This release contains the gLite Logging & Bookkeeping -Server module v. 0.2.0. The following sections provide additional information about +Server module v. 1.2.2. The following sections provide additional information about the release content, the module dependencies, the know bugs and issues and a list of bugs closed since the previous release. For information about installing and using the gLite Logging & Bookkeeping Server, please refer to the gLite Installation and User Guides.
-The gLite Logging & Bookkeeping Server v. 0.2.0 is +
This release introduces the following changes:
+ ++ +
The gLite Logging & Bookkeeping Server v. 1.2.2 is composed of the following gLite components:
-
|
- Component name +Component name |
-
- Version +Version |
-
- File +File |
|
- org.glite.deployment.lb +org.glite.deployment.lb |
-
- 0.2.0 +1.2.2 |
-
- http://glite.web.cern.ch/glite/packages/I20041210/installers/glite-lb_installer.sh
+ http://glite.web.cern.ch/glite/packages/R1.0/R20050331/installers/glite-lb_installer.sh
|
|
- org.glite.deployment.config +org.glite.deployment.config |
-
- 0.3.0 +1.0.0 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/noarch/RPMS/glite-config-1.0.0-1.noarch.rpm |
|
- glite-lb-client-interface +org.glite.lb.client-interface |
-
- 0.3.1 +1.0.2 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-client-interface-1.0.2-1.i386.rpm |
|
- glite-lb-common +org.glite.lb.common |
-
- 0.4.1 +1.1.4 |
- - + |
|
- glite-lb-logger +org.glite.lb.logger |
-
- 0.4.1 +1.0.1 |
- - + |
|
- glite-lb-server +org.glite.lb.server |
-
- 0.6.2 +1.0.1 |
- + 8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-server-1.0.1-1.i386.rpm |
|
- glite-lb-server-bones +org.glite.lb.server-bones |
-
- 0.1.0 +1.0.0 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-server-bones-1.0.0-1.i386.rpm |
|
- glite-lb-ws-interface +org.glite.lb.ws-interface |
-
- 0.1.0 +1.0.1 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-ws-interface-1.0.1-1.i386.rpm |
|
- glite-security-proxyrenewal +org.glite.security.proxyrenewal |
-
- 0.1.1 +1.0.11 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-security-proxyrenewal-1.0.11-1.i386.rpm |
|
- glite-wms-utils-exception +org.glite.wms-utils.exception |
-
- 0.1.2 +1.0.1 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-wms-utils-exception-1.0.1-1.i386.rpm |
|
- glite-wms-utils-jobid +org.glite.wms-utils.jobid |
-
- 0.1.2 +1.0.0 |
- + style='font-size:8.0pt'>http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-wms-utils-jobid-1.0.0-1.i386.rpm + | +
|
+ org.glite.security.voms + |
+
+ 1.2.32 + |
+ + + | +
|
+ org.gridsite.core + |
+
+ 1.1.5 + |
+ + |
-
The gLite Logging & Bookkeeping Server module has the -following dependencies:
+The gLite Logging & Bookkeeping Server v. 1.2.2 module +has the following dependencies:
-
|
Bug number |
-
Description |
+
+ + |
|
| + | + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=6412"> #6412 | -
glite-lb-bkserverd - start/stop/status displays usage options + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=6412">--start and --stop options not + documented in glite-ce-config.py, glite-lb-config.py + |
+
+
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7053"> #7053 |
no RPM provides the - lb-local-logger daemon - + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7053">LB configuration fails if the + mysql root pwd is set + |
+
+
|
|
| + | + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7180"> #7180 | -
When running - "glite-lb-bkserverd start", glite-lb-bkserverd doesn't start in - background + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7180">Logging & Bookkeping UI + |
+
+
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7237"> #7237 | -- + | + + | +
+
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7300"> #7300 |
glite-lb-bkserverd script gives - bash: /root/.bashrc: Permission denied error + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7300">update of the lb instructions + at the end of the installer script + |
+
+
|
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7305"> #7305 |
glite-lb-bkserverd does not - check default location for credentials + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7305">lb.database.username paramenter + in config file + |
+
+
|
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7307"> #7307 |
Default user should not be used - in the init.d scripts + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7307">lb config script does _not_ + fail if mysql root password is set + |
+
+
|
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7321"> #7321 |
credential file created in - /var/tmp is unnecessary + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7321">creation of indices fails + randomly + |
+
+
|
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7324"> #7324 |
service start and stop notifications - are inconsistent for glite-lb-bkserverd init,d script + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7324">lb-bkserver is running with no + pid + |
+
+ + |
+ |
| + + | ++ + | +
+
|
+
-
No removal procedure is -provided with this release apart from the removal of the RPMS. Any account, -group or other resource created during the module configuration must be -manually cleaned.
+Bugs fixed in this or previous releases, but not yet officially +tested:
+ ++ +
|
+ Bug number + |
+
+ Description + |
+
+ + |
+
| + + | +
+ glite-lb-config.py has + glite.location and globus.location not set in params[] + |
+
+ + |
+
| + + | +
+ Environment variables set via + the configuration script are not passed to daemon startup scripts + |
+
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | +
+ glite-lb-bkserver does not + start and blocks execution of glite-lb-config.py + |
+
+ + |
+
| + + | +
+ glite-proxy-renewd starts the + daemon glite-proxy-renewd as GLITE_USER which is glite-lb i.e. wrong + |
+
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
-
This release fixes the -following bugs and issues. Since there are no previous public releases, this -list refers to the previous development release. Bug numbers refer to the gLite -Bug Tracking system database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw
@@ -1101,96 +1460,1190 @@ href="https://savannah.cern.ch/bugs/?group=jra1mdw">https://savannah.cern.ch/bug|
Bug number |
-
Description |
|
| + | + + | ++ + | +
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=5897"> #5897 | -+ + | +|
|
no licence found in lb packages + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=5910"> #5910 + |
+
+ glite-lb configuration scripts + don't set GLITE_USER environment |
|
| + | + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=5925"> #5925 | -+ + | +
| + + | +
+ the BKserver on the LB machine + needs a symlink and the script doesn't check for it + |
+ |
| + + | ++ + | +|
|
LB install/config documentation - has some errors + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7152"> #7152 + |
+
+ The LB installer tries to + install gridsite with a wrong rpm name |
|
| + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7351"> #7351 |
glite-lb-bkserver daemon looks - hangs is /tmp/mysql.sock is not present + href="https://savannah.cern.ch/bugs/?func=detailitem&item_id=7351">Star/restart of LB services |
|
| + + | +
+ The first time the LB config + script is run it fails creating the db indices + |
+ |
| + + | +
+ '/etc/rc.d/init.d/gLite status' + not working correctly in LB + |
+
+ +
This release contains the gLite Logging & Bookkeeping +Server module v. 1.1.0. The following sections provide additional information about +the release content, the module dependencies, the know bugs and issues and a +list of bugs closed since the previous release. For information about +installing and using the gLite Logging & Bookkeeping Server, please refer +to the gLite Installation and User Guides.
+ +This release introduces the following changes:
+ ++ +
The gLite Logging & Bookkeeping Server v. 1.1.0 is +composed of the following gLite components:
+ ++ +
|
+ Component name + |
+
+ Version + |
+
+ File + |
+
|
+ org.glite.deployment.lb + |
+
+ 1.1.0 + |
+
+ http://glite.web.cern.ch/glite/packages/I20050225/installers/glite-lb_installer.sh + + + |
+
|
+ org.glite.deployment.config + |
+
+ 0.8.2 + |
+ + + | +
|
+ org.glite.lb.client-interface + |
+
+ 1.0.1 + |
+ + + | +
|
+ org.glite.lb.common + |
+
+ 1.1.3 + |
+ + + | +
|
+ org.glite.lb.logger + |
+
+ 1.0.1 + |
+ + + | +
|
+ org.glite.lb.server + |
+
+ 1.0.1 + |
+ + + | +
|
+ org.glite.lb.server-bones + |
+
+ 1.0.0 + |
+ + + | +
|
+ org.glite.lb.ws-interface + |
+
+ 1.0.0 + |
+ + + | +
|
+ org.glite.security.proxyrenewal + |
+
+ 1.0.1 + |
+ + + | +
|
+ org.glite.wms-utils.exception + |
+
+ 1.0.0 + |
+ + + | +
|
+ org.glite.wms-utils.jobid + |
+
+ 1.0.0 + |
+ + + | +
|
+ org.glite.security.voms + |
+
+ 1.2.29 + |
+ + + | +
|
+ org.gridsite.core + |
+
+ 1.1.5 + |
+
+ http://glite.web.cern.ch/glite/packages/I20050225/bin/rhel30/i386/RPMS/gridsite-1.1.5-1.i386.rpm + |
+
+ +
The gLite Logging & Bookkeeping Server module has the +following dependencies:
+ ++ +
+ +
This release has the +following bugs and issues. Bug numbers refer to the gLite Bug Tracking system +database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw +.
+ ++ +
+ +
Known open bugs:
+ ++ +
|
+ Bug number + |
+
+ Description + |
+
+ + |
+
| + + | +
+ glite-lb configuration scripts + has missing dependency (CGI.pm) + |
+
+ + |
+
| + + | +
+ glite-lb-bkserver does not + start and blocks execution of glite-lb-config.py + |
+
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
+ +
Bugs fixed in this or previous releases, but not yet tested:
+ ++ +
|
+ Bug number + |
+
+ Description + |
+
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | +
+ glite-lb-config.py has + glite.location and globus.location not set in params[] + |
+
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | +
+ mysqlaccess command fails with + Broken pipe if mysql socket file is in /tmp + |
+
+ + |
+
| + + | +
+ Environment variables set via + the configuration script are not passed to daemon startup scripts + |
+
+ + |
+
| + + | +
+ glite-lb configuration scripts + don't set GLITE_USER environment + |
+
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | ++ + | +
+ + |
+
| + + | +
+ --start and --stop options not + documented in glite-ce-config.py, glite-lb-config.py + |
+
+ + |
+
| + + | +
+ the BKserver on the LB machine + needs a symlink and the script doesn't check for it + |
+
+ + |
+
+ +
This release fixes the +following bugs and issues. Bug numbers refer to the gLite Bug Tracking system +database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw +
+ ++ +
|
-
+ Bug number |
- - + |
+ Description |
-
This release contains the gLite Logging & Bookkeeping -Server module v. 0.1.0. The following sections provide additional information +Server module v. 1.0.0. The following sections provide additional information about the release content, the module dependencies, the know bugs and issues and a list of bugs closed since the previous release. For information about installing and using the gLite Logging & Bookkeeping Server, please refer to the gLite Installation and User Guides.
-The gLite Logging & Bookkeeping Server v. 0.1.0 is +
This release doesnt contain any functional changes. It +contains a number of bug fixes in the components and the deployment module to +be submitted to testing.
+ +However, the version number has been changed to match the +final release number 1.0.0.
+ +The gLite Logging & Bookkeeping Server v. 0.3.1 is composed of the following gLite components:
@@ -1219,17 +2672,17 @@ composed of the following gLite components:
0.1.0
+1.0.0
http://glite.web.cern.ch/glite/packages/I20041126/installers/glite-lb_installer.sh + href="http://glite.web.cern.ch/glite/packages/I20041126/installers/glite-lb_installer.sh">http://glite.web.cern.ch/glite/packages/I20050114/installers/glite-lb_installer.sh
+ href="http://glite.web.cern.ch/glite/packages/I20050114/bin/rhel30/noarch/RPMS/glite-lb-config-1.0.0-1.noarch.rpm">http://glite.web.cern.ch/glite/packages/I20050114/bin/rhel30/noarch/RPMS/glite-lb-config-1.0.0-1.noarch.rpm0.1.0
+0.4.1
0.3.0
+1.0.0
+glite-lb-common
+1.1.0
0.3.0
+1.0.0
glite-lb-common
+glite-lb-server
0.3.0
+1.0.0
glite-lb-server
+glite-lb-server-bones
0.5.2
+1.0.0
glite-lb-server-bones
+glite-lb-ws-interface
0.1.0
+1.0.0
glite-wms-utils-jobid
+glite-security-proxyrenewal
0.1.2
+1.0.0
0.1.2
+1.0.0
glite-security-proxyrenewal
+glite-wms-utils-jobid
0.1.0
+1.0.0
-
The gLite Logging & Bookkeeping Server module has the following dependencies:
@@ -1432,13 +2903,14 @@ following dependencies:0.2.0
+0.4.0
http://glite.web.cern.ch/glite/packages/I20041126/installers/glite-security-utils_installer.sh
+ style='font-size:10.0pt'>http://glite.web.cern.ch/glite/packages/I20050114/installers/glite-security-utils_installer.sh-
This release has the following bugs and issues. Bug numbers refer to the gLite Bug Tracking system @@ -1598,39 +3070,38 @@ href="https://savannah.cern.ch/bugs/?group=jra1mdw">https://savannah.cern.ch/bug
@@ -1653,12 +3333,11 @@ manually cleaned. text-align:left;text-autospace:none'> -
This release fixes the -following bugs and issues. Since there are no previous public releases, this -list refers to the previous development release. Bug numbers refer to the gLite -Bug Tracking system database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw
@@ -1667,44 +3346,13 @@ href="https://savannah.cern.ch/bugs/?group=jra1mdw">https://savannah.cern.ch/bug|
- Bug number +Bug number |
-
- Description - |
-
| - - | -- - | -
| - - | -
- LB install/config documentation - has some errors +Description |
-This Guide is intended for people administrating areas of GridSite -websites or fileservers, or managing GridSite's DN List groups - that is, -how to use GridSite to manage other people's access to parts of the site - -for example, people's write access to areas devoted to specific subprojects. - -
- There is a separate -User Guide - which explains how to authenticate to the server with X.509 certificates, -and how to manage files via a standard web browser or with command-line -HTTPS clients. You should be familiar with the User Guide to fully -understand this Admin Guide. - -
- You may also find the -Config Guide - useful to understand how the Apache webserver is configured with GridSite -extensions. If you are also the Apache webmaster for your site, you will -definitely need to read the Config Guide to create the httpd.conf file. -However, if you only need to manage webpages and files, then this Admin -Guide and the User Guide should be sufficient. - -
-GridSite defines groups of people using plain text DN Lists - that is, lists -of people's certificate DNs. Each DN List has a URL which uniquely -identifies the list (and may also allow other sites to obtain the list and -use it themselves.) For example, the list of all GridPP members is -https://www.gridpp.ac.uk/dn-lists/gridpp (note that it's https:// not -http:// - this means that other sites that download the list can check the -certificate of www.gridpp.ac.uk and know they're talking to the -authoritative source of the lists.) - -
-The system can also have a number of other DN Lists which are associated with -specific groups of people and perhaps with specific areas of responsibility -of the website. If the DN List directory URI is /dn-lists/ then -there is a full list of the DN Lists exported by the server at that URI -(for example, https://www.gridpp.ac.uk/dn-lists/ ) - -
-If you have permission to modify a DN List, you can start changing it by -going to /dn-lists/ (via HTTPS), using the "Manage directory" -button and finding the URL of your DN List in the listings. You may -need to go down into a subdirectory to find your list. For -example, https://www.gridpp.ac.uk/dn-lists/atlas is in the atlas -subdirectory of /dn-lists/ (You may wish to bookmark the listing of such -a directory if you frequently work with one.) - -
-DN List directories are managed by the ACLs described in the next section, -and if you have write permission, you can edit the lists already there, and -add new lists with the same prefix (this means you can readily create your -own subgroups.) - -
-DN Lists appear in the Grid Access Control Lists (GACL) used by GridSite. -These are stored as .gacl files in directories: if the .gacl file is -present, it governs access to the directory; if it is absent, then the -parent directories are searched upwards until a .gacl is found. - -
-The GridSite GACL Reference explains the XML format -of these files, but they -can be edited using the ACL editor built into the GridSite system by people -who have the Admin permission within the ACL. - -
-If you have this permission in a given directory, when you view directory -listings or files in that directory you will see the option "Manage -Directory" in the page footer. This allows you to get a listing of the -directory and the .gacl file will appear at the top if it's present. If not, -then there will be a button to create a new .gacl file with the same -permissions as have been inherited by that directory from its parent. - -
-GACL allows quite complex conditions to be imposed on access, but normally -you can think of an ACL as being composed of a number of entries, each of -which contains one condition (the required credential) and a set of allowed -and denied permissions. - -
-Credentials can be individual user's certificate names or whole groups of -certificate names if a DN List is given. (You can also specifiy hostname -patterns using Unix shell wildcards (eg *.ac.uk) or EDG VOMS attribute -certificates - see the GACL Reference for details.) - -
-Permissions can be Admin (edit the ACL), Write (create, modify or delete -files), List (browse the directory) or Read (read files.) Permissions can be -allowed or denied. If denied by any entry, the permission is not available -to that user or DN List (depending on what credential type was associated -with the Deny.) - - diff --git a/org.gridsite.core/doc/build-apache2.sh b/org.gridsite.core/doc/build-apache2.sh deleted file mode 100644 index 507be31..0000000 --- a/org.gridsite.core/doc/build-apache2.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2002-3, Andrew McNab, University of Manchester -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or -# without modification, are permitted provided that the following -# conditions are met: -# -# o Redistributions of source code must retain the above -# copyright notice, this list of conditions and the following -# disclaimer. -# o Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials -# provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. -# -#--------------------------------------------------------------- -# For more information about GridSite: http://www.gridsite.org/ -#--------------------------------------------------------------- -# -# This script takes an Apache .tar.gz as the single command line argument, -# unpacks the file, modifies the httpd.spec it contains to work without -# the "-C" option to configure (which RedHat 7.3 doesnt like) and -# outputs source and binary RPMs in SRPMS and RPMS/i386 - -if [ "$1" = "" ] ; then - echo Must give a tar.gz file name - exit -fi - -export MYTOPDIR=`pwd` - -if [ -x /usr/bin/rpmbuild ] ; then - export RPMCMD=rpmbuild -else - export RPMCMD=rpm -fi - -echo "$1" | grep '\.tar\.gz$' >/dev/null 2>&1 -if [ $? = 0 ] ; then # a gzipped source tar ball - - rm -Rf $MYTOPDIR/BUILD $MYTOPDIR/BUILDROOT $MYTOPDIR/SOURCES - mkdir -p $MYTOPDIR/SOURCES $MYTOPDIR/SPECS $MYTOPDIR/BUILD \ - $MYTOPDIR/SRPMS $MYTOPDIR/RPMS/i386 $MYTOPDIR/BUILDROOT - - shortname=`echo $1 | sed 's:^.*/::' | sed 's:\.tar\.gz$::'` - - cp -f $1 SOURCES - - tar zxvf SOURCES/$shortname.tar.gz $shortname/httpd.spec - cp -f $shortname/httpd.spec SPECS - - sed -e 's/configure -C /configure /' \ - SPECS/httpd.spec >SPECS/httpd-2.spec - - $RPMCMD --define "_topdir $MYTOPDIR" \ - -ba --buildroot $MYTOPDIR/BUILDROOT SPECS/httpd-2.spec - - exit -fi - -echo I dont recognise the file type (must be .tar.gz) - -exit diff --git a/org.gridsite.core/doc/config.html b/org.gridsite.core/doc/config.html deleted file mode 100644 index 825bf49..0000000 --- a/org.gridsite.core/doc/config.html +++ /dev/null @@ -1,192 +0,0 @@ -
-This Guide is intended for webmasters setting up -GridSite with an Apache 2.0 -webserver. We assume you have root access to the server machine to do this. -There is a separate Admin Guide for -people administrating areas of GridSite -websites or fileservers, or managing GridSite's DN List groups. That is, for -people managing files on the server rather than the server itself. - -
-We assume you have installed Apache 2.0 and GridSite, using the -Building and Installation Guide where necessary. -This Config Guide assumes installation has been done under /usr. For an -alternative tree like /usr/local, the relative paths should be the same. - -
-Installation should have given you an Apache 2.0 httpd binary at -/usr/sbin/httpd and a set of standard Apache 2.0 modules in -/usr/lib/httpd/modules/ including the standard mod_ssl -and our mod_gridsite.so module. - -
-GridSite also includes some commands and man pages in /usr/bin and -/usr/share/man/man1: urlencode and -htcp. - -
-You must also install the CA root certificates of the CA's -used by the users you wish to talk to. These should be installed in -/etc/grid-security/certificates as files like 01621954.0, and RPMs and tar -files for many common European and North American CAs are available from - -https://datagrid.in2p3.fr/distribution/datagrid/security/ - -
-This location also has VOMS server certificate RPMs which install into -the /etc/grid-security/vomsdir directory. You may also manually install VOMS -server certificates into that directory with any filename. (GridSite -currently parses the certificate itself when looking for a match, rather -than checking the filename.) - -
-The server itself needs a certificate to supply to clients that use HTTPS -connections. You should apply for this from your Certification Authority -(for example, the UK e-Science -CA) and your request must use the advertised hostname of your server -(the one that appears in URLs and not, for instance, the canonical name of -the host itself.) This advertised hostname should appear in the -Distinguished Name of your request. (For example -/C=UK/O=eScience/OU=Manchester/L=HEP/CN=www.gridpp.ac.uk) For compatability -with standard browsers, the /CN= component should not include any -Globus-style service name (so not /CN=host/www.gridpp.ac.uk) If -possible, you should also include the advertised hostname as a DNS Subject -Alternative Name. Consult your CA first if you're in any doubt about how to -compose your certificate request. - -
-Once you've got your certificate, -Apache uses the certificate and private key in PEM format. If you obtained -your certificate and key in PKCS#12 or .p12 format (eg by exporting from a web -browser), you can convert the .p12 file to .pem with the following commands: -
-openssl pkcs12 -in ck.p12 -clcerts -nokeys -out hostcert.pem -openssl pkcs12 -in ck.p12 -nodes -nocerts -out hostkey.pem -- -
-Copy the PEM files to /etc/grid-security/ as hostcert.pem (which -should be world readable) and hostkey.pem (which should only be readable by -root): - -
-chown root.root hostkey.pem hostcert.pem -chmod 400 hostkey.pem -chmod 444 hostcert.pem -- -
-/etc/httpd/conf/httpd.conf is the key to configuring the Apache 2.0 -webserver. The directives in this file determine which files the server will -publish, how they are handled, which areas are writeable and who can access -them. Through mod_gridsite.so, the GridSite system itself is configured by -directives in this file. - -
-The easiest way to get started is to examine the example httpd.conf files we -provide. - - - -
-httpd-fileserver.conf is an example -configuration file to use Apache/GridSite as a read/write HTTP(S) -fileserver, including comments on how to get the server up and running. - -
-httpd-webserver.conf is an example -configuration file to use Apache/GridSite as a Web Server -(that is, primarily for interactive use with a browser) -including comments on how to get the server up and running. - -
-The mod_gridsite reference lists all the GridSite -httpd.conf directives. - -
-To start serving files, make a directory /var/www/htdocs owned by -nobody.nobody, including the .gacl access control file described below, -and add the following directive to the HTTPS <Directory> section: - -
-GridSiteMethods GET PUT DELETE - -
-If you wish to accept Globus GSI Proxies as well as full X.509 user -certificates, set GridSiteGSIProxyLimit to the depth of proxy you -wish to accept. (As a _rough_ guide: 0=No Proxies; 1=Proxy on user's -machine; 2=Proxy owned by running Globus job; 3=Proxy delegated by a -Globus job.) - -
-The GACL reference explains the XML access -control files used by GridSite. These allow flexible policies to be written, -in terms of X.509 user certificates, GSI proxies, VOMS attribute -certificates, DN List groups and DNS hostnames. - -
-For example, to give all clients read and list permission: -
-
-<gacl> -<entry> - <any-user/> - <allow><read/><list/></allow> -</entry> -</gacl> -- -
-To enable writing, add DN List, Person or VOMS entries to the file. -For example: - -
-
-<gacl> -<entry> - <any-user/> - <allow><read/><list/></allow> -</entry> -<entry> - <person> - <dn>/C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew McNab</dn> - </person> - <allow><write/></allow> -</entry> -</gacl> -- -
-The GACL file that governs a directory is stored as .gacl in that directory.
-If no .gacl is present, then GridSite will search the parent directories in
-ascending order until one is found.
-
-
-
-
diff --git a/org.gridsite.core/doc/findproxyfile.1 b/org.gridsite.core/doc/findproxyfile.1
deleted file mode 100644
index ae2f944..0000000
--- a/org.gridsite.core/doc/findproxyfile.1
+++ /dev/null
@@ -1,63 +0,0 @@
-.TH findproxyfile 1 "October 2004" findproxyfile "FINDPROXYFILE Manual"
-.SH NAME
-.B findproxyfile
-\- returns full path to GSI Proxy file
-.SH SYNOPSIS
-.B findproxyfile
-[--proxycache=PATH] [--delegation-id=ID] [--user-dn=DN] [--outsidecache]
-.SH DESCRIPTION
-.B findproxyfile
-returns full path to a GSI Proxy file, either in the proxy cache maintained
-by the GridSite G-HTTPS and delegation portType functions, or in other
-standard places.
-
-If a User DN is given
-.B findproxyfile
-uses the value of the
-.B --proxycache
-argument, the GRST_PROXY_PATH or the
-compile time default to detemine the location of the proxy cache directory.
-The directory is searched for a proxy having the given User DN and
-Delegation ID. (If no Delegation ID is specificed, then the default value is
-used.)
-
-If
-.B findproxyfile
-does not find a proxy or if a User DN is not given, but
-.B --outsidecache
-was given, then the environment variable X509_USER_PROXY and the standard
-location /tmp/x509up_uUID are searched as well.
-
-.SH OPTIONS
-
-.IP "--proxycache=PATH"
-Give the path of the proxy cache directory explicitly, overriding the
-default and the GRST_PROXY_PATH environment variable if present.
-
-.IP "--delegation-id=ID"
-The optional delegation ID is search for in the proxy cache in addition to
-the User DN. If absent, the default Delegation ID value is searched for.
-
-.IP "--user-dn=DN"
-The DN of the full user certificate associated with the proxy to be searched
-for in the proxy cache. (This is not the DN of any proxy earlier in the
-chain: it is a the DN of a certificate issued by a recognised CA.)
-
-.IP "--outsidecache"
-If a User DN is not given, or a proxy not found in the cache, then search
-for a proxy using X509_USER_PROXY environment variable and file name of
-form /tmp/x509up_uUID as well.
-
-.SH RETURN VALUE
-If a proxy is found, its full path is output on standard out.
-
-.SH EXIT CODES
-0 is returned on succcess. Non-zero otherwise.
-
-.SH BUGS
-In this version, no attempt is made to verify or validate the proxies.
-
-.SH AUTHOR
-Andrew McNab
-GACL is the authorization policy language used by
-GridSite GACL allows
-policies to be written in terms of common Grid credentials: X.509
-identities, GSI proxies, VOMS attribute certificates and lists of X.509
-identities.
-
-
-GridSite both uses GACL policies and provides a GACL manipulation API for
-C/C++ in the GridSite library.
-
-
-In GridSite 1.0.x, four credential types are supported:
-
-
-<person>
-<dn>/O=Grid/CN=Name</dn>
-</person>
-
-
-<voms>
-<fqan>/vo.dom.ain/group</fqan>
-</voms>
-
-
-<dn-list>
-<url>https://www.vo.dom.ain/dn-lists/group</url>
-</dn-list>
-
-
-<dns>
-<hostname>host*.dom.ain</hostname>
-</dns>
-
-
-Five permissions are supported: Admin, Write, List, Exec and Read. Admin is
-permission to modify the authorization policy itself, but applications can
-map the other permissions to local methods as appropriate to their
-environment. For filesystems and fileservers, Write, List and Read have
-their usual meanings: creating or modifying files or directories; browsing
-directories; reading files. Exec is not used by GridSite itself, and
-applications are free to give it a meaning within their own contexts.
-
-
-In 1.0.x, only per-directory GACL files are supported, and the file is stored
-in the directory in question, or in one of its parent directories. (GridSite
-searches upwards until it finds one.)
-
-
-In GACL files, the permissions are represented by single tags:
-<admin/>, <write/>, <list/>, <exec/>, <read/>.
-Permission
-tags are contained within Allow or Deny blocks. For example:
-<allow><read/><list/></allow> or
-<deny><admin/></deny>.
-
-
-Entries associate credentials with permission statements. Entries consist of
-one or more credential blocks, and either an Allow or a Deny block, or both.
-If multiple credentials are present in one entry, they must all be held by a
-user to receive the association permissions. (So Entries provide logical AND
-of credentials.)
-
-
-ACLs consist of a list of one or more Entry blocks. When a user's credentials
-are compared to the ACL, the permissions given to the user by Allow blocks
-are recorded, along with those forbidden by Deny blocks. When all entries
-have been evaluated, any forbidden permissions are removed from those
-granted. (So Deny always wins over Allow, even between different Entries,
-but otherwise ACLs provide logical OR of credentials.)
-
-
diff --git a/org.gridsite.core/doc/htcp.1 b/org.gridsite.core/doc/htcp.1
deleted file mode 100644
index 984aaaf..0000000
--- a/org.gridsite.core/doc/htcp.1
+++ /dev/null
@@ -1,147 +0,0 @@
-.TH htcp 1 "July 2004" htcp "HTCP Manual"
-.SH NAME
-.B htcp, htrm, htls, htll, htmkdir
-\- get, put, delete or list HTTP/HTTPS files or directories
-.SH SYNOPSIS
-.B htcp [options]
-.I Source-URL[s] [Destination URL]
-.SH DESCRIPTION
-.B htcp
-is a client to fetch files or directory listings from remote servers using
-HTTP or HTTPS, or to put or delete files or directories onto remote servers
-using HTTPS. htcp is similar to scp(1), but uses HTTP/HTTPS rather than ssh
-as its transfer protocol.
-
-When talking to an HTTPS server, htcp can run "anonymously", with a
-standard X.509 user certificate and key, or with a GSI Proxy. This makes
-htcp very useful in Grid environments where many users have certificates
-and where jobs and users have access to GSI proxies.
-
-.SH URLs
-htcp supports the file:, http: and https: URL schemes as sources and
-destinations. If no scheme is given, the URL scheme is assumed to be file:
-and relative to the current directory if not an absolute path.
-
-If multiple sources are given, they will be used in turn and the destination
-must be a directory (directories are indicated by a trailing /) However,
-source and destination cannot both refer to remote servers.
-
-.SH OPTIONS
-.IP "-v/--verbose"
-Turn on debugging information. Used once, this option will enable htcp's
-messages to stderr. Used twice, will also enable the underlying libcurl
-messages.
-
-.IP "--delete"
-Instead of copying files, delete all the URLs given on the command line.
-Calling the program as htrm has the same effect.
-
-.IP "--list"
-.br
-Instead of copying files, output lists of files located in the URL-directories
-given on the command line. Calling the program as htls has the same effect.
-
-.IP "--long-list"
-Instead of copying files, output long listings of files located in the
-URL-directories given on the command line. If available, the size in bytes
-and modification time of each file is given. Calling the program as
-htll has the same effect.
-
-.IP "--mkdir"
-Instead of copying files, attempt to create a directory on a remote server
-with HTTP PUT. The server must support the convention that PUT to a URL with
-a trailing slash means create a directory. No file body is sent. Calling the
-program as htmkdir has the same effect.
-
-.IP "--anon"
-.br
-Do not attempt to use X.509 user certificates or GSI proxies to authenticate
-to the remote HTTPS server. This means you are "anonymous", but the server's
-identity may still be verified and the connection is still encrypted.
-
-.IP "--cert
-GridSite
-is a set of extensions to the Apache 2.0 webserver, which support
-Grid security based on X.509 certificates. Since GridSite applies access
-control within Apache itself, via mod_gridsite, Grid authorization and
-the associated verified credentials are available to all technologies
-supported by Apache, including static file serving, SSI, CGI, PHP, JSP and
-mod_perl.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-This Guide explains how to build GridSite from source, and how to install
-the server components alongside an Apache 2.0 webserver. There is a
-separate Config Guide which explains how to modify
-the httpd.conf file, and how to set up other files and directories used by
-the system. You should look through all of this Building and Installation
-Guide to decide which is the easiest route for your system.
-
-
-If you are installing on Linux with the binary RPM release, you can skip
-most of this Guide, install the binary rpm(s) and go straight
-to the Config Guide.
-
-
-We currently distribute GridSite RPMs for RedHat Linux versions 9 and 7.3
-from our download area at
-
-https://www.gridsite.org/download/
-
-
-RedHat 9:
-This is the simpler case, since the standard release includes a suitable
-version of Apache 2.0: just install the gridsite-...-1.i386.rpm to get the
-various GridSite components.
-
-
-RedHat 7.3:
-This is more complicated because you must also install a back-ported Apache
-2.0 RPM. We distribute RPMs built on 7.3 aimed at RedHat 7.3
-machines with updates, from our download area. These are built from the
-tar.gz and .spec files distributed by the
-Apache Foundation itself, using the
-build-apache2.sh script in the GridSite
-/usr/share/doc/gridsite directory. The Apache RPMs install in /usr, and you
-should at least install the httpd and mod_ssl RPMs.
-You must also install the gridsite-...-1.i386.rpm as above.
-
-
-GridSite also depends on shared libraries from libcurl and libxml2, and the
-RPMs distributed as part of the standard RedHat 7.3 and 9 releases are
-sufficient.
-
-
-With the RPMs installed, you can proceed to the
-Config Guide.
-
-
-GridSite is currently only supported on Linux, but should be
-straightforwardly
-portable to other Unix platforms where the GNU build tools are available.
-
-
-GridSite consists of a core library (libgridsite[.so|.a]), an Apache module
-(mod_gridsite.so), a CGI utility (gridsite-admin.cgi) and some command line
-tools (htcp, urlencode.)
-
-
-All of the components use the GridSite library, and this in turn depends on
-libcurl and libxml2. You will need the development versions of these
-packages installed before you can proceed. (They are available as part of
-RedHat Linux releases 7.x onwards, for instance.)
-
-
-Our download area at
-
-https://www.gridsite.org/download/ includes a tar-ball
-distribution of the sources, which can be unpacked and used to build
-GridSite from source. (Bleeding-edge developers can get the current snapshot
-of the same files from our CVS area.)
-
-
-GridSite needs a copy of the Apache 2.0 include files to build, and the
-location of this is set by the MYCFLAGS variable in the top-level Makefile.
-For manual builds, the default
-MYCFLAGS=-I/usr/local/include/httpd is used.
-If you wish to use the GridSite module with Apache
-2.0 installed elsewhere, you should change the MYCFLAGS variable to point to
-the includes directory installed by the development part of that Apache 2.0
-distribution.
-
-
-
-will build all components and install them all under the default
-locations of /usr/local/[lib|bin|include|sbin] The default prefix for manual
-builds is
-/usr/local, as set by the prefix variable in the top level Makefile
-(/usr is the default for RPMs.)
-
-
-For RedHat Linux and derivatives, building with RPM is recommended.
-The command make rpm in the top level of the source tree
-will build the GridSite and htcp binary RPMs in the
-directory ../RPMTMP/RPMS/i386 relative to the working directory. An SRPM is
-put into ../RPMTMP/SRPMS
-This build assumes the Apache 2.0 includes are in /usr/include/httpd.
-
-
-If you make RPMs on a RedHat 9 system (or a 7.3 system with our httpd RPM
-installed), you can install the resulting GridSite
-RPM alongside the standard Apache 2.0 RPM without having to
-modify shared library or Apache module paths.
-
-
-For other configurations,
-you can modify the assumed location of the Apache 2.0 includes
-by changing the MYCFLAGS variable in the rpm target near the
-foot of the top level Makefile.
-
-
-If it is not possible to use binary RPMs of Apache 2.0,
-then it can be built from source using the build-apache2.sh script
-found in the GridSite docs directory.
-The script includes instructions on how to build from the tarballs
-distributed by the Apache Foundation.
-(it removes the -C option from "configure -C" in the .spec file
-and builds the RPMs under the current directory.)
-
-
-If these targets do not work on your build platform,
-the Makefile and the scriptlets in the included SPEC files are a good
-starting point for building Apache by hand yourself. The complexities of
-this are outside of the scope of this Guide, but you are welcome to ask for
-assistance on the
-GridSite
-Discussion List, although
-www.apache.org is a better starting
-point for purely Apache problems.
-
-
diff --git a/org.gridsite.core/doc/library.html b/org.gridsite.core/doc/library.html
deleted file mode 100644
index 28458ae..0000000
--- a/org.gridsite.core/doc/library.html
+++ /dev/null
@@ -1 +0,0 @@
-library docs
diff --git a/org.gridsite.core/doc/module.html b/org.gridsite.core/doc/module.html
deleted file mode 100644
index 7f2096e..0000000
--- a/org.gridsite.core/doc/module.html
+++ /dev/null
@@ -1,271 +0,0 @@
-
-mod_gridsite is an Apache 2.0 module which enforces access control via Grid
-Access Control Lists, and X.509, GSI or VOMS credentials. mod_gridsite also
-gives Apache built-in support for the HTTP PUT and DELETE methods, and
-formatting of HTML pages with standard headers and footers.
-
-
-Since mod_gridsite access
-control within Apache itself, Grid authorization and
-the associated verified credentials are available to all technologies
-supported by Apache, including static file serving, SSI, CGI, PHP, mod_perl
-and Java servlets via a connector to Tomcat.
-
-
-Operation of mod_gridsite can be configured using runtime directives
-in Apache's standard httpd.conf configuration file. The module must first be
-loaded with a LoadModule directive:
-
-
-LoadModule gridsite_module /PATH/TO/MODULES/mod_gridsite.so
-
-
-The module's behaviour is then controlled by GridSite... directives within
-Apache <Directory ...> sections, allowing different directories to use
-GridSite features in different ways.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-The following variables are present in the environment of CGI programs and
-other dynamic content systems if the GridSiteEnvs on directive is
-in effect.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- If you are setting up a GridSite-based website you may wish to use this
-file as the basis of your end-user documentation. If so, copy all of the
-files from the GridSite doc directory (probably
-/usr/share/doc/gridsite-VERSION/)
-to somewhere on your website like
-/gridsite-doc/ and add GridSiteHelpURI /gridsite-doc/user.html
-to the virtual server configuration in
-httpd.conf - you should also look through the rest of the HTML source since
-there are some comments you may find helpful.
-
-
-This Guide is intended for people using GridSite websites with conventional
-web browsers, especially people with write access to areas of the site.
- There is a separate
-Administration Guide
- with additional information for people managing access control and group
-membership. This Guide assumes you are familiar with basic Web and HTML
-concepts. Towards the end we discuss how to access servers with command
-line tools like curl and htcp.
-
-
-GridSite servers are usually accessible both via HTTP and via HTTPS. You can
-always tell which version you are using by looking at whether the URL in your
-browser's location window starts with "http://" or
-"https://" HTTPS means that the connection to the server is
-encrypted, that you can verify you're talking to the real server and not an
-imposter, and gives you the option to authenticate to the site and perhaps
-gain write access.
-
-
- Simple browsing of the website via HTTP or HTTPS is reasonably
- self-explanatory. If configured, additional links may appear in the footer
- of each webpage with links to this help,
-
- and to switch between HTTP and HTTPS versions of the page. Pages may also
- have a link to the page History,
-
- showing the dates of changes to that page and names of its authors.
-
-
- When looking at HTTPS pages, you may find your browser reports it cannot
- verify the server's certificate since it does not recognise the
- Certification Authority (CA) it uses. You should attempt to load the CA's
- root certificate into your browser to stop these warnings. (This means your
- browser will be able to identify any servers using fake certificates which
- you shouldn't trust.) How you obtain the CA Root Certificate from a
- trust-worthy source depends on the CA. For example, the UK e-Science CA
- lets you download it from their
- website.
-
-
-
- To go beyond reading pages you need to obtain a user certificate and load it
- into your web browser. How you do this again depends on the Certification
- Authority you have access to (for most Grid projects, CAs are organised
- on a national basis.) To use the UK e-Science CA example again,
- from their website has links to
- the procedure for applying for a certificate from within a web browser.
-
-
-
-A user certificate usually has a version of your name and affiliation as its
-Distinguished Name (DN) - for example,
-"/C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew McNab"
-
-
-Once you've obtained a user certificate in your name from your CA, you need
-to make sure it is loaded into the browser you normally use to browse the
-web. How you do this is different for different browsers and to some extent
-for different CAs (but if you applied
-for the CA through your browser, you may already have it there.)
-
-
-Browsers want the certificate and private key in the PKCS#12 format, which
-is normally a single file with the extension ".p12".
-Many programs which are based on OpenSSL, such as Globus and curl, prefer
-the PEM (".pem") format for certificates, with separate
-certificate and key files ("usercert.pem" and
-"userkey.pem", for example.) If you only have the files in .pem
-format and have access to openssl, you
-can use its command line tools to convert PEM to PKCS#12:
-
-Be very careful not to accidentally overwrite .pem or .p12 files when
-doing this kind of thing! In particular, if you lose your private key, you
-cannot retrieve it from your CA.
-
-
- Once your user certificate is loaded, you should be able to see your
- certificate name appear when you look at an HTTPS GridSite page which has
- the page footers enabled - for example, the "Switch to HTTP" link
- present. If GridSite understands your user certificate, it displays a
- "You are ..." line in the footer. (However, the Apache webserver
- must also be set up with your CAs root certificate for this to work. The
- GridPP HTTPS home page is set up
- to recognise a good range of European and North American Grid CAs.)
-
-
-
- Once users can prove their identity to the web server, it then becomes
- possible to give them appropriate rights depending on that identity.
- GridSite allows site administrators to specify these rights for individuals
- and groups using
-GACL
- access control files. (The
-Administration Guide
- explains how to manage these files.) GACL defines who can
- read files, who can list directories,
- who can write or create files and who can modify the GACL policy files. To
- get increased access to an area of a site, you need to contact the
- administrator for that area and give the DN of your certificate (it's not
- necessary to send any certificate files.)
-
-
-If you have list permission for the directory containing a page, you should
-see an extra link "Manage Directory" in the page's set of footer
-links, which allows you to browse the directory even if the normal
-index.html is present. If page histories are available, this listing view
-also has links to them.
-
-
-The real power of GridSite becomes available if you have write access to a
-directory. In that case, the "Manage Directory" page has
-additional links to Delete or Rename pages and other files, and to Edit HTML
-and plain text files. An Edit link also appears in the footer links of HTML
-pages.
-
-
-If you use the Edit function, you are presented with an HTML form containing
-the current filename and the full HTML or plain text of the page for you to
-edit. This allows you to maintain the content of the site "in
-place" and to see the result of your changes immediately, in context.
-
-
-If you modify the filename in the form before saving, GridSite will make a
-new file with that name, and the old file will still be present, unmodified.
-(However, you cannot use this feature for creating a file in a different
-directory.)
-As you make changes, the history of the changes and your certificate DN are
-recorded, and available in the history page for that file.
-
-
- For people with write access, the "Manage Directory" page also has
- options to upload a file from the computer your browser is running on, and to
- create files and directories. If it's enabled, you can also view the
- contents of WinZIP / PKZIP / .zip files, and unpack their contents into the
- current directory. (This feature is very useful if you have several files
- to upload at one time.)
-
-
-
-As well as providing access control and file management, GridSite provides
-some simple formatting of HTML pages by adding standard headers and footers.
-(If this isn't sufficient, GridSite will happily coexist with HTML
-preprocessor languages like SSI, PHP and JSP.)
-
-
- If HTML formatting is enabled
- for the current directory, GridSite looks for the files gridsitehead.txt and
- gridsitefoot.txt in that directory, or goes up through the parent
- directories until they are found.
-
-
-
-The <body> and </body> tags from the HTML file are replaced with
-the contents of the gridsitehead.txt and gridsitefoot.txt files, which
-should normally be chunks of HTML including a replacement <body>
-or </body> tag. If either tag is absent from the original page, then
-the header or footer is just added rather than being inserted in place of
-the tag. (One consequence of this absence is that HTML header tags like
-<title> can end up after a <body> tag, and can get ignored by
-browsers - so always include <body> ... </body> in your pages.)
-
-
-This simple system is suprisingly flexible, and allows a variety of top and
-bottom, or sidebar navigation layouts of pages. Since the <body ...>
-tag is under full control of the author of the gridsitehead.txt file,
-backgrounds, colour schemes and style sheets can easily be specified.
-
-
-For example:
-
-
-
-produces pages with a layout like:
-
-
-
-GridSite adds support for the HTTP PUT and DELETE methods, and this makes it
-easy to create or delete files from within programs and commands without
-using a web browser and HTML forms. It is straightforward, although slightly
-awkward, to use a standard HTTPS-aware client like
-curl to upload files, but GridSite
-provides htcp as a more convenient client program, which is easier to use
-with GSI Proxies and X.509 user certificates, and has a syntax closer to the
-familiar scp command.
-
-
-The following examples assume the GridSite server has GSI support and use a
-GSI proxy as the client certificate. For non-GSI use, just skip the
-grid-proxy-init stage, and replace the proxy
-filename with $HOME/.globus/usercert.pem and $HOME/.globus/userkey.pem (or
-wherever your PEM format certificate and key are stored.)
-
-
-First generate a GSI proxy with grid-proxy-init. This will create a proxy file
-in /tmp/x509up_uXXXXX where XXXXX is your Unix UID (also given by id
--u.) The GSI proxy contains a
-temporary private key and certificate signed by your long-term user
-certificate.
-
-
-You should make sure you have a copy of the CA root certificates of the CA's
-used by the servers you wish to talk to. These are usually installed in
-/etc/grid-security/certificates as files like 01621954.0, and RPMs and tar
-files for many common European and North American CAs are available from
-
-https://datagrid.in2p3.fr/distribution/datagrid/security/
-
-
-To upload a file with curl:
-
-The equivalent htcp command is:
-
-htcp also has options for deleting files, and doing short or long listings,
-and these can also be accessed using the htrm, htls and htll commands (which
-are normally symbolic links to htcp.)
-
-
-Directory indexes are based on parsing the index returned by the web server
-and by using the HTTP HEAD method to obtain the file size and modification
-times.
-
-
-All of the ht** commands can accept multiple source file arguments, and this
-allows you to copy multiple files to or from the server. Shell wildcard
-expansion on the local machine is especially useful:
- GridSite Version 1.1.x
diff --git a/org.gridsite.core/src/findproxyfile.c b/org.gridsite.core/src/findproxyfile.c
deleted file mode 100644
index 4485cc5..0000000
--- a/org.gridsite.core/src/findproxyfile.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- Copyright (c) 2002-4, Andrew McNab, University of Manchester
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-#ifndef VERSION
-#define VERSION "0.0.0"
-#endif
-
-#define _GNU_SOURCE
-
-#include New file names cannot include slashes "
- "or use the reserved ACL name, %s\n", GRST_ACL_FILE);
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
- return;
- }
- else
- {
- vfile = makevfilename(filename, bufferused, dn);
- asprintf(&dir_path_vfile, "%s/%s", dir_path, vfile);
-
- fp = fopen(dir_path_vfile, "w");
- if (fp != NULL)
- {
- if ((fwrite(filebuffer,
- sizeof(char), bufferused, fp) == bufferused) &&
- (fclose(fp) == 0))
- {
- asprintf(&filepath, "%s/%s", dir_path, filename);
-
- unlink(filepath); /* this can fail ok */
-
- itworked = (link(dir_path_vfile, filepath) == 0);
- }
- }
- }
-
- free((void *) filebuffer);
- }
-
- if (itworked)
- {
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
- return;
- }
-
- puts("Status: 500 Failed trying to upload\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp, " GridSite considers you are authorized "
- "to upload the file, but the upload failed. This is "
- "probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void deletefileaction(char *dn, GRSTgaclPerm perm, char *help_uri,
- char *dir_path, char *file, char *dir_uri,
- char *admin_file)
-{
- int fd, numfiles;
- char *dir_path_file, *dir_path_vfile, *p, *vfile, *dnlistsuri,
- *fulluri, *server_name, *realfile;
- struct stat statbuf;
- GRSThttpBody bp;
- struct dirent *subdirfile_ent;
- DIR *subDIR;
-
- if (((strcmp(file, GRST_ACL_FILE) != 0) && !GRSTgaclPermHasWrite(perm)) ||
- ((strcmp(file, GRST_ACL_FILE) == 0) && !GRSTgaclPermHasAdmin(perm)))
- GRSThttpError("403 Forbidden");
-
- dnlistsuri = getenv("GRST_DN_LISTS_URI");
- if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI");
-
- if ((dnlistsuri != NULL) &&
- (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) == 0))
- realfile = GRSThttpUrlEncode(file);
- else if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
- else realfile = file;
-
- dir_path_file = malloc(strlen(dir_path) + strlen(realfile) + 2);
-
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, realfile);
-
- if ((stat(dir_path_file, &statbuf) == 0) && S_ISDIR(statbuf.st_mode))
- {
- subDIR = opendir(dir_path_file);
- if (subDIR == NULL) numfiles = 99; /* stop deletion */
- else
- {
- numfiles = 0;
- while ((subdirfile_ent = readdir(subDIR)) != NULL)
- if (subdirfile_ent->d_name[0] != '.') ++numfiles;
- else if (strncmp(subdirfile_ent->d_name,
- GRST_ACL_FILE,
- sizeof(GRST_ACL_FILE)) == 0) ++numfiles;
- closedir(subDIR);
- }
-
- if (numfiles == 0)
- {
- vfile = makevfilename(file, 0, dn);
- dir_path_vfile = malloc(strlen(dir_path) + strlen(vfile) + 2);
- strcpy(dir_path_vfile, dir_path);
- strcat(dir_path_vfile, "/");
- strcat(dir_path_vfile, vfile);
-
- if (rename(dir_path_file, dir_path_vfile) == 0)
- {
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
- return;
- }
- }
- }
- else if (unlink(dir_path_file) == 0)
- {
- if (strcmp(file, GRST_ACL_FILE) != 0)
- {
- vfile = makevfilename(file, 0, dn);
- dir_path_file = malloc(strlen(dir_path) + strlen(vfile) + 2);
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, vfile);
-
- fd = open(dir_path_file, O_WRONLY | O_CREAT);
- if (fd != -1) close(fd);
- }
-
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
-
- return;
- }
-
- puts("Status: 500 Failed trying to delete\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp, " GridSite considers you are authorized "
- "to delete %s, but the delete failed. This is "
- "probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.",
- file);
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void deletefileform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden");
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp, " Or "
- "return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void renameform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden");
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp, " Or "
- "return to "
- "directory listing\n", dir_uri, admin_file, dir_uri);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void editfileaction(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- char *pagetext, *dir_path_file, *vfile, *dir_path_vfile,
- *dnlistsuri, *server_name, *fulluri, *realfile;
- FILE *fp;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm) || (strcmp(file, GRST_ACL_FILE) == 0))
- GRSThttpError("403 Forbidden");
-
- dnlistsuri = getenv("GRST_DN_LISTS_URI");
- if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI");
-
- if ((dnlistsuri != NULL) &&
- (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) == 0))
- {
- realfile = GRSThttpUrlEncode(file);
-
- if (realfile[0] == '.') GRSThttpError("403 Forbidden");
- }
- else if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
- else realfile = file;
-
- asprintf(&dir_path_file, "%s/%s", dir_path, realfile);
-
- pagetext = GRSThttpGetCGI("pagetext");
- vfile = makevfilename(file, strlen(pagetext), dn);
- asprintf(&dir_path_vfile, "%s/%s", dir_path, vfile);
-
- fp = fopen(dir_path_vfile, "w");
- if (fp == NULL)
- {
- puts("Status: 500 Failed trying to write\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp," GridSite considers you are authorized "
- "to write the file, but the write failed. This is "
- "probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
- return;
- }
-
- fwrite(pagetext, strlen(pagetext), sizeof(char), fp);
-
- fclose(fp);
-
- unlink(dir_path_file);
-
- if (link(dir_path_vfile,dir_path_file) != 0) GRSThttpError("403 Forbidden");
-
- if ((strlen(file) > 7) && (strcmp(&file[strlen(file) - 5], ".html") == 0))
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s\n\n", dir_uri, file);
- else printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
-}
-
-void create_acl(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int fd;
- char *tmpgacl, *newgacl;
- GRSTgaclAcl *acl;
- FILE *fp;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError("403 Forbidden");
-
- asprintf(&tmpgacl, "%s/.tmp.XXXXXX", dir_path);
- asprintf(&newgacl, "%s/%s", dir_path, GRST_ACL_FILE);
-
- if (((acl = GRSTgaclAclLoadforFile(dir_path)) != NULL) &&
- ((fd = mkstemp(tmpgacl)) != -1) &&
- ((fp = fdopen(fd, "w+")) != NULL) &&
- GRSTgaclAclPrint(acl, fp) &&
- (fclose(fp) == 0) &&
- (rename(tmpgacl, newgacl) == 0))
- {
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
-
- free(tmpgacl);
- free(newgacl);
- return;
- }
-
- puts("Status: 500 Failed trying to create\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp," GridSite considers you are authorized "
- "to create it, but the create failed. This is "
- "probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-
- free(tmpgacl);
- free(newgacl);
-}
-
-void renameaction(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int len;
- char *dir_path_file, *vfile, *dir_path_vfile,
- *dnlistsuri, *newfile, *dir_path_newfile;
- struct stat statbuf;
- FILE *fp;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm) || (strcmp(file, GRST_ACL_FILE) == 0))
- GRSThttpError("403 Forbidden");
-
- if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
-
- dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2);
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, file);
-
- if (stat(dir_path_file, &statbuf) != 0) GRSThttpError("404 Not Found");
-
- newfile = GRSThttpGetCGI("newfile");
-
- if ((strcmp(newfile, GRST_ACL_FILE) == 0) ||
- (strcmp(newfile, file) == 0)) GRSThttpError("403 Forbidden");
-
- dir_path_newfile = malloc(strlen(dir_path) + strlen(newfile) + 2);
- strcpy(dir_path_newfile, dir_path);
- strcat(dir_path_newfile, "/");
- strcat(dir_path_newfile, newfile);
-
- vfile = makevfilename(newfile, statbuf.st_size, dn);
- dir_path_vfile = malloc(strlen(dir_path) + strlen(vfile) + 2);
- strcpy(dir_path_vfile, dir_path);
- strcat(dir_path_vfile, "/");
- strcat(dir_path_vfile, vfile);
-
- unlink(dir_path_newfile); /* just in case */
-
- if ((link(dir_path_file, dir_path_vfile ) == 0) &&
- (link(dir_path_file, dir_path_newfile) == 0) &&
- (unlink(dir_path_file) == 0))
- {
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s\n\n", dir_uri);
- return;
- }
-
- puts("Status: 500 Failed trying to rename\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp," GridSite considers you are authorized "
- "to rename it, but the rename failed. This is "
- "probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void newdirectory(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int len;
- char *dir_path_file, *vfile, *dir_path_vfile, *filedup;
- FILE *fp;
- GRSThttpBody bp;
-
- if ((file[0] == '\0') ||
- !GRSTgaclPermHasWrite(perm) || (strcmp(file, GRST_ACL_FILE) == 0))
- GRSThttpError("403 Forbidden");
-
- filedup = strdup(file);
- if (filedup[strlen(filedup)-1] == '/') filedup[strlen(filedup)-1] = '\0';
- if (index(filedup, '/') != NULL) GRSThttpError("403 Forbidden");
-
- dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2);
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, file);
-
- if (mkdir(dir_path_file, 0751) == 0)
- {
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
- return;
- }
-
- puts("Status: 500 Failed trying to create\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp," GridSite considers you are authorized "
- "to create the directory, but the creation failed. This "
- "is probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "parent directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void editdnlistaction(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int numdn = 0, ifd, ofd, numdnlines = 0, i, found;
- char *dir_path_file, *dir_path_tmpfile, *realfile,
- *dnlistsuri, *server_name, *fulldiruri, *p, oneline[513],
- **dnlines, name[81], *add;
- FILE *ofp;
- struct stat statbuf;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden");
-
- dnlistsuri = getenv("GRST_DN_LISTS_URI");
- if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI");
-
- server_name = getenv("SERVER_NAME");
-
- if ((server_name == NULL) ||
- (dnlistsuri == NULL) ||
- (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) != 0))
- GRSThttpError("403 Forbidden");
-
- asprintf(&fulldiruri, "https://%s%s", server_name, dir_uri);
-
- if ((strncmp(fulldiruri, file, strlen(fulldiruri)) != 0) &&
- ((strncmp(fulldiruri, file, strlen(fulldiruri) - 1) != 0) ||
- (strlen(fulldiruri) - 1 != strlen(file))))
- {
- puts("Status: 403 Forbidden\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp," You cannot create a DN List "
- "with that prefix in this directory. Please see the "
- "the GridSite User's Guide for an explanation.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
- return;
- }
-
- p = GRSThttpGetCGI("numdn");
- if ((p == NULL) || (sscanf(p, "%d", &numdn) != 1))
- GRSThttpError("500 No number of DNs");
-
- if (numdn > 0)
- {
- dnlines = malloc(sizeof(char *) * numdn);
-
- for (i=1; i <= numdn; ++i)
- {
- sprintf(name, "dn%d", i);
- p = GRSThttpGetCGI(name);
-
- if (*p != '\0')
- {
- dnlines[numdnlines] = p;
- ++numdnlines;
- }
- }
- }
-
- add = GRSThttpGetCGI("add");
-
- realfile = GRSThttpUrlEncode(file);
-
- dir_path_file = malloc(strlen(dir_path) + strlen(realfile) + 2);
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, realfile);
-
- dir_path_tmpfile = malloc(strlen(dir_path) + 13);
- strcpy(dir_path_tmpfile, dir_path);
- strcat(dir_path_tmpfile, "/.tmp.XXXXXX");
-
- if (((ofd = mkstemp(dir_path_tmpfile)) != -1) &&
- ((ofp = fdopen(ofd, "w")) != NULL))
- {
- if (*add != '\0')
- {
- fputs(add, ofp);
- fputc('\n', ofp);
- }
-
- for (i=0; i < numdnlines; ++i)
- {
- fputs(dnlines[i], ofp);
- fputc('\n', ofp);
- }
-
- if ((fclose(ofp) == 0) &&
- ((stat(dir_path_file, &statbuf) != 0) ||
- (unlink(dir_path_file) == 0)) &&
- (rename(dir_path_tmpfile, dir_path_file) == 0))
- {
- printf("Status: 302 Moved Temporarily\nContent-Length: 0\n"
- "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file);
- return;
- }
- }
-
- puts("Status: 500 Failed trying to write\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp," GridSite considers you are authorized "
- "to write the file, but the write failed. This is "
- "probably a web server or operating system level "
- "misconfiguration. Consult the site administrator.");
-
- GRSThttpPrintf(&bp," "
- "Return to "
- "directory listing\n", dir_uri, admin_file);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-
- /* try to clean up */
- if (stat(dir_path_tmpfile, &statbuf) == 0) unlink(dir_path_tmpfile);
-}
-
-void printfile(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int fd;
- char *dir_path_file;
- struct stat statbuf;
-
- if (!GRSTgaclPermHasRead(perm)) GRSThttpError("403 Forbidden");
-
- if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
-
- dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2);
-
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, file);
-
- fd = open(dir_path_file, O_RDONLY);
- if (fd == -1) GRSThttpError("500 Internal server error");
-
- if ((fstat(fd, &statbuf) != 0) ||
- !S_ISREG(statbuf.st_mode)) GRSThttpError("403 Forbidden");
-
- printf("Status: 200 OK\nContent-Type: text/html\nContent-Length: %d\n\n",
- statbuf.st_size);
-
- fflush(stdout);
-
- sendfile(1, fd, 0, statbuf.st_size);
-}
-
-void filehistory(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int fd, n, i, j, enclen, num = 0;
- char *encodedfile, *p, *dndecoded, modified[99], *vfile, *q,
- *encdn;
- time_t file_time;
- size_t file_size;
- struct stat statbuf;
- struct dirent **namelist;
- struct tm file_tm;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasRead(perm)) GRSThttpError("403 Forbidden");
-
- if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
- GRSThttpPrintf(&bp, " Last modified: %s\n", modified);
- }
- free(vfile);
-
- encodedfile = GRSThttpUrlEncode(file);
- for (p=encodedfile; *p != '\0'; ++p) if (*p == '%') *p = '=';
- enclen = strlen(encodedfile);
-
- n = scandir(dir_path, &namelist, 0, alphasort);
-
- if (n > 0)
- {
- for (i = n - 1; i >= 0; --i)
- {
- if ((strncmp(namelist[i]->d_name, GRST_HIST_PREFIX,
- sizeof(GRST_HIST_PREFIX) - 1) == 0) &&
- ((namelist[i]->d_name)[sizeof(GRST_HIST_PREFIX) - 1] == ':') &&
- (strncmp(&((namelist[i]->d_name)[sizeof(GRST_HIST_PREFIX)]),
- encodedfile, enclen) == 0) &&
- ((namelist[i]->d_name)[sizeof(GRST_HIST_PREFIX)+enclen] == ':'))
- {
- if (num == 0) GRSThttpPrintf(&bp,
- " No history for this file\n");
-
- if (GRSTgaclPermHasList(perm))
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- else adminfooter(&bp, dn, help_uri, dir_uri, NULL);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
-}
-
-void ziplist(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- char *shellcmd, *unzip, oneline[129];
- FILE *fp;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasRead(perm)) GRSThttpError("403 Forbidden");
-
- if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
- GRSThttpPrintf(&bp, " (All files are placed in the same directory and files "
- "beginning with "." are ignored.) unzip path not defined!\n");
-
- if (GRSTgaclPermHasList(perm))
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- else adminfooter(&bp, dn, help_uri, dir_uri, NULL);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
-}
-
-void unzipfile(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- char *shellcmd, *unzip, oneline[129];
- FILE *fp;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden");
-
- if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
- GRSThttpPrintf(&bp, " "
- "Back to "
- "directory", dir_uri, admin_file);
- }
- else GRSThttpPrintf(&bp, " unzip path not defined!\n");
-
- if (GRSTgaclPermHasList(perm))
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
- else adminfooter(&bp, dn, help_uri, dir_uri, NULL);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
-}
-
-void editfileform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int fd, rawpagesize, i, c;
- char *dir_path_file, *rawpage, *p;
- FILE *fp = NULL;
- struct stat statbuf;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden");
-
- if (index(file, '/') != NULL) GRSThttpError("403 Forbidden");
-
- dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2);
-
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, file);
-
- fd = open(dir_path_file, O_RDONLY);
- if (fd != -1)
- {
- fp = fdopen(fd, "r");
- if (fp == NULL) GRSThttpError("500 File open failed!");
-
- if ((fstat(fd, &statbuf) != 0) ||
- !S_ISREG(statbuf.st_mode)) GRSThttpError("500 Not a regular file!");
- }
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp, " \n");
- }
-
- GRSTgaclCredTableStart(&bp);
-
- // Start with the first credential in the entry and work through
- cred=entry->firstcred;
- cred_no=1;
- while (cred!=NULL){
- namevalue=cred->firstname;
- GRSTgaclCredTableAdd(user, entry, cred, namevalue, cred_no, entry_no, admin, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- // Change to next credential
- cred=cred->next;
- cred_no++;
- }
-
- GRSTgaclCredTableEnd (entry, entry_no, admin, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- // Change to next entry
- entry=entry->next;
- entry_no++;
- }
-
- if (!admin && GRSTgaclPermHasAdmin(perm) && !history_mode) //Print a link for admin mode, if not in admin mode but the user has admin permissions
- GRSThttpPrintf (&bp,"Admin Mode", dir_uri, admin_file, dir_uri, timestamp );
- if (history_mode==1 && GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"), user)){
- StartForm(&bp, dir_uri, dir_path, admin_file, timestamp, "revert_acl");
-//GRSThttpPrintf (&bp,"Revert to this Version", dir_uri, admin_file, dir_uri, timestamp, file );
- GRSThttpPrintf (&bp, "\n", file);
- // Revert Button
- GRSThttpPrintf (&bp, "GridSite: Grid Access Control Language
-
-Credentials
-
-Permissions
-
-Entries
-
-Access Control Lists
-
-GridSite 1.1.x Documentation
-
-Guides
-
-
-
-
-Reference
-
-
-
-
-
diff --git a/org.gridsite.core/doc/install.html b/org.gridsite.core/doc/install.html
deleted file mode 100644
index 91a60d2..0000000
--- a/org.gridsite.core/doc/install.html
+++ /dev/null
@@ -1,148 +0,0 @@
-GridSite: Building and Installation Guide
-
-Installing with RPM
-
-Requirements for building GridSite from source
-
-Building GridSite with Make
-
-
-make
-make install
-
-
-Building GridSite with RPM
-
-Building Apache 2.0
-
-GridSite Apache module: mod_gridsite
-
-GridSite directives
-
-
-
-
-
- (Default: GridSiteIndexes off)
-
- (Default: none)
-
- (Default: GridSiteHtmlFormat off)
-
- GridSiteFootFile file
-
- (Defaults: GridSiteHeadFile gridsitehead.txt,
- GridSiteFootFile gridsitefoot.txt)
-
- (Default: GridSiteAuth off)
-
- (Default: none)
-
- (Default: GridSiteGSIProxyLimit 1)
-
- (Default: GridSite GET)
-
- (Default: none)
-
- (Default: none)
-
- ScriptAlias /real-gridsite-admin.cgi
- /PATH/TO/real-gridsite-admin.cgi
-
- This URI is always reached by an internal redirection from the value
- set by GridSiteAdminFile, and is never visible to users.
-
- (Default: none)
-
- (Default: GridSiteAdminFile gridsite-admin.cgi)
-
- (Default: GridSiteEnvs on)
-
- (Default: GridSiteEditable txt shtml html htm css js php jsp)
-
- (Default: none)
-
- (Default: GridSiteLink on)
-
- (Default: none)
-Environment variables
-
-
-
-
-
diff --git a/org.gridsite.core/doc/urlencode.1 b/org.gridsite.core/doc/urlencode.1
deleted file mode 100644
index fe84405..0000000
--- a/org.gridsite.core/doc/urlencode.1
+++ /dev/null
@@ -1,46 +0,0 @@
-.TH urlencode 1 "November 2003" urlencode "URLENCODE Manual"
-.SH NAME
-.B urlencode
-\- convert strings to or from URL-encoded form
-.SH SYNOPSIS
-.B urlencode
-[-m|-d]
-.I string [string ...]
-.SH DESCRIPTION
-.B urlencode
-encodes strings according to RFC 1738.
-
-That is, characters A-Z a-z 0-9 . _
-and - are passed through unmodified, but all other characters are
-represented as %HH, where HH is their two-digit upper-case hexadecimal ASCII
-representation.
-For example, the URL http://www.gridpp.ac.uk/ becomes
-http%3A%2F%2Fwww.gridpp.ac.uk%2F
-
-.B urlencode
-converts each character in all the strings given on the command line. If
-multiple strings are given, they are concatenated with separating spaces
-before conversion.
-
-.SH OPTIONS
-.IP "-m"
-Instead of full conversion, do GridSite "mild URL encoding" in which A-Z a-z
-0-9 . = - _ @ and / are passed through unmodified. This results in slightly
-more human-readable strings but the application must be prepared to create
-or simulate the directories implied by any slashes.
-
-.IP "-d"
-Do URL-decoding rather than encoding, according to RFC 1738. %HH and %hh
-strings are converted and other characters are passed through unmodified,
-with the exception that + is converted to space.
-
-.SH EXIT CODES
-0 is always returned.
-
-.SH BUGS
-Not enough beta testing (hint hint...)
-
-.SH AUTHOR
-Andrew McNab GridSite User Guide
-
-Reading from HTTP and HTTPS servers
-
-Authenticating
-
-
-openssl pkcs12 -in usercert.pem -inkey userkey.pem -export -out certkey.p12
-
-
-Authorization
-
-Managing Directories and Files
-
-HTML Formatting in GridSite
-
-
-
-
-Source HTML page.html <title>PAGE TITLE</title> page.html
(replaced)<body> gridsitehead.txt
- <body text=blue>
- Heading text
- <table border=1>
<tr>
<td>Standard<br>
- sidebar</td>
<td>page.html <p>
Page content...page.html
(replaced)</body> gridsitefoot.txt </td>
</tr>
- </table>
Footer text
</body>
-
-
-Heading text Standard
sidebarPage content...
- Footer text Command line use
-
-
-curl --cert /tmp/x509up_u`id -n` --key /tmp/x509up_u`id -n` \
- --capath /etc/grid-security/certificates \
- --upload-file /tmp/new.file.txt https://server/new.file.txt
-
-
-
-htcp /tmp/new.file.txt https://server/new.file.txt
-
-since htcp looks for the GSI proxy and CA certificates automatically. htcp
-can also be used to copy remote files to the local machine by reversing the
-arguments. For more details, see the
-htcp(1) man page.
-
-
-htcp /tmp/new.*.txt https://server/
-
-
-
diff --git a/org.gridsite.core/interface/gridsite-gacl.h b/org.gridsite.core/interface/gridsite-gacl.h
deleted file mode 100644
index f739c00..0000000
--- a/org.gridsite.core/interface/gridsite-gacl.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- Copyright (c) 2002-4, Andrew McNab, University of Manchester
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*---------------------------------------------------------------*
- * For more about GridSite: http://www.gridsite.org/ *
- *---------------------------------------------------------------*/
-
-#ifndef HEADER_GACL_H
-#define HEADER_GACL_H
-#endif
-
-#ifndef GACL_LIB_VERSION
-#define GACL_LIB_VERSION "x.x.x"
-#endif
-
-typedef GRSTgaclCred GACLcred;
-
-typedef int GACLaction;
-typedef unsigned int GACLperm;
-
-typedef GRSTgaclEntry GACLentry;
-
-typedef GRSTgaclAcl GACLacl;
-
-typedef GRSTgaclUser GACLuser;
-
-extern char *gacl_perm_syms[];
-extern GACLperm gacl_perm_vals[];
-
-#define GACL_PERM_NONE GRST_PERM_NONE
-#define GACL_PERM_READ GRST_PERM_READ
-#define GACL_PERM_LIST GRST_PERM_LIST
-#define GACL_PERM_WRITE GRST_PERM_WRITE
-#define GACL_PERM_ADMIN GRST_PERM_ADMIN
-
-#define GACLhasNone(perm) (perm == 0)
-#define GACLhasRead(perm) ((perm & GRST_PERM_READ) != 0)
-#define GACLhasList(perm) ((perm & GRST_PERM_LIST) != 0)
-#define GACLhasWrite(perm) ((perm & GRST_PERM_WRITE) != 0)
-#define GACLhasAdmin(perm) ((perm & GRST_PERM_ADMIN) != 0)
-
-#define GACL_ACTION_ALLOW GRST_ACTION_ALLOW
-#define GACL_ACTION_DENY GRST_ACTION_DENY
-
-#define GACL_ACL_FILE GRST_ACL_FILE
-#define GACL_DN_LISTS GRST_DN_LISTS
-
-#define GACLinit() GRSTgaclInit()
-
-#define GACLnewCred(x) GRSTgaclCredNew((x))
-/* GACLcred *GACLnewCred(char *); */
-
-#define GACLaddToCred(x,y,z) GRSTgaclCredAddValue((x),(y),(z))
-/* int GACLaddToCred(GACLcred *, char *, char *); */
-
-#define GACLfreeCred(x) GRSTgaclCredFree((x))
-/* int GACLfreeCred(GACLcred *); */
-
-#define GACLaddCred(x,y) GRSTgaclEntryAddCred((x),(y))
-/* int GACLaddCred(GACLentry *, GACLcred *); */
-
-#define GACLdelCred(x,y) GRSTgaclEntryDelCred((x),(y))
-/* int GACLdelCred(GACLentry *, GACLcred *); */
-
-#define GACLprintCred(x,y) GRSTgaclCredPrint((x),(y))
-/* int GACLprintCred(GACLcred *, FILE *); */
-
-
-#define GACLnewEntry() GRSTgaclEntryNew()
-/* GACLentry *GACLnewEntry(void); */
-
-#define GACLfreeEntry(x) GRSTgaclEntryFree((x))
-/* int GACLfreeEntry(GACLentry *); */
-
-#define GACLaddEntry(x,y) GRSTgaclAclAddEntry((x),(y))
-/* int GACLaddEntry(GACLacl *, GACLentry *); */
-
-#define GACLprintEntry(x,y) GRSTgaclEntryPrint((x),(y))
-/* int GACLprintEntry(GACLentry *, FILE *); */
-
-
-#define GACLprintPerm(x,y) GRSTgaclPermPrint((x),(y))
-/* int GACLprintPerm(GACLperm, FILE *); */
-
-#define GACLallowPerm(x,y) GRSTgaclEntryAllowPerm((x),(y))
-/* int GACLallowPerm(GACLentry *, GACLperm); */
-
-#define GACLunallowPerm(x,y) GRSTgaclEntryUnallowPerm((x),(y))
-/* int GACLunallowPerm(GACLentry *, GACLperm); */
-
-#define GACLdenyPerm(x,y) GRSTgaclEntryDenyPerm((x),(y))
-/* int GACLdenyPerm(GACLentry *, GACLperm); */
-
-#define GACLundenyPerm(x,y) GRSTgaclEntryUndenyPerm((x),(y))
-/* int GACLundenyPerm(GACLentry *, GACLperm); */
-
-#define GACLpermToChar(x) GRSTgaclPermToChar((x))
-/* char *GACLpermToChar(GACLperm); */
-
-#define GACLcharToPerm(x) GRSTgaclPermFromChar((x))
-/* GACLperm GACLcharToPerm(char *); */
-
-#define GACLnewAcl() GRSTgaclAclNew()
-/* GACLacl *GACLnewAcl(void); */
-
-#define GACLfreeAcl(x) GRSTgaclAclFree((x))
-/* int GACLfreeAcl(GACLacl *); */
-
-#define GACLprintAcl(x,y) GRSTgaclAclPrint((x),(y))
-/* int GACLprintAcl(GACLacl *, FILE *); */
-
-#define GACLsaveAcl(x,y) GRSTgaclAclSave((y),(x))
-/* int GACLsaveAcl(char *, GACLacl *); */
-
-#define GACLloadAcl(x) GRSTgaclAclLoadFile((x))
-/* GACLacl *GACLloadAcl(char *); */
-
-#define GACLfindAclForFile(x) GRSTgaclFileFindAclname((x))
-/* char *GACLfindAclForFile(char *); */
-
-#define GACLloadAclForFile(x) GRSTgaclAclLoadforFile((x))
-/* GACLacl *GACLloadAclForFile(char *); */
-
-#define GACLisAclFile(x) GRSTgaclFileIsAcl((x))
-/* int GACLisAclFile(char *); */
-
-
-#define GACLnewUser(x) GRSTgaclUserNew((x))
-/* GACLuser *GACLnewUser(GACLcred *); */
-
-#define GACLfreeUser(x) GRSTgaclUserFree((x))
-/* int GACLfreeUser(GACLuser *); */
-
-#define GACLuserAddCred(x,y) GRSTgaclUserAddCred((x),(y))
-/* int GACLuserAddCred(GACLuser *, GACLcred *); */
-
-#define GACLuserHasCred(x,y) GRSTgaclUserHasCred((x),(y))
-/* int GACLuserHasCred(GACLuser *, GACLcred *); */
-
-#define GACLuserFindCredType(x,y) GRSTgaclUserFindCredtype((x),(y))
-/* GACLcred *GACLuserFindCredType(GACLuser *, char *); */
-
-#define GACLtestDnList(x,y) GRSTgaclDNlistHasUser((x),(y))
-/* int GACLtestDnList(char *, GACLuser *); */
-
-#define GACLtestUserAcl(x,y) GRSTgaclAclTestUser((x),(y))
-/* GACLperm GACLtestUserAcl(GACLacl *, GACLuser *); */
-
-#define GACLtestExclAcl(x,y) GRSTgaclAclTestexclUser((x),(y))
-/* GACLperm GACLtestExclAcl(GACLacl *, GACLuser *); */
-
-
-#define GACLurlEncode(x) GRSThttpUrlEncode((x))
-/* char *GACLurlEncode(char *); */
-
-#define GACLmildUrlEncode(x) GRSThttpUrlMildencode((x))
-/* char *GACLmildUrlEncode(char *); */
-
-GACLentry *GRSTgaclEntryParse(xmlNodePtr cur);
-/* special function for legacy EDG LB service */
diff --git a/org.gridsite.core/interface/gridsite.h b/org.gridsite.core/interface/gridsite.h
deleted file mode 100644
index febda2c..0000000
--- a/org.gridsite.core/interface/gridsite.h
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- Copyright (c) 2002-3, Andrew McNab, University of Manchester
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*---------------------------------------------------------------*
- * For more about GridSite: http://www.gridsite.org/ *
- *---------------------------------------------------------------*/
-
-#ifndef HEADER_SSL_H
-#include %s
\n", status);
-
- exit(0);
-}
-
-int GRSTmethodPutProxy(char *delegation_id, char *user_dn)
-/* return 0 on success; non-zero on error */
-{
- int c, len = 0, i;
- char *docroot, *contentlen, *contenttype, *proxychain, *proxydir;
- FILE *fp;
-
- if (((contenttype = getenv("CONTENT_TYPE")) == NULL) ||
- (strcmp(contenttype, "application/x-x509-user-cert-chain") != 0))
- return 2;
-
- contentlen = getenv("CONTENT_LENGTH");
- if (contentlen == NULL) return 2;
- len = atoi(contentlen);
-
- if ((delegation_id == NULL) || (*delegation_id == '\0'))
- delegation_id = "_";
-
- docroot = getenv("DOCUMENT_ROOT");
- asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE);
-
- if ((user_dn == NULL) || (user_dn[0] == '\0') ||
- (GRSTx509CacheProxy(proxydir, delegation_id, user_dn, proxychain)
- != GRST_RET_OK))
- {
- return GRST_RET_FAILED;
- }
-
- free(proxydir);
-
- return GRST_RET_OK;
-}
-#endif
-
-int main(int argn, char *argv[])
-{
- char *docroot, *method, *request, *p, *client_dn, *user_dn,
- *delegation_id, *reqtxt, *proxydir;
- struct soap soap;
-
- method = getenv("REQUEST_METHOD");
- if (strcmp(method, "POST") == 0)
- {
- soap_init(&soap);
- soap_serve(&soap); /* CGI application */
- return 0;
- }
-
-#ifdef GRST_SUPPORT_G_HTTPS
- docroot = getenv("DOCUMENT_ROOT");
-
- request = strdup(getenv("REQUEST_URI"));
- p = index(request, '?');
- if (p != NULL) *p = '\0';
-
-
- /* non HTTP POST methods - ie special G-HTTPS methods */
-
- delegation_id = getenv("HTTP_DELEGATION_ID");
- if ((delegation_id == NULL) || (*delegation_id == '\0')) delegation_id = "_";
-
- user_dn = NULL;
- client_dn = getenv("SSL_CLIENT_S_DN");
- if (client_dn != NULL)
- {
- user_dn = strdup(client_dn);
-
- /* we assume here that mod_ssl has verified proxy chain already ... */
-
- p = strstr(user_dn, "/CN=proxy");
- if (p != NULL) *p = '\0';
-
- p = strstr(user_dn, "/CN=limited proxy");
- if (p != NULL) *p = '\0';
- }
-
- if (user_dn == NULL) /* all methods require client auth */
- {
- GRSThttpError("403 Forbidden");
- }
- else if (strcmp(method, "GET-PROXY-REQ") == 0)
- {
- docroot = getenv("DOCUMENT_ROOT");
- asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE);
-
- if (GRSTx509MakeProxyRequest(&reqtxt, proxydir,
- delegation_id, user_dn) == 0)
- {
- puts("Status: 200 OK");
- puts("Content-Type: application/x-x509-cert-request");
- printf("Content-Length: %d\n\n", strlen(reqtxt));
- fputs(reqtxt, stdout);
- free(proxydir);
- return 0;
- }
-
- puts("Status: 500 Internal Server Error\n");
- free(proxydir);
- return 0;
- }
- else if (strcmp(method, "PUT-PROXY-CERT") == 0)
- {
- if (GRSTmethodPutProxy(delegation_id, user_dn) == 0)
- {
- puts("Status: 200 OK\n");
- return 0;
- }
-
- puts("Status: 500 Internal Server Error\n");
- return 0;
- }
- else
- {
- GRSThttpError("501 Method Not Implemented");
- }
-#endif
-}
-
-int ns__getProxyReq(struct soap *soap, char *delegation_id,
- char **request)
-{
- char *p, *client_dn, *user_dn, *docroot, *proxydir;
-
- user_dn = NULL;
- client_dn = getenv("SSL_CLIENT_S_DN");
- if (client_dn != NULL)
- {
- user_dn = strdup(client_dn);
-
- /* we assume here that mod_ssl has verified proxy chain already ... */
-
- p = strstr(user_dn, "/CN=proxy");
- if (p != NULL) *p = '\0';
-
- p = strstr(user_dn, "/CN=limited proxy");
- if (p != NULL) *p = '\0';
- }
-
- if ((delegation_id == NULL) || (*delegation_id == '\0')) delegation_id = "_";
-
- docroot = getenv("DOCUMENT_ROOT");
- asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE);
-
- if ((user_dn != NULL) && (user_dn[0] != '\0') &&
- (GRSTx509MakeProxyRequest(request, proxydir,
- delegation_id, user_dn) == 0))
- {
- return SOAP_OK;
- }
-
- return SOAP_ERR;
-}
-
-int ns__putProxy(struct soap *soap, char *delegation_id,
- char *proxy,
- struct ns__putProxyResponse *unused)
-{
- int fd, c, len = 0, i;
- char *docroot, *proxydir, *p, *client_dn, *user_dn;
-
- user_dn = NULL;
- client_dn = getenv("SSL_CLIENT_S_DN");
- if (client_dn != NULL)
- {
- user_dn = strdup(client_dn);
-
- /* we assume here that mod_ssl has verified proxy chain already ... */
-
- p = strstr(user_dn, "/CN=proxy");
- if (p != NULL) *p = '\0';
-
- p = strstr(user_dn, "/CN=limited proxy");
- if (p != NULL) *p = '\0';
- }
-
- if ((delegation_id == NULL) || (*delegation_id == '\0'))
- delegation_id = "_";
-
- docroot = getenv("DOCUMENT_ROOT");
- asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE);
-
- if ((user_dn == NULL) || (user_dn[0] == '\0') ||
- (GRSTx509CacheProxy(proxydir, delegation_id, user_dn, proxy)
- != GRST_RET_OK))
- {
- return SOAP_ERR;
- }
-
- return SOAP_OK;
-}
-
diff --git a/org.gridsite.core/src/grst_admin.h b/org.gridsite.core/src/grst_admin.h
deleted file mode 100644
index cddc415..0000000
--- a/org.gridsite.core/src/grst_admin.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- Copyright (c) 2002-3, Andrew McNab and Shiv Kaushal,
- University of Manchester. All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*------------------------------------------------------------------*
- * This program is part of GridSite: http://www.gridsite.org/ *
- *------------------------------------------------------------------*/
-
-void GRSThttpError(char *);
-void adminfooter(GRSThttpBody *, char *, char *, char *, char *);
-int GRSTstrCmpShort(char *, char *);
-char *makevfilename(char *, size_t, char *);
-
-/*CGI GACL - Edit interface functions*/
-void show_acl(int admin, GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void new_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void new_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void del_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void edit_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void edit_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void add_cred_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void add_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void del_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void del_entry_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void del_cred_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-
-/*Functions producing messages*/
-//void error(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file);
-void admin_continue(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file, GRSThttpBody *bp);
-
diff --git a/org.gridsite.core/src/grst_admin_file.c b/org.gridsite.core/src/grst_admin_file.c
deleted file mode 100644
index f89a004..0000000
--- a/org.gridsite.core/src/grst_admin_file.c
+++ /dev/null
@@ -1,1571 +0,0 @@
-/*
- Copyright (c) 2002-3, Andrew McNab, University of Manchester
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*------------------------------------------------------------------*
- * This program is part of GridSite: http://www.gridsite.org/ *
- *------------------------------------------------------------------*/
-
-#ifndef VERSION
-#define VERSION "x.x.x"
-#endif
-
-#include Forbidden filename %s
\n",
- filename);
-
- GRSThttpPrintf(&bp,
- "Failed to upload
\n");
-
- GRSThttpPrintf(&bp, "Error deleting %s%s
\n",
- dir_uri, file);
-
- GRSThttpPrintf(&bp, "Delete %s
\n", file);
-
- GRSThttpPrintf(&bp,"\n");
-
- GRSThttpPrintf(&bp,"Rename %s%s
\n", dir_uri, file);
-
- GRSThttpPrintf(&bp,"\n");
-
- GRSThttpPrintf(&bp,"Error writing %s%s
\n",
- dir_uri, file);
-
- GRSThttpPrintf(&bp,
- "Error creating %s%s
\n",
- dir_uri, GRST_ACL_FILE);
-
- GRSThttpPrintf(&bp, "Error renaming %s%s
\n",
- dir_uri, file);
-
- GRSThttpPrintf(&bp, "Error creating directory %s%s
\n",
- dir_uri, file);
-
- GRSThttpPrintf(&bp,
- "Error writing %s to %s
\n",
- file, dir_uri);
-
- GRSThttpPrintf(&bp, "Error writing %s%s
\n",
- dir_uri, file);
-
- GRSThttpPrintf(&bp, "History of %s%s
\n",
- dir_uri, file, dir_uri, file);
-
- asprintf(&vfile, "%s/%s", dir_path, file);
- if (stat(vfile, &statbuf) == 0)
- {
- localtime_r((const time_t *) &(statbuf.st_mtime), &file_tm);
- strftime(modified, sizeof(modified),
- "%a %e %b %Y %k:%M", &file_tm);
-
- GRSThttpPrintf(&bp, "\n"
- "
\n");
- else GRSThttpPrintf(&bp, "Date Size after "
- "Changed by %s %d %s \n",
- modified, file_size, dndecoded);
-
- free(dndecoded);
-
- asprintf(&vfile, "%s/%s", dir_path, namelist[i]->d_name);
- if ((stat(vfile, &statbuf) == 0) && (statbuf.st_size > 0))
- {
- GRSThttpPrintf(&bp, "View ");
-
- free(vfile);
- }
- }
- }
-
- if (num > 0) GRSThttpPrintf(&bp, "Contents of ZIP file %s%s
\n",
- dir_uri, file, dir_uri, file);
-
- unzip = getenv("GRST_UNZIP");
- if (unzip == NULL) unzip = getenv("REDIRECT_GRST_UNZIP");
-
- if (unzip != NULL)
- {
- GRSThttpPrintf(&bp, "\n");
- asprintf(&shellcmd, "cd %s ; %s -Z %s", dir_path, unzip, file);
- fp = popen(shellcmd, "r");
-
- while (fgets(oneline, sizeof(oneline), fp) != NULL)
- GRSThttpPrintf(&bp, "%s", oneline);
- pclose(fp);
- GRSThttpPrintf(&bp, "
Unzipping %s%s
\n",
- dir_uri, file, dir_uri, file);
-
- unzip = getenv("GRST_UNZIP");
- if (unzip == NULL) unzip = getenv("REDIRECT_GRST_UNZIP");
-
- if (unzip != NULL)
- {
- GRSThttpPrintf(&bp, "\n");
- asprintf(&shellcmd, "cd %s ; %s -jo %s -x '.*'", dir_path, unzip, file);
- fp = popen(shellcmd, "r");
-
- while (fgets(oneline, sizeof(oneline), fp) != NULL)
- GRSThttpPrintf(&bp, "%s", oneline);
- pclose(fp);
- GRSThttpPrintf(&bp, "
Edit file %s
\n", file);
-
- GRSThttpPrintf(&bp,"\n");
-
- if (fp != NULL) fclose(fp);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
-}
-
-void editdnlistform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *file, char *dir_uri, char *admin_file)
-{
- int fd, i, c, numdn = 0;
- char *dir_path_file, *rawpage, *p, *dnlistsuri, *server_name, *fulluri,
- *realfile, oneline[513];
- FILE *fp = NULL;
- struct stat statbuf;
- GRSThttpBody bp;
-
- dnlistsuri = getenv("GRST_DN_LISTS_URI");
- if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI");
-
- if (!GRSTgaclPermHasWrite(perm) ||
- (dnlistsuri == NULL) ||
- (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) != 0))
- GRSThttpError("403 Forbidden");
-
- realfile = GRSThttpUrlEncode(file);
-
- dir_path_file = malloc(strlen(dir_path) + strlen(realfile) + 2);
-
- strcpy(dir_path_file, dir_path);
- strcat(dir_path_file, "/");
- strcat(dir_path_file, realfile);
-
- fd = open(dir_path_file, O_RDONLY);
- if (fd != -1) /* we dont mind open failing, but it must work if it doesnt */
- {
- fp = fdopen(fd, "r");
- if (fp == NULL) GRSThttpError("500 File open failed!");
-
- if ((fstat(fd, &statbuf) != 0) ||
- !S_ISREG(statbuf.st_mode)) GRSThttpError("500 Not a regular file!");
- }
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp, "Edit DN List
\n");
-
- GRSThttpPrintf(&bp,"\n");
-
- if (fp != NULL) fclose(fp);
-
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
-}
-
-void managedir(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *dir_uri, char *admin_file)
-{
- int n, is_dnlists_dir = 0, enclen, numfiles, encprefixlen;
- char *d_namepath, modified[99], *absaclpath, *editable, *p, *unzip,
- *dnlistsuri, *d_name, *server_name, *fulluri, *encfulluri,
- *encprefix, *dnlistsprefix;
- GRSThttpBody bp;
- struct tm mtime_tm;
- struct stat statbuf;
- struct dirent **namelist, *subdirfile_ent;
- DIR *subDIR;
-
- if (((!GRSTgaclPermHasWrite(perm)) &&
- (!GRSTgaclPermHasList(perm))) ||
- (stat(dir_path, &statbuf) != 0) || !S_ISDIR(statbuf.st_mode))
- GRSThttpError("403 Forbidden");
-
- editable = getenv("GRST_EDITABLE");
- if (editable == NULL) editable = getenv("REDIRECT_GRST_EDITABLE");
-
- unzip = getenv("GRST_UNZIP");
- if (unzip == NULL) unzip = getenv("REDIRECT_GRST_UNZIP");
-
- dnlistsuri = getenv("GRST_DN_LISTS_URI");
- if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI");
-
- if (dnlistsuri && (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) == 0))
- {
- is_dnlists_dir = 1;
- server_name = getenv("SERVER_NAME");
-
- asprintf(&fulluri, "https://%s%s", server_name, dir_uri);
- encfulluri = GRSThttpUrlEncode(fulluri);
- enclen = strlen(encfulluri);
-
- asprintf(&dnlistsprefix, "https://%s%s", server_name, dnlistsuri);
- encprefix = GRSThttpUrlEncode(dnlistsprefix);
- encprefixlen = strlen(encprefix);
- }
-
- printf("Status: 200 OK\nContent-Type: text/html\n");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintf(&bp,"Manage directory %s
\n\n", dir_uri);
-
- if (dir_uri[1] != '\0')
- GRSThttpPrintf(&bp,
- "
\n");
-
- if (!is_dnlists_dir) adminfooter(&bp, dn, help_uri, dir_uri, NULL);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
-}
-
diff --git a/org.gridsite.core/src/grst_admin_gacl.c b/org.gridsite.core/src/grst_admin_gacl.c
deleted file mode 100644
index 2a40b28..0000000
--- a/org.gridsite.core/src/grst_admin_gacl.c
+++ /dev/null
@@ -1,968 +0,0 @@
-/*
- Copyright (c) 2003, Shiv Kaushal, University of Manchester
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*-----------------------------------------------------------*
-* This program is part of GridSite: http://www.gridsite.org/ *
-*------------------------------------------------------------*/
-
-#include [Parent "
- "directory] %R %e %b %y ",
- &mtime_tm);
-
- if (!is_dnlists_dir)
- {
- GRSThttpPrintf(&bp,
- "%s "
- "%ld %s\n",
- GRST_ACL_FILE,
- GRST_ACL_FILE,
- statbuf.st_size, modified);
-
- GRSThttpPrintf(&bp,
- ""
- "History ",
- dir_uri, admin_file, GRST_ACL_FILE);
- }
- else GRSThttpPrintf(&bp,
- "%s "
- "%ld %s\n",
- GRST_ACL_FILE,
- statbuf.st_size, modified);
-
- if (GRSTgaclPermHasAdmin(perm))
- GRSThttpPrintf(&bp,
- "Edit "
- "Delete ",
- dir_uri, admin_file,
- dir_uri, admin_file, GRST_ACL_FILE);
- else if (GRSTgaclPermHasRead(perm))
- GRSThttpPrintf(&bp,
- "View "
- " ", dir_uri, admin_file);
- else GRSThttpPrintf(&bp, " \n");
-
- GRSThttpPrintf(&bp, " %R %e %b %y ",
- &mtime_tm);
-
- if (S_ISDIR(statbuf.st_mode))
- {
- GRSThttpPrintf(&bp,
- ""
- "%s/ "
- "%ld %s\n ",
- dir_uri, namelist[n]->d_name, admin_file,
- namelist[n]->d_name,
- statbuf.st_size, modified);
-
- if (numfiles == 0)
- GRSThttpPrintf(&bp,
- ""
- "Delete \n",
- dir_uri, admin_file, namelist[n]->d_name);
- else GRSThttpPrintf(&bp, " \n");
-
- GRSThttpPrintf(&bp, " %s "
- "%ld %s"
- " ",
- d_name, d_name,
- statbuf.st_size, modified);
-
- if (GRSTgaclPermHasWrite(perm))
- GRSThttpPrintf(&bp, "\n",
- dir_uri, admin_file, d_name);
- else GRSThttpPrintf(&bp, " \n");
-
- if (GRSTgaclPermHasWrite(perm))
- GRSThttpPrintf(&bp, "\n",
- dir_uri, admin_file, d_name);
- else GRSThttpPrintf(&bp, " \n");
-
- GRSThttpPrintf(&bp, " %s "
- "%ld %s",
- dir_uri, d_name,
- d_name,
- statbuf.st_size, modified);
-
- GRSThttpPrintf(&bp,
- ""
- "History ",
- dir_uri, admin_file, d_name);
-
- p = rindex(namelist[n]->d_name, '.');
-
- if ((unzip != NULL) &&
- (p != NULL) &&
- (strcasecmp(&p[1], "zip") == 0) &&
- GRSTgaclPermHasRead(perm))
- GRSThttpPrintf(&bp,
- ""
- "List \n",
- dir_uri, admin_file, d_name);
- else if ((p != NULL) &&
- (strstr(editable, &p[1]) != NULL) &&
- GRSTgaclPermHasWrite(perm))
- GRSThttpPrintf(&bp,
- ""
- "Edit \n",
- dir_uri, admin_file, d_name);
- else GRSThttpPrintf(&bp, " ");
-
- if (GRSTgaclPermHasWrite(perm))
- GRSThttpPrintf(&bp,
- ""
- "Delete \n", dir_uri, admin_file, d_name);
- else
- GRSThttpPrintf(&bp, " \n");
-
- if (GRSTgaclPermHasWrite(perm))
- GRSThttpPrintf(&bp,
- ""
- "Rename ");
- }
- }
-
- free(namelist[n]);
- }
-
- free(namelist);
- }
-
- if (GRSTgaclPermHasWrite(perm))
- {
- if (is_dnlists_dir)
- {
- GRSThttpPrintf(&bp, "\n",
- dir_uri, admin_file, fulluri, strlen(fulluri)+8);
-
- GRSThttpPrintf(&bp, "\n",
- dir_uri, admin_file);
- }
- else
- {
- GRSThttpPrintf(&bp, "\n",
- dir_uri, admin_file);
-
- GRSThttpPrintf(&bp,
- "\n", dir_uri, admin_file);
- }
- }
-
- GRSThttpPrintf(&bp, "
\n");
- admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp);
- return;
- }
-
- stat(GRSTgaclFileFindAclname(dir_path), &file_info);
- timestamp=file_info.st_mtime;
- acl = GRSTgaclAclLoadFile(AclFilename);
-
- if (acl==NULL){
- GRSThttpPrintf ( &bp,"The ACL was found but could not be loaded - it could be incorrectly formatted
\n");
- adminfooter(&bp, dn, help_uri, dir_uri, NULL);
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
- GRSThttpWriteOut(&bp);
- return;
- }
-
- if (admin) GRSThttpPrintf (&bp,"New Entry
\n", dir_uri, admin_file, dir_uri, timestamp );
-
- // Start with the first entry in the list and work through
- entry=acl->firstentry;
- entry_no=1;
- while (entry!=NULL){
-
- GRSThttpPrintf (&bp,"
Entry %d:\n", entry_no);
- if (admin){
- GRSThttpPrintf (&bp,"Edit Entry ", dir_uri, admin_file, entry_no, dir_uri, timestamp );
- GRSThttpPrintf (&bp,"Delete Entry ",dir_uri, admin_file, entry_no, dir_uri, timestamp );
- GRSThttpPrintf (&bp,"
\n");
- admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp);
- return;
- }
-
- // Get pointer to entry and previous entry
- entry = GACLreturnEntry(acl, entry_no);
- if (entry_no!=1) previous = GACLreturnEntry(acl, entry_no-1);
-
- if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){
- GRSThttpError ("500 Unable to read entry from ACL file");
- return;
- }
-
- // Perform deletion from the list by changing pointers
- if (entry_no==1) acl->firstentry=entry->next;
- else if (entry_no==GACLentriesInAcl(acl)) previous->next=NULL;
- else previous->next=entry->next;
-
- // Save ACL and exit
- check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp);
-
- return;
-}
-
-
-void edit_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){
- // Presents the user with an editable form containing details of entry denoted by CGI variable entry_no*/
- int entry_no, cred_no, i, admin=0, timestamp=atol(GRSThttpGetCGI("timestamp"));
- GRSTgaclAcl *acl;
- GRSTgaclEntry *entry;
- GRSTgaclCred *cred;
- GRSTgaclNamevalue *namevalue;
- // struct _GACLnamevalue *namevalue;
- GRSThttpBody bp;
-
- if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden");
-
- // Load ACL from file
- acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path));
-
- // Get pointer to the entry and check okay
- entry_no=atol(GRSThttpGetCGI("entry_no"));
- entry = GACLreturnEntry(acl, entry_no);
- if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){
- GRSThttpError ("500 Unable to read from ACL file");
- return;
- }
-
- StartHTML(&bp, dir_uri, dir_path);
- GRSThttpPrintf (&bp, "EDITING ENTRY %d IN ACL FOR %s
\n");
- admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp);
- return;
- }
- cred=cred->next;
- }
- }
-
- StartHTML(&bp, dir_uri, dir_path);
- GRSThttpPrintf (&bp, " NEW CREDENTIAL IN ENTRY %d OF ACL FOR %s
| Credential No. | Type | Value | |||
| New | "); - GRSThttpPrintf(bp,""); - GRSThttpPrintf (bp, " | "); - } - - else { //Print out type and descriptor for existing cred - - GRSThttpPrintf(bp,"||||
| %d", cred_no); - if (admin) GRSThttpPrintf (bp,"(Delete)", dir_uri,admin_file,dir_uri, entry_no, cred_no, timestamp); - GRSThttpPrintf(bp, " | %s ", cred->type); - } - - if (strcmp(cred->type, "any-user")==0) GRSThttpPrintf (bp, " | "); /* Do not print out namevalue for any-user credential*/ - else{ - if (edit_values){ // Place namevalue in an editable box if appropriate - GRSThttpPrintf (bp, " | value, bp); - GRSThttpPrintf (bp, "\">"); - } - else if (strcmp(cred->type, "dn-list")==0){ - GRSThttpPrintf(bp, " | value, bp); - GRSThttpPrintf(bp, " \">"); - StringHTMLEncode(namevalue->value, bp); - GRSThttpPrintf(bp, ""); - } - else { GRSThttpPrintf(bp, " | "); StringHTMLEncode(namevalue->value, bp);} - - } - //Print out warning symbol if cred being printed relates to current user - but NOT for users in site admin list - if (GRSTgaclUserHasCred(user, cred) && !site_admin) GRSThttpPrintf(bp, " <--"); - GRSThttpPrintf(bp, " |
"); - GRSThttpPrintf (bp, "Denied: "); - for (i=0; grst_perm_syms[i]!=NULL; i++) /* Print the list of denied permissions*/ - { - if ( entry->denied & grst_perm_vals[i]) - { - if (edit_perms) GRSThttpPrintf (bp, "%s \n", grst_perm_syms[i],grst_perm_syms[i]); - else GRSThttpPrintf(bp,"%s ", grst_perm_syms[i]); - if (strcmp(grst_perm_syms[i], "none")==0) break; - } - else if (strcmp(grst_perm_syms[i], "none")!=0 && edit_perms) GRSThttpPrintf (bp, "%s \n", grst_perm_syms[i],grst_perm_syms[i]); - } - - GRSThttpPrintf (bp, "
The ACL has been modified since it was last viewed\n
"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp); - return; - } - - // check users permissions in the new ACL - - if (!GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"), user)) - { - new_perm = GRSTgaclAclTestUser(acl, user); - if (new_perm != perm){ - StartHTML(bp, dir_uri, dir_path); - if (!GRSTgaclPermHasAdmin(new_perm)){//Check that user still has Admin permissions - if not then exit without saving the new ACL - GRSThttpPrintf (bp, "ERROR: CANNOT SAVE CHANGES\n\n
You cannot deny yourself admin access from within the editor\n"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp); - return; - } - //Functions to inform of other permission changes come next - GRSThttpPrintf (bp, "WARNING: OPERATION CHANGED YOUR PERMISSIONS!\n\n
You still have Admin permissions
\n");
- admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp);
- return;
- }
- }
- // ACL not modified, notified of permission changes - can now save
-
- dir_path_file=GRSTgaclFileFindAclname(dir_path);
- vfile=makevfilename(".gacl", file_info.st_size, dn); // Make temporary file name
- dir_path_vfile = malloc(strlen(dir_path) + strlen(vfile) + 2);
- strcpy(dir_path_vfile, dir_path);
- strcat(dir_path_vfile, "/");
- strcat(dir_path_vfile, vfile);
-
- GRSTgaclAclSave(acl, dir_path_vfile); // save the new ACL to the temporary file
- unlink(dir_path_file);
- if (link (dir_path_vfile,dir_path_file)!=0) GRSThttpError("403 Forbidden");
-
- printf ("Status: 302 Moved Temporarily\n Content Length: 0\nLocation: %s%s?cmd=admin_acl\n\n", dir_uri, admin_file);
- return;
-}
-
-void StringHTMLEncode (char* string, GRSThttpBody *bp){
-
- char* current_char;
- char* tmp;
- int n;
- tmp=malloc(2);
-
- *(tmp+1)='\0';
- current_char=string;
- while(*current_char != '\0'){
-
- if (*current_char == '<') GRSThttpPrintf (bp,"<");
- else if (*current_char == '>') GRSThttpPrintf (bp,">");
- else if (*current_char == '&') GRSThttpPrintf (bp,"&");
- else if (*current_char == '\'') GRSThttpPrintf (bp,"'");
- else if (*current_char == '"') GRSThttpPrintf (bp,""");
- else{
- *tmp=*current_char;
- GRSThttpPrintf(bp, "%s", tmp);
-
- }
- current_char++;
- }
- return;
-}
-
-void revert_acl(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){
- char *AclFilename;
- GRSTgaclAcl *acl;
- GRSThttpBody bp;
- // Load the old ACL, add the entry and save
- AclFilename=malloc(strlen(dir_path)+strlen(file)+2);
- strcpy(AclFilename, dir_path);
- strcat(AclFilename, "/");
- strcat(AclFilename, file);
-
- acl = GRSTgaclAclLoadFile(AclFilename);
- check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp);
- return;
-}
diff --git a/org.gridsite.core/src/grst_admin_main.c b/org.gridsite.core/src/grst_admin_main.c
deleted file mode 100644
index d884bf5..0000000
--- a/org.gridsite.core/src/grst_admin_main.c
+++ /dev/null
@@ -1,365 +0,0 @@
-/*
- Andrew McNab and Shiv Kaushal, University of Manchester.
- Copyright (c) 2002-3. All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*------------------------------------------------------------------*
- * This program is part of GridSite: http://www.gridsite.org/ *
- *------------------------------------------------------------------*/
-
-#ifndef VERSION
-#define VERSION "x.x.x"
-#endif
-
-#ifndef _GNU_SOURCE
-#define _GNU_SOURCE
-#endif
-
-#include \n");
-
- if (dn != NULL) GRSThttpPrintf(bp, " \n");
-
- if (!isdirectory)
- {
- mtime_time = apr_time_sec(r->finfo.mtime);
-
- localtime_r(&mtime_time, &mtime_tm);
- strftime(modified, sizeof(modified),
- "%a %e %B %Y", &mtime_tm);
- temp = apr_psprintf(r->pool,"%s
\n", status);
-
- exit(0);
-}
-
-void adminfooter(GRSThttpBody *bp, char *dn, char *help_uri, char *dir_uri,
- char *admin_file)
-{
- GRSThttpPrintf(bp, "
You are %s
\n", dn);
- else GRSThttpPrintf(bp, "
\n");
-
- if (admin_file != NULL)
- GRSThttpPrintf(bp, ""
- "Manage directory .\n",
- dir_uri, admin_file);
- else GRSThttpPrintf(bp, ""
- "Back to directory .\n", dir_uri);
-
- if (help_uri != NULL)
- GRSThttpPrintf(bp, "Website Help .\n", help_uri);
-
- if ((getenv("GRST_NO_LINK") == NULL) &&
- (getenv("REDIRECT_GRST_NO_LINK") == NULL))
- GRSThttpPrintf(bp, "Built with "
- "GridSite %s\n",
- VERSION);
-
- GRSThttpPrintf(bp, "\n");
-}
-
-int GRSTstrCmpShort(char *long_s, char *short_s)
-{
- while (*short_s != '\0')
- {
- if (*long_s > *short_s) return +1;
- if (*long_s < *short_s) return -1;
-
- ++long_s;
- ++short_s;
- }
-
- return 0;
-}
-
-char *makevfilename(char *publicname, size_t size, char *dn)
-{
- int i;
- char *ext, *vfilename, *encpublicname, *encdn, *p;
- struct timeval tv_now;
-
- gettimeofday(&tv_now, NULL);
-
- ext = rindex(publicname, '.');
- if (ext == NULL) ext = "";
-
- encpublicname = GRSThttpUrlEncode(publicname);
- for (p=encpublicname; *p != '\0'; ++p) if (*p == '%') *p = '=';
-
- encdn = GRSThttpUrlEncode(dn);
- for (p=encdn; *p != '\0'; ++p) if (*p == '%') *p = '=';
-
- /* we used zero-padding for times so
- alphanumeric sorting will sort chronologically too */
-
- asprintf(&vfilename, "%s:%s:%08X:%05X:%X:%s:%s", GRST_HIST_PREFIX,
- encpublicname, tv_now.tv_sec, tv_now.tv_usec, size, encdn, ext);
-
- return vfilename;
-}
-
-void justheader(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *dir_uri, char *admin_file)
-{
- GRSThttpBody bp;
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-void justfooter(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path,
- char *dir_uri, char *admin_file)
-{
- GRSThttpBody bp;
-
- puts("Status: 200 OK\nContent-Type: text/html");
-
- GRSThttpBodyInit(&bp);
-
- if (GRSTgaclPermHasList(perm) || GRSTgaclPermHasWrite(perm)
- || GRSTgaclPermHasAdmin(perm))
- adminfooter(&bp, dn, help_uri, dir_uri, admin_file);
-
- GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE);
-
- GRSThttpWriteOut(&bp);
-}
-
-int main()
-{
- int gsiproxylimit_i = 1;
- char *cmd, *dir_uri, *file, *dir_path, *admin_file, *dn = NULL,
- *help_uri, *p, *content_type, *request_uri, *button,
- *grst_cred_0, *gsiproxylimit, *dn_lists;
- GRSTgaclCred *cred;
- GRSTgaclUser *user = NULL;
- GRSTgaclAcl *acl;
- GRSTgaclPerm perm = GRST_PERM_NONE;
-
- help_uri = getenv("REDIRECT_GRST_HELP_URI"); /* can be NULL */
- admin_file = getenv("REDIRECT_GRST_ADMIN_FILE");
- dir_path = getenv("REDIRECT_GRST_DIR_PATH");
- request_uri = getenv("REQUEST_URI");
-
- if ((dir_path == NULL) || (admin_file == NULL) || (request_uri == NULL))
- {
- puts("Status: 500 Internal Server Error\nContent-type: text/plain\n\n"
- "REDIRECT_GRST_DIR_PATH or REDIRECT_GRST_ADMIN_FILE "
- "or REQUEST_URI missing");
- return;
- }
-
- GRSTgaclInit();
-
- grst_cred_0 = getenv("GRST_CRED_0");
-
- if ((grst_cred_0 != NULL) && (cred = GRSTx509CompactToCred(grst_cred_0)))
- {
- gsiproxylimit = getenv("REDIRECT_GRST_GSIPROXY_LIMIT");
- if (gsiproxylimit != NULL) sscanf(gsiproxylimit, "%d", &gsiproxylimit_i);
-
- if (GRSTgaclCredGetDelegation(cred) <= gsiproxylimit_i)
- {
- user = GRSTgaclUserNew(cred);
-
- if ((p = index(grst_cred_0, ' ')) &&
- (p = index(++p, ' ')) &&
- (p = index(++p, ' ')) &&
- (p = index(++p, ' '))) dn = &p[1];
- }
- }
- else if ((dn = getenv("SSL_CLIENT_S_DN")) != NULL)
- {
- cred = GRSTgaclCredNew("person");
- GRSTgaclCredAddValue(cred, "dn", dn);
- user = GRSTgaclUserNew(cred);
- }
-
- dn_lists = getenv("REDIRECT_GRST_DN_LISTS");
- if (dn_lists == NULL) dn_lists = getenv("GRST_DN_LISTS");
- if (dn_lists != NULL) GRSTgaclUserSetDNlists(user, dn_lists);
-
- if (GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"),
- user)) perm = GRST_PERM_ALL;
- else
- {
- p = getenv("REMOTE_HOST");
- if (p != NULL)
- {
- cred = GRSTgaclCredNew("dns");
- GRSTgaclCredAddValue(cred, "hostname", p);
-
- if (user == NULL) user = GRSTgaclUserNew(cred);
- else GRSTgaclUserAddCred(user, cred);
- }
-
- acl = GRSTgaclAclLoadforFile(dir_path);
- if (acl != NULL) perm = GRSTgaclAclTestUser(acl, user);
- }
-
- /* we're relying on being a CGI with all this un-free()ed strdup()ing */
-
- dir_uri = strdup(request_uri);
- p = rindex(dir_uri, '?');
- if (p != NULL) *p = '\0';
- p = rindex(dir_uri, '/');
- if (p != NULL) p[1] = '\0';
-
- content_type = getenv("CONTENT_TYPE");
-
- if ((content_type != NULL) &&
- (GRSTstrCmpShort(content_type, "multipart/form-data; boundary=") == 0))
- {
- uploadfile(dn, perm, help_uri, dir_path, dir_uri, admin_file);
- return 0;
- }
-
- cmd = GRSThttpGetCGI("cmd");
- file = GRSThttpGetCGI("file");
- button = GRSThttpGetCGI("button");
-
- /* file and directory functions in grst_admin_file.c */
-
- if (strcmp(cmd, "header") == 0)
- justheader(dn, perm, help_uri, dir_path, dir_uri, admin_file);
- else if (strcmp(cmd, "footer") == 0)
- justfooter(dn, perm, help_uri, dir_path, dir_uri, admin_file);
- else if (strcmp(cmd, "managedir") == 0)
- managedir(dn, perm, help_uri, dir_path, dir_uri, admin_file);
- else if (strcmp(cmd, "print") == 0)
- printfile(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "history") == 0)
- filehistory(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "editdnlist") == 0)
- editdnlistform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "edit") == 0)
- {
- if ((strcasecmp(button, "new directory") == 0) ||
- (strcasecmp(button, "Create") == 0))
- newdirectory(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else
- editfileform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- }
- else if (strcmp(cmd, "editaction") == 0)
- editfileaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "editdnlistaction") == 0)
- editdnlistaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "delete") == 0)
- deletefileform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "deleteaction") == 0)
- deletefileaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "rename") == 0)
- renameform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "renameaction") == 0)
- renameaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "ziplist") == 0)
- ziplist(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "unzipfile") == 0)
- unzipfile(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "create_acl") == 0)
- create_acl(dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
-
- /* GACL functions in grst_admin_gacl.c */
-
- else if (strcmp(cmd, "show_acl") == 0)
- show_acl(0, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "admin_acl") == 0)
- show_acl(1, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "acl_history") == 0)
- show_acl(2, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd, "revert_acl") == 0)
- revert_acl(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- //show_acl(2, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"new_entry_form")==0)
- new_entry_form(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"new_entry")==0)
- new_entry(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"del_entry_sure")==0)
- del_entry_sure(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"del_entry")==0)
- del_entry(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"edit_entry_form")==0)
- edit_entry_form(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"edit_entry")==0)
- edit_entry(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"add_cred_form")==0)
- add_cred_form(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"add_cred")==0)
- add_cred(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"del_cred_sure")==0)
- del_cred_sure(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
- else if (strcmp(cmd,"del_cred")==0)
- del_cred(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file);
-
- /* you what? */
-
- else GRSThttpError("500 Internal Server Error");
-}
diff --git a/org.gridsite.core/src/grst_gacl.c b/org.gridsite.core/src/grst_gacl.c
deleted file mode 100644
index 13b46c8..0000000
--- a/org.gridsite.core/src/grst_gacl.c
+++ /dev/null
@@ -1,1154 +0,0 @@
-/*
- Copyright (c) 2002-3, Andrew McNab, University of Manchester
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, are permitted provided that the following
- conditions are met:
-
- o Redistributions of source code must retain the above
- copyright notice, this list of conditions and the following
- disclaimer.
- o Redistributions in binary form must reproduce the above
- copyright notice, this list of conditions and the following
- disclaimer in the documentation and/or other materials
- provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-/*---------------------------------------------------------------*
- * For more information about GridSite: http://www.gridsite.org/ *
- *---------------------------------------------------------------*/
-
-#include
Last modified %s\n", modified);
- out = apr_pstrcat(r->pool, out, temp, NULL);
-
- if ((conf->adminuri != NULL) &&
- (conf->adminuri[0] != '\0') &&
- (conf->adminfile != NULL) &&
- (conf->adminfile[0] != '\0') &&
- (strncmp(file, GRST_HIST_PREFIX, sizeof(GRST_HIST_PREFIX)-1) != 0))
- {
- temp = apr_psprintf(r->pool,
- ". "
- "View page history\n",
- conf->adminfile, file);
- out = apr_pstrcat(r->pool, out, temp, NULL);
- }
- }
-
- out = apr_pstrcat(r->pool, out, "
", NULL);
-
- if (r->connection->notes != NULL)
- grst_cred_0 = (char *)
- apr_table_get(r->connection->notes, "GRST_CRED_0");
-
- if ((grst_cred_0 != NULL) &&
- (strncmp(grst_cred_0, "X509USER ", sizeof("X509USER")) == 0))
- {
- p = index(grst_cred_0, ' ');
- if (p != NULL)
- {
- p = index(++p, ' ');
- if (p != NULL)
- {
- p = index(++p, ' ');
- if (p != NULL)
- {
- p = index(++p, ' ');
- if (p != NULL) dn = p;
- }
- }
- }
- }
-
- if (dn != NULL)
- {
- temp = apr_psprintf(r->pool, "You are %s
\n", dn);
- out = apr_pstrcat(r->pool, out, temp, NULL);
-
- if (r->notes != NULL)
- permstr = (char *) apr_table_get(r->notes, "GRST_PERM");
-
- if ((permstr != NULL) &&
- (conf->adminuri != NULL) &&
- (conf->adminuri[0] != '\0') &&
- (conf->adminfile != NULL) &&
- (conf->adminfile[0] != '\0'))
- {
- sscanf(permstr, "%d", &perm);
-
- if (!isdirectory &&
- GRSTgaclPermHasWrite(perm) &&
- (strncmp(file, GRST_HIST_PREFIX,
- sizeof(GRST_HIST_PREFIX) - 1) != 0))
- {
- temp = apr_psprintf(r->pool,
- ""
- "Edit page .\n", conf->adminfile, file);
- out = apr_pstrcat(r->pool, out, temp, NULL);
- }
-
- if (GRSTgaclPermHasList(perm) || GRSTgaclPermHasWrite(perm))
- {
- temp = apr_psprintf(r->pool,
- "Manage directory .\n",
- dir_uri, conf->adminfile);
-
- out = apr_pstrcat(r->pool, out, temp, NULL);
- }
- }
- }
-
- if ((https != NULL) && (strcasecmp(https, "on") == 0))
- temp = apr_psprintf(r->pool,
- "Switch to HTTP \n",
- r->server->server_hostname, r->unparsed_uri);
- else temp = apr_psprintf(r->pool,
- "Switch to HTTPS \n",
- r->server->server_hostname, r->unparsed_uri);
-
- out = apr_pstrcat(r->pool, out, temp, NULL);
-
- if ((conf->helpuri != NULL) && (conf->helpuri[0] != '\0'))
- {
- temp = apr_psprintf(r->pool,
- ". Website Help\n", conf->helpuri);
- out = apr_pstrcat(r->pool, out, temp, NULL);
- }
-
- if ((!isdirectory) &&
- (conf->adminuri != NULL) &&
- (conf->adminuri[0] != '\0') &&
- (conf->adminfile != NULL) &&
- (conf->adminfile[0] != '\0'))
- {
- temp = apr_psprintf(r->pool, ". "
- "Print View\n", conf->adminfile, file);
- out = apr_pstrcat(r->pool, out, temp, NULL);
- }
-
- if (conf->gridsitelink)
- {
- temp = apr_psprintf(r->pool,
- ". Built with "
- "GridSite %s\n", VERSION);
- out = apr_pstrcat(r->pool, out, temp, NULL);
- }
-
- out = apr_pstrcat(r->pool, out, "\n\n", NULL);
-
- return out;
-}
-
-int html_format(request_rec *r, mod_gridsite_cfg *conf)
-/*
- try to do GridSite formatting of .html files (NOT .shtml etc)
-*/
-{
- int i, fd, errstatus;
- char *buf, *p, *file, *s, *head_formatted, *header_formatted,
- *body_formatted, *admin_formatted, *footer_formatted;
- size_t length;
- struct stat statbuf;
- apr_file_t *fp;
-
- if (r->finfo.filetype == APR_NOFILE) return HTTP_NOT_FOUND;
-
- if (apr_file_open(&fp, r->filename, APR_READ, 0, r->pool) != 0)
- return HTTP_INTERNAL_SERVER_ERROR;
-
- file = rindex(r->uri, '/');
- if (file != NULL) ++file; /* file points to name without path */
-
- buf = apr_palloc(r->pool, (size_t)(r->finfo.size + 1));
- length = r->finfo.size;
- apr_file_read(fp, buf, &length);
- buf[r->finfo.size] = '\0';
- apr_file_close(fp);
-
- /* **** try to find a header file in this or parent directories **** */
-
- /* first make a buffer big enough to hold path names we want to try */
- fd = -1;
- s = malloc(strlen(r->filename) + strlen(conf->headfile) + 1);
- strcpy(s, r->filename);
-
- for (;;)
- {
- p = rindex(s, '/');
- if (p == NULL) break; /* failed to find one */
- p[1] = '\0';
- strcat(p, conf->headfile);
-
- fd = open(s, O_RDONLY);
- if (fd != -1) break; /* found one */
-
- *p = '\0';
- }
-
- free(s);
-
- if (fd == -1) /* not found, so set up not to output one */
- {
- head_formatted = apr_pstrdup(r->pool, "");
- header_formatted = apr_pstrdup(r->pool, "");
- body_formatted = buf;
- }
- else /* found a header file, so set up head and body to surround it */
- {
- fstat(fd, &statbuf);
- header_formatted = apr_palloc(r->pool, statbuf.st_size + 1);
- read(fd, header_formatted, statbuf.st_size);
- header_formatted[statbuf.st_size] = '\0';
- close(fd);
-
- p = strstr(buf, "
| [Parent directory] | %R | %e %b %y | ", - &mtime_tm); - - if (S_ISDIR(statbuf.st_mode)) - temp = apr_psprintf(r->pool, - "
| " - "%s/ | " - "%ld | %s|
| " - "%s | " - "%ld | %s|
| [Parent directory] |
", @p;
-}
-
-sub defaultcss {
- print $OutFH <$rest
";
- $indentlevel=0;
- $within_tp=0;
- }
- elsif(($keyword =~ /^B$/i) || ($keyword =~ /^BI$/i)) {
- # Make B and BI the same for simplicity
- $rest =~ s/\"//g; # cut off quotes
- $rest =~ s//>/g;
- push @p, "$rest ";
- }
- elsif($keyword =~ /^I$/i) {
- $rest =~ s/\"//g; # cut off quotes
- $rest =~ s//>/g;
- push @p, "$rest ";
- }
- elsif($keyword =~ /^RS$/i) {
- # the start of another indent-level. for inlined tables
- # within an "IP"
- showp(@p);
- @p="";
- $indentlevel++;
- }
- elsif($keyword =~ /^RE$/i) {
- # end of the RS section
- showp(@p);
- @p="";
- $indentlevel--;
- }
- elsif($keyword =~ /^NF$/i) {
- # We let nf start a section
- showp(@p);
- @p="";
- push @out, "
\n";
- $pre=1
- }
- elsif($keyword =~ /^TP$/i) {
- # Used within an "RS" section to make a new line. The first
- # TP as a column indicator, but we decide to do that
- # controlling in the CSS instead.
- $within_tp=1;
- showp(@p);
- @p="";
- }
- elsif($keyword =~ /^IP$/i) {
- # start of a new paragraph coming up
- showp(@p);
- @p="";
-
- my $name= text2name($rest);
- $anchor{$name}=1;
-
- $rest =~ s/\"//g; # cut off quotes
- $rest =~ s//>/g;
-
- $indentlevel-- if ($indentlevel);
- push @p, "$rest ";
- # make this a single-line title
- showp(@p);
- @p="";
- $indentlevel++;
- $within_tp=0;
- }
- elsif($keyword =~ /^ad$/i) {
- showp(@p);
- @p="";
- }
- elsif($keyword =~ /^sp$/i) {
- showp(@p);
- @p="";
- }
- elsif($keyword =~ /^lp$/i) {
- # marks end of a paragraph
- showp(@p);
- @p="";
- }
- elsif($keyword =~ /^pp$/i) {
- # PP ends a TP section, but some TP sections don't use it
- $within_tp=0;
- }
- elsif($keyword =~ /^so$/i) {
- # This keyword refers to a different man page, named in the
- # $rest.
- # We don't support this
- push @out, "See the $rest man page.\n";
- }
- elsif($keyword =~ /^BR$/i) {
- # I'm not sure what this does exactly, but this is commonly
- # used to include pointers to other man pages. Let's assume
- # it only does that for now.
- # blabla (3)
- # or "blabla (3)"
- # or strcmp "(3), " strcasecmp "(3)"
- # etc
-
- $rest =~ s/\"//g; # cut off quotes
- my @all = split /,/, $rest;
- for(@all) {
- if(/([^ ]*) *\((\d+)\)/) {
- # TODO: this looks like a man page, check if there's a
- # HTML file for it and if so make a link to it
- }
-
- push @p, "$_ ";
- }
- }
- else {
- showp(@p);
- print $debugFH "ALERT: unknown keyword \"$keyword\"\n";
- }
- }
- else {
- # text line, decode \-stuff
- my $txt = $in;
-
- $txt =~ s//>/g;
- $txt =~ s/\\&//g; # cut off \&
- $txt =~ s/\\fI//g;
- $txt =~ s/\\fB//g;
- $txt =~ s/\\fP/<\/span>/g;
- $txt =~ s/\\//g;
-
- if($txt =~ /^[ \t\r\n]*$/) {
- # no contents, marks end of a paragraph
- showp(@p);
- @p="";
- }
- else {
- $txt =~ s/^ /\ \;/g;
- push @p, "$txt ";
- }
- $out ="";
- }
-
- if($out) {
- push @out, $out;
- # print $debugFH "DEBUG OUT: $out\n";
- }
- else {
- # print $debugFH "DEBUG OUT: [withheld]\n";
- }
- }
- showp(@p);
-}
-
-parsefile();
-
-my @conv = linkfile();
-
-my $title=sprintf("%s man page",
- $manpage{'name'}?$manpage{'name'}:"secret");
-
-if($standalone) {
- print $OutFH <