From: František Dvořák Date: Tue, 16 Oct 2007 15:40:49 +0000 (+0000) Subject: Prepare for merge server (can't compile it). X-Git-Tag: org-gridsite-core_R_1_5_3~36 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=2b25b7c22e97ce039fb621f7648d92d56788f3f5;p=jra1mw.git Prepare for merge server (can't compile it). --- diff --git a/org.glite.lb.server/Makefile b/org.glite.lb.server/Makefile index 8a3b6ec..16aac11 100644 --- a/org.glite.lb.server/Makefile +++ b/org.glite.lb.server/Makefile @@ -98,8 +98,8 @@ ifdef LB_PROF LDFLAGS:=${LDFLAGS} -pg else SRVBONES_LIB:= -L${stagedir}/lib -lglite_lbu_server_bones - LB_COMMON_LIB:=-lglite_lb_common_${nothrflavour} - LB_UTILS_DB_LIB:=-lglite_lbu_db + LB_COMMON_LIB:=-L${stagedir}/lib -lglite_lb_common_${nothrflavour} + LB_UTILS_DB_LIB:=-L${stagedir}/lib -lglite_lbu_db LDFLAGS:= -L${stagedir}/lib endif @@ -143,7 +143,7 @@ endif ifeq (${nothrflavour},gcc32dbg) vomsflavour := endif -VOMS_LIBS:=-L${voms_prefix}/lib -lvomsc${vomsflavour} +VOMS_LIBS:=-L${voms_prefix}/lib -lvomsapi${vomsflavour} #EXT_LIBS:= \ # ${expatlib} -lexpat \ @@ -151,7 +151,7 @@ VOMS_LIBS:=-L${voms_prefix}/lib -lvomsc${vomsflavour} # -lvomsc${vomsflavour} \ ifneq (${classads_prefix},/usr) - classadslib := -L${classads_prefix}/lib -lclassad + classadslib := -L${classads_prefix}/${archlib} -lclassad endif EXT_LIBS:= \ @@ -258,7 +258,11 @@ else endif endif +<<<<<<< Makefile compile: generate glite-lb-bkserverd glite-lb-bkindex glite-lb-mon-db ${STATIC_LIB_BK} ${PLUGIN_LIB} ${MAN_GZ} +======= +compile: glite-lb-bkserverd glite-lb-bkindex ${STATIC_LIB_BK} ${PLUGIN_LIB} store.c index.c jp_job_attrs.h +>>>>>>> 1.101.2.10 generate: store.c index.c jp_job_attrs.h @@ -292,21 +296,28 @@ LB.xh: ws_typemap.dat ${stagedir}/interface/LB.wsdl rm -f LBTypes.wsdl test.xml: test_xml -# ./test_xml + ./test_xml test_xml: test_xml.cpp ${CXX} -c ${CFLAGS} ${TEST_INC} $< - ${LINKXX} -o $@ test_xml.o lb_xml_parse.o ${COMMON_LIBS} ${TEST_LIBS} ${EXT_LIBS} + ${LINKXX} -o $@ test_xml.o lb_xml_parse.o ${LB_COMMON_LIB} ${TEST_LIBS} test.query: test_query_events ./test_query_events #query_events_objs:=`echo ${BKSERVER_BASE_OBJS} |sed 's/lbs_db\.o//;s/lbs_db_supp\.o//;s/bkserverd\.o//;s/db_store\.o//;s/stored_master\.o//;s/store\.o//;s/srv_purge\.o//;s/load\.o//;s/dump\.o//;s/lb_proto\.o//;s/lb_html\.o//;s/lb_http\.o//;'` +<<<<<<< Makefile query_events_objs:=`echo ${BKSERVER_BASE_OBJS} |sed 's/bkserverd\.o//;'` +======= +#query_events_objs:=`echo ${BKSERVER_BASE_OBJS} |sed 's/lbs_db\.o//;s/lbs_db_supp\.o//;s/bkserverd\.o//;s/lb_authz\.o//'` +>>>>>>> 1.101.2.10 -test_query_events: test_query_events.o - ${LINKXX} -o $@ test_query_events.o ${query_events_objs} \ - ${TEST_LIBS} ${COMMON_LIBS} ${EXT_LIBS} +query_events_objs := test_query_events.o query.o get_events.o jobstat_supp.o index.o + +test_query_events: ${query_events_objs} + ${LINKXX} -o $@ ${query_events_objs} \ + ${TEST_LIBS} ${LB_COMMON_LIB} +# ${TEST_LIBS} ${COMMON_LIBS} ${EXT_LIBS} test.soapconv: test_soap_conv ./test_soap_conv @@ -365,6 +376,7 @@ install: ${INSTALL} -m 644 ${top_srcdir}/interface/job-attrs.xsd ${PREFIX}/interface ${INSTALL} -m 644 ${top_srcdir}/interface/job-record.xsd ${PREFIX}/interface +<<<<<<< Makefile if [ ${stagedir} != ${PREFIX} ]; then ${INSTALL} -m 755 ${stagedir}/bin/glite-lb-notif-interlogd ${PREFIX}/bin; fi mkdir -p ${PREFIX}/include/${globalprefix}/${lbprefix} (cd ${top_srcdir}/interface && install -m 644 ${HDRS} ${PREFIX}/include/${globalprefix}/${lbprefix}) @@ -372,12 +384,24 @@ install: if [ x${LB_STANDALONE} = x -a x${PLUGIN_LIB} != x ]; then \ ${INSTALL} -m 755 ${PLUGIN_LIB} ${PREFIX}/lib; \ ${INSTALL} -m 644 jp_job_attrs.h ${PREFIX}/include/${globalprefix}/${lbprefix} ; \ +======= + mkdir -p ${PREFIX}/include/${globalprefix}/${lbprefix} + (cd ${top_srcdir}/interface && install -m 644 ${HDRS} ${PREFIX}/include/${globalprefix}/${lbprefix}) + install -m 644 ${STATIC_LIB_BK} ${PREFIX}/lib + if [ x${LB_STANDALONE} = x -a x${PLUGIN_LIB} != x ]; then \ + ${INSTALL} -m 755 ${PLUGIN_LIB} ${PREFIX}/lib; \ + ${INSTALL} -m 644 jp_job_attrs.h ${PREFIX}/include/${globalprefix}/${lbprefix} ; \ +>>>>>>> 1.101.2.10 fi ${INSTALL} -m 644 ${top_srcdir}/interface/srv_perf.h ${PREFIX}/include/${globalprefix}/${lbprefix} clean: +<<<<<<< Makefile rm -rvf *.c *.h *.ch *.xh *.xml *.nsmap *.o *.lo .libs glite-lb-* ${STATIC_LIB_BK} ${PLUGIN_LIB} test* rm -rvf log.xml project/ rpmbuild/ RPMS/ tgz/ +======= + rm -rf *.c *.h *.ch *.xh *.xml *.nsmap *.o *.lo .libs glite-lb-* ${STATIC_LIB_BK} test* +>>>>>>> 1.101.2.10 %.c: %.c.T rm -f $@ diff --git a/org.glite.lb.server/config/glite-lb-index.conf.template b/org.glite.lb.server/config/glite-lb-index.conf.template index 594681b..915df1f 100644 --- a/org.glite.lb.server/config/glite-lb-index.conf.template +++ b/org.glite.lb.server/config/glite-lb-index.conf.template @@ -2,6 +2,7 @@ JobIndices = { [ type = "system"; name = "owner" ], [ type = "system"; name = "location" ], - [ type = "system"; name = "destination" ] + [ type = "system"; name = "destination" ], + [ type = "system"; name = "lastUpdateTime" ] } ] diff --git a/org.glite.lb.server/config/startup b/org.glite.lb.server/config/startup index 8aae539..4ab7f4e 100755 --- a/org.glite.lb.server/config/startup +++ b/org.glite.lb.server/config/startup @@ -66,10 +66,14 @@ start() $super $creds -i $pidfile $port $wport $dumpdir $purgedir $maildir" \ && echo " done" || echo " FAILED" - echo -n Starting glite-lb-notif-interlogd ... - su - $GLITE_USER -c "$GLITE_LOCATION/bin/glite-lb-notif-interlogd \ - -f $GLITE_LB_NOTIF_FPREFIX -s $GLITE_LB_NOTIF_SOCK \ - $creds" && echo " done" || echo " FAILED" + if test -x $GLITE_LOCATION/bin/glite-lb-notif-interlogd; then + echo -n Starting glite-lb-notif-interlogd ... + su - $GLITE_USER -c "$GLITE_LOCATION/bin/glite-lb-notif-interlogd \ + -f $GLITE_LB_NOTIF_FPREFIX -s $GLITE_LB_NOTIF_SOCK \ + $creds" && echo " done" || echo " FAILED" + else + echo Warning: glite-lb-notif-interlogd not installed, LB notifications will not work + fi } stop() diff --git a/org.glite.lb.server/interface/job-attrs.xsd b/org.glite.lb.server/interface/job-attrs.xsd index 341a003..a2a68bb 100644 --- a/org.glite.lb.server/interface/job-attrs.xsd +++ b/org.glite.lb.server/interface/job-attrs.xsd @@ -66,6 +66,7 @@ + Job owner according to LB diff --git a/org.glite.lb.server/interface/lb_authz.h b/org.glite.lb.server/interface/lb_authz.h index 4ae1836..4ba1686 100644 --- a/org.glite.lb.server/interface/lb_authz.h +++ b/org.glite.lb.server/interface/lb_authz.h @@ -3,6 +3,10 @@ #ident "$Header$" +#ifdef __cplusplus +extern "C" { +#endif + #ifndef NO_GACL #include #endif @@ -58,4 +62,8 @@ edg_wll_SetVomsGroups(edg_wll_Context, edg_wll_GssConnection *, char *, char *, extern void edg_wll_FreeVomsGroups(edg_wll_VomsGroups *); +#ifdef __cplusplus +} +#endif + #endif /* GLITE_LB_LB_AUTHZ_H */ diff --git a/org.glite.lb.server/project/version.properties b/org.glite.lb.server/project/version.properties index 5347295..338ed3f 100644 --- a/org.glite.lb.server/project/version.properties +++ b/org.glite.lb.server/project/version.properties @@ -1,4 +1,3 @@ -# $Id$ -# $Name$ -module.version=1.5.5 +# $Header$ +module.version=1.8.0 module.age=1 diff --git a/org.glite.lb.server/src/bkindex.c b/org.glite.lb.server/src/bkindex.c index 977ef4a..8145df6 100644 --- a/org.glite.lb.server/src/bkindex.c +++ b/org.glite.lb.server/src/bkindex.c @@ -24,6 +24,14 @@ enum lb_srv_perf_sink sink_mode; #endif +#ifdef LB_PERF +#include "glite/lb/lb_perftest.h" +#include "glite/lb/srv_perf.h" + +enum lb_srv_perf_sink sink_mode; +#endif + + static struct option opts[] = { { "mysql",1,NULL,'m' }, { "remove",0,NULL,'R' }, @@ -289,9 +297,12 @@ static char *db_col_type(const edg_wll_QueryRec *r) case EDG_WLL_QUERY_ATTR_USERTAG: case EDG_WLL_QUERY_ATTR_HOST: case EDG_WLL_QUERY_ATTR_CHKPT_TAG: - return "char(250) binary null"; + /* XXX: 255 may not be enough for location or destination */ + return "varchar(255) binary null"; case EDG_WLL_QUERY_ATTR_TIME: + case EDG_WLL_QUERY_ATTR_STATEENTERTIME: + case EDG_WLL_QUERY_ATTR_LASTUPDATETIME: return "datetime null"; default: return NULL; diff --git a/org.glite.lb.server/src/bkserverd.c b/org.glite.lb.server/src/bkserverd.c index 58bf47f..f1021b5 100644 --- a/org.glite.lb.server/src/bkserverd.c +++ b/org.glite.lb.server/src/bkserverd.c @@ -278,9 +278,10 @@ static void usage(char *me) static void wait_for_open(edg_wll_Context,const char *); static int decrement_timeout(struct timeval *, struct timeval, struct timeval); +static int add_root(char *); static int read_roots(const char *); static int asyn_gethostbyaddr(char **, const char *, int, int, struct timeval *); -static int amIroot(const char *); +static int amIroot(const char *, char **); static int parse_limits(char *, int *, int *, int *); static int check_mkdir(const char *); @@ -385,10 +386,14 @@ int main(int argc, char *argv[]) char socket_path_prefix[PATH_MAX] = GLITE_LBPROXY_SOCK_PREFIX; +/* TODO: merge */ +<<<<<<< bkserverd.c /* keep this at start of main() ! */ dtablesize = getdtablesize(); for (fd=3; fd < dtablesize ; fd++) close(fd); +======= +>>>>>>> 1.52.2.12 name = strrchr(argv[0],'/'); if (name) name++; else name = argv[0]; @@ -441,21 +446,8 @@ int main(int argc, char *argv[]) case 'X': notif_ilog_socket_path = strdup(optarg); break; case 'Y': notif_ilog_file_prefix = strdup(optarg); break; case 'i': strcpy(pidfile,optarg); break; - case 'R': if (super_users) { - fprintf(stderr,"%s: super-users already defined, second occurence ignored\n", - argv[0]); - break; - } - super_users = malloc(2 * sizeof super_users[0]); - super_users[0] = optarg; - super_users[1] = NULL; - break; - case 'F': if (super_users) { - fprintf(stderr,"%s: super-users already defined, second occurence ignored\n", - argv[0]); - break; - } - if (read_roots(optarg)) return 1; + case 'R': add_root(optarg); break; + case 'F': if (read_roots(optarg)) return 1; break; case 'x': noIndex = atoi(optarg); if (noIndex < 0 || noIndex > 2) { usage(name); return 1; } @@ -523,6 +515,8 @@ int main(int argc, char *argv[]) semkey = ftok(pidfile,0); +/* TODO: merge */ +<<<<<<< bkserverd.c if (mode & SERVICE_SERVER) { if (check_mkdir(dumpStorage)) exit(1); if (check_mkdir(purgeStorage)) exit(1); @@ -532,6 +526,15 @@ int main(int argc, char *argv[]) if (!debug) syslog(LOG_CRIT, "edg_wll_MaildirInit failed: %s", lbm_errdesc); exit(1); } +======= + if (check_mkdir(dumpStorage)) exit(1); + if (check_mkdir(purgeStorage)) exit(1); + if ( jpreg ) { + if ( edg_wll_MaildirInit(jpregDir) ) { + dprintf(("[%d] edg_wll_MaildirInit failed: %s\n", getpid(), lbm_errdesc)); + if (!debug) syslog(LOG_CRIT, "edg_wll_MaildirInit failed: %s", lbm_errdesc); + exit(1); +>>>>>>> 1.52.2.12 } } @@ -739,6 +742,7 @@ int main(int argc, char *argv[]) use_dbcaps = ctx->dbcaps; if (count_statistics) edg_wll_InitStatistics(ctx); + if ((ctx->dbcaps & GLITE_LBU_DB_CAP_TRANSACTIONS)) strict_locking = 1; edg_wll_FreeContext(ctx); if ( !debug ) { @@ -909,8 +913,16 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) { struct clnt_data_t *cdata = (struct clnt_data_t *)data; edg_wll_Context ctx; +/* TODO: merge */ +<<<<<<< bkserverd.c edg_wll_GssPrincipal client = NULL; edg_wll_GssCred newcred = NULL; +======= + gss_name_t client_name = GSS_C_NO_NAME; + gss_buffer_desc token = GSS_C_EMPTY_BUFFER; + gss_cred_id_t newcred = GSS_C_NO_CREDENTIAL; + gss_OID name_type = GSS_C_NO_OID; +>>>>>>> 1.52.2.12 edg_wll_GssStatus gss_code; struct timeval dns_to = {DNS_TIMEOUT, 0}, conn_start, now; @@ -922,21 +934,23 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) -/* don't care :-( switch ( edg_wll_gss_watch_creds(server_cert, &cert_mtime) ) { case 0: break; case 1: -*/ if ( !edg_wll_gss_acquire_cred_gsi(server_cert, server_key, &newcred, NULL, &gss_code) ) { +/* TODO: merge */ +<<<<<<< bkserverd.c dprintf(("[%d] reloading credentials\n", getpid())); edg_wll_gss_release_cred(&mycred, NULL); +======= + dprintf(("[%d] reloading credentials successful\n", getpid())); + gss_release_cred(&min_stat, &mycred); +>>>>>>> 1.52.2.12 mycred = newcred; } else { dprintf(("[%d] reloading credentials failed, using old ones\n", getpid())); } -/* break; case -1: dprintf(("[%d] edg_wll_gss_watch_creds failed\n", getpid())); break; } -*/ if ( edg_wll_InitContext(&ctx) ) { @@ -1091,6 +1105,8 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) return 1; } +/* TODO: merge */ +<<<<<<< bkserverd.c ret = edg_wll_gss_get_client_conn(&ctx->connections->serverConnection->gss, &client, NULL); if (ret || client->flags & EDG_WLL_GSS_FLAG_ANON) { dprintf(("[%d] annonymous client\n",getpid())); @@ -1098,9 +1114,49 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) if (ctx->peerName) free(ctx->peerName); ctx->peerName = strdup(client->name); edg_wll_gss_free_princ(client); - +======= + maj_stat = gss_inquire_context(&min_stat, ctx->connections->serverConnection->gss.context, + &client_name, NULL, NULL, NULL, NULL, NULL, NULL); + if ( !GSS_ERROR(maj_stat) ) + maj_stat = gss_display_name(&min_stat, client_name, &token, &name_type); +>>>>>>> 1.52.2.12 + +/* TODO: merge */ +<<<<<<< bkserverd.c dprintf(("[%d] client DN: %s\n",getpid(),ctx->peerName)); +======= + if ( !GSS_ERROR(maj_stat) ) + { + if (ctx->peerName) free(ctx->peerName); + if (!edg_wll_gss_oid_equal(name_type, GSS_C_NT_ANONYMOUS)) { + ctx->peerName = (char *)token.value; + memset(&token, 0, sizeof(token)); + dprintf(("[%d] client DN: %s\n",getpid(),ctx->peerName)); + } else { + ctx->peerName = NULL; + dprintf(("[%d] anonymous client\n",getpid())); + } + + /* XXX DK: pujde pouzit lifetime z inquire_context()? + * + ctx->peerProxyValidity = ASN1_UTCTIME_mktime(X509_get_notAfter(peer)); + */ + +>>>>>>> 1.52.2.12 } +/* TODO: merge */ +<<<<<<< bkserverd.c +======= + else + /* XXX DK: Check if the ANONYMOUS flag is set ? + */ + dprintf(("[%d] anonymous client\n",getpid())); + + if ( client_name != GSS_C_NO_NAME ) + gss_release_name(&min_stat, &client_name); + if ( token.value ) + gss_release_buffer(&min_stat, &token); +>>>>>>> 1.52.2.12 if ( edg_wll_SetVomsGroups(ctx, &ctx->connections->serverConnection->gss, server_cert, server_key, vomsdir, cadir) ) { @@ -1119,21 +1175,28 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) for ( i = 0; i < ctx->vomsGroups.len; i++ ) dprintf(("\t%s:%s\n", ctx->vomsGroups.val[i].vo, ctx->vomsGroups.val[i].name)); } + if (debug && ctx->fqans && *(ctx->fqans)) + { + char **f; + + dprintf(("[%d] client's FQANs:\n",getpid())); + for (f = ctx->fqans; f && *f; f++) + dprintf(("\t%s\n", *f)); + } /* used also to reset start_time after edg_wll_ssl_accept! */ /* gettimeofday(&start_time,0); */ - ctx->noAuth = noAuth || amIroot(ctx->peerName); + ctx->noAuth = noAuth || amIroot(ctx->peerName, ctx->fqans); switch ( noIndex ) { case 0: ctx->noIndex = 0; break; - case 1: ctx->noIndex = amIroot(ctx->peerName); break; + case 1: ctx->noIndex = amIroot(ctx->peerName, ctx->fqans); break; case 2: ctx->noIndex = 1; break; } ctx->strict_locking = strict_locking; ctx->greyjobs = greyjobs; - return 0; } @@ -1277,6 +1340,7 @@ int bk_accept_store(int conn, struct timeval *timeout, void *cdata) case EDG_WLL_ERROR_GSS: case EPIPE: case EIO: + case EDG_WLL_IL_PROTO: dprintf(("[%d] %s (%s)\n", getpid(), errt, errd)); if (!debug) syslog(LOG_ERR,"%s (%s)", errt, errd); /* fallthrough @@ -1290,18 +1354,30 @@ int bk_accept_store(int conn, struct timeval *timeout, void *cdata) break; case ENOENT: - case EINVAL: case EPERM: case EEXIST: case EDG_WLL_ERROR_NOINDEX: case E2BIG: dprintf(("[%d] %s (%s)\n", getpid(), errt, errd)); + break; + case EINVAL: + case EDG_WLL_ERROR_PARSE_BROKEN_ULM: + case EDG_WLL_ERROR_PARSE_EVENT_UNDEF: + case EDG_WLL_ERROR_PARSE_MSG_INCOMPLETE: + case EDG_WLL_ERROR_PARSE_KEY_DUPLICITY: + case EDG_WLL_ERROR_PARSE_KEY_MISUSE: + case EDG_WLL_ERROR_PARSE_OK_WITH_EXTRA_FIELDS: + case EDG_WLL_ERROR_JOBID_FORMAT: + case EDG_WLL_ERROR_MD5_CLASH: + dprintf(("[%d] %s (%s)\n", getpid(), errt, errd)); if ( !debug ) syslog(LOG_ERR,"%s (%s)", errt, errd); /* * no action for non-fatal errors */ break; + case EDG_WLL_ERROR_DB_CALL: + case EDG_WLL_ERROR_SERVER_RESPONSE: default: dprintf(("[%d] %s (%s)\n", getpid(), errt, errd)); if (!debug) syslog(LOG_CRIT,"%s (%s)",errt,errd); @@ -1675,11 +1751,38 @@ static int asyn_gethostbyaddr(char **name, const char *addr,int len, int type, s return (ar.err); } +static int add_root(char *root) +{ + char *null_suffix, **tmp; + int i, cnt; + + for (cnt = 0; super_users && super_users[cnt]; cnt++) + ; + /* try to be compliant with the new FQAN format that excludes + the Capability and empty Role components */ + null_suffix = strstr(root, "/Role=NULL/Capability=NULL"); + if (null_suffix == NULL) + null_suffix = strstr(root, "/Capability=NULL"); + i = (null_suffix == NULL) ? 0 : 1; + + tmp = realloc(super_users, (cnt+2+i) * sizeof super_users[0]); + if (tmp == NULL) + return ENOMEM; + super_users = tmp; + super_users[cnt] = strdup(root); + if (null_suffix) { + *null_suffix = '\0'; /* changes the input, should be harmless */ + super_users[++cnt] = strdup(root); + } + super_users[++cnt] = NULL; + + return 0; +} + static int read_roots(const char *file) { FILE *roots = fopen(file,"r"); char buf[BUFSIZ]; - int cnt = 0; if (!roots) { syslog(LOG_WARNING,"%s: %m, continuing without --super-users-file",file); @@ -1691,10 +1794,7 @@ static int read_roots(const char *file) char *nl; nl = strchr(buf,'\n'); if (nl) *nl = 0; - - super_users = realloc(super_users, (cnt+2) * sizeof super_users[0]); - super_users[cnt] = strdup(buf); - super_users[++cnt] = NULL; + add_root(buf); } fclose(roots); @@ -1702,13 +1802,18 @@ static int read_roots(const char *file) return 0; } -static int amIroot(const char *subj) +static int amIroot(const char *subj, char **fqans) { int i; - - if (!subj) return 0; - for (i=0; super_users && super_users[i]; i++) - if (strcmp(subj,super_users[i]) == 0) return 1; + char **f; + + if (!subj && !fqans ) return 0; + for (i=0; super_users && super_users[i]; i++) + if (strncmp(super_users[i], "FQAN:", 5) == 0) { + for (f = fqans; f && *f; f++) + if (strcmp(*f, super_users[i]+5) == 0) return 1; + } else + if (strcmp(subj,super_users[i]) == 0) return 1; return 0; } diff --git a/org.glite.lb.server/src/db_store.c b/org.glite.lb.server/src/db_store.c index 9fd728a..11b18ac 100644 --- a/org.glite.lb.server/src/db_store.c +++ b/org.glite.lb.server/src/db_store.c @@ -97,17 +97,22 @@ db_store(edg_wll_Context ctx,char *ucs, char *event) if(use_db) { if (ctx->strict_locking && edg_wll_LockJob(ctx,ev->any.jobId)) goto err; - if(edg_wll_StoreEvent(ctx, ev,&seq)) - goto err; + if(edg_wll_StoreEvent(ctx, ev,&seq)) { + edg_wll_UnlockJob(ctx,ev->any.jobId); + goto err; + } } if (!ctx->strict_locking && edg_wll_LockJob(ctx,ev->any.jobId)) goto err; - if ( ev->any.type == EDG_WLL_EVENT_CHANGEACL ) + if ( ev->any.type == EDG_WLL_EVENT_CHANGEACL ) { err = edg_wll_UpdateACL(ctx, ev->any.jobId, ev->changeACL.user_id, ev->changeACL.user_id_type, ev->changeACL.permission, ev->changeACL.permission_type, ev->changeACL.operation); + + edg_wll_UnlockJob(ctx,ev->any.jobId); + } else { #ifdef LB_PERF if(sink_mode == GLITE_LB_SINK_STATE) { diff --git a/org.glite.lb.server/src/jobstat.c b/org.glite.lb.server/src/jobstat.c index e8b6b0e..4ae4e2f 100644 --- a/org.glite.lb.server/src/jobstat.c +++ b/org.glite.lb.server/src/jobstat.c @@ -116,7 +116,7 @@ int edg_wll_JobStatus( /* authorization check */ if ( !(ctx->noAuth) && - (!(ctx->peerName) || strcmp(ctx->peerName, jobstat.pub.owner))) { + (!(ctx->peerName) || !edg_wll_gss_equal_subj(ctx->peerName, jobstat.pub.owner))) { intErr = (acl == NULL) || edg_wll_CheckACL(ctx, acl, EDG_WLL_PERM_READ); if (intErr) { free(string_jobid); @@ -798,10 +798,11 @@ static int log_collectionState_event(edg_wll_Context ctx, edg_wll_JobStatCode st } -/* called only when childen state changed - */ -static edg_wll_ErrorCode update_parent_status(edg_wll_Context ctx, edg_wll_JobStatCode old_state, enum edg_wll_StatDone_code old_done_code, intJobStat *cis, edg_wll_Event *ce) +/* returns state class of subjob of job collection */ +static subjobClassCodes class(edg_wll_JobStat *stat) { +/* TODO: merge */ +<<<<<<< jobstat.c intJobStat *pis = NULL; int update_hist = 0; @@ -854,20 +855,15 @@ static edg_wll_ErrorCode update_parent_status(edg_wll_Context ctx, edg_wll_JobSt * cook artificial events to enable parent job state shift */ switch (cis->pub.state) { +======= + switch (stat->state) { +>>>>>>> 1.47.2.6 case EDG_WLL_JOB_RUNNING: - if (load_parent_intJobStat(ctx, cis, &pis)) goto err; - pis->pub.children_hist[cis->pub.state+1]++; - - if (pis->pub.jobtype == EDG_WLL_STAT_COLLECTION) { - /* not RUNNING yet? */ - if (pis->pub.state < EDG_WLL_JOB_RUNNING) { - if (log_collectionState_event(ctx, cis->pub.state, 0, cis, pis, ce)) - goto err; - } - } - update_hist = 1; + return(SUBJOB_CLASS_RUNNING); break; case EDG_WLL_JOB_DONE: +/* TODO: merge */ +<<<<<<< jobstat.c if (load_parent_intJobStat(ctx, cis, &pis)) goto err; pis->pub.children_hist[cis->pub.state+1]++; pis->children_done_hist[cis->pub.done_code]++; @@ -896,7 +892,19 @@ static edg_wll_ErrorCode update_parent_status(edg_wll_Context ctx, edg_wll_JobSt } } update_hist = 1; +======= + if (stat->done_code == EDG_WLL_STAT_OK) + return(SUBJOB_CLASS_DONE); + else + // failed & cancelled + return(SUBJOB_CLASS_REST); break; + case EDG_WLL_JOB_ABORTED: + return(SUBJOB_CLASS_ABORTED); +>>>>>>> 1.47.2.6 + break; +/* TODO: merge */ +<<<<<<< jobstat.c case EDG_WLL_JOB_CLEARED: if (load_parent_intJobStat(ctx, cis, &pis)) goto err; pis->pub.children_hist[cis->pub.state+1]++; @@ -912,17 +920,92 @@ static edg_wll_ErrorCode update_parent_status(edg_wll_Context ctx, edg_wll_JobSt } } update_hist = 1; +======= + case EDG_WLL_JOB_CLEARED: + return(SUBJOB_CLASS_CLEARED); +>>>>>>> 1.47.2.6 break; default: - if (load_parent_intJobStat(ctx, cis, &pis)) goto err; - pis->pub.children_hist[EDG_WLL_JOB_UNKNOWN+1]++; - // update_hist = 1; - triggered by the next case or not needed + return(SUBJOB_CLASS_REST); break; } +/* TODO: merge */ +<<<<<<< jobstat.c if (update_hist) +======= +} + +/* Mapping of subjob class to some field in childen_hist */ +static edg_wll_JobStatCode class_to_statCode(subjobClassCodes code) +{ + switch (code) { + case SUBJOB_CLASS_RUNNING: return(EDG_WLL_JOB_RUNNING); break; + case SUBJOB_CLASS_DONE: return(EDG_WLL_JOB_DONE); break; + case SUBJOB_CLASS_ABORTED: return(EDG_WLL_JOB_ABORTED); break; + case SUBJOB_CLASS_CLEARED: return(EDG_WLL_JOB_CLEARED); break; + case SUBJOB_CLASS_REST: return(EDG_WLL_JOB_UNKNOWN); break; + default: assert(0); break; + } +} + +/* count parent state from subjob histogram */ +static edg_wll_JobStatCode process_Histogram(intJobStat *pis) +{ + if (pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_RUNNING)+1] > 0) { + return EDG_WLL_JOB_RUNNING; + } + else if (pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_CLEARED)+1] == pis->pub.children_num) { + return EDG_WLL_JOB_CLEARED; + } + else if (pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_DONE)+1] + + pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_CLEARED)+1] == pis->pub.children_num) { + return EDG_WLL_JOB_DONE; + } + else if (pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_ABORTED)+1] + + pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_DONE)+1] + + pis->pub.children_hist[class_to_statCode(SUBJOB_CLASS_CLEARED)+1] == pis->pub.children_num) { + return EDG_WLL_JOB_ABORTED; + } + else + return EDG_WLL_JOB_WAITING; +} + +static edg_wll_ErrorCode update_parent_status(edg_wll_Context ctx, edg_wll_JobStat *subjob_stat_old, intJobStat *cis, edg_wll_Event *ce) +{ + intJobStat *pis = NULL; + subjobClassCodes subjob_class, subjob_class_old; + edg_wll_JobStatCode parent_new_state; + + + subjob_class = class(&cis->pub); + subjob_class_old = class(subjob_stat_old); + + + if (subjob_class_old != subjob_class) { + if (load_parent_intJobStat(ctx, cis, &pis)) goto err; + + pis->pub.children_hist[class_to_statCode(subjob_class)+1]++; + pis->pub.children_hist[class_to_statCode(subjob_class_old)+1]--; + +>>>>>>> 1.47.2.6 edg_wll_StoreSubjobHistogram(ctx, cis->pub.parent_job, pis); + + if (pis->pub.jobtype == EDG_WLL_STAT_COLLECTION) { + parent_new_state = process_Histogram(pis); + if (pis->pub.state != parent_new_state) { + // XXX: we do not need EDG_WLL_STAT_code any more + // doneFailed subjob is stored in REST class and + // inducting collection Waiting state + // -> in future may be removed from collectionState event + // supposing collection Done state to be always DoneOK + if (log_collectionState_event(ctx, parent_new_state, EDG_WLL_STAT_OK, cis, pis, ce)) + goto err; + } + } + } + err: edg_wll_UnlockJob(ctx,cis->pub.parent_job); @@ -934,6 +1017,7 @@ err: } + /* * update stored state according to the new event * (must be called with the job locked) @@ -1024,7 +1108,7 @@ edg_wll_ErrorCode edg_wll_StepIntState(edg_wll_Context ctx, /* check whether subjob state change does not change parent state */ if ((ijsp->pub.parent_job) && (oldstat.state != ijsp->pub.state)) { - if (update_parent_status(ctx, oldstat.state, oldstat.done_code, ijsp, e)) + if (update_parent_status(ctx, &oldstat, ijsp, e)) return edg_wll_SetError(ctx, EINVAL, "update_parent_status()"); } diff --git a/org.glite.lb.server/src/jobstat.h b/org.glite.lb.server/src/jobstat.h index b9926f9..3525522 100644 --- a/org.glite.lb.server/src/jobstat.h +++ b/org.glite.lb.server/src/jobstat.h @@ -10,7 +10,7 @@ * (includes edg_wll_JobStat API structure) */ -#define INTSTAT_VERSION "release-3.2.1_pbs" +#define INTSTAT_VERSION "release-3.3.4" // Internal error codes @@ -51,8 +51,6 @@ typedef struct _intJobStat { char *deep_resubmit_seqcode; branch_state *branch_states; // branch zero terminated array -/* int expect_mask; */ - int children_done_hist[EDG_WLL_NUMBER_OF_DONE_CODES]; struct timeval last_pbs_event_timestamp; int pbs_reruning; // true if rerun event arrived } intJobStat; @@ -66,6 +64,8 @@ typedef enum _edg_wll_PBSEventSource { EDG_WLL_PBS_EVENT_SOURCE__LAST } edg_wll_PBSEventSource; +/* TODO: merge */ +<<<<<<< jobstat.h typedef enum _edg_wll_CondorEventSource { EDG_WLL_CONDOR_EVENT_SOURCE_UNDEF = 0, EDG_WLL_CONDOR_EVENT_SOURCE_COLLECTOR, @@ -82,6 +82,32 @@ typedef enum _edg_wll_CondorEventSource { int edg_wll_JobStatus(edg_wll_Context, const edg_wlc_JobId, int, edg_wll_JobStat *); +======= +typedef enum _edg_wll_CondorEventSource { + EDG_WLL_CONDOR_EVENT_SOURCE_UNDEF = 0, + EDG_WLL_CONDOR_EVENT_SOURCE_COLLECTOR, + EDG_WLL_CONDOR_EVENT_SOURCE_MASTER, + EDG_WLL_CONDOR_EVENT_SOURCE_MATCH, + EDG_WLL_CONDOR_EVENT_SOURCE_NEGOTIATOR, + EDG_WLL_CONDOR_EVENT_SOURCE_SCHED, + EDG_WLL_CONDOR_EVENT_SOURCE_SHADOW, + EDG_WLL_CONDOR_EVENT_SOURCE_STARTER, + EDG_WLL_CONDOR_EVENT_SOURCE_START, + EDG_WLL_CONDOR_EVENT_SOURCE_JOBQUEUE, + EDG_WLL_CONDOR_EVENT_SOURCE__LAST +} edg_wll_CondorEventSource; + +typedef enum _subjobClassCodes { + SUBJOB_CLASS_UNDEF = 0, + SUBJOB_CLASS_RUNNING, + SUBJOB_CLASS_DONE, + SUBJOB_CLASS_ABORTED, + SUBJOB_CLASS_CLEARED, + SUBJOB_CLASS_REST +} subjobClassCodes; + + +>>>>>>> 1.22.2.7 void destroy_intJobStat(intJobStat *); void destroy_intJobStat_extension(intJobStat *p); diff --git a/org.glite.lb.server/src/jobstat_supp.c b/org.glite.lb.server/src/jobstat_supp.c index 3411c00..036ddb9 100644 --- a/org.glite.lb.server/src/jobstat_supp.c +++ b/org.glite.lb.server/src/jobstat_supp.c @@ -89,7 +89,7 @@ static char *enc_int_array(char *old, int *item, int itemsNo) strpom=(char*)calloc(strlen(old)+1,sizeof(char)); - for (index=0; index <= itemsNo; index++) sprintf(strpom,"%s%d%s", strpom, item[index],index==itemsNo?"":";"); + for (index=0; index <= itemsNo; index++) sprintf(strpom+strlen(strpom),"%d%s", item[index],index==itemsNo?"":";"); asprintf(&out,"%s%s ", old, strpom); free(strpom); @@ -496,6 +496,8 @@ static char *enc_JobStat(char *old, edg_wll_JobStat* stat) if (ret) ret = enc_int(ret, stat->payload_running); if (ret) ret = enc_strlist(ret, stat->possible_destinations); if (ret) ret = enc_strlist(ret, stat->possible_ce_nodes); + if (ret) ret = enc_int(ret, stat->suspended); + if (ret) ret = enc_string(ret, stat->suspend_reason); if (ret) ret = enc_int_array(ret, stat->children_hist, EDG_WLL_NUMBER_OF_STATCODES); if (ret) ret = enc_string(ret, stat->pbs_state); if (ret) ret = enc_string(ret, stat->pbs_queue); @@ -507,6 +509,19 @@ static char *enc_JobStat(char *old, edg_wll_JobStat* stat) if (ret) ret = enc_int(ret, stat->pbs_pid); if (ret) ret = enc_int(ret, stat->pbs_exit_status); if (ret) ret = enc_string(ret, stat->pbs_error_desc); + if (ret) ret = enc_string(ret, stat->condor_status); + if (ret) ret = enc_string(ret, stat->condor_universe); + if (ret) ret = enc_string(ret, stat->condor_owner); + if (ret) ret = enc_string(ret, stat->condor_preempting); + if (ret) ret = enc_int(ret, stat->condor_shadow_pid); + if (ret) ret = enc_int(ret, stat->condor_shadow_exit_status); + if (ret) ret = enc_int(ret, stat->condor_starter_pid); + if (ret) ret = enc_int(ret, stat->condor_starter_exit_status); + if (ret) ret = enc_int(ret, stat->condor_job_pid); + if (ret) ret = enc_int(ret, stat->condor_job_exit_status); + if (ret) ret = enc_string(ret, stat->condor_dest_host); + if (ret) ret = enc_string(ret, stat->condor_reason); + if (ret) ret = enc_string(ret, stat->condor_error_desc); return ret; } @@ -555,6 +570,8 @@ static edg_wll_JobStat* dec_JobStat(char *in, char **rest) if (tmp_in != NULL) stat->payload_running = dec_int(tmp_in, &tmp_in); if (tmp_in != NULL) stat->possible_destinations = dec_strlist(tmp_in, &tmp_in); if (tmp_in != NULL) stat->possible_ce_nodes = dec_strlist(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->suspended = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->suspend_reason = dec_string(tmp_in, &tmp_in); if (tmp_in != NULL) { stat->children_hist = (int*)calloc(EDG_WLL_NUMBER_OF_STATCODES+1, sizeof(int)); dec_int_array(tmp_in, &tmp_in, stat->children_hist); @@ -569,6 +586,19 @@ static edg_wll_JobStat* dec_JobStat(char *in, char **rest) if (tmp_in != NULL) stat->pbs_pid = dec_int(tmp_in, &tmp_in); if (tmp_in != NULL) stat->pbs_exit_status = dec_int(tmp_in, &tmp_in); if (tmp_in != NULL) stat->pbs_error_desc = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_status = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_universe = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_owner = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_preempting = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_shadow_pid = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_shadow_exit_status = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_starter_pid = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_starter_exit_status = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_job_pid = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_job_exit_status = dec_int(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_dest_host = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_reason = dec_string(tmp_in, &tmp_in); + if (tmp_in != NULL) stat->condor_error_desc = dec_string(tmp_in, &tmp_in); *rest = tmp_in; @@ -587,7 +617,6 @@ char *enc_intJobStat(char *old, intJobStat* stat) if (ret) ret = enc_string(ret, stat->last_branch_seqcode); if (ret) ret = enc_string(ret, stat->deep_resubmit_seqcode); if (ret) ret = enc_branch_states(ret, stat->branch_states); - if (ret) ret = enc_int_array(ret, stat->children_done_hist, EDG_WLL_NUMBER_OF_DONE_CODES-1); if (ret) ret = enc_timeval(ret, stat->last_pbs_event_timestamp); if (ret) ret = enc_int(ret, stat->pbs_reruning); return ret; @@ -627,9 +656,6 @@ intJobStat* dec_intJobStat(char *in, char **rest) stat->branch_states = dec_branch_states(tmp_in, &tmp_in); } if (tmp_in != NULL) { - dec_int_array(tmp_in, &tmp_in, stat->children_done_hist); - } - if (tmp_in != NULL) { stat->last_pbs_event_timestamp = dec_timeval(tmp_in, &tmp_in); } if (tmp_in != NULL) { @@ -659,6 +685,7 @@ edg_wll_ErrorCode edg_wll_IColumnsSQLPart(edg_wll_Context ctx, char *names, *values; char *data; char *tmp; + char *tmpval; edg_wll_IColumnRec *job_index_cols = (edg_wll_IColumnRec *)job_index_cols_v; edg_wll_ResetError(ctx); @@ -671,9 +698,11 @@ edg_wll_ErrorCode edg_wll_IColumnsSQLPart(edg_wll_Context ctx, data = NULL; switch (job_index_cols[i].qrec.attr) { case EDG_WLL_QUERY_ATTR_OWNER: - if (stat->pub.owner) - trio_asprintf(&data, "'%|Ss'", stat->pub.owner); - else data = strdup("''"); + if (stat->pub.owner) { + tmpval = edg_wll_gss_normalize_subj(stat->pub.owner, 0); + trio_asprintf(&data, "'%|Ss'", tmpval); + free(tmpval); + } else data = strdup("''"); break; case EDG_WLL_QUERY_ATTR_LOCATION: if (stat->pub.location) @@ -707,6 +736,12 @@ edg_wll_ErrorCode edg_wll_IColumnsSQLPart(edg_wll_Context ctx, case EDG_WLL_QUERY_ATTR_RESUBMITTED: asprintf(&data, "%d", stat->pub.resubmitted); break; + case EDG_WLL_QUERY_ATTR_STATEENTERTIME: + data = strdup(edg_wll_TimeToDB(stat->pub.stateEnterTime.tv_sec)); + break; + case EDG_WLL_QUERY_ATTR_LASTUPDATETIME: + data = strdup(edg_wll_TimeToDB(stat->pub.lastUpdateTime.tv_sec)); + break; /* XXX add more attributes when defined */ default: @@ -826,11 +861,12 @@ int same_branch(const char *a, const char *b) int edg_wll_compare_pbs_seq(const char *a,const char *b) { - char timestamp_a[14], pos_a[10], ev_code_a, src_a; - char timestamp_b[14], pos_b[10], ev_code_b, src_b; + char timestamp_a[14], pos_a[10], src_a; + char timestamp_b[14], pos_b[10], src_b; + int ev_code_a, ev_code_b; int res; - res = sscanf(a,"TIMESTAMP=%14s:POS=%10s:EV.CODE=%3d:SRC=%c", ×tamp_a, &pos_a, &ev_code_a, &src_a); + res = sscanf(a,"TIMESTAMP=%14s:POS=%10s:EV.CODE=%3d:SRC=%c", timestamp_a, pos_a, &ev_code_a, &src_a); if (res != 4) { syslog(LOG_ERR, "unparsable sequence code %s\n", a); @@ -838,7 +874,7 @@ int edg_wll_compare_pbs_seq(const char *a,const char *b) return -1; } - res = sscanf(b,"TIMESTAMP=%14s:POS=%10s:EV.CODE=%3d:SRC=%c", ×tamp_b, &pos_b, &ev_code_b, &src_b); + res = sscanf(b,"TIMESTAMP=%14s:POS=%10s:EV.CODE=%3d:SRC=%c", timestamp_b, pos_b, &ev_code_b, &src_b); if (res != 4) { syslog(LOG_ERR, "unparsable sequence code %s\n", b); @@ -881,7 +917,7 @@ int edg_wll_compare_pbs_seq(const char *a,const char *b) } edg_wll_PBSEventSource get_pbs_event_source(const char *pbs_seq_num) { - switch (pbs_seq_num[EDG_WLL_SEQ_PBS_SIZE-1]) { + switch (pbs_seq_num[EDG_WLL_SEQ_PBS_SIZE - 2]) { case 'c': return(EDG_WLL_PBS_EVENT_SOURCE_SCHEDULER); case 's': return(EDG_WLL_PBS_EVENT_SOURCE_SERVER); case 'm': return(EDG_WLL_PBS_EVENT_SOURCE_MOM); @@ -890,6 +926,8 @@ edg_wll_PBSEventSource get_pbs_event_source(const char *pbs_seq_num) { } } +/* TODO: merge */ +<<<<<<< jobstat_supp.c edg_wll_CondorEventSource get_condor_event_source(const char *condor_seq_num) { switch (condor_seq_num[EDG_WLL_SEQ_CONDOR_SIZE-1]) { case 'L': return(EDG_WLL_CONDOR_EVENT_SOURCE_COLLECTOR); @@ -905,6 +943,23 @@ edg_wll_CondorEventSource get_condor_event_source(const char *condor_seq_num) { } } +======= +edg_wll_CondorEventSource get_condor_event_source(const char *condor_seq_num) { + switch (condor_seq_num[EDG_WLL_SEQ_CONDOR_SIZE - 2]) { + case 'L': return(EDG_WLL_CONDOR_EVENT_SOURCE_COLLECTOR); + case 'M': return(EDG_WLL_CONDOR_EVENT_SOURCE_MASTER); + case 'm': return(EDG_WLL_CONDOR_EVENT_SOURCE_MATCH); + case 'N': return(EDG_WLL_CONDOR_EVENT_SOURCE_NEGOTIATOR); + case 'C': return(EDG_WLL_CONDOR_EVENT_SOURCE_SCHED); + case 'H': return(EDG_WLL_CONDOR_EVENT_SOURCE_SHADOW); + case 's': return(EDG_WLL_CONDOR_EVENT_SOURCE_STARTER); + case 'S': return(EDG_WLL_CONDOR_EVENT_SOURCE_START); + case 'j': return(EDG_WLL_CONDOR_EVENT_SOURCE_JOBQUEUE); + default: return(EDG_WLL_CONDOR_EVENT_SOURCE_UNDEF); + } +} + +>>>>>>> 1.26.2.10 int edg_wll_compare_seq(const char *a, const char *b) { unsigned int c[EDG_WLL_SOURCE__LAST]; diff --git a/org.glite.lb.server/src/lb_authz.c b/org.glite.lb.server/src/lb_authz.c index 5b1f742..61daf24 100644 --- a/org.glite.lb.server/src/lb_authz.c +++ b/org.glite.lb.server/src/lb_authz.c @@ -22,6 +22,42 @@ /* XXX should be defined in gridsite-gacl.h */ GRSTgaclEntry *GACLparseEntry(xmlNodePtr cur); +static int +get_fqans(edg_wll_Context ctx, struct vomsdata *voms_info, + char ***fqans) +{ + struct voms **voms_cert = NULL; + char **f, **attrs, **tmp; + int ret, num; + + attrs = NULL; + num = 0; + + for (voms_cert = voms_info->data; voms_cert && *voms_cert; voms_cert++) { + for (f = (*voms_cert)->fqan; f && *f; f++) { + tmp = realloc(attrs, (num + 1) * sizeof(*attrs)); + if (tmp == NULL) { + free(attrs); + return ENOMEM; + } + attrs = tmp; + attrs[num++] = strdup(*f); + } + } + if (attrs) { + tmp = realloc(attrs, (num + 1) * sizeof(*attrs)); + if (tmp == NULL) { + free(attrs); + return ENOMEM; + } + attrs = tmp; + attrs[num++] = NULL; + } + + *fqans = attrs; + return 0; +} + static int add_groups(edg_wll_Context ctx, struct voms *voms_cert, char *vo_name, edg_wll_VomsGroups *groups) @@ -84,6 +120,33 @@ edg_wll_SetVomsGroups(edg_wll_Context ctx, edg_wll_GssConnection *gss, char *ser memset (&ctx->vomsGroups, 0, sizeof(ctx->vomsGroups)); edg_wll_ResetError(ctx); +/* TODO: merge */ +<<<<<<< lb_authz.c +======= + if (ctx->fqans) { + char **f; + for (f = ctx->fqans; f && *f; f++) + free(*f); + free(ctx->fqans); + ctx->fqans = NULL; + } + + ret = get_peer_cred(gss, server_cert, server_key, &p_chain, &cert); + if (ret) { +// ret = 0; +// XXX (MM): I do not know whether this error may be triggered by other +// bugs too... The error message may be incomplete. + edg_wll_SetError(ctx, errno, "cert/key file not owned by process owner?"); + goto end; + } + + /* exit if peer's credentials are not available */ + if (p_chain == NULL || cert == NULL) { + ret = 0; + goto end; + } + +>>>>>>> 1.11.8.1 /* uses X509_CERT_DIR and X509_VOMS_DIR vars */ voms_info = VOMS_Init(voms_dir, ca_dir); if (voms_info == NULL) { @@ -107,6 +170,10 @@ edg_wll_SetVomsGroups(edg_wll_Context ctx, edg_wll_GssConnection *gss, char *ser } ret = get_groups(ctx, voms_info, &ctx->vomsGroups); + if (ret) + goto end; + + ret = get_fqans(ctx, voms_info, &ctx->fqans); end: if (voms_info) diff --git a/org.glite.lb.server/src/lb_html.c b/org.glite.lb.server/src/lb_html.c index 1656331..3ac7ddb 100644 --- a/org.glite.lb.server/src/lb_html.c +++ b/org.glite.lb.server/src/lb_html.c @@ -47,7 +47,7 @@ int edg_wll_UserJobsToHTML(edg_wll_Context ctx, edg_wlc_JobId *jobsOut, char **m "

User jobs

\r\n" "User subject: %s

" "

    %s
" - "\t\r\n",ctx->peerName,pomB); + "\t\r\n",ctx->peerName?ctx->peerName: "<anonymous>",pomB); free(pomB); *message = pomA; diff --git a/org.glite.lb.server/src/lb_http.c b/org.glite.lb.server/src/lb_http.c index cbd5dc0..84a1bd5 100644 --- a/org.glite.lb.server/src/lb_http.c +++ b/org.glite.lb.server/src/lb_http.c @@ -27,8 +27,9 @@ int edg_wll_ServerHTTP(edg_wll_Context ctx) if ( ctx->isProxy ) err = edg_wll_http_recv_proxy(ctx,&req,&hdr,&body); else err = edg_wll_http_recv(ctx,&req,&hdr,&body,ctx->connections->serverConnection); - dprintf(("[%d] %s\n",getpid(),req)); - if (body) dprintf(("\n%s\n\n",body)); + if (req) dprintf(("[%d] request: %s\n",getpid(),req)); + else dprintf(("no request\n")); + if (body) dprintf(("request body:\n%s\n\n",body)); if (!err) { if ((err = edg_wll_Proto(ctx,req,hdr,body,&resp,&hdrOut,&bodyOut))) diff --git a/org.glite.lb.server/src/lb_plugin.c b/org.glite.lb.server/src/lb_plugin.c index 9adac40..4f5501e 100644 --- a/org.glite.lb.server/src/lb_plugin.c +++ b/org.glite.lb.server/src/lb_plugin.c @@ -377,6 +377,12 @@ static int lb_query(void *fpctx,void *handle, const char *attr,glite_jp_attrval_ av[0].size = -1; av[0].timestamp = h->status.lastUpdateTime.tv_sec; } + } else if (strcmp(attr, GLITE_JP_LB_LBserver) == 0) { + av = calloc(2, sizeof(glite_jp_attrval_t)); + av[0].name = strdup(attr); + av[0].value = edg_wlc_JobIdGetServer(h->status.jobId); + av[0].size = -1; + av[0].timestamp = h->status.lastUpdateTime.tv_sec; } else if (strcmp(attr, GLITE_JP_LB_parent) == 0) { if (h->status.parent_job) { av = calloc(2, sizeof(glite_jp_attrval_t)); @@ -826,6 +832,7 @@ static int lb_status(void *handle) { int maxnstates, nstates, i, be_strict = 0, retval; char *errstring; edg_wll_JobStatCode old_state = EDG_WLL_JOB_UNDEF; + int lastStatusHistoryIndex = -1; js = calloc(1, sizeof(intJobStat)); init_intJobStat(js); @@ -844,6 +851,8 @@ static int lb_status(void *handle) { if (nstates >= maxnstates) { maxnstates <<= 1; h->fullStatusHistory = realloc(h->fullStatusHistory, maxnstates * sizeof(lb_historyStatus *)); + if (lastStatusHistoryIndex > -1) + h->lastStatusHistory = &(h->fullStatusHistory[lastStatusHistoryIndex]); } /* job owner and jobId not filled from events normally */ @@ -868,6 +877,7 @@ static int lb_status(void *handle) { /* lastStatusHistory starts from the last WAITING state */ if (js->pub.state == EDG_WLL_JOB_WAITING) { h->lastStatusHistory = &(h->fullStatusHistory[nstates]); + lastStatusHistoryIndex = nstates; } /* finalStatus is the one preceeding the CLEARED state */ if ( (js->pub.state == EDG_WLL_JOB_CLEARED) && (nstates > 0) ) { diff --git a/org.glite.lb.server/src/lb_proto.c b/org.glite.lb.server/src/lb_proto.c index b4ca287..8a3c1ec 100644 --- a/org.glite.lb.server/src/lb_proto.c +++ b/org.glite.lb.server/src/lb_proto.c @@ -41,14 +41,20 @@ #define KEY_AGENT "User-Agent" -const char* const response_headers[] = { +static const char* const response_headers_dglb[] = { "Cache-Control: no-cache", - "Accept: application/x-dglb", - "User-Agent: edg_wll_Server/" PROTO_VERSION "/" COMP_PROTO, + "Server: edg_wll_Server/" PROTO_VERSION "/" COMP_PROTO, "Content-Type: application/x-dglb", NULL }; +static const char* const response_headers_html[] = { + "Cache-Control: no-cache", + "Server: edg_wll_Server/" PROTO_VERSION "/" COMP_PROTO, + "Content-Type: text/html", + NULL +}; + extern int edg_wll_NotifNewServer(edg_wll_Context, edg_wll_QueryRec const * const *, char const *, const edg_wll_NotifId, time_t *); @@ -362,7 +368,7 @@ edg_wll_ErrorCode edg_wll_ProtoV21(edg_wll_Context ctx, } else ret = HTTP_NOTALLOWED; errV21: asprintf(response,"HTTP/1.1 %d %s",ret,edg_wll_HTTPErrorMessage(ret)); - *headersOut = (char **) response_headers; + *headersOut = (char **) (html? response_headers_html : response_headers_dglb); if ((ret != HTTP_OK) && html) *bodyOut = edg_wll_ErrorToHTML(ctx,ret); else @@ -388,28 +394,30 @@ edg_wll_ErrorCode edg_wll_Proto(edg_wll_Context ctx, if ( strstr(headers[i], KEY_AGENT) ) break; if (headers[i] == NULL) { ret = HTTP_BADREQ; goto err; } /* if not present */ - switch (is_protocol_incompatible(headers[i])) { - case 0 : /* protocols compatible */ - ctx->is_V21 = 0; - break; - case -1 : /* malformed 'User Agent:' line */ - ret = HTTP_BADREQ; - goto err; - break; - case 1 : /* protocols incompatible */ - /* try old (V21) version compatibility */ - edg_wll_ProtoV21(ctx, request, headers, messageBody, - response, headersOut, bodyOut); - - /* and propagate errors or results */ - return edg_wll_Error(ctx,NULL,NULL); - break; - case -2 : /* version of one protocol unknown */ - /* fallthrough */ - default : ret = HTTP_UNSUPPORTED; - edg_wll_SetError(ctx,ENOTSUP,"Protocol versions are incompatible."); - goto err; - break; + if (!html) { + switch (is_protocol_incompatible(headers[i])) { + case 0 : /* protocols compatible */ + ctx->is_V21 = 0; + break; + case -1 : /* malformed 'User Agent:' line */ + ret = HTTP_BADREQ; + goto err; + break; + case 1 : /* protocols incompatible */ + /* try old (V21) version compatibility */ + edg_wll_ProtoV21(ctx, request, headers, messageBody, + response, headersOut, bodyOut); + + /* and propagate errors or results */ + return edg_wll_Error(ctx,NULL,NULL); + break; + case -2 : /* version of one protocol unknown */ + /* fallthrough */ + default : ret = HTTP_UNSUPPORTED; + edg_wll_SetError(ctx,ENOTSUP,"Protocol versions are incompatible."); + goto err; + break; + } } @@ -427,15 +435,13 @@ edg_wll_ErrorCode edg_wll_Proto(edg_wll_Context ctx, flags = (requestPTR[1]=='?') ? edg_wll_string_to_stat_flags(requestPTR + 2) : 0; // FIXME: edg_wll_UserJobs should take flags as parameter - if (!ctx->peerName) { - edg_wll_SetError(ctx,EPERM,"Operation not permitted."); - ret = HTTP_UNAUTH; - } switch (edg_wll_UserJobs(ctx,&jobsOut,NULL)) { case 0: if (html) edg_wll_UserJobsToHTML(ctx, jobsOut, &message); else ret = HTTP_OK; break; case ENOENT: ret = HTTP_NOTFOUND; break; + case EPERM: ret = HTTP_UNAUTH; break; + case EDG_WLL_ERROR_NOINDEX: ret = HTTP_UNAVAIL; break; default: ret = HTTP_INTERNAL; break; } if (!html && (ret != HTTP_INTERNAL)) @@ -590,8 +596,6 @@ edg_wll_ErrorCode edg_wll_Proto(edg_wll_Context ctx, } switch ( retCode ) { - // case EPERM : ret = HTTP_UNAUTH; - // /* soft-error fall through */ case 0: if (html) ret = HTTP_NOTIMPL; else ret = HTTP_OK; @@ -885,7 +889,7 @@ edg_wll_ErrorCode edg_wll_Proto(edg_wll_Context ctx, } else ret = HTTP_NOTALLOWED; err: asprintf(response,"HTTP/1.1 %d %s",ret,edg_wll_HTTPErrorMessage(ret)); - *headersOut = (char **) response_headers; + *headersOut = (char **) (html ? response_headers_html : response_headers_dglb); if ((ret != HTTP_OK) && html) *bodyOut = edg_wll_ErrorToHTML(ctx,ret); else diff --git a/org.glite.lb.server/src/lb_proto.h b/org.glite.lb.server/src/lb_proto.h index 614be71..5aa9c54 100644 --- a/org.glite.lb.server/src/lb_proto.h +++ b/org.glite.lb.server/src/lb_proto.h @@ -5,8 +5,6 @@ #include "glite/lb/context.h" -extern const char* const response_headers[]; - /* Handle a single request of the LB server protocol * returns a complete response string (may contain a formatted error * message) diff --git a/org.glite.lb.server/src/lb_xml_parse.c.T b/org.glite.lb.server/src/lb_xml_parse.c.T index 4502b17..5a969b3 100644 --- a/org.glite.lb.server/src/lb_xml_parse.c.T +++ b/org.glite.lb.server/src/lb_xml_parse.c.T @@ -788,7 +788,7 @@ static void endDumpRequest(void *data, const char *el UNUSED_VAR) XMLCtx->dumpRequestGlobal.from = edg_wll_StringToDumpConst(s); } else if (!strcmp(XMLCtx->element,"to")) { - if (isdigit(s)) + if (isdigit(s[0])) XMLCtx->dumpRequestGlobal.to = edg_wll_from_string_to_time_t(XMLCtx); else XMLCtx->dumpRequestGlobal.to = edg_wll_StringToDumpConst(s); diff --git a/org.glite.lb.server/src/notification.c b/org.glite.lb.server/src/notification.c index 57af532..f950bba 100644 --- a/org.glite.lb.server/src/notification.c +++ b/org.glite.lb.server/src/notification.c @@ -395,14 +395,15 @@ static char *get_user(edg_wll_Context ctx, int create) char *userid = NULL, *q = NULL; int ret; - + char *can_peername = NULL; if ( !ctx->peerName ) { edg_wll_SetError(ctx, EPERM, "Annonymous access not allowed"); goto cleanup; } - trio_asprintf(&q, "select userid from users where cert_subj='%|Ss'", ctx->peerName); + can_peername = edg_wll_gss_normalize_subj(ctx->peerName, 0); + trio_asprintf(&q, "select userid from users where cert_subj='%|Ss'", can_peername); if ( edg_wll_ExecSQL(ctx, q, &stmt) < 0 ) goto cleanup; @@ -421,7 +422,7 @@ static char *get_user(edg_wll_Context ctx, int create) } free(q); trio_asprintf(&q, "insert into users(userid,cert_subj) values ('%|Ss','%|Ss')", - userid, ctx->peerName); + userid, can_peername); if ( edg_wll_ExecSQL(ctx, q, NULL) < 0 ) { if ( edg_wll_Error(ctx,NULL,NULL) != EEXIST ) @@ -436,6 +437,7 @@ static char *get_user(edg_wll_Context ctx, int create) cleanup: if ( q ) free(q); if ( stmt ) glite_lbu_FreeStmt(&stmt); + free(can_peername); return userid; } @@ -451,6 +453,7 @@ static int check_notif_request( int ret; + /* XXX: rewrite select below in order to handle cert_subj format changes */ if ( !(user = get_user(ctx, 0)) ) { if ( !edg_wll_Error(ctx, NULL, NULL) ) diff --git a/org.glite.lb.server/src/process_event.c b/org.glite.lb.server/src/process_event.c index 49a5571..42f4faa 100644 --- a/org.glite.lb.server/src/process_event.c +++ b/org.glite.lb.server/src/process_event.c @@ -64,6 +64,7 @@ int processEvent(intJobStat *js, edg_wll_Event *e, int ev_seq, int strict, char } #define rep(a,b) { free(a); a = (b == NULL) ? NULL : strdup(b); } +#define rep_cond(a,b) { if (b) { free(a); a = strdup(b); } } static void free_stringlist(char ***lptr) { @@ -270,7 +271,9 @@ static int processEvent_glite(intJobStat *js, edg_wll_Event *e, int ev_seq, int int lm_favour_lrms = 0; - if (old_state == EDG_WLL_JOB_ABORTED || + // Aborted may not be terminal state for collection in some cases + // i.e. if some Done/failed subjob is resubmitted + if ( (old_state == EDG_WLL_JOB_ABORTED && e->any.type != EDG_WLL_EVENT_COLLECTIONSTATE) || old_state == EDG_WLL_JOB_CANCELLED || old_state == EDG_WLL_JOB_CLEARED) { res = RET_LATE; @@ -647,6 +650,22 @@ static int processEvent_glite(intJobStat *js, edg_wll_Event *e, int ev_seq, int } #endif break; + case EDG_WLL_EVENT_SUSPEND: + if (USABLE(res, strict)) { + if (js->pub.state == EDG_WLL_JOB_RUNNING) { + js->pub.suspended = 1; + rep(js->pub.suspend_reason, e->suspend.reason); + } + } + break; + case EDG_WLL_EVENT_RESUME: + if (USABLE(res, strict)) { + if (js->pub.state == EDG_WLL_JOB_RUNNING) { + js->pub.suspended = 0; + rep(js->pub.suspend_reason, e->resume.reason); + } + } + break; case EDG_WLL_EVENT_RESUBMISSION: if (USABLE(res, strict)) { if (e->resubmission.result == EDG_WLL_RESUBMISSION_WONTRESUB) { @@ -814,7 +833,7 @@ static int processEvent_glite(intJobStat *js, edg_wll_Event *e, int ev_seq, int js->pub.state = EDG_WLL_JOB_SUBMITTED; } if (USABLE_DATA(res, strict)) { - rep(js->pub.jdl, e->regJob.jdl); + rep_cond(js->pub.jdl, e->regJob.jdl); edg_wlc_JobIdFree(js->pub.parent_job); edg_wlc_JobIdDup(e->regJob.parent, &js->pub.parent_job); @@ -878,7 +897,7 @@ static int processEvent_glite(intJobStat *js, edg_wll_Event *e, int ev_seq, int rep(js->last_cancel_seqcode, e->any.seqcode); } else { -/* the first set of LM events (Accept, Transfer* -> LRMS) +/* the first set of LM events (Accept, Transfer/- -> LRMS) should not should shift the state (to Ready, Scheduled) but NOT to update js->last_seqcode completely, in order not to block following LRMS events which are likely to arrive later but should still affect @@ -893,6 +912,11 @@ static int processEvent_glite(intJobStat *js, edg_wll_Event *e, int ev_seq, int else rep(js->last_seqcode, e->any.seqcode); } + if (js->pub.state != EDG_WLL_JOB_RUNNING) { + js->pub.suspended = 0; + rep(js->pub.suspend_reason, NULL); + } + if (fine_res == RET_GOODBRANCH) { rep(js->last_branch_seqcode, e->any.seqcode); } diff --git a/org.glite.lb.server/src/query.c b/org.glite.lb.server/src/query.c index 5133ea9..182ccdf 100644 --- a/org.glite.lb.server/src/query.c +++ b/org.glite.lb.server/src/query.c @@ -61,12 +61,19 @@ int edg_wll_QueryEventsServer( ret = 0, offset = 0, limit = 0, limit_loop = 1, +/* TODO: merge */ +<<<<<<< query.c eperm = 0, where_flags = 0; char *j_old = NULL; int match_status_old = 0; edg_wll_JobStat state_out; +======= + eperm = 0; + char *peerid = NULL; + char *can_peername = NULL, *can_peerid = NULL; +>>>>>>> 1.10.2.3 edg_wll_ResetError(ctx); memset(&state_out, 0, sizeof(edg_wll_JobStat)); @@ -94,6 +101,10 @@ int edg_wll_QueryEventsServer( !(job_where = jc_to_head_where(ctx, job_conditions, &where_flags)) ) if (!ctx->noIndex) goto cleanup; + if (ctx->peerName) peerid = strdup(strmd5(ctx->peerName,NULL)); + can_peername = edg_wll_gss_normalize_subj(ctx->peerName, 0); + if (can_peername) can_peerid = strdup(strmd5(can_peername,NULL)); + /* XXX: similar query in srv_purge.c ! They has to match due to common * convert_event_head() called on the result */ @@ -208,7 +219,7 @@ int edg_wll_QueryEventsServer( // Auth checked in edg_wll_JobStatus above if ( !(where_flags & FL_FILTER) && !noAuth ) { - if (!ctx->peerName || strcmp(res[1],strmd5(ctx->peerName,NULL))) { + if (!ctx->peerName || (strcmp(res[1],peerid) && strcmp(res[1], can_peerid))) { edg_wll_Acl acl = NULL; char *jobid = NULL; @@ -279,8 +290,14 @@ cleanup: free(qbase); free(job_where); free(event_where); +/* TODO: merge */ +<<<<<<< query.c free(j_old); if (state_out.jobId) edg_wll_FreeStatus(&state_out); +======= + free(peerid); + free(can_peername); free(can_peerid); +>>>>>>> 1.10.2.3 return edg_wll_Error(ctx,NULL,NULL); } @@ -815,11 +832,12 @@ static char *jc_to_head_where( int ct, n, m; char *aux, *tmps, + *tmps2, *dbt, *cname = NULL, msg[100]; char *conds, *retconds; - + char *can_peername = NULL; retconds = conds = NULL; @@ -1021,22 +1039,28 @@ static char *jc_to_head_where( return NULL; } + tmps2 = edg_wll_gss_normalize_subj(jc[m][n].value.c, 0); + if (!jc[m][n].value.c && !can_peername) { + can_peername = edg_wll_gss_normalize_subj(ctx->peerName, 0); + } + *where_flags |= FL_SEL_STATUS; if ( conds ) { if ( jc[m][n].value.c ) - trio_asprintf(&tmps, "%s OR s.%s%s'%|Ss'", conds, cname, opToString(jc[m][n].op), jc[m][n].value.c); + trio_asprintf(&tmps, "%s OR s.%s%s'%|Ss'", conds, cname, opToString(jc[m][n].op), tmps2); else - trio_asprintf(&tmps, "%s OR s.%s%s'%|Ss'", conds, cname, opToString(jc[m][n].op), ctx->peerName); + trio_asprintf(&tmps, "%s OR s.%s%s'%|Ss'", conds, cname, opToString(jc[m][n].op), can_peername); free(conds); conds = tmps; } else { if ( jc[m][n].value.c ) - trio_asprintf(&conds, "s.%s%s'%|Ss'", cname, opToString(jc[m][n].op), jc[m][n].value.c); + trio_asprintf(&conds, "s.%s%s'%|Ss'", cname, opToString(jc[m][n].op), tmps2); else - trio_asprintf(&conds, "s.%s%s'%|Ss'", cname, opToString(jc[m][n].op), ctx->peerName); + trio_asprintf(&conds, "s.%s%s'%|Ss'", cname, opToString(jc[m][n].op), can_peername); } + free(tmps2); break; case EDG_WLL_QUERY_ATTR_DONECODE: @@ -1111,6 +1135,7 @@ static char *jc_to_head_where( } } + free(can_peername); return retconds; } @@ -1341,11 +1366,11 @@ int match_status(edg_wll_Context ctx, const edg_wll_JobStat *stat, const edg_wll case EDG_WLL_QUERY_ATTR_OWNER: if (stat->owner) { if (conds[i][j].value.c) { - if (!strcmp(conds[i][j].value.c, stat->owner) ) { + if (edg_wll_gss_equal_subj(conds[i][j].value.c, stat->owner) ) { if ( conds[i][j].op == EDG_WLL_QUERY_OP_EQUAL ) goto or_satisfied; } else if ( conds[i][j].op == EDG_WLL_QUERY_OP_UNEQUAL ) goto or_satisfied; } else if (ctx->peerName) { - if (!strcmp(ctx->peerName, stat->owner) ) { + if (edg_wll_gss_equal_subj(ctx->peerName, stat->owner) ) { if ( conds[i][j].op == EDG_WLL_QUERY_OP_EQUAL ) goto or_satisfied; } else if ( conds[i][j].op == EDG_WLL_QUERY_OP_UNEQUAL ) goto or_satisfied; } diff --git a/org.glite.lb.server/src/request.c b/org.glite.lb.server/src/request.c index 4e4c39c..de2326c 100644 --- a/org.glite.lb.server/src/request.c +++ b/org.glite.lb.server/src/request.c @@ -23,6 +23,7 @@ int trans_db_store(edg_wll_Context ctx, char *event_data, edg_wll_Event *e, intJobStat *is) { int ret; + char *errd = NULL; if ((ret = edg_wll_Transaction(ctx) != 0)) goto err; @@ -32,7 +33,10 @@ trans_db_store(edg_wll_Context ctx, char *event_data, edg_wll_Event *e, intJobSt if (ret == 0) { if ((ret = edg_wll_Commit(ctx)) != 0) goto err; } else { + edg_wll_Error(ctx, NULL, &errd); edg_wll_Rollback(ctx); + edg_wll_SetError(ctx, ret, errd); + free(errd); } err: diff --git a/org.glite.lb.server/src/srv_purge.c b/org.glite.lb.server/src/srv_purge.c index 18b505f..d802f1a 100644 --- a/org.glite.lb.server/src/srv_purge.c +++ b/org.glite.lb.server/src/srv_purge.c @@ -36,8 +36,7 @@ static const char* const resp_headers[] = { "Cache-Control: no-cache", - "Accept: application/x-dglb", - "User-Agent: edg_wll_Server/" PROTO_VERSION "/" COMP_PROTO, + "Server: edg_wll_Server/" PROTO_VERSION "/" COMP_PROTO, "Content-Type: application/x-dglb", NULL }; @@ -234,8 +233,13 @@ int edg_wll_PurgeServer(edg_wll_Context ctx,const edg_wll_PurgeRequest *request) if ( (request->flags & EDG_WLL_PURGE_SERVER_DUMP) && ((dumpfile = edg_wll_CreateTmpPurgeFile(ctx, &tmpfname)) == -1 ) ) - return edg_wll_Error(ctx, NULL, NULL); + goto abort; + /* + should be changed so that only purged events are sent to whole-server dumps + (with this commented out, severely delayed events (>purge interval) can miss + whole-server dumps, but it is more acceptable than invoking whole-server dump + on each purge request (whole-server dumps are used rarely if at all) if (request->flags&EDG_WLL_PURGE_REALLY_PURGE) { edg_wll_DumpRequest req = { EDG_WLL_DUMP_LAST_END, EDG_WLL_DUMP_NOW @@ -246,9 +250,10 @@ int edg_wll_PurgeServer(edg_wll_Context ctx,const edg_wll_PurgeRequest *request) { if ( request->flags & EDG_WLL_PURGE_SERVER_DUMP ) unlink(tmpfname); - return edg_wll_Error(ctx, NULL, NULL); + goto abort; } } + */ if (request->jobs) for (i=0; request->jobs[i]; i++) { if (edg_wlc_JobIdParse(request->jobs[i],&job)) { @@ -339,10 +344,8 @@ int edg_wll_PurgeServer(edg_wll_Context ctx,const edg_wll_PurgeRequest *request) } } glite_lbu_FreeStmt(&s); + abort: - // just for escaping from nested cycles - ; /* prevent compiler to complain */ - } if (parse && !edg_wll_Error(ctx,NULL,NULL)) { diff --git a/org.glite.lb.server/src/store.c.T b/org.glite.lb.server/src/store.c.T index a30734e..4a65fb1 100644 --- a/org.glite.lb.server/src/store.c.T +++ b/org.glite.lb.server/src/store.c.T @@ -45,7 +45,7 @@ static int check_auth(edg_wll_Context,edg_wll_Event *e); #ifndef LB_DAG_EMBRIONIC static int register_subjobs(edg_wll_Context,const edg_wll_RegJobEvent *); #endif -static int register_subjobs_embryonic(edg_wll_Context,const edg_wll_RegJobEvent *); +static int register_subjobs_embryonic(edg_wll_Context,const edg_wll_RegJobEvent *, const char *); void edg_wll_StoreAnonymous(edg_wll_Context ctx,int anon) { ctx->allowAnonymous = anon; @@ -55,6 +55,7 @@ int edg_wll_StoreEvent(edg_wll_Context ctx,edg_wll_Event *e,int *seq) { edg_wll_ErrorCode err = 0; char *userid = NULL,*jobid,*stmt; + char *userid_job = NULL; char *select_max,*ssrc; glite_lbu_Statement sh = NULL; int next = 0xDEAD; @@ -97,10 +98,35 @@ int edg_wll_StoreEvent(edg_wll_Context ctx,edg_wll_Event *e,int *seq) jobid = edg_wlc_JobIdGetUnique(e->any.jobId); +/* TODO: merge */ +<<<<<<< store.c.T trio_asprintf(&stmt,"select userid from jobs where jobid='%|Ss'", jobid); if (edg_wll_ExecSQL(ctx,stmt,&sh) < 0 || edg_wll_FetchRow(ctx,sh,1,NULL,&userid) < 0) goto clean; if (sh) glite_lbu_FreeStmt(&sh); +======= + if ((e->type == EDG_WLL_EVENT_REGJOB || lbproxy_notreg)) { + /* Register the job and owner. For LBproxy, contant "lbproxy" + is used as the name - it's harmless as the job is already + registered with LBserver */ + char *username; + + if (!ctx->isProxy && ctx->peerName != NULL) { + username = edg_wll_gss_normalize_subj(ctx->peerName, 0); + } else { + username = edg_wll_gss_normalize_subj(e->any.user, 0); + } + userid_job = strdup(strmd5(username, NULL)); + if (strcmp(username,e->any.user)) { + if ((err = store_user(ctx,userid_job, username))) goto clean; + } + if ((err = store_user(ctx,userid,e->any.user))) goto clean; + if ((err = store_job(ctx,e->any.jobId,userid_job))) goto clean; + } else { + /* for other events just make sure user record is there */ + if ((err = store_user(ctx,userid,e->any.user))) goto clean; + } +>>>>>>> 1.24.2.7 /* obtain next event sequence number */ @@ -112,7 +138,12 @@ int edg_wll_StoreEvent(edg_wll_Context ctx,edg_wll_Event *e,int *seq) /* try to insert (someone else may be doing the same) */ while (1) { +/* TODO: merge */ +<<<<<<< store.c.T char *max, *stamp; +======= + char *max = NULL; +>>>>>>> 1.24.2.7 if (edg_wll_ExecSQL(ctx,select_max,&sh) < 0 || edg_wll_FetchRow(ctx,sh,1,NULL,&max) < 0) @@ -149,6 +180,7 @@ int edg_wll_StoreEvent(edg_wll_Context ctx,edg_wll_Event *e,int *seq) /* we were late -- try once again */ free(stmt); + free(max); } free(stmt); stmt = NULL; @@ -216,7 +248,7 @@ int edg_wll_StoreEvent(edg_wll_Context ctx,edg_wll_Event *e,int *seq) e->regJob.nsubjobs > 0) #ifdef LB_DAG_EMBRIONIC - err = register_subjobs_embryonic(ctx,&e->regJob); + err = register_subjobs_embryonic(ctx,&e->regJob,userid_job); #else err = register_subjobs(ctx,&e->regJob); #endif @@ -225,6 +257,7 @@ int edg_wll_StoreEvent(edg_wll_Context ctx,edg_wll_Event *e,int *seq) clean: free(now_s); free(userid); + free(userid_job); free(jobid); free(stmt); free(ssrc); @@ -661,12 +694,30 @@ static int check_auth(edg_wll_Context ctx,edg_wll_Event *e) { char *jobid = edg_wlc_JobIdGetUnique(e->any.jobId); char *q = NULL,*owner = NULL; +/* TODO: merge */ +<<<<<<< store.c.T glite_lbu_Statement stmt = NULL; char *user; +======= + edg_wll_Stmt stmt = NULL; +/* TODO: merge */ +>>>>>>> 1.24.2.7 edg_wll_ResetError(ctx); +<<<<<<< store.c.T trio_asprintf(&q,"select userid from jobs where jobid='%|Ss'",jobid); +======= + if (!ctx->isProxy && !ctx->peerName) + return edg_wll_SetError(ctx,EPERM,"can't store using unauthenticated connection"); + + if (e->type == EDG_WLL_EVENT_REGJOB) + return strcmp(e->any.user,EDG_WLL_LOG_USER_DEFAULT) ? + 0 : edg_wll_SetError(ctx,EPERM,"can't register jobs anonymously"); + + trio_asprintf(&q,"select u.cert_subj from jobs j, users u " + "where j.jobid='%|Ss' and u.userid=j.userid",jobid); +>>>>>>> 1.24.2.7 if (edg_wll_ExecSQL(ctx,q,&stmt) < 0 || edg_wll_FetchRow(ctx,stmt,1,NULL,&owner) < 0 @@ -688,8 +739,8 @@ static int check_auth(edg_wll_Context ctx,edg_wll_Event *e) case EDG_WLL_SOURCE_USER_INTERFACE: case EDG_WLL_SOURCE_LRMS: case EDG_WLL_SOURCE_APPLICATION: - user = strmd5(e->any.user,NULL); - if (strcmp(owner,user)) edg_wll_SetError(ctx,EPERM,"check_auth()"); + if (!edg_wll_gss_equal_subj(owner,e->any.user)) + edg_wll_SetError(ctx,EPERM,"check_auth()"); break; default: /* XXX: just don't allow anonymous */ @@ -821,6 +872,7 @@ static edg_wll_ErrorCode states_values_embryonic( stat->pub.owner = strdup(e->user); stat->pub.jobtype = EDG_WLL_STAT_SIMPLE; stat->pub.stateEnterTimes[1 + EDG_WLL_JOB_SUBMITTED] = (int)e->timestamp.tv_sec; + stat->pub.lastUpdateTime = e->timestamp; jobid_md5 = edg_wlc_JobIdGetUnique(jobid); parent_md5 = edg_wlc_JobIdGetUnique(e->jobId); @@ -844,12 +896,11 @@ err: return edg_wll_Error(ctx,NULL,NULL); } -static int register_subjobs_embryonic(edg_wll_Context ctx,const edg_wll_RegJobEvent *e) +static int register_subjobs_embryonic(edg_wll_Context ctx,const edg_wll_RegJobEvent *e, const char *userid) { int i, err = 0; edg_wlc_JobId *subjobs; struct timeval now; - char *userid = strdup(strmd5(e->user,NULL)); char *jobid_md5, *jobid_md5_old; size_t jobid_len; #ifdef LB_BUF diff --git a/org.glite.lb.server/src/stored_master.c b/org.glite.lb.server/src/stored_master.c index d2d4be6..2b5b54a 100644 --- a/org.glite.lb.server/src/stored_master.c +++ b/org.glite.lb.server/src/stored_master.c @@ -25,7 +25,8 @@ int gss_reader(void *user_data, char *buffer, int max_len) { edg_wll_Context tmp_ctx = (edg_wll_Context)user_data; - int ret, len; + int ret; + size_t len; edg_wll_GssStatus gss_code; ret = edg_wll_gss_read_full(&tmp_ctx->connections->serverConnection->gss, @@ -35,18 +36,27 @@ gss_reader(void *user_data, char *buffer, int max_len) if(ret < 0) { switch(ret) { + case EDG_WLL_GSS_ERROR_GSS: + edg_wll_SetErrorGss(tmp_ctx,"gss_reader",&gss_code); + break; + case EDG_WLL_GSS_ERROR_TIMEOUT: - edg_wll_SetError(tmp_ctx, ETIMEDOUT, "read message"); + edg_wll_SetError(tmp_ctx, ETIMEDOUT, "gss_reader"); break; case EDG_WLL_GSS_ERROR_EOF: edg_wll_SetError(tmp_ctx, ENOTCONN, NULL); break; + case EDG_WLL_GSS_ERROR_ERRNO: + edg_wll_SetError(tmp_ctx, errno, "gss_reader"); + break; + default: - edg_wll_SetError(tmp_ctx, EDG_WLL_ERROR_GSS, "read message"); + edg_wll_SetError(tmp_ctx, EDG_WLL_ERROR_GSS, "gss_reader"); break; } + ret = -2; /* -1 is used by read_il_data internals */ } return(ret); @@ -66,16 +76,17 @@ int edg_wll_StoreProto(edg_wll_Context ctx) int edg_wll_StoreProtoServer(edg_wll_Context ctx) { char *buf; - int len,ret; + size_t len; + int ret; size_t total; edg_wll_GssStatus gss_code; edg_wll_ResetError(ctx); ret = read_il_data(ctx, &buf, gss_reader); - if (ret == EDG_WLL_GSS_ERROR_EOF) - return edg_wll_SetError(ctx,ENOTCONN,"client side"); - if(ret < 0) - return edg_wll_SetError(ctx,EIO,"interlogger protocol"); + if (ret == -1) + return edg_wll_SetError(ctx,EIO,"interlogger protocol error"); + if (ret < 0) + return edg_wll_Error(ctx,NULL,NULL); #ifdef LB_PERF if (sink_mode == GLITE_LB_SINK_PARSE) glite_wll_perftest_consumeEventIlMsg(buf); else @@ -107,8 +118,10 @@ gss_plain_reader(void *user_data, char *buffer, int max_len) ret = edg_wll_plain_read_full(&tmp_ctx->connProxy->conn, buffer, max_len, &tmp_ctx->p_tmp_timeout); - if(ret < 0) - edg_wll_SetError(tmp_ctx, errno, "StoreProtoProxy() - reading data"); + if(ret < 0) { + edg_wll_SetError(tmp_ctx, errno, "gss_plain_reader"); + return -2; + } return(ret); } @@ -124,7 +137,10 @@ int edg_wll_StoreProtoProxy(edg_wll_Context ctx) edg_wll_ResetError(ctx); ret = read_il_data(ctx, &buf, gss_plain_reader); - if ( ret < 0 ) return(ret); + if (ret == -1) + return edg_wll_SetError(ctx,EIO,"interlogger protocol error"); + if (ret < 0) + return edg_wll_Error(ctx,NULL,NULL); #ifdef LB_PERF if (sink_mode == GLITE_LB_SINK_PARSE) glite_wll_perftest_consumeEventIlMsg(buf); else diff --git a/org.glite.lb.server/src/userjobs.c b/org.glite.lb.server/src/userjobs.c index 5671d82..4956936 100644 --- a/org.glite.lb.server/src/userjobs.c +++ b/org.glite.lb.server/src/userjobs.c @@ -18,14 +18,27 @@ int edg_wll_UserJobs( edg_wlc_JobId **jobs, edg_wll_JobStat **states) { - char *userid = strmd5(ctx->peerName,NULL),*stmt = NULL, + char *userid, *stmt = NULL, *res = NULL; +/* TODO: merge */ +<<<<<<< userjobs.c int njobs = 0,ret,i,j; +======= + char *can_peername; + int njobs = 0,ret,i; +>>>>>>> 1.2.30.3 edg_wlc_JobId *out = NULL; glite_lbu_Statement sth = NULL; edg_wll_ErrorCode err = 0; edg_wll_ResetError(ctx); + + if (!ctx->peerName) { + return edg_wll_SetError(ctx,EPERM, "user not authenticated (edg_wll_UserJobs)"); + } + can_peername = edg_wll_gss_normalize_subj(ctx->peerName, 0); + userid = strmd5(can_peername,NULL); + free(can_peername); trio_asprintf(&stmt,"select cert_subj from users where userid = '%|Ss'",userid); @@ -33,8 +46,14 @@ int edg_wll_UserJobs( case 0: edg_wll_SetError(ctx,ENOENT,ctx->peerName); case -1: goto err; default: +/* TODO: merge */ +<<<<<<< userjobs.c if (edg_wll_FetchRow(ctx,sth,1,NULL,&res) < 0) goto err; if (strcmp(ctx->peerName,res)) { +======= + if (edg_wll_FetchRow(sth,&res) < 0) goto err; + if (!edg_wll_gss_equal_subj(ctx->peerName,res)) { +>>>>>>> 1.2.30.3 edg_wll_SetError(ctx,EDG_WLL_ERROR_MD5_CLASH,ctx->peerName); goto err; } diff --git a/org.glite.lb.server/src/ws_typeref.c.T b/org.glite.lb.server/src/ws_typeref.c.T index be0ba23..c9b18de 100644 --- a/org.glite.lb.server/src/ws_typeref.c.T +++ b/org.glite.lb.server/src/ws_typeref.c.T @@ -196,7 +196,7 @@ int edg_wll_StatusToSoap(struct soap *soap,edg_wll_JobStat const *src,struct lbt ! h = js->${usuc}; ! for (i=1; istate); -! GLITE_SECURITY_GSOAP_LIST_GET(h, i-1)->$fmap{$_} = src->$_\[i]; +! GLITE_SECURITY_GSOAP_LIST_GET(h, i-1)->$fmap{$_} = src->$_\[i+1]; ! } ! } ! else { @@ -311,9 +311,9 @@ void edg_wll_SoapToJobStatFlags(const struct lbt__jobFlags *in, int *out) { int i; - assert(in); assert(out); + assert(out); *out = 0; - for ( i = 0; i < in->__sizeflag; i++ ) switch ( in->flag[i] ) + if (in) for ( i = 0; i < in->__sizeflag; i++ ) switch ( in->flag[i] ) { case CLASSADS: *out |= EDG_WLL_STAT_CLASSADS; break; case CHILDREN: *out |= EDG_WLL_STAT_CHILDREN; break; diff --git a/org.glite.lb.server/test/test_query_events.cpp b/org.glite.lb.server/test/test_query_events.cpp index e2fb550..3c06fa0 100644 --- a/org.glite.lb.server/test/test_query_events.cpp +++ b/org.glite.lb.server/test/test_query_events.cpp @@ -9,6 +9,8 @@ #include #include +#define NO_GACL +#include "lb_authz.h" #include "get_events.h" using namespace std; @@ -155,6 +157,19 @@ int glite_lbu_bufferedInsert(glite_lbu_bufInsert bi, const char *row) { return int glite_lbu_bufferedInsertClose(glite_lbu_bufInsert bi) { return 0; } int glite_lbu_QueryIndices(glite_lbu_DBContext ctx, const char *table, char ***key_names, char ****column_names) { return 0; } int glite_lbu_DBError(glite_lbu_DBContext ctx, char **s1, char **s2) { return 0; } + +int edg_wll_JobStatus( + edg_wll_Context ctx, + const edg_wlc_JobId job, + int flags, + edg_wll_JobStat *stat) +{ + return 0; +} + +int edg_wll_GetACL(edg_wll_Context ctx, edg_wlc_JobId jobid, edg_wll_Acl *acl) { return 0; } +int edg_wll_CheckACL(edg_wll_Context ctx, edg_wll_Acl acl, int requested_perm) { return 0; } +void edg_wll_FreeAcl(edg_wll_Acl acl) { return; } } CPPUNIT_TEST_SUITE_REGISTRATION(QueryEventsTest);