From 45ee8e14d76c05acddcfcd32b96ce3603523d39a Mon Sep 17 00:00:00 2001 From: =?utf8?q?Michal=20Voc=C5=AF?= Date: Wed, 25 Jan 2012 12:46:52 +0000 Subject: [PATCH] support kerberos gssapi impl (no explicit credentials) --- org.glite.lb.logger/src/interlogd.c | 16 +++++++++++++--- org.glite.lb.logger/src/logd.c | 1 - 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/org.glite.lb.logger/src/interlogd.c b/org.glite.lb.logger/src/interlogd.c index 24a64b4..4c23286 100644 --- a/org.glite.lb.logger/src/interlogd.c +++ b/org.glite.lb.logger/src/interlogd.c @@ -511,6 +511,10 @@ main (int argc, char **argv) /* get credentials */ if (CAcert_dir) setenv("X509_CERT_DIR", CAcert_dir, 1); + if(edg_wll_gss_initialize()) { + glite_common_log(LOG_CATEGORY_CONTROL, LOG_PRIORITY_FATAL, "Failed to initialize GSS."); + exit(EXIT_FAILURE); + } edg_wll_gss_watch_creds(cert_file,&cert_mtime); cred_handle = malloc(sizeof(*cred_handle)); if(cred_handle == NULL) { @@ -525,13 +529,19 @@ main (int argc, char **argv) if (ret == EDG_WLL_GSS_ERROR_GSS) edg_wll_gss_get_error(&gss_stat, "edg_wll_gss_acquire_cred_gsi()", &gss_err); - glite_common_log(LOG_CATEGORY_SECURITY, LOG_PRIORITY_FATAL, "Failed to load GSI credential: %s, exiting.", + glite_common_log(LOG_CATEGORY_SECURITY, LOG_PRIORITY_FATAL, "Failed to load GSI credential: %s", (gss_err) ? gss_err : "edg_wll_gss_acquire_cred_gsi() failed"); if (gss_err) free(gss_err); - exit(EXIT_FAILURE); + if(gss_stat.minor_status != 0) { + exit(EXIT_FAILURE); + } else { + glite_common_log(LOG_CATEGORY_SECURITY, LOG_PRIORITY_WARN, "Continuing unauthenticated (yet)."); + } + } + if(cred_handle && cred_handle->creds) { + glite_common_log(LOG_CATEGORY_SECURITY, LOG_PRIORITY_INFO, "Using certificate %s", cred_handle->creds->name); } - glite_common_log(LOG_CATEGORY_SECURITY, LOG_PRIORITY_INFO, "Using certificate %s", cred_handle->creds->name); /* parse config, initialize plugins */ glite_common_log(LOG_CATEGORY_CONTROL, LOG_PRIORITY_INFO, "Initializing plugins:\n"); diff --git a/org.glite.lb.logger/src/logd.c b/org.glite.lb.logger/src/logd.c index b24b22d..bb2c7da 100644 --- a/org.glite.lb.logger/src/logd.c +++ b/org.glite.lb.logger/src/logd.c @@ -455,7 +455,6 @@ This is LocalLogger, part of Workload Management System in EU DataGrid & EGEE.\n } } - edg_wll_gss_initialize(); edg_wll_gss_watch_creds(cert_file,&cert_mtime); /* XXX DK: support noAuth */ ret = edg_wll_gss_acquire_cred_gsi(cert_file, key_file, &cred, &gss_stat); -- 1.8.2.3