typedef struct _edg_wll_authz_policy *edg_wll_authz_policy;
+typedef struct _edg_wll_mapping_rule {
+ char *a;
+ char *b;
+} _edg_wll_mapping_rule;
+
+typedef struct _edg_wll_id_mapping {
+ struct _edg_wll_mapping_rule **rules;
+ int num;
+} _edg_wll_id_mapping;
+
int
edg_wll_add_authz_rule(edg_wll_Context ctx,
edg_wll_authz_policy policy,
char *authz_policy_file;
char *html_header_file;
+
+ _edg_wll_id_mapping id_mapping;
)
/* to be used internally: set, update and and clear the error information in
}
free (ctx->authz_policy.actions);
}
+ if (ctx->id_mapping.num) {
+ for (i = 0; i < ctx->id_mapping.num; i++) {
+ free(ctx->id_mapping.rules[i]->a);
+ free(ctx->id_mapping.rules[i]->b);
+ free(ctx->id_mapping.rules[i]);
+ }
+ free(ctx->id_mapping.rules);
+ ctx->id_mapping.num = 0;
+ }
if (ctx->jpreg_dir) free(ctx->jpreg_dir);
if (ctx->serverIdentity) free(ctx->serverIdentity);
static char **msg_prefixes = NULL;
char * html_header = NULL;
static int html_header_forced = 0;
+static char *gridmap = NULL;
+struct _edg_wll_id_mapping id_mapping = {NULL, 0};
static struct option opts[] = {
{"rss-time", 1, NULL, 'I'},
{"policy", 1, NULL, 'l'},
{"exclusive-zombies-off", 0, NULL, 'E'},
+ {"gridmap-file",1, NULL, 'M'},
{NULL,0,NULL,0}
};
-static const char *get_opt_string = "Ac:k:C:V:p:a:drm:ns:i:S:D:J:jR:F:xOL:N:X:Y:T:t:e:f:zb:gPBo:q:W:Z:GI:l:EH:"
+static const char *get_opt_string = "Ac:k:C:V:p:a:drm:M:ns:i:S:D:J:jR:F:xOL:N:X:Y:T:t:e:f:zb:gPBo:q:W:Z:GI:l:EH:"
#ifdef GLITE_LB_SERVER_WITH_WS
"w:"
#endif
"\t-s, --slaves\t number of slave servers to fork\n"
"\t-i, --pidfile\t file to store master pid\n"
"\t-L, --limits\t query limits numbers in format \"events_limit:jobs_limit:size_limit\"\n"
+ "\t-M, --gridmap-file\tgridmap-file to map clients identities\"\n"
"\t-N, --notif-dur default[:max]\t Duration of notification registrations in seconds (default and maximal)\n"
"\t-S, --purge-prefix\t purge files full-path prefix\n"
"\t-D, --dump-prefix\t dump files full-path prefix\n"
return 1;
}
break;
+ case 'M': gridmap = strdup(optarg); break;
case 'N': {
int std,max;
switch (sscanf(optarg,"%d:%d",&std,&max)) {
return 1;
}
+ if (gridmap && parse_gridmap(ctx, gridmap, &id_mapping)) {
+ char *et, *ed;
+
+ edg_wll_Error(ctx,&et,&ed);
+ glite_common_log(LOG_CATEGORY_CONTROL, LOG_PRIORITY_FATAL, "Cannot load identity mapping: %s: %s\n", et, ed);
+ return 1;
+ }
+
if (!html_header) {
char *html_header_prefix = getenv("GLITE_LB_LOCATION_ETC");
if (!html_header_prefix) html_header_prefix="/etc";
if (html_header) ctx->html_header_file = strdup(html_header);
else ctx->html_header_file = NULL;
+ ctx->id_mapping = id_mapping;
+
gettimeofday(&conn_start, 0);
alen = sizeof(a);
}
int
+equal_mapped(const char *a, const char *b, struct _edg_wll_id_mapping *mapping)
+{
+ int i;
+
+ if (mapping == NULL || mapping->num == 0)
+ return 0;
+
+ for (i = 0; i < mapping->num; i++) {
+ if (edg_wll_gss_equal_subj(a, mapping->rules[i]->a) &&
+ edg_wll_gss_equal_subj(b, mapping->rules[i]->b))
+ return 1;
+ if (edg_wll_gss_equal_subj(a, mapping->rules[i]->b) &&
+ edg_wll_gss_equal_subj(b, mapping->rules[i]->a))
+ return 1;
+ }
+ return 0;
+}
+
+int
check_jobstat_authz(edg_wll_Context ctx,
const edg_wll_JobStat *stat,
int job_flags,
if (edg_wll_gss_equal_subj(peer->name, stat->owner))
return 1;
+ if (equal_mapped(peer->name, stat->owner, &ctx->id_mapping))
+ return 1;
+
if (stat->payload_owner && edg_wll_gss_equal_subj(peer->name, stat->payload_owner))
return 1;
return 0;
}
+
+int
+parse_gridmap(edg_wll_Context ctx,
+ const char *file,
+ struct _edg_wll_id_mapping *mapping)
+{
+ FILE *fd = NULL;
+ char line[4096];
+ char *p, *a, *b;
+ int ret;
+ struct _edg_wll_mapping_rule *rule = NULL, **tmp;
+
+ fd = fopen(file, "r");
+ if (fd == NULL)
+ return edg_wll_SetError(ctx, errno, "Failed to open mapping file");
+
+ /* XXX -1 */
+ while (fgets(line, sizeof(line), fd) != NULL) {
+ p = strchr(line, '\n');
+ if (p)
+ *p = '\0';
+
+ p = line;
+ while(p && *p == ' ')
+ p++;
+ a = p;
+
+ p = strchr(line, ' ');
+ if (!p) {
+ ret = edg_wll_SetError(ctx, EINVAL, "Wrong format of mapping file");
+ goto end;
+ }
+ *p++ = '\0';
+
+ while(p && *p == ' ')
+ p++;
+ b = p;
+
+ rule = malloc(sizeof(*rule));
+ if (rule == NULL) {
+ ret = edg_wll_SetError(ctx, ENOMEM, "Not enough memory");
+ goto end;
+ }
+ rule->a = strdup(a);
+ rule->b = strdup(b);
+ if (rule->a == NULL || rule->b == NULL) {
+ ret = edg_wll_SetError(ctx, ENOMEM, "Not enough memory");
+ goto end;
+ }
+
+ tmp = realloc(mapping->rules, (mapping->num+1) * sizeof(*tmp));
+ if (tmp == NULL) {
+ ret = edg_wll_SetError(ctx, ENOMEM, "Not enough memory");
+ goto end;
+ }
+ mapping->rules = tmp;
+ mapping->rules[mapping->num++] = rule;
+ rule = NULL;
+ }
+
+ ret = 0;
+
+end:
+ fclose(fd);
+
+ return ret;
+}
#include "pretty_print_wrapper.h"
-#include <classad_distribution.h>
#include <string>
#include <string.h>
+#include <classad_distribution.h>
int pretty_print(char *jdl, char **formated_print){
CLASSAD_NAMESPACE ClassAd *classad;
git://scientific.zcu.cz / jra1mw.git / commitdiff