From b9fa3eab0ce2b2a4f53a62cdf4bd871928dc1465 Mon Sep 17 00:00:00 2001 From: S Rahul Date: Fri, 9 Oct 2009 08:46:35 +0000 Subject: [PATCH] Multiple changes for Bug #543064 1. Provided SetATSHostList() API for changing the ATS address dynamically 2. Not using CASA enabled server as ATS. ATS address has to be explicitly set in client.conf or through SetATSHostList() 3. Not normalizing CASA enabled server's host name while obtaining CASA tokens. Callers of ObtainAuthTokenEx() have to pass normalized name as argument --- .../Novell.Casa.Authtoken/Authtoken.cs | 21 ++ .../client/include/casa_c_authtoken.h | 17 ++ CASA-auth-token/client/library/engine.c | 229 ++++++++---------- .../client/library/windows/authtoken.def | 3 +- .../client/library/windows/client.vcproj | 8 +- 5 files changed, 143 insertions(+), 135 deletions(-) diff --git a/CASA-auth-token/client/csharp-api/Novell.Casa.Authtoken/Authtoken.cs b/CASA-auth-token/client/csharp-api/Novell.Casa.Authtoken/Authtoken.cs index 2f05a0ee..008d8ab5 100644 --- a/CASA-auth-token/client/csharp-api/Novell.Casa.Authtoken/Authtoken.cs +++ b/CASA-auth-token/client/csharp-api/Novell.Casa.Authtoken/Authtoken.cs @@ -60,6 +60,12 @@ namespace Novell.Casa.Client.Auth [In, Out] ref int iTokenLength ); + [DllImport(AUTH_LIBRARY, EntryPoint="SetATSHostList", CharSet=CharSet.None) ] + private static extern int _SetATSHostList + ( + [In] String[] ATSHostList + ); + [DllImport(AUTH_LIBRARY, CharSet=CharSet.None) ] private static extern int ObtainAuthTokenEx ( @@ -195,6 +201,21 @@ namespace Novell.Casa.Client.Auth } } + public static int SetATSHostList(string[] ATSHostList) + { + int i, numHosts; + string[] hostList; + + /* Null termination */ + numHosts = ATSHostList.Length; + hostList = new string[numHosts + 1]; + for (i = 0; i < numHosts; i++) { + hostList[i] = ATSHostList[i]; + } + + return _SetATSHostList(hostList); + } + public static void CleanUpAuthTokenCache(WinLuid luid) { SSCS_EXT_T ext = new SSCS_EXT_T(); diff --git a/CASA-auth-token/client/include/casa_c_authtoken.h b/CASA-auth-token/client/include/casa_c_authtoken.h index 10a8a585..5253bdc8 100644 --- a/CASA-auth-token/client/include/casa_c_authtoken.h +++ b/CASA-auth-token/client/include/casa_c_authtoken.h @@ -107,6 +107,23 @@ CleanUpAuthTokenCache(void); // Flush the AuthToken cache. //=======================================================================-- +//++======================================================================= +extern CasaStatus SSCS_CALL +SetATSHostList( + IN const char * const ATSHostList[]); +// +// Arguments: +// ATSHostList - +// Pointer to NULL terminated array of ATS servers of form : +// +// Returns: +// Casa Status +// +// Description: +// Set the list of ATS servers contacted. Can be used to override the +// 'ATSHostList' parameter in client.conf. +//=======================================================================-- + #if defined(__cplusplus) || defined(c_plusplus) } diff --git a/CASA-auth-token/client/library/engine.c b/CASA-auth-token/client/library/engine.c index 384f11f1..64900550 100644 --- a/CASA-auth-token/client/library/engine.c +++ b/CASA-auth-token/client/library/engine.c @@ -606,7 +606,6 @@ ObtainAuthTokenInt( { CasaStatus retStatus = CASA_STATUS_SUCCESS; AuthCacheEntry *pCacheEntry; - char *pNormalizedHostName; char *pToken; HANDLE hUserMutex = NULL; @@ -658,101 +657,13 @@ ObtainAuthTokenInt( // Release our synchronization mutex ReleaseModuleMutex; - // Normalize the host name - pNormalizedHostName = NormalizeHostName(pHostName); - if (pNormalizedHostName) { - bool setupHostEntries = true; - char *pHostNameAnd443 = NULL; - char *pHostNameAnd2645 = NULL; - char *pNormalizedHostNameAnd443 = NULL; - char *pNormalizedHostNameAnd2645 = NULL; - ATSHostEntry serviceHostEntry443 = {{NULL, NULL}, NULL, NULL, 0}; - ATSHostEntry serviceHostEntry2645 = {{NULL, NULL}, NULL, NULL, 0}; - ATSHostEntry serviceNormalizedHostEntry443 = {{NULL, NULL}, NULL, NULL, 0}; - ATSHostEntry serviceNormalizedHostEntry2645 = {{NULL, NULL}, NULL, NULL, 0}; LIST_ENTRY *pListEntry; ATSHostEntry *pHostEntryInUse; // Start user process synchronization AcquireUserMutex(hUserMutex); - // Determine if we should setup host entries for the - // host where the service resides. - pListEntry = g_ATSHostList.Flink; - while(pListEntry != &g_ATSHostList) - { - pHostEntryInUse = CONTAINING_RECORD(pListEntry, ATSHostEntry, listEntry); - if (strcmp(pHostEntryInUse->pName, pHostName) == 0 - || strcmp(pHostEntryInUse->pName, pNormalizedHostName) == 0) - { - // The service's host is already in our list - setupHostEntries = false; - break; - } - - // Advance to the next entry - pListEntry = pListEntry->Flink; - } - - // Setup host entries for the service's host if necessary - if (setupHostEntries) - { - // Allocate space for the host name and port strings - pHostNameAnd443 = malloc(strlen(pHostName) + 5); - pHostNameAnd2645 = malloc(strlen(pHostName) + 6); - if (pHostNameAnd443 != NULL - && pHostNameAnd2645 != NULL) - { - sprintf(pHostNameAnd443, "%s:%d", pHostName, 443); - sprintf(pHostNameAnd2645, "%s:%d", pHostName, 2645); - - serviceHostEntry2645.pNameAndPort = pHostNameAnd2645; - serviceHostEntry2645.pName = pHostName; - serviceHostEntry2645.port = 2645; - InsertHeadList(&g_ATSHostList, &serviceHostEntry2645.listEntry); - - serviceHostEntry443.pNameAndPort = pHostNameAnd443; - serviceHostEntry443.pName = pHostName; - serviceHostEntry443.port = 443; - InsertHeadList(&g_ATSHostList, &serviceHostEntry443.listEntry); - - // Check if we should also setup host entries using the service's - // normalized host name. - if (strcmp(pHostName, pNormalizedHostName) != 0) - { - // The host name given and the normalized name are different. Let's - // improve the odds by also trying to utilize the normalized name. - pNormalizedHostNameAnd443 = malloc(strlen(pNormalizedHostName) + 5); - pNormalizedHostNameAnd2645 = malloc(strlen(pNormalizedHostName) + 6); - if (pNormalizedHostNameAnd443 != NULL - && pNormalizedHostNameAnd2645 != NULL) - { - sprintf(pNormalizedHostNameAnd443, "%s:%d", pNormalizedHostName, 443); - sprintf(pNormalizedHostNameAnd2645, "%s:%d", pNormalizedHostName, 2645); - - serviceNormalizedHostEntry2645.pNameAndPort = pNormalizedHostNameAnd2645; - serviceNormalizedHostEntry2645.pName = pNormalizedHostName; - serviceNormalizedHostEntry2645.port = 2645; - InsertHeadList(&g_ATSHostList, &serviceNormalizedHostEntry2645.listEntry); - - serviceNormalizedHostEntry443.pNameAndPort = pNormalizedHostNameAnd443; - serviceNormalizedHostEntry443.pName = pNormalizedHostName; - serviceNormalizedHostEntry443.port = 443; - InsertHeadList(&g_ATSHostList, &serviceNormalizedHostEntry443.listEntry); - } - else - { - DbgTrace(0, "-ObtainAuthTokenInt- Buffer allocation failure\n", 0); - } - } - } - else - { - DbgTrace(0, "-ObtainAuthTokenInt- Buffer allocation failure\n", 0); - } - } - // Now try to obtain an authentication token using the // host entries at our disposal. pListEntry = g_ATSHostList.Flink; @@ -763,7 +674,7 @@ ObtainAuthTokenInt( // Try to find a cache entry for the service pCacheEntry = FindAuthTokenEntryInCache(pServiceName, - pNormalizedHostName, + pHostName, pHostEntryInUse, pCredStoreScope); if (pCacheEntry == NULL) @@ -777,7 +688,7 @@ ObtainAuthTokenInt( pToken = NULL; retStatus = ObtainAuthTokenFromServer(pServiceName, pHostName, - pNormalizedHostName, + pHostName, pHostEntryInUse, pCredStoreScope, &pToken, @@ -790,7 +701,7 @@ ObtainAuthTokenInt( { retStatus = ObtainAuthTokenFromServer(pServiceName, pHostName, - pNormalizedHostName, + pHostName, pHostEntryInUse, pCredStoreScope, &pToken, @@ -810,7 +721,7 @@ ObtainAuthTokenInt( || opEndTime >= (opStartTime + (BAD_CACHE_TRIGER_TIME * 1000))) { pCacheEntry = CreateAuthTokenCacheEntry(pServiceName, - pNormalizedHostName, + pHostName, pHostEntryInUse, retStatus, pToken, @@ -883,45 +794,8 @@ ObtainAuthTokenInt( pListEntry = pListEntry->Flink; } - // Unlink the service host entries if necessary - if (pHostNameAnd443 != NULL - && pHostNameAnd2645 != NULL) - { - RemoveEntryList(&serviceHostEntry2645.listEntry); - RemoveEntryList(&serviceHostEntry443.listEntry); - - if (pNormalizedHostNameAnd443 != NULL - && pNormalizedHostNameAnd2645 != NULL) - { - RemoveEntryList(&serviceNormalizedHostEntry2645.listEntry); - RemoveEntryList(&serviceNormalizedHostEntry443.listEntry); - } - } - // Stop user process synchronization ReleaseUserMutex(hUserMutex); - - // Free the space allocated during processing of the request - if (pHostNameAnd443) - free(pHostNameAnd443); - - if (pHostNameAnd2645) - free(pHostNameAnd2645); - - if (pNormalizedHostNameAnd443) - free(pNormalizedHostNameAnd443); - - if (pNormalizedHostNameAnd2645) - free(pNormalizedHostNameAnd2645); - - free(pNormalizedHostName); - } - else - { - DbgTrace(0, "-ObtainAuthTokenInt- Host name normalization failed\n", 0); - retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR, - CASA_FACILITY_AUTHTOKEN, - CASA_STATUS_NAME_RESOLVE_ERROR); } exit: @@ -1152,6 +1026,101 @@ CreateATSHostEntry( DbgTrace(1, "-CreateATSHostEntry- Exit\n", 0); } +//++======================================================================= +CasaStatus SSCS_CALL +SetATSHostList( + IN const char * const ATSHostList[]) +// +// Arguments: +// ATSHostList - +// Pointer to NULL terminated array of ATS servers of form : +// +// Returns: +// Casa Status +// +// Description: +// Set the list of ATS servers contacted. Can be used to override the +// 'ATSHostList' parameter in client.conf. +//=======================================================================-- +{ + int i, retStatus = CASA_STATUS_SUCCESS; + uint16_t port; + char address[256]; + LIST_ENTRY *pListEntry; + ATSHostEntry *pHostEntry; + HANDLE hUserMutex = NULL; + + DbgTrace(1, "-SetATSHostList- Start\n", 0); + + for (i = 0; ATSHostList[i] != NULL; i++) { + int ret; + ret = sscanf(ATSHostList[i], "%[^:]:%hu", address, &port); + if (ret != 2) { + DbgTrace(0, "-SetATSHostList- Invalid entry: %s\n", ATSHostList[i]); + retStatus = CASA_STATUS_INVALID_PARAMETER; + goto exit; + } + } + + /* Obtain our synchronization mutex */ + AcquireModuleMutex; + + /* Create user synchronization mutex */ + retStatus = CreateUserMutex(&hUserMutex); + if (retStatus != CASA_STATUS_SUCCESS) + { + DbgTrace(0, "-SetATSHostList- Error creating mutex for the user\n", 0); + goto exit; + } + + /* Make sure we are fully initialized */ + if (g_bInitialized == false) { + retStatus = InitializeLibrary(); + + if (retStatus == CASA_STATUS_SUCCESS) + g_bInitialized = true; + else + goto exit; + } + + /* Release our synchronization mutex */ + ReleaseModuleMutex; + + AcquireUserMutex(hUserMutex); + + /* Cleanup the old ATS list */ + pListEntry = g_ATSHostList.Flink; + if (pListEntry) + { + DbgTrace(0, "-SetATSHostList- Flushing ATS host list\n", 0); + while (pListEntry != &g_ATSHostList) { + pHostEntry = CONTAINING_RECORD(pListEntry, ATSHostEntry, listEntry); + RemoveEntryList(pListEntry); + free(pHostEntry->pNameAndPort); + free(pHostEntry->pName); + free(pHostEntry); + pListEntry = g_ATSHostList.Flink; + } + } + InitializeListHead(&g_ATSHostList); + + for (i = 0; ATSHostList[i] != NULL; i++) { + sscanf(ATSHostList[i], "%[^:]:%hu", address, &port); + CreateATSHostEntry(address, port); + DbgTrace(0, "-SetATSHostList- Adding ATS host %s\n", ATSHostList[i]); + } + + ReleaseUserMutex(hUserMutex); + +exit: + + if (hUserMutex != NULL) + DestroyUserMutex(hUserMutex); + + DbgTrace(1, "-SetATSHostList- End, retStatus = %08X\n", retStatus); + + return retStatus; +} //++======================================================================= int diff --git a/CASA-auth-token/client/library/windows/authtoken.def b/CASA-auth-token/client/library/windows/authtoken.def index 6263acdd..eae2c3f7 100644 --- a/CASA-auth-token/client/library/windows/authtoken.def +++ b/CASA-auth-token/client/library/windows/authtoken.def @@ -8,6 +8,7 @@ EXPORTS ; DllGetClassObject PRIVATE ObtainAuthToken PRIVATE ObtainAuthTokenEx PRIVATE + SetATSHostList PRIVATE CleanUpAuthTokenCache PRIVATE CleanUpAuthTokenCacheEx PRIVATE -; DllCanUnloadNow PRIVATE \ No newline at end of file +; DllCanUnloadNow PRIVATE diff --git a/CASA-auth-token/client/library/windows/client.vcproj b/CASA-auth-token/client/library/windows/client.vcproj index d8622714..2e11d570 100644 --- a/CASA-auth-token/client/library/windows/client.vcproj +++ b/CASA-auth-token/client/library/windows/client.vcproj @@ -68,7 +68,7 @@