From 7ff10764fb8f6fdb3f8898423e59b45a5f9166d8 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zden=C4=9Bk=20=C5=A0ustr?= Date: Wed, 16 May 2012 09:21:34 +0000 Subject: [PATCH] Prevent owner conditions in notif registrations if the only authorization category is READ_ANONYMIZED - prevents extracting foreign identities from the server one by one --- org.glite.lb.server/src/notification.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/org.glite.lb.server/src/notification.c b/org.glite.lb.server/src/notification.c index d832289..7229817 100644 --- a/org.glite.lb.server/src/notification.c +++ b/org.glite.lb.server/src/notification.c @@ -38,6 +38,7 @@ limitations under the License. #include "get_events.h" #include "server_stats.h" #include "lb_authz.h" +#include "authz_policy.h" typedef struct { @@ -71,7 +72,7 @@ int edg_wll_NotifNewServer( const edg_wll_NotifId nid, time_t *valid) { - int i; + int i,j; char *q = NULL, *nid_s = NULL, *time_s = NULL, @@ -85,6 +86,8 @@ int edg_wll_NotifNewServer( notif_stream_t *arg = NULL; int npref, okpref; char *msgpref; + struct _edg_wll_GssPrincipal_data princ; + memset(&princ, 0, sizeof princ); /* Format notification ID @@ -131,6 +134,21 @@ int edg_wll_NotifNewServer( goto cleanup; } + /* Check permissions + */ + princ.name = ctx->peerName; + princ.fqans = ctx->fqans; + if (!ctx->noAuth && check_authz_policy(&ctx->authz_policy, &princ, READ_ANONYMIZED)) + for (i=0; conditions && conditions[i]; i++) + for (j=0; conditions[i][j].attr; j++) + if (conditions[i][j].attr == EDG_WLL_QUERY_ATTR_OWNER && + !edg_wll_gss_equal_subj(conditions[i][j].value.c, ctx->peerName) && + !check_authz_policy(&ctx->authz_policy, &princ, ADMIN_ACCESS) && + !check_authz_policy(&ctx->authz_policy, &princ, READ_ALL)) { + edg_wll_SetError(ctx, EPERM, "Forbidden subject. You are only authorized to register for anonymized notifications."); + goto cleanup; + } + /* Format the address */ if ( address_override ) -- 1.8.2.3