geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Completed the Authtoken Validate Service changes.

Browse Source
This commit is contained in:
Juan Carlos Luciani 2006-09-14 15:54:27 +00:00
parent b25b691642
commit e9680fbfa1
22 changed files with 340 additions and 801 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CASA-auth-token/non-java/configure.in
View File

@ -19,9 +19,10 @@
# #
####################################################################### #######################################################################
AC_INIT(include/casa_s_authtoken.h) AC_INIT(CASA_auth_token_native, 1.7.795,,CASA_auth_token_native)
AC_CONFIG_SRCDIR(autogen.sh)
AC_CANONICAL_SYSTEM AC_CANONICAL_SYSTEM
AM_INIT_AUTOMAKE(CASA_auth_token_native, 1.7.795) AM_INIT_AUTOMAKE(tar-pax)
RELEASE=`date +%Y%m%d_%H%M` RELEASE=`date +%Y%m%d_%H%M`
AC_SUBST(RELEASE) AC_SUBST(RELEASE)
AM_MAINTAINER_MODE AM_MAINTAINER_MODE

42
CASA-auth-token/non-java/include/casa_c_ipc.h
View File

@ -76,6 +76,13 @@ IpcClientOpenUnixRemoteEndPoint(
// //
//=======================================================================-- //=======================================================================--
typedef
int
(*PFN_IpcClientOpenUnixRemoteEndPoint)(
IN char *pSocketFileName,
IN int maxRpcRetries,
INOUT uint32_t *pEndPointHandle);
//++======================================================================= //++=======================================================================
extern extern
@ -110,6 +117,14 @@ IpcClientOpenInetRemoteEndPoint(
// //
//=======================================================================-- //=======================================================================--
typedef
int
(*PFN_IpcClientOpenInetRemoteEndPoint)(
IN unsigned short int port,
IN uint32_t address,
IN int maxRpcRetries,
INOUT uint32_t *pEndPointHandle);
//++======================================================================= //++=======================================================================
extern extern
@ -133,6 +148,11 @@ IpcClientCloseRemoteEndPoint(
// //
//=======================================================================-- //=======================================================================--
typedef
int
(*PFN_IpcClientCloseRemoteEndPoint)(
IN uint32_t endPointHandle);
//++======================================================================= //++=======================================================================
extern extern
@ -177,6 +197,15 @@ IpcClientSubmitReq(
// //
//=======================================================================-- //=======================================================================--
typedef
int
(*PFN_IpcClientSubmitReq)(
IN uint32_t endPointHandle,
IN char *pClientData,
IN int clientDataLen,
INOUT char **ppServerData,
INOUT int *pServerDataLen);
//++======================================================================= //++=======================================================================
extern extern
@ -214,6 +243,14 @@ IpcClientInit(
// //
//=======================================================================-- //=======================================================================--
typedef
int
(*PFN_IpcClientInit)(
IN char *pName,
IN bool multithreaded,
IN int debugLevel,
IN bool useSyslog);
//++======================================================================= //++=======================================================================
extern extern
@ -230,6 +267,11 @@ IpcClientShutdown(void);
// //
//=======================================================================-- //=======================================================================--
typedef
void
(*PFN_IpcClientShutdown)(void);
#endif // _IPCCLIENT_ #endif // _IPCCLIENT_
//========================================================================= //=========================================================================

8
CASA-auth-token/non-java/package/linux/CASA_auth_token_native.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Thu Sep 14 09:48:54 MDT 2006 - jluciani@novell.com
- Created the Validate AuthToken Service and made all of the necessary changes
to allow it to be consumed by the AuthTokenValidate library.
- Also made necessary spec file changes to support our configuration.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Sep 5 08:37:35 MDT 2006 - jluciani@novell.com Tue Sep 5 08:37:35 MDT 2006 - jluciani@novell.com

40
CASA-auth-token/non-java/package/linux/CASA_auth_token_native.spec.in
View File

@ -15,7 +15,7 @@ Name: CASA_auth_token_native
%define debug_opt "" %define debug_opt ""
URL: http://www.novell.com/products URL: http://www.novell.com/products
BuildRequires: CASA-devel apache2-devel expat gcc-c++ glib2-devel krb5-devel libgcc libgssapi libstdc++ libstdc++-devel mono-devel pam-devel pkgconfig update-alternatives java-1_5_0-sun java-1_5_0-sun-devel BuildRequires: CASA-devel apache2-devel expat gcc-c++ glib2-devel krb5-devel libgcc libgssapi libstdc++ libstdc++-devel mono-devel pam-devel pkgconfig update-alternatives java-1_5_0-ibm java-1_5_0-ibm-devel
%define prefix /usr %define prefix /usr
License: LGPL License: LGPL
Group: System/Libraries Group: System/Libraries
@ -26,7 +26,7 @@ Release: 1
Summary: Novell CASA Authentication Token Libraries Summary: Novell CASA Authentication Token Libraries
Source: %{name}-%{version}.tar.bz2 Source: %{name}-%{version}.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: expat java-1_5_0-sun CASA_auth_token_jaas_support Requires: expat java-1_5_0-ibm CASA_auth_token_jaas_support
PreReq: %fillup_prereq %insserv_prereq PreReq: %fillup_prereq %insserv_prereq
%description %description
@ -151,25 +151,31 @@ make
install -d %{buildroot}%{prefix} install -d %{buildroot}%{prefix}
install -d %{buildroot}%{prefix}/bin install -d %{buildroot}%{prefix}/bin
install -d %{buildroot}%{prefix}/%{_lib} install -d %{buildroot}%{prefix}/%{_lib}
install -d %{buildroot}%{prefix}/%{_lib}/security install -d %{buildroot}/%{_lib}/security
install -d %{buildroot}%{prefix}/include install -d %{buildroot}%{prefix}/include
install -d %{buildroot}/etc/init.d install -d %{buildroot}/etc/init.d
install -d %{buildroot}/etc/ld.so.conf.d install -d %{buildroot}/etc/ld.so.conf.d
install -d %{buildroot}/var install -d %{buildroot}/var
install -d %{buildroot}/var/lib install -d %{buildroot}/var/lib
install -d -m 777 %{buildroot}/var/lib/CASA install -d -m 755 %{buildroot}/var/lib/CASA
install -d -m 777 %{buildroot}/var/lib/CASA/authtoken install -d -m 755 %{buildroot}/var/lib/CASA/authtoken
install -d -m 777 %{buildroot}/var/lib/CASA/authtoken/validate install -d -m 755 %{buildroot}/var/lib/CASA/authtoken/validate
install -d -m 755 %{buildroot}/etc/CASA
install -d -m 755 %{buildroot}/etc/CASA/authtoken.d
install -d -m 755 %{buildroot}/etc/CASA/authtoken.d/modules.d
## CASA_auth_token_native ## ## CASA_auth_token_native ##
# Libs # Libs
install -m 755 %{_lib}/%{cfg}/libcasa_s_authtoken.so %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so.%{bldno} install -m 755 %{_lib}/%{cfg}/libcasa_s_authtoken.so %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so.%{bldno}
install -m 755 %{_lib}/%{cfg}/casa_iden_token.so %{buildroot}%{prefix}/%{_lib}/casa_iden_token.so.%{bldno}
install -m 755 %{_lib}/%{cfg}/libcasa_c_ipc.so %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so.%{bldno} install -m 755 %{_lib}/%{cfg}/libcasa_c_ipc.so %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so.%{bldno}
install -m 755 %{_lib}/%{cfg}/libcasa_s_ipc.so %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so.%{bldno} install -m 755 %{_lib}/%{cfg}/libcasa_s_ipc.so %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so.%{bldno}
# Lib Symbolic Links # Lib Symbolic Links
ln -sf libcasa_s_authtoken.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so ln -sf libcasa_s_authtoken.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so
ln -sf libcasa_s_authtoken.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so.1 ln -sf libcasa_s_authtoken.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so.1
ln -sf casa_iden_token.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/casa_iden_token.so
ln -sf casa_iden_token.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/casa_iden_token.so.1
ln -sf libcasa_c_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so ln -sf libcasa_c_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so
ln -sf libcasa_c_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so.1 ln -sf libcasa_c_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so.1
ln -sf libcasa_s_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so ln -sf libcasa_s_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so
@ -178,14 +184,13 @@ ln -sf libcasa_s_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so.
# Bins # Bins
install -m 755 bin/%{cfg}/CasaAuthtokenValidateD %{buildroot}%{prefix}/bin/CasaAuthtokenValidateD install -m 755 bin/%{cfg}/CasaAuthtokenValidateD %{buildroot}%{prefix}/bin/CasaAuthtokenValidateD
# Others
install -m 644 server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf %{buildroot}/etc/CASA/authtoken.d/modules.d/CasaIdentityToken.conf
## CASA_auth_token_pam_support ## ## CASA_auth_token_pam_support ##
# Libs # Libs
install -m 755 %{_lib}/%{cfg}/pam_casaauthtok.so %{buildroot}%{prefix}/%{_lib}/security/pam_casaauthtok.so.%{bldno} install -m 755 %{_lib}/%{cfg}/pam_casaauthtok.so %{buildroot}/%{_lib}/security/pam_casaauthtok.so
#install -m 755 %{_lib}/%{cfg}/pam_casaauthtok.so %{buildroot}%{prefix}/%{_lib}/security/pam_casaauthtok.so
# Lib Symbolic Links
ln -sf pam_casaauthtok.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/security/pam_casaauthtok.so
ln -sf pam_casaauthtok.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/security/pam_casaauthtok.so.1
## CASA_auth_token_apache2_2_support ## ## CASA_auth_token_apache2_2_support ##
# Libs # Libs
@ -225,9 +230,15 @@ rm -rf $RPM_BUILD_ROOT
%dir /var/lib/CASA %dir /var/lib/CASA
%dir /var/lib/CASA/authtoken %dir /var/lib/CASA/authtoken
%dir /var/lib/CASA/authtoken/validate %dir /var/lib/CASA/authtoken/validate
%dir /etc/CASA
%dir /etc/CASA/authtoken.d
%dir /etc/CASA/authtoken.d/modules.d
%{prefix}/%{_lib}/libcasa_s_authtoken.so.%{bldno} %{prefix}/%{_lib}/libcasa_s_authtoken.so.%{bldno}
%{prefix}/%{_lib}/libcasa_s_authtoken.so %{prefix}/%{_lib}/libcasa_s_authtoken.so
%{prefix}/%{_lib}/libcasa_s_authtoken.so.1 %{prefix}/%{_lib}/libcasa_s_authtoken.so.1
%{prefix}/%{_lib}/casa_iden_token.so.%{bldno}
%{prefix}/%{_lib}/casa_iden_token.so
%{prefix}/%{_lib}/casa_iden_token.so.1
%{prefix}/%{_lib}/libcasa_c_ipc.so.%{bldno} %{prefix}/%{_lib}/libcasa_c_ipc.so.%{bldno}
%{prefix}/%{_lib}/libcasa_c_ipc.so %{prefix}/%{_lib}/libcasa_c_ipc.so
%{prefix}/%{_lib}/libcasa_c_ipc.so.1 %{prefix}/%{_lib}/libcasa_c_ipc.so.1
@ -235,6 +246,7 @@ rm -rf $RPM_BUILD_ROOT
%{prefix}/%{_lib}/libcasa_s_ipc.so %{prefix}/%{_lib}/libcasa_s_ipc.so
%{prefix}/%{_lib}/libcasa_s_ipc.so.1 %{prefix}/%{_lib}/libcasa_s_ipc.so.1
%{prefix}/bin/CasaAuthtokenValidateD %{prefix}/bin/CasaAuthtokenValidateD
/etc/CASA/authtoken.d/modules.d/CasaIdentityToken.conf
## CASA_auth_token_pam_support ## ## CASA_auth_token_pam_support ##
@ -252,10 +264,8 @@ rm -rf $RPM_BUILD_ROOT
%files -n CASA_auth_token_pam_support %files -n CASA_auth_token_pam_support
%defattr(-,root,root) %defattr(-,root,root)
%dir %{prefix}/%{_lib}/security %dir /%{_lib}/security
%{prefix}/%{_lib}/security/pam_casaauthtok.so.%{bldno} /%{_lib}/security/pam_casaauthtok.so
%{prefix}/%{_lib}/security/pam_casaauthtok.so
%{prefix}/%{_lib}/security/pam_casaauthtok.so.1
## CASA_auth_token_apache2_2_support ## ## CASA_auth_token_apache2_2_support ##

17
CASA-auth-token/non-java/server/AuthTokenValidate/Svc/linux/Makefile.am
View File

@ -40,9 +40,8 @@ ROOT = ../../../..
LIBDIR = $(ROOT)/$(LIB) LIBDIR = $(ROOT)/$(LIB)
BINDIR = $(ROOT)/$(BIN) BINDIR = $(ROOT)/$(BIN)
#JAVA_LIBDIR = /usr/lib/jvm/java-1.5.0-sun-1.5.0_07/jre/lib/i386/server JAVA_LIBDIR = /usr/lib/jvm/java-1.5.0-ibm/jre/bin
JAVA_LIBDIR = /usr/lib/jvm/jre-1.5.0-sun/lib/$(HOSTTYPE)/server JAVA_INCDIR = /usr/lib/jvm/java-1.5.0-ibm/include
JAVA_INCDIR = /usr/lib/jvm/java-1.5.0-sun/include
# handle Mono secondary dependencies # handle Mono secondary dependencies
export MONO_PATH := $(MONO_PATH) export MONO_PATH := $(MONO_PATH)
@ -54,13 +53,13 @@ CFILES =
CPPFILES = server.cpp CPPFILES = server.cpp
CSFILES_CSC := CSFILES_CSC :=
INCLUDES = -I. -I$(ROOT)/include -I$(JAVA_INCDIR) -I$(JAVA_INCDIR)/linux INCLUDES = -I. -I$(ROOT)/include -I$(JAVA_INCDIR)
RESOURCES = RESOURCES =
DEFINES += -Wno-format-extra-args -fno-strict-aliasing -fshort-wchar DEFINES += -fno-strict-aliasing -fshort-wchar
CFLAGS += $(INCLUDES) $(DEFINES) CFLAGS += $(INCLUDES) $(DEFINES)
CPPFLAGS += -fPIC $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS) CPPFLAGS += -fPIC $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS)
LIBS = -lpthread -lcasa_s_ipc -ljvm LIBS = -lpthread -lcasa_s_ipc -ljvm -ljsig -lj9thr23
LDFLAGS = -L$(LIBDIR)/$(TARGET_CFG) -L$(JAVA_LIBDIR) -Xlinker -rpath -Xlinker $(JAVA_LIBDIR) LDFLAGS = -L$(LIBDIR)/$(TARGET_CFG) -L$(JAVA_LIBDIR) -L$(JAVA_LIBDIR)/classic
OBJDIR = ./$(TARGET_CFG)/$(LIB) OBJDIR = ./$(TARGET_CFG)/$(LIB)
OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) $(addprefix $(OBJDIR)/, $(CPPFILES:%.cpp=%.o)) OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) $(addprefix $(OBJDIR)/, $(CPPFILES:%.cpp=%.o))
@ -74,8 +73,8 @@ all: $(OBJDIR)/$(MODULE_NAME)
# #
# Pattern based rules. # Pattern based rules.
# #
vpath %.c $(CLIENT) $(COMMON) vpath %.c .
vpath %.cpp $(CLIENT) $(COMMON) vpath %.cpp .
$(OBJDIR)/%.o: %.c $(OBJDIR)/%.o: %.c
$(CC) -c $(CFLAGS) -o $@ $< $(CC) -c $(CFLAGS) -o $@ $<

70
CASA-auth-token/non-java/server/AuthTokenValidate/Svc/linux/server.cpp
View File

@ -63,10 +63,10 @@ double numBusyThreads = 0;
double numPerishingThreads = 0; double numPerishingThreads = 0;
// Listen Port Number // Listen Port Number
int listenPortNumber = 5000; //int listenPortNumber = 5000;
//int listenPortNumber = 0; int listenPortNumber = 0;
// Parameter indicating whether or not XSrv needs to run // Parameter indicating whether or not the server needs to run
// as a daemon. // as a daemon.
bool daemonize = false; bool daemonize = false;
@ -74,7 +74,7 @@ bool daemonize = false;
char appName[] = "CasaAuthtokenValidateD"; char appName[] = "CasaAuthtokenValidateD";
// Debug Level // Debug Level
int DebugLevel = 3; int DebugLevel = 0;
bool UseSyslog = false; bool UseSyslog = false;
// Variables for daemon auto-restart after crash feature // Variables for daemon auto-restart after crash feature
@ -92,10 +92,11 @@ bool terminating = false;
JavaVM *g_jvm = NULL; JavaVM *g_jvm = NULL;
JNIEnv *g_env = NULL; JNIEnv *g_env = NULL;
char classpath[] = "-Djava.class.path=/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/CASA/authtoken/external:/etc/CASA/authtoken.d";
// Java AuthenticationToken Class and method name // Java AuthenticationToken Class and method name
//char authTokenClassName[] = "jtest"; //char authTokenClassName[] = "jtest";
//char authTokenClassValidateMethodName[] = "test4"; //char authTokenClassValidateMethodName[] = "test4";
char authTokenClassName[] = "com.novell.casa.authtoksvc.AuthToken"; char authTokenClassName[] = "com/novell/casa/authtoksvc/AuthToken";
char authTokenClassValidateMethodName[] = "validate"; char authTokenClassValidateMethodName[] = "validate";
@ -249,7 +250,9 @@ WorkerThread(void*)
// Attach the thread to the JVM // Attach the thread to the JVM
JNIEnv *env; JNIEnv *env;
if (g_jvm->AttachCurrentThread((void**) &env, NULL) >= 0) JavaVMAttachArgs attachArgs = {0};
attachArgs.version = JNI_VERSION_1_4;
if (g_jvm->AttachCurrentThread((void**) &env, &attachArgs) >= 0)
{ {
// We are now attached to the JVM, find the helper class that // We are now attached to the JVM, find the helper class that
// we need. // we need.
@ -288,26 +291,36 @@ WorkerThread(void*)
{ {
// Invoke our helper method // Invoke our helper method
jstring outString = (jstring) env->CallStaticObjectMethod(helperClass, mId, inString); jstring outString = (jstring) env->CallStaticObjectMethod(helperClass, mId, inString);
if (outString)
// Check if an excption occurred
if (env->ExceptionCheck() == JNI_TRUE)
{ {
// The helper method succeded, complete the request // There is a pending exception, display the info which in turn clears it.
// with the data returned. env->ExceptionDescribe();
const char *pOutChars = env->GetStringUTFChars(outString, NULL);
if (pOutChars)
{
IpcServerCompleteRequest(requestId, (char*) pOutChars);
env->ReleaseStringUTFChars(outString, pOutChars);
}
else
{
DbgTrace(0, "WorkerThread- Unable to get UTF characters\n", 0);
IpcServerAbortRequest(requestId);
}
} }
else else
{ {
// The helper method failed, just abort the request. if (outString)
IpcServerAbortRequest(requestId); {
// The helper method succeded, complete the request
// with the data returned.
const char *pOutChars = env->GetStringUTFChars(outString, NULL);
if (pOutChars)
{
IpcServerCompleteRequest(requestId, (char*) pOutChars);
env->ReleaseStringUTFChars(outString, pOutChars);
}
else
{
DbgTrace(0, "WorkerThread- Unable to get UTF characters\n", 0);
IpcServerAbortRequest(requestId);
}
}
else
{
// The helper method failed, just abort the request.
IpcServerAbortRequest(requestId);
}
} }
} }
else else
@ -433,14 +446,17 @@ InitJavaInvoke(void)
DbgTrace(1, "InitJavaInvoke- Start\n", 0); DbgTrace(1, "InitJavaInvoke- Start\n", 0);
//JavaVMOption options[1]; JavaVMOption options[6];
//options[0].optionString = "-Djava.class.path=."; options[0].optionString = classpath;
JavaVMOption options[1]; options[1].optionString = "-Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser";
options[0].optionString = "-Djava.class.path=/usr/share/java:/etc/CASA/authtoken"; options[2].optionString = "-Djavax.xml.parsers.DocumentBuilderFactory=org.apache.xerces.jaxp.DocumentBuilderFactoryImpl";
options[3].optionString = "-Djavax.xml.parsers.SAXParserFactory=org.apache.xerces.jaxp.SAXParserFactoryImpl";
//options[4].optionString = "-Xcheck:jni";
//options[5].optionString = "-Djaxp.debug=1";
JavaVMInitArgs vm_args; JavaVMInitArgs vm_args;
vm_args.version = JNI_VERSION_1_4; vm_args.version = JNI_VERSION_1_4;
vm_args.options = options; vm_args.options = options;
vm_args.nOptions = 1; vm_args.nOptions = 4;
vm_args.ignoreUnrecognized = true; vm_args.ignoreUnrecognized = true;
if (JNI_CreateJavaVM(&g_jvm, (void**)&g_env, &vm_args) >= 0) if (JNI_CreateJavaVM(&g_jvm, (void**)&g_env, &vm_args) >= 0)
{ {

693
CASA-auth-token/non-java/server/AuthTokenValidate/authtoken.c
View File

@ -1,693 +0,0 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Parse states
//
#define AWAITING_ROOT_ELEMENT_START 0x0
#define AWAITING_ROOT_ELEMENT_END 0x1
#define AWAITING_SIGNATURE_DATA 0x2
#define AWAITING_SIGNATURE_ELEMENT_START 0x3
#define AWAITING_SIGNATURE_ELEMENT_END 0x4
#define AWAITING_LIFETIME_DATA 0x5
#define AWAITING_LIFETIME_ELEMENT_START 0x6
#define AWAITING_LIFETIME_ELEMENT_END 0x7
#define AWAITING_IDENT_TOKEN_ELEMENT_START 0x8
#define AWAITING_IDENT_TOKEN_ELEMENT_END 0x9
#define AWAITING_IDENT_TOKEN_DATA 0xA
#define AWAITING_TYPE_ELEMENT_START 0xB
#define AWAITING_TYPE_ELEMENT_END 0xC
#define AWAITING_TYPE_DATA 0xD
#define DONE_PARSING 0xE
//
// Authentication Token Parse Structure
//
typedef struct _AuthTokenParse
{
XML_Parser p;
int state;
int elementDataProcessed;
AuthToken *pAuthToken;
CasaStatus status;
} AuthTokenParse, *PAuthTokenParse;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//++=======================================================================
static
void XMLCALL
AuthTokenStartElementHandler(
IN void *pUserData,
IN const XML_Char *name,
IN const XML_Char **atts)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData;
DbgTrace(2, "-AuthTokenStartElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthTokenParse->state)
{
case AWAITING_ROOT_ELEMENT_START:
// In this state, we are only expecting the Authentication
// Response Element.
if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_SIGNATURE_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_SIGNATURE_ELEMENT_START:
// In this state, we are only expecting the Signature Element.
if (strcmp(name, SIGNATURE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_SIGNATURE_DATA;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_LIFETIME_ELEMENT_START:
// In this state, we are only expecting the Lifetime Element.
if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_LIFETIME_DATA;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_IDENT_TOKEN_ELEMENT_START:
// In this state, we are only expecting the Identity Token Element.
if (strcmp(name, IDENTITY_TOKEN_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_TYPE_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_TYPE_ELEMENT_START:
// In this state, we are only expecting the Type Element.
if (strcmp(name, TYPE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_TYPE_DATA;
}
else
{
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected start element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
default:
DbgTrace(0, "-AuthTokenStartElementHandler- Un-expected state = %d\n", pAuthTokenParse->state);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthTokenStartElementHandler- End\n", 0);
}
//++=======================================================================
static
CasaStatus
ConsumeElementData(
IN AuthTokenParse *pAuthTokenParse,
IN const XML_Char *s,
IN int len,
INOUT char **ppElementData,
INOUT int *pElementDataLen)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(3, "-ConsumeElementData- Start\n", 0);
// Proceed based on whether or not we have already consumed data
// for this element.
if (*ppElementData == NULL)
{
// We have not yet consumed data for this element
pAuthTokenParse->elementDataProcessed = len;
// Allocate a buffer to hold this element data (null terminated).
*ppElementData = (char*) malloc(len + 1);
if (*ppElementData)
{
memset(*ppElementData, 0, len + 1);
memcpy(*ppElementData, s, len);
// Return the length of the element data buffer
*pElementDataLen = pAuthTokenParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
char *pNewBuf;
// We have already received token data, append this data to it.
pNewBuf = (char*) malloc(pAuthTokenParse->elementDataProcessed + len + 1);
if (pNewBuf)
{
memset(pNewBuf,
0,
pAuthTokenParse->elementDataProcessed + len + 1);
memcpy(pNewBuf,
*ppElementData,
pAuthTokenParse->elementDataProcessed);
memcpy(pNewBuf + pAuthTokenParse->elementDataProcessed, s, len);
pAuthTokenParse->elementDataProcessed += len;
// Swap the buffers
free(*ppElementData);
*ppElementData = pNewBuf;
// Return the length of the element data buffer
*pElementDataLen = pAuthTokenParse->elementDataProcessed + 1;
}
else
{
DbgTrace(0, "-ConsumeElementData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
DbgTrace(3, "-ConsumeElementData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
static
void XMLCALL
AuthTokenCharDataHandler(
IN void *pUserData,
IN const XML_Char *s,
IN int len)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData;
DbgTrace(2, "-AuthTokenCharDataHandler- Start\n", 0);
// Just exit if being called to process LF and CR characters
if (len == 1
&& ((*s == '\n') || (*s == '\r')))
{
goto exit;
}
// Proceed based on the state
switch (pAuthTokenParse->state)
{
case AWAITING_SIGNATURE_DATA:
case AWAITING_SIGNATURE_ELEMENT_END:
pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse,
s,
len,
&pAuthTokenParse->pAuthToken->pSignature,
&pAuthTokenParse->pAuthToken->signatureLen);
if (CASA_SUCCESS(pAuthTokenParse->status))
{
// Advanced to the next state
pAuthTokenParse->state = AWAITING_SIGNATURE_ELEMENT_END;
}
else
{
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_LIFETIME_DATA:
case AWAITING_LIFETIME_ELEMENT_END:
// Convert the lifetime string to a numeric value
pAuthTokenParse->pAuthToken->tokenLifetime = dtoul((char*) s, len);
// Advanced to the next state
pAuthTokenParse->state = AWAITING_LIFETIME_ELEMENT_END;
break;
case AWAITING_TYPE_DATA:
case AWAITING_TYPE_ELEMENT_END:
pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse,
s,
len,
&pAuthTokenParse->pAuthToken->pIdenTokenType,
&pAuthTokenParse->pAuthToken->idenTokenTypeLen);
if (CASA_SUCCESS(pAuthTokenParse->status))
{
// Advanced to the next state
pAuthTokenParse->state = AWAITING_TYPE_ELEMENT_END;
}
else
{
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_IDENT_TOKEN_DATA:
case AWAITING_IDENT_TOKEN_ELEMENT_END:
pAuthTokenParse->status = ConsumeElementData(pAuthTokenParse,
s,
len,
&pAuthTokenParse->pAuthToken->pIdenToken,
&pAuthTokenParse->pAuthToken->idenTokenLen);
if (CASA_SUCCESS(pAuthTokenParse->status))
{
// Advanced to the next state
pAuthTokenParse->state = AWAITING_IDENT_TOKEN_ELEMENT_END;
}
else
{
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
default:
DbgTrace(0, "-AuthTokenCharDataHandler- Un-expected state = %d\n", pAuthTokenParse->state);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
break;
}
exit:
DbgTrace(2, "-AuthTokenCharDataHandler- End\n", 0);
}
//++=======================================================================
static
void XMLCALL
AuthTokenEndElementHandler(
IN void *pUserData,
IN const XML_Char *name)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
AuthTokenParse *pAuthTokenParse = (AuthTokenParse*) pUserData;
DbgTrace(2, "-AuthTokenEndElementHandler- Start\n", 0);
// Proceed based on the state
switch (pAuthTokenParse->state)
{
case AWAITING_ROOT_ELEMENT_END:
// In this state, we are only expecting the Authentication
// Token Element.
if (strcmp(name, AUTH_TOKEN_ELEMENT_NAME) == 0)
{
// Done.
pAuthTokenParse->state = DONE_PARSING;
}
else
{
DbgTrace(0, "-AuthTokenEndHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_SIGNATURE_ELEMENT_END:
// In this state, we are only expecting the Signature Element.
if (strcmp(name, SIGNATURE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_LIFETIME_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_LIFETIME_ELEMENT_END:
// In this state, we are only expecting the Lifetime Element.
if (strcmp(name, LIFETIME_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_IDENT_TOKEN_ELEMENT_START;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_TYPE_ELEMENT_END:
// In this state, we are only expecting the Type Element.
if (strcmp(name, TYPE_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_IDENT_TOKEN_DATA;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
case AWAITING_IDENT_TOKEN_ELEMENT_END:
// In this state, we are only expecting the Identity Token Element.
if (strcmp(name, IDENTITY_TOKEN_ELEMENT_NAME) == 0)
{
// Good, advance to the next state.
pAuthTokenParse->state = AWAITING_ROOT_ELEMENT_END;
}
else
{
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected end element\n", 0);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
}
break;
default:
DbgTrace(0, "-AuthTokenEndElementHandler- Un-expected state = %d\n", pAuthTokenParse->state);
XML_StopParser(pAuthTokenParse->p, XML_FALSE);
break;
}
DbgTrace(2, "-AuthTokenEndElementHandler- End\n", 0);
}
//++=======================================================================
CasaStatus
CreateAuthToken(
IN char *pTokenBuf,
IN int tokenBufLen,
INOUT AuthToken **ppAuthToken)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
AuthTokenParse authTokenParse = {0};
AuthToken *pAuthToken;
DbgTrace(1, "-CreateAuthToken- Start\n", 0);
/*
* Authentication tokens have the following format:
*
* <?xml version="1.0" encoding="ISO-8859-1"?>
* <auth_token>
* <signature>signature value</signature>
* <lifetime>lifetime value</lifetime>
* <ident_token><type>identity token type</type>identity token data</ident_token>
* </auth_token>
*
*/
// Allocate AuthToken object
pAuthToken = malloc(sizeof(*pAuthToken));
if (pAuthToken)
{
XML_Parser p;
// Initialize the AuthToken object and set it in the
// authentication response parse object.
memset(pAuthToken, 0, sizeof(*pAuthToken));
authTokenParse.pAuthToken = pAuthToken;
// Create parser
p = XML_ParserCreate(NULL);
if (p)
{
// Keep track of the parser in our parse object
authTokenParse.p = p;
// Initialize the status within the parse object
authTokenParse.status = CASA_STATUS_SUCCESS;
// Set the start and end element handlers
XML_SetElementHandler(p,
AuthTokenStartElementHandler,
AuthTokenEndElementHandler);
// Set the character data handler
XML_SetCharacterDataHandler(p, AuthTokenCharDataHandler);
// Set our user data
XML_SetUserData(p, &authTokenParse);
// Parse the document
if (XML_Parse(p, pTokenBuf, tokenBufLen, 1) == XML_STATUS_OK)
{
// Verify that the parse operation completed successfully
if (authTokenParse.state == DONE_PARSING)
{
// The parse operation succeded.
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-CreateAuthToken- Parse operation did not complete\n", 0);
// Check if a status has been recorded
if (authTokenParse.status != CASA_STATUS_SUCCESS)
{
retStatus = authTokenParse.status;
}
else
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
}
}
else
{
DbgTrace(0, "-CreateAuthToken- Parse error %d\n", XML_GetErrorCode(p));
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_PROTOCOL_ERROR);
}
// Free the parser
XML_ParserFree(p);
}
else
{
DbgTrace(0, "-CreateAuthToken- Parser creation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
// Return the AuthenticationResp object to the caller if necessary
if (CASA_SUCCESS(retStatus))
{
*ppAuthToken = pAuthToken;
}
else
{
free(pAuthToken);
}
}
else
{
DbgTrace(0, "-CreateAuthToken- Memory allocation error\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(1, "-CreateAuthToken- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
void
RelAuthToken(
IN AuthToken *pAuthToken)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
DbgTrace(1, "-RelAuthToken- Start\n", 0);
// Free the resources associated with the object
if (pAuthToken->pSignature)
free(pAuthToken->pSignature);
if (pAuthToken->pIdenTokenType)
free(pAuthToken->pIdenTokenType);
if (pAuthToken->pIdenToken)
free(pAuthToken->pIdenToken);
free(pAuthToken);
DbgTrace(1, "-RelAuthToken- End\n", 0);
}
//++=======================================================================
CasaStatus
CheckAuthToken(
IN AuthToken *pAuthToken,
IN const char *pServiceName)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L0
//=======================================================================--
{
CasaStatus retStatus = CASA_STATUS_SUCCESS;
DbgTrace(1, "-CheckuthToken- Start\n", 0);
// tbd
DbgTrace(1, "-CheckAuthToken- End, retStatus = %08X\n", retStatus);
return retStatus;
}

2
CASA-auth-token/non-java/server/AuthTokenValidate/idenTokenProviders/casa/README
View File

@ -13,7 +13,7 @@ Authentication.
CONFIGURATION CONFIGURATION
The path to the casa_identoken plug-in is configured by placing the file The path to the casa_identoken plug-in is configured by placing the file
CasaIdentityToken.conf in the /etc/opt/CASA/authtoken.d/modules.d folder. CasaIdentityToken.conf in the /etc/CASA/authtoken.d/modules.d folder.
PROGRAMMING NOTES PROGRAMMING NOTES

2
CASA-auth-token/non-java/server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf
View File

@ -10,6 +10,6 @@
# # # #
####################################################### #######################################################
LibraryName /opt/novell/CASA/lib/casa_iden_token.so LibraryName /usr/lib/casa_iden_token.so

4
CASA-auth-token/non-java/server/AuthTokenValidate/idenTokenProviders/casa/linux/Makefile.am
View File

@ -54,7 +54,7 @@ CFILES = ../identokenprovider.c \
CSFILES_CSC := CSFILES_CSC :=
INCLUDES = -I. -I.. -I../../.. -I$(CASAINCLUDE) -I../../../../../include INCLUDES = -I. -I.. -I../../.. -I$(CASAINCLUDE) -I../../../../../include
RESOURCES = RESOURCES =
DEFINES = -Wno-format-extra-args -fno-strict-aliasing DEFINES = -fno-strict-aliasing
CFLAGS += $(INCLUDES) $(DEFINES) CFLAGS += $(INCLUDES) $(DEFINES)
LIBS = -lpthread -ldl -lexpat LIBS = -lpthread -ldl -lexpat
LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT)
@ -62,7 +62,7 @@ LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT)
OBJDIR = ./$(TARGET_CFG)/$(LIB) OBJDIR = ./$(TARGET_CFG)/$(LIB)
OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o)) OBJS = $(addprefix $(OBJDIR)/, $(CFILES:%.c=%.o))
EXTRA_DIST = $(CFILES) *.h EXTRA_DIST = $(CFILES) *.h CasaIdentityToken.conf
CUR_DIR := $(shell pwd) CUR_DIR := $(shell pwd)

2
CASA-auth-token/non-java/server/AuthTokenValidate/identoken.c
View File

@ -81,7 +81,7 @@ GetIdenTokenProviderInterface(
DbgTrace(2, "-GetIdenTokenProviderInterface- Start\n", 0); DbgTrace(2, "-GetIdenTokenProviderInterface- Start\n", 0);
// Get the configuration for the module // Get the configuration for the module
retStatus = GetConfigInterface("/etc/opt/novell/CASA/authtoken.d/modules.d", retStatus = GetConfigInterface("/etc/CASA/authtoken.d/modules.d",
pIdenTokenTypeName, pIdenTokenTypeName,
&pModuleConfigIf); &pModuleConfigIf);
if (CASA_SUCCESS(retStatus) if (CASA_SUCCESS(retStatus)

1
CASA-auth-token/non-java/server/AuthTokenValidate/internal.h
View File

@ -65,6 +65,7 @@ typedef struct _AuthToken
//===[ Global externals ]================================================== //===[ Global externals ]==================================================
extern int DebugLevel; extern int DebugLevel;
extern char IpcClientLibraryPath[];
//===[ External prototypes ]=============================================== //===[ External prototypes ]===============================================

4
CASA-auth-token/non-java/server/AuthTokenValidate/linux/Makefile.am
View File

@ -55,9 +55,9 @@ CFILES = ../config.c \
CSFILES_CSC := CSFILES_CSC :=
INCLUDES = -I. -I.. -I$(CASAINCLUDE) -I../../../include INCLUDES = -I. -I.. -I$(CASAINCLUDE) -I../../../include
RESOURCES = RESOURCES =
DEFINES = -Wno-format-extra-args -fno-strict-aliasing DEFINES = -fno-strict-aliasing
CFLAGS += $(INCLUDES) $(DEFINES) CFLAGS += $(INCLUDES) $(DEFINES)
LIBS = -lpthread -ldl -lexpat -lcasa_c_ipc LIBS = -lpthread -ldl -lexpat
LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) -L$(ROOT)/lib/$(TARGET_CFG) LDFLAGS = -Bsymbolic -shared -Wl,-soname=$(MODULE_NAME).$(MODULE_EXT) -L$(ROOT)/lib/$(TARGET_CFG)
OBJDIR = ./$(TARGET_CFG)/$(LIB) OBJDIR = ./$(TARGET_CFG)/$(LIB)

5
CASA-auth-token/non-java/server/AuthTokenValidate/linux/platform.c
View File

@ -46,6 +46,11 @@ typedef struct _PlatformMutex
// //
pthread_mutex_t g_hModuleMutex = PTHREAD_MUTEX_INITIALIZER; pthread_mutex_t g_hModuleMutex = PTHREAD_MUTEX_INITIALIZER;
//
// Ipc client library path
//
char IpcClientLibraryPath[] = "/usr/lib/libcasa_c_ipc.so";
//++======================================================================= //++=======================================================================
HANDLE HANDLE

159
CASA-auth-token/non-java/server/AuthTokenValidate/validate.c
View File

@ -26,6 +26,12 @@
#include "internal.h" #include "internal.h"
//===[ Manifest constants ]================================================
#define APPLICATION_NOT_MULTI_THREADED "CASA_APPLICATION_NOT_MULTI_THREADED"
#define DOMAIN_SOCKET_FILE_NAME "/var/lib/CASA/authtoken/validate/socket"
//===[ Type definitions ]================================================== //===[ Type definitions ]==================================================
//===[ Function prototypes ]=============================================== //===[ Function prototypes ]===============================================
@ -41,10 +47,23 @@ int DebugLevel = 0;
static static
bool g_moduleInitialized = false; bool g_moduleInitialized = false;
//
// Configuration variables
//
bool g_multiThreadedApplication = true;
// //
// IPC Client Sub-system variables // IPC Client Sub-system variables
// //
uint32_t atvsEndPointHandle; // Authentication Token Validation Service endpoint handle PFN_IpcClientInit g_ipcInitPtr = NULL;
PFN_IpcClientShutdown g_ipcShutdownPtr = NULL;
//PFN_IpcClientOpenInetRemoteEndPoint g_ipcOpenEndPointPtr = NULL;
PFN_IpcClientOpenUnixRemoteEndPoint g_ipcOpenEndPointPtr = NULL;
PFN_IpcClientCloseRemoteEndPoint g_ipcCloseEndPointPtr = NULL;
PFN_IpcClientSubmitReq g_ipcSubmitReq = NULL;
uint32_t g_atvsEndPointHandle; // Authentication Token Validation Service endpoint handle
//++======================================================================= //++=======================================================================
CasaStatus SSCS_CALL CasaStatus SSCS_CALL
@ -131,35 +150,73 @@ ValidateAuthToken(
if (CASA_SUCCESS(retStatus)) if (CASA_SUCCESS(retStatus))
{ {
// Initialize the Client Ipc Subsystem // Initialize the Client Ipc Subsystem
if (IpcClientInit("CASA_AuthTokenValidate", //
true, // First load the library. We load it itself to keep the system
DebugLevel, // from unloading it in-case that the application unloads us. Some
false) == 0) // applications such as PAM application will repeateadly load and
// unload us.
void* libHandle = OpenLibrary(IpcClientLibraryPath);
if (libHandle)
{ {
// Open endpoint for the Authentication Token Validation Service // The Ipc library has been loaded, now get the symbols that we need.
if (IpcClientOpenInetRemoteEndPoint(5000, g_ipcInitPtr = GetFunctionPtr(libHandle, "IpcClientInit");
0x7F000001, g_ipcShutdownPtr = GetFunctionPtr(libHandle, "IpcClientShutdown");
0, //g_ipcOpenEndPointPtr = GetFunctionPtr(libHandle, "IpcClientOpenInetRemoteEndPoint");
&atvsEndPointHandle) == 0) g_ipcOpenEndPointPtr = GetFunctionPtr(libHandle, "IpcClientOpenUnixRemoteEndPoint");
g_ipcCloseEndPointPtr = GetFunctionPtr(libHandle, "IpcClientCloseRemoteEndPoint");
g_ipcSubmitReq = GetFunctionPtr(libHandle, "IpcClientSubmitReq");
if (g_ipcInitPtr == NULL
|| g_ipcShutdownPtr == NULL
|| g_ipcOpenEndPointPtr == NULL
|| g_ipcCloseEndPointPtr == NULL
|| g_ipcSubmitReq == NULL)
{ {
// Success DbgTrace(0, "-ValidateAuthToken- Failed to get needed Ipc library function pointer\n", 0);
g_moduleInitialized = true;
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to open remote endpoint\n", 0);
IpcClientShutdown();
IdenTokenUninit(); IdenTokenUninit();
PrincipalIfUninit(); PrincipalIfUninit();
ConfigIfUninit(); ConfigIfUninit();
} }
else
{
if ((g_ipcInitPtr)("CASA_AuthTokenValidate",
g_multiThreadedApplication,
DebugLevel,
false) == 0)
{
// Open endpoint for the Authentication Token Validation Service
//if ((g_ipcOpenEndPointPtr)(5000,
// 0x7F000001,
// 0,
// &g_atvsEndPointHandle) == 0)
if ((g_ipcOpenEndPointPtr)(DOMAIN_SOCKET_FILE_NAME,
0,
&g_atvsEndPointHandle) == 0)
{
// Success
g_moduleInitialized = true;
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to open remote endpoint\n", 0);
(g_ipcShutdownPtr)();
IdenTokenUninit();
PrincipalIfUninit();
ConfigIfUninit();
}
}
else
{
DbgTrace(0, "-ValidateAuthToken- Ipc subsystem initialization failed\n", 0);
(g_ipcShutdownPtr)();
IdenTokenUninit();
PrincipalIfUninit();
ConfigIfUninit();
}
}
} }
else else
{ {
DbgTrace(0, "-ValidateAuthToken- Ipc subsystem initialization failed\n", 0); DbgTrace(0, "-ValidateAuthToken- Failed to load Ipc library, error = %d\n", dlerror());
IdenTokenUninit();
PrincipalIfUninit();
ConfigIfUninit();
} }
} }
else else
@ -193,13 +250,18 @@ ValidateAuthToken(
char *pIdenTokenData; char *pIdenTokenData;
int idenTokenDataLen; int idenTokenDataLen;
// Assume failure
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_AUTHENTICATION_FAILURE);
// Token was decoded successfully, now submit the authentication token to the // Token was decoded successfully, now submit the authentication token to the
// authentication token validation service. // authentication token validation service.
if (IpcClientSubmitReq(atvsEndPointHandle, if ((g_ipcSubmitReq)(g_atvsEndPointHandle,
pDecodedTokenBuf, pDecodedTokenBuf,
decodedTokenBufLen, decodedTokenBufLen,
&pIdenTokenData, &pIdenTokenData,
&idenTokenDataLen) == 0) &idenTokenDataLen) == 0)
{ {
// The submit succeeded, make sure that we got some identity data back. // The submit succeeded, make sure that we got some identity data back.
if (pIdenTokenData) if (pIdenTokenData)
@ -287,6 +349,51 @@ exit:
} }
//++=======================================================================
static void __attribute__((constructor))
so_init()
//
// Arguments In: None.
//
// Arguments Out: None.
//
// Returns: Nothing.
//
// Abstract: Library initialization routine.
//
// L2
//=======================================================================--
{
// Check for environment variable specifying that the application is
// multi-threaded.
if (getenv(APPLICATION_NOT_MULTI_THREADED) != NULL)
{
// The parameter has been configured, remember it.
g_multiThreadedApplication = false;
}
}
//++=======================================================================
static void __attribute__((destructor))
so_fini()
//
// Arguments In: None.
//
// Arguments Out: None.
//
// Returns: Nothing.
//
// Abstract: Library un-initialization routine.
//
// L2
//=======================================================================--
{
if (g_ipcShutdownPtr)
(g_ipcShutdownPtr)();
}
//++======================================================================= //++=======================================================================
//++======================================================================= //++=======================================================================
//++======================================================================= //++=======================================================================

2
CASA-auth-token/non-java/server/PamSupport/test/README
View File

@ -19,7 +19,7 @@ Execute script: make.sh.
RUNNING APPLICATION RUNNING APPLICATION
Execute the following command: ./pamTest -s testService Execute the following command: ./pamTest -s testservice

2
CASA-auth-token/non-java/server/PamSupport/test/make.sh
View File

@ -1,2 +1,2 @@
#!/bin/bash #!/bin/bash
gcc -o pamTest test.c -g -I"../../.." -I"../../../../include" -DN_PLAT_UNIX -L"../../../lib/Release" -lpam gcc -o pamTest test.c -g -DN_PLAT_UNIX -L"../../../lib/Release" -lpam

4
CASA-auth-token/non-java/server/PamSupport/test/test.c
View File

@ -251,7 +251,7 @@ ProcessConnection(int connSock)
//=======================================================================-- //=======================================================================--
{ {
char userName[] = "CasaPrincipal"; char userName[] = "CasaPrincipal";
char token[4096] = {0}; char token[8192] = {0};
char helloString[100] = {0}; char helloString[100] = {0};
AppUserData appUserData = {userName, token}; AppUserData appUserData = {userName, token};
struct pam_conv conv = {Converse, &appUserData}; struct pam_conv conv = {Converse, &appUserData};
@ -389,7 +389,7 @@ ExecuteTests(void)
(struct sockaddr*) &boundAddr, (struct sockaddr*) &boundAddr,
&addrLen) != SOCKET_ERROR) &addrLen) != SOCKET_ERROR)
{ {
printf("Listen port = %d\n", boundAddr.sin_port); printf("Listen port = %d\n", htons(boundAddr.sin_port));
// Now start linstening for connections // Now start linstening for connections
if (listen(listenSock, SOMAXCONN) != SOCKET_ERROR) if (listen(listenSock, SOMAXCONN) != SOCKET_ERROR)

2
CASA-auth-token/non-java/utilities/IpcLibs/linux/client/cchannel.cpp
View File

@ -625,7 +625,7 @@ CChannel::connectionThread(
// Free SmartCChannel // Free SmartCChannel
delete pSmartCChannel; delete pSmartCChannel;
DbgTrace(1, "CChannel::connectionThread- End\n", 0); DbgTrace(0, "CChannel::connectionThread- End\n", 0);
// Exit // Exit
pthread_exit(NULL); pthread_exit(NULL);

32
CASA-auth-token/non-java/utilities/IpcLibs/linux/client/client.cpp
View File

@ -38,6 +38,9 @@ extern "C" {
//===[ External data ]===================================================== //===[ External data ]=====================================================
extern
unsigned long numCChannelObjects;
//===[ External prototypes ]=============================================== //===[ External prototypes ]===============================================
//===[ Manifest constants ]================================================ //===[ Manifest constants ]================================================
@ -116,7 +119,7 @@ IpcClientOpenUnixRemoteEndPoint(
// Note: The service should have been initialized before calling // Note: The service should have been initialized before calling
// this procedure. // this procedure.
// //
// L1 // L2
//=======================================================================-- //=======================================================================--
{ {
int retStatus = -1; int retStatus = -1;
@ -241,6 +244,8 @@ IpcClientOpenInetRemoteEndPoint(
pthread_mutex_lock(&clientMutex); pthread_mutex_lock(&clientMutex);
try { try {
// tbd - add code to allow us to share endpoints to the same destination that are already opened
//
// Instantiate a RemoteEndPoint object and keep track of it // Instantiate a RemoteEndPoint object and keep track of it
// with a smart pointer. // with a smart pointer.
SmartRemoteEndPoint *pSmartRemoteEndPoint = new SmartRemoteEndPoint(new RemoteEndPoint(appMultithreaded, SmartRemoteEndPoint *pSmartRemoteEndPoint = new SmartRemoteEndPoint(new RemoteEndPoint(appMultithreaded,
@ -583,6 +588,11 @@ IpcClientShutdown(void)
delete[] pAppName; delete[] pAppName;
pAppName = unInitialized; pAppName = unInitialized;
} }
// Wait until all of the channels are gone
while (numCChannelObjects)
sleep(0); // Only suffer a time-slice
sleep(0);
} }
else else
{ {
@ -593,6 +603,26 @@ IpcClientShutdown(void)
} }
//++=======================================================================
static void __attribute__((destructor))
so_fini()
//
// Arguments In: None.
//
// Arguments Out: None.
//
// Returns: Nothing.
//
// Abstract: Library un-initialization routine.
//
// L2
//=======================================================================--
{
DbgTrace(0, "so_fini- Start\n", 0);
IpcClientShutdown();
}
//========================================================================= //=========================================================================
//========================================================================= //=========================================================================

41
CASA-auth-token/non-java/utilities/IpcLibs/linux/client/remoteendpoint.cpp
View File

@ -37,7 +37,7 @@
//===[ Manifest constants ]================================================ //===[ Manifest constants ]================================================
#define REMOTE_ENDPOINT_SIGNATURE 0x54525653 // SVRT #define REMOTE_ENDPOINT_SIGNATURE 0X50454D52 // RMEP
//===[ Type definitions ]================================================== //===[ Type definitions ]==================================================
@ -75,7 +75,7 @@ RemoteEndPoint::RemoteEndPoint(
// //
// Notes: // Notes:
// //
// L1 // L2
//=======================================================================-- //=======================================================================--
{ {
DbgTrace(1, "RemoteEndPoint::RemoteEndPoint- Start, Obj = %08X\n", this); DbgTrace(1, "RemoteEndPoint::RemoteEndPoint- Start, Obj = %08X\n", this);
@ -349,6 +349,7 @@ RemoteEndPoint::submitReq(
// Perform the following in a loop to deal with abnormal connection terminations // Perform the following in a loop to deal with abnormal connection terminations
unsigned long rpcRetryCount = 0; unsigned long rpcRetryCount = 0;
bool okToRetry = true;
while (rpcRetryCount < m_maxRpcRetries) while (rpcRetryCount < m_maxRpcRetries)
{ {
// Get SmartCChannel // Get SmartCChannel
@ -372,19 +373,30 @@ RemoteEndPoint::submitReq(
{ {
// Request submission over the channel succeeded, now // Request submission over the channel succeeded, now
// wait for the completion of the request. // wait for the completion of the request.
clientReq.waitForCompletion(ppServerData, if (clientReq.waitForCompletion(ppServerData,
pServerDataLen); pServerDataLen) == 0)
{
// Now proceed based on the completion status
ClientReq::CompletionStatus compStatus = clientReq.completionStatus();
if (compStatus == ClientReq::SuccessCompletionStatus)
{
// Success
retStatus = 0;
}
else
{
// Received a failure from the server, do not retry.
okToRetry = false;
}
}
else
{
// Error waiting for the completion.
okToRetry = false;
}
// Remove the request from the channel // Remove the request from the channel
pCChannel->removeReq(reqId); pCChannel->removeReq(reqId);
// Now proceed based on the completion status
ClientReq::CompletionStatus compStatus = clientReq.completionStatus();
if (compStatus == ClientReq::SuccessCompletionStatus)
{
// Success
retStatus = 0;
}
} }
else else
{ {
@ -402,8 +414,9 @@ RemoteEndPoint::submitReq(
DbgTrace(0, "RemoteEndPoint::submitReq- Channel unavailable\n", 0); DbgTrace(0, "RemoteEndPoint::submitReq- Channel unavailable\n", 0);
} }
// Stop trying if the RPC succeeded // Stop trying if the RPC succeeded or if it is not ok to retry
if (retStatus == 0) if (retStatus == 0
|| !okToRetry)
break; break;
// Account for this RPC try // Account for this RPC try

2
CASA-auth-token/non-java/utilities/IpcLibs/linux/server/server.cpp
View File

@ -1089,7 +1089,7 @@ IpcServerSetUnAddress(
// //
// Note: The service needs to be initialized before calling this procedure. // Note: The service needs to be initialized before calling this procedure.
// //
// L1 // L2
//=======================================================================-- //=======================================================================--
{ {
int retStatus = -1; int retStatus = -1;