From: Daniel KouĊ™il Date: Fri, 17 Mar 2006 15:02:18 +0000 (+0000) Subject: renewd is linked against the renewal_core library X-Git-Tag: first~3 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=4a15088464da0ca95069150aeab6aa130027874d;p=jra1mw.git renewd is linked against the renewal_core library --- diff --git a/org.glite.security.proxyrenewal/Makefile b/org.glite.security.proxyrenewal/Makefile index 9a6e088..1da2b5f 100644 --- a/org.glite.security.proxyrenewal/Makefile +++ b/org.glite.security.proxyrenewal/Makefile @@ -117,8 +117,8 @@ ${LIB_CORE_NOTHR}: ${LIB_CORE_NOTHR_OBJS} ${LIB_CORE_THR}: ${LIB_CORE_THR_OBJS} ${LINK} ${version_info} -o $@ ${LIB_CORE_THR_LOBJS} -rpath ${glite_location}/lib ${MYPROXY_LIB_THR} ${VOMS_LIB_THR} -${DAEMON}: ${DAEMONOBJ} - ${LINK} -o $@ ${DAEMONOBJ} ${JOBIDLIB} ${MYPROXY_LIB_NOTHR} -lvomsc -lglobus_gss_assist_${nothrflavour} ${GLOBUS_LIBS} +${DAEMON}: ${DAEMONOBJ} ${LIB_CORE_NOTHR} + ${LINK} -o $@ ${DAEMONOBJ} ${JOBIDLIB} ${LIB_CORE_NOTHR} ${CLIENT}: ${CLIENTOBJ} ${LIB} ${LINK} -o $@ ${CLIENTOBJ} ${LIB} ${GLOBUS_LIBS} diff --git a/org.glite.security.proxyrenewal/src/renew.c b/org.glite.security.proxyrenewal/src/renew.c index 30c8e15..1003dc2 100644 --- a/org.glite.security.proxyrenewal/src/renew.c +++ b/org.glite.security.proxyrenewal/src/renew.c @@ -22,69 +22,6 @@ renew_proxy(glite_renewal_core_context ctx, proxy_record *record, char *basename static void register_signal(int signal); -/* XXX remove once the renew_core libs is used */ -#if 1 -int -load_proxy(glite_renewal_core_context ctx, const char *cur_file, X509 **cert, EVP_PKEY **priv_key, - STACK_OF(X509) **chain, globus_gsi_cred_handle_t *cur_proxy) -{ - globus_result_t result; - globus_gsi_cred_handle_t proxy = NULL; - int ret; - - result = globus_gsi_cred_handle_init(&proxy, NULL); - if (result) { - fprintf(stderr, "globus_gsi_cred_handle_init() failed\n"); - goto end; - } - - result = globus_gsi_cred_read_proxy(proxy, cur_file); - if (result) { - fprintf(stderr, "globus_gsi_cred_read_proxy() failed\n"); - goto end; - } - - if (cert) { - result = globus_gsi_cred_get_cert(proxy, cert); - if (result) { - fprintf(stderr, "globus_gsi_cred_get_cert() failed\n"); - goto end; - } - } - - if (priv_key) { - result = globus_gsi_cred_get_key(proxy, priv_key); - if (result) { - fprintf(stderr, "globus_gsi_cred_get_key() failed\n"); - goto end; - } - } - - if (chain) { - result = globus_gsi_cred_get_cert_chain(proxy, chain); - if (result) { - fprintf(stderr, "globus_gsi_cred_get_cert_chain() failed\n"); - goto end; - } - } - - if (cur_proxy) { - *cur_proxy = proxy; - proxy = NULL; - } - - ret = 0; - -end: - if (proxy) - globus_gsi_cred_handle_destroy(proxy); - if (result) - ret = EDG_WLPR_ERROR_GENERIC; - - return ret; -} -#endif - static void register_signal(int signal) { @@ -103,117 +40,32 @@ register_signal(int signal) static int renew_proxy(glite_renewal_core_context ctx, proxy_record *record, char *basename, char **new_proxy) { - char tmp_proxy[FILENAME_MAX]; - int tmp_fd; char repository_file[FILENAME_MAX]; int ret = -1; - char *p; + char *p = NULL; char *server = NULL; - myproxy_socket_attrs_t *socket_attrs; - myproxy_request_t *client_request; - myproxy_response_t *server_response; - char *renewed_proxy; - - socket_attrs = malloc(sizeof(*socket_attrs)); - memset(socket_attrs, 0, sizeof(*socket_attrs)); - - client_request = malloc(sizeof(*client_request)); - memset(client_request, 0, sizeof(*client_request)); - - server_response = malloc(sizeof(*server_response)); - memset(server_response, 0, sizeof(*server_response)); - - myproxy_set_delegation_defaults(socket_attrs, client_request); - - edg_wlpr_Log(ctx, LOG_DEBUG, "Trying to renew proxy in %s.%d", - basename, record->suffix); - - snprintf(tmp_proxy, sizeof(tmp_proxy), "%s.%d.myproxy.XXXXXX", - basename, record->suffix); - tmp_fd = mkstemp(tmp_proxy); - if (tmp_fd == -1) { - edg_wlpr_Log(ctx, LOG_ERR, "Cannot create temporary file (%s)", - strerror(errno)); - return errno; - } + unsigned int port = 0; snprintf(repository_file, sizeof(repository_file),"%s.%d", basename, record->suffix); - ret = get_proxy_base_name(ctx, repository_file, &client_request->username); - if (ret) - goto end; - - client_request->proxy_lifetime = 60 * 60 * DGPR_RETRIEVE_DEFAULT_HOURS; - - server = (record->myproxy_server) ? record->myproxy_server : - socket_attrs->pshost; - if (server == NULL) { - edg_wlpr_Log(ctx, LOG_ERR, "No myproxy server specified"); - ret = EINVAL; - goto end; - } - socket_attrs->pshost = strdup(server); + if (record->myproxy_server) + server = strdup(record->myproxy_server); - p = strchr(socket_attrs->pshost, ':'); - if (p) { + if (server && (p = strchr(server, ':'))) { *p++ = '\0'; - ret = edg_wlpr_DecodeInt(p, &socket_attrs->psport); - if (ret) - goto end; - } else - socket_attrs->psport = MYPROXY_SERVER_PORT; - - verror_clear(); - ret = myproxy_get_delegation(socket_attrs, client_request, repository_file, - server_response, tmp_proxy); - if (ret == 1) { - ret = EDG_WLPR_ERROR_MYPROXY; - edg_wlpr_Log(ctx, LOG_ERR, "Error contacting MyProxy server for proxy %s: %s", - repository_file, verror_get_string()); - verror_clear(); - goto end; + ret = edg_wlpr_DecodeInt(p, &port); } - renewed_proxy = tmp_proxy; - - if (voms_enabled && record->voms_exts) { - char tmp_voms_proxy[FILENAME_MAX]; - int tmp_voms_fd; - - snprintf(tmp_voms_proxy, sizeof(tmp_voms_proxy), "%s.%d.voms.XXXXXX", - basename, record->suffix); - tmp_voms_fd = mkstemp(tmp_voms_proxy); - if (tmp_voms_fd == -1) { - edg_wlpr_Log(ctx, LOG_ERR, "Cannot create temporary file (%s)", - strerror(errno)); - ret = errno; - goto end; - } - - ret = renew_voms_creds(ctx, repository_file, renewed_proxy, tmp_voms_proxy); - close(tmp_voms_fd); - if (ret) { - unlink(tmp_voms_proxy); - goto end; - } - - renewed_proxy = tmp_voms_proxy; - unlink(tmp_proxy); - } - - if (new_proxy) - *new_proxy = strdup(renewed_proxy); + ret = glite_renewal_core_renew(ctx, server, port, repository_file, new_proxy); + if (ret) + goto end; ret = 0; end: - if (socket_attrs->socket_fd) - close(socket_attrs->socket_fd); - close(tmp_fd); - if (ret) - unlink(tmp_proxy); - myproxy_free(socket_attrs, client_request, server_response); + if (server) + free(server); return ret; } diff --git a/org.glite.security.proxyrenewal/src/renewal_core.c b/org.glite.security.proxyrenewal/src/renewal_core.c index d35ed3c..97309d6 100644 --- a/org.glite.security.proxyrenewal/src/renewal_core.c +++ b/org.glite.security.proxyrenewal/src/renewal_core.c @@ -1,3 +1,6 @@ +#include +#include + #include "renewal_core.h" #include "renewal_locl.h" #include "renewd_locl.h" @@ -236,6 +239,10 @@ glite_renewal_core_init_ctx(glite_renewal_core_context *context) int glite_renewal_core_destroy_ctx(glite_renewal_core_context context) { + if (context == NULL) + return 0; + if (context->err_message); + free(context->err_message); free(context); return 0; } diff --git a/org.glite.security.proxyrenewal/src/renewd.c b/org.glite.security.proxyrenewal/src/renewd.c index bfb1d49..96b89ef 100644 --- a/org.glite.security.proxyrenewal/src/renewd.c +++ b/org.glite.security.proxyrenewal/src/renewd.c @@ -474,24 +474,6 @@ do_listen(glite_renewal_core_context ctx, char *socket_name, int *sock) return 0; } -void -edg_wlpr_Log(glite_renewal_core_context ctx, int dbg_level, const char *format, ...) -{ - va_list ap; - char log_mess[1024]; - - /* cannot handle the %m format argument specific for syslog() */ - va_start(ap, format); - vsnprintf(log_mess, sizeof(log_mess), format, ap); - va_end(ap); - - if (debug) - printf("[%d] %s\n", getpid(), log_mess); - else - if (dbg_level < LOG_DEBUG) /* XXX make configurable */ - syslog(dbg_level, "%s", log_mess); -} - int start_watchdog(glite_renewal_core_context ctx, pid_t *pid) { @@ -555,6 +537,16 @@ int main(int argc, char *argv[]) exit(1); } + ret = glite_renewal_core_init_ctx(&ctx); + if (ret) { + fprintf(stderr, "Cannot initialize context\n"); + exit(1); + } + if (debug) { + ctx->log_level = LOG_DEBUG; + ctx->log_dst = GLITE_RENEWAL_LOG_STDOUT; + } + if (chdir(repository)) { edg_wlpr_Log(ctx, LOG_ERR, "Cannot access repository directory %s (%s)", repository, strerror(errno)); @@ -614,47 +606,3 @@ int main(int argc, char *argv[]) close(sock); return ret; } - -/* XXX remove once the renew_core libs is used */ -#if 1 -int -get_proxy_base_name(glite_renewal_core_context ctx, char *file, char **name) -{ - X509 *cert = NULL; - EVP_PKEY *key = NULL; - STACK_OF(X509) *chain = NULL; - X509_NAME *subject = NULL; - int ret; - - ret = load_proxy(ctx, file, &cert, &key, &chain, NULL); - if (ret) - return ret; - - subject = X509_NAME_dup(X509_get_subject_name(cert)); - - sk_X509_insert(chain, cert, 0); - cert = NULL; - - ret = globus_gsi_cert_utils_get_base_name(subject, chain); - if (ret) { - edg_wlpr_Log(ctx, LOG_ERR, "Cannot get subject name from proxy %s", file); - ret = EDG_WLPR_ERROR_SSL; /* XXX ??? */ - goto end; - } - - *name = X509_NAME_oneline(subject, NULL, 0); - ret = 0; - -end: - if (cert) - X509_free(cert); - if (key) - EVP_PKEY_free(key); - if (chain) - sk_X509_pop_free(chain, X509_free); - if (subject) - X509_NAME_free(subject); - - return ret; -} -#endif diff --git a/org.glite.security.proxyrenewal/src/renewd_locl.h b/org.glite.security.proxyrenewal/src/renewd_locl.h index 39892b0..71565d4 100644 --- a/org.glite.security.proxyrenewal/src/renewd_locl.h +++ b/org.glite.security.proxyrenewal/src/renewd_locl.h @@ -3,8 +3,6 @@ #ident "$Header$" -#include -#include #include #include #include