITING_LIFETIME_ELEMENT_START 0x6
#define AWAITING_LIFETIME_ELEMENT_END 0x7
#define AWAITING_IDENT_TOKEN_ELEMENT_START 0x8
#define AWAITING_IDENT_TOKEN_ELEMENT_END 0x9
#define AWAITING_IDENT_TOKEN_DATA 0xA
#define AWAITING_TYPE_ELEMENT_START 0xB
#define AWAITING_TYPE_ELEMENT_END 0xC
#define AWAITING_TYPE_DATA 0xD
#define DONE_PARSING 0xE
//
// Authentication Token Parse Structure
//
typedef struct _AuthTokenParse
{
XML_Parser p;
int state;
int elementDataProcessed;
AuthToken *pAuthToken;
CasaStatus status;
} AuthTokenParse, *PAuthTokenParse;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//++=======================================================================
static
void XMLCALL
AuthTokenStartElementHandler(
IN void *pUserData,
IN const XML_Char *name,
IN const XML_Char **atts)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData;
DbgTrace(2, "-AuthTokenStartElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthTokenParse->state)
{
case AWAITING_ROOT_ELEMENT_START:
// In this state, we are only expecting the Authentication
// Response Element.
if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_SIGNATURE_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_SIGNATURE_ELEMENT_START:
// In this state, we are only expecting the Signature Element.
if (strcmp(name, SIGNATURE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_SIGNATURE_DATA;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_LIFETIME_ELEMENT_START:
// In this state, we are only expecting the Lifetime Element.
if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_LIFETIME_DATA;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_IDENT_TOKEN_ELEMENT_START:
// In this state, we are only expecting the Identity Token Element.
if (strcmp(name, IDENTITY_TOKEN_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_TYPE_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_TYPE_ELEMENT_START:
// In this state, we are only expecting the Type Element.
if (strcmp(name, TYPE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_TYPE_DATA;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
default:
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected state = %d\n", pAuthTokenParse->state);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthTokenStartElementHandler- End\n", 0);
}
//++=======================================================================
static
CasaStatus
ConsumeElementData(
IN AuthTokenParse *pAuthTokenParse,
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(3, "-ConsumeElementData- Start\n", 0);
// Proceed based on whether or not we have already consumed data
// for this element.
if (*ppElementData == NULL)
{
// We have not yet consumed data for this element
pAuthTokenParse->elementDataProcessed = len;
// Allocate a buffer to hold this element data (null terminated).
*ppElementData = (char*) malloc(len + 1);
if (*ppElementData)
{
memset(*ppElementData, 0, len + 1);
memcpy(*ppElementData, s, len);
// Return the length of the element data buffer
*pElementDataLen = pAuthTokenParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthTokenParse->elementDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pAuthTokenParse->elementDataProcessed + len + 1);
memcpy(pNewBuf,
*ppElementData,
pAuthTokenParse->elementDataProcessed);
memcpy(pNewBuf + pAuthTokenParse->elementDataProcessed, s, len);
pAuthTokenParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
*pElementDataLen = pAuthTokenParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
void XMLCALL
AuthTokenCharDataHandler(
IN void *pUserData,
IN const XML_Char *s,
IN int len)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData;
DbgTrace(2, "-AuthTokenCharDataHandler- Start\n", 0);
// Just exit if being called to process LF and CR characters
if (len == 1
&& ((*s == '\n') || (*s == '\r')))
{
goto exit;
}
// Proceed based on the state
switch (pAuthTokenParse->state)
{
case AWAITING_SIGNATURE_DATA:
case AWAITING_SIGNATURE_ELEMENT_END:
pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse,
s,
len,
&pAuthTokenParse->pAuthToken->pSignature,
&pAuthTokenParse->pAuthToken->signatureLen);
if (CASA_SUCCESS(pAuthTokenParse->status))
{
// Advanced to the next state
pAuthTokenParse->state = AWAITING_SIGNATURE_ELEMENT_END;
}
else
{
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_LIFETIME_DATA:
case AWAITING_LIFETIME_ELEMENT_END:
// Convert the lifetime string to a numeric value
pAuthTokenParse->pAuthToken->tokenLifetime = dtoul((char*) s, len);
// Advanced to the next state
pAuthTokenParse->state = AWAITING_LIFETIME_ELEMENT_END;
break;
case AWAITING_TYPE_DATA:
case AWAITING_TYPE_ELEMENT_END:
pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse,
s,
len,
&pAuthTokenParse->pAuthToken->pIdenTokenType,
&pAuthTokenParse->pAuthToken->idenTokenTypeLen);
if (CASA_SUCCESS(pAuthTokenParse->status))
{
// Advanced to the next state
pAuthTokenParse->state = AWAITING_TYPE_ELEMENT_END;
}
else
{
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_IDENT_TOKEN_DATA:
case AWAITING_IDENT_TOKEN_ELEMENT_END:
pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse,
s,
len,
&pAuthTokenParse->pAuthToken->pIdenToken,
&pAuthTokenParse->pAuthToken->idenTokenLen);
if (CASA_SUCCESS(pAuthTokenParse->status))
{
// Advanced to the next state
pAuthTokenParse->state = AWAITING_IDENT_TOKEN_ELEMENT_END;
}
else
{
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
default:
DbgTrace(0, "-AuthTokenCharDataHandler- Un-expected state = %d\n", pAuthTokenParse->state);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
break;
}
exit:
DbgTrace(2, "-AuthTokenCharDataHandler- End\n", 0);
}
//++=======================================================================
static
void XMLCALL
AuthTokenEndElementHandler(
IN void *pUserData,
IN const XML_Char *name)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData;
DbgTrace(2, "-AuthTokenEndElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthTokenParse->state)
{
case AWAITING_ROOT_ELEMENT_END:
// In this state, we are only expecting the Authentication
// Token Element.
if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0)
{
// Done.
pAuthTokenParse->state = DONE_PARSING;
}
else
{
DbgTrace(0, "-AuthTokenEndHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_SIGNATURE_ELEMENT_END:
// In this state, we are only expecting the Signature Element.
if (strcmp(name, SIGNATURE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_LIFETIME_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_LIFETIME_ELEMENT_END:
// In this state, we are only expecting the Lifetime Element.
if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_IDENT_TOKEN_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_TYPE_ELEMENT_END:
// In this state, we are only expecting the Type Element.
if (strcmp(name, TYPE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_IDENT_TOKEN_DATA;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_IDENT_TOKEN_ELEMENT_END:
// In this state, we are only expecting the Identity Token Element.
if (strcmp(name, IDENTITY_TOKEN_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_ROOT_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
default:
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected state = %d\n", pAuthTokenParse->state);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthTokenEndElementHandler- End\n", 0);
}
//++=======================================================================
CasaStatus
CreateAuthToken(
IN char *pTokenBuf,
IN int tokenBufLen,
INOUT AuthToken **ppAuthToken)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
AuthTokenParse authTokenParse = {0};
AuthToken *pAuthToken;
DbgTrace(1, "-CreateAuthToken- Start\n", 0);
/*
* Authentication tokens have the following format:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
* <auth_token>
* <signature>signature value</signature>
* <lifetime>lifetime value</lifetime>
* <ident_token><type>identity token type</type>identity token data</ident_token>
* </auth_token>
*
*/
// Allocate AuthToken object
pAuthToken = malloc(sizeof(*pAuthToken));
if (pAuthToken)
{
XML_Parser p;
// Initialize the AuthToken object and set it in the
// authentication response parse object.
memset(pAuthToken, 0, sizeof(*pAuthToken));
authTokenParse.pAuthToken = pAuthToken;
// Create parser
p = XML_ParserCreate(NULL);
if (p)
{
// Keep track of the parser in our parse object
authTokenParse.p = p;
// Initialize the status within the parse object
authTokenParse.status = CASA_STATUS_SUCCESS;
// Set the start and end element handlers
XML_SetElementHandler(p,
AuthTokenStartElementHandler,
AuthTokenEndElementHandler);
// Set the character data handler
XML_SetCharacterDataHandler(p, AuthTokenCharDataHandler);
// Set our user data
XML_SetUserData(p, &authTokenParse);
// Parse the document
if (XML_Parse(p, pTokenBuf, tokenBufLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (authTokenParse.state == DONE_PARSING)
{
// The parse operation succeded.
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-CreateAuthToken- Parse operation did not complete\n", 0);
// Check if a status has been recorded
if (authTokenParse.status != CASA_STATUS_SUCCESS)
{
retStatus = authTokenParse.status;
}
else
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
}
}
else
{
DbgTrace(0, "-CreateAuthToken- Parse error %d\n", XML_GetErrorCode(p));
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
// Free the parser
XML_ParserFree(p);
}
else
{
DbgTrace(0, "-CreateAuthToken- Parser creation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the AuthenticationResp object to the caller if necessary
if (CASA_SUCCESS(retStatus))
{
*ppAuthToken = pAuthToken;
}
else
{
free(pAuthToken);
}
}
else
{
DbgTrace(0, "-CreateAuthToken- Memory allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(1, "-CreateAuthToken- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
RelAuthToken(
IN AuthToken *pAuthToken)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(1, "-RelAuthToken- Start\n", 0);
// Free the resources associated with the object
if (pAuthToken->pSignature)
free(pAuthToken->pSignature);
if (pAuthToken->pIdenTokenType)
free(pAuthToken->pIdenTokenType);
if (pAuthToken->pIdenToken)
free(pAuthToken->pIdenToken);
free(pAuthToken);
DbgTrace(1, "-RelAuthToken- End\n", 0);
}
//++=======================================================================
CasaStatus
CheckAuthToken(
IN AuthToken *pAuthToken,
IN const char *pServiceName)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(1, "-CheckuthToken- Start\n", 0);
// tbd
DbgTrace(1, "-CheckAuthToken- End, retStatus = %08X\n", retStatus);
return retStatus;
}

764
CASA-auth-token/server/AuthTokenValidate/config.c
View File

@@ -1,764 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Config Key object
//
typedef struct _ConfigKey
{
LIST_ENTRY listEntry;
char *pKeyName;
int keyNameLen;
char *pValue;
int valueLen;
} ConfigKey, *pConfigKey;
//
// Config Interface instance data
//
typedef struct _ConfigIfInstance
{
LIST_ENTRY listEntry;
int refCount;
char *pConfigFolder;
int configFolderLen;
char *pConfigName;
int configNameLen;
LIST_ENTRY configKeyListHead;
ConfigIf configIf;
} ConfigIfInstance, *PConfigIfInstance;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// ConfigIf variables
static
LIST_ENTRY g_configIfListHead = {&g_configIfListHead, &g_configIfListHead};
static
int g_numConfigIfObjs = 0;
// Synchronization mutex
static
HANDLE g_configIfMutex = NULL;
//++=======================================================================
static
void
RemoveWhiteSpaceFromTheEnd(
IN const char *pInString)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
char *pLineEnd = (char*) pInString + strlen(pInString) - 1;
DbgTrace(3, "-RemoveWhiteSpaceFromTheEnd- Start\n", 0);
while (pLineEnd != pInString)
{
if (*pLineEnd == '\n'
|| *pLineEnd == ' '
|| *pLineEnd == '\t')
{
// Strike this character
*pLineEnd = '\0';
pLineEnd --;
}
else
{
// Found a non-white character
break;
}
}
DbgTrace(3, "-RemoveWhiteSpaceFromTheEnd- End\n", 0);
}
//++=======================================================================
static
char*
SkipWhiteSpace(
IN const char *pInString)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
char *pOutString = (char*) pInString;
DbgTrace(3, "-SkipWhiteSpace- Start\n", 0);
while (*pOutString != '\0')
{
if (*pOutString == '\n'
|| *pOutString == ' '
|| *pOutString == '\t')
{
// Skip this character
pOutString ++;
}
else
{
// Found a non-white character
break;
}
}
DbgTrace(3, "-SkipWhiteSpace- End\n", 0);
return pOutString;
}
//++=======================================================================
static
char*
SkipNonWhiteSpace(
IN const char *pInString)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
char *pOutString = (char*) pInString;
DbgTrace(3, "-SkipNonWhiteSpace- Start\n", 0);
while (*pOutString != '\0')
{
if (*pOutString == '\n'
|| *pOutString == ' '
|| *pOutString == '\t')
{
// Found a white character
break;
}
else
{
// Skip this character
pOutString ++;
}
}
DbgTrace(3, "-SkipNonWhiteSpace- End\n", 0);
return pOutString;
}
//++=======================================================================
static
void
LowerCaseString(
IN char *pDestString,
IN const char *pSrcString)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
int i;
DbgTrace(3, "-LowerCaseString- Start\n", 0);
// Copy the string as lower case
for (i = 0; pSrcString[i] != '\0'; i++)
{
if (isalpha(pSrcString[i]))
pDestString[i] = tolower(pSrcString[i]);
else
pDestString[i] = pSrcString[i];
}
// Null terminate the destination string
pDestString[i] = '\0';
DbgTrace(3, "-LowerCaseString- End\n", 0);
}
//++=======================================================================
static
int SSCS_CALL
AddReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//
// L2
//=======================================================================--
{
int refCount;
ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf);
DbgTrace(2, "-AddReference- Start\n", 0);
// Increment the reference count on the object
PlatAcquireMutex(g_configIfMutex);
pConfigIfInstance->refCount ++;
refCount = pConfigIfInstance->refCount;
PlatReleaseMutex(g_configIfMutex);
DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount);
return refCount;
}
//++=======================================================================
static
void SSCS_CALL
ReleaseReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//
// L2
//=======================================================================--
{
bool freeObj = false;
ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf);
DbgTrace(2, "-ReleaseReference- Start\n", 0);
// Decrement the reference count on the object and determine if it needs to
// be released.
PlatAcquireMutex(g_configIfMutex);
pConfigIfInstance->refCount --;
if (pConfigIfInstance->refCount == 0)
{
// The object needs to be released, forget about it.
freeObj = true;
g_numConfigIfObjs --;
RemoveEntryList(&pConfigIfInstance->listEntry);
}
PlatReleaseMutex(g_configIfMutex);
// Free object if necessary
if (freeObj)
{
// Free all of the config key objects associated with this configuration
// interface instance.
while (!IsListEmpty(&pConfigIfInstance->configKeyListHead))
{
LIST_ENTRY *pListEntry;
ConfigKey *pConfigKey;
// Get reference to entry at the head of the list
pListEntry = pConfigIfInstance->configKeyListHead.Flink;
pConfigKey = CONTAINING_RECORD(pListEntry, ConfigKey, listEntry);
// Free the buffers associated with the ConfigKey
free(pConfigKey->pKeyName);
free(pConfigKey->pValue);
// Remove the entry from the list
RemoveEntryList(&pConfigKey->listEntry);
// Finish freeing the ConfigKey
free(pConfigKey);
}
// Free the rest of the buffers associated with the interface instance data
free(pConfigIfInstance->pConfigFolder);
free(pConfigIfInstance->pConfigName);
free(pConfigIfInstance);
}
DbgTrace(2, "-ReleaseReference- End\n", 0);
}
//++=======================================================================
static
char* SSCS_CALL
GetEntryValue(
IN const void *pIfInstance,
IN const char *pKeyName)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pKeyName -
// Pointer to NULL terminated string that contains the
// name of the key whose value is being requested.
//
// Returns:
// Pointer to NULL terminated string with value being requested or NULL.
//
// Description:
// Gets value associated with a key for the configuration object.
//
// L2
//=======================================================================--
{
ConfigIfInstance *pConfigIfInstance = CONTAINING_RECORD(pIfInstance, ConfigIfInstance, configIf);
char *pValue = NULL;
LIST_ENTRY *pListEntry;
ConfigKey *pConfigKey;
int keyNameLen = strlen(pKeyName);
char *pKeyNameLowercase;
DbgTrace(2, "-GetEntryValue- Start\n", 0);
// Allocate enough space to hold lower case version of the key name
pKeyNameLowercase = malloc(keyNameLen + 1);
if (pKeyNameLowercase)
{
// Lower case the key name
LowerCaseString(pKeyNameLowercase, pKeyName);
// Try to find matching ConfigKey
pListEntry = pConfigIfInstance->configKeyListHead.Flink;
while (pListEntry != &pConfigIfInstance->configKeyListHead)
{
// Get pointer to the current entry
pConfigKey = CONTAINING_RECORD(pListEntry, ConfigKey, listEntry);
// Check if we have a match
if (pConfigKey->keyNameLen == keyNameLen
&& memcmp(pKeyNameLowercase, pConfigKey->pKeyName, keyNameLen) == 0)
{
// We found it, return its value.
pValue = malloc(pConfigKey->valueLen + 1);
if (pValue)
{
strcpy(pValue, pConfigKey->pValue);
}
else
{
DbgTrace(0, "-GetEntryValue- Buffer allocation failure\n", 0);
}
break;
}
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
// Free the lower case version of the key name
free(pKeyNameLowercase);
}
else
{
DbgTrace(0, "-GetEntryValue- Buffer allocation failure\n", 0);
}
DbgTrace(2, "-GetEntryValue- End, pValue = %08X\n", (unsigned int) pValue);
return pValue;
}
//++=======================================================================
CasaStatus
GetConfigInterface(
IN const char *pConfigFolder,
IN const char *pConfigName,
INOUT ConfigIf **ppConfigIf)
//
// Arguments:
// pConfigFolder -
// Pointer to NULL terminated string that contains the name of
// the folder containing the configuration file.
//
// pConfigName -
// Pointer to NULL terminated string containing the name of the
// configuration entry.
//
// ppConfigIf -
// Pointer to variable that will receive pointer to ConfigIf
// instance.
//
// Returns:
// Casa Status
//
// Description:
// Get configuration interface to specified configuration entry.
//
// L2
//=======================================================================--
{
int configFolderLen = strlen(pConfigFolder);
int configNameLen = strlen(pConfigName);
ConfigIfInstance *pConfigIfInstance;
LIST_ENTRY *pListEntry;
CasaStatus retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_OBJECT_NOT_FOUND);
DbgTrace(2, "-GetConfigInterface- Start\n", 0);
PlatAcquireMutex(g_configIfMutex);
// Check if we already have an entry in our list for the configuration
pListEntry = g_configIfListHead.Flink;
while (pListEntry != &g_configIfListHead)
{
// Get pointer to the current entry
pConfigIfInstance = CONTAINING_RECORD(pListEntry, ConfigIfInstance, listEntry);
// Check if we have a match
if (pConfigIfInstance->configFolderLen == configFolderLen
&& pConfigIfInstance->configNameLen == configNameLen
&& memcmp(pConfigFolder, pConfigIfInstance->pConfigFolder, configFolderLen) == 0
&& memcmp(pConfigName, pConfigIfInstance->pConfigName, configNameLen) == 0)
{
// We found it, return the ConfigIf associated with the instance data
// after incrementing its reference count.
pConfigIfInstance->refCount ++;
*ppConfigIf = &pConfigIfInstance->configIf;
// Success
retStatus = CASA_STATUS_SUCCESS;
break;
}
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
// Proceed to create interface instance data for the configuration if none was found
if (retStatus != CASA_STATUS_SUCCESS)
{
char *pFilePath;
// Build a string containing the configuration file path
pFilePath = malloc(configFolderLen + 1 + configNameLen + sizeof(".conf"));
if (pFilePath)
{
FILE *pConfigFile;
strcpy(pFilePath, pConfigFolder);
strcat(pFilePath, "/");
strcat(pFilePath, pConfigName);
strcat(pFilePath, ".conf");
// Open the configuration file for reading
pConfigFile = fopen(pFilePath, "r");
if (pConfigFile)
{
// Opened the file, create a ConfigIfInstance object for it.
pConfigIfInstance = malloc(sizeof(*pConfigIfInstance));
if (pConfigIfInstance)
{
// Initialize the list head within the instance data
InitializeListHead(&pConfigIfInstance->configKeyListHead);
// Initialize the ConfigIf within the instance data
pConfigIfInstance->configIf.addReference = AddReference;
pConfigIfInstance->configIf.releaseReference = ReleaseReference;
pConfigIfInstance->configIf.getEntryValue = GetEntryValue;
// Save the ConfigFolder and ConfigName information within the instance data
pConfigIfInstance->pConfigFolder = malloc(configFolderLen + 1);
if (pConfigIfInstance->pConfigFolder)
{
strcpy(pConfigIfInstance->pConfigFolder, pConfigFolder);
pConfigIfInstance->configFolderLen = configFolderLen;
pConfigIfInstance->pConfigName = malloc(configNameLen + 1);
if (pConfigIfInstance->pConfigName)
{
strcpy(pConfigIfInstance->pConfigName, pConfigName);
pConfigIfInstance->configNameLen = configNameLen;
// Add the instance data into our list and bump up its reference count
// since we did that.
InsertTailList(&g_configIfListHead, &pConfigIfInstance->listEntry);
pConfigIfInstance->refCount = 1;
// At this point we want to return success to the caller even if we
// experience a read error.
retStatus = CASA_STATUS_SUCCESS;
// Return the ConfigIf associated with the instance data after
// incrementing its reference count.
pConfigIfInstance->refCount ++;
*ppConfigIf = &pConfigIfInstance->configIf;
// Now update the instance data with the information present in the file
if (fseek(pConfigFile, 0, SEEK_SET) == 0)
{
char line[512];
while (fgets(line, sizeof(line), pConfigFile) != NULL)
{
int lineLength;
RemoveWhiteSpaceFromTheEnd(line);
lineLength = strlen(line);
if (lineLength != 0)
{
char *pKey;
char *pKeyEnd;
char *pValue;
ConfigKey *pConfigKey;
// Attempt to find the key
pKey = SkipWhiteSpace(line);
// Make sure that we are not dealing with an empty line or a comment
if (*pKey == '\0' || *pKey == '#')
continue;
// Go past the key
pKeyEnd = SkipNonWhiteSpace(pKey);
// Protect against a malformed line
if (*pKeyEnd == '\0')
{
DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0);
continue;
}
// Attempt to find the value
pValue = SkipWhiteSpace(pKeyEnd);
// Protect against a malformed line
if (*pValue == '\0')
{
DbgTrace(0, "-GetConfigInterface- Key found without value\n", 0);
continue;
}
// Delineate the key
*pKeyEnd = '\0';
// Create a ConfigKey object for this key/value pair
pConfigKey = malloc(sizeof(*pConfigKey));
if (pConfigKey)
{
pConfigKey->keyNameLen = strlen(pKey);
pConfigKey->pKeyName = malloc(pConfigKey->keyNameLen + 1);
if (pConfigKey->pKeyName)
{
// Save the key name in lower case
LowerCaseString(pConfigKey->pKeyName, pKey);
pConfigKey->valueLen = strlen(pValue);
pConfigKey->pValue = malloc(pConfigKey->valueLen + 1);
if (pConfigKey->pValue)
{
strcpy(pConfigKey->pValue, pValue);
// The entry is ready, now associate it with the instance data.
InsertTailList(&pConfigIfInstance->configKeyListHead, &pConfigKey->listEntry);
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
free(pConfigKey->pKeyName);
free(pConfigKey);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
free(pConfigKey);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
}
}
}
}
else
{
DbgTrace(0, "-GetConfigInterface- File seek error, errno = %d\n", errno);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
// Free the buffers associated with the instance data
free(pConfigIfInstance->pConfigFolder);
free(pConfigIfInstance);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
// Free the buffer allocated for the instance data
free(pConfigIfInstance);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation failure\n", 0);
}
// Close the file
fclose(pConfigFile);
}
else
{
DbgTrace(1, "-GetConfigInterface- Unable to open config file, errno = %d\n", errno);
}
}
else
{
DbgTrace(0, "-GetConfigInterface- Buffer allocation error\n", 0);
}
}
PlatReleaseMutex(g_configIfMutex);
DbgTrace(2, "-GetConfigInterface- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
ConfigIfInit(void)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Initializes the configuration interface complex.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
DbgTrace(1, "-ConfigIfInit- Start\n", 0);
// Allocate mutex
if ((g_configIfMutex = PlatAllocMutex()) != NULL)
retStatus = CASA_STATUS_SUCCESS;
else
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
DbgTrace(1, "-ConfigIfInit- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
ConfigIfUninit(void)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Uninitializes the configuration interface complex.
//
// L2
//=======================================================================--
{
DbgTrace(1, "-ConfigIfUninit- Start\n", 0);
// Free mutex if necessary
if (g_configIfMutex)
{
PlatDestroyMutex(g_configIfMutex);
g_configIfMutex = NULL;
}
DbgTrace(1, "-ConfigIfUninit- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

120
CASA-auth-token/server/AuthTokenValidate/config_if.h
View File

@@ -1,120 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _CONFIG_IF_H_
#define _CONFIG_IF_H_
//===[ Include files ]=====================================================
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
/**************************************************************************
***************************************************************************
** **
** Configuration Object Interface Definitions **
** **
***************************************************************************
**************************************************************************/
//++=======================================================================
typedef
int
(SSCS_CALL *PFNConfiglIf_AddReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//=======================================================================--
//++=======================================================================
typedef
void
(SSCS_CALL *PFNConfiglIf_ReleaseReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//=======================================================================--
//++=======================================================================
typedef
char*
(SSCS_CALL *PFNConfiglIf_GetEntryValue)(
IN const void *pIfInstance,
IN const char *pKeyName);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pKeyName -
// Pointer to NULL terminated string that contains the
// name of the key whose value is being requested.
//
// Returns:
// Pointer to NULL terminated string with value being requested or NULL.
//
// Description:
// Gets value associated with a key for the configuration object.
//=======================================================================--
//
// Config Interface Object
//
typedef struct _ConfigIf
{
PFNConfiglIf_AddReference addReference;
PFNConfiglIf_ReleaseReference releaseReference;
PFNConfiglIf_GetEntryValue getEntryValue;
} ConfigIf, *PConfigIf;
#endif // #ifndef _CONFIG_IF_H_

37
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/Makefile.am
View File

@@ -1,37 +0,0 @@
#######################################################################
#
# Copyright (C) 2006 Novell, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# Author: Juan Carlos Luciani <jluciani@novell.com>
#
#######################################################################
SUBDIRS = casa
DIST_SUBDIRS = casa
CFILES =
EXTRA_DIST = $(CFILES)
.PHONY: package package-clean package-install package-uninstall
package package-clean package-install package-uninstall:
$(MAKE) -C $(TARGET_OS) $@
maintainer-clean-local:
rm -f Makefile.in

37
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/Makefile.am
View File

@@ -1,37 +0,0 @@
#######################################################################
#
# Copyright (C) 2006 Novell, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# Author: Juan Carlos Luciani <jluciani@novell.com>
#
#######################################################################
SUBDIRS = $(TARGET_OS)
DIST_SUBDIRS = linux
CFILES =
EXTRA_DIST = $(CFILES) *.h
.PHONY: package package-clean package-install package-uninstall
package package-clean package-install package-uninstall:
$(MAKE) -C $(TARGET_OS) $@
maintainer-clean-local:
rm -f Makefile.in

39
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/README
View File

@@ -1,39 +0,0 @@
/***********************************************************************
*
* README for casa_identoken
*
***********************************************************************/
INTRODUCTION
casa_identoken is the Identity Token Provider plug-in for tokens of type
CasaIdentityToken. This are the default identity tokens utilized by CASA
Authentication.
CONFIGURATION
The path to the casa_identoken plug-in is configured by placing the file
CasaIdentityToken.conf in the /etc/opt/CASA/authtoken.d/modules.d folder.
PROGRAMMING NOTES
This module does not provide APIs to components outside of the CASA
Authentication framework.
SECURITY CONSIDERATIONS
CasaIdentityTokens are embedded inside CASA Authentication Tokens. CasaIdentityTokens
contain identity information which may be confidential and no attempts are made to
ensure the confidentiality of the data. Because of this it is important that CASA
Authentication Tokens be secured by applications making use of them. It is recommended
that CASA authentication tokens be transmitted using SSL.

13
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/TODO
View File

@@ -1,13 +0,0 @@
/***********************************************************************
*
* TODO for casa_identoken
*
***********************************************************************/
INTRODUCTION
This file contains a list of the items still outstanding for casa_identoken.
OUTSTANDING ITEMS
None.

1458
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identoken.c
View File

File diff suppressed because it is too large Load Diff

346
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/identokenprovider.c
View File

@@ -1,346 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Identity Token Provider Interface instance data
//
typedef struct _IdenTokenProviderIfInstance
{
int refCount;
IdenTokenProviderIf idenTokenProviderIf;
} IdenTokenProviderIfInstance, *PIdenTokenProviderIfInstance;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// IdenTokenProviderIf variables
static
int g_numIdenTokenProviderIfObjs = 0;
// Debug Level
int DebugLevel = 0;
//
// Initialization variables
//
static
bool g_moduleInitialized = false;
// Synchronization mutex
static
HANDLE g_idenTokenProviderIfMutex = NULL;
//++=======================================================================
static
int SSCS_CALL
AddReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//
// L2
//=======================================================================--
{
int refCount;
IdenTokenProviderIfInstance *pIdenTokenProviderIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenProviderIfInstance, idenTokenProviderIf);
DbgTrace(2, "-AddReference- Start\n", 0);
// Increment the reference count on the object
PlatAcquireMutex(g_idenTokenProviderIfMutex);
pIdenTokenProviderIfInstance->refCount ++;
refCount = pIdenTokenProviderIfInstance->refCount;
PlatReleaseMutex(g_idenTokenProviderIfMutex);
DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount);
return refCount;
}
//++=======================================================================
static
void SSCS_CALL
ReleaseReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//
// L2
//=======================================================================--
{
bool freeObj = false;
IdenTokenProviderIfInstance *pIdenTokenProviderIfInstance = CONTAINING_RECORD(pIfInstance, IdenTokenProviderIfInstance, idenTokenProviderIf);
DbgTrace(2, "-ReleaseReference- Start\n", 0);
// Decrement the reference count on the object and determine if it needs to
// be released.
PlatAcquireMutex(g_idenTokenProviderIfMutex);
pIdenTokenProviderIfInstance->refCount --;
if (pIdenTokenProviderIfInstance->refCount == 0)
{
// The object needs to be released, forget about it.
freeObj = true;
g_numIdenTokenProviderIfObjs --;
}
PlatReleaseMutex(g_idenTokenProviderIfMutex);
// Free object if necessary
if (freeObj)
free(pIdenTokenProviderIfInstance);
DbgTrace(2, "-ReleaseReference- End\n", 0);
}
//++=======================================================================
static
CasaStatus
GetIdentityTokenIf(
IN const void *pIfInstance,
IN const char *pTokenBuf,
IN const int tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pTokenBuf -
// Pointer to null terminated string containing an identity token.
//
// tokenLen -
// Length of the token contained in the token buffer.
//
// ppIdenTokenIf -
// Pointer to variable that will receive pointer to identity
// token interface.
//
// Returns:
// Casa Status
//
// Description:
// Get identity token interface instance for the specified token.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
char *pDecodedTokenBuf;
int decodedTokenBufLen;
DbgTrace(2, "-GetIdentityTokenIf- Start\n", 0);
// Validate input parameters
if (pIfInstance == NULL
|| pTokenBuf == NULL
|| tokenLen == 0
|| ppIdenTokenIf == NULL)
{
DbgTrace(0, "-GetIdentityTokenIf- Invalid input parameter\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INVALID_PARAMETER);
goto exit;
}
// First decode the token string
retStatus = DecodeData(pTokenBuf,
tokenLen,
(void**) &pDecodedTokenBuf,
&decodedTokenBufLen);
if (CASA_SUCCESS(retStatus))
{
// Get the identity token interface
retStatus = GetIdenTokenInterface(pDecodedTokenBuf,
decodedTokenBufLen,
ppIdenTokenIf);
// Free the decoded token buffer
free(pDecodedTokenBuf);
}
else
{
DbgTrace(0, "-GetIdentityTokenIf- Token decode failure\n", 0);
}
exit:
DbgTrace(2, "-GetIdentityTokenIf- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus SSCS_CALL
GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN(
IN const ConfigIf *pModuleConfigIf,
INOUT IdenTokenProviderIf **ppIdenTokenProviderIf)
//
// Arguments:
// pModuleConfigIf -
// Pointer to configuration interface instance for the module.
//
// ppIdenTokenProviderIf -
// Pointer to variable that will receive pointer to
// IdentityTokenProviderIf instance.
//
// Returns:
// Casa Status
//
// Description:
// Gets identity token provider interface instance.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
IdenTokenProviderIfInstance *pIdenTokenProviderIfInstance;
DbgTrace(1, "-GetIdenTokenProviderInterface- Start\n", 0);
// Validate input parameters
if (pModuleConfigIf == NULL
|| ppIdenTokenProviderIf == NULL)
{
DbgTrace(0, "-GetIdenTokenProviderInterface- Invalid input parameter\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_INVALID_PARAMETER);
goto exit;
}
// Make sure that the module has been initialized
if (g_moduleInitialized == false)
{
// The module has not been initialized, synchronize access thought this section
// to avoid having two threads performing initialization.
AcquireModuleMutex;
// Assume success
retStatus = CASA_STATUS_SUCCESS;
// Check again in case another thread pre-empted us.
if (g_moduleInitialized == false)
{
// Initialize the IdenTokenIf complex
retStatus = IdenTokenIfInit();
if (CASA_SUCCESS(retStatus))
{
// Allocate mutex
if ((g_idenTokenProviderIfMutex = PlatAllocMutex()) != NULL)
{
// Success
g_moduleInitialized = true;
}
else
{
IdenTokenIfUninit();
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
}
// Stop synchronization
ReleaseModuleMutex;
// Exit if we failed
if (g_moduleInitialized == false)
goto exit;
}
// Allocate space for the interface instance
pIdenTokenProviderIfInstance = malloc(sizeof(*pIdenTokenProviderIfInstance));
if (pIdenTokenProviderIfInstance)
{
// Initialize the interface instance data
pIdenTokenProviderIfInstance->refCount = 1;
pIdenTokenProviderIfInstance->idenTokenProviderIf.addReference = AddReference;
pIdenTokenProviderIfInstance->idenTokenProviderIf.releaseReference = ReleaseReference;
pIdenTokenProviderIfInstance->idenTokenProviderIf.getIdentityTokenIf = GetIdentityTokenIf;
// Keep track of this object
PlatAcquireMutex(g_idenTokenProviderIfMutex);
g_numIdenTokenProviderIfObjs ++;
PlatReleaseMutex(g_idenTokenProviderIfMutex);
// Return the interface to the caller
*ppIdenTokenProviderIf = &pIdenTokenProviderIfInstance->idenTokenProviderIf;
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
exit:
DbgTrace(1, "-GetIdenTokenProviderInterface- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

122
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/internal.h
View File

@@ -1,122 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _INTERNAL_H_
#define _INTERNAL_H_
//===[ Include files ]=====================================================
#include "platform.h"
#include <expat.h>
#include <micasa_types.h>
#include <casa_status.h>
#include <casa_s_authtoken.h>
#include "config_if.h"
#include "iden_token_provider_if.h"
#include "list_entry.h"
//===[ Type definitions ]==================================================
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//===[ Global externals ]==================================================
extern int DebugLevel;
//===[ External prototypes ]===============================================
//
// Defined in identoken.c
//
extern
CasaStatus
GetIdenTokenInterface(
IN const char *pTokenBuf,
IN const int tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf);
extern
CasaStatus
IdenTokenIfInit(void);
extern
void
IdenTokenIfUninit(void);
//
// Defined in utils.c
//
extern
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen);
extern
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen);
extern
int
dtoul(
IN char *cp,
IN int len);
//
// Functions exported by platform.c
//
extern
HANDLE
PlatAllocMutex(void);
extern
void
PlatDestroyMutex(HANDLE hMutex);
extern
void
PlatAcquireMutex(HANDLE hMutex);
extern
void
PlatReleaseMutex(HANDLE hMutex);
//=========================================================================
#endif // _INTERNAL_H_

15
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf
View File

@@ -1,15 +0,0 @@
#######################################################
# #
# CASA Authentication Token System configuration file #
# for module: #
# #
# CasaIdentityToken #
# #
# Note: This module is the provider of Casa Identity #
# tokens. #
# #
#######################################################
LibraryName /opt/novell/CASA/lib/casa_iden_token.so

114
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile.am
View File

@@ -1,114 +0,0 @@
#######################################################################
#
# Copyright (C) 2006 Novell, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# Author: Juan Carlos Luciani <jluciani@novell.com>
#
#######################################################################
if DEBUG
TARGET_CFG = Debug
CFLAGS += -v -w
else
TARGET_CFG = Release
endif
SUBDIRS =
DIST_SUBDIRS =
ROOT = ../../../../..
CASAINCLUDE = ../../../../../../CASA/include
LIBDIR = $(ROOT)/$(LIB)
# handle Mono secondary dependencies
export MONO_PATH := $(MONO_PATH)
PLATFORMINDEPENDENTSOURCEDIR = ..
PLATFORMDEPENDENTSOURCEDIR = .
MODULE_NAME = casa_iden_token
MODULE_EXT = so
CFILES = ../identokenprovider.c \
../identoken.c \
../util.c \
platform.c
CSFILES_CSC :=
INCLUDES = -I. -I.. -I../../.. -I$(CASAINCLUDE) -I../../../../../include
RESOURCES =
DEFINES = -Wno-format-extra-args -fno-strict-aliasing
CFLAGS += $(INCLUDES) $(DEFINES)
LIBS = -lpthread -ldl -lexpat
LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT)
OBJDIR = ./$(TARGET_CFG)/$(LIB)
OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o))
EXTRA_DIST = $(CFILES) *.h
CUR_DIR := $(shell pwd)
all: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT)
#
# Pattern based rules.
#
vpath %.c $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR)
vpath %.cpp $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR)
$(OBJDIR)/%.o: %.c
$(CC) -c $(CFLAGS) -o $@ $<
$(OBJDIR)/%.o: %.cpp
$(CC) -c $(CFLAGS) -o $@ $<
$(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT): $(OBJDIR) $(OBJS)
@echo [======== Linking $@ ========]
$(LINK) -o $@ $(LDFLAGS) $(OBJS) $(LIBS)
cp -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/$(TARGET_CFG)/$(MODULE_NAME).$(MODULE_EXT)
$(OBJDIR):
[ -d $(OBJDIR) ] || mkdir -p $(OBJDIR)
[ -d $(LIBDIR) ] || mkdir -p $(LIBDIR)
[ -d $(LIBDIR)/$(TARGET_CFG) ] || mkdir -p $(LIBDIR)/$(TARGET_CFG)
install-exec-local: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT)
$(mkinstalldirs) $(DESTDIR)$(libdir)
$(INSTALL_PROGRAM) $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(DESTDIR)$(libdir)/
uninstall-local:
cd $(DESTDIR)$(libdir); rm -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT)
rmdir $(DESTDIR)$(libdir)
#installcheck-local: install
# $(mkinstalldirs) $(DESTDIR)$(libdir)
# $(INSTALL_PROGRAM) $(DESTDIR)$(libdir)
# cd $(DESTDIR)$(libdir); $(MONO)
clean-local:
if [ -d $(TARGET_CFG) ]; then rm -rf $(TARGET_CFG); fi
distclean-local:
maintainer-clean-local:
rm -f Makefile.in

178
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.c
View File

@@ -1,178 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Platform Mutex structure
//
typedef struct _PlatformMutex
{
pthread_mutex_t mutex;
} PlatformMutex, *PPlatformMutex;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//
// Module synchronization mutex
//
pthread_mutex_t g_hModuleMutex = PTHREAD_MUTEX_INITIALIZER;
//++=======================================================================
HANDLE
PlatAllocMutex(void)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex;
pthread_mutexattr_t mutexAttr = {PTHREAD_MUTEX_RECURSIVE};
DbgTrace(2, "-PlatAllocMutex- Start\n", 0);
// Allocate space for our mutex structure
pPlatMutex = malloc(sizeof(*pPlatMutex));
if (pPlatMutex)
{
// Finish initializing the mutex
pthread_mutex_init(&pPlatMutex->mutex, &mutexAttr);
}
else
{
DbgTrace(0, "-PlatAllocMutex- Memory allocation failure\n", 0);
}
DbgTrace(2, "-PlatAllocMutex- End, retHandle = %08X\n", (unsigned int) pPlatMutex);
return (HANDLE) pPlatMutex;
}
//++=======================================================================
void
PlatDestroyMutex(HANDLE hMutex)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex;
DbgTrace(2, "-PlatDestroyMutex- Start\n", 0);
// Free the resources associated with the mutex
pthread_mutex_destroy(&pPlatMutex->mutex);
free(pPlatMutex);
DbgTrace(2, "-PlatDestroyMutex- End\n", 0);
}
//++=======================================================================
void
PlatAcquireMutex(HANDLE hMutex)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex;
DbgTrace(2, "-PlatAcquireMutex- Start\n", 0);
// Acquire the mutex
pthread_mutex_lock(&pPlatMutex->mutex);
DbgTrace(2, "-PlatAcquireMutex- End\n", 0);
}
//++=======================================================================
void
PlatReleaseMutex(HANDLE hMutex)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex;
DbgTrace(2, "-PlatReleaseMutex- Start\n", 0);
// Release the mutex
pthread_mutex_unlock(&pPlatMutex->mutex);
DbgTrace(2, "-PlatRelease- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

93
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/linux/platform.h
View File

@@ -1,93 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#define _GNU_SOURCE
//===[ Include files ]=====================================================
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
#include <syslog.h>
#include <pthread.h>
#include <string.h>
#include <ctype.h>
#include <errno.h>
#include <dlfcn.h>
//===[ Type definitions ]==================================================
#define HANDLE void*
#ifndef CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field) ((type *)( \
(char*)(address) - \
(char*)(&((type *)0)->field)))
#endif
//
// DbgTrace macro define
//
#define DbgTrace(LEVEL, X, Y) { \
char printBuff[256]; \
if (LEVEL == 0 || DebugLevel >= LEVEL) \
{ \
_snprintf(printBuff, sizeof(printBuff), X, Y); \
fprintf(stderr, "CASA_IdenToken %s", printBuff); \
} \
}
/*#define DbgTrace(LEVEL, X, Y) { \
if (LEVEL == 0 || DebugLevel >= LEVEL) \
{ \
openlog("CASA_IdenToken", LOG_CONS | LOG_NOWAIT | LOG_ODELAY, LOG_USER); \
syslog(LOG_USER | LOG_INFO, X, Y); \
closelog(); \
} \
}*/
// Deal with function name mapping issues
#define _snprintf snprintf
//
// Module synchronization
//
extern pthread_mutex_t g_hModuleMutex;
#define AcquireModuleMutex pthread_mutex_lock(&g_hModuleMutex)
#define ReleaseModuleMutex pthread_mutex_unlock(&g_hModuleMutex)
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
//===[ Global externals ]==================================================
//===[ External prototypes ]===============================================
//=========================================================================

321
CASA-auth-token/server/AuthTokenValidate/idenTokenProviders/casa/util.c
View File

@@ -1,321 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// Tables for Base64 encoding and decoding
static const int8_t g_Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const uint8_t g_Expand64[256] =
{
/* ASCII table */
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64,
64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64
};
//++=======================================================================
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen)
//
// Arguments:
//
// Returns:
//
// Description:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
int encodedSize;
char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0);
// Determine the encoded size and allocate a buffer to hold the encoded data
encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4;
pTmp = (char*) malloc(encodedSize);
*ppEncodedData = pTmp;
if (*ppEncodedData)
{
uint8_t *pOut, *pIn;
int i;
// Setup pointers to move through the buffers
pIn = (uint8_t*) pData;
pOut = (uint8_t*) *ppEncodedData;
// Perform the encoding
for (i = 0; i < dataLen - 2; i += 3)
{
*pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
*pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) |
((int32_t)(pIn[i + 2] & 0xC0) >> 6)];
*pOut++ = g_Base64[pIn[i + 2] & 0x3F];
}
if (i < dataLen)
{
*pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
if (i == (dataLen - 1))
{
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4)];
*pOut++ = '=';
}
else
{
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
*pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)];
}
*pOut++ = '=';
}
*pOut++ = '\0';
// Return the encoded data length
*pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen)
//
// Arguments:
//
// Returns:
//
// Description:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
int i, j;
int decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0);
// Determine the decoded size
for (i = 0, j = 0; i < encodedDataLen; i++)
if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64)
j++;
decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
{
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
int
dtoul(
IN char *cp,
IN int len)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
int n = 0;
int i;
DbgTrace(2, "-dtoul- Start\n", 0);
for (i = 0; i < len; i++, cp++)
{
// Verify that we are dealing with a valid digit
if (*cp >= '0' && *cp <= '9')
{
n = 10 * n + (*cp - '0');
}
else
{
DbgTrace(0, "-dtoul- Found invalid digit\n", 0);
break;
}
}
DbgTrace(2, "-dtoul- End, result = %d\n", n);
return n;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

356
CASA-auth-token/server/AuthTokenValidate/iden_token_provider_if.h
View File

@@ -1,356 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _IDEN_TOKEN_PROVIDER_IF_H_
#define _IDEN_TOKEN_PROVIDER_IF_H_
//===[ Include files ]=====================================================
#include "config_if.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
/**************************************************************************
***************************************************************************
** **
** Identity Token Interface Definitions **
** **
***************************************************************************
**************************************************************************/
//++=======================================================================
typedef
int
(SSCS_CALL *PFNIdenTokenIf_AddReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//=======================================================================--
//++=======================================================================
typedef
void
(SSCS_CALL *PFNIdenTokenIf_ReleaseReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//=======================================================================--
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFNIdenTokenIf_GetIdentityId)(
IN const void *pIfInstance,
INOUT char *pIdentIdBuf,
INOUT int *pIdentIdLen);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pIdentIdBuf -
// Pointer to buffer that will receive the identity id. The returned
// id will be in the form of a NULL terminated string.
//
// pIdentIdBufLen -
// Pointer to variable with the length of the buffer pointed by
// pIdentIdBuf. On exit it contains the length of the returned id
// (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Get the identity id associated with the identity token.
//=======================================================================--
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFNIdenTokenIf_GetSourceName)(
IN const void *pIfInstance,
INOUT char *pSourceNameBuf,
INOUT int *pSourceNameLen);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pSourceNameBuf -
// Pointer to buffer that will receive the name associated with the
// identity information source. The returned name will be in the form
// of a NULL terminated string.
//
// pSourceNameBufLen -
// Pointer to variable with the length of the buffer pointed by
// pSourceNameBuf. On exit it contains the length of the returned
// name (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Get the name of the identity source associated with the identity token.
//=======================================================================--
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFNIdenTokenIf_GetSourceUrl)(
IN const void *pIfInstance,
INOUT char *pSourceUrlBuf,
INOUT int *pSourceUrlLen);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pSourceUrlBuf -
// Pointer to buffer that will receive the URL associated with the
// identity information source. The returned URL will be in the form
// of a NULL terminated string.
//
// pSourceUrlBufLen -
// Pointer to variable with the length of the buffer pointed by
// pSourceUrlBuf. On exit it contains the length of the returned
// URL (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Get the URL to the identity source associated with the identity token.
//=======================================================================--
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFNIdenTokenIf_AttributeEnumerate)(
IN const void *pIfInstance,
INOUT int *pEnumHandle,
INOUT char *pAttribNameBuf,
INOUT int *pAttribNameLen,
INOUT char *pAttribValueBuf,
INOUT int *pAttribValueLen);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pEnumHandle -
// Pointer to enumeration handle. Must be set to 0 to start an
// enumeration. Note the enumeration handle advances if the
// function returns success.
//
// pAttribNameBuf -
// Pointer to buffer that will receive the identity attribute name. The
// returned name will be in the form of a NULL terminated string.
//
// pAttribNameLen -
// Pointer to variable with the length of the buffer pointed by
// pAttribNameBuf. On exit it contains the length of the returned
// name (including the NULL terminator).
//
// pAttribValueBuf -
// Pointer to buffer that will receive the identity attribute value. The
// returned value will be in the form of a NULL terminated string.
//
// pAttribValueLen -
// Pointer to variable with the length of the buffer pointed by
// pAttribValueBuf. On exit it contains the length of the returned
// value (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Enumerates through the attributes associated with the identity token.
//=======================================================================--
//
// Identity Token Interface Object
//
typedef struct _IdenTokenIf
{
PFNIdenTokenIf_AddReference addReference;
PFNIdenTokenIf_ReleaseReference releaseReference;
PFNIdenTokenIf_GetIdentityId getIdentityId;
PFNIdenTokenIf_GetSourceName getSourceName;
PFNIdenTokenIf_GetSourceUrl getSourceUrl;
PFNIdenTokenIf_AttributeEnumerate attributeEnumerate;
} IdenTokenIf, *PIdenTokenIf;
/**************************************************************************
***************************************************************************
** **
** Identity Token Provider Interface Definitions **
** **
***************************************************************************
**************************************************************************/
//++=======================================================================
typedef
int
(SSCS_CALL *PFNIdenTokenProviderIf_AddReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//=======================================================================--
//++=======================================================================
typedef
void
(SSCS_CALL *PFNIdenTokenProviderIf_ReleaseReference)(
IN const void *pIfInstance);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//=======================================================================--
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFNIdenTokenProviderIf_GetIdentityTokenIf)(
IN const void *pIfInstance,
IN const char *pTokenBuf,
IN const int tokenLen,
INOUT IdenTokenIf **ppIdenTokenIf);
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pTokenBuf -
// Pointer to null terminated string containing an identity token.
//
// tokenLen -
// Length of the token contained in the token buffer.
//
// ppIdenTokenIf -
// Pointer to variable that will receive pointer to identity
// token interface.
//
// Returns:
// Casa Status
//
// Description:
// Get identity token interface instance for the specified token.
//=======================================================================--
//
// Identity Token Provider Interface Object
//
typedef struct _IdenTokenProviderIf
{
PFNIdenTokenProviderIf_AddReference addReference;
PFNIdenTokenProviderIf_ReleaseReference releaseReference;
PFNIdenTokenProviderIf_GetIdentityTokenIf getIdentityTokenIf;
} IdenTokenProviderIf, *PIdenTokenProviderIf;
//++=======================================================================
typedef
CasaStatus
(SSCS_CALL *PFN_GetIdenTokenProviderIfRtn)(
IN const ConfigIf *pModuleConfigIf,
INOUT IdenTokenProviderIf **ppIdenTokenProviderIf);
//
// Arguments:
// pModuleConfigIf -
// Pointer to configuration interface instance for the module.
//
// ppIdenTokenProviderIf -
// Pointer to variable that will receive pointer to
// IdentityTokenProviderIf instance.
//
// Returns:
// Casa Status
//
// Description:
// Gets identity token provider interface instance.
//=======================================================================--
#define GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN_SYMBOL "GetIdenTokenProviderInterface"
#define GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN GetIdenTokenProviderInterface
#endif // #ifndef _IDEN_TOKEN_PROVIDER_IF_H_

320
CASA-auth-token/server/AuthTokenValidate/identoken.c
View File

@@ -1,320 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Identity Token Module definition
//
typedef struct _IdenTokenProviderModule
{
LIST_ENTRY listEntry;
char *pTypeName;
int typeNameLen;
LIB_HANDLE libHandle;
IdenTokenProviderIf *pIdenTokenProviderIf;
} IdenTokenProviderModule, *PIdenTokenProviderModule;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//
// IdenTokenProviderModule list and syncronization mutex
//
static
LIST_ENTRY g_IdenTokenProviderModuleListHead = {&g_IdenTokenProviderModuleListHead, &g_IdenTokenProviderModuleListHead};
static
HANDLE g_idenTokenMutex = NULL;
//++=======================================================================
CasaStatus
GetIdenTokenProviderInterface(
IN const char *pIdenTokenTypeName,
INOUT IdenTokenProviderIf **ppIdenTokenProviderIf)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
ConfigIf *pModuleConfigIf;
DbgTrace(2, "-GetIdenTokenProviderInterface- Start\n", 0);
// Get the configuration for the module
retStatus = GetConfigInterface("/etc/opt/novell/CASA/authtoken.d/modules.d",
pIdenTokenTypeName,
&pModuleConfigIf);
if (CASA_SUCCESS(retStatus)
&& CasaStatusCode(retStatus) != CASA_STATUS_OBJECT_NOT_FOUND)
{
LIST_ENTRY *pListEntry;
IdenTokenProviderModule *pIdenTokenProviderModule = NULL;
int32_t idenTokenTypeNameLen = strlen(pIdenTokenTypeName);
// Gain exclusive access to our mutex
PlatAcquireMutex(g_idenTokenMutex);
// Look if we already have the module in our list
pListEntry = g_IdenTokenProviderModuleListHead.Flink;
while (pListEntry != &g_IdenTokenProviderModuleListHead)
{
// Get pointer to the current entry
pIdenTokenProviderModule = CONTAINING_RECORD(pListEntry, IdenTokenProviderModule, listEntry);
// Check if this is the module that we need
if (pIdenTokenProviderModule->typeNameLen == idenTokenTypeNameLen
&& memcmp(pIdenTokenTypeName, pIdenTokenProviderModule->pTypeName, idenTokenTypeNameLen) == 0)
{
// This is the module that we need, stop looking.
break;
}
else
{
// This is not the module that we are looking for
pIdenTokenProviderModule = NULL;
}
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
// Proceed based on whether or not a module was found
if (pIdenTokenProviderModule)
{
// Module found in our list, provide the caller with its IdenTokenProviderIf
// instance after we have incremented its reference count.
pIdenTokenProviderModule->pIdenTokenProviderIf->addReference(pIdenTokenProviderModule->pIdenTokenProviderIf);
*ppIdenTokenProviderIf = pIdenTokenProviderModule->pIdenTokenProviderIf;
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
// Needed module not found in our list, create an entry.
pIdenTokenProviderModule = malloc(sizeof(*pIdenTokenProviderModule));
if (pIdenTokenProviderModule)
{
// Allocate buffer to contain the authentication type name within the module entry
pIdenTokenProviderModule->pTypeName = malloc(idenTokenTypeNameLen + 1);
if (pIdenTokenProviderModule->pTypeName)
{
char *pLibraryName;
// Initialize the library handle field
pIdenTokenProviderModule->libHandle = NULL;
// Save the auth type name within the entry
strcpy(pIdenTokenProviderModule->pTypeName, pIdenTokenTypeName);
pIdenTokenProviderModule->typeNameLen = idenTokenTypeNameLen;
// Obtain the name of the library that we must load
pLibraryName = pModuleConfigIf->getEntryValue(pModuleConfigIf, "LibraryName");
if (pLibraryName)
{
// Load the library
pIdenTokenProviderModule->libHandle = OpenLibrary(pLibraryName);
if (pIdenTokenProviderModule->libHandle)
{
PFN_GetIdenTokenProviderIfRtn pGetIdenTokenProviderIfRtn;
// Library has been loaded, now get a pointer to its GetIdenTokenProviderProviderInterface routine
pGetIdenTokenProviderIfRtn = (PFN_GetIdenTokenProviderIfRtn) GetFunctionPtr(pIdenTokenProviderModule->libHandle,
GET_IDEN_TOKEN_PROVIDER_INTERFACE_RTN_SYMBOL);
if (pGetIdenTokenProviderIfRtn)
{
// Now, obtain the modules IdenTokenProviderIf.
retStatus = (pGetIdenTokenProviderIfRtn)(pModuleConfigIf, &pIdenTokenProviderModule->pIdenTokenProviderIf);
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- GetFunctionPtr error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_LIBRARY_LOAD_FAILURE);
}
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- OpenLibrary error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_LIBRARY_LOAD_FAILURE);
}
// Free the buffer holding the library name
free(pLibraryName);
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- Library name not configured\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_CONFIGURATION_ERROR);
}
// Check if we were successful at obtaining the IdenTokenProviderIf instance for the
// module.
if (CASA_SUCCESS(retStatus))
{
// Insert the entry in the list, provide the caller with its IdenTokenProviderIf
// instance after we have incremented its reference count.
InsertTailList(&g_IdenTokenProviderModuleListHead, &pIdenTokenProviderModule->listEntry);
pIdenTokenProviderModule->pIdenTokenProviderIf->addReference(pIdenTokenProviderModule->pIdenTokenProviderIf);
*ppIdenTokenProviderIf = pIdenTokenProviderModule->pIdenTokenProviderIf;
}
else
{
// Failed, free resources.
free(pIdenTokenProviderModule->pTypeName);
if (pIdenTokenProviderModule->libHandle)
CloseLibrary(pIdenTokenProviderModule->libHandle);
free(pIdenTokenProviderModule);
}
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- Unable to allocate buffer\n", 0);
// Free buffer allocated for entry
free(pIdenTokenProviderModule);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- Unable to allocate buffer\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
// Release exclusive access to our mutex
PlatReleaseMutex(g_idenTokenMutex);
// Release config interface instance
pModuleConfigIf->releaseReference(pModuleConfigIf);
}
else
{
DbgTrace(0, "-GetIdenTokenProviderInterface- Unable to obtain config interface\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_CONFIGURATION_ERROR);
}
DbgTrace(2, "-GetIdenTokenProviderInterface- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
IdenTokenInit(void)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Initializes the identity token complex.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
DbgTrace(1, "-IdenTokenInit- Start\n", 0);
// Allocate mutex
if ((g_idenTokenMutex = PlatAllocMutex()) != NULL)
retStatus = CASA_STATUS_SUCCESS;
else
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
DbgTrace(1, "-IdenTokenInit- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
IdenTokenUninit(void)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Uninitializes the indentity token complex.
//
// L2
//=======================================================================--
{
DbgTrace(1, "-IdenTokenUninit- Start\n", 0);
// Free mutex if necessary
if (g_idenTokenMutex)
{
PlatDestroyMutex(g_idenTokenMutex);
g_idenTokenMutex = NULL;
}
DbgTrace(1, "-IdenTokenUninit- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

222
CASA-auth-token/server/AuthTokenValidate/internal.h
View File

@@ -1,222 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _INTERNAL_H_
#define _INTERNAL_H_
//===[ Include files ]=====================================================
#include "platform.h"
#include <expat.h>
#include <micasa_types.h>
#include <casa_status.h>
#include <casa_s_authtoken.h>
#include "proto.h"
#include "list_entry.h"
#include "config_if.h"
#include "iden_token_provider_if.h"
//===[ Type definitions ]==================================================
//
// Authentication Token structure
//
typedef struct _AuthToken
{
int tokenLifetime;
char *pSignature;
int signatureLen;
char *pIdenTokenType;
int idenTokenTypeLen;
char *pIdenToken;
int idenTokenLen;
} AuthToken, *PAuthToken;
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//===[ Global externals ]==================================================
extern int DebugLevel;
//===[ External prototypes ]===============================================
//
// Functions exported by config.c
//
extern
CasaStatus
GetConfigInterface(
IN const char *pConfigFolder,
IN const char *pConfigName,
INOUT ConfigIf **ppConfigIf);
extern
CasaStatus
ConfigIfInit(void);
extern
void
ConfigIfUninit(void);
//
// Functions exported by identoken.c
//
extern
CasaStatus
GetIdenTokenProviderInterface(
IN const char *pIdenTokenTypeName,
INOUT IdenTokenProviderIf **ppIdenTokenProviderIf);
extern
CasaStatus
IdenTokenInit(void);
extern
void
IdenTokenUninit(void);
//
// Functions exported by platform.c
//
extern
HANDLE
PlatAllocMutex(void);
extern
void
PlatDestroyMutex(HANDLE hMutex);
extern
void
PlatAcquireMutex(HANDLE hMutex);
extern
void
PlatReleaseMutex(HANDLE hMutex);
extern
LIB_HANDLE
OpenLibrary(
IN char *pFileName);
extern
void
CloseLibrary(
IN LIB_HANDLE libHandle);
extern
void*
GetFunctionPtr(
IN LIB_HANDLE libHandle,
IN char *pFunctionName);
//
// Functions exported by principal.c
//
extern
CasaStatus
GetPrincipalInterface(
IN IdenTokenIf *pIdenTokenIf,
INOUT PrincipalIf **ppPrincipalIf);
extern
CasaStatus
PrincipalIfInit(void);
extern
void
PrincipalIfUninit(void);
//
// Functions exported by validate.c
//
extern
CasaStatus SSCS_CALL
ValidateAuthToken(
IN const char *pServiceName,
IN const char *pTokenBuf,
IN const int tokenBufLen,
INOUT PrincipalIf **ppPrincipalIf);
//
// Functions exported by authtoken.c
//
extern
CasaStatus
CreateAuthToken(
IN char *pTokenBuf,
IN int tokenBufLen,
INOUT AuthToken **ppAuthToken);
extern
void
RelAuthToken(
IN AuthToken *pAuthToken);
extern
CasaStatus
CheckAuthToken(
IN AuthToken *pAuthToken,
IN const char *pServiceName);
//
// Defined in utils.c
//
extern
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen);
extern
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen);
extern
int
dtoul(
IN char *cp,
IN int len);
//=========================================================================
#endif // _INTERNAL_H_

116
CASA-auth-token/server/AuthTokenValidate/linux/Makefile.am
View File

@@ -1,116 +0,0 @@
#######################################################################
#
# Copyright (C) 2006 Novell, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# Author: Juan Carlos Luciani <jluciani@novell.com>
#
#######################################################################
if DEBUG
TARGET_CFG = Debug
CFLAGS += -v -w
else
TARGET_CFG = Release
endif
SUBDIRS =
DIST_SUBDIRS =
ROOT = ../../..
CASAINCLUDE = ../../../../CASA/include
LIBDIR = $(ROOT)/$(LIB)
# handle Mono secondary dependencies
export MONO_PATH := $(MONO_PATH)
PLATFORMINDEPENDENTSOURCEDIR = ..
PLATFORMDEPENDENTSOURCEDIR = .
MODULE_NAME = libcasa_s_authtoken
MODULE_EXT = so
CFILES = ../config.c \
../authtoken.c \
../principal.c \
../util.c \
../validate.c \
../identoken.c \
platform.c
CSFILES_CSC :=
INCLUDES = -I. -I.. -I$(CASAINCLUDE) -I../../../include
RESOURCES =
DEFINES = -Wno-format-extra-args -fno-strict-aliasing
CFLAGS += $(INCLUDES) $(DEFINES)
LIBS = -lpthread -ldl -lexpat
LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT)
OBJDIR = ./$(TARGET_CFG)/$(LIB)
OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o))
EXTRA_DIST = $(CFILES) *.h
CUR_DIR := $(shell pwd)
all: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT)
#
# Pattern based rules.
#
vpath %.c $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR)
vpath %.cpp $(PLATFORMDEPENDENTSOURCEDIR) $(PLATFORMINDEPENDENTSOURCEDIR)
$(OBJDIR)/%.o: %.c
$(CC) -c $(CFLAGS) -o $@ $<
$(OBJDIR)/%.o: %.cpp
$(CC) -c $(CFLAGS) -o $@ $<
$(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT): $(OBJDIR) $(OBJS)
@echo [======== Linking $@ ========]
$(LINK) -o $@ $(LDFLAGS) $(OBJS) $(LIBS)
cp -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(LIBDIR)/$(TARGET_CFG)/$(MODULE_NAME).$(MODULE_EXT)
$(OBJDIR):
[ -d $(OBJDIR) ] || mkdir -p $(OBJDIR)
[ -d $(LIBDIR) ] || mkdir -p $(LIBDIR)
[ -d $(LIBDIR)/$(TARGET_CFG) ] || mkdir -p $(LIBDIR)/$(TARGET_CFG)
install-exec-local: $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT)
$(mkinstalldirs) $(DESTDIR)$(libdir)
$(INSTALL_PROGRAM) $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT) $(DESTDIR)$(libdir)/
uninstall-local:
cd $(DESTDIR)$(libdir); rm -f $(OBJDIR)/$(MODULE_NAME).$(MODULE_EXT)
rmdir $(DESTDIR)$(libdir)
#installcheck-local: install
# $(mkinstalldirs) $(DESTDIR)$(libdir)
# $(INSTALL_PROGRAM) $(DESTDIR)$(libdir)
# cd $(DESTDIR)$(libdir); $(MONO)
clean-local:
if [ -d $(TARGET_CFG) ]; then rm -rf $(TARGET_CFG); fi
distclean-local:
maintainer-clean-local:
rm -f Makefile.in

268
CASA-auth-token/server/AuthTokenValidate/linux/platform.c
View File

@@ -1,268 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Platform Mutex structure
//
typedef struct _PlatformMutex
{
pthread_mutex_t mutex;
} PlatformMutex, *PPlatformMutex;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//
// Module synchronization mutex
//
pthread_mutex_t g_hModuleMutex = PTHREAD_MUTEX_INITIALIZER;
//++=======================================================================
HANDLE
PlatAllocMutex(void)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex;
pthread_mutexattr_t mutexAttr = {PTHREAD_MUTEX_RECURSIVE};
DbgTrace(2, "-PlatAllocMutex- Start\n", 0);
// Allocate space for our mutex structure
pPlatMutex = malloc(sizeof(*pPlatMutex));
if (pPlatMutex)
{
// Finish initializing the mutex
pthread_mutex_init(&pPlatMutex->mutex, &mutexAttr);
}
else
{
DbgTrace(0, "-PlatAllocMutex- Memory allocation failure\n", 0);
}
DbgTrace(2, "-PlatAllocMutex- End, retHandle = %08X\n", (unsigned int) pPlatMutex);
return (HANDLE) pPlatMutex;
}
//++=======================================================================
void
PlatDestroyMutex(HANDLE hMutex)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex;
DbgTrace(2, "-PlatDestroyMutex- Start\n", 0);
// Free the resources associated with the mutex
pthread_mutex_destroy(&pPlatMutex->mutex);
free(pPlatMutex);
DbgTrace(2, "-PlatDestroyMutex- End\n", 0);
}
//++=======================================================================
void
PlatAcquireMutex(HANDLE hMutex)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex;
DbgTrace(2, "-PlatAcquireMutex- Start\n", 0);
// Acquire the mutex
pthread_mutex_lock(&pPlatMutex->mutex);
DbgTrace(2, "-PlatAcquireMutex- End\n", 0);
}
//++=======================================================================
void
PlatReleaseMutex(HANDLE hMutex)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// Environment:
//
// L2
//=======================================================================--
{
PlatformMutex *pPlatMutex = (PlatformMutex*) hMutex;
DbgTrace(2, "-PlatReleaseMutex- Start\n", 0);
// Release the mutex
pthread_mutex_unlock(&pPlatMutex->mutex);
DbgTrace(2, "-PlatRelease- End\n", 0);
}
//++=======================================================================
LIB_HANDLE
OpenLibrary(
IN char *pFileName)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
LIB_HANDLE libHandle;
DbgTrace(1, "-OpenLibrary- Start\n", 0);
libHandle = dlopen(pFileName, RTLD_LAZY);
if (libHandle == NULL)
{
DbgTrace(0, "-OpenLibrary- Not able to load library, error = %d\n", dlerror());
}
DbgTrace(1, "-OpenLibrary- End, handle = %08X\n", libHandle);
return libHandle;
}
//++=======================================================================
void
CloseLibrary(
IN LIB_HANDLE libHandle)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(1, "-CloseLibrary- Start\n", 0);
dlclose(libHandle);
DbgTrace(1, "-CloseLibrary- End\n", 0);
}
//++=======================================================================
void*
GetFunctionPtr(
IN LIB_HANDLE libHandle,
IN char *pFunctionName)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
void *pFuncPtr;
DbgTrace(1, "-GetFunctionPtr- Start\n", 0);
pFuncPtr = dlsym(libHandle, pFunctionName);
if (pFuncPtr == NULL)
{
DbgTrace(0, "-GetFunctionPtr- Not able to obtain func ptr, error = %d\n", dlerror());
}
DbgTrace(1, "-GetFunctionPtr- End, pFuncPtr = %08X\n", pFuncPtr);
return pFuncPtr;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

100
CASA-auth-token/server/AuthTokenValidate/linux/platform.h
View File

@@ -1,100 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#define _GNU_SOURCE
//===[ Include files ]=====================================================
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
#include <syslog.h>
#include <pthread.h>
#include <string.h>
#include <ctype.h>
#include <errno.h>
#include <dlfcn.h>
//===[ Type definitions ]==================================================
#define HANDLE void*
#ifndef CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field) ((type *)( \
(char*)(address) - \
(char*)(&((type *)0)->field)))
#endif
//
// DbgTrace macro define
//
#define DbgTrace(LEVEL, X, Y) { \
char printBuff[256]; \
if (LEVEL == 0 || DebugLevel >= LEVEL) \
{ \
_snprintf(printBuff, sizeof(printBuff), X, Y); \
fprintf(stderr, "CASA_AuthTokenValidate %s", printBuff); \
} \
}
/*#define DbgTrace(LEVEL, X, Y) { \
if (LEVEL == 0 || DebugLevel >= LEVEL) \
{ \
openlog("CASA_AuthTokenValidate", LOG_CONS | LOG_NOWAIT | LOG_ODELAY, LOG_USER); \
syslog(LOG_USER | LOG_INFO, X, Y); \
closelog(); \
} \
}*/
//
// Deal with function name mapping issues
//
#define _snprintf snprintf
//
// Module synchronization
//
extern pthread_mutex_t g_hModuleMutex;
#define AcquireModuleMutex pthread_mutex_lock(&g_hModuleMutex)
#define ReleaseModuleMutex pthread_mutex_unlock(&g_hModuleMutex)
//
// Other definitions
//
#define LIB_HANDLE void*
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
//===[ Global externals ]==================================================
//===[ External prototypes ]===============================================
//=========================================================================

482
CASA-auth-token/server/AuthTokenValidate/principal.c
View File

@@ -1,482 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Config Interface instance data
//
typedef struct _PrincipalIfInstance
{
int refCount;
IdenTokenIf *pIdenTokenIf;
PrincipalIf principalIf;
} PrincipalIfInstance, *PPrincipalIfInstance;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// PrincipalIf variables
static
int g_numPrincipalIfObjs = 0;
// Synchronization mutex
static
HANDLE g_principalIfMutex = NULL;
//++=======================================================================
static
int SSCS_CALL
AddReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//
// L2
//=======================================================================--
{
int refCount;
PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf);
DbgTrace(2, "-AddReference- Start\n", 0);
// Increment the reference count on the object
PlatAcquireMutex(g_principalIfMutex);
pPrincipalIfInstance->refCount ++;
refCount = pPrincipalIfInstance->refCount;
PlatReleaseMutex(g_principalIfMutex);
DbgTrace(2, "-AddReference- End, refCount = %08X\n", refCount);
return refCount;
}
//++=======================================================================
static
void SSCS_CALL
ReleaseReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//
// L2
//=======================================================================--
{
bool freeObj = false;
PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf);
DbgTrace(2, "-ReleaseReference- Start\n", 0);
// Decrement the reference count on the object and determine if it needs to
// be released.
PlatAcquireMutex(g_principalIfMutex);
pPrincipalIfInstance->refCount --;
if (pPrincipalIfInstance->refCount == 0)
{
// The object needs to be released, forget about it.
freeObj = true;
g_numPrincipalIfObjs --;
}
PlatReleaseMutex(g_principalIfMutex);
// Free object if necessary
if (freeObj)
{
// Release the identity token interface associated with our instance
pPrincipalIfInstance->pIdenTokenIf->releaseReference(pPrincipalIfInstance->pIdenTokenIf);
// Free our instance data
free(pPrincipalIfInstance);
}
DbgTrace(2, "-ReleaseReference- End\n", 0);
}
//++=======================================================================
static
CasaStatus SSCS_CALL
GetIdentityId(
IN const void *pIfInstance,
INOUT char *pIdentIdBuf,
INOUT int *pIdentIdLen)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pIdentIdBuf -
// Pointer to buffer that will receive the identity id. The returned
// id will be in the form of a NULL terminated string.
//
// pIdentIdBufLen -
// Pointer to variable with the length of the buffer pointed by
// pIdentIdBuf. On exit it contains the length of the returned id
// (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Get the identity id associated with the identity token.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf);
DbgTrace(2, "-GetIdentityId- Start\n", 0);
// Just call into the identity token
retStatus = pPrincipalIfInstance->pIdenTokenIf->getIdentityId(pPrincipalIfInstance->pIdenTokenIf,
pIdentIdBuf,
pIdentIdLen);
DbgTrace(2, "-GetIdentityId- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
CasaStatus SSCS_CALL
GetSourceName(
IN const void *pIfInstance,
INOUT char *pSourceNameBuf,
INOUT int *pSourceNameLen)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pSourceNameBuf -
// Pointer to buffer that will receive the name associated with the
// identity information source. The returned name will be in the form
// of a NULL terminated string.
//
// pSourceNameBufLen -
// Pointer to variable with the length of the buffer pointed by
// pSourceNameBuf. On exit it contains the length of the returned
// name (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Get the name of the identity source associated with the identity token.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf);
DbgTrace(2, "-GetSourceName- Start\n", 0);
// Just call into the identity token
retStatus = pPrincipalIfInstance->pIdenTokenIf->getSourceName(pPrincipalIfInstance->pIdenTokenIf,
pSourceNameBuf,
pSourceNameLen);
DbgTrace(2, "-GetSourceName- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
CasaStatus SSCS_CALL
GetSourceUrl(
IN const void *pIfInstance,
INOUT char *pSourceUrlBuf,
INOUT int *pSourceUrlLen)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pSourceUrlBuf -
// Pointer to buffer that will receive the URL associated with the
// identity information source. The returned URL will be in the form
// of a NULL terminated string.
//
// pSourceUrlBufLen -
// Pointer to variable with the length of the buffer pointed by
// pSourceUrlBuf. On exit it contains the length of the returned
// URL (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Get the URL to the identity source associated with the identity token.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf);
DbgTrace(2, "-GetSourceUrl- Start\n", 0);
// Just call into the identity token
retStatus = pPrincipalIfInstance->pIdenTokenIf->getSourceUrl(pPrincipalIfInstance->pIdenTokenIf,
pSourceUrlBuf,
pSourceUrlLen);
DbgTrace(2, "-GetSourceUrl- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
CasaStatus SSCS_CALL
AttributeEnumerate(
IN const void *pIfInstance,
INOUT int *pEnumHandle,
INOUT char *pAttribNameBuf,
INOUT int *pAttribNameLen,
INOUT char *pAttribValueBuf,
INOUT int *pAttribValueLen)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pEnumHandle -
// Pointer to enumeration handle. Must be set to 0 to start an
// enumeration.
//
// pAttribNameBuf -
// Pointer to buffer that will receive the identity attribute name. The
// returned name will be in the form of a NULL terminated string.
//
// pAttribNameLen -
// Pointer to variable with the length of the buffer pointed by
// pAttribNameBuf. On exit it contains the length of the returned
// name (including the NULL terminator).
//
// pAttribValueBuf -
// Pointer to buffer that will receive the identity attribute value. The
// returned value will be in the form of a NULL terminated string.
//
// pAttribValueLen -
// Pointer to variable with the length of the buffer pointed by
// pAttribValueBuf. On exit it contains the length of the returned
// value (including the NULL terminator).
//
//
// Returns:
// Casa Status
//
// Description:
// Enumerates through the attributes associated with the identity token.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
PrincipalIfInstance *pPrincipalIfInstance = CONTAINING_RECORD(pIfInstance, PrincipalIfInstance, principalIf);
DbgTrace(2, "-AttributeEnumerate- Start\n", 0);
// Just call into the identity token
retStatus = pPrincipalIfInstance->pIdenTokenIf->attributeEnumerate(pPrincipalIfInstance->pIdenTokenIf,
pEnumHandle,
pAttribNameBuf,
pAttribNameLen,
pAttribValueBuf,
pAttribValueLen);
DbgTrace(2, "-AttributeEnumerate- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
GetPrincipalInterface(
IN IdenTokenIf *pIdenTokenIf,
INOUT PrincipalIf **ppPrincipalIf)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Get principal interface instanced for the identity associated
// with specified identity token.
//
// L2
//=======================================================================--
{
PrincipalIfInstance *pPrincipalIfInstance;
CasaStatus retStatus;
DbgTrace(2, "-GetPrincipalInterface- Start\n", 0);
// Create a PrincipalIfInstance object for it.
pPrincipalIfInstance = malloc(sizeof(*pPrincipalIfInstance));
if (pPrincipalIfInstance)
{
// Initialize the PrincipalIf within the instance data
pPrincipalIfInstance->principalIf.addReference = AddReference;
pPrincipalIfInstance->principalIf.releaseReference = ReleaseReference;
pPrincipalIfInstance->principalIf.getIdentityId = GetIdentityId;
pPrincipalIfInstance->principalIf.getSourceName = GetSourceName;
pPrincipalIfInstance->principalIf.getSourceUrl = GetSourceUrl;
pPrincipalIfInstance->principalIf.attributeEnumerate = AttributeEnumerate;
// Keep reference to the identity token interface instance
pPrincipalIfInstance->pIdenTokenIf = pIdenTokenIf;
pIdenTokenIf->addReference(pIdenTokenIf);
// Return the PrincipalIf associated with the instance data after
// incrementing its reference count.
pPrincipalIfInstance->refCount ++;
*ppPrincipalIf = &pPrincipalIfInstance->principalIf;
// Bump up our interface instance count
PlatAcquireMutex(g_principalIfMutex);
g_numPrincipalIfObjs ++;
PlatReleaseMutex(g_principalIfMutex);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-GetPrincipalInterface- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(2, "-GetPrincipalInterface- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
PrincipalIfInit(void)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Initializes the principal interface complex.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
DbgTrace(1, "-PrincipalIfInit- Start\n", 0);
// Allocate mutex
if ((g_principalIfMutex = PlatAllocMutex()) != NULL)
retStatus = CASA_STATUS_SUCCESS;
else
retStatus = CasaStatusBuild(CASA_SEVERITY_INFORMATIONAL,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
DbgTrace(1, "-PrincipalIfInit- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
PrincipalIfUninit(void)
//
// Arguments:
//
// Returns:
// Casa Status
//
// Description:
// Uninitializes the configuration interface complex.
//
// L2
//=======================================================================--
{
DbgTrace(1, "-PrincipalIfUninit- Start\n", 0);
// Free mutex if necessary
if (g_principalIfMutex)
{
PlatDestroyMutex(g_principalIfMutex);
g_principalIfMutex = NULL;
}
DbgTrace(1, "-PrincipalIfUninit- End\n", 0);
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

321
CASA-auth-token/server/AuthTokenValidate/util.c
View File

@@ -1,321 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// Tables for Base64 encoding and decoding
static const int8_t g_Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const uint8_t g_Expand64[256] =
{
/* ASCII table */
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64,
64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64
};
//++=======================================================================
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen)
//
// Arguments:
//
// Returns:
//
// Description:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
int encodedSize;
char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0);
// Determine the encoded size and allocate a buffer to hold the encoded data
encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4;
pTmp = (char*) malloc(encodedSize);
*ppEncodedData = pTmp;
if (*ppEncodedData)
{
uint8_t *pOut, *pIn;
int i;
// Setup pointers to move through the buffers
pIn = (uint8_t*) pData;
pOut = (uint8_t*) *ppEncodedData;
// Perform the encoding
for (i = 0; i < dataLen - 2; i += 3)
{
*pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
*pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) |
((int32_t)(pIn[i + 2] & 0xC0) >> 6)];
*pOut++ = g_Base64[pIn[i + 2] & 0x3F];
}
if (i < dataLen)
{
*pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
if (i == (dataLen - 1))
{
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4)];
*pOut++ = '=';
}
else
{
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
*pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)];
}
*pOut++ = '=';
}
*pOut++ = '\0';
// Return the encoded data length
*pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen)
//
// Arguments:
//
// Returns:
//
// Description:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
int i, j;
int decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0);
// Determine the decoded size
for (i = 0, j = 0; i < encodedDataLen; i++)
if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64)
j++;
decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
{
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
int
dtoul(
IN char *cp,
IN int len)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
int n = 0;
int i;
DbgTrace(2, "-dtoul- Start\n", 0);
for (i = 0; i < len; i++, cp++)
{
// Verify that we are dealing with a valid digit
if (*cp >= '0' && *cp <= '9')
{
n = 10 * n + (*cp - '0');
}
else
{
DbgTrace(0, "-dtoul- Found invalid digit\n", 0);
break;
}
}
DbgTrace(2, "-dtoul- End, result = %d\n", n);
return n;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

244
CASA-auth-token/server/AuthTokenValidate/validate.c
View File

@@ -1,244 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// Debug Level
int DebugLevel = 0;
//
// Initialization variables
//
static
bool g_moduleInitialized = false;
//++=======================================================================
CasaStatus SSCS_CALL
ValidateAuthToken(
IN const char *pServiceName,
IN const char *pTokenBuf,
IN const int tokenBufLen,
INOUT PrincipalIf **ppPrincipalIf)
//
// Arguments:
// pServiceName -
// Pointer to NULL terminated string that contains the
// name of the service targeted by the token.
//
// pTokenBuf -
// Pointer to buffer that will receive the authentication
// token. The length of this buffer is specified by the
// pTokenBufLen parameter. Note that the the authentication
// token will be in the form of a NULL terminated string.
//
// tokenBufLen -
// Length of the data contained within the buffer pointed
// at by pTokenBuf.
//
// ppPrincipalIf -
// Pointer to variable that will receive a pointer to a principal
// interface with information about the authenticated entity.
// IMPORTANT NOTE: The caller is responsible for releasing the
// interface after it is done with it to avoid a resource leak.
//
// Returns:
// Casa status.
//
// Description:
// Validates authentication token.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
char *pDecodedTokenBuf;
int decodedTokenBufLen;
PrincipalIf *pPrincipalIf;
DbgTrace(1, "-ValidateAuthToken- Start\n", 0);
// Validate input parameters
if (pServiceName == NULL
|| pTokenBuf == NULL
|| tokenBufLen == 0
|| ppPrincipalIf == NULL)
{
DbgTrace(0, "-ValidateAuthToken- Invalid input parameter\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INVALID_PARAMETER);
goto exit;
}
// Make sure that the module has been initialized
if (g_moduleInitialized == false)
{
// The module has not been initialized, synchronize access thought this section
// to avoid having two threads performing initialization.
AcquireModuleMutex;
// Assume success
retStatus = CASA_STATUS_SUCCESS;
// Check again in case another thread pre-empted us.
if (g_moduleInitialized == false)
{
// Initialize the ConfigIf complex
retStatus = ConfigIfInit();
if (CASA_SUCCESS(retStatus))
{
// Initialize the PrincipalIf complex
retStatus = PrincipalIfInit();
if (CASA_SUCCESS(retStatus))
{
// Initialize the IdenToken complex
retStatus = IdenTokenInit();
if (CASA_SUCCESS(retStatus))
{
// Success
g_moduleInitialized = true;
}
else
{
PrincipalIfUninit();
ConfigIfUninit();
}
}
else
{
ConfigIfUninit();
}
}
}
// Stop synchronization
ReleaseModuleMutex;
// Exit if we failed
if (g_moduleInitialized == false)
goto exit;
}
// First decode the token string
retStatus = DecodeData(pTokenBuf,
tokenBufLen,
(void**) &pDecodedTokenBuf,
&decodedTokenBufLen);
if (CASA_SUCCESS(retStatus))
{
AuthToken *pAuthToken;
// Token was decoded successfully, now create an authentication token object with it.
retStatus = CreateAuthToken(pDecodedTokenBuf, decodedTokenBufLen, &pAuthToken);
if (CASA_SUCCESS(retStatus))
{
// Now check the validity of the token
retStatus = CheckAuthToken(pAuthToken, pServiceName);
if (CASA_SUCCESS(retStatus))
{
IdenTokenProviderIf *pIdenTokenProviderIf;
// The token was validated, now
// Obtain Identity Token Provider interface
retStatus = GetIdenTokenProviderInterface(pAuthToken->pIdenTokenType,
&pIdenTokenProviderIf);
if (CASA_SUCCESS(retStatus))
{
IdenTokenIf *pIdenTokenIf;
// Use the Identity Token Provider to get an Identity Token Interface instance
retStatus = pIdenTokenProviderIf->getIdentityTokenIf(pIdenTokenProviderIf,
pAuthToken->pIdenToken,
pAuthToken->idenTokenLen,
&pIdenTokenIf);
if (CASA_SUCCESS(retStatus))
{
// Now create a principal interface instance with the identity information present in
// the identity token.
retStatus = GetPrincipalInterface(pIdenTokenIf, &pPrincipalIf);
if (CASA_SUCCESS(retStatus))
{
// Success, return the principal interface to the caller.
*ppPrincipalIf = pPrincipalIf;
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to instantiate principal interface\n", 0);
}
// Release identity token interface
pIdenTokenIf->releaseReference(pIdenTokenIf);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to instantiate identity token\n", 0);
}
// Release identity token provider interface
pIdenTokenProviderIf->releaseReference(pIdenTokenProviderIf);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to obtain identity token provider interface\n", 0);
}
}
// Free the AuthToken object
RelAuthToken(pAuthToken);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to create authentication token object\n", 0);
}
// Free the decoded token buffer
free(pDecodedTokenBuf);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Token decode failure\n", 0);
}
exit:
DbgTrace(1, "-ValidateAuthToken- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================