From: Daniel KouĊ™il Date: Wed, 9 Aug 2006 20:40:09 +0000 (+0000) Subject: Merged fixes from 3.1 X-Git-Tag: gridsite-core_R_1_3_2~30 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=2e77855ab04a7d50cc151001e016f820c9419d88;p=jra1mw.git Merged fixes from 3.1 --- diff --git a/org.glite.security.proxyrenewal/src/renewal_core.c b/org.glite.security.proxyrenewal/src/renewal_core.c index 071923d..93e011d 100644 --- a/org.glite.security.proxyrenewal/src/renewal_core.c +++ b/org.glite.security.proxyrenewal/src/renewal_core.c @@ -125,8 +125,7 @@ glite_renewal_core_renew(glite_renewal_core_context ctx, myproxy_request_t *client_request; myproxy_response_t *server_response; char *renewed_proxy; - /* XXX */ - int voms_exts = 1; + int voms_exts; socket_attrs = malloc(sizeof(*socket_attrs)); memset(socket_attrs, 0, sizeof(*socket_attrs)); @@ -153,6 +152,8 @@ glite_renewal_core_renew(glite_renewal_core_context ctx, if (ret) goto end; + voms_exts = check_voms_attrs(ctx, current_proxy); + client_request->proxy_lifetime = 60 * 60 * DGPR_RETRIEVE_DEFAULT_HOURS; server = (myproxy_server) ? myproxy_server : socket_attrs->pshost; diff --git a/org.glite.security.proxyrenewal/src/renewd_locl.h b/org.glite.security.proxyrenewal/src/renewd_locl.h index 78c106e..9304535 100644 --- a/org.glite.security.proxyrenewal/src/renewd_locl.h +++ b/org.glite.security.proxyrenewal/src/renewd_locl.h @@ -76,4 +76,7 @@ get_proxy_base_name(glite_renewal_core_context ctx, const char *file, char **sub int renew_voms_creds(glite_renewal_core_context ctx, const char *cur_file, const char *renewed_file, const char *new_file); +int +check_voms_attrs(glite_renewal_core_context ctx, const char *proxy); + #endif /* RENEWALD_LOCL_H */ diff --git a/org.glite.security.proxyrenewal/src/voms.c b/org.glite.security.proxyrenewal/src/voms.c index f92778b..367c4de 100644 --- a/org.glite.security.proxyrenewal/src/voms.c +++ b/org.glite.security.proxyrenewal/src/voms.c @@ -160,6 +160,9 @@ renew_voms_cert(glite_renewal_core_context ctx, struct vomsdata *vd, struct voms ret = create_voms_command(ctx, vd, voms_cert, &command); + /* XXX the lifetime should be taken from the older proxy */ + ret = VOMS_SetLifetime(60*60*12, vd, &voms_error); + /* XXX iterate over all servers on the list on errors */ ret = VOMS_ContactRaw(voms_contacts[0]->host, voms_contacts[0]->port, voms_contacts[0]->contact, command, @@ -290,6 +293,43 @@ renew_voms_creds(glite_renewal_core_context ctx, const char *cur_file, const cha return renew_voms_certs(ctx, cur_file, renewed_file, new_file); } +int +check_voms_attrs(glite_renewal_core_context ctx, const char *proxy) +{ + int ret, voms_err, present; + X509 *cert = NULL; + STACK_OF(X509) *chain = NULL; + struct vomsdata *vd = NULL; + + ret = load_proxy(ctx, proxy, &cert, NULL, &chain, NULL); + if (ret) + return 0; + + vd = VOMS_Init(NULL, NULL); + if (vd == NULL) { + present = 0; + goto end; + } + + ret = VOMS_Retrieve(cert, chain, RECURSE_CHAIN, vd, &voms_err); + if (ret == 0) { + present = 0; + goto end; + } + + present = 1; + +end: + if (cert) + X509_free(cert); + if (chain) + sk_X509_pop_free(chain, X509_free); + if (vd) + VOMS_Destroy(vd); + + return present; +} + #if 0 int main(int argc, char *argv[])