From b5a6a452e86b297e25017538b1c0e9881331443e Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Mon, 29 Jan 2007 10:46:18 +0000 Subject: [PATCH] Added code to allow us to un-initialize the library when it is unloaded. These changes allow library un-initialization to work for Windows. More code needs to be added to un-initialize the library under Linux. --- CASA-auth-token/client/library/cache.c | 112 +++++++++++++++++- CASA-auth-token/client/library/engine.c | 58 +++++++-- CASA-auth-token/client/library/internal.h | 15 +++ .../client/library/windows/dllsup.c | 4 +- .../client/library/windows/platform.c | 63 ++++++++++ CASA-auth-token/client/library/windows/rpc.c | 31 ++++- 6 files changed, 264 insertions(+), 19 deletions(-) diff --git a/CASA-auth-token/client/library/cache.c b/CASA-auth-token/client/library/cache.c index 40f96fcb..2e68b4c5 100644 --- a/CASA-auth-token/client/library/cache.c +++ b/CASA-auth-token/client/library/cache.c @@ -46,6 +46,8 @@ typedef struct _WrapperAuthCacheEntry //===[ Global variables ]================================================== +static +BOOLEAN g_authCacheInitialized = FALSE; HANDLE g_hCASAContext; @@ -448,8 +450,19 @@ FindSessionTokenEntryInCache( if (pEntry->doesNotExpire == false && CacheEntryLifetimeExpired(pEntry->creationTime, pEntry->expirationTime)) { - // Remove the entry ??? - //miCASARemoveBinaryKey(); + // Remove the entry from the cache + miCasaStatus = miCASARemoveKey(g_hCASAContext, + 0, + &sessionKeyChain, + &sharedId, + (SS_UTF8_T*) pCacheKey, + (uint32_t) strlen(pCacheKey) + 1, + (SSCS_PASSWORD_T*) NULL, + (SSCS_EXT_T*) pCredStoreScope); + if (miCasaStatus != NSSCS_SUCCESS) + { + DbgTrace(0, "-FindSessionTokenEntryInCache- miCASARemoveKey error = %0X\n", miCasaStatus); + } FreeAuthCacheEntry(pEntry); pEntry = NULL; @@ -550,8 +563,19 @@ FindAuthTokenEntryInCache( if (pEntry->doesNotExpire == false && CacheEntryLifetimeExpired(pEntry->creationTime, pEntry->expirationTime)) { - // Remove the entry ??? - //miCASARemoveBinaryKey(); + // Remove the entry from the cache + miCasaStatus = miCASARemoveKey(g_hCASAContext, + 0, + &sessionKeyChain, + &sharedId, + (SS_UTF8_T*) pKey, + keySize, + (SSCS_PASSWORD_T*) NULL, + (SSCS_EXT_T*) pCredStoreScope); + if (miCasaStatus != NSSCS_SUCCESS) + { + DbgTrace(0, "-FindAuthTokenEntryInCache- miCASARemoveKey error = %0X\n", miCasaStatus); + } FreeAuthCacheEntry(pEntry); pEntry = NULL; @@ -575,6 +599,48 @@ FindAuthTokenEntryInCache( } +//++======================================================================= +void +RemoveSessionTokenEntryInCache( + IN const char *pCacheKey, + IN void *pCredStoreScope + ) +// +// Arguments: +// +// Returns: +// +// Abstract: +// +// Notes: +// +// L2 +//=======================================================================-- +{ + int32_t miCasaStatus; + SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; + SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"}; + + DbgTrace(1, "-RemoveSessionTokenEntryInCache- Start\n", 0); + + // Remove the entry from the cache + miCasaStatus = miCASARemoveKey(g_hCASAContext, + 0, + &sessionKeyChain, + &sharedId, + (SS_UTF8_T*) pCacheKey, + (uint32_t) strlen(pCacheKey) + 1, + (SSCS_PASSWORD_T*) NULL, + (SSCS_EXT_T*) pCredStoreScope); + if (miCasaStatus != NSSCS_SUCCESS) + { + DbgTrace(0, "-RemoveSessionTokenEntryInCache- miCASARemoveKey error = %0X\n", miCasaStatus); + } + + DbgTrace(1, "-RemoveSessionTokenEntryInCache- End\n", 0); +} + + //++======================================================================= CasaStatus InitializeAuthCache() @@ -609,6 +675,7 @@ InitializeAuthCache() } else { + g_authCacheInitialized = TRUE; retStatus = CASA_STATUS_SUCCESS; } @@ -618,6 +685,43 @@ InitializeAuthCache() } +//++======================================================================= +void +UnInitializeAuthCache() +// +// Arguments: +// +// Returns: +// +// Abstract: +// +// Notes: +// +// L2 +//=======================================================================-- +{ + CasaStatus retStatus; + SSCS_SECRETSTORE_T ssId; + + DbgTrace(1, "-UnInitializeAuthCache- Start\n", 0); + + // Proceed if initialized + if (g_authCacheInitialized) + { + // Close the secret store cache + miCASACloseSecretStoreCache(g_hCASAContext, + 0, + NULL); + + // Forget about being initialized + g_hCASAContext = NULL; + g_authCacheInitialized = FALSE; + } + + DbgTrace(1, "-UnInitializeAuthCache- End\n", 0); +} + + //++======================================================================= //++======================================================================= //++======================================================================= diff --git a/CASA-auth-token/client/library/engine.c b/CASA-auth-token/client/library/engine.c index ed741b37..d13177a6 100644 --- a/CASA-auth-token/client/library/engine.c +++ b/CASA-auth-token/client/library/engine.c @@ -32,8 +32,8 @@ #define DEFAULT_RETRY_LIFETIME 5 // seconds #ifndef CASA_STATUS_NAME_RESOLVE_ERROR -#define CASA_STATUS_NAME_RESOLVE_ERROR ((CasaStatus)0x00000024) -#endif +#define CASA_STATUS_NAME_RESOLVE_ERROR ((CasaStatus)0x00000024) +#endif //===[ Function prototypes ]=============================================== @@ -64,7 +64,8 @@ ObtainSessionToken( IN AuthPolicy *pAuthPolicy, IN const char *pHostName, IN void *pCredStoreScope, - INOUT char **ppSessionToken) + INOUT char **ppSessionToken, + INOUT AuthContext **ppSessionTokenAuthContext) // // Arguments: // @@ -82,6 +83,7 @@ ObtainSessionToken( CASA_STATUS_UNSUCCESSFUL); LIST_ENTRY *pListEntry; AuthCacheEntry *pCacheEntry = NULL; + AuthContext *pAuthContext; DbgTrace(1, "-ObtainSessionToken- Start\n", 0); @@ -93,8 +95,6 @@ ObtainSessionToken( pListEntry = pAuthPolicy->authContextListHead.Flink; while (pListEntry != &pAuthPolicy->authContextListHead) { - AuthContext *pAuthContext; - // Get pointer to AuthContext structure pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry); @@ -126,8 +126,7 @@ ObtainSessionToken( while (!CASA_SUCCESS(retStatus) && pListEntry != &pAuthPolicy->authContextListHead) { - AuthContext *pAuthContext; - char *pAuthMechToken; + char *pAuthMechToken; // Get pointer to AuthContext structure pAuthContext = CONTAINING_RECORD(pListEntry, AuthContext, listEntry); @@ -272,6 +271,9 @@ ObtainSessionToken( { // Copy the token onto the allocated buffer strcpy(*ppSessionToken, pCacheEntry->token); + + // Return pointer to AuthContext associated with the session token + *ppSessionTokenAuthContext = pAuthContext; } else { @@ -358,12 +360,15 @@ ObtainAuthTokenFromServer( &pAuthPolicy); if (CASA_SUCCESS(retStatus)) { + AuthContext *pSessionTokenAuthContext = NULL; + // Now try to obtain a session token retStatus = ObtainSessionToken(pRpcSession, pAuthPolicy, (g_pATSHostName != NULL) ? g_pATSHostName : pHostName, pCredStoreScope, - &pSessionToken); + &pSessionToken, + &pSessionTokenAuthContext); if (CASA_SUCCESS(retStatus)) { // Request auth token for the service @@ -399,6 +404,13 @@ ObtainAuthTokenFromServer( else { DbgTrace(0, "-ObtainAuthTokenFromServer- Failed to create GetAuthTokenResp object, error = %08X\n", retStatus); + + // Remove the session token from the cache in case that it was due to a bad session token + if (pSessionTokenAuthContext) + { + RemoveSessionTokenEntryInCache(pSessionTokenAuthContext->pContext, + pCredStoreScope); + } } } else @@ -980,6 +992,36 @@ InitializeLibrary(void) } +//++======================================================================= +void +UnInitializeLibrary(void) +// +// Arguments: +// +// Returns: +// +// Abstract: +// +// Notes: +// +// L2 +//=======================================================================-- +{ + DbgTrace(1, "-UnInitializeLibrary- Start\n", 0); + + // Un-initialize the host name normalization + UnInitializeHostNameNormalization(); + + // Un-initialize the auth cache + UnInitializeAuthCache(); + + // Un-initialize the Rpc engine + UnInitializeRpc(); + + DbgTrace(1, "-UnInitializeLibrary- End\n", 0); +} + + //++======================================================================= //++======================================================================= //++======================================================================= diff --git a/CASA-auth-token/client/library/internal.h b/CASA-auth-token/client/library/internal.h index aa101e50..e300628b 100644 --- a/CASA-auth-token/client/library/internal.h +++ b/CASA-auth-token/client/library/internal.h @@ -281,6 +281,12 @@ FindAuthTokenEntryInCache( IN const char *pGroupOrHostName, IN void *pCredStoreScope); +extern +void +RemoveSessionTokenEntryInCache( + IN const char *pCacheKey, + IN void *pCredStoreScope); + extern CasaStatus InitializeAuthCache(void); @@ -349,6 +355,10 @@ extern CasaStatus InitializeHostNameNormalization(void); +extern +void +UnInitializeHostNameNormalization(void); + // // Functions exported by rpc.c // @@ -382,6 +392,11 @@ extern CasaStatus InitializeRpc(void); +extern +void +UnInitializeRpc(void); + + // // Functions exported by utils.c // diff --git a/CASA-auth-token/client/library/windows/dllsup.c b/CASA-auth-token/client/library/windows/dllsup.c index 25019123..46fe7ac3 100644 --- a/CASA-auth-token/client/library/windows/dllsup.c +++ b/CASA-auth-token/client/library/windows/dllsup.c @@ -179,9 +179,7 @@ BOOL APIENTRY DllMain( case DLL_PROCESS_DETACH: { - /* Don't uninitialize on windows - tbd - */ + UnInitializeLibrary(); break; } } diff --git a/CASA-auth-token/client/library/windows/platform.c b/CASA-auth-token/client/library/windows/platform.c index 41862696..8ff90a2c 100644 --- a/CASA-auth-token/client/library/windows/platform.c +++ b/CASA-auth-token/client/library/windows/platform.c @@ -45,6 +45,9 @@ typedef struct _NormalizedHostNameCacheEntry //===[ Global variables ]================================================== +static +BOOLEAN hostNameNormalizationInitialized = FALSE; + // Normalized host name cache list head static LIST_ENTRY normalizedHostNameCacheListHead; @@ -64,6 +67,7 @@ char mechConfigFolder[MAX_PATH + sizeof(mechConfigFolderPartialPath)]; // Path separator char pathCharString[] = "\\"; + //++======================================================================= CasaStatus CreateUserMutex( @@ -585,11 +589,13 @@ InitializeHostNameNormalization(void) NULL); if (hNormalizedHostNameCacheMutex != NULL) { + hostNameNormalizationInitialized = TRUE; retStatus = CASA_STATUS_SUCCESS; } else { DbgTrace(0, "-InitializeHostNameNormalization- CreateMutex failed, error = %d\n", GetLastError()); + WSACleanup(); } } else @@ -603,6 +609,63 @@ InitializeHostNameNormalization(void) } +//++======================================================================= +void +UnInitializeHostNameNormalization(void) +// +// Arguments: +// +// Returns: +// +// Abstract: +// +// Notes: +// +// L2 +//=======================================================================-- +{ + LIST_ENTRY *pListEntry; + NormalizedHostNameCacheEntry *pEntry = NULL; + + DbgTrace(1, "-UnInitializeHostNameNormalization- Start\n", 0); + + // Proceed if initialization succeeded + if (hostNameNormalizationInitialized) + { + // Un-initialize winsock + WSACleanup(); + + // Free up any normalized host names in our cache + pListEntry = normalizedHostNameCacheListHead.Flink; + while (pListEntry != &normalizedHostNameCacheListHead) + { + // Get pointer to the entry + pEntry = CONTAINING_RECORD(pListEntry, NormalizedHostNameCacheEntry, listEntry); + + // Remove the entry from the list + RemoveEntryList(pListEntry); + + // Free the entry + if (pEntry->pHostName) + free(pEntry->pHostName); + + if (pEntry->pNormalizedHostName) + free(pEntry->pNormalizedHostName); + + free(pEntry); + + // Try to go to the next entry + pListEntry = normalizedHostNameCacheListHead.Flink; + } + + // Forget about being initialized + hostNameNormalizationInitialized = FALSE; + } + + DbgTrace(1, "-UnInitializeHostNameNormalization- End", 0); +} + + //++======================================================================= //++======================================================================= //++======================================================================= diff --git a/CASA-auth-token/client/library/windows/rpc.c b/CASA-auth-token/client/library/windows/rpc.c index 70f63b88..8217889e 100644 --- a/CASA-auth-token/client/library/windows/rpc.c +++ b/CASA-auth-token/client/library/windows/rpc.c @@ -359,8 +359,8 @@ InternalRpc( #define RPC_TARGET_FMT_STRING "CasaAuthTokenSvc/Rpc?method=%s" #ifndef CASA_STATUS_INVALID_SERVER_CERTIFICATE -#define CASA_STATUS_INVALID_SERVER_CERTIFICATE ((CasaStatus)0x00000023) -#endif +#define CASA_STATUS_INVALID_SERVER_CERTIFICATE ((CasaStatus)0x00000023) +#endif CasaStatus retStatus = CASA_STATUS_SUCCESS; char *pRpcTarget; @@ -729,7 +729,7 @@ InternalRpc( CASA_STATUS_INSUFFICIENT_RESOURCES); } - DbgTrace(1, "-InternalRpc- End, retStatus = %d\n", retStatus); + DbgTrace(1, "-InternalRpc- End, retStatus = %0X\n", retStatus); return retStatus; } @@ -778,7 +778,7 @@ Rpc( } while (CasaStatusCode(retStatus) == CASA_STATUS_AUTH_SERVER_UNAVAILABLE && retries < MAX_RPC_RETRIES); - DbgTrace(1, "-Rpc- End, retStatus = %d\n", retStatus); + DbgTrace(1, "-Rpc- End, retStatus = %0X\n", retStatus); return retStatus; } @@ -811,6 +811,29 @@ InitializeRpc(void) } +//++======================================================================= +void +UnInitializeRpc(void) +// +// Arguments: +// +// Returns: +// +// Abstract: +// +// Notes: +// +// L2 +//=======================================================================-- +{ + DbgTrace(1, "-UnInitializeRpc- Start\n", 0); + + // Nothing to do for windows + + DbgTrace(1, "-UnInitializeRpc- End\n", 0); +} + + //++======================================================================= //++======================================================================= //++=======================================================================