API change and new function due to restructuring.

diff --git a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c b/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c
index 9e5da4d..be2c735 100644 (file)
--- a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c
+++ b/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c
@@ -31,7 +31,7 @@ main(int argc, char **argv)
        char                               *name;
        char                               *cert, *key;
        int                                             opt;
-
+       gss_cred_id_t                       cred;
 
        cert = key = NULL;
        name = strrchr(argv[0],'/');
@@ -48,10 +48,11 @@ main(int argc, char **argv)
 
        if ( cert || key ) {
                if ( glite_gsplugin_init_context(&ctx) ) { perror("init context"); exit(1); }
-               if (glite_gsplugin_set_credential(ctx, cert, key)) {
+               if (edg_wll_gss_acquire_cred_gsi(cert, key, &cred, NULL, NULL) != 0) {
                   fprintf (stderr, "Failed to set credentials\n");
                   exit(1);
                }
+               glite_gsplugin_set_credential(ctx, cred);
        }
 
        soap_init(&soap);

diff --git a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c b/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c
index c7343a0..96358fa 100644 (file)
--- a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c
+++ b/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c
@@ -38,6 +38,7 @@ main(int argc, char **argv)
        char                               *subject = NULL;
        int                                             opt,
                                                        port = 19999;
+       char                            *cert_filename = NULL, *key_filename = NULL;
        int                                             sock;
 
 
@@ -49,14 +50,14 @@ main(int argc, char **argv)
        while ((opt = getopt_long(argc, argv, "c:k:p:", long_options, NULL)) != EOF) {
                switch (opt) {
                case 'p': port = atoi(optarg); break;
-               case 'c': ctx->cert_filename = strdup(optarg); break;
-               case 'k': ctx->key_filename = strdup(optarg); break;
+               case 'c': cert_filename = strdup(optarg); break;
+               case 'k': key_filename = strdup(optarg); break;
                case '?':
                default : usage(name); exit(1);
                }
        }
 
-       if ( edg_wll_gss_acquire_cred_gsi(ctx->cert_filename, ctx->key_filename, &ctx->cred, &subject, &gss_code) ) {
+       if ( edg_wll_gss_acquire_cred_gsi(cert_filename, key_filename, &ctx->cred, &subject, &gss_code) ) {
                edg_wll_gss_get_error(&gss_code, "Failed to read credential", &msg);
                fprintf(stderr, "%s\n", msg);
                free(msg);

diff --git a/org.glite.security.gsoap-plugin/interface/glite_gsplugin-int.h b/org.glite.security.gsoap-plugin/interface/glite_gsplugin-int.h
index 9ae3bb4..6a48cde 100644 (file)
--- a/org.glite.security.gsoap-plugin/interface/glite_gsplugin-int.h
+++ b/org.glite.security.gsoap-plugin/interface/glite_gsplugin-int.h
@@ -12,11 +12,10 @@ struct _glite_gsplugin_ctx {
 
        char                               *error_msg;
 
-       char                               *key_filename;
-       char                               *cert_filename;
-
        edg_wll_GssConnection  *connection;
        gss_cred_id_t                   cred;
+       int                             internal_connection;
+       int                             internal_credentials;
 
        void                               *user_data;
 };

diff --git a/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h b/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h
index be3aa74..dce770a 100644 (file)
--- a/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h
+++ b/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h
@@ -20,8 +20,8 @@ extern void *glite_gsplugin_get_udata(struct soap *);
 extern void glite_gsplugin_set_udata(struct soap *, void *);
 
 extern void glite_gsplugin_set_timeout(glite_gsplugin_Context, struct timeval const *);
-extern int glite_gsplugin_set_credential(glite_gsplugin_Context, const char *, const char *);
-extern void glite_gsplugin_set_connection(glite_gsplugin_Context, edg_wll_GssConnection *);
+extern void glite_gsplugin_set_credential(glite_gsplugin_Context, gss_cred_id_t);
+extern int glite_gsplugin_set_connection(glite_gsplugin_Context, edg_wll_GssConnection *);
 
 extern int glite_gsplugin(struct soap *, struct soap_plugin *, void *);
 extern char *glite_gsplugin_errdesc(struct soap *);

diff --git a/org.glite.security.gsoap-plugin/src/glite_gsplugin.c b/org.glite.security.gsoap-plugin/src/glite_gsplugin.c
index 1131532..5112ca8 100644 (file)
--- a/org.glite.security.gsoap-plugin/src/glite_gsplugin.c
+++ b/org.glite.security.gsoap-plugin/src/glite_gsplugin.c
@@ -53,12 +53,13 @@ glite_gsplugin_init_context(glite_gsplugin_Context *ctx)
 int
 glite_gsplugin_free_context(glite_gsplugin_Context ctx)
 {
-       OM_uint32       ms;
-       
+       OM_uint32       ms;
+
        if (ctx == NULL)
           return 0;
 
-       if ( ctx->cred != GSS_C_NO_CREDENTIAL ) gss_release_cred(&ms, &ctx->cred);
+       if ( ctx->internal_credentials && ctx->cred != GSS_C_NO_CREDENTIAL ) 
+               gss_release_cred(&ms, &ctx->cred);
        if ( ctx->connection ) {
                if ( ctx->connection->context != GSS_C_NO_CONTEXT )
                        edg_wll_gss_close(ctx->connection, NULL);
@@ -66,10 +67,6 @@ glite_gsplugin_free_context(glite_gsplugin_Context ctx)
        }
        if (ctx->error_msg)
           free(ctx->error_msg);
-       if (ctx->key_filename)
-          free(ctx->key_filename);
-       if (ctx->cert_filename)
-          free(ctx->cert_filename);
        free(ctx);
 
        return 0;
@@ -110,6 +107,7 @@ void glite_gsplugin_set_timeout(glite_gsplugin_Context ctx, struct timeval const
        else ctx->timeout = NULL;
 }
 
+#if 0
 int
 glite_gsplugin_set_credential(glite_gsplugin_Context ctx,
                              const char *cert,
@@ -129,13 +127,35 @@ glite_gsplugin_set_credential(glite_gsplugin_Context ctx,
 
    return 0;
 }
+#endif
 
 void
+glite_gsplugin_set_credential(glite_gsplugin_Context ctx,
+                               gss_cred_id_t cred)
+{
+       ctx->cred = cred;
+       ctx->internal_credentials = 0;
+}
+
+int
 glite_gsplugin_set_connection(glite_gsplugin_Context ctx, edg_wll_GssConnection *conn)
 {
-       free(ctx->connection);
-       ctx->connection = malloc(sizeof(*ctx->connection));
-       memcpy(ctx->connection, conn, sizeof(*ctx->connection));
+       int                                             ret = SOAP_OK;
+
+       if ( ctx->connection ) {
+               if ( ctx->internal_connection && ctx->connection->context != GSS_C_NO_CONTEXT) {
+                       pdprintf(("GSLITE_GSPLUGIN: closing gss connection\n"));
+                       ret = edg_wll_gss_close(ctx->connection, ctx->timeout);
+               }
+               free(ctx->connection);
+       }
+       if (conn) {
+               ctx->connection = malloc(sizeof(edg_wll_GssConnection));
+               memcpy(ctx->connection, conn, sizeof(edg_wll_GssConnection));
+       } else ctx->connection = NULL;
+       ctx->internal_connection = 0;
+
+       return ret;
 }
 
 int
@@ -165,6 +185,7 @@ glite_gsplugin(struct soap *soap, struct soap_plugin *p, void *arg)
                        glite_gsplugin_free_context(pdata->ctx);
                        return EINVAL;
                }
+               pdata->ctx->internal_credentials = 1;
                pdprintf(("GSLITE_GSPLUGIN: server running with certificate: %s\n", subject));
                free(subject);
                pdata->def = 1;
@@ -250,14 +271,15 @@ glite_gsplugin_connect(
        ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx;
 
        if ( ctx->cred == GSS_C_NO_CREDENTIAL ) {
-               pdprintf(("GSLITE_GSPLUGIN: loading credentials\n"));
-               ret = edg_wll_gss_acquire_cred_gsi(ctx->cert_filename, ctx->key_filename,
-                                               &ctx->cred, NULL, &gss_stat);
+               pdprintf(("GSLITE_GSPLUGIN: loading default credentials\n"));
+               ret = edg_wll_gss_acquire_cred_gsi(NULL, NULL,
+                       &ctx->cred, NULL, &gss_stat);
                if ( ret ) {
                        edg_wll_gss_get_error(&gss_stat, "failed to load GSI credentials",
-                                               &ctx->error_msg);
+                               &ctx->error_msg);
                        goto err;
                }
+               ctx->internal_credentials = 1;
        }
 
        if ( !(ctx->connection = malloc(sizeof(*ctx->connection))) ) return errno;
@@ -271,6 +293,7 @@ glite_gsplugin_connect(
                edg_wll_gss_get_error(&gss_stat, "edg_wll_gss_connect()", &ctx->error_msg);
                goto err;
        }
+       ctx->internal_connection = 1;
 
        soap->errnum = 0;
        return 0;
@@ -298,21 +321,10 @@ static int
 glite_gsplugin_close(struct soap *soap)
 {
        glite_gsplugin_Context  ctx;
-       int                                             ret = SOAP_OK;
-
 
        pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_close()\n"));
        ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx;
-       if ( ctx->connection ) {
-               if ( ctx->connection->context != GSS_C_NO_CONTEXT) {
-                       pdprintf(("GSLITE_GSPLUGIN: closing gss connection\n"));
-                       ret = edg_wll_gss_close(ctx->connection, ctx->timeout);
-               }
-               free(ctx->connection);
-               ctx->connection = NULL;
-       }
-
-       return ret;
+       return glite_gsplugin_set_connection(ctx, NULL);
 }
 
 
@@ -327,8 +339,10 @@ glite_gsplugin_accept(struct soap *soap, int s, struct sockaddr *a, int *n)
        pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_accept()\n"));
        ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx;
        if ( (conn = accept(s, (struct sockaddr *)&a, n)) < 0 ) return conn;
-       if (   !ctx->connection
-               && !(ctx->connection = malloc(sizeof(*ctx->connection))) ) return -1;
+       if ( !ctx->connection ) {
+               if ( !(ctx->connection = malloc(sizeof(*ctx->connection))) ) return -1;
+               ctx->internal_connection = 1;
+       }
        if ( edg_wll_gss_accept(ctx->cred, conn, ctx->timeout, ctx->connection, &gss_code)) {
                pdprintf(("GSLITE_GSPLUGIN: Client authentication failed, closing.\n"));
                edg_wll_gss_get_error(&gss_code, "Client authentication failed", &ctx->error_msg);

diff --git a/org.glite.security.gss/Makefile b/org.glite.security.gss/Makefile
index 03bd481..3ded94f 100644 (file)
--- a/org.glite.security.gss/Makefile
+++ b/org.glite.security.gss/Makefile
@@ -133,7 +133,7 @@ distbin:
 install:
        -mkdir -p ${PREFIX}/lib
        -mkdir -p ${PREFIX}/share/doc/${package}-${version}
-       -mkdir -p ${PREFIX}/include/glite/security/${package}
+       -mkdir -p ${PREFIX}/include/glite/security
        ${INSTALL} -m 755 ${GSS_LTLIB} ${GSS_THRLTLIB} ${PREFIX}/lib
        ${INSTALL} -m 644 ${top_srcdir}/LICENSE ${PREFIX}/share/doc/${package}-${version}
        cd ${top_srcdir}/interface && ${INSTALL} -m 644 ${HDRS} ${PREFIX}/include/glite/security/