Multiple changes for Bug #543064
1. Provided SetATSHostList() API for changing the ATS address dynamically 2. Not using CASA enabled server as ATS. ATS address has to be explicitly set in client.conf or through SetATSHostList() 3. Not normalizing CASA enabled server's host name while obtaining CASA tokens. Callers of ObtainAuthTokenEx() have to pass normalized name as argument
This commit is contained in:
parent
d1bfab390c
commit
b9fa3eab0c
@ -60,6 +60,12 @@ namespace Novell.Casa.Client.Auth
|
||||
[In, Out] ref int iTokenLength
|
||||
);
|
||||
|
||||
[DllImport(AUTH_LIBRARY, EntryPoint="SetATSHostList", CharSet=CharSet.None) ]
|
||||
private static extern int _SetATSHostList
|
||||
(
|
||||
[In] String[] ATSHostList
|
||||
);
|
||||
|
||||
[DllImport(AUTH_LIBRARY, CharSet=CharSet.None) ]
|
||||
private static extern int ObtainAuthTokenEx
|
||||
(
|
||||
@ -195,6 +201,21 @@ namespace Novell.Casa.Client.Auth
|
||||
}
|
||||
}
|
||||
|
||||
public static int SetATSHostList(string[] ATSHostList)
|
||||
{
|
||||
int i, numHosts;
|
||||
string[] hostList;
|
||||
|
||||
/* Null termination */
|
||||
numHosts = ATSHostList.Length;
|
||||
hostList = new string[numHosts + 1];
|
||||
for (i = 0; i < numHosts; i++) {
|
||||
hostList[i] = ATSHostList[i];
|
||||
}
|
||||
|
||||
return _SetATSHostList(hostList);
|
||||
}
|
||||
|
||||
public static void CleanUpAuthTokenCache(WinLuid luid)
|
||||
{
|
||||
SSCS_EXT_T ext = new SSCS_EXT_T();
|
||||
|
@ -107,6 +107,23 @@ CleanUpAuthTokenCache(void);
|
||||
// Flush the AuthToken cache.
|
||||
//=======================================================================--
|
||||
|
||||
//++=======================================================================
|
||||
extern CasaStatus SSCS_CALL
|
||||
SetATSHostList(
|
||||
IN const char * const ATSHostList[]);
|
||||
//
|
||||
// Arguments:
|
||||
// ATSHostList -
|
||||
// Pointer to NULL terminated array of ATS servers of form <server>:<port>
|
||||
//
|
||||
// Returns:
|
||||
// Casa Status
|
||||
//
|
||||
// Description:
|
||||
// Set the list of ATS servers contacted. Can be used to override the
|
||||
// 'ATSHostList' parameter in client.conf.
|
||||
//=======================================================================--
|
||||
|
||||
|
||||
#if defined(__cplusplus) || defined(c_plusplus)
|
||||
}
|
||||
|
@ -606,7 +606,6 @@ ObtainAuthTokenInt(
|
||||
{
|
||||
CasaStatus retStatus = CASA_STATUS_SUCCESS;
|
||||
AuthCacheEntry *pCacheEntry;
|
||||
char *pNormalizedHostName;
|
||||
char *pToken;
|
||||
HANDLE hUserMutex = NULL;
|
||||
|
||||
@ -658,101 +657,13 @@ ObtainAuthTokenInt(
|
||||
// Release our synchronization mutex
|
||||
ReleaseModuleMutex;
|
||||
|
||||
// Normalize the host name
|
||||
pNormalizedHostName = NormalizeHostName(pHostName);
|
||||
if (pNormalizedHostName)
|
||||
{
|
||||
bool setupHostEntries = true;
|
||||
char *pHostNameAnd443 = NULL;
|
||||
char *pHostNameAnd2645 = NULL;
|
||||
char *pNormalizedHostNameAnd443 = NULL;
|
||||
char *pNormalizedHostNameAnd2645 = NULL;
|
||||
ATSHostEntry serviceHostEntry443 = {{NULL, NULL}, NULL, NULL, 0};
|
||||
ATSHostEntry serviceHostEntry2645 = {{NULL, NULL}, NULL, NULL, 0};
|
||||
ATSHostEntry serviceNormalizedHostEntry443 = {{NULL, NULL}, NULL, NULL, 0};
|
||||
ATSHostEntry serviceNormalizedHostEntry2645 = {{NULL, NULL}, NULL, NULL, 0};
|
||||
LIST_ENTRY *pListEntry;
|
||||
ATSHostEntry *pHostEntryInUse;
|
||||
|
||||
// Start user process synchronization
|
||||
AcquireUserMutex(hUserMutex);
|
||||
|
||||
// Determine if we should setup host entries for the
|
||||
// host where the service resides.
|
||||
pListEntry = g_ATSHostList.Flink;
|
||||
while(pListEntry != &g_ATSHostList)
|
||||
{
|
||||
pHostEntryInUse = CONTAINING_RECORD(pListEntry, ATSHostEntry, listEntry);
|
||||
if (strcmp(pHostEntryInUse->pName, pHostName) == 0
|
||||
|| strcmp(pHostEntryInUse->pName, pNormalizedHostName) == 0)
|
||||
{
|
||||
// The service's host is already in our list
|
||||
setupHostEntries = false;
|
||||
break;
|
||||
}
|
||||
|
||||
// Advance to the next entry
|
||||
pListEntry = pListEntry->Flink;
|
||||
}
|
||||
|
||||
// Setup host entries for the service's host if necessary
|
||||
if (setupHostEntries)
|
||||
{
|
||||
// Allocate space for the host name and port strings
|
||||
pHostNameAnd443 = malloc(strlen(pHostName) + 5);
|
||||
pHostNameAnd2645 = malloc(strlen(pHostName) + 6);
|
||||
if (pHostNameAnd443 != NULL
|
||||
&& pHostNameAnd2645 != NULL)
|
||||
{
|
||||
sprintf(pHostNameAnd443, "%s:%d", pHostName, 443);
|
||||
sprintf(pHostNameAnd2645, "%s:%d", pHostName, 2645);
|
||||
|
||||
serviceHostEntry2645.pNameAndPort = pHostNameAnd2645;
|
||||
serviceHostEntry2645.pName = pHostName;
|
||||
serviceHostEntry2645.port = 2645;
|
||||
InsertHeadList(&g_ATSHostList, &serviceHostEntry2645.listEntry);
|
||||
|
||||
serviceHostEntry443.pNameAndPort = pHostNameAnd443;
|
||||
serviceHostEntry443.pName = pHostName;
|
||||
serviceHostEntry443.port = 443;
|
||||
InsertHeadList(&g_ATSHostList, &serviceHostEntry443.listEntry);
|
||||
|
||||
// Check if we should also setup host entries using the service's
|
||||
// normalized host name.
|
||||
if (strcmp(pHostName, pNormalizedHostName) != 0)
|
||||
{
|
||||
// The host name given and the normalized name are different. Let's
|
||||
// improve the odds by also trying to utilize the normalized name.
|
||||
pNormalizedHostNameAnd443 = malloc(strlen(pNormalizedHostName) + 5);
|
||||
pNormalizedHostNameAnd2645 = malloc(strlen(pNormalizedHostName) + 6);
|
||||
if (pNormalizedHostNameAnd443 != NULL
|
||||
&& pNormalizedHostNameAnd2645 != NULL)
|
||||
{
|
||||
sprintf(pNormalizedHostNameAnd443, "%s:%d", pNormalizedHostName, 443);
|
||||
sprintf(pNormalizedHostNameAnd2645, "%s:%d", pNormalizedHostName, 2645);
|
||||
|
||||
serviceNormalizedHostEntry2645.pNameAndPort = pNormalizedHostNameAnd2645;
|
||||
serviceNormalizedHostEntry2645.pName = pNormalizedHostName;
|
||||
serviceNormalizedHostEntry2645.port = 2645;
|
||||
InsertHeadList(&g_ATSHostList, &serviceNormalizedHostEntry2645.listEntry);
|
||||
|
||||
serviceNormalizedHostEntry443.pNameAndPort = pNormalizedHostNameAnd443;
|
||||
serviceNormalizedHostEntry443.pName = pNormalizedHostName;
|
||||
serviceNormalizedHostEntry443.port = 443;
|
||||
InsertHeadList(&g_ATSHostList, &serviceNormalizedHostEntry443.listEntry);
|
||||
}
|
||||
else
|
||||
{
|
||||
DbgTrace(0, "-ObtainAuthTokenInt- Buffer allocation failure\n", 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
DbgTrace(0, "-ObtainAuthTokenInt- Buffer allocation failure\n", 0);
|
||||
}
|
||||
}
|
||||
|
||||
// Now try to obtain an authentication token using the
|
||||
// host entries at our disposal.
|
||||
pListEntry = g_ATSHostList.Flink;
|
||||
@ -763,7 +674,7 @@ ObtainAuthTokenInt(
|
||||
|
||||
// Try to find a cache entry for the service
|
||||
pCacheEntry = FindAuthTokenEntryInCache(pServiceName,
|
||||
pNormalizedHostName,
|
||||
pHostName,
|
||||
pHostEntryInUse,
|
||||
pCredStoreScope);
|
||||
if (pCacheEntry == NULL)
|
||||
@ -777,7 +688,7 @@ ObtainAuthTokenInt(
|
||||
pToken = NULL;
|
||||
retStatus = ObtainAuthTokenFromServer(pServiceName,
|
||||
pHostName,
|
||||
pNormalizedHostName,
|
||||
pHostName,
|
||||
pHostEntryInUse,
|
||||
pCredStoreScope,
|
||||
&pToken,
|
||||
@ -790,7 +701,7 @@ ObtainAuthTokenInt(
|
||||
{
|
||||
retStatus = ObtainAuthTokenFromServer(pServiceName,
|
||||
pHostName,
|
||||
pNormalizedHostName,
|
||||
pHostName,
|
||||
pHostEntryInUse,
|
||||
pCredStoreScope,
|
||||
&pToken,
|
||||
@ -810,7 +721,7 @@ ObtainAuthTokenInt(
|
||||
|| opEndTime >= (opStartTime + (BAD_CACHE_TRIGER_TIME * 1000)))
|
||||
{
|
||||
pCacheEntry = CreateAuthTokenCacheEntry(pServiceName,
|
||||
pNormalizedHostName,
|
||||
pHostName,
|
||||
pHostEntryInUse,
|
||||
retStatus,
|
||||
pToken,
|
||||
@ -883,45 +794,8 @@ ObtainAuthTokenInt(
|
||||
pListEntry = pListEntry->Flink;
|
||||
}
|
||||
|
||||
// Unlink the service host entries if necessary
|
||||
if (pHostNameAnd443 != NULL
|
||||
&& pHostNameAnd2645 != NULL)
|
||||
{
|
||||
RemoveEntryList(&serviceHostEntry2645.listEntry);
|
||||
RemoveEntryList(&serviceHostEntry443.listEntry);
|
||||
|
||||
if (pNormalizedHostNameAnd443 != NULL
|
||||
&& pNormalizedHostNameAnd2645 != NULL)
|
||||
{
|
||||
RemoveEntryList(&serviceNormalizedHostEntry2645.listEntry);
|
||||
RemoveEntryList(&serviceNormalizedHostEntry443.listEntry);
|
||||
}
|
||||
}
|
||||
|
||||
// Stop user process synchronization
|
||||
ReleaseUserMutex(hUserMutex);
|
||||
|
||||
// Free the space allocated during processing of the request
|
||||
if (pHostNameAnd443)
|
||||
free(pHostNameAnd443);
|
||||
|
||||
if (pHostNameAnd2645)
|
||||
free(pHostNameAnd2645);
|
||||
|
||||
if (pNormalizedHostNameAnd443)
|
||||
free(pNormalizedHostNameAnd443);
|
||||
|
||||
if (pNormalizedHostNameAnd2645)
|
||||
free(pNormalizedHostNameAnd2645);
|
||||
|
||||
free(pNormalizedHostName);
|
||||
}
|
||||
else
|
||||
{
|
||||
DbgTrace(0, "-ObtainAuthTokenInt- Host name normalization failed\n", 0);
|
||||
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
|
||||
CASA_FACILITY_AUTHTOKEN,
|
||||
CASA_STATUS_NAME_RESOLVE_ERROR);
|
||||
}
|
||||
|
||||
exit:
|
||||
@ -1152,6 +1026,101 @@ CreateATSHostEntry(
|
||||
DbgTrace(1, "-CreateATSHostEntry- Exit\n", 0);
|
||||
}
|
||||
|
||||
//++=======================================================================
|
||||
CasaStatus SSCS_CALL
|
||||
SetATSHostList(
|
||||
IN const char * const ATSHostList[])
|
||||
//
|
||||
// Arguments:
|
||||
// ATSHostList -
|
||||
// Pointer to NULL terminated array of ATS servers of form <server>:<port>
|
||||
//
|
||||
// Returns:
|
||||
// Casa Status
|
||||
//
|
||||
// Description:
|
||||
// Set the list of ATS servers contacted. Can be used to override the
|
||||
// 'ATSHostList' parameter in client.conf.
|
||||
//=======================================================================--
|
||||
{
|
||||
int i, retStatus = CASA_STATUS_SUCCESS;
|
||||
uint16_t port;
|
||||
char address[256];
|
||||
LIST_ENTRY *pListEntry;
|
||||
ATSHostEntry *pHostEntry;
|
||||
HANDLE hUserMutex = NULL;
|
||||
|
||||
DbgTrace(1, "-SetATSHostList- Start\n", 0);
|
||||
|
||||
for (i = 0; ATSHostList[i] != NULL; i++) {
|
||||
int ret;
|
||||
ret = sscanf(ATSHostList[i], "%[^:]:%hu", address, &port);
|
||||
if (ret != 2) {
|
||||
DbgTrace(0, "-SetATSHostList- Invalid entry: %s\n", ATSHostList[i]);
|
||||
retStatus = CASA_STATUS_INVALID_PARAMETER;
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
/* Obtain our synchronization mutex */
|
||||
AcquireModuleMutex;
|
||||
|
||||
/* Create user synchronization mutex */
|
||||
retStatus = CreateUserMutex(&hUserMutex);
|
||||
if (retStatus != CASA_STATUS_SUCCESS)
|
||||
{
|
||||
DbgTrace(0, "-SetATSHostList- Error creating mutex for the user\n", 0);
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Make sure we are fully initialized */
|
||||
if (g_bInitialized == false) {
|
||||
retStatus = InitializeLibrary();
|
||||
|
||||
if (retStatus == CASA_STATUS_SUCCESS)
|
||||
g_bInitialized = true;
|
||||
else
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Release our synchronization mutex */
|
||||
ReleaseModuleMutex;
|
||||
|
||||
AcquireUserMutex(hUserMutex);
|
||||
|
||||
/* Cleanup the old ATS list */
|
||||
pListEntry = g_ATSHostList.Flink;
|
||||
if (pListEntry)
|
||||
{
|
||||
DbgTrace(0, "-SetATSHostList- Flushing ATS host list\n", 0);
|
||||
while (pListEntry != &g_ATSHostList) {
|
||||
pHostEntry = CONTAINING_RECORD(pListEntry, ATSHostEntry, listEntry);
|
||||
RemoveEntryList(pListEntry);
|
||||
free(pHostEntry->pNameAndPort);
|
||||
free(pHostEntry->pName);
|
||||
free(pHostEntry);
|
||||
pListEntry = g_ATSHostList.Flink;
|
||||
}
|
||||
}
|
||||
InitializeListHead(&g_ATSHostList);
|
||||
|
||||
for (i = 0; ATSHostList[i] != NULL; i++) {
|
||||
sscanf(ATSHostList[i], "%[^:]:%hu", address, &port);
|
||||
CreateATSHostEntry(address, port);
|
||||
DbgTrace(0, "-SetATSHostList- Adding ATS host %s\n", ATSHostList[i]);
|
||||
}
|
||||
|
||||
ReleaseUserMutex(hUserMutex);
|
||||
|
||||
exit:
|
||||
|
||||
if (hUserMutex != NULL)
|
||||
DestroyUserMutex(hUserMutex);
|
||||
|
||||
DbgTrace(1, "-SetATSHostList- End, retStatus = %08X\n", retStatus);
|
||||
|
||||
return retStatus;
|
||||
}
|
||||
|
||||
//++=======================================================================
|
||||
int
|
||||
|
@ -8,6 +8,7 @@ EXPORTS
|
||||
; DllGetClassObject PRIVATE
|
||||
ObtainAuthToken PRIVATE
|
||||
ObtainAuthTokenEx PRIVATE
|
||||
SetATSHostList PRIVATE
|
||||
CleanUpAuthTokenCache PRIVATE
|
||||
CleanUpAuthTokenCacheEx PRIVATE
|
||||
; DllCanUnloadNow PRIVATE
|
||||
; DllCanUnloadNow PRIVATE
|
||||
|
@ -68,7 +68,7 @@
|
||||
<Tool
|
||||
Name="VCLinkerTool"
|
||||
IgnoreImportLibrary="false"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
|
||||
AdditionalDependencies="ws2_32.lib winhttp.lib libexpatmt.lib micasa.lib shlwapi.lib"
|
||||
OutputFile="$(OutDir)/casa_authtoken.dll"
|
||||
LinkIncremental="1"
|
||||
@ -159,7 +159,7 @@
|
||||
<Tool
|
||||
Name="VCLinkerTool"
|
||||
IgnoreImportLibrary="false"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
|
||||
AdditionalDependencies="ws2_32.lib "$(MS_SDK_DIR)\lib\amd64\winhttp.lib" libexpatmt.lib micasa.lib shlwapi.lib"
|
||||
OutputFile="$(OutDir)/casa_authtoken.dll"
|
||||
LinkIncremental="1"
|
||||
@ -243,7 +243,7 @@
|
||||
/>
|
||||
<Tool
|
||||
Name="VCLinkerTool"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
|
||||
AdditionalDependencies="ws2_32.lib winhttp.lib libexpatmt.lib micasa.lib shlwapi.lib"
|
||||
OutputFile="$(OutDir)/casa_authtoken.dll"
|
||||
LinkIncremental="1"
|
||||
@ -329,7 +329,7 @@
|
||||
/>
|
||||
<Tool
|
||||
Name="VCLinkerTool"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx"
|
||||
AdditionalOptions="/EXPORT:ObtainAuthToken /EXPORT:ObtainAuthTokenEx /EXPORT:CleanUpAuthTokenCache /EXPORT:CleanUpAuthTokenCacheEx /EXPORT:SetATSHostList"
|
||||
AdditionalDependencies="ws2_32.lib "$(MS_SDK_DIR)\lib\amd64\winhttp.lib" libexpatmt.lib micasa.lib shlwapi.lib"
|
||||
OutputFile="$(OutDir)/casa_authtoken.dll"
|
||||
LinkIncremental="1"
|
||||
|
Loading…
Reference in New Issue
Block a user