#include <string.h>
#include <errno.h>
-#include <globus_common.h>
-
#include "glite/wmsutils/jobid/cjobid.h"
#include "glite/lb/notifid.h"
#include "glite/lb/events.h"
if ( (errno = edg_wlc_JobIdParse(jobid_s, &jobid)) ) { perror(jobid_s); return 1; }
- if (globus_module_activate(GLOBUS_COMMON_MODULE) != GLOBUS_SUCCESS) {
- fprintf(stderr, "Cannot initialize Globus common module\n");
- exit(1);
- }
-
edg_wll_InitContext(&ctx);
if ( !user ) {
#include <string.h>
#include <errno.h>
-#include <globus_common.h>
-
#include "glite/wmsutils/jobid/cjobid.h"
#include "consumer.h"
if ( (errno = edg_wlc_JobIdParse(jobid_s, &jobid)) ) { perror(jobid_s); return 1; }
- if (globus_module_activate(GLOBUS_COMMON_MODULE) != GLOBUS_SUCCESS) {
- fprintf(stderr, "Cannot initialize Globus common module\n");
- exit(1);
- }
-
edg_wll_InitContext(&ctx);
edg_wll_SetParam(ctx, EDG_WLL_PARAM_SOURCE, EDG_WLL_SOURCE_USER_INTERFACE);
#include <expat.h>
#include <pthread.h>
-#include <globus_common.h>
#include "glite/lb/context.h"
#include "glite/lb/xml_conversions.h"
pthread_t threads[thr_num];
pthread_attr_t attr;
- if (globus_module_activate(GLOBUS_COMMON_MODULE) != GLOBUS_SUCCESS) {
- fputs("globus_module_activate()\n",stderr);
- return 1;
- }
-
pthread_attr_init(&attr);
pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE);
#ident "$Header$"
+#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
// XXX: should change the parameter conn_index to int (parameter is IN only)
{
/* close connection and free its structures */
- OM_uint32 min_stat;
int cIndex,ret = 0;
cIndex = *conn_index;
if (ctx->connections->connPool[cIndex].gss.sock)
ret = edg_wll_gss_close(&ctx->connections->connPool[cIndex].gss, &ctx->p_tmp_timeout);
- if (ctx->connections->connPool[cIndex].gsiCred != GSS_C_NO_CREDENTIAL)
- gss_release_cred(&min_stat, &ctx->connections->connPool[cIndex].gsiCred);
+ if (ctx->connections->connPool[cIndex].gsiCred != NULL)
+ edg_wll_gss_release_cred(&ctx->connections->connPool[cIndex].gsiCred, NULL);
free(ctx->connections->connPool[cIndex].peerName);
free(ctx->connections->connPool[cIndex].buf);
free(ctx->connections->connPool[index].peerName); // should be empty; just to be sure
ctx->connections->connPool[index].peerName = strdup(name);
ctx->connections->connPool[index].peerPort = port;
- ctx->connections->connPool[index].gsiCred = GSS_C_NO_CREDENTIAL; // initial value
+ ctx->connections->connPool[index].gsiCred = NULL; // initial value
ctx->connections->connOpened++;
return index;
goto err;
}
- if (ctx->connections->connPool[index].gss.context == GSS_C_NO_CONTEXT) {
+ if (ctx->connections->connPool[index].gss.context == NULL) {
switch (edg_wll_gss_connect(ctx->connections->connPool[index].gsiCred,
ctx->connections->connPool[index].peerName, ctx->connections->connPool[index].peerPort,
&ctx->p_tmp_timeout,&ctx->connections->connPool[index].gss,
if ( use_lbproxy ) {
if ( !lbproxy_user ) {
- gss_cred_id_t gss_cred = GSS_C_NO_CREDENTIAL;
+ edg_wll_GssCred gss_cred = NULL;
edg_wll_GssStatus gss_stat;
- OM_uint32 min_stat;
if ( edg_wll_gss_acquire_cred_gsi(NULL, NULL, &gss_cred, &lbproxy_user, &gss_stat) )
lbproxy_user = "anonymous";
- if ( gss_cred != GSS_C_NO_CREDENTIAL ) gss_release_cred(&min_stat, &gss_cred);
+ if ( gss_cred != NULL ) edg_wll_gss_release_cred(&gss_cred, NULL);
}
if ( lbproxy_store_sock )
edg_wll_SetParam(ctx, EDG_WLL_PARAM_LBPROXY_STORE_SOCK, lbproxy_store_sock);
/* notif_send() & notif_receive() should then migrate to */
/* client/connection.c and use connPool management f-cions */
- if (ctx->connPoolNotif[0].gss.context == GSS_C_NO_CONTEXT)
+ if (ctx->connPoolNotif[0].gss.context == NULL)
{
int ret;
switch(poll(pollfds, 1, tv.tv_sec*1000+tv.tv_usec/1000)) {
int err;
if (ctx->notifSock >= 0) {
- if (ctx->connPoolNotif[0].gss.context != GSS_C_NO_CONTEXT) {
+ if (ctx->connPoolNotif[0].gss.context != NULL) {
edg_wll_gss_close(&ctx->connPoolNotif[0].gss, NULL);
}
err = close(ctx->notifSock);
ctx->connections->connPool[index].peerPort);
#endif
/* gss_connect */
- if (ctx->connections->connPool[index].gss.context == GSS_C_NO_CONTEXT) {
+ if (ctx->connections->connPool[index].gss.context == NULL) {
/* acquire gss credentials */
ret = edg_wll_gss_acquire_cred_gsi(
int ret,answer;
char *my_subject_name = NULL;
edg_wll_GssStatus gss_stat;
- gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
- OM_uint32 min_stat;
+ edg_wll_GssCred cred = NULL;
char *host;
int port;
fprintf(stderr,"edg_wll_log_direct_connect: done (remaining timeout %d.%06d sec)\n",
(int) ctx->p_tmp_timeout.tv_sec, (int) ctx->p_tmp_timeout.tv_usec);
#endif
- if (cred != GSS_C_NO_CREDENTIAL)
- gss_release_cred(&min_stat, &cred);
+ if (cred != NULL)
+ edg_wll_gss_release_cred(&cred, NULL);
if (my_subject_name) free(my_subject_name);
if (host) free(host);
{
char *my_subject_name = NULL;
edg_wll_GssStatus gss_stat;
- gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
- OM_uint32 min_stat;
+ edg_wll_GssCred cred = NULL;
/* acquire gss credentials */
err = edg_wll_gss_acquire_cred_gsi(
} else {
edg_wll_SetParamString(ctx, EDG_WLL_PARAM_LBPROXY_USER, my_subject_name);
}
- if (cred != GSS_C_NO_CREDENTIAL)
- gss_release_cred(&min_stat, &cred);
+ if (cred != NULL)
+ edg_wll_gss_release_cred(&cred, NULL);
if (my_subject_name) free(my_subject_name);
}
} else {
char *my_subject_name = NULL;
edg_wll_GssStatus gss_stat;
- gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
- OM_uint32 min_stat;
+ edg_wll_GssCred cred = NULL;
/* acquire gss credentials */
err = edg_wll_gss_acquire_cred_gsi(
edg_wll_SetParamString(ctx, EDG_WLL_PARAM_LBPROXY_USER, my_subject_name);
}
- if (cred != GSS_C_NO_CREDENTIAL)
- gss_release_cred(&min_stat, &cred);
+ if (cred != NULL)
+ edg_wll_gss_release_cred(&cred, NULL);
if (my_subject_name) free(my_subject_name);
}
unsigned int peerPort;
/* http(s) stream */
- gss_cred_id_t gsiCred;
+ edg_wll_GssCred gsiCred;
edg_wll_GssConnection gss;
char *buf;
int bufUse,bufSize;
void edg_wll_poolFree() {
int i;
struct timeval close_timeout = {0, 50000}; /* Declarations taken over from edg_wll_FreeContext() */
- OM_uint32 min_stat; /* Does not seem to have any use whatsoever - neither
- here nor in edg_wll_FreeContext() */
#ifdef EDG_WLL_CONNPOOL_DEBUG
#ifdef GLITE_LB_THREADED
if (connectionsHandle.connPool[i].peerName) free(connectionsHandle.connPool[i].peerName);
edg_wll_gss_close(&connectionsHandle.connPool[i].gss,&close_timeout);
if (connectionsHandle.connPool[i].gsiCred)
- gss_release_cred(&min_stat, &connectionsHandle.connPool[i].gsiCred);
+ edg_wll_gss_release_cred(&connectionsHandle.connPool[i].gsiCred, NULL);
if (connectionsHandle.connPool[i].buf) free(connectionsHandle.connPool[i].buf);
}
void edg_wll_FreeContext(edg_wll_Context ctx)
{
struct timeval close_timeout = {0, 50000};
- OM_uint32 min_stat;
if (!ctx) return;
#ifdef CTXTRACE
if (ctx->connections->connPool[i].peerName) free(ctx->connections->connPool[i].peerName);
edg_wll_gss_close(&ctx->connections->connPool[i].gss,&close_timeout);
if (ctx->connections->connPool[i].gsiCred)
- gss_release_cred(&min_stat, &ctx->connections->connPool[i].gsiCred);
+ edg_wll_gss_release_cred(&ctx->connections->connPool[i].gsiCred, NULL);
if (ctx->connections->connPool[i].buf) free(ctx->connections->connPool[i].buf);
}
free(ctx->connections->connPool);*/
if (ctx->connPoolNotif[0].peerName) free(ctx->connPoolNotif[0].peerName);
edg_wll_gss_close(&ctx->connPoolNotif[0].gss,&close_timeout);
if (ctx->connPoolNotif[0].gsiCred)
- gss_release_cred(&min_stat, &ctx->connPoolNotif[0].gsiCred);
+ edg_wll_gss_release_cred(&ctx->connPoolNotif[0].gsiCred, NULL);
if (ctx->connPoolNotif[0].buf) free(ctx->connPoolNotif[0].buf);
free(ctx->connPoolNotif);
}
#include <math.h>
#include <sys/stat.h>
#include <unistd.h>
+#include <errno.h>
#include "glite/lb/context-int.h"
}
edg_wll_ResetError(ctx);
- if (connPTR->gss.context != GSS_C_NO_CONTEXT)
+ if (connPTR->gss.context != NULL)
sock = connPTR->gss.sock;
else {
edg_wll_SetError(ctx,ENOTCONN,NULL);
edg_wll_ResetError(ctx);
- if (connPTR->gss.context == GSS_C_NO_CONTEXT)
+ if (connPTR->gss.context == NULL)
return edg_wll_SetError(ctx,ENOTCONN,NULL);
if (real_write(ctx,&connPTR->gss,first,strlen(first)) < 0 ||
#include <ctype.h>
#include <string.h>
#include <assert.h>
+#include <errno.h>
#include <expat.h> // Expat header file
#include <unistd.h>
#endif
#include <fcntl.h>
+#include <sys/param.h>
#include "glite/lb/events_parse.h"
extern void _start (void), etext (void);
#endif
-/* XXX DK: */
-#include <err.h> // SSL header file
-
#include "glite/security/glite_gss.h"
#include "il_error.h"
interlogger - collect events from local-logger and send them to logging and bookkeeping servers
*/
+#include <stdio.h>
#include <getopt.h>
#include <string.h>
#include <signal.h>
#include <pthread.h>
+#include <errno.h>
#include "interlogd.h"
#include "glite/lb/log_proto.h"
int TIMEOUT = DEFAULT_TIMEOUT;
-gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL;
+edg_wll_GssCred cred_handle = NULL;
pthread_mutex_t cred_handle_lock = PTHREAD_MUTEX_INITIALIZER;
time_t key_mtime = 0, cert_mtime = 0;
#define INPUT_TIMEOUT (60)
-extern gss_cred_id_t cred_handle;
+extern edg_wll_GssCred cred_handle;
extern pthread_mutex_t cred_handle_lock;
extern char *cert_file;
extern char *key_file;
#ident "$Header$"
+#include <stdio.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <unistd.h>
#include <string.h>
#include <getopt.h>
+#include <errno.h>
#include "glite/lb/context-int.h"
#include "glite/lb/timeouts.h"
*----------------------------------------------------------------------
*/
static int
-doit(int socket, gss_cred_id_t cred_handle, char *file_name_prefix, int noipc, int noparse)
+doit(int socket, edg_wll_GssCred cred_handle, char *file_name_prefix, int noipc, int noparse)
{
char *subject;
int ret,fd,count;
struct timeval timeout;
edg_wll_GssConnection con;
edg_wll_GssStatus gss_stat;
- gss_buffer_desc gss_token = GSS_C_EMPTY_BUFFER;
- gss_name_t client_name = GSS_C_NO_NAME;
- OM_uint32 min_stat;
- gss_OID name_type = GSS_C_NO_OID;
+ edg_wll_GssPrincipal client = NULL;
fd_set fdset;
struct sockaddr_in peer;
socklen_t alen = sizeof peer;
/* authenticate */
edg_wll_ll_log(LOG_INFO,"Processing authentication:\n");
- gss_stat.major_status = gss_inquire_context(&gss_stat.minor_status, con.context,
- &client_name, NULL, NULL, NULL, NULL,
- NULL, NULL);
- if (GSS_ERROR(gss_stat.major_status)) {
- char *gss_err;
- edg_wll_gss_get_error(&gss_stat, "Cannot read client identification", &gss_err);
- edg_wll_ll_log(LOG_WARNING, "%s: %s\n", inet_ntoa(peer.sin_addr),gss_err);
- free(gss_err);
- } else {
- gss_stat.major_status = gss_display_name(&gss_stat.minor_status, client_name,
- &gss_token, &name_type);
- if (GSS_ERROR(gss_stat.major_status)) {
- char *gss_err;
- edg_wll_gss_get_error(&gss_stat, "Cannot process client identification", &gss_err);
- edg_wll_ll_log(LOG_WARNING, "%s: %s\n",inet_ntoa(peer.sin_addr),gss_err);
- free(gss_err);
- }
+ ret = edg_wll_gss_get_client_conn(&con, &client, &gss_stat);
+ if (ret) {
+ char *gss_err;
+ edg_wll_gss_get_error(&gss_stat, "Cannot read client identification", &gss_err);
+ edg_wll_ll_log(LOG_WARNING, "%s: %s\n", inet_ntoa(peer.sin_addr),gss_err);
+ free(gss_err);
}
- if (GSS_ERROR(gss_stat.major_status) || edg_wll_gss_oid_equal(name_type, GSS_C_NT_ANONYMOUS)) {
+ if (ret || client->flags | EDG_WLL_GSS_FLAG_ANON) {
edg_wll_ll_log(LOG_INFO," User not authenticated, setting as \"%s\". \n",EDG_WLL_LOG_USER_DEFAULT);
subject=strdup(EDG_WLL_LOG_USER_DEFAULT);
} else {
edg_wll_ll_log(LOG_INFO," User successfully authenticated as:\n");
- edg_wll_ll_log(LOG_INFO, " %s\n", (char *)gss_token.value);
- subject=gss_token.value;
- memset(&gss_token.value, 0, sizeof(gss_token.value));
+ edg_wll_ll_log(LOG_INFO, " %s\n", client->name);
+ subject=client->name;
}
+ if (client)
+ edg_wll_gss_free_princ(client);
/* get and process the data */
timeout.tv_sec = CONNECTION_TIMEOUT;
if (con.sock == -1)
edg_wll_ll_log(LOG_DEBUG, "o.k.\n");
if (subject) free(subject);
- if (gss_token.length)
- gss_release_buffer(&min_stat, &gss_token);
- if (client_name != GSS_C_NO_NAME)
- gss_release_name(&min_stat, &client_name);
return ret;
}
char *my_subject_name = NULL;
time_t cert_mtime = 0, key_mtime = 0;
- OM_uint32 min_stat;
edg_wll_GssStatus gss_stat;
- gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
+ edg_wll_GssCred cred = NULL;
setlinebuf(stdout);
listener_fd = do_listen(port);
if (listener_fd == -1) {
edg_wll_ll_log(LOG_CRIT,"Failed to listen on port %d\n",port);
- gss_release_cred(&min_stat, &cred);
+ edg_wll_gss_release_cred(&cred, NULL);
exit(-1);
} else {
edg_wll_ll_log(LOG_DEBUG,"Listener's socket descriptor is '%d'\n",listener_fd);
close(listener_fd);
edg_wll_ll_log(LOG_CRIT,"Failed to accept incomming connections\n");
SYSTEM_ERROR("accept");
- gss_release_cred(&min_stat, &cred);
+ edg_wll_gss_release_cred(&cred, NULL);
exit(-1);
} else {
edg_wll_ll_log(LOG_DEBUG,"Incomming connection on socket '%d'\n",client_fd);
}
switch (edg_wll_gss_watch_creds(cert_file,&cert_mtime)) {
- gss_cred_id_t newcred;
+ edg_wll_GssCred newcred;
case 0: break;
case 1:
ret = edg_wll_gss_acquire_cred_gsi(cert_file,key_file,&newcred,NULL,&gss_stat);
edg_wll_ll_log(LOG_WARNING,"Reloading credentials failed, continue with older\n");
} else {
edg_wll_ll_log(LOG_INFO,"Reloading credentials\n");
- gss_release_cred(&min_stat, &cred);
+ edg_wll_gss_release_cred(&cred, NULL);
cred = newcred;
}
break;
end:
if (listener_fd) close(listener_fd);
- gss_release_cred(&min_stat, &cred);
+ edg_wll_gss_release_cred(&cred, NULL);
exit(ret);
}
#ident "$Header$"
+#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <string.h>
#include <syslog.h>
#include <fcntl.h>
+#include <stdarg.h>
+#include <errno.h>
#include "glite/lb/context-int.h"
#include "glite/lb/escape.h"
if(pthread_mutex_lock(&cred_handle_lock) < 0)
abort();
if (edg_wll_gss_watch_creds(cert_file, &cert_mtime) > 0) {
- gss_cred_id_t new_cred_handle = GSS_C_NO_CREDENTIAL;
- OM_uint32 min_stat;
+ edg_wll_GssCred new_cred_handle = NULL;
int ret;
ret = edg_wll_gss_acquire_cred_gsi(cert_file,key_file,
&new_cred_handle, NULL, NULL);
- if (new_cred_handle != GSS_C_NO_CREDENTIAL) {
- gss_release_cred(&min_stat, &cred_handle);
+ if (new_cred_handle != NULL) {
+ edg_wll_gss_release_cred(&cred_handle, NULL);
cred_handle = new_cred_handle;
il_log(LOG_INFO, "New certificate found and deployed.\n");
}
if(!nosend) {
#endif
- if(eq->gss.context == GSS_C_NO_CONTEXT) {
+ if(eq->gss.context == NULL) {
tv.tv_sec = TIMEOUT;
tv.tv_usec = 0;
set_error(IL_DGGSS, ret,
(ret == EDG_WLL_GSS_ERROR_GSS) ? gss_err : "event_queue_connect: edg_wll_gss_connect");
if (gss_err) free(gss_err);
- eq->gss.context = GSS_C_NO_CONTEXT;
+ eq->gss.context = NULL;
eq->timeout = TIMEOUT;
return(0);
}
if(!nosend) {
#endif
- if(eq->gss.context != GSS_C_NO_CONTEXT) {
+ if(eq->gss.context != NULL) {
edg_wll_gss_close(&eq->gss, NULL);
- eq->gss.context = GSS_C_NO_CONTEXT;
+ eq->gss.context = NULL;
}
#ifdef LB_PERF
}
#ifdef LB_PERF
if(!nosend) {
#endif
- if(eq->gss.context == GSS_C_NO_CONTEXT)
+ if(eq->gss.context == NULL)
return(0);
#ifdef LB_PERF
}
git://scientific.zcu.cz / jra1mw.git / commitdiff