From 798c4c0f89132499c69585e22d5edb2411c1f2ec Mon Sep 17 00:00:00 2001
From: =?utf8?q?Daniel=20Kou=C5=99il?= <kouril@ics.muni.cz>
Date: Thu, 11 Nov 2004 13:46:36 +0000
Subject: [PATCH] Temporarily set the enviroment to point to the server
 credentials before re-importing the GSS context.

---
 org.glite.lb.server/src/bkserverd.c | 19 +++++++-------
 org.glite.lb.server/src/lb_authz.c  | 51 +++++++++++++++++++++++++++++++------
 org.glite.lb.server/src/lb_authz.h  |  2 +-
 3 files changed, 54 insertions(+), 18 deletions(-)

diff --git a/org.glite.lb.server/src/bkserverd.c b/org.glite.lb.server/src/bkserverd.c
index 65f334f..9cf281a 100644
--- a/org.glite.lb.server/src/bkserverd.c
+++ b/org.glite.lb.server/src/bkserverd.c
@@ -112,7 +112,9 @@ static time_t			notif_duration = 60*60*24*7;
 
 static gss_cred_id_t	mycred = GSS_C_NO_CREDENTIAL;
 char				   *cadir = NULL,
-					   *vomsdir = NULL;
+					   *vomsdir = NULL,
+					*server_key = NULL,
+					*server_cert = NULL;
 
 
 static struct option opts[] = {
@@ -250,8 +252,7 @@ int main(int argc, char *argv[])
 	int					opt;
 	char				pidfile[PATH_MAX] = EDG_BKSERVERD_PIDFILE,
 					   *port,
-					   *name,
-					   *cert, *key;
+					   *name;
 #ifdef GLITE_LB_SERVER_WITH_WS
 	char			   *ws_port;
 #endif	/* GLITE_LB_SERVER_WITH_WS */
@@ -271,7 +272,7 @@ int main(int argc, char *argv[])
 #ifdef GLITE_LB_SERVER_WITH_WS
 	asprintf(&ws_port, "%d", GLITE_WMSC_JOBID_DEFAULT_PORT+2);
 #endif 	/* GLITE_LB_SERVER_WITH_WS */
-	cert = key = cadir = vomsdir = NULL;
+	server_cert = server_key = cadir = vomsdir = NULL;
 
 /* no magic here: 1 month, 3 and 7 days */
 	purge_timeout[EDG_WLL_PURGE_JOBSTAT_OTHER] = 60*60*24*31;	
@@ -296,8 +297,8 @@ int main(int argc, char *argv[])
 
 	while ((opt = getopt_long(argc,argv,get_opt_string,opts,NULL)) != EOF) switch (opt) {
 		case 'a': fake_host = strdup(optarg); break;
-		case 'c': cert = optarg; break;
-		case 'k': key = optarg; break;
+		case 'c': server_cert = optarg; break;
+		case 'k': server_key = optarg; break;
 		case 'C': cadir = optarg; break;
 		case 'V': vomsdir = optarg; break;
 		case 'p': free(port); port = strdup(optarg); break;
@@ -475,12 +476,12 @@ a.sin_addr.s_addr = INADDR_ANY;
 
 #endif	/* GLITE_LB_SERVER_WITH_WS */
 
-	if (!cert || !key)
+	if (!server_cert || !server_key)
 		fprintf(stderr, "%s: key or certificate file not specified"
 						" - unable to watch them for changes!\n", argv[0]);
 
 	if ( cadir ) setenv("X509_CERT_DIR", cadir, 1);
-	if ( !edg_wll_gss_acquire_cred_gsi(cert, key, &mycred, &mysubj, &gss_code) )
+	if ( !edg_wll_gss_acquire_cred_gsi(server_cert, server_key, &mycred, &mysubj, &gss_code) )
 	{
 		int	i;
 
@@ -808,7 +809,7 @@ int bk_handle_connection(int conn, struct timeval client_start, void *data)
 	if ( token.value )
 		gss_release_buffer(&min_stat, &token);
 
-	edg_wll_SetVomsGroups(ctx, &ctx->connPool[ctx->connToUse].gss, vomsdir, cadir);
+	edg_wll_SetVomsGroups(ctx, &ctx->connPool[ctx->connToUse].gss, server_cert, server_key, vomsdir, cadir);
 	if (debug && ctx->vomsGroups.len > 0)
 	{
 		int i;
diff --git a/org.glite.lb.server/src/lb_authz.c b/org.glite.lb.server/src/lb_authz.c
index 5641224..15b22ba 100644
--- a/org.glite.lb.server/src/lb_authz.c
+++ b/org.glite.lb.server/src/lb_authz.c
@@ -74,7 +74,7 @@ get_groups(edg_wll_Context ctx, struct vomsdata *voms_info,
 }
 
 static int
-get_peer_cred(edg_wll_GssConnection *gss, STACK_OF(X509) **chain, X509 **cert)
+get_peer_cred(edg_wll_GssConnection *gss, char *server_cert, char *server_key, STACK_OF(X509) **chain, X509 **cert)
 {
    OM_uint32 maj_stat, min_stat;
    gss_buffer_desc buffer = GSS_C_EMPTY_BUFFER;
@@ -91,11 +91,44 @@ get_peer_cred(edg_wll_GssConnection *gss, STACK_OF(X509) **chain, X509 **cert)
    if (GSS_ERROR(maj_stat))
       return -1; /* XXX */
 
-   /* The GSSAPI specs requires gss_export_sec_context() to destroy the context
-    * after exporting. So we have to resurrect the context here by importing
-    * from just generated buffer. I'm eagerly waiting for adaptations in the
-    * VOMS API to avoid these hacks */
-   maj_stat = gss_import_sec_context(&min_stat, &buffer, &gss->context);
+   {
+      /* The GSSAPI specs requires gss_export_sec_context() to destroy the
+       * context after exporting. So we have to resurrect the context here by
+       * importing from just generated buffer. gss_import_sec_context() must be
+       * able to read valid credential before it loads the exported context
+       * so we set the environment temporarily to point to the ones used by
+       * the server.
+       *
+       * I'm eagerly waiting for adaptations in the VOMS API to avoid these
+       * hacks */
+
+      char *orig_cert = NULL, *orig_key = NULL;
+
+      orig_cert = getenv("X509_USER_CERT");
+      orig_key = getenv("X509_USER_KEY");
+
+      if (server_cert)
+	 setenv("X509_USER_CERT", server_cert, 1);
+      if (server_key)
+	 setenv("X509_USER_KEY", server_key, 1);
+   
+      maj_stat = gss_import_sec_context(&min_stat, &buffer, &gss->context);
+
+      if (orig_cert)
+	 setenv("X509_USER_CERT", orig_cert, 1);
+      else
+	 unsetenv("X509_USER_CERT");
+
+      if (orig_key) 
+	 setenv("X509_USER_KEY", orig_key, 1);
+      else 
+	 unsetenv("X509_USER_KEY");
+
+      if (GSS_ERROR(maj_stat)) {
+	  ret = -1;
+	  goto end;
+      }
+   }
 
    bio = BIO_new(BIO_s_mem());
    if (bio == NULL) {
@@ -154,7 +187,7 @@ end:
 }
 
 int
-edg_wll_SetVomsGroups(edg_wll_Context ctx, edg_wll_GssConnection *gss, char *voms_dir, char *ca_dir)
+edg_wll_SetVomsGroups(edg_wll_Context ctx, edg_wll_GssConnection *gss, char *server_cert, char *server_key, char *voms_dir, char *ca_dir)
 {
    STACK_OF(X509) *p_chain = NULL;
    X509 *cert = NULL;
@@ -166,7 +199,7 @@ edg_wll_SetVomsGroups(edg_wll_Context ctx, edg_wll_GssConnection *gss, char *vom
    memset (&ctx->vomsGroups, 0, sizeof(ctx->vomsGroups));
    edg_wll_ResetError(ctx);
 
-   ret = get_peer_cred(gss, &p_chain, &cert);
+   ret = get_peer_cred(gss, server_cert, server_key, &p_chain, &cert);
    if (ret) {
       ret = 0;
       goto end;
@@ -292,8 +325,10 @@ parse_creds(edg_wll_VomsGroups *groups, char *subject, GRSTgaclUser **gacl_user)
 fail:
    if (cred)
       /* XXX GRSTgaclCredFree(cred); */
+      ;
    if (user)
       /* XXX GRSTgaclUserFree(user); */
+      ;
 
    return ret;
 }
diff --git a/org.glite.lb.server/src/lb_authz.h b/org.glite.lb.server/src/lb_authz.h
index 0aa659a..6c37a62 100644
--- a/org.glite.lb.server/src/lb_authz.h
+++ b/org.glite.lb.server/src/lb_authz.h
@@ -48,7 +48,7 @@ edg_wll_GetACL(edg_wll_Context, edg_wlc_JobId, edg_wll_Acl *);
 #endif /* NO_GACL */
 
 extern int
-edg_wll_SetVomsGroups(edg_wll_Context, edg_wll_GssConnection *, char *, char *);
+edg_wll_SetVomsGroups(edg_wll_Context, edg_wll_GssConnection *, char *, char *, char *, char *);
 
 extern void
 edg_wll_FreeVomsGroups(edg_wll_VomsGroups *);
-- 
1.8.2.3