Multiple changes for Bug #543064

1. Provided SetATSHostList() API for changing the ATS address dynamically
2. Not using CASA enabled server as ATS. ATS address has to be explicitly set
   in client.conf or through SetATSHostList()
3. Not normalizing CASA enabled server's host name while obtaining CASA tokens.
   Callers of ObtainAuthTokenEx() have to pass normalized name as argument
This commit is contained in:
S Rahul 2009-10-09 08:46:35 +00:00
parent d1bfab390c
commit b9fa3eab0c
5 changed files with 143 additions and 135 deletions

View File

@ -60,6 +60,12 @@ namespace Novell.Casa.Client.Auth
[In, Out] ref int iTokenLength [In, Out] ref int iTokenLength
); );
[DllImport(AUTH_LIBRARY, EntryPoint="SetATSHostList", CharSet=CharSet.None) ]
private static extern int _SetATSHostList
(
[In] String[] ATSHostList
);
[DllImport(AUTH_LIBRARY, CharSet=CharSet.None) ] [DllImport(AUTH_LIBRARY, CharSet=CharSet.None) ]
private static extern int ObtainAuthTokenEx private static extern int ObtainAuthTokenEx
( (
@ -195,6 +201,21 @@ namespace Novell.Casa.Client.Auth
} }
} }
public static int SetATSHostList(string[] ATSHostList)
{
int i, numHosts;
string[] hostList;
/* Null termination */
numHosts = ATSHostList.Length;
hostList = new string[numHosts + 1];
for (i = 0; i < numHosts; i++) {
hostList[i] = ATSHostList[i];
}
return _SetATSHostList(hostList);
}
public static void CleanUpAuthTokenCache(WinLuid luid) public static void CleanUpAuthTokenCache(WinLuid luid)
{ {
SSCS_EXT_T ext = new SSCS_EXT_T(); SSCS_EXT_T ext = new SSCS_EXT_T();

View File

@ -107,6 +107,23 @@ CleanUpAuthTokenCache(void);
// Flush the AuthToken cache. // Flush the AuthToken cache.
//=======================================================================-- //=======================================================================--
//++=======================================================================
extern CasaStatus SSCS_CALL
SetATSHostList(
IN const char * const ATSHostList[]);
//
// Arguments:
// ATSHostList -
// Pointer to NULL terminated array of ATS servers of form <server>:<port>
//
// Returns:
// Casa Status
//
// Description:
// Set the list of ATS servers contacted. Can be used to override the
// 'ATSHostList' parameter in client.conf.
//=======================================================================--
#if defined(__cplusplus) || defined(c_plusplus) #if defined(__cplusplus) || defined(c_plusplus)
} }

View File

@ -606,7 +606,6 @@ ObtainAuthTokenInt(
{ {
CasaStatus retStatus = CASA_STATUS_SUCCESS; CasaStatus retStatus = CASA_STATUS_SUCCESS;
AuthCacheEntry *pCacheEntry; AuthCacheEntry *pCacheEntry;
char *pNormalizedHostName;
char *pToken; char *pToken;
HANDLE hUserMutex = NULL; HANDLE hUserMutex = NULL;
@ -658,101 +657,13 @@ ObtainAuthTokenInt(
// Release our synchronization mutex // Release our synchronization mutex
ReleaseModuleMutex; ReleaseModuleMutex;
// Normalize the host name
pNormalizedHostName = NormalizeHostName(pHostName);
if (pNormalizedHostName)
{ {
bool setupHostEntries = true;
char *pHostNameAnd443 = NULL;
char *pHostNameAnd2645 = NULL;
char *pNormalizedHostNameAnd443 = NULL;
char *pNormalizedHostNameAnd2645 = NULL;
ATSHostEntry serviceHostEntry443 = {{NULL, NULL}, NULL, NULL, 0};
ATSHostEntry serviceHostEntry2645 = {{NULL, NULL}, NULL, NULL, 0};
ATSHostEntry serviceNormalizedHostEntry443 = {{NULL, NULL}, NULL, NULL, 0};
ATSHostEntry serviceNormalizedHostEntry2645 = {{NULL, NULL}, NULL, NULL, 0};
LIST_ENTRY *pListEntry; LIST_ENTRY *pListEntry;
ATSHostEntry *pHostEntryInUse; ATSHostEntry *pHostEntryInUse;
// Start user process synchronization // Start user process synchronization
AcquireUserMutex(hUserMutex); AcquireUserMutex(hUserMutex);
// Determine if we should setup host entries for the
// host where the service resides.
pListEntry = g_ATSHostList.Flink;
while(pListEntry != &g_ATSHostList)
{
pHostEntryInUse = CONTAINING_RECORD(pListEntry, ATSHostEntry, listEntry);
if (strcmp(pHostEntryInUse->pName, pHostName) == 0
|| strcmp(pHostEntryInUse->pName, pNormalizedHostName) == 0)
{
// The service's host is already in our list
setupHostEntries = false;
break;
}
// Advance to the next entry
pListEntry = pListEntry->Flink;
}
// Setup host entries for the service's host if necessary
if (setupHostEntries)
{
// Allocate space for the host name and port strings
pHostNameAnd443 = malloc(strlen(pHostName) + 5);
pHostNameAnd2645 = malloc(strlen(pHostName) + 6);
if (pHostNameAnd443 != NULL
&& pHostNameAnd2645 != NULL)
{
sprintf(pHostNameAnd443, "%s:%d", pHostName, 443);
sprintf(pHostNameAnd2645, "%s:%d", pHostName, 2645);
serviceHostEntry2645.pNameAndPort = pHostNameAnd2645;
serviceHostEntry2645.pName = pHostName;
serviceHostEntry2645.port = 2645;
InsertHeadList(&g_ATSHostList, &serviceHostEntry2645.listEntry);
serviceHostEntry443.pNameAndPort = pHostNameAnd443;
serviceHostEntry443.pName = pHostName;
serviceHostEntry443.port = 443;
InsertHeadList(&g_ATSHostList, &serviceHostEntry443.listEntry);
// Check if we should also setup host entries using the service's
// normalized host name.
if (strcmp(pHostName, pNormalizedHostName) != 0)
{
// The host name given and the normalized name are different. Let's
// improve the odds by also trying to utilize the normalized name.
pNormalizedHostNameAnd443 = malloc(strlen(pNormalizedHostName) + 5);
pNormalizedHostNameAnd2645 = malloc(strlen(pNormalizedHostName) + 6);
if (pNormalizedHostNameAnd443 != NULL
&& pNormalizedHostNameAnd2645 != NULL)
{
sprintf(pNormalizedHostNameAnd443, "%s:%d", pNormalizedHostName, 443);
sprintf(pNormalizedHostNameAnd2645, "%s:%d", pNormalizedHostName, 2645);
serviceNormalizedHostEntry2645.pNameAndPort = pNormalizedHostNameAnd2645;
serviceNormalizedHostEntry2645.pName = pNormalizedHostName;
serviceNormalizedHostEntry2645.port = 2645;
InsertHeadList(&g_ATSHostList, &serviceNormalizedHostEntry2645.listEntry);
serviceNormalizedHostEntry443.pNameAndPort = pNormalizedHostNameAnd443;
serviceNormalizedHostEntry443.pName = pNormalizedHostName;
serviceNormalizedHostEntry443.port = 443;
InsertHeadList(&g_ATSHostList, &serviceNormalizedHostEntry443.listEntry);
}
else
{
DbgTrace(0, "-ObtainAuthTokenInt- Buffer allocation failure\n", 0);
}
}
}
else
{
DbgTrace(0, "-ObtainAuthTokenInt- Buffer allocation failure\n", 0);
}
}
// Now try to obtain an authentication token using the // Now try to obtain an authentication token using the
// host entries at our disposal. // host entries at our disposal.
pListEntry = g_ATSHostList.Flink; pListEntry = g_ATSHostList.Flink;
@ -763,7 +674,7 @@ ObtainAuthTokenInt(
// Try to find a cache entry for the service // Try to find a cache entry for the service
pCacheEntry = FindAuthTokenEntryInCache(pServiceName, pCacheEntry = FindAuthTokenEntryInCache(pServiceName,
pNormalizedHostName, pHostName,
pHostEntryInUse, pHostEntryInUse,
pCredStoreScope); pCredStoreScope);
if (pCacheEntry == NULL) if (pCacheEntry == NULL)
@ -777,7 +688,7 @@ ObtainAuthTokenInt(
pToken = NULL; pToken = NULL;
retStatus = ObtainAuthTokenFromServer(pServiceName, retStatus = ObtainAuthTokenFromServer(pServiceName,
pHostName, pHostName,
pNormalizedHostName, pHostName,
pHostEntryInUse, pHostEntryInUse,
pCredStoreScope, pCredStoreScope,
&pToken, &pToken,
@ -790,7 +701,7 @@ ObtainAuthTokenInt(
{ {
retStatus = ObtainAuthTokenFromServer(pServiceName, retStatus = ObtainAuthTokenFromServer(pServiceName,
pHostName, pHostName,
pNormalizedHostName, pHostName,
pHostEntryInUse, pHostEntryInUse,
pCredStoreScope, pCredStoreScope,
&pToken, &pToken,
@ -810,7 +721,7 @@ ObtainAuthTokenInt(
|| opEndTime >= (opStartTime + (BAD_CACHE_TRIGER_TIME * 1000))) || opEndTime >= (opStartTime + (BAD_CACHE_TRIGER_TIME * 1000)))
{ {
pCacheEntry = CreateAuthTokenCacheEntry(pServiceName, pCacheEntry = CreateAuthTokenCacheEntry(pServiceName,
pNormalizedHostName, pHostName,
pHostEntryInUse, pHostEntryInUse,
retStatus, retStatus,
pToken, pToken,
@ -883,45 +794,8 @@ ObtainAuthTokenInt(
pListEntry = pListEntry->Flink; pListEntry = pListEntry->Flink;
} }
// Unlink the service host entries if necessary
if (pHostNameAnd443 != NULL
&& pHostNameAnd2645 != NULL)
{
RemoveEntryList(&serviceHostEntry2645.listEntry);
RemoveEntryList(&serviceHostEntry443.listEntry);
if (pNormalizedHostNameAnd443 != NULL
&& pNormalizedHostNameAnd2645 != NULL)
{
RemoveEntryList(&serviceNormalizedHostEntry2645.listEntry);
RemoveEntryList(&serviceNormalizedHostEntry443.listEntry);
}
}
// Stop user process synchronization // Stop user process synchronization
ReleaseUserMutex(hUserMutex); ReleaseUserMutex(hUserMutex);
// Free the space allocated during processing of the request
if (pHostNameAnd443)
free(pHostNameAnd443);
if (pHostNameAnd2645)
free(pHostNameAnd2645);
if (pNormalizedHostNameAnd443)
free(pNormalizedHostNameAnd443);
if (pNormalizedHostNameAnd2645)
free(pNormalizedHostNameAnd2645);
free(pNormalizedHostName);
}
else
{
DbgTrace(0, "-ObtainAuthTokenInt- Host name normalization failed\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_NAME_RESOLVE_ERROR);
} }
exit: exit:
@ -1152,6 +1026,101 @@ CreateATSHostEntry(
DbgTrace(1, "-CreateATSHostEntry- Exit\n", 0); DbgTrace(1, "-CreateATSHostEntry- Exit\n", 0);
} }
//++=======================================================================
CasaStatus SSCS_CALL
SetATSHostList(
IN const char * const ATSHostList[])
//
// Arguments:
// ATSHostList -
// Pointer to NULL terminated array of ATS servers of form <server>:<port>
//
// Returns:
// Casa Status
//
// Description:
// Set the list of ATS servers contacted. Can be used to override the
// 'ATSHostList' parameter in client.conf.
//=======================================================================--
{
int i, retStatus = CASA_STATUS_SUCCESS;
uint16_t port;
char address[256];
LIST_ENTRY *pListEntry;
ATSHostEntry *pHostEntry;
HANDLE hUserMutex = NULL;
DbgTrace(1, "-SetATSHostList- Start\n", 0);
for (i = 0; ATSHostList[i] != NULL; i++) {
int ret;
ret = sscanf(ATSHostList[i], "%[^:]:%hu", address, &port);
if (ret != 2) {
DbgTrace(0, "-SetATSHostList- Invalid entry: %s\n", ATSHostList[i]);
retStatus = CASA_STATUS_INVALID_PARAMETER;
goto exit;
}
}
/* Obtain our synchronization mutex */
AcquireModuleMutex;
/* Create user synchronization mutex */
retStatus = CreateUserMutex(&hUserMutex);
if (retStatus != CASA_STATUS_SUCCESS)
{
DbgTrace(0, "-SetATSHostList- Error creating mutex for the user\n", 0);
goto exit;
}
/* Make sure we are fully initialized */
if (g_bInitialized == false) {
retStatus = InitializeLibrary();
if (retStatus == CASA_STATUS_SUCCESS)
g_bInitialized = true;
else
goto exit;
}
/* Release our synchronization mutex */
ReleaseModuleMutex;
AcquireUserMutex(hUserMutex);
/* Cleanup the old ATS list */
pListEntry = g_ATSHostList.Flink;
if (pListEntry)
{
DbgTrace(0, "-SetATSHostList- Flushing ATS host list\n", 0);
while (pListEntry != &g_ATSHostList) {
pHostEntry = CONTAINING_RECORD(pListEntry, ATSHostEntry, listEntry);
RemoveEntryList(pListEntry);
free(pHostEntry->pNameAndPort);
free(pHostEntry->pName);
free(pHostEntry);
pListEntry = g_ATSHostList.Flink;
}
}
InitializeListHead(&g_ATSHostList);
for (i = 0; ATSHostList[i] != NULL; i++) {
sscanf(ATSHostList[i], "%[^:]:%hu", address, &port);
CreateATSHostEntry(address, port);
DbgTrace(0, "-SetATSHostList- Adding ATS host %s\n", ATSHostList[i]);
}
ReleaseUserMutex(hUserMutex);
exit:
if (hUserMutex != NULL)
DestroyUserMutex(hUserMutex);
DbgTrace(1, "-SetATSHostList- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++======================================================================= //++=======================================================================
int int

View File

@ -8,6 +8,7 @@ EXPORTS
; DllGetClassObject PRIVATE ; DllGetClassObject PRIVATE
ObtainAuthToken PRIVATE ObtainAuthToken PRIVATE
ObtainAuthTokenEx PRIVATE ObtainAuthTokenEx PRIVATE
SetATSHostList PRIVATE
CleanUpAuthTokenCache PRIVATE CleanUpAuthTokenCache PRIVATE
CleanUpAuthTokenCacheEx PRIVATE CleanUpAuthTokenCacheEx PRIVATE
; DllCanUnloadNow PRIVATE ; DllCanUnloadNow PRIVATE

View File

@ -68,7 +68,7 @@
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
IgnoreImportLibrary="false" IgnoreImportLibrary="false"
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx" AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
AdditionalDependencies="ws2_32.lib winhttp.lib libexpatmt.lib micasa.lib shlwapi.lib" AdditionalDependencies="ws2_32.lib winhttp.lib libexpatmt.lib micasa.lib shlwapi.lib"
OutputFile="$(OutDir)/casa_authtoken.dll" OutputFile="$(OutDir)/casa_authtoken.dll"
LinkIncremental="1" LinkIncremental="1"
@ -159,7 +159,7 @@
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
IgnoreImportLibrary="false" IgnoreImportLibrary="false"
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx" AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
AdditionalDependencies="ws2_32.lib &quot;$(MS_SDK_DIR)\lib\amd64\winhttp.lib&quot; libexpatmt.lib micasa.lib shlwapi.lib" AdditionalDependencies="ws2_32.lib &quot;$(MS_SDK_DIR)\lib\amd64\winhttp.lib&quot; libexpatmt.lib micasa.lib shlwapi.lib"
OutputFile="$(OutDir)/casa_authtoken.dll" OutputFile="$(OutDir)/casa_authtoken.dll"
LinkIncremental="1" LinkIncremental="1"
@ -243,7 +243,7 @@
/> />
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx" AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
AdditionalDependencies="ws2_32.lib winhttp.lib libexpatmt.lib micasa.lib shlwapi.lib" AdditionalDependencies="ws2_32.lib winhttp.lib libexpatmt.lib micasa.lib shlwapi.lib"
OutputFile="$(OutDir)/casa_authtoken.dll" OutputFile="$(OutDir)/casa_authtoken.dll"
LinkIncremental="1" LinkIncremental="1"
@ -329,7 +329,7 @@
/> />
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx" AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
AdditionalDependencies="ws2_32.lib &quot;$(MS_SDK_DIR)\lib\amd64\winhttp.lib&quot; libexpatmt.lib micasa.lib shlwapi.lib" AdditionalDependencies="ws2_32.lib &quot;$(MS_SDK_DIR)\lib\amd64\winhttp.lib&quot; libexpatmt.lib micasa.lib shlwapi.lib"
OutputFile="$(OutDir)/casa_authtoken.dll" OutputFile="$(OutDir)/casa_authtoken.dll"
LinkIncremental="1" LinkIncremental="1"