From 86d3ffc3bdd9328ff407da4399a093344002eb1e Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Wed, 3 Aug 2005 12:44:07 +0000 Subject: [PATCH] This commit was manufactured by cvs2svn to create tag 'merge_shallow_after'. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Sprout from master 2005-08-03 12:44:06 UTC Aleš Křenek 'Merged the SHALLOW branch' Cherrypick from master 2005-01-20 12:26:12 UTC Jiří Škrábal '- module for LB Proxy server': org.glite.lb.proxy/build.xml Delete: org.glite.deployment.lb/.cvsignore org.glite.deployment.lb/CHANGELOG org.glite.deployment.lb/LICENSE org.glite.deployment.lb/build.xml org.glite.deployment.lb/config/scripts/glite-lb-config.py org.glite.deployment.lb/config/scripts/remove_all_rpms.sh org.glite.deployment.lb/config/templates/glite-lb.cfg.xml org.glite.deployment.lb/doc/release_notes/release_notes.doc org.glite.deployment.lb/doc/release_notes/release_notes.html org.glite.deployment.lb/doc/release_notes/release_notes.pdf org.glite.deployment.lb/project/.cvsignore org.glite.deployment.lb/project/build.number org.glite.deployment.lb/project/build.properties org.glite.deployment.lb/project/glite-lb.sdf.xml.template org.glite.deployment.lb/project/lxscript-rpm.xsl org.glite.deployment.lb/project/lxscript-tgz.xsl org.glite.deployment.lb/project/properties.xml org.glite.deployment.lb/project/quattor-template.xsl org.glite.deployment.lb/project/version.properties org.glite.jp.client/.cvsignore org.glite.jp.client/Makefile org.glite.jp.client/build.xml org.glite.jp.client/project/build.number org.glite.jp.client/project/build.properties org.glite.jp.client/project/configure.properties.xml org.glite.jp.client/project/properties.xml org.glite.jp.client/project/tar_exclude org.glite.jp.client/project/version.properties org.glite.jp.client/src/authz.c org.glite.jp.client/src/authz.h org.glite.jp.client/src/backend.h org.glite.jp.client/src/bones_server.c org.glite.jp.client/src/builtin_plugins.h org.glite.jp.client/src/db.h org.glite.jp.client/src/feed.c org.glite.jp.client/src/feed.h org.glite.jp.client/src/file_plugin.c org.glite.jp.client/src/ftp_backend.c org.glite.jp.client/src/is_client.c org.glite.jp.client/src/jpimporter.c org.glite.jp.client/src/jptype_map.h org.glite.jp.client/src/mysql.c org.glite.jp.client/src/new_ftp_backend.c org.glite.jp.client/src/simple_server.c org.glite.jp.client/src/soap_ops.c org.glite.jp.client/src/tags.c org.glite.jp.client/src/tags.h org.glite.jp.client/src/tags_plugin.c org.glite.jp.client/src/typemap.dat org.glite.jp.common/.cvsignore org.glite.jp.common/Makefile org.glite.jp.common/build.xml org.glite.jp.common/interface/context.h org.glite.jp.common/interface/strmd5.h org.glite.jp.common/interface/types.h org.glite.jp.common/project/build.number org.glite.jp.common/project/build.properties org.glite.jp.common/project/configure.properties.xml org.glite.jp.common/project/properties.xml org.glite.jp.common/project/tar_exclude org.glite.jp.common/project/version.properties org.glite.jp.common/src/attr.c org.glite.jp.common/src/context.c org.glite.jp.common/src/strmd5.c org.glite.jp.index/.cvsignore org.glite.jp.index/Makefile org.glite.jp.index/build.xml org.glite.jp.index/project/JobProvenanceIS.wsdl org.glite.jp.index/project/build.number org.glite.jp.index/project/build.properties org.glite.jp.index/project/configure.properties.xml org.glite.jp.index/project/properties.xml org.glite.jp.index/project/tar_exclude org.glite.jp.index/project/version.properties org.glite.jp.index/src/simple_server.c org.glite.jp.index/src/soap_ops.c org.glite.jp.index/src/typemap.dat org.glite.jp.primary/.cvsignore org.glite.jp.primary/Makefile org.glite.jp.primary/build.xml org.glite.jp.primary/config/glite-jp-primary-dbsetup.sql org.glite.jp.primary/examples/README.test org.glite.jp.primary/examples/jpps-test.c org.glite.jp.primary/interface/file_plugin.h org.glite.jp.primary/project/build.number org.glite.jp.primary/project/build.properties org.glite.jp.primary/project/configure.properties.xml org.glite.jp.primary/project/properties.xml org.glite.jp.primary/project/tar_exclude org.glite.jp.primary/project/version.properties org.glite.jp.primary/src/authz.c org.glite.jp.primary/src/authz.h org.glite.jp.primary/src/backend.h org.glite.jp.primary/src/bones_server.c org.glite.jp.primary/src/builtin_plugins.h org.glite.jp.primary/src/db.h org.glite.jp.primary/src/feed.c org.glite.jp.primary/src/feed.h org.glite.jp.primary/src/file_plugin.c org.glite.jp.primary/src/ftp_backend.c org.glite.jp.primary/src/is_client.c org.glite.jp.primary/src/is_client.h org.glite.jp.primary/src/jptype_map.h org.glite.jp.primary/src/mysql.c org.glite.jp.primary/src/new_ftp_backend.c org.glite.jp.primary/src/simple_server.c org.glite.jp.primary/src/soap_ops.c org.glite.jp.primary/src/tags.c org.glite.jp.primary/src/tags.h org.glite.jp.primary/src/tags_plugin.c org.glite.jp.primary/src/typemap.dat org.glite.jp.ws-interface/.cvsignore org.glite.jp.ws-interface/LICENSE org.glite.jp.ws-interface/Makefile org.glite.jp.ws-interface/build.xml org.glite.jp.ws-interface/interface/JobProvenanceIS.wsdl org.glite.jp.ws-interface/project/build.number org.glite.jp.ws-interface/project/build.properties org.glite.jp.ws-interface/project/configure.properties.xml org.glite.jp.ws-interface/project/glite-jp-ws-interface.spec org.glite.jp.ws-interface/project/properties.xml org.glite.jp.ws-interface/project/tar_exclude org.glite.jp.ws-interface/project/version.properties org.glite.jp.ws-interface/src/JobProvenancePS.xml org.glite.jp.ws-interface/src/JobProvenanceTypes.xml org.glite.jp.ws-interface/src/doc.xml org.glite.jp.ws-interface/src/puke-ug.xsl org.glite.jp.ws-interface/src/puke-wsdl.xsl org.glite.jp/.cvsignore org.glite.jp/build.xml org.glite.jp/project/build.number org.glite.jp/project/build.properties org.glite.jp/project/dependencies.properties org.glite.jp/project/glite.jp.csf.xml org.glite.jp/project/properties.xml org.glite.jp/project/run-workspace org.glite.jp/project/taskdefs.xml org.glite.jp/project/version.properties org.glite.lb.proxy/doc/README org.glite.security.gsoap-plugin/LICENSE org.glite.security.gsoap-plugin/Makefile org.glite.security.gsoap-plugin/build.xml org.glite.security.gsoap-plugin/examples/calc.h.S org.glite.security.gsoap-plugin/examples/wscalc_clt_ex.c org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c org.glite.security.gsoap-plugin/interface/glite_gsplugin.h org.glite.security.gsoap-plugin/interface/glite_gss.h org.glite.security.gsoap-plugin/project/build.number org.glite.security.gsoap-plugin/project/build.properties org.glite.security.gsoap-plugin/project/configure.properties.xml org.glite.security.gsoap-plugin/project/properties.xml org.glite.security.gsoap-plugin/project/tar_exclude org.glite.security.gsoap-plugin/project/version.properties org.glite.security.gsoap-plugin/src/glite_gsplugin.c org.glite.security.gsoap-plugin/src/glite_gss.c org.glite.security.gsoap-plugin/test/test_gss.cpp org.glite.security.proxyrenewal/.cvsignore org.glite.security.proxyrenewal/LICENSE org.glite.security.proxyrenewal/Makefile org.glite.security.proxyrenewal/build.xml org.glite.security.proxyrenewal/config/startup org.glite.security.proxyrenewal/interface/renewal.h org.glite.security.proxyrenewal/project/build.number org.glite.security.proxyrenewal/project/build.properties org.glite.security.proxyrenewal/project/configure.properties.xml org.glite.security.proxyrenewal/project/properties.xml org.glite.security.proxyrenewal/project/tar_exclude org.glite.security.proxyrenewal/project/taskdefs.xml org.glite.security.proxyrenewal/project/version.properties org.glite.security.proxyrenewal/src/acstack.h org.glite.security.proxyrenewal/src/api.c org.glite.security.proxyrenewal/src/client.c org.glite.security.proxyrenewal/src/commands.c org.glite.security.proxyrenewal/src/common.c org.glite.security.proxyrenewal/src/newformat.h org.glite.security.proxyrenewal/src/renew.c org.glite.security.proxyrenewal/src/renewal_locl.h org.glite.security.proxyrenewal/src/renewd.c org.glite.security.proxyrenewal/src/renewd_locl.h org.glite.security.proxyrenewal/src/voms.c org.glite.wms-utils.exception/.cvsignore org.glite.wms-utils.exception/LICENSE org.glite.wms-utils.exception/Makefile.am org.glite.wms-utils.exception/bootstrap org.glite.wms-utils.exception/build.xml org.glite.wms-utils.exception/configure.ac org.glite.wms-utils.exception/interface/Makefile.am org.glite.wms-utils.exception/interface/glite/wmsutils/exception/Exception.h org.glite.wms-utils.exception/interface/glite/wmsutils/exception/exception_codes.h org.glite.wms-utils.exception/project/build.number org.glite.wms-utils.exception/project/build.properties org.glite.wms-utils.exception/project/configure.properties.xml org.glite.wms-utils.exception/project/properties.xml org.glite.wms-utils.exception/project/version.properties org.glite.wms-utils.exception/src/Exception.cpp org.glite.wms-utils.exception/src/Makefile.am org.glite.wms-utils.exception/test/Makefile.am org.glite.wms-utils.exception/test/exception_cu_main.cpp org.glite.wms-utils.exception/test/exception_cu_suite.cpp org.glite.wms-utils.exception/test/exception_cu_suite.h org.glite.wms-utils.jobid/.cvsignore org.glite.wms-utils.jobid/LICENSE org.glite.wms-utils.jobid/Makefile.am org.glite.wms-utils.jobid/bootstrap org.glite.wms-utils.jobid/build.xml org.glite.wms-utils.jobid/configure.ac org.glite.wms-utils.jobid/examples/Makefile.am org.glite.wms-utils.jobid/examples/testjobid.c org.glite.wms-utils.jobid/interface/Makefile.am org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobId.h org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobIdExceptions.h org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/cjobid.h org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/manipulation.h org.glite.wms-utils.jobid/project/build.number org.glite.wms-utils.jobid/project/build.properties org.glite.wms-utils.jobid/project/configure.properties.xml org.glite.wms-utils.jobid/project/properties.xml org.glite.wms-utils.jobid/project/version.properties org.glite.wms-utils.jobid/src/Makefile.am org.glite.wms-utils.jobid/src/jobid/JobId.cpp org.glite.wms-utils.jobid/src/jobid/JobIdExceptions.cpp org.glite.wms-utils.jobid/src/jobid/Makefile.am org.glite.wms-utils.jobid/src/jobid/cjobid.c org.glite.wms-utils.jobid/src/jobid/manipulation.cpp org.glite.wms-utils.jobid/src/jobid/strmd5.c org.glite.wms-utils.jobid/src/jobid/strmd5.h org.glite.wms-utils.jobid/test/Makefile.am org.glite.wms-utils.jobid/test/jobid_cu_main.cpp org.glite.wms-utils.jobid/test/jobid_cu_suite.cpp org.glite.wms-utils.jobid/test/jobid_cu_suite.h org.glite.wms-utils.jobid/test/manipulation_cu_main.cpp org.glite.wms-utils.jobid/test/manipulation_cu_suite.cpp org.glite.wms-utils.jobid/test/manipulation_cu_suite.h org.gridsite.core/.cvsignore org.gridsite.core/CHANGES org.gridsite.core/INSTALL org.gridsite.core/LICENSE org.gridsite.core/README org.gridsite.core/VERSION org.gridsite.core/build.xml org.gridsite.core/doc/README.htcp-bin org.gridsite.core/doc/admin.html org.gridsite.core/doc/build-apache2.sh org.gridsite.core/doc/config.html org.gridsite.core/doc/findproxyfile.1 org.gridsite.core/doc/gacl.html org.gridsite.core/doc/gsexec.8 org.gridsite.core/doc/htcp.1 org.gridsite.core/doc/htll.1 org.gridsite.core/doc/htls.1 org.gridsite.core/doc/htmkdir.1 org.gridsite.core/doc/htrm.1 org.gridsite.core/doc/httpd-fileserver.conf org.gridsite.core/doc/httpd-webserver.conf org.gridsite.core/doc/index.html org.gridsite.core/doc/install.html org.gridsite.core/doc/library.html org.gridsite.core/doc/module.html org.gridsite.core/doc/urlencode.1 org.gridsite.core/doc/user.html org.gridsite.core/interface/gridsite-gacl.h org.gridsite.core/interface/gridsite.h org.gridsite.core/project/build.number org.gridsite.core/project/build.properties org.gridsite.core/project/configure.properties.xml org.gridsite.core/project/dependencies.properties org.gridsite.core/project/gridsite.core.csf.xml org.gridsite.core/project/properties.xml org.gridsite.core/project/taskdefs.xml org.gridsite.core/project/version.properties org.gridsite.core/src/Doxyfile org.gridsite.core/src/Makefile org.gridsite.core/src/delegation.h org.gridsite.core/src/doxygen.css org.gridsite.core/src/doxyheader.html org.gridsite.core/src/findproxyfile.c org.gridsite.core/src/gaclexample.c org.gridsite.core/src/gridsite.spec org.gridsite.core/src/grst-delegation.c org.gridsite.core/src/grst_admin.h org.gridsite.core/src/grst_admin_file.c org.gridsite.core/src/grst_admin_gacl.c org.gridsite.core/src/grst_admin_main.c org.gridsite.core/src/grst_asn1.c org.gridsite.core/src/grst_gacl.c org.gridsite.core/src/grst_http.c org.gridsite.core/src/grst_x509.c org.gridsite.core/src/grst_xacml.c org.gridsite.core/src/gsexec.c org.gridsite.core/src/gsexec.h org.gridsite.core/src/htcp org.gridsite.core/src/htcp.c org.gridsite.core/src/htproxyput.c org.gridsite.core/src/mod_gridsite.c org.gridsite.core/src/mod_ssl-private.h org.gridsite.core/src/proxyput-example.c org.gridsite.core/src/roffit org.gridsite.core/src/showx509exts.c org.gridsite.core/src/urlencode.c org.gridsite.core/src/xacmlexample.c --- org.glite.deployment.lb/.cvsignore | 1 - org.glite.deployment.lb/CHANGELOG | 26 - org.glite.deployment.lb/LICENSE | 69 - org.glite.deployment.lb/build.xml | 110 - .../config/scripts/glite-lb-config.py | 480 ---- .../config/scripts/remove_all_rpms.sh | 49 - .../config/templates/glite-lb.cfg.xml | 134 - .../doc/release_notes/release_notes.doc | Bin 267264 -> 0 bytes .../doc/release_notes/release_notes.html | 2732 -------------------- .../doc/release_notes/release_notes.pdf | Bin 217944 -> 0 bytes org.glite.deployment.lb/project/.cvsignore | 1 - org.glite.deployment.lb/project/build.number | 2 - org.glite.deployment.lb/project/build.properties | 0 .../project/glite-lb.sdf.xml.template | 131 - org.glite.deployment.lb/project/lxscript-rpm.xsl | 334 --- org.glite.deployment.lb/project/lxscript-tgz.xsl | 62 - org.glite.deployment.lb/project/properties.xml | 63 - .../project/quattor-template.xsl | 53 - org.glite.deployment.lb/project/version.properties | 4 - org.glite.jp.client/.cvsignore | 1 - org.glite.jp.client/Makefile | 135 - org.glite.jp.client/build.xml | 86 - org.glite.jp.client/project/build.number | 1 - org.glite.jp.client/project/build.properties | 0 .../project/configure.properties.xml | 43 - org.glite.jp.client/project/properties.xml | 44 - org.glite.jp.client/project/tar_exclude | 10 - org.glite.jp.client/project/version.properties | 2 - org.glite.jp.client/src/authz.c | 76 - org.glite.jp.client/src/authz.h | 18 - org.glite.jp.client/src/backend.h | 116 - org.glite.jp.client/src/bones_server.c | 327 --- org.glite.jp.client/src/builtin_plugins.h | 7 - org.glite.jp.client/src/db.h | 83 - org.glite.jp.client/src/feed.c | 327 --- org.glite.jp.client/src/feed.h | 21 - org.glite.jp.client/src/file_plugin.c | 115 - org.glite.jp.client/src/ftp_backend.c | 1744 ------------- org.glite.jp.client/src/is_client.c | 38 - org.glite.jp.client/src/jpimporter.c | 243 -- org.glite.jp.client/src/jptype_map.h | 18 - org.glite.jp.client/src/mysql.c | 265 -- org.glite.jp.client/src/new_ftp_backend.c | 1790 ------------- org.glite.jp.client/src/simple_server.c | 59 - org.glite.jp.client/src/soap_ops.c | 465 ---- org.glite.jp.client/src/tags.c | 233 -- org.glite.jp.client/src/tags.h | 1 - org.glite.jp.client/src/tags_plugin.c | 148 -- org.glite.jp.client/src/typemap.dat | 3 - org.glite.jp.common/.cvsignore | 1 - org.glite.jp.common/Makefile | 85 - org.glite.jp.common/build.xml | 97 - org.glite.jp.common/interface/context.h | 17 - org.glite.jp.common/interface/strmd5.h | 28 - org.glite.jp.common/interface/types.h | 101 - org.glite.jp.common/project/build.number | 1 - org.glite.jp.common/project/build.properties | 0 .../project/configure.properties.xml | 52 - org.glite.jp.common/project/properties.xml | 52 - org.glite.jp.common/project/tar_exclude | 10 - org.glite.jp.common/project/version.properties | 2 - org.glite.jp.common/src/attr.c | 119 - org.glite.jp.common/src/context.c | 164 -- org.glite.jp.common/src/strmd5.c | 115 - org.glite.jp.index/.cvsignore | 1 - org.glite.jp.index/Makefile | 129 - org.glite.jp.index/build.xml | 98 - org.glite.jp.index/project/JobProvenanceIS.wsdl | 531 ---- org.glite.jp.index/project/build.number | 1 - org.glite.jp.index/project/build.properties | 0 .../project/configure.properties.xml | 53 - org.glite.jp.index/project/properties.xml | 52 - org.glite.jp.index/project/tar_exclude | 10 - org.glite.jp.index/project/version.properties | 2 - org.glite.jp.index/src/simple_server.c | 39 - org.glite.jp.index/src/soap_ops.c | 81 - org.glite.jp.index/src/typemap.dat | 2 - org.glite.jp.primary/.cvsignore | 1 - org.glite.jp.primary/Makefile | 186 -- org.glite.jp.primary/build.xml | 102 - .../config/glite-jp-primary-dbsetup.sql | 46 - org.glite.jp.primary/examples/README.test | 40 - org.glite.jp.primary/examples/jpps-test.c | 245 -- org.glite.jp.primary/interface/file_plugin.h | 72 - org.glite.jp.primary/project/build.number | 1 - org.glite.jp.primary/project/build.properties | 0 .../project/configure.properties.xml | 58 - org.glite.jp.primary/project/properties.xml | 51 - org.glite.jp.primary/project/tar_exclude | 10 - org.glite.jp.primary/project/version.properties | 2 - org.glite.jp.primary/src/authz.c | 77 - org.glite.jp.primary/src/authz.h | 18 - org.glite.jp.primary/src/backend.h | 116 - org.glite.jp.primary/src/bones_server.c | 333 --- org.glite.jp.primary/src/builtin_plugins.h | 7 - org.glite.jp.primary/src/db.h | 83 - org.glite.jp.primary/src/feed.c | 346 --- org.glite.jp.primary/src/feed.h | 21 - org.glite.jp.primary/src/file_plugin.c | 115 - org.glite.jp.primary/src/ftp_backend.c | 1744 ------------- org.glite.jp.primary/src/is_client.c | 39 - org.glite.jp.primary/src/is_client.h | 1 - org.glite.jp.primary/src/jptype_map.h | 34 - org.glite.jp.primary/src/mysql.c | 265 -- org.glite.jp.primary/src/new_ftp_backend.c | 1794 ------------- org.glite.jp.primary/src/simple_server.c | 59 - org.glite.jp.primary/src/soap_ops.c | 454 ---- org.glite.jp.primary/src/tags.c | 233 -- org.glite.jp.primary/src/tags.h | 1 - org.glite.jp.primary/src/tags_plugin.c | 149 -- org.glite.jp.primary/src/typemap.dat | 3 - org.glite.jp.ws-interface/.cvsignore | 2 - org.glite.jp.ws-interface/LICENSE | 69 - org.glite.jp.ws-interface/Makefile | 61 - org.glite.jp.ws-interface/build.xml | 120 - .../interface/JobProvenanceIS.wsdl | 110 - org.glite.jp.ws-interface/project/build.number | 1 - org.glite.jp.ws-interface/project/build.properties | 0 .../project/configure.properties.xml | 54 - .../project/glite-jp-ws-interface.spec | 42 - org.glite.jp.ws-interface/project/properties.xml | 73 - org.glite.jp.ws-interface/project/tar_exclude | 0 .../project/version.properties | 2 - org.glite.jp.ws-interface/src/JobProvenancePS.xml | 104 - .../src/JobProvenanceTypes.xml | 56 - org.glite.jp.ws-interface/src/doc.xml | 2 - org.glite.jp.ws-interface/src/puke-ug.xsl | 156 -- org.glite.jp.ws-interface/src/puke-wsdl.xsl | 272 -- org.glite.jp/.cvsignore | 1 - org.glite.jp/build.xml | 268 -- org.glite.jp/project/build.number | 1 - org.glite.jp/project/build.properties | 0 org.glite.jp/project/dependencies.properties | 12 - org.glite.jp/project/glite.jp.csf.xml | 271 -- org.glite.jp/project/properties.xml | 47 - org.glite.jp/project/run-workspace | 10 - org.glite.jp/project/taskdefs.xml | 24 - org.glite.jp/project/version.properties | 2 - org.glite.lb.proxy/build.xml | 1 - org.glite.lb.proxy/doc/README | 68 - org.glite.security.gsoap-plugin/LICENSE | 69 - org.glite.security.gsoap-plugin/Makefile | 221 -- org.glite.security.gsoap-plugin/build.xml | 105 - org.glite.security.gsoap-plugin/examples/calc.h.S | 13 - .../examples/wscalc_clt_ex.c | 47 - .../examples/wscalc_srv_ex.c | 102 - .../examples/wscalc_srv_ex2.c | 130 - .../interface/glite_gsplugin.h | 37 - .../interface/glite_gss.h | 117 - .../project/build.number | 1 - .../project/build.properties | 0 .../project/configure.properties.xml | 50 - .../project/properties.xml | 55 - .../project/tar_exclude | 10 - .../project/version.properties | 3 - .../src/glite_gsplugin.c | 414 --- org.glite.security.gsoap-plugin/src/glite_gss.c | 998 ------- org.glite.security.gsoap-plugin/test/test_gss.cpp | 198 -- org.glite.security.proxyrenewal/.cvsignore | 1 - org.glite.security.proxyrenewal/LICENSE | 69 - org.glite.security.proxyrenewal/Makefile | 141 - org.glite.security.proxyrenewal/build.xml | 124 - org.glite.security.proxyrenewal/config/startup | 80 - .../interface/renewal.h | 146 -- .../project/build.number | 1 - .../project/build.properties | 0 .../project/configure.properties.xml | 60 - .../project/properties.xml | 62 - .../project/tar_exclude | 10 - .../project/taskdefs.xml | 4 - .../project/version.properties | 2 - org.glite.security.proxyrenewal/src/acstack.h | 79 - org.glite.security.proxyrenewal/src/api.c | 485 ---- org.glite.security.proxyrenewal/src/client.c | 117 - org.glite.security.proxyrenewal/src/commands.c | 1256 --------- org.glite.security.proxyrenewal/src/common.c | 323 --- org.glite.security.proxyrenewal/src/newformat.h | 195 -- org.glite.security.proxyrenewal/src/renew.c | 404 --- org.glite.security.proxyrenewal/src/renewal_locl.h | 143 - org.glite.security.proxyrenewal/src/renewd.c | 656 ----- org.glite.security.proxyrenewal/src/renewd_locl.h | 80 - org.glite.security.proxyrenewal/src/voms.c | 318 --- org.glite.wms-utils.exception/.cvsignore | 1 - org.glite.wms-utils.exception/LICENSE | 69 - org.glite.wms-utils.exception/Makefile.am | 67 - org.glite.wms-utils.exception/bootstrap | 9 - org.glite.wms-utils.exception/build.xml | 104 - org.glite.wms-utils.exception/configure.ac | 115 - .../interface/Makefile.am | 14 - .../interface/glite/wmsutils/exception/Exception.h | 138 - .../glite/wmsutils/exception/exception_codes.h | 41 - org.glite.wms-utils.exception/project/build.number | 1 - .../project/build.properties | 0 .../project/configure.properties.xml | 9 - .../project/properties.xml | 83 - .../project/version.properties | 2 - org.glite.wms-utils.exception/src/Exception.cpp | 118 - org.glite.wms-utils.exception/src/Makefile.am | 17 - org.glite.wms-utils.exception/test/Makefile.am | 33 - .../test/exception_cu_main.cpp | 33 - .../test/exception_cu_suite.cpp | 56 - .../test/exception_cu_suite.h | 29 - org.glite.wms-utils.jobid/.cvsignore | 2 - org.glite.wms-utils.jobid/LICENSE | 69 - org.glite.wms-utils.jobid/Makefile.am | 69 - org.glite.wms-utils.jobid/bootstrap | 9 - org.glite.wms-utils.jobid/build.xml | 104 - org.glite.wms-utils.jobid/configure.ac | 128 - org.glite.wms-utils.jobid/examples/Makefile.am | 28 - org.glite.wms-utils.jobid/examples/testjobid.c | 33 - org.glite.wms-utils.jobid/interface/Makefile.am | 16 - .../interface/glite/wmsutils/jobid/JobId.h | 136 - .../glite/wmsutils/jobid/JobIdExceptions.h | 80 - .../interface/glite/wmsutils/jobid/cjobid.h | 109 - .../interface/glite/wmsutils/jobid/manipulation.h | 24 - org.glite.wms-utils.jobid/project/build.number | 1 - org.glite.wms-utils.jobid/project/build.properties | 0 .../project/configure.properties.xml | 9 - org.glite.wms-utils.jobid/project/properties.xml | 86 - .../project/version.properties | 2 - org.glite.wms-utils.jobid/src/Makefile.am | 12 - org.glite.wms-utils.jobid/src/jobid/JobId.cpp | 183 -- .../src/jobid/JobIdExceptions.cpp | 58 - org.glite.wms-utils.jobid/src/jobid/Makefile.am | 30 - org.glite.wms-utils.jobid/src/jobid/cjobid.c | 258 -- .../src/jobid/manipulation.cpp | 180 -- org.glite.wms-utils.jobid/src/jobid/strmd5.c | 118 - org.glite.wms-utils.jobid/src/jobid/strmd5.h | 28 - org.glite.wms-utils.jobid/test/Makefile.am | 48 - org.glite.wms-utils.jobid/test/jobid_cu_main.cpp | 33 - org.glite.wms-utils.jobid/test/jobid_cu_suite.cpp | 102 - org.glite.wms-utils.jobid/test/jobid_cu_suite.h | 34 - .../test/manipulation_cu_main.cpp | 33 - .../test/manipulation_cu_suite.cpp | 34 - .../test/manipulation_cu_suite.h | 29 - org.gridsite.core/.cvsignore | 1 - org.gridsite.core/CHANGES | 210 -- org.gridsite.core/INSTALL | 39 - org.gridsite.core/LICENSE | 47 - org.gridsite.core/README | 3 - org.gridsite.core/VERSION | 4 - org.gridsite.core/build.xml | 274 -- org.gridsite.core/doc/README.htcp-bin | 13 - org.gridsite.core/doc/admin.html | 103 - org.gridsite.core/doc/build-apache2.sh | 79 - org.gridsite.core/doc/config.html | 196 -- org.gridsite.core/doc/findproxyfile.1 | 63 - org.gridsite.core/doc/gacl.html | 84 - org.gridsite.core/doc/gsexec.8 | 56 - org.gridsite.core/doc/htcp.1 | 147 -- org.gridsite.core/doc/htll.1 | 1 - org.gridsite.core/doc/htls.1 | 1 - org.gridsite.core/doc/htmkdir.1 | 1 - org.gridsite.core/doc/htrm.1 | 1 - org.gridsite.core/doc/httpd-fileserver.conf | 148 -- org.gridsite.core/doc/httpd-webserver.conf | 220 -- org.gridsite.core/doc/index.html | 92 - org.gridsite.core/doc/install.html | 158 -- org.gridsite.core/doc/library.html | 1 - org.gridsite.core/doc/module.html | 350 --- org.gridsite.core/doc/urlencode.1 | 46 - org.gridsite.core/doc/user.html | 302 --- org.gridsite.core/interface/gridsite-gacl.h | 188 -- org.gridsite.core/interface/gridsite.h | 287 -- org.gridsite.core/project/build.number | 2 - org.gridsite.core/project/build.properties | 0 org.gridsite.core/project/configure.properties.xml | 9 - org.gridsite.core/project/dependencies.properties | 9 - org.gridsite.core/project/gridsite.core.csf.xml | 221 -- org.gridsite.core/project/properties.xml | 53 - org.gridsite.core/project/taskdefs.xml | 31 - org.gridsite.core/project/version.properties | 2 - org.gridsite.core/src/Doxyfile | 993 ------- org.gridsite.core/src/Makefile | 363 --- org.gridsite.core/src/delegation.h | 12 - org.gridsite.core/src/doxygen.css | 49 - org.gridsite.core/src/doxyheader.html | 1 - org.gridsite.core/src/findproxyfile.c | 122 - org.gridsite.core/src/gaclexample.c | 147 -- org.gridsite.core/src/gridsite.spec | 101 - org.gridsite.core/src/grst-delegation.c | 297 --- org.gridsite.core/src/grst_admin.h | 57 - org.gridsite.core/src/grst_admin_file.c | 1571 ----------- org.gridsite.core/src/grst_admin_gacl.c | 980 ------- org.gridsite.core/src/grst_admin_main.c | 378 --- org.gridsite.core/src/grst_asn1.c | 506 ---- org.gridsite.core/src/grst_gacl.c | 1170 --------- org.gridsite.core/src/grst_http.c | 407 --- org.gridsite.core/src/grst_x509.c | 1491 ----------- org.gridsite.core/src/grst_xacml.c | 577 ----- org.gridsite.core/src/gsexec.c | 1056 -------- org.gridsite.core/src/gsexec.h | 126 - org.gridsite.core/src/htcp | Bin 22680 -> 0 bytes org.gridsite.core/src/htcp.c | 1237 --------- org.gridsite.core/src/htproxyput.c | 565 ---- org.gridsite.core/src/mod_gridsite.c | 2544 ------------------ org.gridsite.core/src/mod_ssl-private.h | 106 - org.gridsite.core/src/proxyput-example.c | 131 - org.gridsite.core/src/roffit | 370 --- org.gridsite.core/src/showx509exts.c | 117 - org.gridsite.core/src/urlencode.c | 73 - org.gridsite.core/src/xacmlexample.c | 148 -- 302 files changed, 50535 deletions(-) delete mode 100644 org.glite.deployment.lb/.cvsignore delete mode 100644 org.glite.deployment.lb/CHANGELOG delete mode 100644 org.glite.deployment.lb/LICENSE delete mode 100644 org.glite.deployment.lb/build.xml delete mode 100644 org.glite.deployment.lb/config/scripts/glite-lb-config.py delete mode 100755 org.glite.deployment.lb/config/scripts/remove_all_rpms.sh delete mode 100644 org.glite.deployment.lb/config/templates/glite-lb.cfg.xml delete mode 100644 org.glite.deployment.lb/doc/release_notes/release_notes.doc delete mode 100644 org.glite.deployment.lb/doc/release_notes/release_notes.html delete mode 100644 org.glite.deployment.lb/doc/release_notes/release_notes.pdf delete mode 100644 org.glite.deployment.lb/project/.cvsignore delete mode 100644 org.glite.deployment.lb/project/build.number delete mode 100644 org.glite.deployment.lb/project/build.properties delete mode 100644 org.glite.deployment.lb/project/glite-lb.sdf.xml.template delete mode 100644 org.glite.deployment.lb/project/lxscript-rpm.xsl delete mode 100644 org.glite.deployment.lb/project/lxscript-tgz.xsl delete mode 100644 org.glite.deployment.lb/project/properties.xml delete mode 100644 org.glite.deployment.lb/project/quattor-template.xsl delete mode 100644 org.glite.deployment.lb/project/version.properties delete mode 100644 org.glite.jp.client/.cvsignore delete mode 100644 org.glite.jp.client/Makefile delete mode 100755 org.glite.jp.client/build.xml delete mode 100644 org.glite.jp.client/project/build.number delete mode 100644 org.glite.jp.client/project/build.properties delete mode 100644 org.glite.jp.client/project/configure.properties.xml delete mode 100755 org.glite.jp.client/project/properties.xml delete mode 100644 org.glite.jp.client/project/tar_exclude delete mode 100644 org.glite.jp.client/project/version.properties delete mode 100644 org.glite.jp.client/src/authz.c delete mode 100644 org.glite.jp.client/src/authz.h delete mode 100644 org.glite.jp.client/src/backend.h delete mode 100644 org.glite.jp.client/src/bones_server.c delete mode 100644 org.glite.jp.client/src/builtin_plugins.h delete mode 100644 org.glite.jp.client/src/db.h delete mode 100644 org.glite.jp.client/src/feed.c delete mode 100644 org.glite.jp.client/src/feed.h delete mode 100644 org.glite.jp.client/src/file_plugin.c delete mode 100644 org.glite.jp.client/src/ftp_backend.c delete mode 100644 org.glite.jp.client/src/is_client.c delete mode 100644 org.glite.jp.client/src/jpimporter.c delete mode 100644 org.glite.jp.client/src/jptype_map.h delete mode 100644 org.glite.jp.client/src/mysql.c delete mode 100644 org.glite.jp.client/src/new_ftp_backend.c delete mode 100644 org.glite.jp.client/src/simple_server.c delete mode 100644 org.glite.jp.client/src/soap_ops.c delete mode 100644 org.glite.jp.client/src/tags.c delete mode 100644 org.glite.jp.client/src/tags.h delete mode 100644 org.glite.jp.client/src/tags_plugin.c delete mode 100644 org.glite.jp.client/src/typemap.dat delete mode 100644 org.glite.jp.common/.cvsignore delete mode 100644 org.glite.jp.common/Makefile delete mode 100755 org.glite.jp.common/build.xml delete mode 100644 org.glite.jp.common/interface/context.h delete mode 100755 org.glite.jp.common/interface/strmd5.h delete mode 100644 org.glite.jp.common/interface/types.h delete mode 100644 org.glite.jp.common/project/build.number delete mode 100644 org.glite.jp.common/project/build.properties delete mode 100644 org.glite.jp.common/project/configure.properties.xml delete mode 100755 org.glite.jp.common/project/properties.xml delete mode 100644 org.glite.jp.common/project/tar_exclude delete mode 100644 org.glite.jp.common/project/version.properties delete mode 100644 org.glite.jp.common/src/attr.c delete mode 100644 org.glite.jp.common/src/context.c delete mode 100755 org.glite.jp.common/src/strmd5.c delete mode 100644 org.glite.jp.index/.cvsignore delete mode 100644 org.glite.jp.index/Makefile delete mode 100755 org.glite.jp.index/build.xml delete mode 100644 org.glite.jp.index/project/JobProvenanceIS.wsdl delete mode 100644 org.glite.jp.index/project/build.number delete mode 100644 org.glite.jp.index/project/build.properties delete mode 100644 org.glite.jp.index/project/configure.properties.xml delete mode 100755 org.glite.jp.index/project/properties.xml delete mode 100644 org.glite.jp.index/project/tar_exclude delete mode 100644 org.glite.jp.index/project/version.properties delete mode 100644 org.glite.jp.index/src/simple_server.c delete mode 100644 org.glite.jp.index/src/soap_ops.c delete mode 100644 org.glite.jp.index/src/typemap.dat delete mode 100644 org.glite.jp.primary/.cvsignore delete mode 100644 org.glite.jp.primary/Makefile delete mode 100755 org.glite.jp.primary/build.xml delete mode 100644 org.glite.jp.primary/config/glite-jp-primary-dbsetup.sql delete mode 100644 org.glite.jp.primary/examples/README.test delete mode 100644 org.glite.jp.primary/examples/jpps-test.c delete mode 100644 org.glite.jp.primary/interface/file_plugin.h delete mode 100644 org.glite.jp.primary/project/build.number delete mode 100644 org.glite.jp.primary/project/build.properties delete mode 100644 org.glite.jp.primary/project/configure.properties.xml delete mode 100755 org.glite.jp.primary/project/properties.xml delete mode 100644 org.glite.jp.primary/project/tar_exclude delete mode 100644 org.glite.jp.primary/project/version.properties delete mode 100644 org.glite.jp.primary/src/authz.c delete mode 100644 org.glite.jp.primary/src/authz.h delete mode 100644 org.glite.jp.primary/src/backend.h delete mode 100644 org.glite.jp.primary/src/bones_server.c delete mode 100644 org.glite.jp.primary/src/builtin_plugins.h delete mode 100644 org.glite.jp.primary/src/db.h delete mode 100644 org.glite.jp.primary/src/feed.c delete mode 100644 org.glite.jp.primary/src/feed.h delete mode 100644 org.glite.jp.primary/src/file_plugin.c delete mode 100644 org.glite.jp.primary/src/ftp_backend.c delete mode 100644 org.glite.jp.primary/src/is_client.c delete mode 100644 org.glite.jp.primary/src/is_client.h delete mode 100644 org.glite.jp.primary/src/jptype_map.h delete mode 100644 org.glite.jp.primary/src/mysql.c delete mode 100644 org.glite.jp.primary/src/new_ftp_backend.c delete mode 100644 org.glite.jp.primary/src/simple_server.c delete mode 100644 org.glite.jp.primary/src/soap_ops.c delete mode 100644 org.glite.jp.primary/src/tags.c delete mode 100644 org.glite.jp.primary/src/tags.h delete mode 100644 org.glite.jp.primary/src/tags_plugin.c delete mode 100644 org.glite.jp.primary/src/typemap.dat delete mode 100755 org.glite.jp.ws-interface/.cvsignore delete mode 100755 org.glite.jp.ws-interface/LICENSE delete mode 100644 org.glite.jp.ws-interface/Makefile delete mode 100644 org.glite.jp.ws-interface/build.xml delete mode 100644 org.glite.jp.ws-interface/interface/JobProvenanceIS.wsdl delete mode 100644 org.glite.jp.ws-interface/project/build.number delete mode 100755 org.glite.jp.ws-interface/project/build.properties delete mode 100644 org.glite.jp.ws-interface/project/configure.properties.xml delete mode 100644 org.glite.jp.ws-interface/project/glite-jp-ws-interface.spec delete mode 100644 org.glite.jp.ws-interface/project/properties.xml delete mode 100644 org.glite.jp.ws-interface/project/tar_exclude delete mode 100755 org.glite.jp.ws-interface/project/version.properties delete mode 100644 org.glite.jp.ws-interface/src/JobProvenancePS.xml delete mode 100644 org.glite.jp.ws-interface/src/JobProvenanceTypes.xml delete mode 100644 org.glite.jp.ws-interface/src/doc.xml delete mode 100644 org.glite.jp.ws-interface/src/puke-ug.xsl delete mode 100644 org.glite.jp.ws-interface/src/puke-wsdl.xsl delete mode 100644 org.glite.jp/.cvsignore delete mode 100644 org.glite.jp/build.xml delete mode 100644 org.glite.jp/project/build.number delete mode 100644 org.glite.jp/project/build.properties delete mode 100644 org.glite.jp/project/dependencies.properties delete mode 100644 org.glite.jp/project/glite.jp.csf.xml delete mode 100755 org.glite.jp/project/properties.xml delete mode 100644 org.glite.jp/project/run-workspace delete mode 100755 org.glite.jp/project/taskdefs.xml delete mode 100644 org.glite.jp/project/version.properties delete mode 100644 org.glite.lb.proxy/doc/README delete mode 100644 org.glite.security.gsoap-plugin/LICENSE delete mode 100644 org.glite.security.gsoap-plugin/Makefile delete mode 100755 org.glite.security.gsoap-plugin/build.xml delete mode 100644 org.glite.security.gsoap-plugin/examples/calc.h.S delete mode 100644 org.glite.security.gsoap-plugin/examples/wscalc_clt_ex.c delete mode 100644 org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c delete mode 100644 org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c delete mode 100644 org.glite.security.gsoap-plugin/interface/glite_gsplugin.h delete mode 100644 org.glite.security.gsoap-plugin/interface/glite_gss.h delete mode 100644 org.glite.security.gsoap-plugin/project/build.number delete mode 100644 org.glite.security.gsoap-plugin/project/build.properties delete mode 100644 org.glite.security.gsoap-plugin/project/configure.properties.xml delete mode 100755 org.glite.security.gsoap-plugin/project/properties.xml delete mode 100644 org.glite.security.gsoap-plugin/project/tar_exclude delete mode 100644 org.glite.security.gsoap-plugin/project/version.properties delete mode 100644 org.glite.security.gsoap-plugin/src/glite_gsplugin.c delete mode 100644 org.glite.security.gsoap-plugin/src/glite_gss.c delete mode 100644 org.glite.security.gsoap-plugin/test/test_gss.cpp delete mode 100644 org.glite.security.proxyrenewal/.cvsignore delete mode 100644 org.glite.security.proxyrenewal/LICENSE delete mode 100644 org.glite.security.proxyrenewal/Makefile delete mode 100755 org.glite.security.proxyrenewal/build.xml delete mode 100755 org.glite.security.proxyrenewal/config/startup delete mode 100644 org.glite.security.proxyrenewal/interface/renewal.h delete mode 100644 org.glite.security.proxyrenewal/project/build.number delete mode 100644 org.glite.security.proxyrenewal/project/build.properties delete mode 100644 org.glite.security.proxyrenewal/project/configure.properties.xml delete mode 100755 org.glite.security.proxyrenewal/project/properties.xml delete mode 100644 org.glite.security.proxyrenewal/project/tar_exclude delete mode 100755 org.glite.security.proxyrenewal/project/taskdefs.xml delete mode 100644 org.glite.security.proxyrenewal/project/version.properties delete mode 100755 org.glite.security.proxyrenewal/src/acstack.h delete mode 100644 org.glite.security.proxyrenewal/src/api.c delete mode 100644 org.glite.security.proxyrenewal/src/client.c delete mode 100644 org.glite.security.proxyrenewal/src/commands.c delete mode 100644 org.glite.security.proxyrenewal/src/common.c delete mode 100755 org.glite.security.proxyrenewal/src/newformat.h delete mode 100644 org.glite.security.proxyrenewal/src/renew.c delete mode 100644 org.glite.security.proxyrenewal/src/renewal_locl.h delete mode 100644 org.glite.security.proxyrenewal/src/renewd.c delete mode 100644 org.glite.security.proxyrenewal/src/renewd_locl.h delete mode 100644 org.glite.security.proxyrenewal/src/voms.c delete mode 100644 org.glite.wms-utils.exception/.cvsignore delete mode 100755 org.glite.wms-utils.exception/LICENSE delete mode 100755 org.glite.wms-utils.exception/Makefile.am delete mode 100755 org.glite.wms-utils.exception/bootstrap delete mode 100755 org.glite.wms-utils.exception/build.xml delete mode 100755 org.glite.wms-utils.exception/configure.ac delete mode 100755 org.glite.wms-utils.exception/interface/Makefile.am delete mode 100644 org.glite.wms-utils.exception/interface/glite/wmsutils/exception/Exception.h delete mode 100755 org.glite.wms-utils.exception/interface/glite/wmsutils/exception/exception_codes.h delete mode 100644 org.glite.wms-utils.exception/project/build.number delete mode 100755 org.glite.wms-utils.exception/project/build.properties delete mode 100644 org.glite.wms-utils.exception/project/configure.properties.xml delete mode 100755 org.glite.wms-utils.exception/project/properties.xml delete mode 100755 org.glite.wms-utils.exception/project/version.properties delete mode 100644 org.glite.wms-utils.exception/src/Exception.cpp delete mode 100755 org.glite.wms-utils.exception/src/Makefile.am delete mode 100755 org.glite.wms-utils.exception/test/Makefile.am delete mode 100644 org.glite.wms-utils.exception/test/exception_cu_main.cpp delete mode 100644 org.glite.wms-utils.exception/test/exception_cu_suite.cpp delete mode 100644 org.glite.wms-utils.exception/test/exception_cu_suite.h delete mode 100755 org.glite.wms-utils.jobid/.cvsignore delete mode 100755 org.glite.wms-utils.jobid/LICENSE delete mode 100755 org.glite.wms-utils.jobid/Makefile.am delete mode 100755 org.glite.wms-utils.jobid/bootstrap delete mode 100755 org.glite.wms-utils.jobid/build.xml delete mode 100755 org.glite.wms-utils.jobid/configure.ac delete mode 100755 org.glite.wms-utils.jobid/examples/Makefile.am delete mode 100755 org.glite.wms-utils.jobid/examples/testjobid.c delete mode 100755 org.glite.wms-utils.jobid/interface/Makefile.am delete mode 100755 org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobId.h delete mode 100755 org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobIdExceptions.h delete mode 100755 org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/cjobid.h delete mode 100755 org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/manipulation.h delete mode 100644 org.glite.wms-utils.jobid/project/build.number delete mode 100755 org.glite.wms-utils.jobid/project/build.properties delete mode 100644 org.glite.wms-utils.jobid/project/configure.properties.xml delete mode 100755 org.glite.wms-utils.jobid/project/properties.xml delete mode 100755 org.glite.wms-utils.jobid/project/version.properties delete mode 100755 org.glite.wms-utils.jobid/src/Makefile.am delete mode 100755 org.glite.wms-utils.jobid/src/jobid/JobId.cpp delete mode 100755 org.glite.wms-utils.jobid/src/jobid/JobIdExceptions.cpp delete mode 100755 org.glite.wms-utils.jobid/src/jobid/Makefile.am delete mode 100755 org.glite.wms-utils.jobid/src/jobid/cjobid.c delete mode 100755 org.glite.wms-utils.jobid/src/jobid/manipulation.cpp delete mode 100755 org.glite.wms-utils.jobid/src/jobid/strmd5.c delete mode 100755 org.glite.wms-utils.jobid/src/jobid/strmd5.h delete mode 100755 org.glite.wms-utils.jobid/test/Makefile.am delete mode 100644 org.glite.wms-utils.jobid/test/jobid_cu_main.cpp delete mode 100644 org.glite.wms-utils.jobid/test/jobid_cu_suite.cpp delete mode 100644 org.glite.wms-utils.jobid/test/jobid_cu_suite.h delete mode 100644 org.glite.wms-utils.jobid/test/manipulation_cu_main.cpp delete mode 100644 org.glite.wms-utils.jobid/test/manipulation_cu_suite.cpp delete mode 100644 org.glite.wms-utils.jobid/test/manipulation_cu_suite.h delete mode 100644 org.gridsite.core/.cvsignore delete mode 100644 org.gridsite.core/CHANGES delete mode 100644 org.gridsite.core/INSTALL delete mode 100644 org.gridsite.core/LICENSE delete mode 100644 org.gridsite.core/README delete mode 100644 org.gridsite.core/VERSION delete mode 100644 org.gridsite.core/build.xml delete mode 100644 org.gridsite.core/doc/README.htcp-bin delete mode 100644 org.gridsite.core/doc/admin.html delete mode 100644 org.gridsite.core/doc/build-apache2.sh delete mode 100644 org.gridsite.core/doc/config.html delete mode 100644 org.gridsite.core/doc/findproxyfile.1 delete mode 100644 org.gridsite.core/doc/gacl.html delete mode 100644 org.gridsite.core/doc/gsexec.8 delete mode 100644 org.gridsite.core/doc/htcp.1 delete mode 100644 org.gridsite.core/doc/htll.1 delete mode 100644 org.gridsite.core/doc/htls.1 delete mode 100644 org.gridsite.core/doc/htmkdir.1 delete mode 100644 org.gridsite.core/doc/htrm.1 delete mode 100644 org.gridsite.core/doc/httpd-fileserver.conf delete mode 100644 org.gridsite.core/doc/httpd-webserver.conf delete mode 100644 org.gridsite.core/doc/index.html delete mode 100644 org.gridsite.core/doc/install.html delete mode 100644 org.gridsite.core/doc/library.html delete mode 100644 org.gridsite.core/doc/module.html delete mode 100644 org.gridsite.core/doc/urlencode.1 delete mode 100644 org.gridsite.core/doc/user.html delete mode 100644 org.gridsite.core/interface/gridsite-gacl.h delete mode 100644 org.gridsite.core/interface/gridsite.h delete mode 100644 org.gridsite.core/project/build.number delete mode 100644 org.gridsite.core/project/build.properties delete mode 100644 org.gridsite.core/project/configure.properties.xml delete mode 100644 org.gridsite.core/project/dependencies.properties delete mode 100644 org.gridsite.core/project/gridsite.core.csf.xml delete mode 100644 org.gridsite.core/project/properties.xml delete mode 100644 org.gridsite.core/project/taskdefs.xml delete mode 100644 org.gridsite.core/project/version.properties delete mode 100644 org.gridsite.core/src/Doxyfile delete mode 100644 org.gridsite.core/src/Makefile delete mode 100644 org.gridsite.core/src/delegation.h delete mode 100644 org.gridsite.core/src/doxygen.css delete mode 100644 org.gridsite.core/src/doxyheader.html delete mode 100644 org.gridsite.core/src/findproxyfile.c delete mode 100644 org.gridsite.core/src/gaclexample.c delete mode 100644 org.gridsite.core/src/gridsite.spec delete mode 100644 org.gridsite.core/src/grst-delegation.c delete mode 100644 org.gridsite.core/src/grst_admin.h delete mode 100644 org.gridsite.core/src/grst_admin_file.c delete mode 100644 org.gridsite.core/src/grst_admin_gacl.c delete mode 100644 org.gridsite.core/src/grst_admin_main.c delete mode 100644 org.gridsite.core/src/grst_asn1.c delete mode 100644 org.gridsite.core/src/grst_gacl.c delete mode 100644 org.gridsite.core/src/grst_http.c delete mode 100644 org.gridsite.core/src/grst_x509.c delete mode 100644 org.gridsite.core/src/grst_xacml.c delete mode 100644 org.gridsite.core/src/gsexec.c delete mode 100644 org.gridsite.core/src/gsexec.h delete mode 100644 org.gridsite.core/src/htcp delete mode 100644 org.gridsite.core/src/htcp.c delete mode 100644 org.gridsite.core/src/htproxyput.c delete mode 100644 org.gridsite.core/src/mod_gridsite.c delete mode 100644 org.gridsite.core/src/mod_ssl-private.h delete mode 100644 org.gridsite.core/src/proxyput-example.c delete mode 100755 org.gridsite.core/src/roffit delete mode 100644 org.gridsite.core/src/showx509exts.c delete mode 100644 org.gridsite.core/src/urlencode.c delete mode 100644 org.gridsite.core/src/xacmlexample.c diff --git a/org.glite.deployment.lb/.cvsignore b/org.glite.deployment.lb/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.deployment.lb/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.deployment.lb/CHANGELOG b/org.glite.deployment.lb/CHANGELOG deleted file mode 100644 index 9f1b376..0000000 --- a/org.glite.deployment.lb/CHANGELOG +++ /dev/null @@ -1,26 +0,0 @@ -DATE: 08-07-2005 15:20 -[dimeglio] Merged from branch 1.2.2 - -DATE: 25-05-2005 20:00 -[dimeglio] Merged from branch 1.2.2 - -DATE: 21-03-2005 17:21 -[dimeglio] Implemented status method - -DATE: 21-03-2005 00:32 -[dimeglio] Added PERL5LIB env var - -DATE: 17-03-2005 17:33 -[gdiez] Stopping and starting the database before the index creation (just after the database is created and the user granted) - -DATE: 09-03-2005 23:05 -[dimeglio] Moved creation of indices inside database creation (if database - exists indices are not recreated) - -DATE: 02-03-2005 11:05 -[dimeglio] Started CHANGELOG -[dimeglio] Fixed formatting, improved display of message using glib.printXxxMessage functions -[dimeglio] Fixed some problems when starting/stopping services -[dimeglio] GLITE_USER parameter not exposed anymore in config file, use same user parameters - as WMS to allow installation on same node -[dimeglio] Increased module version number to 1.2.0 \ No newline at end of file diff --git a/org.glite.deployment.lb/LICENSE b/org.glite.deployment.lb/LICENSE deleted file mode 100644 index 259a91f..0000000 --- a/org.glite.deployment.lb/LICENSE +++ /dev/null @@ -1,69 +0,0 @@ -LICENSE file for EGEE Middleware -================================ - -Copyright (c) 2004 on behalf of the EU EGEE Project: -The European Organization for Nuclear Research (CERN), -Istituto Nazionale di Fisica Nucleare (INFN), Italy -Datamat Spa, Italy -Centre National de la Recherche Scientifique (CNRS), France -CS Systeme d'Information (CSSI), France -Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -Universiteit van Amsterdam (UvA), Netherlands -University of Helsinki (UH.HIP), Finlan -University of Bergen (UiB), Norway -Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -1. Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright -notice, this list of conditions and the following disclaimer in the -documentation and/or other materials provided with the distribution. - -3. The end-user documentation included with the redistribution, if -any, must include the following acknowledgment: "This product includes -software developed by The EU EGEE Project (http://cern.ch/eu-egee/)." -Alternatively, this acknowledgment may appear in the software itself, if -and wherever such third-party acknowledgments normally appear. - -4. The names EGEE and the EU EGEE Project must not be -used to endorse or promote products derived from this software without -prior written permission. For written permission, please contact -. - -5. You are under no obligation whatsoever to provide anyone with any -bug fixes, patches, or upgrades to the features, functionality or -performance of the Software ("Enhancements") that you may develop over -time; however, if you choose to provide your Enhancements to The EU -EGEE Project, or if you choose to otherwise publish or distribute your -Enhancements, in source code form without contemporaneously requiring -end users of The EU EGEE Proejct to enter into a separate written license -agreement for such Enhancements, then you hereby grant The EU EGEE Project -a non-exclusive, royalty-free perpetual license to install, use, copy, -modify, prepare derivative works, incorporate into the EGEE Middleware -or any other computer software, distribute, and sublicense your -Enhancements or derivative works thereof, in binary and source code -form (if any), whether developed by The EU EGEE Project or third parties. - -THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL PROJECT OR ITS CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE -OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -This software consists of voluntary contributions made by many -individuals on behalf of the EU EGEE Prject. For more information on The -EU EGEE Project, please see http://cern.ch/eu-egee/. For more information on -EGEE Middleware, please see http://egee-jra1.web.cern.ch/egee-jra1/ - - diff --git a/org.glite.deployment.lb/build.xml b/org.glite.deployment.lb/build.xml deleted file mode 100644 index 874c661..0000000 --- a/org.glite.deployment.lb/build.xml +++ /dev/null @@ -1,110 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.deployment.lb/config/scripts/glite-lb-config.py b/org.glite.deployment.lb/config/scripts/glite-lb-config.py deleted file mode 100644 index f63be09..0000000 --- a/org.glite.deployment.lb/config/scripts/glite-lb-config.py +++ /dev/null @@ -1,480 +0,0 @@ -#!/usr/bin/env python -################################################################################ -# -# Copyright (c) Members of the EGEE Collaboration. 2004. -# See http://eu-egee.org/partners/ for details on the copyright holders. -# For license conditions see the license file or http://eu-egee.org/license.html -# -################################################################################ -# glite-lb-config v. 1.3.0 -# -# Post-installation script for configuring the gLite Logging and Bookkeping Server -# Robert Harakaly < robert.harakaly@cern.ch > -# Diana Bosio -# Leanne Guy -# -# Version info: $Id$ -# -# Usage: python glite-lb-config [-c|-v|-h|--help] -# -c print configuration -# -v print version -# -h,--help print usage info -# -# Return codes: 0 - Ok -# 1 - Configuration failed -# -################################################################################ - -import os,string,pwd -import sys, posix, getopt,time - -sys.path.append(".") -from gLiteInstallerLib import gLib -from gliteRgmaServicetool import gliteRgmaServicetool -import mysql as MySQL - -# Set global variables here -global params # all config values from the XML file -global rgmaServicetool - -class glite_lb: - - def __init__(self): - self.mysql = MySQL.Mysql() - self.verbose = 0 - self.version = "1.3.0" - self.name = "glite-lb" - self.friendly_name = "gLite Logging and Bookkeeping" - params['module.version'] = self.version - - #------------------------------------------------------------------------------- - # Banner - #------------------------------------------------------------------------------- - - def banner(self): - - print "\nxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" - print "Configuring the %s" % self.friendly_name - print "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" - - #------------------------------------------------------------------------------- - # Copyright - #------------------------------------------------------------------------------- - - def copyright(self): - - print '\nCopyright (c) Members of the EGEE Collaboration. 2004' - print 'See http://eu-egee.org/partners/ for details on the copyright holders' - print 'For license conditions see the license file or http://eu-egee.org/license.html' - - #------------------------------------------------------------------------------- - # Version - #------------------------------------------------------------------------------- - - def showVersion(self): - - print '\n%s-config v. %s\n' % (self.name,self.version) - - #------------------------------------------------------------------------------- - # Usage - #------------------------------------------------------------------------------- - - def usage(self,msg = ""): - - if msg: - print "\n%s" % (msg) - - self.copyright() - self.showVersion() - - print """Usage: \n -Edit the configuration file %s.cfg.xml in -%s/etc.config/templates\n -save it as %s/etc/config/%s.cfg.xml -and run the script as follows\n -python %s-config [OPTION...]""" % (self.name, os.environ['GLITE_LOCATION'], \ - os.environ['GLITE_LOCATION'], self.name, self.name) - - print ' -c, --checkconf print the service configuration' - print ' -v, --version print the version of the configuration script' - print ' -h, --help print this usage information' - print ' --start start the service' - print ' --stop stop the service' - print ' --status check service status' - print '\n' - - #------------------------------------------------------------------------------- - # All the configuration code goes here - #------------------------------------------------------------------------------- - - def start(self): - - self.mysql.start() - time.sleep(5) - - if not os.path.exists('/tmp/mysql.sock'): - os.symlink('/var/lib/mysql/mysql.sock', '/tmp/mysql.sock') - - pid = glib.getPID('bkserverd') - if pid != 0: - print 'The gLite LB Server service is already running. Restarting...' - os.system('%s/etc/init.d/glite-lb-bkserverd stop' % os.environ['GLITE_LOCATION']) - else: - print 'Starting the gLite LB Server service...' - - os.system('%s/etc/init.d/glite-lb-bkserverd start' % os.environ['GLITE_LOCATION']) - - pid = glib.getPID('bkserverd') - - if (pid != 0): - print "The gLite LB Server service has been started ", - glib.printOkMessage() - else: - glib.printErrorMessage("Could not start the gLite LB Server service") - glib.printErrorMessage("Please verify and re-run the script "), - glib.printFailedMessage() - return 1 - - #------------------------------------------------------------------- - # Start Servicetool - #------------------------------------------------------------------- - - pid = glib.getPID('rgma-servicetool') - if (pid != 0): - print 'The gLite R-GMA Servicetool service is already running. Restarting...' - rgmaServicetool.stop() - else: - print "Starting the gLite R-GMA Servicetool service" - - rgmaServicetool.start() - - - # Check that the daemon is running - - pid = glib.getPID('rgma-servicetool') - - if (pid != 0): - print "The gLite R-GMA Servicetool service has been started ", - glib.printOkMessage() - else: - glib.printErrorMessage("Could not start the gLite R-GMA Servicetool service") - glib.printErrorMessage("Please verify and re-run the script "), - glib.printFailedMessage() - return 1 - - return 0 - - def stop(self): - - pid = glib.getPID('bkserverd') - if (pid != 0): - os.system('%s/etc/init.d/glite-lb-bkserverd stop' % os.environ['GLITE_LOCATION']) - - pid = glib.getPID('bkserverd') - if (pid != 0): - print 'Could not stop the LB Server service ', - glib.printFailedMessage() - else: - print 'The LB Server service has been stopped ', - glib.printOkMessage() - - self.mysql.stop() - - #------------------------------------------------------------------- - # Stop the servicetool - #------------------------------------------------------------------- - - pid = glib.getPID('rgma-servicetool') - if (pid != 0): - rgmaServicetool.stop() - - pid = glib.getPID('rgma-servicetool') - if (pid != 0): - print 'Could not stop the R-GMA Servicetool service ', - glib.printFailedMessage() - else: - print 'The R-GMA Servicetool service has been stopped ', - glib.printOkMessage() - - return 0 - - def status(self): - - error_level = 0 - - retval = os.system('%s/etc/init.d/glite-lb-bkserverd status' % os.environ['GLITE_LOCATION']) - if retval != 0: - error_level = 1 - - return error_level - - def configure(self): - - #-------------------------------------------------------- - # Installs the Security Utilities - #-------------------------------------------------------- - - if os.system("python %s/glite-security-utils-config.py --subservice" % glib.getScriptPath()): - print "\nInstalling gLite Security Utilities ", - glib.printFailedMessage() - return 1 - - print "\nInstalling gLite Security Utilities ", - glib.printOkMessage() - - # Create the GLITE_USER if it doesn't exists - print "\nCreating/Verifying the GLITE_USER account %s" % os.environ['GLITE_USER'] - (uid,gid) = glib.get_user_info(os.environ['GLITE_USER']) - glib.check_dir(os.environ['GLITE_LOCATION_VAR'],0755, uid, gid) - lb_cert_path = pwd.getpwnam(os.environ['GLITE_USER'])[5] + "/" + params['user.certificate.path'] - glib.check_dir(lb_cert_path ,0755, uid, gid) - glib.printOkMessage() - - # Create all directories needed - print "\nVerify CA certificates directory ", - glib.check_dir(os.environ['GLITE_CERT_DIR']) - glib.printOkMessage() - - # Copy certificates - print "\nCopy host certificates to GLITE_USER home directory as service certificates", - os.system("cp %s %s %s/" % (params['host.certificate.file'], params['host.key.file'], lb_cert_path)) - os.chown("%s/hostcert.pem" % lb_cert_path, uid,gid) - os.chmod("%s/hostcert.pem" % lb_cert_path, 0644) - os.chown("%s/hostkey.pem" % lb_cert_path, uid,gid) - os.chmod("%s/hostkey.pem" % lb_cert_path, 0400) - glib.printOkMessage() - - # Create the MySQL database - print "\nCreate/Verify the %s database" % params['lb.database.name'] - self.mysql.stop() - time.sleep(5) - self.mysql.start() - - if not os.path.exists('/tmp/mysql.sock'): - os.symlink('/var/lib/mysql/mysql.sock', '/tmp/mysql.sock') - - # Check if database exists - if self.mysql.existsDB(params['lb.database.name']) != 0: - # Create database - print ('\n==> Creating MySQL %s database\n' % params['lb.database.name']) - - if os.path.exists('/bin/rm /tmp/mysql_ct'): - os.remove('/tmp/mysql_ct') - - file = open('/tmp/mysql_ct', 'w') - text = ['CREATE DATABASE %s;\n' % params['lb.database.name'], - 'GRANT ALL PRIVILEGES ON %s.* TO %s@localhost IDENTIFIED BY "";\n' \ - % (params['lb.database.name'],params['lb.database.username']), - 'USE %s;\n' % params['lb.database.name'], - '\. %s/etc/glite-lb-dbsetup.sql\n' % os.environ['GLITE_LOCATION']] - - file.writelines(text) - file.close() - os.system('/usr/bin/mysql < /tmp/mysql_ct') - os.system('/bin/rm /tmp/mysql_ct') - - #Starting and stopping the database before the index creation - self.mysql.stop() - time.sleep(5) - self.mysql.start() - - #Creating the indexes - print 'Creating the index configuration file %s/etc/glite-lb-index.conf ' % os.environ['GLITE_LOCATION'], - path = "%s/etc/glite-lb-index.conf" % os.environ['GLITE_LOCATION'] - pathBak = "%s/etc/glite-lb-index.conf.bak" % os.environ['GLITE_LOCATION'] - - if os.path.exists(pathBak): - os.remove(pathBak) - if os.path.exists(path): - os.rename(path,pathBak) - file = open(path, 'w') - file.write("[\n") - file.write(" JobIndices = {\n") - for index in params['lb.index.list']: - file.write(" [ type = \"system\"; name = \"%s\" ],\n" % index) - file.write(" }\n") - file.write("]\n") - file.close() - glib.printOkMessage() - - print "Running glite-lb-bkindex ", - if os.system('%s/bin/glite-lb-bkindex -r %s/etc/glite-lb-index.conf' % (os.environ['GLITE_LOCATION'],os.environ['GLITE_LOCATION'])): - glib.printFailedMessage() - return 1 - else: - glib.printOkMessage() - - else: - print "\n==> MySQL database %s already exist\n" % params['lb.database.name'] - - self.mysql.stop() - - #------------------------------------------------------------------- - # RGMA servicetool: configure servicetool - #------------------------------------------------------------------- - - print "Configuring the R-GMA Servicetool..." - - if rgmaServicetool.configure(glib): - # error in configuring services - print "Configuring the R-GMA Servicetool... ", - glib.printFailedMessage() - return 1 - - print "Configuring the R-GMA Servicetool... ", - glib.printOkMessage() - - return 0 - -#------------------------------------------------------------------------------- -# Set all environment variables -#------------------------------------------------------------------------------- - -def set_env(): - - # gLite - glib.export('GLITE_LOCATION'); - glib.export('GLITE_LOCATION_VAR'); - if not os.path.exists(os.environ['GLITE_LOCATION_VAR']): - os.mkdir(os.environ['GLITE_LOCATION_VAR'],0755) - glib.export('GLITE_LOCATION_LOG'); - if not os.path.exists(os.environ['GLITE_LOCATION_LOG']): - os.mkdir(os.environ['GLITE_LOCATION_LOG'],0755) - glib.export('GLITE_LOCATION_TMP'); - if not os.path.exists(os.environ['GLITE_LOCATION_TMP']): - os.mkdir(os.environ['GLITE_LOCATION_TMP'],0755) - - if not params.has_key('glite.user.group'): - params['glite.user.group'] = '' - (uid,gid) = glib.add_user(params['glite.user.name'],params['glite.user.group']) - glib.export('GLITE_USER',params['glite.user.name']) - lb_cert_path = pwd.getpwnam(os.environ['GLITE_USER'])[5] + "/" + params['user.certificate.path'] - glib.export('GLITE_HOST_CERT',"%s/hostcert.pem" % lb_cert_path) - glib.export('GLITE_HOST_KEY',"%s/hostkey.pem" % lb_cert_path) - glib.export('GLITE_CERT_DIR',params['ca.certificates.dir']) - - glib.export('GLOBUS_LOCATION',params['GLOBUS_LOCATION']) - glib.export('GPT_LOCATION',params['GPT_LOCATION']) - - glib.export('JAVA_HOME') - - # bin and lib paths - glib.addEnvPath("PATH","/usr/bin/:%s/bin:%s/bin:%s/externals/bin:%s/bin" \ - % (os.environ['JAVA_HOME'],os.environ['GLOBUS_LOCATION'],os.environ['GLITE_LOCATION'],os.environ['GLITE_LOCATION'])) - glib.addEnvPath("LD_LIBRARY_PATH","/usr/lib:%s/lib:%s/externals/lib:%s/lib" % (os.environ['GLOBUS_LOCATION'], os.environ['GLITE_LOCATION'],os.environ['GLITE_LOCATION'])) - - # Perl - glib.addEnvPath("PERL5LIB", "%s/lib/perl:%s/lib/perl5" % (os.environ['GPT_LOCATION'],os.environ['GLITE_LOCATION'])) - - # Set environment - glib.setUserEnv() - -#------------------------------------------------------------------------------- -# Main program begins here -#------------------------------------------------------------------------------- - -if __name__ == '__main__': - - # The script must be run as root - if not os.geteuid()==0: - print '"\nThis script must be run as root\n' - sys.exit(1) - - # Get an instance of the library class - glib = gLib() - - # Load parameters - params = {} - try: - opts, args = getopt.getopt(sys.argv[1:], '', ['siteconfig=']) - for o, a in opts: - if o == "--siteconfig": - params['site.config.url'] = a - break - except getopt.GetoptError: - pass - if glib.loadConfiguration("%s/../glite-lb.cfg.xml" % glib.getScriptPath(),params): - print "An error occurred while configuring the service" - sys.exit(1) - - verbose = 0 - if params.has_key('glite.installer.verbose'): - if params['glite.installer.verbose'] == "true": - verbose = 1 - glib.verbose = verbose - - # Set up the environment - set_env() - - # Instantiate the service classes - service = glite_lb() - service.verbose = verbose - # Instantiate the rgma servicetool class - rgmaServicetool = gliteRgmaServicetool() - rgmaServicetool.verbose = verbose - - # Command line opts if any - try: - opts, args = getopt.getopt(sys.argv[1:], 'chv', ['checkconf', 'help', 'version','stop','start','status','siteconfig=']) - except getopt.GetoptError: - service.usage(msg = "Unknown options(s)") - sys.exit(1) - - # Check cli options - for o, a in opts: - if o in ("-h", "--help"): - service.usage() - sys.exit(0) - if o in ("-v", "--version"): - service.showVersion() - sys.exit(0) - if o in ("-c", "--checkconf"): - service.copyright() - service.showVersion() - glib.print_params(params) - sys.exit(0) - if o in ("stop", "--stop"): - service.stop() - sys.exit(0) - if o in ("start", "--start"): - service.start() - sys.exit(0) - if o == "--status": - sys.exit(service.status()) - - - # Check certificates - if params.has_key('glite.installer.checkcerts'): - if params['glite.installer.checkcerts'] == "true": - if glib.check_certs(params) != 0: - print "An error occurred while configuring the %s service" \ - % service.friendly_name - sys.exit(1) - - # Print configuration parameters - if verbose: - glib.print_params(params) - - service.copyright() - service.showVersion() - service.banner() - - # Configure the service - if service.configure() == 0: - print "\n%s configuration successfully completed " % service.friendly_name, - glib.printOkMessage() - glib.registerService() - else: - print "\nAn error occurred while configuring the %s " % service.friendly_name, - glib.printFailedMessage() - sys.exit(1) - - # Start the service - if service.start() == 0: - print "\nThe %s was successfully started " % service.friendly_name, - glib.printOkMessage() - else: - print "\nAn error occurred while starting the %s " % service.friendly_name, - glib.printFailedMessage() - sys.exit(1) - diff --git a/org.glite.deployment.lb/config/scripts/remove_all_rpms.sh b/org.glite.deployment.lb/config/scripts/remove_all_rpms.sh deleted file mode 100755 index 2835ee1..0000000 --- a/org.glite.deployment.lb/config/scripts/remove_all_rpms.sh +++ /dev/null @@ -1,49 +0,0 @@ - -#!/bin/sh - -rpm -e edg-fetch-crl-1.0.0-EGEE \ -ca_ArmeSFo-0.23-1 \ -ca_ASGCCA-0.23-1 \ -ca_BEGrid-0.23-1 \ -ca_CERN-0.23-1 \ -ca_CESNET-0.23-1 \ -ca_CNRS-0.23-1 \ -ca_CNRS-DataGrid-0.23-1 \ -ca_CNRS-Projets-0.23-1 \ -ca_CyGrid-0.23-1 \ -ca_DOEGrids-0.23-1 \ -ca_DOESG-Root-0.23-1 \ -ca_ESnet-0.23-1 \ -ca_FNAL-0.23-1 \ -ca_FNAL_KCA-0.23-1 \ -ca_GermanGrid-0.23-1 \ -ca_Grid-Ireland-0.23-1 \ -ca_GridCanada-0.23-1 \ -ca_HellasGrid-0.23-1 \ -ca_INFN-0.23-1 \ -ca_IUCC-0.23-1 \ -ca_LIP-0.23-1 \ -ca_NIKHEF-0.23-1 \ -ca_NorduGrid-0.23-1 \ -ca_PK-Grid-0.23-1 \ -ca_PolishGrid-0.23-1 \ -ca_Russia-0.23-1 \ -ca_SlovakGrid-0.23-1 \ -ca_Spain-0.23-1 \ -ca_UKeScience-0.23-1 \ -glite-wms-utils-exception-0.1.0-0 \ -glite-wms-utils-jobid-0.1.0-0 \ -glite-lb-client-interface-0.2.0-0 \ -glite-lb-server-bones-0.0.0-0 \ -glite-lb-common-0.2.0-0 \ -glite-lb-logger-0.2.0-0 \ -glite-lb-server-0.3.0-0 \ -glite-security-proxyrenewal-0.1.0-1 \ -ares-1.1.1-EGEE \ -gpt-VDT1.2.0rh9-1 \ -vdt_globus_essentials-VDT1.2.0rh9-1 \ -perl-Expect.pm-1.01-9 \ -myproxy-1.14-EGEE \ -MySQL-client-4.0.20-0 \ -MySQL-server-4.0.20-0 - diff --git a/org.glite.deployment.lb/config/templates/glite-lb.cfg.xml b/org.glite.deployment.lb/config/templates/glite-lb.cfg.xml deleted file mode 100644 index ed39d97..0000000 --- a/org.glite.deployment.lb/config/templates/glite-lb.cfg.xml +++ /dev/null @@ -1,134 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - owner - location - destination - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.deployment.lb/doc/release_notes/release_notes.doc b/org.glite.deployment.lb/doc/release_notes/release_notes.doc deleted file mode 100644 index ae9fd1814da46c1ba144a0202e5185f6fe1069cf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 267264 zcmeF42V4{98^@0!;J^uPB~{$A!GU{#;ub~gL`E1gO&DUGtxDb1s%@>-UH9Hrv2Jbu z)>-%7TdcD#{=ergm)vC$Fi?er&zIcFd-uN2c=vn9j+VGOe_i=&jM}FuW5ImLD9Bg| zju*go0dvKH;tXSrZ8PkC$jHcGkJ3Ic2Nu8*;FRg}38%or#k-ji0}5I)%*~Z#(V~`+ub3{N10qgTn6yI3$_PFpKb{`{pprMhk}F zuOIY+VX8xON6*JKg>lVFhUtLo)A3Co_3z(T!vb(TZ4Gx_p|uQCldgLXOThO(_@<8` z-;TKMhgS>}L6-9`!|cI+X*`cT1)%of* z$2Kv{P#l_fnPIB%C-MFKHqy$LVOk(vU9nI4N1r{oj-Gq>8*abDW`_9-=}P;paVX*{ zcl=}jQ#cXOfBrsvc)WfcyTLGyIM1gu|IN#b-{-&i-|PD3uT%f#^^yP9^?Uw!dB`=C z-_i4}ejk3HPiKB#*Eb(D?;nKUt=qwW1R;IARsKVGo_7#y}-&eQ0%=RfWq43O^ zB1#>jebdL30$ERi@D7m)Qb~un@bJjka7lGZ%ec6xD5*4__PR-BNm7}uzcgAJB$rBB zOXVT5$oPcFxLDin5s`9%J$4^R>l7n&F?l_WV!+??H=J)9-o z@w>3N=;*j)x~*IqLidnM;$?A3k)cvaP-ti*9SMq-M8<~2$zpDF%mINn;%Oydvp^`|sJWa#HLb!oxQ&$qtCALf& zCY4DN;sn3*s*B$3=%V%sVrC^j51iHyZ>ARUF+#G;CfO^_k=LvS4l zOO@y$+^@ZDZCgY~OZ=VMbZh}Z$dV!v_xQwMBuoUwf{hx|Lvb6a1hNl{3{RACPn95z ziH{C~LQxV&1SLr&q0+FR#OMS`QcyIK*|ue3xFjrcFn(WCE|p4xrI0zE0x`wYgv8<3 zQv904Ag`rVJkl?SRgS0_q+h&ZLAGp|tQa9xaf~@drF+K3Qs{_!D}F~38x$k8?je=Q zp=j2=ko{4sb9gkY#ThCU9hVY=A2~+{TeCWBT}slnR~H}u4t|~5OR7X9B*c5W zxNuh|OM{(5q_SA&kO=OGOMFmBR1iev;_v3{>f-P2>gwg{;o;_@&>P&9yU-~*I8b@a zSsqbEVrG|xpxqQfdwRHL8nnH{HoGwp-X=IQ)%DyTPfZOfuZf z$s-q%Oy>>lh3OFurH+n-2{^%}NM&I`AyTA>tFwo(QzX)(K|OUXQoAuU2{*=ny4HBw zl$|?kq)}W<3_J+wif6V{M(861+OF;S*xMl`aJyVd5AF9;Plad{FQhV7KeBHzhNl8| zJ60>)aw8RV+)q6fC_Bx?RN!uxd#Rw~e%e#PDHxfqoYe@|T(Aqpv#~d2Q^Ykl^g{1l z)zc+euI5Q|!%~Dd%{@)gdsk7qpem3ki%dvyMpa;NicA_SO%96Y{78;xH2l4tg!kqW zDd+PV18*)$tmGKEQ({77wA@)bI7G_U({jh>BPb3Q66JI%7h|A=re4@xAL*-P} z3yG6axz^3uD+g0UaWljn_sPi=&~+ok+P1Zzog|ADZFjy!Cn89_SwYzPqPv2PN+MbX z&?LlGyREsJc{hdcmjuA4q5VfuTrf_ysH|4=Rc)nSupTtWs@-~S10iq`=NezSDH>n8 zaE&i0IC{cDj8jMHPvH0t~5mKN{m+sa*T6bp~2D9maq=Qi( zMO&fVMNn7bnjui#N8sdX++`6BvuSDB2_G?|Shb0c3r6#yk6ez5b0i)y=i-_anh+Sy z-Y!t8yj_mQJ}Y-bdUQ_v=O+wI=N;mf64AWl=0-+ zN?^h{7f(fVOpeA=*F6x=AQ|hRk%wh3r_`Oq6f&DPx;go@@$oUT0Ck0qD8;0(MSsfw zv)Oo~J5q|UDPEpA5iQ-}BVzGVS+tYS;COVjILF6OA=v0b!!1;IKrCI|oEjQga(Zup zShfpF3X*hd-QK00zYpSw?9*D&dOi?moaKpVl8=jV8R#yTy0E8RLgSKSqvL`?og)%r zqERMlk8X@u^{yguhl*yAN3CbcSwejtv57IkXxB%VnMSt`o$f9}mjK)Ml_EzUiX=2B zAt;#o+#=$zA1Xm_7j<5=^6~E^>4t}ojSY&B$hm8S5+oW;_j2?;$Q9QqJ0Ix5T$+W; z;u7PV43q`A#e^pF&F+R?Z!dASwe{nAQesl%gQ6v}xVQvKe2`q894DjBG;|szaQ$j% zR+pn6C_y5Jo<)X5A{uPhlvKk05@{bB#+LfHUOBGWneRyAdKx8RK~$YZ{~&_G<4ckw z(MlhTek*h#DT9lJmGOO%ww>az854)@Ch9&6k%lJ9r1T)zp}xdW1d$Md#Ka-K*DxqP zNR}W8lf}ibiOm08(P2a-2WLr(*c3@nNJv~F^)9kWC_$%H9E2i6IP$ne8T!dWWK#5f zg-UQwzQ<3|2`P?TOd@(25sR3h*hKUbrbt52=NBstMcQ&27l$rOR_#z^R%ws5paa(0 zTGPww5n@xqSHv0{Mv65TB=^wB zIwDI zMUi8W{gMrkXki(OlB}Fuaco?u)QB-`pvWrS8W=09L`X=q4r+tr*s*Z|eiGw7x`(?$ zIM^_faJV4Z5-E+9Lp~oF8;aIFxEU%_OJtBoTuij_%%pyU28v7p8%Bx*7bNFBBcws0 z$g`=LSS|_005Mr4oFP{WKp7pi1mnr0p_@XLuwkUAa6z_CjE99#!7C^pH9J{cd<2z3 z*oG=&lrHr6R1WPUO|Vi<3TW7)SbwAT={7jFFUcd6zS3IXA2oj*@G+RUKoi(a7?l zD{T2y-lrcaiczB5(3NvOUf3{Fbh#kek|-+8Xn#iD5QExosKWWM<++x!xF}>3@saVU zp!4Ncd0a>o;>mUfp%8@lx+KKJv!-pN$TncJK}5EJ(IQJh`otzh%Hm?Fl!CFYvdExd z@>A3pk`x)lR;I*l0Ez-U<(nj2YC(Z7!+77&AT(dZO4#yHV!WcZ#kvJ!BtSh^FRpGv z8^%chMUcF5D{3g>h8#Jo=xps6#Q|lfV2Y$>t2TaUf~;jMZLa59pQ}vLhOy$u2Fb@y zRq8~0PmnwUQfAe;y)?y#8U(y0Z94dM_X$K>UH8D&e*Q*_nOj57E!D$@kz&RLiBg%U zg2ER-xgxo;=}}o+Gm0L1)T_rDVm)jaDK=b?h>fD;sjwYyZ;3BkSa*1>>I?dT!1O-0j4>`}Hs1q4O zdiC8Ka?+y><3v^wq~1Qw}xWFNYUbg)DkVO7|yzm zAgU~3iV7-$R90u(6^$0BhV>Pq!iJIJ#04o04R;dMT}dCQ%BpOyp;0~5>^>MHH;fgV z2CfacN(OBhCpL;8*-`9hp;7j=P@R?cglOR>OQTrW7U{yz0#Zz{kt^q^umcN}dxF+_ zae*D?_z}~k+)dM^NX5FbgQ-7(=~8|)XGzgGrD(>9ktRgMh1#|VrT!*NfQpP|r>{{Z zoTdnQb?|G6ru8H$C)##HTNm4)K&4|=%P4kKo8z0V(Nly8QrrwQaub8OekSr1H3w2p zQcxH*W{ZA;qBGwaMd8vpY5+&iRS;UfLu*k%6ZJ;w(xTEid=GWcv5v>KV_XupwY3}| zU#01I$_GY7%so?-6*$jJzqZ-j%d_}k%klMO%?8LGy=q##ysbIlIXmlC_Qw|Uo(!T3sOYeEG=#G*FIwC zvkq;^&Yd;V=yROEmWA}l!}He+PldcZf6eez;QDM?M;r zV%pMG*Ko-EIp{x+PK@IQv}3y8=Ql>)G^fv{nJycxZ<^C*n$ss(dsfd_dfh6N7v`XN zm?kD_o#yS4w<{=1fZ>ou$r_ zWXxU)rxDJ^NrXHxY5LQf=3s4_8mf4e0!?vMTg@mJriOZO%jI}A@G#N@5ef;WO%wmo z&CSku>=w|nqhI&#KCKlayMyQq#)jj?C&rpb;nkoaHw}oNTOvbpwZ&S&))Vj+U#u#N$G##FvTO$xrkvDeH<;@KvO;i-WKEh z`FWwni=aC<)y%7*yOE}vQAmiOzhb==e!3FB)(^WR7Dm-`3wO~RU2cZ1v0{WaM#XGE zY#2u!6+zOxftKyL?k#@p2`FYvPzYXUgQ>StX(*|qJS7IN>xp8g%+pT<%j=L#Ln5RU zWqR2UI|;}rbLd<>xMfA^W5YOcrjQ`T?udZO_-M@pcKRbf)r=O~rTG|PSj;R`5`+04 zco&VaB#A{q6tTjFkz&OKsSztI06`Ny;&?BE$t~QX&D?z4Ag)9s!OLaXWrd9vLl1r> z6>JzOhFp-{FvrYAG1ZKwb3lfqxa=$%qdmQ+Vzz&MY#8b3xgbeCVUaS-M@opq+Ad^8 zhydp)d3!>k6H7Y5h!iTxO(5duJJA|s?3^LvMb=%hx}B%Hk+SRh2ni-u!$q19;vx%i z4#k_5A`|e%4SnGzfYo5_i=PaMCB!lBDFLfAVUAFTmJ~T#TMJuTOa8yDE#AH4*Qr&9 zfYv@;{91Jn@b}5|6;hEg>(+50&JsVGZ%V5&%Di!RU%w7MomzDCk*I|ru~RHLLTilSEn`@S z2_2Kx)~&IGiMIrAd2;o1q1RVYlx+RFb$7y!hm)6U1C(m0BGIKq8!cga*h^fnW@V>< zj=1q|YP=Ln#Wc|%}`Q#UP&##pY-bf0nf_k7n=m`?Qa4-^#0$+n~z!>lw*bT0M z$KVNg25J^$7*Egy$iWow9heFZgFnD^@C1}B#4xeopF8J{A4uDrw))rAzogAfn>iVz z%^bUVc+%L|kUrgh!CQz+M~p1mhKX%k&?W)UeyQ4zRr_}K>^^rirfm^RIiRbi*hQ(X z!hTEtNb!E~@1p(cP8&q~?q&g^{RcfRi1v@RtS8zp*6~}>{y#-#i}qL47%kdAR{y+e zAF-hDOSAulv7oDz`{nH;qQm+quJX1S)yQU)@|<1i2)cvXQROd|HLb38PD1Z_Cb^T$ zdD)bJOh`6yU^Z9}ci}MsIZu4<${AK2Y2ZJM8OTi*xT_u|+q%Q&mYthDW%k#D1`O&vNLTbE_7U^lE5p~3Uv1T{ zIJ{s%OUec0_-1ng1Dn&njK%bf?`$>{{!o>%dI!&|_OYsp*P^R^tlF1VJHix7V3@0BrB1uz zLGkrI8L(6k?^YD=Rub=ep0;Al3Lp@6qmV^36GTBW zR%DlL6tefj_iC^PtOaMmZD5W2+5pmx!k`RD1>?YYFai8??SH>5{NHyYzx&^{=#jlf zHi|~zx<8G~ZAMuPY-3JkPc!?7CcQnNuat2$t!>t_wmDf^fQ=b%?C}v4W!~f+?b$22 z>s{N`(r(i=EC$l;#a9W!7W|jgJgBWaFdyg<4GbV3l5r zuGH$2YH`mmynAM0>GXi*xj1UOPYIIUTksB$-B*O&lkHaq4!|2U2F*Zo&;oP>+rguA zhd0a`H#odU+wgM@su?Di%+g!Wvogw5>+9E7d#Wj~(3uv>D|F@txPtP5(h*!3cA9yP ztGWg@tvHus9n$`UONEC%l{+}`emH)RSJKh0yf;3PE@~;a>51c_G&;fJ-U4cL71_Hs~ z;0#DVk+vdD;Rw>wy+oBVl};Gu9}Kd8s@Q1rW-1TS%5h94S5Rq4R~VVtztV^3^fCt7 z9%HB_bGhX|P~WWQmYMk5;=G(m#w6RW#qzBEJ6N0SU%mWiN%ngdoCBR9`!0ZVz#jyH zFfb5AfoKo|Qot>62V6U{{m8N(Q!pr z_C$>-JM})1;B#}w@cf^eolW__TK-Qqd>7mUB_MkT5CD1r(uFU96hwh&5Dx|c8G!9C z-+ttWv5BGGTDo=9C3K}dsBB7C8&2kSsj?|eyX1V0>Iz+VQ9Xxd7%hjkMaf^MZ7V$* zU7^pTQC(K&d4y80#~|EC=+QK4o`(88u5{2H?QyLAt3o!QF3l9>WlXXqnf5D@XYGF& zs<$TlSF?YTxg0zKkHHgA20Bm;^Z|VV=|q1J1!N!zB!j^q1&jet!Gp8gADmr&_5te= z5<{E0oYlzN)htf8j*Bl;`Vf_e5MQ9JsN8M0HS;XvF}j3gYI67S&M~> zFVJS;x~|Y?;goX=b9gn&QQDU{hgZ8QGYi*|!>fg&J8i@la{gjG)K|a1;C{vX3$DVF zi3cvq%a>$Ja{a1Qp0)oCP;Zm{tJy!<@l;>|xfcLdz#6!KCLje20i+j0!8kAz%mV3` z(s!-+@!KC)uoVF9_Rpy7R+V?_vRkg)t*@8Yzb)UcCpHnf3-zK3EnDp_IxJi5Dh*KgU}uXxMmy1te15tjtSH^{7Yr6?~~lId*lz1?SR|Cfq~ z=b>Bw}j1Z)KVTsyLJ`Ob+) zQX*51^ziY#rp*(;K6~|V4*OJDu$rdkq6Hr+{}Y}hB!05)Iyz^WXAwKrGF87YpjHjb zq_8u&13Zo1Cs6tj;Z^$DJ#~6d^r=wVYwPVO&dZYI_#61${iJ{FvTaya z=6%`>XS)+1Zq{~Hzc9>psqIeHU$4z-C|A|n!l$%d;Z@nST?#|%Qy^8j_6k*fN7JWr zSLiBx73F1l1@gQFZkEoo_J0>6UrqVHTK-RV{5K%^-yrz|(u3RJ9}oe37zm<3G?)$+ zfa~A}cyjs3uGO=~Cy(zn%eS8IEZ*R?erIMiux?d8tF!f-v+myI^GME2xx0SrralS% zSEzD+%~}y>|Ef}#_=;jAL$di>;9rmdEa5o|koN>7!DuiRq=Ik3T95|bfVbcscn=<3 z{B!%V?K8&6#&n<2!mY)OM;A#A43N62&mt44SE{6ty6P8(`E)K7=)cZ8;5qf4SNe3} zRr-8-R^+D3Z>!{{d4)0RyCr$qliW$>Bulx_dIuP`BfKhCw^4V7Q`b6cLT&ulii#%x zuTlQvZPy;dmMel1$RzWq{QEnYvE8D54l&a7B3d_nGz2OK&<@0rh!j%n=nfzzM>mA?V$iw!6U;0G=r*|u!vvccP=0n%+PpD5b|D%!I% zZ@HOE+H6~;$2x7>;BsWBpG>!(;XK3$sDi*l&@T)tN79w0BlO+@&#CvkvK%SAN?$oL z^V+>W55biZxiBuQX&B17g82Fb0TxL9EcTM+$dDXGA;QgqJlJ?r_`U^4pi) zYpdGtaREl7uoI?G6U8)FWkHXf=xQNpto2%U?khLXm7n`M5f#|biH;`wSGRv_vRjh7 z1T+D@AR6#`@IAJtgH>Q1SPwRUjo^1swF1Tpf$E?J=nURHe|Yox#fL|qr>$L(HhFl| z@Q#zcg@RY+dKwzT;&Py`m9m&k)`9gP4OB&Cx*Dhs(k~s}ym)%*^pvRShx@ecQ=7BgJ2n10 z%gw|h@3;9e6MHM&I*`3WX+LOd=PZ#wqv5Y`1+6Z^TeD_fOYV`%xnFfW=( zsi`>GJ1=vRHOY7~WSSixV1PpqYo%S?jt1Mmj%!)_PlT#vy=6Z?*+1nl%GE?v-jgXn z_FDsV2K~T9FbR+jOaart_uywR8_WT}faM?^JUDyk?1N2#~aUB&^S7G=Jzv@;DGRi5F?%u4H3Ul&DrC2!5jE72Ok z*^tnOD9 zek9Yuke`9}FLDN%%QOpDi0%JCq2IK6iLBax=ej2Q*RX%GS8HGc27oA#1d;*iLJAlI z#)64p5||9`fhXV{z&yYe+mHM*bKKBzL#6(${Ieiw#ih_uu4F7+`GVI`Rk>MsR>LBl z_!Uz$L(*cGO7HNjbi6nxSDxW#_bZ=SCBYgYz!$UuZGj)?4g$bZunO!1*Z$bDbju$0MVQL zzncH&?bQb2gm`CNG1h-+5znc7c-+LEwe+(*A{p937HtZ{HbvmuR#5%5J>wlNL zP4d^s|0&<)%F)#(=Hs*qP zU_RImegn_0o;~)zWBZP6J+|uDFI%T>JvMGs%Al0UW08H^BXIun1>cra)Mp4E!U{d<4(bRji$apK*2FO-ztD~J4yb{XbreQlG>9!L7MzkY5A#U;C7+q7V$Dc&Q`0h8(ju;DD z+^BL9gME@Mgtuk4tBA5cc15?3yZ~ZY4GzHDTw_qHY0=@%N!8C9ITm*$`;kiLkPz)3Yy+Cg; z00eMRVG5~oMaH1qQk;|W{=X;LI4@U{;g^sD$?Ty}|N9Gf zIvKVjyehlfSn&uBo15FErB$C{{Xt+8b$?LIfY&-G{DHZaN6U-;K$k}?z}qL;Vq@47 z+1?;wqKIU#dq?<_T-z4=JY8{Qwd9mZOSHZJ!;<&4FIO!C)i|9lyU$~zkXm2X7y*Ihdkoyj$yuX!VbN(mm#O!lwM{`vAO zm0iC9qd{Jj|5B6uwc0<`QAR1`J_g^vfdk+uxC`z9_qu4;0}X*UXapLAF<>k>2hM{_ z;4-)ZYC54m3Ag}P;0D~mS70dk1^_czo@`nUiM@Y+9=NTcFz9v^29F z)WxXmNiCENTH3gp7Jr1VX{p!J`167`KxLaIe@^*Zv<7zX>5G~s*S0CD{VDIrw~{J< zm3h68X-@V|avux+0wnkI;5N7eM7|(S=zMkW^c7yFdq;Rx*0;rFf4Oyrs>KL_@$DUG zdEsh_m71IUzZU;*O)@4sC!4+q$c9BS*InfkoyocYjqnSx4v^L8Y$cecA%8<&{`k~9 zfNeGGr=`^}R7|Y^&t*u0PL;igJOL^@# z$Tul(&5QCMYLdU!@*iK8qHOUm=>EIH$3>fHunL-x|;M)px23VDf^spMuj?Q3;@#8<} z2Q(b1Oj?d{b|NAz!3m90y5ZfC)C1^t0ywv(mejlz~x1LSLohSe;!*GgT;-buzJ z&%Xf4Z;&uyM5TP)JHnsj+IC6SrunrW^_KrHnCxGx|L5(MZ1a0SwwM>?-vvWY#Djkf z=_Stl<$rbGy9qv(eC%#OepaLlfkMmfE!^?fxr26B)km~Lhf9hq*w9fcsujLUuw%bU zEy5y}ptd7Z-;rtH$h1|A2P0R?wg2ol$zPlOTl0D87nmHg1Bh}+k?=)3Dv^HrTVfs4 zl}ikvv1Q(^)xAU}twgSj`Sgq>mNc@gQ~`~ou=3JqBQk1xkPYsbK~y-c+^neDtfboX zq+x$r%6}GAhAIoWmjez!0!SCCfG7|Rwt?+{^kXMT1J;;tVgrhTVxTxE0eXWz;8(B& zECb8I3h*4f0B^xN@E&{sZM-n=5G(;p!E&$ytOPH>OYjc72OmHNXp6}lejpWm3&sQG zNUQ75{@%Am^|xyF6xH9?!ckb9#88qOKdcH$a?2{Yu_Z5I8IO)>IioBuiq8vL^GlYF z*i+%6MtF2g%Nb>O;`4&=luwzBc7C0G1n#^{Nq!`&Ja7N|MqJR^O3d2-Pa5{0Nhv{P z|JvFJwH*7@?4P$!vPH7HJTLzSjoav!e|q-i|C#!K-q(^}B_EpS<*zsY@9d+V|L1l4 zCz($Gmq92N@XO!w|25yre5a}1H-{+Fb0eTso)qm4w!~$e*_l55)=TPKxYsDdVrqbOE4cS z0FS_9kPe=Le?TKl_-hPWf>xk4@By?M@f5HR><0(IA#fO!#3Z3opd2U>&`LD=#^5^qQ${Q&k%-`}i zZ{ zi(qs{5ldQsM6})ruA=otv|pwC6~=+kuax6Ju+NV8S6}}Fy$XDdPWg1oz5{NI2Y+5r zpQ z(%-A3s$14?yZ>uQs-23>xgt0PmVQLP@#*XkOIk~MTEi#m8F_8*)n>36& zlffOnjK%bf?`$>{rniK>L)xi*tg2e59YOxxzO4GOkLdEX80eU@s|FRIa#k%c8B77+ zfji(XAYFI>UV(7vL?jppqQC`k5sREYg9qRtAYFJ2ilA4dBq#+OzzpyM_!0aB zilNoCI4A*1f=8Ejt@v?8YLYZ{#id7=+OXS(=>uomzFo3o+pr6=N8Y~_hkp^j>)HSh zl(}sg=A#Vt5L|qhKryrK%QEv)26-Plbs3Wk^Qirw>TI%qjrCu7o2?GH*9B$J0+vVR z|AW6t{u=Tpf9;@HHBblC1#Z9{cz{*l$>l$`FWEls zkEB1ANS|EBUsp8r>GGV|QJV=N9R^V~|y72?z_#mkgrNph@&N>U!RfA;{B{cG4i+3aet22_CT zD+1Di%Af&g2z_`*yrib|Qn zdKdX2aS#++)fK9Gq1sitpGfTYxKvpL<xSeeedP7ma}*=neXS zzMvn71Q)<1@Z`duTmPJOA@#!6BDfcMuM~0z<*Kz^nuM zOo1gR0EUARU?dm?sQkBN=9q*dp-V!2k9c64xACmlRr3Mav8&81CR0nGa$B$d&6VDP z{D;_9=!(q!hqjWPS~y6JL*;+U%-0!eZ`a_tKysQ%xvL;#P(ft3f zK$HDz*gtQ(b0PP|U=iA)^Qipi1e@fqA%F7QB>ROVdq6tyD_9R|LKkX-I-o9C02Tt$ zk;Py?H~>z7)}8PUXz=9nvCBJF{`%L3MEP30#3AvN~ z9>my-JSzV^15NVR@c-ni`$FdZK_D0a_Jad}bm0&<3{C^*u4o$o-9ZeH0Xawj+?by+ z3DTfm9eOo#YP2G=wmQ`~JR0YwQP;+d1@RTi*$(RSEBKicc=LKo|42oxS|dComM@L& zyFH__YRnXWnryG>{pkHD2%XUAv9_vxz@>&`il2dF%v z)?5cysPd4H7^9xGvU@c+%&eE)4f5}qjWsI6%a`OzG9{VGg?f&5Wz|Py`=TAyHAdJf z$vW!H)^*M_Pf+s`wV`TRFaPIlFJVdY?hLwtexPReJS+cYGL!t(^M9rM{RKMEAKL@L zTJRe<01kn};15t7I#K~t2Q>icOfBFC+JPQmHP{CBfdk;l_2bufu9`Jr)~cADz1#QR zdA*flmvtBFWqOq5HA~sb8UQ?>=2?vrKbOB$kY~rY;{NyB{HWGLC%nJrS&jQ=Rz5d0 zkH|dN(wpPy&(F&7vTFtzk^CB992t^K^~pQ_-!jo;{~GpBws{a70uso+4yXs}1JZ?t zpd;u6mVq^32iOVHfNc-V3j&pa1CW3(fETC-rUJADuh@R%mzlqei0&8NjQ)*acla`3 zxxoq>Rh7;R=(~oEs;=kjw?Z4$JgZ@&PW((c&1<#Hyi@m5y6w&w{>xDR!1=kP#O(Mv zrYtXGU&xZ=O!CX4_P-?AWd9oW&)cgruUy@rM_5Z^lcvJnKUIbFeBAN+$Nll!Vyq(^J+{soq z!VdGO{ErPc$zQ|&liwwoZvuzGAE0_KjQaxhK?Bebj02OvkKiXT3;YaLgA3picm~E` zRQy;l4WxnJ!EUezJi2vu_oMZXrqjROk8Y(V+={;ydaKv1c4`AdDzW20l18&WksI+Z zSj!CSsnOf@xZ}$5ei{C~dNguha5djM2w!;|>yvQ5;%f^U^#OQ!)m79&tPG#?({n~; z$4~3^z)aTi3&ZmvgK~%RyzKWWjP)t0$hO` z7y`Zme}SXm1ULy!fl6pAt_&POHBcSY0P$cDSOgY>rC=FY4xWMM;0<^S-hubP7q6Oa z0|LPS5CTGh6s!hoz$UO6Yyn$=Ss>m!0-oKua$@&J)!*tl->Lq_s*dm8xLUbG3Wl{+ zNr9-}SDEi4zxB3zrzkgw&L~%16`vQBJ@B3lK0F5DoHZA&ex|&GG92-FK{)vB7dF$h zJ%f7PQ&%YnAvEu?Tu}Pq@9s%5KMF2@i-6=$vOW$-wxV$$x_6NJst=|TsXn@QRM%*3 z8P)?liH7ye9g`iiE?^N*h2GjYNXtNvE)E(GWR+^Be(WO#e;_RTdS*GhvY(z5L`?Yc zAJ)A6lC3TQWSfJ8Q58v6_m1!D>D863-AP9pdP3XMuJgb7x*3Q1^d8$P!tn6ivfF38k7NLK@bQAqrn*PEf@#JgOlJC zI1es>i{KKd9)j}X^=B9VOjG@BRBSH%Q}L%fw^8^af{XkPdQHV^Ptuw{;zfFNl`S`f z_R&_ZQKhfGMGdC~quQcd~4miK>K^7c!% zdJSC9qw+s%Z26lrnjbC4KK1;c-`xYq&*nw@Z}P2??O%(m87;>?b@}u8D&?W6 zfbz_|DE|c}`I~9;|9lyV%0nGc7U~G{qWrDLne1Pi{Hgp~1NebOlSfsUXP=nQ@YKY_Vm9+(dn zfCu0qsDO#$6@degfG@y65CsMS8IXenuoFDK_W0Tb`p5rWIP(X;N#EjgnV-?!-plu9 z3rqhW)3VHT;pI)TtqA#$Ec2rMN1NR(CTm-IT73}^-?DAV&;4cC_TS^imVe%8|FI?+lg}pq90y;^`eUIy&@QO@=-yFX zlZ#t=G$BK!39S5m$E)Z6hAjT^(wyrh3bxRQl~tgF=CRMNm&lUOe<`mWgnX0oR*}u? z7P;t*Mq1>?fh@@XHx2n4(*L87zqyvkr(yjzjgCA{feL3-Y4;%TF}fzqa~6)nC&s#`CZq59h}YM6Q+&ex@@t43*c zZfC)C1^t0yY&hQO%`V(-Nh7$#y>WaW8l&ug6Q39K*6A2o*3f^p-rhg)c|mwatN%Nb zy_392wk047l4V}B|0yQ>*XsXy+a)_a4ahF@qWmpU3ltCjHI@IU{KxxY^0})4`PjTD z{}hw_wc5WhPdx_NA49%+99#rD-|cdTQ`E%eUoO z>m1=^7%I0F6xqz9w} z_rQJN5rc7Bz#B9IjX@JI7NmmJU=3IY)&p9W?;Us#EHG!p5)=Sdpfl(K#)Ao95||98 zfV1EnxB{+%Yv4Ml6Nhpkhyu|d7Q}&gunlYnzk}Ui57-Ne#G_6FUOjvD=+(1ZXKx+c zuKHU$cbe)?#}3pGB|pD_)p|>6;`4%%nvRm+OY=c`!xNtugokIT{pB2Ozg3?LpeQ5K zTt|j4>lRa+CCN18s>~f6G5U-^riK zMomCdK=N+^T7n5+BA5og2h+g}a2Z?yZYU1815e-u>VXkpBp3@)!M9)>H~~%qYZ=xO z0);?fPy_^k9-uGi2l|6RuoTdOo%g_f@DMx#k3oG*Ms5I_f@YvOXaUB931A6W3YLQv zU?q3~UV?YvJ@^1JK-&b25dzb}4DbW^5&Q(MgB#!;z#M_I{CI!**0ZB3Umo19c^R^6 zl;OnXJI$6v@p(b{Pg{9X+5V`r6sofX>&MHSbt4_^t{+}=JK7i~K zu!eB{mj94^Cx5Ej+y^B8hrkOuP!9|OGC(?!2xxujWH1;E0bhY(U^o~FMuBg@Sda>? zf$QJ~xCw57XTUNEeE`4#NPrt~2OfYQy>aH~q2G6Ke_PjXUAuJc*6EW*$w!5bf{)Vm zsaQIK-n{K)Gm3k$3pyLxG8nv3$}-W$jHzHB@u0^Aw3>^qDaD>I&9{jQ&Y{A^*m76b z<3hwJ5yknIwF|atSC{GB&KzS!%rQ=+h-Ewm(2Qi{*kaJaUUM3p2zxbxQMS0#ud$Do zc-o>C`38;KVEhb!ciO}GBK$kXTRD!w$P8|5in4yFt@fw0Zl@ZTqO)GeR8g023S>m` z9STUkBLK28k7oNEz+_@;+IVs#}C)^PQz@HdL zT`?^esAt7kk;l`l!0EF5Wj1C7`AzoQ<}|Lr2r=sePU^N`Q#^TQatJ0;!N3dsg zk-APqpHin?u}>W<^ih0|WZ)A7`}}e4+wLV!8h1^nLKeQXNUtvw=4n>21Y_Z7j`1tp zJCTAM%?qA0+r%jOuYo2xn#gN%_f$MU@FN#1RNA7}^K177|wg_3z7+!-L;5zPk? z?O+`_)u)GQ6VnZZJL2tvB}tcs8f#TjrRV?*}+Blro-0=)gs!S*j;E|>@Ag9TtASOi`Qg@wFB^$``) z(5k5V{3koy3q+wUqexTEYS9#ADe74X|IDn4Y|rqpt}NMzF8&maEQPUppv;f>A2C)l zkqwDIY?h)w3&9UWSq`72ls{cWaZ1tEFWRjrK3hq=%Xa%KG7^mOCW{i~B8)A`axwT7 zECEZwGO!%104u>Nuo|oZYr#6O9&7*`!6vX7Yyn%rHn1K126lj*APwvSzk}UCRE#j~ zt??1J}U~a1-1D!t&dHBD2@32R3aPAq7-5V6y*0 zH5rGsUpq_I9%%8!+HnP{fU4h(E8qyKt;NcEYmb?i1x3C)re!RX5uU~r#DAOu@uFD~ zW;3zcNfKibVdizZ0AptH&IaFR<`z{g@NI5k(Y|ceB*yHWP1Phb^QsnAlgx3%yN4TN zJ~Nu(Mz-0#v>51EmfkI+D}=wHcdb7**2fOtPx*KIUnM4f%`9iyFDp#iSq9)O7EA<_ zfWLUgn{mNkI1|l8VqeNQGs*ZLjPDS9%a~YpD?)UQ3w{@b^HKO8j;rK2>(991N>_Hv z9pA2u7x2KJ8;(UH967=d!hNFIaOpRyyE@@$FcYZdI%oV24TsECwYb3UKD#(HgaC3( zs8nyr8KIH@{TY=|Jt0&QbTBI}7br;tL>jF)8q35%%rdA4DUCnV1=ZJXT7>O{E8?IQ zVF)FhabnfS9V+CZ*cOK4jPT+a47}D*gX{Ss*17M0oN`iCF^cxHQB_SPB|ql|CH26! zVMPrbaT)w7WzkZF zH+21;aWMV!jx6!j0)>2;b|`n@T!)1K_CX%I~51Gf&lqgPsKJL zhHiB|pQmGMQcY3mG3%9&k5SENC}lWX$&m>>DP{kpqIpd;35U7?}@hdGnmeA?-d`|A9eHe?yM6(AXPe<~a#LYX7ckwDv0 zC^I!*#k0p$EdyCAeaxc_Xn+gwvN2a!iP@LyFN2!C9+s@nve=dcH zkB@oot89~;EJV<}jhx9mjq7tX3lT|BSk4oZx^kVd?glID&3qE?+*eoIoK)AaPg-nL z!VN`%fE%2``A$+!FN4+ce|ao^xvzfu@7TH^H~Q(EV)RqTGBoQEkvTkfk}9`m!AtDOuzTQO)SaDs=WF#}2P zvsCFyKtUi56|tRm*y;a$nW1<)l~Z^NH9$P4`d@ z@1W)x>MQqQ+5jJeJlW>YHYT~RQu(5q5QB_T)u+w3`_Yi#tfUfmr+np?0h}otEmS;i#FqFwO8yqjwUagiV-%*bYJl8iU#_%|ue4_}V*1?a;i_%YM@tOGaG`Co?G`jgShZ)Sehfo3}Y%c!^YBjvH=mteB9W+3V}U6>)9Uafh( zuA3H9POnzKDfZQ$+;mf<2xhOFl2=oEKR-nhuSn2OVW*)AJ54nslj+CWX((%_sb-nl zsb(PhO-A#2T{kr#c~wttx+!O;rsO3%6>IOOuSos0<)`NS$|0o+aJiBfY?3i6Re)mX z<&ddms(u!r7Cf7C8WgVtgLVy7hRKXXoV_Wix%;tWQF1Ao?dfZP=(K(^|!Q-$`C%S@nfC) z{^v7Yw8;3Xs=0^{btv<54}@aZt)w}(Xwjz;-`rPE(_An3Pu`0PJEZl^y5&7<=A$7# zm$_cXOM%>1Vbh{T0u`poGNwg~sJma&I8CaV>7X9{l@IMDHa?;Cm)5enjE{O3)A>)N ze3~<{HL2!*sG9sd18&eG`Hrkj=>EJ^Gpn)9ebqEg-d1MlVquvUEi!DmCX>qkhu-vK zmhMr{^goyN2Ds|e$HYAMRrWJov?yy0HJO#x$iHTN(IUfF-O9N|i$3ji$bEG-HDsaC zpl#g~nx|n}v?%K-koziZD);J8Vbh{ThAr2W`zmW%vNEkbLo;je7d^u?w{i*jG>@|d5^*+qTS z8@)`67JaPO%NMhe!!a|@v}jRjN3$}HW`1E93C*a#12rcyRMVnGm^^A)w8-#P!g4?J zH7#1i_TQTpEfUYa%n5Ip?^G@8%loL8?mor!v9cbk-1lmxMT@kKX;fD))1pPX-e<4r z|MEpOA$!aGsH>G}(IPj-e5T>5Wm>d|9Ytwcw1~0b=hbWapO0_e&HZfHv}lomOC+f; z5h5;(4^k|K(nYiw${==~Q{rzFbMJ|3ur=Zz^_E!3sAOC~{N5teXln z)JXezvO{t#TbW?84CR6g#ibi7XH7OFK&1BS5#Td)3vM{T{n3piKC}Eayff>ydu&}VSuqa?@X<48^0V``; z8*6-u7cNrJwp4MuQYDL*ENNe+ayk3b6-$>aS-xudiVl)5s(fKru38O8NsY>1d?7Kz z&#bMii`m!|lh~KEx0ht~ld;ci0peA_jQvo|=!3;=E%7)u1q&4}4v|_|m|I#Dz*FMP zFq~s7OB5*igPpA2oHpP1Tm`cH8?OPj~bPmVI5YQ0X#d%ayNIy++Mi zwLQJ+)o;+yyH#r+-!^Ui+I8z5(4*&-L?y_wGOa=h^cYFJHa>_l+52!9@rEHR4kO@iDiww6L_M_?Vd|Q)Ek67Wl%= zs$`3<)W7l%({B^qvR`u{tw-1&bFI3vm^IEm16eTuBhDGS>Y{f_!A!U3r z&ND?&ConHzQ39(ZzjYp8bDsJ5S{263E3jZ`=jD5g94WNu#P%X<$9Zgd(5=_yRztpS z8z_5zz}2UbXPudmYbK>uo&5a%nx%Ihmb!Z5RrtUD<$AsiaFlI6{j6{8r`zme-q|*E z2~8?=x=f*BNf$=FIdRavS7g_=vZYIRTKf-Py8rLz^TPh{^nLO3cTImDIBWCF8ZEpk z{QK~x&)7Y;@75pu^4+Fjznhair^YN!syd_JHv4W}x1O38ar&=4jm9(^yz}6UDf2EI z`7+XZYS)EZdVcr9cc|IxN2|SK-bVUtdDUy!%QH{Bru7|n;pv&jX>;R8L>$dvnm<_c zE;)l4zwoW^h&R^#M%>u-F2Eu3R0ea`q1Xq@4CbZhuqE9xn0Z5+y)Ko(oIMjZXW}=) zOV4{`Fvq+fWH6O7nCna5c3OfUUyn$yk-@B6_{e+idy8us%IZEzShKe)9U%=4AK24U5IpZS>XVhD$%3T!wo$b$C}WgLxQfdtk|wf35dsFr%8i zpHwHsY`#yoO|xFyF5G10pkHBhNqD;oqWEV!zPWkjkClJNboJT}`@?Aa^ya`d2f&5Qgwt%#HPI zEwJqQt@Hyw3@ql*xbN^P8yz#4?oqd<6dr!|a3Plmf68OJYKGQz2f?=F_#@qR7>C1Cp>NI;M+SRrgg3p z(Ia5**SqTVS^A-Jor{-Rec|7ranFKJQ?HjvO{+Ax&D(DK%gY1Lw)bv%`hoeO!Xfd8 zVw;UkJ6cfs?U-vvR$qEIW$v={CefiEj$Ceb`h(*;k4>j{_>^4rYEIq$vUwBxF0U9@ zh_P6G*?Qoi_rHGdd@#Z);ZeyOtv0Wlv!?nC$3CMSZRd9`d*}6vo$28dH(n_@xaiS+ zv-+*LaBuwu&+qmGvib@=V>$FoPF!E+k54k3}%eyq~5o>hVNKEKE>XwP+>`| z$I&6@*UbG;X!yxA`!l<)l}-2BGtTm*r&EcKh7G^obVG+XtH=K@{qoKwuYYd0`R{}kTOU7M9a7A0-R!Xr zC-3!6yybcQ;j8++$JljkYtDLo^87XL)?^-aZC|m&@PwAbe_HC5@=M_wZo~d*x$Ho^ zALFpstAC}^f7`hGR+|x@yzOwvsj2sl`1`GDee{PBQLCc5JzcVIP0@EACx89t_{2`T zeFN@%_sG9Z{Jar2{(j``v}Ny=b2s+9^bUP>dWg@CU6Nnob|qX5-B4MUa^qOVo~a*B zb-nbi$?Ip=rZ}{T4cjOklfG-;v3ix7J(;%YaZ~5lDOZo4ud{c%&-+{Z_y6_FPg^(6 z`YZmoElUqI{;Jp?JC|?%(z`^=^4NE$pS+KjAMEwVg^Al=-%0=a*W!v(_vGuJAHk8QP-Z*>a$HA#DTfO$X zHmBr+9;a4sn$V|F_h;2+JQ-QYEQ3jScJE35z_*nK_e&fxvG85#ojbEN+JgCBx-7Tx>aXV-hV!yB75N7iRB|5m=yqRTNU$qy~ghS=EkM2Jt=he zmx|xFK3+HB_RQ;vQ&-Ki>1)}+V)D+8U!^|$GlOw-*>mN^{VQ+W9{e#PZp6Q4ulsyR zd)(}~&4XRG)i)%4e|h2i4g+0Yj(D5!V#??Yrr6M0;ny5&?;jg1Z$F{ShofTyH?CU$ z@6Qtll)iN4yAi$9N1Ts+{Pz0XgGVY{TfFjig|EUU*FV_8ak*po!J%z7P8sqh{>L%?1vuaqx%uL+6KG8#{E(s~*+H1~~XI$Z(gZyHDRx z?!~k_w{|6DFxU1hZ#V7H;-f=1?tDEcy|C}Pf{Ss!mKMb8MdKc{VBuk2D{w2ls0AQK>4M< zeRfyax#)Dy3IQ`aF1j=Mt#8w@+j_nqmsT#Os`u5S7Vo`AyqvVd2j|PEflMig^vHioAtC5dezg+(7<1^N^C$C!Hamn#Clr+qa4tev(j=k5W zJbZBV$(a6Cy|1KR==!$X@5i>BuTiw#w1N*Cjeq`T;>l8NN(G)jac=Re87)hWZWwCU z)hFe^Za!OUySL8d5rumD{&l&gMY#bn13l`VZ2R5JJ#8G;z5To1+(sKuo;xC$zRxc8 zaloi%C%%8!v)<(E$FE1s*<$&_hOYu9H9azK>aCeA98V0p{jk|N``9a0Iusk%%ywho z`2J{Hcxe0K*=_o9=Rq~E(3+Vg);hZcJMD1FF>h_uQNY)1?@I(v8H+7(U? zb)U2CP0zF8OWMs}CLR8V-PLl(Dh~HL^UcA(_tvmExBvOTyW^)XY|{VE;rh)iJ~V#U zf9IIS!&dAZJGbJr@wz{UU}|sy?6O~IP@%4Oe!t=a{PL`noA#?dUj=ed8>u1`hR(N zN$(2ZRE#aVy1~uh4GVw1-l6R}NB`Oj#xQLP{(f+m*ZqW^2ZOgJc|G;t@4N9@t={ie zUvS*j>cZaJ>le1@l5oRu^Y&f$QJ#i;K+YlFhI0JU#xoY+_o9G%@f(rKAfR(m`OY<;}{O*j9sbsp4;I`UOz`Jy>ZJ6E0cIx({8+^Zc6oqlXJ_PVWi z*;|v&6j@n(=&u{n>JF`Sys6XR;Eok~PFz?gW#*YeO$R%i`YNgFv00CnuACG3HZZD8 z_*ZYDWd8-F@~l-*O#7rXj=P59NAj%yNb51q21W6{5McJTP-o9C-`Sq^o1Kkr@p z8^h}F8(#OR-K;L_e;D%bvx5@pP4|^uOD>d5{mc7y+Oh>ZYlV9)+IiRKx41u-jo-UJ z`kY;x$6xyn`m5RAP3?W`Z>%aha>4joBfI+8F+wKo`TlP0RkxP@<`(pHeZY_{ZLdZ* zv~#NT`}`#p@0WRZ#~p>sLs7l$%hz7_#CAUnb}!{)Ks( z{b|gISWn+(l*pJ-WX!T2ne}Rs5%vs#UwPOy_pyOji(rM(a+DIU8;#Hr!T@W3-0r&W3A_aLvTw zniW-q%ZJ&6u@F3`uJAk%UU9|(;hA&c9l|r3m#45O@_b-?0wmfn{b9`%|NiWA;^+8i z#@`c1OW{f@N3%lJEmT2UFqJ6mdOCw=x-iII5q=lF;d>!`J6u_)x}`WBEQ_&H6Fl($ z+dB`yD5~^G@s8OI+>O{6{ktn^A?`jD%-XfXX|lg zt@K#C)Yt~1sbiYOYjOjpS#M2lJaXgga^t*dmg=Z?t{Ry0L&YsT$4M~8(3NVyuVOWa zQn7+ERz{f^%dvc?Prlq&!0fyxOYaemCOlbBzD$eLc+E;8shG2}4iI&b8s5RBMylg-Tq@Ny(xOR>r=}4f zQpQrG=Bo32oQilOb#ZG~gw$M>%Ro1khOAbuZZ=tBeO(WcRfqOk6ZA;R5(IH3Qyotn zvRs)KU$wP#oU7?RnzUU+>gc*CV%MB}HpqqTJo%uGL!2k#W2I*GXmWB^8$~)<3KzC( zrR7(v?PAqnE!W88KFKrkfUiCk>q;utl}fAqEFyZTy2Lj^^-^^_nnaVA#vnznookUp zP2aUVb#gt`AC1Ike@CBE|E8*jDye)gzA1+=ljB&`N2;`X3V-zj_?P-NRW-u@BQCH1 zM_jRb9fSWq=q2IzaSXqk=D#uiua5Bgzd9m{S}zqp4FmX9X*spN=3}KNJwEV2&t*0G?($WfZQr|pOklRf1^2Pw4Ol(%GHWXDZlZM z^bTfnoX@dVej7=Nh@#gKMWc&f2`e>XnI){ctYG65)_h8()M+Kuz9s5QqSi{alo*g{ z32RwJYS95s>LKnW#AOx4$x~-|!aPX}vsJ`NmM~NNglUgo9YWONM<d~h%^tRh-IB7>M6fxYQcP&y@YVSg7YHQjyR&7L9O8G=rYSD{W zg~}+OA5x1dYPM$Nk?|3;Et2ZkTA?&Gg0w9{Z@m?3pxTn8J0eob%PK^{nH=YH+>ml2 z{k!h3l~+-v!mX)f8mR zrlpb=p#!yY5t**Yljppa9!<~VR<%`PWyDExrsS4Uge39N^*I%d^!GueRcu7c)g$F1 z)mRt@Ge<_N0?v(B)6i~v#CV&PaKm{Gq5_%h*;f~r1#mqHx=Z_LrE>w#}TC#Sy9vp zdQGHMU)uMWHhMu-DzW@hqdiorO;L;L5%MI!fH+W<- z)Q>}b>L@)YN3i$m9)W!a5zB_G_)8AqcA(Dl^zU~yj4+C?em^v*gGR<8G((HaqMQh761O8KXUB&W>eIGx>P8qYGj8>@ZfLX~zxBzzT5^diBC)(T z)nadTGRy?>t9DPJ-3JdR3+ea4)_QS{8b|3GA34XOOKpetIgL0f>Z|TbSE26h*_8im zda_nCi;bleR}N>UIyA`6BWMM(Q86_&XQ6tj< z%(-AJr6OtY$WET1j8d^I(ptaA8uD{Bdy4d0>ONm+?d z((96q0?9q9)KW6SAa|@%mn!;!in^9M2HHY8w1f803FOQ0na~;b)6K77E7yq>`&kJ|q}b1j@5D-HQHzT*ZlnRh(E<#Ys$6oWxbdiG@_0SVYB1TveP{M#V`CRh+~~#YqfQ zoSt{&&`EE}Uy^6U%^rWzrE;Fpuk*cDw6C1&%-m|1%cb5y2>IdJob+pAy85+~H+~Wq zEcL3y#|*nQ$8z`ePfmUeDX5tWi(x(70|`X44m1Pl^d1i#U=R$4S}68AG$%<~Kp)6~ z3=$_3@?boSBk=Js2NuE<5^O3ggk^9tNjDRg!AdA35sTn#D2Fph&NJa!SPyGS*sEb1 zJPuEj#LvJ7@ELqcVt)n|5KWRFgx{e)3EvD-$iAu220B1&D%kX8QOCi4@jXRXW3K&l1Hv&e( zL}<#uaWiNG$HPzXABZB+OunR70j&864Zh^bu5qK0H zgE}p^1}=vy;1ig7oKn-^B)A9qr73j+^oJ{Cun}y72O+Mt zQs+TAtcEr4D(r;!;B)u__Cwz`O6`Sx@IGX%BF8m7XluoHGc>*Kiwu7+#iT6j?CpwvU~4EzgTg_a$adIFw=@K7MtbxcZbb={x0KSLZYubox!g!bizw{s<_axph5T=70QhSl#ph<6~#=x0yDf}D0frAj$hkOLJpcS-- zuV7za;sL*c>c{o)EhLwQ4?;ym& zWS9XH29w{R49);|u2Sc~&9D(}AHp7sJ zk7-J6hi732G(1VE^Wg%x5cWdebZi2n;TC8%gZuz3;5e8I^I$ow0ymrkZ^Gh}m0AKz zVTbHz(iXsScpma*Asa@+Ezlw#nUDs{A)$ae2@;_IQf3nms0(x8ZFmQEL&rjF4fn!* zuoZR*Mc5Gb!hZM?`W532_e1m?$`M=!A3^C{^oH$_GmkO|S3|cF@&a4{wdT`@gPHJe z_y%$oP=CN?I0V-%RB9c34P}dH58xCy6;6ZG;Y>ISR)HJNh4Y{sR>KDQtBP( z2Hl|t41?h?0!G4#Fdb&VI=CKgfE!^w+ysAvn_&ao0=L3#a64>-zr!7{3GRfuU^Cne z_rMmo7w&_ta6dc%+u%WX2p)z<;8A!C9)~C3N%#jm1y92>upOR-9q=4H4==!r@DltJ zUWQlTU+^mIgkA6&ybf=`oA4IA4e!8ico*J-J+K${!Taz5d6^Q?aiH&Xe=fs~om)SYzjlApdowq86>bgFyy5x! z6E`zFyPK{{gdT{SonUNsU8L9O-2%DYDVKTTF8<7Dq^X*^UGF3_N>2Kbx$8*W$n#F& zX)*)3r71@}-#ijs0>|&L!`l=n2 z=6;Y*j+U`$A0nE*}O|`q((_P$X#~jOh_1*0G#qj6YK2%?3 zAU(t38ENef+p{`(H=JMoy!jqznEuP(2?o4u?U{v7La!|g@U+qXYoeK*JOUI`#mGt&m2_SOim z8g7o^aLm0P_(5v><;H#@=D?Ed5_ow@mzce|V2p5o@O z4Y#}5>p{cKv0btI3l!e}uT1Ra_7``%n_W-C%`xtFfA+ZB-KsD1DB9DpUNXWn-0XT9 zZjSw>qo}82dt?vKQBTJ-vd7P!Ms_zxnStW|7qO?k?vZ>A#-`U?iD|RtAx6$@Xn_5*{_2MwoSLL?K?q)C3;^wcds=k{&{S1GOZB_MU z2GTPeo{`$_usxmY7rR};`Q^`>U+nd#q`SG9^{3o-R8@cO9c%ikTz~qyHL~0T`MM#+ zbMN%WxY_GLk?F6#uD+YSJQ)5Q>+9;v45Vi`JR^6x!}fHpukCgT=a)ZkezDirlJ4f_ zJH}Fdw?K7IP2IwI@XwnEYnmql`3vWlW0zk7)gk)$u8b#F)#u|9x1lpTyG*;AJ>A94 zUmwiwX3rCbn`1xA?k`YyVVT%UHn%`Jgzf1wc5m2a7klM9PHT7jGvuW}z ztBGAe-(pX@5EsLZ9A??J#;(iZXNda?5QoS>Zg&#*6kFUa^no12M-^Br#|H}f5DyPF;d^L_I`x{Qj_RMh_X>S=e|EZ2DYI^t%;Rc(l^ zsoRZCGBu5AF4Mm*?tpq8TU|E9hQre`9mOLQ^HMndLc1;qr{A$mKYP1rZ&&oTO1rhK zqTRfqu2EyK^KGl_ZuT}n-2Amw)pxVk*M>jGwyOFv1L^tK4KK~7oj%(33>03?-TbFt zAekF#9QSZ|W`E+(mR~mb+#^W*%+0*-FuL(>&I{V+TSsnbX1cKVk?HH!i2DxXYPYW& z=N;Vwg%{XubB?b}OMP8Kw;P@OfhO$AMtn#Gy#SOVh%O zvVLJk-R^F+58dyTTGbJ`rjQ&+1m;qf4p9 zU#Z89HarIrhMRJ8>=QqI%>q5;Sl@sPWYhC}P23#Av&8Q~Ll+qls&9#(qd$u-F_!qr zH+%KXPy8(5C0P7LTKq|VsfnATo|f>oSi(!S#81Mrx~2HIC0hJNSo91Op8v9`jIl#= zybf!*4U<)BZ_my2xK!b0*G2r9=|Dd+2PsAzl-urRFVluwu7s-RGi!Y&-)Gdfz;1Wu zaFr)Kj@|gn6Q60W)3CKQzwoU%abVjJ&@C>9OH7$^x%lfQdtIhAjmG=P^yd~xPstPJ zyIi8-daq2ao%ZMEsHfJWN{bemEi8Fyq>oI0Zuay;8Mnutnl5P;nIn8;`g5yFW_ydw zD}7}8bE}nuZoX-x$6eF2gGFYpk4%4VRq0t|k=f2ira!l;WLo<#b$w*|bE`_GX&1>$ zGKwMlxC;aK3nah1X^G$W9$oY{&e{f8>m|p0t=EGtd%a|@U-U5+^H~83xzUNoMuj>~*psQ%k>^%k-~{JD{G&Ru{%woosg0;vNpq zTgE~$?}pPaoPM+u?&{~=V5(p2?U=;D+|0Jo&-0EPuJg2wn^R0*mD^3bo4pMXH-GI> z_1*0DH2gW%*VUI9NYB4+c)s^>N86r(!mGKP|MUwabAwMGrTTFXhiB9d?&{mDX64T} z{ZgBI>zA6l+0)OEY1A+F`cvX(Zf5XfF ztIfP)s+DbBUAL;jt4SOrZTj;!OY);tl&F7|q``t?g7fA;XIU%v$MS5@6(9jD!FsY4{c z)WprMOXW0bU`eApe8Q`VTUFs%pMhQP6JAZ+stPa95K(l`&a1NSxy=&Z zKudU%uWRBKC>{KlX=RLm`g!h@Lxc=HmHVj-ewmw3pUCcJ*G1fPt0>-Q2;^q33k-jj zeu$}yNHfRFd5GjA6Gt~!_(`L5i!Q$X39Fl3&&o2beTKF^GX1$#CDYpewegYZ&#fw% z$(DT9!bhe*x2j}XpGh_Jk?GH^Dw$~(JsbGQ^ygNU%oi*&SNgQ!)->|AslNHMa=Q1i z$n<@`z@J-HdgfSUdY_f+^^!lgKr-#+-Cj2B&w3<&Ae&q7Hc7dXKCloE2?j~*-!N!H z@iJ*Ag^`O(YbiC97h5jI!((;$R(GOOU*Kt3vQpo37q*(OZOYqc+v@Rs@cMk4yMa=_ zH)LIq#)QLN%$TN1rSn|y0K~LV>L5Is#y7rO@tyIusMk@ct2*VfROe5YX$ z-;t+&NFB;I%vpsrYXsi{AIW#>d9FNkv{L^Y!#CQ;@g4dJe1CkRQddsqo90vbHu*{1 zSMXi>^g_az$E#Kgk+X#FgO~9w_EY$tJoF=417IK!j3O9CFlsmug!br~AkVh&a2{L$m&4U?EnE-sUgqCm1Kb81VH0eIEpQ(^ z01v@q@Dw};|AN=y9e5u;0!gFeNuTDVO$KQ*j25Galo>EVfHlH@Y z{zlrwk~XX10l18`na3Uc$`-`yIBb!oRMVEc0|oDqPEA{*D`|CEx>D2HF@LYUQi;ba z^&M>Mpj0_&_yz3i#P{hl_??N3NmHrYcEZ(J=uY}R(Umo7y77&AzLFtnUDQ*l>|WIQ zy~!W&LLY2H`j?PMolhWdkWld?(!Rk;eM3T}kWdZD56wxe)+3baOM*=}k?Y78w~sfYu%wv$Poj^StJHDx$YUks)%m0g+`E8$M!ws+NU2LpDL;#q z%2~qe3rm%%wM?mh!(Gdjx~_~oyaHQ6_fyDMa63E$?}Ox3OrUar=&K<>)D_WIL|GAC zMN}2hR76ot2BM{ijv_jWs3@YLP+y_CLS==z3Uw7~D%4b{sZdd&qC!1|Y6{g9swvb` zsGwHDX>dB60cXNlunOF84x9_+uo~9D`EVgz1Q)|4a4B2{SHP8U6|9A8;5t|bH^6$h z32ug4;8wUD{tkD*op2Z24fnvkuodoyZSWvG43EI0@HjjHPr^UoX?O;p;5~kok~3c>2=W$wnBP6(iLuk`1;g= za3RDtAm6~H@H@!5Q#3xDCF6pWwfc zla3r%4Ljj&*bS}PArErkBDfOP!ah*#NgEgglVK{{3NOPhXmY$#Eul3mf-7J|2l5AO zg;$|bN9r(W2@Bv+coJeeQO83voCJS|yWl7I4St7V8I(!b4F7?Ha0rHHlAqvWcnkKz z`_R5K`4fuaUU&!|0qL`KhOTfHl*1a>1uBd5htV(zrob)m4SWxMvuVd67cPSx@FJvk zC67Tg9zKU};5+EujeHC9VH-RSPeN>W-s6S#eaJ8H1$+hb`;u=!IuU2V*N}Pw zvLUHIeqa;SA3$D!EzmTFwg)>X%1-^#HGtdEE2I(uj2`x^hK8B_6IBbU< zkT{ce6_&%3umhflo${SK302F!#_@Fjc$ zJr_`aLk?U7cfe-&4;+L;Fnl55z&iLCzJ#x#`y%WK`%AIc)Or>5FVX(GEB)2a`}?b3 z@6XkG-YU6V3&r2x>dUms58h*!VcTP=p+DRHf1N*;asNw%m8A6h6^gQU53z~;WAGUq zghLSFqP>CRK*lZV4yK&nUAOt071y}ywyYe()b&ZppQ4Mm1DrG zYG)i%T`*4II#AAjyox>0hJAGOyK5&U4qH9otR3shFDUD_{h12&+cF&3D%fP-%D6Tn zYR!cI?On8P4xb``Wc9KHqbm3t zr=lX`IUW${(!x$T5XCQXPEyea*eRE&IGlrIi;C%70D7E0Vi;uJDhvjGSy4rl^}@gW z>y9=rM$!|61)b=%8RTU!I)HUdWMvz+9E_Di4$tB89E_NQ6?0;6hy_XCmvGnx3z4(R zV3e~g)q(27eMaj&TNYu$e^0&3D331 zcChkz&ckZB2o`oEY&Z|Dgll0VY=wtmIyRmI7s6$5D{O>y*!*S~kx4HR+^`0Y@64SJ zjDT@)YZkh}9*{es%d_c8!d7?;=5Tkj68dzbHwGucOo;2w$QG>ZiA~^4SOxuia~B1* z`f!&5@Ap;e7x=axJ+l)?i~iKE&}e{CZJ|XDy*X$zkUjJpM4p3*gGnnmCzrci*f@l{ zeRy&xJ!W`)7`=4J$fNfOy+;u?v>Z+E8{)^1uV62H0uPR5lm<3UBwp|Y$Q{PzlgK}C z1Kb4TxNDdW_i+axcLL?pNC(&mcR>ew@YygFq=$bTz4R>T0l6>&ra}?ShgmbRA*9eV zZw*<{8~%|`nS=j<^vv&uf52<-3H$~!EW8ySf>R3V<-$6+1vZ}eFJ7Kqzpm7MdWoj)!;Pt!s!NQvOfz}fg8?+^Wer(?s{P-NL>)CnjLkb zk9r8lA{NyP<5IjPEo2N*S_>I}l-5GV9;LOAaYtz_WXy37d<)H+QX|3T z&8eY5#vNt6QN|f%d{M>~WjwKenm&FgHjE%{dn2d$V7?_NG$(Wanb!B&_rh{L4P}`A! z17SLt>r{TzTOS9L7D2|n5>B8s5c=!mUD6`RSeLX2y+B$78RL=`LB_YFMUb(ro24~? zr-tZbTGArOc$TyXGM4qya9Uu<96<{L3r5mgfH5cP<5oI(qhQC zm9!W#W+g3#j91+_j`0lG2S3976ZA1E8Jm(ZDH)5Bu_hT~lCdQjQOo&8*qj7i3IE#$vX@ zE_kg78x`y0Ei%p`<0~?LBI719ULxZpGCm^XA~GH#;~+BrA>$r0-XY^0GQM%R<@>Wm z*aM~LEZ-bcRg00xv#sk= za;|K1Mn#hEzhrezestZ5Yg3#1x>O`3tK?xfwmR_ClHZ)%3WmMf`}6oqdN{d#5Z7eD zhG$-_6q?AKcEb5NAHRL>4Nm^X%xF6zNhL&8Bq^WGrEV^JbVS^?oHZ_5CU@?8-r|(I-lx_%8JU{r5-+@3A;kh=$k35u_kOov`5&6XoPKu)`dkP zEKe?-d^9WoLhrlIqy1-}zM*9l8!>@L_u$K;K<-3>g#+zk-sZg7NA9oyI= zaBO1)j%{3ZRKpoKi45zpTQ~zBMzs{qz|_3q8n~*)CR_v4ruuJJ!!>ZY2CiwxFkAzN zYhdml!Zk2=P5RBqAKC}*73Jv|_KKoI-7D${y8Cgl9$|5@2#bq7!tVa=c#pu{@d(@< zUv+oi?;YW$1dp&y2?*Pia0F3ZndA|+G6`WTla4T|!&5y1ho>TNcEwNZVKutxO} z)~NmwM0I~dkFfm>5w^eK5k~cqCLV#0G(q4aO{$El{^Ec+bYScosg$Jhc`lEzc`k&_ zbBVABF3F_Ykj)shupIEh0pl0<;dAUE?r`xj*6t%x^H|A84kI2<|IY0{BOOow9>qlx zh9{iJXx*D9Ks_88C+UJO86WBLdyL0dgw7dhJ!Q9^CR=w$Ju;F+I-8X zk~gAyxCii^jPC>ZPCi(xlJ6+HgxZxQxTzf6zj516rQrT8!BIlAkCZx<^hjoC=fJOw zb1>)7{eMC|$80jAw9UEV}PEv}G zb-To*l<)dwW_g#GeD*vx(tKnxUgs<=&XCxUD}A>lZ4k>jFAg5rKv_n`JY!+LGWZ=> zOg+SSy4fye3|fg9jLjTU3y;r*$LFdw>iYlPxt4tERGgXz9AJ)6V@L98$H)lAg(G~2 zax=_QZx#yAzE*&NX75n7%nkL_93H>sfiA;&Y}qQqQn#C4J$qe-^N5^PhNXu0_%#o7 z8O|fgRvDH$-t_9(>oS~&F03*vHN3~Kd7#U19y7Meu+;6QSI=IT;hYt%GAuQ^$FF&y z%W&=)TV;6a@Nlge9+C*@Aqg|*TlO_?_T3gK#^I4YmU9rOYv){bTKYBK((38q_!Z_{ zhg$ktR$;~yNC#nhRGll+F;$MfI0)3E>RhwdFsjZ~Yz?F8T-P2!RGlkczft8CEA9C> zJI^N1y*)oTkZ0u9-}0>8`dgmMTYt;*Z~5J(-qt$ty!|iFwXN>*?A-cW-W9O^mgn_H z@>||ZI1>Ly8os_*H&PR$on+VioZLkQ+A1pK3eh?~E)t@_-*ISPWm=)S zu}IsV|Ld`|h(45(z{{z!dJ3r!Azv|xkCJ`1ik~}1GKjvpBDnYN(tb~5tG@E)o#dS; z8Ol(Xw*TE6k>R9Vb^meWV}8z`W|X+kCf+5(D*C3mKNZ(bA5oEW+L;vz=f8uT$$T|J0?JFLs^X1ZC25Vh1y$0m9>lXhI?;m8@44?rH0X;Y^eZJddQAwo4yiBU^O#i+jXW7P9AVpVc_yt+ItLA~2CLGA3Fpni-=QuC9N)U9Ka)Y}Ou zs#AVl)v{eZ)nJ;Bt#m#S`lDjomzm90G`Zj36tdkZhF}H<^8{R^V?w6(> z%u7?Zrnlyny)`pI+Neg0+N$f9w^eucPgffjr>pnk+N*5~+p8Z|9j~TN?4T0MGSrm% znd;8wS?cxvS!(B?9_r`XJ=N!D_g3Fz_Em4x>Zc;p`f;wms;D(UO`Dm+T0w)<#3@77 z&x?mDcj7SBtKTrSZ@@4$=*;2jgX|HiqUVXKO?)0RjYg?@okpqaXN^^>TaHr?u^`Ov z(cGfq~qJ!h)#r_59ha%ZW}3iH*z zD=s%XSAH8OiS z!+d2bF?NNTGVB!AUpQ6$mUOyG9CEr^Gv^F7JoZeLR&tiQ|D;taYuI_JYfQP?+^$>= z>0GV`w^^;m4_~d?tvp{Pjk-WB?S7#uT6U3|*Z&e#xa2Z*#mdXn3mq?4Z_T}2MNGX? zwT!z;6}G)rjjgwicd6H@2a>N>?F+AG4*LyiMco_K4+-m4@A2zZhp9KIpL1_kH%-4q zb)S73>vn8p&4a(I&-3q6nJIUxFOR!N?VNm%8Zl{$>K}El%8I{NC8cgv`}=QI=@}2G zPOe9IKmJkme67b-LhGm0ojsmbgJwUiV!LctwO2i>Ud!L1c1Jv?GE$yXpHFy6eK7i8 zDlu)Rx~j=*s?Ge@)T1k3W9^+c)Qq$@)wJw4RsD`{sjmv&R$E%Xqpt4#j>;VSj(WN2 zdumtD_te*u_oyAK_NeVm_o^=%eW>0V`Kfxb-j`};k1y5q!Y|eA*!~-tn63Sr`|!eblE|*JhnoLgsMX;(+t|c z@z4Rxc?!)L+?TlueL&_bWKd(s%rEn+jcr8zUI;1PHf%sCjBwLm{G=VDByjhF`J zoQ!^H%yNVNa3$1f$@}+U&e8amz5(lfXVWFE*}8Q!@d7iD_qgA{f4&IytAM$LI4ky+>gGB@M^nDawk z$o9?=xsmqXoF`J!%{y15b9d%YfXoRw2vL1VPmo!Itw7dG+1D2v!LK0mMZN)!matpwBAo#9ro+G|$oJl4P^*1+52?kDx!uypq238f0$CWRUqK69(&Z zOv>2HJQH`WKKsy|Z*uz(?lHlfck;wgeKz7->}CGRYs2(8D4(*Ic_=Ro#||L#P)>j$ zFaajQB3KT2BbkE&<{XvLC+hQ5WGymTbESPA`5p$q2tu%UqT{AoE#11)0;bZLB`8We0ni+j7G=eSXU(_AIrrs`NzAAOnFAy1u*{xJJq5B3i_D4XG=+K(%(*eiQ>kaboFnrQ#~*{N zw<7DTY=>vToHKL&NxTjY=G>XQ>BJk%IW)~?kj~HoWIoMuSOsp7HCAM8mBlBsZVZ_7 zY?jWXP6czmP2MbIf;sP|MLx4SAq|#8LIL#vnDcN_W}`pU1(}cYHoODoyqqnCtRn;W zfy~X>3;RLVNs)OvTS3-Fk-0jTg3Q;Ebx=y@>T96L+?||x-uXM-O1yJ;YR&h~ATY^(x2=44LIAvpZ#Gr_AbH4Qs%h$J4cx^=_a$^nhVto!2vi z-|Il;^cb_jwf>>3nPBoaI>hF&>_h$cwZtb*dE*xfaq^?HCyk6a9M#|G;FLFxYMA6T zn|xm#tnR^Z?5kfWYpNSm$wu0tqtKBxTYGa`~DT(N^XGIxv)31`NWnCS8K_KgKJQogYa0Q|wB4Q$=qoN}s zqs~8FrE%JA%FzPi#6*@9Uc|Dk%W)pf{#5qk33rhyAY>YRC6P#eXj;x@L{+Gt`O*-isl;^n58C zrTmIgk;#{%vi+=_k?pm%N?ZF${}ujwcox_g^K|Ss78iD_RBncoRbz4+3qnFX9eCkL zHWJU+60*-5C+W231K+%7ULpJ8+;q`RJ5Z6tdRqgyNsN;Erec*pWI$0i?(Z#|WU7h^ z#)7o1IVC8MoLNS$PUC10e;zQ{YJ>c%1ApP|5X}_rMA^n}7Ia%)I2ySH`K1?H+iy3+L{}A%(rT zUjgEC9Y}V48pw&-df3tIe*&#d;$msq>amyRuM2z0cKz7bVn2g@ZT9j`t0YDld#Op? z>?K(*VV}hQYW7n5uV-JE{q5`}e98VT*r&nVyppoww7fxS6N;CeQoJl}eDT8Kg5||& zqZgMIOT!@7i43Rn^*BFp;q2mNWsB2tOVUOa&s|uu*zhCql1==Jj-wYZTU4+xvuJUd zey%FN-MZ`7HNx+xlEP(+moJ`EmNsV2oRY%gv?+_16>&ZX)S-XA&#;SroPXsNEuY=t z(#~6t6XPo4rab2on_~ja_EPD~Z)px>AKtlFPYhpL24LF8A?rzb^NpOT-_n1i5FI zu>lzi*ak98^90EF!4BZHA?^EGa_|2p$bI=pISPMt|zjC@BCWk5wJS;O;2j6QLKc1~D_E9#_m}P=7Ahb>@2rb2u*LiW3+Dl>zVq zhVNtuPlf^)sdUfLERKq}swZpJ%S!ip_!1vh8ch|QOkLj$30+%gc6=?UbnU{U11G!c zy1p6$y0%nJHM`2kB!VTscIDd&PIfhQeK7=dZEe`~xggRtOZ&D)<@{>ux;+GRZKaxP z`ShtE(pA1*B9C^Yen%}fy?!-yeIf*OO{aa7^8aYi=-PvJD~qqNRJNq8-+Ye&Pb z4+M>_^4%Kw%1&jwn!4T>61wX3z&$~wt9(_+$*#JtcZGni9aMd-9=IcjbnQis?df1w zQ&)Ko8616=?%X^0)Acw_$6JC*SNZ-`<^0-#mQ3s^@0taVU7dA}MMKf?MnAe{;C5v9 zTXVS+lb5QNa4$8V;{sZxMci4PisZ_+OXIFu^jYUepZ|~hzijfPQ#)$vdQAxE+Scgz zT@^IC%Gd3(9s7Nzu9t^^u5FC`D(`p%M_KPdUX@z3a@jIscY7Yb#a`5xbrqM7nmNhIPuXrmm-kfUX^l z@nCtUE;#B}x&P~;jdA;qSD3mk4FO#{81+DD5b4^B-0F1yXX?5j1axi5QyMN43-9+uBcjStcqd;#)vm zC5PxKDyb@IdU$c2&JqKXwrPIiS`Z|09Yu;xP~({Rok3of_c@En|7HB@M!dT~Hh(j; zqslqDavD!(kpzi%^AL)+Olvo%yVo?{!+E<|;@!kgyk$OdFw|eC@C3O`&C;gdFV^1g zUCuAb?P3K~lS-wetGuhdkbjcPrH%8piW!`l zOWRdI?9Eaj3!BLM-HZ9Rki1b@Mkd$JBQCz<_;plkE&eHf;$IYm@t0T^8cWxdX|3A| ztqe$S;BeyJh@Vl9^oP9dUU$Ex-8b!XjOTc@ z{ltISF;Dx$iN86IK`#aN{BR28U=g;_ts*s{ymjlZ7WB1CN9-y2g2kt_J%`%foR_gY zMC@{^VFPdJ$l$FcX+b3C=+=}~uB)!S%+GrdrsYw2b@M9yU0EL8&D%Z2#I|}J-m%^!9JLSzwSy;)RrF_d- znM%{_RDnIjUb4wP)XJGGmz04eq`r}sSHC}?0n5>RbOkzRG220;`vajlS_?BblQd40VbuWh!G`g=k~HAMo~vCC8L9_qT*n|}6*N(<}i0=oDu0648PsjI> zOqW+LO@q@4#o39q-$04J)R8#UCnoTo(>{ivuL>jy?^v%2HSm0Yc{etA@_;{G^|{`KL8WWpdFlBfq^ryY2%bD3Z_!tN zUT@ByJ}HEBof2faI*qfNcAXdkx|(yn#|4qDRn1Eu9Rj+VbCORCB3-MRKRrAIbT!A< zhWOF-SdXun^Lz*S(I=ntfAqU?!7|TxfS))A%RIP0dY-S0l{&TQf5v&fvTmqTTnmCE zKOe1mzOw#gsKnd;c6`m|H=FZ(<$Wxtc>k5>`AXl;$tJ;4zx~nke5LJlitn+X>sj@C zyGLW5ZwEi||0~S%ZRaQM$3E>3XU^guH_x|?pZNdP=lQnuW0&Qe|D*f0$7(L?A2rWc zzJ%vgUxvz@p`$y`H$t;bQ$IF3dh>i`orv+;Dlhul5#4y#T-K8~oO;DOU#MpDe7pLc zf#z?XZzDf;3YBuE&m%fI^L*?7DQsi!t^ZN;d{h0{W)bH@p?=o$jomginb&I0^G*6w z*yE3z=PTb^b!wwRD}NmMJl~bP86|dz_hXNv*Jl5*?U6ZO)4H-*pn1OjTcXO(gC_8m zV6jn*9~&LLdA^5dBkO$B>d*6)T18e4=*r$I!T&tp2;-YRViTt_w3PElr;h#O?P2B{ zr+L0+9&xrx<$Pk!^CkL@b_w-)z7ntS7Frf?p{{&iT*_$_$b4+6$6_H4q~5Ou@{M+B z6YD@CNPi(2Qb77rb)g#^d`yUy$bzCqRFYXD~T1 z5ab!uV8{h|J~kAFfjrk60V6@4N9MsOkmsmlU@XY<-|;X3tS!wqmFtcRQ6Z*VhgfLq{JxD9THjqrE412(~(a2ITbyWt+#0{6mwuodoy2VfgK z2oJ%-@CZB#kHO>c1Uw1!D%1s8@3KBL09os^5i|x_3$-aU16dEY1sn&mCT>e;1+AeCv;|oQ zxgE3zSqHiUbOc$WIs-C6*4FLLB4I14+StA3ZV#!VGhiNc~AoLVF4_JMNkThVF@gSWw0E|U!Tz;AYqWx4^A%8{7^X;qPzDw_{1aY=SKwdpD(r+^@EW`h zZ@`=I7Q7Abz;1XK-h(}`7xuyX@Bw@XAHm1)3498l!RPP=?1wMmEBG4z4d1}G@Esh0 z@8Jjd5q^UIz<=R?@H6}Zzrt^D5PpY4P$7Hb{<{M)5xSeW3*qh0Yk~3fBo@*8f& - - - - -gLite LB Server Release Notes - - - - - - -
- -

gLite Logging & Bookkeeping Server

- -

1. Release Description

- -

This release contains the gLite Logging & Bookkeeping -Server module v. 1.2.3. The following sections provide additional information about -the release content, the module dependencies, the know bugs and issues and a -list of bugs closed since the previous release. For information about -installing and using the gLite Logging & Bookkeeping Server, please refer -to the gLite Installation and User Guides.

- -

2. Changes in this Release

- -

This release introduces the following changes:

- -

 

- -
    -
  • All R-GMA service publishing - instances in the configuration template now have default values
    • -
  • Bug fixes (see below for the complete lists)
    • -
- -

3. Release contents

- -

The gLite Logging & Bookkeeping Server v. 1.2.3 is -composed of the following gLite components:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Component name

- 		-

Version

- 		-

File

-
-

org.glite.deployment.lb

- 		-

1.2.3

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/installers/glite-lb_installer.sh -

-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/noarch/RPMS/glite-lb-config-1.2.3-1.noarch.rpm

-

apt-get install - glite-lb-config

-
-

org.glite.deployment.config

- 		-

1.1.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/noarch/RPMS/glite-config-1.1.1-3.noarch.rpm

-
-

org.glite.lb.client-interface

- 		-

1.0.3

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-lb-client-interface-1.0.3-1.i386.rpm

-
-

org.glite.lb.common

- 		-

1.1.4

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-lb-common-1.1.4-1.i386.rpm

-
-

org.glite.lb.logger

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-lb-logger-1.0.1-1.i386.rpm

-
-

org.glite.lb.server

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-lb-server-1.0.1-1.i386.rpm

-
-

org.glite.lb.server-bones

- 		-

1.0.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-lb-server-bones-1.0.0-1.i386.rpm

-
-

org.glite.lb.ws-interface

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-lb-ws-interface-1.0.1-1.i386.rpm

-
-

org.glite.security.proxyrenewal

- 		-

1.0.13

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-security-proxyrenewal-1.0.13-1.i386.rpm

-
-

org.glite.wms-utils.exception

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-wms-utils-exception-1.0.1-1.i386.rpm

-
-

org.glite.wms-utils.jobid

- 		-

1.0.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-wms-utils-jobid-1.0.0-1.i386.rpm

-
-

org.glite.security.voms

- 		-

1.2.32

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/glite-security-voms-1.2.32-1.i386.rpm

-
-

org.gridsite.core

- 		-

1.1.5

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/bin/rhel30/i386/RPMS/gridsite-1.1.5-1.i386.rpm

-
- -

 

- -

4. Dependencies

- -

The gLite Logging & Bookkeeping Server v. 1.2.2 module -has the following dependencies:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Component name

- 		-

Version

- 		-

RPM file name

-
-

gLite Security Utilities

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/installers/glite-security-utils_installer.sh

-
-

gLite R-GMA Service Publisher

- 		-

4.2.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.1/R20050430/installers/glite-rgma-servicetool_installer.sh

-
-

GPT

- 		-

VDT 1.2.2

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/gpt-VDT1.2.2rh9-1.i386.rpm

-
-

VDT Globus Essentials

- 		-

VDT 1.2.2

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/vdt_globus_essentials-VDT1.2.2rh9-1.i386.rpm

-
-

MySQL-server

- 		-

4.0.20

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/MySQL-server-4.0.20-0.i386.rpm

-
-

MySQL-client

- 		-

4.0.20

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/MySQL-client-4.0.20-0.i386.rpm

-
-

ares

- 		-

1.1.1

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/ares-1.1.1-EGEE.i386.rpm

-
-

myproxy

- 		-

1.14

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/myproxy-1.14-EGEE.i386.rpm

-
-

perl-Expect.pm

- 		-

1.01

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/per-Expect.pm-1.01-9.i386.rpm

-
-

Java SDK/JRE

- 		-

1.4.2

- 		-

http://java.sun.com/j2se/1.4.2/download.html

-
- -

 

- -

5. Known bugs and issues

- -

This release has the -following bugs and issues. Bug numbers refer to the gLite Bug Tracking system -database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw -.

- -

 

- -
    -
  • If the mysql root password is set - and it is not specified in the mysql.conf file, the configuration script - fails. This bug will be fixed in the next release
    • -
  • No removal procedure is provided - with this release apart from the removal of the RPMS. Any account, group - or other resource created during the module configuration must be manually - cleaned.
    • -
- -

 

- -

Known open bugs:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Bug number

- 		-

Description

- 		-

 

-
-

 #7053

- 		-

LB configuration fails if the - mysql root pwd is set 

- 		-

 

-
-

 #7237

- 		-

Intermittent errors with job - submission 

- 		-

 

-
-

 #7300

- 		-

update of the lb instructions - at the end of the installer script  

- 		-

 

-
-

 #7305

- 		-

lb.database.username paramenter - in config file 

- 		-

 

-
-

 #7307

- 		-

lb config script does _not_ - fail if mysql root password is set 

- 		-

 

-
-

 #7324

- 		-

lb-bkserver is running with no - pid 

- 		-

 

-
-

 #7389

- 		-

LB server and WMS local logger - related issues 

- 		-

 

-
- -

 

- -

Bugs fixed in this or previous releases, but not yet officially -tested:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Bug number

- 		-

Description

- 		-

 

-
-

 #6412

- 		-

--start and --stop options not - documented in glite-ce-config.py, glite-lb-config.py 

- 		-

 

-
-

 #6722

- 		-

glite-job-status -all doesn't - work 

- 		-

 

-
-

 #7151

- 		-

There are conflicts when - installing WMS and LB on the same node 

- 		-

 

-
-

 #7180

- 		-

Logging & Bookkeping UI  

- 		-

 

-
-

 #7321

- 		-

creation of indices fails - randomly 

- 		-

 

-
-

 #7884

- 		-

local header files distributed - in RPMs.  

- 		-

 

-
-

 #7910

- 		-

Duplicate apostroph in MySQL - calls 

- 		-

 

-
- -

 

- -

6. Bugs closed since last release

- -

This release fixes the -following bugs and issues. Bug numbers refer to the gLite Bug Tracking system -database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Bug number

- 		-

Description

-
-

 #5850

- 		-

glite-lb-config.py has - glite.location and globus.location not set in params[] 

-
-

 #5901

- 		-

mysqlaccess command fails with - Broken pipe if mysql socket file is in /tmp  

-
-

 #5908

- 		-

Environment variables set via - the configuration script are not passed to daemon startup scripts 

-
-

 #6057

- 		-

glite-lb configuration scripts - has missing dependency (CGI.pm) 

-
-

 #6075

- 		-

glite-lb-config.py crashes with - KeyError: GLITE_CERT_DIR 

-
-

 #6190

- 		-

LB local logger doesn't start - on the CE node 

-
-

 #6366

- 		-

LB install script:: Fails but - no error reported 

-
-

 #6415

- 		-

glite-lb-bkserver does not - start and blocks execution of glite-lb-config.py 

-
-

 #7296

- 		-

glite-lb-config.py crashes with - a TypeError exception 

-
-

 #7753

- 		-

glite-lb-config.py fails with - an indentation error 

-
-

 #7976

- 		-

edg-job-status not working with - voms proxies 

-
-

 #8094

- 		-

interlogd on the WMS doesn't - restart 

-
- -

 

- -
- - -

7. Previous Releases

- -

7.1. Release 1.2.2

- -

7.1.1. Release Description

- -

This release contains the gLite Logging & Bookkeeping -Server module v. 1.2.2. The following sections provide additional information -about the release content, the module dependencies, the know bugs and issues -and a list of bugs closed since the previous release. For information about -installing and using the gLite Logging & Bookkeeping Server, please refer -to the gLite Installation and User Guides.

- -

7.1.2. Changes in this Release

- -

This release introduces the following changes:

- -

 

- -
    -
  • Implemented status method
    • -
  • Added definition of PERL5LIB env var
    • -
  • Stopping and starting the database before the index - creation (just after the database is created and the user granted) to fix - access denied error
    • -
  • Moved creation of indices inside database creation (if - database exists indices must not be recreated)
    • -
  • GLITE_USER parameter is not exposed anymore in the - configuration file; instead the module uses the same user parameters as - WMS to allow installation on same node
    • -
  • LB admin tools are now installed in sbin, not in bin
    • -
  • Bug fixes (see below for the complete lists)
    • -
- -

7.1.3. Release contents

- -

The gLite Logging & Bookkeeping Server v. 1.2.2 is -composed of the following gLite components:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Component name

- 		-

Version

- 		-

File

-
-

org.glite.deployment.lb

- 		-

1.2.2

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/installers/glite-lb_installer.sh -

-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/noarch/RPMS/glite-lb-config-1.2.2-1.noarch.rpm

-
-

org.glite.deployment.config

- 		-

1.0.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/noarch/RPMS/glite-config-1.0.0-1.noarch.rpm

-
-

org.glite.lb.client-interface

- 		-

1.0.2

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-client-interface-1.0.2-1.i386.rpm

-
-

org.glite.lb.common

- 		-

1.1.4

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-common-1.1.4-1.i386.rpm

-
-

org.glite.lb.logger

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-logger-1.0.1-1.i386.rpm

-
-

org.glite.lb.server

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-server-1.0.1-1.i386.rpm

-
-

org.glite.lb.server-bones

- 		-

1.0.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-server-bones-1.0.0-1.i386.rpm

-
-

org.glite.lb.ws-interface

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-lb-ws-interface-1.0.1-1.i386.rpm

-
-

org.glite.security.proxyrenewal

- 		-

1.0.11

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-security-proxyrenewal-1.0.11-1.i386.rpm

-
-

org.glite.wms-utils.exception

- 		-

1.0.1

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-wms-utils-exception-1.0.1-1.i386.rpm

-
-

org.glite.wms-utils.jobid

- 		-

1.0.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-wms-utils-jobid-1.0.0-1.i386.rpm

-
-

org.glite.security.voms

- 		-

1.2.32

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/glite-security-voms-1.2.32-1.i386.rpm

-
-

org.gridsite.core

- 		-

1.1.5

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/bin/rhel30/i386/RPMS/gridsite-1.1.5-1.i386.rpm

-
- -

 

- -

7.1.4. Dependencies

- -

The gLite Logging & Bookkeeping Server v. 1.2.2 module -has the following dependencies:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Component name

- 		-

Version

- 		-

RPM file name

-
-

gLite Security Utilities

- 		-

1.0.0

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/installers/glite-security-utils_installer.sh

-
-

gLite R-GMA Service Publisher

- 		-

4.1.5

- 		-

http://glite.web.cern.ch/glite/packages/R1.0/R20050331/installers/glite-rgma-servicetool_installer.sh

-
-

GPT

- 		-

VDT 1.2.2

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/gpt-VDT1.2.2rh9-1.i386.rpm

-
-

VDT Globus Essentials

- 		-

VDT 1.2.2

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/vdt_globus_essentials-VDT1.2.2rh9-1.i386.rpm

-
-

MySQL-server

- 		-

4.0.20

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/MySQL-server-4.0.20-0.i386.rpm

-
-

MySQL-client

- 		-

4.0.20

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/MySQL-client-4.0.20-0.i386.rpm

-
-

ares

- 		-

1.1.1

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/ares-1.1.1-EGEE.i386.rpm

-
-

myproxy

- 		-

1.14

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/myproxy-1.14-EGEE.i386.rpm

-
-

perl-Expect.pm

- 		-

1.01

- 		-

http://glite.web.cern.ch/glite/packages/externals/bin/rhel30/RPMS/per-Expect.pm-1.01-9.i386.rpm

-
-

Java SDK/JRE

- 		-

1.4.2

- 		-

http://java.sun.com/j2se/1.4.2/download.html

-
- -

 

- -

7.1.5. Known bugs and issues

- -

This release has the -following bugs and issues. Bug numbers refer to the gLite Bug Tracking system -database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw -.

- -

 

- -
    -
  • No removal procedure is provided - with this release apart from the removal of the RPMS. Any account, group - or other resource created during the module configuration must be manually - cleaned.
    • -
- -

 

- -

Known open bugs:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Bug number

- 		-

Description

- 		-

 

-
-

 #6412

- 		-

--start and --stop options not - documented in glite-ce-config.py, glite-lb-config.py 

- 		-

 

-
-

 #7053

- 		-

LB configuration fails if the - mysql root pwd is set 

- 		-

 

-
-

 #7180

- 		-

Logging & Bookkeping UI  

- 		-

 

-
-

 #7237

- 		-

Intermittent errors with job - submission 

- 		-

 

-
-

 #7300

- 		-

update of the lb instructions - at the end of the installer script  

- 		-

 

-
-

 #7305

- 		-

lb.database.username - paramenter in config file 

- 		-

 

-
-

 #7307

- 		-

lb config script does _not_ - fail if mysql root password is set 

- 		-

 

-
-

 #7321

- 		-

creation of indices fails - randomly 

- 		-

 

-
-

 #7324

- 		-

lb-bkserver is running with no - pid 

- 		-

 

-
-

 #7389

- 		-

LB server and WMS local logger - related issues 

- 		-

 

-
- -

 

- -

Bugs fixed in this or previous releases, but not yet -officially tested:

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Bug number

- 		-

Description

- 		-

 

-
-

 #5850

- 		-

glite-lb-config.py has - glite.location and globus.location not set in params[] 

- 		-

 

-
-

 #5908

- 		-

Environment variables set via - the configuration script are not passed to daemon startup scripts 

- 		-

 

-
-

 #6075

- 		-

glite-lb-config.py crashes with - KeyError: GLITE_CERT_DIR 

- 		-

 

-
-

 #6366

- 		-

LB install script:: Fails but - no error reported 

- 		-

 

-
-

 #6415

- 		-

glite-lb-bkserver does not - start and blocks execution of glite-lb-config.py 

- 		-

 

-
-

 #6689

- 		-

glite-proxy-renewd starts the - daemon glite-proxy-renewd as GLITE_USER which is glite-lb i.e. wrong 

- 		-

 

-
-

 #6722

- 		-

glite-job-status -all doesn't - work 

- 		-

 

-
-

 #7296

- 		-

glite-lb-config.py crashes with - a TypeError exception 

- 		-

 

-
- -

 

- -

7.1.6. Bugs closed since last release

- -

This release fixes the -following bugs and issues. Bug numbers refer to the gLite Bug Tracking system -database hosted on the CERN Savannah system at https://savannah.cern.ch/bugs/?group=jra1mdw

- -

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Bug number

- 		-

Description

-
-

 #5833

- 		-

all jobs in SUBMITTED after a - job storm 

-
-

 #5897

- 		-

I20041203 LB installation - script has a missing dependency  

-
-

 #5910

- 		-

glite-lb configuration scripts - don't set GLITE_USER environment 

-
-

 #5925

- 		-

Running glite-lb script removes - mysql.sock file  

-
-

 #6416

- 		-

the BKserver on the LB machine - needs a symlink and the script doesn't check for it 

-
-

 #7032

- 		-

The LB installer fails with an - RPM not found message 

-
-

 #7152

- 		-

The LB installer tries to - install gridsite with a wrong rpm name 

-
-

 #7351

- 		-

Star/restart of LB services  

-
-

 #7401

- 		-

The first time the LB config - script is run it fails creating the db indices 

-
-

 #7423

- 		-

'/etc/rc.d/init.d/gLite status' - not working correctly in LB 

-
- -

 

- -

 

- -
- - - - diff --git a/org.glite.deployment.lb/doc/release_notes/release_notes.pdf b/org.glite.deployment.lb/doc/release_notes/release_notes.pdf deleted file mode 100644 index cfd9fe519216527d0ea4f925092783b9790ab87e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 217944 zcmc${1z1!~-!Q&NDTsuWfU*(_N^G&qlG5EN-Q6LffV2`)3JNG9AYIZZAR;Xytso$c zv?5*KSY66CGih&VO1O(103x+{aXas^&9*pEv0K*Vm zFiur46v>T-a|s9#ncA5EGZBG*eGw73JDHk&Ux^z{L;(5zf+E5DEwJ5>J_M8t{(Ij( zM8A(iAkn{%Lm;8h-}|^ANXU^sI1F~A55Wx(0rUC^3m1}$>qsB>AMQnSAAto4J$f(l z59=Zkf4CRPb%ZX+Kdg&HqmST*f^r?f0|kd2nGc0PBYwvXg+v~q3yK?lbPY86$Qs;G zg(5!paPkIDfW4nKk~nhSCSJ~R?_1U@u3 z;&=F<5D4=3b)gVA?C3bIBX~d|fFk{d8x*+tcYJ|9)bIF00Y&^>o}o|#`gd7_LeYT6 z9;PYKcXS*Kjyf_9#(hNApfEJ#ce+3U5juhg9C4HeTmWHyhXs)PBln`Xj_?S|jYRy; zBPbe${2gW(1kH7%4+c46H(*Ez>UTQBP;lt)u)t6V`0q4@p}4q@tbszoj?Tw@ME>9q zt|Kx8hX4xv8(rWK?jv-8L(ts6%M~07Q2+OPp#X$O`VdEOg9B#hciDwQQAczTpbFx5 z+~833QJ7)SBlZBWYN+373Wp*7FpldF^P!ID0w68uBlyB0M`;Qyd}LiX9QC{I1J(fY zJAZ*;T)*Rs0Qm9yI0OWJM1~MhK)ZgUJpu|lBBu~I`q%kfoD3~(Or3}b057Wo_*5{A z3y$JcbTYlR?>u2JPEBP~GZhzGFy=l^WqW%Uz_}uTmB7lJQg&wcfd2(V1M@{xo6i&w z6jLJz904^0FoByQ&~TI)%G3~o;0DAVX(+&FXl#Z?niv}yq9AZ23}I-5;^qd778HU+ z7{L)nXaQZoTN60D7&^HecxMO^0W-6hf;bVuufF>~wlVIU3j@$W;2>*iXYOJF24oA( zDQ;=wV(P>xZe!?TDr#zMZ(_AHol+Vj0y&1q>^rUxYyX|<*z%@;z{1O5C2ioK}SUYaXukLWR*xyMW zNTC|I9j_!tLZzffx3MGcZgydHda?BNx72M{f6Xq&B5f_|VrC)KQn^;#`Mj{K&=yrB zwrxP@U{G2fT6Vczm{#45<6??}cqO_(Ab)g#woYfJ@(#-9-G^Pn$1zo|=A6M_Y85Uq zDr{t35F{eMn=94s%IVCZ?ZvlgDR4bCgL&_tzHXcW9o58;=GQ^gv_**I->-4 z*Bj10TG(po{VHA(Y+G=}lKM zYA_DnFk@i&sPKDW978HHiG{xs?cfkX4#U z{Y~t#2XRC!FYn39N*mOSB^KT!EEByY_HFnzkY9a5cgC?PTlHb)@F#t-TY_jYwNMk#jmD0fOS< zeZsbPI_Cy1U>OP@7o29KHN3<(?x#>Bdp`1kt)#(yx?6Dd^{sKHI2O75d!<=(?CweI09-cMGzH#dmRWe0 z%zH5uPQ5VuiEBzSkfzLYnwK8aFuXSZe7}!EF;^MJdb7=0&g6|RiH{ib{fLoBRa;dn zSxplxt8+K(&hc()qMk+1P5n=IV@%gniu1nRq1O{f?e+^UjSGRsFabowcFN>f*Ux zuk<<(e4fU5ob9V)MMY=Nc<}aRwmZ^<6FXb4rC$p$e_(R?DPi7hJS|Odl^?V2E!3`9 z`>5~B!p`xunWnH8RhJ2$B!2r^`1ztl`yM)X-t5${u{cV_;dAZ98G63uJ14xoN|N^q zyuHS>D{t94;wo*o^tcLA&0;GQ&Wffp%Q*RDD71XCtfZXcr+M-1l(}0v%chv?r?Q;w z0!E74&2D(-_xlyii#4+=i(x~QU|owdtW z?d>od$TYw;Um};T{GwZ7RN=}4{l*Fn!O1iQCYRLN;Fgb%oc+R-T2FbZ(q4{x*u$=qV93f! z;w3MAld%PBocZUm6?Wz7I$$WXwAH1`(K{5+y0#Hs59~^w+ooA3+LY!fKJhoXMZ5N9 z`5VaVfi1I+-=Of$D=O6>cp4R@hxB{3Z0X{XM|MinLMarbD$iIbGkrsxkpcz8X6KIk zOJM73;WI-*aBTp#!nUcYk=`;(^qf^Sft6LH^_y z58R`op_8pM5EqEp+ql}=IfD_HxWL5H*u~xn421~@aB65n!7wmXms8cl!E`@R073#2 zQ+I737y-k8d;)OhKi%kDhY%?Uaj)bvWj|6D$!6VsdBho4w_fzd7Xuja7 zCAvp-&WFBW`uF@Vz64G3GNu0szk_Jxz~3txnwtWEVzL_`BvEj6u>pz&&R{s|AV%4T zQ^e54(8k`J6EjxU(8$yVa|4D%%A6`LPOio-s!pb+`+*Jy4NSM3sf(cra2GJ{An;KT zQFO9*Fm-aVG{q1|6nHB*nV33h>vAd!OE}rPIyh?sxN|CqNH}W)0m=R}m<~ltQ)5$1 z*aX}mXXs>YY66r!fVQlmvx}U)iKUsPsR@fH4-5j~f^b1$Fd*7RAXx=~*MAwZKii>+ z!2m9%0GnNapvT$4(AX3Re9WD}5X@vh>LK4jJD}Y@aR7)p{ zl~c_bAQk|p2oMti?Ek*d_irph#!mJ|hAvLH22nX<+8w?*Y;|u=01I#Rvfao)a+jKVqY7?*fE~ zU6H7y3dv|TjWL#)2FgF6G3(&yc;Yg>lsk6PSlkvVd0QzF@q=F$ihGHrZ050x* zkO4}F184xfs;V#ywEG|dUl5otK;{JCsj7+@k12!fe*yFefj*EzRaH3f1yh*8kOQW_ zKkq&TfO$0)jI2zJF;h#~0vCXU7c&e)dMA5h6;l^&PJlU_s;2HPzyJVe5nWC(cNYm2 z45q+M68lhM3O7G)`YGLVBKr`1pAeYxKuZpYwl7e>h!bWMAWj&e-$wy}7*lfE=MpBT zKWO~m8>T9B(DR*d2uxjUzXy}J95lZ34S^|l9Q6E{8Tn&o?o+^6dynF0g8@b046tJVgB!#4*dhu5r@FUNblc)$;Hh94pk6S}Wvhk5=> zl^!q|7}feaC=mz_1R4-cj0SOY0FDz=HiL5^I50Ij#x*=!#E&ZNT4G5 zuS9d-N*<;r_aQJbc>EohfYpQpOb3dg7)9qoAd!G81qyE*+yK-6m1usC91jr_eF)0$ z9u6?X|HZb$(A*p-psEfyxnGG1L32O>yM#pj8)6=cSHFiZP$0DXX*Mw%AAd(pps>k- zz?9=qU^rka(OhtDprQ;zqk$%1HvbiznC%iES~)~c=piq(@5BF!>p*Rp1BC{J^N^~; zxRD$%6d;`cO4Z?iut=B`=NEeZwHtyVksMsW#tu;O#n2NlNZc?Was%u;rsT=Z^>6qN z|AR?_9`Zx`5zyb!lMACSfFDBrDxWYU9Pmy^pd|aR;QWJ4f*x{2n2npilurbl0}1dQ zh{@nUWP|`BI3P}g0VW>s>Hn6Ve=thWL#}8)e*8On0)`zZWMfMGTu?L+B>~XzfFqD;0uBlQ^WShCv!Qzg%0sSb zKlc7RC?SBp05%@j!~wE84q&?p0qi#coBV)-0>J!NRtfeet8~a0VYXoZPC9|TKn`I0 z7!%C_mY#zP3P>lW_`%Hq?C|`{Xb$!#t8~a4?Po53MNeQW?Rz-K1<(-6g+c>C7EoRI ze-O?A*6j$}VTYX2eqQx=V4{G?4a0VToEUuqoG4(Q0PO)>6hO{@Wt1>yBz_l9%udfw zBfp>a{T-Z0C?JynoS2m8Cp}S6z(oOY{yQ}~$oCI9P1qr4gxO8}OYsDZJOqg7Fi|`} zLpYin*d>G_VStB1!v0mHgxO_3Ld`?2Xg_8CJ8HrKbvX#=eo=NPg8SbGbePTOBVZo# zM3`;jza%CMh}|%{4tOHKUZUY>E+Acp!qFT^jIRGH&kp@l9(>3X?bjRrj+_`)V^TLb z;Mvg}fExlb4WMMpwI9);|6PXp2OAGN6iy*$V@$mf4dLR%EQo2d1E*>@rGUb;rLmBmxeccJh=E7k(ALt%gJpja*8Lv9 zDww($TX4$TJJ}lA?00D#tb%|XvbmU34S$6mrh3W_hX7U<3g|Qx0)zj8o~os-sk6MP zo3g#Fp`D@%`vHjm;EU$|jxWaW0S9j&h+ohK3I+e54f%mIHyZjY(#S(dvjfEW1?~OC z!NBU^{pJ6+1o)Y${m=a60y4CH0(|E$>{tH&P5@zh8;4tuhq(Q} zL>o9a^Q#Zz{+amw7qo#8{8zLgKum=p{=QiMhW1g6xncjmA^f|b|Ey#F&j(pb89uuF1cX277%DJCl^FDH9h#lzOf9%IISl#wyFL%u7j zi6LN!fWg4t3m4|B+5YB_j+`O*R9&p8>^q+#!f9%FeY88 zb}rz*K+TVCV9v22<>2=4i@}?+?SCFWZ^O_eyHLhF^09;Zv1Pz^QyudcJXGD1OS+v< zb)m>A!gO5E$J;bj-*~(B46CnSDQ<8|>uv8fkR+F zc?fI({xkhg&xYaHK?0;ZwMF;FadKH9H^;adI8K)+?dm6KlaUmvNF*53zz=cFymAa0-G7yIGb`R zD1L9K$bm803a7opKUd@qZ@294;{7t)f%^T>&Hu>r-wg3T7V1B6ANe=jKgid9aDV@} z+^;nKwG9}VeJUPosAB&9`u=s~|C{#Dbs%5_z;O(RFrUB9e!xx4m4nd-BQg90czKwE ze~5v8+QYx4ImY?@ncOhw-;nzti~o(>KS0MQ1n|3teKEv{A_h?m(J}2`iT^9v|5F=7 znD4~dFaI78?uPK{;IzGK=L3jDbC;}bI;!%)oiAAOj0zqb!F`L{SvK}1e;|KtT= z=nhU^98&5(gh&5-k@zJJ{COvyG93KmR+R{qNT>)cVo)=Mg`y z{^=7#=ffO4kgK200CW8ZXE1FHxAw0d=FJ~sv%jGBKS|XeiHk|HzVCLc{%03=P(=Ab z+uu$5&jQMiBf`M(`2P~2+|{@mF@PlTUdz9q{sdP!9#s!MUNGy55?`Ik>yHB;Cr?<- za%9qoM%ns!1xMew^;CtNFvrq(a*S@6j!s`yuKLX+(F+f_{N4~ZwV+A%i>CM&Yz8+x zuI}Q}r^W^-wV>|@M7>tNAmk{N`mFPcFm9nL(@B9lobeYD1fS#HpiZB_6R7sO?!o2T zvF?3rY~V!TDs5oTEulMt`hp`B=X9T@IL0d*L~=;nRg~sRbzc8KU*Y$SR`F&rUNM&7 zUah?)ZqR!ig<@Vw##>613JsTxm?$E>&+fRZy*=@UGVjVoXN{^|)*WMn+!o=75#fgI zz;1ntPpf%^F1lprS?{qsO!RVO52in{(UGH^cp>p<=!yS)ji5vw?nuFRM@3Y}+pUb~dKYaM2tSg~u`t6H_*9gy6HwT@v249pJU+t&2 zv+A*AVh_|nD=(IAJrS|NmX(|Jy#7o8M3?NI-TRQcE8vVZJ9WzK@w)@7v5g!!4pSoU z^gf@aW$Jtso_#^Q_;Ei;a;Bp0t7i=*S7|0C6idwmib=U;?@VA(9_M-L6vn!AQv|o3 ztup%7lDBJOW6^m;*t(Ho5X;FhJnLKX{j#UCw~6o3vP;NnKZ&R>Cl~EHjczWuIUYr4 z%ojuzStqe|7i^m&5=$*j7Cx?m)7;qR%QS@}#gNI*&?Ue?T&?g?-b^E-lWL6v#%ukW z!edmTeNM9U@|b=hDWC5tmQc$c zbrOWkGs?xUySqDEpTE_n@XOKrBndon4xJw)I6IR!VY8^zD$=VPL9aW9pkx~J+A_pB zmyYT}c3wwM&Po|4(6s3B;Trj+To(VD{GL4TX>zK(BCPfqouvFZbK=j6(JF6po-~|f zHeYj_dR6N-LJez^@LP@gq)d42k*ijJ%Il}?9z{=+~v#5`2a3>-pR*8hv9Y=5k-7Q$3Ej(kZx#4IRLv`8RsV6l1$pu22(Dzd0 z#3a??fv3d^5=Pjl3F1QM`)diYY}iF#Bhp?GTgm60cQmx&I@=timquM}TA>#={4V?c z(@`?~=VlkS&IK85D>xE%|| z8|5*nbZx@7(!Nga0w4OoEe{D#Pab`okh@uWdV*&mGXAPUF4oHeu_`|~iJlhrlxxRz zEKmFUV9Dajc}(YZfSlx5>})T5Gw2O02=!5g*RJSjw=xKApP%D{beS69}HSe00Tj5yUdsO{BQ2Q6pep z6Ed(zpZzrYqkZLM29a373UoEVXNLaNd6UsT+RI)E)(@q%7G4OgkK3*(M>>klP24Ui zry?TXn(EkV!AM@K-mhG?UPDk1F!WVm2g0 znq^r|)Dkue?!>Hpk}D9OCb=RdW%QM=@^0rwc5_mS6|6&8Z0sWk$vR1~+}zOZwJOq8 zakA9A)Dhtd1RE1;r-|WSmf$D-Bz@i3Ojo9O^TwvI?af!m_l5$9Qc`c%^r^!)S&FZz-)@ z)zMRTL)Cbb>*?s~`i#5v#ju=TA=7hd$@CBE43rm{YZo42azEwA_)gDgTK+uA+Sq{O zRNrMqR>Bs`T=-Hu@tHf3XNV?KjUAT<(wo=2m;zHo6&tu?YT@c8SIN)B6`i_GstmpJ z_4e}kZ29lNi6sKmectxY|fg8JF^;PF!O)h5O2Mdw) z_tPwIgc@{z;_sBQ**ZzHq{NGJcKUTatk>UV9ExopU-_YoJ}5-E*-6c%5UoNGZ}e$y zBV>$(_#WNr$f8!%ovHFV=)yEP$N7By&5v>#$5_LfQ`aqR4>RSs$d7Snl_u*SvuKhtkA1^?!2n~OTJ+*KfB)$vF2z;@w3J`$$vDZS zOyy5jT_-oC?UyJjqWzYU%PVm`mGbVnSSDPola|MQW%RcesMd}ZW=kxe4k)DzlY<74 zx3?|SoKTTXA-l@PM^}2V(}bVz z{u}GFl(Qla%JG-TI@C7putK@YPOod(_a*o|(&x>+!xpb`dQm>pXj7|NOJ1Ypn>)X} zOq@^xSvN>(g2jJ9MiHNlZsOFH6ExH_vI{ROK|KVCt}p1HzH21whIG%KL~D{yhU3z? zH%zW+1de$bSloIzDY!^aPE~LZeL42=+)bzT3+lW6sm|(`TuH8hO8E18>aO)~UykE% zQXAxxgj#PIGKlh8%fqX+#Y0&mEQGT1N~2TawsuxU)K(tsRe1+ot+F;Km0b(F8){NB zw-J_Yo>|)Uq02?7tf%Uj+Mx45m`rTWrr2Y*<-2#M2&spJo$Cj7T&nWiY!$o4`h z@oV;X9t+Uc23UjrrbflzV)fm9d;gS>j}BLl-PQb!Le?B`zYEcjk(t0?TWrtH)brrJ z0{xQ#@io_MP+F0+zA4_1&r0xyi)_H35|{F4^WZ+h`dUE!mLN`Ol)TiDGWET%f8+ZS zf2Nkl%g0og?-PYJJ|st^o81`q$;L$w zg0tqtQDPyRS|=wV57BeUS2`wfJ984uP_F)nmj=V$tj{gk9@r7iFvesP3jWTvXt)ga=Lh>_Q|u`E)cvJEq?ZDI#k55#KddoK$kRSEZ*I*T5`W1-5V*s z7?%A$J#1Hp-CIvT6Zc6Up0f1GtMjT%t6FDvjr7hA)YmxKzxdvB**8svguAVATU!&871!U}_N-eBS&E7^U1Sg&at_!qASX+hAx46bO!J=U>+Ko0 zTto$0ZeBsq*e*Kynm%SCMOzq3tKTnr43)ymWN0)Dc7C6J-VHr!Ml);R@~vevb!?zb zkiM)kB6qile=cdyBffze;*iCp&q&=I|@gJq9GYXD^%}3d1Alyn4CY7w_fmY+^Di*ITD-0~eSO zaq{E0VyD%w@Z-~;m?@yFhrZ6}=gtW*610 zn87Ji+#-0T0@vGwf@nG*<|LbltDB}XRwLYlb

xgU9WWw_)riR~GH^?ZY>7C=G8~UTkFVWw2 zWhTnC7hMQ&5;vL{l~+oZVNIw=x+0m!R3dqSDC+slMa5XDTgYs?!WxQqFDGPuFR8jI zt1=c%AGSt4{rNbqImaI~bCLB&zSh>1cMMTF&cb&f?pyW$@mf9*bvP&X$NUG)hjOQK$X2BQ;6s6 z?US)%x~uk{tb1ea!qE04R~NoBdR3Qz(M*Zv+w(q0shTl-BC}N*Tk5L*M+s8HjJ*lh zPG~h*h4GC#3};iyFw~0SMmBc&72BXBG(tUVITNw?-dlAf8fY%;5xm(L%s<{K2`PVm zQt8H&TrB>*^OIB86c8O@ejfM2;mGLlt165W8L}PJw5Uqe;oMD)n^+)*`qark+pV96 zj(@~)z=6I0YPZ_uX{AUS7QI8zcBj6%sI3gE-4&5Mb^S`nOHNR%ag(3W&AWZW`Hkn@ zt*n|vuWlH$?zZ*y^r-13WorBAGEaHU^$tIuv--@ZR~I~|EA`O9;Zaq$ombiB?5^X~ zwK7z@w%hdy0oU}u#s7S*^)#;OGCb{r?!}}t1!^gE~kv_kytV;*auu(bmE%Uj`sOU}S zu_$u7w_Kkksx>VfrCy~fzvVcUz*kYlgBB}L8eY{l z*F;+Hr&>1L=}rD5y#xy|9X!c4sw_Tk++9u;DX#IP=@{(sWhWNIg~hdtc(gGxQI1{V znlPSQr?FS0VjpwgSA5WDQE;rO<90imO_3c3aa-9o(4@m+UDHaH_j+P7OynNuY2(DJn~vcRI@94V?nsgZaR^`6!)mRr8A%?KGqxwSH7= zm9$~I8q-i=N(Tv!rl?4WW=Xt-rXaUel_QP3>K|*O%@?Kju^bz^0ozoML8&|=svb2~ z8ZQ#UYqX$|vm+vlbIXy+x3j5YkpKA9bFtx0hFsIk00qBrJ{!3kX&CX2r`K2aY++9o zbx=1?Z>YH3Y@lkb^0a0+BlD#z&OL=%ES~nQkmqK#YDi}dIx}$2zSO?JzPotAw)h);d~sB7 z(*5G7clPnc9Yw9O{nJrpa{b45N~G!(U$LAKIGa#BLfe{}<`FX)e)lYAfRRx<{+j#s zngQGJh4Gu8W!Kx&+*`W?W{%q^W~enO6>z;ID4~-JlT!<&;m7Cg5OvlA$7kGr%AEWv zl;p)sG|pqXFT{ClN^Ro=+w0LdCcZNPhzqRdiR@-}N*Uy>>Z3LO?LvLNwwHqOL^H#$ zX6syadWLfHogU{Mk|O;NEzsq< ztJMbiZ=K|`wiE!HqBC&M{ZBUKpp1GrH-sR7GY&@{MeyrRXsU*sJuUiVReSzB$LqJm zQw1d1L(avo76gODMg>V|@5I>7;K{$+-AOa+4;Qb?Ot)}aqIO>vRURK()}`XteDl>j zvUyVTQ6kZt4&)XR$GP9lO?R*Ph1Y<-?(TA}J8W^NYR|#4axEcm*yi2M4XmuHQGmRB{c6mX1#{gBO}4a38RHJdIs8yz|Du`Dp^$>v2KSyw~Ff8v2f1d3HXy8+nuUT|~md*gaWY{*atIMj|av*a88o&#s{L zwYaWJ*j_DZy;L<**fwk_iKf4L*9157hQZTPRp|^(Et0Mr?ew%tk4pY(^~-xX>OLN0 zZx%cZu#F$NHHx=Rb_U+hart61w5YH5Xm??&Zmh0#$a~m+-p+@of6(hhiX=mT5~(%E zB3>bmUAcJd?&oW38>hu z37Sa5Z_lhz*OPj}gMQonB?iwl;l|BU!92SLCeCwZR4Z~l6Zcj~ne?wpTKF~ujtAEx z@}4xO;gyw#E3$gI%C}6Ay<&l0H>K&2m=$4T&^D&visaEsGKxQ@_Ljs}mfVA&>RqHV zO2U+|SJIaJ$www-tH_och9?8zh%>Arp;3evYdzkM6PWYSKXp+^)`{|z9zD$xw47M4 z1o;xueS*+Ds+T5{%`nyCtho)h=>>$Al5EtqFQTUlt}Qd%A3u$t@al~0fHB!fZ<-qF ziDJLbMI*@EIG(}IQkkF94Jl1!jAbUTi2N+u8CX9>q>ulRIP6APmxiptJjhqKBXs07 z4P18S@<}E6baYOG>Z77$t*?olg`tnSF27o@vk*UH;Nt!5LAw80wM|EB)1jIj@?ND2 z!nbLrDh1g#nbKuH#IEv52P;H{T0c6GE@?{kk~iv#W2#E(WYG=B0IZ5;Eszmvb_DYF;idH z+;IlwJ?~&OPTRE|lnqm*>`K!mxtHQTClUc7d50FUTIz9fR;yi<3 zAjbn*Y8%DykKX(XNopdIwrm5}3GiLpN^*aqV_An1F>(jJ^opDl2PGLg|#F(|iB4rb%4LE9CP4 z&HEJ11NJLdmRwZ)qnO(zw=?qc@^-67v1|2-=hi?0szTL}H*LxZuUa@wrw) zKO(c|iG1?!_~iWX&FX4>i5mhH&oO^ylUaF3>Tr^rSl>+<5AXVRBH6KlIxP{rs37X1 z9NPB6^JDB-=InQAjRxJ8KdZQ1UtZG~d$F;-(W>#`Yuty_gtqsQ51Jc5q{hgiK-Mh= zWKmUSD>Z3Lp(Y;HyH)1x3NOF(6|1s<73?|v^z1e}4?Uk~rm9BKmAHFw=GpPocU$o{ zx|=|(DdSh8oC95yNfNxWnghkPJWQ}IDGx-2ezJ8cywFyV62wJp)s}F-S!S5I#Z^{W zUE!+aRD$QFvfHo|pH);8x|^QysJvi!%9pdU__UcN)LDK(Ichs+)!r6p{D|9Jk(X z*x`p3P_T==#cwC^_#p6>s+AS%So7Y!&TGwn5y=}?jtRMwMAI*gmOd^SPlBI#y36Fv zsk!1wkl;5cK0h`QlS!BQu>!7IlwKG&gR9*57$$4 zRJ3E%8Cz#WN0j+57v8J*q($Xbl+YT)qjMG2-KD0{?FWxL!G=oHht&=MoM3&4d#4{dQB3KZt@AgJC=Ept6~~=H$;u- zbF=!i(;Ua~h0GT6Uy)FmsvC5ir-hUhrqj%XT*k3dtk?N)@nt{*-J2~~B^DU`81sR2} zN&M1cnX{SCtAyT5k?&)wJ(IKTa>7>P?ucY<{lblvAu42YV~+;o z7#A{4v3FvtfK{T0X;OvG^9MzLER!T0ipgzK3w2?Aq%%KVErtiVuzq^gj+8AqUp<)8 zGSFl)dQLmlpTty#c_T$AI#rM-XUO>jgOt4DJ8w_d=+JGo@uxyCf-^53z9o%$9m6O$ zb?YpNc1}|x-sj@TmEJyf#nQL^YP8C?w~Oz4@d&CEEfjgKxv*>$k zzNzd}&bfgXWKoi<-q0p!3Dq ze8Ug+eFZP%I1%5(q<5t?)QM$!bjO;d$||&Won5;YD+zJtINoGm3@6eU@~11Dp|fg> z&soURn6=xoY7d?ylLSNaUwI4+hpx2X_36@0-qg7iLy{G>z7!$6L-Ea@cWi6Y2sY2E3ruZ1XfA36e~HurA*B6Xtp?hwd(&IETI~@E z4}6;MpOiYCWY*&CT9dFQ7`tOuy^9i-zEc-gKBx-~W zqYMtF{ua870zWVdgFbtbf1fV0`s9Uk+{uZ}yqWY0X=jvK8wcTcvS=>G3_i@UVz5%_ z56h%MJhKqGlNq1UW#;T8+fxvs6K$LoRE6^t+^8yNU@imn-7?7-at1!slRsBoRAW?T zzB_(D%hC1IqLu;KquOpu+bAVT`mFkVZRPq4(W5Srk}Y`nU+%@|YnjM0sk73k5ssLY zysZ3+eoD#K(@dvESja=4Vsu{A*-xe-G9yqb$zKz!1a9AI|bfPutSWRYVk4yzOKN=4G{u33@v5E%VV_^kYWjhbyfy z2;1AI8a8Q{_wD zdi+WQSUhlr#BrqtgbgBrKkWRoHTiki=X=Zp=SKb$^N5P5et)vt{<#m#L0``A=kC!k zPGL(IXGK#d5qnz)dppdbd*D>>Kac9boQgd7X~X`J$?wn8_~)R>{zEf2Z(_s0ka30d$NM3!4;cZvYek!o|kM!N$hL!NI}B#l^!X zI*t##NC;1!AUaJ#ewvJgjEsWn+!+c=I!ZD!8b%sAdhmIM^W=Q^;gI5zorenHomMi$XK*Bk`9>ulXA~~1rBLozVuBkv`JEu3q@q4U!+hZ) z3+p8W@RU(*G>?d=n7D+bl(dSfn!1MORV`x^Q!{f5ODks=*K2O>9-jUIfkDByZiht2 z+`ShYcmF~Bla$o7r|B7)SO)Y-(=l?CS36?R)>Be`IuQd}4BH z`t!_}ugl+7R@c@yHnBk12j~EQ4-onVA5s9HV>me2IQSTRu#UL_Z){Q=-1AU8G9e{= zL&wt$FyG_k!cobEwI>+i%1abRP8|f4Oo$QYFBp{eG5R}%{Qj>n`UjzZ@Y(AJoy5ih z#0HxbBnaB#2w{1AEQFOd@GLdpri}pRxmD&7lw>?lu%9gm#CcduESk1N?y=C_vXqujQ z7iSN&ittKT*#kYkA-H~e5A?pz>|vPyuS5Icd!TnbvwNVkd!W&bE%|g{%5|Tmi+iBL zlzE<{9qf@k(95LVhHzfc|IK{Y-@UdN?KK=E@_3lzPm=2oQmW}s%DLP}fD-&2- zfPVYL9%#;zs3ARK1HWz$$4^37KtJA3 zo75Czr_t%ks6oDKk5A@uSd2)qPZ|_4<+RsSYev>BrFEv>u@#>jCF4u)e;hFiK4;lK z|3X>lG@s;a*_)>aqBN4#WG}I((Sa^4rZwx{wkid{0S_c?jt{rw^w_HG3Y7`2G}qh{ zrhT981zgEi*!)cOEtl#{ScKkXo~>OW^`wr|v_O`595L~91zD7U8z6YAU4-i7^ z#tjJkR%u{5&3BG#z@&PBp_u6XZ(z;vPa`TX=uN3)RWMNtx1Y434+EDwJy8nl-GU}X<9psmyE zs$Q@}<=;P##mn?S@2V;N(ASuSh)ls?>Cdk|S&t?yq&%5@#^B0`oB3^GsUgman4V9^ zo1vI#52R{65kctveu&xswR%5&INzyO=GWOYUh!zg2Pe4kjThRvr^UQPXoGJGoFQc4 zz3L$DQM;B^|0&y0Yc*8-o8{ABX~%>$1>W_>JrI4o{Z_)E3S`fT;jJe*=-vV?A>MBhL`ld z5F^W7d&s8e^f*i>i_V?^gq=5pZ`HK(bQdw}gXc0&HYQS9_%Q#%Jtpk{CZc2o>Z$eY zswMNV;$br2L2j?(b+ZRPKN~_Fc0cx9_(e8xHn{TUN5?1zUPyUzKBQ zvNI;2hGkIKIlt>m^LyoG4cR^WI4x@~EK4CecJuufXDv_8<{l^z5w10%Wd7n=hzA80 z0U_89-tO6-pR`Nh-BnG|S2IGr#8ncMQR!P6(k9O#(KF5nUQ@Rt08_FFurSDqv*dd>H-1t_Qi_R4O{1BJot6Bb*<$B6%o)j&2 zs#-IPyA!eW=Y)?%WO5nT36}O|Ked{Dx_xCS>Y1`bmv&Cn3r2d66vt)aj~1OJucbh3v+qK#N>sELG)dpwOl6Gts9uZ!IdVLknY;ceQ(bsY5ou%wK4ijg-=ipY+ zY}_67xlLIrSF}CO$2!+q^RSoI4SyJW zwaR0%*6S(uq6YlPzQ*N~NzpkckFj@j8o|5WN`u?{>&qh%^b&Sv#ioHvHLu?x&k8O^ zmn;Zytb2TF@4sAEDYi3FU;p;egYx3|w+_$CGMf0V6Sq`lm1^>k+Gg2p_b%?(I5%Ex z83?OfpIY);y>1dG}1@ z1RCrlIrhHqzI*Vh$hy?XL$X=*?!1yvZC=%7=6j1b39$A+F3X=6_4K#Sy6d|7glR?G zLX?{aOLVc1lWqiGoML8F=RU*h_9&@No|=uq3Z5ygyhgE7QiYeL8rErP)t+1p-2*jF zChP)M52_bzxcg*yw<2N(N8`~AW5E2hp>`T~jjB%7?TFRvIMZ()&u@FS2iiC{#(#bf zl$!Dxn)H=5d6(7avsmd?`e(fpTlRaP=5xWjucCaWiS|V(gR#)(y|UmA z*6jS(JAYNX@Fj5(Vy^Xk@|{w?(<6%n(~sz4 zL_64ACSylkqjDb~*TIp+zEdT4J$SBl55&azYItR4coRC?;$!c#fwiu^TfHFo?f7gB z(S@RGF+(XkvR0g{K3gs;5dnK3;v1~yBlJWw@7$ebLKS!0gY=7YpKTg&0w$YBHjpqBASeQxi2Vd!Uh5S<=z-Y3(

b#Lp9ynqo*;6c5UKKZuolFVpX5C9o0ajfz|H0+47=pBw}v%(_)|=BhPT~fYO%A%Xek{7f&IhPt5U#eA^7`IxTTp zzrXWC+S)x~vH-LRxssSiL+uZ@CRum+jt_yB_}d{C>@xzJ;)^9 z;;s*E;JdHMgBR3%1v_KrG>~^jJ4P)Ymf^$|T~`YiXnPzr5i7*h=`}eg_<_Q1m_e5K zwjfcleuy4b`8(HgH!(*15LJ2v?9`p~rOzKtG~Rr$Dlp2mhTd6 z*A3XiicO98=IPSOnWo+?}TdQ;6PLF`?=ZM~{M zKCkSmpd`ARF?{a|6qFdS1y)~%Coa4zNWPzK{Ms#IRpnV9lk7}_1I)DTLK zw$Bfe?|E?LT+(x`8gV$i#%W?xQ|i@_XXGpyv)#+XAvAa?xq6z-=~}e@bavEv+~Y0+tl^q*(P%U(zsB`Nxn8_@gjH)hZ-A*rWT0;HS&ERN%NSE> zWzCF-ThbTK%H{}n!(G3Mn*NwqyWlTLuVgM0U6iWqE;;XUva=3H=p!hA?8<0WZ^$>N zuxbxeSN#EbTbG#1p(!MsvQTMa)iL5p5#RDBywD7Hw-NkcM3s8yb>7zNW>@DYb@Os` zZ#8XdB<_9~!uvvX$3_2?$VeOInrdwSr1?GDv5!j9dGL9C(GI*t(P z9||Zi#;?0t3M74!Bj{bg3mPTjp`HluJDEdr<7rVf+YQzZ0d{vIIa-adl*=BmeFOsT z^xfC5F}{nR&&YXbxutJSWqy6r+G#_r;_8>dh}wvL;!of5%|F@7<-1JYh$xaf^|neD z?(hFCw+811=g#A8nK3WaYj3tMJWKl?H{oo>y2V?2voj+2%I)?bfIXPuNUm=U2|I^thk(KeqAZGd4}PNy_rq6E2XKSzemk ztJ~MN`d(29u1s7M8WA*S8n`Cr5mo=xH%-YE$a2rP$uwlCouPOK-+6E(BYdQrrhF!|~ z?ShWq#JiH+pT`uEO4O(+n){qyDn8wGZSAYw%151)hRJvk8+8zsG+!!$jNr9qP}xT5 z5Mp4fhd9Wrt(L1VSPAjgqVO9MRh4z#|Jqz;#&B!GmyhOM-K%C=5%e944vyUxF!Bxi@B9PrT09csf_nNx$b2jD`CkEkwvfO1R~n9s;xBRNt5?XqMk?(Kvz0nTWQv zp`3jTLG{c$3Nf?%NV=dn<9tZ&>{pP%#!yVLtWTiK3AS(%{I8%U4vzW2$-C@e$o9Jm zaAx(vo7J&?>XH5|@@syHBDaE(t%@gtk^U_jY^4ets-Y_8#D)2=eFLIb%s$TVu8Y-n z#VM_=#vb33O!WB|s_@yfcE1l*(9tb;M};19Oe;Qy!kB=^xe@MVDJ<9i9swdhX$xOC z>N@aVSX(>@9axBk{kkG{vuh*N$L-(DX7iAk*#WMJK312bKtd>IZNfwfEhD z>KQp~+Mot$GE4n=)!OsL_(d`lkL(CC-6~*QUEXq9_dodvO~+Dwq@gF;rIq?L&5-ED z2O<2;d4(6+RXA4RB1}$>pN!m#yq2BpvF{Up+@{Uo*VI`LM>FVHCK^~GinL&1<=)eD zJ>+O}9#FG7gX=!xPnpU$joE|~rn5|`0#?!khLJAXeW#$xDGw9=me-h$B7oGbSAs< zmJGVR6pkdtoyM|zVI?SO<8>(w?gd+Qc4#?!654okmn%Bdw`tfUzC79Grrz8PzRjVN z4I8Aeq~ecQtHW_6sCU1Xw5Ou(5NGh*n- zObh^}i`cwCvou3U_Tunt)R|mIKJ*eBP@e@)_mIntvVBZ9OsAnDP5%(wRVGt?z+|1D zC1vd$TRvuYCQQyCsTgU`c~V^D`;iOdjNB@g9$ucTn9^uT@@Zy)JkQkuHxXfsj8A*h z@=Ie(FCms!@f#S%JG<(T*nd1A`S%rWO7i05rjCxb9JI71mS&DdG%iN^GzLcY)-(WK z$FD8404T5pfWGTMD^E{DM=K8)p9J7!80l%vtO1f2mH;6Rhu;cPTk7llZ5xe)DFuM? z3aI`M3mE}$F~EAe-{w{RFHWp)W=(5vYGetRkud{|q|(ZNl2-Ve3Df{gwuzBFK$eS+ zh92it33ub*2ZQg080S;N5JQA zW&Ssd{+@>XA6oRshWUd<|G+;6Hdam1MFkhML2sMkuU`_XdJW(-e5$~|Fk9-y;DE|OibDb+ z35YF$@e6^W2nz+2Brq&kIf}>%XV6p_l*2E09?yW>(H$SM)uAm$WuUW(X2_Tn%wFJK zJg`5wTwJVgv_E9ryvriXFR7oWgLxOZkToe0(T|3TqMrx#4g?w>81Ws0YdH-yCjrD} z?0{sI`Wn=a@UPksU(DJGrAE5wF5g0_7mwiH@nNz-kjK~Cr*qm>l&~I3-D9S^<|mK_ z$swOyf!Z}NRhxfpKk(RRU+II6RQ9cTJ){zE(*_-sD$e2YlCx{`I* z+8%B)Ig?@p3B^fiJh(rdAZca%5o&UtdTyNA2cYE6n{>8<75&dK{=(Va-2&ct)0}}% zm1&)y3cgLu#*H<9<^KU=W5s)*!VT^78Le{ssj*>(`dvgNXxH_=M%w7}JG!e5oQ}r{ z&&L8+3RVn9y^fB%yE`89{Ix;FDb}Y<_)flyw#h-qwX|zpyAg(z>JgumW75is5|-m? z^$e+sz5rgFZ5^D)8`sY!6r=HO`DoEYy@gWcN?T_Olyl%t^=JwfZwkoXMoY3xyo*gu z29-dSOAu8w*YBw{jumBrLW=_GzJ0cDd-}I67Yo8iYsG;yRq41X(afVpmIpGz7715^%#}p=MH<^MM zoT1lUP>H3WDRPfiwD%{a)dtXp-O9L@yJoQ_x?bt_p1Th>0at^&<2HcXpKFv`l#AA_Tf1A^ys}(7sSWB|_BZtl zxr+}1Ep#HPWNTFE*IUndPmYff&s_ITSJb!bo9+t_^*Ud45;l@Is1ZfuKOVowLH0bj zIHG;PyXwU1f)s-^g<(Uww8~P+VzAZN%=B;KH{&n$lL3DrVk1_?YvX<750MlTA95#P z?c=fwYEt>(N>0GUQb&EeGlj0#trt|~ujh?`9;6a<0oB>bSH;(?YuUXHSqQ1t7Zoxr z_OXWe`ekSs&y-=Q|kVw@?*>QvWNCun+ zrTZMV9d?3uI%RAnK9QVCCyT>MSjupH6%vyWU-{xFXiky&r>!R= zur_=L-A0{D3q^5G$tiFzvF!wf{#g7Roe07wk~s zAW9ly9mS)}K?Mne7=bkEyw+9|QuAK+R0=T9J?3{+{I2_*s9uP>?6rZgSl_+BcI0*h zfy%pVq>>|xz(Rsav>w|k|K73Q(@F4-BqOOpl2r{^xwhC?Br|724Q8IEm|K5yi&p_X z;(Q=sptxnIC8p)z&h;)BYYA>82qyAtqy^RmGYQj60j5MexFFQ-$TakdEy}!(HFq%H1NXkk!)s zpfK$gV`I46k}uDGDIW!rVyZPLBdqtmn6tJ*u)C)YR8FWEmdATrQ9$UoRQ#68qD%rV?N!Zy-4 z$}-w8#ynO(&OBZ}!7|Y>$vW9I#Xi+C%{ARI!#mSGD>OSWCq6eiFEc;AptP{GsJXbg zWVm#=Y`J{3;=J;_>azy67PkI=J@Fg%x10@%jmk}y&Gs#!t+8!|?bRKFos(UM-5+}a z`*8b-2Y3g?hYW{pMW@(aaF%d6z;+MCte8!+ss ze>~jsOOx*}4i5hPm)~D>r9WlOUlknC{~ZkU9|i~ii$(t^IIuJWB$-f~0d#BZjR9gX zfB=E+SJ?7T!YF_c#Gef6{$jiSPR;p$2g`z3Sn*LJA?$eh10 z6t_1sbO4Mc{E9J||9Oo03nBZbyz*~GybeYNPWC?mg3dNp4ggyKQ8>fDFzK%j!vBOx ze~-lf!>;_Vz4RY6)-QbWU)fkLfF^QsG_!P|Hn-6?GX%5~08sbOTkEG_^Itlo^k;1P z(|78B-CREh>8Ss1lhJ1bBU?waUjsV-a=_~s^!)#y_WRH5`hR_={_jt=zy0HE?QK50 z0)*3yT=Xn|^)C9KV{-rG;r0u=|EFB`Z$8}qFHHLj@8G|BnWa9pi^G3=7x))Ls=rXH zzqtz_w8%iG0gy$~`dzl}7d-NBT+sgw;wmUE^t0g4gjN8pS6oQJ)d4^&{$0H9mtY|P z3rqfgu&@*Wbutq(2Stt*Dn`+-r*}z|{+&^MOnSTmN1K8?9DnFsv ze}oV-|I(}YQ%(JE{%ik?KmUH?{|8jm-?-BNEo=arl$r52c-&9t{X&4#0r=cM+1LP( z#m`FxfZl)Z`UOh<@4o+y1O9)w&~$%*B>xS8{j-KYGO*eI3j_PVprC)_^8RPwYv!LC z=YQ#K9N>HhBYS7S%z!>1k^1MGz`uO7{PO5;9pd--Ulw-2bi@B#1@gNvDLug10CDv{ zj(V@Dz$hY{pnc`?719Qub1Hu2lk+8(>dI;>BLKxlN0Jf{ve1g7`!d}&1dA^mC?q^( zUQEbSTvT2p=81y0TI+Om_>?7Zr8Iq4Ut?X*Q*uY0^^Bm%ui-Me?BG24HG};vrTO9Q z{H61)^I>1+J-8qK%NL}8zzFFXT?%xVG&25iJJ72e1v5gzgZ0jHp9_^N8I!R>zNPG_ z?~vQPSp00KmhMq|1a9Q$fc4jc%bbIn$?Z;FFF>GB*;lPnO*|))cM7(kP_6KLrpSt) z!&PNKF;k)UT%^&=jrloPz(<@x^_)|!L|(EU`KK1EBtZ3=K0c*5lZGq6oJ9+8RUK1* zev<&c{y-18-C4zH`;2`7GUfdRlV9}*zWm;e(_rmHUX8qsNWh-JTc#27x7EQ;ocUoz;!=Jpd8HJS{RdLWszH zYD)rDtluzHm9iiM)X=_}P^(l7$q#X0Dp_vxj(Lgzgxf$QTV9-)13GZgkbFRlFqfD& z{O$RJZN-WEJ}i8XJx$Po_JkuxjDo)HB9kOJ5+{hWz03Ud!;_l~SEbpg1uq(E!^tgC z^n>WPPPwbKT%8jgFV61>;~Tt`t7_{__`Cb3Qh4@HV>b3Lt?(v1(B-4)>iy?Pm>!H7 zK+??#CVmV=6W9+sW8tqQ_7;LGj~`sN{f?bV_dzR|lUSl;)#%&x6mC;w5T=WRl9{E@ zq>fqT{lHxNpDHpYF&(Z_o5s1X`ao$Wc2$acYPpz!Rz69H+zYBu>?UG2^Xk#4NS zLbyLXpK)hvF!!!!v9)d8+|209OpyeKXpIzS?9uC{Wd1nc0W#ZYrdHcAnDCg0t1zY1 zaY?b#`M{#lx!dLBb$&c9S_2mfHA>}Ar~;lq>yfzkdfpp1sr$;(i#UEO+HtStsqMvC zMa1r)?W$m}COm}GY4+wV-X_g}4R>V6wVOHnxmn>=!{y0F&cl_bO(#8?_E=iB32Kd= zDv+~`Es&$sJ7y+a7X@vKLaVTI{ZnTXVg9y&|Apc$7|Ax=R?HNO?yt%Zqd(-F2;nAOEC(&R$|MiOl!R&2l`ORP^s#uIY9iY$C?}f$ld8A=Rv)KJHH=0&!S@}i8woZ$+T9e3*M3l zYGj{0;!B~$A+sfXD+UI%FV-X)%uyR!p?Tb)W>jJX|Bm|)vA7UyKR+0KaX#yXIN}gs z!Y?8iI4nr=hkMzxX`vsvg_p|kdF6XVxlP?Gd{VMwAV2A-+oE5R9*ZM?E_a%3H`s{v>>y7&6(x*F3X;=R<;iroUM|un~!Tw>r zwAxp%*|$v?$r!1AcXOCgD@24D%dm(J`;}W2GxUYd@)G1XU&I$RK4;{{cw0D8dmnucD+m_py9)?~| zwNC2!H?ACvxz#?Yc2K7^I`!1ji0YagK?LJPJhUVfBgj~+W2QL?Umnfn-cT2VG>|oQ z3w%4=))dl8cUYfx740(4fgCB+X0xNro*<#!pp-;AtBy!7$;g~o-*jA{1${_x_vk(G13@!DDWZYe%Wzw zWJe`-o6AigjaYUBQyR7J_+#*+1L%;x#QW39?+f6jm?TGipx|2$@L|}>dU&t>J^zGc zJ)2eDQ81u9w1>JW0hkCs?h|gF_{_UdjKJ{S6R6s6x&h{C=yDur@e9}Z>kAgxyUn5LHeKoTeM(9Xv za-_-=De992Kw{}4xs-zPDPn!3QsxQ~3iZt}EPM5FBbD_>;#IS73g2O3fqf$BRgs!K zgO?oGWhe*clgm{yu(vuU&KefOuKZ%*t1O&$=?KjX{-#Rtyh)#clvfIPDI!(j<2=Nd z&YlxkxkXAAi33^$sqv=M+0&ELQu(pwzLD0=FU+smbx2N_6$DSylqHm?7o#NdNr<|a z5;~#=40Mbx2TT!d5mc_P9yIq0s4%jy7+AS#Ifi*iY6x^<37+^G+>Jdr=try0O7FW9 z&Ku+XZ!VMV2M?U1?UUXyY0-Eqgh%x9)Bb$N=X)nduM5WCk#u;Q1qjXr1BpL#x;}B9 z7$2P^WUXu4^OCVz-e=uj#kDliUN024ZhAu$SAwh@?p_>ilHJ`s+}z0x6*^MaEUnKf z9G}&SZIfRR4l8`i-`w3P|3Z5!y0ebMRhSjl_)PfV)5yU+@PtpvTU_g(%&6Dkk%NvaSgtx`}B>41}oZU7}s0hI}{ z`1&ebRF~Mi+UB_~HM?o)*Vm0aS6S~mN_it3OjLqVw(L@3d77OfDQboATYuK(7-`x) zAt^{_)v(*Dl1nb-sjb|%ogZScAM;#@6TpTdf*(qQ8Mw;c$GLK6pj~N=iQJv_wKEH2 z;pD?sCyJ2i()_qNLTaH|zI36?peQ6m)~oN8?R1Df&uf^y;S2M2=&2dsuNTe3nO4%t zYsovO(snT}9~xhxYtw6<9}RR~wxIe7pO&ze?xLwjFOYOZ*A!ugqHzioJpX?CXN zY^W^d-o)!g*uXe9q}5Ek@Nzsy`TggKOJA0#n(xn|CBgo{^7!Ba zd|=b~fsj8U0|R2Aj;~rw-9AXsa|fqZm`a35!pe%NA-}eIiDJnJ>YBC7y_7VxFOT3& zM!2Ty&=h}UsP|Ufrt2XgY@>PD4pK%3O0_w1vny+Hi}3az<0LPUL#x z&+6F_+z0nZgTXZ{+;y$Fcgqg#<;@)=ZZna!-8%E-ZE~jBb#2MtirRGE+s?DCOmRQ* zgxW>3J{j6nO|SPFN1hzZ=PQYvL`9(BQ?zE+Z=UaUt)Y#tNxF*G)+J5m@gzGt)EI>Z zY4$2;31-p?v0&MwwaT3Meat<6dwog3>Rrwb9G8h6Y`0U3O?fd%D)YD@>-BpEGtaWz zZM7@eSbdKSJNu2SEzpZ0*fIHbGCr?C5g_8b_maL$0tw!#d#}mS_UNgl|Lan zv9KZ_co=pc6jf43>Rca|hUds5HLam?t`8O0PNf(qQ3wyt@ z#&w=YDdR)c8m~6l{dbKzlS}8-&rh==7Yo!zS1marO;p5qpWk(S$qbUdIoD~xBP`nD z8@LHTst&o|)>oqI6kH*=)TpB|O#RAJtn|RMm*fw30cCK7JMQd5;bZ%7=Be|6 zoNHgjKgBu0cC_amg!lLR^Nx63c&aXFG(Kv_E_MbekF7RaH~~GVm-pWWU%A-84z}Rg z1Tj9*5t!klhUvmc1;AC|89R^)kbLeD@VCma> z5IFVbH{L=9MpBI`z3}0-g?|O+?IKT~#!8*KqYbF+f})Zj&+9R3>gBvn>xP8hB##$> z^mfh=qi*m3j$?wL0s^haZ~OvkesU^P__u7v`sinpPX#@Cm^_acvKM|i~;?? zw21rf2K^ccYE`ImC<659KEb;nHL;omvWNI31@mo{OB$!#SuHmj-AbRMEMNodOwaUH z;f9Nv;Tn2r=00}UzXr?zW%MO3A-ZqN{1C%k7J`pUa%6b<+M(y40+iMRtVSnkKz*8k zyK$7eUfxdn2t7PR!aqTBC{EVb44K%C6%vd<05@lglFrT> zp9R4W#8N1y0q^xnzeHcZXUFw7CG`W_z7nns+KxgBEn4VOk4M?HCL&w`d;Y?S<4%?h z-7!F3F8sF8&1@>-(U=XU-9<$#8a$aCL3DxqVb=xMPFO9>OM=i$NZMYU;98TPQf?wn zBSbzN62uf=i$Bg3YhA)+miv~8TQ+S985lX6OoTyYzZW?# zrYIP?=rr@0I2@J$^%B#}09#=eyd~gxmNaLp0tx1}OB2|G=DdM7H}E3n#F12OOkh}k zS5}Zv?ER@x?lMrrJFG|59Ni9LSd=yE$AmZVcn|oObUB`2r&yIbSY-hkt#vg@(Ae%Q z{NO{xh-AlP80B;*rs?H1GkuwI)A~oYVqo{`ka1&&Ti7b6kaa;uR5$QEocJ=Zn*-MC zQtF1#Q`k2XV=hKJ8a7g58L7+U?g`Q;WF(sA=1`nf-+tn>K3_Khrq+U{giP-@y&gsi)>u` za}Vmy3(CO3P(Wj8>5b&qsQZS6L@SL(CRQtJOWVcPV{@G%I}VoO4`*Rkf_H8fO8NOY z9$L%l4#j5D;&yV`)qIIU{ysM4pYRmjbD*6>iZ>Nq&K()mBC`n_1Q7F~OWc&7KarHQ zQj~JHAG%(`eEpVQ=&~G_jDqla?M~v8(%~SG((o5g5X4_j$WCewJ6Ks@TdQj7tMOj1~OjwfPtfoYbrkY9Pzq`4cAWgUyjWBP7TFxfL=f*(%rOfcWfvSy zXqIB0-M=xA$GrpyAML8Cc1W$9t5ds_#i}Hz#P3$?b`J*vt|e|Dfkiit6rJa+&-r5Z zA(Lrn@YYPzRSTVGKp{aZ6QpB>z<9G_i?R>&T`(Om$TsZh`&C^sZ?u(ZmH^w_Gq^hT zsW-8&9o_XtwM83&kDzkVkVGhbbOM5>A|5dGUG?1%AvYK&dRGzG==eRKdn>cYs?b>o znPDEXB$_~&b5Nb3S^0!BkZ)}0QTXw$;d?2_<4V+|?kCAF&~OfKRLZu<*#e`pPz^X? z6+T7PU+`&^W}~(AgCt+T#~bkSqP_{i6RaCSX2I7WfNgq5dm`xJ#D(C#B7)N23wMKY zK5DUbeAwLg0`|(|ud5Vfg5vF?Z{7skRePZxvJe}bDnu~QGTrdKIqFq^{w}M>J0o)H z!uzJt#NUCC6ho8sro2U8Mv{5r$_=UlW6-dp=}X>|P98fh_7?Q{<3*tQ5pF=$TT&8v zCm4K9b1$;jN8Z9X4Da_hkB^z%**~xuE%loXeV%*ZDx`x>!LVBiwfmTP!K~BMD#ad# zO4(FAIcNl6&1gaH7sE{X9e1a#nPBmbj%*9lC zyL5PE=x0Q-Rd(cmwnLxOiwI{G{0ydx8GY%wgXnc|7_T{yyo0eZ%)I3?MRA^i-8Gq3 zYjbUUzK0El`u*Y%#bDS-^+E%}xB}c;W&&y_5Bnmj^7u^BZ8g6!vTP5_>}MW z3(;Nee7zWpD~yfGa;o_li!59mRU1yQg;k?5rBx&1#Uj(H_6^hO1R)k8*(YN!X2$x4 ztJJH?Xm6Jv=~KXadrc$z^2=!iE?(7zWm#oeBnbqa*A3#uIugZH^2ZkP=0XylY7%#1 z#b@#*{1VN1@q!Xou_K1Hma&q%gv;ckHRLc1Wd53o!{4r3md15RQ!x<17N9w7wpB;1 z9X*h2h4wE`qAKGt9>)WUM&w zi8&wpG0QSX1{``|3-m&JVkmIpe9tX^Fb991oiBTc7|} zc=%;|1xB}&b>`}zRFhtEaX|a^o^;|Yj`KB558CLNT(V&9W}qF8KD*Yqp^ zNcRZKW*$`+F4i6T(oE(AXPecw&uJfbfj_Wt$vu82(+2qgBAf2|65rar-e;miuyo)< zrqWIVhNOrZo*>+ha8{H67)#ej z%6%ioDh$2uA&x-bD$33HT1xd|$&vhF@vSu=8WsW4F8ZCINFaJ@boDOHe)9ATx8zo; z(iqnR&{ZfM3S#eftlAIV{zN()oR$SsCWD(-UE(25m@aN`OFxc_&T9*@tYk1mq8Slg z#EeFE+@Yuk{Ja9-nXqr0GDHG7Fbgn3QYBx~apV?lJ0J1R>DSktygrqZFRFGyy}gAk zx2U2KU!Z@zym#_)SLs+%Ellj1oN%X#u6%N6UiZ>brz-8Mxpn`}3zWn#_Ky<=8UN}u zi$61G_@|TM{{2bh-{&#^jTKIee>$<^FR|wT$+EM5zPjn(UH$dCTDWIh5^WAT4Bqde`eIrmS1#c#Bq^Z;2Sj`&P;Ka<1cY2|Gk0V|yVg4fbUhGu#{ z6}NwB%ds=#voQgr$_4FhZ2!kbc_RlKCwl`U2QIEZFuZ>LPymR~{Z8`wJ!Ju~RZ$Tz ztIx##n_Y^EOh148CV{G`__I9w&$b1as0fe@W%?!5`SS-rfRX8!svY237<7Ks`%C>6 zQ19<}FhJGfR)8IVMSMRi0POf=Z)2cfN+VOu$1j+;C$$#x*`K=^Caq;H?jK6>V zw(*yoB%tJPbprIze-;5KDgUbaw>p0%M9BkO_G=^kZzX?axdG1p+xeJ(+Xv8g{B?%k zfBkm$UpF9me5T({%kwg5%&MQ?hdoHrVc>V*L%yGMv$WC%_ved|wX{MRrlOcI?DPufs__tGHiB3}e`cd# z88&uNx_caV<9y@Fuv(_=j3DDZ=Va+f|2B~{d*)GZxDyvQuXBp91Dhm3-tX~+ONaoj zR>Hv`_v$0$cBr1MOAk9r)mO=?)fhvE zA2+KO9yTImaR419M5&tLgP2VL$U#!ZdrD8rQPPbRUCSChHW05jbZ_Z}u^Ws_k|%^6 z<_DJTQPI(M#8l~ys8_FsRJ;500*&q18|#-Ryg2XZ39?qWz1bl70yyE7lCaj+mVtS= zMG?q2kjhqJ)^$g`q*ANKE!NUyn(OaiG|ApSOi)M`p{pI3{QI_SJzZoC~Qn4c%&0YtQ6lv>{O-`vg8O=a%;Ikh}m8PyypORn2Lu0QC z;AtxPHMQH#ItF7f=YVE6X@9!FTh%3ZlIV!gMKGBmmDA3L5ed!^oQ(n%wURO_{;U^x zxVfUV4+a-IY|C-RaG(~lmQ*uMpt@7XTgOk7?I>H=GLO8`iBx3Ryz45RYA+L9w{<;-x?83F#{Dp_ zNefE_kNX`;@pH?vbfAbS7fgveguYcKzISX$N0KDA6t9w)x8Q(=-i}^*hF+0~AV5~= zhy8+DE{%FExS>v>3^g3-*rU7&2gbZ+zElpK%B8+jcMn#m#K9L32Sw4Vt)>0mqzY|& z@5IC)^T4!aFJ5)?Y7|;$5%kI&`kJ~e_D@{?>T25>UTV&-@WVb7tb{PQrP8yrcX;Bd2y#C*rn3``+I#XRv*- z!;b+POI~rv2I^(exdVR+YmBUW71gaH<6@0+n&~x=+B&lMA}DFICc@p5SL<9bcyLNk zfx?~B)s$Y*0{2LRh1aY4W!>5R&5f%=Yg6y>;T$>B>BJ~;6??M4)+jG82dQ4Z(7}08 z6mvt?M5mx}-PnVq8C$1YMB@tM(|aH|;GRz!3SdlCTQ_^goLV1S?g|iI&1c8qH^v^j zw(yUU^9i4?%#&C2(1bbyA$a*+6p{=Gq83^Cu0X5TL9Q-2{JH5ghpQMPH$GXVML$1Z zj%)4c!rvuP^zfv(zRaZ!xAR^H4Jr5%h?@pi4@ImgV1hH^Na&jZgO|Vd3Xq23_7oMyC5@1d{Q6w+e$Ry#-oMWlD%kr4oJ%qZ=Q8MESBYAXYq?5LUfO zDb#Zo9|y<3EbDRv;YMwcrqfe>jMXK+O;Sou+tj8cf85vqD;wlBf84w%YdRZWT~mS7 zv9>O%ue5gG$~y~H{eDD|xZ^@{={BF4uy!*E$=kX@X2B^e+>a}tZQ~9oA|Y9_>KN8h z^2==~L_H2F;@hEjgND9|{|mFSJF5+9wvE zULmuQXyp=pJ=8xCAMgzn7P37Q^SztzGU5}Fr5Nw+ z=eSJneUsqgn~~H8Va3ff{P>g52YUfnM;2+&73C#Tk`BX=;dt^`C>npSEKE7yT`4f` zTqrqwml{8$Bzf{|$W^3bjrmVMkVp@qDJdj^k`M?6IMj$eM~D0yb0&NVvnT_l6=thh z$uYZMV5bf6UB4cNmum=h7P|U5IaY`eoLJ0#tADl#*PZP*{$bXET^UUgj2I&s=Uf`K zNX_@4l7zmvv-*5iiXc>v5z!*CeQ-0c4{SQ#Dg>kiMP9MsQZ2kaLj0kCYb-B{`9bkQ zIGXrqeEv&&5#NMi~S(eGlFf_+vx14D(DUuowU_c)hKHe&)1i?-g(5m4gDpQq_ zW8zGn1(I~xbb}F1EL=sPZ2Emh#*>LKg>NohOH8_ai?TjM`L8&F*}_ zDHN0BB_hJ^k#mWvesf)&>gL&$yQ}@jvyE_^gELb+BsA; z)%zrkV{4HNv3JZG5!m#`3#?Z3_5qYfSndHP36GsOmeminT$0PJK+|a5UkO%Pt?}lO z6vGGZil#UYznbD%H{jVg0C}F?8%^g7FtrXDzRNn}TKaavv@AF6pnQ&DH@C4;q@dxK zyK-kpon$NC035dm>Ks3Tsirq<4}2h=G^40TK^e#nca484qfTjwMdDX>A%e?F%27Af zgtWTpMSa;vYNrZCcE*9xH~2}Evc7oVqlVjvt_#iV~PWb0Y_5>5+=hgwERqE&g|-AB_--pdE6BzDFe^2;l)Q`g%05mp<+nEaBq+_#fgt6i9!e?$5(hQC z*o=h2>k}kRS5g6F4(@xLilLtY#Lurlb;xl@kIKxOo5MNIS(3B2P#1=qp=7HCWnH{s z?Chc_geMp#Hckm1SH|}FoVd*$vHg+%KJ&^~)PJSogY9fNUW=2U5w)`KXJm9=xarQx zqB1LmI8Mr%EYg#J^U_9kKhP6Na45=AHpsO$leRN}PBpg@cd#mBu3LHMTr z;WA3T6k7vsx|1xto5LDW>G_Ndx$`NZ@0`-NL{45_&(BO zeD7e!5P=-WDHT}mp&@%`VtHX&F=`ZX6L{4K(ykwP7fP*~BX>exN4$KR)1OHaB-Ii} zjHu+~bF^HgsE0|QP$P`0e8}J0Ct=YxWok|MN!$qdx1}bfWFOcIGYG`A-!#KH!KJHE zU&5!!{o1zTB^pP}g#9bni@;uTc_1D8`Q_+E)ZO06C~akSIi%w1_VQDMizKT7uiJe> zfG{B8wosycv49Y=h$Q2;kUyfsLoyYnEU%79cMj60k`K+5NL@@-^edon6sPKK z{K__3{x%s}3wwVY8izVI+b52-%dB5qmy2y{SF5e}v7N5ml#E-i2z@qdRHE2#d`Eae ziZ0EFnQ?(xf!4g>>d0QV*Sz0oTB?yei+R`&jWB%SJzJp~{IPLPPVlDTD9KBx2(qbk zBdlT3^d%PQut-c}iX}fqp8Cwk+(IAG=IQLYGD_V7HKj4BTIjJnHPNMr+`1x*MDfaW z5vXh>rFtfF8JxI9dK=(nB$;hNC?i$QkOhjk8b$mRAeiRs0gV>V$dGB0N@D#zBVvA| zz!0a@WoX05V55>-2II(}K-Al(vDcKK{FvK!Fl%AxKNcLss_#3K#YB?;0^U z!VXh{%l2TaKK2!@H{j74jvC><_+ItHsLRxd9r&R z``V|ucVqX>P6)aKnW6a>_=yN&d|(v}D*?vBfT}(ZqR5tUEHU@fKnIESf;yF(5A=~g ziz6iM)M=KVV!>4$ANvdfI5t)u!4%dJ)vYU*_y;QF*@Ym~xKrzrV3Y01cuq1el7iG? zI4Y&Ch{w`o%q#Tdr>Y!jt#5*)uX!z1+|1j94{WHohw*#>6oapnhTo5u7}uUnjmMR_ z9x&&}9#~d0*zO+^)k^1$mAhWZhF^$HBcB6f!}zFnql;ol!y~a26oqa2rGTJ&6O_Wh zwYI$;#+y5ro?stn6}%D6VxCme;_~k!^3e*UiTMQ42)k@M1KU}3Z*Rb?Ecv#2`8$hD z!C?qPM3(ugG~ylQ2^8Ycq@)QRs_mhby{=Q0%(lqJ7R6xJM7ria=nznYIjX6T6ot>o z^Cjiy`_M>A0&!DOgSn}xLm$@Ep-iRLK_+Xth^X-GVVQQ)eM&wo^eaA;z_~1=avH0x zh))L7g1YnVDF}ltM??hsG>wX^TTHivd%fnM52SY;Ca`!K?*lYBg7mrjoz;i>Y0x1> z8;9(jhMpdK;KoYc0O?A6ZDYPDyH5_O0?21J_#RxYJ1wgW&*dvQ}A50Wb6? z7Bd=(Ys_J>$E0%|TT3EeE*46m!E_Koi7eyPXwM79UsMF2m3q&9M3;0vRcZ z#-T2_nLfqWogNy7>xYbW5YuML-%=7ws;4IDGC&&MV>jujBP#yf_}a1t%mMAl18cxH)*`P ztmAhmcI!dz5PRK;j3sb1jktQ)^+PGvW(4TNJu>F|q)VmpmNuNPEGOBmR(Q@*@8U7m znhS-y&cG(Obm=G@wT{>!XhSqH=WOTKF>U1Is8uTh$-#Jvvyc58?f7m zwz?^(llvZ!%8hR9OKdmXIq9;z!J5YHLP^aZb;(=M_cmZas5_ z*=l4;tJBI^u;b=sL+=iLF_%CJnjq(%*7|xBZGmntbi7s^IpQW2`^E+BgPl7Fx`O_o z)+A|HPgT$Tdq)QkY(3d%yF|SRWQhH){a$u-c&s>w(aE4? z+{Uc-kXUNLogqawB!D~iB-y`bA41+2f7(+kQJi5892PfBLDQXx+n-=(z}=uIz8eju zPft{ZEhIhha7`{Km#aqADORM&3pzl+s7X}&hDJ1naLl{?J}s#K7S%F9a*igGefRve z_C3!J)EGPRUfKX@7(@fT=1W`L9LiUr_g|@uC^R|zYl!D$U7FpO31h&Wr6j}`tJz6D540m1UDfn)a^xW@PETe_*V)_v>x^Ul$<4D#h#DK5#n1aaE4?%o3O(&v|k z)$*?7opI;8CX4fyc`U5-J)E^^uJQ#79$wS)B2>-Kn0Ht!9Z%QkQ1{lKF%@G7C0SpR z)^{nM%zddkx`Y!LG9|TI7x>2JRFa-N2vm-jS)}W&C%E_#PkMcxl__zixyGQ?=snIC z#&?{Xj%*%QdFJt6AKO}ldoq<ijJubT*7vytdiet4 z$jaL5Rr_4wi>Rwr*S85RCwpF@`nUwUYP{)*bGrfw;Yppu)rD>IY`0`%^R#cg>eBjk z-aSxHNvQNl?E_P{dGD&r+FG)ZY=79Zg4cu$Iu;|WHaQ|6BH_)mZL7}CP^f_Gy-Xs} z5c=wkE=ts8aX2(xnkUB90;g0OiSwv|r-h<(=^nDlz`+Sp+fLi(b-4)tE@&&r&uh$! zTvs2^2}-_A#b1kF;nqsuGICPx)Rdx5**a8TDY?G2VmIG6ts?m?!MHV?1CKgV5iUp4W|2E{5tqp+3Cg2p%p97mvImmEH)EI zOQxe9vC84GVD4}C!>@M15>Xl&(bbijS4}(9h$LG|_@+Ee*BHWCOL_|J)~csp2?0Sl z0-=85bokPQex9&VF&Z^63*>i*SeInj@Jcw%&zFdPTDt!qd+!`vSp)9rc5K^DI?j%r zj-7OD+qP}nw#|-h+fK)Jdiwji=bSlJXKL<$cW%}FYt{1FYcJH^&-4D?%J8a;;cK(n zgFe&3E&O6x%Rv1J9SPT*_k%l|`8kpviEXO5UrfWl&7G$6AvvL09vwMkjk)Tl06b$f zC{X!WRl>k@yLGJ8iPTGHfzNCO9t4-ownZisR%P6r@-8K(D>tbe4n25bMIe`}?DdN? zp5h=PfT&X7!|F82^0cnh*`Z%t7rZ4`2F(k@3mB%9TBo&KYRW@jBJXJvyrxlG3jzkq zuN{OZwW62bF^ACFtMtOW@EZE;OUnY{wf^L>fv$7Q2x~G#;CIGQ$%Jw_p_=rm7nl$e2WZ1CBl_BHl$VU zUNAj$80KlR5jbT^LqFhg4M0goZX(NpwA*$8w`WWfAn8QL($yvCM^RqO1abm&9@LVU z`mj4!B+pxL+ip>W;T>8g{`gjcQNL#5wO`09dD)2=<%Oz40Qz%jQ$fp|m7B&P$<{FF zZE~mE1PBJKW25I&Ia3rNdRAv~Q{}1#V9uB)w}r7eLwY$vJ(308n$+~F8j~QP=L9X$ zuaP5$B}y*24Ly4CWy5LIgwv(g?NHQQ2g)tNJtYo4EKl`174yce-pI;0OwB$W ztlpZHzE>h0zO%nun9sk1_Xb^;L`#bgm;gF-H4$UN_=YEY#kPBNzfXcj)-uiIk(qCp z6@m5&2hMdS=>67#y@pVkZH&}G8m-pe79v@9JfPwX_0m}yGFn?}+5pL7 z2Wj-Bnf7Wn0fL7^nlrcxIA$4C@Jfxlg{Qk^3F!`etj*Y_07nQ0M{MyN#W==l*PnK^ z6@wX{#=uXs+EPV|6@MvOy-?Ka*<17|doz4s`Y=U5Rz{jq zR07cwnd`RtGO@A+ur#W!)>4IN-;_Wqjnvx%YFc@!9!^Q@?`7Z$NgUN*?&1de zz$9u;kygXNuvq5=y&zK$;SOi`7zY|i;AsM=YSIg%ibM~j>-;NH$X(rsOtg<1jNMa& z^J#*nlTMhf-N-wEC%dI0Tlq?efm}dxXi!jBvBN(DmQ~ktWr4GzFQQch4tufr=j(qV z#?Vf8x0O{Er}W*~I7`^q^Buz7a`jUeozPTerob|zF;1<*L2rq%m&Wnr1WtES2_D^( zhJm?0hwvHp^q<*^FywD5RpZ`}^kQb;U?4O{L51cw8m;T;-lfTp*!Rxsy$w9(0p$td zoMJv%hTyQ%fIXBv^>r8bu4~koZF*an@DxS_>`Tv*0EkkcvT8gX2%g!_yq_xGCQ61sL4GXuuOtEQwNS^dO6_Ij+&G z=k=1;=Zh+^EFfk1PTF0BH$pa90*dpxpZNS9cE_iVJD401Lvr8l&iV5UoNC$P>3G|Q zxZiW_BsPn64PoX?1gn8>7zhL*U5sUzveKpxIGpFmM()PvrOvLh)BYFX^RgakQsvB| zr^eQm^j%W)9T?QQ3(8&6!R>m;DajMPY=EoguZ)hTuVI78Mus3cUnJ7#QT9E)URGmF zdp+4rR!8s-tDekxZbk4^AQer;VuTqJ)v7<2G4&dX&o zNl*c6+|NT=g7j4UCR*p=X&7T+pEFiEMx}h_+@L235G#eBWr(%707o2cIh^-djyW54 zW;ud?KD=|Fxb(KpSz342ylURN{PcdRd7d<&iezwuNA^tVR}3M1(u_$AZT|If*P&4C@} zu%I4{!Lavh&KOT-r@0+3O>(NeUF1-x#S%_r0}GJl_sVYbDiA)18PhuX2(Dd(imNUk zib3<#i!arul?*xWF;sJo+k9h$2Ba-}{{>K{l9USnlHUMDw<0$}`|1S4e zE&#CnQ4Rnse}oCZUm*eTui_(52>3U7S+8h9;Kg+ZKIY{x>FOcrZ=HG(Ej(8)&kj14{AO!*KlZYv+NBaANeZ$WAhgL(dBwfY@-zV#vmp#iF zeBw5IA|u|{Ik^#Q7biFsHccENDb`LaIdpp{1q<9<3coUQ< zSq7tNr(mEib>phNRlj>^H)~WT2yd!S0HO2h@bC?yegP|1^se%fpR+qPh@9{kjzXq7 zQs8YS(&Z~gJRnifmm@Y{sgCx@isGDZLRo8u%DBqNEMnwSA2AS46-x~`5DKyc&=&Ve z5rK{BzW660RU?)38CsKF1GytfdS0l6^{KZc)T#vz!=Y-o0N2dcCm z(Rr3)F8F(lWa2h`6_2<;z1F&MNm}J~8Y=Q*aDnsrEb34Of(_R=Yox40u$sNy*mAmK z*g621pV7-600AMN(Tez(H~((Yep~N`4mO6B77mJC{3F0gpsBah(mCQH{#G3OIh0@I ze&{Y+!~^sD%r2yKMzcQ`iqbdT+{iH}7B8)z#mefJx{R)doeXdW^iH|{r^hIYwkWqT z%()INx;E#at_lI(GNZgyZ*-W8d$I!7= zDcDx^)odo{&hQbZ^JCBvu&ceT_31{b8@!KikEWVo)VB{|kY82k>CN!(j7=|Vd6jD| ze_?}y3iF(FiURfNWLzPLmye3qbmb`}n{zAp7B85j4qDuA$~+>&bbgxxt*U=nrSpV}wHQI8|yzcf9PoeCgK`clf zM(TZ-E?(7>-f9xEvb^bY_b47K$}XpuNBsJmZjDGOPj>#J3WLWlhWb*nM#;cvq3FZt z_pBqW0@qspvD+wFB`+8_0!d4GOpkchcwodOkAv6ftVtDWXVHYz@89&tUT(9DMdwA! ztuWvu)^$v2uH$`ysp>o)of&E`&%*$dnF&X(P(on`SN6#YixW!+3*})(?onkdy#Fc0EkSWrVUCN$G zE2$x+Wc1-U;0alDk__NDqTNl?;wtij!*WRpkxE?2!P=H7Ft}E-2(Z`X&wmi~ZVI=mSI0 zo4u^CUGiM|ZJbc#Idlu8-sI={_Xh(<#Y|^u$w48}DKXE45Quo2{K0FMD$Rsu z<~bqUVm>DObN-q_X<>cti?(U|uW(Pu?`c95H>gFmkRNI14p4V%F#9|LeDnNa3^v5S z^JjvNY(SK-Y-wX}6o~C%vMq4=(tnV}@b1{Y-)0-zfKg3~or^f>&)}?3j#k>Xo{@xU z7nQ~xc1Tks$3#b6{`lxe*KlX$$1pcCg0en(GcvjWOFHy2PvP~RWPKvVP1V5^GsPlp zAH<79I3~T#IKO5dY_$EF?b3u*9HlTqbKx(GdyW@Al)nmibw|3dWSdHMl?RMswkBe> zYhGZcr8X*kG1`gGbE?1J=m+<=tQmFv3Kp1`B#5=aU8POsAUKP2Sk`L@tipcNG+THw zS(~5C%_=EXTt^W;c*t(=Yu!7R2&k?+36-!7O^%@C!= ztqMh~Ya%hUa4yThmh82ntuoF5q4dJ??}U%}i-Y5#Ai4rdtSnkv#?ExGiiU%&byQvb zrNDIdPSXtXjx7BXcY?Ef8J=-b*L#xQ#$w|&vC8azSE;|ES{~W~X5uFVdm;9Tfv;Ay zgcJSx!ualq)?NCR}o-@9G zmwtEynMU=EHi=G+HhfJ58O3EVjhx3B#=#uwLtb7-lwptx3zoJE)H~5CQtI9l1AG&5 z3Z{(dc)#sbr#pHJp3Gr0G%Ha%1^o``?$Eu-%~yYzzS+6)={f29UAaTT%*;K5U8#4* z7dfOvy(?WCmdavdhgI=KV6;>Jcg?y}dO59ZN;FY78{w3|Dv(vsvUK4U|MG(+WZJ!f zUZF+6oP>3NO)xUKS$P*N7R0CHrhKY-N0CW+FeS}{LO^2u>0Az@jv3+Ae0_T2+=%Xi z82*_y+kwlvb*vSeV+n3dEny_#2QR@cJJ+wn5DjO$ERCJeBy5q?2k3pD_8;wrEmuCB zt@_JX)+Xosiw}z(>lNiCji!^)=><7^gs=)U>!Cdg$JNdu8of6S!(=pKljUgy>dmgg zeLG+udLZsqKo|EAmR4_~u4|Q_lE42{ZjK}E)hS!Q#N8-=>hID2V$ld<5XIx_nV|-& zt{AbGPTsVc2>0`=(xb#xt)iu9N5%z!WX@u zY1;?keJirT(7B;{)C_cV%OpA;xE|?K&|Zu$%!BWU_DUCAsuc@JuTjBTE3VG>$sTZO)eT@5W!%YMup%)k9?pv6|ZB{@4!;Fs~z-0`;iF*sQ3W8HA_D&5f9F|z;tjMFBv2t(_=^StF82&d;4Bc}b%?kB;o3yndS zQuA6*y$`CG+O#GB3qzL-(ly-nM715AoBxNMy8pal*$;J7s5nfk1Aad8bMM9yd78Af z6`skI2I5_B&93H1(S?VsmXi1muS`;?h6BPJd^+lhvyseQu2-InpTW~dNwWC(H@kih z9&S$zKPW`t&bc@xjo;ROX|B$|YhSqzFP!jb85me9y6%OQ zkWEHa-W=$|Im-dB)|gS0ezZXU1|wX4NdkH=i+l7m7Oc;>@GE;}Y7PzK>S58=#%c}k zBKGK2k^6e1%gLS{`)B}-TI9}P5BHWMs2&p>M1K;|t(%=tTB6)yGS|8)w&I82V2AMl zt%O1q&<=Ih^KWM7yi|R?Nbd!$2D>XR0XNwqTerH7S>ee?o`^Kq+C7}~W~7!u%&%+y zkfwJB&@2|oFpYxfyXGe!5zPYloW7}*6CLJuzEyGHq{3trKelgeVGVEhZ`FEiK;JY2 zsM*zDoA4TPP#JJt|q1T<7iDEY|_%I9?@KeTFbw)lcr)px8>kLpn2}n9^Wd6HWdLY~Aq zQ0yrUInO&vQH@cM{A`)4bi)l!2oS^qsdLpxAD+ zxxz`93HK9|?`11y@lwX~q(!GAs?|iRWYkCga`pCr=gfymS{;@)N~+QtEQ7^>K}GKH zaQCnht59_x>E78;8g_k91##iRd^2p3aHT~xlrf%x5=qh=J>T*Wm4?olJ4@G5>3cM| zi;jkJr3adz>Y{5gg<8BXL&$9BR6^k0PV;+?)0^hEpN}u7kM&-UHpOrjvQIH7rUl<9 zuuM!z7A*E145vZmpQZrhaurycReIIu{(m!7@{Jt+gh8e{pM?hP_P6>`H)GCnw_(&)X>gk2}#N zrse5g@nwokSFA^gNMC=FXqKx5(=b?7L;wiTV+AO&y2foB;=_i3dXc{D-ML`>H(E} zO&wdRL&M4~;fve?dUTpdj#D%laF&V`*dieXmGd+UCA**w*R}Vw8GA{oDb5Y+c+ik8 zAXj(m(rxj82r7YHHF>G_b!NIU3@p<{5b=AAQUW+5EH&>TlvMcxDFxaaX!zsW+|Py= z!KVQA#-g}db&FbbP(EaLprenFv8_>Tccyis0&2lW(~xU6!IU45!Nu1JVToqc>$QyZdrl~X-L7JCsPqF( zx&$Jn$@;tRFe=9MX=I^XXCV_Kmi-=HOqA*|ak-j5MkjP>Dt~zX zsi#*y7AI&~GyLR(|Cz&L}-XHfj z3&bV1<{? zvU>FGS_e;2o(A#L*4w2G&&5I&q$bZp(}Be?d3vQkty|tVN)YrXapdp6qKgP4(5$h@ z(6~MJxnt0hXJnqbZ!P-)7qW~PLYa_h_os}Q(ttJeo}EiJ`h^ksUF$LjxFj!Gm9iT| zC@TanUD$8|&eyytsDjr_An*$cChPXGh`$aLUK{}J-G)yajWLmdNP7*M50QgnQKn8F zj&RBZHKaz8ewR1gz|^m$?KI;gP*elC%b*2KC3)R0(@f+T7w?HE+;5(b!yZ? zsxBTF!Y`8_>dEV^emgumei|~`z?j@I&D0^d^5RK~Nde;!!TG2|jHh#qb@xwZG~#9e zE>%W(I&V~*m0s?45A{TOi7>k3xXg_qd30CDlBQr+Mw`S`j|d(F@19%7t#RE*1?JEC zjUFU-1McZp32>6Q9og&*`XB0i)hfio3Tdu3t_N>X=SI+Z{m%B!$`{s$Nicf{jMB)I z@F-wZ_p+Y1#z$fDxNCj{NXKEZ6Jpkkp46-M0xg{Ew*$K^jODM8D$f0eo(Gxt3-UDXQTiMi*Gc?!=D;ba)UT4wO3<$x&FX?{`1Y_| zXG8%W4Z&@S+>Klks+lRZfR!UG2(0&Cxw`u`lh7-eu4&#;vWcS zzXgxJO+a^hCmxOw5-DoREGpD*4paHf8G;8lTWMHgY9DU@;B~)kmq5mHXHKq4v&}69 zpm5T#)XgYmKv9cjKn>U4NnvhJ1R4&XjdM^{&dkokVvqwG(a)4Hrf0I3xWgS5N+g+- zDApD*CYGZ{dI1aT7A6ODVwLMQ^cn zf?!{+A$Uv{>ac3KrS%vKa$hh?3nS*H9mv7wyE@wtUwuhyh;y_FHAtb&sN7v+ksj+- zIzu;5m!dL`@Y&51R(w$sGBP-ZZ?2l^98ipoE@ZV?m#A1VDYh@mFH0ea!F7855c)pt zi^7%l<>6iQ!`R$EB3QNvrmRfhnB8DL-%NS$WG?utAcF&M)$7))$Pvv5?7b`ncnTII z9f_(|U_J0JvgRBpaQc{mn$Ln>YeWDr1i+DgDmn~EI)%I2gR(#_VCUiBvfHC+bF`t1 z1Tro>r`+OQODJQ-O@&IKV6agYMq6g-Ru|v!`rAZU_g#b~wo?kN4YQqEV_+odZD)v) za=}6n1K4(N)R-bJr@;j1wr%ywD=`*+b0w5tJM7rOi`>Hjj z6(H%OQXVsH530r~YY~qPpZdYYL7devfrq+p?GrO^O)I5C2DPWA|oq zUAQfDj{paBOEteAQ9F?+5H$8+nz-35dG#j+DF2AS{VaebN5yZLd@CelTx(@d15JD1 z5tethj=xN{MTI}&e|jtObepsNpcJOG4*PhwSeZ`NJIbP#*U_`)x~jE$6eaQA`SHDr z@H1MY$7m4^Lc6jC)Ai;s85pWAb{i&=@Z0L53f^c#``Nc_dKVVJqV)bdI7c^G(})p= z+X&UC6XATk#z`1n*oDL97T-Br%lKlKrq9Q{RTX+S?G@{KeX-TzUVq4D!7Hl1%7jrM zuwnQZ#tnZZhzf+t+_l?{cehUUr{;F4Yy?8bhxe0`7q3X$^Fx8afqIt9J14$|plcv~ z&hi$#&GXC8SG-Trt7w~DP3EUPNQ!A1kSc=)x18l zYBews#jm7gL7W%L5iu(2Rj<2ZX*eJe`LBzQ5Q?xr!?Qq04*f-5;PH|^8uTrkD41id zF?x1kPTd%XrJ3JvYQBJcVKGNH`)`2nKiKfU0N;Oc+kY0e{|f;B?*hL6-z{waO4@L$2 zEocY)EoBG%Eq({E{zb)qYvKWHf7fICyB^2i`F|NO;12};5A^!a74cutD;opH|EV-R zQ^mq&T?GB3S_hC5jw&X4=j|BqrEVV%mVLdl>fGBj+&AuPP?SJ9>0#m9*%Pd|1N8YO4{=H33|HnngbUj)Wb+9{>uFY zw;{Ay0r{dI^#cHLo`mQGz9afIRt@h7m4m03{Ixi~Y`$(+H*w>;ZMxC-2Qre)Zp_sQ zcFOBx6_;mgV~mJZ&pO?}ghBVAuLcvbgYoakyg}p<^npnArjYtQSHG@ngr#X7;B_j0 zeOH#R;OVMdUZ5f$-Mc#<9XA&reW0Sh86mFm`Ea{AJ~s!jABcuzLWIz?hM&XBrnt7} z%L9rz`<=Qb8_0chl&!XAl$vm9bbbthbo}~YxyzIQTF+t$8X#)j0;gDl9E;`PPtGy9 zJDZN|tTg_WJ&ADG3d#D)K8R=n8P^bU{Yr0rt$w2`lS;>q?4PDX+%{gEV5G=&$wD+) z4~uSOQzyyLusPpBPk>CQE8%GVk+KtPfA)i73A-E=rR&aqy~OvOx-i!P3mOM)PWEW= zJ2h9qki1#yf>&=n>s2{(b&TQr4AL0IL>{}gP;;oEL-Em9eg<~snT>r)nW4`IGdv0f zQx3TPT-rskNTMzI{dNh3ntpH8ri90|7jTKzkKyJH zIWLjNOPNf0rDr|+@G}f0VmSxj#hLIJZ^?HC&c@GDzGDS<#OUQ0DPqWM%RFP9lf0mN z9dJS<$FsGl{A&BWxWH@s(cb26=irEzMM*-e z*aLY?LXy!~+aD83LdF*tQT}>QIqf3cM&#n=m9sn=OU3|Sn=5R%>ma{k25kyl8xvHq z=$(<^A>oUnSje0-gwSAO9dA_>3uI8cvZq2D+vU`>sjPEdo>+_yt+95^Gzni#sSxf} zvGxU)JoTqv?r2J08+Ls~#hZRof@Kp`pH971{bRP=X;D)gmVDw_xlFMFsLXCsn36kV zyjSU?)iOZvS~OEmqDY&lvryBcgv0}Z7H17{Vdu2>#LcS?2q`8UwlJeN1aDXEyvin6 zscT#kG0rHC?MJ_?(SuRDvA`X>U4Mhtm+R4Zair$7%hTzQk76RVHe%uV^Se(blJ$JE z`TcMV2Fkj%A>(qEQySV9B@pXn)I-Lr?Ai(f2>@a#VwRXN1xLwBo4RQ6-CO<|!MDJ8 zALWM`LJDEoslW$9MJh&!&Em=Cb%uiwx>+w%P0Wv|fuJnVRc~H_{730pf0N=k>F<}Y zT|?m{%(o(Yb~!Mnk$(0oyLA$gNs)E3!aV9O4CLi${%SA3Rj za)R{KN%2Wl1R)xLD-yW0 zgxwvgCE=s`P~NGT2bb)WOCw7Wi_m2{hiCaT@m&7mjYw5_3PJxiOq=_4X}!+uFJa-P~j^8{ErnKZjvLSnd2B-Zq1{l%&uuUF|7z z2A&f7qAWL?7Ohk0{1+4@t@W?IHP>n}7&~!U8r6@joeTQ@M0jbJD8@OT#Olq*_5E~u z1v^olKvIn-5`&_Oa1nCuiZ{x7vbfz$;CmueT5TVE#Q}rx)maixAFlPO1Z5%62paTs z(##vxvX`p74Yn5x>j#J5deVcj`AMTY-;o1?ri!7HaDu8X-~MfzSaRG5+cB|7Tbz>Q zrMQc(bb z;hx;+W5maVSuK6ro1@s_r z*@!@pT#$ajkOLhTap{6GMUjE@)2sy~b4}tnTM);QvBF?ctV+8Z>Q9+IP#6Y1&CFLr zZ&Hi}hnOEIVA{tY9H0#4V@`Fe%WCmDU}8HGZdh25kS%o0FMMM5qts+|g1%&N>bEZp zvPl5$$Js`=CHf9#M%Neuim9#UHJiKr`*Mh*Q8i?M>>2{@dIdyu6xh0sw)CT$YKs;Q zK2#8gt$K##`8Ql7L$SUQ#@8w$HNnrf*J#oNI$Y(_6ak^|Q|CL}NQE!hLw%$$5C$te zv|YhjijOsv6-vBe1bf3SjIoL^X;33Ik}7pu^*V!N#Pl+{^w^Cw+f^~~ltTLOso)!X1K9|| zZ%f*pgCCm_GwQjc5DV~@tunz3^a3B%`|9dMqY-DtmTFEs?|0K zrWmv%Gn_xhfE^6XttW7pxMxOnhGJ3pcUNRqHZXaoglth;W@cpedsUl;UafS+nHA@u zVeb*y1AYBHK@rrS7-pWYiN{>*zu#52LXZ~&nL|)qOC7Q>9=_=47Nn8F&azM?r{uj> zd1UPCs-oZRR!ZL?2N~0x{a~(tRi%5bQlYWE6kHuLxPY>h_8-4k+ht(QD?7;K=e=r8#ad~XX1vyTVoS6u0Mx7 zgNh>v_Mh0McsB>R^WH*1=`l(w!u1?E8e~I9rJqWegmcb!hLVtr^J3jgBZ zu_U59v4a6Z)wmhfG>3yvm~2sE+;}L~V3k_llS@i0$h_Rv(bo7bL;_0V6iTJ}Ex_6Q zoj_{$sP)(S)8lk)Hqn4GA}&$uwT@OmO`P&jZwQFRu-`~;;1C~*4jvo28R`3nl2KJ} z+mupLVS3cp18SwFw59v`ubSD}ulSZ&H0@<5qXap@B`T^T*H<5JXY0SbH7A@bRk*(q zmbg)Nl_N>UA2w=CO7_D^3AoP``rUDG5Pd8Zn)MWOaQN{jpo=NQqPQv*;tye!+j#$YTaBO_+G|9vRNs>c1WD#}!T$Yl}sim|k|#4$Aiuv#AJT z>EPH&%i)r#(`Nu$x0l!Ra$5!`Ji+wC(4wS}Z+}$nIp~^+sAECG#Kis_Oj<^XGuJT9 zU{u;Pv+hgvM9Z!5DdvX``_Ls6aUnbhxEx31MMNxQV)> zXrhE^QoxaF9xSubQaNhqw^cjC%4mejDPA`syha@VfdQb91C5Ix#X_b-q-;CvJYac2 z-63M6Cb^V$%J#*>Pi-?;e7XpcD~kkK9u_@t1;R$`ik5iclPA!cymeB7EeS)mqRf7% z)w;|n-71RCi`P0DYC%Su@@OfGMV+yWTWe+^bh^a=tQ?q)fg|38$rtK0W{J%uMqT zLI=uTn6gvE!W(gXIITkXFDf90T=&b@1yxP{1cuC*Ja-{09qD}4 z@A;&iEzZ|p37_s^X_18;`C10E+Ld7DCri4Til-hG$8?SmqdB^OjX**h*MyPHiXy(w zNu;P1F4FahQR6kP`{c#Jt-(ZFruGGi3T+w@nhiz>%}J=l3Q6Tplji> zt5+dy({~Ia{mRkA=S8~9Lsi1I^KuKnB}r<=Lei^aq(XX{(oP&kb7-NKggfOJHz4Hg z0I#!qF|~OmL@}!Tv6UpFz3W~>|JHw8l^i$)JNri1#p`()qdxG;P$<+{DpI{cM+)v* zY^bJ25~2(E6+>SV8>#u|N`;n;wyI-7)J(MD#jx3t%nntjhWz~n-#DnF@sNjcCI-GQ>M)jUV9v2**Pjem>=8Lz zHzbSjd_Yzpyuo*ABM#RJdu?~UeWXE4dtDfss%DWVthBYp9|aeIn=4lRQJjK}6vqB2 zJn$p$@Z#rv!}&se4&E=d5D0niwY#8eQ|6EBljQO~!Ni}zAu7}88NQAeVBi{!EHa}o zRc0jQzM7tIn=vx$FqSYfuz4;&$o8$8C904dJJE+pm8m<12%53Go#NKgdG;Y{!`vP{ z2{2pp$lrL?+z>a>C!q7LQoF>h?Gn^wL%TQb&f>aFU!2Nn*uAxmDd4(49W%CBHgvcMBNWI3%n`WgKsxrlSl~>88%$Ep zx}^Tf5af|5q}JVspE|(B^|uiQqh~}N7>7aD0ehsW$(JA3i_8YuByXlb4jyo0T{;S@ zd@z^f7L6#f+EFBJ4!oYB1F!cmq7zu#zMw)_S$&s)sO-}Y*Y}e?nW$3P+Lxgdjq5S` z3>Tc~)IL@2u^c-HnJa`gp{bLH=OSs@lt({xMgZ!^5bZZ<|0S3*XRm<%c0zP{ICX)Y z^7_)-sn#gr*+f>qQ0)9*aBKRvE)uoRRp}#cO2z3Cws?{RA^ic zb5a*~MUw@=W=V5PW(sreaVqokLQ+H{h_(-TSwiRC9|t>!BXN}2?8zrU#-ZY+;OHbo=L5lWj?U&A&k z?xv*j6D;tAh$N*O#>T!{$<%g9fhu4!A~}-LEG0k2FNp<78tXt3R44o^3f2ryjGy@e zWUEAn_)5q#m{&D1iAlNR30cG{sg~i6;*5{tbCk;LyCl=hYfQZOIl-gJIt1X{4}8d$(35}|hWAv1ECFeVCigl`_4%w-mx1RJWc@oOu&SNX|ils!Xsf*{+ z<*|VL`)d>fkg6Iy@8o=0{b?4?fULtzr1_}&aYi$eal;((${+oV9HecMc*&zscAJn~ zGyxAI(m!jZz=x`qan**{S?4~S zoYXqF4!CunobjJ21I6X$u~8SjnsQWO2Rw;7CW_O|GwMD?i&L>!A>4vX?^rvFsq_(O zYgy6oTYX>&)3Tsoh&4qwj6!6z_8(%1-j&k~7i?F5Jeu&vN77f26b9E>)t5f zd~XQx8gwSpn20cj2tFPT?X)=HVf(iDc2k490*0+zwn11-Ne#Knt@AVBKzN3L^nox5 zZGqoCfHeEZ8`VM<$!xwu>(5^`>yzu_*1tHobM96m-7MpD(=%!*Q+q%xP~=#^3{&$| z2e#6Y#Utf+&y zQkD4NNFFQ1;k+ky;GSKvYXZ#qwc}z4R*6_BH<}7vpVJUq1mJ@?2bpRV>6b;{>elau zwJ4iYL>Y_KYTC_}AY2rV+I7Pl@luIs5mchQQPa*BaUYz=KNk;QyuF6lgTV#?VgfbC zo8&OW00W@a=0zfS4x5MtEdu6M&cGq(eQ!r#6t-Zc$f*J8G`fiL3)k%7iMQt$?y0!x zDC-ka_^$Q=I{2Xm z^)kbvCbQhw0E;A>aO4&dqSXzmr*!0z6n_i}uqWCQL|8G;xS_A`WoP#4*B7oPjj^Q8 z%bf&P1cM;iW{KE2FYE{YvgS!t>3c7djeD6m(qZ}h;KeVSfHvDb=py-Ml8nBuAMZH5 z$hff76WvJUgT8x65^y_uP<{s`7P_!}2!{F3xpcP4MLnlc7#&Z(^JtQHP<=gN#x&st z5Sd#;^@QZ!ZqRm*nIyKaI~xnMESAWVHM)i3M))LWSx%7~+?i$cn)?WEbX)I6YFpN#`8RvaG=Vy5s)v^Xo2(!B&O29<^;Cr3w z-ufViN4I+Ymcw#?Lx}T7ev@HePv>$aY{j|~cXhSa5Nu$1UcmCs;5VN-+sEAFy%)@T zq(<7DN5GVEA>Wst@Oq#*?X;ceeLf)YFF;u+82=3^{n4grF@y99T4cL@;O-QC@n?+dm6zg1hc2Ya%6 z)bn;ty*<;_Co}hTUyqZR;(vVa|L-j5pT*$+35)-GtN)W01HP)Z0Oo&bG2pBC3t;`% zlLfH;tLy^U{-wi!uZk_;tAY#os^9{?(qh0@S`7F~iveHNUBFj$7w}I^{^@`J+L!ff zU)F!AGvF&l27IN+fUgu8@Rd3PzEWqvSLzJ-syhP!|I%y#;Ol$*ccS~JTm9c$`p@IP zRQgj-|Cu*`p8wLNe|qTut-mVCfPW9+|Cvtz_Zj@Z#MA5yOrP`S&8?h_9q2zN*E<=1 zf<(4P#{at+{9ki=3##|0IlaUTU;4@i3LK>WuikgP>B6YxKbq7)o^XEJ5 zU5+?}5}Boe+kv>VfsPSxO-ngl+lNuPn}Mvi%RZ<3x8H^{4>v1&9-X>2^Hv`2El+GO zbL@Qu-z6FGNe~po`^u+R7tOd~1aByuVosZmPTqVvn@?;Ot7ew={od|(qLXba7mc2q zs9C*TN!8wEs#ijdq+Xv65FR_zwf>ULEJ-trm}Har!w}-6(=LiUm(rwr8~WEQMQy=9 zz9RUfTc;i{Zl)i0VN|s=A#QlpuVVjRI`z3eU`q!xwY6sD}^)(>&8uhK%%#FLQU7U<}u3V*$8&to}aB(wyJT8z(R-#&&T7vua z?Rj9wxfeC_@1kg~$`#sPfO*!XzIp?A3U>fYhZiM5o`uws_RTsUGMw%IEe6vMO&b@g zLY^BW*Z6A^<{4WxsgZ}bHl={jc=>p|qbYtvkuLEn|0w+5=5(FPm+#eGh2M>mDQlF8 z44M9?7<~U(3~u{h#b6Qx}tyO+loD2I^k_xkx6xyCg@Z)qHu{k`sx`+FNsU(A@FR|&GSv3HGwgpxw-KMeW)umz8^>xL( zG{1UPG*pu2?<%r5WlJ)&EX;0{U>ft#kEh63bQC0Y0S&8AFOnEZviv(z2RTBKm7kR;GJZ(uUz2k z$Q1Rt9r9j_G-=-qXp?0yTT9ofrcD#I#VIG=i54Q<3?x5UH>K-H(G@Nno0X8K{z-Vy z;#3%tQTyGH;iFYqw6f#w>9P7#2rfz$v-L!Upr`=e#=|?!pM*03`gdu`0}8k6R4PjwjOGV5UTOKi3 zN$|G{K@T|g_4_Ib9Js)wet*Q(;adx@eS8j3Ol9IY_S(vRHDQ&3)9UI3P)cLi`Z)-W zHYsH@aAhP=)sAZ_1__%8J?M$)cNEsah;yY>fZ?K9ZrXte2xzoT7&uUzqdPf;QeUMe zw@vcP#VfT0NAY7ySS`0K6lAfJao!DTf`I}Eij0!R%F)_5D!V}Zqz7$ve z@$SDd*TrFUBkMzCV%%wRB>f=C+ZqWauPDG*55 zIK1drAssz#>NhO4S0lF66MvA(*-Yw~K%`iCcp2Nvb z{Vj7=BebC+b2^<9%+yRf?BhX2z4hJD(%Ae2;ViMBBz~Z_K~|;8T?h78e12p7&*|JC zGTQ1hu5v;Mt?s{6*ZqR@;oOCPDS!_%=P#$ovJyep3%d1ZENYWfx;=^?ll6L5rwcKa z^=L(GV_xA`$~;50sehu%DldX}QC^A&@1GnfSPbcBh@48HCTuq4kJ~{h>oyPA^4jXU zWzVfPLH-pH?#UOQ4YOO1Y0$#2_H{a z`dHNH6KUV>NEenYUFQEj+>|htOHo_3yD#)SoM&6}s5y0!IVfD(`2NQfhbTpSn4sUp z6}RmTOepv*uE5D#w6q%}iB3JUtwX!gb_AsOGz2$?xBI=Hj;$W%woFp26j`^^X$_>k z8euJovj~>kPg2PFoElD4uz7KrvonS@~(NP7B^ z^3eG{SEE?-Nc`dQH$=svgBg>CWiKg#99eyQzhi~FbemQPqzZX$*5+j~G5?!iL*=F2 z!KGevG*T<)EcS&|H7Cmi8C;)iE^YC6%|?U`l!Z8@&1F(bhZf?fAyxzsR)s%O8*!-$ zcH}X2EJC_-(|X-q278>6#phfIQ*nV4jz+-?YBMIlyGR(TLtamR!MLvr3RGDA1*bms zWt2Y_ypLE#!sMRGT030_W+oK`O|^!yOVvhK-tNymid;_n(;1|SrYyzTvv`6_XXWqi zeU&gB1xA^$M7C6J=lL!Tb41@kL|_Jbm>@dy#ot46eszaH!AOB1&ktHj@;2+MS=0oV zkY5r0rU>AOR?u)vy*p4}oN16$Yn2VfSpeyXxeFhvsj+WdTEd$q3CR-i6nvSa#cLYn zX;2m17V1zb>QoeGZh2Tv78fNHs)h2QjQLokR|Qowyq3VVg3>vknCw8Jx3aU8zGFC* z)XGo?O?=fw>*;5U6k&L<{QJ7d(*c2}$|hy)hbE0`h&nc)Z3rh#z1EXOaEiGI!>OUT zETy^W(6KV1T4vLBVy%1H3RYA9)cu>F^dz%dy1@gpGs>|+*wHeyHs$zT!f?Ohxw#pgbwm1*2Y=+c02YrB?lhLfG) zQP$^JihEi7h|Xe0Iqr!WshG*J$|1#>sjGHXtI}HvCTX50sy2_BoOVS_Yx_Cb+Tbi| z=)qZoMOhvM5%8OrYh*N`5G7q+LsfdOK3FqydJ+`xT?|G36ydXsXS~!MRz!qB8de}# zEE0FR1pHhU#oIFxmv8+R9cI*t8#%R&q32S%GyspYN70kbk{zm-z_c<5AC|ge+jL_3 z&hvqyf;Kch2D(-xxljjelI$JR*2JC(aMTYqL=6}h$e}A!xrQWI-w5>&^}t*3&5UV= zPhogu+7#cAOQBpk6fp5RVC`gD)r1PQq7K1jiFp%1-FSU&i(5m|{73c|hZ$*7mGi9yCmvmXPacS8X7fjy3l-D=z8DL1v1B*HSwkZkJ$3OS>ug*` zdq569NV0SDatqrbWsWyOMccGa;hl|n_`F&wT7J)7Uqc+{ywI`#Y*y?xqs6kOZw zJI%qs4{o=HWR_w)4VP1f8Kh_YLVs8BOmvYzX-w#I9%@YBG8x5eW=G*GLj}NP6kr^X zvzaM8+e8)k`LL3Mvx@pr5Rq^9rLV}e;7V_a^@1t`xOf8x7RmGkm&r_eS8xXl&kwDS zE6ERV>&92ByWlb=;rpK?4Q-g+LJ#Ng%It6s*`E*n`8(BZH~7xcs#t`^TS6p}bWdH% z#^3SsEJuW9Z_QThPv`?oPM<9VjoV-mC(`@f<~feU^yubA!g@E@aRYG zZ10cLz5qdbqPX zx4}gyA)ROkvj`J#w$n5E-Pz5R1@KCi)z%UL>!teXHSh7L5pCj>^VCrqD05syghKvw zWvs4{7S5^OlokG|p!=nHZ=_J-UY`_`$dpp@uQJRMol1B()439(9fy#Ir1 zQ*C8j-4v+l-6rZ41^&4S%XLYvr3Qd-SA{$~)%cDi*0!tUMzjDva&p38)1@qUq6|Vv z5Q=8q3%db4s0F75=@e55wSpCHj{|XU9JlsxvB6}qxCF9%ITETJ4+d5=8cr6O3zE(q zm`z6>!(WOw!+J4{d-CV1LrejSyQp6X*Rh|*rhZQ#eFdAmtA zlUt;OhX6z4uGK6m_AxULcxtbra!=!1L21z(}clzGZr|u#k*M4>N$iKc@U@c26 zArsq_nq(-;?EXnQuv(%>Yk#Ah{y_~%XhW|MJ>O3yv``FI10quaD3i@wB&MyAWZq|V z0vZFa(Qz^{%vFsEvHvMuBiWNcxmOg*PuV4#fAm;JE6H9;DcK)A!qGFJ_Xi2g#Vy!V zgDM$8-C@bmQ8pHul6ZBW-wRzaCobKNHc%4DGMz>$xz>uJ^NyuMpf)ys5yecQ{6OcN zN(1yH4u+nN_qvQ6{~&68!s2-g)3Eg#2D5KGIKsSODaPIhxn{0sD|=d%L;fU`EE%C} zEfK$7YDjvsZd(}LJsf8Qe@8fn^V~O!sE$J!1+_Pu#wq1APs*plo@98;{eB(yHWJ*r zeL%}txx&gKAX>+!ds7>unC5pFso{1cBX|o?z@z|b%{)^*7N1=r4h@)6-mT;}B{^UV zdk-T=Zt(9D^%h{?U(;S;fJiPAW$QpdI}BZr8Ma)Jne?CF9e1C}7ZaevX;+os-(%;fu?_gBA@YAe5f*Xk78c9`a#0aq{|g6)q)Fs&r>453) zS4h`-&Z^MW-jfDNJjWZ6V5amsaai56f3JNpqL23^p zmJ1$vEFkbda+mL5sN zP}`d4rf^Y3wk2`DsI|lJAyl=Ks`AJ1rQvOQA>!ot*r{zqn9&Bogh%=_`pU`T&MbB^ zNJP~pW3sRLXKn)^7f-=%*X7g4?pyTvc(mfNi`5FzcFCAKM!=dDD4>f8+1puuEvJBs znVJ|7vD+Dn1p-*e{S6SJ^@gM1+*I(eZ)kXVOhkR-D)?R}Rd><@nrYrB36h?7M}0JW zbm-PQo}ZqJHc%)p?Tk|awbCDnBfU>Q&_v^)a*LaqStLlzy$@nU4E52@tM#K8N2C8j zye*3jzGAy_pW^i-Y8r2hv0lzAc$HPl;4GQo_``d=xh_^zZj}ewdDp$ws@o>B^{wep z%G;%{qc4FjYg`gw!Yc|c40b1ei*DgR9)PFyMYqI=fsUr^!Dt#YNoCy0cViIdkg5C? zafbN}kW=JP9qQ}ojk)QRW9U_|(6s<`InH4OwckWQMUIqKv83KqqD{E#+Q2U*X8hHj z)W8-?%S?>6_ch00H}TR*wn19(ww`t4bA=K)M#WPIZqwRKsb6Gn~Jf8 zu~NcYczrwf2{u))O5$=ZJDkM|UCDp3YG~FxM|)|T+paqE=y-GJYT28Sm1CfJU*ama zk5*X21oX)d;lCK;*`lY5S?f;ih-^lPdtE9(u)XR(tmIK)jDz%wrVB4H>p{R zP<^jj=z8M1s34**p5kWjr0X9`JB4{}@Xvs#@OZoGm@N;6`mU*(6 zcIb{AsXYMvB5KGRns$NP*kc9}27g3w;iK96k^Vq=VP)7JbmN8^oZoYnj~C~00yqZ-wG3Vo@1xoG~wJ)cL!c%O;9 zGX+B&E1c=yq+XwJ*$H1EBb+~@Fk8D0J-cf3I1_!f1#;5o1rDs@=wK=X%z^KZ-p(8AWfNuZ5+mcVc|k%RXj1uPFty`Y1^wM} zL>NXV<$EJ<9^WU>!8^#h;pa4fL#1$yWxX?H;G9TAgKXyvnhrhg2wd;=EDV{WXyXSM z^RTR4OsnJ~RzkVYoJGCjA6bmB7>Xg8%N{#dg7wpV-yR zlha^TEdafInwdjBnl#BP2QnX#zye`pecfjPr#T*Xy_w4{7St!WZm@7?Fq+q(JChAB zXO2x)bG4S}-qhDQfqe_4>^>@iWNOw%jsfYOBq0@UULzCA4|{somx99Ilp#IRi8CN4U)#dY9d{)E2 z+aj0Gmm?oj29E~aO8YHPIcmDbvH;`c{A0IAX2pAETY>bZgyC1gZ9-B*%*0T^aF;8G z8{-TtI6u5x%kQB>fMEy?KA=6fkx%G;P22`IUdhL2_rn3GD8ZuMA)_+dtW$k&Xfg*e z;LnG)~o459>S9?3vJ6DE0A*7DK;Z_wM^lS#B;;GP7$y(VlUaNA| zYNC`n)Pn8@|4xLA{KX&tg`Vp`uX0uXGrX{TR&#yz)U(#dk<^Ok=Uv>uzD}iN{sP7$ zRTA*BpjOPLpA^u`984pCUC>E#bISF4BvwyPX#2M-5f+HlNML}(2`T${2w_mqq|B8k zqSfVW>~NN`F|p3fGJh2Bjpe=M7zbsB^YV>goZ*ZknRile0W7=>?EKXbBIY`{TeiW3 z&JQC?Y`x_;u2FGnaxOBW!7*F6>o%4QlyBr5QcbXpGRy}gxH((YdI5SXyym-$L}1$fvskJ=QGFn{e|lWqGm zI4~3-Q24^#bdxs`-Y^ef7qopd+A4#;B^n`5#JOqP+Toe<*y<>-^Smax(A_|wBOrWi zn9WkkMP!Ixa5F!(Pjrn@)~34>Bzl{)eZRZZNLTizKPQCp`Biz1h76ibg2HE^POgwD z$p%eDHhm=U8HqSCU{!m!ev~ggz zzq1`Ws1Ba6C>{~A3qh`v$VL(NyIqk<>)20ngRsFln0_*1*HUfqmchR%ifbgvux%}i z1_8$6q1jt4n*5%|=<-;GnWjyv#lZs>9javzb9^JU&~>SX`X?IdXvL+qFsF^#ou?nv zCzwkZ?apwzWj55K3}NCg80v0QL`z2LTl4Z6&daxvldnN)_g-qO!0fh zWDaJGOt)Gcb2R89H+y53`syO$O1}zCrJ3vB6GGc9H`AhD9Wofma7aL+P92{;a`0Gt zGroyUa{#Luj?V0BVhpKcS-qWLm_oCvPcX@5VZt0~-5cjlELZXh^pEQjE)=VQG- zQYeOu9?m0Scn~{6Hd87V%yT@~wIWY3&aBjtjN3&9G|>ea`le&E^Mj`0?lh@nv2AkY zk#lDHyBYw>MZLjlX_V=VD5xflUG$bhu}YV%c%;%J8f5%*P3hk*E{v~*G0|)@zN_Vc zJr?ls^9ECfayBm;xuCzGUE8;BfL>n-S#N$zuJ}%4gypeYi`ojx6{irG+9asBs7#$; zjQosd0EortOj#UK#{3MD++9)jg}7J=9hSJ#U4^ZNacQ!qIv@TGsoe@l1+(AE>X#;69Cg z+nd;i?)Q6d=j6u}T59`)m8>T=U(9e*&KRg|3b(}2>Bl1J{`Sf|!0A0QHVl7Lu`}b; zWm>ZZ`yJ1Z>QL4MO_-%%Rzc*%<`PLM-FY_9Dw^BD@CV%4o_^3EcP8w*6?9T+zhN@~ z+&x2Z&yQhokl6GN(Ikl8pnlhz4z*d?a><#n)`g~xh%_|;>w-h6g7u{nSr^`FAwNdO zJBHLmW=VExG6kCJK__UC46FKwbDRhtTa-sPlNRi#cw6icXNroUR_TWPy@gqIjMnX) zBi|SE&zYUH_ASZpUbn7OT zHNV0EM{I~zR(IuLAk1%jXSOj(kyx=3%n}Os_eFBVY7jzg9D6CVF<}t1KS+GYFpnkh z42-FfLNUzc+ym3Ml1?#HivkX%;sM(k{)oSfNVDY$6vsg#bD80oEv88(Ve`WrUn);j z5yFk-qHkxCwaaXLwYV!;VJzI7JzbmLvY$B$!Rx{Ts7|)ypm($5@e-*#B**ESE}ngA zyeux}CYoGVK6#QKT{!E{_t_Vy>$=n}jpdj|rZEKGv$&l5Y6y?kvwi$4CwgM>&s#;< zuX{G|B0VQ18gfCz9LQ3*#D}W1ctL^R#w*bdPBT2lJs|vV=}>j6eCL*Pyg}3rhE$rU z@KiQBKXT?A_-F*?%oP2BhpgUzp$jPv0-uZ79u78N?TMMPwYRH8pE4Hm&~g79f>*D% z?(_XX*ZcOp^w9hNjwJb?>E>US`F}p~|3#Ag7Y_LU7D@8|BhNe|E5rXnNB*M^_zyb5 z^beIFVEV`Dd>;Q5{+YgP?o3}ccP55^hy@eFKg5IS%MB0s5)%Nv!~_72FGS-@PyqN6 z6ad)%AstL#hzipeqQdlraxi@%A532kdM3cv^#EVj`*PJYeYxtHz8v>VUrv0$mo6Ug z<%?(fLQ0svkP@aZhdtAmBcJIDVPRta_j#GV5E7;@M?T<7F%S6Xm?r?R{SzPn*uKyc zj(-9Mz?Y~2!2X4-u>X4>6X0uKz}Nl!LT#A7P#Y%Z|DOLJMCCsZ_x}}9VP*#WKOidk zsw+0wBZ%Gys?0ITpdsnrT{LJg<)@)l)Sz0WZ+5e^Rg8ju1Y^(^&XvU@V;Mw zbjL)6#jHj*g8g#3)}!56B5$*Fv>`x0ECtX-%kDTLWU32l=RL7PSMEg9>c&dCR@<8g76sYT* zYI&T_(P`kJYP!J`JeuWC<#M?y-4@X9?u3$|Ao{$3S;hkz1K4RyV~37CT_MQ+2~yCz zKXGbt!`zq)1bG#rLJ6!CC&9mHAGF7Rq~n*}3W+q2r3g9H5;p!)cHG++7hqh(yX4%V z9GQN3V~>s}jL=9jxm54~B@4kZ7H63Oyj5F>s3hTC4CFeS4f=|#5I zZ4xGBP=4a#B`Q!1MdOy7aP?{vbVyqov|W9@)^5`CFJA3rue#W!>5s*g;S4)zL-?eufd~0K&AR4gC6~lU5CpmTZ78|HfIlG?)>Hl= zEsSWH1wL>j;RQIL$~uQm_iB+u8$JqaKftdC#8zqcngs!VdNJQj0%|=PHuZ*4f%!rV zobA{P$t(#M)~ScQVo}4Jpi&o4ZB)803E$Dv5h`C{UyVHbzQ$l1ZFF65+~drcKX2+M zn~H*1AhP_TEIPtv-MiviNty_vaTf5+?qY8{X1;?JWt4AJB&Mopi3fVdt#cR#sA`X* zZg7}H1pNezA^&d=e-5{spCxqlDJr(BY}AA%-!kD9PvQmH!8K8foG0Z}XLmxhi#F;6 z**h=F;akx>Wx)eTqjhR-^C|-NHb=_T@2Ak*g#riAMqN4vX@YqAVisy-su1V zzne5Sdo>{0J*?w%`6swXT>5zxvVezJX#s8L`U+#k5u&A+88BDT*H@*rw0+E6=6vdgQiSK z7PO_D%-=LD1<_QT8ZNG*od=sLmgdf|B(&L!f9eJ$FObeq8*?iL*tMQ7IXLRY*+sQ9 zq}qp4>Xawb8eN;RV^%JebI;fG6|JgLr*9uc(#}(aktBj|^_BZmMXP@&R>m468u=*s zq_`dlhmkXiQQCZiU~w^Gz%Y!m@anIROYT$-11V%ROputE-bS;I%tG7YK3mEeoU0?R zZ|<-is8W(wd)zN^U32K#=fEWivPM2##9IuZrO)a#<2M&UDu-ID4a}53@8?7qBtiyu z&P=W_D+mlyY;vb38de>!LlUGw{}7i~ucn&}Q@h@TT@P6Qp=#sNvky6%_G>;<>AU6H zAxWOx7Ky)=S_BX$Hmn-0ho|R_yFXw3GgcA+UPedE;0L%OGuZMgaF%53vT+D>|0hqa z!Kn9rcbR+t^{*Y8%VsGWQws-kHF+|`_=UHwpt?k~YJCw!nSka_A*IyK==NrsryVVy zh{kv%o9TkT@Fcw(^R2e~0gb>%GDO~8UBG#Rp33GZQfyrVbLrYSv0R`X*Kxd<3pd7I z`M3nUive6(^TCicDUW1uYu(lo6G&w1EojGj^{6Cf3oRPqVn-@(=z?K9GcT_I2< zC$Pw9f9;)xIpu<4dJ?kqdL_nU!SR7+a2|iUr+s_Ee3F9v9_^W7n!Vk{xLD{F^#0h= z%2~KQ#VCBo{StZc^72XhuMOFdC#6d@qB_w~C&=w?c5SqyzH$bWu`ZKsY%d8+@Y6*O zrE8vAxD(qnE-YMHEUeKytdT;NbX`1`9Pb667A0W?1|MnY$+VJr{=!cwYQ#dKuN0Aw zn^?3El%K{M9DjF`V{%Jgv7Xf!}Pbam&cl$RhoV|tw1E@2}LmK;((^N4#M zcbI~w_PZ-G!+;(KsrD=BH}5DfRJoj572r1a6#^RA$j|S&IVG&)u0Y4r??Yt%Fd}{a z8TF*&Q~YC9G2BA9zvuf&hE>iMb*!Vt@3n*!oF!*=Z^?=PAOzVFh!--nX+B61!4H(_ z>~AF{U|6ra{9d43fUNmgu$diBQy~8* zgF6`v9Zt}U2FP}!F3i{=VG)1>XH2htq5_7Q@xUx&1z9l(%7QweB&MH#w z@kp;SvJ`~~nC_TGvXneLImTfAdt}AqtSyiQ zN0KFh$?Zdt2}uV(S-?E$(kv6U8(Jcqh-C3pEg8CP`?j+Dj{lGQ2-0URTdY`CBd6G0 zt|XBJ5mCkO5dP~mCj~gi^K_X0Hm>bUcb$xc%S$X?2Y2j_O7);)Czc@`-zGV!;CYq@ zu})0Lb?cb38&-y5=9*u{bt0ATZ$kY&fh>&i`DI~{fWCyYk0{d4 zat2c{^5Ad5u&w0l7raQJ>a0I?(Vd=@er9>u zv|JZ1b^sh$TFqNapYctgtusWs5s;0=D(3GXv@@s61Eq%O<9fw$QAu=Zo8hi4pUUXu zYuP_fTT(~X*UqLPBZx_}SCJ3&?mx6rYV0?f*xEOGFmmte?R;ou05be0ZHMQcGcO-kRzaESbbSc1qUETcTwU ztK$m9eLF{CeO`l#c$9n@O+uH3%KTM}PgAAa*bb%v-lXTgCi1|-*fg+I&hFoCM-AX= z0d8MAT~S@JT(9ljTsAU0t8!y#)*j?e0CV%6(6r9hEC#N~Y=DJ!1P@M1uKs3ggPp{q zq_doF8q62!+;r?t9q5-psII|#A%eOHbvHS9yKPSps~?oW5s3UPl@LoSKSNh{0KF7k z*yiZ&3g1w#yu#sAguKS9?Y!pw5X9D_a4@-bX!P;^zBW`QS3XU-p(j#KEZ5%ge0ep) zx8YrU73&LihKT@I_@H>ueo6B;FS*+u?{JTwdbAw^BKs6`y39ay@CB-PW(~?Q>tvhW zF*B%EJv6;7>n7!{ib;Px zW60eS=m))=+=zOp7dG4eE|qj^`bu@rgdHj}>1maVfv9MVkVM9mrSbYjTi#c{x?TR} z0TA5%z_%Dek0TUX_n&+`V)Usdw8!@l592h&iS&ei8B6UMy6%Y(<2-V$A&?`HpRin$6_H0Q(~b-rCY3$9?~bafC>u#Ug992m{I)5 zgrK=lKq#PeE*;M%^xuvQmkmjB{R`zTl3k2NxMR!!I);CWqCxsO6M>!^gIw(BXvBNP z+m=gZ8nsfe2Wl$3ZL6ndO7wt~uKRSb473H76UG6^1P&R=5;?&cWp!bgcB2SP6Y&+V z1yx7%G&wy{_4Mj(XU2x+ENSTz@iL95W0u1(FtX5V9j|p?J$mjA z#R_feSK@g{d0HOX=w;&`j4zi% z;UbC+=h0n2YfVV=aWroAp{dv`tGnkPM{VXQX#B40JU!-&Z}rRXCTi}(ur0ag#pQ$Y z76z#yD0(RI&AX`LjW%zXsq%xvmFazaKhAgNiugX7p9%1m{A$6OLD2Fqmdo9n;TTXH z=51?^o?vR#^$elwo55rnC)uKt$2O+w#~BVl#sf<`rNu#EgLLb$;oVLbMP?hJR1_HK zk1w5M>=exXJ1as}xrt+L&`HXb3*WB5jv~0p-r-iahOCapLMN@2Nq&n#;N}XJ6beEO zBeGHu&;^Pcf!U!9T~}fH0^=Cfe1qi^<1gWqeXk|(APES+F$#s(SOA+U0TXa4nkJFL ziC3UoZ%!abrL|pb=z6?NxFK;0&(ej;Mto;8p`z)oB2f2a#iO`YDf+3T&N~&ZT6U(g zdT9WJe4KIb$31)BuBTTVFP+r;F&F@H>nNWL+>Rdou$KHMjN=U{xok=U`$%hU9)ruh zWE8HCAl~r+JEDrl)m1I~=$uGm`G(9Dk@ei(uOw|1*kyi~lUIw|v?$Y}w|_TiFOzPP z^C>WMpK0VbbAfEb6BCzqyS;f4DXpylUvTDq7;lfL2H1sOgK!c}PogwTvY$Kj<15nN zAdSGS8L~-E)+Vp}Uk3pvHAzX=B=c*f2Wt#LN?W=l(e0;ee8l0Wi zB-nvDlH@tYnT@iGp0)#-)M+*uv>iV@mRq+SuV}Dj zHMI(XxhUb0CR@ZlBJRaHoPS?~ui~yWx&j?;2p!CA7*MQuY=4@%H}DPKIB!~c85%!V z(K(DggQ>w#b1n%>7x7T&HL)16n&((cwy+94Z4ZwA#o zCQp1sSlR1&51CKL=A8C+{sGpYGg3 z7gk&kZParYTbo=4pegL%7yTj~pmk)s7vI_|9cGkCxCIKS18&mY{<*CXpH zNA#gA&$#|6b60JkH4I!ShGb9&O+&L!j%Y_FG5;e#C?R8~>v|K1g0@`)YM%*w%xM;b z1=xlQt-|=mce>2FDUvw!T@u9SQc={qi(3?%m|M68$A{u ziS7*-&x#3)jNvtC)yznYjS(Oj`|`{%^eR0*Q~jBA4S|$K?poS672Z7!UspO z93(};;94phzCwltRXg1xJv!4B*@+o8PP@9&Sx891}?ht-}qAezgJnvuSnAXn8L_me0w zUm5V7KFhI?MJm_jtSVigm|`-^**YtvpqMYU8o|Vbq97+uAGw_v*_AGlUIlx9(LzArD)x@qu zc|J2&J3SFwV;@*vb`pk7(nF2D;{Z35r152g)b7`NRosp=#B-vl3CfOGWFtfJcT@ch zy+LBhQ;~pGp=OS|l)A?T=T~r8Nz-Bu7EaJnPkL{4Ct1yEHX}}?X02APARi5FQ2tG| zdT{|;#9!@74W+t1v>gneo;F$Rs?=^)1soIsb(m4<2Eb@6M4I7z-AlnNMLeP%%x_Ml}8IR`gRBdZ{lCYI~ zrm{G=VX&K?&$-+sKrP?4An%ig3^piuN~T@f-v9P8V*WNX?@}Qn`k{pj<)Tj_C9lT4a?z(_fFSJ;Wz>ns!oRB#^`G__ts1M9mUR zd^P)3R`#z#MjQBbC!v?VLL%Lsa%ek`4;K1JLyOwTTF}mplk=|2F* zXEe9wPBdiGSy1BAwsms z3La@Tmaxof#;s3N8MKH9b&{Uou4U}8!@VWtW{dQOiNm=g<(ul~5(9TzY!zHnPcZiih*B1lOG9*7Scc#cG=tN(?C+Zf?P%ct+ zbr+W4VYqOE7wY9FEjf8?UQULc=-yk&QKIlFDUmSV>#k&7P?_GT$bGliH>HvaU6vt|TGQyDLS0tx6P#SHyD*G{d$8;o0Ix zGIW2ssdgz>8nhm4T##$wJC-a+8D^?F?G=6AWCQ8~gYzb0L^%z4M zsLfr&nxi<85M0{TY$hxA6l*kI88qP5TDcRmABuv7k#rEi`qA$N zp}7eCi*97piDevjua23`f;5s@i!3-5mD41M0%D-qfs+DwaFrcK7P)(HDWTXvme>HA zJu(EjFkk=nOzHr{XtLj;9eNZbmp^ad7#Ubedtv1r2WzD#9!LSlt#AIf!y)#Cxf5-3 z`ocz1Em~@1| zIGL!ou~t$|B@7o+Que(ErnSH6kI*P37u3MmRiQiCqdFS2Gi~M)McofX1Q+>nSIZH% zQ>wL)b~?g%nacScN%^~ZtRt<7ph{j6tzi~Gd4-;Fo9Kt~#${qWSFYV)$)zv;`rbjS zT8k4CN>+M!WO&JFTvDNhhjo(zx+23#kR2mVlFh9y1O&fwK;oyQvU(MzFpA?>_tqn%)+%U#MPS4Vt1NHcMjH22>xL0py~ zmFY9loe>VVXOqn*I#1gkJmGpsz}Sq5!yIWh3&-+%HXRXBqZXpdAeB4#?c^w=cwGRq$>U$ch)H(N~leAkhHA_ zMAq2x-FeB3WL^6$-rtYnZx}I8g#k44a-|Nyya%Mj(Jbc)hEy@5nb`wbS}JsZL|4EX z^Mbi!Tzlc-b1(@_WC;p3?A8<1>trCe?0T^HX1flAuw*tl?h-a`&H7c{LT?6!SaviU z;1UE7IavD5m3xte@M#k=CHnx6)W|DeuSWL)m#f2RRvv?Fs{c|wBInO0jyJ`Wvb3^4 zr2@FM=JpHyYkyxb4A~?Wvi87@8H=n7*2@}ITf6f{CAba+q0nOr`f3LTo`(GkzD;Ce zt)FCUJw?ud8kms);`*XGVokIaYAdz7R2im|hQ4C`yW=1rLJJEjLd)M!$y!}kF{V^H zSw;rcF?XJ6bDLeZJ^cmZv{XJ$o)#mPFp!Y2oexMv;RJ zm0_&`CM!SK+mp0;r`%<;IIYacrD68q(4#y6MLJWwi5uC0{kYa}8_8R^s_?7j7?=A=O zG|`i=R705?Dv3C`rI~(}I-j|nIc{AP)t2{0W$^ezSXIB;s1L=oST}olO}r;OS85JJ zxF|fu#MUCzgNyw>)@(xNW_>LgH$(IU`Izr7!aCln_z046t8cn16u!@M!W(L?thkCM zo?51Uy@VA@+kVaTKS|Ezv*-)e{Pll$mI1A*Ga-QASy5se~eBOZ>0<96EP(s~+b( z|L^bh{nk?l_j#Y|bA7Ho*4wyxbpFWswo$~Wb@wNu?;E{xX9U&AbhHri6Sn?r{TUj$ zX#5Vmz^>0R1;RXS^zpB5-&o;#_oS)t$mBZP;Qdk~4$jsOQr!FVxoyGeqpxL!)XKM) z*v7soP<-*ocTx7Z_nog(AG}R%emExZ?mzRs1O<~qkFBRo-E-Kj{6b}c<7oe#^MYsB z-I!hyaL_D#@5tq&7Omia;9D~>UNK{ybbL|!@QJG8+IKr98op3yian{jz?bykTzG`v zOrF?#M90~CKQ+tb^Xy!GEeET72r0i{)lV4eFPm%U>FG9KQPI}P-qQxR$;J|AW#jIG zv$A8oqUdH}4 zS%HAV6BHOYdlH?Bb9Zx=RWwk9w?Wm@AXOj#!?*vnHw1>u{F_g&4*6p7u^2<~@Io^RVkr0rmArIRR72uI`sMhdfztq(>93M0E9?ca!$KMPdn z&2H|lKAS<5637bbOV!o?EKQlUfZUX(|K`29Ey=Yv8?0QRVC7^F0!e|4!-JGjzz^`* z|4x+unePAg{n>JyJLe9P*aJCq9AS`CXAb+~=BW?;osk;TKMOUs#2|o#?W?;8R0hYo zi?yw*_hqC|*_V+y_w3IAQ38XFkVK*2@KgdBR4z9ll9~0ceITNwF0(%O&k#{Gq!If| zT>_oLvD9S^x9futH7<`?Is9jYXd<#9LY*^M0C+rZj1<&Cv!yPUWzF)Imdy zIG6$iDwJeXNJJc+K!uty&;m&$IKS;10OSmM8Hu1B2?v*!S!H(VFHFTg-itVk4m6$Kt&>R zbYpLbWR#)D9QimTDw3#hq%cpBgftQ0Xt1)7L;(wxh9d$ml1YD0Mb^~F-VjNsgJw>n z{4+$9$RUEu(bv!;kih5Q(9okWi~M^dM7LQmn+*Pp5G``p5Wx?^k;!oC3<<7aWHwUt z!H7C&W&^~ZF|uzomBIk`11x$P+-L$07?Fwxrvu1Lgd0t#ad6Ox&86QPA_?WXF?%J3 z0+9l^5Ke@xnc!{Us0^443cQGiO9T*U9QZ}7$)FXu=KL^P+Yvh%f)JuwT-8RJrbaBo`ZZdx3^vdV0}xVJZ3 zQBa;DbHMGNIUg-R*a(Rf0**>15P|i%0Fl)Y)dwQVB49R7^*+PD;(R)zAA2(2nhTG{ z;C!a!=E9?~P!Bc!K%mq6GZhgLR-7>vYkG5^6GQ1u%8E&$N(b2B4_BBB!S)}kQoqM zVg~Cdcu=7<2{Im>G8&DD=fIy}P5ADOk&JR1nPDi-?;)N->MuR|M>76KFu{=Yevf9_ z_q|bbrnkJUJ02U8kPIp z6x3~I&dz6@GUjdWNe+-9mV(&n(6Nl*BGG9iaQ2Wm0jG94f!X8S2O`R?Wsdb93PcJ8 zkG5e6KvgGz1$W#xLXjMtvB^& z8Mg7r2{&SiF6O?5A;TQNo9NHz%qST*9!=>-5a!m0Ass&iuLuw_03!@y1aO^5NZUPy zM#oVgWWXSBU{7P6KgynFrnh>3`k@H!!4jqJw$2uiEp_*{x3ckcb#)pzRmzNO{LewK z1>SG&9SSA>oM*6g^Bk(eV$Ov4_XOb1dk@uYgODl`A0mOZjIu15=~hJ2a}d`8TeY8M zNk+vIn4>2CJ$VLW(tnf9XHL0bK^R!sP{@!rN7Nx?$l3Nc1)K#MP>IZebxXvEM3YfL zAsXAf8yF&)!2mlK^kJ_+G@gN@a~LaUjV$S-4pANgGuYqz90yP~14!}yqL!I3;>M%< z+qTR>Dt|tDc1#4U3a0xC{sX&`1M>Y$_mz|AIcu~^Z@My2_k%g&<W&D-s~Y&%ym6U|DMnlrE$X z>|>+J$i@hBc_7_HXTaDX7}>)GkQlO%fil>bV|BQ|=tM$4bA>snhx13%>HXuX%;7g0dYP8P;h*@&t8xVB^-rFAVET! z#1)hn9t8o9%1$uHOAUY$3I9NP773`(A>IrjTDah3@P(klj0WLlDi9drEo2UCN^nW~ z>uV}X&ND|}{TU_@XLOb$?kAJpG@gP`1Rt-|$3v%Og? zbBfKxpsNs(g$GxP&BSDI=n;`c;ULAvnjF_#?bA_VYskI){_t1`Q34AEkpd}cIt+88 zKsb{d7!hXg6BMSSf;1pudq8qzYgpN{Jh>{$P0T`ePAa4%Y^WPv5UZ8gy zG!|4&{L)yk`4TERzz(28f#LuEnkf^(IHQI|mL zMM$p$# zk{g25%iqVm2+Vw5AE87=`638c4TKR*Nj69ln0izy5!t=U6_l(UuDyAZigHH?aBl}f ziJ~O?-k>PSg=@oFFWUzq${B%}LC#4JTpyBv9Sthu7SG15`SD8gR@ zkrAyX*&vYwAfAqgz#Ml#V%!=!${Z!2Hu7?yCZYbQe`o}_xrYGUfA+w_oz0`5Ab)Eh zHjk2_CX#bCiBWS#M@uB;#NI!pkWwF z%mC|u^=!5*<$$}uR_-5=AV7o6@2ku8XQSGmICwS<58am@3X2lhh z7`lOmHei@l-yCxQ4J+meW-K?P7q*098jqagCQvY>E~>eP1J0!p=opf5kggb%z$_JqZKPK!*QA&JXviPK*LvOoH+@ z3I~O-1lFAYJ}A)!12h%!)O)pck|;=V0Vo9y+B#XmojwAVfwsK| z>5f5}UMP^zC5xjGp-3I-@VJ5!BV5fu8{dO8$e<_*jMy*ML!v>&4yUmm*7k$mr_Dgc z`UuQ52}2U6kY@f3l1!vSqcNEZ7l%725tZKeywM7EkR}-vC7~O-pJF0GUlhlR39Id$ zfe!Ty(j|lDNj69%D+#MEs9-U01tnHP6ayXXL3PS-AcQG&3Wg9yb+~Z<+1zn9p_9MA zNyVL>5(qhAJ$uN~lmRAH-wY)g4<;3d8A?dc_q$wlv_-}2^B_Q|6AHKU0z|rl_FQ z`^P9@I0vUOO4e4KJ`mB86xHa$!5zgm!noC;f>A>N2IYWO3Htomw1uWq94scH!Hy;9 zO5>Qg1gu_88rm*Fb-Q43DVqUMRw&9hg?+>?0Itc@Km+4aEGcI#T6FppMMXzS>^6!)AM{a8xJdYdpA#4cWCfpNho7` zYfn25Q)p>k%kH9qVE|kqD)f?J5S8teV*q2)K}E&Y$5a6o6(E#uG+D>A1Q( zTR1UaGG@IO6qKNe$d!oSA2^dM5kD%FU-myBj3$-8sQLKAv)N*ggByi3DPrIrI2BEV zvNJr=w#1MiLh}F~sq93WG3dznCM3;E1a}m=9bjAo2RSt?oeEhC6k9O6?Eb7&(J%>Q z91WWIX%fgZ2~hiVm?nW_e2LJ*&xy~BrBy-Wpg|5ClthCBA&+MONa$uk(GnWgz-Q*D zyPLpT{nuOh69{PiG+1v7`^cd?00%}s393&JV#0ybA*c(38z2G!FgX~A07hefgA^KU z(bQy%Q!F)#q9y@)89-%%#6uAi>86AkT?9G@4KDCtER^VQ4ywmxFqFs;5#-E)n9!sM zW2N~x5qxq62s;`FE!ZGIF<|1+QUujXGzc+?FsF+K zF$>^EluRblkr_Z#_&+Dc0!G>eif+(n&ej~<5q3y3a34|kYw8B5aTv8WK)WzY(Q#Aq zas;Nob>nIKj6Bdu|5?dxXc+s5-{ru#{i}WZwHwg3fFlgbph%?erI4Bv18f)2f+M)kn~Qjwze=|X>du8(c;8);W~6M z+?Mp58vLjZC=U3hXDasZso74J1Gj%eW5-bS3v9RlZ2%$?@t0{uA|T?NBLk3tHKG_A z4pHi5kgg__vrA+kWB;I28u4}k8kqqdV&I-bW&xP+)EvRGe_Zaz{+P ze*A@wpfS^wLox=D0o|;0K6t+1?oyyO6=^{RM-!|pj#^`w{iOY1q9bUi&agqK2}O`d z#*u_rSxC7F0fIg-A{ZG*g+$Oe2%16^4uhIRw3WqR>wv*vBDKj#1Pw+~AvrP%jRB<& z;7K#RN(KjkJ|eS^s4q2%=-BQct!60M2Q@)3=afZF@Br{c1|6(yXcT~mFHn<%b~uP; zV^I^uo2p@DoLJ`2 zfMSrvp#L|Kv4cV!*dnNCXkRz@FOTx??EF7ZY8moOc4T_xZ!i4cP=qUQ{dYF}pWpi5 z>>ofil>M8}-6t;I&noS?Geg+rLPRx;{qHcaqcGgW@b5-75r^FI1#_$*bkS!(ET{oy zkooUpi!jR-Lkpls#1aQ<_=4=?ueMk=Mr4{NOx`pbn_GZ2G?a*HLF43xVL!XS-1-~bSWQwyRO1-d(V_T@j2vQLBMX8U zoZ2tUQ|WsLD5!`4G6muHxnW^MvlkmA5)py`2Fyr=(gH4^L^N1Gl<0r}s+A23C5n>J zDZ_x#D82U?Kw$w`gPgQ+!RQSvjHpNz?5^vfi92dR%D4VZ}}4$|9(nve}`L~y5(Ju#@|RLJH>8jMoo zWKRr{=^OXG0ln5!4$|9(LJ75RzgB3Xw%IUe5JT#o!ciC$>z<+)7XgYMhQqq2D3ma> ziiFhGKm`zc(I+w~o6ce89;W(Z+*I`X0OBCsZ77sbQ~>K+Nl?a#TBL=Pf8pW8If;A| znQa06P8?MM1m?yNX~`_1`c*m#(0(lkq9B7{IV>F|Vol(I7DkkLg6eM@_{5Rv?XXjc zSvlIXHWj%?P@Kk5RPF>;#X+Gym_|lFn5eullsXSAHc-@rH7LIp+@Y#4L6>p7;Eu@b zY3~QKmvkFgQ=simwn@jLF^n36Vs38ObeJK?UT4ns4zO4gWp~0jM(_}kQGO^75ur8M z^&I6MvF2id$V7=?R2v``NHi(gD4DfIb7T5>`} z^#OAK*?(u(|2eY7(M}weO8)n$zW)pkTX_Gb{7_WLpW*z=O?S|0)FbcyM*!FYmzw~F zzE~S$)f6|5;9me3SW2?(X=L>Ttj8fi!2@bP3UdK0*wa)FdMH?I&{yN2*DAmuk{(9E z5|b#DR4Drbdm1UIXK(RArW=8;2o<{=sPA7*t{Ib-PVB%rs`5>Y#^20@7| zX=L>Xq83z;snDIkVUHjT=)o|k(VK{g)InMqdv-PD*d2_NOj)*l? zmq0=XWCm+wWP^ld#AG;d$kLz|*}>FW90LxVlU;j6=H$D+Y>D2OOr)}7Gy@+vvUnQO zwy^J^*G3X(rJ-_IjmXNM^h1fZF$Qa7?4c#h&;Grn3$-2_O4~R$(V3~%z9`ZAWr%QN z2MT7guQ&-35D+AR;gHN`uHUP~U_mhjPMpC>brUlu+Ycq$5E`tHv4@th+L>vf1B;-p zIEeubws7J!4o2&;GPnIuq8)ow8zUxPvi%5PKPa(7(lt=Kh};3A5Bod1BF!d~6 zBqLjWIP5Yc;t_G!4<*{a9i$l&aUCJE1$%K|Oa8o2PRgc7CkbDh+4vi#h3(SgcGFCkOno#9D{j+lzx#xctXeDt4Mqmz z;UBOMjtoN&VGIVD%7F<+!rBu~K#vlKZBISK#R7@Ct0p{}F-CGj*J%$0IC?fF>kc9bQ6dJSxI|bS1zU>%B_gF^m6QZzbP#_GR&;Z6 zdocty)XAfaGE@^G789^J6$v~45`=6{g)AcHau91{CbV&&K@Kbj(c&7WZX&cq_5cDY zp{5ExAlPV3Qc^kSD}jlA7@Ue;Tu4N991cQCwoXBjk}E0&>pGz~7lIAg!}0@zgzX?W z7z7J(ag=1D(!lM4csZVfC>1yw7?h-Dbl9GI3UyODk1+%OvvgSo%_L@(Nbp#?n$&WVg8;rmbAhuP6R&&DDE`d+dP6bLE8 z7)m;%uef8NVBAaSokAZITgqdhM2R@IAZ8yEcjPc~>-wlU=%hk}WUC7fjtO&~8!Sxf zIVSEun=P6-csAs-`;W0Dq8jx$csAzPU`U|#&;*Mq&>{xHWCYlW1_2HttRVsehypSKpfr(#M1e7koOnexg z2K}_m06A1<{r!nUXb>>;J#q9zZ_r``qGX>q2?>R>JX7|GlVB4C$BrpxAs%|5H{8}C zf&?E17W9E*ir$L`J;}(#8Zw2GSOl|Tu`eajyRu-s!hj&r{tX)?vSJRZ+3CP6T!G0< z67_?L3O|8j?SaXWlww3k_CWU+R#cSt z2=mwngvl0G5Y6xJO+ecW=iUTnr7IQXJ(5rjdRPaJrX?FC)b-<_PK^xzm>V!zW_Z6N zM+M8FNN$LBD+o2f`4*01y< z($xYT160UG!J-i^q#rTkNWDnOmd*pSC2I&}ACsRea){Zo()Ya48}LY6YLdiMAza$7 zhn0wc>~YU^;>ZUe_0OTPTuzQvABB$jY_>?{05@jzhlFY+#9}zK`vyt{3OkSlJt#p~ zHV3{X{0N>f1Zb!n3_wL{H2Vocm_v`cy{PWO!BE05Vj4tfU|u#D=P>XJX0SsK9kc;~ zolfQ`sDMbhzW0KTHi1#=^*A^uDwWRYZ(5;R2RV5*)@~O>X$+)h&?=j)49QS`1)d-1 z9N5Faxi*AAP=E45SqYj6*g;S%CSa>|3e< z#U`AWYB2jh`tSghp`myH)o_Oe5_O$Wj0z= zFbMs(kCM2v*zOO{=8hc1)B2}YVM1Kbxp5+6v7gPBgB&~?HjvW$8=K7DA&%wuAD+#& z;yA#KZ6q@t3661NKO5E4#Q|;*L;VXGS+zPG20dDAo$9nd^x|ahF^Fw;~e(QQpfMOpW+m7Ji+1RxisID7Mp3NX)2tH;RAIFSA z!F)EV!3FkFGP@dCyFX!JIie@^nae-n7iL}!Wk{e}PJZ=6LJ=tQAHeoYPg5eqpP9d{ zHdzDzr9#7ki2kNi=MlUH~hk~ zNqgYwF##GeVHg51i9Uc0dO>3+7+KJ$Y-lW+Fe%gv8dQ|9$nzT-D~Q8_#;hpUSL{L4 zmskWI91jus>V<->iLnU7`hYCLP@wL**Ws{G{vrj-?(KPV6&^#LrA!j2!iniJ&r1ym zVgSU^ffGYcZw2!lSM?=RFL-RBfd!AndMtRzim_hsSlEBTV_CdC@U#GgE{`#Mm*8PT zRfgXYkjnt30ek>pu3li+LT4~AkfiPnhDDxVU|46`0|wz@J@`W29Qm#a0Q$Z)TP9(> zb)Rbl?Hs+|o%QK|z55_{N)@?7aF-AytNIXtZAJ_M1*IARl_pesbU+f9h#;iAI5rEmFfx4|KJYGDu@OBdL zhEDKC2n1{R%>&-n1ztk{IWeJm!cXq-dk@rJkl0=eCM1^ZWkDiAWTzKBSbz8nAM1Aa z5JwA8xbkd*?-D$gJyel``&E%iuK-Txe6Vvz26!w*#_ehD}*b6I}jM2eLg;haQy>sQXr(;>(jIT z-mlBT67xNuUX{lVIKc(@1z}Kx`pBtx!mG$RAeZG&+`$&7D{NeBJ?$WdNTq=$cY@7c ziW*K9o;GSWumaphk+~XM*V4hj)A^U8XAp>rIE>W@8O1GRqfoGv0hEZ>m$2?Pxvx#{CUt)VVzU zy=P`A6^-4z_{v_tBRO)NGh||SjKABY^^SM-l4RcdQ&h(Dc23d1e}JeSnZ9kl`n-h) z^olR6`X+puS2F%g%JUnHu`Nq@F9?i^xr`s9Ioa4kSCYRpEmSYANmJ&L>}HvWUBs`m z{C3)p?ToRUpm!`^ZL^zso)9!oKA(BQlI_E?h4wxZ&w=_w;1{$`cy; z-&dV}t1|wS#*<-(<}ML5D9^r-TzTX|n#>bxo0N!Mq)TN54A~Z`=!mGDPABFpntL(m z=?bkM4hstBMTfMRI=NjiEK`3_%Q%~|Y@*!SsZEB<6@ph0(nJXh3FEzW4#*#Fo{$@o zX5sx>ahBO*b@hT>$1jIk$r!y^6@)u{{N{R-5ep6-ukLCZ=b5Y9 zQlAqh3GA6U?d2+^b57Fsx-Jq{I@%HyI}h-!Z`%7=dcuLwg$E9#%Y>@w9hI*-lKXnb zhlyI+2l1BGduw-UTo4(SdU|q-#I|k5M)~cv5m?C>lxnJ&y#(u z(}mq|^=A2-+p~~g zjNOv!&8}Yw^cc}Hwp=J$4tb%NQ6OP)VOZQe3El}j!)I+1(BsK}vLk(ztzh|{wfA)i&$y z%`J?aXu&JBV$VApHOXPChxsuIBBlKp8g03cT^oI~zRg{BhF~@`CG3&#)x%l=)lPZG z%^hdG+WYF`i|0)an{po>h>5ICu24*Ix%ORQPngYq@o^((uGly7^!OL51=-m-3uYUP zKk8B%7Sq;LHa_Otl~~G6!OvG)6K0epUTUEwY^^g(zO=jK+J~x=s=ZCOPTw(4cx3!@ zZSIqpt)`o1$$r_8ZhC9s*OpjXIydZxA}>cy}Gy@O*n=g*sJsJy8Dg!_TL-?tg! zCK-sP-c*lyK8$wdMa<@W?c~h~r3zCI7rhZ&-4yp$!ZzWvab2?amT&iBXC9O!3^SNB zhCi^&dp1!tRbJ+(`7%Fxed1%aL&J=V{I7<87F-=^b#Gt6HpAo*s;A(I{#Or?{r zdBN<~d&A~6XY~w|-)M#1U%EgpSG+i&+&6cR*gU~4_l`-AotwMhRM7ou>6>$N7oQ66 z+_FoJ()@Ai-r(iFGsFxJJ-Rx}VNJ@TvebR%3zg!(bk|7k6U^q3v&gB%eHNTPY~zFX z(|H92(|Gr3?HYN#a7SXk?TW?@$yYpa%^fG_&Wx*SP_{ZLcsb`whqCcDtG-jip3|MpDQ>&Lb_yDGehW^Xmi{6$Na^|Wd-PCHKI-oOJD!&#rzW_jZl&#l~9A zHhRW7%aV(klNZE2T$vGbW9ObGk9IllXj8|FjrX%dWcss5v%&K*n_lhJ1 zd;h41M>B$M?tJ+sX|esdV-HWYUCzSUCU!Sh1rx;Mjf8%(Q4`) zJ;yqte#_^y#{1Kc2qvzuzIA!^6WKQ*A7&6$VeZwXKYD{C&roKDs~?<+LI z;gXMoMUdaZ5B0)jjRIeNUN3sPP%9>8ziG{rGJb`Gg%$e+LoUUC65V_xLP=h!xhQw{ zv{#$&W*6nRl%75&DP9?q?YL0ut!?Q8&1;uG)2-f-!xdxwqA&W~l>U0^Qqi=C_5)R= zji;^_O*G6L?setEviZcWW*(u!xZqe}1XC)wb+vUHRPNYiq?` zY;rm6KW!iR+@p@~KKJ4tgs!WZ8zJmG|IXR%%3pKZDmH6;ZCcu?zO|erroQ779rsix zrem%*JoQuO3jFhp9UJd?cdnQ|R~4T&{k2IaQFYzY&LX?;))k@^(qApfvL5#9&2r2$ zvL|iOueYNHTya0z@pS&v9Mg1V8{QIg{3tSy;8^{Res)j3yiS2cT4 zb?oftYaU&V@I0ED8S!Y(t;Ge7?yASR$`7+u*a(vgP72YPZyE<2VYB<_P)Otuc z8;A>_Ywj2kBkGLHYrizndB(x7?>aW-eScr^sFnKhrQQ3;8xMtNGg_X?#0a0<|6rYF znPPOxH*+1!n~J3it^^)WQcA3i-Rde{<=s+UbM@G*k9S<$6{8b~hKoC&=-pP#Irz2B zSUjad@nM~{lb2`il`q*9yS;U1DupR6qGy@PyuaT;Y*1A*i`rE&=|JQLlf^rHb3Z-|FL<4SH=(j z^tCBr)aqLwKlyy_-qQWK@y^Gp=EY8$KF(R^EMp?Nk3R{CSe%TzR-4%V)_VWNJ8y3Z zMn;Rte;s8Ke|Fp${ZEVnC1o%FyOX<3V)XnQJj$;1hXR&# zpM0s;-4M|#8Fui?>aFoa&ud-}z7^R7{CM?ahsBl?i}~@3Q-2g#b(=VSzxTm*cEZcT zA6nzORC5%p4!m1DY$VU#HQxKjjkR&H{^c{lPY|LV2V2k~OP*xqa~0*R}jJM<(aM4c6~;j&@HzxOE^TFq&jId@8e~H>cJ29)I2EIos_Hn zkCV~$4I#xpueoY2cQnaNJ~V8H+3PzG+-moW1|KIqOno0TDQbQ6>lo(~B>d=yOQXps4;YDk{%e?!te%6Kz>r+baouqb@ge)t50D6@O`n-X@p7)Kz(E{Tbud{C7ro8q)Ypl1^x1n!?`5B!k5J4`Cg5`)BzcwZdhnTnT*FXVmE z20z%k;r%)p7VD%YXcgEWd#t=3cr$d!qYm4@=eB z=WmwXUAahpDutE7DVXo!`tDxX1 zCfC>N7!lU%C@1AdAJDd>{6k>e+q3$%ihSHoHMOPb;xF_MkCInw89Cb@x}@ zp{&daq~zA`i&p`~R_iH#(;@wZ)ut;e8}7;RkAJgv)40gjg~#50>aM;NT(|#n;PQrK z-$&g~#q*p#FL5`?4i*hkI(pN%Euhuq($=<3HCF?+zW4IQCwD#mY2f?jt77%JAMFO4 zGTYl1o4*xbJTp6?CboOyqqQGPcGq;g_>fW8?e?HuTs*)@wf^>~X(>kDn;6CJa4yH96pQx+{WT$H-53n2wLTP-^NTZIb2{MqxGj9*4;4=QfW z`*>@In010!lg1*;m{-Eql?$ld_gj5lmKZLMdM)hJ{O#U~yd{p6`<};}JA7+S7qgEO zzqh9)C=wo&5)*z;`{U_U_wMg27I!*UrX&kiopzaaR%GVKJ)~}*MDr-(?GN+CzEv6M z-(R(O-RACs_uqCIo8*Tgr%d?lo){RQ56LfR<>GN2jBe$;RbIF@m7Z*QM@~>HxepJbiVV{Nb zxIDxAVMETLSLM@%FFAYt2>h) z4Np8WCtX*|?$L%ztmUm0r1T;cOxI1t&TSQFUj^8dq;7? z=A0!>hXWZ3&r619DF_E-nf(|pJ|}_DMG;qitoGFX!vpPEDLD%hHtjxt%Td1K#<*CS z8<~{)0*3E~N7CJXbZZaO%yQiG%{MN6bZq2}>3n}A)9do{wnVwGxX9gE|0Ldfvvq_B zkI>9p-I&sv9e)2Utzmc5P^C3(Xwq7gCeST6KPxhHRR! zKk?x&QE%8K= zX%4Si@a##KUhkcM+d=2fwuIRm3)?g27}d*t8*ApgETmE7ZA0F2V&KmUWf}{#j*HeA z&>rjQ%x+wKGB7MZ++p6XVY8Q?-6F74#Bs+&0e;FT{`oJ~YoE0kr*e3#?TVdcW3MvY z)QO4H7xEVh9$rf>6x}Xdv@mdVh~cQh^vw&$#rSTN)20ZInlZnvJ}k@vS6(jk;(54( zm&fWI#)|W5T(H(7bjB)v##@)RFKhb3d<3`#HRn_|qPt;{*#vHeL z^)9hAl;@HB0+ASJ^6r)xE%%9TK~7V)x@o9Pnf9FbqQe}|{C{2?zO3?N?6{3WqqHmw zo(kzq<2z~fc*K+IGiS~%I^Pgy(PM@`;>+WWOT;EYm z?S(}j#k*?WHKZ>7+4W87P(x!w-Fe}>pIf>;zqD+mKM{9P%B!pM&lcD5-YO>MU0Bx8 z;QiU{#}`B_2RyE;`5~hE&dcZWZCCf;t;QXNMdq7mvF)48^DOr-{d}(R)5rK)^ZAi4 z|Cu53Mo4AD8N0DxpP!o+YwI`0Z*8HlfANlc69td^i`V&FpO*0Ryz=9sC1Q9<+4jvN zbTjHhTZ^k0{;u)3sxq6#*GQgUCB{=#V*Bw7y zX4D(GFWEUlui{+Q&u7_WR9_RQYTmSrmixX$_<)|yzU(LFuj8IxB(`MRucY~|yZ*jY zz_{ftFYDFy4LhU%l(*k*@#AK z#m_=p1Nl9D@+x1cJNa!s_H?SkQn`B$8B^b!vEJ%_>}mWJf2EXf3(RkOyI=N?ihS=k z>r+eKwk%?#sqTHEWXrxsg8TBG)xCWye!TISZ%acmFj_goE-dHa)3gvan@PClmKWM>S23r=W^ z;3t|T~(Yfxv_Yzq+zUrWQ1kqeyt+A?ZJ%>^`V=;uijQ6J9>De$AsZH zgSkF&N0-iwnjN2VYxZjQoRMniEc#6vZw{&t4g{f%GM` z^2}IUq3dT~Ydld2mN}CCdIhwv$dBc-` z#_G%QWRDunuVFDqm=-KxqkDd;ozbqnymx}6?6z-^v$;LbeOvR0C^_F4trMl=jYd}y z;@8}~c46er_!q$gPSAF+dqA0rfJg>6fp}^J8x5(qKDBRs!=6n)= zdyLqrriF3ipPERSCEb-TH*h<`&k%_UVT_DA9=GP?lkgoUpH!YZamDhc6xn#n9Vt7} zl@6+FXU~q68l7r$U`NyFZv`>dl@Hzt9yug2m+$U_{CN#+^<#&voW5$$iDBzS6VD!dv&qkzN-yw@4nc7_WAn8KCkOlXKG&82M=GqwYy7N zzwie}1<;(IzfQTj@3Y|56!Q+fIj$*3iyvR)eH%sTsv>Z%JYno%<^6a1x?fi#Q?W3Eh z_6v?JYqP)sk+GRM}uolaa>v6MO^dcf3D^EUf$Z!eYIm($LuRwZTp@*imTg8in(!q zBT47jXA8%!)Z=Z1Hbq{?e9P7-n$#Aw`r+&r2xqv|C&}w4pKY&AeYMUet!><)YrZ=k zMISIIe=JB(zlN9l{CGx2n8*B8`!;rNi1zyNNv~Q=BsOo6n#so8^4wLXidAWQW82A@ zHTLtI>lGCB*ICu&t~{6i;C>n{@l(x=js?*dCzn@hmwzeAip;f`xh_~Q#w+^4r4Xy= ztZBCMubHmtdTaZtsV3a`**_)g(jIS-Ez-`p{pJ1^UD`W`bF!C8{UhXOwx6VFT{>@k z>8J2|o?$8Aak%>?Zd_0^ioUl70aLM&M~d`C!0*!t?1xO zy`PnS;DpcifbVXp@$o_Rp&l1_H_%H`$Ix4bhmOJDCnXl{fj)CIb;cBq3HR7(?ek)Fjg01t`1P7o6X5F~KAXlQWBln;*A9rZSMIf2 zxw8EfsWw6Qp5qsZQE7gq`zM$As7zr8egJ&6f-7}Fg5E1u|S9lRZsQ#Dqkp=#C0**PylX3|e>)VQ!m zK1h0;+PtG>dKpiJ#?9XUkFwPA(L7eOY($DQ#bonDwo6c=M}(_iuOBr=rQo@C#)Y-K z^P=cG=d4-j#wWe(`WPXbgVvLCpUQ`hb&Nc+$4%spr$DMPV_L(=dHYwC9$Kv#R+^f> z{Yavv1VeI?r6l9hdd+eLk?<=cRMUR!-C;fK(S;XiA<`%=38RdY(7g0cCW_ue~Gq?a3n_|=8V zh`)I7qRKtsqgNU}`HI<(wGNp-YnlSSKFXeUC-PEkMN7JF$OdxvWi#z#_uRc`Yu6^V zw>%I}IsE=fjc(?cw8IIGz9W5aZZcRl~eCwlB8hWUT$&in|*l=WTj5Y*V+`BUM_Y z%5kmjqdHC&8Wfcb^UGQwDfr{yvJK&FYg%=x*VJY{jLFE{qVg0UAxE+)jGmQKLOwNK zTuy0ReT~c8xou0Oqjkvf?v5o*52_RLe51dYe^V|Ov=MUqyzuhYsSDH62vzBY=^FDG zTaW6z-4LR?*k=a0=6rRk#;vPexstLOH=n&fw9H}Y)1P?a;^DQ;0Smir*XnQ0j7fZ` zyXl&pQG4Rr^veRn`0{V#N&jHuH)D%<`LStQ7^a6 zQIgtnO*caGrJ<*U_Mv%&!STi`T@O1g+<(?h?QlFzE8IQyR9fT5(HnK;g6}89TU+Vg z8%CYwtM<|?Man%lc>I1z@rIReWp=bT(`HJjDg_B#G+vo2v)IVf?xq;wfPTB$eVMRD z>fa{aPbm3JG>+B(WG!**+rv}4Pc^xEW>)w;b8y{fdhKHO&Kj+bd>Sl+u7zN>^h-$*s<5!ms+kHBJ1Al3k?zCqf3%67keG#1|&p$DAY|VB3 zx`W<=!TE=-o_PLR==>hsmpd8L&0QuHf3&>u@$pTY%hza!?pNJ^l%_<~%#~QS=vrso zBIiu!BlL%)B`x}!I-AF5-`U_R<#_V+z0TNHr;5}^rmZVV-`*Y(QlKVY;Wi`vvizLZ z^0{*&-`}Awb&ji(kPFESstwk33Rw5d`50IxS$7q`$k|@S`7}Qatv@tsc+$HiA5xF* z3{KBDe`EVF{la;aL@Cv>1H?sc?hR{hPRMQ>zxu3|!h;F(jreZ{>?8`Dl2i%V@J-YjD@*2G`^SSnWQuW8k9ZDrmi1@TJEmhlmcF2dM=5VpP^fT5eMaI?6 zVmGSCn>X5bODMHzcR$a!&#gRi)C|nu8V64wVu24G{vxx$XP~fh#%#dh1LRJ#jAPcELqx8@c@(i8ty?FlF{Zi6AH}L}LYLc@r(>fh^ zsN7G_*09Lmec*b$TRCCYb;ExeO#FoJYZi6a6VInQ)?ayk=W#mC$=1iH$+C3O=1wuQ zv|!DPk|lel?VY=Fr^Y0K8;*hDbJTCENVc?14{ErorZVTV^j!J9jyY+UPwXwg*Nv|T zEHK&L61d!Sd&~1TvhU1JSLCN_Jjzc$MK!875h4itxO|j<=j1FLHT9Udr-Iaq1cIK5 zyU}EU!cS4dZQ2)R>+H;${#2zYSLNcKh>C;T_OCUtI3XBhGfDmST!N6R*!{TYS0{`$ z{Jg{F!rZ;G3lmh&w7pw@wIE&EVh!)Np!|%2cLC=|>Xg|E>|`u|5r48JsMyVj=Dxo3 z*#Vx2mhtCq*D6jHc|P4|YD)U`^!hsjF(Hpi>aUzCm({qOJX&z7UqYey_K7pnf=0BD zJF_P+y=0hHpxRPdDe~SI2LqQZtNe5!Ht6-?5oJZj4a-Nn>c);&+->e{9=3JS_)T3~ z#bU+ZE?y{bY2Vccjp??lzh9XdC$dhkqVCJaz^bsx#g_^bPL$pjcHMn7wtUOG%8z!P z@%s|C9Q|NZ*(l;?-ae}G+&Y0gG2N|g4!Z*8*HNNWp;o0@2IrV45C!fn(e_F)`rZm3N_6zhY zepG$U?Q_SEnsd9mTPltm6r0<+P$Q~{p7U)R^-HD3sidUBg+>8WeQMq6e~wV>n1&0V zh?^&T*=LxvcB;Yd<96DyGLJoWAAcUaPEMizj#tRL&V|Kk&OYb85^)W8+>741FDfjW zUr^+|J!C4rlW)PM$5#?x%RIhPSe|j}QIzmI_h(W$8>dP?iEEhse!Qkxf!3CycZYp~ z63$Fa4p($*9uZ2sj+^Oy(XgBEs^{agi7zwbM&zi>*co|qVR4SL&snb{hu6}#^HYPb^+eMw!N8^3(IDR8uUpK$4$mqkVx@3yaLxQXq%VtZH)JuRL6DqTK9ZPyjDepe^QrfSVPXaQj>aK zp&{vGa08{)Ewe>J$JkfEy;#e6`)TdVrX@9=hKn0qW^RfQ$_=Z#n?BaGR_fY&Q>s>V zab&Sr%j~?VDUo$kx*8|xy7)CUdiV`nkvAf7(cxoR(MNUd{k5)$Mr=`)N6M^=b+*_YJ5S2m()s1YV~5uo_cl!NTJy6@>7CWtL(i&YgWcavFPP-Bk8jC- zttd@<^{CM0@;{TL$^#9i>=>Q6f-L1@Lzu3j_s~{*m5u;;cJo4kjC;Y$)=krIODmr1 z8Zp}FYujDA&|JsW>Nl-&f+hKtXTMS3<6}3BM7;m{)1Fi5KKq44HtXGXyA|%P=d^e?Y`?DYl7De|y0=@i$#=&3owtjw+m~J*zvDFhE-~}qJ<;3Y z!rA3=5xeb#C2YvThfXe}L>?q;9_uEkeD{dN=8oGM(`05*Of{D+Og9K3`Rb9BNH*)g z%(4>*&3}IMG@s^O5fQ?kq){5g&Z%#;ZwgExYH8qec1__ER!-NLle9>6xrs`&^F7JC zSuaneCBK|>CXs)QN%{QCX=a}J@6<;Ln0w}rRv#6r=b66;{-j$5y=dl zsnk)mujZz!5$Eq*Gb^KQ>pwhS4G)M32p# zwf>8!7GM4d>8vp#Cqsv8Xl@q8TTUAJ<(2-V3ZK-S6ZO@`HMOaY#aj?}ni)Br@zIkD zPHGa;pE0RmT$u{*M$Pdy(qBW@&wCMFD{?z@j0$hir6*HGuEB%$uh)=m>paKhK3`Ye`cucoXdk`NA!XINs7`%kP3lrwG;OW9%EZ`Z zww-kz^G#{9qMD=Z9=cAxBlaThY|>u)Io<_3@AwoYDz&aB9lEm1HqiP0=jm;(xrvuv zTDQH;4srJmH&jdGOK$zzHFm?TlB(zHmu-6SVZ+9{l$K*90TkbFIgc++%M*Pdb@##) zw_?k+vX8e1E|47|I?nHG{_qjL`eW%uN0v(pOt~#9yP8pHIM)8e5}C8x-rH&~t&Kaa zG<$^8oUAx$!B;OIER!w0b5dXA{=Je2{rnMUm@gKNk>yGL@a~>bMPpKc-BwZ4E|TQo zPqr!!Zxqdwio113zNYSXC~R6Aa`;Pn>jp{T6yn`W$!*p4>51A`JPjocPd2<9CX+FK z=F>6~x#HyJ@jGmDRWCS?PQUe|!Tv~Y9d+yC4}NBsp00mIXyj?0`hld9_Ovv+@qWbR zF8hyqhHppUyvlC8t#J>?`@(1VYDwYKji%Pg>164s-Hx_SGhRMTTM(6n_tFk+nDfP+ zzXl&~ahE*uY_Rg)WB7lRPg<6a3Y{l<-OfZ+!Ld~Qy4$!NGe(MEPaSvqxNw=+^%Ft& zl8M$~>t6<)oDmdLyuWozSwrP=32m#=-MgZGB!w2N(mpIWQsJ`|DQu(T(oFuz3?4q0s? z?iNf}7}vex+ET+A{x>#ssY_>G3x788n5{nf-q*7)oqsrtTJz<=zRAXsd1jl8+kfiE z9e=#kqE5W=bIHNk%aYWu`I}|F*li}M<}Sut7nEKIvDR&AUgcv{dQ&HJfG!m@cK2|Ko& z&i0pVYuLIxT>t3|cjGzJHH5y#@(kx$AR_eG0Den&B58;*;2}x)+feFItpTMD zzD|k_Z`<00C-9|47)-9*{w79X=9Hz&3==F*T(;|O@7kalJW2g1ZTqM)D~AoW)is;9 ze45`9eQ{*FwaUTRT6+7e^^N+6B}Ck#CjE0sIndfqVoX}c(b;o@43w8VMN{>BmN?oSo5m;ulL^kTwgo7*ge&Z`WOc^tq%0JO{2G2RZvSkK>)2HkT86_el z+1T+SU1AK*QFvdR+0K2s#UmcBA&=7*tCd`mqQE0<<3BP~lp-inG&W&$s8qH_w`{u ziXQb+*!3~9+eZQ`RQQdOBFtisRiqmr85Mtzas66w-dvk5}2cGFF6Nj6mB5FAKGT!w6Rq3 z)`Xi4yQGH8ON|?`w)R?*k`j+(wz^l9W_48c>-3#Qg;!tid-JHuCA~KJLPec+`0n=F zlW*g`W%!-{xjFf*@y|tDS1)>awfTK^ZEfE7)iV!@ZvAqtw({zzu8~O{?yhYrrv7|K zU;BUb&F%8NveGRvepq|VOzAqsJSQWe?3(V?F8?IBv~E52^2n2qaRGkWPZRT8{~v2_ z863y5Y>kSUEf_H~Gcz+YGcz+=vY0HE#TK*0%uE(DGc#Gzn|;oAMICLCKhJPK=kqqd3z6tl zC?Vs^uF_J3)4$DkUb!$bY^R^mjKh7Y-dCm$dj$S{rc7q}iG6(`Y{}N|R6Um$G7T2b zw_JkIvP{Cma{icNVY%9`bjYJWZUJWRAr`0gNusNiv#r;AVh#5q=whOi`Ee7#>lhQU zd90w0=HrNv!zsb5Jm+hA+`)V;HW|tJ)!WCEYcG~rp`1C+*A#Fg;V186Jr4kmOuLs* z2nD9$IbHZH##x_+=6y|1JDBl(3i;KgPdl02H`Dvh*z2B#mc32szHpIl0*+2%PhvPF zerT8i)J^ejB>s^1v|NML1`n=!8|>Od&liqWX=An%znu1m~vJl5!?DS?&CxNX zy;FnSrL}}6vAxrP{6&o1MYpA9r<$TeXKq8i^pw|;&K%5g0C$|OQ<*_sa$yV~rdug~TliCLF}Y z4U8m1)cK?h6+CobP0(3tw$qNYuTt#OQNW(eOigjRm*C64R>;HzMO#A#uL?nhx^Ft-=n zM^-~IhYV_}VIsddpt|yp&}?IXiZMn4)C+0K<8B0n^oLVRh!#OUWu=$uO0!K04@jWC zDaFu4b*rG*e{)Zek>*n_0FeJu3Cq%wT<9snjzz2Nq<&m-!(a#rB?^vB=PFTdNhfbdL*#(ziH59%$xBwjBWom}B}Jn?$23c7VM0_Y zzSa~%gO7AiSVXKt8tWrpRG!B)028-2R#sZT+_kyQNg1PxPT9pTQK_WqEj|wKEt68d z>lIH2anpC9ws!wM5h>;nV6}%PRkTu58T#vo?e^&cO_^RJ@qBd) zlT{qo02TQ(6{|?%L{$i$jPQUIxob~tL-<^%bUpGW?}UoQb}O@s`T&p8sbNU$fc_xx zqRbLpha$m;BHht{7!B~i9Rtp&N=+*ZWpu&P2sGkW_lBd>^hJH2JZ{{|_$O;^ZJ>^# zIoDOQ^)dwYv-tyW2e`C{f6xc48hi%SrMho?5S_I#>%aLpd)zp5>hP^qD+=n{>1lOr ze5~Yie4g%lybVw8nsxer-kiLi_FFjDznc4Y>SWv1FlsK9a5e+|Wyu<_Zqw5~(%il# z?IY3i;;KVF``zc^W6$E@g%$a5YQFeV!VWW#yZ!x_PKUtD&Bg9R`&NrDFV?1?(`jyX zE<;%|`B6?`9rx?0&0XEe&O79`-_5VJhZOd(6SteYuNS(8_8O-Coo|*E-3~u$HXUmi z9jcpf*-i6eD2FehJ-W>y`^X3bQsT=FYq9{F#zTv*J`;7Z_=x-Z53#3h50v|U#kNgMN2wL@?WB|+P^9kJ06D_R_CYr z5N=)BY+gxbzVv$fJrGCqM!W{T^^otZNF00q9OWm*f8ZxpxP*1ue}cf9a{P6N>p6YJ zww1A(?o#i3O`rhaY9b`Y+n;wPyD7aR7+YTTTldb*er(0_{Qlc1ASoyJmv6wU_u%Zm zwo{OtDIg{9TuXcb^ZVV%^47@g_v$TR=Yj7%nV*kAP<3v4IkD6#6KD znmK1s+MPlK8M~C1pp))rxBX^5^%a$uz$iJlVU8i|7=?FY#d|;@VwuS@4c~(X+P#Fk z{ql6m^Vk3i=7I-_7*`0~EDunMDCS56h=l41l8&R`&fK?3y70y;kcM)ktm#A(@-^x) ziU)WUSn~dCsQX$1p9xm0k8M{G&IEa=z?N1hZVJ)`O)(q+Yc;)zAj2G_D#Q;0ZVWeZ zkRTt&pM^;D(6e6z9BNb>1U)_oB7!WZ07L53h0x1)-w5cTrsA&!`OXDtMqLyzrYPK4 zX5&(B-ptV!&umdVv)DFD)9D=4XW`)WfH@Y+%m7}T>X}V85Cp9(&78D zDt73q%`cq?pYgKbRRa%o*&@Q!rVNcX_WQm)^krODL8%*4CI5zzqsNtq&GIgfCd~S2 zp4aNDZQR-)k4?H-4d z+DMOh+N4|?U*o3amlF?|xz!_R>bP|6A#?)~W@z4Cn_C5+r*AjZ^81W~@ymdnCA301 zoyKRMF010ZdIZ8ienPKZCh*YkrSP=LxqD8`WksK51#-W*I6cWf>1x2QMt5=P5_!`5 zv13;58eGRZxbA@vzLZhCZyt6dA0&Q8csz7p2z|PyEk85^=RktvTgbni1OJ1j{hv9I zm7D9I&Vg+I_ejyX*0_T%a1Q({n;Lz3%j^d#97IJw!zOIMyb5bTm3rEyQ6%I%`+VhV zL1l2}EZ@sZ-&V_)md!fN+L02&Dq(G&T{mX&aix}EsUrP@UqB3IEaiKtowoECg$Xh3 zkyfov>xk|mReik)26=yo>Lxj+)XRiKm1Zw5W=NETTS1iYwlq1P&uAkZdm>kCE2O3xafIPw@ePFiQfTY3M=fXtio8*@93)5qmG~8NFo~ zdL=TRe^7khic3&D(RZ;7JE?5)zFK7*^c_;D$Ka&pq7})ocr^d8c)EqiYvlq-S|tl= zyRZ~fYGxQp7^P7$2{NbAD07IDY&CjqDV4W<^tS%Z9-;Z%x>4Hs=snSd(omvpQZC^h z$#2+nUmb@mo~3?U|ANLjr|*}{hJHha&A{RO z4Urgugn(c@{&BT9iET2!o&4A+_~$q@1$XFdlauG$HjkgP+->tOV_J z!}X#3Q{s`bX;Dp^ERuTB+2!0?v-uoJMLl&x*T%b2^9Ck!*uuu!W%Hn2KzG|4CGw z`@cIFxL6x_XfuFM+AnSXd~9-bjKFGUY*TC~c@T`>c-XVMdp2e_tR%Qu1e`e3KO5u* za#$CAYC4t&(xvt3SdI>YycvgRt_uD=T929OrI@Es&2r`qf6#|QvHBG!j3=^JEnkCtz8s=l z1ph{9GJEr5}vI5sq!OA2|Q%pxL8$E6Tx**SkN?1JzD_ zXf)hq2txv8M*@1Yx%Jvm5O@Nm#Bvxa!-+24RK$QSv7H25oJyB4UPSF z`+RYM{Pc1Yo?Ro71&w;v7*u~>oCoY4*)n-f@BXTv22yTfM> zw*en>9WB;IPHjUt%gJh9k+8Rh#jsz#EbPcmpql3_`bAwy=03(#0clfL?5?Yo3S@;eX= z0i<1EJoRrK{eQ6(0I@M_|IpF@la#;V1j5(PF@iPO)^?CbQ;I!oUhd)y9@BQp zIOM3pq9}Fh!qU0dEi4f6M08GHcH~5121BD@|Hsf6(W4l4q#Vxe14h76A;3y+5tD^L zDaObT#zYLf_gf-@kNp@_A)B}D2qklNzL<&Emu#+kqk?3V%1Gs`5i*T>R5=pokwn&V z!bjt(rknT$tDa8h-+~ZbZpu8A{*M|RA#QxKL??6*_TQ;Acwlz^^v9!=3dRX*>vBuX zw2agzkb~|^l6(UCvPffve@e!A|KaC z;^VSpsJc(#(^cmC0*DtbK*do^5^&+<6IUMrXnm8#Bh^`Oi2Up-_v_s7+hFHBV|?pxYh57}s6l=jPP=$bdwch|ds&*Je{2-| z^~h)Nq2Mz`+1r-x*q@`FgSWQUPVc~_^?+9j)u+Ry$(6GZqJ9uPxLVW~e_ZadO!_<(Y`auxmP@|Y*XF~^rJW^U9u&FR; zm>kZWD+6^%Xoy70$Y`;`A>2}IL1O$;`?Q%F(-XHuKj9OcW{HfmzjG=gA*mfj!r|?Z zaA#iaaLc1rnW96*h{P)cO!tof;h=>xrs#g+bEme6CSq8C*?Q)_7rI6!2FFrYbU3_O z5^fs1okc~Ks!(+31QTQxywLqaqCwE2y&8;7ft%-VS3~aG0@MUC?!y!bM*!K`#Ht#7|lFpT&2gK)*yvwHSG(y z8U>FIrWtR3+A&#Nwak$+3P!)P+PyEtIT>_growSwxYhQ%YN=Ll;8_+F-l`bS3Am{7 z+cGGgwo0EE4zkBtor)2)8mPQTUtyt?iz zh5^~xBf~bQL*qhTDekd6Zj=!yFY!NC>-}^91dE^e?e04tEj)N{OZ+#EJj!`BIe}LnD37>6sneXTWkVUO_^=VMKQYyXMu)6 zdN#%C7VaCO=;`CoLGkh1l6k<8R4^D9*qdP6c62b3--`%R!h{hPcV;5qR}-^{MsYo1 zG%v|w$dJ8NusB;;x3Z=@Sv#a)Jq<&f+HpDyGD;kY*mH;m?A7yGBjsdR@V z3|z92K@2vrEcSz>i!fO+0~X_oa3mzHjd{Nf4hUuvRq1!cig{54^88XetV}lc9y9Lb zDWOSia8T)+0_No;vfqGgI1y7a4#rAm7CN_nP*MAc6|my6D)hi>9Li#Y!m3V^E_3?M zCPAY|9-C+nMr9q7>ADE$J0ypW5CB?2X^2zFm9a2lFQE0GiV++2*6Wz;Ef5>g{a_~> zI@QKAxdF!Uoy&`vOJnqaN9&9n+TIlpWcr>MJv3s}8aXsV?wf<2!ZIgAB4aG?rv6OB zppUu9X2vo{o;FdBVTogs1ELSVLZ>!9)GJd!^NVP?>^4MOnqF7-yn(bFCbqX1r8o75 z!fh7khOcgt!P0}hXXiYl-A{LE3qCi(vykR1&y9CR$1NNS?e)~SMyhp0KN&x?y&V;|`)Xep2CNBGH8W1pN{N-exxdYG z&VE035k3)c(1<^)S)HfnXdh;TMk`7riiH@R`*pDFIkAk8DN!_}Z?j&^6`MCC$oau7 zM_OAPZ;y1-cQ1L$J0u}2HwR-y8o}X`j^kZ*BM(v+Oo{{mz_(uFK+EC!BVaN4^$3vy ziIAXFo~qwWn?KuD=LzPYtn733M;qL_%Tz8lFE~86G<31r);78qPP?CM=vLb{`2sgR zq91bG-`jN09~IBuH^$E_-sd(P?*81nZWVQTycNqVK710qB0mN43kIxIcLy#>@Hkyn zxCIePc<;sBHC?n#tWzC%CEe+%i1S6ltgQ+Opeb`<5qt%m!{i*YmYWFeS>uru3=j5_ zG14z(#kAFL1|h9mlwsAaD;R0jBAryJWK-j_!HAEe{UL}&fVjro2&do%x(6+{HUvY# z>>^{d5n(~AkrL290W^zs8#0kUG8tr(t-DpaX;JTRQ@aVthL5-I`2`MF0-wIq(tFX; z%N5H_p3pxrxT+dVT34Ujs&%4QN!EaFOF(1bfWb((<$l{5slsEV!W&508iXB(TZYex zrfAYf9ZWr?SNTq{Cut(jGni&?=3qC%ChBdbnHJXCu72aQ$D#%Z--p`udJsY0io7!LQo8f0zwK2%5sQkP( z1Go=f{QXsJ6-~PMzrF13f#iNmlZM)pfh)5FeFko8p)C31yjy4RS@=hz#m#s{#jT#;t)```NA|Ar$1b)o;E z-{txTk&p>sHsD{V8elen5mWFm6at7x)X6Ig9jf(b^>f;lKegCH#KWrk^tY6nv@svm z*-zmo%Q!f`L5zqm%txbwIMUBU(T{p{bRn+C*#?7VpApZUC&H4|2-TOtNWm9VE99yy zJ;om_kZ{UICny}3-eGP{y5FH937LX%M=K65XgJ=F zM=-PyH4Ja%BP&l@MfNBrfE}yrgCJ zTZ;_CBv=c&oYrLyp3eUr0x(tN=w{(R<_L+i8(UdU9O2}!CeYKUFSm7 z0+9(LvIA0`>SS~W7h$18w_~KwHmdfmL5B>lH7?O?LiC5Oyb6{!l4N? zhB7~cj^j;ttfi}^ipvKJ|Br{)sqjm?JI4ltuF8+*rTDBsg0{Vf!~P@9vo%G}jhoZG z!+-^R$4f_zrz7O}vxVuStcQz9#`lDY#@6n8$<2qrYMx6U zc5lzc&dZPW^}tpG&ypnMZ#u(MZ*>AGggB@1Q}gCjBv7MKe_Fi$w4H9^e>yLA`hGU6 z-*$ww4;s5&FZU#VyRt}IZ?MwCrfH*63jLZ zW}ZquX-Ri!y2CV{WR*%jQ9rX8b`jh}-NaQ_%BR0=#sUEA zhk3@9e_tnEgRODqIAHEi7t!=oFe_XiaLu*~Nxlpk3oh77CMezygP%HM9fD+zg};Y} z^K(4_3x5nPvqT%W%9rd1ERW)Bp}VhvkZU@PSDLP27W^?6&>~jWD!af_yr8NNEc53v zmq-cuy_#);=WIt&Bi{l}3aXE^t#>&)pbQeLwL~XWdGQ*%*kJL8ww(V#A@(~=s)@u^ z5>yT0=%LM9ezh6YJ%a^nkKUTM4?0>V>g1rs{$}_nf+K_J(>qMlK~y5bfxTIKwpFRs z`KHAqrt2|fQ5EPYg71*y&dX?|0kclnN_`@|#W+-L>$0910}ECL{G_>bkUd(D9wu>6 zYtp|y1+9O5LVzDS*zHMkZ18cv`ga+MAT=M&2_uQz)Re;51Z=3Ii~g0EfNr#q;^u;C zo2^q%Tn!lK`I_3c0lVs|4N1=7okJjyR&9Dps8%-oL(cjLA zoONyEYdwDtu5j>8d}S)lkts0xilNBcD)w^$Q%tb4^B02}V?WQ#qVUM$eZqmyMj0|8 zq2oupSzyYjZ<#G|pYquDLniJG)u_L^f?|==ezfGz3S-;TuN|%J+8g{?IWU+Up`R<59Ir)dt@Yquta6aBMaxpa>c}P1q;Z;Sbqwmv zuFqi*{>#qFFz(^FWiL3IU2b5Nvz6E6 z-4Iyg4w#MZ{oC2^zcHmiCewd7`~8!*j(II0sU;`E2M~;p6;D7W4k`@7dy+3Ti}Uzs z_FUW8T$VVgP`gra)6GbY==o?I<2ZSrfLJvvsj@G5is}M0)t(^gMt%A@8lJ8W@mj(T}cqSOl43tYE$T_Q!kabIj(rG*NBcKy6B$g$*e&S z5G!XMqGGNVh`vczs)Jz=d4MDbpR`2B1<;DvDXAfwxsX+A)#b~GQq=V-`vV($IXm>4 zS1G%cN)EE)(PnQd6@Ao1*?b#{QP)b;B()-~Q!QuMj#rXkdHNIXmN0uctuT8!SoYQQ zu%B zvQ(w>&N-3tU_JPCn+xVp$WLA@#&z}beG-n^>iS5;@)s%-(NVgj<(d6&WE?H^Ws!(O zQ7E{v(BgI}9Ex`6&YZO<(qJj-No}RG>W~07M>^@=Qf?DuB-Lx0d?}?mvhOK09Jcc6 z5WHe#0*O&lW6qd>r2X5;tjlJHx<96!r<)IFYmDQu@Eh`l2svd*?a*s*m&Lip%mXf$FB__M?Z>h_!(C`{z9-vbNWYobGFfXHP*ttv?U<*VYZM zuj){B<)1TSo9$Vbx7Clj_tIHt-@VE;WanmIj+ zZJF1y%1*X3SCiVW)F^AXeoAFw!7GkrgXJ&z6V;P`PqAV(-t&(L+#*|=GBdTx1Q5s~ z*%MFO2PO~pOW7S8^v&(WxIG)@?U-dzXPv^ck8cuxbOh}+zQAqO5WHTvJk2{|P8(`K zC+x)!k0aHeJ5TqzvY=!q?})b7BNi*4bLk_+&H4EAG9YFEzA6}oU=ZPx*wsbjiXIr3k&-^qznU=`#ur-)Xc$btbL#^{gfV-6>0<+%z~<#;x@IHE zV1~9_Rf5TvzIsSij*y-|)d;f~(CJL)cF?okai6{HzLJ%x|D%4S^@0+CbAzAMZwX;70^942B@-D}@Ii@X0(?Oksr=e< zoQyM?h-_mfIVv`&%&zXPr-sp)oHxbHB`qF%tfF=##bE9pckXgT%FysarkOrJQmy97 zP%YtF&G4M3`en#p1E2WYwt6YGWR1-4jw&#b-*r}pWDF=7V1jCL!DTIX{p6H)q6nye z&?REb23btV+^G?cD(7^gR!+??PlLh%?CF^GHU~~aQQq|6X|vJP<~EHya>42)@XZ+R^U zB9RzE@a|;RVYPR9pdNju=Y`Fqd6!3itK;WoWwYbON5o6>V~xFQyG^d4gU0yu*`ddc zZo4*H^Tpwu3F}&bE`3*4W5q$q)f@4|f&;-jGVtX@@jW(TD{Y$bY;dUtfS&b1+4H-@ zHo$>1a7uHMQ44neY{Q>*E!N-Tb-DGb;ibFbVREvNe<0!aobsV}TgKJTK&?Lw7Z$np zM_KlUsr-EG-t8ubLC>r*mUlL{2hes)+OIsmj-U5zDgh>Rh`_rfQZEm$Wb4fY-h_ikYU%hNgsr0+( zu2Eg9T*84;eA0xf1$Rm{;sL^Vc6IuJnnz6WDr@RHf$2@kINNP5)Q4(-IO|{i7sL6Y z%h*e&I@NTNahH^$T()sL`;i@lah00%12m7A@5`(jR`GRCW99@ez)KwLF2Me)=LVW7 zDQHjeiKoVQy|c(?9$c=~Tw|xYc9^8vZZd1gPHR>9#=NL9(8l9nvz^rcjQNum{CR5l z&Gpc~b^oO9j}@h`6g(F4Ru^4n`x@a@R(pJ4%g4n>P^4)5hp+j)*XbCZL9qbc5~F|0 z?y0Kl96m>egBN z;+P>b94djd?W=-rCNgRWa7CHd$HzgyOU1P+dAX>peCO7jHqiTdDoIa-{+g#igq4&x zBsHkceEXf^cpoIZWB}D>Uzl)!g&X>vRmK^wrAWOcO11A)TVFYrryRUmSc3hF;c|he zz|TI^(7RErXh0*nxl5c5zQUm4{4I<+yobQjKmjI9k&aoFV=QAZCStU>2$so#5;XC5 zB3C#DB|1#%ww}gK8G^71$kv2no!V%+1rfazi;4=O#(K5X-ZW+r@db@!g>BhXon;7n z12@<+IF;WI<;9dLVhgGIaO?tT;wqhHX(m;mp(G57+DkmbH9Hp5!$bk< zF(ZU%OuieTifTOV7tgEJ7bZm8LoJwB!bFSEs?7f6_*pJ*FJ~@mFUMUPOAX!3e6Y>& z6Yuv>im031l0J7i9Y_jkGxHT-RZFQT8AE)yv|g#`>gy78l$3JTa8%3GmtkS}3MyU( zoZFy0DahMN&i?kDKc~ZMlh;0;zK?eci#ylGPq|;a-kSsheILx9uHJU;J)UmvD%P?T z*LK|Q;x{%dxHdL`4A@hb-Rlk?UQO+ttskm{Du(Ut@LZrvpZbr`N1q)p&))4X2Uz%W z5tq}P-J6_OmQR|VPY*j;P5MD^OdV~dxL^C4jHz1iHqUTNP3WelzusLvaYwb8SVN&K~prPSp1oiJ=P!>Rh^^PKwIc>m^;^LAnIV^zI#hM#Bm z;JO^2r8rVY@%CpJVUvxgZ^MS1>?={p6$hcGr{)u9`^8IIE+?`a5+T9Ya2yR};pW30 zeu$L_6hjsWeghGB;vRvp>kwkAQ-LRxKLQY+NyNtt89p%1gkW7}Fx!4=%n7_bm)OYw zDJULD36`1Gdye12BOFOTi3%o}wLsDGH^EsL);kxdB_k_Z)@;SJVH%Go$X;PM`_O>mM^Jc zGe!4oTS*2&77rw{KKXn1BCaMH;M^#H};pmeWS$&aY6v4veBUhI~b@djA>v{3CJ)GPMYGEp4Kea?rN%9ZnGa{ z&_hjBf2_!ozlYOVL_tYJU_xPQcArqgK=Dv(W6nD|mj{wIqSo6e)zZHeLmTq|@ z$V=IYkm%yWas0k=hwI?4Pc-^5SUF(A(Wq1lv$8C2YPOoktg4DmsTv|bWp7)pNebP6 zwo{W;ah7#aB6v(NyIJH+$+w{&$o&V;Ywy}PnXJI@B(cN!gFD&OXVESbHs?;~7}lmC z;y}6Kh`K&(GRbmPEL($%(I&a=+e7_J9yg&e`{fMXQKlOD5_tS1dTy?ZP3pCs?2hGR z>Yk!bY>>fv(u5`h;M0mN|t!}M5?KNO!QpR>-)pn-6uP+iCeMIIaFI*?~MdA>$5+G|< z`{(2_%WN0Ia6^&z6{Z;`;ZQLqum3sv_)3$~TC;1@-3SBh%H!kho*1-;iN%^%gFl@v zB}5OOtPe`c#{AT{MeTIJRuq;uUEk_$RkEU@XSV@UHjFT_P~MkZ;*_mmrd%hPJWC6; zi%5dj7Z(E^C$K!wk{!miGXZo(k+_xd>yJlZ7?~2^264Y`aTb$2_8p*C(HLN+E84pX z4Y1ni)AjAmggxGC8(hY#Uj!>KYy`1I2&M;sRqDcMb6T8FkF-Hb+WwB&$b6W{ht~>j zRJP)Gtu+ralmC7%cG%0(oC+AAWO+($C2Z$YG>c2+j^odzWNGFg*2+RLqQ9$)R`Y-p zVjXfmYI?fdnbufzD(6_#f(WCu`@J~?2ijqw8fg6E+$(i@C+=w>5SLUCmW7We6S-@l z%cAEK!wAI9A7}n=R{{Txa%STErx-X+uK#=O>V#Hr+&TxsI|lxmEIm+M1&H3T^O2p! zT}L1BWY9KJK~?N(IFkq`L}`rp54 z#uxxIoUTj^Kzx#rRKlH?uP3zy-{hA`g~`CoJ`8gTyb!+h7-k)|z$R22dfzqI zMxi>VJOF(KiO?aNiFS$w?>x76K0I7b1N~1bC3ZDZwe7*aRFrlsy02Pzs7kDXQlSIn z>ZpYY=HZYk&gwz}YNPKN=@z^LRt9%p0jGT-E>eT2CZ(DcsA@+BIM5Phh_Fh`fnGf; z2jOh#azl0OL`xE(Cfpf&S99NG~p@qHlj%+WaCf@>)u2W z+{39&sN`ItK6Kbby%^6aQ4C_tJgCu>+cn@c_|+`K==-<#*U4NHJ*3c$q8aD-y~+~m&m+zZo2_7oxV(OS(`Tm+$m;&4Q~ zpn*g0(#ao&5A^S zVvX=rWv3c$DOgDENLQ})4B5-v*74x^hgC|hxXPs+GWBr`YC7b4U$JNybK-nUOgqt( z)}rFPcchL|EV-YL=LzLl=hyalaLHN7uEahz4FI?pU7Of9kk6YR2>)b zITsml{r<5-Cy8((iI501!D$xx&X=duTA3tQ2(PXIJG>LFlLn+jD5+S=skRf>TqSY1 z$bLq!692b8>ThtmZ2!2v{vWZG{Rd;lsGr2zk4yxEG8_R0yGo=1)QT#vY70@f|364w zk0n~!5H-TK#9*#HeWb0djA7zd=CJLKXksx+JRzr9V|s5RI}iqYnc(!R~3q(x7CNv7RMKbNUz9#ogMQM)z-GYq&oEj;~cZt zf%MJMW(o!piK>#AU@{Htq990X5P?ciG@=EVN9#3cS4zBEKFE+7huByvoR2^^K%_cL zXra?h!@464(xLN6WVP~;jI)Li|5i$*l$?nAI-ls3!SjFNMOhixK zLsiK=(o>3Q4ka-e6Hx?D#=V~@cb)Mc~LPRc?8k>a2N-Z&}RH6<< zv;+4m*|GR*8kyAqFaWJo5|9$cgF?csI+L_aljE9ee>; zP8Q)V@i)|Uvo*XpR*2tq>FfJv)aY9YGzWTWe17cxDSJPwYt?FOM!wP*e{*-Od+ywz z%Z&DLZC=*n7pTJAG6aTtHjv**fuWx2_xR0+Pls2m2Eo*3iNyNF ziNx}fot&R_iE{nmHzsH&McznkZZF)z!jIobjJO<~?#4zM3xo-t1dT(vnazO13g#%)7D)W3zz<$9gj?jQC8>y-PM{f0_(ZU^ad zDH&ATfZ@dN+xpX)R!US*LHE67r0f273r3MKt(40I$BG>j)KA9frkl;=s*HStmX@gj~2Tn)^j~w14hFxGt3@4BVh*T z=@3awK6?0H@B6-()@H(A8fIwSrVC=|b_eL3cH;4)cO@~6buhX1U23N4ixmW!;a%1% z8e&fUHc2T=f?2trPU#AH+UGvQ=mwN)rdY}w+GFHKNVrZHv?bkLGE*U|FY7cd@fSwF zJSn`dE><)+l)3J1V#5jfV(Ok|H+g#GGCw(L^s8UbOwzb#+fJ_teEay!t^@Vm(1F_Z ziRiF%v>cbjgA(8l_(10tSnrmwNr`^haPj}tzZV`I=3+aJ$GX^<%g?%ayonU$bJr{e zC(8c;vZEO?LOV>!-#4_=aQ*1b_|+{$_tNi<*ic|c7m1wohf{eC0>ks?<#i3PK+=ZN zqU>VLs@xjFu6A^Sgx{rpPXaKINw2{SY|AQG6HyQ39Plp7H55eg%9Ms+s6t}~}z zK6WBWY%Xa-s`~=1%K(wuahY+EnYrrdQJ7+q>OwOpQ%?KglZm%vmhpvN`#?^SgNs## zd1^v!HPVEfkvTM)GrBLyH7CS9mh}hC5;c3HL7`RIbVAw>3MeWGosGiu9fcJc3j$95 z!d)rQ)-(Ke zh14l>uS?~SWV4%;RgsFswp|RZ@Zn%`jT0ij<;5N^Razwp_aJbP<)z*Hw~*!7H|9@b=kU0?o6|- z42^MZ6%M>P3Xptl%AoNCqxdyu7qxyLes}h#ws$Uf?~|9!4W3y`b*vrxf({CfB@BB- zPPc>baMz~_j~xPj5J(r4H4cuSodYG&IqTNLIZYdLT?ZxLt`RkGQMrUV#eywk$XUq^ z$edSCS#$3z4xgv5e!iX1^MxJW4exh*&l!`2f5IO3JT=pnB6L6Ljx7Fous)ajzi=&@ z#`jon^r@VtgWz)m4h z5Lg|#@VINyEDwo~M`(E7%!?!_opU8vA9(SOrn&-f)B9EckW3?L#n5td`cENk|6mflV}RgdvS9ItgkLz zPE!k0p{eZL`7J`&LR?E9TVf{gO16HpIZj01XLF*X#*n9`&ACdg)Y+bFH&@Q}wM6OQ zP^2vG5-bgKQMf9?6D^Gix2_HQv!S(BeSK;Y@hQi_L2h+@J&T0D?wBfyyj~h=RoeM*b@4`a5f~l~#hkM4L|N~Lz?NmfaTD9ThXB(epho7|;hS#xoZ83om_Etjn`ZyLxfj0qoYC3IyP5sL_t8c`INe>-49vQGa9viH zj6bxzdB3^@xOWA1WS4bNy}Unu_;fulO*(iqWNn;VaJH}fug%ZgciJ8hMd+gDzkRCz z3)RKK%JI*hYF75Yc-~k!|G$VS&lBWjAed1kYHo9Sid4P}0-%N(w@o^PNU>1|5-CD9 zH&4r1TgHFBVRWR)c%qSrk>!V(I6{$wgR+NKB8P&-L1CP`gtn{`Q=Fy9D-<1JANNvF zN&pwV<>T0s2O*a(;-0O+1#9}FZgE5`xhE|}$}06C54(1dXOk<@2xyFORKCjJJ7(|) z;Wv~kl`_gPM24SmPvR`XkK-JG-^=iiAIIXtB#h-rm?f%SNQ!G$@4jEtZde%!uN-rC zc$)pco-IA{5DZ^*ArC|x-yLua2gDrR*=V+}E>wFoR_I>@Hva{g8y6z^JEmzirvD%@ z6x{7yb(x6RnEs`3tS=yd_P64(0wmJ3!gwlsJB--rFLygwT=6WhPX%A30xn;E+qGpf3q zxOqF7Giu4p{YSovPteQB*wohCjmX5@(%ONa@~XX?lE~VOpHh=uo=M(G)ZEHi%E!fA z)ki_i)W_D8+l*3B0FF=47$~k~PVZ&xL~rpgNn=+cb5~P-5>XX72@*j8L^wV#9xr<* zd*Hc=yzK29TzS0sDgR}|1Kj>=HzOs{zlQuj?VWFL8@Un2-y86E5KtUsqm{M%PYSVt zG){^u&etFbdU=sIvb0Xr$d)S>1xo3`Izn!z0UX0$HzPg_g|2pn}TCJ`} z!{P1i?a{3}S~MSrrj#BXa}cks&$ z-)MHbJnWx58@Bp9(XTVklcs-HW$f3zZKck4k4oQ-Uf_$YKQ5Xt$Ne|;ydE#>-gGg! zxvXLI)^O{kq1WQ_dVGaWFaPlJ<=~HRo}1pmiYb?c%1H)Mtz7>|$2K_fAK) zszMcvHNhK~`@{eE3O_AYi{+=q^{*_md;8uco?UkhqfhmCI-gzDCu?_nTmN?R zEb#MURWCPtgx1ZAb-&@RS-$sPB1U(w5pQf(*TbvP3w+V|YSFwy7(RO7>(f_f^tj5ri^_2ZDmJQwduN^y589}k3xFdwS(2p z&QIq3{vm)ho}GQ&aF>@Y#M*wN(|f1?@$?=L_}alLjZ+*{X>vaB^)wI8t7$dx-dE0# z&+WOb5XhU+f3BM)g5}3k_9-8BIuech-d;4FJlNv;rkSrvJDm&>^KGmz;YbF?m`+CU zlFKnLIljK0&n9aK41qVS6>qL)tNDH4JfE++z-hTWnvbtO9{2AC)B0k3Ghg*jKK?XY z)xDp7-+Nm(e}fBtExOi|4Ic&I)nwz(Y|-cQ^SW6rK-b<`{c%29>@@Jx8Sr}gcouAC z{HN;wOX_Y-3o*-^^S{)Sd&4|M%dhG9FksjIuiJ25w(J}}oX7ZA@4xV)LcYn!YA!X` zH(B7DI;(f7xxUE)-_%*X>;KDKxW0FneiST@`?t8#@2VrMD-WA02D1G&B|mt)m|17a zI?eAR%|9HjbA05m+$*m${7tWSZT@%g)y(dGszr0qU4wUCLeTC0=6TR%T3Z*-!(n%y zewb(bI{l%$Pk%T(96rBUeQG7j)bOw^nzR|&gOK&z4#GDV+JndY?1%M*ww-MIGW*12 zo4f4cW8LPisW0~Ts-E>eneALEwsSFwWE97CF5b~P%8ocHG1A%)GAyICzq7F&AE@3+e}T$D+O$;8$UQ2R zPtty+3S@&)MKAZQ;6tK3AG5PmrTylwEuD)omh>~0;Rxxb9c8h3jrbM!p z-Jy$R78mQtcZ>D3Z^cH(G7|Z7v4vP%AcEHG4DkgK!@4+694`*wkhXU_?BX(=Z}?3h zwmqKH(AqqHVN%NQmi-T*AY-BUK)gqeMCWDkX@?As)zTi+QkP&d$qmlS*eU^s0F8|l z=Or*tOROkX;c1EN5*^1(gwj%O425(7+i5Ssc3MY5@XPsrIjOJni5{$~$z~!L?kmF4=m?&VuBEbk4}wq|P}M9ve9pa>}$v_yz*vUkf%V zqu9j#yyt$AW1%GWp@OL1mSL*ORARoiO)>{4@d$khGMjIY&N?n4J=K}f#OLhsdkPjhcrTvKTHYp>TNOB|HQw&lh z$sx3bOg@h7ApK(I^~S>Sn@l8sNw~mCoxx{X2aZtM%anL8Q;|7?sWRMG%E(sU7tqf$ zoA6wZ?3|O#F)_Btdzq<_c#_;=CEL-D&Q-L*0j19E;Z1EYDz#;KufTjL42XV+4w)C5 zHdy5z!O6*{a8&X?IE*}hF(2;{j75F`1?Bl`Fqn7`6dUOW2LFk*w1F|+O5ZgmSX!IG zCjg~gOrkTz;5d?g(5gc7SrldDeAZGdAZzEf*&y?0ESLA!SgH%a1XK$`o1r*@sn`a% zhLZhI8=-Z$OlO`!o-KV689%SXJK~=~ZG`p`ZZCO-Bb1n9aBPvzNXKc90uDmCAHnSy z8(5c+*oQ)9`-Q?j6hU$+7qt=cNtA*l{|v6Hv^KDq=S#$U6L!=e-?9x* zl(xbNWo1mGqCk0~MQXwQGM&>{E%61IB*t2c!noAWdh#`E>CS1;#%n{WCw$VIhY>Vmoj`7`oe@@HKA$Pc2Y{N6_V zkc`ax5m8N({kU$?9^JejT(>|!s#~DV%X%@|;tsiq&Q*&#HTgj*lndC50;OCBuAGv) z77tly-;iRG522_}dztyXw3*LKi_$QSMPZa=?8uc-illp9Tb`snDv9z=i$_mVF0QbY zQ#;fsq^*#0$$EC1hRJ7HXmgY!xgBiBjh%cKH#O23QBJv;!{vq7!L=4(jbari55+3l zs8-;Rc*^~7a3RSElziz-M)pVdP*n8EuiBKAWuVe8{1kK{-*q@>q~AMyAu{b7>fWR? z&JW25;GS|HhY}RYfOC+3?SiGw7%XE8U%x}=K4`^bQ^mHzLqn2L5Y$30${=(v^H`g- z0iHb3dVTP;A1HB?ojq!iQZAxW)&xy3f%0NhJh%-d0J$F_^4%(+Rv`TaJ4y8%oXC`y zU^ zC=a@5&|F!0pgd3>C=WUdC=Zke%7ZQ%G(S)tC=Zke%7e}V$^+$r@}P?b%@33Z$^+$r z@}RST@<4f@Jm{i9^8@99@<4f@Jm@T-JWw7e54vd3{6Kl2JWw7e4>}7d50nSWgDx60 zKTsYh50nSWgU$lV1LcA8po<3050nSW1LcA8ptFGTKzX1%=%PXM1LcA8KzX1%=q#W- zP#!1`x@ge+KzX1%P#!1`ItwTdln2U#E*dmHP#!1`ln2U#&H~B<<$>~`iw4aPln2TK z<$>~`vw-qId7wP#qCxWm<$>}*d7wP#ETBA49w-mGXwdvXd7wN{9w-kw3n&ki2g-vk z8Z2F(wY2g(EGf%2fUfbu|jpgicJLGuIUf$~6kpgia- zpgd3>C=a@5(ELDopgd3>C=WUdC=dQOc(7{5vw7X@?>&1qd^`Jl-Lu~3lau|uzxTrrFaPvvfA1e3Aihul diff --git a/org.glite.deployment.lb/project/.cvsignore b/org.glite.deployment.lb/project/.cvsignore deleted file mode 100644 index caf4eaa..0000000 --- a/org.glite.deployment.lb/project/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -glite-lb.sdf.xml diff --git a/org.glite.deployment.lb/project/build.number b/org.glite.deployment.lb/project/build.number deleted file mode 100644 index 58569c4..0000000 --- a/org.glite.deployment.lb/project/build.number +++ /dev/null @@ -1,2 +0,0 @@ -#Wed Apr 13 09:36:57 CEST 2005 -module.build=232 diff --git a/org.glite.deployment.lb/project/build.properties b/org.glite.deployment.lb/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.deployment.lb/project/glite-lb.sdf.xml.template b/org.glite.deployment.lb/project/glite-lb.sdf.xml.template deleted file mode 100644 index 93bb43a..0000000 --- a/org.glite.deployment.lb/project/glite-lb.sdf.xml.template +++ /dev/null @@ -1,131 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.deployment.lb/project/lxscript-rpm.xsl b/org.glite.deployment.lb/project/lxscript-rpm.xsl deleted file mode 100644 index e20f297..0000000 --- a/org.glite.deployment.lb/project/lxscript-rpm.xsl +++ /dev/null @@ -1,334 +0,0 @@ - - - - - - - - - - - - - -#!/bin/sh - -# Copyright (c) Members of the EGEE Collaboration. 2004 -# See http://eu-egee.org/partners/ for details on the copyright holders -# For license conditions see the license file or http://eu-egee.org/license.html - -# glite-lb_installer v. -# -# The glite-lb_installer installs the gLite Logging and Bookkeeping Server -# -# Usage: glite-lb_installer [-u|-v|--help] -# -u uninstall -# -v print version -# --help print script usage info -# Return codes: 0 - Ok -# 1 - if a file could not be downloaded - -############################################################################### - -#Parse the RPMLIST to strip out the RPMS that are already installed -function parseRPMList() -{ - newRPMLIST="" - localRPMLIST=`rpm -qa` - for i in $RPMLIST - do - g=`echo $i | sed -e 's/\.i386\.rpm//g'` - g=`echo $g | sed -e 's/\.noarch\.rpm//g'` - if [ -z "`echo $localRPMLIST | grep $g`" ]; then - newRPMLIST="${newRPMLIST} $i" - else - echo "$i is already installed. It will be skipped." - fi - done - - RPMLIST=$newRPMLIST -} - -#Parse the SCRIPTLIST to execute all scripts -function parseScriptList() -{ - for i in $SCRIPTLIST - do - if [ "$INSTALL" = "true" ]; then - $i - else - $i -u - fi - done -} - -#Downloads and install the module RPMS -function install() -{ - - INSTALL=true - version - echo - echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - echo x Please wait, downloading the gLite Logging and Bookkeeping Server... x - echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - echo - - mkdir -p glite-lb - cd glite-lb - - # Download global dependencies - - - true - - - - - - # Download scripts from repository - - - true - - - - - # Download dependencies RPMS from repository - - - true - - - - # Download RPMS from repository - - - true - - - - - - # Download and install subservices - parseScriptList - - - # Install all RPMS - echo - echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - echo x Please wait, installing the gLite Logging and Bookkeeping Server... x - echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - echo - parseRPMList - if [ ! -z "$RPMLIST" ]; then - rpm -Uvh $RPMLIST - rpm_return=$? - else - echo All required RPMS are already installed - rpm_return=0 - fi - if [ "$rpm_return" == "0" ]; then - echo - echo Done! - echo - echo Before using the gLite LB, please create or update the configuration - echo file /opt/glite/etc/config/glite-lb.cfg.xml - echo and run the configuration script - echo /opt/glite/etc/config/scripts/glite-lb-config.py. - echo A template is provided in - echo /opt/glite/etc/config/templates/glite-lb.cfg.xml - else - echo - echo An error occurred while installing the LB RPMS. - echo Most likely one or more of the RPMS to be installed require - echo additional dependencies or are older than already installed packages. - echo Please refer to the rpm error message above for more details. - fi - echo - echo For more information refer to the gLite Installation and User Guides - echo or to the gLite web site \(http:\/\/www.glite.org\) - echo Please report problems and comments to the gLite Team at - echo project-eu-egee-glite-bugs@cern.ch - - cd .. -} - -############################################################################### -function uninstall() -{ - version - - # Global dependencies - - - false - - - - - - # dependencies RPMS from repository - - - false - - - - # RPMS from repository - - - false - - - - - - # Uninstall all RPMS - echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - echo x Please wait, uninstalling the gLite Logging and Bookkeeping Server... x - echo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - echo - rpm -ev $RPMLIST - if [ "$?" == "0" ]; then - echo - echo Done! - else - echo - echo An error occurred while removing the LB RPMS. - echo Most likely one or more of the RPMS to be removed have - echo dependent packages. - echo Please refer to the rpm error message above for more details. - fi -} - -############################################################################### -function usage() -{ - echo - echo Copyright \(c\) Members of the EGEE Collaboration. 2004 - echo See http://eu-egee.org/partners/ for details on the copyright holders - echo For license conditions see the license file or http://eu-egee.org/license.html - echo - echo glite-lb_installer v. - echo - echo The glite-lb_installer installs the gLite Logging and Bookkeeping Server - echo - echo Usage: glite-lb_installer \[-u\|-v\|--help\] - echo -u uninstall - echo -v print version - echo --help print script usage info - echo - echo Return codes: - echo 0 - Ok - echo 1 - if a file could not be downloaded - echo -} - -############################################################################### -function version -{ - echo - echo Copyright \(c\) Members of the EGEE Collaboration. 2004 - echo See http://eu-egee.org/partners/ for details on the copyright holders - echo For license conditions see the license file or http://eu-egee.org/license.html - echo - echo glite-lb_installer v. - echo -} - - -RPMLIST= - -############################################################################### -# Main - -while getopts uvh opt -do - case $opt in - 'u') uninstall - exit 0 - ;; - 'v') version - exit 0 - ;; - 'h') usage - exit 0 - ;; - esac -done - -install - -exit 0 - - - - - _installer.sh - - -wget -N --non-verbose -if [ ! -f "" ] -then - echo - echo ERROR: could not be downloaded! - exit 1 -fi -chmod u+x -SCRIPTLIST="$SCRIPTLIST ./" - - -SCRIPTLISTUn="$SCRIPTLISTUn ./ -u " - - - - - - - - --..rpm - -- - - -wget -N --non-verbose -if [ ! -f "" ] -then - echo - echo ERROR: could not be downloaded! - exit 1 -fi -RPMLIST="$RPMLIST " - - -RPMLIST="$RPMLIST " - - - - - - - --..rpm - -- - - -wget -N --non-verbose /RPMS/ -if [ ! -f "" ] -then - echo - echo ERROR: could not be downloaded! - exit 1 -fi -RPMLIST="$RPMLIST " - - -RPMLIST="$RPMLIST " - - - - - diff --git a/org.glite.deployment.lb/project/lxscript-tgz.xsl b/org.glite.deployment.lb/project/lxscript-tgz.xsl deleted file mode 100644 index 5b55e40..0000000 --- a/org.glite.deployment.lb/project/lxscript-tgz.xsl +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - -#!/bin/sh -# -# glite-lb_tgz_installer -# usage: glite-lb_tgz_installer [-u] -# -u uninstall -# -# glite-lb_tgz_installer installs the gLite Deployment Unit from biniary tarballs -# - -PREFIX=/opt/glite - -############################################################################### -# Download global dependencies - - - -############################################################################### - - -############################################################################### -# Download dependencies RPMS from repository - - - -############################################################################### -# Download RPMS from repository - - - -############################################################################### - - - - - - --..rpm -wget - - - - -_bin.tar.gz -wget i386/tgz/ -tar -xzf $PREFIX - - - diff --git a/org.glite.deployment.lb/project/properties.xml b/org.glite.deployment.lb/project/properties.xml deleted file mode 100644 index c7ef835..0000000 --- a/org.glite.deployment.lb/project/properties.xml +++ /dev/null @@ -1,63 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.deployment.lb/project/quattor-template.xsl b/org.glite.deployment.lb/project/quattor-template.xsl deleted file mode 100644 index e0bd623..0000000 --- a/org.glite.deployment.lb/project/quattor-template.xsl +++ /dev/null @@ -1,53 +0,0 @@ - - - - - - - - - - -template pro_software_glite_lb; - -# -# Copyright (c) Members of the EGEE Collaboration. 2004 -# See http://eu-egee.org/partners/ for details on the copyright holders -# For license conditions see the license file or http://eu-egee.org/license.html -# -# glite-lb Quattor template v. -# - -# Global dependencies - - - - - - -# dependencies - - - - -# RPMS - - - - - - - - -"/software/packages"=pkg_repl("","-",""); - - - -"/software/packages"=pkg_repl("","-",""); - - - diff --git a/org.glite.deployment.lb/project/version.properties b/org.glite.deployment.lb/project/version.properties deleted file mode 100644 index 66a3e69..0000000 --- a/org.glite.deployment.lb/project/version.properties +++ /dev/null @@ -1,4 +0,0 @@ - -module.version = 1.3.0 -module.age = 1 - \ No newline at end of file diff --git a/org.glite.jp.client/.cvsignore b/org.glite.jp.client/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.jp.client/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.jp.client/Makefile b/org.glite.jp.client/Makefile deleted file mode 100644 index 345a7c1..0000000 --- a/org.glite.jp.client/Makefile +++ /dev/null @@ -1,135 +0,0 @@ -# defaults -top_srcdir=. -builddir=build -top_builddir=${top_srcdir}/${builddir} -stagedir=. -distdir=. -globalprefix=glite -jpprefix=jp -package=glite-jp-client -version=0.0.0 -PREFIX=/opt/glite - -glite_location=/opt/glite -globus_prefix=/opt/globus -nothrflavour=gcc32 -thrflavour=gcc32pthr -expat_prefix=/opt/expat -ares_prefix=/opt/ares -gsoap_prefix=/software/gsoap-2.6 - -CC=gcc - --include Makefile.inc - - -VPATH=${top_srcdir}/src:${top_srcdir}/examples:${top_srcdir}/project:${stagedir}/interface - -GLOBUS_LIBS:=-L${globus_prefix}/lib \ - -lglobus_common_${nothrflavour} \ - -lglobus_gssapi_gsi_${nothrflavour} - -GLOBUS_CFLAGS:=-I${globus_prefix}/include/${nothrflavour} - -DEBUG:=-g -O0 -DDEBUG - -CFLAGS:=${DEBUG} -I. -I${top_srcdir}/interface -I${top_srcdir}/src -I${gsoap_prefix}/include -I${stagedir}/include ${GLOBUS_CFLAGS} -LDFLAGS:=-L${stagedir}/lib - -LINK:=libtool --mode=link ${CC} ${LDFLAGS} -LTCOMPILE:=libtool --mode=compile ${CC} ${CFLAGS} -LINKXX:=libtool --mode=link ${CXX} ${LDFLAGS} -INSTALL:=libtool --mode=install install - -daemon:=glite-jp-importer - -wsprefix:=jpps_ - -SRCS:= jpimporter.c \ - ${wsprefix}ClientLib.c ${wsprefix}C.c -# env_C.c - -EXA_SRCS:= - -OBJS:=${SRCS:.c=.o} -EXA_OBJS:=${EXA_SRCS:.c=.o} - -COMMONLIB:=-lglite_jp_common -GSOAPLIB:=-lglite_security_gsoap_plugin_${nothrflavour} -lglite_security_gss_${nothrflavour} \ - -L${gsoap_prefix}/lib -lgsoap${GSOAP_DEBUG} -L${ares_prefix}/lib -lares -LBMAILDIRLIB:=-lglite_lb_maildir - -default all: compile - -compile: ${daemon} - -${daemon}: ${OBJS} - ${LINK} -o $@ ${OBJS} ${LBMAILDIRLIB} ${COMMONLIB} ${GSOAPLIB} ${GLOBUS_LIBS} - - -JobProvenancePS.xh: %.xh: %.wsdl JobProvenanceTypes.wsdl typemap.dat - cp ${stagedir}/interface/JobProvenanceTypes.wsdl . - ${gsoap_prefix}/bin/wsdl2h -t ${top_srcdir}/src/typemap.dat -c -o $@ $< - rm -f JobProvenanceTypes.wsdl - -${wsprefix}Client.c ${wsprefix}ClientLib.c \ -${wsprefix}C.c ${wsprefix}H.h: JobProvenancePS.xh - ${gsoap_prefix}/bin/soapcpp2 -n -w -c -p ${wsprefix} JobProvenancePS.xh - -env_C.c env_Server.c: - touch env.xh - cp ${jpproject}/JobProvenanceTypes.wsdl . - ${gsoap_prefix}/bin/wsdl2h -t ${top_srcdir}/src/typemap.dat -c -o env.xh JobProvenanceTypes.wsdl - rm -f JobProvenanceTypes.wsdl - ${gsoap_prefix}/bin/soapcpp2 -w -c -p env_ env.xh - -${OBJS}: ${wsprefix}H.h soap_version.h - -soap_version.h: - ${gsoap_prefix}/bin/soapcpp2 /dev/null - perl -ne '$$. == 2 && /.*([0-9])\.([0-9])\.([0-9]).*/ && printf "#define GSOAP_VERSION %d%02d%02d\n",$$1,$$2,$$3' soapH.h >$@ - -rm soapC.cpp soapH.h soapStub.h soapClient.cpp soapServer.cpp soapClientLib.cpp soapServerLib.cpp - - - - -check: - -echo nothing yet - -doc: - -stage: compile - ${MAKE} PREFIX=${stagedir} DOSTAGE=yes install - -dist: distsrc distbin - -distsrc: - mkdir -p ${top_srcdir}/${package}-${version} - cd ${top_srcdir} && GLOBIGNORE="${package}-${version}" && cp -Rf * ${package}-${version} - cd ${top_srcdir} && tar -czf ${distdir}/${package}-${version}_src.tar.gz --exclude-from=project/tar_exclude ${package}-${version} - rm -rf ${top_srcdir}/${package}-${version} - -distbin: - $(MAKE) install PREFIX=`pwd`/tmpbuilddir${stagedir} - save_dir=`pwd`; cd tmpbuilddir${stagedir} && tar -czf $$save_dir/${top_srcdir}/${distdir}/${package}-${version}_bin.tar.gz *; cd $$save_dir - rm -rf tmpbuilddir - -install: - -mkdir -p ${PREFIX}/bin ${PREFIX}/etc ${PREFIX}/examples ${PREFIX}/etc/init.d - ${INSTALL} -m 755 ${daemon} ${PREFIX}/bin - -clean: - -# we have no real config.h but have to force gSoap not to use -# linux ftime with broken (aka obsolete) DST information -stdsoap2.o: ${gsoap_prefix}/devel/stdsoap2.c - test -f config.h || touch config.h - @echo 'The following warning "time_t (de)serialization is not MT safe on this platform" is harmless' - ${CC} -o $@ -c -DWITH_NONAMESPACES -DHAVE_CONFIG_H ${CFLAGS} ${gsoap_prefix}/devel/stdsoap2.c - - -%.lo: %.c - ${LTCOMPILE} -o $@ -c $< - -%.o: %.c - ${LTCOMPILE} -o $@ -c $< diff --git a/org.glite.jp.client/build.xml b/org.glite.jp.client/build.xml deleted file mode 100755 index 8a40155..0000000 --- a/org.glite.jp.client/build.xml +++ /dev/null @@ -1,86 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.client/project/build.number b/org.glite.jp.client/project/build.number deleted file mode 100644 index d794048..0000000 --- a/org.glite.jp.client/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=0 diff --git a/org.glite.jp.client/project/build.properties b/org.glite.jp.client/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.jp.client/project/configure.properties.xml b/org.glite.jp.client/project/configure.properties.xml deleted file mode 100644 index 3744be5..0000000 --- a/org.glite.jp.client/project/configure.properties.xml +++ /dev/null @@ -1,43 +0,0 @@ - - - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -lbprefix=${subsystem.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} -globus_prefix=${with.globus.prefix} -expat_prefix=${with.expat.prefix} -ares_prefix=${with.ares.prefix} -gsoap_prefix=${with.gsoap.prefix} -mysql_prefix=${with.mysql.prefix} -mysql_version=${ext.mysql.version} -thrflavour=${with.globus.thr.flavor} -nothrflavour=${with.globus.nothr.flavor} -cppunit=${with.cppunit.prefix} -jpproject=${subsystem.project.dir} -project=${component.project.dir} - - - diff --git a/org.glite.jp.client/project/properties.xml b/org.glite.jp.client/project/properties.xml deleted file mode 100755 index e2a32d0..0000000 --- a/org.glite.jp.client/project/properties.xml +++ /dev/null @@ -1,44 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.client/project/tar_exclude b/org.glite.jp.client/project/tar_exclude deleted file mode 100644 index e1fcd1a..0000000 --- a/org.glite.jp.client/project/tar_exclude +++ /dev/null @@ -1,10 +0,0 @@ -tar_exclude -CVS -build.xml -build -build.properties -properties.xml -configure.properties.xml -.cvsignore -.project -.cdtproject diff --git a/org.glite.jp.client/project/version.properties b/org.glite.jp.client/project/version.properties deleted file mode 100644 index cd1e9e7..0000000 --- a/org.glite.jp.client/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.jp.client/src/authz.c b/org.glite.jp.client/src/authz.c deleted file mode 100644 index 3e6d6e4..0000000 --- a/org.glite.jp.client/src/authz.c +++ /dev/null @@ -1,76 +0,0 @@ -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "jpps_H.h" - -int glite_jpps_authz(glite_jp_context_t ctx,int op,const char *job,const char *owner) -{ - glite_jp_error_t err; - char buf[200]; - int i; - - memset(&err,0,sizeof err); - glite_jp_clear_error(ctx); - err.source = __FUNCTION__; - err.code = EPERM; - - switch (op) { - case SOAP_TYPE___jpsrv__RegisterJob: - case SOAP_TYPE___jpsrv__StartUpload: - case SOAP_TYPE___jpsrv__CommitUpload: - for (i=0; ctx->trusted_peers && ctx->trusted_peers[i]; i++) - if (!strcmp(ctx->trusted_peers[i],ctx->peer)) return 0; - err.desc = "you are not a trusted peer"; - return glite_jp_stack_error(ctx,&err); - - case SOAP_TYPE___jpsrv__GetJob: - assert(owner); - return strcmp(owner,ctx->peer) ? glite_jp_stack_error(ctx,&err) : 0; - break; - - default: - snprintf(buf,sizeof buf,"%d: unknown operation",op); - err.desc = buf; - err.code = EINVAL; - return glite_jp_stack_error(ctx,&err); - } -} - -int glite_jpps_readauth(glite_jp_context_t ctx,const char *file) -{ - FILE *f = fopen(file,"r"); - glite_jp_error_t err; - int cnt = 0; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - if (!f) { - err.code = errno; - err.desc = file; - return glite_jp_stack_error(ctx,&err); - } - - ctx->trusted_peers = NULL; - while (!feof(f)) { - char buf[BUFSIZ]; - - if (fscanf(f,"%[^\n]\n",buf) != 1) { - err.code = EINVAL; - err.desc = file; - fclose(f); - return glite_jp_stack_error(ctx,&err); - } - - ctx->trusted_peers = realloc(ctx->trusted_peers, (cnt+1) * sizeof *ctx->trusted_peers); - ctx->trusted_peers[cnt++] = strdup(buf); - ctx->trusted_peers[cnt] = NULL; - } - fclose(f); - return 0; -} diff --git a/org.glite.jp.client/src/authz.h b/org.glite.jp.client/src/authz.h deleted file mode 100644 index 9451aef..0000000 --- a/org.glite.jp.client/src/authz.h +++ /dev/null @@ -1,18 +0,0 @@ -/** - * Check authorisation of JPPS operation on job. - * - * \param[in] ctx JP context including peer name & other credentials (VOMS etc.) - * \param[in] op operation, one of SOAP_TYPE___jpsrv__* - * \param[in] job jobid of the job to decide upon - * \param[in] owner current known owner of the job (may be NULL), shortcut to avoid - * unnecessary database query. - * - * \retval 0 OK, operation permitted - * \retval EPERM denied - * \retval other error - */ - -int glite_jpps_authz(glite_jp_context_t ctx,int op,const char *job,const char *owner); - -int glite_jpps_readauth(glite_jp_context_t ctx,const char *file); - diff --git a/org.glite.jp.client/src/backend.h b/org.glite.jp.client/src/backend.h deleted file mode 100644 index cf901fb..0000000 --- a/org.glite.jp.client/src/backend.h +++ /dev/null @@ -1,116 +0,0 @@ -#ifndef __GLITE_JP_BACKEND -#define __GLITE_JP_BACKEND - -#include -#include - -int glite_jppsbe_init( - glite_jp_context_t ctx, - int argc, - char *argv[] -); - -int glite_jppsbe_init_slave( - glite_jp_context_t ctx -); - -int glite_jppsbe_register_job( - glite_jp_context_t ctx, - const char *job, - const char *owner -); - -int glite_jppsbe_start_upload( - glite_jp_context_t ctx, - const char *job, - const char *class, /* must be filesystem-friendly */ - const char *name, /* optional name within the class */ - const char *content_type, - char **destination_out, - time_t *commit_before_inout -); - -int glite_jppsbe_commit_upload( - glite_jp_context_t ctx, - const char *destination -); - -int glite_jppsbe_get_names( - glite_jp_context_t ctx, - const char *job, - const char *class, - char ***names_out -); - -int glite_jppsbe_destination_info( - glite_jp_context_t ctx, - const char *destination, - char **job_out, - char **class_out, - char **name_out -); - -int glite_jppsbe_get_job_url( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* optional within class */ - char **url_out -); - -int glite_jppsbe_open_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* optional within class */ - int mode, - void **handle_out -); - -int glite_jppsbe_close_file( - glite_jp_context_t ctx, - void *handle -); - -int glite_jppsbe_pread( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset, - ssize_t *nbytes_ret -); - -int glite_jppsbe_pwrite( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset -); - -int glite_jppsbe_append( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes -); - -int glite_jppsbe_get_job_metadata( - glite_jp_context_t ctx, - const char *job, - glite_jp_attrval_t attrs_inout[] -); - -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -); - -#endif diff --git a/org.glite.jp.client/src/bones_server.c b/org.glite.jp.client/src/bones_server.c deleted file mode 100644 index 8a47169..0000000 --- a/org.glite.jp.client/src/bones_server.c +++ /dev/null @@ -1,327 +0,0 @@ -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "glite/lb/srvbones.h" -#include "glite/security/glite_gss.h" - -#include -#include "glite/security/glite_gsplugin.h" - -#include "backend.h" -#include "file_plugin.h" - -#include "soap_version.h" -#include "jpps_H.h" - -#define CONN_QUEUE 20 - -extern SOAP_NMAC struct Namespace jpis__namespaces[],jpps__namespaces[]; - -static int newconn(int,struct timeval *,void *); -static int request(int,struct timeval *,void *); -static int reject(int); -static int disconn(int,struct timeval *,void *); -static int data_init(void **data); - -static struct glite_srvbones_service stab = { - "JP Primary Storage", -1, newconn, request, reject, disconn -}; - -static time_t cert_mtime; -static char *server_cert, *server_key, *cadir; -static gss_cred_id_t mycred = GSS_C_NO_CREDENTIAL; -static char *mysubj; - -static char *port = "8901"; -static int debug = 1; - -static glite_jp_context_t ctx; - -static int call_opts(glite_jp_context_t,char *,char *,int (*)(glite_jp_context_t,int,char **)); - -char *glite_jp_default_namespace; - -int main(int argc, char *argv[]) -{ - int one = 1,opt,i; - edg_wll_GssStatus gss_code; - struct sockaddr_in a; - char *b_argv[20] = { "backend" },*p_argv[20] = { "plugins" },*com; - int b_argc,p_argc; - - glite_jp_init_context(&ctx); - - b_argc = p_argc = 1; - - while ((opt = getopt(argc,argv,"B:P:a:")) != EOF) switch (opt) { - case 'B': - assert(b_argc < 20); - if (com = strchr(optarg,',')) *com = 0; - - /* XXX: memleak -- who cares for once */ - asprintf(&b_argv[b_argc++],"-%s",optarg); - if (com) b_argv[b_argc++] = com+1; - - break; - case 'P': - assert(p_argc < 20); - p_argv[p_argc++] = optarg; - - break; - case 'a': - if (glite_jpps_readauth(ctx,optarg)) { - fprintf(stderr,"%s: %s\n",argv[0],glite_jp_error_chain(ctx)); - exit (1); - } - break; - case '?': fprintf(stderr,"usage: %s: -Bb,val ... -Pplugin.so ...\n" - "b is backend option\n",argv[0]); - exit (1); - } - - if (b_argc == 1) { - fputs("-B required\n",stderr); - exit (1); - } - - optind = 0; /* XXX: getopt used internally */ - if (glite_jppsbe_init(ctx,b_argc,b_argv)) { - fputs(glite_jp_error_chain(ctx), stderr); - exit(1); - } - - optind = 0; /* XXX: getopt used internally */ - if (b_argc > 1 && glite_jpps_fplug_load(ctx,p_argc,p_argv)) { - fputs(glite_jp_error_chain(ctx), stderr); - exit(1); - } - - srand48(time(NULL)); /* feed id generation */ - -#if GSOAP_VERSION <= 20602 - for (i=0; jpps__namespaces[i].id && strcmp(jpps__namespaces[i].id,"ns1"); i++); -#else - for (i=0; jpps__namespaces[i].id && strcmp(jpps__namespaces[i].id,"jpsrv"); i++); -#endif - assert(jpps__namespaces[i].id); - glite_jp_default_namespace = jpps__namespaces[i].ns; - - stab.conn = socket(PF_INET, SOCK_STREAM, 0); - if (stab.conn < 0) { - perror("socket"); - return 1; - } - - setsockopt(stab.conn,SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)); - - a.sin_family = AF_INET; - a.sin_addr.s_addr = INADDR_ANY; - a.sin_port = htons(atoi(port)); - if (bind(stab.conn,(struct sockaddr *) &a, sizeof(a)) ) { - char buf[200]; - - snprintf(buf,sizeof(buf),"bind(%d)",atoi(port)); - perror(buf); - return 1; - } - - if (listen(stab.conn,CONN_QUEUE)) { - perror("listen()"); - return 1; - } - - if (!server_cert || !server_key) - fprintf(stderr, "%s: WARNING: key or certificate file not specified, " - "can't watch them for changes\n", - argv[0]); - - if ( cadir ) setenv("X509_CERT_DIR", cadir, 1); - edg_wll_gss_watch_creds(server_cert, &cert_mtime); - - if ( !edg_wll_gss_acquire_cred_gsi(server_cert, server_key, &mycred, &mysubj, &gss_code)) - fprintf(stderr,"Server idenity: %s\n",mysubj); - else fputs("WARNING: Running unauthenticated\n",stderr); - - /* XXX: daemonise */ - - glite_srvbones_set_param(GLITE_SBPARAM_SLAVES_COUNT,1); - glite_srvbones_run(data_init,&stab,1 /* XXX: entries in stab */,debug); - - return 0; -} - -static int data_init(void **data) -{ - *data = (void *) soap_new(); - - printf("[%d] slave started\n",getpid()); - glite_jppsbe_init_slave(ctx); /* XXX: global but slave's */ - - return 0; -} - -static int newconn(int conn,struct timeval *to,void *data) -{ - struct soap *soap = (struct soap *) data; - glite_gsplugin_Context plugin_ctx; - - gss_cred_id_t newcred = GSS_C_NO_CREDENTIAL; - edg_wll_GssStatus gss_code; - gss_name_t client_name = GSS_C_NO_NAME; - gss_buffer_desc token = GSS_C_EMPTY_BUFFER; - OM_uint32 maj_stat,min_stat; - - - int ret = 0; - - soap_init2(soap,SOAP_IO_KEEPALIVE,SOAP_IO_KEEPALIVE); - soap_set_namespaces(soap,jpps__namespaces); - soap->user = (void *) ctx; /* XXX: one instance per slave */ - -/* not yet: client to JP index - ctx->other_soap = soap_new(); - soap_init(ctx->other_soap); - soap_set_namespaces(ctx->other_soap,jpis__namespaces); -*/ - - - glite_gsplugin_init_context(&plugin_ctx); - plugin_ctx->connection = calloc(1,sizeof *plugin_ctx->connection); - soap_register_plugin_arg(soap,glite_gsplugin,plugin_ctx); - - switch (edg_wll_gss_watch_creds(server_cert,&cert_mtime)) { - case 0: break; - case 1: if (!edg_wll_gss_acquire_cred_gsi(server_cert,server_key, - &newcred,NULL,&gss_code)) - { - - printf("[%d] reloading credentials\n",getpid()); /* XXX: log */ - gss_release_cred(&min_stat,&mycred); - mycred = newcred; - } - break; - case -1: - printf("[%d] edg_wll_gss_watch_creds failed\n", getpid()); /* XXX: log */ - break; - } - - /* TODO: DNS paranoia etc. */ - - if (edg_wll_gss_accept(mycred,conn,to,plugin_ctx->connection,&gss_code)) { - printf("[%d] GSS connection accept failed, closing.\n", getpid()); - ret = 1; - goto cleanup; - } - - maj_stat = gss_inquire_context(&min_stat,plugin_ctx->connection->context, - &client_name, NULL, NULL, NULL, NULL, NULL, NULL); - - if (!GSS_ERROR(maj_stat)) - maj_stat = gss_display_name(&min_stat,client_name,&token,NULL); - - if (ctx->peer) free(ctx->peer); - if (!GSS_ERROR(maj_stat)) { - printf("[%d] client DN: %s\n",getpid(),(char *) token.value); /* XXX: log */ - - ctx->peer = strdup(token.value); - memset(&token, 0, sizeof(token)); - } - else { - printf("[%d] annonymous client\n",getpid()); - ctx->peer = NULL; - } - - if (client_name != GSS_C_NO_NAME) gss_release_name(&min_stat, &client_name); - if (token.value) gss_release_buffer(&min_stat, &token); - - return 0; - -cleanup: - glite_gsplugin_free_context(plugin_ctx); - soap_end(soap); - - return ret; -} - -static int request(int conn,struct timeval *to,void *data) -{ - struct soap *soap = data; - glite_jp_context_t ctx = soap->user; - - glite_gsplugin_set_timeout(glite_gsplugin_get_context(soap),to); - -/* FIXME: does not work, ask nykolas */ - soap->max_keep_alive = 1; /* XXX: prevent gsoap to close connection */ - soap_begin(soap); - if (soap_begin_recv(soap)) { - if (soap->error < SOAP_STOP) { - soap_send_fault(soap); - return EIO; - } - return ENOTCONN; - } - - if (soap_envelope_begin_in(soap) - || soap_recv_header(soap) - || soap_body_begin_in(soap) - || jpps__serve_request(soap) -#if GSOAP_VERSION >= 20700 - || (soap->fserveloop && soap->fserveloop(soap)) -#endif - ) - { - soap_send_fault(soap); - return ctx->error->code; /* XXX: shall we die on some errors? */ - } - - glite_jp_run_deferred(ctx); - return 0; -} - -static int reject(int conn) -{ - int flags = fcntl(conn, F_GETFL, 0); - - fcntl(conn,F_SETFL,flags | O_NONBLOCK); - edg_wll_gss_reject(conn); - - return 0; -} - -static int disconn(int conn,struct timeval *to,void *data) -{ - struct soap *soap = (struct soap *) data; - soap_end(soap); // clean up everything and close socket - - return 0; -} - -#define WSPACE "\t\n " - -static int call_opts(glite_jp_context_t ctx,char *opt,char *name,int (*f)(glite_jp_context_t,int,char **)) -{ - int ac = 1,ret,my_optind; - char **av = malloc(sizeof *av),*ap; - - *av = name; - for (ap = strtok(opt,WSPACE); ap; ap = strtok(NULL,WSPACE)) { - av = realloc(av,(ac+1) * sizeof *av); - av[ac++] = ap; - } - - my_optind = optind; - optind = 0; - ret = f(ctx,ac,av); - optind = my_optind; - free(av); - return ret; -} - - -/* XXX: we don't use it */ -SOAP_NMAC struct Namespace namespaces[] = { {NULL,NULL} }; diff --git a/org.glite.jp.client/src/builtin_plugins.h b/org.glite.jp.client/src/builtin_plugins.h deleted file mode 100644 index 3b2c201..0000000 --- a/org.glite.jp.client/src/builtin_plugins.h +++ /dev/null @@ -1,7 +0,0 @@ - -#define GLITE_JP_FILETYPE_TAGS "urn:org.glite.jp.primary:tags" -#define GLITE_JP_FILETYPE_LB "urn:org.glite.jp.primary:lb" -#define GLITE_JP_FILETYPE_ISB "urn:org.glite.jp.primary:isb" -#define GLITE_JP_FILETYPE_OSB "urn:org.glite.jp.primary:osb" - -#define GLITE_JP_FPLUG_TAGS_APPEND 0 diff --git a/org.glite.jp.client/src/db.h b/org.glite.jp.client/src/db.h deleted file mode 100644 index 0b9f730..0000000 --- a/org.glite.jp.client/src/db.h +++ /dev/null @@ -1,83 +0,0 @@ -#ifndef _DB_H -#define _DB_H - -#ident "$Header$" - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef struct _glite_jp_db_stmt_t *glite_jp_db_stmt_t; - -int glite_jp_db_connect( - glite_jp_context_t, /* INOUT: */ - char * /* IN: connect string user/password@host:database */ -); - -void glite_jp_db_close(glite_jp_context_t); - - -/* Parse and execute SQL statement. Returns number of rows selected, created - * or affected by update, or -1 on error */ - -int glite_jp_db_execstmt( - glite_jp_context_t, /* INOUT: */ - char *, /* IN: SQL statement */ - glite_jp_db_stmt_t * /* OUT: statement handle. Usable for - select only */ -); - - -/* Fetch next row of select statement. - * All columns are returned as fresh allocated strings - * - * return values: - * >0 - number of fields of the retrieved row - * 0 - no more rows - * -1 - error - * - * Errors are stored in context passed to previous glite_jp_db_execstmt() */ - -int glite_jp_db_fetchrow( - glite_jp_db_stmt_t, /* IN: statement */ - char ** /* OUT: array of fetched values. - * As number of columns is fixed and known, - * expects allocated array of pointers here */ -); - -/* Retrieve column names of a query statement */ - -int glite_jp_db_querycolumns( - glite_jp_db_stmt_t, /* IN: statement */ - char ** /* OUT: result set column names. Expects allocated array. */ -); - -/* Free the statement structure */ - -void glite_jp_db_freestmt( - glite_jp_db_stmt_t * /* INOUT: statement */ -); - - -/* convert time_t into database-specific time string - * returns pointer to static area that is changed by subsequent calls */ - -char *glite_jp_db_timetodb(time_t); -time_t glite_jp_db_dbtotime(char *); - - -/** - * Check database version. - */ -int glite_jp_db_dbcheckversion(glite_jp_context_t); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/org.glite.jp.client/src/feed.c b/org.glite.jp.client/src/feed.c deleted file mode 100644 index 5d39565..0000000 --- a/org.glite.jp.client/src/feed.c +++ /dev/null @@ -1,327 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/strmd5.h" -#include "feed.h" -#include "file_plugin.h" -#include "builtin_plugins.h" - - -/* - * seconds before feed expires: should be - * XXX: should be configurable, default for real deployment sort of 1 hour - */ -#define FEED_TTL 120 - -static int check_qry_item( - glite_jp_context_t ctx, - const glite_jp_query_rec_t *qry, - const glite_jp_attrval_t *attr -) -{ - int cmp,cmp2; - long scmp,ucmp; - - switch (qry->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - cmp = strcmp(attr->value.s,qry->value.s); - break; - case GLITE_JP_ATTR_TIME: - scmp = (ucmp = attr->value.time.tv_usec - qry->value.time.tv_usec) > 0 ? 0 : -1; - ucmp -= 1000000 * scmp; - scmp += attr->value.time.tv_sec - qry->value.time.tv_sec; - cmp = scmp ? scmp : ucmp; - break; - } - switch (qry->op) { - case GLITE_JP_QUERYOP_EQUAL: return !cmp; - case GLITE_JP_QUERYOP_UNEQUAL: return cmp; - case GLITE_JP_QUERYOP_LESS: return cmp < 0; - case GLITE_JP_QUERYOP_GREATER: return cmp > 0; - - case GLITE_JP_QUERYOP_WITHIN: - switch (qry->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - cmp2 = strcmp(attr->value.s,qry->value2.s); - break; - case GLITE_JP_ATTR_TIME: - scmp = (ucmp = attr->value.time.tv_usec - qry->value2.time.tv_usec) > 0 ? 0 : -1; - ucmp -= 1000000 * scmp; - scmp += attr->value.time.tv_sec - qry->value2.time.tv_sec; - cmp2 = scmp ? scmp : ucmp; - break; - } - return cmp >= 0 && cmp2 <= 0; - } -} - -/* XXX: limit on query size -- I'm lazy to malloc() */ -#define QUERY_MAX 100 - -static int match_feed( - glite_jp_context_t ctx, - const struct jpfeed *feed, - const char *job, - const glite_jp_attrval_t attrs[] /* XXX: not checked for correctness */ -) -{ - int i; - int attri[GLITE_JP_ATTR__LAST]; - int qi[QUERY_MAX]; - - glite_jp_attrval_t *newattr = NULL; - - glite_jp_clear_error(ctx); - - for (i=0; iqry) { - int j,complete = 1; - - memset(qi,0,sizeof qi); - for (i=0; feed->qry[i].attr.type; i++) { - assert(iqry[i].attr.type]) >=0) { - if (check_qry_item(ctx,feed->qry+i,attrs+j)) - qi[i] = 1; /* matched */ - else return 0; /* can't be satisfied */ - } - else complete = 0; - } - - /* not all attributes in query are known from input - * we have to retrieve job metadata from the backend - */ - if (!complete) { - glite_jp_attrval_t meta[GLITE_JP_ATTR__LAST+1]; - int qai[GLITE_JP_ATTR__LAST]; - - memset(meta,0,sizeof meta); - j=0; - for (i=0; feed->qry[i].attr.type; i++) if (!qi[i]) { - meta[j].attr.type = feed->qry[i].attr.type; - meta[j].attr.name = feed->qry[i].attr.name; - qai[feed->qry[i].attr.type] = i; - j++; - } - - if (glite_jppsbe_get_job_metadata(ctx,job,meta)) { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EIO; - err.source = __FUNCTION__; - err.desc = "complete query"; - return glite_jp_stack_error(ctx,&err); - } - - for (i=0; j=meta[i].attr.type; i++) - if (!check_qry_item(ctx,feed->qry+qai[j],meta+i)) - return 0; - } - } - - /* matched completely */ - return glite_jpps_single_feed(ctx,feed->destination,job,attrs); - return 0; -} - -int glite_jpps_match_attr( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t attrs[] -) -{ - struct jpfeed *f = (struct jpfeed *) ctx->feeds; - int i,j; - int attri[GLITE_JP_ATTR__LAST]; - - glite_jp_clear_error(ctx); - - for (i=0; i= GLITE_JP_ATTR__LAST || - attrs[i].attr.type <= 0) - { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EINVAL; - err.source = __FUNCTION__; - err.desc = "unknown attribute"; - return glite_jp_stack_error(ctx,&err); - } - if (attri[attrs[i].attr.type] >= 0) { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EINVAL; - err.source = __FUNCTION__; - err.desc = "double attribute change"; - return glite_jp_stack_error(ctx,&err); - } - - attri[attrs[i].attr.type] = i; - } - - for (;f; f = f->next) { - for (i=0; f->attrs[i].type && attri[f->attrs[i].type] == -1; i++); - /* XXX: ignore any errors */ - if (f->attrs[i].type) match_feed(ctx,f,job,attrs); - } - - return glite_jp_clear_error(ctx); -} - -int glite_jpps_match_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name -) -{ - glite_jpps_fplug_data_t **pd = NULL; - int pi; - void *bh = NULL; - int ret; - - fprintf(stderr,"%s: %s %s %s\n",__FUNCTION__,job,class,name); - - switch (glite_jpps_fplug_lookup(ctx,class,&pd)) { - case ENOENT: return 0; /* XXX: shall we complain? */ - case 0: break; - default: return -1; - } - - for (pi=0; pd[pi]; pi++) { - int ci; - for (ci=0; pd[pi]->uris[ci]; ci++) if (!strcmp(pd[pi]->uris[ci],class)) { - void *ph; - - if (!bh && (ret = glite_jppsbe_open_file(ctx,job,pd[pi]->classes[ci],name,O_RDONLY,&bh))) { - free(pd); - return ret; - } - - if (pd[pi]->ops.open(pd[pi]->fpctx,bh,class,&ph)) { - /* XXX: complain more visibly */ - fputs("plugin open failed\n",stderr); - continue; - } - - /* XXX: does not belong here but I'd like to avoid opening the file twice */ - if (!strcmp(class,GLITE_JP_FILETYPE_LB)) { - glite_jp_attr_t owner = { GLITE_JP_ATTR_OWNER, NULL }; - glite_jp_attrval_t *val; - - switch (pd[pi]->ops.attr(pd[pi]->fpctx,ph,owner,&val)) { - case ENOENT: - case ENOSYS: abort(); - case 0: printf("LB plugin: owner = %s\n",val[0].value.s); - /* TODO: store it in backend */ - - glite_jp_attrval_free(val,1); - break; - - default: /* TODO: complain */; break; - } - } - - /* TODO: extract attributes for the feeds */ - - - pd[pi]->ops.close(pd[pi]->fpctx,ph); - } - } - - if (bh) glite_jppsbe_close_file(ctx,bh); - free(pd); - - return 0; -} - -int glite_jpps_match_tag( - glite_jp_context_t ctx, - const char *job, - const glite_jp_tagval_t *tag -) -{ - fprintf(stderr,"%s: \n",__FUNCTION__); - return 0; -} - -static char *generate_feedid(void) -{ - char hname[200],buf[1000]; - - gethostname(hname,sizeof hname); - snprintf(buf,sizeof buf,"%s%d%ld",hname,getpid(),lrand48()); - buf[sizeof buf-1] = 0; - return str2md5base64(buf); -} - - -int glite_jpps_run_feed( - glite_jp_context_t ctx, - const char *destination, - const glite_jp_attr_t *attrs, - const glite_jp_query_rec_t *qry, - char **feed_id) -{ - fprintf(stderr,"%s: \n",__FUNCTION__); - return 0; -} - -static int register_feed_deferred(glite_jp_context_t ctx,void *feed) -{ - struct jpfeed *f = feed; - - f->next = ctx->feeds; - ctx->feeds = f; - return 0; -} - -/* FIXME: - * - volatile implementation: should store the registrations in a file - * and recover after restart - * - should communicate the data among all server slaves - */ -int glite_jpps_register_feed( - glite_jp_context_t ctx, - const char *destination, - const glite_jp_attr_t *attrs, - const glite_jp_query_rec_t *qry, - char **feed_id, - time_t *expires) -{ - int i; - struct jpfeed *f = calloc(1,sizeof *f); - - if (!*feed_id) *feed_id = generate_feedid(); - time(expires); *expires += FEED_TTL; - - f->id = strdup(*feed_id); - f->destination = strdup(destination); - f->expires = *expires; - for (i=0; attrs[i].type; i++) { - f->attrs = realloc(f->attrs,(i+2) * sizeof *f->attrs); - glite_jp_attr_copy(f->attrs+i,attrs+i); - memset(f->attrs+i+1,0,sizeof *f->attrs); - } - for (i=0; qry[i].attr.type; i++) { - f->qry = realloc(f->qry,(i+2) * sizeof *f->qry); - glite_jp_queryrec_copy(f->qry+i,qry+i); - memset(f->qry+i+1,0,sizeof *f->qry); - } - - glite_jp_add_deferred(ctx,register_feed_deferred,f); - - return 0; -} - diff --git a/org.glite.jp.client/src/feed.h b/org.glite.jp.client/src/feed.h deleted file mode 100644 index c3c2461..0000000 --- a/org.glite.jp.client/src/feed.h +++ /dev/null @@ -1,21 +0,0 @@ -#ifndef __GLITE_JP_FEED -#define __GLITE_JP_FEED - - -struct jpfeed { - char *id,*destination; - time_t expires; - glite_jp_attr_t *attrs; - glite_jp_query_rec_t *qry; - struct jpfeed *next; -}; - - -int glite_jpps_match_attr(glite_jp_context_t,const char *,const glite_jp_attrval_t[]); -int glite_jpps_match_file(glite_jp_context_t,const char *,const char *,const char *); -int glite_jpps_match_tag(glite_jp_context_t,const char *,const glite_jp_tagval_t *); -int glite_jpps_run_feed(glite_jp_context_t,const char *,const glite_jp_attr_t *,const glite_jp_query_rec_t *,char **); -int glite_jpps_register_feed(glite_jp_context_t,const char *,const glite_jp_attr_t *,const glite_jp_query_rec_t *,char **,time_t *); - -#endif - diff --git a/org.glite.jp.client/src/file_plugin.c b/org.glite.jp.client/src/file_plugin.c deleted file mode 100644 index 144a231..0000000 --- a/org.glite.jp.client/src/file_plugin.c +++ /dev/null @@ -1,115 +0,0 @@ -#include -#include -#include -#include -#include - -#include -#include "file_plugin.h" - -static struct option opts[] = { - { "plugin", 1, NULL, 'p' }, - { NULL } -}; - -static int loadit(glite_jp_context_t ctx,const char *so) -{ -/* XXX: not stored but we never dlclose() yet */ - void *dl_handle = dlopen(so,RTLD_NOW); - - glite_jp_error_t err; - const char *e; - glite_jpps_fplug_data_t *data,*dp; - int i; - - glite_jpps_fplug_init_t init; - memset(&err,0,sizeof err); - - if (!dl_handle) { - err.source = "dlopen()"; - err.code = EINVAL; - err.desc = dlerror(); - return glite_jp_stack_error(ctx,&err); - } - - dlerror(); - init = dlsym(dl_handle,"init"); - e = dlerror(); - if (e) { - char buf[300]; - snprintf(buf,sizeof buf,"dlsym(\"%s\",\"init\")",so); - buf[299] = 0; - err.source = buf; - err.code = ENOENT; - err.desc = e; - return glite_jp_stack_error(ctx,&err); - } - - data = calloc(1,sizeof *data); - - if (init(ctx,data)) return -1; - - i = 0; - if (ctx->plugins) for (i=0; ctx->plugins[i]; i++); - ctx->plugins = realloc(ctx->plugins, (i+2) * sizeof *ctx->plugins); - ctx->plugins[i] = data; - ctx->plugins[i+1] = NULL; - - /* TODO: check consistency of uri+class pairs wrt. previous plugins */ - - return 0; -} - -int glite_jpps_fplug_load(glite_jp_context_t ctx,int argc,char **argv) -{ - int i; - - for (i=1; iplugins) { - return glite_jp_stack_error(ctx,&err); - } - - for (i = 0; ctx->plugins[i]; i++) { - int j; - glite_jpps_fplug_data_t *p = ctx->plugins[i]; - - for (j=0; p->uris && p->uris[j]; j++) - if (!strcmp(p->uris[j],uri)) { - out = realloc(out, (matches+2) * sizeof *out); - out[matches++] = p; - out[matches] = NULL; - } - } - - if (matches) { - *plugin_data = out; - return 0; - } - else return glite_jp_stack_error(ctx,&err); -} - diff --git a/org.glite.jp.client/src/ftp_backend.c b/org.glite.jp.client/src/ftp_backend.c deleted file mode 100644 index 8bf523b..0000000 --- a/org.glite.jp.client/src/ftp_backend.c +++ /dev/null @@ -1,1744 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" -#include "glite/jp/strmd5.h" - -#include "tags.h" -#include "backend.h" - -#define UPLOAD_SUFFIX ".upload" -#define LOCK_SUFFIX ".lock" - -struct ftpbe_config { - char *internal_path; - char *external_path; - char *gridmap; - char *logname; -}; - -static struct ftpbe_config *config = NULL; - -struct fhandle_rec { - int fd; - int fd_append; -}; -typedef struct fhandle_rec *fhandle; - -static struct option ftpbe_opts[] = { - { "ftp-internal-path", 1, NULL, 'I' }, - { "ftp-external-path", 1, NULL, 'E' }, - { "ftp-gridmap", 1, NULL, 'G' }, - { NULL, 0, NULL, 0 } -}; - -/* obsolete */ -#if 0 -static struct { - glite_jp_fileclass_t type; - char * fname; - } class_to_fname_tab[] = { - { GLITE_JP_FILECLASS_INPUT, "input" }, - { GLITE_JP_FILECLASS_OUTPUT, "output" }, - { GLITE_JP_FILECLASS_LBLOG, "lblog" }, - { GLITE_JP_FILECLASS_TAGS, "tags" }, - { GLITE_JP_FILECLASS_UNDEF, NULL } - }; - -static char *class_to_fname(glite_jp_fileclass_t type) -{ - int i; - - for (i = 0; class_to_fname_tab[i].type != GLITE_JP_FILECLASS_UNDEF; i++) - if (type == class_to_fname_tab[i].type) - return class_to_fname_tab[i].fname; - - return NULL; -} - -static glite_jp_fileclass_t fname_to_class(char* fname) -{ - int i; - - for (i = 0; class_to_fname_tab[i].type != GLITE_JP_FILECLASS_UNDEF; i++) - if (!strcmp(fname, class_to_fname_tab[i].fname)) - return class_to_fname_tab[i].type; - - return GLITE_JP_FILECLASS_UNDEF; -} -#endif - -static int config_check( - glite_jp_context_t ctx, - struct ftpbe_config *config) -{ - return config == NULL || - config->internal_path == NULL || - config->external_path == NULL || - config->gridmap == NULL || - config->logname == NULL; - - /* XXX check reality */ -} - -static int jobid_unique_pathname(glite_jp_context_t ctx, const char *job, - char **unique, char **ju_path, int get_path) -{ - char *p; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - p = strrchr(job, '/'); - if (!p) { - err.code = EINVAL; - err.desc = "Malformed jobid"; - return glite_jp_stack_error(ctx,&err); - } - /* XXX thorough checks */ - if (!(*unique = strdup(p+1))) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - if (get_path) { - if (!(*ju_path = strdup(p+1))) { - free(*unique); - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - *(*ju_path + 10) = '\0'; - } - return 0; -} - -static int mkdirpath(const char* path, int prefixlen) -{ - char *wpath, *p; - int goout, ret; - - wpath = strdup(path); - if (!wpath) { - errno = ENOMEM; - return -1; - } - - p = wpath + prefixlen; - goout = 0; - while (!goout) { - while (*p == '/') p++; - while (*p != '/' && *p != '\0') p++; - goout = (*p == '\0'); - *p = '\0'; - ret = mkdir(wpath, S_IRUSR | S_IWUSR | S_IXUSR); - if (ret < 0 && errno != EEXIST) break; - *p = '/'; - } - free(wpath); - return goout ? 0 : ret; -} - -static long regtime_trunc(long tv_sec) -{ - return tv_sec / (86400*7); -} - -static long regtime_ceil(long tv_sec) -{ - return (tv_sec % (86400*7)) ? tv_sec/(86400*7)+1 : tv_sec/(86400*7) ; -} - -/********************************************************************************/ -int glite_jppsbe_init( - glite_jp_context_t ctx, - int argc, - char *argv[] -) -{ - glite_jp_error_t err; - int opt; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - config = (struct ftpbe_config *) calloc(1, sizeof *config); - if (!config) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - config->logname = getlogin(); - - while ((opt = getopt_long(argc, argv, "I:E:G:", ftpbe_opts, NULL)) != EOF) { - switch (opt) { - case 'I': config->internal_path = optarg; break; - case 'E': config->external_path = optarg; break; - case 'G': config->gridmap = optarg; break; - default: break; - } - } - - if (config_check(ctx, config)) { - err.code = EINVAL; - err.desc = "Invalid FTP backend configuration"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_init_slave( - glite_jp_context_t ctx -) -{ - /* Nothing to do */ -} - -int glite_jppsbe_register_job( - glite_jp_context_t ctx, - const char *job, - const char *owner -) -{ - glite_jp_error_t err; - char *int_dir = NULL; - char *int_fname = NULL; - char *data_dir = NULL; - char *data_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *ownerhash = NULL; - FILE *regfile = NULL; - struct timeval reg_tv; - long reg_tv_trunc; - struct stat statbuf; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job != NULL); - assert(owner != NULL); - - gettimeofday(®_tv, NULL); - reg_tv_trunc = regtime_trunc(reg_tv.tv_sec); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_dir, "%s/regs/%s", - config->internal_path, ju_path) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - if (mkdirpath(int_dir, strlen(config->internal_path)) < 0 && - errno != EEXIST) { - free(int_dir); - err.code = errno; - err.desc = "Cannot mkdir jobs's reg directory"; - return glite_jp_stack_error(ctx,&err); - } - free(int_dir); - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - if (stat(int_fname, &statbuf) < 0) { - if (errno != ENOENT) { - err.code = errno; - err.desc = "Cannot stat jobs's reg info file"; - goto error_out; - } - } else { - err.code = EEXIST; - err.desc = "Job already registered"; - goto error_out; - } - - regfile = fopen(int_fname, "w"); - if (regfile == NULL) { - err.code = errno; - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - - ownerhash = str2md5(owner); /* static buffer */ - - if (fprintf(regfile, "%d %ld.%06ld %s %s %d %s\n", 1, - (long)reg_tv.tv_sec, (long)reg_tv.tv_usec, job, - ownerhash, strlen(owner), owner) < 1 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot write jobs's reg info file"; - goto error_out; - } - if (fclose(regfile) != 0 ) { - err.code = errno; - err.desc = "Cannot close(write) jobs's reg info file"; - goto error_out; - } - - if (asprintf(&data_dir, "%s/data/%s/%d/%s", - config->internal_path, ownerhash, regtime_trunc(reg_tv.tv_sec), ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (asprintf(&data_fname, "%s/_info", data_dir) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (mkdirpath(data_dir, strlen(config->internal_path)) < 0 && - errno != EEXIST) { - err.code = errno; - err.desc = "Cannot mkdir jobs's data directory"; - goto error_out; - } - - if (link(int_fname, data_fname) < 0) { - err.code = errno; - err.desc = "Cannot link job's reg and data info files"; - goto error_out; - } - -error_out: - free(int_fname); - free(data_fname); - if (err.code && data_dir) rmdir(data_dir); - free(data_dir); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int add_to_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - gridmap = fopen(config->gridmap, "a"); - if (!gridmap) { - err.code = errno; - err.desc = "Cannot open gridmap file"; - return glite_jp_stack_error(ctx,&err); - } - if (fprintf(gridmap, "\"%s\" %s\n", dn, config->logname) < 6 || - ferror(gridmap)) { - err.code = EIO; - err.desc = "Cannot write to gridmap file"; - fclose(gridmap); - return glite_jp_stack_error(ctx,&err); - } - fclose(gridmap); - return 0; -} - -static int remove_from_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - char *temp_name = NULL; - FILE *temp_file = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - /* XXX */ - return 0; -} - -int glite_jppsbe_start_upload( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - const char *content_type, - char **destination_out, - time_t *commit_before_inout -) -{ - char *int_fname = NULL; - char *lock_fname = NULL; - FILE *lockfile = NULL; - FILE *regfile = NULL; - char *data_dir = NULL; - char *data_lock = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *peername = NULL; - int info_version; - long reg_time; - char ownerhash[33]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(destination_out!=NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - peername = glite_jp_peer_name(ctx); - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%*ld %*s %s ", &info_version, - ®_time, ownerhash) < 3 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - fclose(regfile); - - /* XXX authorization */ - - if (asprintf(&data_dir, "%s/data/%s/%d/%s", - config->internal_path, ownerhash, regtime_trunc(reg_time), ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(&lock_fname, "%s/%s" LOCK_SUFFIX, - data_dir, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (commit_before_inout != NULL) - *commit_before_inout = (time_t) LONG_MAX; /* XXX no timeout enforced */ - - lockfile = fopen(lock_fname, "w"); - if (lockfile == NULL) { - err.code = errno; - err.desc = "Cannot open uploads's lock file"; - goto error_out; - } - - if (fprintf(lockfile, "%ld %d %s\n", (long)*commit_before_inout, - peername ? peername : 0, - peername ? peername : "") < 1 || ferror(regfile)) { - fclose(lockfile); - err.code = errno; - err.desc = "Cannot write upload's lock file"; - goto error_out; - } - if (fclose(lockfile) != 0 ) { - err.code = errno; - err.desc = "Cannot close(write) upload's lock file"; - goto error_out; - } - - if (asprintf(destination_out, "%s/data/%s/%d/%s/%s" UPLOAD_SUFFIX, - config->external_path, ownerhash, regtime_trunc(reg_time), ju, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (add_to_gridmap(ctx, peername)) { - err.code = EIO; - err.desc = "Cannot add peer DN to ftp server authorization file"; - goto error_out; - } - -error_out: - free(int_fname); - free(data_dir); - if (err.code && data_lock) unlink(data_lock); - free(data_lock); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_commit_upload( - glite_jp_context_t ctx, - const char *destination -) -{ - size_t dest_len; - size_t suff_len; - size_t extp_len; - long commit_before; - int lockpeerlen; - char *lockpeername = NULL; - char *peername = NULL; - char *dest_rw = NULL; - char *dest_rw_suff = NULL; - char *dest_rw_lock = NULL; - FILE *lockfile = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(destination != NULL); - - suff_len = strlen(UPLOAD_SUFFIX); - dest_len = strlen(destination); - extp_len = strlen(config->external_path); - - if (dest_len < suff_len || - strcmp(UPLOAD_SUFFIX, destination + (dest_len - suff_len)) || - strncmp(destination, config->external_path, extp_len)) { - err.code = EINVAL; - err.desc = "Forged destination path"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&dest_rw_suff, "%s%s", config->internal_path, - destination + extp_len) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - dest_rw = strdup(dest_rw_suff); - if (!dest_rw) { - err.code = ENOMEM; - goto error_out; - } - *(dest_rw + (strlen(dest_rw_suff) - suff_len)) = '\0'; - - if (asprintf(&dest_rw_lock, "%s" LOCK_SUFFIX, dest_rw) == -1) { - err.code = ENOMEM; - goto error_out; - } - - lockfile = fopen(dest_rw_lock, "r"); - if (lockfile == NULL) { - err.code = errno; - err.desc = "Cannot open upload's lock file"; - goto error_out; - } - if (fscanf(lockfile, "%ld %d ", &commit_before, &lockpeerlen) < 2 || ferror(lockfile)) { - fclose(lockfile); - err.code = errno; - err.desc = "Cannot read upload's lock file"; - goto error_out; - } - if (lockpeerlen) { - lockpeername = (char*) calloc(1, lockpeerlen+1); - if (!lockpeername) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(lockpeername, lockpeerlen+1, lockfile) == NULL) { - fclose(lockfile); - err.code = errno; - err.desc = "Cannot read upload's lock file"; - goto error_out; - } - } - fclose(lockfile); - - peername = glite_jp_peer_name(ctx); - if (lockpeername && (!peername || strcmp(lockpeername, peername))) { - err.code = EPERM; - err.desc = "Upload started by client of different identity"; - goto error_out; - } - - if (rename(dest_rw_suff, dest_rw) < 0) { - err.code = errno; - err.desc = "Cannot move upload file to the final place"; - goto error_out; - } - - if (unlink(dest_rw_lock) < 0) { - err.code = errno; - err.desc = "Cannot unlink upload's lock file"; - goto error_out; - } - -error_out: - free(dest_rw); - free(dest_rw_suff); - free(dest_rw_lock); - free(peername); - free(lockpeername); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_destination_info( - glite_jp_context_t ctx, - const char *destination, - char **job, - char **class, - char **name -) -{ - size_t dest_len; - size_t suff_len; - size_t extp_len; - char *dest_rw = NULL; - char *dest_rw_suff = NULL; - char *dest_rw_info = NULL; - FILE *infofile = NULL; - char *classname = NULL; - char jobstr[256+1]; - glite_jp_error_t err; - - assert(destination != NULL); - assert(job != NULL); - assert(class != NULL); - assert(name != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - suff_len = strlen(UPLOAD_SUFFIX); - dest_len = strlen(destination); - extp_len = strlen(config->external_path); - - if (dest_len < suff_len || - strcmp(UPLOAD_SUFFIX, destination + (dest_len - suff_len)) || - strncmp(destination, config->external_path, extp_len)) { - err.code = EINVAL; - err.desc = "Forged destination path"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&dest_rw_suff, "%s%s", config->internal_path, - destination + extp_len) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - dest_rw = strdup(dest_rw_suff); - if (!dest_rw) { - err.code = ENOMEM; - goto error_out; - } - *(dest_rw + (strlen(dest_rw_suff) - suff_len)) = '\0'; - - classname = strrchr(dest_rw,'/'); - if (classname == NULL) { - err.code = EINVAL; - err.desc = "Forged destination path"; - goto error_out; - } - *classname++ ='\0'; - *class = strdup(classname); - -/* XXX: do we need similar check? - if (!class == GLITE_JP_FILECLASS_UNDEF) { - err.code = EINVAL; - err.desc = "Forged destination path"; - goto error_out; - } -*/ - - /* TODO: */ - *name = NULL; - - if (asprintf(&dest_rw_info, "%s/_info", dest_rw) == -1) { - err.code = ENOMEM; - goto error_out; - } - - infofile = fopen(dest_rw_info, "r"); - if (infofile == NULL) { - err.code = errno; - err.desc = "Cannot open _info file"; - goto error_out; - } - if (fscanf(infofile, "%*d %*ld.%*ld %256s ", jobstr) < 1 || ferror(infofile)) { - fclose(infofile); - err.code = errno; - err.desc = "Cannot read _info file"; - goto error_out; - } - *job = strdup(jobstr); - fclose(infofile); - -error_out: - free(dest_rw); - free(dest_rw_suff); - free(dest_rw_info); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - - -int glite_jppsbe_get_job_url( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - char **url_out -) -{ - FILE *regfile = NULL; - char *int_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - int info_version; - long reg_time; - char ownerhash[33]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(url_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%*ld %*s %s", &info_version, - ®_time, ownerhash) < 3 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - fclose(regfile); - - if (asprintf(url_out, "%s/data/%s/%d/%s/%s", - config->external_path, ownerhash, regtime_trunc(reg_time), ju, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - free(int_fname); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_fname( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - char **fname_out -) -{ - FILE *regfile = NULL; - char *int_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - int info_version; - long reg_time; - char ownerhash[33]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(fname_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%*ld %*s %s", &info_version, - ®_time, ownerhash) < 3 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - fclose(regfile); - - if (asprintf(fname_out, "%s/data/%s/%d/%s/%s", - config->internal_path, ownerhash, regtime_trunc(reg_time), ju, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - free(int_fname); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_open_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - int mode, - void **handle_out -) -{ - fhandle handle = NULL; - char* fname = NULL; - glite_jp_error_t err; - - assert(handle_out != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (get_job_fname(ctx, job, class, name, &fname)) { - err.code = ctx->error->code; - err.desc = "Cannot construct internal filename"; - return glite_jp_stack_error(ctx,&err); - } - - handle = (fhandle) calloc(1,sizeof(*handle)); - if (handle == NULL) { - err.code = ENOMEM; - goto error_out; - } - - handle->fd = open(fname, mode, S_IRUSR | S_IWUSR); - if (handle->fd < 0) { - err.code = errno; - err.desc = "Cannot open requested file"; - free(handle); - goto error_out; - } - handle->fd_append = open(fname, mode | O_APPEND, S_IRUSR | S_IWUSR); - if (handle->fd_append < 0) { - err.code = errno; - err.desc = "Cannot open requested file for append"; - close(handle->fd); - free(handle); - goto error_out; - } - *handle_out = (void*) handle; - -error_out: - free(fname); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_close_file( - glite_jp_context_t ctx, - void *handle -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (close(((fhandle)handle)->fd_append) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor (fd_append)"; - goto error_out; - } - if (close(((fhandle)handle)->fd) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor"; - goto error_out; - } - -error_out: - free(handle); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_pread( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset, - ssize_t *nbytes_ret -) -{ - ssize_t ret; - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if ((ret = pread(((fhandle)handle)->fd, buf, nbytes, offset)) < 0) { - err.code = errno; - err.desc = "Error in pread()"; - return glite_jp_stack_error(ctx,&err); - } - *nbytes_ret = ret; - - return 0; -} - -int glite_jppsbe_pwrite( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (pwrite(((fhandle)handle)->fd, buf, nbytes, offset) < 0) { - err.code = errno; - err.desc = "Error in pwrite()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_append( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (write(((fhandle)handle)->fd_append, buf, nbytes) < 0) { - err.code = errno; - err.desc = "Error in write()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -static int get_job_info( - glite_jp_context_t ctx, - const char *job, - char **owner, - struct timeval *tv_reg -) -{ - char *ju = NULL; - char *ju_path = NULL; - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char *int_fname = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %*s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, &ownerlen) < 4 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - free(int_fname); - free(ju); - free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_info_int( - glite_jp_context_t ctx, - const char *int_fname, - char **jobid, - char **owner, - struct timeval *tv_reg -) -{ - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char jobid_buf[256]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, jobid_buf, &ownerlen) < 5 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - *jobid = strdup(jobid_buf); - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_get_job_metadata( - glite_jp_context_t ctx, - const char *job, - glite_jp_attrval_t attrs_inout[] -) -{ - int got_info = 0; - struct timeval tv_reg; - char *owner = NULL; - int got_tags = 0; - void *tags_handle = NULL; - glite_jp_tagval_t* tags = NULL; - int i,j; - glite_jp_error_t err; - - assert(job != NULL); - assert(attrs_inout != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; attrs_inout[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TIME: -*/ - if (!got_info) { - if (get_job_info(ctx, job, &owner, &tv_reg)) { - err.code = ctx->error->code; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - got_info = 1; - } - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - if (!got_tags) { - if (glite_jppsbe_open_file(ctx, job, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - got_tags = 1; - } - break; -*/ - default: - err.code = EINVAL; - err.desc = "Invalid attribute type"; - goto error_out; - break; - } - - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - attrs_inout[i].value.s = strdup(owner); - if (!attrs_inout[i].value.s) { - err.code = ENOMEM; - err.desc = "Cannot copy owner string"; - goto error_out; - } - break; - case GLITE_JP_ATTR_TIME: - attrs_inout[i].value.time = tv_reg; - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, attrs_inout[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &attrs_inout[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) attrs_inout[i].value.tag.name = NULL; - break; -*/ - default: - break; - } - } - -error_out: - free(owner); - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); - - if (err.code) { - while (i > 0) { - i--; - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - free(attrs_inout[i].value.s); - break; - case GLITE_JP_ATTR_TAG: - free(attrs_inout[i].value.tag.name); - free(attrs_inout[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} -static int compare_timeval(struct timeval a, struct timeval b) -{ - if (a.tv_sec < b.tv_sec) return -1; - if (a.tv_sec > b.tv_sec) return 1; - if (a.tv_usec < b.tv_usec) return -1; - if (a.tv_usec > b.tv_usec) return 1; - return 0; -} - - -/* FIXME: disabled -- clarification wrt. filetype plugin needed */ - -#if 0 - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -); - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - char *time_dirname = NULL; - DIR *time_dirp = NULL; - struct dirent *jobent; - char *info_fname = NULL; - char *jobid = NULL; - char *owner = NULL; - struct timeval tv_reg; - void *tags_handle = NULL; - int matching; - int i, j; - glite_jp_tagval_t* tags = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (asprintf(&time_dirname, "%s/data/%s/%d", config->internal_path, - ownerhash, regtime_tr) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - time_dirp = opendir(time_dirname); - if (!time_dirp) { - free(time_dirname); - return 0; /* found nothing */ - } - while ((jobent = readdir(time_dirp)) != NULL) { - if (!strcmp(jobent->d_name, ".")) continue; - if (!strcmp(jobent->d_name, "..")) continue; - if (asprintf(&info_fname, "%s/%s/_info", time_dirname, - jobent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (get_job_info_int(ctx, info_fname, &jobid, &owner, &tv_reg)) { - err.code = EIO; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - if (q_tags || md_tags) { - if (glite_jppsbe_open_file(ctx, jobid, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - tags_handle = NULL; - } - - matching = 1; - for (i = 0; matching && query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (query[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - if (query[i].value.s == NULL || - strcmp(query[i].value.s, owner)) matching = 0; - break; - case GLITE_JP_ATTR_TIME: - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_LESS: - matching = compare_timeval(tv_reg, query[i].value.time) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = compare_timeval(tv_reg, query[i].value.time) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = compare_timeval(tv_reg, query[i].value.time) >= 0 - && compare_timeval(tv_reg, query[i].value2.time) <= 0; - break; - } - break; - case GLITE_JP_ATTR_TAG: - if (!tags) { - matching = 0; - break; - } - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, query[i].attr.name)) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_LESS: - matching = strcmp(tags[j].value, query[i].value.s) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = strcmp(tags[j].value, query[i].value.s) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = strcmp(tags[j].value, query[i].value.s) >= 0 \ - && strcmp(tags[j].value, query[i].value2.s) <= 0 ; - break; - default: - break; - } - } - } - break; - default: - break; - } - } - if (!matching) { - free(info_fname); info_fname = NULL; - free(jobid); jobid = NULL; - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); tags = NULL; - continue; - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - metadata[i].value.s = owner; - break; - case GLITE_JP_ATTR_TIME: - metadata[i].value.time = tv_reg; - break; - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, metadata[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &metadata[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) { - metadata[i].value.tag.name = NULL; - metadata[i].value.tag.value = NULL; - } - break; - default: - break; - } - } - (*callback)(ctx, jobid, metadata); - free(jobid); jobid = NULL; - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - } - -error_out: - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - if (tags_handle) glite_jppsbe_close_file(ctx, tags_handle); - free(info_fname); - free(owner); - free(jobid); - closedir(time_dirp); - free(time_dirname); - if (err.code) { - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else - return 0; -} - -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - /* XXX clone metadata */ - int i; - char *q_exact_owner = NULL; - char *ownerhash = NULL; - long q_min_time = 0; - long q_max_time = LONG_MAX; - long q_min_time_tr; - long q_max_time_tr; - int q_with_tags = 0; - int md_info = 0; - int md_tags = 0; - char *owner_dirname = NULL; - DIR *owner_dirp = NULL; - struct dirent *ttimeent; - char *data_dirname = NULL; - DIR *data_dirp = NULL; - struct dirent *ownerent; - long ttime = 0; - glite_jp_attrval_t *metadata_templ = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - if (query[i].attr.type == GLITE_JP_ATTR_OWNER && query[i].op == GLITE_JP_QUERYOP_EQUAL) { - q_exact_owner = query[i].value.s; - } - if (query[i].attr.type == GLITE_JP_ATTR_TIME) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - q_min_time = query[i].value.time.tv_sec; - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_LESS: - if (q_max_time > query[i].value.time.tv_sec + 1) - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_WITHIN: - if (q_max_time > query[i].value2.time.tv_sec + 1) - q_max_time = query[i].value2.time.tv_sec + 1; - /* fallthrough */ - case GLITE_JP_QUERYOP_GREATER: - if (q_min_time < query[i].value.time.tv_sec) - q_min_time = query[i].value.time.tv_sec; - break; - default: - err.code = EINVAL; - err.desc = "Invalid query op"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - if (query[i].attr.type == GLITE_JP_ATTR_TAG) - q_with_tags = 1; - - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TIME: - md_info = 1; - break; - case GLITE_JP_ATTR_TAG: - md_tags = 1; - break; - default: - err.code = EINVAL; - err.desc = "Invalid attribute type in metadata parameter"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - metadata_templ = (glite_jp_attrval_t *) calloc(i + 1, sizeof(glite_jp_attrval_t)); - if (!metadata_templ) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - memcpy(metadata_templ, metadata, (i + 1) * sizeof(glite_jp_attrval_t)); - - q_min_time_tr = regtime_trunc(q_min_time); - q_max_time_tr = regtime_ceil(q_max_time); - - if (q_exact_owner) { - ownerhash = str2md5(q_exact_owner); /* static buffer */ - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, ownerhash) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - free(metadata_templ); - return 0; /* found nothing */ - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerhash, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - } else { /* !q_exact_owner */ - if (asprintf(&data_dirname, "%s/data", config->internal_path) == -1) { - err.code = ENOMEM; - goto error_out; - } - data_dirp = opendir(data_dirname); - if (!data_dirp) { - err.code = EIO; - err.desc = "Cannot open data directory"; - goto error_out; - } - while ((ownerent = readdir(data_dirp)) != NULL) { - if (!strcmp(ownerent->d_name, ".")) continue; - if (!strcmp(ownerent->d_name, "..")) continue; - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, - ownerent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - err.code = EIO; - err.desc = "Cannot open owner data directory"; - goto error_out; - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerent->d_name, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - closedir(owner_dirp); owner_dirp = NULL; - } - closedir(data_dirp); data_dirp = NULL; - } - return 0; - -error_out: - if (owner_dirp) closedir(owner_dirp); - if (data_dirp) closedir(data_dirp); - free(data_dirname); - free(metadata_templ); - return glite_jp_stack_error(ctx,&err); -} - -#else - -/* placeholder instead */ -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - glite_jp_error_t err; - err.code = ENOSYS; - err.desc = "not implemented"; - return glite_jp_stack_error(ctx,&err); -} - -#endif - -/* XXX: -- no primary authorization yet -- no concurrency control yet -- partial success in pwrite,append -- "unique" part of jobid is assumed to be unique across bookkeeping servers -- repository versioning not fully implemented yet -*/ diff --git a/org.glite.jp.client/src/is_client.c b/org.glite.jp.client/src/is_client.c deleted file mode 100644 index 8a747ef..0000000 --- a/org.glite.jp.client/src/is_client.c +++ /dev/null @@ -1,38 +0,0 @@ -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" - -#include "feed.h" -/* FIXME -#include "jpis_H.h" -#include "jpis_.nsmap" -*/ - -int glite_jpps_single_feed( - glite_jp_context_t ctx, - const char *destination, - const char *job, - const glite_jp_attrval_t attrs[] -) -{ - /* TODO: really call JP Index server (via interlogger) */ - printf("feed to %s, job %s\n",destination,job); - -/* FIXME */ -#if 0 - if (soap_call_jpsrv__UpdateJobs(ctx->other_soap,destination,"", - /* FIXME: feedId */ "", - /* FIXME: UpdateJobsData */ NULL, - 0, - NULL - )) fprintf(stderr,"UpdateJobs: %s %s\n",ctx->other_soap->fault->faultcode, - ctx->other_soap->fault->faultstring); - -#endif - return 0; -} diff --git a/org.glite.jp.client/src/jpimporter.c b/org.glite.jp.client/src/jpimporter.c deleted file mode 100644 index b54aac8..0000000 --- a/org.glite.jp.client/src/jpimporter.c +++ /dev/null @@ -1,243 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "glite/lb/lb_maildir.h" -#include "glite/security/glite_gsplugin.h" - -#include "jpps_H.h" -#include "jpps_.nsmap" - -#include "jptype_map.h" - -#include "soap_version.h" -#if GSOAP_VERSION <= 20602 -#define soap_call___jpsrv__RegisterJob soap_call___ns1__RegisterJob -#endif - - -#ifndef dprintf -#define dprintf(x) { if (debug) printf x; } -#endif - -#ifndef GLITE_JPIMPORTER_PIDFILE -#define GLITE_JPIMPORTER_PIDFILE "/var/run/glite-jpimporter.pid" -#endif - -#ifndef GLITE_JPIMPORTER_MDIR -#define GLITE_JPIMPORTER_MDIR "/tmp/jpreg" -#endif - -static int debug = 0; -static int die = 0; - -static struct option opts[] = { - { "help", 0, NULL, 'h'}, - { "debug", 0, NULL, 'd'}, - { "jpps", 1, NULL, 'p'}, - { "mdir", 1, NULL, 'm'}, - { "pidfile", 1, NULL, 'i'}, - { NULL, 0, NULL, 0} -}; - -static const char *get_opt_string = "hdp:m:i:"; - -static void usage(char *me) -{ - fprintf(stderr,"usage: %s [option]\n" - "\t-h, --help\t displays this screen\n" - "\t-d, --debug\t don't run as daemon, additional diagnostics\n" - "\t-p, --jpps\t JP primary service server\n" - "\t-m, --mdir\t path to the 'LB maildir' subtree\n" - "\t-i, --pidfile\t file to store master pid\n", - me); -} - -static void catchsig(int sig) -{ - die = sig; -} - -int main(int argc, char *argv[]) -{ - struct sigaction sa; - struct soap *soap; - sigset_t sset; - FILE *fpid; - int opt; - char *name, - *jpps = "http://localhost:8901", - pidfile[PATH_MAX] = GLITE_JPIMPORTER_PIDFILE, - mdir[PATH_MAX] = GLITE_JPIMPORTER_MDIR; - - - name = strrchr(argv[0],'/'); - if (name) name++; else name = argv[0]; - - if ( geteuid() ) - snprintf(pidfile, sizeof pidfile, "%s/glite_jpimporter.pid", getenv("HOME")); - - while ( (opt = getopt_long(argc, argv, get_opt_string, opts, NULL)) != EOF ) - switch ( opt ) { - case 'd': debug = 1; break; - case 'h': usage(name); return 0; - case 'p': jpps = optarg; break; - case 'm': strcpy(mdir, optarg); break; - case 'i': strcpy(pidfile, optarg); break; - case '?': usage(name); return 1; - } - if ( optind < argc ) { usage(name); return 1; } - - soap = soap_new(); - soap_init(soap); - soap_set_namespaces(soap, jpps__namespaces); - soap_register_plugin(soap, glite_gsplugin); - - setlinebuf(stdout); - setlinebuf(stderr); - - fpid = fopen(pidfile,"r"); - if ( fpid ) { - int opid = -1; - - if ( fscanf(fpid,"%d",&opid) == 1 ) { - if ( !kill(opid,0) ) { - fprintf(stderr,"%s: another instance running, pid = %d\n",argv[0],opid); - return 1; - } - else if (errno != ESRCH) { perror("kill()"); return 1; } - } - fclose(fpid); - } else if (errno != ENOENT) { perror(pidfile); return 1; } - fpid = fopen(pidfile, "w"); - if ( !fpid ) { perror(pidfile); return 1; } - fprintf(fpid, "%d", getpid()); - fclose(fpid); - - if ( !debug ) { - if ( daemon(1,0) == -1 ) { perror("deamon()"); exit(1); } - - fpid = fopen(pidfile,"w"); - if ( !fpid ) { perror(pidfile); return 1; } - fprintf(fpid, "%d", getpid()); - fclose(fpid); - openlog(name, LOG_PID, LOG_DAEMON); - } else { setpgid(0, getpid()); } - - dprintf(("Master pid %d\n", getpid())); - - memset(&sa, 0, sizeof(sa)); assert(sa.sa_handler == NULL); - sa.sa_handler = catchsig; - sigaction(SIGINT, &sa, NULL); - sigaction(SIGTERM, &sa, NULL); - - sa.sa_handler = SIG_IGN; - sigaction(SIGUSR1, &sa, NULL); - - sigemptyset(&sset); - sigaddset(&sset, SIGTERM); - sigaddset(&sset, SIGINT); - sigprocmask(SIG_BLOCK, &sset, NULL); - - while ( !die ) { - int ret; - char *msg = NULL; - char *fname = NULL; - - ret = edg_wll_MaildirTransStart(mdir, &msg, &fname); - /* XXX: where should unblocking signal besides? */ - sigprocmask(SIG_UNBLOCK, &sset, NULL); - sigprocmask(SIG_BLOCK, &sset, NULL); - if ( ret < 0 ) { - dprintf(("edg_wll_MaildirTransStart: %s (%s)\n", strerror(errno), lbm_errdesc)); - if ( !debug ) syslog(LOG_ERR, "edg_wll_MaildirTransStart: %s (%s)", strerror(errno), lbm_errdesc); - exit(1); - } else if ( ret == 0 ) { - sleep(2); - } else { - struct _jpelem__RegisterJob in; - struct _jpelem__RegisterJobResponse empty; - struct SOAP_ENV__Detail *detail; - struct jptype__genericFault *f; - char *aux, *reason, indent[200] = " "; - - - dprintf(("JP registration request received\n")); - if ( !debug ) syslog(LOG_INFO, "JP registration request received\n"); - - if ( !(aux = strchr(msg, '\n')) ) { - dprintf(("Wrong format of message!\n")); - if ( !debug ) syslog(LOG_ERR, "Wrong format of message\n"); - free(msg); - continue; - } - *aux++ = '\0'; - in.job = msg; - in.owner = aux; - ret = soap_call___jpsrv__RegisterJob(soap, jpps, "", &in, &empty); - free(msg); - - switch ( ret ) { - case SOAP_OK: - /* XXX: checks return error code */ - edg_wll_MaildirTransEnd(mdir, fname, LBMD_TRANS_OK); - dprintf(("Job '%s' succesfully registered to JP\n", msg)); - if ( !debug ) syslog(LOG_INFO, "Job '%s' succesfully registered to JP\n", msg); - break; - - case SOAP_FAULT: - case SOAP_SVR_FAULT: - edg_wll_MaildirTransEnd(mdir, fname, LBMD_TRANS_FAILED); - if (soap->version == 2) { - detail = soap->fault->SOAP_ENV__Detail; - reason = soap->fault->SOAP_ENV__Reason; - } else { - detail = soap->fault->detail; - reason = soap->fault->faultstring; - } - dprintf(("%s\n", reason)); - assert(detail->__type == SOAP_TYPE__genericFault); -#if GSOAP_VERSION >=20700 - f = ((struct _genericFault *) detail->fault) -#else - f = ((struct _genericFault *) detail->value) -#endif - -> jpelem__genericFault; - - while ( f ) { - dprintf(("%s%s: %s (%s)\n", indent, f->source, f->text, f->description)); - f = f->reason; - strcat(indent, " "); - } - break; - - default: - soap_print_fault(soap, stderr); - edg_wll_MaildirTransEnd(mdir, fname, LBMD_TRANS_FAILED); - break; - } - free(fname); - } - } - - /* XXX: some sort of soap_destroy(soap) */ - dprintf(("Terminating on signal %d\n", die)); - if ( !debug ) syslog(LOG_INFO, "Terminating on signal %d\n", die); - - unlink(pidfile); - - return 0; -} - -/* XXX: we don't use it */ -SOAP_NMAC struct Namespace namespaces[] = { {NULL,NULL} }; - diff --git a/org.glite.jp.client/src/jptype_map.h b/org.glite.jp.client/src/jptype_map.h deleted file mode 100644 index 56d611f..0000000 --- a/org.glite.jp.client/src/jptype_map.h +++ /dev/null @@ -1,18 +0,0 @@ -#include "soap_version.h" - -#if GSOAP_VERSION >= 20700 -#define INPUT_SANDBOX jptype__UploadClass__INPUT_SANDBOX -#define OUTPUT_SANDBOX jptype__UploadClass__OUTPUT_SANDBOX -#define JOB_LOG jptype__UploadClass__JOB_LOG - -#define OWNER jptype__AttributeType__OWNER -#define TIME jptype__AttributeType__TIME -#define TAG jptype__AttributeType__TAG - -#define EQUAL jptype__queryOp__EQUAL -#define UNEQUAL jptype__queryOp__UNEQUAL -#define LESS jptype__queryOp__LESS -#define GREATER jptype__queryOp__GREATER -#define WITHIN jptype__queryOp__WITHIN -#endif - diff --git a/org.glite.jp.client/src/mysql.c b/org.glite.jp.client/src/mysql.c deleted file mode 100644 index 0f080ce..0000000 --- a/org.glite.jp.client/src/mysql.c +++ /dev/null @@ -1,265 +0,0 @@ -#ident "$Header$" - -#include "mysql.h" // MySql header file -#include "mysqld_error.h" -#include "errmsg.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "db.h" - -#define DEFAULTCS "jpps/@localhost:jpps1" -#define GLITE_JP_LB_MYSQL_VERSION 40018 - -static int my_err(glite_jp_context_t ctx, char *function) -{ - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = function; - err.code = EIO; /* XXX */ - err.desc = mysql_error((MYSQL *) ctx->dbhandle); - return glite_jp_stack_error(ctx,&err); -} - -struct _glite_jp_db_stmt_t { - MYSQL_RES *result; - glite_jp_context_t ctx; -}; - -int glite_jp_db_connect(glite_jp_context_t ctx,char *cs) -{ - char *buf = NULL; - char *host,*user,*pw,*db; - char *slash,*at,*colon; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (!cs) cs = DEFAULTCS; - - if (!(ctx->dbhandle = (void *) mysql_init(NULL))) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - mysql_options(ctx->dbhandle, MYSQL_READ_DEFAULT_FILE, "my"); - - host = user = pw = db = NULL; - - buf = strdup(cs); - slash = strchr(buf,'/'); - at = strrchr(buf,'@'); - colon = strrchr(buf,':'); - - if (!slash || !at || !colon) { - free(buf); - err.code = EINVAL; - err.desc = "Invalid DB connect string"; - return glite_jp_stack_error(ctx,&err); - } - - *slash = *at = *colon = 0; - host = at+1; - user = buf; - pw = slash+1; - db = colon+1; - - if (!mysql_real_connect((MYSQL *) ctx->dbhandle,host,user,pw,db,0,NULL,CLIENT_FOUND_ROWS)) { - free(buf); - return my_err(ctx, __FUNCTION__); - } - - free(buf); - return 0; -} - -void glite_jp_db_close(glite_jp_context_t ctx) -{ - mysql_close((MYSQL *) ctx->dbhandle); - ctx->dbhandle = NULL; -} - -int glite_jp_db_execstmt(glite_jp_context_t ctx,char *txt,glite_jp_db_stmt_t *stmt) -{ - int merr; - int retry_nr = 0; - int do_reconnect = 0; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (stmt) { - *stmt = NULL; - } - - while (retry_nr == 0 || do_reconnect) { - do_reconnect = 0; - if (mysql_query((MYSQL *) ctx->dbhandle,txt)) { - /* error occured */ - switch (merr = mysql_errno((MYSQL *) ctx->dbhandle)) { - case 0: - break; - case ER_DUP_ENTRY: - err.code = EEXIST; - err.desc = mysql_error((MYSQL *) ctx->dbhandle); - glite_jp_stack_error(ctx,&err); - return -1; - break; - case CR_SERVER_LOST: - if (retry_nr <= 0) - do_reconnect = 1; - break; - default: - my_err(ctx, __FUNCTION__); - return -1; - break; - } - } - retry_nr++; - } - - if (stmt) { - *stmt = malloc(sizeof(**stmt)); - if (!*stmt) { - err.code = ENOMEM; - glite_jp_stack_error(ctx,&err); - return -1; - } - memset(*stmt,0,sizeof(**stmt)); - (**stmt).ctx = ctx; - (**stmt).result = mysql_store_result((MYSQL *) ctx->dbhandle); - if (!(**stmt).result) { - if (mysql_errno((MYSQL *) ctx->dbhandle)) { - my_err(ctx, __FUNCTION__); - return -1; - } - } - } else { - MYSQL_RES *r = mysql_store_result((MYSQL *) ctx->dbhandle); - mysql_free_result(r); - } - - return mysql_affected_rows((MYSQL *) ctx->dbhandle); -} - -int glite_jp_db_fetchrow(glite_jp_db_stmt_t stmt,char **res) -{ - MYSQL_ROW row; - glite_jp_context_t ctx = stmt->ctx; - int nr,i; - unsigned long *len; - - glite_jp_clear_error(ctx); - - if (!stmt->result) return 0; - - if (!(row = mysql_fetch_row(stmt->result))) { - if (mysql_errno((MYSQL *) ctx->dbhandle)) { - my_err(ctx, __FUNCTION__); - return -1; - } else return 0; - } - - nr = mysql_num_fields(stmt->result); - len = mysql_fetch_lengths(stmt->result); - for (i=0; iresult))) cols[i++] = f->name; - return i == 0; -} - -void glite_jp_db_freestmt(glite_jp_db_stmt_t *stmt) -{ - if (*stmt) { - if ((**stmt).result) mysql_free_result((**stmt).result); - free(*stmt); - *stmt = NULL; - } -} - - -char *glite_jp_db_timetodb(time_t t) -{ - struct tm *tm = gmtime(&t); - char tbuf[256]; - - /* XXX: the very end of our days */ - if (!tm && t == (time_t) LONG_MAX) return strdup("9999-12-31 23:59:59"); - - sprintf(tbuf,"'%4d-%02d-%02d %02d:%02d:%02d'",tm->tm_year+1900,tm->tm_mon+1, - tm->tm_mday,tm->tm_hour,tm->tm_min,tm->tm_sec); - - return strdup(tbuf); -} - -time_t glite_jp_db_dbtotime(char *t) -{ - struct tm tm; - - memset(&tm,0,sizeof(tm)); - setenv("TZ","UTC",1); tzset(); - sscanf(t,"%4d-%02d-%02d %02d:%02d:%02d", - &tm.tm_year,&tm.tm_mon,&tm.tm_mday, - &tm.tm_hour,&tm.tm_min,&tm.tm_sec); - tm.tm_year -= 1900; - tm.tm_mon--; - - return mktime(&tm); -} - -int glite_jp_db_dbcheckversion(glite_jp_context_t ctx) -{ - MYSQL *m = (MYSQL *) ctx->dbhandle; - const char *ver_s = mysql_get_server_info(m); - int major,minor,sub,version; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (!ver_s || 3 != sscanf(ver_s,"%d.%d.%d",&major,&minor,&sub)) { - err.code = EINVAL; - err.desc = "problem checking MySQL version"; - return glite_jp_stack_error(ctx,&err); - } - - version = 10000*major + 100*minor + sub; - - if (version < GLITE_JP_LB_MYSQL_VERSION) { - char msg[300]; - - snprintf(msg,sizeof msg,"Your MySQL version is %d. At least %d required.",version, GLITE_JP_LB_MYSQL_VERSION); - err.code = EINVAL; - err.desc = msg; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} diff --git a/org.glite.jp.client/src/new_ftp_backend.c b/org.glite.jp.client/src/new_ftp_backend.c deleted file mode 100644 index 930030e..0000000 --- a/org.glite.jp.client/src/new_ftp_backend.c +++ /dev/null @@ -1,1790 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" -#include "glite/jp/strmd5.h" - -#include "tags.h" -#include "backend.h" -#include "db.h" - -#include "jpps_H.h" /* XXX: SOAP_TYPE___jpsrv__GetJob */ - -#define FTPBE_DEFAULT_DB_CS "jpps/@localhost:jpps" - -struct ftpbe_config { - char *internal_path; - char *external_path; - char *db_cs; - char *gridmap; - char *logname; -}; - -static struct ftpbe_config *config = NULL; - -struct fhandle_rec { - int fd; - int fd_append; -}; -typedef struct fhandle_rec *fhandle; - -static struct option ftpbe_opts[] = { - { "ftp-internal-path", 1, NULL, 'I' }, - { "ftp-external-path", 1, NULL, 'E' }, - { "ftp-db-cs", 1, NULL, 'D' }, - { "ftp-gridmap", 1, NULL, 'G' }, - { NULL, 0, NULL, 0 } -}; - -/******************************************************************************* - Internal helpers -*******************************************************************************/ - - -static int config_check( - glite_jp_context_t ctx, - struct ftpbe_config *config) -{ - return config == NULL || - config->internal_path == NULL || - config->external_path == NULL || - config->db_cs == NULL || - config->gridmap == NULL || - config->logname == NULL; - - /* XXX check reality */ -} - -static int jobid_unique_pathname(glite_jp_context_t ctx, const char *job, - char **unique, char **ju_path, int get_path) -{ - char *p; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - p = strrchr(job, '/'); - if (!p) { - err.code = EINVAL; - err.desc = "Malformed jobid"; - return glite_jp_stack_error(ctx,&err); - } - /* XXX thorough checks */ - if (!(*unique = strdup(p+1))) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - if (get_path) { - if (!(*ju_path = strdup(p+1))) { - free(*unique); - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - *(*ju_path + 10) = '\0'; - } - return 0; -} - -static int mkdirpath(const char* path, int prefixlen) -{ - char *wpath, *p; - int goout, ret; - - wpath = strdup(path); - if (!wpath) { - errno = ENOMEM; - return -1; - } - - p = wpath + prefixlen; - goout = 0; - while (!goout) { - while (*p == '/') p++; - while (*p != '/' && *p != '\0') p++; - goout = (*p == '\0'); - *p = '\0'; - ret = mkdir(wpath, S_IRUSR | S_IWUSR | S_IXUSR); - if (ret < 0 && errno != EEXIST) break; - *p = '/'; - } - free(wpath); - return goout ? 0 : ret; -} - -static int store_user(glite_jp_context_t ctx, const char *userid, const char *subj) -{ - glite_jp_error_t err; - char *stmt; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(userid != NULL); - assert(subj != NULL); - - trio_asprintf(&stmt,"insert into users(userid,cert_subj) " - "values ('%|Ss','%|Ss')",userid,subj); - if (!stmt) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - if (ctx->error->code == EEXIST) - glite_jp_clear_error(ctx); - else { - free(stmt); - err.code = EIO; - err.desc = "DB access failed"; - return glite_jp_stack_error(ctx,&err); - } - } - free(stmt); - - return 0; -} - -static long regtime_trunc(long tv_sec) -{ - return tv_sec / (86400*7); -} - -static long regtime_ceil(long tv_sec) -{ - return (tv_sec % (86400*7)) ? tv_sec/(86400*7)+1 : tv_sec/(86400*7) ; -} - -/******************************************************************************** - Backend calls -********************************************************************************/ -int glite_jppsbe_init( - glite_jp_context_t ctx, - int argc, - char *argv[] -) -{ - glite_jp_error_t err; - int opt; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - config = (struct ftpbe_config *) calloc(1, sizeof *config); - if (!config) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - config->logname = getlogin(); - - while ((opt = getopt_long(argc, argv, "I:E:G:", ftpbe_opts, NULL)) != EOF) { - switch (opt) { - case 'I': config->internal_path = optarg; break; - case 'E': config->external_path = optarg; break; - case 'D': config->db_cs = optarg; break; - case 'G': config->gridmap = optarg; break; - default: break; - } - } - - /* Defaults */ - if (!config->db_cs) config->db_cs = strdup(FTPBE_DEFAULT_DB_CS); - - if (config_check(ctx, config)) { - err.code = EINVAL; - err.desc = "Invalid FTP backend configuration"; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jp_db_connect(ctx, config->db_cs)) { - err.code = EIO; - err.desc = "Cannot access backend's database (during init)"; - return glite_jp_stack_error(ctx,&err); - } else { - glite_jp_db_close(ctx); /* slaves open their own connections */ - } - - return 0; -} - -int glite_jppsbe_init_slave( - glite_jp_context_t ctx -) -{ - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (glite_jp_db_connect(ctx, config->db_cs)) { - err.code = EIO; - err.desc = "Cannot access backend's database"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_register_job( - glite_jp_context_t ctx, - const char *job, - const char *owner -) -{ - glite_jp_error_t err; - char *data_dir = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *ownerhash = NULL; - struct timeval reg_tv; - char *stmt = NULL; - char *dbtime = NULL; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job != NULL); - assert(owner != NULL); - - gettimeofday(®_tv, NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - ownerhash = str2md5(owner); /* static buffer */ - if (store_user(ctx, ownerhash, owner)) { - err.code = EIO; - err.desc = "Cannot store user entry"; - goto error_out; - } - - dbtime = glite_jp_db_timetodb(reg_tv.tv_sec); - if (!dbtime) { - err.code = ENOMEM; - goto error_out; - } - - trio_asprintf(&stmt,"insert into jobs(jobid,dg_jobid,owner,reg_time) " - "values ('%|Ss','%|Ss','%|Ss', %s)", - ju, job, ownerhash, dbtime); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - if (ctx->error->code == EEXIST) { - err.code = EEXIST; - err.desc = "Job already registered"; - } - else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - if (asprintf(&data_dir, "%s/data/%s/%d/%s", - config->internal_path, ownerhash, regtime_trunc(reg_tv.tv_sec), ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (mkdirpath(data_dir, strlen(config->internal_path)) < 0 && - errno != EEXIST) { - err.code = errno; - err.desc = "Cannot mkdir jobs's data directory"; - goto error_out; - } - -error_out: - free(data_dir); - free(stmt); free(dbtime); - free(ju); free(ju_path); - - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int add_to_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - gridmap = fopen(config->gridmap, "a"); - if (!gridmap) { - err.code = errno; - err.desc = "Cannot open gridmap file"; - return glite_jp_stack_error(ctx,&err); - } - if (fprintf(gridmap, "\"%s\" %s\n", dn, config->logname) < 6 || - ferror(gridmap)) { - err.code = EIO; - err.desc = "Cannot write to gridmap file"; - fclose(gridmap); - return glite_jp_stack_error(ctx,&err); - } - fclose(gridmap); - return 0; -} - -static int remove_from_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - char *temp_name = NULL; - FILE *temp_file = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - /* XXX */ - return 0; -} - -int glite_jppsbe_start_upload( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - const char *content_type, - char **destination_out, - time_t *commit_before_inout -) -{ - char *data_basename = NULL; - char *data_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *peername = NULL; - char *peerhash = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[2] = { NULL, NULL }; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(destination_out!=NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - peername = glite_jp_peer_name(ctx); - if (peername == NULL) { - err.code = EINVAL; - err.desc = "Cannot obtain client certificate info"; - goto error_out; - } - - trio_asprintf(&stmt, "select owner, reg_time from jobs" - " where jobid='%|Ss'", ju); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such job registered"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 2) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - - glite_jp_db_freestmt(&db_res); - - /* XXX authorization done in soap_ops.c */ - - /* XXX name length */ - if (asprintf(&data_basename, "%s%s%s", class, - (name != NULL) ? "." : "", - (name != NULL) ? name : "") == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(&data_fname, "%s/data/%s/%d/%s/%s", - config->internal_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (asprintf(destination_out, "%s/data/%s/%d/%s/%s", - config->external_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (commit_before_inout != NULL) - /* XXX no timeout enforced */ - /* XXX: gsoap does not like so much, one year should be enough - *commit_before_inout = (time_t) LONG_MAX; - */ - *commit_before_inout = time(NULL) + 365*24*60*60; - - /* - if (add_to_gridmap(ctx, peername)) { - err.code = EIO; - err.desc = "Cannot add peer DN to ftp server authorization file"; - goto error_out; - } - */ - - peerhash = str2md5(peername); /* static buffer */ - if (store_user(ctx, peerhash, peername)) { - err.code = EIO; - err.desc = "Cannot store upload user entry"; - goto error_out; - } - - free(stmt); stmt = NULL; - trio_asprintf(&stmt,"insert into files" - "(jobid,filename,int_path,ext_url,state,deadline,ul_userid) " - "values ('%|Ss','%|Ss','%|Ss','%|Ss','%|Ss', '%|Ss', '%|Ss')", - ju, data_basename, data_fname, *destination_out, "uploading", - glite_jp_db_timetodb(*commit_before_inout), peerhash); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - if (ctx->error->code == EEXIST) { - err.code = EEXIST; - err.desc = "File already stored or upload in progress"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - -error_out: - free(db_row[0]); free(db_row[1]); - free(stmt); - free(data_basename); - free(data_fname); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_commit_upload( - glite_jp_context_t ctx, - const char *destination -) -{ - char *peername = NULL; - char *peerhash = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[7] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - int i; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(destination != NULL); - - trio_asprintf(&stmt, "select * from files where " - "ext_url='%|Ss' and state='uploading'", destination); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such upload in progress"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 7) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - glite_jp_db_freestmt(&db_res); - - peername = glite_jp_peer_name(ctx); - if (peername == NULL) { - err.code = EINVAL; - err.desc = "Cannot obtain client certificate info"; - goto error_out; - } - - peerhash = str2md5(peername); /* static buffer */ - if (strcmp(peerhash, db_row[6])) { - err.code = EPERM; - err.desc = "Upload started by client with different identity"; - goto error_out; - } - - free(stmt); - trio_asprintf(&stmt,"update files set state='committed', deadline=NULL " - "where jobid='%|Ss' and filename='%|Ss'", db_row[0], db_row[1]); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } -error_out: - for (i=0; i<7; i++) free(db_row[i]); - free(peername); - free(stmt); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_destination_info( - glite_jp_context_t ctx, - const char *destination, - char **job, - char **class, - char **name -) -{ - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[2] = { NULL, NULL}; - int i; - char *cp = NULL; - - char *classname = NULL; - glite_jp_error_t err; - - assert(destination != NULL); - assert(job != NULL); - assert(class != NULL); - assert(name != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - - trio_asprintf(&stmt, "select j.dg_jobid,f.filename from jobs j,files f where " - "f.ext_url='%|Ss' and j.jobid=f.jobid", destination); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "Invalid destination string"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 2) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - glite_jp_db_freestmt(&db_res); - - *job = strdup(db_row[0]); - - cp = strchr(db_row[1],'.'); - if (!cp) { - *name = NULL; - } else { - *cp++ = '\0'; - *name = strdup(cp); - } - *class = strdup(db_row[1]); - - if (!*job || !*class) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - for (i=0; i<2; i++) free(db_row[i]); - free(stmt); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - - -int glite_jppsbe_get_job_url( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - char **url_out -) -{ - char *data_basename = NULL; - char *data_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[3] = { NULL, NULL, NULL }; - - long reg_time; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(url_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/ : ""name"; - return glite_jp_stack_error(ctx,&err); - } - - trio_asprintf(&stmt, "select j.owner,reg_time,u.cert_subj from jobs j, users u " - "where j.jobid='%|Ss' and j.owner = u.userid", ju); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such job registered"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - free(stmt); stmt = NULL; - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 3) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - - glite_jp_db_freestmt(&db_res); - - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__GetJob,job,db_row[2])) { - err.code = EPERM; - goto error_out; - } - - /* XXX name length */ - if (asprintf(&data_basename, "%s%s%s", class, - (name != NULL) ? "." : "", - (name != NULL) ? name : "") == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(url_out, "%s/data/%s/%d/%s/%s", - config->external_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - - trio_asprintf(&stmt,"select 'x' from files where jobid='%|Ss' " - "and ext_url = '%|Ss' " - "and state='committed' ",ju,*url_out); - - if ((db_retn = glite_jp_db_execstmt(ctx,stmt,&db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "not uploaded yet"; - } - else { - err.code = EIO; - err.desc = "DB access failed"; - } - /* goto error_out; */ - } - -error_out: - free(db_row[0]); free(db_row[1]); - free(stmt); - free(data_basename); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_fname( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - char **fname_out -) -{ - char *data_basename = NULL; - char *ju = NULL; - char *ju_path = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[2] = { NULL, NULL }; - - long reg_time; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(fname_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - trio_asprintf(&stmt, "select owner, reg_time from jobs " - "where jobid='%|Ss'", ju); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such job registered"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 2) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - - glite_jp_db_freestmt(&db_res); - - /* XXX name length */ - if (asprintf(&data_basename, "%s%s%s", class, - (name != NULL) ? "." : "", (name != NULL) ? name : "") == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(fname_out, "%s/data/%s/%d/%s/%s", - config->internal_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - free(db_row[0]); free(db_row[1]); - free(stmt); - free(data_basename); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - - -int glite_jppsbe_open_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - int mode, - void **handle_out -) -{ - fhandle handle = NULL; - char* fname = NULL; - glite_jp_error_t err; - - assert(handle_out != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (get_job_fname(ctx, job, class, name, &fname)) { - err.code = ctx->error->code; - err.desc = "Cannot construct internal filename"; - return glite_jp_stack_error(ctx,&err); - } - - handle = (fhandle) calloc(1,sizeof(*handle)); - if (handle == NULL) { - err.code = ENOMEM; - goto error_out; - } - - handle->fd = open(fname, mode, S_IRUSR | S_IWUSR); - if (handle->fd < 0) { - err.code = errno; - err.desc = "Cannot open requested file"; - free(handle); - goto error_out; - } - handle->fd_append = open(fname, mode | O_APPEND, S_IRUSR | S_IWUSR); - if (handle->fd_append < 0) { - err.code = errno; - err.desc = "Cannot open requested file for append"; - close(handle->fd); - free(handle); - goto error_out; - } - *handle_out = (void*) handle; - -error_out: - free(fname); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_close_file( - glite_jp_context_t ctx, - void *handle -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (close(((fhandle)handle)->fd_append) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor (fd_append)"; - goto error_out; - } - if (close(((fhandle)handle)->fd) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor"; - goto error_out; - } - -error_out: - free(handle); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_pread( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset, - ssize_t *nbytes_ret -) -{ - ssize_t ret; - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if ((ret = pread(((fhandle)handle)->fd, buf, nbytes, offset)) < 0) { - err.code = errno; - err.desc = "Error in pread()"; - return glite_jp_stack_error(ctx,&err); - } - *nbytes_ret = ret; - - return 0; -} - -int glite_jppsbe_pwrite( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (pwrite(((fhandle)handle)->fd, buf, nbytes, offset) < 0) { - err.code = errno; - err.desc = "Error in pwrite()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_append( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (write(((fhandle)handle)->fd_append, buf, nbytes) < 0) { - err.code = errno; - err.desc = "Error in write()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -static int get_job_info( - glite_jp_context_t ctx, - const char *job, - char **owner, - struct timeval *tv_reg -) -{ - char *ju = NULL; - char *ju_path = NULL; - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char *int_fname = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %*s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, &ownerlen) < 4 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - free(int_fname); - free(ju); - free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_info_int( - glite_jp_context_t ctx, - const char *int_fname, - char **jobid, - char **owner, - struct timeval *tv_reg -) -{ - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char jobid_buf[256]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, jobid_buf, &ownerlen) < 5 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - *jobid = strdup(jobid_buf); - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_get_job_metadata( - glite_jp_context_t ctx, - const char *job, - glite_jp_attrval_t attrs_inout[] -) -{ - int got_info = 0; - struct timeval tv_reg; - char *owner = NULL; - int got_tags = 0; - void *tags_handle = NULL; - glite_jp_tagval_t* tags = NULL; - int i,j; - glite_jp_error_t err; - - assert(job != NULL); - assert(attrs_inout != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; attrs_inout[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TIME: -*/ - if (!got_info) { - if (get_job_info(ctx, job, &owner, &tv_reg)) { - err.code = ctx->error->code; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - got_info = 1; - } - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - if (!got_tags) { - if (glite_jppsbe_open_file(ctx, job, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - got_tags = 1; - } - break; -*/ - default: - err.code = EINVAL; - err.desc = "Invalid attribute type"; - goto error_out; - break; - } - - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - attrs_inout[i].value.s = strdup(owner); - if (!attrs_inout[i].value.s) { - err.code = ENOMEM; - err.desc = "Cannot copy owner string"; - goto error_out; - } - break; - case GLITE_JP_ATTR_TIME: - attrs_inout[i].value.time = tv_reg; - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, attrs_inout[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &attrs_inout[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) attrs_inout[i].value.tag.name = NULL; - break; -*/ - default: - break; - } - } - -error_out: - free(owner); - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); - - if (err.code) { - while (i > 0) { - i--; - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - free(attrs_inout[i].value.s); - break; - case GLITE_JP_ATTR_TAG: - free(attrs_inout[i].value.tag.name); - free(attrs_inout[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} -static int compare_timeval(struct timeval a, struct timeval b) -{ - if (a.tv_sec < b.tv_sec) return -1; - if (a.tv_sec > b.tv_sec) return 1; - if (a.tv_usec < b.tv_usec) return -1; - if (a.tv_usec > b.tv_usec) return 1; - return 0; -} - - -/* FIXME: disabled -- clarification wrt. filetype plugin needed */ - -#if 0 - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -); - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - char *time_dirname = NULL; - DIR *time_dirp = NULL; - struct dirent *jobent; - char *info_fname = NULL; - char *jobid = NULL; - char *owner = NULL; - struct timeval tv_reg; - void *tags_handle = NULL; - int matching; - int i, j; - glite_jp_tagval_t* tags = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (asprintf(&time_dirname, "%s/data/%s/%d", config->internal_path, - ownerhash, regtime_tr) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - time_dirp = opendir(time_dirname); - if (!time_dirp) { - free(time_dirname); - return 0; /* found nothing */ - } - while ((jobent = readdir(time_dirp)) != NULL) { - if (!strcmp(jobent->d_name, ".")) continue; - if (!strcmp(jobent->d_name, "..")) continue; - if (asprintf(&info_fname, "%s/%s/_info", time_dirname, - jobent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (get_job_info_int(ctx, info_fname, &jobid, &owner, &tv_reg)) { - err.code = EIO; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - if (q_tags || md_tags) { - if (glite_jppsbe_open_file(ctx, jobid, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - tags_handle = NULL; - } - - matching = 1; - for (i = 0; matching && query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (query[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - if (query[i].value.s == NULL || - strcmp(query[i].value.s, owner)) matching = 0; - break; - case GLITE_JP_ATTR_TIME: - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_LESS: - matching = compare_timeval(tv_reg, query[i].value.time) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = compare_timeval(tv_reg, query[i].value.time) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = compare_timeval(tv_reg, query[i].value.time) >= 0 - && compare_timeval(tv_reg, query[i].value2.time) <= 0; - break; - } - break; - case GLITE_JP_ATTR_TAG: - if (!tags) { - matching = 0; - break; - } - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, query[i].attr.name)) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_LESS: - matching = strcmp(tags[j].value, query[i].value.s) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = strcmp(tags[j].value, query[i].value.s) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = strcmp(tags[j].value, query[i].value.s) >= 0 \ - && strcmp(tags[j].value, query[i].value2.s) <= 0 ; - break; - default: - break; - } - } - } - break; - default: - break; - } - } - if (!matching) { - free(info_fname); info_fname = NULL; - free(jobid); jobid = NULL; - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); tags = NULL; - continue; - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - metadata[i].value.s = owner; - break; - case GLITE_JP_ATTR_TIME: - metadata[i].value.time = tv_reg; - break; - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, metadata[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &metadata[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) { - metadata[i].value.tag.name = NULL; - metadata[i].value.tag.value = NULL; - } - break; - default: - break; - } - } - (*callback)(ctx, jobid, metadata); - free(jobid); jobid = NULL; - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - } - -error_out: - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - if (tags_handle) glite_jppsbe_close_file(ctx, tags_handle); - free(info_fname); - free(owner); - free(jobid); - closedir(time_dirp); - free(time_dirname); - if (err.code) { - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else - return 0; -} - -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - /* XXX clone metadata */ - int i; - char *q_exact_owner = NULL; - char *ownerhash = NULL; - long q_min_time = 0; - long q_max_time = LONG_MAX; - long q_min_time_tr; - long q_max_time_tr; - int q_with_tags = 0; - int md_info = 0; - int md_tags = 0; - char *owner_dirname = NULL; - DIR *owner_dirp = NULL; - struct dirent *ttimeent; - char *data_dirname = NULL; - DIR *data_dirp = NULL; - struct dirent *ownerent; - long ttime = 0; - glite_jp_attrval_t *metadata_templ = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - if (query[i].attr.type == GLITE_JP_ATTR_OWNER && query[i].op == GLITE_JP_QUERYOP_EQUAL) { - q_exact_owner = query[i].value.s; - } - if (query[i].attr.type == GLITE_JP_ATTR_TIME) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - q_min_time = query[i].value.time.tv_sec; - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_LESS: - if (q_max_time > query[i].value.time.tv_sec + 1) - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_WITHIN: - if (q_max_time > query[i].value2.time.tv_sec + 1) - q_max_time = query[i].value2.time.tv_sec + 1; - /* fallthrough */ - case GLITE_JP_QUERYOP_GREATER: - if (q_min_time < query[i].value.time.tv_sec) - q_min_time = query[i].value.time.tv_sec; - break; - default: - err.code = EINVAL; - err.desc = "Invalid query op"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - if (query[i].attr.type == GLITE_JP_ATTR_TAG) - q_with_tags = 1; - - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TIME: - md_info = 1; - break; - case GLITE_JP_ATTR_TAG: - md_tags = 1; - break; - default: - err.code = EINVAL; - err.desc = "Invalid attribute type in metadata parameter"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - metadata_templ = (glite_jp_attrval_t *) calloc(i + 1, sizeof(glite_jp_attrval_t)); - if (!metadata_templ) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - memcpy(metadata_templ, metadata, (i + 1) * sizeof(glite_jp_attrval_t)); - - q_min_time_tr = regtime_trunc(q_min_time); - q_max_time_tr = regtime_ceil(q_max_time); - - if (q_exact_owner) { - ownerhash = str2md5(q_exact_owner); /* static buffer */ - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, ownerhash) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - free(metadata_templ); - return 0; /* found nothing */ - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerhash, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - } else { /* !q_exact_owner */ - if (asprintf(&data_dirname, "%s/data", config->internal_path) == -1) { - err.code = ENOMEM; - goto error_out; - } - data_dirp = opendir(data_dirname); - if (!data_dirp) { - err.code = EIO; - err.desc = "Cannot open data directory"; - goto error_out; - } - while ((ownerent = readdir(data_dirp)) != NULL) { - if (!strcmp(ownerent->d_name, ".")) continue; - if (!strcmp(ownerent->d_name, "..")) continue; - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, - ownerent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - err.code = EIO; - err.desc = "Cannot open owner data directory"; - goto error_out; - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerent->d_name, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - closedir(owner_dirp); owner_dirp = NULL; - } - closedir(data_dirp); data_dirp = NULL; - } - return 0; - -error_out: - if (owner_dirp) closedir(owner_dirp); - if (data_dirp) closedir(data_dirp); - free(data_dirname); - free(metadata_templ); - return glite_jp_stack_error(ctx,&err); -} - -#else - -/* placeholder instead */ -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - glite_jp_error_t err; - err.code = ENOSYS; - err.desc = "not implemented"; - return glite_jp_stack_error(ctx,&err); -} - -#endif - -/* XXX: -- no primary authorization yet -- no concurrency control yet -- partial success in pwrite,append -- "unique" part of jobid is assumed to be unique across bookkeeping servers -- repository versioning not fully implemented yet -*/ diff --git a/org.glite.jp.client/src/simple_server.c b/org.glite.jp.client/src/simple_server.c deleted file mode 100644 index 3bbb743..0000000 --- a/org.glite.jp.client/src/simple_server.c +++ /dev/null @@ -1,59 +0,0 @@ -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "jpps_H.h" - -extern SOAP_NMAC struct Namespace jpis__namespaces[],jpps__namespaces[]; - -int main(int argc, char *argv[]) { - struct soap soap; - int i, m, s; // master and slave sockets - - glite_jp_context_t ctx; - - soap_init(&soap); - soap_set_namespaces(&soap, jpps__namespaces); - - glite_jp_init_context(&ctx); - - if (glite_jppsbe_init(ctx, &argc, argv)) { - /* XXX log */ - fputs(glite_jp_error_chain(ctx), stderr); - exit(1); - } - - soap.user = (void *) ctx; - - ctx->other_soap = soap_new(); - soap_init(ctx->other_soap); - soap_set_namespaces(ctx->other_soap,jpis__namespaces); - - srand48(time(NULL)); /* feed id generation */ - - m = soap_bind(&soap, NULL, 8901, 100); - if (m < 0) - soap_print_fault(&soap, stderr); - else - { - fprintf(stderr, "Socket connection successful: master socket = %d\n", m); - for (i = 1; ; i++) { - s = soap_accept(&soap); - if (s < 0) { - soap_print_fault(&soap, stderr); - break; - } - jpps__serve(&soap); // process RPC request - soap_destroy(&soap); // clean up class instances - soap_end(&soap); // clean up everything and close socket - glite_jp_run_deferred(ctx); - } - } - soap_done(&soap); // close master socket - - return 0; -} - -/* XXX: we don't use it */ -SOAP_NMAC struct Namespace namespaces[] = { {NULL,NULL} }; diff --git a/org.glite.jp.client/src/soap_ops.c b/org.glite.jp.client/src/soap_ops.c deleted file mode 100644 index 9411403..0000000 --- a/org.glite.jp.client/src/soap_ops.c +++ /dev/null @@ -1,465 +0,0 @@ -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "feed.h" - -#include "jpps_H.h" -/* #include "JobProvenancePS.nsmap" */ -#include "jpps_.nsmap" - -#include "jptype_map.h" - -#include "file_plugin.h" -#include "builtin_plugins.h" - -#include "soap_version.h" -#if GSOAP_VERSION <= 20602 -#define __jpsrv__RegisterJob __ns1__RegisterJob -#define __jpsrv__StartUpload __ns1__StartUpload -#define __jpsrv__CommitUpload __ns1__CommitUpload -#define __jpsrv__RecordTag __ns1__RecordTag -#define __jpsrv__FeedIndex __ns1__FeedIndex -#define __jpsrv__FeedIndexRefresh __ns1__FeedIndexRefresh -#define __jpsrv__GetJob __ns1__GetJob -#endif - -static struct jptype__genericFault *jp2s_error(struct soap *soap, - const glite_jp_error_t *err) -{ - struct jptype__genericFault *ret = NULL; - if (err) { - ret = soap_malloc(soap,sizeof *ret); - memset(ret,0,sizeof *ret); - ret->code = err->code; - ret->source = soap_strdup(soap,err->source); - ret->text = soap_strdup(soap,strerror(err->code)); - ret->description = soap_strdup(soap,err->desc); - ret->reason = jp2s_error(soap,err->reason); - } - return ret; -} - -static void err2fault(const glite_jp_context_t ctx,struct soap *soap) -{ - char *et; - struct SOAP_ENV__Detail *detail = soap_malloc(soap,sizeof *detail); - struct _genericFault *f = soap_malloc(soap,sizeof *f); - - - f->jpelem__genericFault = jp2s_error(soap,ctx->error); - - detail->__type = SOAP_TYPE__genericFault; -#if GSOAP_VERSION >= 20700 - detail->fault = f; -#else - detail->value = f; -#endif - detail->__any = NULL; - - soap_receiver_fault(soap,"Oh, shit!",NULL); - if (soap->version == 2) soap->fault->SOAP_ENV__Detail = detail; - else soap->fault->detail = detail; -} - -/* deprecated -static glite_jp_fileclass_t s2jp_fileclass(enum jptype__UploadClass class) -{ - switch (class) { - case INPUT_SANDBOX: return GLITE_JP_FILECLASS_INPUT; - case OUTPUT_SANDBOX: return GLITE_JP_FILECLASS_OUTPUT; - case JOB_LOG: return GLITE_JP_FILECLASS_LBLOG; - default: return GLITE_JP_FILECLASS_UNDEF; - } -} -*/ - -static void s2jp_tag(const struct jptype__tagValue *stag,glite_jp_tagval_t *jptag) -{ - memset(jptag,0,sizeof *jptag); - jptag->name = strdup(stag->name); - jptag->sequence = stag->sequence ? *stag->sequence : 0; - jptag->timestamp = stag->timestamp ? *stag->timestamp : 0; - if (stag->stringValue) jptag->value = strdup(stag->stringValue); - else if (stag->blobValue) { - jptag->binary = 1; - jptag->size = stag->blobValue->__size; - jptag->value = (char *) stag->blobValue->__ptr; - } -} - -#define CONTEXT_FROM_SOAP(soap,ctx) glite_jp_context_t ctx = (glite_jp_context_t) ((soap)->user) - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__RegisterJob( - struct soap *soap, - struct _jpelem__RegisterJob *in, - struct _jpelem__RegisterJobResponse *empty) -{ - CONTEXT_FROM_SOAP(soap,ctx); - glite_jp_attrval_t owner_val[2]; - - printf("%s %s %s\n",__FUNCTION__,in->job,in->owner); - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__RegisterJob,in->job,in->owner) || - glite_jppsbe_register_job(ctx,in->job,in->owner)) - { - err2fault(ctx,soap); - return SOAP_FAULT; - } - - owner_val[0].attr.type = GLITE_JP_ATTR_OWNER; - owner_val[0].value.s = in->owner; - owner_val[1].attr.type = GLITE_JP_ATTR_UNDEF; - -/* XXX: errrors should be ingored but not silently */ - glite_jpps_match_attr(ctx,in->job,owner_val); - - return SOAP_OK; -} - - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__StartUpload( - struct soap *soap, - struct _jpelem__StartUpload *in, - struct _jpelem__StartUploadResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - char *destination; - time_t commit_before = in->commitBefore; - glite_jp_error_t err; - glite_jpps_fplug_data_t **pd = NULL; - int i; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__StartUpload,NULL,NULL)) { - err2fault(ctx,soap); - return SOAP_FAULT; - } - - switch (glite_jpps_fplug_lookup(ctx,in->class_,&pd)) { - case ENOENT: - err.code = ENOENT; - err.source = __FUNCTION__; - err.desc = "unknown file class"; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - return SOAP_FAULT; - case 0: break; - default: - err2fault(ctx,soap); - return SOAP_FAULT; - } - - for (i=0; pd[0]->uris[i] && strcmp(pd[0]->uris[i],in->class_); i++); - assert(pd[0]->uris[i]); - - if (glite_jppsbe_start_upload(ctx,in->job,pd[0]->classes[i],in->name,in->contentType, - &destination,&commit_before)) - { - err2fault(ctx,soap); - free(pd); - return SOAP_FAULT; - } - - out->destination = soap_strdup(soap,destination); - free(destination); - out->commitBefore = commit_before; - - free(pd); - return SOAP_OK; -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__CommitUpload( - struct soap *soap, - struct _jpelem__CommitUpload *in, - struct _jpelem__CommitUploadResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - char *job,*class,*name; - - job = class = name = NULL; - - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__CommitUpload,NULL,NULL) || - glite_jppsbe_commit_upload(ctx,in->destination)) - { - err2fault(ctx,soap); - return SOAP_FAULT; - } - - /* XXX: should not fail when commit_upload was OK */ - assert(glite_jppsbe_destination_info(ctx,in->destination,&job,&class,&name) == 0); - - /* XXX: ignore errors but don't fail silenty */ - glite_jpps_match_file(ctx,job,class,name); - - free(job); free(class); free(name); - - return SOAP_OK; -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__RecordTag( - struct soap *soap, - struct _jpelem__RecordTag *in, - struct _jpelem__RecordTagResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - void *file_be,*file_p; - glite_jpps_fplug_data_t **pd = NULL; - - glite_jp_tagval_t mytag; - - file_be = file_p = NULL; - - /* XXX: we assume just one plugin and also that TAGS plugin handles - * just one uri/class */ - - if (glite_jpps_fplug_lookup(ctx,GLITE_JP_FILETYPE_TAGS,&pd) - || glite_jppsbe_open_file(ctx,in->jobid,pd[0]->classes[0],NULL, - O_RDWR|O_CREAT,&file_be) - /* XXX: tags need reading to check magic number */ - ) { - free(pd); - err2fault(ctx,soap); - return SOAP_FAULT; - } - - s2jp_tag(in->tag,&mytag); - - /* XXX: assuming tag plugin handles just one type */ - if (pd[0]->ops.open(pd[0]->fpctx,file_be,GLITE_JP_FILETYPE_TAGS,&file_p) - || pd[0]->ops.generic(pd[0]->fpctx,file_p,GLITE_JP_FPLUG_TAGS_APPEND,&mytag)) - { - err2fault(ctx,soap); - if (file_p) pd[0]->ops.close(pd[0]->fpctx,file_p); - glite_jppsbe_close_file(ctx,file_be); - free(pd); - return SOAP_FAULT; - } - - if (pd[0]->ops.close(pd[0]->fpctx,file_p) - || glite_jppsbe_close_file(ctx,file_be)) - { - err2fault(ctx,soap); - free(pd); - return SOAP_FAULT; - } - - /* XXX: ignore errors but don't fail silenty */ - glite_jpps_match_tag(ctx,in->jobid,&mytag); - - free(pd); - return SOAP_OK; -} - -extern char *glite_jp_default_namespace; - -/* XXX: should be public */ -#define GLITE_JP_TAGS_NAMESPACE "http://glite.org/services/jp/tags" - -static void s2jp_attr(const char *in,glite_jp_attr_t *out) -{ - char *buf = strdup(in),*name = strchr(buf,':'),*ns = NULL; - - if (name) { - ns = buf; - *name++ = 0; - } - else { - name = buf; - ns = glite_jp_default_namespace; - } - - memset(out,0,sizeof *out); - - if (strcmp(ns,glite_jp_default_namespace)) - out->type = strcmp(ns,GLITE_JP_TAGS_NAMESPACE) ? - GLITE_JP_ATTR_GENERIC : GLITE_JP_ATTR_TAG; - else { - if (!strcmp(name,"owner")) out->type = GLITE_JP_ATTR_OWNER; - else if (!strcmp(name,"time")) out->type = GLITE_JP_ATTR_OWNER; - - } - - if (out->type) { - out->name = strdup(name); - out->namespace = strdup(ns); - } -} - -static void s2jp_queryval( - const char *in, - glite_jp_attrtype_t type, - union _glite_jp_query_rec_val *out) -{ - switch (type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - case GLITE_JP_ATTR_GENERIC: - out->s = strdup(in); - break; - case GLITE_JP_ATTR_TIME: - out->time.tv_sec = atoi(in); - break; - } -} - -static void s2jp_query(const struct jptype__primaryQuery *in, glite_jp_query_rec_t *out) -{ - s2jp_attr(in->attr,&out->attr); - - switch (in->op) { - case EQUAL: out->op = GLITE_JP_QUERYOP_EQUAL; break; - case UNEQUAL: out->op = GLITE_JP_QUERYOP_UNEQUAL; break; - case LESS: out->op = GLITE_JP_QUERYOP_LESS; break; - case GREATER: out->op = GLITE_JP_QUERYOP_GREATER; break; - case WITHIN: - out->op = GLITE_JP_QUERYOP_WITHIN; - s2jp_queryval(in->value2,out->attr.type,&out->value2); - break; - } - - s2jp_queryval(in->value,out->attr.type,&out->value); -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__FeedIndex( - struct soap *soap, - struct _jpelem__FeedIndex *in, - struct _jpelem__FeedIndexResponse *out) -{ - -/* deferred processing: return feed_id to the index server first, - * start feeding it afterwards -- not before the index server actually - * knows feed_id and is ready to accept the feed. - * - * Has to be done within the same server slave, - * passed through the context */ - - CONTEXT_FROM_SOAP(soap,ctx); - char *feed_id = NULL; - time_t expires = 0; - int ret = SOAP_OK; - - glite_jp_attr_t *attrs = calloc(in->__sizeattributes+1,sizeof *attrs); - glite_jp_query_rec_t *qry = calloc(in->__sizeconditions+1,sizeof *qry); - int i; - - glite_jp_clear_error(ctx); - - for (i = 0; i__sizeattributes; i++) s2jp_attr(in->attributes[i],attrs+i); - for (i = 0; i__sizeconditions; i++) s2jp_query(in->conditions[i],qry+i); - - if (in->history) { - if (glite_jpps_run_feed(ctx,in->destination,attrs,qry,&feed_id)) { - err2fault(ctx,soap); - ret = SOAP_FAULT; - goto cleanup; - } - } - - if (in->continuous) { - if (glite_jpps_register_feed(ctx,in->destination,attrs,qry,&feed_id,&expires)) { - err2fault(ctx,soap); - ret = SOAP_FAULT; - goto cleanup; - } - } - - if (!in->history && !in->continuous) { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EINVAL; - err.source = __FUNCTION__; - err.desc = "at least one of and must be true"; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - ret = SOAP_FAULT; - goto cleanup; - } - - out->feedExpires = expires; - out->feedId = soap_strdup(soap,feed_id); - -cleanup: - free(feed_id); - for (i=0; attrs[i].type; i++) free(attrs[i].name); - free(attrs); - for (i=0; qry[i].attr.type; i++) glite_jp_free_query_rec(qry+i); - free(qry); - - return ret; -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__FeedIndexRefresh( - struct soap *soap, - struct _jpelem__FeedIndexRefresh *in, - struct _jpelem__FeedIndexRefreshResponse *out) -{ - fprintf(stderr,"%s: not implemented\n",__FUNCTION__); - abort(); -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__GetJob( - struct soap *soap, - struct _jpelem__GetJob *in, - struct _jpelem__GetJobResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - char *url; - - int i,n; - glite_jp_error_t err; - void **pd; - struct jptype__jppsFile **f = NULL; - - memset(&err,0,sizeof err); - out->__sizefiles = 0; - - for (pd = ctx->plugins; *pd; pd++) { - glite_jpps_fplug_data_t *plugin = *pd; - - for (i=0; plugin->uris[i]; i++) { - glite_jp_clear_error(ctx); - switch (glite_jppsbe_get_job_url(ctx,in->jobid,plugin->classes[i],NULL,&url)) { - case 0: n = out->__sizefiles++; - f = realloc(f,out->__sizefiles * sizeof *f); - f[n] = soap_malloc(soap, sizeof **f); - f[n]->class_ = soap_strdup(soap,plugin->uris[i]); - f[n]->name = NULL; - f[n]->url = soap_strdup(soap,url); - free(url); - break; - case ENOENT: - break; - default: - err.code = ctx->error->code; - err.source = "jpsrv__GetJob()"; - err.desc = plugin->uris[i]; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - glite_jp_clear_error(ctx); - return SOAP_FAULT; - } - } - } - - if (!out->__sizefiles) { - glite_jp_clear_error(ctx); - err.code = ENOENT; - err.source = __FUNCTION__; - err.desc = "No file found for this job"; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - glite_jp_clear_error(ctx); - return SOAP_FAULT; - } - - out->files = soap_malloc(soap,out->__sizefiles * sizeof *f); - memcpy(out->files,f,out->__sizefiles * sizeof *f); - - return SOAP_OK; -} - diff --git a/org.glite.jp.client/src/tags.c b/org.glite.jp.client/src/tags.c deleted file mode 100644 index 1f11b4d..0000000 --- a/org.glite.jp.client/src/tags.c +++ /dev/null @@ -1,233 +0,0 @@ -#include -#include -#include -#include -#include - -#include -#include "tags.h" -#include "backend.h" - -/* magic name_len value_len binary sequence timestamp */ -#define HEADER "JP#TAG# %05u %012lu %c %05u %012lu#" -#define HEADER_SIZE 48 - -int glite_jpps_tag_append( - glite_jp_context_t ctx, - void *handle, - const glite_jp_tagval_t *tag -) -{ - char hdr[HEADER_SIZE+1]; - glite_jp_error_t err; - - unsigned long vlen = tag->binary ? tag->size : - (tag->value ? strlen(tag->value) : 0); - int nlen; - - memset(&err,0,sizeof err); - err.source = "glite_jpps_tag_append()"; - - if (!tag->name) { - err.code = EINVAL; - err.desc = "tag name"; - return glite_jp_stack_error(ctx,&err); - } - - nlen = strlen(tag->name); - - assert(sprintf(hdr,HEADER,nlen,vlen, - tag->binary ? "B" : "S", - tag->sequence, tag->timestamp) == HEADER_SIZE); - - if (glite_jppsbe_append(ctx,handle,hdr,HEADER_SIZE)) { - err.code = EIO; - err.desc = "write tag header"; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jppsbe_append(ctx,handle,tag->name,nlen)) { - err.code = EIO; - err.desc = "write tag name"; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jppsbe_append(ctx,handle,tag->value,vlen)) { - err.code = EIO; - err.desc = "write tag value"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jpps_tagval_copy( - glite_jp_context_t ctx, - glite_jp_tagval_t *from, - glite_jp_tagval_t *to -) -{ - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - to->name = strdup(from->name); - if (!to->name) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - to->sequence = from->sequence; - to->timestamp = from->timestamp; - to->binary = from->binary; - to->size = from->size; - to->value = (char *) malloc(to->size); - if (!to->value) { - free(to->name); - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - memcpy(from->value, to->value, to->size); - - return 0; -} - -int glite_jpps_tag_read( - glite_jp_context_t ctx, - void *handle, - off_t offset, - glite_jp_tagval_t *tagvalue, - size_t *shift -) -{ - char hdr[HEADER_SIZE+1]; - unsigned int nlen; - unsigned long vlen; - char binary; - unsigned sequence; - unsigned timestamp; - char * name = NULL; - char * value = NULL; - ssize_t ret; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - hdr[HEADER_SIZE] = '\0'; - if (glite_jppsbe_pread(ctx, handle, hdr, HEADER_SIZE, offset, &ret)) { - err.code = EIO; - err.desc = "Cannot read tag header"; - goto error_out; - } - if (ret == 0) { - err.code = ENOENT; - err.desc = "No more tags in the file"; - goto error_out; - } - /* #define HEADER "JP#TAG# %05u %012lu %c %05u %012lu#" */ - if (sscanf(hdr, HEADER, &nlen, &vlen, &binary, &sequence, ×tamp) < 5) { - err.code = EILSEQ; - err.desc = "Incorrect tag header format"; - goto error_out; - } - name = (char*) malloc(nlen + 1); - if (!name) { - err.code = ENOMEM; - goto error_out; - } - name[nlen] = '\0'; - value = (char*) malloc(vlen + 1); - if (!value) { - err.code = ENOMEM; - goto error_out; - } - value[vlen] = '\0'; - if (glite_jppsbe_pread(ctx, handle, name, nlen, offset + HEADER_SIZE, &ret)) { - err.code = EIO; - err.desc = "Cannot read tag name"; - goto error_out; - } - if (glite_jppsbe_pread(ctx, handle, value, vlen, offset + HEADER_SIZE + nlen, &ret)) { - err.code = EIO; - err.desc = "Cannot read tag value"; - goto error_out; - } - - tagvalue->name = name; - tagvalue->sequence = sequence; - tagvalue->timestamp = timestamp; - tagvalue->binary = (binary == 'B') ? 1 : 0; - tagvalue->size = vlen; - tagvalue->value = value; - - *shift = HEADER_SIZE + nlen + vlen; - - return 0; -error_out: - free(name); - free(value); - return glite_jp_stack_error(ctx,&err); -} - -/* -int glite_jpps_tag_read(glite_jp_context_t, void *, off_t, glite_jp_tagval_t *, size_t); -int glite_jpps_tag_readall(glite_jp_context_t, void *, glite_jp_tagval_t **); -*/ - -int glite_jpps_tag_readall( - glite_jp_context_t ctx, - void *handle, - glite_jp_tagval_t **tags_out -) -{ - glite_jp_tagval_t * tags = NULL; - void * newspace; - int ntags = 0; - int ntagspace = 0; - off_t offset = 0; - int ret; - size_t shift; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - ntagspace = 1; - tags = (glite_jp_tagval_t *) calloc(ntagspace + 1, sizeof(*tags)); - if (!tags) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - while (!(ret = glite_jpps_tag_read(ctx, handle, offset, &tags[ntags], &shift))) { - offset += shift; - ntags++; - if (ntagspace <= ntags) { - ntagspace += 1; - newspace = realloc(tags, (ntagspace + 1) * sizeof(*tags)); - if (!newspace) { - err.code = ENOMEM; - goto error_out; - } - tags = (glite_jp_tagval_t *) newspace; - } - } - if (ret == ENOENT) { - *tags_out = tags; - return 0; - } else { - err.code = EIO; - err.desc = "Error reading tag value"; - } - -error_out: - for (; ntags-- ;) { - free(tags[ntags].name); - free(tags[ntags].value); - } - free(tags); - return glite_jp_stack_error(ctx,&err); -} diff --git a/org.glite.jp.client/src/tags.h b/org.glite.jp.client/src/tags.h deleted file mode 100644 index 0d8afa8..0000000 --- a/org.glite.jp.client/src/tags.h +++ /dev/null @@ -1 +0,0 @@ -int glite_jpps_tag_append(glite_jp_context_t,void *,const glite_jp_tagval_t *); diff --git a/org.glite.jp.client/src/tags_plugin.c b/org.glite.jp.client/src/tags_plugin.c deleted file mode 100644 index 95dabd8..0000000 --- a/org.glite.jp.client/src/tags_plugin.c +++ /dev/null @@ -1,148 +0,0 @@ -#include -#include -#include -#include -#include -#include - -#include - -#include "file_plugin.h" -#include "builtin_plugins.h" - -static int tagappend(void *,void *,int,...); -static int tagopen(void *,void *,const char *uri,void **); -static int tagclose(void *,void *); - -#define TAGS_MAGIC 0x74c016f2 /* two middle digits encode version, i.e. 01 */ - -static int tagdummy() -{ - puts("tagdummy()"); - return -1; -} - -struct tags_handle { - void *bhandle; - int n; - glite_jp_tagval_t *tags; -}; - -int init(glite_jp_context_t ctx, glite_jpps_fplug_data_t *data) -{ - data->fpctx = ctx; - - data->uris = calloc(2,sizeof *data->uris); - data->uris[0] = strdup(GLITE_JP_FILETYPE_TAGS); - - data->classes = calloc(2,sizeof *data->classes); - data->classes[0] = strdup("tags"); - - data->ops.open = tagopen; - data->ops.close = tagclose; - data->ops.attr = tagdummy; - data->ops.generic = tagappend; - - printf("tags_plugin: URI: \"%s\"; magic number: 0x%08lx\n",GLITE_JP_FILETYPE_TAGS,TAGS_MAGIC); - return 0; -} - -static int tagopen(void *fpctx,void *bhandle,const char *uri,void **handle) -{ - struct tags_handle *h = calloc(1,sizeof *h); - h->n = -1; - h->bhandle = bhandle; - - *handle = h; - - return 0; -} - -static int tagclose(void *fpctx,void *handle) -{ - int i; - struct tags_handle *h = handle; - - for (i=0; in; i++) { - free(h->tags[i].name); - free(h->tags[i].value); - } - free(h->tags); - free(h); - - return 0; -} - -static int tagappend(void *fpctx,void *handle,int oper,...) -{ - glite_jp_tagval_t *tag; - va_list ap; - char *hdr,*rec; - glite_jp_context_t ctx = fpctx; - struct tags_handle *h = handle; - uint32_t magic,hlen,rlen,rlen_n; - size_t r; - glite_jp_error_t err; - - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - glite_jp_clear_error(ctx); - - va_start(ap,oper); - tag = va_arg(ap,glite_jp_tagval_t *); - va_end(ap); - - printf("tagappend: %s,%d,%s\n",tag->name,tag->sequence,tag->value); - - assert(oper == GLITE_JP_FPLUG_TAGS_APPEND); - - if (glite_jppsbe_pread(ctx,h->bhandle,&magic,sizeof magic,0,&r)) { - err.code = EIO; - err.desc = "reading magic number"; - return glite_jp_stack_error(ctx,&err); - } - - if (r == 0) { - magic = htonl(TAGS_MAGIC); - if (glite_jppsbe_pwrite(ctx,h->bhandle,&magic,sizeof magic,0)) { - err.code = EIO; - err.desc = "writing magic number"; - return glite_jp_stack_error(ctx,&err); - } - } - else if (r != sizeof magic) { - err.code = EIO; - err.desc = "can't read magic number"; - return glite_jp_stack_error(ctx,&err); - } - else if (magic != htonl(TAGS_MAGIC)) { - err.code = EINVAL; - err.desc = "invalid magic number"; - return glite_jp_stack_error(ctx,&err); - } - - trio_asprintf(&hdr,"%d %ld %c",tag->sequence, - tag->timestamp,tag->binary ? 'B' : 'S'); - - rlen = strlen(tag->name) + strlen(hdr) + 2 /* \0 after name and after hdr */ + - (r = tag->binary ? tag->size : (tag->value ? strlen(tag->value) : 0)); - - rlen_n = htonl(rlen); - - rec = malloc(rlen + sizeof rlen_n); - *((uint32_t *) rec) = rlen_n; - strcpy(rec + sizeof rlen_n,tag->name); - strcpy(rec + (hlen = sizeof rlen_n + strlen(tag->name) + 1),hdr); - - if (r) memcpy(rec + hlen + strlen(hdr) + 1,tag->value,r); - free(hdr); - - if (glite_jppsbe_append(ctx,h->bhandle,rec,rlen + sizeof rlen_n)) { - err.code = EIO; - err.desc = "writing tag record"; - free(rec); - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} diff --git a/org.glite.jp.client/src/typemap.dat b/org.glite.jp.client/src/typemap.dat deleted file mode 100644 index 72f515f..0000000 --- a/org.glite.jp.client/src/typemap.dat +++ /dev/null @@ -1,3 +0,0 @@ -jpsrv = http://glite.org/wsdl/services/jp -jptype = http://glite.org/wsdl/types/jp -jpelem = http://glite.org/wsdl/elements/jp diff --git a/org.glite.jp.common/.cvsignore b/org.glite.jp.common/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.jp.common/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.jp.common/Makefile b/org.glite.jp.common/Makefile deleted file mode 100644 index 3f84bcd..0000000 --- a/org.glite.jp.common/Makefile +++ /dev/null @@ -1,85 +0,0 @@ -# defaults -top_srcdir=. -builddir=build -top_builddir=${top_srcdir}/${builddir} -stagedir=. -distdir=. -globalprefix=glite -lbprefix=lb -package=glite-jp-common -version=0.0.0 -PREFIX=/opt/glite - -glite_location=/opt/glite -globus_prefix=/opt/globus -nothrflavour=gcc32 -thrflavour=gcc32pthr -expat_prefix=/opt/expat -ares_prefix=/opt/ares -gsoap_prefix=/software/gsoap-2.6 - -CC=gcc - --include Makefile.inc - - -VPATH=${top_srcdir}/src:${top_srcdir}/test:${top_srcdir}/project:${jpproject} - -GLOBUSINC:= -I${globus_prefix}/include/${nothrflavour} - - -DEBUG:=-g -O0 -CFLAGS:=${DEBUG} -I. -I${top_srcdir}/interface -I${stagedir}/include \ - ${GLOBUSINC} - -LINK:=libtool --mode=link ${CC} ${LDFLAGS} -rpath ${stagedir}/lib -LINKXX:=libtool --mode=link ${CXX} ${LDFLAGS} -INSTALL:=libtool --mode=install install -COMPILE:=libtool --mode=compile ${CC} ${CFLAGS} - -HDRS:=types.h context.h strmd5.h - -SRCS:=context.c strmd5.c attr.c -OBJS:=${SRCS:.c=.lo} - -commonlib:= libglite_jp_common.la - -default all: compile - -compile: ${commonlib} - -${commonlib}: ${OBJS} - ${LINK} -o $@ ${OBJS} - -check: - -echo nothing yet - -doc: - -stage: compile - $(MAKE) install PREFIX=${stagedir} - -install: - -mkdir -p ${PREFIX}/include/${globalprefix}/${jpprefix} - cd ${top_srcdir}/interface && install -m 644 ${HDRS} ${PREFIX}/include/${globalprefix}/${jpprefix} - -mkdir -p ${PREFIX}/lib - ${INSTALL} -m 755 ${commonlib} ${PREFIX}/lib - -dist: distsrc distbin - -# FIXME: just copied from LB -distsrc: - mkdir -p ${top_srcdir}/${package}-${version} - cd ${top_srcdir} && GLOBIGNORE="${package}-${version}" && cp -Rf * ${package}-${version} - cd ${top_srcdir} && tar -czf ${distdir}/${package}-${version}_src.tar.gz --exclude-from=project/tar_exclude ${package}-${version} - rm -rf ${top_srcdir}/${package}-${version} - -distbin: - $(MAKE) install PREFIX=`pwd`/tmpbuilddir${stagedir} - save_dir=`pwd`; cd tmpbuilddir${stagedir} && tar -czf $$save_dir/${top_srcdir}/${distdir}/${package}-${version}_bin.tar.gz *; cd $$save_dir - rm -rf tmpbuilddir - -clean: - -%.lo: %.c - ${COMPILE} -o $@ -c $< diff --git a/org.glite.jp.common/build.xml b/org.glite.jp.common/build.xml deleted file mode 100755 index 6e50854..0000000 --- a/org.glite.jp.common/build.xml +++ /dev/null @@ -1,97 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.common/interface/context.h b/org.glite.jp.common/interface/context.h deleted file mode 100644 index 20effb2..0000000 --- a/org.glite.jp.common/interface/context.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef __GLITE_JP_CONTEXT -#define __GLITE_JP_CONTEXT - -int glite_jp_init_context(glite_jp_context_t *); -void glite_jp_free_query_rec(glite_jp_query_rec_t *); - -char *glite_jp_peer_name(glite_jp_context_t); -char *glite_jp_error_chain(glite_jp_context_t); - -int glite_jp_stack_error(glite_jp_context_t, const glite_jp_error_t *); -int glite_jp_clear_error(glite_jp_context_t); - -int glite_jp_add_deferred(glite_jp_context_t,int (*)(glite_jp_context_t,void *),void *); -int glite_jp_run_deferred(glite_jp_context_t); - - -#endif diff --git a/org.glite.jp.common/interface/strmd5.h b/org.glite.jp.common/interface/strmd5.h deleted file mode 100755 index c5d76b6..0000000 --- a/org.glite.jp.common/interface/strmd5.h +++ /dev/null @@ -1,28 +0,0 @@ -#ifndef _GLITE_STRMD5_H -#define _GLITE_STRMD5_H - -#ident "$Header$" - -/* Compute MD5 sum of the first argument. - * The sum is returned in the 16-byte array pointed to by 2nd argument - * (if not NULL) - * - * Return value: ASCII string of the sum, i.e. 32 characters [0-9a-f] - * (pointer to static area, changed by subsequent calls) - */ - -char *strmd5(const char *src, unsigned char *dst); - -/** - * Returns: allocated 32bytes long ASCII string with md5 sum - * of the first argument - */ -char *str2md5(const char *src); - -/** - * Returns: allocated 22bytes long ASCII string with md5 sum in base64 - * format of the source argument - */ -char *str2md5base64(const char *src); - -#endif /* _GLITE_STRMD5_H */ diff --git a/org.glite.jp.common/interface/types.h b/org.glite.jp.common/interface/types.h deleted file mode 100644 index 7cf9d98..0000000 --- a/org.glite.jp.common/interface/types.h +++ /dev/null @@ -1,101 +0,0 @@ -#ifndef __GLITE_JP_TYPES -#define __GLITE_JP_TYPES - -#include - -typedef struct _glite_jp_error_t { - int code; - const char *desc; - const char *source; - struct _glite_jp_error_t *reason; -} glite_jp_error_t; - -typedef struct _glite_jp_context { - glite_jp_error_t *error; - int (**deferred_func)(struct _glite_jp_context *,void *); - void **deferred_arg; - void *feeds; - struct soap *other_soap; - char *peer; - void **plugins; - void *dbhandle; - char **trusted_peers; -} *glite_jp_context_t; - -typedef enum { - GLITE_JP_FILECLASS_UNDEF, - GLITE_JP_FILECLASS_INPUT, - GLITE_JP_FILECLASS_OUTPUT, - GLITE_JP_FILECLASS_LBLOG, - GLITE_JP_FILECLASS_TAGS, - GLITE_JP_FILECLASS__LAST -} glite_jp_fileclass_t; - -typedef struct { - char *name; - int sequence; - time_t timestamp; - int binary; - size_t size; - char *value; -} glite_jp_tagval_t; - -typedef enum { - GLITE_JP_ATTR_UNDEF, - GLITE_JP_ATTR_OWNER, - GLITE_JP_ATTR_TIME, - GLITE_JP_ATTR_TAG, - GLITE_JP_ATTR_GENERIC, - GLITE_JP_ATTR__LAST -} glite_jp_attrtype_t; - -typedef struct { - glite_jp_attrtype_t type; - char *name,*namespace; -} glite_jp_attr_t; - -typedef struct { - glite_jp_attr_t attr; - union { - char *s; - int i; - struct timeval time; - glite_jp_tagval_t tag; - } value; -} glite_jp_attrval_t; - - -typedef enum { - GLITE_JP_QUERYOP_UNDEF, - GLITE_JP_QUERYOP_EQUAL, - GLITE_JP_QUERYOP_UNEQUAL, - GLITE_JP_QUERYOP_LESS, - GLITE_JP_QUERYOP_GREATER, - GLITE_JP_QUERYOP_WITHIN, - GLITE_JP_QUERYOP__LAST, -} glite_jp_queryop_t; - -typedef struct { - glite_jp_attr_t attr; - glite_jp_queryop_t op; - union _glite_jp_query_rec_val { - char *s; - int i; - struct timeval time; - } value,value2; -} glite_jp_query_rec_t; - -void glite_jp_attrval_free(glite_jp_attrval_t *,int); - -void glite_jp_attr_free(glite_jp_attr_t *,int); -void glite_jp_attrset_free(glite_jp_attr_t *a,int); - -int glite_jp_attr_cmp(const glite_jp_attr_t *,const glite_jp_attr_t *); - -void glite_jp_attr_union(const glite_jp_attr_t *, const glite_jp_attr_t *, - glite_jp_attr_t **); - -void glite_jp_attr_sub(const glite_jp_attr_t *, const glite_jp_attr_t *, - glite_jp_attr_t **); - -#endif diff --git a/org.glite.jp.common/project/build.number b/org.glite.jp.common/project/build.number deleted file mode 100644 index c680c72..0000000 --- a/org.glite.jp.common/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=36 diff --git a/org.glite.jp.common/project/build.properties b/org.glite.jp.common/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.jp.common/project/configure.properties.xml b/org.glite.jp.common/project/configure.properties.xml deleted file mode 100644 index 5f0ea37..0000000 --- a/org.glite.jp.common/project/configure.properties.xml +++ /dev/null @@ -1,52 +0,0 @@ - - - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -jpprefix=${subsystem.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} -globus_prefix=${with.globus.prefix} -expat_prefix=${with.expat.prefix} -gsoap_prefix=${with.gsoap.prefix} -ares_prefix=${with.ares.prefix} -thrflavour=${with.globus.thr.flavor} -nothrflavour=${with.globus.nothr.flavor} -cppunit=${with.cppunit.prefix} -jpproject=${subsystem.project.dir} -project=${component.project.dir} - - - diff --git a/org.glite.jp.common/project/properties.xml b/org.glite.jp.common/project/properties.xml deleted file mode 100755 index b9d669d..0000000 --- a/org.glite.jp.common/project/properties.xml +++ /dev/null @@ -1,52 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.common/project/tar_exclude b/org.glite.jp.common/project/tar_exclude deleted file mode 100644 index e1fcd1a..0000000 --- a/org.glite.jp.common/project/tar_exclude +++ /dev/null @@ -1,10 +0,0 @@ -tar_exclude -CVS -build.xml -build -build.properties -properties.xml -configure.properties.xml -.cvsignore -.project -.cdtproject diff --git a/org.glite.jp.common/project/version.properties b/org.glite.jp.common/project/version.properties deleted file mode 100644 index cd1e9e7..0000000 --- a/org.glite.jp.common/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.jp.common/src/attr.c b/org.glite.jp.common/src/attr.c deleted file mode 100644 index 3e20b69..0000000 --- a/org.glite.jp.common/src/attr.c +++ /dev/null @@ -1,119 +0,0 @@ -#include -#include -#include - -#include "types.h" - -void glite_jp_attrval_free(glite_jp_attrval_t *a,int f) -{ - switch (a->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_GENERIC: - free(a->value.s); - break; - case GLITE_JP_ATTR_TAG: - if (a->value.tag.name) free(a->value.tag.name); - if (a->value.tag.value) free(a->value.tag.value); - break; - default: break; - } - - glite_jp_attr_free(&a->attr, 0); - if (f) free(a); -} - -int glite_jp_attr_cmp(const glite_jp_attr_t *a,const glite_jp_attr_t *b) -{ - int c; - - if (a->type < b->type) return -1; - if (a->type > b->type) return 1; - - switch (a->type) { - case GLITE_JP_ATTR_TAG: - case GLITE_JP_ATTR_GENERIC: - if (a->namespace && b->namespace && - (c = strcmp(a->namespace,b->namespace))) return c; - return strcmp(a->name,b->name); - - default: return 0; - } -} - -static int void_attr_cmp(const void *va, const void *vb) -{ - return glite_jp_attr_cmp(va,vb); -} - -void glite_jp_attr_union(const glite_jp_attr_t *a, const glite_jp_attr_t *b, - glite_jp_attr_t **out) -{ - int ac,bc,c,i,j; - glite_jp_attr_t *res; - - assert(out); - if (a) for (ac=0; a[ac].type; ac++); else ac=0; - if (b) for (bc=0; b[bc].type; bc++); else bc=0; - - if ((c = ac+bc) == 0) { - *out = NULL; - return; - } - - res = malloc((ac+bc+1) * sizeof *res); - memcpy(res,a,ac * sizeof *a); - memcpy(res+ac,b,bc * sizeof *b); - memset(res+ac+bc,0,sizeof *res); - qsort(res,c,sizeof *res,void_attr_cmp); - - for (i=0; i i+1) { - memmove(res+i+1,res+j,c-j); - c -= j - (i+1); - } - } - - for (i=0; res[i].type; i++) switch (res[i].type) { - case GLITE_JP_ATTR_TAG: - case GLITE_JP_ATTR_GENERIC: - if (res[i].namespace) res[i].namespace = strdup(res[i].namespace); - if (res[i].name) res[i].name = strdup(res[i].name); - break; - default: break; - } - - *out = res; -} - -void glite_jp_attr_sub(const glite_jp_attr_t *a, const glite_jp_attr_t *b, - glite_jp_attr_t **out) -{ - abort(); -} - -void glite_jp_attr_free(glite_jp_attr_t *a,int f) -{ - if (a) { - switch (a->type) { - case GLITE_JP_ATTR_TAG: - case GLITE_JP_ATTR_GENERIC: - free(a->name); - free(a->namespace); - break; - default: - break; - } - if (f) free(a); - } -} - -void glite_jp_attrset_free(glite_jp_attr_t *a,int f) -{ - int i; - - if (a) { - for (i=0; a[i].type; i++) glite_jp_attr_free(a+i,0); - if (f) free(a); - } -} diff --git a/org.glite.jp.common/src/context.c b/org.glite.jp.common/src/context.c deleted file mode 100644 index 10f59d9..0000000 --- a/org.glite.jp.common/src/context.c +++ /dev/null @@ -1,164 +0,0 @@ -#include -#include - -#include "types.h" -#include "context.h" - -int glite_jp_init_context(glite_jp_context_t *ctx) -{ - *ctx = calloc(1,sizeof **ctx); -} - -char *glite_jp_peer_name(glite_jp_context_t ctx) -{ - return strdup(ctx->peer ? ctx->peer : "unknown"); -} - -char *glite_jp_error_chain(glite_jp_context_t ctx) -{ - char *ret = NULL,indent[300] = ""; - int len = 0,add; - char buf[2000]; - - glite_jp_error_t *ep = ctx->error; - - do { - add = snprintf(buf,sizeof buf,"%s%s: %s (%s)\n", - indent, - ep->source, - strerror(ep->code), - ep->desc ? ep->desc : ""); - ret = realloc(ret,len + add + 1); - strncpy(ret + len,buf,add); ret[len += add] = 0; - strcat(indent," "); - } while (ep = ep->reason); - - return ret; -} - -int glite_jp_stack_error(glite_jp_context_t ctx, const glite_jp_error_t *err) -{ - glite_jp_error_t *reason = ctx->error; - - ctx->error = calloc(1,sizeof *ctx->error); - ctx->error->code = err->code; - ctx->error->desc = err->desc ? strdup(err->desc) : NULL; - ctx->error->source = err->source ? strdup(err->source) : NULL; - ctx->error->reason = reason; - - return err->code; -} - -int glite_jp_clear_error(glite_jp_context_t ctx) -{ - glite_jp_error_t *e = ctx->error, *r; - - while (e) { - r = e->reason; - free((char *) e->source); - free((char *) e->desc); - free(e); - e = r; - } - ctx->error = NULL; - return 0; -} - - -void glite_jp_free_query_rec(glite_jp_query_rec_t *q) -{ - free(q->attr.name); q->attr.name = NULL; - switch (q->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - free(q->value.s); q->value.s = NULL; - if (q->op == GLITE_JP_QUERYOP_WITHIN) { - free(q->value2.s); - q->value2.s = NULL; - } - break; - default: break; - } -} - -int glite_jp_attr_copy(glite_jp_attr_t *dst,const glite_jp_attr_t *src) -{ - dst->name = src->name ? strdup(src->name) : NULL; - dst->type = src->type; - return 0; -} - -int glite_jp_queryrec_copy(glite_jp_query_rec_t *dst, const glite_jp_query_rec_t *src) -{ - glite_jp_attr_copy(&dst->attr,&src->attr); - dst->op = src->op; - switch (src->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - dst->value.s = strdup(src->value.s); - if (dst->op == GLITE_JP_QUERYOP_WITHIN) - dst->value2.s = strdup(src->value2.s); - break; - case GLITE_JP_ATTR_TIME: - memcpy(&dst->value.time,&src->value.time,sizeof dst->value.time); - if (dst->op == GLITE_JP_QUERYOP_WITHIN) - memcpy(&dst->value2.time,&src->value2.time,sizeof dst->value2.time); - break; - } - return 0; -} - -int glite_jp_run_deferred(glite_jp_context_t ctx) -{ - int i,cnt,ret; - - if (!ctx->deferred_func) return 0; - - glite_jp_clear_error(ctx); - for (cnt=0;ctx->deferred_func[cnt];cnt++); - for (i=0; ideferred_func)(ctx,*ctx->deferred_arg)) { - glite_jp_error_t err; - char desc[100]; - - sprintf(desc,"calling func #%d, %p",i,*ctx->deferred_func); - err.code = ret; - err.desc = desc; - err.source = "glite_jp_run_deferred()"; - - glite_jp_stack_error(ctx,&err); - return ret; - } - else { - memmove(ctx->deferred_func,ctx->deferred_func+1, - (cnt-i) * sizeof *ctx->deferred_func); - memmove(ctx->deferred_arg,ctx->deferred_arg+1, - (cnt-i) * sizeof *ctx->deferred_arg); - } - } - free(ctx->deferred_func); ctx->deferred_func = NULL; - free(ctx->deferred_arg); ctx->deferred_arg = NULL; - return 0; -} - -int glite_jp_add_deferred( - glite_jp_context_t ctx, - int (*func)(glite_jp_context_t, void *), - void *arg -) -{ - int (**v)(glite_jp_context_t, void *) = ctx->deferred_func; - int i; - - for (i=0; v && *v; i++); - - ctx->deferred_func = realloc(ctx->deferred_func, (i+1) * sizeof *ctx->deferred_func); - ctx->deferred_func[i] = func; - ctx->deferred_func[i+1] = NULL; - - ctx->deferred_arg = realloc(ctx->deferred_arg,(i+1) * sizeof *ctx->deferred_arg); - ctx->deferred_arg[i] = arg; - ctx->deferred_arg[i+1] = NULL; - - return 0; -} diff --git a/org.glite.jp.common/src/strmd5.c b/org.glite.jp.common/src/strmd5.c deleted file mode 100755 index 87fd400..0000000 --- a/org.glite.jp.common/src/strmd5.c +++ /dev/null @@ -1,115 +0,0 @@ -#include -#include -#include -#include - -#include "strmd5.h" - -static char mbuf[33]; - -static int base64_encode(const void *enc, int enc_size, char *out, int out_max_size) -{ - static const char* b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; - - unsigned char* enc_buf = (unsigned char*)enc; - int out_size = 0; - unsigned int bits = 0; - unsigned int shift = 0; - - while ( out_size < out_max_size ) { - if ( enc_size>0 ) { - // Shift in byte - bits <<= 8; - bits |= *enc_buf; - shift += 8; - // Next byte - enc_buf++; - enc_size--; - } else if ( shift>0 ) { - // Pad last bits to 6 bits - will end next loop - bits <<= 6 - shift; - shift = 6; - } else { - // Terminate with Mime style '=' - *out = '='; - out_size++; - - return out_size; - } - - // Encode 6 bit segments - while ( shift>=6 ) { - shift -= 6; - *out = b64[ (bits >> shift) & 0x3F ]; - out++; - out_size++; - } - } - - // Output overflow - return -1; -} - -char *strmd5(const char *s, unsigned char *digest) -{ - MD5_CTX md5; - unsigned char d[16]; - int i; - - MD5_Init(&md5); - MD5_Update(&md5,s,strlen(s)); - MD5_Final(d,&md5); - - if (digest) memcpy(digest,d,sizeof(d)); - - for (i=0; i<16; i++) { - int dd = d[i] & 0x0f; - mbuf[2*i+1] = dd<10 ? dd+'0' : dd-10+'a'; - dd = d[i] >> 4; - mbuf[2*i] = dd<10 ? dd+'0' : dd-10+'a'; - } - mbuf[32] = 0; - return (char *) mbuf; -} - -char *str2md5(const char *s) -{ - MD5_CTX md5; - unsigned char d[16]; - char* ret = malloc(33); - int i; - - if (!ret) - return NULL; - - MD5_Init(&md5); - MD5_Update(&md5, s, strlen(s)); - MD5_Final(d, &md5); - - for (i=0; i<16; i++) { - int dd = d[i] & 0x0f; - ret[2*i+1] = dd<10 ? dd+'0' : dd-10+'a'; - dd = d[i] >> 4; - ret[2*i] = dd<10 ? dd+'0' : dd-10+'a'; - } - ret[32] = 0; - return ret; -} - -char *str2md5base64(const char *s) -{ - MD5_CTX md5; - unsigned char d[16]; - char buf[50]; - int l; - - MD5_Init(&md5); - MD5_Update(&md5, s, strlen(s)); - MD5_Final(d, &md5); - - l = base64_encode(d, 16, buf, sizeof(buf) - 1); - if (l < 1) - return NULL; - buf[l - 1] = 0; - return strdup(buf); -} diff --git a/org.glite.jp.index/.cvsignore b/org.glite.jp.index/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.jp.index/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.jp.index/Makefile b/org.glite.jp.index/Makefile deleted file mode 100644 index 3b893cd..0000000 --- a/org.glite.jp.index/Makefile +++ /dev/null @@ -1,129 +0,0 @@ -# defaults -top_srcdir=. -builddir=build -top_builddir=${top_srcdir}/${builddir} -stagedir=. -distdir=. -globalprefix=glite -lbprefix=lb -package=glite-lb-server -version=0.0.0 -PREFIX=/opt/glite - -glite_location=/opt/glite -globus_prefix=/opt/globus -nothrflavour=gcc32 -thrflavour=gcc32pthr -expat_prefix=/opt/expat -ares_prefix=/opt/ares -gsoap_prefix=/software/gsoap-2.6 - -CC=gcc - --include Makefile.inc - - -VPATH=${top_srcdir}/src:${top_srcdir}/examples:${top_srcdir}/test:${top_srcdir}/project:${jpproject} - -GLOBUS_LIBS:=-L${globus_prefix}/lib \ - -lglobus_common_${nothrflavour} \ - -lglobus_gssapi_gsi_${nothrflavour} - -DEBUG:=-g -O0 -DDEBUG - -CFLAGS:=${DEBUG} -I. -I${gsoap_prefix}/include -I${stagedir}/include -LDFLAGS:=-L${stagedir}/lib - -LINK:=libtool --mode=link ${CC} ${LDFLAGS} -LINKXX:=libtool --mode=link ${CXX} ${LDFLAGS} -INSTALL:=libtool --mode=install install - - -daemon:=glite-jp-indexd -example:=jpis-test -soap_prefix:=jpis_ - -SRCS:= simple_server.c soap_ops.c \ - ${soap_prefix}C.c \ - ${soap_prefix}Server.c - -EXA_SRCS:=jpis-test.c ${soap_prefix}C.c ${soap_prefix}Client.c - - -OBJS:=${SRCS:.c=.o} stdsoap2.o -EXA_OBJS:=${EXA_SRCS:.c=.o} stdsoap2.o - -COMMONLIB:=-lglite_jp_common - -default all: compile - -compile: ${daemon} ${example} - -${daemon}: ${OBJS} - ${LINK} -o $@ ${OBJS} ${COMMONLIB} ${GLOBUS_LIBS} - -${example}: ${EXA_OBJS} - ${LINK} -o $@ ${EXA_OBJS} - -JobProvenanceIS.xh: JobProvenanceIS.wsdl JobProvenanceTypes.wsdl typemap.dat - cp ${jpproject}/JobProvenanceTypes.wsdl . - ${gsoap_prefix}/bin/wsdl2h -t ${top_srcdir}/src/typemap.dat -c -o $@ $< - rm -f JobProvenanceTypes.wsdl - -${soap_prefix}C.c ${soap_prefix}H.h: JobProvenanceIS.xh - ${gsoap_prefix}/bin/soapcpp2 -w -c -p ${soap_prefix} JobProvenanceIS.xh - -#$(SOAP_PREFIX)H.h $(SOAP_PREFIX)C.c: LB.xh -# $(GSOAP_BIN_PATH)/soapcpp2 -w -c -p $(SOAP_PREFIX) LB.xh -# -#LB.xh: LB.wsdl typemap.dat -# $(GSOAP_BIN_PATH)/wsdl2h -c -o $@ LB.wsdl -# - - -check: - -echo nothing yet - -doc: - -stage: compile - ${INSTALL} -m 755 ${daemon} ${stagedir}/bin - -dist: distsrc distbin - -# FIXME: just copied from LB -distsrc: - mkdir -p ${top_srcdir}/${package}-${version} - cd ${top_srcdir} && GLOBIGNORE="${package}-${version}" && cp -Rf * ${package}-${version} - cd ${top_srcdir} && tar -czf ${distdir}/${package}-${version}_src.tar.gz --exclude-from=project/tar_exclude ${package}-${version} - rm -rf ${top_srcdir}/${package}-${version} - -distbin: - $(MAKE) install PREFIX=`pwd`/tmpbuilddir${stagedir} - save_dir=`pwd`; cd tmpbuilddir${stagedir} && tar -czf $$save_dir/${top_srcdir}/${distdir}/${package}-${version}_bin.tar.gz *; cd $$save_dir - rm -rf tmpbuilddir - -install: - -mkdir -p ${PREFIX}/bin ${PREFIX}/etc ${PREFIX}/etc/init.d - for p in bkserverd bkindex; do \ - ${INSTALL} -m 755 "glite_lb_$$p" "${PREFIX}/bin/glite-lb-$$p"; \ - done - - for f in dbsetup.sql index.conf.template; do \ - ${INSTALL} -m 644 ${top_srcdir}/config/"glite-lb-$$f" ${PREFIX}/etc; \ - done - - ${INSTALL} -m 755 ${top_srcdir}/config/startup ${PREFIX}/etc/init.d/glite-lb-bkserverd - -clean: - -soap_ops.o jpis-test.o simple_server.o: ${soap_prefix}H.h - -# we have no real config.h but have to force gSoap not to use -# linux ftime with broken (aka obsolete) DST information - -stdsoap2.o: ${gsoap_prefix}/devel/stdsoap2.c - test -f config.h || touch config.h - @echo 'The following warning "time_t (de)serialization is not MT safe on this platform" is harmless' - ${CC} -o $@ -c -DHAVE_CONFIG_H ${CFLAGS} ${gsoap_prefix}/devel/stdsoap2.c - diff --git a/org.glite.jp.index/build.xml b/org.glite.jp.index/build.xml deleted file mode 100755 index 3a97943..0000000 --- a/org.glite.jp.index/build.xml +++ /dev/null @@ -1,98 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.index/project/JobProvenanceIS.wsdl b/org.glite.jp.index/project/JobProvenanceIS.wsdl deleted file mode 100644 index 26f97a4..0000000 --- a/org.glite.jp.index/project/JobProvenanceIS.wsdl +++ /dev/null @@ -1,531 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Register job with JP primary storage. -Job registration in LB is propagated to JP immediately so that JP is aware of the job, -despite no furhter information is available in it. - -Input: JobId - -Output: N/A - -Faults: GenericJPFault - - - - - - - Initiate upload of of sandbox/dump of job life log from LB. -WM component responsible for job sandbox management and LB server call JP to declare -intention to upload intput/output sandbox and job life log. - -Input: - -uclass: type of the upload - INPUT_SANDBOX, OUTPUT_SANDBOX, JOB_LOG - -commitTimeout: upper limit on time for which JP waits for committing this upload transaction - -contentType: MIME type of the uploaded file - -Output: - -destination: URL where the client should upload the file - -commitBefore: acutual time when the upload transaction times out - -Faults: GenericJPFault - - -Initiate upload of of sandbox/dump of job life log from LB. - - - - - - Confirm upload. -Should be called after a file upload initiaded with StartUpload is finished. - -Input: - -destination: Upload destination URL (to match with the original request) - -Output: - -Faults: GenericJPFault - - - - - - - Record a value of user tag. -JP tags are either standalone or override values of their LB counterparts. -However, JP tag values are still distinguishable those inherited from LB. -JP tags may be either strings or blobs. - -Input: - -jobid: - -tag: structure containing name, timestamp, optional sequence number to order tag values -without relying on timestamps, and string or blob value. - -Output: N/A - -Faults: GenericJPFault - - - - - - - Start feeding JP index server. -Called by the index server to start batch feed, and optionally also subscribe for incremental feed. - -JP index server subscribes with JP primary storage using a query -containing conditions on primary metadata and a list of queryable attributes -of the index server (i.e. data which should be sent to the index server). - -When a matching job record is created or modified within the primary storage -the job record data are sent to the subscribed index server. - -The subscription is soft-state, it expires after certain time unless refreshed by the client explicitely. - -In the batch mode the query has the same form -with additional flag asking for all matching records (i.e.\ not only -arriving afterwards). - -Input: - -destination: where to send the job record data - -attributes: which job record attributes should be sent to the requesting index server - -conditions: list of query conditions. Each conditions has the form Attribute Operator Value, -where Attribute is any of job record attributes and Operator is one of EQUAL, UNEQUAL, LESS, GREATER, WITHIN. - -continuous: flag determining that the query is incremental (not batch) - -Output: - -feedId: unique Id of the feed request, to be used in refresh, cancelation etc. - -expires: when the feed times out. Must be refreshed before this time. - -Faults: GenericJPFault - - - - - - - Extend batch feed subscription (used by index server) - -Input: feedId returned previously by FeedIndex - -Output: the same as for FeedIndex - -Faults: GenericJPFault - - - - - - - Retrieve job record URL's when jobid is known -Used either to bypass JP index server query for this specific case, or after the index server query to -retrieve actual job record. - -Input: jobid - -Output: - -jobLog, inputSandbox, outputSandbox, tags: URL's to components of the job record. - -Faults: GenericJPFault - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Job Provenance Primary Storage service - - - - - - - - - - - - - - - - - - - - - - Store or update information on jobs within the JP index server. -Called directly by the primary storage, used for both batch and incremental feed. - -Input: - -data: list of job record updates. Each contains jobid, list of JP attribute values and user tag values. - -feedDone: flag indicating end of batch feed. (In order to avoid potential problems with buffer allocation -the huge dataset of batch feed is split into reasonable chunks and delivered with more UpdateJobs calls.) - -Output: N/A - -Faults: GenericJPFault - - - - - - - - - Retrieve pointers to job records of jobs matching a query. -Input: conditions - list of lists of query conditions. - Elements of the inner lists refer to a single job attribute, the conditions are or-ed. - Elements of the outer list may refer to different job attributes, they are and-ed. - -Output: - -jobs: list of JobId, PSContact (URL of the primary storage which manges this job) pairs - -Faults: GenericJPFault - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Job Provenance Index service - - - - - - - diff --git a/org.glite.jp.index/project/build.number b/org.glite.jp.index/project/build.number deleted file mode 100644 index 95388e3..0000000 --- a/org.glite.jp.index/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=9 diff --git a/org.glite.jp.index/project/build.properties b/org.glite.jp.index/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.jp.index/project/configure.properties.xml b/org.glite.jp.index/project/configure.properties.xml deleted file mode 100644 index 72af8f4..0000000 --- a/org.glite.jp.index/project/configure.properties.xml +++ /dev/null @@ -1,53 +0,0 @@ - - - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -lbprefix=${subsystem.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} -globus_prefix=${with.globus.prefix} -expat_prefix=${with.expat.prefix} -gsoap_prefix=${with.gsoap.prefix} -ares_prefix=${with.ares.prefix} -thrflavour=${with.globus.thr.flavor} -nothrflavour=${with.globus.nothr.flavor} -cppunit=${with.cppunit.prefix} -jpproject=${subsystem.project.dir} -project=${component.project.dir} - - - diff --git a/org.glite.jp.index/project/properties.xml b/org.glite.jp.index/project/properties.xml deleted file mode 100755 index 5f56392..0000000 --- a/org.glite.jp.index/project/properties.xml +++ /dev/null @@ -1,52 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.index/project/tar_exclude b/org.glite.jp.index/project/tar_exclude deleted file mode 100644 index e1fcd1a..0000000 --- a/org.glite.jp.index/project/tar_exclude +++ /dev/null @@ -1,10 +0,0 @@ -tar_exclude -CVS -build.xml -build -build.properties -properties.xml -configure.properties.xml -.cvsignore -.project -.cdtproject diff --git a/org.glite.jp.index/project/version.properties b/org.glite.jp.index/project/version.properties deleted file mode 100644 index cd1e9e7..0000000 --- a/org.glite.jp.index/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.jp.index/src/simple_server.c b/org.glite.jp.index/src/simple_server.c deleted file mode 100644 index ccaa5a7..0000000 --- a/org.glite.jp.index/src/simple_server.c +++ /dev/null @@ -1,39 +0,0 @@ -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "jpis_H.h" - -int main() { - struct soap soap; - int i, m, s; // master and slave sockets - - glite_jp_context_t ctx; - - soap_init(&soap); - glite_jp_init_context(&ctx); - soap.user = (void *) ctx; - - srand48(time(NULL)); /* feed id generation */ - - m = soap_bind(&soap, NULL, 8902, 100); - if (m < 0) - soap_print_fault(&soap, stderr); - else - { - fprintf(stderr, "Socket connection successful: master socket = %d\n", m); - for (i = 1; ; i++) { - s = soap_accept(&soap); - if (s < 0) { - soap_print_fault(&soap, stderr); - break; - } - soap_serve(&soap); // process RPC request - soap_destroy(&soap); // clean up class instances - soap_end(&soap); // clean up everything and close socket - glite_jp_run_deferred(ctx); - } - } - soap_done(&soap); // close master socket - - return 0; -} diff --git a/org.glite.jp.index/src/soap_ops.c b/org.glite.jp.index/src/soap_ops.c deleted file mode 100644 index 5af7352..0000000 --- a/org.glite.jp.index/src/soap_ops.c +++ /dev/null @@ -1,81 +0,0 @@ -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "jpis_H.h" -#include "JobProvenanceIS.nsmap" - -static struct jptype__GenericJPFaultType *jp2s_error(struct soap *soap, - const glite_jp_error_t *err) -{ - struct jptype__GenericJPFaultType *ret = NULL; - if (err) { - ret = soap_malloc(soap,sizeof *ret); - memset(ret,0,sizeof *ret); - ret->code = err->code; - ret->source = soap_strdup(soap,err->source); - ret->text = soap_strdup(soap,strerror(err->code)); - ret->description = soap_strdup(soap,err->desc); - ret->reason = jp2s_error(soap,err->reason); - } - return ret; -} - -static void err2fault(const glite_jp_context_t ctx,struct soap *soap) -{ - char *et; - struct SOAP_ENV__Detail *detail = soap_malloc(soap,sizeof *detail); - struct _GenericJPFault *f = soap_malloc(soap,sizeof *f); - - - f->jptype__GenericJPFault = jp2s_error(soap,ctx->error); - - detail->__type = SOAP_TYPE__GenericJPFault; - detail->value = f; - detail->__any = NULL; - - soap_receiver_fault(soap,"Oh, shit!",NULL); - if (soap->version == 2) soap->fault->SOAP_ENV__Detail = detail; - else soap->fault->detail = detail; -} - -static void s2jp_tag(const struct jptype__TagValue *stag,glite_jp_tagval_t *jptag) -{ - memset(jptag,0,sizeof *jptag); - jptag->name = strdup(stag->name); - jptag->sequence = stag->sequence ? *stag->sequence : 0; - jptag->timestamp = stag->timestamp ? *stag->timestamp : 0; - if (stag->stringValue) jptag->value = strdup(stag->stringValue); - else if (stag->blobValue) { - jptag->binary = 1; - jptag->size = stag->blobValue->__size; - jptag->value = (char *) stag->blobValue->__ptr; - } -} - -#define CONTEXT_FROM_SOAP(soap,ctx) glite_jp_context_t ctx = (glite_jp_context_t) ((soap)->user) - -SOAP_FMAC5 int SOAP_FMAC6 jpsrv__UpdateJobs( - struct soap *soap, - char *feed_id, - struct jptype__UpdateJobsData *jobs, - enum xsd__boolean done -) -{ - printf("%s items %d jobid %s\n",__FUNCTION__,jobs->__sizejob, - jobs->job[0]->jobid); - return SOAP_OK; -} - -SOAP_FMAC5 int SOAP_FMAC6 jpsrv__QueryJobs( - struct soap *soap, - struct jptype__IndexQuery *query, - struct jpsrv__QueryJobsResponse *resp -) -{ - puts(__FUNCTION__); - return SOAP_OK; -} - diff --git a/org.glite.jp.index/src/typemap.dat b/org.glite.jp.index/src/typemap.dat deleted file mode 100644 index 7032cb2..0000000 --- a/org.glite.jp.index/src/typemap.dat +++ /dev/null @@ -1,2 +0,0 @@ -jpsrv = http://glite.org/wsdl/services/jp -jptype = http://glite.org/wsdl/types/jp diff --git a/org.glite.jp.primary/.cvsignore b/org.glite.jp.primary/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.jp.primary/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.jp.primary/Makefile b/org.glite.jp.primary/Makefile deleted file mode 100644 index 73d1c5a..0000000 --- a/org.glite.jp.primary/Makefile +++ /dev/null @@ -1,186 +0,0 @@ -# defaults -top_srcdir=. -builddir=build -top_builddir=${top_srcdir}/${builddir} -stagedir=. -distdir=. -globalprefix=glite -jpprefix=jp -package=glite-jp-primary -version=0.0.0 -PREFIX=/opt/glite - -glite_location=/opt/glite -globus_prefix=/opt/globus -nothrflavour=gcc32 -thrflavour=gcc32pthr -expat_prefix=/opt/expat -ares_prefix=/opt/ares -gsoap_prefix=/software/gsoap-2.6 - -CC=gcc - --include Makefile.inc - - -VPATH=${top_srcdir}/src:${top_srcdir}/examples:${top_srcdir}/test:${top_srcdir}/project:${stagedir}/interface - -GLOBUS_LIBS:=-L${globus_prefix}/lib \ - -lglobus_common_${nothrflavour} \ - -lglobus_gssapi_gsi_${nothrflavour} - -GLOBUS_CFLAGS:=-I${globus_prefix}/include/${nothrflavour} - -DEBUG:=-g -O0 -DDEBUG - -CFLAGS:=${DEBUG} -I. -I${top_srcdir}/interface -I${top_srcdir}/src -I${gsoap_prefix}/include -I${stagedir}/include ${GLOBUS_CFLAGS} -I${mysql_prefix}/include -I${mysql_prefix}/include/mysql -LDFLAGS:=-L${stagedir}/lib - -LINK:=libtool --mode=link ${CC} ${LDFLAGS} -LTCOMPILE:=libtool --mode=compile ${CC} ${CFLAGS} -SOLINK:=libtool --mode=link ${CC} -module ${LDFLAGS} -rpath ${stagedir}/lib -LINKXX:=libtool --mode=link ${CXX} ${LDFLAGS} -INSTALL:=libtool --mode=install install - -daemon:=glite-jp-primarystoraged -example:=jpps-test -ps_prefix:=jpps_ -is_prefix:=jpis_ - -plugins:=glite-jp-tags.la - -HDRS_I=file_plugin.h -HDRS_S=builtin_plugins.h backend.h - -SRCS:= bones_server.c soap_ops.c \ - new_ftp_backend.c mysql.c file_plugin.c \ - feed.c authz.c\ - is_client.c \ - ${ps_prefix}ServerLib.c \ - ${is_prefix}ClientLib.c jpps_C.c -# env_C.c - -EXA_SRCS:=jpps-test.c ${ps_prefix}C.c ${ps_prefix}Client.c - - -OBJS:=${SRCS:.c=.o} -EXA_OBJS:=${EXA_SRCS:.c=.o} - -COMMONLIB:=-lglite_jp_common -BONESLIB:=-lglite_lb_server_bones -GSOAPLIB:=-lglite_security_gsoap_plugin_${nothrflavour} -lglite_security_gss_${nothrflavour} \ - -L${gsoap_prefix}/lib -lgsoap${GSOAP_DEBUG} -L${ares_prefix}/lib -lares -TRIOLIB:=-lglite_lb_trio - -ifneq (${mysql_prefix},/usr) - ifeq ($(shell echo ${mysql_version} | cut -d. -f1,2),4.1) - MYSQLIB := -L${mysql_prefix}/lib/mysql -lmysqlclient - else - MYSQLIB := -L${mysql_prefix}/lib -lmysqlclient - endif -else - MYSQLIB := -lmysqlclient -endif - -default all: compile - -compile: ${daemon} ${example} ${plugins} - -${daemon}: ${OBJS} - ${LINK} -o $@ -export-dynamic ${OBJS} ${BONESLIB} ${TRIOLIB} ${COMMONLIB} ${GSOAPLIB} ${GLOBUS_LIBS} ${MYSQLIB} - -${example}: ${EXA_OBJS} - ${LINK} -o $@ ${EXA_OBJS} ${GSOAPLIB} ${GLOBUS_LIBS} - -# XXX: piss off -JobProvenanceIS.xh: - touch $@ - -JobProvenancePS.xh: %.xh: %.wsdl JobProvenanceTypes.wsdl typemap.dat - cp ${stagedir}/interface/JobProvenanceTypes.wsdl . - ${gsoap_prefix}/bin/wsdl2h -t ${top_srcdir}/src/typemap.dat -c -o $@ $< - rm -f JobProvenanceTypes.wsdl - -${ps_prefix}Client.c ${ps_prefix}ClientLib.c \ -${ps_prefix}Server.c ${ps_prefix}ServerLib.c \ -${ps_prefix}C.c ${ps_prefix}H.h: JobProvenancePS.xh - ${gsoap_prefix}/bin/soapcpp2 -n -w -c -p ${ps_prefix} JobProvenancePS.xh - -${is_prefix}ClientLib.c ${is_prefix}Client.c \ -${is_prefix}C.c ${is_prefix}H.h: JobProvenanceIS.xh - ${gsoap_prefix}/bin/soapcpp2 -n -w -c -p ${is_prefix} JobProvenanceIS.xh - -env_C.c env_Server.c: - touch env.xh - cp ${jpproject}/JobProvenanceTypes.wsdl . - ${gsoap_prefix}/bin/wsdl2h -t ${top_srcdir}/src/typemap.dat -c -o env.xh JobProvenanceTypes.wsdl - rm -f JobProvenanceTypes.wsdl - ${gsoap_prefix}/bin/soapcpp2 -w -c -p env_ env.xh - -#$(SOAP_PREFIX)H.h $(SOAP_PREFIX)C.c: LB.xh -# $(GSOAP_BIN_PATH)/soapcpp2 -w -c -p $(SOAP_PREFIX) LB.xh -# -#LB.xh: LB.wsdl typemap.dat -# $(GSOAP_BIN_PATH)/wsdl2h -c -o $@ LB.wsdl -# - - -bones_server.o simple_server.o: ${is_prefix}H.h ${ps_prefix}H.h - -check: - -echo nothing yet - -doc: - -stage: compile - ${MAKE} PREFIX=${stagedir} DOSTAGE=yes install - -dist: distsrc distbin - -distsrc: - mkdir -p ${top_srcdir}/${package}-${version} - cd ${top_srcdir} && GLOBIGNORE="${package}-${version}" && cp -Rf * ${package}-${version} - cd ${top_srcdir} && tar -czf ${distdir}/${package}-${version}_src.tar.gz --exclude-from=project/tar_exclude ${package}-${version} - rm -rf ${top_srcdir}/${package}-${version} - -distbin: - $(MAKE) install PREFIX=`pwd`/tmpbuilddir${stagedir} - save_dir=`pwd`; cd tmpbuilddir${stagedir} && tar -czf $$save_dir/${top_srcdir}/${distdir}/${package}-${version}_bin.tar.gz *; cd $$save_dir - rm -rf tmpbuilddir - -install: - -mkdir -p ${PREFIX}/bin ${PREFIX}/etc ${PREFIX}/examples ${PREFIX}/etc/init.d - ${INSTALL} -m 755 ${daemon} ${PREFIX}/bin - ${INSTALL} -m 755 jpps-test ${PREFIX}/examples/glite-jp-primary-test - if [ x${DOSTAGE} = xyes ]; then \ - mkdir -p ${PREFIX}/include/${globalprefix}/${jpprefix} ; \ - (cd ${top_srcdir}/interface && install -m 644 ${HDRS_I} ${PREFIX}/include/${globalprefix}/${jpprefix}) ; \ - (cd ${top_srcdir}/src && install -m 644 ${HDRS_S} ${PREFIX}/include/${globalprefix}/${jpprefix}) ; \ - fi - - -clean: - -simple_server.o soap_ops.o jpps-test.o: ${ps_prefix}H.h - -# we have no real config.h but have to force gSoap not to use -# linux ftime with broken (aka obsolete) DST information - -stdsoap2.o: ${gsoap_prefix}/devel/stdsoap2.c - test -f config.h || touch config.h - @echo 'The following warning "time_t (de)serialization is not MT safe on this platform" is harmless' - ${CC} -o $@ -c -DWITH_NONAMESPACES -DHAVE_CONFIG_H ${CFLAGS} ${gsoap_prefix}/devel/stdsoap2.c - - -glite-jp-tags.la: tags_plugin.lo - ${SOLINK} -o $@ tags_plugin.lo - -%.lo: %.c - ${LTCOMPILE} -o $@ -c $< - -soap_ops.o bones_server.o: soap_version.h - -soap_version.h: - ${gsoap_prefix}/bin/soapcpp2 /dev/null - perl -ne '$$. == 2 && /.*([0-9])\.([0-9])\.([0-9]).*/ && printf "#define GSOAP_VERSION %d%02d%02d\n",$$1,$$2,$$3' soapH.h >$@ - -rm soapC.cpp soapH.h soapStub.h soapClient.cpp soapServer.cpp soapClientLib.cpp soapServerLib.cpp diff --git a/org.glite.jp.primary/build.xml b/org.glite.jp.primary/build.xml deleted file mode 100755 index 439631b..0000000 --- a/org.glite.jp.primary/build.xml +++ /dev/null @@ -1,102 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.primary/config/glite-jp-primary-dbsetup.sql b/org.glite.jp.primary/config/glite-jp-primary-dbsetup.sql deleted file mode 100644 index f253f1d..0000000 --- a/org.glite.jp.primary/config/glite-jp-primary-dbsetup.sql +++ /dev/null @@ -1,46 +0,0 @@ -create table jobs ( - jobid char(32) binary not null, - dg_jobid varchar(255) binary not null, - owner char(32) binary not null, - - reg_time datetime not null, - - primary key (jobid), - unique (dg_jobid), - index (owner), - index (owner,reg_time) -); - -create table files ( - jobid char(32) binary not null, - filename varchar(255) binary not null, - int_path mediumblob null, - ext_url mediumblob null, - - state char(32) binary not null, - deadline datetime null, - ul_userid char(32) binary not null, - - primary key (jobid,filename), - index (ext_url(255)) -); - -create table attrs ( - jobid char(32) binary not null, - name varchar(255) binary not null, - value mediumblob null, - - primary key (jobid,name) -); - -create table users ( - userid char(32) binary not null, - cert_subj varchar(255) binary not null, - - primary key (userid), - unique (cert_subj) -); - -create table backend_info ( - version char(32) binary not null -); diff --git a/org.glite.jp.primary/examples/README.test b/org.glite.jp.primary/examples/README.test deleted file mode 100644 index 6bfe1d8..0000000 --- a/org.glite.jp.primary/examples/README.test +++ /dev/null @@ -1,40 +0,0 @@ -Create database: ----------------- - -$ mysqladmin -u root -p create jpps -$ mysql -u root -p -mysql> grant all privileges on jpps.* to jpps@localhost identified by ''; - -$ mysql -p -u jpps jpps -#include -#include -#include - -#include "glite/security/glite_gsplugin.h" - -#include "jpps_H.h" -#include "jpps_.nsmap" - -#include "jptype_map.h" - -#include "soap_version.h" -#if GSOAP_VERSION <= 20602 -#define soap_call___jpsrv__RegisterJob soap_call___ns1__RegisterJob -#define soap_call___jpsrv__StartUpload soap_call___ns1__StartUpload -#define soap_call___jpsrv__CommitUpload soap_call___ns1__CommitUpload -#define soap_call___jpsrv__RecordTag soap_call___ns1__RecordTag -#define soap_call___jpsrv__FeedIndex soap_call___ns1__FeedIndex -#define soap_call___jpsrv__FeedIndexRefresh soap_call___ns1__FeedIndexRefresh -#define soap_call___jpsrv__GetJob soap_call___ns1__GetJob -#endif - - -static void usage(const char *me) -{ - fprintf(stderr,"%s: [-s server-url] operation args \n\n" - " operations are:\n" - " RegisterJob jobid owner\n" - " StartUpload jobid class commit_before mimetype\n" - " CommitUpload destination\n" - " RecordTag jobid tagname sequence stringvalue\n" - " GetJob jobid\n" - " FeedIndex destination query_number history continuous\n" - " FeedIndexRefresh feedid\n" - ,me); - - exit (EX_USAGE); -} - -static int check_fault(struct soap *soap,int err) { - struct SOAP_ENV__Detail *detail; - struct jptype__genericFault *f; - char *reason,indent[200] = " "; - - switch(err) { - case SOAP_OK: puts("OK"); - break; - case SOAP_FAULT: - case SOAP_SVR_FAULT: - if (soap->version == 2) { - detail = soap->fault->SOAP_ENV__Detail; - reason = soap->fault->SOAP_ENV__Reason; - } - else { - detail = soap->fault->detail; - reason = soap->fault->faultstring; - } - fputs(reason,stderr); - putc('\n',stderr); - assert(detail->__type == SOAP_TYPE__genericFault); -#if GSOAP_VERSION >=20700 - f = ((struct _genericFault *) detail->fault) -#else - f = ((struct _genericFault *) detail->value) -#endif - -> jpelem__genericFault; - - while (f) { - fprintf(stderr,"%s%s: %s (%s)\n",indent, - f->source,f->text,f->description); - f = f->reason; - strcat(indent," "); - } - return -1; - - default: soap_print_fault(soap,stderr); - return -1; - } - return 0; -} - -/* FIXME: new wsdl */ -#if 0 -static struct jptype__Attribute sample_attr[] = { - { OWNER, NULL }, - { TIME, "submitted" }, - { TAG, "test" }, -}; - -static struct jptype__PrimaryQueryElement sample_query[][5] = { - { - { sample_attr+OWNER, EQUAL, "unknown", NULL }, - { NULL, 0, NULL, NULL } - }, -}; -#endif - -int main(int argc,char *argv[]) -{ - char *server = "http://localhost:8901"; - int opt; - struct soap *soap = soap_new(); - - if (argc < 2) usage(argv[0]); - - soap_init(soap); - soap_set_namespaces(soap, jpps__namespaces); - - soap_register_plugin(soap,glite_gsplugin); - - while ((opt = getopt(argc,argv,"s:")) >= 0) switch (opt) { - case 's': server = optarg; - argv += 2; - break; - case '?': usage(argv[0]); - } - - if (!strcasecmp(argv[1],"RegisterJob")) { - struct _jpelem__RegisterJob in; - struct _jpelem__RegisterJobResponse empty; - - if (argc != 4) usage(argv[0]); - in.job = argv[2]; - in.owner = argv[3]; - check_fault(soap, - soap_call___jpsrv__RegisterJob(soap,server,"",&in,&empty)); - } else if (!strcasecmp(argv[1], "StartUpload")) { - struct _jpelem__StartUpload in; - struct _jpelem__StartUploadResponse out; - - in.job = argv[2]; - in.class_ = argv[3]; - in.name = NULL; - in.commitBefore = atoi(argv[4]) + time(NULL); - in.contentType = argv[5]; - - if (argc != 6) usage(argv[0]); - if (!check_fault(soap, - soap_call___jpsrv__StartUpload(soap, server, "",&in,&out))) - { - printf("Destination: %s\nCommit before: %s\n", out.destination, ctime(&out.commitBefore)); - } - } else if (!strcasecmp(argv[1], "CommitUpload")) { - struct _jpelem__CommitUpload in; - struct _jpelem__CommitUploadResponse empty; - - in.destination = argv[2]; - - if (argc != 3) usage(argv[0]); - if (!check_fault(soap, - soap_call___jpsrv__CommitUpload(soap, server, "",&in,&empty))) { - /* OK */ - } - } else if (!strcasecmp(argv[1], "RecordTag")) { - struct _jpelem__RecordTag in; - struct _jpelem__RecordTagResponse empty; - struct jptype__tagValue tagval; - - int seq = 0; - - if (argc != 6) usage(argv[0]); - - in.jobid = argv[2]; - in.tag = &tagval; - tagval.name = argv[3]; - seq = atoi(argv[4]); - tagval.sequence = &seq; - tagval.timestamp = NULL; - tagval.stringValue = argv[5]; - tagval.blobValue = NULL; - - if (!check_fault(soap, - soap_call___jpsrv__RecordTag(soap, server, "",&in, &empty))) { - /* OK */ - } - } -/* FIXME: new wsdl */ -#if 0 - else if (!strcasecmp(argv[1],"FeedIndex")) { - struct jpsrv__FeedIndexResponse r; - struct jptype__Attribute *ap[2]; - struct jptype__Attributes attr = { 2, ap }; - struct jptype__PrimaryQueryElement *qp[100]; - struct jptype__PrimaryQuery qry = { 0, qp }; - - int i,j,qi = atoi(argv[3])-1; - - if (argc != 6) usage(argv[0]); - - for (i=0; iclass_, - out.files[i]->name, - out.files[i]->url); - } - } - - } - else usage(argv[0]); - - return 0; -} - - -/* XXX: we don't use it */ -SOAP_NMAC struct Namespace namespaces[] = { {NULL,NULL} }; diff --git a/org.glite.jp.primary/interface/file_plugin.h b/org.glite.jp.primary/interface/file_plugin.h deleted file mode 100644 index b3cec8a..0000000 --- a/org.glite.jp.primary/interface/file_plugin.h +++ /dev/null @@ -1,72 +0,0 @@ -#ifndef __GLITE_JP_FILEPLUGIN -#define __GLITE_JP_FILEPLUGIN - -/** Methods of the file plugin. */ - -typedef struct _glite_jpps_fplug_op_t { - -/** Open a file. -\param[in] fpctx Context of the plugin, returned by its init. -\param[in] bhandle Handle of the file via JPPS backend. -\param[in] uri URI (type) of the opened file. -\param[out] handle Handle to the opened file structure, to be passed to other plugin functions. -*/ - int (*open)(void *fpctx,void *bhandle,const char *uri,void **handle); - -/** Close the file. Free data associated to a handle */ - int (*close)(void *fpctx,void *handle); - -/** Retrieve value(s) of an attribute. -\param[in] fpctx Plugin context. -\param[in] handle Handle of the opened file. -\param[in] attr Queried attribute. -\param[out] attrval GLITE_JP_ATTR_UNDEF-terminated list of value(s) of the attribute. - If there are more and there is an interpretation of their order - they must be sorted, eg. current value of tag is the last one. -\retval 0 success -\retval ENOSYS this attribute is not defined by this type of file -\retval ENOENT no value is present -*/ - int (*attr)(void *fpctx,void *handle,glite_jp_attr_t attr,glite_jp_attrval_t **attrval); - -/** File type specific operation. -\param[in] fpctx Plugin context. -\param[in] handle Handle of the opened file. -\param[in] oper Code of the operation, specific for a concrete plugin. -*/ - int (*generic)(void *fpctx,void *handle,int oper,...); - -} glite_jpps_fplug_op_t; - -/** Data describing a plugin. */ -typedef struct _glite_jpps_fplug_data_t { - void *fpctx; /**< Context passed to plugin operations. */ - char **uris; /**< NULL-terminated list of file types (URIs) - handled by the plugin. */ - char **classes; /**< The same as uris but filesystem-friendly - (can be used to construct file names).*/ - - glite_jpps_fplug_op_t ops; /**< Plugin operations. */ -} glite_jpps_fplug_data_t; - -/** Initialisation function of the plugin. - Called after dlopen(), must be named "init". -\param[in] ctx JPPS context -\param[out] data filled-in plugin data -*/ - -typedef int (*glite_jpps_fplug_init_t)( - glite_jp_context_t ctx, - glite_jpps_fplug_data_t *plugin_data -); - - - - -/* XXX: not really public interface follows */ - -int glite_jpps_fplug_load(glite_jp_context_t ctx,int argc,char **argv); -int glite_jpps_fplug_lookup(glite_jp_context_t ctx,const char *uri, glite_jpps_fplug_data_t ***plugin_data); -int glite_jpps_fplug_lookup_byclass(glite_jp_context_t, const char *class,glite_jpps_fplug_data_t ***plugin_data,char **uri); - -#endif diff --git a/org.glite.jp.primary/project/build.number b/org.glite.jp.primary/project/build.number deleted file mode 100644 index c680c72..0000000 --- a/org.glite.jp.primary/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=36 diff --git a/org.glite.jp.primary/project/build.properties b/org.glite.jp.primary/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.jp.primary/project/configure.properties.xml b/org.glite.jp.primary/project/configure.properties.xml deleted file mode 100644 index 5e1ce29..0000000 --- a/org.glite.jp.primary/project/configure.properties.xml +++ /dev/null @@ -1,58 +0,0 @@ - - - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -lbprefix=${subsystem.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} -globus_prefix=${with.globus.prefix} -expat_prefix=${with.expat.prefix} -ares_prefix=${with.ares.prefix} -gsoap_prefix=${with.gsoap.prefix} -mysql_prefix=${with.mysql.prefix} -mysql_version=${ext.mysql.version} -thrflavour=${with.globus.thr.flavor} -nothrflavour=${with.globus.nothr.flavor} -cppunit=${with.cppunit.prefix} -jpproject=${subsystem.project.dir} -project=${component.project.dir} - - - diff --git a/org.glite.jp.primary/project/properties.xml b/org.glite.jp.primary/project/properties.xml deleted file mode 100755 index 2149dd4..0000000 --- a/org.glite.jp.primary/project/properties.xml +++ /dev/null @@ -1,51 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.primary/project/tar_exclude b/org.glite.jp.primary/project/tar_exclude deleted file mode 100644 index e1fcd1a..0000000 --- a/org.glite.jp.primary/project/tar_exclude +++ /dev/null @@ -1,10 +0,0 @@ -tar_exclude -CVS -build.xml -build -build.properties -properties.xml -configure.properties.xml -.cvsignore -.project -.cdtproject diff --git a/org.glite.jp.primary/project/version.properties b/org.glite.jp.primary/project/version.properties deleted file mode 100644 index cd1e9e7..0000000 --- a/org.glite.jp.primary/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.jp.primary/src/authz.c b/org.glite.jp.primary/src/authz.c deleted file mode 100644 index edaaef4..0000000 --- a/org.glite.jp.primary/src/authz.c +++ /dev/null @@ -1,77 +0,0 @@ -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "jpps_H.h" -#include "jptype_map.h" - -int glite_jpps_authz(glite_jp_context_t ctx,int op,const char *job,const char *owner) -{ - glite_jp_error_t err; - char buf[200]; - int i; - - memset(&err,0,sizeof err); - glite_jp_clear_error(ctx); - err.source = __FUNCTION__; - err.code = EPERM; - - switch (op) { - case SOAP_TYPE___jpsrv__RegisterJob: - case SOAP_TYPE___jpsrv__StartUpload: - case SOAP_TYPE___jpsrv__CommitUpload: - for (i=0; ctx->trusted_peers && ctx->trusted_peers[i]; i++) - if (!strcmp(ctx->trusted_peers[i],ctx->peer)) return 0; - err.desc = "you are not a trusted peer"; - return glite_jp_stack_error(ctx,&err); - - case SOAP_TYPE___jpsrv__GetJob: - assert(owner); - return strcmp(owner,ctx->peer) ? glite_jp_stack_error(ctx,&err) : 0; - break; - - default: - snprintf(buf,sizeof buf,"%d: unknown operation",op); - err.desc = buf; - err.code = EINVAL; - return glite_jp_stack_error(ctx,&err); - } -} - -int glite_jpps_readauth(glite_jp_context_t ctx,const char *file) -{ - FILE *f = fopen(file,"r"); - glite_jp_error_t err; - int cnt = 0; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - if (!f) { - err.code = errno; - err.desc = file; - return glite_jp_stack_error(ctx,&err); - } - - ctx->trusted_peers = NULL; - while (!feof(f)) { - char buf[BUFSIZ]; - - if (fscanf(f,"%[^\n]\n",buf) != 1) { - err.code = EINVAL; - err.desc = file; - fclose(f); - return glite_jp_stack_error(ctx,&err); - } - - ctx->trusted_peers = realloc(ctx->trusted_peers, (cnt+2) * sizeof *ctx->trusted_peers); - ctx->trusted_peers[cnt++] = strdup(buf); - ctx->trusted_peers[cnt] = NULL; - } - fclose(f); - return 0; -} diff --git a/org.glite.jp.primary/src/authz.h b/org.glite.jp.primary/src/authz.h deleted file mode 100644 index 9451aef..0000000 --- a/org.glite.jp.primary/src/authz.h +++ /dev/null @@ -1,18 +0,0 @@ -/** - * Check authorisation of JPPS operation on job. - * - * \param[in] ctx JP context including peer name & other credentials (VOMS etc.) - * \param[in] op operation, one of SOAP_TYPE___jpsrv__* - * \param[in] job jobid of the job to decide upon - * \param[in] owner current known owner of the job (may be NULL), shortcut to avoid - * unnecessary database query. - * - * \retval 0 OK, operation permitted - * \retval EPERM denied - * \retval other error - */ - -int glite_jpps_authz(glite_jp_context_t ctx,int op,const char *job,const char *owner); - -int glite_jpps_readauth(glite_jp_context_t ctx,const char *file); - diff --git a/org.glite.jp.primary/src/backend.h b/org.glite.jp.primary/src/backend.h deleted file mode 100644 index cf901fb..0000000 --- a/org.glite.jp.primary/src/backend.h +++ /dev/null @@ -1,116 +0,0 @@ -#ifndef __GLITE_JP_BACKEND -#define __GLITE_JP_BACKEND - -#include -#include - -int glite_jppsbe_init( - glite_jp_context_t ctx, - int argc, - char *argv[] -); - -int glite_jppsbe_init_slave( - glite_jp_context_t ctx -); - -int glite_jppsbe_register_job( - glite_jp_context_t ctx, - const char *job, - const char *owner -); - -int glite_jppsbe_start_upload( - glite_jp_context_t ctx, - const char *job, - const char *class, /* must be filesystem-friendly */ - const char *name, /* optional name within the class */ - const char *content_type, - char **destination_out, - time_t *commit_before_inout -); - -int glite_jppsbe_commit_upload( - glite_jp_context_t ctx, - const char *destination -); - -int glite_jppsbe_get_names( - glite_jp_context_t ctx, - const char *job, - const char *class, - char ***names_out -); - -int glite_jppsbe_destination_info( - glite_jp_context_t ctx, - const char *destination, - char **job_out, - char **class_out, - char **name_out -); - -int glite_jppsbe_get_job_url( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* optional within class */ - char **url_out -); - -int glite_jppsbe_open_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* optional within class */ - int mode, - void **handle_out -); - -int glite_jppsbe_close_file( - glite_jp_context_t ctx, - void *handle -); - -int glite_jppsbe_pread( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset, - ssize_t *nbytes_ret -); - -int glite_jppsbe_pwrite( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset -); - -int glite_jppsbe_append( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes -); - -int glite_jppsbe_get_job_metadata( - glite_jp_context_t ctx, - const char *job, - glite_jp_attrval_t attrs_inout[] -); - -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -); - -#endif diff --git a/org.glite.jp.primary/src/bones_server.c b/org.glite.jp.primary/src/bones_server.c deleted file mode 100644 index dcc31d6..0000000 --- a/org.glite.jp.primary/src/bones_server.c +++ /dev/null @@ -1,333 +0,0 @@ -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "glite/lb/srvbones.h" -#include "glite/security/glite_gss.h" - -#include -#include "glite/security/glite_gsplugin.h" - -#include "backend.h" -#include "file_plugin.h" - -#include "soap_version.h" -#include "jpps_H.h" - -#define CONN_QUEUE 20 - -extern SOAP_NMAC struct Namespace jpis__namespaces[],jpps__namespaces[]; - -static int newconn(int,struct timeval *,void *); -static int request(int,struct timeval *,void *); -static int reject(int); -static int disconn(int,struct timeval *,void *); -static int data_init(void **data); - -static struct glite_srvbones_service stab = { - "JP Primary Storage", -1, newconn, request, reject, disconn -}; - -static time_t cert_mtime; -static char *server_cert, *server_key, *cadir; -static gss_cred_id_t mycred = GSS_C_NO_CREDENTIAL; -static char *mysubj; - -static char *port = "8901"; -static int debug = 1; - -static glite_jp_context_t ctx; - -static int call_opts(glite_jp_context_t,char *,char *,int (*)(glite_jp_context_t,int,char **)); - -char *glite_jp_default_namespace; - -int main(int argc, char *argv[]) -{ - int one = 1,opt,i; - edg_wll_GssStatus gss_code; - struct sockaddr_in a; - char *b_argv[20] = { "backend" },*p_argv[20] = { "plugins" },*com; - int b_argc,p_argc; - - glite_jp_init_context(&ctx); - - b_argc = p_argc = 1; - - while ((opt = getopt(argc,argv,"B:P:a:")) != EOF) switch (opt) { - case 'B': - assert(b_argc < 20); - if (com = strchr(optarg,',')) *com = 0; - - /* XXX: memleak -- who cares for once */ - asprintf(&b_argv[b_argc++],"-%s",optarg); - if (com) b_argv[b_argc++] = com+1; - - break; - case 'P': - assert(p_argc < 20); - p_argv[p_argc++] = optarg; - - break; - case 'a': - if (glite_jpps_readauth(ctx,optarg)) { - fprintf(stderr,"%s: %s\n",argv[0],glite_jp_error_chain(ctx)); - exit (1); - } - break; - case '?': fprintf(stderr,"usage: %s: -Bb,val ... -Pplugin.so ...\n" - "b is backend option\n",argv[0]); - exit (1); - } - - if (b_argc == 1) { - fputs("-B required\n",stderr); - exit (1); - } - - optind = 0; /* XXX: getopt used internally */ - if (glite_jppsbe_init(ctx,b_argc,b_argv)) { - fputs(glite_jp_error_chain(ctx), stderr); - exit(1); - } - - optind = 0; /* XXX: getopt used internally */ - if (b_argc > 1 && glite_jpps_fplug_load(ctx,p_argc,p_argv)) { - fputs(glite_jp_error_chain(ctx), stderr); - exit(1); - } - - srand48(time(NULL)); /* feed id generation */ - -#if GSOAP_VERSION <= 20602 - for (i=0; jpps__namespaces[i].id && strcmp(jpps__namespaces[i].id,"ns1"); i++); -#else - for (i=0; jpps__namespaces[i].id && strcmp(jpps__namespaces[i].id,"jpsrv"); i++); -#endif - assert(jpps__namespaces[i].id); - glite_jp_default_namespace = jpps__namespaces[i].ns; - - stab.conn = socket(PF_INET, SOCK_STREAM, 0); - if (stab.conn < 0) { - perror("socket"); - return 1; - } - - setsockopt(stab.conn,SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)); - - a.sin_family = AF_INET; - a.sin_addr.s_addr = INADDR_ANY; - a.sin_port = htons(atoi(port)); - if (bind(stab.conn,(struct sockaddr *) &a, sizeof(a)) ) { - char buf[200]; - - snprintf(buf,sizeof(buf),"bind(%d)",atoi(port)); - perror(buf); - return 1; - } - - if (listen(stab.conn,CONN_QUEUE)) { - perror("listen()"); - return 1; - } - - if (!server_cert || !server_key) - fprintf(stderr, "%s: WARNING: key or certificate file not specified, " - "can't watch them for changes\n", - argv[0]); - - if ( cadir ) setenv("X509_CERT_DIR", cadir, 1); - edg_wll_gss_watch_creds(server_cert, &cert_mtime); - - if ( !edg_wll_gss_acquire_cred_gsi(server_cert, server_key, &mycred, &mysubj, &gss_code)) - fprintf(stderr,"Server idenity: %s\n",mysubj); - else fputs("WARNING: Running unauthenticated\n",stderr); - - /* XXX: daemonise */ - - glite_srvbones_set_param(GLITE_SBPARAM_SLAVES_COUNT,1); - glite_srvbones_run(data_init,&stab,1 /* XXX: entries in stab */,debug); - - return 0; -} - -static int data_init(void **data) -{ - *data = (void *) soap_new(); - - printf("[%d] slave started\n",getpid()); - glite_jppsbe_init_slave(ctx); /* XXX: global but slave's */ - - return 0; -} - -static int newconn(int conn,struct timeval *to,void *data) -{ - struct soap *soap = (struct soap *) data; - glite_gsplugin_Context plugin_ctx; - - gss_cred_id_t newcred = GSS_C_NO_CREDENTIAL; - edg_wll_GssStatus gss_code; - gss_name_t client_name = GSS_C_NO_NAME; - gss_buffer_desc token = GSS_C_EMPTY_BUFFER; - OM_uint32 maj_stat,min_stat; - - - int ret = 0; - - soap_init2(soap,SOAP_IO_KEEPALIVE,SOAP_IO_KEEPALIVE); - soap_set_namespaces(soap,jpps__namespaces); - soap->user = (void *) ctx; /* XXX: one instance per slave */ - -/* not yet: client to JP index - ctx->other_soap = soap_new(); - soap_init(ctx->other_soap); - soap_set_namespaces(ctx->other_soap,jpis__namespaces); -*/ - - - glite_gsplugin_init_context(&plugin_ctx); - plugin_ctx->connection = calloc(1,sizeof *plugin_ctx->connection); - soap_register_plugin_arg(soap,glite_gsplugin,plugin_ctx); - - switch (edg_wll_gss_watch_creds(server_cert,&cert_mtime)) { - case 0: break; - case 1: if (!edg_wll_gss_acquire_cred_gsi(server_cert,server_key, - &newcred,NULL,&gss_code)) - { - - printf("[%d] reloading credentials\n",getpid()); /* XXX: log */ - gss_release_cred(&min_stat,&mycred); - mycred = newcred; - } - break; - case -1: - printf("[%d] edg_wll_gss_watch_creds failed\n", getpid()); /* XXX: log */ - break; - } - - /* TODO: DNS paranoia etc. */ - - if (edg_wll_gss_accept(mycred,conn,to,plugin_ctx->connection,&gss_code)) { - printf("[%d] GSS connection accept failed, closing.\n", getpid()); - ret = 1; - goto cleanup; - } - - maj_stat = gss_inquire_context(&min_stat,plugin_ctx->connection->context, - &client_name, NULL, NULL, NULL, NULL, NULL, NULL); - - if (!GSS_ERROR(maj_stat)) - maj_stat = gss_display_name(&min_stat,client_name,&token,NULL); - - if (ctx->peer) free(ctx->peer); - if (!GSS_ERROR(maj_stat)) { - printf("[%d] client DN: %s\n",getpid(),(char *) token.value); /* XXX: log */ - - ctx->peer = strdup(token.value); - memset(&token, 0, sizeof(token)); - } - else { - printf("[%d] annonymous client\n",getpid()); - ctx->peer = NULL; - } - - if (client_name != GSS_C_NO_NAME) gss_release_name(&min_stat, &client_name); - if (token.value) gss_release_buffer(&min_stat, &token); - - return 0; - -cleanup: - glite_gsplugin_free_context(plugin_ctx); - soap_end(soap); - - return ret; -} - -static int request(int conn,struct timeval *to,void *data) -{ - struct soap *soap = data; - glite_jp_context_t ctx = soap->user; - - glite_gsplugin_set_timeout(glite_gsplugin_get_context(soap),to); - - soap->max_keep_alive = 1; /* XXX: prevent gsoap to close connection */ - soap_begin(soap); - if (soap_begin_recv(soap)) { - if (soap->error < SOAP_STOP) { - soap_send_fault(soap); - return EIO; - } - return ENOTCONN; - } - - soap->keep_alive = 1; - if (soap_envelope_begin_in(soap) - || soap_recv_header(soap) - || soap_body_begin_in(soap) - || jpps__serve_request(soap) -#if GSOAP_VERSION >= 20700 - || (soap->fserveloop && soap->fserveloop(soap)) -#endif - ) - { - soap_send_fault(soap); - if (ctx->error) { - /* XXX: shall we die on some errors? */ - int err = ctx->error->code; - glite_jp_clear_error(ctx); - return err; - } - return 0; - } - - glite_jp_run_deferred(ctx); - return 0; -} - -static int reject(int conn) -{ - int flags = fcntl(conn, F_GETFL, 0); - - fcntl(conn,F_SETFL,flags | O_NONBLOCK); - edg_wll_gss_reject(conn); - - return 0; -} - -static int disconn(int conn,struct timeval *to,void *data) -{ - struct soap *soap = (struct soap *) data; - soap_end(soap); // clean up everything and close socket - - return 0; -} - -#define WSPACE "\t\n " - -static int call_opts(glite_jp_context_t ctx,char *opt,char *name,int (*f)(glite_jp_context_t,int,char **)) -{ - int ac = 1,ret,my_optind; - char **av = malloc(sizeof *av),*ap; - - *av = name; - for (ap = strtok(opt,WSPACE); ap; ap = strtok(NULL,WSPACE)) { - av = realloc(av,(ac+1) * sizeof *av); - av[ac++] = ap; - } - - my_optind = optind; - optind = 0; - ret = f(ctx,ac,av); - optind = my_optind; - free(av); - return ret; -} - - -/* XXX: we don't use it */ -SOAP_NMAC struct Namespace namespaces[] = { {NULL,NULL} }; diff --git a/org.glite.jp.primary/src/builtin_plugins.h b/org.glite.jp.primary/src/builtin_plugins.h deleted file mode 100644 index 3b2c201..0000000 --- a/org.glite.jp.primary/src/builtin_plugins.h +++ /dev/null @@ -1,7 +0,0 @@ - -#define GLITE_JP_FILETYPE_TAGS "urn:org.glite.jp.primary:tags" -#define GLITE_JP_FILETYPE_LB "urn:org.glite.jp.primary:lb" -#define GLITE_JP_FILETYPE_ISB "urn:org.glite.jp.primary:isb" -#define GLITE_JP_FILETYPE_OSB "urn:org.glite.jp.primary:osb" - -#define GLITE_JP_FPLUG_TAGS_APPEND 0 diff --git a/org.glite.jp.primary/src/db.h b/org.glite.jp.primary/src/db.h deleted file mode 100644 index 0b9f730..0000000 --- a/org.glite.jp.primary/src/db.h +++ /dev/null @@ -1,83 +0,0 @@ -#ifndef _DB_H -#define _DB_H - -#ident "$Header$" - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef struct _glite_jp_db_stmt_t *glite_jp_db_stmt_t; - -int glite_jp_db_connect( - glite_jp_context_t, /* INOUT: */ - char * /* IN: connect string user/password@host:database */ -); - -void glite_jp_db_close(glite_jp_context_t); - - -/* Parse and execute SQL statement. Returns number of rows selected, created - * or affected by update, or -1 on error */ - -int glite_jp_db_execstmt( - glite_jp_context_t, /* INOUT: */ - char *, /* IN: SQL statement */ - glite_jp_db_stmt_t * /* OUT: statement handle. Usable for - select only */ -); - - -/* Fetch next row of select statement. - * All columns are returned as fresh allocated strings - * - * return values: - * >0 - number of fields of the retrieved row - * 0 - no more rows - * -1 - error - * - * Errors are stored in context passed to previous glite_jp_db_execstmt() */ - -int glite_jp_db_fetchrow( - glite_jp_db_stmt_t, /* IN: statement */ - char ** /* OUT: array of fetched values. - * As number of columns is fixed and known, - * expects allocated array of pointers here */ -); - -/* Retrieve column names of a query statement */ - -int glite_jp_db_querycolumns( - glite_jp_db_stmt_t, /* IN: statement */ - char ** /* OUT: result set column names. Expects allocated array. */ -); - -/* Free the statement structure */ - -void glite_jp_db_freestmt( - glite_jp_db_stmt_t * /* INOUT: statement */ -); - - -/* convert time_t into database-specific time string - * returns pointer to static area that is changed by subsequent calls */ - -char *glite_jp_db_timetodb(time_t); -time_t glite_jp_db_dbtotime(char *); - - -/** - * Check database version. - */ -int glite_jp_db_dbcheckversion(glite_jp_context_t); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/org.glite.jp.primary/src/feed.c b/org.glite.jp.primary/src/feed.c deleted file mode 100644 index c4a4578..0000000 --- a/org.glite.jp.primary/src/feed.c +++ /dev/null @@ -1,346 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/strmd5.h" -#include "feed.h" -#include "file_plugin.h" -#include "builtin_plugins.h" -#include "is_client.h" - -/* - * seconds before feed expires: should be - * XXX: should be configurable, default for real deployment sort of 1 hour - */ -#define FEED_TTL 120 - -static int check_qry_item( - glite_jp_context_t ctx, - const glite_jp_query_rec_t *qry, - const glite_jp_attrval_t *attr -) -{ - int cmp,cmp2; - long scmp,ucmp; - - switch (qry->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - cmp = strcmp(attr->value.s,qry->value.s); - break; - case GLITE_JP_ATTR_TIME: - scmp = (ucmp = attr->value.time.tv_usec - qry->value.time.tv_usec) > 0 ? 0 : -1; - ucmp -= 1000000 * scmp; - scmp += attr->value.time.tv_sec - qry->value.time.tv_sec; - cmp = scmp ? scmp : ucmp; - break; - } - switch (qry->op) { - case GLITE_JP_QUERYOP_EQUAL: return !cmp; - case GLITE_JP_QUERYOP_UNEQUAL: return cmp; - case GLITE_JP_QUERYOP_LESS: return cmp < 0; - case GLITE_JP_QUERYOP_GREATER: return cmp > 0; - - case GLITE_JP_QUERYOP_WITHIN: - switch (qry->attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - cmp2 = strcmp(attr->value.s,qry->value2.s); - break; - case GLITE_JP_ATTR_TIME: - scmp = (ucmp = attr->value.time.tv_usec - qry->value2.time.tv_usec) > 0 ? 0 : -1; - ucmp -= 1000000 * scmp; - scmp += attr->value.time.tv_sec - qry->value2.time.tv_sec; - cmp2 = scmp ? scmp : ucmp; - break; - } - return cmp >= 0 && cmp2 <= 0; - } -} - -/* XXX: limit on query size -- I'm lazy to malloc() */ -#define QUERY_MAX 100 - -static int match_feed( - glite_jp_context_t ctx, - const struct jpfeed *feed, - const char *job, - const glite_jp_attrval_t attrs[] /* XXX: not checked for correctness */ -) -{ - int i; - int attri[GLITE_JP_ATTR__LAST]; - int qi[QUERY_MAX]; - - glite_jp_attrval_t *newattr = NULL; - - glite_jp_clear_error(ctx); - - for (i=0; iqry) { - int j,complete = 1; - - memset(qi,0,sizeof qi); - for (i=0; feed->qry[i].attr.type; i++) { - assert(iqry[i].attr.type]) >=0) { - if (check_qry_item(ctx,feed->qry+i,attrs+j)) - qi[i] = 1; /* matched */ - else return 0; /* can't be satisfied */ - } - else complete = 0; - } - - /* not all attributes in query are known from input - * we have to retrieve job metadata from the backend - */ - if (!complete) { - glite_jp_attrval_t meta[GLITE_JP_ATTR__LAST+1]; - int qai[GLITE_JP_ATTR__LAST]; - - memset(meta,0,sizeof meta); - j=0; - for (i=0; feed->qry[i].attr.type; i++) if (!qi[i]) { - meta[j].attr.type = feed->qry[i].attr.type; - meta[j].attr.name = feed->qry[i].attr.name; - qai[feed->qry[i].attr.type] = i; - j++; - } - - if (glite_jppsbe_get_job_metadata(ctx,job,meta)) { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EIO; - err.source = __FUNCTION__; - err.desc = "complete query"; - return glite_jp_stack_error(ctx,&err); - } - - for (i=0; j=meta[i].attr.type; i++) - if (!check_qry_item(ctx,feed->qry+qai[j],meta+i)) - return 0; - } - } - - /* matched completely */ - return glite_jpps_single_feed(ctx,feed->destination,job,attrs); - return 0; -} - -int glite_jpps_match_attr( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t attrs[] -) -{ - struct jpfeed *f = (struct jpfeed *) ctx->feeds; - int i,j; - int attri[GLITE_JP_ATTR__LAST]; - - glite_jp_clear_error(ctx); - - for (i=0; i= GLITE_JP_ATTR__LAST || - attrs[i].attr.type <= 0) - { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EINVAL; - err.source = __FUNCTION__; - err.desc = "unknown attribute"; - return glite_jp_stack_error(ctx,&err); - } - if (attri[attrs[i].attr.type] >= 0) { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EINVAL; - err.source = __FUNCTION__; - err.desc = "double attribute change"; - return glite_jp_stack_error(ctx,&err); - } - - attri[attrs[i].attr.type] = i; - } - - for (;f; f = f->next) { - for (i=0; f->attrs[i].type && attri[f->attrs[i].type] == -1; i++); - /* XXX: ignore any errors */ - if (f->attrs[i].type) match_feed(ctx,f,job,attrs); - } - - return glite_jp_clear_error(ctx); -} - -int glite_jpps_match_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name -) -{ - glite_jpps_fplug_data_t **pd = NULL; - int pi; - void *bh = NULL; - int ret; - struct jpfeed *f = ctx->feeds; - - int nvals = 0,j,i; - glite_jp_attr_t *attrs = NULL, *attrs2; - glite_jp_attrval_t *vals = NULL,*oneval; - - fprintf(stderr,"%s: %s %s %s\n",__FUNCTION__,job,class,name); - - - switch (glite_jpps_fplug_lookup(ctx,class,&pd)) { - case ENOENT: return 0; /* XXX: shall we complain? */ - case 0: break; - default: return -1; - } - - for (;f;f=f->next) { - glite_jp_attr_union(attrs,f->attrs,&attrs2); - glite_jp_attrset_free(attrs,1); - attrs = attrs2; - } - - for (pi=0; pd[pi]; pi++) { - int ci; - for (ci=0; pd[pi]->uris[ci]; ci++) if (!strcmp(pd[pi]->uris[ci],class)) { - void *ph; - - if (!bh && (ret = glite_jppsbe_open_file(ctx,job,pd[pi]->classes[ci],name,O_RDONLY,&bh))) { - free(pd); - return ret; - } - - if (pd[pi]->ops.open(pd[pi]->fpctx,bh,class,&ph)) { - /* XXX: complain more visibly */ - fputs("plugin open failed\n",stderr); - continue; - } - - for (i=0; attrs[i].type; i++) - if (!pd[pi]->ops.attr(pd[pi]->fpctx,ph,attrs[i],&oneval)) { - /* XXX: ignore error */ - for (j=0; oneval[j].attr.type; j++); - vals = realloc(vals,(nvals+j+1) * sizeof *vals); - memcpy(vals+nvals,oneval,(j+1) * sizeof *vals); - nvals += j; - } - - pd[pi]->ops.close(pd[pi]->fpctx,ph); - } - } - - glite_jp_attrset_free(attrs,1); - - for (f = ctx->feeds; f; f=f->next) { - int k; - glite_jp_attrval_t * fattr = malloc((nvals+1) * sizeof *fattr); - - j = 0; - for (i=0; iattrs[k].type; k++) - if (!glite_jp_attr_cmp(f->attrs+k,&vals[i].attr)) - memcpy(fattr+j++,vals+i,sizeof *fattr); - - memset(fattr+j,0,sizeof *fattr); - glite_jpps_single_feed(ctx,f->destination,job,fattr); - free(fattr); - } - - for (i=0; vals[i].attr.type; i++) glite_jp_attrval_free(vals+i,0); - free(vals); - - if (bh) glite_jppsbe_close_file(ctx,bh); - free(pd); - - return 0; -} - -int glite_jpps_match_tag( - glite_jp_context_t ctx, - const char *job, - const glite_jp_tagval_t *tag -) -{ - fprintf(stderr,"%s: \n",__FUNCTION__); - return 0; -} - -static char *generate_feedid(void) -{ - char hname[200],buf[1000]; - - gethostname(hname,sizeof hname); - snprintf(buf,sizeof buf,"%s%d%ld",hname,getpid(),lrand48()); - buf[sizeof buf-1] = 0; - return str2md5base64(buf); -} - - -int glite_jpps_run_feed( - glite_jp_context_t ctx, - const char *destination, - const glite_jp_attr_t *attrs, - const glite_jp_query_rec_t *qry, - char **feed_id) -{ - fprintf(stderr,"%s: \n",__FUNCTION__); - return 0; -} - -static int register_feed_deferred(glite_jp_context_t ctx,void *feed) -{ - struct jpfeed *f = feed; - - f->next = ctx->feeds; - ctx->feeds = f; - return 0; -} - -/* FIXME: - * - volatile implementation: should store the registrations in a file - * and recover after restart - * - should communicate the data among all server slaves - */ -int glite_jpps_register_feed( - glite_jp_context_t ctx, - const char *destination, - const glite_jp_attr_t *attrs, - const glite_jp_query_rec_t *qry, - char **feed_id, - time_t *expires) -{ - int i; - struct jpfeed *f = calloc(1,sizeof *f); - - if (!*feed_id) *feed_id = generate_feedid(); - time(expires); *expires += FEED_TTL; - - f->id = strdup(*feed_id); - f->destination = strdup(destination); - f->expires = *expires; - for (i=0; attrs[i].type; i++) { - f->attrs = realloc(f->attrs,(i+2) * sizeof *f->attrs); - glite_jp_attr_copy(f->attrs+i,attrs+i); - memset(f->attrs+i+1,0,sizeof *f->attrs); - } - for (i=0; qry[i].attr.type; i++) { - f->qry = realloc(f->qry,(i+2) * sizeof *f->qry); - glite_jp_queryrec_copy(f->qry+i,qry+i); - memset(f->qry+i+1,0,sizeof *f->qry); - } - - glite_jp_add_deferred(ctx,register_feed_deferred,f); - - return 0; -} - diff --git a/org.glite.jp.primary/src/feed.h b/org.glite.jp.primary/src/feed.h deleted file mode 100644 index c3c2461..0000000 --- a/org.glite.jp.primary/src/feed.h +++ /dev/null @@ -1,21 +0,0 @@ -#ifndef __GLITE_JP_FEED -#define __GLITE_JP_FEED - - -struct jpfeed { - char *id,*destination; - time_t expires; - glite_jp_attr_t *attrs; - glite_jp_query_rec_t *qry; - struct jpfeed *next; -}; - - -int glite_jpps_match_attr(glite_jp_context_t,const char *,const glite_jp_attrval_t[]); -int glite_jpps_match_file(glite_jp_context_t,const char *,const char *,const char *); -int glite_jpps_match_tag(glite_jp_context_t,const char *,const glite_jp_tagval_t *); -int glite_jpps_run_feed(glite_jp_context_t,const char *,const glite_jp_attr_t *,const glite_jp_query_rec_t *,char **); -int glite_jpps_register_feed(glite_jp_context_t,const char *,const glite_jp_attr_t *,const glite_jp_query_rec_t *,char **,time_t *); - -#endif - diff --git a/org.glite.jp.primary/src/file_plugin.c b/org.glite.jp.primary/src/file_plugin.c deleted file mode 100644 index 144a231..0000000 --- a/org.glite.jp.primary/src/file_plugin.c +++ /dev/null @@ -1,115 +0,0 @@ -#include -#include -#include -#include -#include - -#include -#include "file_plugin.h" - -static struct option opts[] = { - { "plugin", 1, NULL, 'p' }, - { NULL } -}; - -static int loadit(glite_jp_context_t ctx,const char *so) -{ -/* XXX: not stored but we never dlclose() yet */ - void *dl_handle = dlopen(so,RTLD_NOW); - - glite_jp_error_t err; - const char *e; - glite_jpps_fplug_data_t *data,*dp; - int i; - - glite_jpps_fplug_init_t init; - memset(&err,0,sizeof err); - - if (!dl_handle) { - err.source = "dlopen()"; - err.code = EINVAL; - err.desc = dlerror(); - return glite_jp_stack_error(ctx,&err); - } - - dlerror(); - init = dlsym(dl_handle,"init"); - e = dlerror(); - if (e) { - char buf[300]; - snprintf(buf,sizeof buf,"dlsym(\"%s\",\"init\")",so); - buf[299] = 0; - err.source = buf; - err.code = ENOENT; - err.desc = e; - return glite_jp_stack_error(ctx,&err); - } - - data = calloc(1,sizeof *data); - - if (init(ctx,data)) return -1; - - i = 0; - if (ctx->plugins) for (i=0; ctx->plugins[i]; i++); - ctx->plugins = realloc(ctx->plugins, (i+2) * sizeof *ctx->plugins); - ctx->plugins[i] = data; - ctx->plugins[i+1] = NULL; - - /* TODO: check consistency of uri+class pairs wrt. previous plugins */ - - return 0; -} - -int glite_jpps_fplug_load(glite_jp_context_t ctx,int argc,char **argv) -{ - int i; - - for (i=1; iplugins) { - return glite_jp_stack_error(ctx,&err); - } - - for (i = 0; ctx->plugins[i]; i++) { - int j; - glite_jpps_fplug_data_t *p = ctx->plugins[i]; - - for (j=0; p->uris && p->uris[j]; j++) - if (!strcmp(p->uris[j],uri)) { - out = realloc(out, (matches+2) * sizeof *out); - out[matches++] = p; - out[matches] = NULL; - } - } - - if (matches) { - *plugin_data = out; - return 0; - } - else return glite_jp_stack_error(ctx,&err); -} - diff --git a/org.glite.jp.primary/src/ftp_backend.c b/org.glite.jp.primary/src/ftp_backend.c deleted file mode 100644 index 8bf523b..0000000 --- a/org.glite.jp.primary/src/ftp_backend.c +++ /dev/null @@ -1,1744 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" -#include "glite/jp/strmd5.h" - -#include "tags.h" -#include "backend.h" - -#define UPLOAD_SUFFIX ".upload" -#define LOCK_SUFFIX ".lock" - -struct ftpbe_config { - char *internal_path; - char *external_path; - char *gridmap; - char *logname; -}; - -static struct ftpbe_config *config = NULL; - -struct fhandle_rec { - int fd; - int fd_append; -}; -typedef struct fhandle_rec *fhandle; - -static struct option ftpbe_opts[] = { - { "ftp-internal-path", 1, NULL, 'I' }, - { "ftp-external-path", 1, NULL, 'E' }, - { "ftp-gridmap", 1, NULL, 'G' }, - { NULL, 0, NULL, 0 } -}; - -/* obsolete */ -#if 0 -static struct { - glite_jp_fileclass_t type; - char * fname; - } class_to_fname_tab[] = { - { GLITE_JP_FILECLASS_INPUT, "input" }, - { GLITE_JP_FILECLASS_OUTPUT, "output" }, - { GLITE_JP_FILECLASS_LBLOG, "lblog" }, - { GLITE_JP_FILECLASS_TAGS, "tags" }, - { GLITE_JP_FILECLASS_UNDEF, NULL } - }; - -static char *class_to_fname(glite_jp_fileclass_t type) -{ - int i; - - for (i = 0; class_to_fname_tab[i].type != GLITE_JP_FILECLASS_UNDEF; i++) - if (type == class_to_fname_tab[i].type) - return class_to_fname_tab[i].fname; - - return NULL; -} - -static glite_jp_fileclass_t fname_to_class(char* fname) -{ - int i; - - for (i = 0; class_to_fname_tab[i].type != GLITE_JP_FILECLASS_UNDEF; i++) - if (!strcmp(fname, class_to_fname_tab[i].fname)) - return class_to_fname_tab[i].type; - - return GLITE_JP_FILECLASS_UNDEF; -} -#endif - -static int config_check( - glite_jp_context_t ctx, - struct ftpbe_config *config) -{ - return config == NULL || - config->internal_path == NULL || - config->external_path == NULL || - config->gridmap == NULL || - config->logname == NULL; - - /* XXX check reality */ -} - -static int jobid_unique_pathname(glite_jp_context_t ctx, const char *job, - char **unique, char **ju_path, int get_path) -{ - char *p; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - p = strrchr(job, '/'); - if (!p) { - err.code = EINVAL; - err.desc = "Malformed jobid"; - return glite_jp_stack_error(ctx,&err); - } - /* XXX thorough checks */ - if (!(*unique = strdup(p+1))) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - if (get_path) { - if (!(*ju_path = strdup(p+1))) { - free(*unique); - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - *(*ju_path + 10) = '\0'; - } - return 0; -} - -static int mkdirpath(const char* path, int prefixlen) -{ - char *wpath, *p; - int goout, ret; - - wpath = strdup(path); - if (!wpath) { - errno = ENOMEM; - return -1; - } - - p = wpath + prefixlen; - goout = 0; - while (!goout) { - while (*p == '/') p++; - while (*p != '/' && *p != '\0') p++; - goout = (*p == '\0'); - *p = '\0'; - ret = mkdir(wpath, S_IRUSR | S_IWUSR | S_IXUSR); - if (ret < 0 && errno != EEXIST) break; - *p = '/'; - } - free(wpath); - return goout ? 0 : ret; -} - -static long regtime_trunc(long tv_sec) -{ - return tv_sec / (86400*7); -} - -static long regtime_ceil(long tv_sec) -{ - return (tv_sec % (86400*7)) ? tv_sec/(86400*7)+1 : tv_sec/(86400*7) ; -} - -/********************************************************************************/ -int glite_jppsbe_init( - glite_jp_context_t ctx, - int argc, - char *argv[] -) -{ - glite_jp_error_t err; - int opt; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - config = (struct ftpbe_config *) calloc(1, sizeof *config); - if (!config) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - config->logname = getlogin(); - - while ((opt = getopt_long(argc, argv, "I:E:G:", ftpbe_opts, NULL)) != EOF) { - switch (opt) { - case 'I': config->internal_path = optarg; break; - case 'E': config->external_path = optarg; break; - case 'G': config->gridmap = optarg; break; - default: break; - } - } - - if (config_check(ctx, config)) { - err.code = EINVAL; - err.desc = "Invalid FTP backend configuration"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_init_slave( - glite_jp_context_t ctx -) -{ - /* Nothing to do */ -} - -int glite_jppsbe_register_job( - glite_jp_context_t ctx, - const char *job, - const char *owner -) -{ - glite_jp_error_t err; - char *int_dir = NULL; - char *int_fname = NULL; - char *data_dir = NULL; - char *data_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *ownerhash = NULL; - FILE *regfile = NULL; - struct timeval reg_tv; - long reg_tv_trunc; - struct stat statbuf; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job != NULL); - assert(owner != NULL); - - gettimeofday(®_tv, NULL); - reg_tv_trunc = regtime_trunc(reg_tv.tv_sec); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_dir, "%s/regs/%s", - config->internal_path, ju_path) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - if (mkdirpath(int_dir, strlen(config->internal_path)) < 0 && - errno != EEXIST) { - free(int_dir); - err.code = errno; - err.desc = "Cannot mkdir jobs's reg directory"; - return glite_jp_stack_error(ctx,&err); - } - free(int_dir); - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - if (stat(int_fname, &statbuf) < 0) { - if (errno != ENOENT) { - err.code = errno; - err.desc = "Cannot stat jobs's reg info file"; - goto error_out; - } - } else { - err.code = EEXIST; - err.desc = "Job already registered"; - goto error_out; - } - - regfile = fopen(int_fname, "w"); - if (regfile == NULL) { - err.code = errno; - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - - ownerhash = str2md5(owner); /* static buffer */ - - if (fprintf(regfile, "%d %ld.%06ld %s %s %d %s\n", 1, - (long)reg_tv.tv_sec, (long)reg_tv.tv_usec, job, - ownerhash, strlen(owner), owner) < 1 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot write jobs's reg info file"; - goto error_out; - } - if (fclose(regfile) != 0 ) { - err.code = errno; - err.desc = "Cannot close(write) jobs's reg info file"; - goto error_out; - } - - if (asprintf(&data_dir, "%s/data/%s/%d/%s", - config->internal_path, ownerhash, regtime_trunc(reg_tv.tv_sec), ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (asprintf(&data_fname, "%s/_info", data_dir) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (mkdirpath(data_dir, strlen(config->internal_path)) < 0 && - errno != EEXIST) { - err.code = errno; - err.desc = "Cannot mkdir jobs's data directory"; - goto error_out; - } - - if (link(int_fname, data_fname) < 0) { - err.code = errno; - err.desc = "Cannot link job's reg and data info files"; - goto error_out; - } - -error_out: - free(int_fname); - free(data_fname); - if (err.code && data_dir) rmdir(data_dir); - free(data_dir); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int add_to_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - gridmap = fopen(config->gridmap, "a"); - if (!gridmap) { - err.code = errno; - err.desc = "Cannot open gridmap file"; - return glite_jp_stack_error(ctx,&err); - } - if (fprintf(gridmap, "\"%s\" %s\n", dn, config->logname) < 6 || - ferror(gridmap)) { - err.code = EIO; - err.desc = "Cannot write to gridmap file"; - fclose(gridmap); - return glite_jp_stack_error(ctx,&err); - } - fclose(gridmap); - return 0; -} - -static int remove_from_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - char *temp_name = NULL; - FILE *temp_file = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - /* XXX */ - return 0; -} - -int glite_jppsbe_start_upload( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - const char *content_type, - char **destination_out, - time_t *commit_before_inout -) -{ - char *int_fname = NULL; - char *lock_fname = NULL; - FILE *lockfile = NULL; - FILE *regfile = NULL; - char *data_dir = NULL; - char *data_lock = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *peername = NULL; - int info_version; - long reg_time; - char ownerhash[33]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(destination_out!=NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - peername = glite_jp_peer_name(ctx); - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%*ld %*s %s ", &info_version, - ®_time, ownerhash) < 3 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - fclose(regfile); - - /* XXX authorization */ - - if (asprintf(&data_dir, "%s/data/%s/%d/%s", - config->internal_path, ownerhash, regtime_trunc(reg_time), ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(&lock_fname, "%s/%s" LOCK_SUFFIX, - data_dir, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (commit_before_inout != NULL) - *commit_before_inout = (time_t) LONG_MAX; /* XXX no timeout enforced */ - - lockfile = fopen(lock_fname, "w"); - if (lockfile == NULL) { - err.code = errno; - err.desc = "Cannot open uploads's lock file"; - goto error_out; - } - - if (fprintf(lockfile, "%ld %d %s\n", (long)*commit_before_inout, - peername ? peername : 0, - peername ? peername : "") < 1 || ferror(regfile)) { - fclose(lockfile); - err.code = errno; - err.desc = "Cannot write upload's lock file"; - goto error_out; - } - if (fclose(lockfile) != 0 ) { - err.code = errno; - err.desc = "Cannot close(write) upload's lock file"; - goto error_out; - } - - if (asprintf(destination_out, "%s/data/%s/%d/%s/%s" UPLOAD_SUFFIX, - config->external_path, ownerhash, regtime_trunc(reg_time), ju, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (add_to_gridmap(ctx, peername)) { - err.code = EIO; - err.desc = "Cannot add peer DN to ftp server authorization file"; - goto error_out; - } - -error_out: - free(int_fname); - free(data_dir); - if (err.code && data_lock) unlink(data_lock); - free(data_lock); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_commit_upload( - glite_jp_context_t ctx, - const char *destination -) -{ - size_t dest_len; - size_t suff_len; - size_t extp_len; - long commit_before; - int lockpeerlen; - char *lockpeername = NULL; - char *peername = NULL; - char *dest_rw = NULL; - char *dest_rw_suff = NULL; - char *dest_rw_lock = NULL; - FILE *lockfile = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(destination != NULL); - - suff_len = strlen(UPLOAD_SUFFIX); - dest_len = strlen(destination); - extp_len = strlen(config->external_path); - - if (dest_len < suff_len || - strcmp(UPLOAD_SUFFIX, destination + (dest_len - suff_len)) || - strncmp(destination, config->external_path, extp_len)) { - err.code = EINVAL; - err.desc = "Forged destination path"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&dest_rw_suff, "%s%s", config->internal_path, - destination + extp_len) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - dest_rw = strdup(dest_rw_suff); - if (!dest_rw) { - err.code = ENOMEM; - goto error_out; - } - *(dest_rw + (strlen(dest_rw_suff) - suff_len)) = '\0'; - - if (asprintf(&dest_rw_lock, "%s" LOCK_SUFFIX, dest_rw) == -1) { - err.code = ENOMEM; - goto error_out; - } - - lockfile = fopen(dest_rw_lock, "r"); - if (lockfile == NULL) { - err.code = errno; - err.desc = "Cannot open upload's lock file"; - goto error_out; - } - if (fscanf(lockfile, "%ld %d ", &commit_before, &lockpeerlen) < 2 || ferror(lockfile)) { - fclose(lockfile); - err.code = errno; - err.desc = "Cannot read upload's lock file"; - goto error_out; - } - if (lockpeerlen) { - lockpeername = (char*) calloc(1, lockpeerlen+1); - if (!lockpeername) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(lockpeername, lockpeerlen+1, lockfile) == NULL) { - fclose(lockfile); - err.code = errno; - err.desc = "Cannot read upload's lock file"; - goto error_out; - } - } - fclose(lockfile); - - peername = glite_jp_peer_name(ctx); - if (lockpeername && (!peername || strcmp(lockpeername, peername))) { - err.code = EPERM; - err.desc = "Upload started by client of different identity"; - goto error_out; - } - - if (rename(dest_rw_suff, dest_rw) < 0) { - err.code = errno; - err.desc = "Cannot move upload file to the final place"; - goto error_out; - } - - if (unlink(dest_rw_lock) < 0) { - err.code = errno; - err.desc = "Cannot unlink upload's lock file"; - goto error_out; - } - -error_out: - free(dest_rw); - free(dest_rw_suff); - free(dest_rw_lock); - free(peername); - free(lockpeername); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_destination_info( - glite_jp_context_t ctx, - const char *destination, - char **job, - char **class, - char **name -) -{ - size_t dest_len; - size_t suff_len; - size_t extp_len; - char *dest_rw = NULL; - char *dest_rw_suff = NULL; - char *dest_rw_info = NULL; - FILE *infofile = NULL; - char *classname = NULL; - char jobstr[256+1]; - glite_jp_error_t err; - - assert(destination != NULL); - assert(job != NULL); - assert(class != NULL); - assert(name != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - suff_len = strlen(UPLOAD_SUFFIX); - dest_len = strlen(destination); - extp_len = strlen(config->external_path); - - if (dest_len < suff_len || - strcmp(UPLOAD_SUFFIX, destination + (dest_len - suff_len)) || - strncmp(destination, config->external_path, extp_len)) { - err.code = EINVAL; - err.desc = "Forged destination path"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&dest_rw_suff, "%s%s", config->internal_path, - destination + extp_len) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - dest_rw = strdup(dest_rw_suff); - if (!dest_rw) { - err.code = ENOMEM; - goto error_out; - } - *(dest_rw + (strlen(dest_rw_suff) - suff_len)) = '\0'; - - classname = strrchr(dest_rw,'/'); - if (classname == NULL) { - err.code = EINVAL; - err.desc = "Forged destination path"; - goto error_out; - } - *classname++ ='\0'; - *class = strdup(classname); - -/* XXX: do we need similar check? - if (!class == GLITE_JP_FILECLASS_UNDEF) { - err.code = EINVAL; - err.desc = "Forged destination path"; - goto error_out; - } -*/ - - /* TODO: */ - *name = NULL; - - if (asprintf(&dest_rw_info, "%s/_info", dest_rw) == -1) { - err.code = ENOMEM; - goto error_out; - } - - infofile = fopen(dest_rw_info, "r"); - if (infofile == NULL) { - err.code = errno; - err.desc = "Cannot open _info file"; - goto error_out; - } - if (fscanf(infofile, "%*d %*ld.%*ld %256s ", jobstr) < 1 || ferror(infofile)) { - fclose(infofile); - err.code = errno; - err.desc = "Cannot read _info file"; - goto error_out; - } - *job = strdup(jobstr); - fclose(infofile); - -error_out: - free(dest_rw); - free(dest_rw_suff); - free(dest_rw_info); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - - -int glite_jppsbe_get_job_url( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - char **url_out -) -{ - FILE *regfile = NULL; - char *int_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - int info_version; - long reg_time; - char ownerhash[33]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(url_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%*ld %*s %s", &info_version, - ®_time, ownerhash) < 3 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - fclose(regfile); - - if (asprintf(url_out, "%s/data/%s/%d/%s/%s", - config->external_path, ownerhash, regtime_trunc(reg_time), ju, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - free(int_fname); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_fname( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - char **fname_out -) -{ - FILE *regfile = NULL; - char *int_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - int info_version; - long reg_time; - char ownerhash[33]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(fname_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%*ld %*s %s", &info_version, - ®_time, ownerhash) < 3 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - fclose(regfile); - - if (asprintf(fname_out, "%s/data/%s/%d/%s/%s", - config->internal_path, ownerhash, regtime_trunc(reg_time), ju, class) == -1) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - free(int_fname); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_open_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, /* TODO */ - int mode, - void **handle_out -) -{ - fhandle handle = NULL; - char* fname = NULL; - glite_jp_error_t err; - - assert(handle_out != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (get_job_fname(ctx, job, class, name, &fname)) { - err.code = ctx->error->code; - err.desc = "Cannot construct internal filename"; - return glite_jp_stack_error(ctx,&err); - } - - handle = (fhandle) calloc(1,sizeof(*handle)); - if (handle == NULL) { - err.code = ENOMEM; - goto error_out; - } - - handle->fd = open(fname, mode, S_IRUSR | S_IWUSR); - if (handle->fd < 0) { - err.code = errno; - err.desc = "Cannot open requested file"; - free(handle); - goto error_out; - } - handle->fd_append = open(fname, mode | O_APPEND, S_IRUSR | S_IWUSR); - if (handle->fd_append < 0) { - err.code = errno; - err.desc = "Cannot open requested file for append"; - close(handle->fd); - free(handle); - goto error_out; - } - *handle_out = (void*) handle; - -error_out: - free(fname); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_close_file( - glite_jp_context_t ctx, - void *handle -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (close(((fhandle)handle)->fd_append) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor (fd_append)"; - goto error_out; - } - if (close(((fhandle)handle)->fd) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor"; - goto error_out; - } - -error_out: - free(handle); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_pread( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset, - ssize_t *nbytes_ret -) -{ - ssize_t ret; - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if ((ret = pread(((fhandle)handle)->fd, buf, nbytes, offset)) < 0) { - err.code = errno; - err.desc = "Error in pread()"; - return glite_jp_stack_error(ctx,&err); - } - *nbytes_ret = ret; - - return 0; -} - -int glite_jppsbe_pwrite( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (pwrite(((fhandle)handle)->fd, buf, nbytes, offset) < 0) { - err.code = errno; - err.desc = "Error in pwrite()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_append( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (write(((fhandle)handle)->fd_append, buf, nbytes) < 0) { - err.code = errno; - err.desc = "Error in write()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -static int get_job_info( - glite_jp_context_t ctx, - const char *job, - char **owner, - struct timeval *tv_reg -) -{ - char *ju = NULL; - char *ju_path = NULL; - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char *int_fname = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %*s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, &ownerlen) < 4 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - free(int_fname); - free(ju); - free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_info_int( - glite_jp_context_t ctx, - const char *int_fname, - char **jobid, - char **owner, - struct timeval *tv_reg -) -{ - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char jobid_buf[256]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, jobid_buf, &ownerlen) < 5 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - *jobid = strdup(jobid_buf); - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_get_job_metadata( - glite_jp_context_t ctx, - const char *job, - glite_jp_attrval_t attrs_inout[] -) -{ - int got_info = 0; - struct timeval tv_reg; - char *owner = NULL; - int got_tags = 0; - void *tags_handle = NULL; - glite_jp_tagval_t* tags = NULL; - int i,j; - glite_jp_error_t err; - - assert(job != NULL); - assert(attrs_inout != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; attrs_inout[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TIME: -*/ - if (!got_info) { - if (get_job_info(ctx, job, &owner, &tv_reg)) { - err.code = ctx->error->code; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - got_info = 1; - } - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - if (!got_tags) { - if (glite_jppsbe_open_file(ctx, job, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - got_tags = 1; - } - break; -*/ - default: - err.code = EINVAL; - err.desc = "Invalid attribute type"; - goto error_out; - break; - } - - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - attrs_inout[i].value.s = strdup(owner); - if (!attrs_inout[i].value.s) { - err.code = ENOMEM; - err.desc = "Cannot copy owner string"; - goto error_out; - } - break; - case GLITE_JP_ATTR_TIME: - attrs_inout[i].value.time = tv_reg; - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, attrs_inout[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &attrs_inout[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) attrs_inout[i].value.tag.name = NULL; - break; -*/ - default: - break; - } - } - -error_out: - free(owner); - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); - - if (err.code) { - while (i > 0) { - i--; - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - free(attrs_inout[i].value.s); - break; - case GLITE_JP_ATTR_TAG: - free(attrs_inout[i].value.tag.name); - free(attrs_inout[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} -static int compare_timeval(struct timeval a, struct timeval b) -{ - if (a.tv_sec < b.tv_sec) return -1; - if (a.tv_sec > b.tv_sec) return 1; - if (a.tv_usec < b.tv_usec) return -1; - if (a.tv_usec > b.tv_usec) return 1; - return 0; -} - - -/* FIXME: disabled -- clarification wrt. filetype plugin needed */ - -#if 0 - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -); - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - char *time_dirname = NULL; - DIR *time_dirp = NULL; - struct dirent *jobent; - char *info_fname = NULL; - char *jobid = NULL; - char *owner = NULL; - struct timeval tv_reg; - void *tags_handle = NULL; - int matching; - int i, j; - glite_jp_tagval_t* tags = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (asprintf(&time_dirname, "%s/data/%s/%d", config->internal_path, - ownerhash, regtime_tr) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - time_dirp = opendir(time_dirname); - if (!time_dirp) { - free(time_dirname); - return 0; /* found nothing */ - } - while ((jobent = readdir(time_dirp)) != NULL) { - if (!strcmp(jobent->d_name, ".")) continue; - if (!strcmp(jobent->d_name, "..")) continue; - if (asprintf(&info_fname, "%s/%s/_info", time_dirname, - jobent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (get_job_info_int(ctx, info_fname, &jobid, &owner, &tv_reg)) { - err.code = EIO; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - if (q_tags || md_tags) { - if (glite_jppsbe_open_file(ctx, jobid, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - tags_handle = NULL; - } - - matching = 1; - for (i = 0; matching && query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (query[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - if (query[i].value.s == NULL || - strcmp(query[i].value.s, owner)) matching = 0; - break; - case GLITE_JP_ATTR_TIME: - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_LESS: - matching = compare_timeval(tv_reg, query[i].value.time) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = compare_timeval(tv_reg, query[i].value.time) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = compare_timeval(tv_reg, query[i].value.time) >= 0 - && compare_timeval(tv_reg, query[i].value2.time) <= 0; - break; - } - break; - case GLITE_JP_ATTR_TAG: - if (!tags) { - matching = 0; - break; - } - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, query[i].attr.name)) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_LESS: - matching = strcmp(tags[j].value, query[i].value.s) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = strcmp(tags[j].value, query[i].value.s) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = strcmp(tags[j].value, query[i].value.s) >= 0 \ - && strcmp(tags[j].value, query[i].value2.s) <= 0 ; - break; - default: - break; - } - } - } - break; - default: - break; - } - } - if (!matching) { - free(info_fname); info_fname = NULL; - free(jobid); jobid = NULL; - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); tags = NULL; - continue; - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - metadata[i].value.s = owner; - break; - case GLITE_JP_ATTR_TIME: - metadata[i].value.time = tv_reg; - break; - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, metadata[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &metadata[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) { - metadata[i].value.tag.name = NULL; - metadata[i].value.tag.value = NULL; - } - break; - default: - break; - } - } - (*callback)(ctx, jobid, metadata); - free(jobid); jobid = NULL; - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - } - -error_out: - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - if (tags_handle) glite_jppsbe_close_file(ctx, tags_handle); - free(info_fname); - free(owner); - free(jobid); - closedir(time_dirp); - free(time_dirname); - if (err.code) { - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else - return 0; -} - -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - /* XXX clone metadata */ - int i; - char *q_exact_owner = NULL; - char *ownerhash = NULL; - long q_min_time = 0; - long q_max_time = LONG_MAX; - long q_min_time_tr; - long q_max_time_tr; - int q_with_tags = 0; - int md_info = 0; - int md_tags = 0; - char *owner_dirname = NULL; - DIR *owner_dirp = NULL; - struct dirent *ttimeent; - char *data_dirname = NULL; - DIR *data_dirp = NULL; - struct dirent *ownerent; - long ttime = 0; - glite_jp_attrval_t *metadata_templ = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - if (query[i].attr.type == GLITE_JP_ATTR_OWNER && query[i].op == GLITE_JP_QUERYOP_EQUAL) { - q_exact_owner = query[i].value.s; - } - if (query[i].attr.type == GLITE_JP_ATTR_TIME) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - q_min_time = query[i].value.time.tv_sec; - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_LESS: - if (q_max_time > query[i].value.time.tv_sec + 1) - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_WITHIN: - if (q_max_time > query[i].value2.time.tv_sec + 1) - q_max_time = query[i].value2.time.tv_sec + 1; - /* fallthrough */ - case GLITE_JP_QUERYOP_GREATER: - if (q_min_time < query[i].value.time.tv_sec) - q_min_time = query[i].value.time.tv_sec; - break; - default: - err.code = EINVAL; - err.desc = "Invalid query op"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - if (query[i].attr.type == GLITE_JP_ATTR_TAG) - q_with_tags = 1; - - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TIME: - md_info = 1; - break; - case GLITE_JP_ATTR_TAG: - md_tags = 1; - break; - default: - err.code = EINVAL; - err.desc = "Invalid attribute type in metadata parameter"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - metadata_templ = (glite_jp_attrval_t *) calloc(i + 1, sizeof(glite_jp_attrval_t)); - if (!metadata_templ) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - memcpy(metadata_templ, metadata, (i + 1) * sizeof(glite_jp_attrval_t)); - - q_min_time_tr = regtime_trunc(q_min_time); - q_max_time_tr = regtime_ceil(q_max_time); - - if (q_exact_owner) { - ownerhash = str2md5(q_exact_owner); /* static buffer */ - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, ownerhash) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - free(metadata_templ); - return 0; /* found nothing */ - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerhash, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - } else { /* !q_exact_owner */ - if (asprintf(&data_dirname, "%s/data", config->internal_path) == -1) { - err.code = ENOMEM; - goto error_out; - } - data_dirp = opendir(data_dirname); - if (!data_dirp) { - err.code = EIO; - err.desc = "Cannot open data directory"; - goto error_out; - } - while ((ownerent = readdir(data_dirp)) != NULL) { - if (!strcmp(ownerent->d_name, ".")) continue; - if (!strcmp(ownerent->d_name, "..")) continue; - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, - ownerent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - err.code = EIO; - err.desc = "Cannot open owner data directory"; - goto error_out; - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerent->d_name, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - closedir(owner_dirp); owner_dirp = NULL; - } - closedir(data_dirp); data_dirp = NULL; - } - return 0; - -error_out: - if (owner_dirp) closedir(owner_dirp); - if (data_dirp) closedir(data_dirp); - free(data_dirname); - free(metadata_templ); - return glite_jp_stack_error(ctx,&err); -} - -#else - -/* placeholder instead */ -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - glite_jp_error_t err; - err.code = ENOSYS; - err.desc = "not implemented"; - return glite_jp_stack_error(ctx,&err); -} - -#endif - -/* XXX: -- no primary authorization yet -- no concurrency control yet -- partial success in pwrite,append -- "unique" part of jobid is assumed to be unique across bookkeeping servers -- repository versioning not fully implemented yet -*/ diff --git a/org.glite.jp.primary/src/is_client.c b/org.glite.jp.primary/src/is_client.c deleted file mode 100644 index bb2ae45..0000000 --- a/org.glite.jp.primary/src/is_client.c +++ /dev/null @@ -1,39 +0,0 @@ -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" - -#include "feed.h" -#include "is_client.h" -/* FIXME -#include "jpis_H.h" -#include "jpis_.nsmap" -*/ - -int glite_jpps_single_feed( - glite_jp_context_t ctx, - const char *destination, - const char *job, - glite_jp_attrval_t const *attrs -) -{ - /* TODO: really call JP Index server (via interlogger) */ - printf("feed to %s, job %s\n",destination,job); - -/* FIXME */ -#if 0 - if (soap_call_jpsrv__UpdateJobs(ctx->other_soap,destination,"", - /* FIXME: feedId */ "", - /* FIXME: UpdateJobsData */ NULL, - 0, - NULL - )) fprintf(stderr,"UpdateJobs: %s %s\n",ctx->other_soap->fault->faultcode, - ctx->other_soap->fault->faultstring); - -#endif - return 0; -} diff --git a/org.glite.jp.primary/src/is_client.h b/org.glite.jp.primary/src/is_client.h deleted file mode 100644 index a15d998..0000000 --- a/org.glite.jp.primary/src/is_client.h +++ /dev/null @@ -1 +0,0 @@ -int glite_jpps_single_feed(glite_jp_context_t,const char *,const char *,glite_jp_attrval_t const *); diff --git a/org.glite.jp.primary/src/jptype_map.h b/org.glite.jp.primary/src/jptype_map.h deleted file mode 100644 index c620c83..0000000 --- a/org.glite.jp.primary/src/jptype_map.h +++ /dev/null @@ -1,34 +0,0 @@ -#include "soap_version.h" - -#if GSOAP_VERSION >= 20700 -#define INPUT_SANDBOX jptype__UploadClass__INPUT_SANDBOX -#define OUTPUT_SANDBOX jptype__UploadClass__OUTPUT_SANDBOX -#define JOB_LOG jptype__UploadClass__JOB_LOG - -#define OWNER jptype__AttributeType__OWNER -#define TIME jptype__AttributeType__TIME -#define TAG jptype__AttributeType__TAG - -#define EQUAL jptype__queryOp__EQUAL -#define UNEQUAL jptype__queryOp__UNEQUAL -#define LESS jptype__queryOp__LESS -#define GREATER jptype__queryOp__GREATER -#define WITHIN jptype__queryOp__WITHIN - -#else - -#define __jpsrv__RegisterJob __ns1__RegisterJob -#define __jpsrv__StartUpload __ns1__StartUpload -#define __jpsrv__CommitUpload __ns1__CommitUpload -#define __jpsrv__RecordTag __ns1__RecordTag -#define __jpsrv__FeedIndex __ns1__FeedIndex -#define __jpsrv__FeedIndexRefresh __ns1__FeedIndexRefresh -#define __jpsrv__GetJob __ns1__GetJob - -#define SOAP_TYPE___jpsrv__RegisterJob SOAP_TYPE___ns1__RegisterJob -#define SOAP_TYPE___jpsrv__StartUpload SOAP_TYPE___ns1__StartUpload -#define SOAP_TYPE___jpsrv__CommitUpload SOAP_TYPE___ns1__CommitUpload -#define SOAP_TYPE___jpsrv__GetJob SOAP_TYPE___ns1__GetJob - -#endif - diff --git a/org.glite.jp.primary/src/mysql.c b/org.glite.jp.primary/src/mysql.c deleted file mode 100644 index 0f080ce..0000000 --- a/org.glite.jp.primary/src/mysql.c +++ /dev/null @@ -1,265 +0,0 @@ -#ident "$Header$" - -#include "mysql.h" // MySql header file -#include "mysqld_error.h" -#include "errmsg.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "db.h" - -#define DEFAULTCS "jpps/@localhost:jpps1" -#define GLITE_JP_LB_MYSQL_VERSION 40018 - -static int my_err(glite_jp_context_t ctx, char *function) -{ - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = function; - err.code = EIO; /* XXX */ - err.desc = mysql_error((MYSQL *) ctx->dbhandle); - return glite_jp_stack_error(ctx,&err); -} - -struct _glite_jp_db_stmt_t { - MYSQL_RES *result; - glite_jp_context_t ctx; -}; - -int glite_jp_db_connect(glite_jp_context_t ctx,char *cs) -{ - char *buf = NULL; - char *host,*user,*pw,*db; - char *slash,*at,*colon; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (!cs) cs = DEFAULTCS; - - if (!(ctx->dbhandle = (void *) mysql_init(NULL))) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - mysql_options(ctx->dbhandle, MYSQL_READ_DEFAULT_FILE, "my"); - - host = user = pw = db = NULL; - - buf = strdup(cs); - slash = strchr(buf,'/'); - at = strrchr(buf,'@'); - colon = strrchr(buf,':'); - - if (!slash || !at || !colon) { - free(buf); - err.code = EINVAL; - err.desc = "Invalid DB connect string"; - return glite_jp_stack_error(ctx,&err); - } - - *slash = *at = *colon = 0; - host = at+1; - user = buf; - pw = slash+1; - db = colon+1; - - if (!mysql_real_connect((MYSQL *) ctx->dbhandle,host,user,pw,db,0,NULL,CLIENT_FOUND_ROWS)) { - free(buf); - return my_err(ctx, __FUNCTION__); - } - - free(buf); - return 0; -} - -void glite_jp_db_close(glite_jp_context_t ctx) -{ - mysql_close((MYSQL *) ctx->dbhandle); - ctx->dbhandle = NULL; -} - -int glite_jp_db_execstmt(glite_jp_context_t ctx,char *txt,glite_jp_db_stmt_t *stmt) -{ - int merr; - int retry_nr = 0; - int do_reconnect = 0; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (stmt) { - *stmt = NULL; - } - - while (retry_nr == 0 || do_reconnect) { - do_reconnect = 0; - if (mysql_query((MYSQL *) ctx->dbhandle,txt)) { - /* error occured */ - switch (merr = mysql_errno((MYSQL *) ctx->dbhandle)) { - case 0: - break; - case ER_DUP_ENTRY: - err.code = EEXIST; - err.desc = mysql_error((MYSQL *) ctx->dbhandle); - glite_jp_stack_error(ctx,&err); - return -1; - break; - case CR_SERVER_LOST: - if (retry_nr <= 0) - do_reconnect = 1; - break; - default: - my_err(ctx, __FUNCTION__); - return -1; - break; - } - } - retry_nr++; - } - - if (stmt) { - *stmt = malloc(sizeof(**stmt)); - if (!*stmt) { - err.code = ENOMEM; - glite_jp_stack_error(ctx,&err); - return -1; - } - memset(*stmt,0,sizeof(**stmt)); - (**stmt).ctx = ctx; - (**stmt).result = mysql_store_result((MYSQL *) ctx->dbhandle); - if (!(**stmt).result) { - if (mysql_errno((MYSQL *) ctx->dbhandle)) { - my_err(ctx, __FUNCTION__); - return -1; - } - } - } else { - MYSQL_RES *r = mysql_store_result((MYSQL *) ctx->dbhandle); - mysql_free_result(r); - } - - return mysql_affected_rows((MYSQL *) ctx->dbhandle); -} - -int glite_jp_db_fetchrow(glite_jp_db_stmt_t stmt,char **res) -{ - MYSQL_ROW row; - glite_jp_context_t ctx = stmt->ctx; - int nr,i; - unsigned long *len; - - glite_jp_clear_error(ctx); - - if (!stmt->result) return 0; - - if (!(row = mysql_fetch_row(stmt->result))) { - if (mysql_errno((MYSQL *) ctx->dbhandle)) { - my_err(ctx, __FUNCTION__); - return -1; - } else return 0; - } - - nr = mysql_num_fields(stmt->result); - len = mysql_fetch_lengths(stmt->result); - for (i=0; iresult))) cols[i++] = f->name; - return i == 0; -} - -void glite_jp_db_freestmt(glite_jp_db_stmt_t *stmt) -{ - if (*stmt) { - if ((**stmt).result) mysql_free_result((**stmt).result); - free(*stmt); - *stmt = NULL; - } -} - - -char *glite_jp_db_timetodb(time_t t) -{ - struct tm *tm = gmtime(&t); - char tbuf[256]; - - /* XXX: the very end of our days */ - if (!tm && t == (time_t) LONG_MAX) return strdup("9999-12-31 23:59:59"); - - sprintf(tbuf,"'%4d-%02d-%02d %02d:%02d:%02d'",tm->tm_year+1900,tm->tm_mon+1, - tm->tm_mday,tm->tm_hour,tm->tm_min,tm->tm_sec); - - return strdup(tbuf); -} - -time_t glite_jp_db_dbtotime(char *t) -{ - struct tm tm; - - memset(&tm,0,sizeof(tm)); - setenv("TZ","UTC",1); tzset(); - sscanf(t,"%4d-%02d-%02d %02d:%02d:%02d", - &tm.tm_year,&tm.tm_mon,&tm.tm_mday, - &tm.tm_hour,&tm.tm_min,&tm.tm_sec); - tm.tm_year -= 1900; - tm.tm_mon--; - - return mktime(&tm); -} - -int glite_jp_db_dbcheckversion(glite_jp_context_t ctx) -{ - MYSQL *m = (MYSQL *) ctx->dbhandle; - const char *ver_s = mysql_get_server_info(m); - int major,minor,sub,version; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (!ver_s || 3 != sscanf(ver_s,"%d.%d.%d",&major,&minor,&sub)) { - err.code = EINVAL; - err.desc = "problem checking MySQL version"; - return glite_jp_stack_error(ctx,&err); - } - - version = 10000*major + 100*minor + sub; - - if (version < GLITE_JP_LB_MYSQL_VERSION) { - char msg[300]; - - snprintf(msg,sizeof msg,"Your MySQL version is %d. At least %d required.",version, GLITE_JP_LB_MYSQL_VERSION); - err.code = EINVAL; - err.desc = msg; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} diff --git a/org.glite.jp.primary/src/new_ftp_backend.c b/org.glite.jp.primary/src/new_ftp_backend.c deleted file mode 100644 index b3a23d1..0000000 --- a/org.glite.jp.primary/src/new_ftp_backend.c +++ /dev/null @@ -1,1794 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" -#include "glite/jp/strmd5.h" - -#include "tags.h" -#include "backend.h" -#include "db.h" - -#include "jpps_H.h" /* XXX: SOAP_TYPE___jpsrv__GetJob */ - -#include "jptype_map.h" - -#define FTPBE_DEFAULT_DB_CS "jpps/@localhost:jpps" - -struct ftpbe_config { - char *internal_path; - char *external_path; - char *db_cs; -// char *gridmap; - char *logname; -}; - -static struct ftpbe_config *config = NULL; - -struct fhandle_rec { - int fd; - int fd_append; -}; -typedef struct fhandle_rec *fhandle; - -static struct option ftpbe_opts[] = { - { "ftp-internal-path", 1, NULL, 'I' }, - { "ftp-external-path", 1, NULL, 'E' }, - { "ftp-db-cs", 1, NULL, 'D' }, -// { "ftp-gridmap", 1, NULL, 'G' }, - { NULL, 0, NULL, 0 } -}; - -/******************************************************************************* - Internal helpers -*******************************************************************************/ - - -static int config_check( - glite_jp_context_t ctx, - struct ftpbe_config *config) -{ - return config == NULL || - config->internal_path == NULL || - config->external_path == NULL || - config->db_cs == NULL || -// config->gridmap == NULL || - config->logname == NULL; - - /* XXX check reality */ -} - -static int jobid_unique_pathname(glite_jp_context_t ctx, const char *job, - char **unique, char **ju_path, int get_path) -{ - char *p; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - p = strrchr(job, '/'); - if (!p) { - err.code = EINVAL; - err.desc = "Malformed jobid"; - return glite_jp_stack_error(ctx,&err); - } - /* XXX thorough checks */ - if (!(*unique = strdup(p+1))) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - if (get_path) { - if (!(*ju_path = strdup(p+1))) { - free(*unique); - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - *(*ju_path + 10) = '\0'; - } - return 0; -} - -static int mkdirpath(const char* path, int prefixlen) -{ - char *wpath, *p; - int goout, ret; - - wpath = strdup(path); - if (!wpath) { - errno = ENOMEM; - return -1; - } - - p = wpath + prefixlen; - goout = 0; - while (!goout) { - while (*p == '/') p++; - while (*p != '/' && *p != '\0') p++; - goout = (*p == '\0'); - *p = '\0'; - ret = mkdir(wpath, S_IRUSR | S_IWUSR | S_IXUSR); - if (ret < 0 && errno != EEXIST) break; - *p = '/'; - } - free(wpath); - return goout ? 0 : ret; -} - -static int store_user(glite_jp_context_t ctx, const char *userid, const char *subj) -{ - glite_jp_error_t err; - char *stmt; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(userid != NULL); - assert(subj != NULL); - - trio_asprintf(&stmt,"insert into users(userid,cert_subj) " - "values ('%|Ss','%|Ss')",userid,subj); - if (!stmt) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - if (ctx->error->code == EEXIST) - glite_jp_clear_error(ctx); - else { - free(stmt); - err.code = EIO; - err.desc = "DB access failed"; - return glite_jp_stack_error(ctx,&err); - } - } - free(stmt); - - return 0; -} - -static long regtime_trunc(long tv_sec) -{ - return tv_sec / (86400*7); -} - -static long regtime_ceil(long tv_sec) -{ - return (tv_sec % (86400*7)) ? tv_sec/(86400*7)+1 : tv_sec/(86400*7) ; -} - -/******************************************************************************** - Backend calls -********************************************************************************/ -int glite_jppsbe_init( - glite_jp_context_t ctx, - int argc, - char *argv[] -) -{ - glite_jp_error_t err; - int opt; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - config = (struct ftpbe_config *) calloc(1, sizeof *config); - if (!config) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - - config->logname = getlogin(); - - while ((opt = getopt_long(argc, argv, "I:E:" /* G: */, ftpbe_opts, NULL)) != EOF) { - switch (opt) { - case 'I': config->internal_path = optarg; break; - case 'E': config->external_path = optarg; break; - case 'D': config->db_cs = optarg; break; -// case 'G': config->gridmap = optarg; break; - default: break; - } - } - - /* Defaults */ - if (!config->db_cs) config->db_cs = strdup(FTPBE_DEFAULT_DB_CS); - - if (config_check(ctx, config)) { - err.code = EINVAL; - err.desc = "Invalid FTP backend configuration"; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jp_db_connect(ctx, config->db_cs)) { - err.code = EIO; - err.desc = "Cannot access backend's database (during init)"; - return glite_jp_stack_error(ctx,&err); - } else { - glite_jp_db_close(ctx); /* slaves open their own connections */ - } - - return 0; -} - -int glite_jppsbe_init_slave( - glite_jp_context_t ctx -) -{ - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (glite_jp_db_connect(ctx, config->db_cs)) { - err.code = EIO; - err.desc = "Cannot access backend's database"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_register_job( - glite_jp_context_t ctx, - const char *job, - const char *owner -) -{ - glite_jp_error_t err; - char *data_dir = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *ownerhash = NULL; - struct timeval reg_tv; - char *stmt = NULL; - char *dbtime = NULL; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job != NULL); - assert(owner != NULL); - - gettimeofday(®_tv, NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - ownerhash = str2md5(owner); /* static buffer */ - if (store_user(ctx, ownerhash, owner)) { - err.code = EIO; - err.desc = "Cannot store user entry"; - goto error_out; - } - - dbtime = glite_jp_db_timetodb(reg_tv.tv_sec); - if (!dbtime) { - err.code = ENOMEM; - goto error_out; - } - - trio_asprintf(&stmt,"insert into jobs(jobid,dg_jobid,owner,reg_time) " - "values ('%|Ss','%|Ss','%|Ss', %s)", - ju, job, ownerhash, dbtime); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - if (ctx->error->code == EEXIST) { - err.code = EEXIST; - err.desc = "Job already registered"; - } - else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - if (asprintf(&data_dir, "%s/data/%s/%d/%s", - config->internal_path, ownerhash, regtime_trunc(reg_tv.tv_sec), ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (mkdirpath(data_dir, strlen(config->internal_path)) < 0 && - errno != EEXIST) { - err.code = errno; - err.desc = "Cannot mkdir jobs's data directory"; - goto error_out; - } - -error_out: - free(data_dir); - free(stmt); free(dbtime); - free(ju); free(ju_path); - - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -#if 0 -static int add_to_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - gridmap = fopen(config->gridmap, "a"); - if (!gridmap) { - err.code = errno; - err.desc = "Cannot open gridmap file"; - return glite_jp_stack_error(ctx,&err); - } - if (fprintf(gridmap, "\"%s\" %s\n", dn, config->logname) < 6 || - ferror(gridmap)) { - err.code = EIO; - err.desc = "Cannot write to gridmap file"; - fclose(gridmap); - return glite_jp_stack_error(ctx,&err); - } - fclose(gridmap); - return 0; -} - -static int remove_from_gridmap(glite_jp_context_t ctx, const char *dn) -{ - FILE *gridmap = NULL; - char *temp_name = NULL; - FILE *temp_file = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - /* XXX */ - return 0; -} -#endif - -int glite_jppsbe_start_upload( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - const char *content_type, - char **destination_out, - time_t *commit_before_inout -) -{ - char *data_basename = NULL; - char *data_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - char *peername = NULL; - char *peerhash = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[2] = { NULL, NULL }; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(destination_out!=NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - peername = glite_jp_peer_name(ctx); - if (peername == NULL) { - err.code = EINVAL; - err.desc = "Cannot obtain client certificate info"; - goto error_out; - } - - trio_asprintf(&stmt, "select owner, reg_time from jobs" - " where jobid='%|Ss'", ju); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such job registered"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 2) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - - glite_jp_db_freestmt(&db_res); - - /* XXX authorization done in soap_ops.c */ - - /* XXX name length */ - if (asprintf(&data_basename, "%s%s%s", class, - (name != NULL) ? "." : "", - (name != NULL) ? name : "") == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(&data_fname, "%s/data/%s/%d/%s/%s", - config->internal_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (asprintf(destination_out, "%s/data/%s/%d/%s/%s", - config->external_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (commit_before_inout != NULL) - /* XXX no timeout enforced */ - /* XXX: gsoap does not like so much, one year should be enough - *commit_before_inout = (time_t) LONG_MAX; - */ - *commit_before_inout = time(NULL) + 365*24*60*60; - - /* - if (add_to_gridmap(ctx, peername)) { - err.code = EIO; - err.desc = "Cannot add peer DN to ftp server authorization file"; - goto error_out; - } - */ - - peerhash = str2md5(peername); /* static buffer */ - if (store_user(ctx, peerhash, peername)) { - err.code = EIO; - err.desc = "Cannot store upload user entry"; - goto error_out; - } - - free(stmt); stmt = NULL; - trio_asprintf(&stmt,"insert into files" - "(jobid,filename,int_path,ext_url,state,deadline,ul_userid) " - "values ('%|Ss','%|Ss','%|Ss','%|Ss','%|Ss', '%|Ss', '%|Ss')", - ju, data_basename, data_fname, *destination_out, "uploading", - glite_jp_db_timetodb(*commit_before_inout), peerhash); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - if (ctx->error->code == EEXIST) { - err.code = EEXIST; - err.desc = "File already stored or upload in progress"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - -error_out: - free(db_row[0]); free(db_row[1]); - free(stmt); - free(data_basename); - free(data_fname); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_commit_upload( - glite_jp_context_t ctx, - const char *destination -) -{ - char *peername = NULL; - char *peerhash = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[7] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - int i; - - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(destination != NULL); - - trio_asprintf(&stmt, "select * from files where " - "ext_url='%|Ss' and state='uploading'", destination); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such upload in progress"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 7) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - glite_jp_db_freestmt(&db_res); - - peername = glite_jp_peer_name(ctx); - if (peername == NULL) { - err.code = EINVAL; - err.desc = "Cannot obtain client certificate info"; - goto error_out; - } - - peerhash = str2md5(peername); /* static buffer */ - if (strcmp(peerhash, db_row[6])) { - err.code = EPERM; - err.desc = "Upload started by client with different identity"; - goto error_out; - } - - free(stmt); - trio_asprintf(&stmt,"update files set state='committed', deadline=NULL " - "where jobid='%|Ss' and filename='%|Ss'", db_row[0], db_row[1]); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if (glite_jp_db_execstmt(ctx, stmt, NULL) < 0) { - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } -error_out: - for (i=0; i<7; i++) free(db_row[i]); - free(peername); - free(stmt); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_destination_info( - glite_jp_context_t ctx, - const char *destination, - char **job, - char **class, - char **name -) -{ - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[2] = { NULL, NULL}; - int i; - char *cp = NULL; - - char *classname = NULL; - glite_jp_error_t err; - - assert(destination != NULL); - assert(job != NULL); - assert(class != NULL); - assert(name != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - - trio_asprintf(&stmt, "select j.dg_jobid,f.filename from jobs j,files f where " - "f.ext_url='%|Ss' and j.jobid=f.jobid", destination); - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "Invalid destination string"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 2) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - glite_jp_db_freestmt(&db_res); - - *job = strdup(db_row[0]); - - cp = strchr(db_row[1],'.'); - if (!cp) { - *name = NULL; - } else { - *cp++ = '\0'; - *name = strdup(cp); - } - *class = strdup(db_row[1]); - - if (!*job || !*class) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - for (i=0; i<2; i++) free(db_row[i]); - free(stmt); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - - -int glite_jppsbe_get_job_url( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - char **url_out -) -{ - char *data_basename = NULL; - char *data_fname = NULL; - char *ju = NULL; - char *ju_path = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[3] = { NULL, NULL, NULL }; - - long reg_time; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(url_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/ : ""name"; - return glite_jp_stack_error(ctx,&err); - } - - trio_asprintf(&stmt, "select j.owner,reg_time,u.cert_subj from jobs j, users u " - "where j.jobid='%|Ss' and j.owner = u.userid", ju); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such job registered"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - free(stmt); stmt = NULL; - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 3) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - - glite_jp_db_freestmt(&db_res); - - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__GetJob,job,db_row[2])) { - err.code = EPERM; - goto error_out; - } - - /* XXX name length */ - if (asprintf(&data_basename, "%s%s%s", class, - (name != NULL) ? "." : "", - (name != NULL) ? name : "") == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(url_out, "%s/data/%s/%d/%s/%s", - config->external_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - - trio_asprintf(&stmt,"select 'x' from files where jobid='%|Ss' " - "and ext_url = '%|Ss' " - "and state='committed' ",ju,*url_out); - - if ((db_retn = glite_jp_db_execstmt(ctx,stmt,&db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "not uploaded yet"; - } - else { - err.code = EIO; - err.desc = "DB access failed"; - } - /* goto error_out; */ - } - -error_out: - free(db_row[0]); free(db_row[1]); - free(stmt); - free(data_basename); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_fname( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - char **fname_out -) -{ - char *data_basename = NULL; - char *ju = NULL; - char *ju_path = NULL; - - char *stmt = NULL; - glite_jp_db_stmt_t db_res; - int db_retn; - char *db_row[2] = { NULL, NULL }; - - long reg_time; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - assert(job!=NULL); - assert(fname_out != NULL); - - assert(class!=NULL); - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - trio_asprintf(&stmt, "select owner, reg_time from jobs " - "where jobid='%|Ss'", ju); - - if (!stmt) { - err.code = ENOMEM; - goto error_out; - } - - if ((db_retn = glite_jp_db_execstmt(ctx, stmt, &db_res)) <= 0) { - if (db_retn == 0) { - err.code = ENOENT; - err.desc = "No such job registered"; - } else { - err.code = EIO; - err.desc = "DB access failed"; - } - goto error_out; - } - - db_retn = glite_jp_db_fetchrow(db_res, db_row); - if (db_retn != 2) { - glite_jp_db_freestmt(&db_res); - err.code = EIO; - err.desc = "DB access failed"; - goto error_out; - } - - glite_jp_db_freestmt(&db_res); - - /* XXX name length */ - if (asprintf(&data_basename, "%s%s%s", class, - (name != NULL) ? "." : "", (name != NULL) ? name : "") == -1) { - err.code = ENOMEM; - goto error_out; - } - - if (asprintf(fname_out, "%s/data/%s/%d/%s/%s", - config->internal_path, db_row[0], - regtime_trunc(glite_jp_db_dbtotime(db_row[1])), - ju, data_basename) == -1) { - err.code = ENOMEM; - goto error_out; - } - -error_out: - free(db_row[0]); free(db_row[1]); - free(stmt); - free(data_basename); - free(ju); free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - - -int glite_jppsbe_open_file( - glite_jp_context_t ctx, - const char *job, - const char *class, - const char *name, - int mode, - void **handle_out -) -{ - fhandle handle = NULL; - char* fname = NULL; - glite_jp_error_t err; - - assert(handle_out != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (get_job_fname(ctx, job, class, name, &fname)) { - err.code = ctx->error->code; - err.desc = "Cannot construct internal filename"; - return glite_jp_stack_error(ctx,&err); - } - - handle = (fhandle) calloc(1,sizeof(*handle)); - if (handle == NULL) { - err.code = ENOMEM; - goto error_out; - } - - handle->fd = open(fname, mode, S_IRUSR | S_IWUSR); - if (handle->fd < 0) { - err.code = errno; - err.desc = "Cannot open requested file"; - free(handle); - goto error_out; - } - handle->fd_append = open(fname, mode | O_APPEND, S_IRUSR | S_IWUSR); - if (handle->fd_append < 0) { - err.code = errno; - err.desc = "Cannot open requested file for append"; - close(handle->fd); - free(handle); - goto error_out; - } - *handle_out = (void*) handle; - -error_out: - free(fname); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_close_file( - glite_jp_context_t ctx, - void *handle -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (close(((fhandle)handle)->fd_append) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor (fd_append)"; - goto error_out; - } - if (close(((fhandle)handle)->fd) < 0) { - err.code = errno; - err.desc = "Error closing file descriptor"; - goto error_out; - } - -error_out: - free(handle); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_pread( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset, - ssize_t *nbytes_ret -) -{ - ssize_t ret; - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if ((ret = pread(((fhandle)handle)->fd, buf, nbytes, offset)) < 0) { - err.code = errno; - err.desc = "Error in pread()"; - return glite_jp_stack_error(ctx,&err); - } - *nbytes_ret = ret; - - return 0; -} - -int glite_jppsbe_pwrite( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes, - off_t offset -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (pwrite(((fhandle)handle)->fd, buf, nbytes, offset) < 0) { - err.code = errno; - err.desc = "Error in pwrite()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jppsbe_append( - glite_jp_context_t ctx, - void *handle, - void *buf, - size_t nbytes -) -{ - glite_jp_error_t err; - - assert(handle != NULL); - assert(buf != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (write(((fhandle)handle)->fd_append, buf, nbytes) < 0) { - err.code = errno; - err.desc = "Error in write()"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -static int get_job_info( - glite_jp_context_t ctx, - const char *job, - char **owner, - struct timeval *tv_reg -) -{ - char *ju = NULL; - char *ju_path = NULL; - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char *int_fname = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (jobid_unique_pathname(ctx, job, &ju, &ju_path, 1) != 0) { - err.code = ctx->error->code; - err.desc = "Cannot obtain jobid unique path/name"; - return glite_jp_stack_error(ctx,&err); - } - - if (asprintf(&int_fname, "%s/regs/%s/%s.info", - config->internal_path, ju_path, ju) == -1) { - err.code = ENOMEM; - goto error_out; - } - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - if (errno == ENOENT) - err.desc = "Job not registered"; - else - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %*s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, &ownerlen) < 4 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - free(int_fname); - free(ju); - free(ju_path); - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -static int get_job_info_int( - glite_jp_context_t ctx, - const char *int_fname, - char **jobid, - char **owner, - struct timeval *tv_reg -) -{ - FILE *regfile = NULL; - long reg_time_sec; - long reg_time_usec; - int ownerlen = 0; - int info_version; - char jobid_buf[256]; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - regfile = fopen(int_fname, "r"); - if (regfile == NULL) { - err.code = errno; - err.desc = "Cannot open jobs's reg info file"; - goto error_out; - } - if (fscanf(regfile, "%d %ld.%ld %s %*s %d ", &info_version, - ®_time_sec, ®_time_usec, jobid_buf, &ownerlen) < 5 || ferror(regfile)) { - fclose(regfile); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - *jobid = strdup(jobid_buf); - if (ownerlen) { - *owner = (char *) calloc(1, ownerlen+1); - if (!*owner) { - err.code = ENOMEM; - goto error_out; - } - if (fgets(*owner, ownerlen+1, regfile) == NULL) { - fclose(regfile); - free(*owner); - err.code = errno; - err.desc = "Cannot read jobs's reg info file"; - goto error_out; - } - } - fclose(regfile); - - tv_reg->tv_sec = reg_time_sec; - tv_reg->tv_usec = reg_time_usec; - -error_out: - if (err.code) { - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} - -int glite_jppsbe_get_job_metadata( - glite_jp_context_t ctx, - const char *job, - glite_jp_attrval_t attrs_inout[] -) -{ - int got_info = 0; - struct timeval tv_reg; - char *owner = NULL; - int got_tags = 0; - void *tags_handle = NULL; - glite_jp_tagval_t* tags = NULL; - int i,j; - glite_jp_error_t err; - - assert(job != NULL); - assert(attrs_inout != NULL); - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; attrs_inout[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TIME: -*/ - if (!got_info) { - if (get_job_info(ctx, job, &owner, &tv_reg)) { - err.code = ctx->error->code; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - got_info = 1; - } - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - if (!got_tags) { - if (glite_jppsbe_open_file(ctx, job, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - got_tags = 1; - } - break; -*/ - default: - err.code = EINVAL; - err.desc = "Invalid attribute type"; - goto error_out; - break; - } - - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - attrs_inout[i].value.s = strdup(owner); - if (!attrs_inout[i].value.s) { - err.code = ENOMEM; - err.desc = "Cannot copy owner string"; - goto error_out; - } - break; - case GLITE_JP_ATTR_TIME: - attrs_inout[i].value.time = tv_reg; - break; - -/* must be implemented via filetype plugin - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, attrs_inout[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &attrs_inout[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) attrs_inout[i].value.tag.name = NULL; - break; -*/ - default: - break; - } - } - -error_out: - free(owner); - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); - - if (err.code) { - while (i > 0) { - i--; - switch (attrs_inout[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - free(attrs_inout[i].value.s); - break; - case GLITE_JP_ATTR_TAG: - free(attrs_inout[i].value.tag.name); - free(attrs_inout[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else { - return 0; - } -} -static int compare_timeval(struct timeval a, struct timeval b) -{ - if (a.tv_sec < b.tv_sec) return -1; - if (a.tv_sec > b.tv_sec) return 1; - if (a.tv_usec < b.tv_usec) return -1; - if (a.tv_usec > b.tv_usec) return 1; - return 0; -} - - -/* FIXME: disabled -- clarification wrt. filetype plugin needed */ - -#if 0 - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -); - -static int query_phase2( - glite_jp_context_t ctx, - const char *ownerhash, - long regtime_tr, - int q_tags, - int md_tags, - const glite_jp_query_rec_t query[], - glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - char *time_dirname = NULL; - DIR *time_dirp = NULL; - struct dirent *jobent; - char *info_fname = NULL; - char *jobid = NULL; - char *owner = NULL; - struct timeval tv_reg; - void *tags_handle = NULL; - int matching; - int i, j; - glite_jp_tagval_t* tags = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - if (asprintf(&time_dirname, "%s/data/%s/%d", config->internal_path, - ownerhash, regtime_tr) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - time_dirp = opendir(time_dirname); - if (!time_dirp) { - free(time_dirname); - return 0; /* found nothing */ - } - while ((jobent = readdir(time_dirp)) != NULL) { - if (!strcmp(jobent->d_name, ".")) continue; - if (!strcmp(jobent->d_name, "..")) continue; - if (asprintf(&info_fname, "%s/%s/_info", time_dirname, - jobent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - if (get_job_info_int(ctx, info_fname, &jobid, &owner, &tv_reg)) { - err.code = EIO; - err.desc = "Cannot retrieve job info"; - goto error_out; - } - if (q_tags || md_tags) { - if (glite_jppsbe_open_file(ctx, jobid, GLITE_JP_FILECLASS_TAGS, - O_RDONLY, &tags_handle)) { - err.code = ctx->error->code; - err.desc = "Cannot open tag file"; - goto error_out; - } - if (glite_jpps_tag_readall(ctx, tags_handle, &tags)) { - err.code = ctx->error->code; - err.desc = "Cannot read tags"; - glite_jppsbe_close_file(ctx, tags_handle); - goto error_out; - } - glite_jppsbe_close_file(ctx, tags_handle); - tags_handle = NULL; - } - - matching = 1; - for (i = 0; matching && query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (query[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - if (query[i].value.s == NULL || - strcmp(query[i].value.s, owner)) matching = 0; - break; - case GLITE_JP_ATTR_TIME: - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = compare_timeval(tv_reg, query[i].value.time); - break; - case GLITE_JP_QUERYOP_LESS: - matching = compare_timeval(tv_reg, query[i].value.time) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = compare_timeval(tv_reg, query[i].value.time) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = compare_timeval(tv_reg, query[i].value.time) >= 0 - && compare_timeval(tv_reg, query[i].value2.time) <= 0; - break; - } - break; - case GLITE_JP_ATTR_TAG: - if (!tags) { - matching = 0; - break; - } - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, query[i].attr.name)) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - matching = !strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_UNEQUAL: - matching = strcmp(tags[j].value, query[i].value.s); - break; - case GLITE_JP_QUERYOP_LESS: - matching = strcmp(tags[j].value, query[i].value.s) < 0; - break; - case GLITE_JP_QUERYOP_GREATER: - matching = strcmp(tags[j].value, query[i].value.s) > 0; - break; - case GLITE_JP_QUERYOP_WITHIN: - matching = strcmp(tags[j].value, query[i].value.s) >= 0 \ - && strcmp(tags[j].value, query[i].value2.s) <= 0 ; - break; - default: - break; - } - } - } - break; - default: - break; - } - } - if (!matching) { - free(info_fname); info_fname = NULL; - free(jobid); jobid = NULL; - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - free(tags); tags = NULL; - continue; - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - metadata[i].value.s = owner; - break; - case GLITE_JP_ATTR_TIME: - metadata[i].value.time = tv_reg; - break; - case GLITE_JP_ATTR_TAG: - for (j = 0; tags[j].name != NULL; j++) { - if (!strcmp(tags[j].name, metadata[i].attr.name)) { - if (glite_jpps_tagval_copy(ctx, &tags[j], - &metadata[i].value.tag)) { - err.code = ENOMEM; - err.desc = "Cannot copy tag value"; - goto error_out; - } - break; - } - } - if (!tags[j].name) { - metadata[i].value.tag.name = NULL; - metadata[i].value.tag.value = NULL; - } - break; - default: - break; - } - } - (*callback)(ctx, jobid, metadata); - free(jobid); jobid = NULL; - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - } - -error_out: - if (tags) for (j = 0; tags[j].name != NULL; j++) { - free(tags[j].name); - free(tags[j].value); - } - if (tags_handle) glite_jppsbe_close_file(ctx, tags_handle); - free(info_fname); - free(owner); - free(jobid); - closedir(time_dirp); - free(time_dirname); - if (err.code) { - while (i > 0) { - i--; - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_TAG: - free(metadata[i].value.tag.name); - free(metadata[i].value.tag.value); - default: - break; - } - } - return glite_jp_stack_error(ctx,&err); - } else - return 0; -} - -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - /* XXX clone metadata */ - int i; - char *q_exact_owner = NULL; - char *ownerhash = NULL; - long q_min_time = 0; - long q_max_time = LONG_MAX; - long q_min_time_tr; - long q_max_time_tr; - int q_with_tags = 0; - int md_info = 0; - int md_tags = 0; - char *owner_dirname = NULL; - DIR *owner_dirp = NULL; - struct dirent *ttimeent; - char *data_dirname = NULL; - DIR *data_dirp = NULL; - struct dirent *ownerent; - long ttime = 0; - glite_jp_attrval_t *metadata_templ = NULL; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - for (i = 0; query[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - if (query[i].attr.type == GLITE_JP_ATTR_OWNER && query[i].op == GLITE_JP_QUERYOP_EQUAL) { - q_exact_owner = query[i].value.s; - } - if (query[i].attr.type == GLITE_JP_ATTR_TIME) { - switch (query[i].op) { - case GLITE_JP_QUERYOP_EQUAL: - q_min_time = query[i].value.time.tv_sec; - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_LESS: - if (q_max_time > query[i].value.time.tv_sec + 1) - q_max_time = query[i].value.time.tv_sec + 1; - break; - case GLITE_JP_QUERYOP_WITHIN: - if (q_max_time > query[i].value2.time.tv_sec + 1) - q_max_time = query[i].value2.time.tv_sec + 1; - /* fallthrough */ - case GLITE_JP_QUERYOP_GREATER: - if (q_min_time < query[i].value.time.tv_sec) - q_min_time = query[i].value.time.tv_sec; - break; - default: - err.code = EINVAL; - err.desc = "Invalid query op"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - if (query[i].attr.type == GLITE_JP_ATTR_TAG) - q_with_tags = 1; - - } - - for (i = 0; metadata[i].attr.type != GLITE_JP_ATTR_UNDEF; i++) { - switch (metadata[i].attr.type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TIME: - md_info = 1; - break; - case GLITE_JP_ATTR_TAG: - md_tags = 1; - break; - default: - err.code = EINVAL; - err.desc = "Invalid attribute type in metadata parameter"; - return glite_jp_stack_error(ctx,&err); - break; - } - } - metadata_templ = (glite_jp_attrval_t *) calloc(i + 1, sizeof(glite_jp_attrval_t)); - if (!metadata_templ) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - memcpy(metadata_templ, metadata, (i + 1) * sizeof(glite_jp_attrval_t)); - - q_min_time_tr = regtime_trunc(q_min_time); - q_max_time_tr = regtime_ceil(q_max_time); - - if (q_exact_owner) { - ownerhash = str2md5(q_exact_owner); /* static buffer */ - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, ownerhash) == -1) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - free(metadata_templ); - return 0; /* found nothing */ - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerhash, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - } else { /* !q_exact_owner */ - if (asprintf(&data_dirname, "%s/data", config->internal_path) == -1) { - err.code = ENOMEM; - goto error_out; - } - data_dirp = opendir(data_dirname); - if (!data_dirp) { - err.code = EIO; - err.desc = "Cannot open data directory"; - goto error_out; - } - while ((ownerent = readdir(data_dirp)) != NULL) { - if (!strcmp(ownerent->d_name, ".")) continue; - if (!strcmp(ownerent->d_name, "..")) continue; - if (asprintf(&owner_dirname, "%s/data/%s", config->internal_path, - ownerent->d_name) == -1) { - err.code = ENOMEM; - goto error_out; - } - owner_dirp = opendir(owner_dirname); - free(owner_dirname); - if (!owner_dirp) { - err.code = EIO; - err.desc = "Cannot open owner data directory"; - goto error_out; - } - while ((ttimeent = readdir(owner_dirp)) != NULL) { - if (!strcmp(ttimeent->d_name, ".")) continue; - if (!strcmp(ttimeent->d_name, "..")) continue; - ttime = atol(ttimeent->d_name); - if (ttime >= q_min_time_tr && ttime < q_max_time_tr) { - if (query_phase2(ctx, ownerent->d_name, ttime, q_with_tags, md_tags, - query, metadata_templ, callback)) { - err.code = EIO; - err.desc = "query_phase2() error"; - goto error_out; - } - } - } - closedir(owner_dirp); owner_dirp = NULL; - } - closedir(data_dirp); data_dirp = NULL; - } - return 0; - -error_out: - if (owner_dirp) closedir(owner_dirp); - if (data_dirp) closedir(data_dirp); - free(data_dirname); - free(metadata_templ); - return glite_jp_stack_error(ctx,&err); -} - -#else - -/* placeholder instead */ -int glite_jppsbe_query( - glite_jp_context_t ctx, - const glite_jp_query_rec_t query[], - const glite_jp_attrval_t metadata[], - int (*callback)( - glite_jp_context_t ctx, - const char *job, - const glite_jp_attrval_t metadata[] - ) -) -{ - glite_jp_error_t err; - err.code = ENOSYS; - err.desc = "not implemented"; - return glite_jp_stack_error(ctx,&err); -} - -#endif - -/* XXX: -- no primary authorization yet -- no concurrency control yet -- partial success in pwrite,append -- "unique" part of jobid is assumed to be unique across bookkeeping servers -- repository versioning not fully implemented yet -*/ diff --git a/org.glite.jp.primary/src/simple_server.c b/org.glite.jp.primary/src/simple_server.c deleted file mode 100644 index 3bbb743..0000000 --- a/org.glite.jp.primary/src/simple_server.c +++ /dev/null @@ -1,59 +0,0 @@ -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "jpps_H.h" - -extern SOAP_NMAC struct Namespace jpis__namespaces[],jpps__namespaces[]; - -int main(int argc, char *argv[]) { - struct soap soap; - int i, m, s; // master and slave sockets - - glite_jp_context_t ctx; - - soap_init(&soap); - soap_set_namespaces(&soap, jpps__namespaces); - - glite_jp_init_context(&ctx); - - if (glite_jppsbe_init(ctx, &argc, argv)) { - /* XXX log */ - fputs(glite_jp_error_chain(ctx), stderr); - exit(1); - } - - soap.user = (void *) ctx; - - ctx->other_soap = soap_new(); - soap_init(ctx->other_soap); - soap_set_namespaces(ctx->other_soap,jpis__namespaces); - - srand48(time(NULL)); /* feed id generation */ - - m = soap_bind(&soap, NULL, 8901, 100); - if (m < 0) - soap_print_fault(&soap, stderr); - else - { - fprintf(stderr, "Socket connection successful: master socket = %d\n", m); - for (i = 1; ; i++) { - s = soap_accept(&soap); - if (s < 0) { - soap_print_fault(&soap, stderr); - break; - } - jpps__serve(&soap); // process RPC request - soap_destroy(&soap); // clean up class instances - soap_end(&soap); // clean up everything and close socket - glite_jp_run_deferred(ctx); - } - } - soap_done(&soap); // close master socket - - return 0; -} - -/* XXX: we don't use it */ -SOAP_NMAC struct Namespace namespaces[] = { {NULL,NULL} }; diff --git a/org.glite.jp.primary/src/soap_ops.c b/org.glite.jp.primary/src/soap_ops.c deleted file mode 100644 index 3e95c26..0000000 --- a/org.glite.jp.primary/src/soap_ops.c +++ /dev/null @@ -1,454 +0,0 @@ -#include -#include -#include - -#include "glite/jp/types.h" -#include "glite/jp/context.h" - -#include "feed.h" - -#include "jpps_H.h" -/* #include "JobProvenancePS.nsmap" */ -#include "jpps_.nsmap" - -#include "jptype_map.h" - -#include "file_plugin.h" -#include "builtin_plugins.h" - -static struct jptype__genericFault *jp2s_error(struct soap *soap, - const glite_jp_error_t *err) -{ - struct jptype__genericFault *ret = NULL; - if (err) { - ret = soap_malloc(soap,sizeof *ret); - memset(ret,0,sizeof *ret); - ret->code = err->code; - ret->source = soap_strdup(soap,err->source); - ret->text = soap_strdup(soap,strerror(err->code)); - ret->description = soap_strdup(soap,err->desc); - ret->reason = jp2s_error(soap,err->reason); - } - return ret; -} - -static void err2fault(const glite_jp_context_t ctx,struct soap *soap) -{ - char *et; - struct SOAP_ENV__Detail *detail = soap_malloc(soap,sizeof *detail); - struct _genericFault *f = soap_malloc(soap,sizeof *f); - - - f->jpelem__genericFault = jp2s_error(soap,ctx->error); - - detail->__type = SOAP_TYPE__genericFault; -#if GSOAP_VERSION >= 20700 - detail->fault = f; -#else - detail->value = f; -#endif - detail->__any = NULL; - - soap_receiver_fault(soap,"Oh, shit!",NULL); - if (soap->version == 2) soap->fault->SOAP_ENV__Detail = detail; - else soap->fault->detail = detail; -} - -/* deprecated -static glite_jp_fileclass_t s2jp_fileclass(enum jptype__UploadClass class) -{ - switch (class) { - case INPUT_SANDBOX: return GLITE_JP_FILECLASS_INPUT; - case OUTPUT_SANDBOX: return GLITE_JP_FILECLASS_OUTPUT; - case JOB_LOG: return GLITE_JP_FILECLASS_LBLOG; - default: return GLITE_JP_FILECLASS_UNDEF; - } -} -*/ - -static void s2jp_tag(const struct jptype__tagValue *stag,glite_jp_tagval_t *jptag) -{ - memset(jptag,0,sizeof *jptag); - jptag->name = strdup(stag->name); - jptag->sequence = stag->sequence ? *stag->sequence : 0; - jptag->timestamp = stag->timestamp ? *stag->timestamp : 0; - if (stag->stringValue) jptag->value = strdup(stag->stringValue); - else if (stag->blobValue) { - jptag->binary = 1; - jptag->size = stag->blobValue->__size; - jptag->value = (char *) stag->blobValue->__ptr; - } -} - -#define CONTEXT_FROM_SOAP(soap,ctx) glite_jp_context_t ctx = (glite_jp_context_t) ((soap)->user) - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__RegisterJob( - struct soap *soap, - struct _jpelem__RegisterJob *in, - struct _jpelem__RegisterJobResponse *empty) -{ - CONTEXT_FROM_SOAP(soap,ctx); - glite_jp_attrval_t owner_val[2]; - - printf("%s %s %s\n",__FUNCTION__,in->job,in->owner); - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__RegisterJob,in->job,in->owner) || - glite_jppsbe_register_job(ctx,in->job,in->owner)) - { - err2fault(ctx,soap); - return SOAP_FAULT; - } - - owner_val[0].attr.type = GLITE_JP_ATTR_OWNER; - owner_val[0].value.s = in->owner; - owner_val[1].attr.type = GLITE_JP_ATTR_UNDEF; - -/* XXX: errrors should be ingored but not silently */ - glite_jpps_match_attr(ctx,in->job,owner_val); - - return SOAP_OK; -} - - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__StartUpload( - struct soap *soap, - struct _jpelem__StartUpload *in, - struct _jpelem__StartUploadResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - char *destination; - time_t commit_before = in->commitBefore; - glite_jp_error_t err; - glite_jpps_fplug_data_t **pd = NULL; - int i; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__StartUpload,NULL,NULL)) { - err2fault(ctx,soap); - return SOAP_FAULT; - } - - switch (glite_jpps_fplug_lookup(ctx,in->class_,&pd)) { - case ENOENT: - err.code = ENOENT; - err.source = __FUNCTION__; - err.desc = "unknown file class"; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - return SOAP_FAULT; - case 0: break; - default: - err2fault(ctx,soap); - return SOAP_FAULT; - } - - for (i=0; pd[0]->uris[i] && strcmp(pd[0]->uris[i],in->class_); i++); - assert(pd[0]->uris[i]); - - if (glite_jppsbe_start_upload(ctx,in->job,pd[0]->classes[i],in->name,in->contentType, - &destination,&commit_before)) - { - err2fault(ctx,soap); - free(pd); - return SOAP_FAULT; - } - - out->destination = soap_strdup(soap,destination); - free(destination); - out->commitBefore = commit_before; - - free(pd); - return SOAP_OK; -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__CommitUpload( - struct soap *soap, - struct _jpelem__CommitUpload *in, - struct _jpelem__CommitUploadResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - char *job,*class,*name; - - job = class = name = NULL; - - if (glite_jpps_authz(ctx,SOAP_TYPE___jpsrv__CommitUpload,NULL,NULL) || - glite_jppsbe_commit_upload(ctx,in->destination)) - { - err2fault(ctx,soap); - return SOAP_FAULT; - } - - /* XXX: should not fail when commit_upload was OK */ - assert(glite_jppsbe_destination_info(ctx,in->destination,&job,&class,&name) == 0); - - /* XXX: ignore errors but don't fail silenty */ - glite_jpps_match_file(ctx,job,class,name); - - free(job); free(class); free(name); - - return SOAP_OK; -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__RecordTag( - struct soap *soap, - struct _jpelem__RecordTag *in, - struct _jpelem__RecordTagResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - void *file_be,*file_p; - glite_jpps_fplug_data_t **pd = NULL; - - glite_jp_tagval_t mytag; - - file_be = file_p = NULL; - - /* XXX: we assume just one plugin and also that TAGS plugin handles - * just one uri/class */ - - if (glite_jpps_fplug_lookup(ctx,GLITE_JP_FILETYPE_TAGS,&pd) - || glite_jppsbe_open_file(ctx,in->jobid,pd[0]->classes[0],NULL, - O_RDWR|O_CREAT,&file_be) - /* XXX: tags need reading to check magic number */ - ) { - free(pd); - err2fault(ctx,soap); - return SOAP_FAULT; - } - - s2jp_tag(in->tag,&mytag); - - /* XXX: assuming tag plugin handles just one type */ - if (pd[0]->ops.open(pd[0]->fpctx,file_be,GLITE_JP_FILETYPE_TAGS,&file_p) - || pd[0]->ops.generic(pd[0]->fpctx,file_p,GLITE_JP_FPLUG_TAGS_APPEND,&mytag)) - { - err2fault(ctx,soap); - if (file_p) pd[0]->ops.close(pd[0]->fpctx,file_p); - glite_jppsbe_close_file(ctx,file_be); - free(pd); - return SOAP_FAULT; - } - - if (pd[0]->ops.close(pd[0]->fpctx,file_p) - || glite_jppsbe_close_file(ctx,file_be)) - { - err2fault(ctx,soap); - free(pd); - return SOAP_FAULT; - } - - /* XXX: ignore errors but don't fail silenty */ - glite_jpps_match_tag(ctx,in->jobid,&mytag); - - free(pd); - return SOAP_OK; -} - -extern char *glite_jp_default_namespace; - -/* XXX: should be public */ -#define GLITE_JP_TAGS_NAMESPACE "http://glite.org/services/jp/tags" - -static void s2jp_attr(const char *in,glite_jp_attr_t *out) -{ - char *buf = strdup(in),*name = strchr(buf,':'),*ns = NULL; - - if (name) { - ns = buf; - *name++ = 0; - } - else { - name = buf; - ns = glite_jp_default_namespace; - } - - memset(out,0,sizeof *out); - - if (strcmp(ns,glite_jp_default_namespace)) - out->type = strcmp(ns,GLITE_JP_TAGS_NAMESPACE) ? - GLITE_JP_ATTR_GENERIC : GLITE_JP_ATTR_TAG; - else { - if (!strcmp(name,"owner")) out->type = GLITE_JP_ATTR_OWNER; - else if (!strcmp(name,"time")) out->type = GLITE_JP_ATTR_OWNER; - - } - - if (out->type) { - out->name = strdup(name); - out->namespace = strdup(ns); - } -} - -static void s2jp_queryval( - const char *in, - glite_jp_attrtype_t type, - union _glite_jp_query_rec_val *out) -{ - switch (type) { - case GLITE_JP_ATTR_OWNER: - case GLITE_JP_ATTR_TAG: - case GLITE_JP_ATTR_GENERIC: - out->s = strdup(in); - break; - case GLITE_JP_ATTR_TIME: - out->time.tv_sec = atoi(in); - break; - } -} - -static void s2jp_query(const struct jptype__primaryQuery *in, glite_jp_query_rec_t *out) -{ - s2jp_attr(in->attr,&out->attr); - - switch (in->op) { - case EQUAL: out->op = GLITE_JP_QUERYOP_EQUAL; break; - case UNEQUAL: out->op = GLITE_JP_QUERYOP_UNEQUAL; break; - case LESS: out->op = GLITE_JP_QUERYOP_LESS; break; - case GREATER: out->op = GLITE_JP_QUERYOP_GREATER; break; - case WITHIN: - out->op = GLITE_JP_QUERYOP_WITHIN; - s2jp_queryval(in->value2,out->attr.type,&out->value2); - break; - } - - s2jp_queryval(in->value,out->attr.type,&out->value); -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__FeedIndex( - struct soap *soap, - struct _jpelem__FeedIndex *in, - struct _jpelem__FeedIndexResponse *out) -{ - -/* deferred processing: return feed_id to the index server first, - * start feeding it afterwards -- not before the index server actually - * knows feed_id and is ready to accept the feed. - * - * Has to be done within the same server slave, - * passed through the context */ - - CONTEXT_FROM_SOAP(soap,ctx); - char *feed_id = NULL; - time_t expires = 0; - int ret = SOAP_OK; - - glite_jp_attr_t *attrs = calloc(in->__sizeattributes+1,sizeof *attrs); - glite_jp_query_rec_t *qry = calloc(in->__sizeconditions+1,sizeof *qry); - int i; - - glite_jp_clear_error(ctx); - - for (i = 0; i__sizeattributes; i++) s2jp_attr(in->attributes[i],attrs+i); - for (i = 0; i__sizeconditions; i++) s2jp_query(in->conditions[i],qry+i); - - if (in->history) { - if (glite_jpps_run_feed(ctx,in->destination,attrs,qry,&feed_id)) { - err2fault(ctx,soap); - ret = SOAP_FAULT; - goto cleanup; - } - } - - if (in->continuous) { - if (glite_jpps_register_feed(ctx,in->destination,attrs,qry,&feed_id,&expires)) { - err2fault(ctx,soap); - ret = SOAP_FAULT; - goto cleanup; - } - } - - if (!in->history && !in->continuous) { - glite_jp_error_t err; - memset(&err,0,sizeof err); - err.code = EINVAL; - err.source = __FUNCTION__; - err.desc = "at least one of and must be true"; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - ret = SOAP_FAULT; - goto cleanup; - } - - out->feedExpires = expires; - out->feedId = soap_strdup(soap,feed_id); - -cleanup: - free(feed_id); - for (i=0; attrs[i].type; i++) free(attrs[i].name); - free(attrs); - for (i=0; qry[i].attr.type; i++) glite_jp_free_query_rec(qry+i); - free(qry); - - return ret; -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__FeedIndexRefresh( - struct soap *soap, - struct _jpelem__FeedIndexRefresh *in, - struct _jpelem__FeedIndexRefreshResponse *out) -{ - fprintf(stderr,"%s: not implemented\n",__FUNCTION__); - abort(); -} - -SOAP_FMAC5 int SOAP_FMAC6 __jpsrv__GetJob( - struct soap *soap, - struct _jpelem__GetJob *in, - struct _jpelem__GetJobResponse *out) -{ - CONTEXT_FROM_SOAP(soap,ctx); - char *url; - - int i,n; - glite_jp_error_t err; - void **pd; - struct jptype__jppsFile **f = NULL; - - memset(&err,0,sizeof err); - out->__sizefiles = 0; - - for (pd = ctx->plugins; *pd; pd++) { - glite_jpps_fplug_data_t *plugin = *pd; - - for (i=0; plugin->uris[i]; i++) { - glite_jp_clear_error(ctx); - switch (glite_jppsbe_get_job_url(ctx,in->jobid,plugin->classes[i],NULL,&url)) { - case 0: n = out->__sizefiles++; - f = realloc(f,out->__sizefiles * sizeof *f); - f[n] = soap_malloc(soap, sizeof **f); - f[n]->class_ = soap_strdup(soap,plugin->uris[i]); - f[n]->name = NULL; - f[n]->url = soap_strdup(soap,url); - free(url); - break; - case ENOENT: - break; - default: - err.code = ctx->error->code; - err.source = "jpsrv__GetJob()"; - err.desc = plugin->uris[i]; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); - glite_jp_clear_error(ctx); - return SOAP_FAULT; - } - } - } - - if (!out->__sizefiles) { - glite_jp_clear_error(ctx); - err.code = ENOENT; - err.source = __FUNCTION__; - err.desc = "No file found for this job"; - glite_jp_stack_error(ctx,&err); - err2fault(ctx,soap); -// glite_jp_clear_error(ctx); - return SOAP_FAULT; - } - - out->files = soap_malloc(soap,out->__sizefiles * sizeof *f); - memcpy(out->files,f,out->__sizefiles * sizeof *f); - - return SOAP_OK; -} - diff --git a/org.glite.jp.primary/src/tags.c b/org.glite.jp.primary/src/tags.c deleted file mode 100644 index 1f11b4d..0000000 --- a/org.glite.jp.primary/src/tags.c +++ /dev/null @@ -1,233 +0,0 @@ -#include -#include -#include -#include -#include - -#include -#include "tags.h" -#include "backend.h" - -/* magic name_len value_len binary sequence timestamp */ -#define HEADER "JP#TAG# %05u %012lu %c %05u %012lu#" -#define HEADER_SIZE 48 - -int glite_jpps_tag_append( - glite_jp_context_t ctx, - void *handle, - const glite_jp_tagval_t *tag -) -{ - char hdr[HEADER_SIZE+1]; - glite_jp_error_t err; - - unsigned long vlen = tag->binary ? tag->size : - (tag->value ? strlen(tag->value) : 0); - int nlen; - - memset(&err,0,sizeof err); - err.source = "glite_jpps_tag_append()"; - - if (!tag->name) { - err.code = EINVAL; - err.desc = "tag name"; - return glite_jp_stack_error(ctx,&err); - } - - nlen = strlen(tag->name); - - assert(sprintf(hdr,HEADER,nlen,vlen, - tag->binary ? "B" : "S", - tag->sequence, tag->timestamp) == HEADER_SIZE); - - if (glite_jppsbe_append(ctx,handle,hdr,HEADER_SIZE)) { - err.code = EIO; - err.desc = "write tag header"; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jppsbe_append(ctx,handle,tag->name,nlen)) { - err.code = EIO; - err.desc = "write tag name"; - return glite_jp_stack_error(ctx,&err); - } - - if (glite_jppsbe_append(ctx,handle,tag->value,vlen)) { - err.code = EIO; - err.desc = "write tag value"; - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} - -int glite_jpps_tagval_copy( - glite_jp_context_t ctx, - glite_jp_tagval_t *from, - glite_jp_tagval_t *to -) -{ - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - to->name = strdup(from->name); - if (!to->name) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - to->sequence = from->sequence; - to->timestamp = from->timestamp; - to->binary = from->binary; - to->size = from->size; - to->value = (char *) malloc(to->size); - if (!to->value) { - free(to->name); - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - memcpy(from->value, to->value, to->size); - - return 0; -} - -int glite_jpps_tag_read( - glite_jp_context_t ctx, - void *handle, - off_t offset, - glite_jp_tagval_t *tagvalue, - size_t *shift -) -{ - char hdr[HEADER_SIZE+1]; - unsigned int nlen; - unsigned long vlen; - char binary; - unsigned sequence; - unsigned timestamp; - char * name = NULL; - char * value = NULL; - ssize_t ret; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - hdr[HEADER_SIZE] = '\0'; - if (glite_jppsbe_pread(ctx, handle, hdr, HEADER_SIZE, offset, &ret)) { - err.code = EIO; - err.desc = "Cannot read tag header"; - goto error_out; - } - if (ret == 0) { - err.code = ENOENT; - err.desc = "No more tags in the file"; - goto error_out; - } - /* #define HEADER "JP#TAG# %05u %012lu %c %05u %012lu#" */ - if (sscanf(hdr, HEADER, &nlen, &vlen, &binary, &sequence, ×tamp) < 5) { - err.code = EILSEQ; - err.desc = "Incorrect tag header format"; - goto error_out; - } - name = (char*) malloc(nlen + 1); - if (!name) { - err.code = ENOMEM; - goto error_out; - } - name[nlen] = '\0'; - value = (char*) malloc(vlen + 1); - if (!value) { - err.code = ENOMEM; - goto error_out; - } - value[vlen] = '\0'; - if (glite_jppsbe_pread(ctx, handle, name, nlen, offset + HEADER_SIZE, &ret)) { - err.code = EIO; - err.desc = "Cannot read tag name"; - goto error_out; - } - if (glite_jppsbe_pread(ctx, handle, value, vlen, offset + HEADER_SIZE + nlen, &ret)) { - err.code = EIO; - err.desc = "Cannot read tag value"; - goto error_out; - } - - tagvalue->name = name; - tagvalue->sequence = sequence; - tagvalue->timestamp = timestamp; - tagvalue->binary = (binary == 'B') ? 1 : 0; - tagvalue->size = vlen; - tagvalue->value = value; - - *shift = HEADER_SIZE + nlen + vlen; - - return 0; -error_out: - free(name); - free(value); - return glite_jp_stack_error(ctx,&err); -} - -/* -int glite_jpps_tag_read(glite_jp_context_t, void *, off_t, glite_jp_tagval_t *, size_t); -int glite_jpps_tag_readall(glite_jp_context_t, void *, glite_jp_tagval_t **); -*/ - -int glite_jpps_tag_readall( - glite_jp_context_t ctx, - void *handle, - glite_jp_tagval_t **tags_out -) -{ - glite_jp_tagval_t * tags = NULL; - void * newspace; - int ntags = 0; - int ntagspace = 0; - off_t offset = 0; - int ret; - size_t shift; - glite_jp_error_t err; - - glite_jp_clear_error(ctx); - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - - ntagspace = 1; - tags = (glite_jp_tagval_t *) calloc(ntagspace + 1, sizeof(*tags)); - if (!tags) { - err.code = ENOMEM; - return glite_jp_stack_error(ctx,&err); - } - while (!(ret = glite_jpps_tag_read(ctx, handle, offset, &tags[ntags], &shift))) { - offset += shift; - ntags++; - if (ntagspace <= ntags) { - ntagspace += 1; - newspace = realloc(tags, (ntagspace + 1) * sizeof(*tags)); - if (!newspace) { - err.code = ENOMEM; - goto error_out; - } - tags = (glite_jp_tagval_t *) newspace; - } - } - if (ret == ENOENT) { - *tags_out = tags; - return 0; - } else { - err.code = EIO; - err.desc = "Error reading tag value"; - } - -error_out: - for (; ntags-- ;) { - free(tags[ntags].name); - free(tags[ntags].value); - } - free(tags); - return glite_jp_stack_error(ctx,&err); -} diff --git a/org.glite.jp.primary/src/tags.h b/org.glite.jp.primary/src/tags.h deleted file mode 100644 index 0d8afa8..0000000 --- a/org.glite.jp.primary/src/tags.h +++ /dev/null @@ -1 +0,0 @@ -int glite_jpps_tag_append(glite_jp_context_t,void *,const glite_jp_tagval_t *); diff --git a/org.glite.jp.primary/src/tags_plugin.c b/org.glite.jp.primary/src/tags_plugin.c deleted file mode 100644 index 877201d..0000000 --- a/org.glite.jp.primary/src/tags_plugin.c +++ /dev/null @@ -1,149 +0,0 @@ -#include -#include -#include -#include -#include -#include - -#include - -#include "file_plugin.h" -#include "builtin_plugins.h" -#include "backend.h" - -static int tagappend(void *,void *,int,...); -static int tagopen(void *,void *,const char *uri,void **); -static int tagclose(void *,void *); - -#define TAGS_MAGIC 0x74c016f2 /* two middle digits encode version, i.e. 01 */ - -static int tagdummy() -{ - puts("tagdummy()"); - return -1; -} - -struct tags_handle { - void *bhandle; - int n; - glite_jp_tagval_t *tags; -}; - -int init(glite_jp_context_t ctx, glite_jpps_fplug_data_t *data) -{ - data->fpctx = ctx; - - data->uris = calloc(2,sizeof *data->uris); - data->uris[0] = strdup(GLITE_JP_FILETYPE_TAGS); - - data->classes = calloc(2,sizeof *data->classes); - data->classes[0] = strdup("tags"); - - data->ops.open = tagopen; - data->ops.close = tagclose; - data->ops.attr = tagdummy; - data->ops.generic = tagappend; - - printf("tags_plugin: URI: \"%s\"; magic number: 0x%08lx\n",GLITE_JP_FILETYPE_TAGS,TAGS_MAGIC); - return 0; -} - -static int tagopen(void *fpctx,void *bhandle,const char *uri,void **handle) -{ - struct tags_handle *h = calloc(1,sizeof *h); - h->n = -1; - h->bhandle = bhandle; - - *handle = h; - - return 0; -} - -static int tagclose(void *fpctx,void *handle) -{ - int i; - struct tags_handle *h = handle; - - for (i=0; in; i++) { - free(h->tags[i].name); - free(h->tags[i].value); - } - free(h->tags); - free(h); - - return 0; -} - -static int tagappend(void *fpctx,void *handle,int oper,...) -{ - glite_jp_tagval_t *tag; - va_list ap; - char *hdr,*rec; - glite_jp_context_t ctx = fpctx; - struct tags_handle *h = handle; - uint32_t magic,hlen,rlen,rlen_n; - size_t r; - glite_jp_error_t err; - - memset(&err,0,sizeof err); - err.source = __FUNCTION__; - glite_jp_clear_error(ctx); - - va_start(ap,oper); - tag = va_arg(ap,glite_jp_tagval_t *); - va_end(ap); - - printf("tagappend: %s,%d,%s\n",tag->name,tag->sequence,tag->value); - - assert(oper == GLITE_JP_FPLUG_TAGS_APPEND); - - if (glite_jppsbe_pread(ctx,h->bhandle,&magic,sizeof magic,0,&r)) { - err.code = EIO; - err.desc = "reading magic number"; - return glite_jp_stack_error(ctx,&err); - } - - if (r == 0) { - magic = htonl(TAGS_MAGIC); - if (glite_jppsbe_pwrite(ctx,h->bhandle,&magic,sizeof magic,0)) { - err.code = EIO; - err.desc = "writing magic number"; - return glite_jp_stack_error(ctx,&err); - } - } - else if (r != sizeof magic) { - err.code = EIO; - err.desc = "can't read magic number"; - return glite_jp_stack_error(ctx,&err); - } - else if (magic != htonl(TAGS_MAGIC)) { - err.code = EINVAL; - err.desc = "invalid magic number"; - return glite_jp_stack_error(ctx,&err); - } - - trio_asprintf(&hdr,"%d %ld %c",tag->sequence, - tag->timestamp,tag->binary ? 'B' : 'S'); - - rlen = strlen(tag->name) + strlen(hdr) + 2 /* \0 after name and after hdr */ + - (r = tag->binary ? tag->size : (tag->value ? strlen(tag->value) : 0)); - - rlen_n = htonl(rlen); - - rec = malloc(rlen + sizeof rlen_n); - *((uint32_t *) rec) = rlen_n; - strcpy(rec + sizeof rlen_n,tag->name); - strcpy(rec + (hlen = sizeof rlen_n + strlen(tag->name) + 1),hdr); - - if (r) memcpy(rec + hlen + strlen(hdr) + 1,tag->value,r); - free(hdr); - - if (glite_jppsbe_append(ctx,h->bhandle,rec,rlen + sizeof rlen_n)) { - err.code = EIO; - err.desc = "writing tag record"; - free(rec); - return glite_jp_stack_error(ctx,&err); - } - - return 0; -} diff --git a/org.glite.jp.primary/src/typemap.dat b/org.glite.jp.primary/src/typemap.dat deleted file mode 100644 index 72f515f..0000000 --- a/org.glite.jp.primary/src/typemap.dat +++ /dev/null @@ -1,3 +0,0 @@ -jpsrv = http://glite.org/wsdl/services/jp -jptype = http://glite.org/wsdl/types/jp -jpelem = http://glite.org/wsdl/elements/jp diff --git a/org.glite.jp.ws-interface/.cvsignore b/org.glite.jp.ws-interface/.cvsignore deleted file mode 100755 index 1df717b..0000000 --- a/org.glite.jp.ws-interface/.cvsignore +++ /dev/null @@ -1,2 +0,0 @@ -.project -.cdtproject \ No newline at end of file diff --git a/org.glite.jp.ws-interface/LICENSE b/org.glite.jp.ws-interface/LICENSE deleted file mode 100755 index 01b973b..0000000 --- a/org.glite.jp.ws-interface/LICENSE +++ /dev/null @@ -1,69 +0,0 @@ -LICENSE file for EGEE Middleware -================================ - -Copyright (c) 2004 on behalf of the EU EGEE Project: -The European Organization for Nuclear Research (CERN), -Istituto Nazionale di Fisica Nucleare (INFN), Italy -Datamat Spa, Italy -Centre National de la Recherche Scientifique (CNRS), France -CS Systeme d'Information (CSSI), France -Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -Universiteit van Amsterdam (UvA), Netherlands -University of Helsinki (UH.HIP), Finlan -University of Bergen (UiB), Norway -Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -1. Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright -notice, this list of conditions and the following disclaimer in the -documentation and/or other materials provided with the distribution. - -3. The end-user documentation included with the redistribution, if -any, must include the following acknowledgment: "This product includes -software developed by The EU EGEE Project (http://cern.ch/eu-egee/)." -Alternatively, this acknowledgment may appear in the software itself, if -and wherever such third-party acknowledgments normally appear. - -4. The names EGEE and the EU EGEE Project must not be -used to endorse or promote products derived from this software without -prior written permission. For written permission, please contact -. - -5. You are under no obligation whatsoever to provide anyone with any -bug fixes, patches, or upgrades to the features, functionality or -performance of the Software ("Enhancements") that you may develop over -time; however, if you choose to provide your Enhancements to The EU -EGEE Project, or if you choose to otherwise publish or distribute your -Enhancements, in source code form without contemporaneously requiring -end users of The EU EGEE Proejct to enter into a separate written license -agreement for such Enhancements, then you hereby grant The EU EGEE Project -a non-exclusive, royalty-free perpetual license to install, use, copy, -modify, prepare derivative works, incorporate into the EGEE Middleware -or any other computer software, distribute, and sublicense your -Enhancements or derivative works thereof, in binary and source code -form (if any), whether developed by The EU EGEE Project or third parties. - -THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL PROJECT OR ITS CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE -OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -This software consists of voluntary contributions made by many -individuals on behalf of the EU EGEE Prject. For more information on The -EU EGEE Project, please see http://cern.ch/eu-egee/. For more information on -EGEE Middleware, please see http://egee-jra1.web.cern.ch/egee-jra1/ - - diff --git a/org.glite.jp.ws-interface/Makefile b/org.glite.jp.ws-interface/Makefile deleted file mode 100644 index ee80ab4..0000000 --- a/org.glite.jp.ws-interface/Makefile +++ /dev/null @@ -1,61 +0,0 @@ -# Default values -top_srcdir=. -builddir=build -top_builddir=${top_srcdir}/${builddir} -stagedir=. -distdir=. -globalprefix=glite -package=glite-jp-ws-interface -version=0.0.0 -PREFIX=/opt/glite - --include Makefile.inc - -VPATH=${top_srcdir}/interface:${top_srcdir}/src -STAGETO=interface - -XSLTPROC=xsltproc -XMLLINT:=xmllint -docbookxls:=http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl - -#WSDL=JobProvenancePS.wsdl JobProvenanceIS.wsdl JobProvenanceTypes.wsdl -WSDL=JobProvenancePS.wsdl JobProvenanceTypes.wsdl - -all compile: ${WSDL} - -check: - @echo No unit test required for interface-only module. - -stage: ${WSDL} - $(MAKE) install PREFIX=${stagedir} - -dist: distsrc distbin - -distsrc: - mkdir -p ${top_srcdir}/${package}-${version} - cd ${top_srcdir} && GLOBIGNORE="${package}-${version}" && cp -Rf * ${package}-${version} - cd ${top_srcdir} && tar -czf ${distdir}/${package}-${version}_src.tar.gz --exclude-from=project/tar_exclude ${package}-${version} - rm -rf ${top_srcdir}/${package}-${version} - -distbin: - $(MAKE) install PREFIX=${top_srcdir}/tmpbuilddir - cd ${top_srcdir}/tmpbuilddir && tar -czf ${top_srcdir}/${distdir}/${package}-${version}_bin.tar.gz * - rm -rf ${top_srcdir}/tmpbuilddir - -install: - -mkdir -p ${PREFIX}/${STAGETO} - -mkdir -p ${PREFIX}/share/doc/${package}-${version} - install -m 644 ${top_srcdir}/LICENSE ${PREFIX}/share/doc/${package}-${version} -# cd ${top_srcdir}/interface && install -m 644 ${WSDL} ${PREFIX}/${STAGETO} - install -m 644 ${WSDL} ${PREFIX}/${STAGETO} - -clean: - rm -f *.h - -%.wsdl: %.xml - ${XSLTPROC} ../src/puke-wsdl.xsl $< >$@ - -JobProvenancePS.html: doc.xml JobProvenancePS.xml JobProvenanceTypes.xml puke-ug.xsl - ${XSLTPROC} --novalid ../src/puke-ug.xsl $< >doc-html.xml - ${XMLLINT} --valid --noout doc-html.xml - ${XSLTPROC} --stringparam chapter.autolabel 0 ${docbookxls} doc-html.xml >$@ diff --git a/org.glite.jp.ws-interface/build.xml b/org.glite.jp.ws-interface/build.xml deleted file mode 100644 index ae5d49b..0000000 --- a/org.glite.jp.ws-interface/build.xml +++ /dev/null @@ -1,120 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.ws-interface/interface/JobProvenanceIS.wsdl b/org.glite.jp.ws-interface/interface/JobProvenanceIS.wsdl deleted file mode 100644 index 84c8844..0000000 --- a/org.glite.jp.ws-interface/interface/JobProvenanceIS.wsdl +++ /dev/null @@ -1,110 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - Store or update information on jobs within the JP index server. -Called directly by the primary storage, used for both batch and incremental feed. - -Input: - -data: list of job record updates. Each contains jobid, list of JP attribute values and user tag values. - -feedDone: flag indicating end of batch feed. (In order to avoid potential problems with buffer allocation -the huge dataset of batch feed is split into reasonable chunks and delivered with more UpdateJobs calls.) - -Output: N/A - -Faults: GenericJPFault - - - - - - - - - Retrieve pointers to job records of jobs matching a query. -Input: conditions - list of lists of query conditions. - Elements of the inner lists refer to a single job attribute, the conditions are or-ed. - Elements of the outer list may refer to different job attributes, they are and-ed. - -Output: - -jobs: list of JobId, PSContact (URL of the primary storage which manges this job) pairs - -Faults: GenericJPFault - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Job Provenance Index service - - - - - - - diff --git a/org.glite.jp.ws-interface/project/build.number b/org.glite.jp.ws-interface/project/build.number deleted file mode 100644 index 63f5995..0000000 --- a/org.glite.jp.ws-interface/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=33 diff --git a/org.glite.jp.ws-interface/project/build.properties b/org.glite.jp.ws-interface/project/build.properties deleted file mode 100755 index e69de29..0000000 diff --git a/org.glite.jp.ws-interface/project/configure.properties.xml b/org.glite.jp.ws-interface/project/configure.properties.xml deleted file mode 100644 index 4b08208..0000000 --- a/org.glite.jp.ws-interface/project/configure.properties.xml +++ /dev/null @@ -1,54 +0,0 @@ - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -jpprefix=${subsystem.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} - - - diff --git a/org.glite.jp.ws-interface/project/glite-jp-ws-interface.spec b/org.glite.jp.ws-interface/project/glite-jp-ws-interface.spec deleted file mode 100644 index dba6d55..0000000 --- a/org.glite.jp.ws-interface/project/glite-jp-ws-interface.spec +++ /dev/null @@ -1,42 +0,0 @@ -Summary:Change me !!! -Name:glite-jp-ws-interface -Version:0.0.0 -Release:0 -Copyright:Open Source EGEE License -Vendor:EU EGEE project -Group:System/Application -Prefix:/opt/glite -BuildArch:x86_64 -BuildRoot:%{_builddir}/%{name}-%{version} -Source:glite-jp-ws-interface-0.0.0_bin.tar.gz - -%define debug_package %{nil} - -%description -Change me !!! - -%prep - - -%setup -c - -%build - - -%install - - -%clean - -%pre -%post -%preun -%postun -%files -%defattr(-,root,root) -%{prefix}/interface/JobProvenancePS.wsdl -%{prefix}/interface/JobProvenanceTypes.wsdl -%{prefix}/share/doc/glite-jp-ws-interface-0.0.0/LICENSE - -%changelog - diff --git a/org.glite.jp.ws-interface/project/properties.xml b/org.glite.jp.ws-interface/project/properties.xml deleted file mode 100644 index 4ec8018..0000000 --- a/org.glite.jp.ws-interface/project/properties.xml +++ /dev/null @@ -1,73 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp.ws-interface/project/tar_exclude b/org.glite.jp.ws-interface/project/tar_exclude deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.jp.ws-interface/project/version.properties b/org.glite.jp.ws-interface/project/version.properties deleted file mode 100755 index 0ff5227..0000000 --- a/org.glite.jp.ws-interface/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=0 diff --git a/org.glite.jp.ws-interface/src/JobProvenancePS.xml b/org.glite.jp.ws-interface/src/JobProvenancePS.xml deleted file mode 100644 index 3d7b0e7..0000000 --- a/org.glite.jp.ws-interface/src/JobProvenancePS.xml +++ /dev/null @@ -1,104 +0,0 @@ - - - CVS revision: - - - - - - The Job Provenance (JP) Primary Storage Service is responsible - to keep the JP data - (definition of submitted jobs, execution conditions and environment, - and important points of the job life cycle) in a compact and - economic form. - - - - The JP Primary storage, as described in section 8.4 of - the - - Architecture deliverable DJRA1.1 - - provides public interfaces for data storing, - retrieval based on basic metadata, and registration of Index servers for - incremental feed. - - - - Command interface to JP is completely covered by the WS interface covered here. - Bulk file transfers are done via specialised protocols, currently gsiftp only. - - - - - - - - Register job with the JP primary storage. - Jobid of the registered job. - Owner of the job (DN of X509 certificate). - Any error. - - - - Start uploading a file. - Jobid to which this file is related. - - Type of the file (URI). The server must have a plugin handing this type. - - Name of the file (used to distinguish among more files of the same type). - The client promisses to finish the upload before this time. - MIME type of the file. - URL where the client should upload the file. - Server's view on when the upload must be finished. - Any error. - - - - Confirm a successfully finished file apload. - Destination URL returned by StartUpload before. - Any error. - - - - Record an additional user tag. - Job to which the tag is added. - Name and value of the tag. - Any error. - - - - Request for feeding a JP Index server (issued by this server). - Endpoint of the listening index server. - Which attributes of jobs is the index server interested in. - Which jobs is the server interested in. - Data on jobs stored at PS in the past are required. - Data on jobs that will arrive in future are required. - Unique ID of the created feed session. - When the session expires. - Any error. - - - - Refresh an existing feed session. - Existing feed session ID to be refreshed. - New session expiration time. - Any error. - - - - Return URL's of files for a given single job. - The job. - List of the stored files. - Any error. - - - - diff --git a/org.glite.jp.ws-interface/src/JobProvenanceTypes.xml b/org.glite.jp.ws-interface/src/JobProvenanceTypes.xml deleted file mode 100644 index 723595c..0000000 --- a/org.glite.jp.ws-interface/src/JobProvenanceTypes.xml +++ /dev/null @@ -1,56 +0,0 @@ - - - - - CVS revision: - - - - - Operators used in queries. Most are self-explanatory. - - - - - The attribute is between two specified values. - - - - A single value for a user tag. - Name of the tag. - Sequence of this value (if there are more occurences of this tag it may be used to order them. - When the tag was created. - Value - printable string. - Value - binary. - - - - - - - - - - - - A single condition on job. - Attribute name to query. - Operation. - Value to compare the job attribute with. - Another value (for op = WITHIN). - - - - JP primary storage file identification. - Type of the file (as set on StartUpload). - Name of the file (if there are more of the same type per job). - Where the file is stored on JP primary storage. - - - - - - - diff --git a/org.glite.jp.ws-interface/src/doc.xml b/org.glite.jp.ws-interface/src/doc.xml deleted file mode 100644 index 78cb6a5..0000000 --- a/org.glite.jp.ws-interface/src/doc.xml +++ /dev/null @@ -1,2 +0,0 @@ - - diff --git a/org.glite.jp.ws-interface/src/puke-ug.xsl b/org.glite.jp.ws-interface/src/puke-ug.xsl deleted file mode 100644 index ff70ccf..0000000 --- a/org.glite.jp.ws-interface/src/puke-ug.xsl +++ /dev/null @@ -1,156 +0,0 @@ - - - - - - - - - - - <xsl:value-of select="document('JobProvenancePS.xml')/service/@name"/> - - - Overview - - - - - Operations - - - - - - - - - Types - - - - - - - - - - - - - list of - - - - - - - - - - - - - - - - - - - <xsl:value-of select="@name"/> - - - Inputs: - - - - - - - N/A - - - - Outputs: - - - - - - - N/A - - - - - - - - - - <xsl:value-of select="@name"/> - - - - Structure (sequence complex type in WSDL) - Fields: ( type name description ) - - - Union (choice complex type in WSDL) - Fields: ( type name description ) - - - Enumeration (restriction of xsd:string in WSDL), - exactly one of the values must be specified. - - Values: - - - Flags (sequence of restricted xsd:string in WSDL), - any number of values can be specified together. - - Values: - - - - - - - - - list of - - - - - - - - - - - - - - - - - - - - (optional) - - - - - - - - - - - - - diff --git a/org.glite.jp.ws-interface/src/puke-wsdl.xsl b/org.glite.jp.ws-interface/src/puke-wsdl.xsl deleted file mode 100644 index 6635eb4..0000000 --- a/org.glite.jp.ws-interface/src/puke-wsdl.xsl +++ /dev/null @@ -1,272 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - : - - - - - - 0 - 1 - - - - - unbounded - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - : - - - - - unbounded - 1 - - - - - - - - - - - - - - - : - - - - - unbounded - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp/.cvsignore b/org.glite.jp/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.jp/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.jp/build.xml b/org.glite.jp/build.xml deleted file mode 100644 index f51954b..0000000 --- a/org.glite.jp/build.xml +++ /dev/null @@ -1,268 +0,0 @@ - - - - - - - Ant build file to build the GLite Job Provenance Subsystem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Preparing directories ... - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <project name="${subsystem.name}" type="post-subsystem" packageName="${global.prefix}-${subsystem.prefix}"/> - - - - diff --git a/org.glite.jp/project/build.number b/org.glite.jp/project/build.number deleted file mode 100644 index c680c72..0000000 --- a/org.glite.jp/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=36 diff --git a/org.glite.jp/project/build.properties b/org.glite.jp/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.jp/project/dependencies.properties b/org.glite.jp/project/dependencies.properties deleted file mode 100644 index ab3b83f..0000000 --- a/org.glite.jp/project/dependencies.properties +++ /dev/null @@ -1,12 +0,0 @@ -################################################################### -# System dependencies -################################################################### - -org.glite.version = HEAD -org.glite.jp.version = HEAD - -# Component dependencies tag = do not remove this line = -org.glite.jp.ws-interface.version = HEAD -org.glite.jp.common.version = HEAD -org.glite.jp.index.version = HEAD -org.glite.jp.primary.version = HEAD diff --git a/org.glite.jp/project/glite.jp.csf.xml b/org.glite.jp/project/glite.jp.csf.xml deleted file mode 100644 index fd68f71..0000000 --- a/org.glite.jp/project/glite.jp.csf.xml +++ /dev/null @@ -1,271 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The org.glite and org.glite.jp modules have been updated, please rerun the configuration file - - - - - The org.glite and org.glite.jp modules have been updated, please rerun the configuration file - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp/project/properties.xml b/org.glite.jp/project/properties.xml deleted file mode 100755 index 276cf76..0000000 --- a/org.glite.jp/project/properties.xml +++ /dev/null @@ -1,47 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.jp/project/run-workspace b/org.glite.jp/project/run-workspace deleted file mode 100644 index a5d1f54..0000000 --- a/org.glite.jp/project/run-workspace +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -cd ../.. - -cvs co org.glite -cvs co org.glite.jp - -cd org.glite.jp/project -ant -f glite.jp.csf.xml - diff --git a/org.glite.jp/project/taskdefs.xml b/org.glite.jp/project/taskdefs.xml deleted file mode 100755 index c4cc889..0000000 --- a/org.glite.jp/project/taskdefs.xml +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/org.glite.jp/project/version.properties b/org.glite.jp/project/version.properties deleted file mode 100644 index cd1e9e7..0000000 --- a/org.glite.jp/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.lb.proxy/build.xml b/org.glite.lb.proxy/build.xml index 8364558..363037e 100755 --- a/org.glite.lb.proxy/build.xml +++ b/org.glite.lb.proxy/build.xml @@ -77,7 +77,6 @@ Load version file ========================================= --> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.security.gsoap-plugin/examples/calc.h.S b/org.glite.security.gsoap-plugin/examples/calc.h.S deleted file mode 100644 index 385e872..0000000 --- a/org.glite.security.gsoap-plugin/examples/calc.h.S +++ /dev/null @@ -1,13 +0,0 @@ -//gsoap egeesec schema namespace: urn:calc -// -//gsoap egeesec service name: calc -//gsoap egeesec service port: http://localhost:9999/ -//gsoap egeesec service namespace: urn:calc:wscalc - -//gsoap egeesec service method-style: add rpc -//gsoap egeesec service method-action: add "" -int wscalc__add(double a, double b, double *result); - -//gsoap egeesec service method-style: sub rpc -//gsoap egeesec service method-action: sub "" -int wscalc__sub(double a, double b, double *result); diff --git a/org.glite.security.gsoap-plugin/examples/wscalc_clt_ex.c b/org.glite.security.gsoap-plugin/examples/wscalc_clt_ex.c deleted file mode 100644 index b96827d..0000000 --- a/org.glite.security.gsoap-plugin/examples/wscalc_clt_ex.c +++ /dev/null @@ -1,47 +0,0 @@ -#include - -#include "GSOAP_H.h" -#include "wscalc.nsmap" - -static const char *server = "http://localhost:9999/"; - -int -main(int argc, char **argv) -{ - struct soap soap; - double a, b, result; - int ret; - - - if (argc < 4) { - fprintf(stderr, "Usage: [add|sub] num num\n"); - exit(1); - } - - soap_init(&soap); - soap_register_plugin(&soap, glite_gsplugin); - - a = strtod(argv[2], NULL); - b = strtod(argv[3], NULL); - switch ( *argv[1] ) { - case 'a': - ret = soap_call_wscalc__add(&soap, server, "", a, b, &result); - break; - case 's': - ret = soap_call_wscalc__sub(&soap, server, "", a, b, &result); - break; - default: - fprintf(stderr, "Unknown command\n"); - exit(2); - } - - if ( ret ) { - fprintf(stderr, "NECO JE V ****\n\n"); - fprintf(stderr, "plugin err: %s", glite_gsplugin_errdesc(&soap)); - soap_print_fault(&soap, stderr); - } - else printf("result = %g\n", result); - - - return 0; -} diff --git a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c b/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c deleted file mode 100644 index 96d58f4..0000000 --- a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex.c +++ /dev/null @@ -1,102 +0,0 @@ -#include -#include -#include -#include - -#include "GSOAP_H.h" -#include "wscalc.nsmap" - - -static struct option long_options[] = { - { "cert", required_argument, NULL, 'c' }, - { "key", required_argument, NULL, 'k' }, - { NULL, 0, NULL, 0 } -}; - -void -usage(const char *me) -{ - fprintf(stderr, - "usage: %s [option]\n" - "\t-c, --cred\t certificate file\n" - "\t-k, --key\t private key file\n", me); -} - - -int -main(int argc, char **argv) -{ - struct soap soap; - glite_gsplugin_Context ctx = NULL; - char *name; - char *cert, *key; - int opt; - - - cert = key = NULL; - name = strrchr(argv[0],'/'); - if ( name ) name++; else name = argv[0]; - - while ((opt = getopt_long(argc, argv, "c:k:", long_options, NULL)) != EOF) { - switch (opt) { - case 'c': cert = optarg; break; - case 'k': key = optarg; break; - case '?': - default : usage(name); exit(1); - } - } - - if ( cert || key ) { - if ( glite_gsplugin_init_context(&ctx) ) { perror("init context"); exit(1); } - ctx->cert_filename = strdup(cert? : key); - ctx->key_filename = strdup(key? : cert); - } - - soap_init(&soap); - - if ( soap_register_plugin_arg(&soap, glite_gsplugin, ctx? : NULL) ) { - fprintf(stderr, "Can't register plugin\n"); - exit(1); - } - - if ( soap_bind(&soap, NULL, 9999, 100) < 0 ) { - soap_print_fault(&soap, stderr); - exit(1); - } - - while ( 1 ) { - printf("accepting connection\n"); - if ( soap_accept(&soap) < 0 ) { - fprintf(stderr, "soap_accept() failed!!!\n"); - soap_print_fault(&soap, stderr); - fprintf(stderr, "plugin err: %s", glite_gsplugin_errdesc(&soap)); - break; - } - - printf("serving connection\n"); - if ( soap_serve(&soap) ) { - soap_print_fault(&soap, stderr); - fprintf(stderr, "plugin err: %s", glite_gsplugin_errdesc(&soap)); - } - - soap_destroy(&soap); /* clean up class instances */ - soap_end(&soap); /* clean up everything and close socket */ - } - soap_done(&soap); /* close master socket */ - - if ( ctx ) glite_gsplugin_free_context(ctx); - - return 0; -} - -int wscalc__add(struct soap *soap, double a, double b, double *result) -{ - *result = a + b; - return SOAP_OK; -} - -int wscalc__sub(struct soap *soap, double a, double b, double *result) -{ - *result = a - b; - return SOAP_OK; -} diff --git a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c b/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c deleted file mode 100644 index 8a7c001..0000000 --- a/org.glite.security.gsoap-plugin/examples/wscalc_srv_ex2.c +++ /dev/null @@ -1,130 +0,0 @@ -#include -#include -#include -#include - -#include "GSOAP_H.h" -#include "wscalc.nsmap" - - -static struct option long_options[] = { - { "cert", required_argument, NULL, 'c' }, - { "key", required_argument, NULL, 'k' }, - { "port", required_argument, NULL, 'p' }, - { NULL, 0, NULL, 0 } -}; - -void -usage(const char *me) -{ - fprintf(stderr, - "usage: %s [option]\n" - "\t-p, --port\t listening port\n" - "\t-c, --cred\t certificate file\n" - "\t-k, --key\t private key file\n", me); -} - - -int -main(int argc, char **argv) -{ - struct soap soap; - edg_wll_GssStatus gss_code; - glite_gsplugin_Context ctx; - struct sockaddr_in a; - int alen; - char *name, *msg; - char *subject = NULL; - int opt, - port = 9999; - int sock; - - - name = strrchr(argv[0],'/'); - if ( name ) name++; else name = argv[0]; - - if ( glite_gsplugin_init_context(&ctx) ) { perror("init context"); exit(1); } - - while ((opt = getopt_long(argc, argv, "c:k:p:", long_options, NULL)) != EOF) { - switch (opt) { - case 'p': port = atoi(optarg); break; - case 'c': ctx->cert_filename = strdup(optarg); break; - case 'k': ctx->key_filename = strdup(optarg); break; - case '?': - default : usage(name); exit(1); - } - } - - if ( edg_wll_gss_acquire_cred_gsi(ctx->cert_filename, ctx->key_filename, &ctx->cred, &subject, &gss_code) ) { - edg_wll_gss_get_error(&gss_code, "Failed to read credential", &msg); - fprintf(stderr, "%s\n", msg); - free(msg); - exit(1); - } - if (subject) { - printf("server running with certificate: %s\n", subject); - free(subject); - } - - soap_init(&soap); - - if ( soap_register_plugin_arg(&soap, glite_gsplugin, ctx) ) { - fprintf(stderr, "Can't register plugin\n"); - exit(1); - } - - alen = sizeof(a); - if ( (sock = socket(PF_INET,SOCK_STREAM,0)) < 0 ) { perror("socket()"); exit(1); } - a.sin_family = AF_INET; - a.sin_port = htons(port); - a.sin_addr.s_addr = INADDR_ANY; - if ( bind(sock, (struct sockaddr *)&a, sizeof(a)) ) { perror("bind()"); exit(1); } - if ( listen(sock, 100) ) { perror("listen()"); exit(1); } - if ( !(ctx->connection = malloc(sizeof(*ctx->connection))) ) exit(1); - - bzero((char *) &a, alen); - - while ( 1 ) { - int conn; - - printf("accepting connection\n"); - if ( (conn = accept(sock, (struct sockaddr *) &a, &alen)) < 0 ) { - close(sock); - perror("accept"); - exit(1); - } - if ( edg_wll_gss_accept(ctx->cred,conn,ctx->timeout,ctx->connection,&gss_code) ){ - edg_wll_gss_get_error(&gss_code, "Failed to read credential", &msg); - fprintf(stderr, "%s\n", msg); - free(msg); - exit(1); - } - - printf("serving connection\n"); - if ( soap_serve(&soap) ) { - soap_print_fault(&soap, stderr); - fprintf(stderr, "plugin err: %s", glite_gsplugin_errdesc(&soap)); - } - - soap_destroy(&soap); /* clean up class instances */ - soap_end(&soap); /* clean up everything and close socket */ - } - - soap_done(&soap); /* close master socket */ - - glite_gsplugin_free_context(ctx); - - return 0; -} - -int wscalc__add(struct soap *soap, double a, double b, double *result) -{ - *result = a + b; - return SOAP_OK; -} - -int wscalc__sub(struct soap *soap, double a, double b, double *result) -{ - *result = a - b; - return SOAP_OK; -} diff --git a/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h b/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h deleted file mode 100644 index 1272a48..0000000 --- a/org.glite.security.gsoap-plugin/interface/glite_gsplugin.h +++ /dev/null @@ -1,37 +0,0 @@ -#ifndef __GLITE_GSOAP_PLUGIN_H__ -#define __GLITE_GSOAP_PLUGIN_H__ - -#include - -#include "glite_gss.h" - -#define PLUGIN_ID "GLITE_GSOAP_PLUGIN" - -struct _glite_gsplugin_ctx { - struct timeval _timeout, *timeout; - - char *error_msg; - - char *key_filename; - char *cert_filename; - - edg_wll_GssConnection *connection; - gss_cred_id_t cred; - - void *user_data; -}; - -typedef struct _glite_gsplugin_ctx *glite_gsplugin_Context; - -extern int glite_gsplugin_init_context(glite_gsplugin_Context *); -extern int glite_gsplugin_free_context(glite_gsplugin_Context); -extern glite_gsplugin_Context glite_gsplugin_get_context(struct soap *); -extern void *glite_gsplugin_get_udata(struct soap *); -extern void glite_gsplugin_set_udata(struct soap *, void *); - -extern void glite_gsplugin_set_timeout(glite_gsplugin_Context, struct timeval const *); - -extern int glite_gsplugin(struct soap *, struct soap_plugin *, void *); -extern char *glite_gsplugin_errdesc(struct soap *); - -#endif diff --git a/org.glite.security.gsoap-plugin/interface/glite_gss.h b/org.glite.security.gsoap-plugin/interface/glite_gss.h deleted file mode 100644 index 3dd4903..0000000 --- a/org.glite.security.gsoap-plugin/interface/glite_gss.h +++ /dev/null @@ -1,117 +0,0 @@ -#ifndef __EDG_WORKLOAD_LOGGING_COMMON_LB_GSS_H__ -#define __EDG_WORKLOAD_LOGGING_COMMON_LB_GSS_H__ - -#ident "$Header$" - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -enum { - EDG_WLL_GSS_OK = 0, /* no GSS errors */ - EDG_WLL_GSS_ERROR_GSS = -1, /* GSS specific error, call edg_wll_get_gss_error() for details */ - EDG_WLL_GSS_ERROR_TIMEOUT = -2, /* Timeout */ - EDG_WLL_GSS_ERROR_EOF = -3, /* EOF occured */ - EDG_WLL_GSS_ERROR_ERRNO = -4, /* System error. See errno */ - EDG_WLL_GSS_ERROR_HERRNO = -5 /* Resolver error. See h_errno */ -}; - -typedef struct _edg_wll_GssConnection { - gss_ctx_id_t context; - int sock; - char *buffer; - size_t bufsize; -} edg_wll_GssConnection; - -typedef struct _edg_wll_GssStatus { - OM_uint32 major_status; - OM_uint32 minor_status; -} edg_wll_GssStatus; - -/* XXX Support anonymous connections. Are we able/required to support - * anonymous servers as well. */ - -int -edg_wll_gss_acquire_cred_gsi(char *cert_file, - char *key_file, - gss_cred_id_t *cred, - char **name, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_connect(gss_cred_id_t cred, - char const *hostname, - int port, - struct timeval *timeout, - edg_wll_GssConnection *connection, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_accept(gss_cred_id_t cred, - int sock, - struct timeval *timeout, - edg_wll_GssConnection *connection, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_read(edg_wll_GssConnection *connection, - void *buf, - size_t bufsize, - struct timeval *timeout, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_write(edg_wll_GssConnection *connection, - const void *buf, - size_t bufsize, - struct timeval *timeout, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_read_full(edg_wll_GssConnection *connection, - void *buf, - size_t bufsize, - struct timeval *timeout, - size_t *total, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_write_full(edg_wll_GssConnection *connection, - const void *buf, - size_t bufsize, - struct timeval *timeout, - size_t *total, - edg_wll_GssStatus* gss_code); - -int -edg_wll_gss_watch_creds(const char * proxy_file, - time_t * proxy_mtime); - -int -edg_wll_gss_get_error(edg_wll_GssStatus* gss_code, - const char *prefix, - char **errmsg); - -int -edg_wll_gss_close(edg_wll_GssConnection *connection, - struct timeval *timeout); - -int -edg_wll_gss_reject(int sock); - -int -edg_wll_gss_oid_equal(const gss_OID a, - const gss_OID b); - -/* -int -edg_wll_gss_get_name(gss_cred_id_t cred, char **name); -*/ - -#ifdef __cplusplus -} -#endif - -#endif /* __EDG_WORKLOAD_LOGGING_COMMON_LB_GSS_H__ */ diff --git a/org.glite.security.gsoap-plugin/project/build.number b/org.glite.security.gsoap-plugin/project/build.number deleted file mode 100644 index d794048..0000000 --- a/org.glite.security.gsoap-plugin/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=0 diff --git a/org.glite.security.gsoap-plugin/project/build.properties b/org.glite.security.gsoap-plugin/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.security.gsoap-plugin/project/configure.properties.xml b/org.glite.security.gsoap-plugin/project/configure.properties.xml deleted file mode 100644 index 466bbe2..0000000 --- a/org.glite.security.gsoap-plugin/project/configure.properties.xml +++ /dev/null @@ -1,50 +0,0 @@ - - - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -lbprefix=${subsystem.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} -ares_prefix=${with.ares.prefix} -globus_prefix=${with.globus.prefix} -thrflavour=${with.globus.thr.flavor} -nothrflavour=${with.globus.nothr.flavor} -cppunit=${with.cppunit.prefix} -gsoap_prefix=${with.gsoap.prefix} - - - diff --git a/org.glite.security.gsoap-plugin/project/properties.xml b/org.glite.security.gsoap-plugin/project/properties.xml deleted file mode 100755 index f63ddbd..0000000 --- a/org.glite.security.gsoap-plugin/project/properties.xml +++ /dev/null @@ -1,55 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.security.gsoap-plugin/project/tar_exclude b/org.glite.security.gsoap-plugin/project/tar_exclude deleted file mode 100644 index b3133e4..0000000 --- a/org.glite.security.gsoap-plugin/project/tar_exclude +++ /dev/null @@ -1,10 +0,0 @@ -tar_exclude -CVS -build.xml -build -build.properties -properties.xml -configure-options.xml -.cvsignore -.project -.cdtproject diff --git a/org.glite.security.gsoap-plugin/project/version.properties b/org.glite.security.gsoap-plugin/project/version.properties deleted file mode 100644 index b69e5b7..0000000 --- a/org.glite.security.gsoap-plugin/project/version.properties +++ /dev/null @@ -1,3 +0,0 @@ -# 1.2 pushed after branching 1.1, no added functionality yet -module.version=1.2.0 -module.age=0 diff --git a/org.glite.security.gsoap-plugin/src/glite_gsplugin.c b/org.glite.security.gsoap-plugin/src/glite_gsplugin.c deleted file mode 100644 index 43a1aee..0000000 --- a/org.glite.security.gsoap-plugin/src/glite_gsplugin.c +++ /dev/null @@ -1,414 +0,0 @@ -#include -#include -#include -#include - -#include "soap_version.h" -#include "glite_gsplugin.h" - -#ifdef GSPLUGIN_DEBUG -# define pdprintf(s) printf s -#else -# define pdprintf(s) -#endif - -typedef struct _int_plugin_data_t { - glite_gsplugin_Context ctx; /**< data used for connection etc. */ - int def; /**< is the context created by plugin? */ -} int_plugin_data_t; - -static const char plugin_id[] = PLUGIN_ID; - -static void glite_gsplugin_delete(struct soap *, struct soap_plugin *); -static int glite_gsplugin_copy(struct soap *, struct soap_plugin *, struct soap_plugin *); - -static size_t glite_gsplugin_recv(struct soap *, char *, size_t); -static int glite_gsplugin_send(struct soap *, const char *, size_t); -static int glite_gsplugin_connect(struct soap *, const char *, const char *, int); -static int glite_gsplugin_close(struct soap *); -static int glite_gsplugin_accept(struct soap *, int, struct sockaddr *, int *); - - -int -glite_gsplugin_init_context(glite_gsplugin_Context *ctx) -{ - glite_gsplugin_Context out = (glite_gsplugin_Context) malloc(sizeof(*out)); - if (!out) return ENOMEM; - - memset(out, 0, sizeof(*out)); - out->cred = GSS_C_NO_CREDENTIAL; - - /* XXX: some troubles with glite_gss and blocking calls! - out->timeout.tv_sec = 10000; - */ - - out->timeout = NULL; - *ctx = out; - - return 0; -} - -int -glite_gsplugin_free_context(glite_gsplugin_Context ctx) -{ - OM_uint32 ms; - - if ( ctx->cred != GSS_C_NO_CREDENTIAL ) gss_release_cred(&ms, &ctx->cred); - if ( ctx->connection ) { - if ( ctx->connection->context != GSS_C_NO_CONTEXT ) - edg_wll_gss_close(ctx->connection, NULL); - free(ctx->connection); - } - free(ctx->error_msg); - free(ctx->key_filename); - free(ctx->cert_filename); - free(ctx); - - return 0; -} - -glite_gsplugin_Context -glite_gsplugin_get_context(struct soap *soap) -{ - return ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; -} - -void * -glite_gsplugin_get_udata(struct soap *soap) -{ - int_plugin_data_t *pdata; - - pdata = (int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id); - assert(pdata); - return pdata->ctx->user_data; -} - -void -glite_gsplugin_set_udata(struct soap *soap, void *d) -{ - int_plugin_data_t *pdata; - - pdata = (int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id); - assert(pdata); - pdata->ctx->user_data = d; -} - -void glite_gsplugin_set_timeout(glite_gsplugin_Context ctx, struct timeval const *to) -{ - if (to) { - ctx->_timeout = *to; - ctx->timeout = &ctx->_timeout; - } - else ctx->timeout = NULL; -} - - -int -glite_gsplugin(struct soap *soap, struct soap_plugin *p, void *arg) -{ - int_plugin_data_t *pdata = malloc(sizeof(int_plugin_data_t)); - - pdprintf(("GSLITE_GSPLUGIN: initializing gSOAP plugin\n")); - if ( !pdata ) return ENOMEM; - if ( arg ) { - pdprintf(("GSLITE_GSPLUGIN: Context is given\n")); - pdata->ctx = arg; - pdata->def = 0; - } - else { - edg_wll_GssStatus gss_code; - char *subject = NULL; - - pdprintf(("GSLITE_GSPLUGIN: Creating default context\n")); - if ( glite_gsplugin_init_context((glite_gsplugin_Context*)&(pdata->ctx)) ) { - free(pdata); - return ENOMEM; - } - if ( edg_wll_gss_acquire_cred_gsi(NULL, NULL, &pdata->ctx->cred, &subject, &gss_code) ) { - /* XXX: Let user know, that cred. load failed. Somehow... - */ - glite_gsplugin_free_context(pdata->ctx); - return EINVAL; - } - pdprintf(("GSLITE_GSPLUGIN: server running with certificate: %s\n", subject)); - free(subject); - } - - p->id = plugin_id; - p->data = pdata; - p->fdelete = glite_gsplugin_delete; - p->fcopy = glite_gsplugin_copy; - - soap->fconnect = glite_gsplugin_connect; - soap->fclose = glite_gsplugin_close; -#if GSOAP_VERSION >= 20700 - soap->fclosesocket = glite_gsplugin_close; -#endif - soap->faccept = glite_gsplugin_accept; - soap->fsend = glite_gsplugin_send; - soap->frecv = glite_gsplugin_recv; - - - return SOAP_OK; -} - - -char *glite_gsplugin_errdesc(struct soap *soap) -{ - glite_gsplugin_Context ctx; - - ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; - if ( ctx ) return ctx->error_msg; - - return NULL; -} - - - -static int -glite_gsplugin_copy(struct soap *soap, struct soap_plugin *dst, struct soap_plugin *src) -{ - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_copy()\n")); - /* Should be the copy code here? - */ - return ENOSYS; -} - -static void -glite_gsplugin_delete(struct soap *soap, struct soap_plugin *p) -{ - int_plugin_data_t *d = (int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id); - - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_delete()\n")); - if ( d->def ) { - OM_uint32 ms; - - glite_gsplugin_close(soap); - if (d->ctx->cred != GSS_C_NO_CREDENTIAL) gss_release_cred(&ms, &d->ctx->cred); - free(d->ctx->error_msg); - } - free(d); -} - - -static int -glite_gsplugin_connect( - struct soap *soap, - const char *endpoint, - const char *host, - int port) -{ - glite_gsplugin_Context ctx; - edg_wll_GssStatus gss_stat; - int ret; - - - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_connect()\n")); -#if defined(CHECK_GSOAP_VERSION) && GSOAP_VERSION <= 20700 - if ( GSOAP_VERSION < 20700 - || (GSOAP_VERSION == 20700 - && (strlen(GSOAP_MIN_VERSION) < 1 || GSOAP_MIN_VERSION[1] < 'e')) ) { - fprintf(stderr, "Client connect will work only with gSOAP v2.7.0e and later"); - return ENOSYS; - } -#endif - - ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; - - if ( ctx->cred == GSS_C_NO_CREDENTIAL ) { - pdprintf(("GSLITE_GSPLUGIN: loading credentials\n")); - ret = edg_wll_gss_acquire_cred_gsi(ctx->cert_filename, ctx->key_filename, - &ctx->cred, NULL, &gss_stat); - if ( ret ) { - edg_wll_gss_get_error(&gss_stat, "failed to load GSI credentials", - &ctx->error_msg); - goto err; - } - } - - if ( !(ctx->connection = malloc(sizeof(*ctx->connection))) ) return errno; - ret = edg_wll_gss_connect(ctx->cred, - host, port, - ctx->timeout, - ctx->connection, &gss_stat); - if ( ret ) { - free(ctx->connection); - ctx->connection = NULL; - edg_wll_gss_get_error(&gss_stat, "edg_wll_gss_connect()", &ctx->error_msg); - goto err; - } - - -err: - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_connect() error!\n")); - switch ( ret ) { - case EDG_WLL_GSS_ERROR_HERRNO: - case EDG_WLL_GSS_ERROR_ERRNO: return errno; - case EDG_WLL_GSS_ERROR_EOF: return ECONNREFUSED; - case EDG_WLL_GSS_ERROR_TIMEOUT: return ETIMEDOUT; - } - - return ret; -} - -/** It is called in soap_closesocket() - * - * return like errno value - */ -static int -glite_gsplugin_close(struct soap *soap) -{ - glite_gsplugin_Context ctx; - int ret = SOAP_OK; - - - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_close()\n")); - ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; - if ( ctx->connection ) { - if ( ctx->connection->context != GSS_C_NO_CONTEXT) { - pdprintf(("GSLITE_GSPLUGIN: closing gss connection\n")); - ret = edg_wll_gss_close(ctx->connection, ctx->timeout); - } - ctx->connection->context = GSS_C_NO_CONTEXT; - } - - return ret; -} - - -static int -glite_gsplugin_accept(struct soap *soap, int s, struct sockaddr *a, int *n) -{ - glite_gsplugin_Context ctx; - edg_wll_GssStatus gss_code; - int conn; - - - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_accept()\n")); - ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; - if ( (conn = accept(s, (struct sockaddr *)&a, n)) < 0 ) return conn; - if ( !ctx->connection - && !(ctx->connection = malloc(sizeof(*ctx->connection))) ) return -1; - if ( edg_wll_gss_accept(ctx->cred, conn, ctx->timeout, ctx->connection, &gss_code)) { - pdprintf(("GSLITE_GSPLUGIN: Client authentication failed, closing.\n")); - edg_wll_gss_get_error(&gss_code, "Client authentication failed", &ctx->error_msg); - return -1; - } - - return conn; -} - -static size_t -glite_gsplugin_recv(struct soap *soap, char *buf, size_t bufsz) -{ - glite_gsplugin_Context ctx; - edg_wll_GssStatus gss_code; - int len; - - - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_recv()\n")); - ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; - if ( ctx->error_msg ) { free(ctx->error_msg); ctx->error_msg = NULL; } - - if ( ctx->connection->context == GSS_C_NO_CONTEXT ) { - soap->errnum = ENOTCONN; - /* XXX: glite_gsplugin_send() returns SOAP_EOF on errors - */ - return 0; - } - - len = edg_wll_gss_read(ctx->connection, buf, bufsz, - ctx->timeout, - &gss_code); - - switch ( len ) { - case EDG_WLL_GSS_OK: - break; - - case EDG_WLL_GSS_ERROR_GSS: - edg_wll_gss_get_error(&gss_code, "receving WS request", - &ctx->error_msg); - soap->errnum = ENOTCONN; - return 0; - - case EDG_WLL_GSS_ERROR_ERRNO: - ctx->error_msg = strdup("edg_wll_gss_read()"); - soap->errnum = errno; - return 0; - - case EDG_WLL_GSS_ERROR_TIMEOUT: - soap->errnum = ETIMEDOUT; - return 0; - - case EDG_WLL_GSS_ERROR_EOF: - soap->errnum = ENOTCONN; - return 0; - - /* default: fallthrough */ - } - - return len; -} - -static int -glite_gsplugin_send(struct soap *soap, const char *buf, size_t bufsz) -{ - glite_gsplugin_Context ctx; - edg_wll_GssStatus gss_code; - struct sigaction sa, osa; - size_t total = 0; - int ret; - - - pdprintf(("GSLITE_GSPLUGIN: glite_gsplugin_send()\n")); - ctx = ((int_plugin_data_t *)soap_lookup_plugin(soap, plugin_id))->ctx; - /* XXX: check whether ctx is initialized - * i.e. ctx->connection != NULL - */ - if ( ctx->error_msg ) { free(ctx->error_msg); ctx->error_msg = NULL; } - if ( ctx->connection->context == GSS_C_NO_CONTEXT ) { - soap->errnum = ENOTCONN; - return SOAP_EOF; - } - - memset(&sa, 0, sizeof(sa)); - assert(sa.sa_handler == NULL); - sa.sa_handler = SIG_IGN; - sigaction(SIGPIPE, &sa, &osa); - - ret = edg_wll_gss_write_full(ctx->connection, - (void*)buf, bufsz, ctx->timeout, &total, &gss_code); - - sigaction(SIGPIPE, &osa, NULL); - - switch ( ret ) { - case EDG_WLL_GSS_OK: - break; - - case EDG_WLL_GSS_ERROR_TIMEOUT: - ctx->error_msg = strdup("glite_gsplugin_send()"); - soap->errnum = ETIMEDOUT; - return SOAP_EOF; - - case EDG_WLL_GSS_ERROR_ERRNO: - if ( errno == EPIPE ) { - ctx->error_msg = strdup("glite_gsplugin_send()"); - soap->errnum = ENOTCONN; - } - else { - ctx->error_msg = strdup("glite_gsplugin_send()"); - soap->errnum = errno; - } - return SOAP_EOF; - - case EDG_WLL_GSS_ERROR_GSS: - case EDG_WLL_GSS_ERROR_EOF: - default: - ctx->error_msg = strdup("glite_gsplugin_send()"); - soap->errnum = ENOTCONN; - return SOAP_EOF; - } - - return SOAP_OK; -} - diff --git a/org.glite.security.gsoap-plugin/src/glite_gss.c b/org.glite.security.gsoap-plugin/src/glite_gss.c deleted file mode 100644 index 8cb3351..0000000 --- a/org.glite.security.gsoap-plugin/src/glite_gss.c +++ /dev/null @@ -1,998 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "glite_gss.h" - -#define tv_sub(a,b) {\ - (a).tv_usec -= (b).tv_usec;\ - (a).tv_sec -= (b).tv_sec;\ - if ((a).tv_usec < 0) {\ - (a).tv_sec--;\ - (a).tv_usec += 1000000;\ - }\ -} - -struct asyn_result { - struct hostent *ent; - int err; -}; - -static int decrement_timeout(struct timeval *timeout, struct timeval before, struct timeval after) -{ - (*timeout).tv_sec = (*timeout).tv_sec - (after.tv_sec - before.tv_sec); - (*timeout).tv_usec = (*timeout).tv_usec - (after.tv_usec - before.tv_usec); - while ( (*timeout).tv_usec < 0) { - (*timeout).tv_sec--; - (*timeout).tv_usec += 1000000; - } - if ( ((*timeout).tv_sec < 0) || (((*timeout).tv_sec == 0) && ((*timeout).tv_usec == 0)) ) return(1); - else return(0); -} - -/* ares callback handler for ares_gethostbyname() */ -static void callback_handler(void *arg, int status, struct hostent *h) { - struct asyn_result *arp = (struct asyn_result *) arg; - - switch (status) { - case ARES_SUCCESS: - if (h && h->h_addr_list[0]) { - arp->ent->h_addr_list = - (char **) malloc(2 * sizeof(char *)); - if (arp->ent->h_addr_list == NULL) { - arp->err = NETDB_INTERNAL; - break; - } - arp->ent->h_addr_list[0] = - malloc(sizeof(struct in_addr)); - if (arp->ent->h_addr_list[0] == NULL) { - free(arp->ent->h_addr_list); - arp->err = NETDB_INTERNAL; - break; - } - memcpy(arp->ent->h_addr_list[0], h->h_addr_list[0], - sizeof(struct in_addr)); - arp->ent->h_addr_list[1] = NULL; - arp->err = NETDB_SUCCESS; - } else { - arp->err = NO_DATA; - } - break; - case ARES_EBADNAME: - case ARES_ENOTFOUND: - arp->err = HOST_NOT_FOUND; - break; - case ARES_ENOTIMP: - arp->err = NO_RECOVERY; - break; - case ARES_ENOMEM: - case ARES_EDESTRUCTION: - default: - arp->err = NETDB_INTERNAL; - break; - } -} - -static void free_hostent(struct hostent *h){ - int i; - - if (h) { - if (h->h_name) free(h->h_name); - if (h->h_aliases) { - for (i=0; h->h_aliases[i]; i++) free(h->h_aliases[i]); - free(h->h_aliases); - } - if (h->h_addr_list) { - for (i=0; h->h_addr_list[i]; i++) free(h->h_addr_list[i]); - free(h->h_addr_list); - } - free(h); - } -} - -static int asyn_gethostbyname(char **addrOut, char const *name, struct timeval *timeout) { - struct asyn_result ar; - ares_channel channel; - int nfds; - fd_set readers, writers; - struct timeval tv, *tvp; - struct timeval start_time,check_time; - -/* start timer */ - gettimeofday(&start_time,0); - -/* ares init */ - if ( ares_init(&channel) != ARES_SUCCESS ) return(NETDB_INTERNAL); - ar.ent = (struct hostent *) calloc (sizeof(*ar.ent),1); - -/* query DNS server asynchronously */ - ares_gethostbyname(channel, name, AF_INET, callback_handler, - (void *) &ar); - -/* wait for result */ - while (1) { - FD_ZERO(&readers); - FD_ZERO(&writers); - nfds = ares_fds(channel, &readers, &writers); - if (nfds == 0) - break; - - gettimeofday(&check_time,0); - if (decrement_timeout(timeout, start_time, check_time)) { - ares_destroy(channel); - free_hostent(ar.ent); - return(TRY_AGAIN); - } - start_time = check_time; - - tvp = ares_timeout(channel, timeout, &tv); - - switch ( select(nfds, &readers, &writers, NULL, tvp) ) { - case -1: if (errno != EINTR) { - ares_destroy(channel); - free_hostent(ar.ent); - return NETDB_INTERNAL; - } else - continue; - case 0: - FD_ZERO(&readers); - FD_ZERO(&writers); - /* fallthrough */ - default: ares_process(channel, &readers, &writers); - } - } - - ares_destroy(channel); - - if (ar.err == NETDB_SUCCESS) { - *addrOut = malloc(sizeof(struct in_addr)); - memcpy(*addrOut,ar.ent->h_addr_list[0], sizeof(struct in_addr)); - free_hostent(ar.ent); - } - return(ar.err); -} - -static int -do_connect(int *s, char const *hostname, int port, struct timeval *timeout) -{ - int sock; - struct timeval before,after,to; - struct sockaddr_in a; - int sock_err; - socklen_t err_len; - char *addr; - int h_errno; - - sock = socket(AF_INET, SOCK_STREAM, 0); - if (sock < 0) return EDG_WLL_GSS_ERROR_ERRNO; - - if (timeout) { - int flags = fcntl(sock, F_GETFL, 0); - if (fcntl(sock, F_SETFL, flags | O_NONBLOCK) < 0) - return EDG_WLL_GSS_ERROR_ERRNO; - gettimeofday(&before,NULL); - } - - if (timeout) { - switch (h_errno = asyn_gethostbyname(&addr, hostname, timeout)) { - case NETDB_SUCCESS: - memset(&a,0,sizeof a); - a.sin_family = AF_INET; - memcpy(&a.sin_addr.s_addr,addr,sizeof a.sin_addr.s_addr); - a.sin_port = htons(port); - free(addr); - break; - case TRY_AGAIN: - close(sock); - return EDG_WLL_GSS_ERROR_TIMEOUT; - case NETDB_INTERNAL: - /* fall through */ - default: - close(sock); - /* h_errno may be thread safe with Linux pthread libs, - * but such an assumption is not portable - */ - errno = h_errno; - return EDG_WLL_GSS_ERROR_HERRNO; - } - } else { - struct hostent *hp; - - hp = gethostbyname(hostname); - if (hp == NULL) { - close(sock); - errno = h_errno; - return EDG_WLL_GSS_ERROR_HERRNO; - } - - memset(&a,0,sizeof a); - a.sin_family = AF_INET; - memcpy(&a.sin_addr.s_addr, hp->h_addr_list[0], sizeof(a.sin_addr.s_addr)); - a.sin_port = htons(port); - } - - if (connect(sock,(struct sockaddr *) &a,sizeof a) < 0) { - if (timeout && errno == EINPROGRESS) { - fd_set fds; - FD_ZERO(&fds); - FD_SET(sock,&fds); - memcpy(&to,timeout,sizeof to); - gettimeofday(&before,NULL); - switch (select(sock+1,NULL,&fds,NULL,&to)) { - case -1: close(sock); - return EDG_WLL_GSS_ERROR_ERRNO; - case 0: close(sock); - return EDG_WLL_GSS_ERROR_TIMEOUT; - } - gettimeofday(&after,NULL); - tv_sub(after,before); - tv_sub(*timeout,after); - - err_len = sizeof sock_err; - if (getsockopt(sock,SOL_SOCKET,SO_ERROR,&sock_err,&err_len)) { - close(sock); - return EDG_WLL_GSS_ERROR_ERRNO; - } - if (sock_err) { - close(sock); - errno = sock_err; - return EDG_WLL_GSS_ERROR_ERRNO; - } - } - else { - close(sock); - return EDG_WLL_GSS_ERROR_ERRNO; - } - } - - *s = sock; - return 0; -} - -static int -send_token(int sock, void *token, size_t token_length, struct timeval *to) -{ - size_t num_written = 0; - ssize_t count; - fd_set fds; - struct timeval timeout,before,after; - int ret; - - if (to) { - memcpy(&timeout,to,sizeof(timeout)); - gettimeofday(&before,NULL); - } - - - ret = 0; - while(num_written < token_length) { - FD_ZERO(&fds); - FD_SET(sock,&fds); - switch (select(sock+1, NULL, &fds, NULL, to ? &timeout : NULL)) { - case 0: ret = EDG_WLL_GSS_ERROR_TIMEOUT; - goto end; - break; - case -1: ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - break; - } - - count = write(sock, ((char *)token) + num_written, - token_length - num_written); - if(count < 0) { - if(errno == EINTR) - continue; - else { - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - } - num_written += count; - } - -end: - if (to) { - gettimeofday(&after,NULL); - tv_sub(after,before); - tv_sub(*to,after); - if (to->tv_sec < 0) { - to->tv_sec = 0; - to->tv_usec = 0; - } - } - - return ret; -} - -static int -recv_token(int sock, void **token, size_t *token_length, struct timeval *to) -{ - ssize_t count; - char buf[4098]; - char *t = NULL; - char *tmp; - size_t tl = 0; - fd_set fds; - struct timeval timeout,before,after; - int ret; - - if (to) { - memcpy(&timeout,to,sizeof(timeout)); - gettimeofday(&before,NULL); - } - - ret = 0; - do { - FD_ZERO(&fds); - FD_SET(sock,&fds); - switch (select(sock+1, &fds, NULL, NULL, to ? &timeout : NULL)) { - case 0: - ret = EDG_WLL_GSS_ERROR_TIMEOUT; - goto end; - break; - case -1: - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - break; - } - - count = read(sock, buf, sizeof(buf)); - if (count < 0) { - if (errno == EINTR) - continue; - else { - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - } - if (count == 0 && tl == 0 && errno == 0) - return EDG_WLL_GSS_ERROR_EOF; - tmp=realloc(t, tl + count); - if (tmp == NULL) { - errno = ENOMEM; - return EDG_WLL_GSS_ERROR_ERRNO; - } - t = tmp; - memcpy(t + tl, buf, count); - tl += count; - } while (count == sizeof(buf)); - -end: - if (to) { - gettimeofday(&after,NULL); - tv_sub(after,before); - tv_sub(*to,after); - if (to->tv_sec < 0) { - to->tv_sec = 0; - to->tv_usec = 0; - } - } - - if (ret == 0) { - *token = t; - *token_length = tl; - } else - free(t); - - return ret; -} - -static int -create_proxy(char *cert_file, char *key_file, char **proxy_file) -{ - char buf[4096]; - int in, out; - char *name = NULL; - int ret, len; - - *proxy_file = NULL; - - asprintf(&name, "%s/%d.lb.XXXXXX", P_tmpdir, getpid()); - - out = mkstemp(name); - if (out < 0) - return EDG_WLL_GSS_ERROR_ERRNO; - - in = open(cert_file, O_RDONLY); - if (in < 0) { - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - while ((ret = read(in, buf, sizeof(buf))) > 0) { - len = write(out, buf, ret); - if (len != ret) { - ret = -1; - break; - } - } - close(in); - if (ret < 0) { - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - - in = open(key_file, O_RDONLY); - if (in < 0) { - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - while ((ret = read(in, buf, sizeof(buf))) > 0) { - len = write(out, buf, ret); - if (len != ret) { - ret = -1; - break; - } - } - close(in); - if (ret < 0) { - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - - ret = 0; - *proxy_file = name; - -end: - close(out); - if (ret) { - unlink(name); - free(name); - } - - return ret; -} - -static int -destroy_proxy(char *proxy_file) -{ - /* XXX we should erase the contents safely (i.e. overwrite with 0's) */ - unlink(proxy_file); - return 0; -} - -int -edg_wll_gss_acquire_cred_gsi(char *cert_file, char *key_file, gss_cred_id_t *cred, - char **name, edg_wll_GssStatus* gss_code) -{ - OM_uint32 major_status = 0, minor_status, minor_status2; - gss_cred_id_t gss_cred = GSS_C_NO_CREDENTIAL; - gss_buffer_desc buffer = GSS_C_EMPTY_BUFFER; - gss_name_t gss_name = GSS_C_NO_NAME; - OM_uint32 lifetime; - char *proxy_file = NULL; - int ret; - - if ((cert_file == NULL && key_file != NULL) || - (cert_file != NULL && key_file == NULL)) - return EINVAL; - - if (cert_file == NULL) { - major_status = gss_acquire_cred(&minor_status, GSS_C_NO_NAME, 0, - GSS_C_NO_OID_SET, GSS_C_BOTH, - &gss_cred, NULL, NULL); - if (GSS_ERROR(major_status)) { - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - } else { - proxy_file = cert_file; - if (strcmp(cert_file, key_file) != 0 && - (ret = create_proxy(cert_file, key_file, &proxy_file))) { - proxy_file = NULL; - goto end; - } - - asprintf((char**)&buffer.value, "X509_USER_PROXY=%s", proxy_file); - if (buffer.value == NULL) { - errno = ENOMEM; - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - buffer.length = strlen(proxy_file); - - major_status = gss_import_cred(&minor_status, &gss_cred, GSS_C_NO_OID, 1, - &buffer, 0, NULL); - free(buffer.value); - if (GSS_ERROR(major_status)) { - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - } - - /* gss_import_cred() doesn't check validity of credential loaded, so let's - * verify it now */ - major_status = gss_inquire_cred(&minor_status, gss_cred, &gss_name, - &lifetime, NULL, NULL); - if (GSS_ERROR(major_status)) { - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - - /* Must cast to time_t since OM_uint32 is unsinged and hence we couldn't - * detect negative values. */ - if ((time_t) lifetime <= 0) { - major_status = GSS_S_CREDENTIALS_EXPIRED; - minor_status = 0; /* XXX */ - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - - if (name) { - major_status = gss_display_name(&minor_status, gss_name, &buffer, NULL); - if (GSS_ERROR(major_status)) { - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - *name = buffer.value; - memset(&buffer, 0, sizeof(buffer)); - } - - *cred = gss_cred; - gss_cred = GSS_C_NO_CREDENTIAL; - ret = 0; - -end: - if (cert_file && key_file && proxy_file && strcmp(cert_file, key_file) != 0) { - destroy_proxy(proxy_file); - free(proxy_file); - } - - if (gss_name != GSS_C_NO_NAME) - gss_release_name(&minor_status2, &gss_name); - - if (gss_cred != GSS_C_NO_CREDENTIAL) - gss_release_cred(&minor_status2, &gss_cred); - - if (GSS_ERROR(major_status)) { - if (gss_code) { - gss_code->major_status = major_status; - gss_code->minor_status = minor_status; - } - ret = EDG_WLL_GSS_ERROR_GSS; - } - - return ret; -} - -int -edg_wll_gss_connect(gss_cred_id_t cred, char const *hostname, int port, - struct timeval *timeout, edg_wll_GssConnection *connection, - edg_wll_GssStatus* gss_code) -{ - int sock, ret; - OM_uint32 maj_stat, min_stat, min_stat2, req_flags; - int context_established = 0; - gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; - gss_name_t server = GSS_C_NO_NAME; - gss_ctx_id_t context = GSS_C_NO_CONTEXT; - char *servername = NULL; - - maj_stat = min_stat = min_stat2 = req_flags = 0; - - /* GSI specific */ - req_flags = GSS_C_GLOBUS_SSL_COMPATIBLE; - - ret = do_connect(&sock, hostname, port, timeout); - if (ret) - return ret; - - /* XXX find appropriate fqdn */ - asprintf (&servername, "host@%s", hostname); - if (servername == NULL) { - errno = ENOMEM; - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - input_token.value = servername; - input_token.length = strlen(servername) + 1; - - maj_stat = gss_import_name(&min_stat, &input_token, - GSS_C_NT_HOSTBASED_SERVICE, &server); - if (GSS_ERROR(maj_stat)) { - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - - free(servername); - memset(&input_token, 0, sizeof(input_token)); - - /* XXX if cred == GSS_C_NO_CREDENTIAL set the ANONYMOUS flag */ - - /* XXX prepsat na do {} while (maj_stat == CONT) a osetrit chyby*/ - while (!context_established) { - /* XXX verify ret_flags match what was requested */ - maj_stat = gss_init_sec_context(&min_stat, cred, &context, - GSS_C_NO_NAME, GSS_C_NO_OID, - req_flags | GSS_C_MUTUAL_FLAG, - 0, GSS_C_NO_CHANNEL_BINDINGS, - &input_token, NULL, &output_token, - NULL, NULL); - if (input_token.length > 0) { - free(input_token.value); - input_token.length = 0; - } - - if (output_token.length != 0) { - ret = send_token(sock, output_token.value, output_token.length, timeout); - gss_release_buffer(&min_stat2, &output_token); - if (ret) - goto end; - } - - if (GSS_ERROR(maj_stat)) { - if (context != GSS_C_NO_CONTEXT) { - /* XXX send closing token to the friend */ - gss_delete_sec_context(&min_stat2, &context, GSS_C_NO_BUFFER); - context = GSS_C_NO_CONTEXT; - } - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - - if(maj_stat & GSS_S_CONTINUE_NEEDED) { - ret = recv_token(sock, &input_token.value, &input_token.length, timeout); - if (ret) - goto end; - } else - context_established = 1; - } - - /* XXX check ret_flags matches to what was requested */ - - memset(connection, 0, sizeof(*connection)); - connection->sock = sock; - connection->context = context; - servername = NULL; - ret = 0; - -end: - if (ret == EDG_WLL_GSS_ERROR_GSS && gss_code) { - gss_code->major_status = maj_stat; - gss_code->minor_status = min_stat; - } - if (server != GSS_C_NO_NAME) - gss_release_name(&min_stat2, &server); - if (servername == NULL) - free(servername); - if (ret) - close(sock); - - return ret; -} - -int -edg_wll_gss_accept(gss_cred_id_t cred, int sock, struct timeval *timeout, - edg_wll_GssConnection *connection, edg_wll_GssStatus* gss_code) -{ - OM_uint32 maj_stat, min_stat, min_stat2; - OM_uint32 ret_flags = 0; - gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; - gss_name_t client_name = GSS_C_NO_NAME; - gss_ctx_id_t context = GSS_C_NO_CONTEXT; - int ret; - - maj_stat = min_stat = min_stat2 = 0; - - /* GSI specific */ - ret_flags = GSS_C_GLOBUS_SSL_COMPATIBLE; - - do { - ret = recv_token(sock, &input_token.value, &input_token.length, timeout); - if (ret) - goto end; - - maj_stat = gss_accept_sec_context(&min_stat, &context, - cred, &input_token, - GSS_C_NO_CHANNEL_BINDINGS, - &client_name, NULL, &output_token, - &ret_flags, NULL, NULL); - if (input_token.length > 0) { - free(input_token.value); - input_token.length = 0; - } - - if (output_token.length) { - ret = send_token(sock, output_token.value, output_token.length, timeout); - gss_release_buffer(&min_stat2, &output_token); - if (ret) - goto end; - } - } while(maj_stat & GSS_S_CONTINUE_NEEDED); - - if (GSS_ERROR(maj_stat)) { - if (context != GSS_C_NO_CONTEXT) { - /* XXX send closing token to the friend */ - gss_delete_sec_context(&min_stat2, &context, GSS_C_NO_BUFFER); - context = GSS_C_NO_CONTEXT; - } - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - - maj_stat = gss_display_name(&min_stat, client_name, &output_token, NULL); - if (GSS_ERROR(maj_stat)) { - /* XXX close context ??? */ - ret = EDG_WLL_GSS_ERROR_GSS; - goto end; - } - - memset(connection, 0, sizeof(*connection)); - connection->sock = sock; - connection->context = context; - memset(&output_token, 0, sizeof(output_token.value)); - ret = 0; - -end: - if (ret == EDG_WLL_GSS_ERROR_GSS && gss_code) { - gss_code->major_status = maj_stat; - gss_code->minor_status = min_stat; - } - if (client_name != GSS_C_NO_NAME) - gss_release_name(&min_stat2, &client_name); - - return ret; -} - -int -edg_wll_gss_write(edg_wll_GssConnection *connection, const void *buf, size_t bufsize, - struct timeval *timeout, edg_wll_GssStatus* gss_code) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input_token; - gss_buffer_desc output_token; - int ret; - - input_token.value = (void*)buf; - input_token.length = bufsize; - - maj_stat = gss_wrap (&min_stat, connection->context, 1, GSS_C_QOP_DEFAULT, - &input_token, NULL, &output_token); - if (GSS_ERROR(maj_stat)) { - if (gss_code) { - gss_code->minor_status = min_stat; - gss_code->major_status = maj_stat; - } - - return EDG_WLL_GSS_ERROR_GSS; - } - - ret = send_token(connection->sock, output_token.value, output_token.length, - timeout); - gss_release_buffer(&min_stat, &output_token); - - return ret; -} - - -int -edg_wll_gss_read(edg_wll_GssConnection *connection, void *buf, size_t bufsize, - struct timeval *timeout, edg_wll_GssStatus* gss_code) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input_token; - gss_buffer_desc output_token; - int ret, i; - - if (connection->bufsize > 0) { - size_t len; - - len = (connection->bufsize < bufsize) ? connection->bufsize : bufsize; - memcpy(buf, connection->buffer, len); - if (connection->bufsize - len == 0) { - free(connection->buffer); - connection->buffer = NULL; - } else { - for (i = 0; i < connection->bufsize - len; i++) - connection->buffer[i] = connection->buffer[i+len]; - } - connection->bufsize -= len; - - return len; - } - - do { - ret = recv_token(connection->sock, &input_token.value, &input_token.length, - timeout); - if (ret) - /* XXX cleanup */ - return ret; - - maj_stat = gss_unwrap(&min_stat, connection->context, &input_token, - &output_token, NULL, NULL); - gss_release_buffer(&min_stat, &input_token); - if (GSS_ERROR(maj_stat)) { - /* XXX cleanup */ - return EDG_WLL_GSS_ERROR_GSS; - } - } while (maj_stat == 0 && output_token.length == 0 && output_token.value == NULL); - - if (output_token.length > bufsize) { - connection->bufsize = output_token.length - bufsize; - connection->buffer = malloc(connection->bufsize); - if (connection->buffer == NULL) { - connection->bufsize = 0; - ret = EDG_WLL_GSS_ERROR_ERRNO; - goto end; - } - memcpy(connection->buffer, output_token.value + bufsize, connection->bufsize); - output_token.length = bufsize; - } - - memcpy(buf, output_token.value, output_token.length); - ret = output_token.length; - -end: - gss_release_buffer(&min_stat, &output_token); - - return ret; -} - -int -edg_wll_gss_read_full(edg_wll_GssConnection *connection, void *buf, - size_t bufsize, struct timeval *timeout, size_t *total, - edg_wll_GssStatus* gss_code) -{ - int len,i; - *total = 0; - - if (connection->bufsize > 0) { - size_t len; - - len = (connection->bufsize < bufsize) ? connection->bufsize : bufsize; - memcpy(buf, connection->buffer, len); - if (connection->bufsize - len == 0) { - free(connection->buffer); - connection->buffer = NULL; - } else { - for (i = 0; i < connection->bufsize - len; i++) - connection->buffer[i] = connection->buffer[i+len]; - } - connection->bufsize -= len; - *total = len; - } - - while (*total < bufsize) { - len = edg_wll_gss_read(connection, buf+*total, bufsize-*total, - timeout, gss_code); - if (len < 0) return len; - *total += len; - } - - return 0; -} - -int -edg_wll_gss_write_full(edg_wll_GssConnection *connection, const void *buf, - size_t bufsize, struct timeval *timeout, size_t *total, - edg_wll_GssStatus* gss_code) -{ - return edg_wll_gss_write(connection, buf, bufsize, timeout, gss_code); -} - -/* XXX: I'm afraid the contents of stuct stat is somewhat OS dependent */ -int -edg_wll_gss_watch_creds(const char *proxy_file, time_t *proxy_mtime) -{ - struct stat pstat; - int reload = 0; - - if (!proxy_file) return 0; - if (stat(proxy_file,&pstat)) return -1; - - if (!*proxy_mtime) *proxy_mtime = pstat.st_mtime; - - if (*proxy_mtime != pstat.st_mtime) { - *proxy_mtime = pstat.st_mtime; - reload = 1; - } - - return reload; -} - -int -edg_wll_gss_close(edg_wll_GssConnection *con, struct timeval *timeout) -{ - OM_uint32 min_stat; - - /* XXX if timeout is NULL use value of 120 secs */ - - if (con->context != GSS_C_NO_CONTEXT) { - gss_delete_sec_context(&min_stat, &con->context, GSS_C_NO_BUFFER); - /* XXX send the buffer (if any) to the peer. GSSAPI specs doesn't - * recommend sending it, though */ - - /* XXX can socket be open even if context == GSS_C_NO_CONTEXT) ? */ - /* XXX ensure that edg_wll_GssConnection is created with sock set to -1 */ - if (con->sock >= 0) - close(con->sock); - } - if (con->buffer) - free(con->buffer); - memset(con, 0, sizeof(*con)); - con->context = GSS_C_NO_CONTEXT; - con->sock = -1; - return 0; -} - -int -edg_wll_gss_get_error(edg_wll_GssStatus *gss_err, const char *prefix, char **msg) -{ - OM_uint32 maj_stat, min_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc maj_status_string = GSS_C_EMPTY_BUFFER; - gss_buffer_desc min_status_string = GSS_C_EMPTY_BUFFER; - char *str = NULL; - char *line, *tmp; - - str = strdup(prefix); - do { - maj_stat = gss_display_status(&min_stat, gss_err->major_status, - GSS_C_GSS_CODE, GSS_C_NO_OID, - &msg_ctx, &maj_status_string); - if (GSS_ERROR(maj_stat)) - break; - - maj_stat = gss_display_status(&min_stat, gss_err->minor_status, - GSS_C_MECH_CODE, GSS_C_NULL_OID, - &msg_ctx, &min_status_string); - if (GSS_ERROR(maj_stat)) { - gss_release_buffer(&min_stat, &maj_status_string); - break; - } - - asprintf(&line, ": %s (%s)", (char *)maj_status_string.value, - (char *)min_status_string.value); - gss_release_buffer(&min_stat, &maj_status_string); - gss_release_buffer(&min_stat, &min_status_string); - - tmp = realloc(str, strlen(str) + strlen(line) + 1); - if (tmp == NULL) { - /* abort() ? */ - free(line); - free(str); - str = "WARNING: Not enough memory to produce error message"; - break; - } - str = tmp; - strcat(str, line); - free(line); - } while (!GSS_ERROR(maj_stat) && msg_ctx != 0); - - *msg = str; - return 0; -} - -int -edg_wll_gss_oid_equal(const gss_OID a, const gss_OID b) -{ - if (a == b) - return 1; - else { - if (a == GSS_C_NO_OID || b == GSS_C_NO_OID || a->length != b->length) - return 0; - else - return (memcmp(a->elements, b->elements, a->length) == 0); - } -} - -int -edg_wll_gss_reject(int sock) -{ - /* XXX is it possible to cut & paste edg_wll_ssl_reject() ? */ - return 0; -} diff --git a/org.glite.security.gsoap-plugin/test/test_gss.cpp b/org.glite.security.gsoap-plugin/test/test_gss.cpp deleted file mode 100644 index 630de3f..0000000 --- a/org.glite.security.gsoap-plugin/test/test_gss.cpp +++ /dev/null @@ -1,198 +0,0 @@ -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "glite_gss.h" - -class GSSTest: public CppUnit::TestFixture -{ - CPPUNIT_TEST_SUITE(GSSTest); - CPPUNIT_TEST(echo); - CPPUNIT_TEST(echo); - CPPUNIT_TEST(bigecho); - CPPUNIT_TEST(errorTest); - CPPUNIT_TEST_SUITE_END(); - -public: - void echo(); - void bigecho(); - void errorTest(); - - void setUp(); - -private: - gss_cred_id_t my_cred; - char * my_subject; - int sock, port; - struct timeval timeout; - - void replier(); -}; - - -void GSSTest::replier() { - edg_wll_GssConnection conn; - edg_wll_GssStatus stat; - struct sockaddr_in a; - socklen_t alen = sizeof(a); - int s, len; - char buf[8*BUFSIZ]; - - std::cerr << "replier " << getpid() << std::endl; - - if ( (s = accept(sock, (struct sockaddr *) &a, &alen)) < 0 ) exit(1); - - if ( edg_wll_gss_accept(my_cred, s, &timeout, &conn, &stat) ) exit(1); - - while ( (len = edg_wll_gss_read(&conn, buf, sizeof(buf), &timeout, &stat)) >= 0 ) { - if ( edg_wll_gss_write(&conn, buf, len, &timeout, &stat) ) exit(1); - } - - exit(0); -} - - -void GSSTest::setUp(void) { - pid_t pid; - edg_wll_GssStatus stat; - struct sockaddr_in a; - socklen_t alen = sizeof(a); - char * cred_file = NULL; - char * key_file = NULL; - char * to = getenv("GSS_TEST_TIMEOUT"); - - timeout.tv_sec = to ? atoi(to) : 10 ; - timeout.tv_usec = 0; - - key_file = cred_file = getenv("X509_USER_PROXY"); - CPPUNIT_ASSERT_MESSAGE("credential file", cred_file); - - if (edg_wll_gss_acquire_cred_gsi(cred_file, key_file, &my_cred, &my_subject, &stat)) - CPPUNIT_ASSERT_MESSAGE("gss_acquire_cred", 0); - - sock = socket(PF_INET,SOCK_STREAM,0); - CPPUNIT_ASSERT_MESSAGE("socket()", sock >= 0); - - a.sin_family = AF_INET; - a.sin_port = 0; - a.sin_addr.s_addr = INADDR_ANY; - - if (bind(sock,(struct sockaddr *) &a,sizeof(a))) { - CPPUNIT_ASSERT_MESSAGE("bind()", 0); - } - - if (listen(sock,1)) { - CPPUNIT_ASSERT_MESSAGE("listen()", 0); - } - - getsockname(sock,(struct sockaddr *) &a,&alen); - port = ntohs(a.sin_port); - - if ( !(pid = fork()) ) replier(); - else close(sock); -} - - - -void GSSTest::echo() -{ - edg_wll_GssConnection conn; - edg_wll_GssStatus stat; - size_t total; - int err; - char buf[] = "f843fejwfanczn nc4*&686%$$&^(*)*#$@WSH"; - char buf2[100]; - - std::cerr << "echo " << getpid() << std::endl; - - err = edg_wll_gss_connect(my_cred, "localhost", port, &timeout, &conn, &stat); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_connect()", !err); - - err = edg_wll_gss_write(&conn, buf, strlen(buf)+1, &timeout, &stat); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_write()", !err); - - err = edg_wll_gss_read_full(&conn, buf2, strlen(buf)+1, &timeout, &total, &stat); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_read_full()", !err); - - CPPUNIT_ASSERT(strlen(buf)+1 == total && !strcmp(buf,buf2) ); - - edg_wll_gss_close(&conn, &timeout); - -} - -void GSSTest::bigecho() -{ - edg_wll_GssConnection conn; - edg_wll_GssStatus stat; - size_t total; - int err; - char buf[7*BUFSIZ]; - char buf2[7*BUFSIZ]; - - std::cerr << "bigecho " << getpid() << std::endl; - - err = edg_wll_gss_connect(my_cred, "localhost", port, &timeout, &conn, &stat); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_connect()", !err); - - err = edg_wll_gss_write(&conn, buf, sizeof buf, &timeout, &stat); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_write()", !err); - - err = edg_wll_gss_read_full(&conn, buf2, sizeof buf2, &timeout, &total, &stat); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_read_full()", !err); - - CPPUNIT_ASSERT(sizeof buf == total && !memcmp(buf,buf2,sizeof buf) ); - - edg_wll_gss_close(&conn, &timeout); - -} - - -void GSSTest::errorTest() -{ - edg_wll_GssConnection conn; - edg_wll_GssStatus stat; - int err; - char * msg = NULL; - - - err = edg_wll_gss_connect(my_cred, "xxx.porno.net", port, &timeout, &conn, &stat); - if (err) edg_wll_gss_get_error(&stat, "gss_connect()", &msg); - CPPUNIT_ASSERT_MESSAGE("edg_wll_gss_get_error()", msg); -} - - -CPPUNIT_TEST_SUITE_REGISTRATION( GSSTest ); - -int main (int ac,const char *av[]) -{ - assert(ac == 2); - std::ofstream xml(av[1]); - - CppUnit::Test *suite = CppUnit::TestFactoryRegistry::getRegistry().makeTest(); - CppUnit::TestRunner runner; - - CppUnit::TestResult controller; - CppUnit::TestResultCollector result; - controller.addListener( &result ); - - runner.addTest(suite); - runner.run(controller); - - - CppUnit::XmlOutputter xout( &result, xml ); - CppUnit::CompilerOutputter tout( &result, std::cout); - xout.write(); - tout.write(); - - return result.wasSuccessful() ? 0 : 1 ; -} diff --git a/org.glite.security.proxyrenewal/.cvsignore b/org.glite.security.proxyrenewal/.cvsignore deleted file mode 100644 index 3a4edf6..0000000 --- a/org.glite.security.proxyrenewal/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project diff --git a/org.glite.security.proxyrenewal/LICENSE b/org.glite.security.proxyrenewal/LICENSE deleted file mode 100644 index 01b973b..0000000 --- a/org.glite.security.proxyrenewal/LICENSE +++ /dev/null @@ -1,69 +0,0 @@ -LICENSE file for EGEE Middleware -================================ - -Copyright (c) 2004 on behalf of the EU EGEE Project: -The European Organization for Nuclear Research (CERN), -Istituto Nazionale di Fisica Nucleare (INFN), Italy -Datamat Spa, Italy -Centre National de la Recherche Scientifique (CNRS), France -CS Systeme d'Information (CSSI), France -Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -Universiteit van Amsterdam (UvA), Netherlands -University of Helsinki (UH.HIP), Finlan -University of Bergen (UiB), Norway -Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -1. Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright -notice, this list of conditions and the following disclaimer in the -documentation and/or other materials provided with the distribution. - -3. The end-user documentation included with the redistribution, if -any, must include the following acknowledgment: "This product includes -software developed by The EU EGEE Project (http://cern.ch/eu-egee/)." -Alternatively, this acknowledgment may appear in the software itself, if -and wherever such third-party acknowledgments normally appear. - -4. The names EGEE and the EU EGEE Project must not be -used to endorse or promote products derived from this software without -prior written permission. For written permission, please contact -. - -5. You are under no obligation whatsoever to provide anyone with any -bug fixes, patches, or upgrades to the features, functionality or -performance of the Software ("Enhancements") that you may develop over -time; however, if you choose to provide your Enhancements to The EU -EGEE Project, or if you choose to otherwise publish or distribute your -Enhancements, in source code form without contemporaneously requiring -end users of The EU EGEE Proejct to enter into a separate written license -agreement for such Enhancements, then you hereby grant The EU EGEE Project -a non-exclusive, royalty-free perpetual license to install, use, copy, -modify, prepare derivative works, incorporate into the EGEE Middleware -or any other computer software, distribute, and sublicense your -Enhancements or derivative works thereof, in binary and source code -form (if any), whether developed by The EU EGEE Project or third parties. - -THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL PROJECT OR ITS CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE -OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -This software consists of voluntary contributions made by many -individuals on behalf of the EU EGEE Prject. For more information on The -EU EGEE Project, please see http://cern.ch/eu-egee/. For more information on -EGEE Middleware, please see http://egee-jra1.web.cern.ch/egee-jra1/ - - diff --git a/org.glite.security.proxyrenewal/Makefile b/org.glite.security.proxyrenewal/Makefile deleted file mode 100644 index 3730746..0000000 --- a/org.glite.security.proxyrenewal/Makefile +++ /dev/null @@ -1,141 +0,0 @@ -# -# Copyright (c) 2004 on behalf of the EU EGEE Project: -# The European Organization for Nuclear Research (CERN), -# Istituto Nazionale di Fisica Nucleare (INFN), Italy -# Datamat Spa, Italy -# Centre National de la Recherche Scientifique (CNRS), France -# CS Systeme d'Information (CSSI), France -# Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -# Universiteit van Amsterdam (UvA), Netherlands -# University of Helsinki (UH.HIP), Finland -# University of Bergen (UiB), Norway -# Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom -# -# Top Makefile file for the GLite Security Proxyrenewal module -# -# Authors: Ales Krenek -# Version info: $Id$ -# Release: $Name$ -# -# Revision history: -# $Log -# - -# defaults -top_srcdir=. -builddir=build -top_builddir=${top_srcdir}/${builddir} -stagedir=. -distdir=. -globalprefix=glite -lbprefix=lb -package=glite-security-proxyrenewal -version=1.0.0 -PREFIX=/opt/glite - -glite_location=$PREFIX -globus_prefix=/opt/globus -nothrflavour=gcc32 -thrflavour=gcc32pthr -myproxy_prefix=$globus_prefix - --include Makefile.inc - -VPATH:=${top_srcdir}/src - -GLOBUSINC:= -I${globus_prefix}/include/${nothrflavour} \ - -I${globus_prefix}/include/${nothrflavour}/openssl - -GLOBUSTHRINC:= -I${globus_prefix}/include/${thrflavour} \ - -I${globus_prefix}/include/${thrflavour}/openssl - -MYPROXYINC:= -I${myproxy_prefix}/include/${nothrflavour} -MYPROXYTHRINC:= -I${myproxy_prefix}/include/${thrflavour} - -DEBUG:=-g -O0 - -CFLAGS:= ${DEBUG} \ - ${MYPROXYINC} \ - -I${top_srcdir}/src -I${top_srcdir}/interface \ - -I${glite_location}/include - -GLOBUS_LIBS:=-L${globus_prefix}/lib \ - -lglobus_common_${nothrflavour} \ - -lssl_${nothrflavour} - -MYPROXY_LIB:=-L${myproxy_prefix}/lib -lmyproxy_${nothrflavour} - -JOBIDLIB:=-L${glite_location}/lib -lglite_wmsutils_cjobid - -COMPILE:=libtool --mode=compile ${CC} ${CFLAGS} -LINK:=libtool --mode=link ${CC} ${LDFLAGS} -INSTALL:=libtool --mode=install install - -DAEMONOBJ:=renewd.o renew.o common.o commands.o api.o voms.o -LIBOBJ:=api.o common.o -CLIENTOBJ:=client.o - -THRLIBOBJ:=${LIBOBJ:.o=.thr.o} -LIBLOBJ:=${LIBOBJ:.o=.lo} -THRLIBLOBJ:=${LIBOBJ:.o=.thr.lo} - -LIB:=libglite_security_proxyrenewal_${nothrflavour}.la -THRLIB:=libglite_security_proxyrenewal_${thrflavour}.la - -DAEMON:=glite-proxy-renewd -CLIENT:=glite-proxy-renew - -default: all -compile all: ${LIB} ${THRLIB} ${DAEMON} ${CLIENT} - -${LIB}: ${LIBOBJ} - ${LINK} -o $@ ${LIBLOBJ} -rpath ${glite_location}/lib ${JOBIDLIB} - - -${THRLIB}: ${THRLIBOBJ} - ${LINK} -o $@ ${THRLIBLOBJ} -rpath ${glite_location}/lib - -${DAEMON}: ${DAEMONOBJ} - ${LINK} -o $@ ${DAEMONOBJ} ${JOBIDLIB} ${MYPROXY_LIB} -lvomsc -lglobus_gss_assist_${nothrflavour} ${GLOBUS_LIBS} - -${CLIENT}: ${CLIENTOBJ} ${LIB} - ${LINK} -o $@ ${CLIENTOBJ} ${LIB} ${GLOBUS_LIBS} - -${THRLIBOBJ}: %.thr.o: %.c - ${COMPILE} ${GLOBUSTHRINC} -o $@ -c $< - -%.o: %.c - ${COMPILE} ${GLOBUSINC} -c $< - -stage: compile - $(MAKE) install PREFIX=${stagedir} - - -check: - echo No unit tests - -dist: distsrc distbin - -distsrc: - mkdir -p ${top_srcdir}/${package}-${version} - cd ${top_srcdir} && GLOBIGNORE="${package}-${version}" && cp -Rf * ${package}-${version} - cd ${top_srcdir} && tar -czf ${distdir}/${package}-${version}_src.tar.gz --exclude-from=project/tar_exclude ${package}-${version} - rm -rf ${top_srcdir}/${package}-${version} - -distbin: - $(MAKE) install PREFIX=`pwd`/tmpbuilddir - cd tmpbuilddir && tar -czf ../${top_srcdir}/${distdir}/${package}-${version}_bin.tar.gz * - rm -rf tmpbuilddir - -install: - -mkdir -p ${PREFIX}/bin ${PREFIX}/lib ${PREFIX}/include/glite/security/proxyrenewal ${PREFIX}/share/doc/${package}-${version} ${PREFIX}/etc/init.d - ${INSTALL} -m 644 ${LIB} ${THRLIB} ${PREFIX}/lib - ${INSTALL} -m 755 ${DAEMON} ${CLIENT} ${PREFIX}/bin - ${INSTALL} -m 644 ${top_srcdir}/LICENSE ${PREFIX}/share/doc/${package}-${version} - cd ${top_srcdir}/interface && ${INSTALL} -m 644 renewal.h ${PREFIX}/include/glite/security/proxyrenewal - - ${INSTALL} -m 755 ${top_srcdir}/config/startup ${PREFIX}/etc/init.d/glite-proxy-renewald - - -clean: - $(RM) $(LIB) $(DAEMON) $(CLIENT) *.o core diff --git a/org.glite.security.proxyrenewal/build.xml b/org.glite.security.proxyrenewal/build.xml deleted file mode 100755 index 6ebb14f..0000000 --- a/org.glite.security.proxyrenewal/build.xml +++ /dev/null @@ -1,124 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.security.proxyrenewal/config/startup b/org.glite.security.proxyrenewal/config/startup deleted file mode 100755 index 26ba757..0000000 --- a/org.glite.security.proxyrenewal/config/startup +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/sh - -GLITE_LOCATION=${GLITE_LOCATION:-/opt/glite} -GLITE_LOCATION_VAR=${GLITE_LOCATION_VAR:-/opt/glite/var} - -[ -f /etc/glite.conf ] && . /etc/glite.conf -[ -f $GLITE_LOCATION/etc/glite-wms.conf ] && . $GLITE_LOCATION/etc/glite-wms.conf -[ -f $HOME/.glite.conf ] && . $HOME/.glite.conf - -PROXY_REPOSITORY="$GLITE_LOCATION_VAR/spool/glite-renewd" - -unset creds - -start() -{ - if test -z "$GLITE_USER" ;then - echo 'Error: GLITE_USER is not set' - echo FAILED - return 1 - fi - - [ -n "$GLITE_HOST_CERT" -a -n "$GLITE_HOST_KEY" ] && - creds="-t $GLITE_HOST_CERT -k $GLITE_HOST_KEY" - - if test -z "$creds"; then - if su - $GLITE_USER -c "test -r /etc/grid-security/hostkey.pem -a -r /etc/grid-security/hostcert.pem"; then - echo "$0: WARNING: /etc/grid-security/hostkey.pem readable by $GLITE_USER" - creds="-t /etc/grid-security/hostcert.pem -k /etc/grid-security/hostkey.pem" - fi - fi - - [ -z "$creds" ] && - echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2 - - # workaround for VOMS_FindByVO that seems to always require user's own VOMS config file (bug #7511) - user_voms_config=$HOME/.glite/vomses - if [ ! -f "$user_voms_config" ]; then - rm -f /tmp/renewal_vomses - su - $GLITE_USER -c "touch /tmp/renewal_vomses && chmod 644 /tmp/renewal_vomses" - user_voms_config=/tmp/renewal_vomses - fi - - echo -n Starting ProxyRenewal Daemon: glite-proxy-renewd ... - - if [ ! -d "$PROXY_REPOSITORY" ]; then - mkdir -p $PROXY_REPOSITORY || exit 1 - chown $GLITE_USER $PROXY_REPOSITORY - chmod 0700 $PROXY_REPOSITORY - fi - - su - $GLITE_USER -c "VOMS_USERCONF=$user_voms_config \ - $GLITE_LOCATION/bin/glite-proxy-renewd \ - -r $PROXY_REPOSITORY $creds -A" && echo " done" -} - -stop() -{ - echo -n "Stopping ProxyRenewal Daemon: glite-proxy-renewd ..." - killall glite-proxy-renewd - echo " done" -} - -status() -{ - if netstat -an --unix | grep "^unix .* LISTEN.* /tmp/dgpr_renew_" >/dev/null 2>&1 ;then - echo glite-proxy-renewd running - else - echo glite-proxy-renewd not running - return 1 - fi -} - -case x$1 in - xstart) start;; - xstop) stop;; - xrestart) stop; start;; - xstatus) status;; - x*) echo usage: $0 start,stop,restart,status >&2 - exit 1;; -esac diff --git a/org.glite.security.proxyrenewal/interface/renewal.h b/org.glite.security.proxyrenewal/interface/renewal.h deleted file mode 100644 index 953ab0e..0000000 --- a/org.glite.security.proxyrenewal/interface/renewal.h +++ /dev/null @@ -1,146 +0,0 @@ -/** - * \file proxyrenewal/renewal.h - * \author Daniel Kouril - * \author Miroslav Ruda - * \brief API for proxy renewal. - * \version 2.0 - * - * General rules: - * - functions return 0 on success, nonzero on error, errror details can - * be found via edg_wlpr_GetErrorText() - */ - -#ifndef RENEWAL_H -#define RENEWAL_H - -#ident "$Header$" - -#include "glite/wmsutils/jobid/cjobid.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define EDG_WLPR_FLAG_UNIQUE 1 -#define EDG_WLPR_FLAG_UPDATE 2 - -typedef enum _edg_wlpr_ErrorCode { -/** - * Base for proxy renewal specific code. - * Start sufficently high not to collide with standard errno. */ - /* XXX see common/exception_codes.h */ - EDG_WLPR_ERROR_BASE = 1900, - EDG_WLPR_ERROR_UNEXPECTED_EOF, - EDG_WLPR_ERROR_GENERIC, - EDG_WLPR_ERROR_PROTO_PARSE_ERROR, - EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND, - EDG_WLPR_ERROR_UNKNOWN_COMMAND, - EDG_WLPR_ERROR_SSL, - EDG_WLPR_ERROR_MYPROXY, - EDG_WLPR_PROXY_NOT_REGISTERED, - EDG_WLPR_PROXY_EXPIRED, - EDG_WLPR_ERROR_VOMS, - EDG_WLPR_ERROR_TIMEOUT, - EDG_WLPR_ERROR_ERRNO, -} edg_wlpr_ErrorCode; - -/** - * Return a human readable string containg description of the errorcode - * \retval char* pointer to a error description - */ -const char * -edg_wlpr_GetErrorText(int err_code); - -/** - * This function contacts the renewal daemon and registers the specified proxy - * for periodic renewal. - * \param filename IN: specification of the proxy to register. - * \param jdl IN: JDL of the job owing the proxy. The JDL is looked for a - * myproxy server contact. - * \param flags IN: one of EDG_WLPR_FLAG_UNIQUE or EDG_WLPR_FLAG_UPDATE, or - * their bitwise OR. - * \param repository_filename OUT: filename of registered proxy in repository. - * \retval 0 success - * \retval nonzero on error. Human readable form of the error can be get via - * edg_wlpr_GetErrorText(). - */ -int -edg_wlpr_RegisterProxy( - const char * filename, - const char *jdl, - int flags, - char ** repository_filename -); - -/** - * The same function as edg_wlpr_RegisterProxy() but information about the - * myproxy server and jobid are passed as parameters instead of in JDL. - */ -int -edg_wlpr_RegisterProxyExt( - const char * filename, - const char * server, - unsigned int port, - edg_wlc_JobId jobid, - int flags, - char ** repository_filename -); - -/** - * Unregister proxy from the renewal daemon. - * \param jobid IN: specification of job whose proxy shall be unregistered - * \param filename IN: (optional) specification of the proxy to unregister. - * \retval 0 success - * \retval nonzero on error. Human readable form of the error can be get via - * edg_wlpr_GetErrorText(). - */ -int -edg_wlpr_UnregisterProxy( - edg_wlc_JobId jobid, - const char * repository_filename -); - -/** - * Get a list of registered proxies maintained by the renewal daemon. - * \param count OUT: number of proxies - * \param list OUT: a list of filenames separated by '\n' - * specifying the registered proxies. - * \warning The caller is responsible for freeing the data. - * \retval 0 success - * \retval nonzero on error. Human readable form of the error can be get via - * edg_wlpr_GetErrorText(). - */ -int -edg_wlpr_GetList(int *count, char **list); - -/** - * Get a status message about a proxy. - * The function contacts the renewal daemon and retrieve information it - * maintains about the proxy. - * \param filename IN: specification of the proxy to query - * \param info OUT: status message. - * \warning The caller is responsible for freeing the data. - * \retval 0 success - * \retval nonzero on error. Human readable form of the error can be get via - * edg_wlpr_GetErrorText(). - */ -int -edg_wlpr_GetStatus(const char *repository_filename, char **info); - -/** - * For given jobid return registered proxy filename from repository - * \param jobid IN: specification of jobid - * \param repository_filename OUT: proxy regitered for given jobid - * \warning The caller is responsible for freeing the data. - * \retval 0 success - * \retval nonzero on error. Human readable form of the error can be get via - * edg_wlpr_GetErrorText(). - */ -int -edg_wlpr_GetProxy(edg_wlc_JobId jobid, char **repository_filename); - -#ifdef __cplusplus -} -#endif - -#endif /* RENEWAL_H */ diff --git a/org.glite.security.proxyrenewal/project/build.number b/org.glite.security.proxyrenewal/project/build.number deleted file mode 100644 index 1936771..0000000 --- a/org.glite.security.proxyrenewal/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=137 diff --git a/org.glite.security.proxyrenewal/project/build.properties b/org.glite.security.proxyrenewal/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.glite.security.proxyrenewal/project/configure.properties.xml b/org.glite.security.proxyrenewal/project/configure.properties.xml deleted file mode 100644 index 3d6914b..0000000 --- a/org.glite.security.proxyrenewal/project/configure.properties.xml +++ /dev/null @@ -1,60 +0,0 @@ - - - - - - - - - - - -top_srcdir=.. -builddir=build -stagedir=${stage.abs.dir} -distdir=${dist.dir} -globalprefix=${global.prefix} -package=${module.package.name} -PREFIX=${install.dir} -version=${module.version} -glite_location=${with.glite.location} -globus_prefix=${with.globus.prefix} -thrflavour=${with.globus.thr.flavor} -nothrflavour=${with.globus.nothr.flavor} -myproxy_prefix=${with.myproxy.prefix} - - - diff --git a/org.glite.security.proxyrenewal/project/properties.xml b/org.glite.security.proxyrenewal/project/properties.xml deleted file mode 100755 index f1e51dd..0000000 --- a/org.glite.security.proxyrenewal/project/properties.xml +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.security.proxyrenewal/project/tar_exclude b/org.glite.security.proxyrenewal/project/tar_exclude deleted file mode 100644 index e1fcd1a..0000000 --- a/org.glite.security.proxyrenewal/project/tar_exclude +++ /dev/null @@ -1,10 +0,0 @@ -tar_exclude -CVS -build.xml -build -build.properties -properties.xml -configure.properties.xml -.cvsignore -.project -.cdtproject diff --git a/org.glite.security.proxyrenewal/project/taskdefs.xml b/org.glite.security.proxyrenewal/project/taskdefs.xml deleted file mode 100755 index 13e894e..0000000 --- a/org.glite.security.proxyrenewal/project/taskdefs.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/org.glite.security.proxyrenewal/project/version.properties b/org.glite.security.proxyrenewal/project/version.properties deleted file mode 100644 index 80cbe6b..0000000 --- a/org.glite.security.proxyrenewal/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.2.2 -module.age=1 diff --git a/org.glite.security.proxyrenewal/src/acstack.h b/org.glite.security.proxyrenewal/src/acstack.h deleted file mode 100755 index a833a31..0000000 --- a/org.glite.security.proxyrenewal/src/acstack.h +++ /dev/null @@ -1,79 +0,0 @@ -/********************************************************************* - * - * Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it - * - * Copyright (c) 2002, 2003 INFN-CNAF on behalf of the EU DataGrid. - * For license conditions see LICENSE file or - * http://www.edg.org/license.html - * - * Parts of this code may be based upon or even include verbatim pieces, - * originally written by other people, in which case the original header - * follows. - * - *********************************************************************/ -#ifndef _ACSTACK_H -#define _ACSTACK_H - -#include -#include -#include - -#define IMPL_STACK(type) \ - DECLARE_STACK_OF(type) \ - STACK_OF(type) *sk_##type##_new (int (*cmp)(const type * const *, const type * const *)) \ - { return sk_new ( (int (*)(const char * const *, const char * const *))cmp);} \ - STACK_OF(type) *sk_##type##_new_null () { return sk_new_null(); } \ - void sk_##type##_free (STACK_OF(type) *st) { sk_free(st); } \ - int sk_##type##_num (const STACK_OF(type) *st) { return sk_num(st); } \ - type *sk_##type##_value (const STACK_OF(type) *st, int i) { return (type *)sk_value(st, i); } \ - type *sk_##type##_set (STACK_OF(type) *st, int i, type *val) { return ((type *)sk_set(st, i, (char *)val)); } \ - void sk_##type##_zero (STACK_OF(type) *st) { sk_zero(st);} \ - int sk_##type##_push (STACK_OF(type) *st, type *val) { return sk_push(st, (char *)val); } \ - int sk_##type##_unshift (STACK_OF(type) *st, type *val) { return sk_unshift(st, (char *)val); } \ - int sk_##type##_find (STACK_OF(type) *st, type *val) { return sk_find(st, (char *)val); } \ - type *sk_##type##_delete (STACK_OF(type) *st, int i) { return (type *)sk_delete(st, i); } \ - type *sk_##type##_delete_ptr (STACK_OF(type) *st, type *ptr) { return (type *)sk_delete_ptr(st, (char *)ptr); } \ - int sk_##type##_insert (STACK_OF(type) *st, type *val, int i) { return sk_insert(st, (char *)val, i); } \ - int (*sk_##type##_set_cmp_func (STACK_OF(type) *st, int (*cmp)(const type * const *, const type * const *)))(const type * const *, const type * const *) \ - { return (int ((*)(const type * const *, const type * const *)))sk_set_cmp_func (st, (int (*)(const char * const *, const char * const *))cmp); } \ - STACK_OF(type) *sk_##type##_dup (STACK_OF(type) *st) { return sk_dup(st); } \ - void sk_##type##_pop_free (STACK_OF(type) *st, void (*func)(type *)) { sk_pop_free(st, (void (*)(void *))func); } \ - type *sk_##type##_shift (STACK_OF(type) *st) { return (type *)sk_shift(st); } \ - type *sk_##type##_pop (STACK_OF(type) *st) { return (type *)sk_pop(st); } \ - void sk_##type##_sort (STACK_OF(type) *st) { sk_sort(st); } \ - STACK_OF(type) *d2i_ASN1_SET_OF_##type (STACK_OF(type) **st, unsigned char **pp, long length, type *(*d2ifunc)(), void (*freefunc)(type *), int ex_tag, int ex_class) \ - { return d2i_ASN1_SET(st, pp, length, (char *(*)())d2ifunc, (void (*)(void *))freefunc, ex_tag, ex_class); } \ - int i2d_ASN1_SET_OF_##type (STACK_OF(type) *st, unsigned char **pp, int (*i2dfunc)(), int ex_tag, int ex_class, int is_set) \ - { return i2d_ASN1_SET(st, pp, i2dfunc, ex_tag, ex_class, is_set); } \ - unsigned char *ASN1_seq_pack_##type (STACK_OF(type) *st, int (*i2d)(), unsigned char **buf, int *len) { return ASN1_seq_pack(st, i2d, buf, len); } \ - STACK_OF(type) *ASN1_seq_unpack_##type (unsigned char *buf, int len, type *(*d2i)(), void (*freefunc)(type *)) \ - { return ASN1_seq_unpack(buf, len, (char *(*)())d2i, (void (*)(void *))freefunc); } - - -#define DECL_STACK(type) \ - DECLARE_STACK_OF(type) \ - extern STACK_OF(type) *sk_##type##_new (int (*)(const type * const *, const type * const *)); \ - extern STACK_OF(type) *sk_##type##_new_null (); \ - extern void sk_##type##_free (STACK_OF(type) *); \ - extern int sk_##type##_num (const STACK_OF(type) *); \ - extern type *sk_##type##_value (const STACK_OF(type) *, int); \ - extern type *sk_##type##_set (STACK_OF(type) *, int, type *); \ - extern void sk_##type##_zero (STACK_OF(type) *); \ - extern int sk_##type##_push (STACK_OF(type) *, type *); \ - extern int sk_##type##_unshift (STACK_OF(type) *, type *); \ - extern int sk_##type##_find (STACK_OF(type) *, type *); \ - extern type *sk_##type##_delete (STACK_OF(type) *, int); \ - extern type *sk_##type##_delete_ptr (STACK_OF(type) *, type *); \ - extern int sk_##type##_insert (STACK_OF(type) *, type *, int); \ - extern int (*sk_##type##_set_cmp_func (STACK_OF(type) *, int (*)(const type * const *, const type * const *)))(const type * const *, const type * const *); \ - extern STACK_OF(type) *sk_##type##_dup (STACK_OF(type) *); \ - extern void sk_##type##_pop_free (STACK_OF(type) *, void (*)(type *)); \ - extern type *sk_##type##_shift (STACK_OF(type) *); \ - extern type *sk_##type##_pop (STACK_OF(type) *); \ - extern void sk_##type##_sort (STACK_OF(type) *); \ - extern STACK_OF(type) *d2i_ASN1_SET_OF_##type (STACK_OF(type) **, unsigned char **, long, type *(*)(), void (*)(type *), int, int); \ - extern int i2d_ASN1_SET_OF_##type (STACK_OF(type) *, unsigned char **, int (*)(), int, int, int); \ - extern unsigned char *ASN1_seq_pack_##type (STACK_OF(type) *, int (*)(), unsigned char **, int *); \ - extern STACK_OF(type) *ASN1_seq_unpack_##type (unsigned char *, int, type *(*)(), void (*)(type *)) ; - -#endif diff --git a/org.glite.security.proxyrenewal/src/api.c b/org.glite.security.proxyrenewal/src/api.c deleted file mode 100644 index 922931b..0000000 --- a/org.glite.security.proxyrenewal/src/api.c +++ /dev/null @@ -1,485 +0,0 @@ -#include "renewal.h" -#include "renewal_locl.h" - -#ident "$Header$" - -#define SEPARATORS "\n" - -/* prototypes of static routines */ -static int -encode_request(edg_wlpr_Request *request, char **msg); - -static int -decode_response(const char *msg, const size_t msg_len, edg_wlpr_Response *response); - -static int -do_connect(char *socket_name, struct timeval *timeout, int *sock); - -static int -send_request(int sock, struct timeval *timeout, edg_wlpr_Request *request, edg_wlpr_Response *response); - -static int -encode_request(edg_wlpr_Request *request, char **msg) -{ - char *buf; - size_t buf_len; - int ret; - - buf_len = EDG_WLPR_BUF_SIZE; - buf = malloc(buf_len); - if (buf == NULL) - return ENOMEM; - buf[0] = '\0'; - - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_VERSION, - EDG_WLPR_VERSION, SEPARATORS); - if (ret) - goto err; - - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_COMMAND, - edg_wlpr_EncodeInt(request->command), - SEPARATORS); - if (ret) - goto err; - - if (request->myproxy_server) { - char host[1024]; - -#if 0 - snprintf(host, sizeof(host), "%s:%d", request->myproxy_server, - (request->myproxy_port) ? request->myproxy_port : EDG_WLPR_MYPROXY_PORT); /* XXX let server decide ? */ -#else - snprintf(host, sizeof(host), "%s", request->myproxy_server); -#endif - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_MYPROXY_SERVER, - host, SEPARATORS); - if (ret) - goto err; - } - - if (request->proxy_filename) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_PROXY, - request->proxy_filename, SEPARATORS); - if (ret) - goto err; - } - - if (request->jobid) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_JOBID, - request->jobid, SEPARATORS); - if (ret) - goto err; - } - - if (request->entries) { - char **p = request->entries; - while (*p) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_ENTRY, - *p, SEPARATORS); - if (ret) - goto err; - p++; - } - } - - buf[strlen(buf)] = '\0'; - *msg = buf; - return 0; - -err: - free(buf); - *msg = NULL; - return ret; -} - -static int -decode_response(const char *msg, const size_t msg_len, edg_wlpr_Response *response) -{ - int ret; - char *value = NULL; - /* char *p; */ - int i; - int current_size = 0; - - /* XXX add an ending zero '\0' */ - - assert(msg != NULL); - assert(response != NULL); - - memset(response, 0, sizeof(*response)); - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_VERSION, SEPARATORS, - 0, &response->version); - if (ret) - goto err; - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_RESPONSE, SEPARATORS, - 0, &value); - if (ret) - goto err; - - ret = edg_wlpr_DecodeInt(value, (int *)(&response->response_code)); - free(value); - if (ret) - goto err; - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_MYPROXY_SERVER, - SEPARATORS, 0, &response->myproxy_server); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto err; - -#if 0 - response->myproxy_port = EDG_WLPR_MYPROXY_PORT; /* ??? */ - if (response->myproxy_server && (p = strchr(response->myproxy_server, ':'))) { - int port; - *p = '\0'; - port = atol(p+1); /* XXX */ - response->myproxy_port = port; - } -#endif - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_START_TIME, SEPARATORS, - 0, &value); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto err; - if (ret == 0) { - ret = edg_wlpr_DecodeInt(value, (int *)(&response->start_time)); - free(value); - if (ret) - goto err; - } - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_END_TIME, SEPARATORS, - 0, &value); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto err; - if (ret == 0) { - ret = edg_wlpr_DecodeInt(value, (int *)(&response->end_time)); - free(value); - if (ret) - goto err; - } - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_RENEWAL_TIME, - SEPARATORS, 0, &value); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto err; - if (ret == 0) { - ret = edg_wlpr_DecodeInt(value, (int *)(&response->next_renewal_time)); - free(value); - if (ret) - goto err; - } - - /* XXX Counter */ - - i = 0; - while ((ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_PROXY, - SEPARATORS, i, &value)) == 0) { - if (i >= current_size) { - char **tmp; - - tmp = realloc(response->filenames, - (current_size + 16 + 1) * sizeof(*tmp)); - if (tmp == NULL) { - ret = ENOMEM; - goto err; - } - response->filenames = tmp; - current_size += 16; - } - response->filenames[i] = value; - i++; - } - if (ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto err; - if (response->filenames) - response->filenames[i] = NULL; - - return 0; - -err: - edg_wlpr_CleanResponse(response); - - return ret; -} - -static int -do_connect(char *socket_name, struct timeval *timeout, int *sock) -{ - struct sockaddr_un my_addr; - int s; - int ret; - struct timeval before,after,to; - int sock_err; - socklen_t err_len; - - assert(sock != NULL); - memset(&my_addr, 0, sizeof(my_addr)); - - s = socket(AF_UNIX, SOCK_STREAM, 0); - if (s == -1) { - return errno; - } - - if (timeout) { - int flags = fcntl(s, F_GETFL, 0); - if (fcntl(s, F_SETFL, flags | O_NONBLOCK) < 0) - return errno; - } - - my_addr.sun_family = AF_UNIX; - strncpy(my_addr.sun_path, socket_name, sizeof(my_addr.sun_path)); - - ret = connect(s, (struct sockaddr *) &my_addr, sizeof(my_addr)); - if (ret == -1) { - if (errno == EINPROGRESS) { - fd_set fds; - - FD_ZERO(&fds); - FD_SET(s, &fds); - memcpy(&to, timeout, sizeof(to)); - gettimeofday(&before,NULL); - switch (select(s+1, NULL, &fds, NULL, &to)) { - case -1: close(s); - return errno; - case 0: close(s); - return EDG_WLPR_ERROR_TIMEOUT; - } - gettimeofday(&after,NULL); - if (edg_wlpr_DecrementTimeout(timeout, before, after)) { - close (s); - return EDG_WLPR_ERROR_TIMEOUT; - } - - err_len = sizeof sock_err; - if (getsockopt(s,SOL_SOCKET,SO_ERROR,&sock_err,&err_len)) { - close(s); - return errno; - } - if (sock_err) { - close(s); - errno = sock_err; - return errno; - } - } else { - close(s); - return errno; - } - } - - *sock = s; - return 0; -} - -static int -send_request(int sock, struct timeval *timeout, edg_wlpr_Request *request, edg_wlpr_Response *response) -{ - int ret; - char *buf = NULL; - size_t buf_len; - - /* timeouts ?? */ - - ret = encode_request(request, &buf); - if (ret) - return ret; - - ret = edg_wlpr_Write(sock, timeout, buf, strlen(buf) + 1); - free(buf); - if (ret) - return ret; - - ret = edg_wlpr_Read(sock, timeout, &buf, &buf_len); - if (ret) - return ret; - - ret = decode_response(buf, buf_len, response); - free(buf); - if (ret) - return ret; - - return 0; -} - -int -edg_wlpr_RequestSend(edg_wlpr_Request *request, edg_wlpr_Response *response) -{ - char sockname[1024]; - int ret; - int sock; - struct timeval timeout; - const char *s = NULL; - double d; - - s = getenv("GLITE_PR_TIMEOUT"); - d = s ? atof(s) : GLITE_PR_TIMEOUT_DEFAULT; - timeout.tv_sec = (long) d; - timeout.tv_usec = (long) ((d-timeout.tv_sec) * 1e6); - - snprintf(sockname, sizeof(sockname), "%s%d", - DGPR_REG_SOCKET_NAME_ROOT, getuid()); - ret = do_connect(sockname, &timeout, &sock); - if (ret) - return ret; - - ret = send_request(sock, &timeout, request, response); - - close(sock); - return ret; -} - -int -edg_wlpr_RegisterProxyExt(const char *filename, const char * server, - unsigned int port, - edg_wlc_JobId jobid, int flags, - char **repository_filename) -{ - edg_wlpr_Request request; - edg_wlpr_Response response; - int ret; - - memset(&request, 0, sizeof(request)); - memset(&response, 0, sizeof(response)); - - request.command = EDG_WLPR_COMMAND_REG; - request.myproxy_server = server; - request.proxy_filename = filename; - request.jobid = edg_wlc_JobIdUnparse(jobid); - if (request.jobid == NULL) - return EINVAL; /* XXX */ - - ret = edg_wlpr_RequestSend(&request, &response); - free(request.jobid); - if (ret == 0 && response.response_code == 0 && repository_filename && - response.filenames && response.filenames[0] ) - *repository_filename = strdup(response.filenames[0]); - - if (ret == 0) - ret = response.response_code; - - edg_wlpr_CleanResponse(&response); - - return ret; -} - -int -edg_wlpr_RegisterProxy(const char *filename, const char *jdl, - int flags, char **repository_filename) -{ - char server[1024]; - size_t server_len; - unsigned int port = 0; - char *p, *q; - - memset(server, 0, sizeof(server)); - - /* parse JDL and find information about myproxy server */ - p = strstr(jdl, JDL_MYPROXY); - if (p == NULL) - return 0; /* XXX */ - q = strchr(p, '\n'); /* XXX */ - if (q) - server_len = q - p; - else - server_len = jdl + strlen(jdl) - p; - if (server_len >= sizeof(server)) - return EINVAL; /* XXX */ - strncmp(server, p, sizeof(server)); - - return (edg_wlpr_RegisterProxyExt(filename, server, port, NULL, flags, - repository_filename)); -} - -int -edg_wlpr_UnregisterProxy(edg_wlc_JobId jobid, const char *repository_filename) -{ - edg_wlpr_Request request; - edg_wlpr_Response response; - int ret; - - memset(&request, 0, sizeof(request)); - memset(&response, 0, sizeof(response)); - - request.command = EDG_WLPR_COMMAND_UNREG; - request.proxy_filename = repository_filename; - request.jobid = edg_wlc_JobIdUnparse(jobid); - if (request.jobid == NULL) - return EINVAL; - - ret = edg_wlpr_RequestSend(&request, &response); - free(request.jobid); - - if (ret == 0) - ret = response.response_code; - edg_wlpr_CleanResponse(&response); - - return ret; -} - -int -edg_wlpr_GetList(int *count, char **list) -{ - return ENOSYS; /* XXX */ -} - -int -edg_wlpr_GetStatus(const char *filename, char **info) -{ - return ENOSYS; /* XXX */ -} - -static const char* const errTexts[] = { - "Unexpected EOF from peer", - "Generic error", - "Protocol parse error", - "Compulsory element not found in message", - "Unknown protocol command", - "SSL error", - "Error from Myproxy server", - "Proxy not registered", - "Proxy expired", - "VOMS error", - "Operation timed out", - "System error" -}; - -const char * -edg_wlpr_GetErrorText(int code) -{ - return code ? - (code <= EDG_WLPR_ERROR_BASE ? - strerror(code) : - errTexts[code - EDG_WLPR_ERROR_BASE - 1] - ) : - NULL; -} - -int -edg_wlpr_GetProxy(edg_wlc_JobId jobid, char **repository_filename) -{ - edg_wlpr_Request request; - edg_wlpr_Response response; - int ret; - - memset(&request, 0, sizeof(request)); - memset(&response, 0, sizeof(response)); - - request.command = EDG_WLPR_COMMAND_GET; - request.jobid = edg_wlc_JobIdUnparse(jobid); - if (request.jobid == NULL) - return EINVAL; - - ret = edg_wlpr_RequestSend(&request, &response); - free(request.jobid); - - if (ret == 0 && response.response_code == 0 && repository_filename && - response.filenames && response.filenames[0] ) - *repository_filename = strdup(response.filenames[0]); - - if (ret == 0) - ret = response.response_code; - edg_wlpr_CleanResponse(&response); - - return ret; -} diff --git a/org.glite.security.proxyrenewal/src/client.c b/org.glite.security.proxyrenewal/src/client.c deleted file mode 100644 index eb2d36b..0000000 --- a/org.glite.security.proxyrenewal/src/client.c +++ /dev/null @@ -1,117 +0,0 @@ -#include -#include -#include -#include -#include "renewal.h" - -static const char rcsid[] = "$Header$"; - -static struct option const long_options[] = { - { "help", no_argument, 0, 'h' }, - { "version", no_argument, 0, 'v' }, - { "server", required_argument, 0, 's' }, - { "port", required_argument, 0, 'p' }, - { "file", required_argument, 0, 'f' }, - { "jobid", required_argument, 0, 'j' }, - { NULL, 0, NULL, 0} -}; - -static char short_options[] = "hvs:p:f:j:"; - -static void -usage(exit_code) -{ - fprintf(stdout, "Usage: edg-wl-renew [option] operation\n" - "\t-s myproxy_server [-p port] -f filename -j jobid start |\n" - "\t-j jobid [-f filename] stop |\n" - "\t-j jobid get\n" - "-h, --help display this help and exit\n" - "-v, --version output version information and exit\n" - "-s, --server address of myproxy server\n" - "-p, --port port of myproxy server\n" - "-f, --file filename with proxy\n" - "-j, --jobid datagrid jobid\n"); - exit(exit_code); -} - -int -main(int argc, char *argv[]) -{ - char *server = NULL; - int port = 0; - char *proxyfile = NULL; - char *jobid_str = NULL; - edg_wlc_JobId jobid = NULL; - char *repository_filename = NULL; - int ret; - int arg; - extern int optind; - - while ((arg = getopt_long(argc, argv, - short_options, long_options, (int *) 0)) != EOF) - switch(arg) { - case 'h': - usage(0); break; - case 'v': - fprintf(stdout, "%s:\t%s\n", argv[0], rcsid); exit(0); - case 's': - server = strdup(optarg); break; - case 'p': - port = atoi(optarg); break; - case 'f': - proxyfile = strdup(optarg); break; - case 'j': - jobid_str = strdup(optarg); break; - default: - usage(1); break; - } - - if (optind >= argc) - usage(1); - - if (jobid_str && edg_wlc_JobIdParse(jobid_str, &jobid)) { - fprintf(stderr, "Cannot parse jobid\n"); - exit(1); - } - - if (strcmp(argv[optind], "start") == 0) { - if (proxyfile == NULL || server == NULL || jobid == NULL) - usage(1); - ret = edg_wlpr_RegisterProxyExt(proxyfile, server, port, jobid, 0, - &repository_filename); - if (ret) { - fprintf(stderr, "Registering proxy failed: %s\n", - edg_wlpr_GetErrorText(ret)); - exit(1); - } - printf("%s\n", repository_filename); - free(repository_filename); - exit(0); - } - else if (strcmp(argv[optind], "stop") == 0) { - if (jobid == NULL) - usage(1); - ret = edg_wlpr_UnregisterProxy(jobid, proxyfile); - if (ret) { - fprintf(stderr, "Unregistering proxy failed: %s\n", - edg_wlpr_GetErrorText(ret)); - exit(1); - } - } - else if (strcmp(argv[optind], "get") == 0) { - if (jobid == NULL) - usage(1); - ret = edg_wlpr_GetProxy(jobid, &proxyfile); - if (ret) { - fprintf(stderr, "GET request failed: %s\n", - edg_wlpr_GetErrorText(ret)); - exit(1); - } - printf("%s\n", proxyfile); - free(proxyfile); - } - else - usage(1); - - return 0; -} diff --git a/org.glite.security.proxyrenewal/src/commands.c b/org.glite.security.proxyrenewal/src/commands.c deleted file mode 100644 index 79b96d3..0000000 --- a/org.glite.security.proxyrenewal/src/commands.c +++ /dev/null @@ -1,1256 +0,0 @@ -#include "renewal_locl.h" -#include "renewd_locl.h" - -#include "glite/security/voms/voms_apic.h" - -#ident "$Header$" - -#define SEPARATORS ",\n" -#define RENEWAL_START_FRACTION 0.75 /* XXX */ -#define RENEWAL_MIN_LIFETIME (15 * 60) - -extern char *repository; -extern time_t condor_limit; -extern char *cadir; -extern char *vomsdir; -extern int voms_enabled; - -static char * -strmd5(const char *s, unsigned char *digest); - -static int -get_record_ext(FILE *fd, proxy_record *record, int *last_used_suffix); - -static int -get_record(FILE *fd, proxy_record *record); - -static int -store_record(char *basename, proxy_record *record); - -static int -copy_file_content(FILE *in, FILE *out); - -static int -copy_file(char *src, char *dst); - -static int -get_base_filename(char *proxy_file, char **basefilename); - -int -decode_record(char *line, proxy_record *record); - -int -encode_record(proxy_record *record, char **line); - -static int -open_metafile(char *proxy_file, FILE **fd); - -void -free_record(proxy_record *record); - -static int -realloc_prd_list(prd_list *list); - -/* make public: */ -static int -edg_wlpr_GetTokenInt(const char *msg, const size_t msg_len, - const char *key, const char *separators, - int req_index, int *value); - -static void -record_to_response(int status_code, proxy_record *record, - edg_wlpr_Response *response); - -static int -filename_to_response(char *filename, edg_wlpr_Response *response); - - - - -static char * -strmd5(const char *s, unsigned char *digest) -{ - MD5_CTX md5; - unsigned char d[16]; - int i; - static char mbuf[33]; - - MD5_Init(&md5); - MD5_Update(&md5,s,strlen(s)); - MD5_Final(d,&md5); - - if (digest) - memcpy(digest,d,sizeof(d)); - for (i=0; i<16; i++) { - int dd = d[i] & 0x0f; - mbuf[2*i+1] = dd<10 ? dd+'0' : dd-10+'a'; - dd = d[i] >> 4; - mbuf[2*i] = dd<10 ? dd+'0' : dd-10+'a'; - } - mbuf[32] = 0; - return mbuf; -} - -static int -get_base_filename(char *proxy_file, char **basefilename) -{ - char *subject = NULL; - char file[FILENAME_MAX]; - int ret; - - assert(basefilename != NULL); - - ret = get_proxy_base_name(proxy_file, &subject); - if (ret) - goto end; - - snprintf(file, sizeof(file), "%s/%s", repository, strmd5(subject, NULL)); - *basefilename = strdup(file); /* XXX test ENOMEM */ - ret = 0; - -end: - if (subject) - free(subject); - return ret; -} - -static int -copy_file_content(FILE *in, FILE *out) -{ - char buf[1024]; - size_t num; - int ret; - - while (1) { - num = fread(buf, sizeof(*buf), sizeof(buf), in); - if ((ret = ferror(in))) { - edg_wlpr_Log(LOG_ERR, "Reading failed: %s", strerror(errno)); - return ret; - } - num = fwrite(buf, sizeof(*buf), num, out); - if ((ret = ferror(in))) { - edg_wlpr_Log(LOG_ERR, "Writing failed: %s", strerror(errno)); - return ret; - } - if (feof(in)) - return 0; - } -} - -/* return the time interval, after which the renewal should be started */ -static time_t -get_delta(time_t current_time, time_t start_time, time_t end_time) -{ - time_t remaining_life; - time_t life_to_lose; - time_t limit; - time_t delta; - - if (RENEWAL_MIN_LIFETIME > condor_limit) { - limit = RENEWAL_MIN_LIFETIME; - } else { - limit = condor_limit; - } - - limit += RENEWAL_CLOCK_SKEW; - - if (current_time + limit >= end_time) { - /* if the proxy is too short, renew it as soon as possible */ - - if (current_time + condor_limit > end_time ) { - edg_wlpr_Log(LOG_ERR, "Remaining proxy lifetime fell below the value of the Condor limit!"); - } - - return 0; - } - - remaining_life = end_time - current_time; - - /* renewal should gain the jobs an extra lifetime of - RENEWAL_START_FRACTION (default 3/4) of the new proxy's - lifetime. If the time remaining on the current proxy is already - small then the jobs may gain an extra lifetime of more than that. - - In any case, a renewal will be scheduled to happen before the - lifetime limit. - - 'life_to_lose' is the lifetime that will be lost, ie the time that - will still remain on the current proxy when it is renewed - */ - - life_to_lose = (1.0-RENEWAL_START_FRACTION)*60*60*DGPR_RETRIEVE_DEFAULT_HOURS; - - if (life_to_lose < limit) { - life_to_lose = limit; - } - - delta = life_to_lose - limit; - - while( remaining_life < (limit + delta) ) { - delta *= (1.0-RENEWAL_START_FRACTION); - } - - life_to_lose = limit + delta; - - return (remaining_life - life_to_lose); -} - -int -get_times(char *proxy_file, proxy_record *record) -{ - FILE *fd; - X509 *cert = NULL; - ASN1_UTCTIME *asn1_time = NULL; - int ret; - time_t current_time, start_time, end_time; - - assert(record != NULL); - assert(proxy_file != NULL); - - fd = fopen(proxy_file, "r"); - if (fd == NULL) { - edg_wlpr_Log(LOG_ERR, "Opening proxy file %s failed: %s", - proxy_file, strerror(errno)); - return errno; - } - - cert = PEM_read_X509(fd, NULL, NULL, NULL); - if (cert == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot read X.509 certificate from %s", - proxy_file); - ret = -1; /* XXX SSL_ERROR */ - goto end; - } - - asn1_time = ASN1_UTCTIME_new(); - X509_gmtime_adj(asn1_time,0); - globus_gsi_cert_utils_make_time(X509_get_notAfter(cert), &end_time); - globus_gsi_cert_utils_make_time(X509_get_notBefore(cert), &start_time); - current_time = time(NULL); - ASN1_UTCTIME_free(asn1_time); - /* if (end_time - RENEWAL_CLOCK_SKEW < current_time) { Too short proxy } */ - if (end_time + RENEWAL_CLOCK_SKEW < current_time) { - edg_wlpr_Log(LOG_ERR, "Expired proxy in %s", proxy_file); - ret = EDG_WLPR_PROXY_EXPIRED; - goto end; - } - - /* Myproxy seems not to do check on expiration and return expired proxies - if credentials in repository are expired */ - X509_free(cert); - cert = NULL; - while (1) { - time_t tmp_end; - /* see http://www.openssl.org/docs/crypto/pem.html section BUGS */ - cert = PEM_read_X509(fd, NULL, NULL, NULL); - if (cert == NULL) { - if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE) { - /* End of file reached. no error */ - ERR_clear_error(); - break; - } - edg_wlpr_Log(LOG_ERR, "Cannot read additional certificates from %s", - proxy_file); - ret = -1; /* XXX SSL_ERROR */ - goto end; - } - globus_gsi_cert_utils_make_time(X509_get_notAfter(cert), &tmp_end); - if (tmp_end + RENEWAL_CLOCK_SKEW < current_time) { - edg_wlpr_Log(LOG_ERR, "Expired proxy in %s", proxy_file); - ret = EDG_WLPR_PROXY_EXPIRED; - goto end; - } - X509_free(cert); - cert = NULL; - } - - record->next_renewal = current_time + get_delta(current_time, start_time, - end_time); - record->end_time = end_time; - ret = 0; - -end: - fclose(fd); - if (cert) - X509_free(cert); - - return ret; -} - -static int -copy_file(char *src, char *dst) -{ - FILE *from = NULL; - FILE *tmp_to = NULL; - int tmp_fd; - char tmpfile[FILENAME_MAX]; - int ret; - - if (strcmp(src, dst) == 0) - return 0; - - from = fopen(src, "r"); - if (from == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open file %s for reading (%s)", - src, strerror(errno)); - return errno; - } - - snprintf(tmpfile, sizeof(tmpfile), "%s.XXXXXX", dst); - tmp_fd = mkstemp(tmpfile); - if (tmp_fd == -1) { - edg_wlpr_Log(LOG_ERR, "Cannot create temporary file (%s)", - strerror(errno)); - ret = errno; - goto end; - } - - - tmp_to = fdopen(tmp_fd, "w"); - if (tmp_to == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot associate stream with temporary file (%s)", - strerror(errno)); - unlink(tmpfile); - ret = errno; - goto end; - } - - ret = copy_file_content(from, tmp_to); - fclose(tmp_to); - if (ret) { - goto end; - } - - ret = rename(tmpfile, dst); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Cannot replace repository file %s with temporary file (%s)", - strerror(errno)); - unlink(tmpfile); - ret = errno; - goto end; - } - tmp_to = NULL; - -end: - fclose(from); - close(tmp_fd); - unlink(tmpfile); - - return ret; -} - -void -free_record(proxy_record *record) -{ - int i; - - if (record == NULL) - return; - if (record->myproxy_server) - free(record->myproxy_server); - if (record->jobids.val) { - for (i = 0; i < record->jobids.len; i++) - free(record->jobids.val[i]); - free(record->jobids.val); - } - memset(record, 0, sizeof(*record)); -} - -static int -realloc_prd_list(prd_list *list) -{ - char **tmp; - - tmp = realloc(list->val, (list->len + 1) * sizeof(*list->val)); - if (tmp == NULL) - return ENOMEM; - list->val = tmp; - list->len++; - return 0; -} - -static int -get_jobids(const char *msg, const size_t msg_len, proxy_record *record) -{ - int index = 0; - int ret; - char *value; - char **tmp; - - memset(&record->jobids, 0, sizeof(record->jobids)); - while ((ret = edg_wlpr_GetToken(msg, msg_len, "jobid=", SEPARATORS, - index, &value)) == 0) { - tmp = realloc(record->jobids.val, (record->jobids.len + 1) * sizeof(*tmp)); - if (tmp == NULL) { - ret = ENOMEM; - break; - } - record->jobids.val = tmp; - record->jobids.val[index] = value; - record->jobids.len++; - index++; - } - if (ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) { - if (record->jobids.len) - free(record->jobids.val); - record->jobids.len = 0; - record->jobids.val = NULL; - return ret; - } - - return 0; -} - -static int -edg_wlpr_GetTokenInt(const char *msg, const size_t msg_len, - const char *key, const char *separators, - int req_index, int *value) -{ - int ret; - char *str_value = NULL; - - ret = edg_wlpr_GetToken(msg, msg_len, key, separators, req_index, &str_value); - if (ret) - return ret; - - ret = edg_wlpr_DecodeInt(str_value, value); - free(str_value); - return ret; -} - -int -decode_record(char *line, proxy_record *record) -{ - /* line must be ended with '\0' */ - int ret; - size_t len; - - assert(line != NULL); - assert(record != NULL); - - memset(record, 0, sizeof(*record)); - - len = strlen(line) + 1; - - ret = edg_wlpr_GetTokenInt(line, len, "suffix=", SEPARATORS, 0, - &record->suffix); - if (ret) - return ret; - -#if 0 - ret = edg_wlpr_GetTokenInt(line, len, "counter=", SEPARATORS, 0, - &record->counter); - if (ret) - goto end; -#endif - - ret = edg_wlpr_GetTokenInt(line, len, "unique=", SEPARATORS, 0, - &record->unique); - if (ret) - goto end; - - ret = edg_wlpr_GetTokenInt(line, len, "voms_exts=", SEPARATORS, 0, - &record->voms_exts); - - ret = edg_wlpr_GetToken(line, len, "server=", SEPARATORS, 0, - &record->myproxy_server); - if (ret) - goto end; - - ret = edg_wlpr_GetTokenInt(line, len, "next_renewal=", SEPARATORS, 0, - (int *)&record->next_renewal); - if (ret) - goto end; - - ret = edg_wlpr_GetTokenInt(line, len, "end_time=", SEPARATORS, 0, - (int *)&record->end_time); - if (ret) - goto end; - - ret = get_jobids(line, len, record); - if (ret) - goto end; - -end: - if (ret) - free_record(record); - - return ret; -} - -int -encode_record(proxy_record *record, char **line) -{ - char tmp_line[1024]; - size_t jobids_len = 0; - int i; - - snprintf(tmp_line, sizeof(tmp_line), "suffix=%d, unique=%d, voms_exts=%d, server=%s, next_renewal=%ld, end_time=%ld", - record->suffix, record->unique, record->voms_exts, - (record->myproxy_server) ? record->myproxy_server : "", - record->next_renewal, record->end_time); - for (i = 0; i < record->jobids.len; i++) - /* alloc space for string ", jobid=" */ - jobids_len += 2 + strlen("jobid=") + strlen(record->jobids.val[i]); - - *line = calloc(1, strlen(tmp_line) + jobids_len + 1); - if (*line == NULL) - return ENOMEM; - - strcat(*line, tmp_line); - memset(tmp_line, 0, sizeof(tmp_line)); - - for (i = 0; i < record->jobids.len; i++) { - snprintf(tmp_line, sizeof(tmp_line), ", jobid=%s", record->jobids.val[i]); - strcat(*line, tmp_line); - } - - return 0; -} - -/* Get proxy record from the index file. If no suffix is defined return a free - record with the smallest index */ -static int -get_record_ext(FILE *fd, proxy_record *record, int *last_used_suffix) -{ - char line[1024]; - int last_suffix = -1; - int ret; - char *p; - proxy_record tmp_record; - time_t current_time; - int line_num = 0; - - assert(record != NULL); - memset(&tmp_record, 0, sizeof(tmp_record)); - - current_time = time(NULL); - while (fgets(line, sizeof(line), fd) != NULL) { - line_num++; - free_record(&tmp_record); - p = strchr(line, '\n'); - if (p) - *p = '\0'; - ret = decode_record(line, &tmp_record); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Skipping invalid entry at line %d", line_num); - continue; - } - if (record->suffix >= 0) { - if (record->suffix == tmp_record.suffix) { - record->suffix = tmp_record.suffix; - record->jobids.len = tmp_record.jobids.len; - record->jobids.val = tmp_record.jobids.val; - record->unique = tmp_record.unique; - record->voms_exts = tmp_record.voms_exts; - if (record->myproxy_server) - free(record->myproxy_server); - record->myproxy_server = tmp_record.myproxy_server; - record->end_time = tmp_record.end_time; - record->next_renewal = tmp_record.next_renewal; - return 0; - } else - continue; - } - if (tmp_record.suffix > last_suffix) - last_suffix = tmp_record.suffix; - - /* if no particular suffix was specified get the first free record - available */ - if (tmp_record.jobids.len >= MAX_PROXIES || tmp_record.unique || - tmp_record.voms_exts) - continue; - - if (tmp_record.jobids.len == 0) { - /* no jobs registered for this record, so use it initialized with the - * parameters (currently myproxy location) provided by user */ - record->suffix = tmp_record.suffix; - record->next_renewal = record->end_time = 0; - free_record(&tmp_record); - return 0; - } - - /* Proxies with VOMS attributes require a separate record, which is not - * shared with another proxies. The same applies it the unique flag was - * set by the caller */ - if (record->voms_exts || record->unique) - continue; - - if (tmp_record.jobids.len > 0 && record->myproxy_server && - strcmp(record->myproxy_server, tmp_record.myproxy_server) != 0) - continue; - - if (tmp_record.jobids.len > 0 && - current_time + condor_limit + RENEWAL_CLOCK_SKEW > tmp_record.end_time) { - - /* skip expired proxy (or ones that are going to expire soon), - leaving it untouched (it will be removed after next run of the - renewal process) */ - - continue; - } - - record->suffix = tmp_record.suffix; - record->jobids.len = tmp_record.jobids.len; - record->jobids.val = tmp_record.jobids.val; - record->unique = tmp_record.unique; - record->voms_exts = tmp_record.voms_exts; - if (record->myproxy_server) - free(record->myproxy_server); - record->myproxy_server = tmp_record.myproxy_server; - record->end_time = tmp_record.end_time; - record->next_renewal = tmp_record.next_renewal; - return 0; - } - - if (last_used_suffix) - *last_used_suffix = last_suffix; - - if (record->suffix >= 0) { - edg_wlpr_Log(LOG_DEBUG, "Requested suffix %d not found in meta file", - record->suffix); - } - - free_record(&tmp_record); - - return EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND; -} - -static int -get_record(FILE *fd, proxy_record *record) -{ - return get_record_ext(fd, record, NULL); -} - -static int -store_record(char *basename, proxy_record *record) -{ - int stored = 0; - FILE *fd = NULL; - int temp; - char line[1024]; - char *new_line = NULL; - int ret, i; - char *p; - proxy_record tmp_record; - char tmp_file[FILENAME_MAX]; - char meta_file[FILENAME_MAX]; - int line_num = 0; - - assert (record != NULL); - - memset(&tmp_record, 0, sizeof(tmp_record)); - - snprintf(meta_file, sizeof(meta_file), "%s.data", basename); - snprintf(tmp_file, sizeof(tmp_file), "%s.XXXXXX", meta_file); - - temp = mkstemp(tmp_file); - if (temp < 0) - return errno; - - fd = fopen(meta_file, "r"); - if (fd == NULL) { - ret = errno; - goto end; - } - while (fgets(line, sizeof(line), fd) != NULL) { - line_num++; - free_record(&tmp_record); - p = strchr(line, '\n'); - if (p) - *p = '\0'; - ret = decode_record(line, &tmp_record); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Removing invalid entry at line %d in %s", line_num, basename); - continue; - } - if (record->suffix == tmp_record.suffix && - record->unique == tmp_record.unique) { - tmp_record.next_renewal = record->next_renewal; - tmp_record.end_time = record->end_time; - tmp_record.voms_exts = record->voms_exts; - if (tmp_record.myproxy_server != NULL) - free(tmp_record.myproxy_server); - tmp_record.myproxy_server = strdup(record->myproxy_server); - if (tmp_record.jobids.val) { - for (i = 0; i < tmp_record.jobids.len; i++) - free(tmp_record.jobids.val[i]); - free(tmp_record.jobids.val); - } - tmp_record.jobids.len = 0; - tmp_record.jobids.val = NULL; - for (i = 0; i < record->jobids.len; i++) { - realloc_prd_list(&tmp_record.jobids); - tmp_record.jobids.val[tmp_record.jobids.len - 1] = - strdup(record->jobids.val[i]); - } - stored = 1; - } - ret = encode_record(&tmp_record, &new_line); - if (ret) - goto end; - dprintf(temp, "%s\n", new_line); - free(new_line); - new_line = NULL; - } - if (! stored) { - ret = encode_record(record, &new_line); - if (ret) - goto end; - ret = dprintf(temp, "%s\n", new_line); - free(new_line); - new_line = NULL; - } - fclose(fd); fd = NULL; - close(temp); - - ret = rename(tmp_file, meta_file); - if (ret) - ret = errno; - -end: - free_record(&tmp_record); - if (fd) - fclose(fd); - close(temp); - return ret; -} - -static int -open_metafile(char *basename, FILE **fd) -{ - FILE *meta_fd; - char meta_filename[FILENAME_MAX]; - - snprintf(meta_filename, sizeof(meta_filename), "%s.data", basename); - meta_fd = fopen(meta_filename, "a+"); - if (meta_fd == NULL) { - edg_wlpr_Log(LOG_ERR, "Opening meta file %s failed (%s)", - meta_filename, strerror(errno)); - return errno; - } - rewind(meta_fd); - *fd = meta_fd; - edg_wlpr_Log(LOG_DEBUG, "Using meta file %s", meta_filename); - return 0; -} - -static int -filename_to_response(char *filename, edg_wlpr_Response *response) -{ - response->filenames = malloc(2 * sizeof(*response->filenames)); - if (response->filenames == NULL) { - edg_wlpr_Log(LOG_DEBUG, "Not enough memory"); - return errno; - } - response->filenames[0] = strdup(filename); - if (response->filenames[0] == NULL) { - edg_wlpr_Log(LOG_DEBUG, "Not enough memory"); - free(response->filenames); - return errno; - } - response->filenames[1] = NULL; - return 0; -} - -static void -record_to_response(int status_code, proxy_record *record, - edg_wlpr_Response *response) -{ - /* XXX Neni struktrura proxy_record zbytecna? Mohla by se pouzivat primo - edg_wlpr_Response? */ - response->response_code = status_code; /* XXX chyba parsovatelna pres API */ - if (status_code) - return; - - if (response->myproxy_server) { - response->myproxy_server = strdup(record->myproxy_server); - if (response->myproxy_server == NULL) { - response->response_code = ENOMEM; /* XXX */ - return; - } - } - response->end_time = record->end_time; - response->next_renewal_time = record->next_renewal; - /* XXX use jobid response->counter = record->counter; */ -} - -int -check_proxyname(char *datafile, char *jobid, char **filename) -{ - proxy_record record; - FILE *meta_fd = NULL; - char line[1024]; - char proxy[FILENAME_MAX]; - char *p; - int ret, i; - - memset(&record, 0, sizeof(record)); - - meta_fd = fopen(datafile, "r"); - if (meta_fd == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open meta file %s (%s)", - datafile, strerror(errno)); - return errno; - } - - while (fgets(line, sizeof(line), meta_fd) != NULL) { - free_record(&record); - p = strchr(line, '\n'); - if (p) - *p = '\0'; - ret = decode_record(line, &record); - if (ret) - continue; /* XXX exit? */ - for (i = 0; i < record.jobids.len; i++) { - if (strcmp(jobid, record.jobids.val[i]) == 0) { - snprintf(proxy, sizeof(proxy), "%s/%s", repository, datafile); - p = strrchr(proxy, '.'); - sprintf(p, ".%d", record.suffix); - *filename = strdup(proxy); - free_record(&record); - fclose(meta_fd); - return 0; - } - } - } - free_record(&record); - fclose(meta_fd); - return EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND; -} - -int -find_proxyname(char *jobid, char **filename) -{ - DIR *dir = NULL; - struct dirent *file; - int ret; - - chdir(repository); - - dir = opendir(repository); - if (dir == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open repository directory %s (%s)", - repository, strerror(errno)); - return errno; - } - - while ((file = readdir(dir))) { - /* read files of format `md5sum`.data, where md5sum() is of fixed length - 32 chars */ - if (file->d_name == NULL || strlen(file->d_name) != 37 || - strcmp(file->d_name + 32, ".data") != 0) - continue; - ret = check_proxyname(file->d_name, jobid, filename); - if (ret == 0) { - closedir(dir); - return 0; - } - } - closedir(dir); - edg_wlpr_Log(LOG_ERR, "Requested proxy is not registered"); - return EDG_WLPR_PROXY_NOT_REGISTERED; -} - -#ifdef NOVOMS -int -find_voms_cert(char *file, int *present) -{ - *present = 0; - return 0; -} - -#else -int -find_voms_cert(char *file, int *present) -{ - struct vomsdata *voms_info = NULL; - STACK_OF(X509) *chain = NULL; - EVP_PKEY *privkey = NULL; - X509 *cert = NULL; - int ret, err; - - *present = 0; - - voms_info = VOMS_Init(vomsdir, cadir); - if (voms_info == NULL) { - edg_wlpr_Log(LOG_ERR, "check_voms_cert(): Cannot initialize VOMS context (VOMS_Init() failed, probably voms dir was not specified)"); - return EDG_WLPR_ERROR_VOMS; - } - - ret = load_proxy(file, &cert, &privkey, &chain, NULL); - if (ret) { - VOMS_Destroy(voms_info); - return ret; - } - - ret = VOMS_Retrieve(cert, chain, RECURSE_CHAIN, voms_info, &err); - if (ret == 1) { - *present = 1; - } - - VOMS_Destroy(voms_info); - X509_free(cert); - EVP_PKEY_free(privkey); - sk_X509_pop_free(chain, X509_free); - return 0; -} -#endif - -void -register_proxy(edg_wlpr_Request *request, edg_wlpr_Response *response) -{ - proxy_record record; - int ret; - FILE *meta_fd = NULL; - int last_suffix; - char *basename = NULL; - char filename[FILENAME_MAX]; - - assert(request != NULL); - assert(response != NULL); - - memset(&record, 0, sizeof(record)); - memset(response, 0, sizeof(*response)); - edg_wlpr_Log(LOG_DEBUG, "Registration request for %s", request->proxy_filename); - - if (request->proxy_filename == NULL || request->jobid == NULL) { - edg_wlpr_Log(LOG_ERR, "Registration request doesn't contain registration information"); - return; /* EINVAL; */ - } - umask(0177); - - ret = get_base_filename(request->proxy_filename, &basename); - if (ret) - goto end; - - ret = open_metafile(basename, &meta_fd); - if (ret) - goto end; - - if (voms_enabled) - ret = find_voms_cert(request->proxy_filename, &record.voms_exts); - /* ignore VOMS related error */ - - /* Find first free record */ - record.suffix = -1; - record.myproxy_server = strdup(request->myproxy_server); - ret = get_record_ext(meta_fd, &record, &last_suffix); - fclose(meta_fd); meta_fd = NULL; - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto end; - - if (ret == EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND || record.jobids.len == 0 || request->unique || record.voms_exts) { - /* create a new proxy file in the repository */ - int suffix; - - suffix = (record.jobids.len == 0 && record.suffix >= 0) ? - record.suffix : last_suffix + 1; - snprintf(filename, sizeof(filename), "%s.%d", basename, suffix); - ret = copy_file(request->proxy_filename, filename); - if (ret) - goto end; - ret = get_times(filename, &record); - if (ret) - goto end; - record.suffix = suffix; - ret = realloc_prd_list(&record.jobids); - if (ret) - goto end; - record.jobids.val[record.jobids.len - 1] = strdup(request->jobid); - record.unique = request->unique; - edg_wlpr_Log(LOG_DEBUG, "Created a new proxy file in repository (%s)", - filename); - } else { - ret = realloc_prd_list(&record.jobids); - if (ret) - goto end; - record.jobids.val[record.jobids.len - 1] = strdup(request->jobid); - snprintf(filename, sizeof(filename), "%s.%d", basename, record.suffix); - edg_wlpr_Log(LOG_DEBUG, "Inremented counter on %s", filename); - } - - ret = store_record(basename, &record); - -end: - if (meta_fd) { - fclose(meta_fd); - } - - if (basename) - free(basename); - - if (ret == 0) - ret = filename_to_response(filename, response); - record_to_response(ret, &record, response); - free_record(&record); -} - -void -unregister_proxy(edg_wlpr_Request *request, edg_wlpr_Response *response) -{ - proxy_record record; - int ret, i, index; - FILE *meta_fd = NULL; - char *basename = NULL; - char *p; - struct stat stat_buf; - - memset(&record, 0, sizeof(record)); - edg_wlpr_Log(LOG_DEBUG, "Unregistration request for %s", request->jobid); - - if (request->jobid == NULL) { - edg_wlpr_Log(LOG_ERR, "Unregistration request doesn't contain needed information"); - ret = EINVAL; - goto end; - } - - if (request->proxy_filename == NULL) { - ret = find_proxyname(request->jobid, &request->proxy_filename); - if (ret) - goto end; - } - - ret = get_base_filename(request->proxy_filename, &basename); - if (ret) { - goto end; - } - - if (strncmp(request->proxy_filename, basename, strlen(basename) != 0)) { - edg_wlpr_Log(LOG_DEBUG, "Requested proxy %s is not from repository", - request->proxy_filename); - ret = EDG_WLPR_PROXY_NOT_REGISTERED; - goto end; - } - - p = strrchr(request->proxy_filename, '.'); - if (p == NULL) { - edg_wlpr_Log(LOG_DEBUG, "Requested proxy %s is not from repository", - request->proxy_filename); - ret = EDG_WLPR_PROXY_NOT_REGISTERED; - goto end; - } - - ret = edg_wlpr_DecodeInt(p+1, &record.suffix); - if (ret) { - edg_wlpr_Log(LOG_DEBUG, "Requested proxy %s is not from repository", - request->proxy_filename); - ret = EDG_WLPR_PROXY_NOT_REGISTERED; - goto end; - } - - ret = open_metafile(basename, &meta_fd); - if (ret) { - /* fill in error response */ - return; - } - - ret = get_record(meta_fd, &record); - if (ret) - goto end; - - ret = EDG_WLPR_PROXY_NOT_REGISTERED; - for (i = 0; i < record.jobids.len; i++) - if (strcmp(request->jobid, record.jobids.val[i]) == 0) { - ret = 0; - break; - } - if (ret) { - edg_wlpr_Log(LOG_DEBUG, "Requested proxy %s is not registered", - request->proxy_filename); - goto end; - } - - /* remove jobid from the list */ - index = i; - free(record.jobids.val[i]); - record.jobids.len--; - for (i = index; i < record.jobids.len; i++) - record.jobids.val[i] = record.jobids.val[i+1]; - - if (record.jobids.len == 0) { - record.unique = 0; - record.voms_exts = 0; - record.end_time = 0; - record.next_renewal = 0; - } - - ret = stat(request->proxy_filename, &stat_buf); - if (ret) { - edg_wlpr_Log(LOG_DEBUG, "Cannot stat file %s: (%s)", - request->proxy_filename, strerror(errno)); - ret = errno; - goto end; - } - - ret = store_record(basename, &record); - if (ret) - goto end; - - if (record.jobids.len == 0) - unlink(request->proxy_filename); - -end: - if (meta_fd) { - fclose(meta_fd); - } - if (basename) - free(basename); - - if (ret == 0) - ret = filename_to_response(request->proxy_filename, response); - record_to_response(ret, &record, response); - free_record(&record); -} - -void -get_proxy(edg_wlpr_Request *request, edg_wlpr_Response *response) -{ - char *filename = NULL; - int ret; - - memset(response, 0, sizeof(*response)); - - edg_wlpr_Log(LOG_DEBUG, "GET request for %s", request->jobid); - - if (request->jobid == NULL) { - edg_wlpr_Log(LOG_ERR, "GET request doesn't contain jobid specification"); - ret = EINVAL; - goto end; - } - - ret = find_proxyname(request->jobid, &filename); - -end: - if (ret == 0) - ret = filename_to_response(filename, response); - if (filename) - free(filename); - response->response_code = ret; -} - -void -update_db(edg_wlpr_Request *request, edg_wlpr_Response *response) -{ - FILE *fd = NULL; - int tmp_fd = -1; - int suffix = -1; - char tmp_file[FILENAME_MAX]; - char cur_proxy[FILENAME_MAX]; - char datafile[FILENAME_MAX]; - char line[1024]; - char *new_line = NULL; - char *basename, *proxy = NULL; - char **entry; - proxy_record record; - int ret; - char *p; - time_t current_time; - - memset(&record, 0, sizeof(record)); - - edg_wlpr_Log(LOG_DEBUG, "UPDATE_DB request for %s", request->proxy_filename); - - chdir(repository); - basename = request->proxy_filename; - - snprintf(datafile, sizeof(datafile), "%s.data", basename); - fd = fopen(datafile, "r"); - if (fd == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open meta file %s (%s)", - datafile, strerror(errno)); - ret = errno; - return; - } - - snprintf(tmp_file, sizeof(tmp_file), "%s.XXXXXX", datafile); - tmp_fd = mkstemp(tmp_file); - if (tmp_fd < 0) { - edg_wlpr_Log(LOG_ERR, "Cannot create temporary file (%s)", - strerror(errno)); - ret = errno; - goto end; - } - - entry = request->entries; - if (entry) { - p = strchr(*entry, ':'); - *p = '\0'; - suffix = atoi(*entry); - proxy = p+1; - } - - current_time = time(NULL); - - while (fgets(line, sizeof(line), fd) != NULL) { - free_record(&record); - p = strchr(line, '\n'); - if (p) - *p = '\0'; - ret = decode_record(line, &record); - if (ret) - goto end; - - if (record.suffix > suffix && entry && *entry) { - do { - entry++; - if (entry == NULL || *entry == NULL) { - suffix = -1; - break; - } - - p = strchr(*entry, ':'); - suffix = atoi(*entry); - proxy = p+1; - } while (record.suffix > suffix); - } - - if (record.suffix == suffix) { - snprintf(cur_proxy, sizeof(cur_proxy), "%s.%d", basename, suffix); - if (proxy == NULL || *proxy == '\0') { - /* if proxy isn't specified use file registered currently and - * reschedule renewal */ - if (record.end_time < current_time) { - char *server; - /* remove file with expired proxy and clean the record in db */ - unlink(cur_proxy); - server = strdup(record.myproxy_server); - free_record(&record); - record.suffix = suffix; - record.myproxy_server = server; - edg_wlpr_Log(LOG_WARNING, "Removed expired proxy %s", cur_proxy); - } else - get_times(cur_proxy, &record); - } else { - ret = get_times(proxy, &record); - (ret == 0) ? rename(proxy, cur_proxy) : unlink(proxy); - } - } - - ret = encode_record(&record, &new_line); - if (ret) - goto end; - - dprintf(tmp_fd, "%s\n", new_line); - free(new_line); - new_line = NULL; - } - free_record(&record); - - close(tmp_fd); - fclose(fd); - - rename(tmp_file, datafile); - - return; - -end: - if (fd) - fclose(fd); - unlink(tmp_file); - if (tmp_fd > 0) - close(tmp_fd); - free_record(&record); - - return; -} diff --git a/org.glite.security.proxyrenewal/src/common.c b/org.glite.security.proxyrenewal/src/common.c deleted file mode 100644 index 7b3df64..0000000 --- a/org.glite.security.proxyrenewal/src/common.c +++ /dev/null @@ -1,323 +0,0 @@ -#include "renewal_locl.h" - -#ident "$Header$" - -/* nread() and nwrite() never return partial data */ -static int -nread(int sock, struct timeval *to, char *buf, size_t buf_len, size_t *read_len) -{ - size_t count; - size_t remain = buf_len; - char *cbuf = buf; - fd_set fds; - struct timeval timeout,before,after; - int ret; - - if (to) { - memcpy(&timeout,to,sizeof(timeout)); - gettimeofday(&before,NULL); - } - - while (remain > 0) { - FD_ZERO(&fds); - FD_SET(sock,&fds); - switch (select(sock+1, &fds, NULL, NULL, to ? &timeout : NULL)) { - case 0: - ret = EDG_WLPR_ERROR_TIMEOUT; - goto end; - case -1: - ret = EDG_WLPR_ERROR_ERRNO; - goto end; - } - - count = read(sock, cbuf, remain); - if (count < 0) { - if (errno == EINTR) - continue; - else { - ret = EDG_WLPR_ERROR_ERRNO; - goto end; - } - } else - if (count == 0) { - *read_len = 0; - return 0; - } - cbuf += count; - remain -= count; - } - *read_len = buf_len; - ret = 0; - -end: - if (to) { - gettimeofday(&after,NULL); - edg_wlpr_DecrementTimeout(to, before, after); - if (to->tv_sec < 0) { - to->tv_sec = 0; - to->tv_usec = 0; - } - } - - return ret; -} - -static size_t -nwrite(int sock, struct timeval *to, const char *buf, size_t buf_len) -{ - const char *cbuf = buf; - size_t count; - size_t remain = buf_len; - fd_set fds; - struct timeval timeout,before,after; - int ret; - - if (to) { - memcpy(&timeout,to,sizeof(timeout)); - gettimeofday(&before,NULL); - } - - while (remain > 0) { - FD_ZERO(&fds); - FD_SET(sock,&fds); - switch (select(sock+1, NULL, &fds, NULL, to ? &timeout : NULL)) { - case 0: ret = EDG_WLPR_ERROR_TIMEOUT; - goto end; - case -1: ret = EDG_WLPR_ERROR_ERRNO; - goto end; - } - - count = write(sock, cbuf, remain); - if (count < 0) { - if (errno == EINTR) - continue; - else { - ret = EDG_WLPR_ERROR_ERRNO; - goto end; - } - } - cbuf += count; - remain -= count; - } - ret = buf_len; - -end: - if (to) { - gettimeofday(&after,NULL); - edg_wlpr_DecrementTimeout(to, before, after); - if (to->tv_sec < 0) { - to->tv_sec = 0; - to->tv_usec = 0; - } - } - - return ret; -} - -int -edg_wlpr_Read(int sock, struct timeval *timeout, char **buf, size_t *buf_len) -{ - int ret; - unsigned char length[4]; - size_t len; - - ret = nread(sock, timeout, length, 4, &len); - if (ret) { - *buf_len = 0; - return ret; - } - if (len != 4) { - *buf_len = 0; - return EDG_WLPR_ERROR_UNEXPECTED_EOF; /* XXX vraci i kdyz peer spadne a zavre trubku */ - } - *buf_len = (length[0] << 24) | - (length[1] << 16) | - (length[2] << 8 ) | - (length[3] << 0); - - *buf = malloc(*buf_len); - if (*buf == NULL) - return ENOMEM; - - ret = nread(sock, timeout, *buf, *buf_len, &len); - if (ret) - return ret; - - if (len != *buf_len) { - free(*buf); - *buf_len = 0; - return EDG_WLPR_ERROR_UNEXPECTED_EOF; /* XXX */ - } - - return 0; -} - -int -edg_wlpr_Write(int sock, struct timeval *timeout, char *buf, size_t buf_len) -{ - unsigned char length[4]; - - length[0] = (buf_len >> 24) & 0xFF; - length[1] = (buf_len >> 16) & 0xFF; - length[2] = (buf_len >> 8) & 0xFF; - length[3] = (buf_len >> 0) & 0xFF; - - if (nwrite(sock, timeout, length, 4) != 4 || - nwrite(sock, timeout, buf, buf_len) != buf_len) - return errno; - - return 0; -} - -int -edg_wlpr_GetToken(const char *msg, const size_t msg_len, - const char *key, const char *separators, - int req_index, char **value) -{ - char *p; - size_t len; - int index; - - assert(separators != NULL); - - /* Add ending zero ? */ - - index = 0; - p = (char *)msg; - while (p && (p = strstr(p, key))) { - if (index == req_index) - break; - index++; - p += strlen(key); - } - if (p == NULL) - return EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND; - - p = strchr(p, '='); - if (p == NULL) - return EDG_WLPR_ERROR_PROTO_PARSE_ERROR; - - len = strcspn(p+1, separators); - if (len == 0) - return EDG_WLPR_ERROR_PROTO_PARSE_ERROR; - - *value = malloc(len + 1); - if (*value == NULL) - return ENOMEM; - - memcpy(*value, p+1, len); - (*value)[len] = '\0'; - - return 0; -} - -int -edg_wlpr_StoreToken(char **buf, size_t *buf_len, char *command, - char *value, const char *separator) -{ - char line[2048]; - char *tmp; - - assert(buf != NULL); - assert(separator != NULL); - - if (strlen(command) + 1 + strlen(value) + 2 > sizeof(line)) - return ERANGE; /* XXX */ - - snprintf(line, sizeof(line), "%s%s%s", command, value, separator); - - while (strlen(*buf) + strlen(line) + 1 > *buf_len) { - tmp = realloc(*buf, *buf_len + EDG_WLPR_BUF_SIZE); - if (tmp == NULL) - return ENOMEM; - *buf = tmp; - *buf_len += EDG_WLPR_BUF_SIZE; - } - strcat(*buf, line); - - return 0; -} - -void -edg_wlpr_CleanRequest(edg_wlpr_Request *request) -{ - assert(request != NULL); - if (request->version) - free(request->version); - if (request->proxy_filename) - free(request->proxy_filename); - if (request->myproxy_server) - free(request->myproxy_server); - if (request->jobid) - free(request->jobid); - if (request->entries) { - char **p = request->entries; - char **next; - while (*p) { - next = p+1; - free(*p); - p = next; - } - free(request->entries); - } - - memset(request, 0, sizeof(request)); -} - -void -edg_wlpr_CleanResponse(edg_wlpr_Response *response) -{ - assert(response != NULL); - if (response->version) - free(response->version); - if (response->myproxy_server) - free(response->myproxy_server); - if (response->filenames) { - char **p = response->filenames; - char **next; - - while (*p) { - next = p+1; - free(*p); - p = next; - } - free(response->filenames); - } - memset(response, 0, sizeof(*response)); -} - -const char * -edg_wlpr_GetErrorString(int code) -{ - return (code == 0) ? "OK" : "Error"; -} - -char * -edg_wlpr_EncodeInt(int num) /* long? time */ -{ - static char ret[64]; - - snprintf(ret, sizeof(ret), "%d", num); - return ret; -} - -int -edg_wlpr_DecodeInt(char *str, int *num) -{ - *num = atol(str); /* XXX */ - return 0; -} - -int -edg_wlpr_DecrementTimeout(struct timeval *timeout, struct timeval before, struct timeval after) -{ - (*timeout).tv_sec = (*timeout).tv_sec - (after.tv_sec - before.tv_sec); - (*timeout).tv_usec = (*timeout).tv_usec - (after.tv_usec - before.tv_usec); - while ( (*timeout).tv_usec < 0) { - (*timeout).tv_sec--; - (*timeout).tv_usec += 1000000; - } - - if ( ((*timeout).tv_sec < 0) || (((*timeout).tv_sec == 0) && ((*timeout).tv_usec == 0)) ) return(1); - else return(0); -} diff --git a/org.glite.security.proxyrenewal/src/newformat.h b/org.glite.security.proxyrenewal/src/newformat.h deleted file mode 100755 index 0efeb7e..0000000 --- a/org.glite.security.proxyrenewal/src/newformat.h +++ /dev/null @@ -1,195 +0,0 @@ -/********************************************************************* - * - * Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it - * - * Copyright (c) 2002, 2003 INFN-CNAF on behalf of the EU DataGrid. - * For license conditions see LICENSE file or - * http://www.edg.org/license.html - * - * Parts of this code may be based upon or even include verbatim pieces, - * originally written by other people, in which case the original header - * follows. - * - *********************************************************************/ -#ifndef _NEW_FORMAT_H -#define _NEW_FORMAT_H -#include -#include -#include -#include -#include -#include -#include - -#include "acstack.h" -#if 0 -static STACK_OF(CRYPT_EX_DATA_FUNS) *AC_meth = NULL; - -static AC_METHOD meth = { - (int (*)()) i2d_AC, - (char *(*)())d2i_AC, - (char *(*)())AC_new, - (void (*)()) AC_free}; -a -ASN1_METHOD *AC_asn1_meth(void) -{ - return &meth; -} -#endif - -typedef struct ACDIGEST { - ASN1_ENUMERATED *type; - ASN1_OBJECT *oid; - X509_ALGOR *algor; - ASN1_BIT_STRING *digest; -} AC_DIGEST; - -typedef struct ACIS { - STACK_OF(GENERAL_NAME) *issuer; - ASN1_INTEGER *serial; - ASN1_BIT_STRING *uid; -} AC_IS; - -typedef struct ACFORM { - STACK_OF(GENERAL_NAME) *names; - AC_IS *is; - AC_DIGEST *digest; -} AC_FORM; - -typedef struct ACACI { - STACK_OF(GENERAL_NAME) *names; - AC_FORM *form; -} AC_ACI; - -typedef struct ACHOLDER { - AC_IS *baseid; - STACK_OF(GENERAL_NAMES) *name; - AC_DIGEST *digest; -} AC_HOLDER; - -typedef struct ACVAL { - ASN1_GENERALIZEDTIME *notBefore; - ASN1_GENERALIZEDTIME *notAfter; -} AC_VAL; - -typedef struct asn1_string_st AC_IETFATTRVAL; - -typedef struct ACIETFATTR { - STACK_OF(GENERAL_NAMES) *names; - STACK_OF(AC_IETFATTRVAL) *values; -} AC_IETFATTR; - -typedef struct ACTARGET { - GENERAL_NAME *name; - GENERAL_NAME *group; - AC_IS *cert; -} AC_TARGET; - -typedef struct ACTARGETS { - STACK_OF(AC_TARGET) *targets; -} AC_TARGETS; - -typedef struct ACATTR { - ASN1_OBJECT *type; - STACK_OF(AC_IETFATTR) *ietfattr; -} AC_ATTR; - -typedef struct ACINFO { - ASN1_INTEGER *version; - AC_HOLDER *holder; - AC_FORM *form; - X509_ALGOR *alg; - ASN1_INTEGER *serial; - AC_VAL *validity; - STACK_OF(AC_ATTR) *attrib; - ASN1_BIT_STRING *id; - STACK_OF(X509_EXTENSION) *exts; -} AC_INFO; - -typedef struct ACC { - AC_INFO *acinfo; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; -} AC; - -typedef struct ACSEQ { - STACK_OF(AC) *acs; -} AC_SEQ; - -DECL_STACK(AC_TARGET) -DECL_STACK(AC_TARGETS) -DECL_STACK(AC_IETFATTR) -DECL_STACK(AC_IETFATTRVAL) -DECL_STACK(AC_ATTR) -DECL_STACK(AC); -DECL_STACK(AC_INFO); -DECL_STACK(AC_VAL); -DECL_STACK(AC_HOLDER); -DECL_STACK(AC_ACI); -DECL_STACK(AC_FORM); -DECL_STACK(AC_IS); -DECL_STACK(AC_DIGEST); - -extern int i2d_AC_ATTR(AC_ATTR *a, unsigned char **pp); -extern AC_ATTR *d2i_AC_ATTR(AC_ATTR **a, unsigned char **p, long length); -extern AC_ATTR *AC_ATTR_new(); -extern void AC_ATTR_free(AC_ATTR *a); -extern int i2d_AC_IETFATTR(AC_IETFATTR *a, unsigned char **pp); -extern AC_IETFATTR *d2i_AC_IETFATTR(AC_IETFATTR **a, unsigned char **p, long length); -extern AC_IETFATTR *AC_IETFATTR_new(); -extern void AC_IETFATTR_free (AC_IETFATTR *a); -extern int i2d_AC_IETFATTRVAL(AC_IETFATTRVAL *a, unsigned char **pp); -extern AC_IETFATTRVAL *d2i_AC_IETFATTRVAL(AC_IETFATTRVAL **a, unsigned char **pp, long length); -extern AC_IETFATTRVAL *AC_IETFATTRVAL_new(); -extern void AC_IETFATTRVAL_free(AC_IETFATTRVAL *a); -extern int i2d_AC_DIGEST(AC_DIGEST *a, unsigned char **pp); -extern AC_DIGEST *d2i_AC_DIGEST(AC_DIGEST **a, unsigned char **pp, long length);; -extern AC_DIGEST *AC_DIGEST_new(void); -extern void AC_DIGEST_free(AC_DIGEST *a); -extern int i2d_AC_IS(AC_IS *a, unsigned char **pp); -extern AC_IS *d2i_AC_IS(AC_IS **a, unsigned char **pp, long length); -extern AC_IS *AC_IS_new(void); -extern void AC_IS_free(AC_IS *a); -extern int i2d_AC_FORM(AC_FORM *a, unsigned char **pp); -extern AC_FORM *d2i_AC_FORM(AC_FORM **a, unsigned char **pp, long length); -extern AC_FORM *AC_FORM_new(void); -extern void AC_FORM_free(AC_FORM *a); -extern int i2d_AC_ACI(AC_ACI *a, unsigned char **pp); -extern AC_ACI *d2i_AC_ACI(AC_ACI **a, unsigned char **pp, long length); -extern AC_ACI *AC_ACI_new(void); -extern void AC_ACI_free(AC_ACI *a); - -extern int i2d_AC_HOLDER(AC_HOLDER *a, unsigned char **pp); -extern AC_HOLDER *d2i_AC_HOLDER(AC_HOLDER **a, unsigned char **pp, long length); -extern AC_HOLDER *AC_HOLDER_new(void); -extern void AC_HOLDER_free(AC_HOLDER *a); - -/* new AC_VAL functions by Valerio */ -extern int i2d_AC_VAL(AC_VAL *a, unsigned char **pp); -extern AC_VAL *d2i_AC_VAL(AC_VAL **a, unsigned char **pp, long length); -extern AC_VAL *AC_VAL_new(void); -extern void AC_VAL_free(AC_VAL *a); -/* end*/ - -extern int i2d_AC_INFO(AC_INFO *a, unsigned char **pp); -extern AC_INFO *d2i_AC_INFO(AC_INFO **a, unsigned char **p, long length); -extern AC_INFO *AC_INFO_new(void); -extern void AC_INFO_free(AC_INFO *a); -extern int i2d_AC(AC *a, unsigned char **pp) ; -extern AC *d2i_AC(AC **a, unsigned char **pp, long length); -extern AC *AC_new(void); -extern void AC_free(AC *a); -extern int i2d_AC_TARGETS(AC_TARGETS *a, unsigned char **pp) ; -extern AC_TARGETS *d2i_AC_TARGETS(AC_TARGETS **a, unsigned char **pp, long length); -extern AC_TARGETS *AC_TARGETS_new(void); -extern void AC_TARGETS_free(AC_TARGETS *a); -extern int i2d_AC_TARGET(AC_TARGET *a, unsigned char **pp) ; -extern AC_TARGET *d2i_AC_TARGET(AC_TARGET **a, unsigned char **pp, long length); -extern AC_TARGET *AC_TARGET_new(void); -extern void AC_TARGET_free(AC_TARGET *a); -extern int i2d_AC_SEQ(AC_SEQ *a, unsigned char **pp) ; -extern AC_SEQ *d2i_AC_SEQ(AC_SEQ **a, unsigned char **pp, long length); -extern AC_SEQ *AC_SEQ_new(void); -extern void AC_SEQ_free(AC_SEQ *a); - -#endif diff --git a/org.glite.security.proxyrenewal/src/renew.c b/org.glite.security.proxyrenewal/src/renew.c deleted file mode 100644 index ddae37b..0000000 --- a/org.glite.security.proxyrenewal/src/renew.c +++ /dev/null @@ -1,404 +0,0 @@ -#include "renewal_locl.h" -#include "renewd_locl.h" - -#include "glite/security/voms/voms_apic.h" - -#ident "$Header$" - -#define RENEWAL_COUNTS_MAX 1000 /* the slave daemon exits after that many attemtps */ - -extern char *repository; -extern char *cadir; -extern char *vomsdir; -extern int voms_enabled; -extern char *vomsconf; - -static int received_signal = -1, die = 0; - -static void -check_renewal(char *datafile, int force_renew, int *num_renewed); - -static int -renew_proxy(proxy_record *record, char *basename, char **new_proxy); - -static void -register_signal(int signal); - -int -load_proxy(const char *cur_file, X509 **cert, EVP_PKEY **priv_key, - STACK_OF(X509) **chain, globus_gsi_cred_handle_t *cur_proxy) -{ - globus_result_t result; - globus_gsi_cred_handle_t proxy = NULL; - int ret; - - result = globus_gsi_cred_handle_init(&proxy, NULL); - if (result) { - fprintf(stderr, "globus_gsi_cred_handle_init() failed\n"); - goto end; - } - - result = globus_gsi_cred_read_proxy(proxy, cur_file); - if (result) { - fprintf(stderr, "globus_gsi_cred_read_proxy() failed\n"); - goto end; - } - - if (cert) { - result = globus_gsi_cred_get_cert(proxy, cert); - if (result) { - fprintf(stderr, "globus_gsi_cred_get_cert() failed\n"); - goto end; - } - } - - if (priv_key) { - result = globus_gsi_cred_get_key(proxy, priv_key); - if (result) { - fprintf(stderr, "globus_gsi_cred_get_key() failed\n"); - goto end; - } - } - - if (chain) { - result = globus_gsi_cred_get_cert_chain(proxy, chain); - if (result) { - fprintf(stderr, "globus_gsi_cred_get_cert_chain() failed\n"); - goto end; - } - } - - if (cur_proxy) { - *cur_proxy = proxy; - proxy = NULL; - } - - ret = 0; - -end: - if (proxy) - globus_gsi_cred_handle_destroy(proxy); - if (result) - ret = EDG_WLPR_ERROR_GENERIC; - - return ret; -} - -static void -register_signal(int signal) -{ - received_signal = signal; - switch ((received_signal = signal)) { - case SIGINT: - case SIGTERM: - case SIGQUIT: - die = signal; - break; - default: - break; - } -} - -static int -renew_proxy(proxy_record *record, char *basename, char **new_proxy) -{ - char tmp_proxy[FILENAME_MAX]; - int tmp_fd; - char repository_file[FILENAME_MAX]; - int ret = -1; - char *p; - char *server = NULL; - myproxy_socket_attrs_t *socket_attrs; - myproxy_request_t *client_request; - myproxy_response_t *server_response; - char *renewed_proxy; - - socket_attrs = malloc(sizeof(*socket_attrs)); - memset(socket_attrs, 0, sizeof(*socket_attrs)); - - client_request = malloc(sizeof(*client_request)); - memset(client_request, 0, sizeof(*client_request)); - - server_response = malloc(sizeof(*server_response)); - memset(server_response, 0, sizeof(*server_response)); - - myproxy_set_delegation_defaults(socket_attrs, client_request); - - edg_wlpr_Log(LOG_DEBUG, "Trying to renew proxy in %s.%d", - basename, record->suffix); - - snprintf(tmp_proxy, sizeof(tmp_proxy), "%s.%d.myproxy.XXXXXX", - basename, record->suffix); - tmp_fd = mkstemp(tmp_proxy); - if (tmp_fd == -1) { - edg_wlpr_Log(LOG_ERR, "Cannot create temporary file (%s)", - strerror(errno)); - return errno; - } - - snprintf(repository_file, sizeof(repository_file),"%s.%d", - basename, record->suffix); - - ret = get_proxy_base_name(repository_file, &client_request->username); - if (ret) - goto end; - - client_request->proxy_lifetime = 60 * 60 * DGPR_RETRIEVE_DEFAULT_HOURS; - client_request->authzcreds = repository_file; - - server = (record->myproxy_server) ? record->myproxy_server : - socket_attrs->pshost; - if (server == NULL) { - edg_wlpr_Log(LOG_ERR, "No myproxy server specified"); - ret = EINVAL; - goto end; - } - socket_attrs->pshost = strdup(server); - - p = strchr(socket_attrs->pshost, ':'); - if (p) { - *p++ = '\0'; - ret = edg_wlpr_DecodeInt(p, &socket_attrs->psport); - if (ret) - goto end; - } else - socket_attrs->psport = MYPROXY_SERVER_PORT; - - verror_clear(); - ret = myproxy_get_delegation(socket_attrs, client_request, - server_response, tmp_proxy); - if (ret == 1) { - ret = EDG_WLPR_ERROR_MYPROXY; - edg_wlpr_Log(LOG_ERR, "Error contacting MyProxy server for proxy %s: %s", - repository_file, verror_get_string()); - verror_clear(); - goto end; - } - - renewed_proxy = tmp_proxy; - - if (voms_enabled && record->voms_exts) { - char tmp_voms_proxy[FILENAME_MAX]; - int tmp_voms_fd; - - snprintf(tmp_voms_proxy, sizeof(tmp_voms_proxy), "%s.%d.voms.XXXXXX", - basename, record->suffix); - tmp_voms_fd = mkstemp(tmp_voms_proxy); - if (tmp_voms_fd == -1) { - edg_wlpr_Log(LOG_ERR, "Cannot create temporary file (%s)", - strerror(errno)); - ret = errno; - goto end; - } - - ret = renew_voms_creds(repository_file, renewed_proxy, tmp_voms_proxy); - close(tmp_voms_fd); - if (ret) { - unlink(tmp_voms_proxy); - goto end; - } - - renewed_proxy = tmp_voms_proxy; - unlink(tmp_proxy); - } - - if (new_proxy) - *new_proxy = strdup(renewed_proxy); - - ret = 0; - -end: - if (socket_attrs->socket_fd) - close(socket_attrs->socket_fd); - close(tmp_fd); - if (ret) - unlink(tmp_proxy); - myproxy_free(socket_attrs, client_request, server_response); - - return ret; -} - -static void -check_renewal(char *datafile, int force_renew, int *num_renewed) -{ - char line[1024]; - proxy_record record; - char *p; - int ret, i; - time_t current_time; - FILE *meta_fd = NULL; - char basename[FILENAME_MAX]; - edg_wlpr_Request request; - edg_wlpr_Response response; - char *new_proxy = NULL; - char *entry = NULL; - char **tmp; - int num = 0; - - assert(datafile != NULL); - - *num_renewed = 0; - - memset(&record, 0, sizeof(record)); - memset(basename, 0, sizeof(basename)); - memset(&request, 0, sizeof(request)); - memset(&response, 0, sizeof(response)); - - strncpy(basename, datafile, sizeof(basename) - 1); - p = basename + strlen(basename) - strlen(".data"); - if (strcmp(p, ".data") != 0) { - edg_wlpr_Log(LOG_ERR, "Meta filename doesn't end with '.data'"); - return; - } - *p = '\0'; - - request.command = EDG_WLPR_COMMAND_UPDATE_DB; - request.proxy_filename = strdup(basename); - - meta_fd = fopen(datafile, "r"); - if (meta_fd == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open meta file %s (%s)", - datafile, strerror(errno)); - return; - } - - current_time = time(NULL); - edg_wlpr_Log(LOG_DEBUG, "Reading metafile %s", datafile); - - while (fgets(line, sizeof(line), meta_fd) != NULL) { - free_record(&record); - p = strchr(line, '\n'); - if (p) - *p = '\0'; - ret = decode_record(line, &record); - if (ret) - continue; /* XXX exit? */ - if (record.jobids.len == 0) /* no jobid registered for this proxy */ - continue; - if (current_time + RENEWAL_CLOCK_SKEW >= record.end_time || - record.next_renewal <= current_time || - force_renew) { - ret = EDG_WLPR_PROXY_EXPIRED; - if ( record.end_time + RENEWAL_CLOCK_SKEW >= current_time) { - /* only try renewal if the proxy hasn't already expired */ - ret = renew_proxy(&record, basename, &new_proxy); - } - - /* if the proxy wasn't renewed have the daemon planned another renewal */ - asprintf(&entry, "%d:%s", record.suffix, (ret == 0) ? new_proxy : ""); - if (new_proxy) { - free(new_proxy); new_proxy = NULL; - } - - tmp = realloc(request.entries, (num + 2) * sizeof(*tmp)); - if (tmp == NULL) { - free_record(&record); - return; - } - request.entries = tmp; - request.entries[num] = entry; - request.entries[num+1] = NULL; - num++; - } - } - free_record(&record); - - if (num > 0) { - ret = edg_wlpr_RequestSend(&request, &response); - if (ret != 0) - edg_wlpr_Log(LOG_ERR, - "Failed to send update request to master (%d)", ret); - else if (response.response_code != 0) - edg_wlpr_Log(LOG_ERR, - "Master failed to update database (%d)", response.response_code); - - /* delete all tmp proxy files which may survive */ - for (i = 0; i < num; i++) { - p = strchr(request.entries[i], ':'); - if (p+1) - unlink(p+1); - } - } - fclose(meta_fd); - - edg_wlpr_CleanResponse(&response); - edg_wlpr_CleanRequest(&request); - - *num_renewed = num; - - return; -} - -int renewal(int force_renew, int *num_renewed) -{ - DIR *dir = NULL; - struct dirent *file; - FILE *fd; - int num = 0; - - edg_wlpr_Log(LOG_DEBUG, "Starting renewal process"); - - *num_renewed = 0; - - if (chdir(repository)) { - edg_wlpr_Log(LOG_ERR, "Cannot access repository directory %s (%s)", - repository, strerror(errno)); - return errno; - } - - dir = opendir(repository); - if (dir == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open repository directory %s (%s)", - repository, strerror(errno)); - return errno; - } - - while ((file = readdir(dir))) { - /* read files of format `md5sum`.data, where md5sum() is of fixed length - 32 chars */ - if (file->d_name == NULL || strlen(file->d_name) != 37 || - strcmp(file->d_name + 32, ".data") != 0) - continue; - fd = fopen(file->d_name, "r"); - if (fd == NULL) { - edg_wlpr_Log(LOG_ERR, "Cannot open meta file %s (%s)", - file->d_name, strerror(errno)); - continue; - } - check_renewal(file->d_name, force_renew, &num); - *num_renewed += num; - fclose(fd); - } - closedir(dir); - edg_wlpr_Log(LOG_DEBUG, "Finishing renewal process"); - return 0; -} - -void -watchdog_start(void) -{ - struct sigaction sa; - int force_renewal; - int count = 0, num; - - memset(&sa,0,sizeof(sa)); - sa.sa_handler = register_signal; - sigaction(SIGUSR1, &sa, NULL); - sigaction(SIGINT,&sa,NULL); - sigaction(SIGQUIT,&sa,NULL); - sigaction(SIGTERM,&sa,NULL); - sigaction(SIGPIPE,&sa,NULL); - - while (count < RENEWAL_COUNTS_MAX && !die) { - received_signal = -1; - sleep(60 * 5); - force_renewal = (received_signal == SIGUSR1) ? 1 : 0; - if (die) - break; - /* XXX uninstall signal handler ? */ - renewal(force_renewal, &num); - count += num; - } - edg_wlpr_Log(LOG_DEBUG, "Terminating after %d renewal attempts", count); - exit(0); -} diff --git a/org.glite.security.proxyrenewal/src/renewal_locl.h b/org.glite.security.proxyrenewal/src/renewal_locl.h deleted file mode 100644 index 9d0774d..0000000 --- a/org.glite.security.proxyrenewal/src/renewal_locl.h +++ /dev/null @@ -1,143 +0,0 @@ -#ifndef RENEWAL_LOCL_H -#define RENEWAL_LOCL_H - -#ident "$Header$" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "renewal.h" - -#define JDL_MYPROXY "Myproxy_server=" - -typedef enum { - EDG_WLPR_COMMAND_NONE = 0, - EDG_WLPR_COMMAND_REG = 1, - EDG_WLPR_COMMAND_UNREG, - EDG_WLPR_COMMAND_GET, - EDG_WLPR_COMMAND_LIST, - EDG_WLPR_COMMAND_STATUS, - EDG_WLPR_COMMAND_UPDATE_DB, -} edg_wlpr_Command; - -/* prefix neni nutny */ -#define EDG_WLPR_PROTO_VERSION "Version=" -#define EDG_WLPR_PROTO_COMMAND "Command=" -#define EDG_WLPR_PROTO_MYPROXY_SERVER "Myproxy_server=" -#define EDG_WLPR_PROTO_PROXY "Proxy_name=" -#define EDG_WLPR_PROTO_UNIQUE_PROXY "Unique=" /* XXX */ -#define EDG_WLPR_PROTO_JOBID "Jobid=" -#define EDG_WLPR_PROTO_ENTRY "Entry=" - -#define EDG_WLPR_PROTO_RESPONSE "Response=" /* XXX result ?? */ -#define EDG_WLPR_PROTO_START_TIME "Start_time=" -#define EDG_WLPR_PROTO_END_TIME "End_time=" -#define EDG_WLPR_PROTO_RENEWAL_TIME "Renewal_time=" /* XXX Next renewal ?? */ - -#define EDG_WLPR_MYPROXY_PORT 7512 - -#define EDG_WLPR_REPOSITORY_ROOT "/var/spool/edg-wl-renewd" - -#define EDG_WLPR_BUF_SIZE 4096 - -#define EDG_WLPR_VERSION "EDG Proxy Renewal 1.0" - -#define MAX_PROXIES 4 /* max. number of jobids sharing one proxy */ - -#define RENEWAL_CLOCK_SKEW (5 * 60) - -#define DGPR_RETRIEVE_DEFAULT_HOURS 10 - -#define GLITE_PR_TIMEOUT_DEFAULT 120 - -typedef struct { - char *version; - edg_wlpr_Command command; - char *myproxy_server; - char *proxy_filename; - int unique; - char *jobid; - char **entries; /* for updates from the renewal part (renew.c) */ -} edg_wlpr_Request; - -typedef struct { - char *version; - int response_code; - time_t start_time; - time_t end_time; - time_t next_renewal_time; - int counter; - char *myproxy_server; - char **filenames; -} edg_wlpr_Response; - -#define DGPR_REG_SOCKET_NAME_ROOT "/tmp/dgpr_renew_" - -#if 0 -/* Errors: */ -/* XXX enum */ -#define EDG_WLPR_ERROR_EOF 1 -#define EDG_WLPR_ERROR_PARSE_NOT_FOUND 2 -#define EDG_WLPR_ERROR_PARSE_ERROR 3 -#define EDG_WLPR_ERROR_UNKNOWN_COMMAND 4 -#define EDG_WLPR_ERROR_NOTFOUND 5 -#endif - -int -edg_wlpr_GetToken(const char *msg, const size_t msg_len, - const char *key, const char *separators, - int req_index, char **value); - -int -edg_wlpr_StoreToken(char **buf, size_t *buf_len, char *command, - char *value, const char *separator); - -int -edg_wlpr_Read(int sock, struct timeval *timeout, char **buf, size_t *buf_len); - -int -edg_wlpr_Write(int sock, struct timeval *timeout, char *buf, size_t buf_len); - -void -edg_wlpr_CleanRequest(edg_wlpr_Request *request); - -void -edg_wlpr_CleanResponse(edg_wlpr_Response *response); - -const char * -edg_wlpr_GetErrorString(int err); - -char * -edg_wlpr_EncodeInt(int num); /* long? time */ - -int -edg_wlpr_DecodeInt(char *str, int *num); - -int -edg_wlpr_RequestSend(edg_wlpr_Request *request, edg_wlpr_Response *response); - -int -edg_wlpr_DecrementTimeout(struct timeval *timeout, struct timeval before, struct timeval after); - -#endif /* RENEWAL_LOCL_H */ diff --git a/org.glite.security.proxyrenewal/src/renewd.c b/org.glite.security.proxyrenewal/src/renewd.c deleted file mode 100644 index 4a595a8..0000000 --- a/org.glite.security.proxyrenewal/src/renewd.c +++ /dev/null @@ -1,656 +0,0 @@ -#include "renewal_locl.h" -#include "renewd_locl.h" - -static const char rcsid[] = "$Header$"; - -#define SEPARATORS "\n" -/* GRIDMANAGER_CHECKPROXY_INTERVAL + GRIDMANAGER_MINIMUM_PROXY_TIME */ -#define CONDOR_MINIMUM_PROXY_TIME (1800) - -int debug = 0; -char *repository = NULL; -time_t condor_limit = CONDOR_MINIMUM_PROXY_TIME; -char *cadir = NULL; -char *vomsdir = NULL; -int voms_enabled = 0; -char *cert = NULL; -char *key = NULL; -char *vomsconf = NULL; - -static volatile int die = 0, child_died = 0; -double default_timeout = 0; - -static struct option opts[] = { - { "help", no_argument, NULL, 'h' }, - { "version", no_argument, NULL, 'v' }, - { "debug", no_argument, NULL, 'd' }, - { "repository", required_argument, NULL, 'r' }, - { "condor-limit", required_argument, NULL, 'c' }, - { "CAdir", required_argument, NULL, 'C' }, - { "VOMSdir", required_argument, NULL, 'V' }, - { "enable-voms", no_argument, NULL, 'A' }, - { "voms-config", required_argument, NULL, 'G' }, - { "cert", required_argument, NULL, 't' }, - { "key", required_argument, NULL, 'k' }, - { NULL, 0, NULL, 0 } -}; - -typedef struct { - edg_wlpr_Command code; - void (*handler) (edg_wlpr_Request *request, edg_wlpr_Response *response); -} command_table; - -static command_table commands[] = { - { EDG_WLPR_COMMAND_REG, register_proxy, }, - { EDG_WLPR_COMMAND_UNREG, unregister_proxy, }, - { EDG_WLPR_COMMAND_GET, get_proxy, }, -#if 0 - { EDG_WLPR_COMMAND_LIST, list_proxies, }, - { EDG_WLPR_COMMAND_STATUS, status_proxy, }, -#endif - { EDG_WLPR_COMMAND_UPDATE_DB, update_db, }, - { 0, NULL }, -}; - -/* static prototypes */ -static void -usage(char *progname); - -static int -do_listen(char *socket_name, int *sock); - -static int -encode_response(edg_wlpr_Response *response, char **msg); - -static command_table * -find_command(edg_wlpr_Command code); - -static int -proto(int sock); - -static int -doit(int sock); - -static int -decode_request(const char *msg, const size_t msg_len, edg_wlpr_Request *request); - -int -start_watchdog(pid_t *pid); - -static void -catchsig(int sig) -{ - switch (sig) { - case SIGINT: - case SIGTERM: - case SIGQUIT: - die = sig; - break; - case SIGCHLD: - child_died = 1; - break; - default: - break; - } -} - -static command_table * -find_command(edg_wlpr_Command code) -{ - command_table *c; - - for (c = commands; c->code; c++) { - if (c->code == code) - return c; - } - return NULL; -} - -static int -proto(int sock) -{ - char *buf = NULL; - size_t buf_len; - int ret; - edg_wlpr_Response response; - edg_wlpr_Request request; - command_table *command; - struct timeval timeout; - - memset(&request, 0, sizeof(request)); - memset(&response, 0, sizeof(response)); - - timeout.tv_sec = (long) default_timeout; - timeout.tv_usec = (long) ((default_timeout - timeout.tv_sec) * 1e6); - - ret = edg_wlpr_Read(sock, &timeout, &buf, &buf_len); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Error reading from client: %s", - edg_wlpr_GetErrorString(ret)); - return ret; - } - - ret = decode_request(buf, buf_len, &request); - free(buf); - if (ret) - goto end; - - /* XXX check request (protocol version, ...) */ - - command = find_command(request.command); - if (command == NULL) { - ret = EDG_WLPR_ERROR_UNKNOWN_COMMAND; - edg_wlpr_Log(LOG_ERR, "Received unknown command (%d)", request.command); - goto end; - } - - edg_wlpr_Log(LOG_INFO, "Received command code %d for proxy %s and jobid %s", - request.command, - request.proxy_filename ? request.proxy_filename : "(unspecified)", - request.jobid ? request.jobid : "(unspecified)"); - - command->handler(&request, &response); - - ret = encode_response(&response, &buf); - if (ret) - goto end; - - ret = edg_wlpr_Write(sock, &timeout, buf, strlen(buf) + 1); - free(buf); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Error sending response to client: %s", - edg_wlpr_GetErrorString(ret)); - goto end; - } - -end: - edg_wlpr_CleanRequest(&request); - edg_wlpr_CleanResponse(&response); - - return ret; -} - -static int -doit(int sock) -{ - int newsock; - struct sockaddr_un client_addr; - int client_addr_len = sizeof(client_addr); - int flags; - - while (!die) { - - if (child_died) { - int pid, newpid, ret; - - while ((pid=waitpid(-1,NULL,WNOHANG))>0) - ; - ret = start_watchdog(&newpid); - if (ret) - return ret; - edg_wlpr_Log(LOG_DEBUG, "Renewal slave process re-started"); - child_died = 0; - continue; - } - - newsock = accept(sock, (struct sockaddr *) &client_addr, &client_addr_len); - if (newsock == -1) { - if (errno != EINTR) - edg_wlpr_Log(LOG_ERR, "accept() failed"); - continue; - } - edg_wlpr_Log(LOG_DEBUG, "Got connection"); - - flags = fcntl(newsock, F_GETFL, 0); - if (fcntl(newsock, F_SETFL, flags | O_NONBLOCK) < 0) { - edg_wlpr_Log(LOG_ERR, "Can't set O_NONBLOCK mode (%s), closing.\n", - strerror(errno)); - close(newsock); - continue; - } - - proto(newsock); - - edg_wlpr_Log(LOG_DEBUG, "Connection closed"); - close(newsock); - } - edg_wlpr_Log(LOG_DEBUG, "Terminating on signal %d\n",die); - return 0; -} - -static int -decode_request(const char *msg, const size_t msg_len, edg_wlpr_Request *request) -{ - char *value = NULL; -#if 0 - char *p; - int port; -#endif - int ret; - int index; - - /* XXX add an ending zero '\0' */ - - assert(msg != NULL); - assert(request != NULL); - - memset(request, 0, sizeof(*request)); - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_VERSION, SEPARATORS, - 0, &request->version); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Protocol error reading protocol specification: %s", - edg_wlpr_GetErrorString(ret)); - return ret; - } - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_COMMAND, SEPARATORS, - 0, &value); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Protocol error reading command specification: %s", - edg_wlpr_GetErrorString(ret)); - goto err; - } - - ret = edg_wlpr_DecodeInt(value, (int *)(&request->command)); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Received non-numeric command specification (%s)", - value); - free(value); - goto err; - } - free(value); - - if (find_command(request->command) == NULL) { - edg_wlpr_Log(LOG_ERR, "Received unknown command (%d)", request->command); - ret = EDG_WLPR_ERROR_UNKNOWN_COMMAND; - goto err; - } - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_MYPROXY_SERVER, - SEPARATORS, 0, &request->myproxy_server); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) { - edg_wlpr_Log(LOG_ERR, "Protocol error reading myproxy server specification: %s", - edg_wlpr_GetErrorString(ret)); - goto err; - } - -#if 0 - request->myproxy_port = EDG_WLPR_MYPROXY_PORT; /* ??? */ - if (request->myproxy_server && (p = strchr(request->myproxy_server, ':'))) { - *p = '\0'; - port = atol(p+1); /* XXX see myproxy for err check */ - request->myproxy_port = port; - } -#endif - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_PROXY, SEPARATORS, - 0, &request->proxy_filename); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) { - edg_wlpr_Log(LOG_ERR, "Protocol error reading proxy specification: %s", - edg_wlpr_GetErrorString(ret)); - goto err; - } - -#if 0 - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_UNIQUE_PROXY, - SEPARATORS, 0, &value); - if (ret && ret != EDG_WLPR_ERROR_PARSE_NOT_FOUND) - goto err; - if (ret == 0 && strcasecmp(value, "yes") == 0) - request->unique = 1; - free(value); -#endif - - ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_JOBID, SEPARATORS, - 0, &request->jobid); - if (ret && ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) { - edg_wlpr_Log(LOG_ERR, "Protocol error reading JobId : %s", - edg_wlpr_GetErrorString(ret)); - goto err; - } - - index = 0; - while ((ret = edg_wlpr_GetToken(msg, msg_len, EDG_WLPR_PROTO_ENTRY, - SEPARATORS, index, &value)) == 0) { - char **tmp; - - tmp = realloc(request->entries, (index + 2) * sizeof(*tmp)); - if (tmp == NULL) { - ret = ENOMEM; - goto err; - } - request->entries = tmp; - request->entries[index] = value; - index++; - } - if (ret != EDG_WLPR_ERROR_PROTO_PARSE_NOT_FOUND) - goto err; - if (request->entries) - request->entries[index] = NULL; - - return 0; - -err: - edg_wlpr_CleanRequest(request); - return ret; -} - -static int -encode_response(edg_wlpr_Response *response, char **msg) -{ - char *buf; - size_t buf_len; - int ret; - - buf_len = EDG_WLPR_BUF_SIZE; - buf = malloc(buf_len); - if (buf == NULL) - return ENOMEM; - buf[0] = '\0'; - - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_VERSION, - EDG_WLPR_VERSION, SEPARATORS); - if (ret) - goto err; - - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_RESPONSE, - edg_wlpr_EncodeInt(response->response_code), - SEPARATORS); - if (ret) - goto err; - - if (response->myproxy_server) { - char host[1024]; - -#if 0 - snprintf(host, sizeof(host), "%s:%d", response->myproxy_server, - (response->myproxy_port) ? response->myproxy_port : EDG_WLPR_MYPROXY_PORT); -#endif - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_MYPROXY_SERVER, - host, SEPARATORS); - if (ret) - goto err; - } - - if (response->start_time) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_START_TIME, - edg_wlpr_EncodeInt(response->start_time), - SEPARATORS); - if (ret) - goto err; - } - - if (response->end_time) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_END_TIME, - edg_wlpr_EncodeInt(response->end_time), - SEPARATORS); - if (ret) - goto err; - } - - if (response->next_renewal_time) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_RENEWAL_TIME, - edg_wlpr_EncodeInt(response->next_renewal_time), - SEPARATORS); - if (ret) - goto err; - } - - if (response->filenames) { - char **p = response->filenames; - while (*p) { - ret = edg_wlpr_StoreToken(&buf, &buf_len, EDG_WLPR_PROTO_PROXY, *p, - SEPARATORS); - if (ret) - goto err; - p++; - } - } - - buf[strlen(buf)] = '\0'; - *msg = buf; - return 0; - -err: - free(buf); - *msg = NULL; - return ret; -} - - -static void -usage(char *progname) -{ - fprintf(stderr,"usage: %s [option]\n" - "\t-h, --help display this help and exit\n" - "\t-v, --version output version information and exit\n" - "\t-d, --debug don't fork, print out debugging information\n" - "\t-r, --repository repository directory\n" - "\t-c, --condor-limit how long before expiration the proxy must be renewed\n" - "\t-C, --CAdir trusted certificates directory\n" - "\t-V, --VOMSdir trusted VOMS servers certificates directory\n" - "\t-A, --enable-voms renew also VOMS certificates in proxies\n" - "\t-G, --voms-config location of the vomses configuration file\n", - progname); -} - -static int -do_listen(char *socket_name, int *sock) -{ - struct sockaddr_un my_addr; - int s; - int ret; - - assert(sock != NULL); - - memset(&my_addr, 0, sizeof(my_addr)); - my_addr.sun_family = AF_UNIX; - strncpy(my_addr.sun_path, socket_name, sizeof(my_addr.sun_path)); - unlink(socket_name); - umask(0177); - - s = socket(AF_UNIX, SOCK_STREAM, 0); - if (s == -1) { - edg_wlpr_Log(LOG_ERR, "socket(): %s", strerror(errno)); - return errno; - } - - ret = bind(s, (struct sockaddr *)&my_addr, sizeof(my_addr)); - if (ret == -1) { - edg_wlpr_Log(LOG_ERR, "bind(): %s", strerror(errno)); - close(s); - return errno; - } - - ret = listen(s, 50); - if (ret == -1) { - edg_wlpr_Log(LOG_ERR, "listen(): %s", strerror(errno)); - close(s); - return errno; - } - - *sock = s; - return 0; -} - -void -edg_wlpr_Log(int dbg_level, const char *format, ...) -{ - va_list ap; - char log_mess[1024]; - - /* cannot handle the %m format argument specific for syslog() */ - va_start(ap, format); - vsnprintf(log_mess, sizeof(log_mess), format, ap); - va_end(ap); - - if (debug) - printf("[%d] %s\n", getpid(), log_mess); - else - if (dbg_level < LOG_DEBUG) /* XXX make configurable */ - syslog(dbg_level, "%s", log_mess); -} - -int -start_watchdog(pid_t *pid) -{ - pid_t p; - - switch ((p = fork())) { - case -1: - edg_wlpr_Log(LOG_ERR, "fork() failed: %s", - strerror(errno)); - return errno; - case 0: - watchdog_start(); - exit(0); - break; - default: - *pid = p; - return 0; - } - /* not reachable */ - exit(0); -} - -int main(int argc, char *argv[]) -{ - int sock; - char *progname; - int opt; - int fd; - char sockname[PATH_MAX]; - int ret; - pid_t pid; - struct sigaction sa; - const char *s = NULL; - - progname = strrchr(argv[0],'/'); - if (progname) progname++; - else progname = argv[0]; - - repository = EDG_WLPR_REPOSITORY_ROOT; - debug = 0; - - while ((opt = getopt_long(argc, argv, "hvdr:c:C:V:AG:t:k:", opts, NULL)) != EOF) - switch (opt) { - case 'h': usage(progname); exit(0); - case 'v': fprintf(stdout, "%s:\t%s\n", progname, rcsid); exit(0); - case 'd': debug = 1; break; - case 'r': repository = optarg; break; - case 'c': condor_limit = atoi(optarg); break; - case 'C': cadir = optarg; break; - case 'V': vomsdir = optarg; break; - case 'A': voms_enabled = 1; break; - case 'G': vomsconf = optarg; break; - case 't': cert = optarg; break; - case 'k': key = optarg; break; - case '?': usage(progname); return 1; - } - - if (optind < argc) { - usage(progname); - exit(1); - } - - if (chdir(repository)) { - edg_wlpr_Log(LOG_ERR, "Cannot access repository directory %s (%s)", - repository, strerror(errno)); - exit(1); - } - - globus_module_activate(GLOBUS_GSI_CERT_UTILS_MODULE); - globus_module_activate(GLOBUS_GSI_PROXY_MODULE); - - if (!debug) - for (fd = 3; fd < OPEN_MAX; fd++) close(fd); - - if (!debug) { - /* chdir ? */ - if (daemon(1,0) == -1) { - perror("deamon()"); - exit(1); - } - openlog(progname, LOG_PID, LOG_DAEMON); - } - - if (cert) - setenv("X509_USER_CERT", cert, 1); - - if (key) - setenv("X509_USER_KEY", key, 1); - - if (cadir) - setenv("X509_CERT_DIR", cadir, 1); - - s = getenv("GLITE_PR_TIMEOUT"); - default_timeout = s ? atof(s) : GLITE_PR_TIMEOUT_DEFAULT; - - memset(&sa,0,sizeof(sa)); - sa.sa_handler = catchsig; - sigaction(SIGINT,&sa,NULL); - sigaction(SIGQUIT,&sa,NULL); - sigaction(SIGTERM,&sa,NULL); - sigaction(SIGCHLD,&sa,NULL); - sigaction(SIGPIPE,&sa,NULL); - - ret = start_watchdog(&pid); - if (ret) - return 1; - - umask(0177); - snprintf(sockname, sizeof(sockname), "%s%d", - DGPR_REG_SOCKET_NAME_ROOT, getuid()); - /* XXX check that the socket is not already active */ - ret = do_listen(sockname, &sock); - if (ret) - return 1; - edg_wlpr_Log(LOG_DEBUG, "Listening at %s", sockname); - - ret = doit(sock); - - close(sock); - return ret; -} - -int -get_proxy_base_name(char *file, char **name) -{ - X509 *cert = NULL; - EVP_PKEY *key = NULL; - STACK_OF(X509) *chain = NULL; - X509_NAME *subject = NULL; - int ret; - - ret = load_proxy(file, &cert, &key, &chain, NULL); - if (ret) - return ret; - - subject = X509_NAME_dup(X509_get_subject_name(cert)); - - sk_X509_insert(chain, cert, 0); - cert = NULL; - - ret = globus_gsi_cert_utils_get_base_name(subject, chain); - if (ret) { - edg_wlpr_Log(LOG_ERR, "Cannot get subject name from proxy %s", file); - ret = EDG_WLPR_ERROR_SSL; /* XXX ??? */ - goto end; - } - - *name = X509_NAME_oneline(subject, NULL, 0); - ret = 0; - -end: - if (cert) - X509_free(cert); - if (key) - EVP_PKEY_free(key); - if (chain) - sk_X509_pop_free(chain, X509_free); - if (subject) - X509_NAME_free(subject); - - return ret; -} diff --git a/org.glite.security.proxyrenewal/src/renewd_locl.h b/org.glite.security.proxyrenewal/src/renewd_locl.h deleted file mode 100644 index c4b8de4..0000000 --- a/org.glite.security.proxyrenewal/src/renewd_locl.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef RENEWALD_LOCL_H -#define RENEWALD_LOCL_H - -#ident "$Header$" - -#include -#include -#include -#include -#include - -#include "renewal.h" - -#ifdef HAVE_DMALLOC_H -#include -#endif - -/* XXX */ -#if 0 -#define EDG_WLPR_ERROR_PARSE_NOT_FOUND EDG_WLPR_ERROR_PROTO_PARSE_ERROR -#define EDG_WLPR_ERROR_NOTFOUND EDG_WLPR_PROXY_NOT_REGISTERED -#endif - -typedef struct { - unsigned int len; - char **val; -} prd_list; - -typedef struct { - int suffix; - prd_list jobids; - int unique; - int voms_exts; - char *myproxy_server; - time_t end_time; - time_t next_renewal; -} proxy_record; - -/* commands */ -void -register_proxy(edg_wlpr_Request *request, edg_wlpr_Response *response); - -void -unregister_proxy(edg_wlpr_Request *request, edg_wlpr_Response *response); - -void -get_proxy(edg_wlpr_Request *request, edg_wlpr_Response *response); - -void -update_db(edg_wlpr_Request *request, edg_wlpr_Response *response); - -int -get_times(char *proxy_file, proxy_record *record); - -void -watchdog_start(void); - -void -edg_wlpr_Log(int dbg_level, const char *format, ...); - -int -decode_record(char *line, proxy_record *record); - -int -encode_record(proxy_record *record, char **line); - -void -free_record(proxy_record *record); - -int -load_proxy(const char *filename, X509 **cert, EVP_PKEY **privkey, - STACK_OF(X509) **chain, globus_gsi_cred_handle_t *proxy); - -int -get_proxy_base_name(char *file, char **subject); - -int -renew_voms_creds(const char *cur_file, const char *renewed_file, const char *new_file); - -#endif /* RENEWALD_LOCL_H */ diff --git a/org.glite.security.proxyrenewal/src/voms.c b/org.glite.security.proxyrenewal/src/voms.c deleted file mode 100644 index f570fd4..0000000 --- a/org.glite.security.proxyrenewal/src/voms.c +++ /dev/null @@ -1,318 +0,0 @@ -#include "renewal_locl.h" -#include "renewd_locl.h" - -#include -#include - -#include "glite/security/voms/voms_apic.h" - -#include "newformat.h" - -char * Decode(const char *, int, int *); -char **listadd(char **, char *, int); - -extern char *vomsconf; - -static int -generate_proxy(globus_gsi_cred_handle_t cur_proxy, - X509_EXTENSION *voms_extension, const char *new_file) -{ - globus_result_t result; - globus_gsi_proxy_handle_t proxy_handle = NULL; - globus_gsi_cred_handle_t proxy = NULL; - EVP_PKEY *cur_proxy_priv_key = NULL; - X509 *new_cert = NULL; - X509 *voms_cert = NULL; - globus_gsi_cert_utils_cert_type_t proxy_type; - - result = globus_gsi_proxy_handle_init(&proxy_handle, NULL); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_proxy_handle_init() failed\n"); - goto end; - } - - result = globus_gsi_cred_get_key(cur_proxy, &cur_proxy_priv_key); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_cred_get_key() failed\n"); - goto end; - } - - /* Create and sign a new proxy */ - result = globus_gsi_cred_get_cert_type(cur_proxy, &proxy_type); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_cred_get_cert_type() failed\n"); - goto end; - } - - result = globus_gsi_proxy_handle_set_type(proxy_handle, proxy_type); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_proxy_handle_set_type() failed\n"); - goto end; - } - - result = globus_gsi_proxy_create_signed(proxy_handle, cur_proxy, &proxy); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_proxy_handle_init() failed\n"); - goto end; - } - - /* Get the new proxy */ - result = globus_gsi_cred_get_cert(proxy, &new_cert); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_cred_get_cert() failed\n"); - goto end; - } - - /* The Globus API doesn't allow to store custom X.509 extensions */ - voms_cert = X509_dup(new_cert); - if (voms_cert->cert_info->extensions == NULL) - voms_cert->cert_info->extensions = sk_X509_EXTENSION_new_null(); - sk_X509_EXTENSION_push(voms_cert->cert_info->extensions, voms_extension); - - /* Openssl ensures that memory containing old signature structures is unallocated */ -#if 0 - X509_sign(voms_cert, cur_proxy_priv_key, proxy_handle->attrs->signing_algorithm); -#else - X509_sign(voms_cert, cur_proxy_priv_key, EVP_md5()); -#endif - - /* And put the cert back, older one is unallocated by the function */ - result = globus_gsi_cred_set_cert(proxy, voms_cert); - if (result) { - edg_wlpr_Log(LOG_ERR, "globus_gsi_cred_set_cert() failed\n"); - goto end; - } - - result = globus_gsi_cred_write_proxy(proxy, (char *)new_file); - -end: - - return 0; -} - -static int -my_VOMS_Export(void *buf, int buf_len, X509_EXTENSION **extension) -{ - AC *ac = NULL; - unsigned char *p, *pp; - AC **voms_attrs = NULL; - - p = pp = buf; - ac = d2i_AC(NULL, &p, buf_len+1); - if (ac == NULL) { - edg_wlpr_Log(LOG_ERR, "d2i_AC() failed\n"); - return 1; - } - - voms_attrs = (AC **)listadd((char **)voms_attrs, (char *)ac, sizeof(AC *)); - - *extension = X509V3_EXT_conf_nid(NULL, NULL, OBJ_txt2nid("acseq"), - (char*)voms_attrs); - return 0; -} - -static int -create_voms_command(struct vomsdata *vd, struct voms **voms_cert, char **command) -{ - int voms_error, ret; - struct data **attribs; - -#if 0 - VOMS_ResetOrder(vd, &voms_error); - for (i = 2; i < argc; i++) { - ret = VOMS_Ordering(argv[i], vd, &voms_error); - if (ret == 0) { - edg_wlpr_Log(LOG_ERR, "VOMS_Ordering() failed\n"); - return 1; - } - } -#endif - - if (voms_cert == NULL || *voms_cert == NULL || (*voms_cert)->std == NULL) { - edg_wlpr_Log(LOG_ERR, "Invalid VOMS certificate\n"); - return 1; - } - - attribs = (*voms_cert)->std; - - if (strcmp (attribs[0]->role, "NULL") == 0 ) - ret = asprintf(command, "G%s", attribs[0]->group); - else - ret = asprintf(command, "B%s:%s", attribs[0]->group, attribs[0]->role); - -end: - - return 0; -} - -static int -renew_voms_cert(struct vomsdata *vd, struct voms **voms_cert, - char **buf, size_t *buf_len) -{ - int voms_error = 0, i, ret, voms_version; - struct contactdata **voms_contacts = NULL; - char *command = NULL; - - voms_contacts = VOMS_FindByVO(vd, (*voms_cert)->voname, vomsconf, NULL, &voms_error); - - if (voms_contacts == NULL) { - edg_wlpr_Log(LOG_ERR, "VOMS_FindByVO() failed\n"); - return 1; - } - - ret = create_voms_command(vd, voms_cert, &command); - - /* XXX iterate over all servers on the list on errors */ - ret = VOMS_ContactRaw(voms_contacts[0]->host, voms_contacts[0]->port, - voms_contacts[0]->contact, command, - (void**) buf, buf_len, &voms_version, - vd, &voms_error); - if (ret == 0) { - edg_wlpr_Log(LOG_ERR, "VOMS_Contact() failed\n"); - return 1; - } - - VOMS_DeleteContacts(voms_contacts); - - if (command) - free(command); - - return 0; -} - -static int -renew_voms_certs(const char *cur_file, const char *renewed_file, const char *new_file) -{ - globus_gsi_cred_handle_t cur_proxy = NULL; - globus_gsi_cred_handle_t new_proxy = NULL; - struct vomsdata *vd = NULL; - struct voms **voms_cert = NULL; - int voms_err, ret; - X509 *cert = NULL; - STACK_OF(X509) *chain = NULL; - char *buf = NULL; - size_t buf_len = 0; - X509_EXTENSION *extension = NULL; - char *old_env_proxy = getenv("X509_USER_PROXY"); - char *old_env_cert = getenv("X509_USER_CERT"); - char *old_env_key = getenv("X509_USER_KEY"); - - setenv("X509_USER_PROXY", cur_file, 1); - setenv("X509_USER_CERT", renewed_file, 1); - setenv("X509_USER_KEY", renewed_file, 1); - - ret = load_proxy(cur_file, &cert, NULL, &chain, &cur_proxy); - if (ret) - goto end; - - vd = VOMS_Init(NULL, NULL); - if (vd == NULL) { - edg_wlpr_Log(LOG_ERR, "VOMS_Init() failed\n"); - return 1; - } - - ret = VOMS_Retrieve(cert, chain, RECURSE_CHAIN, vd, &voms_err); - if (ret == 0) { - if (voms_err == VERR_NOEXT) { - /* no VOMS cred, no problem; continue */ - /* XXX this part shouldn't be reachable, this call is only called - * if the proxy does contain VOMS attributes */ - edg_wlpr_Log(LOG_ERR, "No VOMS attributes found in proxy %s\n", cur_file); - ret = 0; - goto end; - } else { - edg_wlpr_Log(LOG_ERR, "Cannot get VOMS certificate(s) from proxy"); - ret = 1; - goto end; - } - } - - /* XXX make sure this loop can really work for multiple voms certificates - * embedded in the proxy */ - for (voms_cert = vd->data; voms_cert && *voms_cert; voms_cert++) { - char *tmp, *ptr; - size_t tmp_len; - - ret = renew_voms_cert(vd, voms_cert, &tmp, &tmp_len); - if (ret) - goto end; - ptr = realloc(buf, buf_len + tmp_len); - if (ptr == NULL) { - ret = ENOMEM; - goto end; - } - buf = ptr; - memcpy(buf + buf_len, tmp, tmp_len); - buf_len += tmp_len; - } - - if (buf == NULL) { - /* no extension renewed, return */ - ret = 0; - goto end; - } - - ret = my_VOMS_Export(buf, buf_len, &extension); - if (ret) - goto end; - - ret = load_proxy(renewed_file, NULL, NULL, NULL, &new_proxy); - if (ret) - goto end; - - ret = generate_proxy(new_proxy, extension, new_file); - -end: - (old_env_proxy) ? setenv("X509_USER_PROXY", old_env_proxy, 1) : - unsetenv("X509_USER_PROXY"); - (old_env_cert) ? setenv("X509_USER_CERT", old_env_cert, 1) : - unsetenv("X509_USER_CERT"); - (old_env_key) ? setenv("X509_USER_KEY", old_env_key, 1) : - unsetenv("X509_USER_KEY"); - - if (cert) - X509_free(cert); - if (chain) - sk_X509_pop_free(chain, X509_free); - if (vd) - VOMS_Destroy(vd); - if (cur_proxy) - globus_gsi_cred_handle_destroy(cur_proxy); - if (new_proxy) - globus_gsi_cred_handle_destroy(new_proxy); - if (buf) - free(buf); - - return ret; -} - -int -renew_voms_creds(const char *cur_file, const char *renewed_file, const char *new_file) -{ - return renew_voms_certs(cur_file, renewed_file, new_file); -} - -#if 0 -int -main(int argc, char *argv[]) -{ - int ret; - const char *current_proxy = "/tmp/x509up_u11930"; - const char *renewed_proxy = "/tmp/proxy"; - - if (argc > 1) - current_proxy = argv[1]; - if (argc > 2) - renewed_proxy = argv[2]; - - if (globus_module_activate(GLOBUS_GSI_PROXY_MODULE) != GLOBUS_SUCCESS || - globus_module_activate(GLOBUS_GSI_CERT_UTILS_MODULE) != GLOBUS_SUCCESS) { - edg_wlpr_Log(LOG_ERR, "[%d]: Unable to initialize Globus modules\n", getpid()); - return 1; - } - - ret = renew_voms_certs(current_proxy, renewed_proxy); - - return 0; -} -#endif diff --git a/org.glite.wms-utils.exception/.cvsignore b/org.glite.wms-utils.exception/.cvsignore deleted file mode 100644 index e970233..0000000 --- a/org.glite.wms-utils.exception/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project \ No newline at end of file diff --git a/org.glite.wms-utils.exception/LICENSE b/org.glite.wms-utils.exception/LICENSE deleted file mode 100755 index 01b973b..0000000 --- a/org.glite.wms-utils.exception/LICENSE +++ /dev/null @@ -1,69 +0,0 @@ -LICENSE file for EGEE Middleware -================================ - -Copyright (c) 2004 on behalf of the EU EGEE Project: -The European Organization for Nuclear Research (CERN), -Istituto Nazionale di Fisica Nucleare (INFN), Italy -Datamat Spa, Italy -Centre National de la Recherche Scientifique (CNRS), France -CS Systeme d'Information (CSSI), France -Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -Universiteit van Amsterdam (UvA), Netherlands -University of Helsinki (UH.HIP), Finlan -University of Bergen (UiB), Norway -Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -1. Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright -notice, this list of conditions and the following disclaimer in the -documentation and/or other materials provided with the distribution. - -3. The end-user documentation included with the redistribution, if -any, must include the following acknowledgment: "This product includes -software developed by The EU EGEE Project (http://cern.ch/eu-egee/)." -Alternatively, this acknowledgment may appear in the software itself, if -and wherever such third-party acknowledgments normally appear. - -4. The names EGEE and the EU EGEE Project must not be -used to endorse or promote products derived from this software without -prior written permission. For written permission, please contact -. - -5. You are under no obligation whatsoever to provide anyone with any -bug fixes, patches, or upgrades to the features, functionality or -performance of the Software ("Enhancements") that you may develop over -time; however, if you choose to provide your Enhancements to The EU -EGEE Project, or if you choose to otherwise publish or distribute your -Enhancements, in source code form without contemporaneously requiring -end users of The EU EGEE Proejct to enter into a separate written license -agreement for such Enhancements, then you hereby grant The EU EGEE Project -a non-exclusive, royalty-free perpetual license to install, use, copy, -modify, prepare derivative works, incorporate into the EGEE Middleware -or any other computer software, distribute, and sublicense your -Enhancements or derivative works thereof, in binary and source code -form (if any), whether developed by The EU EGEE Project or third parties. - -THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL PROJECT OR ITS CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE -OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -This software consists of voluntary contributions made by many -individuals on behalf of the EU EGEE Prject. For more information on The -EU EGEE Project, please see http://cern.ch/eu-egee/. For more information on -EGEE Middleware, please see http://egee-jra1.web.cern.ch/egee-jra1/ - - diff --git a/org.glite.wms-utils.exception/Makefile.am b/org.glite.wms-utils.exception/Makefile.am deleted file mode 100755 index b66c2bb..0000000 --- a/org.glite.wms-utils.exception/Makefile.am +++ /dev/null @@ -1,67 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -## Process this file with automake to produce Makefile.in -EXTRA_DIST = LICENSE - -docdir = $(datadir)/doc/@PACKAGE@-@VERSION@ -doc_DATA = LICENSE -## Subdirectories list -SUBDIRS = interface src - -## Default flags to run aclocal -ACLOCAL_AMFLAGS = -I project - -stage: - @set fnord $(MAKEFLAGS); amf=$$2; \ - dot_seen=no; \ - target="install"; \ - prefix_arg="@prefix@"; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target $$prefix_arg in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target $$prefix_arg) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" $$prefix_arg || exit 1; \ - fi; test -z "$$fail" - -distsrc: dist - mv $(distdir).tar.gz $(DISTTAR)/$(distdir)_src.tar.gz - -distbin: - @set fnord $(MAKEFLAGS); amf=$$2; \ - dot_seen=no; \ - target="install"; \ - tmpdistbin="$(WORKDIR)/dist_bin"; \ - prefix_arg="prefix=$$tmpdistbin"; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target $$prefix_arg in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target $$prefix_arg) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" $$prefix_arg || exit 1; \ - fi; test -z "$$fail"; \ - pushd $$tmpdistbin; \ - $(AMTAR) -zcf $(DISTTAR)/$(distdir)_bin.tar.gz .; \ - popd; \ - rm -rf $$tmpdistbin - diff --git a/org.glite.wms-utils.exception/bootstrap b/org.glite.wms-utils.exception/bootstrap deleted file mode 100755 index ceeb099..0000000 --- a/org.glite.wms-utils.exception/bootstrap +++ /dev/null @@ -1,9 +0,0 @@ -#! /bin/sh - -mkdir -p src/autogen -set -x -aclocal -I project -libtoolize --force -autoheader -automake --foreign --add-missing --copy -autoconf diff --git a/org.glite.wms-utils.exception/build.xml b/org.glite.wms-utils.exception/build.xml deleted file mode 100755 index d12e8c2..0000000 --- a/org.glite.wms-utils.exception/build.xml +++ /dev/null @@ -1,104 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.wms-utils.exception/configure.ac b/org.glite.wms-utils.exception/configure.ac deleted file mode 100755 index 30f379f..0000000 --- a/org.glite.wms-utils.exception/configure.ac +++ /dev/null @@ -1,115 +0,0 @@ -# -# Copyright (c) 2004 on behalf of the EU EGEE Project: -# The European Organization for Nuclear Research (CERN), -# Istituto Nazionale di Fisica Nucleare (INFN), Italy -# Datamat Spa, Italy -# Centre National de la Recherche Scientifique (CNRS), France -# CS Systeme d'Information (CSSI), France -# Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -# Universiteit van Amsterdam (UvA), Netherlands -# University of Helsinki (UH.HIP), Finland -# University of Bergen (UiB), Norway -# Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom -# -# Common configure.ac file for the GLite WMS Common module -# -# Authors: Alberto Di Meglio -# Version info: $Id$ -# Release: $Name$ -# -# Revision history: -# $Log$ -# Revision 1.9 2004/11/16 15:31:13 eronchie -# Increased version -# -# Revision 1.8 2004/09/22 00:25:17 glbuild -# Fixed missing parenthesis -# -# Revision 1.7 2004/09/21 19:21:57 glbuild -# modified module.version -# -# Revision 1.6 2004/08/17 10:41:47 eronchie -# Added optimize option -# -# Revision 1.5 2004/07/23 08:02:09 eronchie -# Updated configure.ac -# -# Revision 1.4 2004/07/21 18:49:26 eronchie -# Added AC_GLITE -# -# Revision 1.3 2004/07/21 18:47:49 eronchie -# Removed obsolete things -# -# Revision 1.2 2004/07/21 18:44:22 eronchie -# Updated header file -# -# Revision 1.1.1.1 2004/07/21 18:16:57 eronchie -# Moved out exception from org.glite.wms.common/src/utilitiesY -# -# -# - -# Process this file with autoconf to produce a configure script. - -AC_PREREQ(2.57) -AC_INIT([GLite WMS Utils Exception], [1.0.0]) -AC_CONFIG_AUX_DIR([./project]) -AM_INIT_AUTOMAKE([1.6.3 subdir-objects]) -AC_CONFIG_SRCDIR([src/Exception.cpp]) - -# Notices. -AC_COPYRIGHT([Copyright (c) 2004 The EU EGEE Project -See LICENCE file for details -]) -AC_REVISION([$Revision$]) - -#Environment. -WORKDIR=`pwd` -AC_SUBST(WORKDIR) - -# Checks for programs. -AC_PROG_CC -AC_PROG_CPP -AC_PROG_CXX -AC_PROG_CXXCPP -AM_PROG_CC_C_O -AC_PROG_LIBTOOL - -# Checks for libraries. - -# Checks for header files. -AC_CHECK_HEADERS([fcntl.h mntent.h sys/vfs.h syslog.h unistd.h]) - -# Checks for typedefs, structures, and compiler characteristics. -AC_HEADER_STDBOOL -AC_C_CONST -AC_C_INLINE -AC_TYPE_OFF_T -AC_TYPE_SIZE_T -AC_CHECK_MEMBERS([struct stat.st_rdev]) -AC_TYPE_UID_T -AC_CHECK_TYPES([ptrdiff_t]) - -# Checks for library functions. -AC_HEADER_STDC -AC_FUNC_ERROR_AT_LINE -AC_FUNC_GETMNTENT -AC_FUNC_MEMCMP -AC_FUNC_STAT -AC_FUNC_STRFTIME -AC_FUNC_VPRINTF -AC_CHECK_FUNCS([bzero endpwent ftruncate getmntent memset mkdir pow strerror strtol]) - -AC_GLITE - -AC_OPTIMIZE - -# Configuration items -AC_PREFIX_DEFAULT([/opt/glite]) -AM_CONFIG_HEADER([src/autogen/config.h]) -AC_CONFIG_FILES([Makefile]) -AC_CONFIG_FILES([src/Makefile]) -AC_CONFIG_FILES([interface/Makefile]) - -AC_OUTPUT - diff --git a/org.glite.wms-utils.exception/interface/Makefile.am b/org.glite.wms-utils.exception/interface/Makefile.am deleted file mode 100755 index 3c4ccb7..0000000 --- a/org.glite.wms-utils.exception/interface/Makefile.am +++ /dev/null @@ -1,14 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -exceptiondir = $(includedir) -nobase_exception_HEADERS = \ - glite/wmsutils/exception/exception_codes.h \ - glite/wmsutils/exception/Exception.h - -MAINTAINERCLEANFILES = Makefile.in diff --git a/org.glite.wms-utils.exception/interface/glite/wmsutils/exception/Exception.h b/org.glite.wms-utils.exception/interface/glite/wmsutils/exception/Exception.h deleted file mode 100644 index 19ca7c7..0000000 --- a/org.glite.wms-utils.exception/interface/glite/wmsutils/exception/Exception.h +++ /dev/null @@ -1,138 +0,0 @@ -#ifndef GLITE_WMS_UTILS_EXCEPTION_EXCEPTION_H -#define GLITE_WMS_UTILS_EXCEPTION_EXCEPTION_H - -/* - * Exception.h - * Copyright (c) 2001 The European Datagrid Project - IST programme, all rights reserved. - * Contributors are mentioned in the code where appropriate. - */ - -#include -#include -//#include -#include // For logging exceptions to log file -#include // list the exception codes -#include -#include -#include // base ancestor stl::exception - - -namespace glite { - namespace wmsutils { - namespace exception { - -extern pthread_mutex_t METHOD_MUTEX; // used in order to store info into a file (rather then syslog) -#define GLITE_STACK_TRY(method_name) std::string METHOD = method_name ; int LINE = __LINE__ ; try { -#define GLITE_STACK_CATCH() } catch (glite::wmsutils::exception::Exception &exc){ exc.push_back ( __FILE__ , LINE, METHOD ); throw exc ; } catch (std::exception &ex){ glite::wmsutils::exception::Exception exc( __FILE__ , LINE, METHOD, 0, "Standard exception: " + std::string(ex.what()) ); throw exc; } - -/** - * The Exception base classe contains attributes into which are placed exception information and provides - * constructor that beyond the error code take parameters specifying the source file and line number - * (e.g. through __FILE__ and __LINE__) where the error has been generated and string messages, - * allowing an easy way of storing the origin of the exception. - * Moreover it provides methods for getting all the exception information and for logging them either - * in a log file or to the syslog daemon. - * Each of the derived types may contain its private attributes describing the actual error instance in detail. - * Moreover each exception has an attribute representing the exception identifier that is set by the - * class constructor and allows the identification of the original exception. - * - * @version 0.1 - * @date 22 July 2004 - * @author Alessandro Maraschini -*/ - -class Exception : public std::exception{ - public: - /** - * Constructor Update all mandatory fields - * @param method the name of the method that raised the exception - * @param source The source that raised the exception (could be the file path, the class Name, etc etc) - * @param exc the previous exception as in the stack trace */ - Exception ( const std::string& source, const std::string& method, Exception *exc); - /** - * Constructor Update all mandatory fields - * @param code the code representing the thrown exception - * @param exception the name of the thrown exception - * @param method the name of the method that raised the exception - * @param source The source that raised the exception (could be the file path, the class Name, etc etc) */ - Exception ( const std::string& source, const std::string& method, int code, const std::string& exception); - - /** - * Constructor Update all mandatory fields - * @param source the path of the file that raised the exception - * @param line_number the number of the line in the file that raised the exception - * @param method the name of the method that raised the exception - * @param code the code representing the thrown exception - * @param exception the name of the thrown exception */ - Exception (const std::string& source, int line_number, const std::string& method, int code, const std::string& exception); - /** - * Default Destructor - */ - virtual ~Exception() throw (); - /** - * Return a string debug message containing information about Exception thrown - * Debug message contains all the attributes stored in an exception instance such as the method, the file and the line - * that threw the exception. - *@return the debug message string representation - */ - virtual std::string dbgMessage(); - /** - * Return the error code - * @return The integer representing the code of the error that generated the exception - */ - virtual int getCode(); - - /** - * return the Error Message associated to the Exception - * @return The Exception string message representation - */ - virtual const char* what() const throw (); - - /** - * Print Exception error information into a log file - * @param logfile the file where to log exception information - */ - virtual void log(const std::string& logfile = ""); - /** - * Retrieve the Exception name - * @return the name of the Exception thrown - */ - virtual std::string getExceptionName(); - - /** - * Retrieve the Stack of the exception as a list of previous generated exceptions - *@return the string representation of the stack trace: each line correspond to an exception message - */ - virtual std::string printStackTrace() ; - /** - * Return the list of methods that caused the Exception - */ - virtual std::vector getStackTrace() ; - /** - * Update stack information - */ - virtual void push_back ( const std::string& source, int line_number, const std::string& method ) ; - protected: - /** Empty constructor*/ - Exception(); - /** integer error code representing the cause of the error */ - int error_code; - /** string exception message representation*/ - std::string error_message ; - /** line number where the exception was raised */ - int line; - /** The name of the file where the exception was raised */ - std::string source_file; - /** the name of the exception */ - std::string exception_name; - /** the name of the method where the expceiton was raised */ - std::string method_name ; - /** a string representation of the stacktrace */ - std::string stack; - /** the actual internal stacktrace representation */ - std::vector< std::string> stack_strings ; - /** the name of the ancestor exception */ - std::string ancestor ; -}; //End Exception Class -}}} // Closing namespace -#endif diff --git a/org.glite.wms-utils.exception/interface/glite/wmsutils/exception/exception_codes.h b/org.glite.wms-utils.exception/interface/glite/wmsutils/exception/exception_codes.h deleted file mode 100755 index fce99aa..0000000 --- a/org.glite.wms-utils.exception/interface/glite/wmsutils/exception/exception_codes.h +++ /dev/null @@ -1,41 +0,0 @@ -#ifndef GLITE_WMSUTILS_EXCEPTION_CODES_H -#define GLITE_WMSUTILS_EXCEPTION_CODES_H -// pure C-style code (needed by some libraries) -#define GLITE_WMS_COMMON_ERROR_BASE 900 -#define GLITE_WMS_USERINTERFACE_ERROR_BASE 1000 -#define GLITE_WMS_NETWORKSERVER_ERROR_BASE 1200 -#define GLITE_WMS_SOCKET_ERROR_BASE 1300 -#define GLITE_WMS_LDAP_ERROR_BASE 1350 -#define GLITE_WMS_LOGGING_ERROR_BASE 1400 -#define GLITE_WMS_REQUESTAD_ERROR_BASE 1500 -#define GLITE_WMS_CHECKPOINT_ERROR_BASE 1600 -#define GLITE_WMS_CONFIGURATION_ERROR_BASE 1800 -#ifdef __cplusplus -namespace glite { -namespace wmsutils { -namespace exception { - /** - * The Error Code - */ - enum { - WMS_COMMON_BASE = GLITE_WMS_COMMON_ERROR_BASE, - THREAD_INIT , // pthread_attr_init method failed - THREAD_DETACH , // pthread_attr_setdetachstate method failed - THREAD_CREATE , // pthread_create method failed - THREAD_JOIN, - THREAD_SSL, - WMS_FATAL_ERROR, - WMS_UI_ERROR_BASE = GLITE_WMS_USERINTERFACE_ERROR_BASE, - WMS_NS_ERROR_BASE = GLITE_WMS_NETWORKSERVER_ERROR_BASE, - WMS_SOCKET_ERROR_BASE = GLITE_WMS_SOCKET_ERROR_BASE, - WMS_LDAP_ERROR_BASE = GLITE_WMS_LDAP_ERROR_BASE, - WMS_LB_ERROR_BASE = GLITE_WMS_LOGGING_ERROR_BASE , - WMS_REQUESTAD_ERROR_BASE = GLITE_WMS_REQUESTAD_ERROR_BASE, - WMS_CHKPT_ERROR_BASE = GLITE_WMS_CHECKPOINT_ERROR_BASE, - WMS_CONFIGURATION_ERROR_BASE = GLITE_WMS_CONFIGURATION_ERROR_BASE - }; -} // exception namespace -} // wmsutils namespace -} // glite namespace -#endif //ifdef c++ -#endif diff --git a/org.glite.wms-utils.exception/project/build.number b/org.glite.wms-utils.exception/project/build.number deleted file mode 100644 index 01c437a..0000000 --- a/org.glite.wms-utils.exception/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=138 diff --git a/org.glite.wms-utils.exception/project/build.properties b/org.glite.wms-utils.exception/project/build.properties deleted file mode 100755 index e69de29..0000000 diff --git a/org.glite.wms-utils.exception/project/configure.properties.xml b/org.glite.wms-utils.exception/project/configure.properties.xml deleted file mode 100644 index 04d3b17..0000000 --- a/org.glite.wms-utils.exception/project/configure.properties.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - diff --git a/org.glite.wms-utils.exception/project/properties.xml b/org.glite.wms-utils.exception/project/properties.xml deleted file mode 100755 index 1e49af0..0000000 --- a/org.glite.wms-utils.exception/project/properties.xml +++ /dev/null @@ -1,83 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.wms-utils.exception/project/version.properties b/org.glite.wms-utils.exception/project/version.properties deleted file mode 100755 index cd1e9e7..0000000 --- a/org.glite.wms-utils.exception/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.wms-utils.exception/src/Exception.cpp b/org.glite.wms-utils.exception/src/Exception.cpp deleted file mode 100644 index 38c086d..0000000 --- a/org.glite.wms-utils.exception/src/Exception.cpp +++ /dev/null @@ -1,118 +0,0 @@ -/* ************************************************************************** -* filename : Exceptions.cpp -* author : Alessandro Maraschini -* copyright : (C) 2002 by DATAMAT -***************************************************************************/ - -#include "glite/wmsutils/exception/Exception.h" -#include "glite/wmsutils/exception/exception_codes.h" - -namespace glite { -namespace wmsutils{ -namespace exception { -using namespace std ; -pthread_mutex_t METHOD_MUTEX ; // This mutex is used in order to lock the file for writing log infornation - -/* ********************************* -* Exception Class Implementation -************************************/ -//Constructor/Destructor -Exception::Exception () { - line = 0; -}; - -Exception::~Exception() throw(){ } - -/** -* Exception chainig -*/ -void Exception::push_back (const string& source, int line_number, const string& method){ - stack_strings.push_back (dbgMessage()); - ancestor = what(); - source_file = source; - line = line_number; - method_name = method; - error_message = ""; -} - -Exception::Exception( const std::string& file, int line_number, const std::string& method, int code, const std::string& name) - : error_code(code), exception_name(name){ - source_file = file; - line = line_number; - method_name = method; -}; - -Exception::Exception (const string& source, const string& method, int code, const string& exception) - : error_code(code), exception_name(exception){ - source_file = source; - method_name = method; - // stack= ""; - line = 0; -}; - -int Exception::getCode(){ - if (error_code != 0) return error_code; - else - return WMS_COMMON_BASE; -}; - -const char* Exception::what() const throw(){ - if (!ancestor.empty()) return ancestor.c_str(); - return error_message.c_str(); -}; - -string Exception::getExceptionName(){ - return exception_name; -}; - -void Exception::log(const std::string& logfile) -{ - if (logfile == "") - syslog (LOG_PERROR, (char *)(dbgMessage()).c_str()); - else{ - pthread_mutex_lock( &METHOD_MUTEX); // LOCK - //TBD : test if file exist-->>Create HEADER ?? - ofstream fout ((char *) logfile.c_str() , ios::app ); //Open the file for writing (if it doesn't exist then it will be created) - fout << "\n" << dbgMessage() ; //write (append) the message - fout.close(); //close the file - pthread_mutex_unlock( &METHOD_MUTEX); // UNLOCK - } -}; - -string Exception::printStackTrace(){ - string stack = "" ; - for (unsigned int i = 0 ; i < stack_strings.size() ; i++ ){ - stack+=stack_strings[i] +"\n" ; - } - return stack +dbgMessage(); -}; - -vector Exception::getStackTrace(){ - // make a copy of the stack - vector stack = stack_strings ; - stack.push_back(dbgMessage()) ; - return stack; -}; - -string Exception::dbgMessage(){ - string result ; - result = ""; - // Exception name should be displayed only once - if (stack_strings.size()==0){result +=exception_name;}; - //Adding error msg - if (error_message!="") result +=": " + string(what()); - if (result != "") result+="\n"; - //Adding Source - result +="\tat " + method_name +"[" +source_file; - //Adding line number - if (line!=0){ - char buffer [1024] ; - sprintf (buffer, "%i" , line) ; - result += ":" + string ( buffer ); - } - result +="]" ; - return result; -} - -}}} // Closing namespace - diff --git a/org.glite.wms-utils.exception/src/Makefile.am b/org.glite.wms-utils.exception/src/Makefile.am deleted file mode 100755 index 0c5caac..0000000 --- a/org.glite.wms-utils.exception/src/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -lib_LTLIBRARIES = libglite_wmsutils_exception.la - -libglite_wmsutils_exception_la_SOURCES = \ - Exception.cpp - -AM_CPPFLAGS = -I$(top_srcdir)/interface \ - -I$(top_srcdir)/src - -MAINTAINERCLEANFILES = Makefile.in *.*~ diff --git a/org.glite.wms-utils.exception/test/Makefile.am b/org.glite.wms-utils.exception/test/Makefile.am deleted file mode 100755 index a972450..0000000 --- a/org.glite.wms-utils.exception/test/Makefile.am +++ /dev/null @@ -1,33 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -EXCEPTION_LIBS = $(top_builddir)/src/libglite_wmsutils_exception.la - -TESTS = glite-wmsutils-exception - -check_PROGRAMS = $(TESTS) - -glite_wmsutils_exception_SOURCES = exception_cu_suite.cpp \ - exception_cu_suite.h \ - exception_cu_main.cpp - -glite_wmsutils_exception_LDADD = \ - $(GLITE_WMSUTILS_EXCEPTION_LIBS) \ - $(GLOBUS_GSS_THR_LIBS) \ - $(EXCEPTION_LIBS) \ - $(CPPUNIT_LIBS) - -AM_CPPFLAGS = \ - -I$(top_srcdir)/src \ - -I$(top_srcdir)/test \ - $(GLITE_CFLAGS) \ - $(GLOBUS_THR_CFLAGS) \ - $(CPPUNIT_CFLAGS) - -MAINTAINERCLEANFILES = Makefile.in *~ - diff --git a/org.glite.wms-utils.exception/test/exception_cu_main.cpp b/org.glite.wms-utils.exception/test/exception_cu_main.cpp deleted file mode 100644 index 182df4c..0000000 --- a/org.glite.wms-utils.exception/test/exception_cu_main.cpp +++ /dev/null @@ -1,33 +0,0 @@ -#include -#include - -#include "exception_cu_suite.h" - -#include -#include -#include -#include -#include - -using namespace CppUnit; -using namespace std; - -int main (int argc , char** argv) -{ - std::ofstream xml("./cppUnit_output.xml",ios::app); - - CppUnit::TestResult controller; - CppUnit::TestResultCollector result; - controller.addListener( &result ); - - TestRunner runner; - runner.addTest(Exception_test::suite()); - runner.run(controller); - - CppUnit::XmlOutputter outputter( &result, xml ); - CppUnit::TextOutputter outputter2( &result, std::cerr ); - outputter.write(); - outputter2.write(); - - return result.wasSuccessful() ? 0 : 1 ; -} diff --git a/org.glite.wms-utils.exception/test/exception_cu_suite.cpp b/org.glite.wms-utils.exception/test/exception_cu_suite.cpp deleted file mode 100644 index f749af9..0000000 --- a/org.glite.wms-utils.exception/test/exception_cu_suite.cpp +++ /dev/null @@ -1,56 +0,0 @@ -#include "exception_cu_suite.h" -#include "glite/wmsutils/exception/Exception.h" -#include -#include - -using namespace CppUnit; -using namespace std; -using namespace glite::wmsutils::exception; - -void Exception_test::setUp() -{} - -void Exception_test::tearDown() -{} - - -void Exception_test::constructor_case() -{ - - //constructor class name, line number, method name, code, exception name - glite::wmsutils::exception::Exception exc_5("TEST_Class", 3, "test_method", 1, "exception_test"); - - //constructor class name, method name, code, exception name - glite::wmsutils::exception::Exception exc_4("TEST_Class", "test_method", 1, "exception_test"); - - CPPUNIT_ASSERT(exc_5.getExceptionName() == "exception_test"); - CPPUNIT_ASSERT(exc_5.getCode() == 1); -} - -void Exception_test::tostring_case() -{ - cout<<"TEST TO STRING METHODS"< msgvec = exc_5.getStackTrace(); - - for (int i=0; i -#include -#include - -#include - - -class Exception_test : public CppUnit::TestFixture { - - CPPUNIT_TEST_SUITE(Exception_test); - CPPUNIT_TEST(constructor_case); - CPPUNIT_TEST(tostring_case); - CPPUNIT_TEST(stackTrace_case); - CPPUNIT_TEST_SUITE_END(); - - -public: - - void setUp(); - void tearDown(); - - void constructor_case(); - void tostring_case(); - void stackTrace_case(); - -}; - - - diff --git a/org.glite.wms-utils.jobid/.cvsignore b/org.glite.wms-utils.jobid/.cvsignore deleted file mode 100755 index 1df717b..0000000 --- a/org.glite.wms-utils.jobid/.cvsignore +++ /dev/null @@ -1,2 +0,0 @@ -.project -.cdtproject \ No newline at end of file diff --git a/org.glite.wms-utils.jobid/LICENSE b/org.glite.wms-utils.jobid/LICENSE deleted file mode 100755 index 01b973b..0000000 --- a/org.glite.wms-utils.jobid/LICENSE +++ /dev/null @@ -1,69 +0,0 @@ -LICENSE file for EGEE Middleware -================================ - -Copyright (c) 2004 on behalf of the EU EGEE Project: -The European Organization for Nuclear Research (CERN), -Istituto Nazionale di Fisica Nucleare (INFN), Italy -Datamat Spa, Italy -Centre National de la Recherche Scientifique (CNRS), France -CS Systeme d'Information (CSSI), France -Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -Universiteit van Amsterdam (UvA), Netherlands -University of Helsinki (UH.HIP), Finlan -University of Bergen (UiB), Norway -Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -1. Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright -notice, this list of conditions and the following disclaimer in the -documentation and/or other materials provided with the distribution. - -3. The end-user documentation included with the redistribution, if -any, must include the following acknowledgment: "This product includes -software developed by The EU EGEE Project (http://cern.ch/eu-egee/)." -Alternatively, this acknowledgment may appear in the software itself, if -and wherever such third-party acknowledgments normally appear. - -4. The names EGEE and the EU EGEE Project must not be -used to endorse or promote products derived from this software without -prior written permission. For written permission, please contact -. - -5. You are under no obligation whatsoever to provide anyone with any -bug fixes, patches, or upgrades to the features, functionality or -performance of the Software ("Enhancements") that you may develop over -time; however, if you choose to provide your Enhancements to The EU -EGEE Project, or if you choose to otherwise publish or distribute your -Enhancements, in source code form without contemporaneously requiring -end users of The EU EGEE Proejct to enter into a separate written license -agreement for such Enhancements, then you hereby grant The EU EGEE Project -a non-exclusive, royalty-free perpetual license to install, use, copy, -modify, prepare derivative works, incorporate into the EGEE Middleware -or any other computer software, distribute, and sublicense your -Enhancements or derivative works thereof, in binary and source code -form (if any), whether developed by The EU EGEE Project or third parties. - -THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL PROJECT OR ITS CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR -BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE -OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -This software consists of voluntary contributions made by many -individuals on behalf of the EU EGEE Prject. For more information on The -EU EGEE Project, please see http://cern.ch/eu-egee/. For more information on -EGEE Middleware, please see http://egee-jra1.web.cern.ch/egee-jra1/ - - diff --git a/org.glite.wms-utils.jobid/Makefile.am b/org.glite.wms-utils.jobid/Makefile.am deleted file mode 100755 index bf956e1..0000000 --- a/org.glite.wms-utils.jobid/Makefile.am +++ /dev/null @@ -1,69 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -## Process this file with automake to produce Makefile.in - -EXTRA_DIST = LICENSE - -docdir = $(datadir)/doc/@PACKAGE@-@VERSION@ -doc_DATA = LICENSE - -## Subdirectories list -SUBDIRS = interface src examples - -## Default flags to run aclocal -ACLOCAL_AMFLAGS = -I project - -stage: - @set fnord $(MAKEFLAGS); amf=$$2; \ - dot_seen=no; \ - target="install"; \ - prefix_arg="@prefix@"; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target $$prefix_arg in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target $$prefix_arg) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" $$prefix_arg || exit 1; \ - fi; test -z "$$fail" - -distsrc: dist - mv $(distdir).tar.gz $(DISTTAR)/$(distdir)_src.tar.gz - -distbin: - @set fnord $(MAKEFLAGS); amf=$$2; \ - dot_seen=no; \ - target="install"; \ - tmpdistbin="$(WORKDIR)/dist_bin"; \ - prefix_arg="prefix=$$tmpdistbin"; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target $$prefix_arg in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target $$prefix_arg) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" $$prefix_arg || exit 1; \ - fi; test -z "$$fail"; \ - pushd $$tmpdistbin; \ - $(AMTAR) -zcf $(DISTTAR)/$(distdir)_bin.tar.gz .; \ - popd; \ - rm -rf $$tmpdistbin - diff --git a/org.glite.wms-utils.jobid/bootstrap b/org.glite.wms-utils.jobid/bootstrap deleted file mode 100755 index ceeb099..0000000 --- a/org.glite.wms-utils.jobid/bootstrap +++ /dev/null @@ -1,9 +0,0 @@ -#! /bin/sh - -mkdir -p src/autogen -set -x -aclocal -I project -libtoolize --force -autoheader -automake --foreign --add-missing --copy -autoconf diff --git a/org.glite.wms-utils.jobid/build.xml b/org.glite.wms-utils.jobid/build.xml deleted file mode 100755 index 44c110c..0000000 --- a/org.glite.wms-utils.jobid/build.xml +++ /dev/null @@ -1,104 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.wms-utils.jobid/configure.ac b/org.glite.wms-utils.jobid/configure.ac deleted file mode 100755 index 0f1deb4..0000000 --- a/org.glite.wms-utils.jobid/configure.ac +++ /dev/null @@ -1,128 +0,0 @@ -# -# Copyright (c) 2004 on behalf of the EU EGEE Project: -# The European Organization for Nuclear Research (CERN), -# Istituto Nazionale di Fisica Nucleare (INFN), Italy -# Datamat Spa, Italy -# Centre National de la Recherche Scientifique (CNRS), France -# CS Systeme d'Information (CSSI), France -# Royal Institute of Technology, Center for Parallel Computers (KTH-PDC), Sweden -# Universiteit van Amsterdam (UvA), Netherlands -# University of Helsinki (UH.HIP), Finland -# University of Bergen (UiB), Norway -# Council for the Central Laboratory of the Research Councils (CCLRC), United Kingdom -# -# Common configure.ac file for the GLite WMS Common module -# -# Authors: Alberto Di Meglio -# Version info: $Id$ -# Release: $Name$ -# -# Revision history: -# $Log$ -# Revision 1.15 2004/11/16 15:35:22 eronchie -# Increased version -# -# Revision 1.14 2004/11/16 15:15:45 eronchie -# Increased version -# -# Revision 1.13 2004/09/22 00:25:17 glbuild -# Fixed missing parenthesis -# -# Revision 1.12 2004/09/21 19:22:09 glbuild -# modified module.version -# -# Revision 1.11 2004/08/17 13:46:28 eronchie -# Added interface -# -# Revision 1.10 2004/08/17 13:41:20 eronchie -# Moved out JobIdExceptions.h cjobid.h JobId.h -# Put in interface/glite/wmsutils/jobid -# -# Revision 1.9 2004/08/17 10:40:34 eronchie -# Added optimize option -# -# Revision 1.8 2004/07/27 09:14:19 eronchie -# Removed AC_WMSUTILS_EXCEPTION and AC_GLOBUS_SSL_UTILS checks -# Set directly exception library macro -# -# Revision 1.7 2004/07/21 17:53:36 eronchie -# Moved out org.glite.wms.jobid from org.glite.wms and put in org.glite.wms-utils -# -# -# - -# Process this file with autoconf to produce a configure script. - -AC_PREREQ(2.57) -AC_INIT([GLite WMS Utils Jobid], [1.0.0]) -AC_CONFIG_AUX_DIR([./project]) -AM_INIT_AUTOMAKE([1.6.3 subdir-objects]) -AC_CONFIG_SRCDIR([src/jobid/strmd5.h]) - -# Notices. -AC_COPYRIGHT([Copyright (c) 2004 The EU EGEE Project -See LICENCE file for details -]) -AC_REVISION([$Revision$]) - -#Environment. -WORKDIR=`pwd` -AC_SUBST(WORKDIR) - -# Checks for programs. -AC_PROG_CC -AC_PROG_CPP -AC_PROG_CXX -AC_PROG_CXXCPP -AM_PROG_CC_C_O -AC_PROG_LIBTOOL - -# Checks for libraries. - -# Checks for header files. -AC_CHECK_HEADERS([fcntl.h mntent.h sys/vfs.h syslog.h unistd.h]) - -# Checks for typedefs, structures, and compiler characteristics. -AC_HEADER_STDBOOL -AC_C_CONST -AC_C_INLINE -AC_TYPE_OFF_T -AC_TYPE_SIZE_T -AC_CHECK_MEMBERS([struct stat.st_rdev]) -AC_TYPE_UID_T -AC_CHECK_TYPES([ptrdiff_t]) - -# Checks for library functions. -AC_HEADER_STDC -AC_FUNC_ERROR_AT_LINE -AC_FUNC_GETMNTENT -AC_FUNC_MEMCMP -AC_FUNC_STAT -AC_FUNC_STRFTIME -AC_FUNC_VPRINTF -AC_CHECK_FUNCS([bzero endpwent ftruncate getmntent memset mkdir pow strerror strtol]) - -have_globus=no - -AC_GLOBUS([], have_globus=yes, have_globus=no) -AC_MSG_RESULT(["GLOBUS found $have_globus"]) - -have_glite_wmsutils_exception=no - -AC_GLITE - -GLITE_WMSUTILS_EXCEPTION_LIBS="-L$GLITE_LOCATION/lib -lglite_wmsutils_exception"AC_SUBST(GLITE_WMSUTILS_EXCEPTION_LIBS) - -AC_OPTIMIZE - -# Configuration items -AC_PREFIX_DEFAULT([/opt/glite]) -AM_CONFIG_HEADER([src/autogen/config.h]) -AC_CONFIG_FILES([Makefile]) -AC_CONFIG_FILES([examples/Makefile]) -AC_CONFIG_FILES([interface/Makefile]) -AC_CONFIG_FILES([src/Makefile]) -AC_CONFIG_FILES([src/jobid/Makefile]) - -AC_OUTPUT - diff --git a/org.glite.wms-utils.jobid/examples/Makefile.am b/org.glite.wms-utils.jobid/examples/Makefile.am deleted file mode 100755 index fa9a407..0000000 --- a/org.glite.wms-utils.jobid/examples/Makefile.am +++ /dev/null @@ -1,28 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -STDCPP = -lstdc++ - -JOBID = $(top_builddir)/src/jobid/libglite_wmsutils_cjobid.la - -check_PROGRAMS = testjobid - -testjobid_SOURCES = testjobid.c -testjobid_LDADD = \ - $(JOBID) \ - $(GLITE_WMSUTILS_EXCEPTION_LIBS) \ - $(GLOBUS_SSL_THR_LIBS) \ - $(STDCPP) - -AM_CPPFLAGS = -I$(top_srcdir)/src \ - -I$(top_srcdir)/interface \ - $(GLITE_CFLAGS) \ - $(GLOBUS_THR_CFLAGS) - -MAINTAINERCLEANFILES = Makefile.in *~ - diff --git a/org.glite.wms-utils.jobid/examples/testjobid.c b/org.glite.wms-utils.jobid/examples/testjobid.c deleted file mode 100755 index 56f6cba..0000000 --- a/org.glite.wms-utils.jobid/examples/testjobid.c +++ /dev/null @@ -1,33 +0,0 @@ -/* test code for jobid routines */ - -#include -#include - -#include "glite/wmsutils/jobid/cjobid.h" - -int main(int argc, char* argv[]) -{ - char* ju; - char* bkserver = "ujsa.uhjs"; - - edg_wlc_JobId ji = 0; - edg_wlc_JobId ji2 = 0; - - int r = edg_wlc_JobIdCreate(bkserver, 0, &ji); - printf("Create: %d\n", r); - - ju = edg_wlc_JobIdUnparse(ji); - printf("Unparse: %s\n", ju); - - edg_wlc_JobIdParse(ju, &ji2); - free(ju); - - ju = edg_wlc_JobIdUnparse(ji); - printf("Unparse2: %s\n", ju); - free(ju); - - edg_wlc_JobIdFree(ji); - edg_wlc_JobIdFree(ji2); - - return 0; -} diff --git a/org.glite.wms-utils.jobid/interface/Makefile.am b/org.glite.wms-utils.jobid/interface/Makefile.am deleted file mode 100755 index 8737f19..0000000 --- a/org.glite.wms-utils.jobid/interface/Makefile.am +++ /dev/null @@ -1,16 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -jobiddir = $(includedir) -nobase_jobid_HEADERS = \ - glite/wmsutils/jobid/cjobid.h \ - glite/wmsutils/jobid/manipulation.h \ - glite/wmsutils/jobid/JobIdExceptions.h \ - glite/wmsutils/jobid/JobId.h - -MAINTAINERCLEANFILES = Makefile.in diff --git a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobId.h b/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobId.h deleted file mode 100755 index b0d07ce..0000000 --- a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobId.h +++ /dev/null @@ -1,136 +0,0 @@ -#ifndef GLITE_WMSUTILS_JOBID_JOBID_H -#define GLITE_WMSUTILS_JOBID_JOBID_H - -/* - * JobId.h - * Copyright (c) 2001 The European Datagrid Project - IST programme, all rights reserved. - * - */ - -#include -#include - -#include "glite/wmsutils/jobid/cjobid.h" - -typedef struct _edg_wlc_jobid_s* edg_wlc_jobid_t; - -namespace glite { -namespace wmsutils { -namespace jobid { - -/** - * Managing Identification, checking, retreiving info from a job - * File name: JobId.h - * The JobId class provides a representation of the Datagrid job identifier - * (dg_jobId) and the methods for manipulating it. - * We remind that the format of the dg_jobId is as follows: - * :/ - * - * @ingroup common - * @version 0.1 - * @date 15 April 2002 - * @author Alessandro Maraschini */ - -class JobId { -public: - /**@name Constructors/Destructor */ - //@{ - /** Instantiates an empty JobId object */ - JobId() ; - /** - * Instantiates a JobId object from the passed dg_jobId in string format. - * @param jobid a string representig a classAd expression - * @throws WrongIdException When a string is passed in a wrong format - */ - JobId(const std::string& jobid ) ; - /** - * Instantiates a JobId object from the passed JobId instance - * @param jobid a JobId instance to copy from - * @throws WrongIdException When a string is passed in a wrong format - */ - JobId(const JobId& jobid ); - /** - * Instantiates a JobId object from the passed JobId internal reference - * @param jobid the JobId internal reference - * @throws WrongIdException When a string is passed in a wrong format - */ - JobId(const edg_wlc_JobId& jobid); - /** - * Destructor - * Destroy the Job Id instance - */ - ~JobId() ; - //@} - - /**@name Miscellaneous */ - //@{ - /** Unsets the JobId instance. Clear all it's memebers */ - void clear() ; - /** - * Check wheater the jobId has been already created (true) or not (false) - *@return true (jobId created) or false (jobId not yet created) - */ - bool isSet() { return ( m_JobId != 0 ) ; } - /** - * Set the JobId instance according to the LB and RB server addresses and the unique string passed as input parameters. - * @param lb_server Loggin and Bookkeeping server address - * @param port Loggin and Bookkeeping port ( dafault value is 9000 ) - * @param unique A Unique identification ( automatically generatad by md5 protocol ) - * @throws WrongIdException When one parameter has been passed in a wrong format */ - void setJobId(const std::string& lb_server, int port = 0, const std::string& unique = ""); - //@} - /**@name Get Methods */ - //@{ - /** @return the LB address into its string format - * @throws EmptyIdException If the jobId has not been initialised yet */ - std::string getServer() const; - /** @return the Unique string into its string format - * @throws EmptyIdException If the jobId has not been initialised yet */ - std::string getUnique() const; - //@} - /** This method sets the JobId instance from the JobId in string format given - * as input. - * @param dg_JobId the string representing the job - * @throws WrongIdException When a string is passed in a wrong format */ - void fromString ( const std::string& dg_JobId ); - /** Converts the jobId into a string - @return the string representation of a JobId*/ - std::string toString() const; - /** casting operator */ - operator const edg_wlc_JobId() const { return m_JobId; } - /** Operator "=" create a deep copy of the JobId instance*/ - JobId & operator=(JobId const &); - /** Operator "=" create a deep copy of the JobId instance*/ - JobId & operator=(const edg_wlc_JobId &); - /** Retrieve the internal id reference - *@return the JobId internal reference used by some LB methods */ - edg_wlc_JobId getId() const ; -private: - // This Variable stores the Job unique identification String - edg_wlc_JobId m_JobId; - mutable char* m_pStr; - mutable char* m_pBkserver; - mutable char* m_pUnique; - /** Operator "<"*/ - friend bool operator<(JobId const& lhs, JobId const& rhs); - /** Operator "=="*/ - friend bool operator==(JobId const& lhs, JobId const& rhs); -}; - -inline bool operator<(JobId const& lhs, JobId const& rhs) -{ - return strcmp ( lhs.m_pStr , rhs.m_pStr ) <0 ; -} - -inline bool operator==(JobId const& lhs, JobId const& rhs) -{ -return strcmp ( lhs.m_pStr , rhs.m_pStr ) ==0 ; -} - -std::ostream& operator<<(std::ostream& os, JobId const& id); - -} // namespace jobid -} // namespace wmsutils -} // namespace glite - -#endif // GLITE_WMSUTILS_JOBID_JOBID_H diff --git a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobIdExceptions.h b/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobIdExceptions.h deleted file mode 100755 index 42cbdf4..0000000 --- a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/JobIdExceptions.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef GLITE_WMSUTILS_JOBID_EXCEPTIONS_H -#define GLITE_WMSUTILS_JOBID_EXCEPTIONS_H - -/* - * JobIdExceptions.h - * Copyright (c) 2001 The European Datagrid Project - IST programme, all rights reserved. - */ - -#include "glite/wmsutils/exception/Exception.h" - -namespace glite { -namespace wmsutils { -namespace jobid { - -/** - * JobIdException - Exception thrown by JobId Class - * @ingroup Common - * @version 0.1 - * @date 15 April 2002 - * @author Alessandro Maraschini -*/ - -class JobIdException : public glite::wmsutils::exception::Exception { -public: - /** - * Update all mandatory Exception Information - */ - JobIdException (const std::string& file, - int line, - const std::string& method, - int code, - const std::string& exception_name) ; -};//End CLass JobIdException - -/** -* WrongIdFieldException -* This Exception is thrown when a Job Id syntax error is found -* A valid Job Identification string should be made as follows: -* :/ */ -class WrongIdException : public JobIdException { -public: - /** - * Constructor - * @param file - The source file which has generated the Exception - * @param line - The line number in the source file where the Exception has been thrown - * @param method - The Name of the method which has thrown the Exception - * @param code - The Code of the Error raised - * @param field - The wrong expression catched */ - WrongIdException(const std::string& file, - int line, - const std::string& method, - int code ); -}; //End CLass WrongIdException -/** -* EmptyIdException -* This Exception is thrown when the user tries to get information from a JobId -* which has not been initialized yet, i.e tries to use the get Methods -*/ -class EmptyIdException : public JobIdException { -public: - /** - * Constructor - * @param file - The source file which has generated the Exception - * @param line - The line number in the source file where the Exception has been thrown - * @param method - The Name of the method which has thrown the Exception - * @param code - The Code of the Error raised - * @param field - The Empty filed requested for */ - EmptyIdException::EmptyIdException(const std::string& file, - int line, - const std::string& method, - int code , - const std::string& field ); -}; //End CLass EmptyIdException - -} // namespace jobid -} // namespace wmsutils -} // namespace glite - -#endif // GLITE_WMSUTILS_JOBID_EXCEPTIONS_H - diff --git a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/cjobid.h b/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/cjobid.h deleted file mode 100755 index e8f84f5..0000000 --- a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/cjobid.h +++ /dev/null @@ -1,109 +0,0 @@ -#ifndef _GLITE_JOBID_H -#define _GLITE_JOBID_H - -/*! - * \file cjobid.h - * \brief L&B consumer API - */ - -#ident "$Header$" - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct _edg_wlc_JobId *edg_wlc_JobId; - -#define GLITE_WMSC_JOBID_DEFAULT_PORT 9000 /**< Default port where bookkeeping server listens */ -#define GLITE_WMSC_JOBID_PROTO_PREFIX "https://" /**< JobId protocol prefix */ - - -/* All the pointer functions return malloc'ed objects (or NULL on error) */ - -/** - * Create a Job ID. - * See the lb_draft document for details on its construction and components - * \param bkserver book keeping server hostname - * \param port port for the bk service - * \param jobid new created job id - * \ret al 0 success - * \retval EINVAL invalid bkserver - * \retval ENOMEM if memory allocation fails - */ -int edg_wlc_JobIdCreate(const char * bkserver, int port, edg_wlc_JobId * jobid); - -/** - * Recreate a Job ID - * \param bkserver bookkeeping server hostname - * \param port port for the bk service - * \param unique string which represent created jobid (if NULL then new - * one is created) - * \param jobid new created job id - * \retval 0 success - * \retval EINVAL invalid bkserver - * \retval ENOMEM if memory allocation fails - */ -int edg_wlc_JobIdRecreate(const char *bkserver, int port, const char * unique, edg_wlc_JobId * jobid); - -/** - * Create copy of Job ID - * \param in jobid for duplication - * \param jobid duplicated jobid - * \retval 0 for success - * \retval EINVAL invalid jobid - * \retval ENOMEM if memory allocation fails - */ -int edg_wlc_JobIdDup(const edg_wlc_JobId in, edg_wlc_JobId * jobid); - -/* - * Free jobid structure - * \param jobid for dealocation - */ -void edg_wlc_JobIdFree(edg_wlc_JobId jobid); - -/** - * Parse Job ID string and creates jobid structure - * \param jobidstr string representation of jobid - * \param jobid parsed job id - * \retval 0 for success - * \retval EINVAL jobidstr can't be parsed - * \retval ENOMEM if memory allocation fails - */ -int edg_wlc_JobIdParse(const char* jobidstr, edg_wlc_JobId * jobid); - -/** - * Unparse Job ID (produce the string form of JobId). - * \param jobid to be converted to string - * \return allocated string which represents jobid - */ -char* edg_wlc_JobIdUnparse(const edg_wlc_JobId jobid); - -/** - * Extract bookkeeping server address (address:port) - * \param jobid from which the bkserver address should be extracted - * \retval pointer to allocated string with bkserver address - * \retval NULL if jobid is 0 or memory allocation fails - */ -char* edg_wlc_JobIdGetServer(const edg_wlc_JobId jobid); - -/** - * Extract bookkeeping server address and port - * \param jobid from which the bkserver address should be extracted - * \param srvName pointer where to return server name - * \param srvPort pointer where to return server port - * */ -void edg_wlc_JobIdGetServerParts(const edg_wlc_JobId jobid, char **srvName, unsigned int *srvPort); - -/** - * Extract unique string - * \param jobid - * \retval pointer to allocated unique string representing jobid - * \retval NULL if jobid is 0 or memory allocation fails - */ -char* edg_wlc_JobIdGetUnique(const edg_wlc_JobId jobid); - -#ifdef __cplusplus -} -#endif - -#endif /* _GLITE_JOBID_H */ diff --git a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/manipulation.h b/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/manipulation.h deleted file mode 100755 index 9f862ae..0000000 --- a/org.glite.wms-utils.jobid/interface/glite/wmsutils/jobid/manipulation.h +++ /dev/null @@ -1,24 +0,0 @@ -#ifndef GLITE_WMSUTILS_JOBID_MANIPULATION_H -#define GLITE_WMSUTILS_JOBID_MANIPULATION_H - -#include - -namespace glite { -namespace wmsutils { -namespace jobid { - -class JobId; - -std::string get_reduced_part( const JobId &id, int level = 0 ); -std::string to_filename( const JobId &id ); -JobId from_filename( const std::string &filename ); - -} // namespace jobid -} // namespace wmsutils -} // namespace glite - -#endif /* GLITE_WMSUTILS_JOBID_MANIPULATION_H */ - -// Local Variables: -// mode: c++ -// End: diff --git a/org.glite.wms-utils.jobid/project/build.number b/org.glite.wms-utils.jobid/project/build.number deleted file mode 100644 index 1936771..0000000 --- a/org.glite.wms-utils.jobid/project/build.number +++ /dev/null @@ -1 +0,0 @@ -module.build=137 diff --git a/org.glite.wms-utils.jobid/project/build.properties b/org.glite.wms-utils.jobid/project/build.properties deleted file mode 100755 index e69de29..0000000 diff --git a/org.glite.wms-utils.jobid/project/configure.properties.xml b/org.glite.wms-utils.jobid/project/configure.properties.xml deleted file mode 100644 index 04d3b17..0000000 --- a/org.glite.wms-utils.jobid/project/configure.properties.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - diff --git a/org.glite.wms-utils.jobid/project/properties.xml b/org.glite.wms-utils.jobid/project/properties.xml deleted file mode 100755 index 9662658..0000000 --- a/org.glite.wms-utils.jobid/project/properties.xml +++ /dev/null @@ -1,86 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.glite.wms-utils.jobid/project/version.properties b/org.glite.wms-utils.jobid/project/version.properties deleted file mode 100755 index cd1e9e7..0000000 --- a/org.glite.wms-utils.jobid/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.0.0 -module.age=1 diff --git a/org.glite.wms-utils.jobid/src/Makefile.am b/org.glite.wms-utils.jobid/src/Makefile.am deleted file mode 100755 index 5225c64..0000000 --- a/org.glite.wms-utils.jobid/src/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -## Subdirectories list -SUBDIRS = jobid - -MAINTAINERCLEANFILES = Makefile.in diff --git a/org.glite.wms-utils.jobid/src/jobid/JobId.cpp b/org.glite.wms-utils.jobid/src/jobid/JobId.cpp deleted file mode 100755 index 273f9f9..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/JobId.cpp +++ /dev/null @@ -1,183 +0,0 @@ -/* ************************************************************************** - * filename : JobId.cpp - * author : Alessandro Maraschini - * copyright : (C) 2002 by DATAMAT - ***************************************************************************/ - -#include "glite/wmsutils/jobid/JobId.h" - -#include - -#include "glite/wmsutils/jobid/JobIdExceptions.h" - -namespace glite { -namespace wmsutils { -namespace jobid { - -using namespace std ; - -/****************************************************************** - Constructor / Destructor - *******************************************************************/ -JobId::JobId() : m_JobId( 0 ), m_pStr( 0 ), m_pBkserver( 0 ), m_pUnique( 0 ) -{ -} - -JobId::JobId(const std::string& job_id_string ) - : m_JobId( 0 ), m_pStr( 0 ), m_pBkserver( 0 ), m_pUnique( 0 ) -{ - fromString( job_id_string ) ; -} - -JobId::JobId(const JobId &old) -{ - edg_wlc_JobIdDup(old.m_JobId,&m_JobId); - m_pStr = old.m_pStr ? strdup(old.m_pStr) : 0; - m_pBkserver = old.m_pBkserver ? strdup(old.m_pBkserver) : 0; - m_pUnique = old.m_pUnique ? strdup(old.m_pUnique) : 0; -} - -JobId & JobId::operator=(JobId const &old) -{ - clear(); - edg_wlc_JobIdDup(old.m_JobId,&m_JobId); - m_pStr = old.m_pStr ? strdup(old.m_pStr) : 0; - m_pBkserver = old.m_pBkserver ? strdup(old.m_pBkserver) : 0; - m_pUnique = old.m_pUnique ? strdup(old.m_pUnique) : 0; - - return *this; -} - - -JobId::JobId(const edg_wlc_JobId &old) - : m_pStr(0), m_pBkserver(0), m_pUnique(0) -{ - edg_wlc_JobIdDup(old,&m_JobId); -} - - -JobId & JobId::operator=(const edg_wlc_JobId &old) -{ - clear(); - edg_wlc_JobIdDup(old,&m_JobId); - m_pStr = 0; - m_pBkserver = 0; - m_pUnique = 0; - return(*this); -} - -JobId::~JobId() -{ - clear(); -} - -/****************************************************************** - method : clear - unsets the JobId instance. - *******************************************************************/ -void JobId::clear() -{ - if ( m_JobId ) - { - edg_wlc_JobIdFree( m_JobId ); - m_JobId = 0; - if (m_pStr) - free(m_pStr); - if (m_pBkserver) - free(m_pBkserver); - if (m_pUnique) - free(m_pUnique); - m_pStr = m_pBkserver = m_pUnique = NULL; - } -} - - -/****************************************************************** - method : setJobId - sets the JobId instance according to the LB and RB - server addresses and the unique string passed as input parameters. - *******************************************************************/ -void JobId::setJobId(const string& bkserver, int port, const string& unique) -{ - int code = edg_wlc_JobIdRecreate(bkserver.c_str(), port, unique.size() ? unique.c_str() : NULL, &m_JobId) ; - if ( code != 0 ) - throw WrongIdException(__FILE__ , __LINE__ , "setJobId(const string& bkserver, int port, const string& unique)" , code ) ; -} - - -/****************************************************************** - Protected method : fromString - sets the JobId instance from the dg_jobId in string format given as input. - *******************************************************************/ -void JobId::fromString (const string& dg_JobId) -{ - clear(); - int code = edg_wlc_JobIdParse(dg_JobId.c_str(), &m_JobId) ; - if ( code != 0 ) - throw WrongIdException(__FILE__ , __LINE__ , "fromString (const string& dg_JobId)" , code ) ; -} - -/****************************************************************** - method : ToString - converts the JobId instance into its string format. - and put it in the dg_jobId output variable - *******************************************************************/ -std::string JobId::toString() const -{ - if ( m_JobId && !m_pStr ) - m_pStr = edg_wlc_JobIdUnparse(m_JobId) ; - if ( !m_pStr ) - throw EmptyIdException (__FILE__ , __LINE__ ,"toString()" ,ENOENT , "JobId") ; - return m_pStr; -} - -/****************************************************************** - method : getServer - return a string containing the LB server address, - *******************************************************************/ -std::string JobId::getServer() const -{ - if ( m_JobId && !m_pBkserver ) - m_pBkserver = edg_wlc_JobIdGetServer( m_JobId ) ; - - if ( !m_pBkserver ) - throw EmptyIdException (__FILE__ , __LINE__ , "getServer()", ENOENT , "LB server Address") ; - - return m_pBkserver; -} - -/****************************************************************** - method : getUnique - return a string containing unique jobid string - *******************************************************************/ -std::string JobId::getUnique() const -{ - if ( m_JobId && !m_pUnique ) - m_pUnique = edg_wlc_JobIdGetUnique( m_JobId ) ; - - if ( !m_pUnique ) - throw EmptyIdException (__FILE__ , __LINE__ , "getUnique()" , ENOENT , "Unique") ; - - return m_pUnique; -} -/****************************************************************** - method : getId - return the c JobId struct representing this instance - *******************************************************************/ -edg_wlc_JobId JobId::getId() const -{ - edg_wlc_JobId out ; - if ( edg_wlc_JobIdDup(m_JobId, &out) ) - throw EmptyIdException (__FILE__ , __LINE__ , "getId()" , ENOENT , "JobId") ; - return out ; -} - -std::ostream& -operator<<(std::ostream& os, JobId const& id) -{ - return os << id.toString(); -} - -} // namespace jobid -} // namespace wmsutils -} // namespace glite diff --git a/org.glite.wms-utils.jobid/src/jobid/JobIdExceptions.cpp b/org.glite.wms-utils.jobid/src/jobid/JobIdExceptions.cpp deleted file mode 100755 index 6be40b7..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/JobIdExceptions.cpp +++ /dev/null @@ -1,58 +0,0 @@ -/* ************************************************************************** -* filename : JobIdExecptions.cpp -* author : Alessandro Maraschini -* copyright : (C) 2002 by DATAMAT -***************************************************************************/ - -#include "glite/wmsutils/jobid/JobIdExceptions.h" - -namespace glite { -namespace wmsutils { -namespace jobid { - -using namespace std; -using namespace glite::wmsutils::exception; - -/***************************** -* JobIdException -*****************************/ -JobIdException::JobIdException (const string& file, - int line, - const string& method, - int code, - const string& exception_name) - : Exception(file, line, method, code, exception_name) -{ -} - -/***************************** -* WrongIdException -*****************************/ -WrongIdException::WrongIdException(const string& file, - int line, - const string& method, - int code ) - : JobIdException(file, line, method, code, - "WrongIdException") -{ - error_message = "Wrong Field caught while parsing Job Id" ; -} - -/***************************** -* EmptyIdException -*****************************/ -EmptyIdException::EmptyIdException(const string& file, - int line, - const string& method, - int code , - const string& field ) - : JobIdException(file, line, method, code, - "EmptyIdException") -{ - error_message = "Unable to retrieve " + field + ": the instance has not been initialized yet"; -} - -} // namespace jobid -} // namespace wmsutils -} // namespace glite - diff --git a/org.glite.wms-utils.jobid/src/jobid/Makefile.am b/org.glite.wms-utils.jobid/src/jobid/Makefile.am deleted file mode 100755 index 7a23118..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/Makefile.am +++ /dev/null @@ -1,30 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -lib_LTLIBRARIES = libglite_wmsutils_jobid.la libglite_wmsutils_cjobid.la - -libglite_wmsutils_jobid_la_SOURCES = \ - JobId.cpp \ - JobIdExceptions.cpp \ - manipulation.cpp - -libglite_wmsutils_cjobid_la_SOURCES = \ - cjobid.c \ - strmd5.c - -jobidincludedir = $(includedir)/glite/wmsutils/jobid -jobidinclude_HEADERS = \ - strmd5.h - -AM_CPPFLAGS = -I$(top_srcdir)/src \ - -I$(top_srcdir)/interface \ - $(GLITE_CFLAGS) \ - $(GLOBUS_THR_CFLAGS) \ - -D_GNU_SOURCE - -MAINTAINERCLEANFILES = Makefile.in diff --git a/org.glite.wms-utils.jobid/src/jobid/cjobid.c b/org.glite.wms-utils.jobid/src/jobid/cjobid.c deleted file mode 100755 index 2fa0010..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/cjobid.c +++ /dev/null @@ -1,258 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "glite/wmsutils/jobid/cjobid.h" -#include "strmd5.h" - -struct _edg_wlc_JobId { - char *id; /* unique job identification */ - /* additional information */ - char *BShost;/* bookkeeping server hostname */ - unsigned int BSport; /* bookkeeping server port */ - char *info; /* additional information (after ? in URI) */ -}; - -int edg_wlc_JobIdCreate(const char *bkserver, int port, edg_wlc_JobId *jobId) -{ - return edg_wlc_JobIdRecreate(bkserver, port, NULL, jobId); -} - - -int edg_wlc_JobIdRecreate(const char* bkserver, int port, const char *unique, edg_wlc_JobId *jobId) -{ - edg_wlc_JobId out; - char hostname[200]; /* used to hold string for encrypt */ - struct timeval tv; - int skip; - char* portbeg; - - struct hostent* he; - - if (!bkserver) - return EINVAL; - - if (unique == NULL) { - gethostname(hostname, 100); - he = gethostbyname(hostname); - assert(he->h_length > 0); - gettimeofday(&tv, NULL); - srandom(tv.tv_usec); - - skip = strlen(hostname); - skip += sprintf(hostname + skip, "-IP:0x%x-pid:%d-rnd:%d-time:%d:%d", - *((int*)he->h_addr_list[0]), getpid(), (int)random(), - (int)tv.tv_sec, (int)tv.tv_usec); - } - - *jobId = NULL; - out = (edg_wlc_JobId) malloc (sizeof(*out)); - if (!out) - return ENOMEM; - - memset(out, 0, sizeof(*out)); - - /* check if it begins with prefix */ - /* unsupported */ - if (strncmp(bkserver, GLITE_WMSC_JOBID_PROTO_PREFIX, sizeof(GLITE_WMSC_JOBID_PROTO_PREFIX)-1) == 0) - return EINVAL; - - out->BShost = strdup(bkserver); - portbeg = strchr(out->BShost, ':'); - if (portbeg) { - *portbeg = 0; - /* try to get port number */ - if (port == 0) - port = atoi(portbeg + 1); - } - - if (port == 0) - port = GLITE_WMSC_JOBID_DEFAULT_PORT; - - out->BSport = port; - - out->id = (unique) ? strdup(unique) : str2md5base64(hostname); - //printf("Encrypt: %s\nBASE64 %s\n", hostname, out->id); - - if (!out->id || !out->BShost) { - edg_wlc_JobIdFree(out); - return ENOMEM; - } - - *jobId = out; - return 0; -} - - -int edg_wlc_JobIdDup(const edg_wlc_JobId in, edg_wlc_JobId *out) -{ - edg_wlc_JobId jid; - *out = NULL; - if (in == NULL) - return 0; - - jid = malloc(sizeof(*jid)); - if (!jid) - return ENOMEM; - - memset(jid, 0,sizeof(*jid)); - jid->BShost = strdup(in->BShost); - jid->id = strdup(in->id); - if (in->info) - jid->info = strdup(in->info); - - if (jid->BShost == NULL || jid->id == NULL) { - edg_wlc_JobIdFree(jid); - return ENOMEM; - } - - jid->BSport = in->BSport; - *out = jid; - return 0; -} - - -// XXX -// use recreate -// parse name, port, unique -int edg_wlc_JobIdParse(const char *idString, edg_wlc_JobId *jobId) -{ - char *pom, *pom1, *pom2; - edg_wlc_JobId out; - - *jobId = NULL; - - out = (edg_wlc_JobId) malloc (sizeof(*out)); - if (out == NULL ) - return ENOMEM; - - memset(out,0,sizeof(*out)); - - if (strncmp(idString, GLITE_WMSC_JOBID_PROTO_PREFIX, sizeof(GLITE_WMSC_JOBID_PROTO_PREFIX) - 1)) { - out->BShost = (char *) NULL; - out->BSport = 0; - - free(out); - return EINVAL; - } - - pom = strdup(idString + sizeof(GLITE_WMSC_JOBID_PROTO_PREFIX) - 1); - pom1 = strchr(pom, '/'); - pom2 = strchr(pom, ':'); - - if (!pom1) { free(pom); free(out); return EINVAL; } - - if ( pom2 && (pom1 > pom2)) { - pom[pom2-pom] = '\0'; - out->BShost = strdup(pom); - pom[pom1-pom] = '\0'; - out->BSport = (unsigned int) strtoul(pom2 + 1,NULL,10); - } else { - pom[pom1-pom] = '\0'; - out->BShost = strdup(pom); - out->BSport = GLITE_WMSC_JOBID_DEFAULT_PORT; - } - - /* XXX: localhost not supported in jobid - if (!strncmp(out->BShost,"localhost",9) { - free(pom); - free(out->BShost); - free(out); - return EINVAL; - } - */ - - /* additional info from URI */ - pom2 = strchr(pom1+1,'?'); - if (pom2) { - *pom2 = 0; - out->info = strdup(pom2+1); - } - - /* extract the unique part */ - out->id = strdup(pom1+1); - - for (pom1 = out->BShost; *pom1; pom1++) - if (isspace(*pom1)) break; - - for (pom2 = out->id; *pom2; pom2++) - if (isspace(*pom2)) break; - - if (*pom1 || *pom2) { - free(pom); - edg_wlc_JobIdFree(out); - return EINVAL; - } - - free(pom); - *jobId = out; - return 0; -} - - -void edg_wlc_JobIdFree(edg_wlc_JobId job) -{ - if (job) { - free(job->id); - free(job->BShost); - free(job->info); - free(job); - } -} - - -char* edg_wlc_JobIdUnparse(const edg_wlc_JobId jobid) -{ - char *out, port[40]; - - if (!jobid) - return NULL; - - if (jobid->BSport) - sprintf(port,":%d",jobid->BSport); - else - *port = 0; - - asprintf(&out, GLITE_WMSC_JOBID_PROTO_PREFIX"%s%s/%s%s%s", - jobid->BShost,port, - jobid->id, - (jobid->info ? "?" : ""), - (jobid->info ? jobid->info : "")); - - return out; -} - - -char* edg_wlc_JobIdGetServer(const edg_wlc_JobId jobid) -{ - char *bs = NULL; - - if (jobid) - asprintf(&bs, "%s:%u", jobid->BShost, - jobid->BSport ? jobid->BSport : GLITE_WMSC_JOBID_DEFAULT_PORT); - - return bs; -} - - -void edg_wlc_JobIdGetServerParts(const edg_wlc_JobId jobid, char **srvName, unsigned int *srvPort) -{ - if (jobid) { - *srvName = strdup(jobid->BShost); - *srvPort = jobid->BSport ? jobid->BSport : GLITE_WMSC_JOBID_DEFAULT_PORT; - } -} - - -char* edg_wlc_JobIdGetUnique(const edg_wlc_JobId jobid) -{ - return jobid ? strdup(jobid->id) : NULL; -} diff --git a/org.glite.wms-utils.jobid/src/jobid/manipulation.cpp b/org.glite.wms-utils.jobid/src/jobid/manipulation.cpp deleted file mode 100755 index cf3a710..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/manipulation.cpp +++ /dev/null @@ -1,180 +0,0 @@ -#include - -#include -#include - -#include "glite/wmsutils/jobid/JobId.h" - -using namespace std; - -namespace glite { -namespace wmsutils { -namespace jobid { - -namespace { - -class HexInt { -public: - HexInt( unsigned int i = 0 ); - HexInt( const string &str ); - HexInt( string::const_iterator begin, string::const_iterator end ); - ~HexInt( void ); - - inline operator unsigned int( void ) const { return this->hi_int; } - inline operator const string &( void ) const { return this->hi_str; } - - static unsigned int least( void ) { return hi_s_least; } - static void least( unsigned int least ) { hi_s_least = least; } - -private: - void parseString( void ); - - unsigned int hi_int; - string hi_str; - - static unsigned int hi_s_least; - static const char *hi_s_map; -}; - -class BadChar { -public: - BadChar( void ); - ~BadChar( void ); - - inline bool operator()( char c ) - { return( !(((c >= 'a') && (c <= 'z')) || ((c >= 'A') && (c <= 'Z')) || ((c >= '0') && (c <= '9')) || - (c == '.') || (c == '-') || (c == ' ')) ); } -}; - -unsigned int HexInt::hi_s_least = 2; -const char *HexInt::hi_s_map = "0123456789abcdef"; - -HexInt::HexInt( unsigned int ui ) : hi_int( ui ), hi_str( hi_s_least, '0' ) -{ - int n; - string::reverse_iterator pos = this->hi_str.rbegin(); - - while( ui != 0 ) { - n = ui % 16; - if( pos != this->hi_str.rend() ) { - *pos = hi_s_map[n]; - pos += 1; - } - else this->hi_str.insert( this->hi_str.begin(), hi_s_map[n] ); - - ui /= 16; - } - - if( this->hi_str.length() < hi_s_least ) - this->hi_str.insert( this->hi_str.begin(), (hi_s_least - this->hi_str.length()), '0' ); -} - -HexInt::HexInt( const string &str ) : hi_int( 0 ), hi_str( str ) -{ - this->parseString(); -} - -HexInt::HexInt( string::const_iterator begin, string::const_iterator end ) : hi_int( 0 ), hi_str( begin, end ) -{ - this->parseString(); -} - -void HexInt::parseString( void ) -{ - int hexbase; - char *pos, *end = (char *) hi_s_map + 16; - string::reverse_iterator it; - - for( it = this->hi_str.rbegin(), hexbase = 1; it != this->hi_str.rend(); ++it, hexbase *= 16 ) { - pos = find( (char *) hi_s_map, end, (char) tolower(*it) ); - - if( pos != end ) this->hi_int += hexbase * (pos - hi_s_map); - else { - this->hi_int = 0; - break; - } - } - - return; -} - -HexInt::~HexInt( void ) {} - -BadChar::BadChar( void ) {} - -BadChar::~BadChar( void ) {} - -/* - Helper function for the get_reduced_part(...) -*/ -string get_reduced_part_internal( const string &unique, int level ) -{ - string::size_type length = unique.length(); - string piece( unique.substr(0, 2) ), answer; - - if( (level == 0) || (length <= 2) ) answer.assign( piece ); - else if( length != 0 ) { - answer.assign( piece ); - answer.append( 1, '/' ); - answer.append( get_reduced_part_internal(unique.substr(2, length - 2), level - 1) ); - } - - return answer; -} - -}; // Unnamed namespace - -string get_reduced_part( const JobId &id, int level ) -{ - return get_reduced_part_internal( id.getUnique(), level ); -} - -string to_filename( const JobId &id ) -{ - string sid( id.toString() ), coded; - string::iterator last, next; - - last = sid.begin(); - do { - next = find_if( last, sid.end(), BadChar() ); - - if( next != sid.end() ) { - if( last != next ) coded.append( last, next ); - coded.append( 1, '_' ); - coded.append( HexInt(*next) ); - - last = next + 1; - } - else coded.append( last, sid.end() ); - } while( next != sid.end() ); - - return coded; -} - -JobId from_filename( const string &filename ) -{ - char c; - string decoded; - string::const_iterator last, next; - - last = filename.begin(); - do { - next = find( last, filename.end(), '_' ); - - if( next != filename.end() ) { - c = HexInt( next + 1, next + 3 ); - - if( last != next ) decoded.append( last, next ); - decoded.append( 1, c ); - - last = next + 3; - } - else decoded.append( last, filename.end() ); - } while( next != filename.end() ); - - return JobId( decoded ); -} - -} // namespace jobid -} // namespace wmsutils -} // namespace glite diff --git a/org.glite.wms-utils.jobid/src/jobid/strmd5.c b/org.glite.wms-utils.jobid/src/jobid/strmd5.c deleted file mode 100755 index 0433f55..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/strmd5.c +++ /dev/null @@ -1,118 +0,0 @@ -#ident "$Header$" - -#include -#include -#include -#include - -#include "jobid/strmd5.h" - -#warning Thread unsafe! -static char mbuf[33]; - -static int base64_encode(const void *enc, int enc_size, char *out, int out_max_size) -{ - static const char* b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; - - unsigned char* enc_buf = (unsigned char*)enc; - int out_size = 0; - unsigned int bits = 0; - unsigned int shift = 0; - - while ( out_size < out_max_size ) { - if ( enc_size>0 ) { - // Shift in byte - bits <<= 8; - bits |= *enc_buf; - shift += 8; - // Next byte - enc_buf++; - enc_size--; - } else if ( shift>0 ) { - // Pad last bits to 6 bits - will end next loop - bits <<= 6 - shift; - shift = 6; - } else { - // Terminate with Mime style '=' - *out = '='; - out_size++; - - return out_size; - } - - // Encode 6 bit segments - while ( shift>=6 ) { - shift -= 6; - *out = b64[ (bits >> shift) & 0x3F ]; - out++; - out_size++; - } - } - - // Output overflow - return -1; -} - -char *strmd5(const char *s, unsigned char *digest) -{ - MD5_CTX md5; - unsigned char d[16]; - int i; - - MD5_Init(&md5); - MD5_Update(&md5,s,strlen(s)); - MD5_Final(d,&md5); - - if (digest) memcpy(digest,d,sizeof(d)); - - for (i=0; i<16; i++) { - int dd = d[i] & 0x0f; - mbuf[2*i+1] = dd<10 ? dd+'0' : dd-10+'a'; - dd = d[i] >> 4; - mbuf[2*i] = dd<10 ? dd+'0' : dd-10+'a'; - } - mbuf[32] = 0; - return (char *) mbuf; -} - -char *str2md5(const char *s) -{ - MD5_CTX md5; - unsigned char d[16]; - char* ret = malloc(33); - int i; - - if (!ret) - return NULL; - - MD5_Init(&md5); - MD5_Update(&md5, s, strlen(s)); - MD5_Final(d, &md5); - - for (i=0; i<16; i++) { - int dd = d[i] & 0x0f; - ret[2*i+1] = dd<10 ? dd+'0' : dd-10+'a'; - dd = d[i] >> 4; - ret[2*i] = dd<10 ? dd+'0' : dd-10+'a'; - } - ret[32] = 0; - return ret; -} - -char *str2md5base64(const char *s) -{ - MD5_CTX md5; - unsigned char d[16]; - char buf[50]; - int l; - - MD5_Init(&md5); - MD5_Update(&md5, s, strlen(s)); - MD5_Final(d, &md5); - - l = base64_encode(d, 16, buf, sizeof(buf) - 1); - if (l < 1) - return NULL; - buf[l - 1] = 0; - return strdup(buf); -} diff --git a/org.glite.wms-utils.jobid/src/jobid/strmd5.h b/org.glite.wms-utils.jobid/src/jobid/strmd5.h deleted file mode 100755 index c5d76b6..0000000 --- a/org.glite.wms-utils.jobid/src/jobid/strmd5.h +++ /dev/null @@ -1,28 +0,0 @@ -#ifndef _GLITE_STRMD5_H -#define _GLITE_STRMD5_H - -#ident "$Header$" - -/* Compute MD5 sum of the first argument. - * The sum is returned in the 16-byte array pointed to by 2nd argument - * (if not NULL) - * - * Return value: ASCII string of the sum, i.e. 32 characters [0-9a-f] - * (pointer to static area, changed by subsequent calls) - */ - -char *strmd5(const char *src, unsigned char *dst); - -/** - * Returns: allocated 32bytes long ASCII string with md5 sum - * of the first argument - */ -char *str2md5(const char *src); - -/** - * Returns: allocated 22bytes long ASCII string with md5 sum in base64 - * format of the source argument - */ -char *str2md5base64(const char *src); - -#endif /* _GLITE_STRMD5_H */ diff --git a/org.glite.wms-utils.jobid/test/Makefile.am b/org.glite.wms-utils.jobid/test/Makefile.am deleted file mode 100755 index 5111c30..0000000 --- a/org.glite.wms-utils.jobid/test/Makefile.am +++ /dev/null @@ -1,48 +0,0 @@ -## ********************************************************************* -## * -## * Copyright (c) 2002 CERN and INFN on behalf of the EU DataGrid. -## * For license conditions see LICENSE file or -## * http://www.edg.org/license.html -## * -## ********************************************************************* - -JOBID_LIBS = $(top_builddir)/src/jobid/libglite_wmsutils_jobid.la -CJOBID_LIBS = $(top_builddir)/src/jobid/libglite_wmsutils_cjobid.la - -TESTS = glite-wmsutils-jobid \ - glite-wmsutils-manipulation - -check_PROGRAMS = $(TESTS) - -glite_wmsutils_jobid_SOURCES = jobid_cu_suite.cpp \ - jobid_cu_suite.h \ - jobid_cu_main.cpp - -glite_wmsutils_jobid_LDADD = \ - $(GLITE_WMSUTILS_EXCEPTION_LIBS) \ - $(GLOBUS_GSS_THR_LIBS) \ - $(CPPUNIT_LIBS) \ - $(JOBID_LIBS) \ - $(CJOBID_LIBS) - -glite_wmsutils_manipulation_SOURCES = manipulation_cu_suite.cpp \ - manipulation_cu_suite.h \ - manipulation_cu_main.cpp - -glite_wmsutils_manipulation_LDADD = \ - $(GLITE_WMSUTILS_EXCEPTION_LIBS) \ - $(GLOBUS_GSS_THR_LIBS) \ - $(CPPUNIT_LIBS) \ - $(JOBID_LIBS) \ - $(CJOBID_LIBS) - - -AM_CPPFLAGS = -I$(top_srcdir)/interface \ - -I$(top_srcdir)/src \ - -I$(top_srcdir)/test \ - $(GLITE_CFLAGS) \ - $(GLOBUS_THR_CFLAGS) \ - $(CPPUNIT_CFLAGS) - -MAINTAINERCLEANFILES = Makefile.in *~ - diff --git a/org.glite.wms-utils.jobid/test/jobid_cu_main.cpp b/org.glite.wms-utils.jobid/test/jobid_cu_main.cpp deleted file mode 100644 index 770e306..0000000 --- a/org.glite.wms-utils.jobid/test/jobid_cu_main.cpp +++ /dev/null @@ -1,33 +0,0 @@ -#include -#include - -#include "jobid_cu_suite.h" - -#include -#include -#include -#include -#include - -using namespace CppUnit; -using namespace std; - -int main (int argc , char** argv) -{ - std::ofstream xml("./cppUnit_output.xml",ios::app); - - CppUnit::TestResult controller; - CppUnit::TestResultCollector result; - controller.addListener( &result ); - - TestRunner runner; - runner.addTest(Jobid_test::suite()); - runner.run(controller); - - CppUnit::XmlOutputter outputter( &result, xml ); - CppUnit::TextOutputter outputter2( &result, std::cerr ); - outputter.write(); - outputter2.write(); - - return result.wasSuccessful() ? 0 : 1 ; -} diff --git a/org.glite.wms-utils.jobid/test/jobid_cu_suite.cpp b/org.glite.wms-utils.jobid/test/jobid_cu_suite.cpp deleted file mode 100644 index ebe04da..0000000 --- a/org.glite.wms-utils.jobid/test/jobid_cu_suite.cpp +++ /dev/null @@ -1,102 +0,0 @@ -#include "jobid_cu_suite.h" - - -using namespace CppUnit; -using namespace std; -using namespace glite::wmsutils::jobid; - - -void Jobid_test::setUp() -{} - -void Jobid_test::tearDown() -{} - -void Jobid_test::Constructor_case() -{ - //EMPTY CONSTRUCTOR - JobId empty; - - CPPUNIT_ASSERT(empty.isSet()==false); - - //create a string with cjobid - string bkserver="grid012g.cnaf.infn.it"; - edg_wlc_JobId jobid; - int bkport=6000; - int ok=edg_wlc_JobIdCreate(bkserver.c_str(), bkport, &jobid); - CPPUNIT_ASSERT(ok == 0); - if (ok==0) - { - string jobstring=edg_wlc_JobIdUnparse(jobid); - - //STRING CONSTRUCTOR - JobId stringCons(jobstring); - - //EDG_WLC CONSTRUCTOR - JobId edg_wlc_Cons(jobid); - - //test copy constructor - JobId copycon(stringCons); - - CPPUNIT_ASSERT(stringCons.isSet()); - CPPUNIT_ASSERT(edg_wlc_Cons.isSet()); - CPPUNIT_ASSERT(copycon.isSet()); - - //test = - JobId testequal; - testequal=stringCons; - CPPUNIT_ASSERT(testequal.isSet()); - - JobId testoperator; - testoperator=jobid; - CPPUNIT_ASSERT(testoperator.isSet()); - - edg_wlc_JobId testget = edg_wlc_Cons.getId(); - char *server; - unsigned int port; - edg_wlc_JobIdGetServerParts(testget, &server, &port); - string serverstring = server; - CPPUNIT_ASSERT(port==bkport); - CPPUNIT_ASSERT(serverstring==bkserver); - } - - CPPUNIT_ASSERT_THROW( JobId stringwrong("grid012"), WrongIdException); -} - -void Jobid_test::Clear_case() -{ - JobId *element; - string jobstring="https://grid012g.cnaf.infn.it:6000/qaKyEoV3G144rmoyXeW6QA"; - CPPUNIT_ASSERT_NO_THROW(element= new JobId(jobstring)); - - CPPUNIT_ASSERT(element->isSet()); - element->clear(); - CPPUNIT_ASSERT(element->isSet()==false); - delete element; -} - -void Jobid_test::SetandGet_case() -{ - JobId element; - string lbserver="grid012g.cnaf.infn.it"; - int port=6000; - string unique ="qaKyEoV3G144rmoyXeW6QA"; - element.setJobId(lbserver, port, unique); - - string server=element.getServer(); - lbserver=lbserver+":6000"; - - CPPUNIT_ASSERT(server==lbserver); - string lonely=element.getUnique(); - CPPUNIT_ASSERT(lonely==unique); - - string descr=element.toString(); - cout << "!!! BEGIN TEST toString() METHOD!!!"<< endl; - cout << descr < -#include -#include - -#include - -#include "glite/wmsutils/jobid/JobId.h" -#include "glite/wmsutils/jobid/cjobid.h" -#include "glite/wmsutils/jobid/JobIdExceptions.h" - -class Jobid_test : public CppUnit::TestFixture { - - CPPUNIT_TEST_SUITE(Jobid_test); - - CPPUNIT_TEST(Constructor_case); - CPPUNIT_TEST(Clear_case); - CPPUNIT_TEST(SetandGet_case); - - CPPUNIT_TEST_SUITE_END(); - - -public: - - void setUp(); - void tearDown(); - - void Constructor_case(); - void Clear_case(); - void SetandGet_case(); - -}; - - - diff --git a/org.glite.wms-utils.jobid/test/manipulation_cu_main.cpp b/org.glite.wms-utils.jobid/test/manipulation_cu_main.cpp deleted file mode 100644 index 07d2914..0000000 --- a/org.glite.wms-utils.jobid/test/manipulation_cu_main.cpp +++ /dev/null @@ -1,33 +0,0 @@ -#include -#include - -#include "manipulation_cu_suite.h" - -#include -#include -#include -#include -#include - -using namespace CppUnit; -using namespace std; - -int main (int argc , char** argv) -{ - std::ofstream xml("./cppUnit_output.xml",ios::app); - - CppUnit::TestResult controller; - CppUnit::TestResultCollector result; - controller.addListener( &result ); - - TestRunner runner; - runner.addTest(Manipulation_test::suite()); - runner.run(controller); - - CppUnit::XmlOutputter outputter( &result, xml ); - CppUnit::TextOutputter outputter2( &result, std::cerr ); - outputter.write(); - outputter2.write(); - - return result.wasSuccessful() ? 0 : 1 ; -} diff --git a/org.glite.wms-utils.jobid/test/manipulation_cu_suite.cpp b/org.glite.wms-utils.jobid/test/manipulation_cu_suite.cpp deleted file mode 100644 index a6a69d8..0000000 --- a/org.glite.wms-utils.jobid/test/manipulation_cu_suite.cpp +++ /dev/null @@ -1,34 +0,0 @@ -#include "manipulation_cu_suite.h" - - -using namespace CppUnit; -using namespace std; -using namespace glite::wmsutils::jobid; - - -void Manipulation_test::setUp() -{} - -void Manipulation_test::tearDown() -{} - -void Manipulation_test::to_fromfile_case() -{ - JobId element; - - string lbserver="grid012g.cnaf.infn.it"; - int port=6000; - string unique ="qaKyEoV3G144rmoyXeW6QA"; - element.setJobId(lbserver, port, unique); - - string filename=to_filename(element); - - JobId newelement = from_filename(filename); - - string reduced = get_reduced_part(element, 7); - - string newreduced = get_reduced_part(newelement, 7); - - CPPUNIT_ASSERT(reduced==newreduced); -} - diff --git a/org.glite.wms-utils.jobid/test/manipulation_cu_suite.h b/org.glite.wms-utils.jobid/test/manipulation_cu_suite.h deleted file mode 100644 index 287b902..0000000 --- a/org.glite.wms-utils.jobid/test/manipulation_cu_suite.h +++ /dev/null @@ -1,29 +0,0 @@ -#include -#include -#include - -#include - -#include "glite/wmsutils/jobid/JobId.h" -#include "glite/wmsutils/jobid/manipulation.h" - -class Manipulation_test : public CppUnit::TestFixture { - - CPPUNIT_TEST_SUITE(Manipulation_test); - - CPPUNIT_TEST(to_fromfile_case); - - CPPUNIT_TEST_SUITE_END(); - - -public: - - void setUp(); - void tearDown(); - - void to_fromfile_case(); - -}; - - - diff --git a/org.gridsite.core/.cvsignore b/org.gridsite.core/.cvsignore deleted file mode 100644 index e970233..0000000 --- a/org.gridsite.core/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.project \ No newline at end of file diff --git a/org.gridsite.core/CHANGES b/org.gridsite.core/CHANGES deleted file mode 100644 index 5a7716a..0000000 --- a/org.gridsite.core/CHANGES +++ /dev/null @@ -1,210 +0,0 @@ -* Fri Jun 10 2005 Andrew McNab -- ==== GridSite version 1.1.11 ==== -* Fri Jun 10 2005 Andrew McNab -- Tidy up gsexec vs GridSiteDiskMode -* Fri Jun 10 2005 Andrew McNab -- ==== GridSite version 1.1.10 ==== -* Wed Jun 8 2005 Andrew McNab -- Add GridSiteDiskMode Apache directive to set file - permissions. -- Add GridSiteExecMethod and GridSiteUserGroup to - configure suexec or extended gsexec functionality. -* Thu Jun 2 2005 Andrew McNab -- HTML improvements for Bug #4083 -- Note that GridSite currently doesn't work with SHM - SSL session cache, in httpd-*.conf and config guide. -- Add GridSiteExecMethod for use with gsexec -* Thu May 26 2005 Andrew McNab -- Include gsexec, a drop-in replacement for suexec, - which can do suexec execution of CGI programs or - pool-account mapping based on client DN. -* Tue May 24 2005 Shiv Kaushal -- Add XACML support to GACL code in libgridsite. -* Tue May 24 2005 Andrew McNab -- ==== GridSite version 1.1.9 ==== -* Mon Apr 25 2005 Andrew McNab -- Avoid build problems when using pre-0.9.7 OpenSSL - (ie with Globus compatibility.) -* Mon Apr 25 2005 Andrew McNab -- ==== GridSite version 1.1.8 ==== -* Mon Feb 28 2005 Andrew McNab -- Fix to GRSTgaclUndenyPerm in gridsite.h (bug #7135) - from Marco Sottilaro -* Mon Feb 28 2005 Andrew McNab -- ==== GridSite version 1.1.7 ==== -* Thu Feb 24 2005 Andrew McNab -- Add more sanity checking (signatures, dates, issuer,) - holder) to VOMS attribute parser. -* Mon Feb 21 2005 Andrew McNab -- Add bugfix for Bug #6357 from Fabrizio Pacini - to fix delegation proxy - cache names in OpenSSL 0.9.7. -* Sun Feb 20 2005 Andrew McNab -- Add basic VOMS support (signature checking not yet - in) for X.509 Attribute Certificates. -* Tue Feb 8 2005 Andrew McNab -- ==== GridSite version 1.1.6 ==== -* Tue Feb 8 2005 Andrew McNab -- Include GRSTx509MakeProxyFileName() and - GRSTx509StringToChain() (code to used hashes in cached - proxy file names.) Bug #6357 -- Change ordering of output proxy file produced by - GRSTx509CacheProxy so proxy private key is the 2nd PEM - encoded block (rather than at the end.) Bug #6365 -- Add libgridsite_globus[.so|.a] in preparation for - separate Globus OpenSSL and system OpenSSL versions -* Tue Feb 8 2005 Andrew McNab -- ==== GridSite version 1.1.5 ==== -* Tue Dec 14 2004 Andrew McNab -- Patch from Daniel Kouril to allow - switching Globus vs system OpenSSL libraries/headers. -* Tue Dec 14 2004 Andrew McNab -- ==== GridSite version 1.1.4 ==== -* Mon Nov 15 2004 Andrew McNab -- Back out of (most of) redone VOMS support for committing - to JRA1 CVS. -* Thu Oct 19 2004 Andrew McNab -- ==== GridSite version 1.1.3 ==== -* Thu Oct 19 2004 Andrew McNab -- Fix Bug #5203 from Martijn Steenbakkers - by fixing GACLparseEntry in gridsite-gacl.h -- Change to C style comments (mostly) in gridsite.h and - gridsite-gacl.h (fixes part of Bug #4222 from - ) -- Fix Bug #4225 from in - GRSTgaclCredsFree() -- Add GRSTx509CachedProxyFind() and findproxyfile - command to allow proxies to be found in proxy cache -- Change GRSTx509StoreProxy() to GRSTx509CacheProxy() for - consistency with this and GRSTx509CachedProxyKeyFind() -* Wed Oct 18 2004 Andrew McNab -- ==== GridSite version 1.1.2 ==== -* Tue Oct 19 2004 Andrew McNab -- Copy code from delegation prototype into grst_x509.c - and include htproxyput.c and grst-delegation.c - optional targets (which depend on gSOAP.) -* Wed Oct 13 2004 Andrew McNab -- Include per-file patch to GRSTgaclFileFindAclname: - .gacl:FILENAME controls FILENAME if it exists. -* Tue Jul 27 2004 Andrew McNab -- ==== GridSite version 1.1.1 ==== -* Tue Jul 27 2004 Andrew McNab -- Include HTTP Downgrade support in htcp -* Sat Jul 24 2004 Andrew McNab -- Include HTTP Downgrade support in mod_gridsite. -* Thu Jul 22 2004 Andrew McNab -- Begin development version 1.1.x -* Thu Jul 22 2004 Andrew McNab -- ==== GridSite version 1.1.0 ==== -* Mon Jul 19 2004 Andrew McNab -- Changes in line with EGEE SCM - most importantly - the top level directory becomes org.gridsite.core -* Mon Jul 19 2004 Andrew McNab -- ==== GridSite version 1.0.3 ==== -* Mon Jun 28 2004 Andrew McNab -- In GRSTx509CheckChain() and GRSTx509CompactCreds() - we now accept the first cert in a chain as a CA - even if it is X509v3 but without the CA bits set. - (On the basis that the first chain is from the - administrator-installed CA files store.) -* Sun Jun 27 2004 Andrew McNab -- ==== GridSite version 1.0.2 ==== -* Sun Jun 27 2004 Andrew McNab -- Fix for Bug #2860 (so can now read DN Lists over - HTTPS when have no user certificate if relevant - .gacl gives permission but not ) -- Include gridsite-gacl.h mods from Daniel Kouril - to fix faulty definitions - of GACLnewEntry() and GACLnewAcl() and to make - a legacy non-static GACLparseEntry() wrapper. -* Thu Jun 17 2004 Andrew McNab -- Changes to mod_gridsite.h for Fedora Core 2 / - Apache 2.0.49+ mod_ssl changes (mod_ssl-private.h) -* Wed Jun 9 2004 Andrew McNab -- Incorporate EGEE CVS layout changes in production - branch. -* Wed Jun 9 2004 Andrew McNab -- ==== GridSite version 1.0.1 ==== -* Sun Dec 14 2003 Andrew McNab -- 1.0.0 is first full production release - (development now in 1.1.x branch) -* Sun Dec 14 2003 Andrew McNab -- ==== GridSite version 1.0.0 ==== -* Sat Dec 13 2003 Andrew McNab -- Remove need for modified mod_ssl-gridsite: now - mod_gridsite intercepts callbacks with wrappers. -- Add GRSTx509NameCmp() which compares string reps of - DNs across OpenSSL version changes (ie Email=) -* Fri Dec 12 2003 Andrew McNab -- ==== GridSite version 0.9.11 ==== -* Thu Dec 11 2003 Andrew McNab -- Simplify checking of cert/proxy chain in - mod_ssl-gridsite: rely on mod_ssl/OpenSSL more. -* Wed Dec 2 2003 Andrew McNab -- ==== GridSite version 0.9.10 ==== -* Tue Dec 1 2003 Andrew McNab -- GACL ignores leading/trailing spaces in values. -* Sat Nov 29 2003 Andrew McNab -- Better directory listing in htcp. -- htcp now built as separate binary RPM. -- gridsite-admin.cgi upload now redirects to same - directory after upload (Bug #1939); allows - optional new name for file (Request / Bug #1940); - and has better checking of ../dir/file attacks. -* Sat Nov 29 2003 Andrew McNab -- ==== GridSite version 0.9.8 ==== -* Thu Nov 27 2003 Andrew McNab -- Shiv's updated GACL editor, with redirects. -* Wed Nov 26 2003 Andrew McNab -- Include Daniel Stenberg's roffit script to make - HTML man pages for htcp and urlencode. -- Various fixes found when installing GridPP WWW. -* Wed Nov 26 2003 Andrew McNab -- ==== GridSite version 0.9.7 ==== -* Thu Nov 20 2003 Andrew McNab -- Major updates to htcp (htrm/htls/htll) -- GACL now recurses subdirectories when examining - the DN List directories path. -* Sat Nov 15 2003 Andrew McNab -- ==== GridSite version 0.9.6 ==== -* Fri Nov 14 2003 Andrew McNab -- Function call fixes in grst-admin.cgi -* Thu Nov 13 2003 Andrew McNab -- Add htcp (curl-url-get reborn) -* Thu Nov 13 2003 Andrew McNab -- ==== GridSite version 0.9.5 ==== -* Thu Nov 13 2003 Andrew McNab -- More grst-admin.cgi GACL updates from Shiv. -- .gacl security improvements to grst-admin.cgi from - Shiv Kaushal and Peter Moore. -* Tue Nov 11 2003 Andrew McNab -- One RPM instead of three, with version from VERSION -- Textarea for HTML/Text editing now 80 columns -* Mon Nov 10 2003 Andrew McNab -- Add delegation level and GridSiteGSIProxyLimit - support. -- Add GridSiteAdminList handling to mod_gridsite - and real-gridsite-admin.cgi -* Sun Nov 9 2003 Andrew McNab -- Add directory create/delete, and file/dir rename. -- Add ZIP listing/unzipping via external unzip - utility from http://www.info-zip.org/pub/infozip/ -* Mon Nov 3 2003 Andrew McNab -- Include next version of Shiv's GACL editor. -- Add rpm-usr target to Makefile, to make RPMs - out-of-the-box compatible with RH9 and its Apache2 -- Use REMOTE_DOUBLE_REV for GACL hostname creds in - mod_gridsite.c/mod_gridsite_perm_handler() -* Sun Oct 26 2003 Andrew McNab -- Include GACL editor in real-gridsite-admin.cgi - from Shiv Kaushal -* Sun Oct 26 2003 Andrew McNab -- Reorganise into a single build tree, including - Apache 2.0 .h files to remove circular dependency. -* Sun Oct 26 2003 Andrew McNab -- ==== GridSite version 0.9.4 ==== -* Sun Oct 19 2003 Andrew McNab -- Include many pieces of GridSite code from 0.3.x (CGI) - fileGridSite and mod_gridsite 0.9.0 -* Sun Oct 19 2003 Andrew McNab -- ==== GridSite version 0.9.3 ==== diff --git a/org.gridsite.core/INSTALL b/org.gridsite.core/INSTALL deleted file mode 100644 index 3da6cde..0000000 --- a/org.gridsite.core/INSTALL +++ /dev/null @@ -1,39 +0,0 @@ -BUILDING/INSTALLING GRIDSITE -============================ - -For more detailed instructions, see the install.html file, either -in the ./doc subdirectory in the sources, in the directory -gridsite-VERSION/html of the docs directory when GridSite is -installed, or http://www.gridsite.org/1.1.x/install.html - -GridSite is currently only supported on Linux, but should be -trivially portable to other Unix platforms where the GNU build -tools are available. - -When building from source, two routes are available: building -with Make or with RPM. - -BUILDING WITH MAKE -================== - -make -make install - -will build all components and install them all under the default -locations of /usr/local/[lib|bin|include|sbin] The default prefix -/usr/local is set by the prefix variable in the top level Makefile - -BUILDING WITH RPM -================= - -For RedHat Linux and derivatives, building with RPM is recommended. -The command - -make rpm - -will build the gridsite and htcp binary RPMs in the directory -../RPMTMP/RPMS/i386 relative to the working directory. A SRPM is -put into ../RPMTMP/SRPMS - -Building with RPM uses the default prefix /usr, although the -resulting RPMs are relocatable to other hierarchies. diff --git a/org.gridsite.core/LICENSE b/org.gridsite.core/LICENSE deleted file mode 100644 index befd74b..0000000 --- a/org.gridsite.core/LICENSE +++ /dev/null @@ -1,47 +0,0 @@ -Copyright (c) 2002-5, Andrew McNab and Shiv Kaushal, -University of Manchester. All rights reserved. - -Redistribution and use in source and binary forms, with or -without modification, are permitted provided that the following -conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS -BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. - - -Clearly marked portions of the published GridSite source code -are derived from Apache httpd or its modules, and are covered -by the Apache Software License: - -Copyright 2001-2005 The Apache Software Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/org.gridsite.core/README b/org.gridsite.core/README deleted file mode 100644 index 62730a6..0000000 --- a/org.gridsite.core/README +++ /dev/null @@ -1,3 +0,0 @@ -See INSTALL for build and installation instructions, and -the Documentation section of http://www.gridsite.org/ -for configuration and usage guides. diff --git a/org.gridsite.core/VERSION b/org.gridsite.core/VERSION deleted file mode 100644 index 2e3c1a3..0000000 --- a/org.gridsite.core/VERSION +++ /dev/null @@ -1,4 +0,0 @@ -MAJOR_VERSION=1 -MINOR_VERSION=1.1 -PATCH_VERSION=1.1.11 -VERSION=$(PATCH_VERSION) diff --git a/org.gridsite.core/build.xml b/org.gridsite.core/build.xml deleted file mode 100644 index 7d92f11..0000000 --- a/org.gridsite.core/build.xml +++ /dev/null @@ -1,274 +0,0 @@ - - - - - - - Ant build file to build the Gridsite Core Component - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${global.prefix} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - New tag is ${cvs.label} - - - - - - - - - - - - - - - - - - New tag is ${cvs.label} - - - - - - - - - - - - - - - - - - diff --git a/org.gridsite.core/doc/README.htcp-bin b/org.gridsite.core/doc/README.htcp-bin deleted file mode 100644 index ac546fc..0000000 --- a/org.gridsite.core/doc/README.htcp-bin +++ /dev/null @@ -1,13 +0,0 @@ -Binaries (and links) are in ./bin; man pages are in ./man/man1 - -Install by copying binaries/links onto your path, or by copying htcp -and making symbolic links to htcp from htls, htll, htrm and htmkdir. - -All the .1 man pages should be copied to a suitable ./man/man1 -directory on your man path. - -If you just want to install htcp in /usr/local, then unpacking this -tgz file in /usr/local should do the trick. (Delete this README when -you're finished!) - -For more about htcp see http://www.gridsite.org/ diff --git a/org.gridsite.core/doc/admin.html b/org.gridsite.core/doc/admin.html deleted file mode 100644 index 1f7f422..0000000 --- a/org.gridsite.core/doc/admin.html +++ /dev/null @@ -1,103 +0,0 @@ -GridSite Admin Guide - -

GridSite Admin Guide

- -

-This Guide is intended for people administrating areas of GridSite -websites or fileservers, or managing GridSite's DN List groups - that is, -how to use GridSite to manage other people's access to parts of the site - -for example, people's write access to areas devoted to specific subprojects. - -

- There is a separate -User Guide - which explains how to authenticate to the server with X.509 certificates, -and how to manage files via a standard web browser or with command-line -HTTPS clients. You should be familiar with the User Guide to fully -understand this Admin Guide. - -

- You may also find the -Config Guide - useful to understand how the Apache webserver is configured with GridSite -extensions. If you are also the Apache webmaster for your site, you will -definitely need to read the Config Guide to create the httpd.conf file. -However, if you only need to manage webpages and files, then this Admin -Guide and the User Guide should be sufficient. - -

Groups and DN Lists

- -

-GridSite defines groups of people using plain text DN Lists - that is, lists -of people's certificate DNs. Each DN List has a URL which uniquely -identifies the list (and may also allow other sites to obtain the list and -use it themselves.) For example, the list of all GridPP members is -https://www.gridpp.ac.uk/dn-lists/gridpp (note that it's https:// not -http:// - this means that other sites that download the list can check the -certificate of www.gridpp.ac.uk and know they're talking to the -authoritative source of the lists.) - -

-The system can also have a number of other DN Lists which are associated with -specific groups of people and perhaps with specific areas of responsibility -of the website. If the DN List directory URI is /dn-lists/ then -there is a full list of the DN Lists exported by the server at that URI -(for example, https://www.gridpp.ac.uk/dn-lists/ ) - -

-If you have permission to modify a DN List, you can start changing it by -going to /dn-lists/ (via HTTPS), using the "Manage directory" -button and finding the URL of your DN List in the listings. You may -need to go down into a subdirectory to find your list. For -example, https://www.gridpp.ac.uk/dn-lists/atlas is in the atlas -subdirectory of /dn-lists/ (You may wish to bookmark the listing of such -a directory if you frequently work with one.) - -

-DN List directories are managed by the ACLs described in the next section, -and if you have write permission, you can edit the lists already there, and -add new lists with the same prefix (this means you can readily create your -own subgroups.) - -

Access Control Lists

- -

-DN Lists appear in the Grid Access Control Lists (GACL) used by GridSite. -These are stored as .gacl files in directories: if the .gacl file is -present, it governs access to the directory; if it is absent, then the -parent directories are searched upwards until a .gacl is found. - -

-The GridSite GACL Reference explains the XML format -of these files, but they -can be edited using the ACL editor built into the GridSite system by people -who have the Admin permission within the ACL. - -

-If you have this permission in a given directory, when you view directory -listings or files in that directory you will see the option "Manage -Directory" in the page footer. This allows you to get a listing of the -directory and the .gacl file will appear at the top if it's present. If not, -then there will be a button to create a new .gacl file with the same -permissions as have been inherited by that directory from its parent. - -

-GACL allows quite complex conditions to be imposed on access, but normally -you can think of an ACL as being composed of a number of entries, each of -which contains one condition (the required credential) and a set of allowed -and denied permissions. - -

-Credentials can be individual user's certificate names or whole groups of -certificate names if a DN List is given. (You can also specifiy hostname -patterns using Unix shell wildcards (eg *.ac.uk) or EDG VOMS attribute -certificates - see the GACL Reference for details.) - -

-Permissions can be Admin (edit the ACL), Write (create, modify or delete -files), List (browse the directory) or Read (read files.) Permissions can be -allowed or denied. If denied by any entry, the permission is not available -to that user or DN List (depending on what credential type was associated -with the Deny.) - - diff --git a/org.gridsite.core/doc/build-apache2.sh b/org.gridsite.core/doc/build-apache2.sh deleted file mode 100644 index 507be31..0000000 --- a/org.gridsite.core/doc/build-apache2.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2002-3, Andrew McNab, University of Manchester -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or -# without modification, are permitted provided that the following -# conditions are met: -# -# o Redistributions of source code must retain the above -# copyright notice, this list of conditions and the following -# disclaimer. -# o Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials -# provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. -# -#--------------------------------------------------------------- -# For more information about GridSite: http://www.gridsite.org/ -#--------------------------------------------------------------- -# -# This script takes an Apache .tar.gz as the single command line argument, -# unpacks the file, modifies the httpd.spec it contains to work without -# the "-C" option to configure (which RedHat 7.3 doesnt like) and -# outputs source and binary RPMs in SRPMS and RPMS/i386 - -if [ "$1" = "" ] ; then - echo Must give a tar.gz file name - exit -fi - -export MYTOPDIR=`pwd` - -if [ -x /usr/bin/rpmbuild ] ; then - export RPMCMD=rpmbuild -else - export RPMCMD=rpm -fi - -echo "$1" | grep '\.tar\.gz$' >/dev/null 2>&1 -if [ $? = 0 ] ; then # a gzipped source tar ball - - rm -Rf $MYTOPDIR/BUILD $MYTOPDIR/BUILDROOT $MYTOPDIR/SOURCES - mkdir -p $MYTOPDIR/SOURCES $MYTOPDIR/SPECS $MYTOPDIR/BUILD \ - $MYTOPDIR/SRPMS $MYTOPDIR/RPMS/i386 $MYTOPDIR/BUILDROOT - - shortname=`echo $1 | sed 's:^.*/::' | sed 's:\.tar\.gz$::'` - - cp -f $1 SOURCES - - tar zxvf SOURCES/$shortname.tar.gz $shortname/httpd.spec - cp -f $shortname/httpd.spec SPECS - - sed -e 's/configure -C /configure /' \ - SPECS/httpd.spec >SPECS/httpd-2.spec - - $RPMCMD --define "_topdir $MYTOPDIR" \ - -ba --buildroot $MYTOPDIR/BUILDROOT SPECS/httpd-2.spec - - exit -fi - -echo I dont recognise the file type (must be .tar.gz) - -exit diff --git a/org.gridsite.core/doc/config.html b/org.gridsite.core/doc/config.html deleted file mode 100644 index 2edeb27..0000000 --- a/org.gridsite.core/doc/config.html +++ /dev/null @@ -1,196 +0,0 @@ -GridSite Config Guide - -

GridSite Config Guide

- -

-This Guide is intended for webmasters setting up -GridSite with an Apache 2.0 -webserver. We assume you have root access to the server machine to do this. -There is a separate Admin Guide for -people administrating areas of GridSite -websites or fileservers, or managing GridSite's DN List groups. That is, for -people managing files on the server rather than the server itself. - -

Installation

- -

-We assume you have installed Apache 2.0 and GridSite, using the -Building and Installation Guide where necessary. -This Config Guide assumes installation has been done under /usr. For an -alternative tree like /usr/local, the relative paths should be the same. - -

-Installation should have given you an Apache 2.0 httpd binary at -/usr/sbin/httpd and a set of standard Apache 2.0 modules in -/usr/lib/httpd/modules/ including the standard mod_ssl -and our mod_gridsite.so module. - -

-GridSite also includes some commands and man pages in /usr/bin and -/usr/share/man/man1: urlencode and -htcp. - -

Certificates

- -

-You must also install the CA root certificates of the CA's -used by the users you wish to talk to. These should be installed in -/etc/grid-security/certificates as files like 01621954.0, and RPMs and tar -files for many common European and North American CAs are available from - -https://datagrid.in2p3.fr/distribution/datagrid/security/ - -

-This location also has VOMS server certificate RPMs which install into -the /etc/grid-security/vomsdir directory. You may also manually install VOMS -server certificates into that directory with any filename. (GridSite -currently parses the certificate itself when looking for a match, rather -than checking the filename.) - -

-The server itself needs a certificate to supply to clients that use HTTPS -connections. You should apply for this from your Certification Authority -(for example, the UK e-Science -CA) and your request must use the advertised hostname of your server -(the one that appears in URLs and not, for instance, the canonical name of -the host itself.) This advertised hostname should appear in the -Distinguished Name of your request. (For example -/C=UK/O=eScience/OU=Manchester/L=HEP/CN=www.gridpp.ac.uk) For compatability -with standard browsers, the /CN= component should not include any -Globus-style service name (so not /CN=host/www.gridpp.ac.uk) If -possible, you should also include the advertised hostname as a DNS Subject -Alternative Name. Consult your CA first if you're in any doubt about how to -compose your certificate request. - -

-Once you've got your certificate, -Apache uses the certificate and private key in PEM format. If you obtained -your certificate and key in PKCS#12 or .p12 format (eg by exporting from a web -browser), you can convert the .p12 file to .pem with the following commands: -

-openssl pkcs12 -in ck.p12 -clcerts -nokeys -out hostcert.pem
-openssl pkcs12 -in ck.p12 -nodes  -nocerts -out hostkey.pem
-
- -

-Copy the PEM files to /etc/grid-security/ as hostcert.pem (which -should be world readable) and hostkey.pem (which should only be readable by -root): - -

-chown root.root hostkey.pem hostcert.pem
-chmod 400 hostkey.pem
-chmod 444 hostcert.pem
-
- -

httpd.conf

- -

-/etc/httpd/conf/httpd.conf is the key to configuring the Apache 2.0 -webserver. The directives in this file determine which files the server will -publish, how they are handled, which areas are writeable and who can access -them. Through mod_gridsite.so, the GridSite system itself is configured by -directives in this file. - -

-The easiest way to get started is to examine the example httpd.conf files we -provide. - -

-Please note: this version of GridSite is not compatible with the -SHM SSL session cache - use the DBM or per-process caches instead. - - - -

httpd-fileserver.conf

- -

-httpd-fileserver.conf is an example -configuration file to use Apache/GridSite as a read/write HTTP(S) -fileserver, including comments on how to get the server up and running. - -

httpd-webserver.conf

- -

-httpd-webserver.conf is an example -configuration file to use Apache/GridSite as a Web Server -(that is, primarily for interactive use with a browser) -including comments on how to get the server up and running. - -

GridSite Directives

- -

-The mod_gridsite reference lists all the GridSite -httpd.conf directives. - -

-To start serving files, make a directory /var/www/htdocs owned by -nobody.nobody, including the .gacl access control file described below, -and add the following directive to the HTTPS <Directory> section: - -

-GridSiteMethods GET PUT DELETE - -

-If you wish to accept Globus GSI Proxies as well as full X.509 user -certificates, set GridSiteGSIProxyLimit to the depth of proxy you -wish to accept. (As a _rough_ guide: 0=No Proxies; 1=Proxy on user's -machine; 2=Proxy owned by running Globus job; 3=Proxy delegated by a -Globus job.) - -

GACL access control

- -

-The GACL reference explains the XML access -control files used by GridSite. These allow flexible policies to be written, -in terms of X.509 user certificates, GSI proxies, VOMS attribute -certificates, DN List groups and DNS hostnames. - -

-For example, to give all clients read and list permission: -

-

-<gacl>
-<entry>
-  <any-user/>
-  <allow><read/><list/></allow>
-</entry>
-</gacl>
-
- -

-To enable writing, add DN List, Person or VOMS entries to the file. -For example: - -

-

-<gacl>
-<entry>
-  <any-user/>
-  <allow><read/><list/></allow>
-</entry>
-<entry>
-  <person>
-  <dn>/C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew McNab</dn>
-  </person>
-  <allow><write/></allow>
-</entry>
-</gacl>
-
- -

-The GACL file that governs a directory is stored as .gacl in that directory. -If no .gacl is present, then GridSite will search the parent directories in -ascending order until one is found. - - - - diff --git a/org.gridsite.core/doc/findproxyfile.1 b/org.gridsite.core/doc/findproxyfile.1 deleted file mode 100644 index ae2f944..0000000 --- a/org.gridsite.core/doc/findproxyfile.1 +++ /dev/null @@ -1,63 +0,0 @@ -.TH findproxyfile 1 "October 2004" findproxyfile "FINDPROXYFILE Manual" -.SH NAME -.B findproxyfile -\- returns full path to GSI Proxy file -.SH SYNOPSIS -.B findproxyfile -[--proxycache=PATH] [--delegation-id=ID] [--user-dn=DN] [--outsidecache] -.SH DESCRIPTION -.B findproxyfile -returns full path to a GSI Proxy file, either in the proxy cache maintained -by the GridSite G-HTTPS and delegation portType functions, or in other -standard places. - -If a User DN is given -.B findproxyfile -uses the value of the -.B --proxycache -argument, the GRST_PROXY_PATH or the -compile time default to detemine the location of the proxy cache directory. -The directory is searched for a proxy having the given User DN and -Delegation ID. (If no Delegation ID is specificed, then the default value is -used.) - -If -.B findproxyfile -does not find a proxy or if a User DN is not given, but -.B --outsidecache -was given, then the environment variable X509_USER_PROXY and the standard -location /tmp/x509up_uUID are searched as well. - -.SH OPTIONS - -.IP "--proxycache=PATH" -Give the path of the proxy cache directory explicitly, overriding the -default and the GRST_PROXY_PATH environment variable if present. - -.IP "--delegation-id=ID" -The optional delegation ID is search for in the proxy cache in addition to -the User DN. If absent, the default Delegation ID value is searched for. - -.IP "--user-dn=DN" -The DN of the full user certificate associated with the proxy to be searched -for in the proxy cache. (This is not the DN of any proxy earlier in the -chain: it is a the DN of a certificate issued by a recognised CA.) - -.IP "--outsidecache" -If a User DN is not given, or a proxy not found in the cache, then search -for a proxy using X509_USER_PROXY environment variable and file name of -form /tmp/x509up_uUID as well. - -.SH RETURN VALUE -If a proxy is found, its full path is output on standard out. - -.SH EXIT CODES -0 is returned on succcess. Non-zero otherwise. - -.SH BUGS -In this version, no attempt is made to verify or validate the proxies. - -.SH AUTHOR -Andrew McNab - -findproxyfile is part of GridSite: http://www.gridsite.org/ diff --git a/org.gridsite.core/doc/gacl.html b/org.gridsite.core/doc/gacl.html deleted file mode 100644 index 82be605..0000000 --- a/org.gridsite.core/doc/gacl.html +++ /dev/null @@ -1,84 +0,0 @@ -GridSite: Grid Access Control Language - -

GridSite: Grid Access Control Language

- -

-GACL is the authorization policy language used by -GridSite GACL allows -policies to be written in terms of common Grid credentials: X.509 -identities, GSI proxies, VOMS attribute certificates and lists of X.509 -identities. - -

-GridSite both uses GACL policies and provides a GACL manipulation API for -C/C++ in the GridSite library. - -

Credentials

- -

-In GridSite 1.1.x, four credential types are supported: - -

-<person> -<dn>/O=Grid/CN=Name</dn> -</person> - -

-<voms> -<fqan>/vo.dom.ain/group</fqan> -</voms> - -

-<dn-list> -<url>https://www.vo.dom.ain/dn-lists/group</url> -</dn-list> - -

-<dns> -<hostname>host*.dom.ain</hostname> -</dns> - -

Permissions

- -

-Five permissions are supported: Admin, Write, List, Exec and Read. Admin is -permission to modify the authorization policy itself, but applications can -map the other permissions to local methods as appropriate to their -environment. For filesystems and fileservers, Write, List and Read have -their usual meanings: creating or modifying files or directories; browsing -directories; reading files. Exec is not used by GridSite itself, and -applications are free to give it a meaning within their own contexts. - -

-In 1.0.x, only per-directory GACL files are supported, and the file is stored -in the directory in question, or in one of its parent directories. (GridSite -searches upwards until it finds one.) - -

-In GACL files, the permissions are represented by single tags: -<admin/>, <write/>, <list/>, <exec/>, <read/>. -Permission -tags are contained within Allow or Deny blocks. For example: -<allow><read/><list/></allow> or -<deny><admin/></deny>. - -

Entries

- -

-Entries associate credentials with permission statements. Entries consist of -one or more credential blocks, and either an Allow or a Deny block, or both. -If multiple credentials are present in one entry, they must all be held by a -user to receive the association permissions. (So Entries provide logical AND -of credentials.) - -

Access Control Lists

- -

-ACLs consist of a list of one or more Entry blocks. When a user's credentials -are compared to the ACL, the permissions given to the user by Allow blocks -are recorded, along with those forbidden by Deny blocks. When all entries -have been evaluated, any forbidden permissions are removed from those -granted. (So Deny always wins over Allow, even between different Entries, -but otherwise ACLs provide logical OR of credentials.) - - diff --git a/org.gridsite.core/doc/gsexec.8 b/org.gridsite.core/doc/gsexec.8 deleted file mode 100644 index fbc5a62..0000000 --- a/org.gridsite.core/doc/gsexec.8 +++ /dev/null @@ -1,56 +0,0 @@ -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "GSEXEC" 8 "2005-05-27" "GridSite Apache Extensions" "gsexec" - -.SH NAME -gsexec \- Switch user before executing external programs - -.SH "SYNOPSIS" - -.PP -\fBgsexec\fR -\fBV\fR - - -.SH "SUMMARY" - -.PP -gsexec is used by the Apache HTTP Server to switch to another user before -executing CGI programs\&. In order to achieve this, it must run as root\&. -Since the HTTP daemon normally doesn't run as root, the gsexec executable -needs the setuid bit set and must be owned by root\&. It should never be -writable for any other person than root\&. - -.PP -gsexec is based on Apache's suexec. -For further information about the concepts and the security model of -the original suexec -please refer to the suexec documentation: - -(http://httpd\&.apache\&.org/docs-2\&.0/suexec\&.html)\&. - - -.SH "OPTIONS" - - -.TP --V -If you are root, this option displays the compile options of gsexec\&. -For security reasons all configuration options are changeable only at -compile time\&. - diff --git a/org.gridsite.core/doc/htcp.1 b/org.gridsite.core/doc/htcp.1 deleted file mode 100644 index 984aaaf..0000000 --- a/org.gridsite.core/doc/htcp.1 +++ /dev/null @@ -1,147 +0,0 @@ -.TH htcp 1 "July 2004" htcp "HTCP Manual" -.SH NAME -.B htcp, htrm, htls, htll, htmkdir -\- get, put, delete or list HTTP/HTTPS files or directories -.SH SYNOPSIS -.B htcp [options] -.I Source-URL[s] [Destination URL] -.SH DESCRIPTION -.B htcp -is a client to fetch files or directory listings from remote servers using -HTTP or HTTPS, or to put or delete files or directories onto remote servers -using HTTPS. htcp is similar to scp(1), but uses HTTP/HTTPS rather than ssh -as its transfer protocol. - -When talking to an HTTPS server, htcp can run "anonymously", with a -standard X.509 user certificate and key, or with a GSI Proxy. This makes -htcp very useful in Grid environments where many users have certificates -and where jobs and users have access to GSI proxies. - -.SH URLs -htcp supports the file:, http: and https: URL schemes as sources and -destinations. If no scheme is given, the URL scheme is assumed to be file: -and relative to the current directory if not an absolute path. - -If multiple sources are given, they will be used in turn and the destination -must be a directory (directories are indicated by a trailing /) However, -source and destination cannot both refer to remote servers. - -.SH OPTIONS -.IP "-v/--verbose" -Turn on debugging information. Used once, this option will enable htcp's -messages to stderr. Used twice, will also enable the underlying libcurl -messages. - -.IP "--delete" -Instead of copying files, delete all the URLs given on the command line. -Calling the program as htrm has the same effect. - -.IP "--list" -.br -Instead of copying files, output lists of files located in the URL-directories -given on the command line. Calling the program as htls has the same effect. - -.IP "--long-list" -Instead of copying files, output long listings of files located in the -URL-directories given on the command line. If available, the size in bytes -and modification time of each file is given. Calling the program as -htll has the same effect. - -.IP "--mkdir" -Instead of copying files, attempt to create a directory on a remote server -with HTTP PUT. The server must support the convention that PUT to a URL with -a trailing slash means create a directory. No file body is sent. Calling the -program as htmkdir has the same effect. - -.IP "--anon" -.br -Do not attempt to use X.509 user certificates or GSI proxies to authenticate -to the remote HTTPS server. This means you are "anonymous", but the server's -identity may still be verified and the connection is still encrypted. - -.IP "--cert and --key " -Path to the PEM-encoded -X.509 or GSI Proxy user certificate and key to use for HTTPS -connections, intead of "anonymous mode." If only one of --key or --cert -is given, then that will be tried for both. If neither is given, then the -following order of precedence is used: -the file name held by the variable X509_USER_PROXY; the file -/tmp/x509up_uID (with Unix UID equal to ID); the file names held by -X509_USER_CERT / X509_USER_KEY; the files ~/.globus/usercert.pem and -~/.globus/userkey.pem (where ~/ is the home directory of the user.) - -.IP "--capath " -Path to the PEM-encoded CA root certificates to use when -verifying remote servers' host certificates in HTTPS connections. Ideally -this should be a directory of hash.0 files as described in the OpenSSL -verify(1) man page, but a file may be used instead. If --capath is not -given, the value of the environment variable X509_CERT_DIR will be tried. -If this is not valid, then /etc/grid-security/certificates will be used. - -.IP "--no-verify" -Do not use CA root certificates to verify remote servers' host certificates. -This is useful for testing sites before their certificate is set up properly, -but leaves you vulnerable to "man in the middle" attacks by hostile servers -masquerading as your target. - -.IP "--downgrade-size " -Try to use HTTP-Downgrade for HTTPS URLs. Compatible servers will perform -authentication and authorization on the HTTPS connection and then redirect -to HTTP for the GET or PUT file transfer. htcp makes the HTTP request using -the GRID_AUTH_ONETIME single-use passcode obtained via HTTPS. The downgrade -option will be ignored for directory operations, HTTP URLs, or if the file -size is less than the value given. If a downgraded transfer isn't possible, -a normal HTTPS data transfer will be done. - -.SH FILES -.IP /tmp/x509up_uID -Default GSI Proxy file for Unix UID equal to ID. - -.IP /etc/grid-security/certificates -Default location for trusted Certification Authority root certificates to use -when checking server certificates. - -.IP /tmp/.ca-roots-XXXXXX -Prior to 7.9.8, the underlying curl library did not support the CA root -certificates directory. -If built with an old version of libcurl, htcp will concatenate the -certificates in the CA roots directory into a unique temporary file and use -that. - -.SH ENVIRONMENT - -.IP X509_CERT_DIR -Holds directory to search for Certification Authority root certificates when -verifying server certificates. (Tried if --capath is not given on the -command line.) - -.IP X509_USER_PROXY -Holds file name of a GSI Proxy to use as user certificate. (Tried if --cert or ---key are not given on the command line.) - -.IP "X509_USER_CERT and X509_USER_KEY" -Holds file name of X.509 user certificate and key. (Tried if X509_USER_PROXY -is not valid.) - -.SH EXIT CODES -0 is returned on complete success. Curl error codes are returned when -reported by the underlying curl library, and CURLE_HTTP_RETURNED_ERROR (22) -is returned when the HTTP(S) server returns a code outside the range 200-299. -The manpage libcurl-errors(3) lists all the curl error codes. - -.SH TO DO -Recursive copying. Server-side wildcards. Parallel streams. Error recovery. - -.SH BUGS -Not enough beta testing (hint hint...) - -.SH AUTHOR -Andrew McNab - -htcp is part of GridSite: http://www.gridsite.org/ -.SH "SEE ALSO" -.BR scp(1), -.BR curl(1), -.BR wget(1), -.BR verify(1), -.BR libcurl-errors(3) diff --git a/org.gridsite.core/doc/htll.1 b/org.gridsite.core/doc/htll.1 deleted file mode 100644 index 11a60d1..0000000 --- a/org.gridsite.core/doc/htll.1 +++ /dev/null @@ -1 +0,0 @@ -.so man1/htcp.1 diff --git a/org.gridsite.core/doc/htls.1 b/org.gridsite.core/doc/htls.1 deleted file mode 100644 index 11a60d1..0000000 --- a/org.gridsite.core/doc/htls.1 +++ /dev/null @@ -1 +0,0 @@ -.so man1/htcp.1 diff --git a/org.gridsite.core/doc/htmkdir.1 b/org.gridsite.core/doc/htmkdir.1 deleted file mode 100644 index 11a60d1..0000000 --- a/org.gridsite.core/doc/htmkdir.1 +++ /dev/null @@ -1 +0,0 @@ -.so man1/htcp.1 diff --git a/org.gridsite.core/doc/htrm.1 b/org.gridsite.core/doc/htrm.1 deleted file mode 100644 index 11a60d1..0000000 --- a/org.gridsite.core/doc/htrm.1 +++ /dev/null @@ -1 +0,0 @@ -.so man1/htcp.1 diff --git a/org.gridsite.core/doc/httpd-fileserver.conf b/org.gridsite.core/doc/httpd-fileserver.conf deleted file mode 100644 index 5e1196b..0000000 --- a/org.gridsite.core/doc/httpd-fileserver.conf +++ /dev/null @@ -1,148 +0,0 @@ -############################################################################## -## GridSite httpd-fileserver.conf - Andrew McNab -## -## Example configuration file for GridSite as an HTTP(S) fileserver. -## -## For GridSite documentation, see http://www.gridsite.org/ -## -## This file should be renamed /etc/httpd/conf/httpd.conf and Apache -## restarted to use Apache2/GridSite as a simple HTTP(S) fileserver. -## -## You do not need to install the GridSite mod_ssl.so module if you -## do not wish to use Globus Proxies or VOMS attributes, but you must -## have the mod_gridsite.so in /usr/lib/httpd/modules -## -## We're assuming you have (a) the host's hostcert.pem and hostkey.pem -## in /etc/grid-security/ and (b) the Certification Authorities' you -## trust have their root certs in /etc/grid-security/certificates -## -## (You can get RPMs for many European and North American Grid CAs -## from https://datagrid.in2p3.fr/distribution/datagrid/security/ ) -## -## If you want to use DN Lists in ACLs, they should be placed/downloaded -## in /etc/grid-security/dn-lists/ -## -## To start serving files, make a directory /var/www/htdocs owned by -## nobody.nobody, including the file .gacl containing: -## -## -## -## -## -## -## -## -## To enable writing, add DN List, Person or VOMS entries to the GACL -## (see the GridSite GACL document for the syntax.) For example: -## -## -## -## -## -## -## -## -## /C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew McNab -## -## -## -## -## -## and add the following directive to the HTTPS section: -## -## GridSiteMethods GET PUT DELETE -## -## If you wish to accept Globus GSI Proxies as well as full X.509 user -## certificates, set GridSiteGSIProxyLimit to the depth of proxy you -## wish to accept. -## -## (As a _rough_ guide: 0=No Proxies; 1=Proxy on user's machine; 2=Proxy -## owned by running Globus job; 3=Proxy delegated by a Globus job.) -## -## With this done and Apache restarted, you can upload a file with: -## -## curl -v --cert ~/.globus/usercert.pem --key ~/.globus/userkey.pem \ -## --capath /etc/grid-security/certificates --upload-file /tmp/tmp.txt \ -## https://INSERT.HOSTNAME.HERE/tmp.txt -## -## (or with --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` to use -## a Globus GSI Proxy created with grid-proxy-init.) -############################################################################## - -ServerRoot "/etc/httpd" - -PidFile logs/httpd.pid - -Timeout 300 -KeepAlive On -MaxKeepAliveRequests 100 -KeepAliveTimeout 15 - -LoadModule log_config_module /usr/lib/httpd/modules/mod_log_config.so -LoadModule ssl_module /usr/lib/httpd/modules/mod_ssl.so -LoadModule gridsite_module /usr/lib/httpd/modules/mod_gridsite.so -LoadModule mime_module /usr/lib/httpd/modules/mod_mime.so -LoadModule dir_module /usr/lib/httpd/modules/mod_dir.so - -TypesConfig /etc/mime.types - -# User and group who will own files created by Apache -User nobody -Group nobody - -DocumentRoot "/var/www/htdocs" - - - AllowOverride None - - -LogLevel debug -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined - -CustomLog logs/httpd-gridsite-access combined -ErrorLog logs/httpd-gridsite-errors - -HostnameLookups On - -###################################################################### -# Plain unauthenticated HTTP on port 80 -###################################################################### - -Listen 80 - - - - GridSiteIndexes on - GridSiteAuth on - GridSiteDNlists /etc/grid-security/dn-lists/ - - - - -###################################################################### -# Secured and possibly authenticated HTTPS on port 443 -###################################################################### -Listen 443 -SSLSessionCacheTimeout 300 -SSLSessionCache dbm:/var/cache/mod_ssl/scache -# This version of GridSite is NOT compatible with the SHM SSL cache!!! - - -SSLEngine on -SSLCertificateFile /etc/grid-security/hostcert.pem -SSLCertificateKeyFile /etc/grid-security/hostkey.pem -SSLCACertificatePath /etc/grid-security/certificates -#SSLCARevocationPath YOUR CRL DIRECTORY WOULD GO HERE -SSLVerifyClient optional -SSLVerifyDepth 10 -SSLOptions +ExportCertData +StdEnvVars - - - GridSiteIndexes on - GridSiteAuth on - GridSiteDNlists /etc/grid-security/dn-lists/ - GridSiteGSIProxyLimit 0 -# GridSiteMethods GET PUT DELETE - - - diff --git a/org.gridsite.core/doc/httpd-webserver.conf b/org.gridsite.core/doc/httpd-webserver.conf deleted file mode 100644 index 6919c9b..0000000 --- a/org.gridsite.core/doc/httpd-webserver.conf +++ /dev/null @@ -1,220 +0,0 @@ -############################################################################## -## GridSite httpd-webserver.conf - Andrew McNab -## -## Example configuration file for GridSite as a Web Server -## (that is, primarily for interactive use with a browser.) -## -## For GridSite documentation, see http://www.gridsite.org/ -## -## This file should be renamed /etc/httpd/conf/httpd.conf and Apache -## restarted to use Apache2/GridSite as a webserver. -## -## You do not need to install the GridSite mod_ssl.so module if you -## do not wish to use Globus Proxies or VOMS attributes, but you must -## have the mod_gridsite.so in /usr/lib/httpd/modules -## -## We're assuming you have (a) the host's hostcert.pem and hostkey.pem -## in /etc/grid-security/ and (b) the Certification Authorities' you -## trust have their root certs in /etc/grid-security/certificates -## -## (You can get RPMs for many European and North American Grid CAs -## from https://datagrid.in2p3.fr/distribution/datagrid/security/ ) -## -## If you want to use DN Lists in ACLs, they should be placed/downloaded -## in /etc/grid-security/dn-lists/ or /var/www/htdocs/dn-lists/ -## (Lists in /etc/grid-security/dn-lists/ override lists elsewhere.) -## -## To start serving files, make a directory /var/www/htdocs owned by -## nobody.nobody, including the file .gacl containing: -## -## -## -## -## -## -## -## -## To enable writing, add DN List, Person or VOMS entries to the GACL -## (see the GridSite GACL document for the syntax.) For example: -## -## -## -## -## -## -## -## -## /C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew McNab -## -## -## -## -## -## and add the following directive to the HTTPS section: -## -## GridSiteMethods GET PUT DELETE -## -## If you wish to accept Globus GSI Proxies as well as full X.509 user -## certificates, set GridSiteGSIProxyLimit to the depth of proxy you -## wish to accept. -## -## (As a _rough_ guide: 0=No Proxies; 1=Proxy on user's machine; 2=Proxy -## owned by running Globus job; 3=Proxy delegated by a Globus job.) -## -## With this done and Apache restarted, you can upload a file with: -## -## curl -v --cert ~/.globus/usercert.pem --key ~/.globus/userkey.pem \ -## --capath /etc/grid-security/certificates --upload-file /tmp/tmp.txt \ -## https://INSERT.HOSTNAME.HERE/tmp.txt -## -## (or with --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` to use -## a Globus GSI Proxy created with grid-proxy-init.) -############################################################################## - -ServerRoot "/etc/httpd" - -## You MUST put your server's fully qualified domain name here -## This, the DOMAIN part of the https://DOMAIN/... URLs you want -ServerName FULL.SERVER.NAME - -PidFile logs/httpd.pid - -Timeout 300 -KeepAlive On -MaxKeepAliveRequests 100 -KeepAliveTimeout 15 - -LoadModule log_config_module /usr/lib/httpd/modules/mod_log_config.so -LoadModule ssl_module /usr/lib/httpd/modules/mod_ssl.so -LoadModule gridsite_module /usr/lib/httpd/modules/mod_gridsite.so -LoadModule mime_module /usr/lib/httpd/modules/mod_mime.so -LoadModule dir_module /usr/lib/httpd/modules/mod_dir.so -LoadModule alias_module /usr/lib/httpd/modules/mod_alias.so -LoadModule cgi_module /usr/lib/httpd/modules/mod_cgi.so - -TypesConfig /etc/mime.types - -# User and group who will own files created by Apache -User nobody -Group nobody - -DocumentRoot "/var/www/htdocs" - - - AllowOverride None - - -LogLevel debug -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined - -CustomLog logs/httpd-gridsite-access combined -ErrorLog logs/httpd-gridsite-errors - -HostnameLookups On - -###################################################################### -# Plain unauthenticated HTTP on port 80 -###################################################################### - -Listen 80 - - -## This is used to serve the Manage Directory links in footers, -## and to allow you to edit files and ACLs via your browser. -ScriptAlias /real-gridsite-admin.cgi /usr/sbin/real-gridsite-admin.cgi - - - ## This sets up GACL authorization for this server. - GridSiteAuth on - - ## This exports various bits of info into the CGI environment - ## variables (and is needed for gridsite-admin.cgi to work.) - GridSiteEnvs on - - ## Nice GridSite directory listings (without truncating file names!) - GridSiteIndexes on - - ## If this is on, GridSite will look for gridsitehead.txt and - ## gridsitefoot.txt in the current directory or its parents, and - ## use them to replace the and tags in .html files. - GridSiteHtmlFormat on - - ## These directives (and the ScriptAlias above) allow authorized - ## people to manage files, ACLs and DN Lists through their web - ## browsers. Via HTTP, this just means extended directory listings - ## and History pages. - GridSiteAdminURI /real-gridsite-admin.cgi - GridSiteAdminFile gridsite-admin.cgi - - - - -###################################################################### -# Secured and possibly authenticated HTTPS on port 443 -###################################################################### -Listen 443 -SSLSessionCacheTimeout 300 -SSLSessionCache dbm:/var/cache/mod_ssl/scache -# This version of GridSite is NOT compatible with the SHM SSL cache!!! - - -SSLEngine on -SSLCertificateFile /etc/grid-security/hostcert.pem -SSLCertificateKeyFile /etc/grid-security/hostkey.pem -SSLCACertificatePath /etc/grid-security/certificates -#SSLCARevocationPath YOUR CRL DIRECTORY WOULD GO HERE -SSLVerifyClient optional -SSLVerifyDepth 10 -SSLOptions +ExportCertData +StdEnvVars - -## This is used to serve the Manage Directory links in footers, -## and to allow you to edit files and ACLs via your browser. -ScriptAlias /real-gridsite-admin.cgi /usr/sbin/real-gridsite-admin.cgi - - - ## This sets up GACL authorization for this server. - GridSiteAuth on - - ## This exports various bits of info into the CGI environment - ## variables (and is needed for gridsite-admin.cgi to work.) - GridSiteEnvs on - - ## Nice GridSite directory listings (without truncating file names!) - GridSiteIndexes on - - ## If this is on, GridSite will look for gridsitehead.txt and - ## gridsitefoot.txt in the current directory or its parents, and - ## use them to replace the and tags in .html files. - GridSiteHtmlFormat on - - ## This is the path of directories (and all their subdirectories) for - ## GACL to search when it encounters a dn-list credential. The DN List - ## files are plain text, one DN per line, and must have the full url - ## as the file name, but URL Encoded - eg with urlencode(1) - GridSiteDNlists /etc/grid-security/dn-lists/:/var/www/htdocs/dn-lists/ - - ## This is used to form the URL at which DN Lists "owned" by this - ## server are exported. https://FULL.SERVER.NAME/dn-lists/file - ## ALL FILES WITH URLs ON THIS SERVER WILL BE EXPORTED IRRESPECTIVE - ## OF WHERE THEY ARE FOUND ON THE DN-LISTS PATH!! - GridSiteDNlistsURI /dn-lists/ - - ## If this is greater than zero, we will accept GSI Proxies for clients - ## (full client certificates - eg inside web browsers - are always ok) - GridSiteGSIProxyLimit 0 - - ## This directive allows authorized people to write/delete files - ## from non-browser clients - eg with htcp(1) - GridSiteMethods GET PUT DELETE - - ## These directives (and the ScriptAlias above) allow authorized - ## people to manage files, ACLs and DN Lists through their web - ## browsers via HTTPS. The value of GridSiteAdminFile appears to - ## exist in every directory, but is internally redirected by - ## mod_gridsite to the value of GridSiteAdminURI (the ScriptAlias - ## then maps that onto the real-gridsite-admin.cgi executable.) - GridSiteAdminURI /real-gridsite-admin.cgi - GridSiteAdminFile gridsite-admin.cgi - - - diff --git a/org.gridsite.core/doc/index.html b/org.gridsite.core/doc/index.html deleted file mode 100644 index a93f2cb..0000000 --- a/org.gridsite.core/doc/index.html +++ /dev/null @@ -1,92 +0,0 @@ -GridSite 1.1.x Documentation - -

GridSite 1.1.x Documentation

- -

-GridSite -is a set of extensions to the Apache 2.0 webserver, which support -Grid security based on X.509 certificates. Since GridSite applies access -control within Apache itself, via mod_gridsite, Grid authorization and -the associated verified credentials are available to all technologies -supported by Apache, including static file serving, SSI, CGI, PHP, JSP and -mod_perl. - -

Guides

- -

-

-
User Guide -
End-user documentation for people managing webpages and files on - GridSite servers, either through the web interface or with command - line clients like htcp. -

- -

Admin Guide -
For people administering areas of GridSite websites or fileservers, or - managing GridSite's support for DN List groups. -

- -

Building and Installation -
Instructions for building GridSite from source, and installing from - binaries or RPMs. -

- -

Config Guide -
For webmasters setting up Apache 2.0 and GridSite, and writing the - Apache httpd.conf file. -

- -

httpd-fileserver.conf and - httpd-webserver.conf -
Example configuration files for simple HTTP(S) fileservers and - webservers, with explanatory comments. -

- -

- -

Reference

- -

-

-
Grid Access Control Lists -
Syntax and usage of the XML Grid Access Control Lists used by GridSite. -

- -

htcp and - urlencode man pages -
Command line tools for copying files to or from HTTP(S) servers, and - for URL-encoding strings. -

- - - -

mod_gridsite -
An Apache 2.0 module which enforces access control via Grid Access - Control Lists, and X.509, GSI or VOMS credentials. mod_gridsite also - gives Apache built-in support for the HTTP PUT and DELETE methods, and - formatting of HTML pages with standard headers and footers. -

- - - -

gridsite.h API reference -
A detailed description of the C API provided by libgridsite, generated - from the sources by doxygen. -

- -

- - diff --git a/org.gridsite.core/doc/install.html b/org.gridsite.core/doc/install.html deleted file mode 100644 index a5845de..0000000 --- a/org.gridsite.core/doc/install.html +++ /dev/null @@ -1,158 +0,0 @@ -GridSite: Building and Installation Guide - -

GridSite: Building and Installation Guide

- -

-This Guide explains how to build GridSite from source, and how to install -the server components alongside an Apache 2.0 webserver. There is a -separate Config Guide which explains how to modify -the httpd.conf file, and how to set up other files and directories used by -the system. You should look through all of this Building and Installation -Guide to decide which is the easiest route for your system. - -

Installing with RPM

- -

-If you are installing on Linux with a binary RPM release, you can skip -most of this Guide, install the binary rpm(s) and go straight -to the Config Guide. - - - -

-RedHat 9, Fedora, RHEL, Scientific Linix: -This is the simpler case, since the standard release includes a suitable -version of Apache 2.0: just install the gridsite-...-1.i386.rpm to get the -various GridSite components. - -

-Earlier, eg RedHat 7.3: -This is more complicated because you must also install a back-ported Apache -2.0 RPM or build it from source. - - -

-GridSite also depends on shared libraries from libcurl and libxml2, and the -RPMs distributed as part of the standard RedHat, from 7.3 onwards, are -sufficient. - -

-With the RPMs installed, you can proceed to the -Config Guide. - -

Requirements for building GridSite from source

- -

-GridSite is currently only supported on Linux, but should be -straightforwardly -portable to other Unix platforms where the GNU build tools are available. - -

-GridSite consists of a core library (libgridsite[.so|.a]), an Apache module -(mod_gridsite.so), a CGI utility (gridsite-admin.cgi) and some command line -tools (htcp, urlencode.) - -

-All of the components use the GridSite library, and this in turn depends on -libcurl and libxml2. You will need the development versions of these -packages installed before you can proceed. - - -

Building GridSite with Make

- -

-Our download area at - -https://www.gridsite.org/download/ includes a tar-ball -distribution of the sources, which can be unpacked and used to build -GridSite from source. (Bleeding-edge developers can get the current snapshot -of the same files from our CVS area.) - -

-GridSite needs a copy of the Apache 2.0 include files to build, and the -location of this is set by the MYCFLAGS variable in the top-level Makefile. -For manual builds, the default -MYCFLAGS=-I/usr/local/include/httpd is used. -If you wish to use the GridSite module with Apache -2.0 installed elsewhere, you should change the MYCFLAGS variable to point to -the includes directory installed by the development part of that Apache 2.0 -distribution. - -

-

-make 
-make install
-
- -

-will build all components and install them all under the default -locations of /usr/local/[lib|bin|include|sbin] The default prefix for manual -builds is -/usr/local, as set by the prefix variable in the top level Makefile -(/usr is the default for RPMs.) - -

Building GridSite with RPM

- -

-For RedHat Linux and derivatives, building with RPM is recommended. -The command make rpm in the top level of the source tree -will build the GridSite and htcp binary RPMs in the -directory ../RPMTMP/RPMS/i386 relative to the working directory. An SRPM is -put into ../RPMTMP/SRPMS -This build assumes the Apache 2.0 includes are in /usr/include/httpd. - - - -

-For other configurations, -you can modify the assumed location of the Apache 2.0 includes -by changing the MYCFLAGS variable in the rpm target near the -foot of the top level Makefile. - -

Building Apache 2.0

- -

-If it is not possible to use binary RPMs of Apache 2.0, -then it can be built from source using the build-apache2.sh script -found in the GridSite docs directory. -The script includes instructions on how to build from the tarballs -distributed by the Apache Foundation. -(it removes the -C option from "configure -C" in the .spec file -and builds the RPMs under the current directory.) - -

-If these targets do not work on your build platform, -the Makefile and the scriptlets in the included SPEC files are a good -starting point for building Apache by hand yourself. The complexities of -this are outside of the scope of this Guide, but you are welcome to ask for -assistance on the -GridSite -Discussion List, although -www.apache.org is a better starting -point for purely Apache problems. - - diff --git a/org.gridsite.core/doc/library.html b/org.gridsite.core/doc/library.html deleted file mode 100644 index 28458ae..0000000 --- a/org.gridsite.core/doc/library.html +++ /dev/null @@ -1 +0,0 @@ -library docs diff --git a/org.gridsite.core/doc/module.html b/org.gridsite.core/doc/module.html deleted file mode 100644 index 9cc97d4..0000000 --- a/org.gridsite.core/doc/module.html +++ /dev/null @@ -1,350 +0,0 @@ -GridSite Apache module: mod_gridsite - -

GridSite Apache module: mod_gridsite

- -

-mod_gridsite is an Apache 2.0 module which enforces access control via Grid -Access Control Lists, and X.509, GSI or VOMS credentials. mod_gridsite also -gives Apache built-in support for the HTTP PUT and DELETE methods, and -formatting of HTML pages with standard headers and footers. - -

-Since mod_gridsite access -control within Apache itself, Grid authorization and -the associated verified credentials are available to all technologies -supported by Apache, including static file serving, SSI, CGI, PHP, mod_perl -and Java servlets via a connector to Tomcat. - -

-Operation of mod_gridsite can be configured using runtime directives -in Apache's standard httpd.conf configuration file. The module must first be -loaded with a LoadModule directive: - -

-LoadModule gridsite_module /PATH/TO/MODULES/mod_gridsite.so - -

-The module's behaviour is then controlled by GridSite... directives within -Apache <Directory ...> sections, allowing different directories to use -GridSite features in different ways. - -

GridSite directives

- -
-
GridSiteIndexes on|off -
Determines whether GridSite generates HTML directory listings. These - have some advantages over standard Apache directory listings (eg the - displayed filenames are never truncated) and will include standard - headers and footers if GridSiteHtmlFormat is on. -
- (Default: GridSiteIndexes off) -

- -

GridSiteIndexHeader file -
If the named file is found in the directory being listed, the file - is included verbatim at the top of the listing and excluded from - the file-by-file listing. The file can either be HTML or plain text (in - which case browsers will be treat it as one HTML paragraph.) -
- (Default: none) -

- -

GridSiteHtmlFormat on|off -
Determines where HTML pages receive additional formatting before being - sent to the client. This includes the "Last modified", - "View page history", "Switch to HTTP(S)", - "Print View" and "Built with GridSite" footer - elements. If header and footer files are found, they will be used too. -
- (Default: GridSiteHtmlFormat off) -

- -

GridSiteHeadFile file
- GridSiteFootFile file -
Set the filenames to be searched for as standard headers and footers - for HTML pages. For each HTML page, the directory of that page is tried - first, and then parent directories in ascending order until a header / - footer file is found. Header files are inserted in place of HTML - <body[ ...]> tags; footer files in place of </body>. (These - standard files should each include the appropriate body tag as a - replacement.) -
- (Defaults: GridSiteHeadFile gridsitehead.txt, - GridSiteFootFile gridsitefoot.txt) -

- -

GridSiteAuth on|off -
Enables GridSite access control features, using - GACL files. The files are named .gacl and are - per-directory. The current directory is tried and then parent - directories in ascending order until a .gacl file is found. -
- (Default: GridSiteAuth off) -

- -

GridSiteAdminList uri -
All members of the DN List with name "uri" receive the full set - of permissions, irrespective of per-directory .gacl files. People in - this group have full control over the whole site. -
- (Default: none) -

- -

GridSiteGSIProxyLimit limit -
When using GSI Proxy credentials, - proxies with delegation depth greater than "limit" will - be ignored by mod_gridsite authorization decisions. A limit of zero - implies only full X.509 - certificates (and no proxies) will be accepted. A limit of 1 implies - that only the initial proxy, usually created on the user's own machine, - is acceptable. Higher levels lead to proxies on remote machines, eg - used by running jobs, being accepted. -
- (Default: GridSiteGSIProxyLimit 1) -

- -

GridSiteMethods [GET] [PUT] [DELETE] -
Specifies which HTTP methods are supported by GridSite. GET (and HEAD) - are always supported. PUT and DELETE support is turned on by this - directive, subject to a positive statement that write permission is - allowed for the directory in question, by a GACL file. -
- (Default: GridSite GET) -

- -

GridSiteDNlists directory1[:directory2[:directory3]...] -
Sets up the DN List path used by GACL for - evaluating <dn-list> credentials. If this directive is not used, - then GACL will use the GRST_DN_LISTS variable from Apache's own - environment. If that is not set either, then /etc/grid-security/dn-lists - is searched. -
- (Default: none) -

- -

GridSiteDNlistsURI uri -
If GridSiteDNlistsURI is used, then the URI given appears to be - populated with all the DN lists on the current DN lists path which - match the current server. That is, for server https://example.org/ - with DN lists URI /dn-lists/, all DN lists with URLs starting - https://example.org/dn-lists/ will appear to be present in /dn-lists/, - irrespective of where in the path they are stored. -
- (Default: none) -

- -

GridSiteAdminURI uri -
GridSiteAdminURI gives the absolute URI on the server of the GridSite - Admin CGI program, which is used for file management, HTML and GACL - editing. This should be used in conjunction with the standard Apache - directive ScriptAlias to map that URI to the real-gridsite-admin.cgi - executable. For example: -
- ScriptAlias /real-gridsite-admin.cgi - /PATH/TO/real-gridsite-admin.cgi -
- This URI is always reached by an internal redirection from the value - set by GridSiteAdminFile, and is never visible to users. -
- (Default: none) -

- -

GridSiteAdminFile cgifilename -
If GridSiteAdminURI is set, then the cgifilename of GridSiteAdminFile - appears to be present in all directories when explicitly - requested (it does not appear in directory listings.) Requests for these - ghost CGI URIs are internally redirected to the value set by - GridSiteAdminURI. -
- (Default: GridSiteAdminFile gridsite-admin.cgi) -

- -

GridSiteEnvs on|off -
This makes mod_gridsite export several variables into the environment - of CGI programs and other dynamic content systems. The variable names - are listed below. For gridsite-admin.cgi mechanism to work, this switch - must be left in its default state of on. -
- (Default: GridSiteEnvs on) -

- -

GridSiteEditable [ext1 [ext2 [ext3] ...]]] -
A space-separated list of file extensions which can safely be edited - by the GridSite Text/HTML editor. The extensions are given without the - initial dot. -
- (Default: GridSiteEditable txt shtml html htm css js php jsp) -

- -

GridSiteHelpURI uri -
If set, gives the URI to use for "Website Help" links in HTML - page footers. -
- (Default: none) -

- -

GridSiteLink on|off -
Turns off the link in the HTML page footers which gives credit to - GridSite. -
- (Default: GridSiteLink on) -

- -

GridSiteUnzip path -
If "path" is set by this directive, then real-gridsite-admin.cgi - will offer to list the contents of .zip archives on the server. - Users with write access are able to unpack the contents into the same - directory as the .zip file. The value of "path" must point - to the location of the - unzip binary. -
- (Default: none) -

- -

GridSiteDowngrade on|off -
Enable HTTPS Downgrade for this server, virtual server or directory: - HTTPS requests made with the header HTTP-Downgrade-Size: - will be redirected to an HTTP version of the file, unless the file is - smaller than the given size. -
- (Default: off) -

- -

GridSiteAuthCookiesDir path -
Location of authentication cookies directory, relative to ServerRoot. - Used by HTTPS Downgrade to record the credentials obtained via HTTPS, - and available to the corresponding HTTP request. -
- (Default: gridauthcookies) -

- -

GridSiteACLFormat GACL|XACML -
Format to use when writing .gacl files. (Both formats are automatically - recognised when reading.) -
- (Default: GACL) -

- -

GridSiteExecMethod nosetuid|suexec|X509DN|directory -
Execution strategy for CGI scripts and executables. For options other - than nosetuid, suexec (or gsexec renamed suexec) must installed. For - X509DN and directory, gsexec must be installed, as suexec. -
- With X509DN, the CGI process runs as a pool user, detemined using lock - files in the pool mapping directory chosen as build time of gsexec. - (/var/www/execmapdir by default.) The pool user is chosen according - to the client's full certificate X.509 DN (ie without any GSI proxy - name components.) -
- With directory, the CGI process runs as a pool user chosen according - to the directory in which the CGI is located: all CGIs in that directory - run as the same pool user. -
- (Default: nosetuid) -

- -

GridSiteUserGroup user group -
Unix user and group when using suexec (or gsexec as suexec.) This - is equivalent to the suexec SuexecUserGroup directive, but can be - specified on a per-directory basis. -
- (Default: none) -

- -

GridSiteDiskMode GroupNone|GroupRead|GroupWrite WorldNone|WorldRead -
The file creation permissions mode, taking two arguments to specify - the group and other permissions. The mode always includes read and write - permission for the CGI user itself. -
- (Default: GroupNone WorldNone) -

- -

- -

Environment variables

- -

-The following variables are present in the environment of CGI programs and -other dynamic content systems if the GridSiteEnvs on directive is -in effect. - -

-

-
GRST_PERM -
Numerical value of the permission bit-map obtained by comparing the - user with the GACL in force. (These should be tested using the - GRSTgaclPermHasXXXX functions from GACL.) -

- -

GRST_ADMIN_LIST -
URI of the DN List, listing people with full admin and write access - to the whole site. -

- -

GRST_GSIPROXY_LIMIT -
Maximum valid delegation level for GSI Proxies. -

- -

GRST_DIR_PATH -
Absolute path in the local filesystem to the directory holding the - file being requested. -

- -

GRST_HELP_URI -
URI of website help pages set by GridSiteHelpURI directive. -

- -

GRST_ADMIN_FILE -
Filename of per-directory ghost gridsite-admin.cgi program. (This is - used by real-gridsite-admin.cgi to construct links in its pages.) -

- -

GRST_EDITABLE -
Space-separated list of extensions which can safely be edited with a - Text/HTML editor. -

- -

GRST_HEAD_FILE and GRST_FOOT_FILE -
Filenames of standard header and footer files. -

- -

GRST_DN_LISTS -
DN lists search path. -

- -

GRST_DN_LISTS_URI -
Directory of virtual URIs used to publish this site's DN Lists. -

- -

GRST_UNZIP -
Full path to the unzip binary, used to list and unpack .zip files. -

- -

GRST_NO_LINK -
If set, do not include credit links to GridSite in page footers. -

- -

GRST_ACL_FORMAT -
Format to use when writing .gacl files: either GACL or XACML. -

- -

GRST_EXEC_METHOD -
Specified by GridSiteExecMethod, either suexec, X509DN or directory. -

- -

GRST_EXEC_DIRECTORY -
The directory containing the CGI script or executable (used by gsexec - to determine which pool account to use in directory mapping mode.) -

- -

GRST_DISK_MODE -
The Apache disk permission modes bit pattern, in hexadecimal, - starting with 0x. - (Similar to the Unix bit pattern, except with hexadecimal rather than - octal values: eg 0x600 [Apache] vs 0600 [Unix] - are both read/write for user only.) -

- -

- - diff --git a/org.gridsite.core/doc/urlencode.1 b/org.gridsite.core/doc/urlencode.1 deleted file mode 100644 index fe84405..0000000 --- a/org.gridsite.core/doc/urlencode.1 +++ /dev/null @@ -1,46 +0,0 @@ -.TH urlencode 1 "November 2003" urlencode "URLENCODE Manual" -.SH NAME -.B urlencode -\- convert strings to or from URL-encoded form -.SH SYNOPSIS -.B urlencode -[-m|-d] -.I string [string ...] -.SH DESCRIPTION -.B urlencode -encodes strings according to RFC 1738. - -That is, characters A-Z a-z 0-9 . _ -and - are passed through unmodified, but all other characters are -represented as %HH, where HH is their two-digit upper-case hexadecimal ASCII -representation. -For example, the URL http://www.gridpp.ac.uk/ becomes -http%3A%2F%2Fwww.gridpp.ac.uk%2F - -.B urlencode -converts each character in all the strings given on the command line. If -multiple strings are given, they are concatenated with separating spaces -before conversion. - -.SH OPTIONS -.IP "-m" -Instead of full conversion, do GridSite "mild URL encoding" in which A-Z a-z -0-9 . = - _ @ and / are passed through unmodified. This results in slightly -more human-readable strings but the application must be prepared to create -or simulate the directories implied by any slashes. - -.IP "-d" -Do URL-decoding rather than encoding, according to RFC 1738. %HH and %hh -strings are converted and other characters are passed through unmodified, -with the exception that + is converted to space. - -.SH EXIT CODES -0 is always returned. - -.SH BUGS -Not enough beta testing (hint hint...) - -.SH AUTHOR -Andrew McNab - -urlencode is part of GridSite: http://www.gridsite.org/ diff --git a/org.gridsite.core/doc/user.html b/org.gridsite.core/doc/user.html deleted file mode 100644 index ae37cdd..0000000 --- a/org.gridsite.core/doc/user.html +++ /dev/null @@ -1,302 +0,0 @@ -GridSite User Guide - -

GridSite User Guide

- -

If you are setting up a GridSite-based website you may wish to use this -file as the basis of your end-user documentation. If so, copy all of the -files from the GridSite doc directory (probably -/usr/share/doc/gridsite-VERSION/) -to somewhere on your website like -/gridsite-doc/ and add GridSiteHelpURI /gridsite-doc/user.html -to the virtual server configuration in -httpd.conf - you should also look through the rest of the HTML source since -there are some comments you may find helpful. - -

-This Guide is intended for people using GridSite websites with conventional -web browsers, especially people with write access to areas of the site. - There is a separate -Administration Guide - with additional information for people managing access control and group -membership. This Guide assumes you are familiar with basic Web and HTML -concepts. Towards the end we discuss how to access servers with command -line tools like curl and htcp. - -

Reading from HTTP and HTTPS servers

- -

-GridSite servers are usually accessible both via HTTP and via HTTPS. You can -always tell which version you are using by looking at whether the URL in your -browser's location window starts with "http://" or -"https://" HTTPS means that the connection to the server is -encrypted, that you can verify you're talking to the real server and not an -imposter, and gives you the option to authenticate to the site and perhaps -gain write access. - -

- Simple browsing of the website via HTTP or HTTPS is reasonably - self-explanatory. If configured, additional links may appear in the footer - of each webpage with links to this help, - - and to switch between HTTP and HTTPS versions of the page. Pages may also - have a link to the page History, - - showing the dates of changes to that page and names of its authors. - -

- When looking at HTTPS pages, you may find your browser reports it cannot - verify the server's certificate since it does not recognise the - Certification Authority (CA) it uses. You should attempt to load the CA's - root certificate into your browser to stop these warnings. (This means your - browser will be able to identify any servers using fake certificates which - you shouldn't trust.) How you obtain the CA Root Certificate from a - trust-worthy source depends on the CA. For example, the UK e-Science CA - lets you download it from their - website. - - -

Authenticating

- -

- To go beyond reading pages you need to obtain a user certificate and load it - into your web browser. How you do this again depends on the Certification - Authority you have access to (for most Grid projects, CAs are organised - on a national basis.) To use the UK e-Science CA example again, - from their website has links to - the procedure for applying for a certificate from within a web browser. - - -

-A user certificate usually has a version of your name and affiliation as its -Distinguished Name (DN) - for example, -"/C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew McNab" - -

-Once you've obtained a user certificate in your name from your CA, you need -to make sure it is loaded into the browser you normally use to browse the -web. How you do this is different for different browsers and to some extent -for different CAs (but if you applied -for the CA through your browser, you may already have it there.) - -

-Browsers want the certificate and private key in the PKCS#12 format, which -is normally a single file with the extension ".p12". -Many programs which are based on OpenSSL, such as Globus and curl, prefer -the PEM (".pem") format for certificates, with separate -certificate and key files ("usercert.pem" and -"userkey.pem", for example.) If you only have the files in .pem -format and have access to openssl, you -can use its command line tools to convert PEM to PKCS#12: -

-openssl pkcs12 -in usercert.pem -inkey userkey.pem -export -out certkey.p12
-
- -

-Be very careful not to accidentally overwrite .pem or .p12 files when -doing this kind of thing! In particular, if you lose your private key, you -cannot retrieve it from your CA. - -

- Once your user certificate is loaded, you should be able to see your - certificate name appear when you look at an HTTPS GridSite page which has - the page footers enabled - for example, the "Switch to HTTP" link - present. If GridSite understands your user certificate, it displays a - "You are ..." line in the footer. (However, the Apache webserver - must also be set up with your CAs root certificate for this to work. The - GridPP HTTPS home page is set up - to recognise a good range of European and North American Grid CAs.) - - -

Authorization

- -

- Once users can prove their identity to the web server, it then becomes - possible to give them appropriate rights depending on that identity. - GridSite allows site administrators to specify these rights for individuals - and groups using -GACL - access control files. (The -Administration Guide - explains how to manage these files.) GACL defines who can - read files, who can list directories, - who can write or create files and who can modify the GACL policy files. To - get increased access to an area of a site, you need to contact the - administrator for that area and give the DN of your certificate (it's not - necessary to send any certificate files.) - -

Managing Directories and Files

- -

-If you have list permission for the directory containing a page, you should -see an extra link "Manage Directory" in the page's set of footer -links, which allows you to browse the directory even if the normal -index.html is present. If page histories are available, this listing view -also has links to them. - -

-The real power of GridSite becomes available if you have write access to a -directory. In that case, the "Manage Directory" page has -additional links to Delete or Rename pages and other files, and to Edit HTML -and plain text files. An Edit link also appears in the footer links of HTML -pages. - -

-If you use the Edit function, you are presented with an HTML form containing -the current filename and the full HTML or plain text of the page for you to -edit. This allows you to maintain the content of the site "in -place" and to see the result of your changes immediately, in context. - -

-If you modify the filename in the form before saving, GridSite will make a -new file with that name, and the old file will still be present, unmodified. -(However, you cannot use this feature for creating a file in a different -directory.) -As you make changes, the history of the changes and your certificate DN are -recorded, and available in the history page for that file. - -

- For people with write access, the "Manage Directory" page also has - options to upload a file from the computer your browser is running on, and to - create files and directories. If it's enabled, you can also view the - contents of WinZIP / PKZIP / .zip files, and unpack their contents into the - current directory. (This feature is very useful if you have several files - to upload at one time.) - - -

HTML Formatting in GridSite

- -

-As well as providing access control and file management, GridSite provides -some simple formatting of HTML pages by adding standard headers and footers. -(If this isn't sufficient, GridSite will happily coexist with HTML -preprocessor languages like SSI, PHP and JSP.) - -

- If HTML formatting is enabled - for the current directory, GridSite looks for the files gridsitehead.txt and - gridsitefoot.txt in that directory, or goes up through the parent - directories until they are found. - - -

-The <body> and </body> tags from the HTML file are replaced with -the contents of the gridsitehead.txt and gridsitefoot.txt files, which -should normally be chunks of HTML including a replacement <body> -or </body> tag. If either tag is absent from the original page, then -the header or footer is just added rather than being inserted in place of -the tag. (One consequence of this absence is that HTML header tags like -<title> can end up after a <body> tag, and can get ignored by -browsers - so always include <body> ... </body> in your pages.) - -

-This simple system is suprisingly flexible, and allows a variety of top and -bottom, or sidebar navigation layouts of pages. Since the <body ...> -tag is under full control of the author of the gridsitehead.txt file, -backgrounds, colour schemes and style sheets can easily be specified. - -

-For example: - -

- - - - - - - - - -
SourceHTML
page.html<title>PAGE TITLE</title>
page.html
(replaced)		<body>
gridsitehead.txt<body text=blue>
- Heading text
- <table border=1>
<tr>
<td>Standard<br>
- sidebar</td>
<td>
page.html<p>
Page content...
page.html
(replaced)		</body>
gridsitefoot.txt</td>
</tr>
- </table>
Footer text
</body>
- -

-produces pages with a layout like: - -

- - - - -
Heading text
Standard
sidebar		Page content...
Footer text
- -

Command line use

- -

-GridSite adds support for the HTTP PUT and DELETE methods, and this makes it -easy to create or delete files from within programs and commands without -using a web browser and HTML forms. It is straightforward, although slightly -awkward, to use a standard HTTPS-aware client like -curl to upload files, but GridSite -provides htcp as a more convenient client program, which is easier to use -with GSI Proxies and X.509 user certificates, and has a syntax closer to the -familiar scp command. - -

-The following examples assume the GridSite server has GSI support and use a -GSI proxy as the client certificate. For non-GSI use, just skip the -grid-proxy-init stage, and replace the proxy -filename with $HOME/.globus/usercert.pem and $HOME/.globus/userkey.pem (or -wherever your PEM format certificate and key are stored.) - -

-First generate a GSI proxy with grid-proxy-init. This will create a proxy file -in /tmp/x509up_uXXXXX where XXXXX is your Unix UID (also given by id --u.) The GSI proxy contains a -temporary private key and certificate signed by your long-term user -certificate. - -

-You should make sure you have a copy of the CA root certificates of the CA's -used by the servers you wish to talk to. These are usually installed in -/etc/grid-security/certificates as files like 01621954.0, and RPMs and tar -files for many common European and North American CAs are available from - -https://datagrid.in2p3.fr/distribution/datagrid/security/ - -

-To upload a file with curl: -

-curl --cert /tmp/x509up_u`id -n` --key /tmp/x509up_u`id -n` \
-     --capath /etc/grid-security/certificates \
-     --upload-file /tmp/new.file.txt https://server/new.file.txt
-
- -

-The equivalent htcp command is: -

-htcp /tmp/new.file.txt https://server/new.file.txt
-
-since htcp looks for the GSI proxy and CA certificates automatically. htcp -can also be used to copy remote files to the local machine by reversing the -arguments. For more details, see the -htcp(1) man page. - -

-htcp also has options for deleting files, and doing short or long listings, -and these can also be accessed using the htrm, htls and htll commands (which -are normally symbolic links to htcp.) - -

-Directory indexes are based on parsing the index returned by the web server -and by using the HTTP HEAD method to obtain the file size and modification -times. - -

-All of the ht** commands can accept multiple source file arguments, and this -allows you to copy multiple files to or from the server. Shell wildcard -expansion on the local machine is especially useful: -

-htcp /tmp/new.*.txt https://server/
-
- - diff --git a/org.gridsite.core/interface/gridsite-gacl.h b/org.gridsite.core/interface/gridsite-gacl.h deleted file mode 100644 index f739c00..0000000 --- a/org.gridsite.core/interface/gridsite-gacl.h +++ /dev/null @@ -1,188 +0,0 @@ -/* - Copyright (c) 2002-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*---------------------------------------------------------------* - * For more about GridSite: http://www.gridsite.org/ * - *---------------------------------------------------------------*/ - -#ifndef HEADER_GACL_H -#define HEADER_GACL_H -#endif - -#ifndef GACL_LIB_VERSION -#define GACL_LIB_VERSION "x.x.x" -#endif - -typedef GRSTgaclCred GACLcred; - -typedef int GACLaction; -typedef unsigned int GACLperm; - -typedef GRSTgaclEntry GACLentry; - -typedef GRSTgaclAcl GACLacl; - -typedef GRSTgaclUser GACLuser; - -extern char *gacl_perm_syms[]; -extern GACLperm gacl_perm_vals[]; - -#define GACL_PERM_NONE GRST_PERM_NONE -#define GACL_PERM_READ GRST_PERM_READ -#define GACL_PERM_LIST GRST_PERM_LIST -#define GACL_PERM_WRITE GRST_PERM_WRITE -#define GACL_PERM_ADMIN GRST_PERM_ADMIN - -#define GACLhasNone(perm) (perm == 0) -#define GACLhasRead(perm) ((perm & GRST_PERM_READ) != 0) -#define GACLhasList(perm) ((perm & GRST_PERM_LIST) != 0) -#define GACLhasWrite(perm) ((perm & GRST_PERM_WRITE) != 0) -#define GACLhasAdmin(perm) ((perm & GRST_PERM_ADMIN) != 0) - -#define GACL_ACTION_ALLOW GRST_ACTION_ALLOW -#define GACL_ACTION_DENY GRST_ACTION_DENY - -#define GACL_ACL_FILE GRST_ACL_FILE -#define GACL_DN_LISTS GRST_DN_LISTS - -#define GACLinit() GRSTgaclInit() - -#define GACLnewCred(x) GRSTgaclCredNew((x)) -/* GACLcred *GACLnewCred(char *); */ - -#define GACLaddToCred(x,y,z) GRSTgaclCredAddValue((x),(y),(z)) -/* int GACLaddToCred(GACLcred *, char *, char *); */ - -#define GACLfreeCred(x) GRSTgaclCredFree((x)) -/* int GACLfreeCred(GACLcred *); */ - -#define GACLaddCred(x,y) GRSTgaclEntryAddCred((x),(y)) -/* int GACLaddCred(GACLentry *, GACLcred *); */ - -#define GACLdelCred(x,y) GRSTgaclEntryDelCred((x),(y)) -/* int GACLdelCred(GACLentry *, GACLcred *); */ - -#define GACLprintCred(x,y) GRSTgaclCredPrint((x),(y)) -/* int GACLprintCred(GACLcred *, FILE *); */ - - -#define GACLnewEntry() GRSTgaclEntryNew() -/* GACLentry *GACLnewEntry(void); */ - -#define GACLfreeEntry(x) GRSTgaclEntryFree((x)) -/* int GACLfreeEntry(GACLentry *); */ - -#define GACLaddEntry(x,y) GRSTgaclAclAddEntry((x),(y)) -/* int GACLaddEntry(GACLacl *, GACLentry *); */ - -#define GACLprintEntry(x,y) GRSTgaclEntryPrint((x),(y)) -/* int GACLprintEntry(GACLentry *, FILE *); */ - - -#define GACLprintPerm(x,y) GRSTgaclPermPrint((x),(y)) -/* int GACLprintPerm(GACLperm, FILE *); */ - -#define GACLallowPerm(x,y) GRSTgaclEntryAllowPerm((x),(y)) -/* int GACLallowPerm(GACLentry *, GACLperm); */ - -#define GACLunallowPerm(x,y) GRSTgaclEntryUnallowPerm((x),(y)) -/* int GACLunallowPerm(GACLentry *, GACLperm); */ - -#define GACLdenyPerm(x,y) GRSTgaclEntryDenyPerm((x),(y)) -/* int GACLdenyPerm(GACLentry *, GACLperm); */ - -#define GACLundenyPerm(x,y) GRSTgaclEntryUndenyPerm((x),(y)) -/* int GACLundenyPerm(GACLentry *, GACLperm); */ - -#define GACLpermToChar(x) GRSTgaclPermToChar((x)) -/* char *GACLpermToChar(GACLperm); */ - -#define GACLcharToPerm(x) GRSTgaclPermFromChar((x)) -/* GACLperm GACLcharToPerm(char *); */ - -#define GACLnewAcl() GRSTgaclAclNew() -/* GACLacl *GACLnewAcl(void); */ - -#define GACLfreeAcl(x) GRSTgaclAclFree((x)) -/* int GACLfreeAcl(GACLacl *); */ - -#define GACLprintAcl(x,y) GRSTgaclAclPrint((x),(y)) -/* int GACLprintAcl(GACLacl *, FILE *); */ - -#define GACLsaveAcl(x,y) GRSTgaclAclSave((y),(x)) -/* int GACLsaveAcl(char *, GACLacl *); */ - -#define GACLloadAcl(x) GRSTgaclAclLoadFile((x)) -/* GACLacl *GACLloadAcl(char *); */ - -#define GACLfindAclForFile(x) GRSTgaclFileFindAclname((x)) -/* char *GACLfindAclForFile(char *); */ - -#define GACLloadAclForFile(x) GRSTgaclAclLoadforFile((x)) -/* GACLacl *GACLloadAclForFile(char *); */ - -#define GACLisAclFile(x) GRSTgaclFileIsAcl((x)) -/* int GACLisAclFile(char *); */ - - -#define GACLnewUser(x) GRSTgaclUserNew((x)) -/* GACLuser *GACLnewUser(GACLcred *); */ - -#define GACLfreeUser(x) GRSTgaclUserFree((x)) -/* int GACLfreeUser(GACLuser *); */ - -#define GACLuserAddCred(x,y) GRSTgaclUserAddCred((x),(y)) -/* int GACLuserAddCred(GACLuser *, GACLcred *); */ - -#define GACLuserHasCred(x,y) GRSTgaclUserHasCred((x),(y)) -/* int GACLuserHasCred(GACLuser *, GACLcred *); */ - -#define GACLuserFindCredType(x,y) GRSTgaclUserFindCredtype((x),(y)) -/* GACLcred *GACLuserFindCredType(GACLuser *, char *); */ - -#define GACLtestDnList(x,y) GRSTgaclDNlistHasUser((x),(y)) -/* int GACLtestDnList(char *, GACLuser *); */ - -#define GACLtestUserAcl(x,y) GRSTgaclAclTestUser((x),(y)) -/* GACLperm GACLtestUserAcl(GACLacl *, GACLuser *); */ - -#define GACLtestExclAcl(x,y) GRSTgaclAclTestexclUser((x),(y)) -/* GACLperm GACLtestExclAcl(GACLacl *, GACLuser *); */ - - -#define GACLurlEncode(x) GRSThttpUrlEncode((x)) -/* char *GACLurlEncode(char *); */ - -#define GACLmildUrlEncode(x) GRSThttpUrlMildencode((x)) -/* char *GACLmildUrlEncode(char *); */ - -GACLentry *GRSTgaclEntryParse(xmlNodePtr cur); -/* special function for legacy EDG LB service */ diff --git a/org.gridsite.core/interface/gridsite.h b/org.gridsite.core/interface/gridsite.h deleted file mode 100644 index e252019..0000000 --- a/org.gridsite.core/interface/gridsite.h +++ /dev/null @@ -1,287 +0,0 @@ -/* - Copyright (c) 2002-3, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*---------------------------------------------------------------* - * For more about GridSite: http://www.gridsite.org/ * - *---------------------------------------------------------------*/ - -#ifndef HEADER_SSL_H -#include -#endif - -#ifndef HEADER_CRYPTO_H -#include -#endif - -#ifndef FALSE -#define FALSE (0) -#endif -#ifndef TRUE -#define TRUE (!FALSE) -#endif - -/// Everything ok (= OpenSSL X509_V_OK) -#define GRST_RET_OK 0 - -/// Failed for unspecified reason -#define GRST_RET_FAILED 1000 - -/// Failed to find certificate in some cert store / directory -#define GRST_RET_CERT_NOT_FOUND 1001 - -/// Bad signature -#define GRST_RET_BAD_SIGNATURE 1002 - -/// No such file or directory -#define GRST_RET_NO_SUCH_FILE 1003 - -typedef struct { char *name; - char *value; - void *next; } GRSTgaclNamevalue; - -typedef struct { char *type; - int delegation; - GRSTgaclNamevalue *firstname; - void *next; } GRSTgaclCred; - -typedef int GRSTgaclAction; -typedef unsigned int GRSTgaclPerm; - -typedef struct { GRSTgaclCred *firstcred; - GRSTgaclPerm allowed; - GRSTgaclPerm denied; - void *next; } GRSTgaclEntry; - -typedef struct { GRSTgaclEntry *firstentry; } GRSTgaclAcl; - -typedef struct { GRSTgaclCred *firstcred; - char *dnlists; } GRSTgaclUser; - -#define GRST_PERM_NONE 0 -#define GRST_PERM_READ 1 -#define GRST_PERM_EXEC 2 -#define GRST_PERM_LIST 4 -#define GRST_PERM_WRITE 8 -#define GRST_PERM_ADMIN 16 -#define GRST_PERM_ALL 31 - -/* DO NOT USE PermIsNone!! */ -#define GRSTgaclPermIsNone(perm) (perm == 0) - -#define GRSTgaclPermHasNone(perm) (perm == 0) -#define GRSTgaclPermHasRead(perm) ((perm & GRST_PERM_READ ) != 0) -#define GRSTgaclPermHasExec(perm) ((perm & GRST_PERM_EXEC ) != 0) -#define GRSTgaclPermHasList(perm) ((perm & GRST_PERM_LIST ) != 0) -#define GRSTgaclPermHasWrite(perm) ((perm & GRST_PERM_WRITE) != 0) -#define GRSTgaclPermHasAdmin(perm) ((perm & GRST_PERM_ADMIN) != 0) - -#define GRST_ACTION_ALLOW 0 -#define GRST_ACTION_DENY 1 - -#define GRST_HIST_PREFIX ".grsthist" -#define GRST_ACL_FILE ".gacl" -#define GRST_DN_LISTS "/etc/grid-security/dn-lists" -#define GRST_RECURS_LIMIT 9 - -#define GRST_PROXYCERTINFO_OID "1.3.6.1.4.1.3536.1.222" -#define GRST_VOMS_OID "1.3.6.1.4.1.8005.100.100.5" -#define GRST_VOMS_DIR "/etc/grid-security/vomsdir" - -#define GRST_ASN1_MAXCOORDLEN 50 -#define GRST_ASN1_MAXTAGS 500 - -struct GRSTasn1TagList { char treecoords[GRST_ASN1_MAXCOORDLEN+1]; - int start; - int headerlength; - int length; - int tag; } ; - -int GRSTgaclInit(void); - -/* #define GACLnewCred(x) GRSTgaclCredNew((x)) */ -GRSTgaclCred *GRSTgaclCredNew(char *); - -/* #define GACLaddToCred(x,y,z) GRSTgaclCredAddValue((x),(y),(z)) */ -int GRSTgaclCredAddValue(GRSTgaclCred *, char *, char *); - -#define GRSTgaclCredSetDelegation(cred, level) ((cred)->delegation = (level)) -#define GRSTgaclCredGetDelegation(cred) ((cred)->delegation) - -/* #define GACLfreeCred(x) GRSTgaclCredFree((x)) */ -int GRSTgaclCredFree(GRSTgaclCred *); - -/* #define GACLaddCred(x,y) GRSTgaclEntryAddCred((x),(y)) */ -int GRSTgaclEntryAddCred(GRSTgaclEntry *, GRSTgaclCred *); - -/* #define GACLdelCred(x,y) GRSTgaclEntryDelCred((x),(y)) */ -int GRSTgaclEntryDelCred(GRSTgaclEntry *, GRSTgaclCred *); - -/* #define GACLprintCred(x,y) GRSTgaclCredPrint((x),(y)) */ -int GRSTgaclCredCredPrint(GRSTgaclCred *, FILE *); - - -/* #define GACLnewEntry(x) GRSTgaclEntryNew((x)) */ -GRSTgaclEntry *GRSTgaclEntryNew(void); - -/* #define GACLfreeEntry(x) GRSTgaclEntryFree((x)) */ -int GRSTgaclEntryFree(GRSTgaclEntry *); - -/* #define GACLaddEntry(x,y) GRSTgaclAclAddEntry((x),(y)) */ -int GRSTgaclAclAddEntry(GRSTgaclAcl *, GRSTgaclEntry *); - -/* #define GACLprintEntry(x,y) GRSTgaclEntryPrint((x),(y)) */ -int GRSTgaclEntryPrint(GRSTgaclEntry *, FILE *); - - -/* #define GACLprintPerm(x,y) GRSTgaclPermPrint((x),(y)) */ -int GRSTgaclPermPrint(GRSTgaclPerm, FILE *); - -/* #define GACLallowPerm(x,y) GRSTgaclEntryAllowPerm((x),(y)) */ -int GRSTgaclEntryAllowPerm(GRSTgaclEntry *, GRSTgaclPerm); - -/* #define GACLunallowPerm(x,y) GRSTgaclEntryUnallowPerm((x),(y)) */ -int GRSTgaclEntryUnallowPerm(GRSTgaclEntry *, GRSTgaclPerm); - -/* #define GACLdenyPerm(x,y) GRSTgaclEntryDenyPerm((x),(y)) */ -int GRSTgaclEntryDenyPerm(GRSTgaclEntry *, GRSTgaclPerm); - -/* #define GACLundenyPerm(x,y) GRSTgaclEntryUndenyPerm((x),(y)) */ -int GRSTgaclEntryUndenyPerm(GRSTgaclEntry *, GRSTgaclPerm); - -/* #define GACLpermToChar(x) GRSTgaclPermToChar((x)) */ -char *GRSTgaclPermToChar(GRSTgaclPerm); - -/* #define GACLcharToPerm(x) GRSTgaclPermFromChar((x)) */ -GRSTgaclPerm GRSTgaclPermFromChar(char *); - -/* #define GACLnewAcl(x) GRSTgaclAclNew((x)) */ -GRSTgaclAcl *GRSTgaclAclNew(void); - -/* #define GACLfreeAcl(x) GRSTgaclAclFree((x)) */ -int GRSTgaclAclFree(GRSTgaclAcl *); - -/* #define GACLprintAcl(x,y) GRSTgaclAclPrint((x),(y)) */ -int GRSTgaclAclPrint(GRSTgaclAcl *, FILE *); - -/* #define GACLsaveAcl(x,y) GRSTgaclAclSave((y),(x)) */ -int GRSTgaclAclSave(GRSTgaclAcl *, char *); - -/* #define GACLloadAcl(x) GRSTgaclFileLoadAcl((x)) */ -GRSTgaclAcl *GRSTgaclAclLoadFile(char *); - -/* #define GACLfindAclForFile(x) GRSTgaclFileFindAclname((x)) */ -char *GRSTgaclFileFindAclname(char *); - -/* #define GACLloadAclForFile(x) GRSTgaclFileLoadAcl((x)) */ -GRSTgaclAcl *GRSTgaclAclLoadforFile(char *); - -/* #define GACLisAclFile(x) GRSTgaclFileIsAcl((x)) */ -int GRSTgaclFileIsAcl(char *); - - -/* #define GACLnewUser(x) GRSTgaclUserNew((x)) */ -GRSTgaclUser *GRSTgaclUserNew(GRSTgaclCred *); - -/* #define GACLfreeUser(x) GRSTgaclUserFree((x)) */ -int GRSTgaclUserFree(GRSTgaclUser *); - -/* #define GACLuserAddCred(x,y) GRSTgaclUserAddCred((x),(y)) */ -int GRSTgaclUserAddCred(GRSTgaclUser *, GRSTgaclCred *); - -/* #define GACLuserHasCred(x,y) GRSTgaclUserHasCred((x),(y)) */ -int GRSTgaclUserHasCred(GRSTgaclUser *, GRSTgaclCred *); - -int GRSTgaclUserSetDNlists(GRSTgaclUser *, char *); - -/* #define GACLuserFindCredType(x,y) GRSTgaclUserFindCredtype((x),(y)) */ -GRSTgaclCred *GRSTgaclUserFindCredtype(GRSTgaclUser *, char *); - -/* #define GACLtestDnList(x,y) GRSTgaclDNlistHasUser((x),(y)) */ -int GRSTgaclDNlistHasUser(char *, GRSTgaclUser *); - -/* #define GACLtestUserAcl(x,y) GRSTgaclAclTestUser((x),(y)) */ -GRSTgaclPerm GRSTgaclAclTestUser(GRSTgaclAcl *, GRSTgaclUser *); - -/* #define GACLtestExclAcl(x,y) GRSTgaclAclTestexclUser((x),(y)) */ -GRSTgaclPerm GRSTgaclAclTestexclUser(GRSTgaclAcl *, GRSTgaclUser *); - -char *GRSThttpUrlDecode(char *); - -/* #define GACLurlEncode(x) GRSThttpUrlEncode((x)) */ -char *GRSThttpUrlEncode(char *); - -/* #define GACLmildUrlEncode(x) GRSThttpMildUrlEncode((x)) */ -char *GRSThttpUrlMildencode(char *); - -int GRSTx509NameCmp(char *, char *); - -int GRSTx509KnownCriticalExts(X509 *); - -int GRSTx509IsCA(X509 *); -int GRSTx509CheckChain(int *, X509_STORE_CTX *); -int GRSTx509VerifyCallback(int, X509_STORE_CTX *); - -int GRSTx509GetVomsCreds(int *, int, size_t, char *, X509 *, STACK_OF(X509) *, char *); -GRSTgaclCred *GRSTx509CompactToCred(char *); -int GRSTx509CompactCreds(int *, int, size_t, char *, STACK_OF(X509) *, char *); -char *GRSTx509CachedProxyFind(char *, char *, char *); -char *GRSTx509FindProxyFileName(void); -int GRSTx509MakeProxyCert(char **, FILE *, char *, char *, char *, int); -char *GRSTx509CachedProxyKeyFind(char *, char *, char *); -int GRSTx509MakeProxyRequest(char **, char *, char *, char *); -int GRSTx509StringToChain(STACK_OF(X509) **, char *); -char *GRSTx509MakeProxyFileName(char *, STACK_OF(X509) *); -int GRSTx509CacheProxy(char *, char *, char *, char *); - -#define GRST_HEADFILE "gridsitehead.txt" -#define GRST_FOOTFILE "gridsitefoot.txt" -#define GRST_ADMIN_FILE "gridsite-admin.cgi" - -typedef struct { char *text; - void *next; } GRSThttpCharsList; - -typedef struct { size_t size; - GRSThttpCharsList *first; - GRSThttpCharsList *last; } GRSThttpBody; - -void GRSThttpBodyInit(GRSThttpBody *); -void GRSThttpPrintf(GRSThttpBody *, char *, ...); -int GRSThttpCopy(GRSThttpBody *, char *); -void GRSThttpWriteOut(GRSThttpBody *); -int GRSThttpPrintHeaderFooter(GRSThttpBody *, char *, char *); -char *GRSThttpGetCGI(char *); - -time_t GRSTasn1TimeToTimeT(char *, size_t); -int GRSTasn1SearchTaglist(struct GRSTasn1TagList taglist[], int, char *); -int GRSTasn1ParseDump(BIO *, unsigned char *, long, - struct GRSTasn1TagList taglist[], int, int *); -int GRSTasn1GetX509Name(char *, int, char *, char *, - struct GRSTasn1TagList taglist[], int); diff --git a/org.gridsite.core/project/build.number b/org.gridsite.core/project/build.number deleted file mode 100644 index e3c0104..0000000 --- a/org.gridsite.core/project/build.number +++ /dev/null @@ -1,2 +0,0 @@ -#Wed Feb 23 03:19:54 CET 2005 -module.build=141 diff --git a/org.gridsite.core/project/build.properties b/org.gridsite.core/project/build.properties deleted file mode 100644 index e69de29..0000000 diff --git a/org.gridsite.core/project/configure.properties.xml b/org.gridsite.core/project/configure.properties.xml deleted file mode 100644 index 0e83d6e..0000000 --- a/org.gridsite.core/project/configure.properties.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - diff --git a/org.gridsite.core/project/dependencies.properties b/org.gridsite.core/project/dependencies.properties deleted file mode 100644 index 2a7383b..0000000 --- a/org.gridsite.core/project/dependencies.properties +++ /dev/null @@ -1,9 +0,0 @@ -################################################################### -# System dependencies -################################################################### - -org.glite.version = HEAD -org.glite.core.version = HEAD - -# Component dependencies tag = do not remove this line = - diff --git a/org.gridsite.core/project/gridsite.core.csf.xml b/org.gridsite.core/project/gridsite.core.csf.xml deleted file mode 100644 index 7ca38dc..0000000 --- a/org.gridsite.core/project/gridsite.core.csf.xml +++ /dev/null @@ -1,221 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The org.glite and org.gridsite.core modules have been updated, please rerun the configuration file - - - - The org.glite and org.gridsite.core modules have been updated, please rerun the configuration file - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.gridsite.core/project/properties.xml b/org.gridsite.core/project/properties.xml deleted file mode 100644 index 74f88dc..0000000 --- a/org.gridsite.core/project/properties.xml +++ /dev/null @@ -1,53 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/org.gridsite.core/project/taskdefs.xml b/org.gridsite.core/project/taskdefs.xml deleted file mode 100644 index 9c35cef..0000000 --- a/org.gridsite.core/project/taskdefs.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/org.gridsite.core/project/version.properties b/org.gridsite.core/project/version.properties deleted file mode 100644 index 87511c8..0000000 --- a/org.gridsite.core/project/version.properties +++ /dev/null @@ -1,2 +0,0 @@ -module.version=1.1.11 -module.age=1 diff --git a/org.gridsite.core/src/Doxyfile b/org.gridsite.core/src/Doxyfile deleted file mode 100644 index 14f88e0..0000000 --- a/org.gridsite.core/src/Doxyfile +++ /dev/null @@ -1,993 +0,0 @@ -# Doxyfile 1.2.18 - -# This file describes the settings to be used by the documentation system -# doxygen (www.doxygen.org) for a project -# -# All text after a hash (#) is considered a comment and will be ignored -# The format is: -# TAG = value [value, ...] -# For lists items can also be appended using: -# TAG += value [value, ...] -# Values that contain spaces should be placed between quotes (" ") - -#--------------------------------------------------------------------------- -# General configuration options -#--------------------------------------------------------------------------- - -# The PROJECT_NAME tag is a single word (or a sequence of words surrounded -# by quotes) that should identify the project. - -PROJECT_NAME = - -# The PROJECT_NUMBER tag can be used to enter a project or revision number. -# This could be handy for archiving the generated documentation or -# if some version control system is used. - -PROJECT_NUMBER = - -# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) -# base path where the generated documentation will be put. -# If a relative path is entered, it will be relative to the location -# where doxygen was started. If left blank the current directory will be used. - -OUTPUT_DIRECTORY = - -# The OUTPUT_LANGUAGE tag is used to specify the language in which all -# documentation generated by doxygen is written. Doxygen will use this -# information to generate all constant output in the proper language. -# The default language is English, other supported languages are: -# Brazilian, Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish, Dutch, -# Finnish, French, German, Greek, Hungarian, Italian, Japanese, Japanese-en -# (Japanese with english messages), Korean, Norwegian, Polish, Portuguese, -# Romanian, Russian, Serbian, Slovak, Slovene, Spanish, Swedish and Ukrainian. - -OUTPUT_LANGUAGE = English - -# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in -# documentation are documented, even if no documentation was available. -# Private class members and static file members will be hidden unless -# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES - -EXTRACT_ALL = YES - -# If the EXTRACT_PRIVATE tag is set to YES all private members of a class -# will be included in the documentation. - -EXTRACT_PRIVATE = NO - -# If the EXTRACT_STATIC tag is set to YES all static members of a file -# will be included in the documentation. - -EXTRACT_STATIC = NO - -# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) -# defined locally in source files will be included in the documentation. -# If set to NO only classes defined in header files are included. - -EXTRACT_LOCAL_CLASSES = NO - -# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all -# undocumented members of documented classes, files or namespaces. -# If set to NO (the default) these members will be included in the -# various overviews, but no documentation section is generated. -# This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_MEMBERS = NO - -# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all -# undocumented classes that are normally visible in the class hierarchy. -# If set to NO (the default) these class will be included in the various -# overviews. This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_CLASSES = NO - -# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all -# friend (class|struct|union) declarations. -# If set to NO (the default) these declarations will be included in the -# documentation. - -HIDE_FRIEND_COMPOUNDS = NO - -# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will -# include brief member descriptions after the members that are listed in -# the file and class documentation (similar to JavaDoc). -# Set to NO to disable this. - -BRIEF_MEMBER_DESC = YES - -# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend -# the brief description of a member or function before the detailed description. -# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the -# brief descriptions will be completely suppressed. - -REPEAT_BRIEF = YES - -# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then -# Doxygen will generate a detailed section even if there is only a brief -# description. - -ALWAYS_DETAILED_SEC = NO - -# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all inherited -# members of a class in the documentation of that class as if those members were -# ordinary class members. Constructors, destructors and assignment operators of -# the base classes will not be shown. - -INLINE_INHERITED_MEMB = NO - -# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full -# path before files name in the file list and in the header files. If set -# to NO the shortest path that makes the file name unique will be used. - -FULL_PATH_NAMES = NO - -# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag -# can be used to strip a user defined part of the path. Stripping is -# only done if one of the specified strings matches the left-hand part of -# the path. It is allowed to use relative paths in the argument list. - -STRIP_FROM_PATH = - -# The INTERNAL_DOCS tag determines if documentation -# that is typed after a \internal command is included. If the tag is set -# to NO (the default) then the documentation will be excluded. -# Set it to YES to include the internal documentation. - -INTERNAL_DOCS = NO - -# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct -# doxygen to hide any special comment blocks from generated source code -# fragments. Normal C and C++ comments will always remain visible. - -STRIP_CODE_COMMENTS = YES - -# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate -# file names in lower case letters. If set to YES upper case letters are also -# allowed. This is useful if you have classes or files whose names only differ -# in case and if your file system supports case sensitive file names. Windows -# users are adviced to set this option to NO. - -CASE_SENSE_NAMES = YES - -# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter -# (but less readable) file names. This can be useful is your file systems -# doesn't support long names like on DOS, Mac, or CD-ROM. - -SHORT_NAMES = NO - -# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen -# will show members with their full class and namespace scopes in the -# documentation. If set to YES the scope will be hidden. - -HIDE_SCOPE_NAMES = NO - -# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen -# will generate a verbatim copy of the header file for each class for -# which an include is specified. Set to NO to disable this. - -VERBATIM_HEADERS = YES - -# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen -# will put list of the files that are included by a file in the documentation -# of that file. - -SHOW_INCLUDE_FILES = NO - -# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen -# will interpret the first line (until the first dot) of a JavaDoc-style -# comment as the brief description. If set to NO, the JavaDoc -# comments will behave just like the Qt-style comments (thus requiring an -# explict @brief command for a brief description. - -JAVADOC_AUTOBRIEF = NO - -# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen -# treat a multi-line C++ special comment block (i.e. a block of //! or /// -# comments) as a brief description. This used to be the default behaviour. -# The new default is to treat a multi-line C++ comment block as a detailed -# description. Set this tag to YES if you prefer the old behaviour instead. - -MULTILINE_CPP_IS_BRIEF = NO - -# If the DETAILS_AT_TOP tag is set to YES then Doxygen -# will output the detailed description near the top, like JavaDoc. -# If set to NO, the detailed description appears after the member -# documentation. - -DETAILS_AT_TOP = NO - -# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented -# member inherits the documentation from any documented member that it -# reimplements. - -INHERIT_DOCS = YES - -# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] -# is inserted in the documentation for inline members. - -INLINE_INFO = YES - -# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen -# will sort the (detailed) documentation of file and class members -# alphabetically by member name. If set to NO the members will appear in -# declaration order. - -SORT_MEMBER_DOCS = YES - -# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC -# tag is set to YES, then doxygen will reuse the documentation of the first -# member in the group (if any) for the other members of the group. By default -# all members of a group must be documented explicitly. - -DISTRIBUTE_GROUP_DOC = NO - -# The TAB_SIZE tag can be used to set the number of spaces in a tab. -# Doxygen uses this value to replace tabs by spaces in code fragments. - -TAB_SIZE = 8 - -# The GENERATE_TODOLIST tag can be used to enable (YES) or -# disable (NO) the todo list. This list is created by putting \todo -# commands in the documentation. - -GENERATE_TODOLIST = YES - -# The GENERATE_TESTLIST tag can be used to enable (YES) or -# disable (NO) the test list. This list is created by putting \test -# commands in the documentation. - -GENERATE_TESTLIST = YES - -# The GENERATE_BUGLIST tag can be used to enable (YES) or -# disable (NO) the bug list. This list is created by putting \bug -# commands in the documentation. - -GENERATE_BUGLIST = YES - -# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or -# disable (NO) the deprecated list. This list is created by putting \deprecated commands in the documentation. - -GENERATE_DEPRECATEDLIST= YES - -# This tag can be used to specify a number of aliases that acts -# as commands in the documentation. An alias has the form "name=value". -# For example adding "sideeffect=\par Side Effects:\n" will allow you to -# put the command \sideeffect (or @sideeffect) in the documentation, which -# will result in a user defined paragraph with heading "Side Effects:". -# You can put \n's in the value part of an alias to insert newlines. - -ALIASES = - -# The ENABLED_SECTIONS tag can be used to enable conditional -# documentation sections, marked by \if sectionname ... \endif. - -ENABLED_SECTIONS = - -# The MAX_INITIALIZER_LINES tag determines the maximum number of lines -# the initial value of a variable or define consist of for it to appear in -# the documentation. If the initializer consists of more lines than specified -# here it will be hidden. Use a value of 0 to hide initializers completely. -# The appearance of the initializer of individual variables and defines in the -# documentation can be controlled using \showinitializer or \hideinitializer -# command in the documentation regardless of this setting. - -MAX_INITIALIZER_LINES = 30 - -# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources -# only. Doxygen will then generate output that is more tailored for C. -# For instance some of the names that are used will be different. The list -# of all members will be omitted, etc. - -OPTIMIZE_OUTPUT_FOR_C = YES - -# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java sources -# only. Doxygen will then generate output that is more tailored for Java. -# For instance namespaces will be presented as packages, qualified scopes -# will look different, etc. - -OPTIMIZE_OUTPUT_JAVA = NO - -# Set the SHOW_USED_FILES tag to NO to disable the list of files generated -# at the bottom of the documentation of classes and structs. If set to YES the -# list will mention the files that were used to generate the documentation. - -SHOW_USED_FILES = NO - -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- - -# The QUIET tag can be used to turn on/off the messages that are generated -# by doxygen. Possible values are YES and NO. If left blank NO is used. - -QUIET = NO - -# The WARNINGS tag can be used to turn on/off the warning messages that are -# generated by doxygen. Possible values are YES and NO. If left blank -# NO is used. - -WARNINGS = YES - -# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings -# for undocumented members. If EXTRACT_ALL is set to YES then this flag will -# automatically be disabled. - -WARN_IF_UNDOCUMENTED = YES - -# The WARN_FORMAT tag determines the format of the warning messages that -# doxygen can produce. The string should contain the $file, $line, and $text -# tags, which will be replaced by the file and line number from which the -# warning originated and the warning text. - -WARN_FORMAT = "$file:$line: $text" - -# The WARN_LOGFILE tag can be used to specify a file to which warning -# and error messages should be written. If left blank the output is written -# to stderr. - -WARN_LOGFILE = - -#--------------------------------------------------------------------------- -# configuration options related to the input files -#--------------------------------------------------------------------------- - -# The INPUT tag can be used to specify the files and/or directories that contain -# documented source files. You may enter file names like "myfile.cpp" or -# directories like "/usr/src/myproject". Separate the files or directories -# with spaces. - -INPUT = . ../interface - -# If the value of the INPUT tag contains directories, you can use the -# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank the following patterns are tested: -# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx *.hpp -# *.h++ *.idl *.odl - -FILE_PATTERNS = - -# The RECURSIVE tag can be used to turn specify whether or not subdirectories -# should be searched for input files as well. Possible values are YES and NO. -# If left blank NO is used. - -RECURSIVE = NO - -# The EXCLUDE tag can be used to specify files and/or directories that should -# excluded from the INPUT source files. This way you can easily exclude a -# subdirectory from a directory tree whose root is specified with the INPUT tag. - -EXCLUDE = - -# The EXCLUDE_SYMLINKS tag can be used select whether or not files or directories -# that are symbolic links (a Unix filesystem feature) are excluded from the input. - -EXCLUDE_SYMLINKS = NO - -# If the value of the INPUT tag contains directories, you can use the -# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude -# certain files from those directories. - -EXCLUDE_PATTERNS = - -# The EXAMPLE_PATH tag can be used to specify one or more files or -# directories that contain example code fragments that are included (see -# the \include command). - -EXAMPLE_PATH = - -# If the value of the EXAMPLE_PATH tag contains directories, you can use the -# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank all files are included. - -EXAMPLE_PATTERNS = - -# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be -# searched for input files to be used with the \include or \dontinclude -# commands irrespective of the value of the RECURSIVE tag. -# Possible values are YES and NO. If left blank NO is used. - -EXAMPLE_RECURSIVE = NO - -# The IMAGE_PATH tag can be used to specify one or more files or -# directories that contain image that are included in the documentation (see -# the \image command). - -IMAGE_PATH = - -# The INPUT_FILTER tag can be used to specify a program that doxygen should -# invoke to filter for each input file. Doxygen will invoke the filter program -# by executing (via popen()) the command , where -# is the value of the INPUT_FILTER tag, and is the name of an -# input file. Doxygen will then use the output that the filter program writes -# to standard output. - -INPUT_FILTER = - -# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using -# INPUT_FILTER) will be used to filter the input files when producing source -# files to browse (i.e. when SOURCE_BROWSER is set to YES). - -FILTER_SOURCE_FILES = NO - -#--------------------------------------------------------------------------- -# configuration options related to source browsing -#--------------------------------------------------------------------------- - -# If the SOURCE_BROWSER tag is set to YES then a list of source files will -# be generated. Documented entities will be cross-referenced with these sources. - -SOURCE_BROWSER = NO - -# Setting the INLINE_SOURCES tag to YES will include the body -# of functions and classes directly in the documentation. - -INLINE_SOURCES = NO - -# If the REFERENCED_BY_RELATION tag is set to YES (the default) -# then for each documented function all documented -# functions referencing it will be listed. - -REFERENCED_BY_RELATION = NO - -# If the REFERENCES_RELATION tag is set to YES (the default) -# then for each documented function all documented entities -# called/used by that function will be listed. - -REFERENCES_RELATION = NO - -#--------------------------------------------------------------------------- -# configuration options related to the alphabetical class index -#--------------------------------------------------------------------------- - -# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index -# of all compounds will be generated. Enable this if the project -# contains a lot of classes, structs, unions or interfaces. - -ALPHABETICAL_INDEX = YES - -# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then -# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns -# in which this list will be split (can be a number in the range [1..20]) - -COLS_IN_ALPHA_INDEX = 5 - -# In case all classes in a project start with a common prefix, all -# classes will be put under the same header in the alphabetical index. -# The IGNORE_PREFIX tag can be used to specify one or more prefixes that -# should be ignored while generating the index headers. - -IGNORE_PREFIX = - -#--------------------------------------------------------------------------- -# configuration options related to the HTML output -#--------------------------------------------------------------------------- - -# If the GENERATE_HTML tag is set to YES (the default) Doxygen will -# generate HTML output. - -GENERATE_HTML = YES - -# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `html' will be used as the default path. - -HTML_OUTPUT = doxygen - -# The HTML_FILE_EXTENSION tag can be used to specify the file extension for -# each generated HTML page (for example: .htm,.php,.asp). If it is left blank -# doxygen will generate files with .html extension. - -HTML_FILE_EXTENSION = .html - -# The HTML_HEADER tag can be used to specify a personal HTML header for -# each generated HTML page. If it is left blank doxygen will generate a -# standard header. - -HTML_HEADER = - -# The HTML_FOOTER tag can be used to specify a personal HTML footer for -# each generated HTML page. If it is left blank doxygen will generate a -# standard footer. - -HTML_FOOTER = - -# The HTML_STYLESHEET tag can be used to specify a user defined cascading -# style sheet that is used by each HTML page. It can be used to -# fine-tune the look of the HTML output. If the tag is left blank doxygen -# will generate a default style sheet - -HTML_STYLESHEET = doxygen.css - -# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, -# files or namespaces will be aligned in HTML using tables. If set to -# NO a bullet list will be used. - -HTML_ALIGN_MEMBERS = YES - -# If the GENERATE_HTMLHELP tag is set to YES, additional index files -# will be generated that can be used as input for tools like the -# Microsoft HTML help workshop to generate a compressed HTML help file (.chm) -# of the generated HTML documentation. - -GENERATE_HTMLHELP = NO - -# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can -# be used to specify the file name of the resulting .chm file. You -# can add a path in front of the file if the result should not be -# written to the html output dir. - -CHM_FILE = - -# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can -# be used to specify the location (absolute path including file name) of -# the HTML help compiler (hhc.exe). If non empty doxygen will try to run -# the html help compiler on the generated index.hhp. - -HHC_LOCATION = - -# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag -# controls if a separate .chi index file is generated (YES) or that -# it should be included in the master .chm file (NO). - -GENERATE_CHI = NO - -# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag -# controls whether a binary table of contents is generated (YES) or a -# normal table of contents (NO) in the .chm file. - -BINARY_TOC = NO - -# The TOC_EXPAND flag can be set to YES to add extra items for group members -# to the contents of the Html help documentation and to the tree view. - -TOC_EXPAND = NO - -# The DISABLE_INDEX tag can be used to turn on/off the condensed index at -# top of each HTML page. The value NO (the default) enables the index and -# the value YES disables it. - -DISABLE_INDEX = YES - -# This tag can be used to set the number of enum values (range [1..20]) -# that doxygen will group on one line in the generated HTML documentation. - -ENUM_VALUES_PER_LINE = 4 - -# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be -# generated containing a tree-like index structure (just like the one that -# is generated for HTML Help). For this to work a browser that supports -# JavaScript and frames is required (for instance Mozilla, Netscape 4.0+, -# or Internet explorer 4.0+). Note that for large projects the tree generation -# can take a very long time. In such cases it is better to disable this feature. -# Windows users are probably better off using the HTML help feature. - -GENERATE_TREEVIEW = NO - -# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be -# used to set the initial width (in pixels) of the frame in which the tree -# is shown. - -TREEVIEW_WIDTH = 250 - -#--------------------------------------------------------------------------- -# configuration options related to the LaTeX output -#--------------------------------------------------------------------------- - -# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will -# generate Latex output. - -GENERATE_LATEX = NO - -# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `latex' will be used as the default path. - -LATEX_OUTPUT = latex - -# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be invoked. If left blank `latex' will be used as the default command name. - -LATEX_CMD_NAME = latex - -# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to -# generate index for LaTeX. If left blank `makeindex' will be used as the -# default command name. - -MAKEINDEX_CMD_NAME = makeindex - -# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact -# LaTeX documents. This may be useful for small projects and may help to -# save some trees in general. - -COMPACT_LATEX = NO - -# The PAPER_TYPE tag can be used to set the paper type that is used -# by the printer. Possible values are: a4, a4wide, letter, legal and -# executive. If left blank a4wide will be used. - -PAPER_TYPE = a4wide - -# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX -# packages that should be included in the LaTeX output. - -EXTRA_PACKAGES = - -# The LATEX_HEADER tag can be used to specify a personal LaTeX header for -# the generated latex document. The header should contain everything until -# the first chapter. If it is left blank doxygen will generate a -# standard header. Notice: only use this tag if you know what you are doing! - -LATEX_HEADER = - -# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated -# is prepared for conversion to pdf (using ps2pdf). The pdf file will -# contain links (just like the HTML output) instead of page references -# This makes the output suitable for online browsing using a pdf viewer. - -PDF_HYPERLINKS = NO - -# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of -# plain latex in the generated Makefile. Set this option to YES to get a -# higher quality PDF documentation. - -USE_PDFLATEX = NO - -# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode. -# command to the generated LaTeX files. This will instruct LaTeX to keep -# running if errors occur, instead of asking the user for help. -# This option is also used when generating formulas in HTML. - -LATEX_BATCHMODE = NO - -#--------------------------------------------------------------------------- -# configuration options related to the RTF output -#--------------------------------------------------------------------------- - -# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output -# The RTF output is optimised for Word 97 and may not look very pretty with -# other RTF readers or editors. - -GENERATE_RTF = NO - -# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `rtf' will be used as the default path. - -RTF_OUTPUT = rtf - -# If the COMPACT_RTF tag is set to YES Doxygen generates more compact -# RTF documents. This may be useful for small projects and may help to -# save some trees in general. - -COMPACT_RTF = NO - -# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated -# will contain hyperlink fields. The RTF file will -# contain links (just like the HTML output) instead of page references. -# This makes the output suitable for online browsing using WORD or other -# programs which support those fields. -# Note: wordpad (write) and others do not support links. - -RTF_HYPERLINKS = NO - -# Load stylesheet definitions from file. Syntax is similar to doxygen's -# config file, i.e. a series of assigments. You only have to provide -# replacements, missing definitions are set to their default value. - -RTF_STYLESHEET_FILE = - -# Set optional variables used in the generation of an rtf document. -# Syntax is similar to doxygen's config file. - -RTF_EXTENSIONS_FILE = - -#--------------------------------------------------------------------------- -# configuration options related to the man page output -#--------------------------------------------------------------------------- - -# If the GENERATE_MAN tag is set to YES (the default) Doxygen will -# generate man pages - -GENERATE_MAN = NO - -# The MAN_OUTPUT tag is used to specify where the man pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `man' will be used as the default path. - -MAN_OUTPUT = man - -# The MAN_EXTENSION tag determines the extension that is added to -# the generated man pages (default is the subroutine's section .3) - -MAN_EXTENSION = .3 - -# If the MAN_LINKS tag is set to YES and Doxygen generates man output, -# then it will generate one additional man file for each entity -# documented in the real man page(s). These additional files -# only source the real man page, but without them the man command -# would be unable to find the correct page. The default is NO. - -MAN_LINKS = NO - -#--------------------------------------------------------------------------- -# configuration options related to the XML output -#--------------------------------------------------------------------------- - -# If the GENERATE_XML tag is set to YES Doxygen will -# generate an XML file that captures the structure of -# the code including all documentation. Note that this -# feature is still experimental and incomplete at the -# moment. - -GENERATE_XML = NO - -# The XML_SCHEMA tag can be used to specify an XML schema, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -XML_SCHEMA = - -# The XML_DTD tag can be used to specify an XML DTD, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -XML_DTD = - -#--------------------------------------------------------------------------- -# configuration options for the AutoGen Definitions output -#--------------------------------------------------------------------------- - -# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will -# generate an AutoGen Definitions (see autogen.sf.net) file -# that captures the structure of the code including all -# documentation. Note that this feature is still experimental -# and incomplete at the moment. - -GENERATE_AUTOGEN_DEF = NO - -#--------------------------------------------------------------------------- -# Configuration options related to the preprocessor -#--------------------------------------------------------------------------- - -# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will -# evaluate all C-preprocessor directives found in the sources and include -# files. - -ENABLE_PREPROCESSING = NO - -# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro -# names in the source code. If set to NO (the default) only conditional -# compilation will be performed. Macro expansion can be done in a controlled -# way by setting EXPAND_ONLY_PREDEF to YES. - -MACRO_EXPANSION = NO - -# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES -# then the macro expansion is limited to the macros specified with the -# PREDEFINED and EXPAND_AS_PREDEFINED tags. - -EXPAND_ONLY_PREDEF = NO - -# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files -# in the INCLUDE_PATH (see below) will be search if a #include is found. - -SEARCH_INCLUDES = YES - -# The INCLUDE_PATH tag can be used to specify one or more directories that -# contain include files that are not input files but should be processed by -# the preprocessor. - -INCLUDE_PATH = - -# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard -# patterns (like *.h and *.hpp) to filter out the header-files in the -# directories. If left blank, the patterns specified with FILE_PATTERNS will -# be used. - -INCLUDE_FILE_PATTERNS = - -# The PREDEFINED tag can be used to specify one or more macro names that -# are defined before the preprocessor is started (similar to the -D option of -# gcc). The argument of the tag is a list of macros of the form: name -# or name=definition (no spaces). If the definition and the = are -# omitted =1 is assumed. - -PREDEFINED = - -# If the MACRO_EXPANSION and EXPAND_PREDEF_ONLY tags are set to YES then -# this tag can be used to specify a list of macro names that should be expanded. -# The macro definition that is found in the sources will be used. -# Use the PREDEFINED tag if you want to use a different macro definition. - -EXPAND_AS_DEFINED = - -# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then -# doxygen's preprocessor will remove all function-like macros that are alone -# on a line, have an all uppercase name, and do not end with a semicolon. Such -# function macros are typically used for boiler-plate code, and will confuse the -# parser if not removed. - -SKIP_FUNCTION_MACROS = YES - -#--------------------------------------------------------------------------- -# Configuration::addtions related to external references -#--------------------------------------------------------------------------- - -# The TAGFILES tag can be used to specify one or more tagfiles. - -TAGFILES = - -# When a file name is specified after GENERATE_TAGFILE, doxygen will create -# a tag file that is based on the input files it reads. - -GENERATE_TAGFILE = - -# If the ALLEXTERNALS tag is set to YES all external classes will be listed -# in the class index. If set to NO only the inherited external classes -# will be listed. - -ALLEXTERNALS = NO - -# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed -# in the modules index. If set to NO, only the current project's groups will -# be listed. - -EXTERNAL_GROUPS = YES - -# The PERL_PATH should be the absolute path and name of the perl script -# interpreter (i.e. the result of `which perl'). - -PERL_PATH = /usr/bin/perl - -#--------------------------------------------------------------------------- -# Configuration options related to the dot tool -#--------------------------------------------------------------------------- - -# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will -# generate a inheritance diagram (in Html, RTF and LaTeX) for classes with base or -# super classes. Setting the tag to NO turns the diagrams off. Note that this -# option is superceded by the HAVE_DOT option below. This is only a fallback. It is -# recommended to install and use dot, since it yield more powerful graphs. - -CLASS_DIAGRAMS = YES - -# If set to YES, the inheritance and collaboration graphs will hide -# inheritance and usage relations if the target is undocumented -# or is not a class. - -HIDE_UNDOC_RELATIONS = YES - -# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is -# available from the path. This tool is part of Graphviz, a graph visualization -# toolkit from AT&T and Lucent Bell Labs. The other options in this section -# have no effect if this option is set to NO (the default) - -HAVE_DOT = NO - -# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect inheritance relations. Setting this tag to YES will force the -# the CLASS_DIAGRAMS tag to NO. - -CLASS_GRAPH = YES - -# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect implementation dependencies (inheritance, containment, and -# class references variables) of the class with other documented classes. - -COLLABORATION_GRAPH = YES - -# If set to YES, the inheritance and collaboration graphs will show the -# relations between templates and their instances. - -TEMPLATE_RELATIONS = YES - -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT -# tags are set to YES then doxygen will generate a graph for each documented -# file showing the direct and indirect include dependencies of the file with -# other documented files. - -INCLUDE_GRAPH = YES - -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and -# HAVE_DOT tags are set to YES then doxygen will generate a graph for each -# documented header file showing the documented files that directly or -# indirectly include this file. - -INCLUDED_BY_GRAPH = YES - -# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen -# will graphical hierarchy of all classes instead of a textual one. - -GRAPHICAL_HIERARCHY = YES - -# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images -# generated by dot. Possible values are png, jpg, or gif -# If left blank png will be used. - -DOT_IMAGE_FORMAT = png - -# The tag DOT_PATH can be used to specify the path where the dot tool can be -# found. If left blank, it is assumed the dot tool can be found on the path. - -DOT_PATH = - -# The DOTFILE_DIRS tag can be used to specify one or more directories that -# contain dot files that are included in the documentation (see the -# \dotfile command). - -DOTFILE_DIRS = - -# The MAX_DOT_GRAPH_WIDTH tag can be used to set the maximum allowed width -# (in pixels) of the graphs generated by dot. If a graph becomes larger than -# this value, doxygen will try to truncate the graph, so that it fits within -# the specified constraint. Beware that most browsers cannot cope with very -# large images. - -MAX_DOT_GRAPH_WIDTH = 1024 - -# The MAX_DOT_GRAPH_HEIGHT tag can be used to set the maximum allows height -# (in pixels) of the graphs generated by dot. If a graph becomes larger than -# this value, doxygen will try to truncate the graph, so that it fits within -# the specified constraint. Beware that most browsers cannot cope with very -# large images. - -MAX_DOT_GRAPH_HEIGHT = 1024 - -# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will -# generate a legend page explaining the meaning of the various boxes and -# arrows in the dot generated graphs. - -GENERATE_LEGEND = YES - -# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will -# remove the intermedate dot files that are used to generate -# the various graphs. - -DOT_CLEANUP = YES - -#--------------------------------------------------------------------------- -# Configuration::addtions related to the search engine -#--------------------------------------------------------------------------- - -# The SEARCHENGINE tag specifies whether or not a search engine should be -# used. If set to NO the values of all tags below this one will be ignored. - -SEARCHENGINE = NO - -# The CGI_NAME tag should be the name of the CGI script that -# starts the search engine (doxysearch) with the correct parameters. -# A script with this name will be generated by doxygen. - -CGI_NAME = search.cgi - -# The CGI_URL tag should be the absolute URL to the directory where the -# cgi binaries are located. See the documentation of your http daemon for -# details. - -CGI_URL = - -# The DOC_URL tag should be the absolute URL to the directory where the -# documentation is located. If left blank the absolute path to the -# documentation, with file:// prepended to it, will be used. - -DOC_URL = - -# The DOC_ABSPATH tag should be the absolute path to the directory where the -# documentation is located. If left blank the directory on the local machine -# will be used. - -DOC_ABSPATH = - -# The BIN_ABSPATH tag must point to the directory where the doxysearch binary -# is installed. - -BIN_ABSPATH = /usr/local/bin/ - -# The EXT_DOC_PATHS tag can be used to specify one or more paths to -# documentation generated for other projects. This allows doxysearch to search -# the documentation for these projects as well. - -EXT_DOC_PATHS = diff --git a/org.gridsite.core/src/Makefile b/org.gridsite.core/src/Makefile deleted file mode 100644 index 3552c0f..0000000 --- a/org.gridsite.core/src/Makefile +++ /dev/null @@ -1,363 +0,0 @@ -# -# Andrew McNab and Shiv Kaushal, University of Manchester. -# Copyright (c) 2002-5. All rights reserved. -# -# Redistribution and use in source and binary forms, with or -# without modification, are permitted provided that the following -# conditions are met: -# -# o Redistributions of source code must retain the above -# copyright notice, this list of conditions and the following -# disclaimer. -# o Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials -# provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS -# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. -# -#--------------------------------------------------------------- -# For more information about GridSite: http://www.gridsite.org/ -#--------------------------------------------------------------- - -include ../VERSION - -RPMCMD=$(shell if [ -x /usr/bin/rpmbuild ] ; then echo /usr/bin/rpmbuild; else echo rpm; fi) - -ifndef MYRPMDIR -export MYRPMDIR=$(shell pwd)/../RPMTMP -endif - -ifndef prefix -export prefix=/usr/local -endif - -ifndef MYCFLAGS -export MYCFLAGS=-I. -I../interface -I/usr/include/httpd -I/usr/include/apr-0 -I/opt/glite/include -endif - -ifndef MYLDFLAGS -export MYLDFLAGS=-L. -endif - -# -# Build -# - -build: libgridsite.so.$(VERSION) libgridsite.a htcp mod_gridsite.so \ - urlencode findproxyfile real-gridsite-admin.cgi gsexec \ - # gridsite-delegation.cgi # htproxyput - -build: libgridsite_globus.so.$(VERSION) libgridsite_globus.a - -# First, normal versions using system OpenSSL rather than Globus OpenSSL - -libgridsite.so.$(VERSION): grst_x509.o grst_gacl.o grst_xacml.o grst_http.o grst_asn1.o - gcc -shared -Wl,-soname,libgridsite.so.$(MINOR_VERSION) \ - -o libgridsite.so.$(PATCH_VERSION) grst_x509.o grst_gacl.o grst_xacml.o grst_http.o grst_asn1.o - -libgridsite.a: grst_x509.o grst_gacl.o grst_xacml.o grst_http.o grst_asn1.o - ar src libgridsite.a grst_x509.o grst_gacl.o grst_xacml.o grst_http.o grst_asn1.o - -grst_x509.o: grst_x509.c ../interface/gridsite.h - gcc $(MYCFLAGS) \ - -I/usr/kerberos/include -c grst_x509.c - -grst_gacl.o: grst_gacl.c ../interface/gridsite.h - gcc $(MYCFLAGS) \ - -I/usr/kerberos/include `xml2-config --cflags` -c grst_gacl.c - -grst_xacml.o: grst_xacml.c ../interface/gridsite.h - gcc $(MYCFLAGS) \ - -I/usr/kerberos/include `xml2-config --cflags` -c grst_xacml.c - -grst_http.o: grst_http.c ../interface/gridsite.h - gcc $(MYCFLAGS) \ - -I/usr/kerberos/include -c grst_http.c - -grst_asn1.o: grst_asn1.c ../interface/gridsite.h - gcc $(MYCFLAGS) \ - -I/usr/kerberos/include -c grst_asn1.c - -# Then build versions using Globus OpenSSL if configured - -ifdef OPENSSL_GLOBUS_LIBS - -libgridsite_globus.so.$(VERSION): \ - grst_x509_globus.o grst_gacl_globus.o grst_http_globus.o \ - grst_asn1_globus.o grst_xacml_globus.o - gcc -shared -Wl,-soname,libgridsite_globus.so.$(MINOR_VERSION) \ - -o libgridsite_globus.so.$(PATCH_VERSION) \ - grst_x509_globus.o grst_gacl_globus.o grst_xacml_globus.o grst_http_globus.o grst_asn1_globus.o - -libgridsite_globus.a: grst_x509_globus.o grst_gacl_globus.o grst_http_globus.o grst_asn1_globus.o - ar src libgridsite_globus.a \ - grst_x509_globus.o grst_gacl_globus.o grst_http_globus.o grst_asn1_globus.o - -grst_x509_globus.o: grst_x509.c ../interface/gridsite.h - gcc $(MYCFLAGS) $(OPENSSL_GLOBUS_FLAGS) \ - -I/usr/kerberos/include -c grst_x509.c \ - -o grst_x509_globus.o - -grst_gacl_globus.o: grst_gacl.c ../interface/gridsite.h - gcc $(MYCFLAGS) $(OPENSSL_GLOBUS_FLAGS) \ - -I/usr/kerberos/include `xml2-config --cflags` -c grst_gacl.c \ - -o grst_gacl_globus.o - -grst_xacml_globus.o: grst_xacml.c ../interface/gridsite.h - gcc $(MYCFLAGS) $(OPENSSL_GLOBUS_FLAGS) \ - -I/usr/kerberos/include `xml2-config --cflags` -c grst_xacml.c \ - -o grst_xacml_globus.o - -grst_http_globus.o: grst_http.c ../interface/gridsite.h - gcc $(MYCFLAGS) $(OPENSSL_GLOBUS_FLAGS) \ - -I/usr/kerberos/include -c grst_http.c \ - -o grst_http_globus.o - -grst_asn1_globus.o: grst_asn1.c ../interface/gridsite.h - gcc $(MYCFLAGS) $(OPENSSL_GLOBUS_FLAGS) \ - -I/usr/kerberos/include -c grst_asn1.c \ - -o grst_asn1_globus.o - -else - -libgridsite_globus.so.$(VERSION): libgridsite.so.$(VERSION) - cp -f libgridsite.so.$(VERSION) libgridsite_globus.so.$(VERSION) - -libgridsite_globus.a: libgridsite.a - cp -f libgridsite.a libgridsite_globus.a - -endif - -gsexec: gsexec.c gsexec.h - gcc -DVERSION=\"$(PATCH_VERSION)\" -I/usr/include/httpd \ - -I/usr/include/apr-0 \ - -o gsexec gsexec.c - -urlencode: urlencode.c libgridsite.a - gcc -DVERSION=\"$(PATCH_VERSION)\" $(MYCFLAGS) \ - -o urlencode urlencode.c -L. \ - -I/usr/kerberos/include -lgridsite - -htcp: htcp.c - gcc -DVERSION=\"$(PATCH_VERSION)\" -I. -o htcp htcp.c \ - `curl-config --cflags` `curl-config --libs` - -mod_gridsite.so: mod_gridsite.c mod_ssl-private.h libgridsite.a - gcc $(MYCFLAGS) -shared -Wl,-soname=gridsite_module \ - -I/usr/kerberos/include \ - -I/usr/include/libxml2 \ - -DVERSION=\"$(VERSION)\" -o mod_gridsite.so \ - mod_gridsite.c $(MYLDFLAGS) -lxml2 -lm -lz -lgridsite - -real-gridsite-admin.cgi: grst_admin_main.c grst_admin_gacl.c \ - grst_admin_file.c grst_admin.h - gcc $(MYCFLAGS) $(MYLDFLAGS) -o real-gridsite-admin.cgi \ - grst_admin_main.c \ - grst_admin_gacl.c \ - grst_admin_file.c \ - -I/usr/kerberos/include \ - -DVERSION=\"$(VERSION)\" -lgridsite -lssl -lcrypto -lxml2 -lz -lm - -findproxyfile: findproxyfile.c libgridsite.a - gcc -DVERSION=\"$(PATCH_VERSION)\" $(MYCFLAGS) $(MYLDFLAGS) \ - -o findproxyfile findproxyfile.c -L. \ - -I/usr/kerberos/include -lgridsite \ - -lssl -lcrypto -lxml2 -lz -lm - -showx509exts: showx509exts.c libgridsite.a - gcc -DVERSION=\"$(PATCH_VERSION)\" $(MYCFLAGS) $(MYLDFLAGS) \ - -o showx509exts showx509exts.c -L. \ - -I/usr/kerberos/include \ - -lgridsite \ - -lssl -lcrypto - -apidoc: - doxygen Doxyfile - -gaclexample: gaclexample.c libgridsite.a - gcc -o gaclexample gaclexample.c -I. -L. \ - -I/usr/kerberos/include -lgridsite \ - -lssl -lcrypto -lxml2 -lz -lm - -xacmlexample: xacmlexample.c libgridsite.a - gcc -o xacmlexample xacmlexample.c -I. -L. \ - -I/usr/kerberos/include -lgridsite \ - -lssl -lcrypto -lxml2 -lz -lm - -# -# Delegation machinery, including SOAP delegation portType. To build this -# you need to install gSOAP and set GSOAPDIR to the directory containing -# soapcpp2 and stdsoap2.h (unless GSOAPDIR is set already) -# - -ifndef GSOAPDIR -export GSOAPDIR=/usr/local/lib/gsoap -endif - -delegation.wsdl: delegation.h - ls -lR $(GSOAPDIR) - $(GSOAPDIR)/bin/soapcpp2 -c delegation.h - -libstdsoap2.a: $(GSOAPDIR)/stdsoap2.c - gcc -c -DWITH_OPENSSL $(GSOAPDIR)/stdsoap2.c - ar src libstdsoap2.a stdsoap2.o - -gridsite-delegation.cgi: grst-delegation.c delegation.h delegation.wsdl \ - soapC.c soapServer.c - gcc $(MYCFLAGS) $(MYLDFLAGS) -o gridsite-delegation.cgi \ - grst-delegation.c \ - -I/usr/kerberos/include -I$(GSOAPDIR)/include \ - -DVERSION=\"$(VERSION)\" -L$(GSOAPDIR)/lib \ - soapC.c soapServer.c -lgsoap \ - -lgridsite -lcurl -lz -lssl -lcrypto -lxml2 -lm - -htproxyput: htproxyput.c delegation.h delegation.wsdl \ - soapC.c soapServer.c - gcc $(MYCFLAGS) $(MYLDFLAGS) -o htproxyput \ - htproxyput.c \ - -I/usr/kerberos/include \ - -g -DVERSION=\"$(VERSION)\" \ - -I$(GSOAPDIR)/include -DWITH_OPENSSL -L$(GSOAPDIR)/lib \ - soapC.c soapClient.c -lgsoap \ - -lgridsite -lcurl -lz -lssl -lcrypto -lxml2 -lm - -proxyput-example: proxyput-example.c delegation.h delegation.wsdl \ - soapC.c soapServer.c - gcc $(MYCFLAGS) $(MYLDFLAGS) -o proxyput-example \ - proxyput-example.c \ - -I/usr/kerberos/include \ - -g -DVERSION=\"$(VERSION)\" \ - -I$(GSOAPDIR) -DWITH_OPENSSL \ - soapC.c soapClient.c libstdsoap2.a \ - -lgridsite -lcurl -lz -lssl -lcrypto -lxml2 -lm - -clean: - -# -# Install -# - -install: apidoc - mkdir -p $(prefix)/include \ - $(prefix)/lib \ - $(prefix)/bin \ - $(prefix)/sbin \ - $(prefix)/share/man/man1 \ - $(prefix)/share/man/man8 \ - $(prefix)/lib/httpd/modules \ - $(prefix)/share/doc/gridsite-$(PATCH_VERSION) - cp -f ../interface/gridsite.h $(prefix)/include - cp -f ../interface/gridsite-gacl.h $(prefix)/include - cp -f urlencode $(prefix)/bin - cp -f findproxyfile $(prefix)/bin - cp -f real-gridsite-admin.cgi $(prefix)/sbin - cp -f libgridsite.a $(prefix)/lib - cp -f libgridsite.so.$(PATCH_VERSION) $(prefix)/lib - ln -sf libgridsite.so.$(PATCH_VERSION) \ - $(prefix)/lib/libgridsite.so - ln -sf libgridsite.so.$(PATCH_VERSION) \ - $(prefix)/lib/libgridsite.so.$(MAJOR_VERSION) - ln -sf libgridsite.so.$(PATCH_VERSION) \ - $(prefix)/lib/libgridsite.so.$(MINOR_VERSION) - cp -f libgridsite_globus.a $(prefix)/lib - cp -f libgridsite_globus.so.$(PATCH_VERSION) $(prefix)/lib - ln -sf libgridsite_globus.so.$(PATCH_VERSION) \ - $(prefix)/lib/libgridsite_globus.so - ln -sf libgridsite_globus.so.$(PATCH_VERSION) \ - $(prefix)/lib/libgridsite_globus.so.$(MAJOR_VERSION) - ln -sf libgridsite_globus.so.$(PATCH_VERSION) \ - $(prefix)/lib/libgridsite_globus.so.$(MINOR_VERSION) - cp -f doxygen/index.html \ - $(prefix)/share/doc/gridsite-$(PATCH_VERSION)/doxygen-index.html - cp -f doxygen/* $(prefix)/share/doc/gridsite-$(PATCH_VERSION) - cp -f ../CHANGES ../README ../INSTALL ../LICENSE ../VERSION \ - $(prefix)/share/doc/gridsite-$(PATCH_VERSION) - cp -f ../doc/*.html ../doc/*.conf ../doc/*.1 ../doc/*.8 ../doc/*.sh \ - $(prefix)/share/doc/gridsite-$(VERSION) - cp -f ../doc/*.1 $(prefix)/share/man/man1 - cp -f ../doc/*.8 $(prefix)/share/man/man8 - gzip -f $(prefix)/share/man/man1/*.1 - gzip -f $(prefix)/share/man/man8/*.8 - cd ../doc ; for i in *.1 *.8 ; do ../src/roffit < $$i \ - > $(prefix)/share/doc/gridsite-$(VERSION)/$$i.html ; done - cp -f htcp $(prefix)/bin - ln -sf htcp $(prefix)/bin/htls - ln -sf htcp $(prefix)/bin/htll - ln -sf htcp $(prefix)/bin/htrm - ln -sf htcp $(prefix)/bin/htmkdir - cp -f gsexec $(prefix)/sbin - cp -f mod_gridsite.so $(prefix)/lib/httpd/modules - -# -# Distributions -# - -# source files tarball -dist: - mkdir -p ../gridsite-$(PATCH_VERSION)/src \ - ../gridsite-$(PATCH_VERSION)/doc \ - ../gridsite-$(PATCH_VERSION)/interface - cp -f ../VERSION ../README ../LICENSE ../CHANGES ../INSTALL \ - ../gridsite-$(PATCH_VERSION) - cp -f Makefile grst*.c htproxyput.c proxyput-example.c htcp.c \ - urlencode.c findproxyfile.c gaclexample.c mod_gridsite.c \ - delegation.h grst_admin.h mod_ssl-private.h \ - gsexec.c gsexec.h \ - roffit gridsite.spec \ - Doxyfile doxygen.css doxyheader.html \ - ../gridsite-$(PATCH_VERSION)/src - cp -f ../doc/*.html ../doc/*.1 ../doc/*.8 ../doc/*.conf ../doc/*.sh \ - ../gridsite-$(PATCH_VERSION)/doc - cp -f ../interface/*.h \ - ../gridsite-$(PATCH_VERSION)/interface - cd .. ; tar zcvf gridsite-$(PATCH_VERSION).src.tar.gz \ - gridsite-$(PATCH_VERSION) - rm -Rf ../gridsite-$(PATCH_VERSION) - - -# binary tarball distribution for htcp users -htcp-bin: htcp - mkdir -p ../htcp-bin-$(PATCH_VERSION)/bin \ - ../htcp-bin-$(PATCH_VERSION)/man/man1 - cp -f ../doc/README.htcp-bin ../htcp-bin-$(PATCH_VERSION) - cp -f htcp ../htcp-bin-$(PATCH_VERSION)/bin - cp -f ../doc/htcp.1 ../doc/htrm.1 ../doc/htls.1 ../doc/htll.1 \ - ../doc/htmkdir.1 ../htcp-bin-$(PATCH_VERSION)/man/man1 - ln -sf htcp ../htcp-bin-$(PATCH_VERSION)/bin/htls - ln -sf htcp ../htcp-bin-$(PATCH_VERSION)/bin/htll - ln -sf htcp ../htcp-bin-$(PATCH_VERSION)/bin/htrm - ln -sf htcp ../htcp-bin-$(PATCH_VERSION)/bin/htmkdir - cd ../htcp-bin-$(VERSION) ; tar zcvf ../htcp-$(VERSION).bin.tar.gz . - rm -Rf ../htcp-bin-$(PATCH_VERSION) - -# RPM targets: build and RPMs go into subdirectories of ../RPMTMP/ -rpm: dist gridsite.spec - rm -Rf $(MYRPMDIR)/BUILDROOT $(MYRPMDIR)/BUILD - mkdir -p $(MYRPMDIR)/SOURCES $(MYRPMDIR)/SPECS $(MYRPMDIR)/BUILD \ - $(MYRPMDIR)/SRPMS $(MYRPMDIR)/RPMS/i386 $(MYRPMDIR)/BUILDROOT - cp -f ../gridsite-$(PATCH_VERSION).src.tar.gz $(MYRPMDIR)/SOURCES - cp -f gridsite.spec $(MYRPMDIR)/SPECS - export MYPREFIX=/usr ; export MYVERSION=$(PATCH_VERSION) ; \ - $(RPMCMD) --define "_topdir $(MYRPMDIR)" \ - -ba --buildroot $(MYRPMDIR)/BUILDROOT gridsite.spec - - -wtf: - pwd - printenv - ls -l - ls -lR /usr/local/ - ls -lR $(GSOAPDIR) diff --git a/org.gridsite.core/src/delegation.h b/org.gridsite.core/src/delegation.h deleted file mode 100644 index e612498..0000000 --- a/org.gridsite.core/src/delegation.h +++ /dev/null @@ -1,12 +0,0 @@ -//gsoap ns service name: delegation -//gsoap ns service style: rpc -//gsoap ns service encoding: encoded -//gsoap ns service namespace: http://www.gridsite.org/ns/delegation.wsdl -//gsoap ns service location: http://localhost/delegserver.cgi - -struct ns__putProxyResponse { } ; - -//gsoap ns schema namespace: urn:delegation -int ns__getProxyReq(char *delegationID, char **request); -int ns__putProxy(char *delegationID, char *proxy, - struct ns__putProxyResponse *unused); diff --git a/org.gridsite.core/src/doxygen.css b/org.gridsite.core/src/doxygen.css deleted file mode 100644 index 97ebc25..0000000 --- a/org.gridsite.core/src/doxygen.css +++ /dev/null @@ -1,49 +0,0 @@ -H1 { text-align: center; } -CAPTION { font-weight: bold } -A.qindex {} -A.qindexRef {} -A.el { text-decoration: none; font-weight: bold } -A.elRef { font-weight: bold } -A.code { text-decoration: none; font-weight: normal; color: #4444ee } -A.codeRef { font-weight: normal; color: #4444ee } -A:hover { text-decoration: none; background-color: #f2f2ff } -DL.el { margin-left: -1cm } -DIV.fragment { width: 100%; border: none; background-color: #eeeeee } -DIV.ah { background-color: black; font-weight: bold; color: #ffffff; margin-bottom: 3px; margin-top: 3px } -TD.md { background-color: #f2f2ff; font-weight: bold; } -TD.mdname1 { background-color: #f2f2ff; font-weight: bold; color: #602020; } -TD.mdname { background-color: #f2f2ff; font-weight: bold; color: #602020; width: 600px; } -DIV.groupHeader { margin-left: 16px; margin-top: 12px; margin-bottom: 6px; font-weight: bold } -DIV.groupText { margin-left: 16px; font-style: italic; font-size: smaller } -XXBODY { background: white } -TD.indexkey { - background-color: #eeeeff; - font-weight: bold; - padding-right : 10px; - padding-top : 2px; - padding-left : 10px; - padding-bottom : 2px; - margin-left : 0px; - margin-right : 0px; - margin-top : 2px; - margin-bottom : 2px -} -TD.indexvalue { - background-color: #eeeeff; - font-style: italic; - padding-right : 10px; - padding-top : 2px; - padding-left : 10px; - padding-bottom : 2px; - margin-left : 0px; - margin-right : 0px; - margin-top : 2px; - margin-bottom : 2px -} -span.keyword { color: #008000 } -span.keywordtype { color: #604020 } -span.keywordflow { color: #e08000 } -span.comment { color: #800000 } -span.preprocessor { color: #806020 } -span.stringliteral { color: #002080 } -span.charliteral { color: #008080 } diff --git a/org.gridsite.core/src/doxyheader.html b/org.gridsite.core/src/doxyheader.html deleted file mode 100644 index af78b52..0000000 --- a/org.gridsite.core/src/doxyheader.html +++ /dev/null @@ -1 +0,0 @@ -

GridSite Version 1.1.x diff --git a/org.gridsite.core/src/findproxyfile.c b/org.gridsite.core/src/findproxyfile.c deleted file mode 100644 index 4485cc5..0000000 --- a/org.gridsite.core/src/findproxyfile.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - Copyright (c) 2002-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -#ifndef VERSION -#define VERSION "0.0.0" -#endif - -#define _GNU_SOURCE - -#include -#include -#include -#include - -#include - -#include "gridsite.h" - -void printsyntax(char *argv0) -{ - char *p; - - p = rindex(argv0, '/'); - if (p != NULL) ++p; - else p = argv0; - - fprintf(stderr, "%s [--outsidecache] [--proxycache=PATH] " - "[--delegation-id=DELEGATION-ID] [--user-dn=USER-DN]\n" - "(Version: %s)\n", p, VERSION); -} - -#define GRST_PROXY_CACHE "/var/www/proxycache" - -int main(int argc, char *argv[]) -{ - char *delegation_id = "_", *proxycache = "", *user_dn = "", - *proxyfile = NULL; - int c, outsidecache = 0, verbose = 0, option_index; - struct option long_options[] = { {"verbose", 0, 0, 'v'}, - {"outsidecache", 0, 0, 0}, - {"proxycache", 1, 0, 0}, - {"delegation-id", 1, 0, 0}, - {"user-dn", 1, 0, 0}, - {0, 0, 0, 0} }; - - if (argc == 1) - { - printsyntax(argv[0]); - return 0; - } - - while (1) - { - option_index = 0; - - c = getopt_long(argc, argv, "v", long_options, &option_index); - - if (c == -1) break; - else if (c == 0) - { - if (option_index == 1) outsidecache = 1; - else if (option_index == 2) proxycache = optarg; - else if (option_index == 3) delegation_id = optarg; - else if (option_index == 4) user_dn = optarg; - } - else if (c == 'v') ++verbose; - } - - if (*user_dn != '\0') /* try to find in proxy cache */ - { - if ((proxycache == NULL) || (*proxycache == '\0')) - proxycache = getenv("GRST_PROXY_CACHE"); - - if ((proxycache == NULL) || (*proxycache == '\0')) - proxycache = GRST_PROXY_CACHE; - - proxyfile = GRSTx509CachedProxyFind(proxycache, delegation_id, user_dn); - } - - if (((proxyfile == NULL) || (*proxyfile == '\0')) && outsidecache) - { - proxyfile = GRSTx509FindProxyFileName(); - } - - if ((proxyfile != NULL) && (*proxyfile != '\0')) - { - puts(proxyfile); - return 0; - } - - fputs("No proxy file found\n", stderr); - - return 1; -} diff --git a/org.gridsite.core/src/gaclexample.c b/org.gridsite.core/src/gaclexample.c deleted file mode 100644 index 5ad29b7..0000000 --- a/org.gridsite.core/src/gaclexample.c +++ /dev/null @@ -1,147 +0,0 @@ -/* - Copyright (c) 2002-3, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*---------------------------------------------------------------* - * For more about GridSite: http://www.gridsite.org/ * - *---------------------------------------------------------------*/ - -/* - Example program using GACL - - Build with: - - gcc -o gaclexample gaclexample.c -L. -I. -lgridsite -lxml2 -lz -lm -*/ - -#include -#include -#include -#include - -int main() -{ - GRSTgaclCred *cred, *usercred; - GRSTgaclEntry *entry; - GRSTgaclAcl *acl1, *acl2; - GRSTgaclUser *user; - GRSTgaclPerm perm0, perm1, perm2; - FILE *fp; - - /* must initialise GACL before using it */ - - GRSTgaclInit(); - - /* build up an ACL, starting with a credential */ - - cred = GRSTgaclCredNew("person"); - - GRSTgaclCredAddValue(cred, "dn", "/O=Grid/CN=Mr Grid Person"); - - /* create an entry to put it in */ - - entry = GRSTgaclEntryNew(); - - /* add the credential to it */ - - GRSTgaclEntryAddCred(entry, cred); - - /* add another credential */ - - cred = GRSTgaclCredNew("dn-list"); - GRSTgaclCredAddValue(cred, "url", "example-dn-list"); - GRSTgaclEntryAddCred(entry, cred); - - fp = fopen("example-dn-list", "w"); - fputs("/O=Grid/CN=Mr Grid Person\n", fp); - fclose(fp); - - /* associate some permissions and denials to the credential */ - - GRSTgaclEntryAllowPerm( entry, GRST_PERM_READ); - GRSTgaclEntryAllowPerm( entry, GRST_PERM_WRITE); - GRSTgaclEntryAllowPerm( entry, GRST_PERM_ADMIN); - GRSTgaclEntryDenyPerm( entry, GRST_PERM_ADMIN); - GRSTgaclEntryDenyPerm( entry, GRST_PERM_LIST); - - perm0 = GRST_PERM_READ | GRST_PERM_WRITE; - - printf("test perm should be %d\n", perm0); - - /* create a new ACL and add the entry to it */ - - acl1 = GRSTgaclAclNew(); - - GRSTgaclAclAddEntry(acl1, entry); - - /* create a GRSTgaclUser to compare with the ACL */ - - usercred = GRSTgaclCredNew("person"); - - GRSTgaclCredAddValue(usercred, "dn", "/O=Grid/CN=Mr Grid Person"); - - user = GRSTgaclUserNew(usercred); - - GRSTgaclUserSetDNlists(user, getcwd(NULL, 0)); - printf("DN Lists dir %s\n", getcwd(NULL, 0)); - -// putenv("GRST_DN_LISTS=."); - - perm1 = GRSTgaclAclTestUser(acl1, user); - - printf("test /O=Grid/CN=Mr Grid Person in acl = %d\n", perm1); - - /* print and save the whole ACL */ - - GRSTgaclAclPrint(acl1, stdout); - - GRSTgaclAclSave(acl1, "example.gacl"); - - puts("gridacl.out saved"); - - puts(""); - - /* load the ACL back off the disk, print and test it */ - - acl2 = GRSTgaclAclLoadFile("example.gacl"); - - puts("gridacl.out loaded"); - - if (acl2 != NULL) GRSTgaclAclPrint(acl2, stdout); else puts("acl2 is NULL"); - - perm2 = GRSTgaclAclTestUser(acl2, user); - - printf("test /O=Grid/CN=Mr Grid Person in acl = %d\n", perm2); - - if (perm1 != perm0) return 1; - if (perm2 != perm0) return 2; - - return 0; -} diff --git a/org.gridsite.core/src/gridsite.spec b/org.gridsite.core/src/gridsite.spec deleted file mode 100644 index f55c349..0000000 --- a/org.gridsite.core/src/gridsite.spec +++ /dev/null @@ -1,101 +0,0 @@ -Name: gridsite -Version: %(echo ${MYVERSION:-1.1.x}) -Release: 1 -Summary: GridSite -Copyright: Modified BSD -Group: System Environment/Daemons -Source: %{name}-%{version}.src.tar.gz -Prefix: %(echo ${MYPREFIX:-/usr}) -URL: http://www.gridsite.org/ -Vendor: GridPP -#Requires: libxml2,curl-ssl,mod_ssl -#Buildrequires: libxml2-devel,curl-ssl-devel,httpd-devel -Packager: Andrew McNab - -%description -GridSite adds GSI, VOMS and GACL support to Apache 2.0 (mod_gridsite), -a library for manipulating these technologies (libgridsite), and CGI -programs for interactive management of HTTP(S) servers (gridsite-admin.cgi) - -See %(echo ${MYPREFIX:-/usr})/share/doc/gridsite-%{version} and -http://www.gridsite.org/ for details. - -%package -n htcp -Group: Applications/Internet -Summary: HTTP(S) read/write client -#Requires: curl-ssl - -%description -n htcp -htcp is a client to fetch files or directory listings from remote -servers using HTTP or HTTPS, or to put or delete files or directories -onto remote servers using HTTPS. htcp is similar to scp(1), but uses -HTTP/HTTPS rather than ssh as its transfer protocol. - -%package gsexec -Group: Applications/Internet -Summary: gsexec binary for the Apache HTTP server -#Requires: curl-ssl - -%description gsexec -This package includes the /usr/sbin/gsexec binary which can be installed -to allow the Apache HTTP server to run CGI programs (and any programs -executed by SSI pages) as a user other than the 'apache' user. gsexec -is a drop-in replacement for suexec, with extended functionality for use -with GridSite and Grid Security credentials. - -%prep - -%setup - -%build -cd src -make prefix=$RPM_BUILD_ROOT/%(echo ${MYPREFIX:-/usr}) \ -GSOAPDIR=$GSOAPDIR OPENSSL_FLAGS=$OPENSSL_FLAGS \ -OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT - -%install -cd src -make install prefix=$RPM_BUILD_ROOT/%(echo ${MYPREFIX:-/usr}) \ -GSOAPDIR=$GSOAPDIR OPENSSL_FLAGS=$OPENSSL_FLAGS \ -OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT - -%post -/sbin/ldconfig -ln -sf %(echo ${MYPREFIX:-/usr})/share/doc/gridsite-%{version} \ - %(echo ${MYPREFIX:-/usr})/share/doc/gridsite - -%postun -rm -f %(echo ${MYPREFIX:-/usr})/share/doc/gridsite - -%files -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite.so.%{version} -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite.so -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite_globus.so.%{version} -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite_globus.so -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/urlencode -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/findproxyfile -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/doc/gridsite-%{version} -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/urlencode.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/findproxyfile.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/include/gridsite.h -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/include/gridsite-gacl.h -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite.a -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite_globus.a -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/httpd/modules/mod_gridsite.so -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/sbin/real-gridsite-admin.cgi - -%files -n htcp -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htcp -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htls -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htll -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htrm -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htmkdir -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htcp.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htrm.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htls.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htll.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htmkdir.1.gz - -%files gsexec -%attr(4510, root, apache) %(echo ${MYPREFIX:-/usr})/sbin/gsexec -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man8/gsexec.8.gz diff --git a/org.gridsite.core/src/grst-delegation.c b/org.gridsite.core/src/grst-delegation.c deleted file mode 100644 index c8f8185..0000000 --- a/org.gridsite.core/src/grst-delegation.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - Copyright (c) 2002-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*---------------------------------------------------------------------------* - * This program is part of GridSite: http://www.gridpp.ac.uk/authz/gridsite/ * - *---------------------------------------------------------------------------*/ - -#ifndef VERSION -#define VERSION "0.0.1" -#endif - -#define _GNU_SOURCE -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include -/* #include */ - -#include "gridsite.h" - -#include "soapH.h" -#include "delegation.nsmap" - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#define GRST_KEYSIZE 512 -#define GRST_PROXYCACHE "/../proxycache/" -#define GRST_SUPPORT_G_HTTPS - -#ifdef GRST_SUPPORT_G_HTTPS -void GRSThttpError(char *status) -{ - printf("Status: %s\n", status); - printf("Server-CGI: GridSite %s\n", VERSION); - printf("Content-Length: %d\n", 2 * strlen(status) + 58); - puts("Content-Type: text/html\n"); - - printf("%s\n", status); - printf("

%s

\n", status); - - exit(0); -} - -int GRSTmethodPutProxy(char *delegation_id, char *user_dn) -/* return 0 on success; non-zero on error */ -{ - int c, len = 0, i; - char *docroot, *contentlen, *contenttype, *proxychain, *proxydir; - FILE *fp; - - if (((contenttype = getenv("CONTENT_TYPE")) == NULL) || - (strcmp(contenttype, "application/x-x509-user-cert-chain") != 0)) - return 2; - - contentlen = getenv("CONTENT_LENGTH"); - if (contentlen == NULL) return 2; - len = atoi(contentlen); - - if ((delegation_id == NULL) || (*delegation_id == '\0')) - delegation_id = "_"; - - docroot = getenv("DOCUMENT_ROOT"); - asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE); - - if ((user_dn == NULL) || (user_dn[0] == '\0') || - (GRSTx509CacheProxy(proxydir, delegation_id, user_dn, proxychain) - != GRST_RET_OK)) - { - return GRST_RET_FAILED; - } - - free(proxydir); - - return GRST_RET_OK; -} -#endif - -int main(int argn, char *argv[]) -{ - char *docroot, *method, *request, *p, *client_dn, *user_dn, - *delegation_id, *reqtxt, *proxydir; - struct soap soap; - -chdir("/var/tmp"); - - method = getenv("REQUEST_METHOD"); - if (strcmp(method, "POST") == 0) - { - soap_init(&soap); - soap_serve(&soap); /* CGI application */ - return 0; - } - -#ifdef GRST_SUPPORT_G_HTTPS - docroot = getenv("DOCUMENT_ROOT"); - - request = strdup(getenv("REQUEST_URI")); - p = index(request, '?'); - if (p != NULL) *p = '\0'; - - - /* non HTTP POST methods - ie special G-HTTPS methods */ - - delegation_id = getenv("HTTP_DELEGATION_ID"); - if ((delegation_id == NULL) || (*delegation_id == '\0')) delegation_id = "_"; - - user_dn = NULL; - client_dn = getenv("SSL_CLIENT_S_DN"); - if (client_dn != NULL) - { - user_dn = strdup(client_dn); - - /* we assume here that mod_ssl has verified proxy chain already ... */ - - p = strstr(user_dn, "/CN=proxy"); - if (p != NULL) *p = '\0'; - - p = strstr(user_dn, "/CN=limited proxy"); - if (p != NULL) *p = '\0'; - } - - if (user_dn == NULL) /* all methods require client auth */ - { - GRSThttpError("403 Forbidden"); - } - else if (strcmp(method, "GET-PROXY-REQ") == 0) - { - docroot = getenv("DOCUMENT_ROOT"); - asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE); - - if (GRSTx509MakeProxyRequest(&reqtxt, proxydir, - delegation_id, user_dn) == 0) - { - puts("Status: 200 OK"); - puts("Content-Type: application/x-x509-cert-request"); - printf("Content-Length: %d\n\n", strlen(reqtxt)); - fputs(reqtxt, stdout); - free(proxydir); - return 0; - } - - puts("Status: 500 Internal Server Error\n"); - free(proxydir); - return 0; - } - else if (strcmp(method, "PUT-PROXY-CERT") == 0) - { - if (GRSTmethodPutProxy(delegation_id, user_dn) == 0) - { - puts("Status: 200 OK\n"); - return 0; - } - - puts("Status: 500 Internal Server Error\n"); - return 0; - } - else - { - GRSThttpError("501 Method Not Implemented"); - } -#endif -} - -int ns__getProxyReq(struct soap *soap, char *delegation_id, - char **request) -{ - char *p, *client_dn, *user_dn, *docroot, *proxydir; - - user_dn = NULL; - client_dn = getenv("SSL_CLIENT_S_DN"); - if (client_dn != NULL) - { - user_dn = strdup(client_dn); - - /* we assume here that mod_ssl has verified proxy chain already ... */ - - p = strstr(user_dn, "/CN=proxy"); - if (p != NULL) *p = '\0'; - - p = strstr(user_dn, "/CN=limited proxy"); - if (p != NULL) *p = '\0'; - } - - if ((delegation_id == NULL) || (*delegation_id == '\0')) delegation_id = "_"; - - docroot = getenv("DOCUMENT_ROOT"); - asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE); - - if ((user_dn != NULL) && (user_dn[0] != '\0') && - (GRSTx509MakeProxyRequest(request, proxydir, - delegation_id, user_dn) == 0)) - { - return SOAP_OK; - } - - return SOAP_ERR; -} - -int ns__putProxy(struct soap *soap, char *delegation_id, - char *proxy, - struct ns__putProxyResponse *unused) -{ - int fd, c, len = 0, i; - char *docroot, *proxydir, *p, *client_dn, *user_dn; - - user_dn = NULL; - client_dn = getenv("SSL_CLIENT_S_DN"); - if (client_dn != NULL) - { - user_dn = strdup(client_dn); - - /* we assume here that mod_ssl has verified proxy chain already ... */ - - p = strstr(user_dn, "/CN=proxy"); - if (p != NULL) *p = '\0'; - - p = strstr(user_dn, "/CN=limited proxy"); - if (p != NULL) *p = '\0'; - } - - if ((delegation_id == NULL) || (*delegation_id == '\0')) - delegation_id = "_"; - - docroot = getenv("DOCUMENT_ROOT"); - asprintf(&proxydir, "%s/%s", docroot, GRST_PROXYCACHE); - - if ((user_dn == NULL) || (user_dn[0] == '\0') || - (GRSTx509CacheProxy(proxydir, delegation_id, user_dn, proxy) - != GRST_RET_OK)) - { - return SOAP_ERR; - } - - return SOAP_OK; -} - diff --git a/org.gridsite.core/src/grst_admin.h b/org.gridsite.core/src/grst_admin.h deleted file mode 100644 index cddc415..0000000 --- a/org.gridsite.core/src/grst_admin.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - Copyright (c) 2002-3, Andrew McNab and Shiv Kaushal, - University of Manchester. All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*------------------------------------------------------------------* - * This program is part of GridSite: http://www.gridsite.org/ * - *------------------------------------------------------------------*/ - -void GRSThttpError(char *); -void adminfooter(GRSThttpBody *, char *, char *, char *, char *); -int GRSTstrCmpShort(char *, char *); -char *makevfilename(char *, size_t, char *); - -/*CGI GACL - Edit interface functions*/ -void show_acl(int admin, GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void new_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void new_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void edit_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void edit_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void add_cred_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void add_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_entry_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_cred_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); - -/*Functions producing messages*/ -//void error(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void admin_continue(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file, GRSThttpBody *bp); - diff --git a/org.gridsite.core/src/grst_admin_file.c b/org.gridsite.core/src/grst_admin_file.c deleted file mode 100644 index b4d47f5..0000000 --- a/org.gridsite.core/src/grst_admin_file.c +++ /dev/null @@ -1,1571 +0,0 @@ -/* - Copyright (c) 2002-3, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*------------------------------------------------------------------* - * This program is part of GridSite: http://www.gridsite.org/ * - *------------------------------------------------------------------*/ - -#ifndef VERSION -#define VERSION "x.x.x" -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -// when porting: remember that sendfile() is very OS-specific! -#include - -#include - -#include "grst_admin.h" - -char *storeuploadfile(char *boundary, int *bufferused) -{ -// rewrite this to copy whole POSTed stdin HTTP body to disk then -// mmap() and pick apart? How to deal with 100MB uploaded files, say? - - char *filebuffer = NULL; - int bufferlen = 0, c, boundarylen; - - *bufferused = 0; - boundarylen = strlen(boundary); - - while ((c = getchar()) != EOF) - { - if (*bufferused > 1024*1024*100) return NULL; - - ++(*bufferused); - - if (*bufferused > bufferlen) - { - bufferlen = bufferlen + 1000; - filebuffer = realloc(filebuffer, (size_t) bufferlen); - } - - filebuffer[*bufferused - 1] = c; - - if ( (*bufferused >= boundarylen + 4) && - (boundary[boundarylen-1] == c) && - (boundary[boundarylen-2] == filebuffer[*bufferused - 2]) && - (strncmp(boundary, &filebuffer[*bufferused - boundarylen], - boundarylen) == 0)) - { - *bufferused = *bufferused - boundarylen - 4; - - if (filebuffer == NULL) return strdup(""); - else return filebuffer; - } - } - - return NULL; -} - -void uploadfile(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *dir_uri, char *admin_file) -{ - char *boundary, *p, oneline[200], *filename = NULL, - tmpfilename[256], *filebuffer = NULL, *filepath, - *vfile, *dir_path_vfile; - int mimestate, bufferused = 0, itworked = 0; - FILE *fp; - GRSThttpBody bp; - -#define MIMESTUNKNOWN 1 -#define MIMESTUPLOAD 2 -#define MIMESTFILENM 3 - - if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden"); - - p = getenv("CONTENT_TYPE"); - boundary = &p[30]; - - mimestate = MIMESTUNKNOWN; - - while (fgets(oneline, sizeof(oneline), stdin) != NULL) - { - if (*oneline == 13) // MIME has CR/LF line breaks, CR=13 - { - if (mimestate == MIMESTUPLOAD) - { - filebuffer = storeuploadfile(boundary, &bufferused); - mimestate = MIMESTUNKNOWN; - } - else if (mimestate == MIMESTFILENM) - { - fgets(tmpfilename, sizeof(tmpfilename), stdin); - if (*tmpfilename != 13) - { - p = index(tmpfilename, 13); - *p = '\0'; - filename = strdup(tmpfilename); - } - mimestate = MIMESTUNKNOWN; - } - } - else if (GRSTstrCmpShort(oneline, - "Content-Disposition: form-data; name=\"uploadfile\"; filename=\"") - == 0) - { - mimestate = MIMESTUPLOAD; - if (filename == NULL) - { - filename = strdup(&oneline[61]); - - p = rindex(&oneline[61], '\\'); - if (p != NULL) { ++p ; filename = p; } - - p = rindex(&oneline[61], '/'); - if (p != NULL) { ++p ; filename = p; } - - p = index(filename, '"'); - if (p != NULL) *p = '\0'; - } - } - else if (GRSTstrCmpShort(oneline, - "Content-Disposition: form-data; name=\"file\"") == 0) - { - mimestate = MIMESTFILENM; - } - } - - if ((filebuffer != NULL) && (bufferused >= 0)) - { - if (filename == NULL) GRSThttpError("403 Forbidden"); - else if ((index(filename, '/') != NULL) || - (strcmp(filename, GRST_ACL_FILE) == 0)) - { - puts("Status: 403 Forbidden filename\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Forbidden filename %s\n", filename); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Forbidden filename %s

\n", - filename); - - GRSThttpPrintf(&bp, - "

New file names cannot include slashes " - "or use the reserved ACL name, %s\n", GRST_ACL_FILE); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); - return; - } - else - { - vfile = makevfilename(filename, bufferused, dn); - asprintf(&dir_path_vfile, "%s/%s", dir_path, vfile); - - fp = fopen(dir_path_vfile, "w"); - if (fp != NULL) - { - if ((fwrite(filebuffer, - sizeof(char), bufferused, fp) == bufferused) && - (fclose(fp) == 0)) - { - asprintf(&filepath, "%s/%s", dir_path, filename); - - unlink(filepath); /* this can fail ok */ - - itworked = (link(dir_path_vfile, filepath) == 0); - } - } - } - - free((void *) filebuffer); - } - - if (itworked) - { - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); - return; - } - - puts("Status: 500 Failed trying to upload\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp, "Failed to upload\n"); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Failed to upload

\n"); - - GRSThttpPrintf(&bp, "

GridSite considers you are authorized " - "to upload the file, but the upload failed. This is " - "probably a web server or operating system level " - "misconfiguration. Consult the site administrator."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -void deletefileaction(char *dn, GRSTgaclPerm perm, char *help_uri, - char *dir_path, char *file, char *dir_uri, - char *admin_file) -{ - int fd, numfiles; - char *dir_path_file, *dir_path_vfile, *p, *vfile, *dnlistsuri, - *fulluri, *server_name, *realfile; - struct stat statbuf; - GRSThttpBody bp; - struct dirent *subdirfile_ent; - DIR *subDIR; - - if (((strcmp(file, GRST_ACL_FILE) != 0) && !GRSTgaclPermHasWrite(perm)) || - ((strcmp(file, GRST_ACL_FILE) == 0) && !GRSTgaclPermHasAdmin(perm))) - GRSThttpError("403 Forbidden"); - - dnlistsuri = getenv("GRST_DN_LISTS_URI"); - if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI"); - - if ((dnlistsuri != NULL) && - (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) == 0)) - realfile = GRSThttpUrlEncode(file); - else if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - else realfile = file; - - dir_path_file = malloc(strlen(dir_path) + strlen(realfile) + 2); - - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, realfile); - - if ((stat(dir_path_file, &statbuf) == 0) && S_ISDIR(statbuf.st_mode)) - { - subDIR = opendir(dir_path_file); - if (subDIR == NULL) numfiles = 99; /* stop deletion */ - else - { - numfiles = 0; - while ((subdirfile_ent = readdir(subDIR)) != NULL) - if (subdirfile_ent->d_name[0] != '.') ++numfiles; - else if (strncmp(subdirfile_ent->d_name, - GRST_ACL_FILE, - sizeof(GRST_ACL_FILE)) == 0) ++numfiles; - closedir(subDIR); - } - - if (numfiles == 0) - { - vfile = makevfilename(file, 0, dn); - dir_path_vfile = malloc(strlen(dir_path) + strlen(vfile) + 2); - strcpy(dir_path_vfile, dir_path); - strcat(dir_path_vfile, "/"); - strcat(dir_path_vfile, vfile); - - if (rename(dir_path_file, dir_path_vfile) == 0) - { - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); - return; - } - } - } - else if (unlink(dir_path_file) == 0) - { - if (strcmp(file, GRST_ACL_FILE) != 0) - { - vfile = makevfilename(file, 0, dn); - dir_path_file = malloc(strlen(dir_path) + strlen(vfile) + 2); - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, vfile); - - fd = open(dir_path_file, O_WRONLY | O_CREAT); - if (fd != -1) close(fd); - } - - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); - - return; - } - - puts("Status: 500 Failed trying to delete\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp, "Error deleting %s%s\n", dir_uri, file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error deleting %s%s

\n", - dir_uri, file); - - GRSThttpPrintf(&bp, "

GridSite considers you are authorized " - "to delete %s, but the delete failed. This is " - "probably a web server or operating system level " - "misconfiguration. Consult the site administrator.", - file); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -void deletefileform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden"); - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp, "Delete %s\n", file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Delete %s

\n", file); - - GRSThttpPrintf(&bp,"
\n",dir_uri,admin_file); - GRSThttpPrintf(&bp,"

Do you really want to delete %s?", file); - GRSThttpPrintf(&bp,"

\n", file); - GRSThttpPrintf(&bp,"\n", file); - GRSThttpPrintf(&bp,"\n"); - GRSThttpPrintf(&bp,"
\n"); - - GRSThttpPrintf(&bp,"

Or " - "return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -void renameform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden"); - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp, "Rename %s\n", file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Rename %s%s

\n", dir_uri, file); - - GRSThttpPrintf(&bp,"
\n",dir_uri,admin_file); - GRSThttpPrintf(&bp,"

What do you want to rename %s to?

", file); - GRSThttpPrintf(&bp,"\n", file); - GRSThttpPrintf(&bp,"

New name: \n", file); - GRSThttpPrintf(&bp,"\n"); - GRSThttpPrintf(&bp,"\n"); - GRSThttpPrintf(&bp,"

\n"); - - GRSThttpPrintf(&bp,"

Or " - "return to " - "directory listing\n", dir_uri, admin_file, dir_uri); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -void editfileaction(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - char *pagetext, *dir_path_file, *vfile, *dir_path_vfile, - *dnlistsuri, *server_name, *fulluri, *realfile; - FILE *fp; - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm) || (strcmp(file, GRST_ACL_FILE) == 0)) - GRSThttpError("403 Forbidden"); - - dnlistsuri = getenv("GRST_DN_LISTS_URI"); - if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI"); - - if ((dnlistsuri != NULL) && - (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) == 0)) - { - realfile = GRSThttpUrlEncode(file); - - if (realfile[0] == '.') GRSThttpError("403 Forbidden"); - } - else if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - else realfile = file; - - asprintf(&dir_path_file, "%s/%s", dir_path, realfile); - - pagetext = GRSThttpGetCGI("pagetext"); - vfile = makevfilename(file, strlen(pagetext), dn); - asprintf(&dir_path_vfile, "%s/%s", dir_path, vfile); - - fp = fopen(dir_path_vfile, "w"); - if (fp == NULL) - { - puts("Status: 500 Failed trying to write\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Error writing %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error writing %s%s

\n", - dir_uri, file); - - GRSThttpPrintf(&bp, - "

GridSite considers you are authorized " - "to write the file, but the write failed. This is " - "probably a web server or operating system level " - "misconfiguration. Consult the site administrator."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); - return; - } - - fwrite(pagetext, strlen(pagetext), sizeof(char), fp); - - fclose(fp); - - unlink(dir_path_file); - - if (link(dir_path_vfile,dir_path_file) != 0) GRSThttpError("403 Forbidden"); - - if ((strlen(file) > 7) && (strcmp(&file[strlen(file) - 5], ".html") == 0)) - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s\n\n", dir_uri, file); - else printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); -} - -void create_acl(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int fd; - char *tmpgacl, *newgacl; - GRSTgaclAcl *acl; - FILE *fp; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError("403 Forbidden"); - - asprintf(&tmpgacl, "%s/.tmp.XXXXXX", dir_path); - asprintf(&newgacl, "%s/%s", dir_path, GRST_ACL_FILE); - - if (((acl = GRSTgaclAclLoadforFile(dir_path)) != NULL) && - ((fd = mkstemp(tmpgacl)) != -1) && - ((fp = fdopen(fd, "w+")) != NULL) && - GRSTgaclAclPrint(acl, fp) && - (fclose(fp) == 0) && - (rename(tmpgacl, newgacl) == 0)) - { - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); - - free(tmpgacl); - free(newgacl); - return; - } - - puts("Status: 500 Failed trying to create\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Error creating %s%s\n", dir_uri, - GRST_ACL_FILE); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error creating %s%s

\n", - dir_uri, GRST_ACL_FILE); - - GRSThttpPrintf(&bp, "

GridSite considers you are authorized " - "to create it, but the create failed. This is " - "probably a web server or operating system level " - "misconfiguration. Consult the site administrator."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); - - free(tmpgacl); - free(newgacl); -} - -void renameaction(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int len; - char *dir_path_file, *vfile, *dir_path_vfile, - *dnlistsuri, *newfile, *dir_path_newfile; - struct stat statbuf; - FILE *fp; - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm) || (strcmp(file, GRST_ACL_FILE) == 0)) - GRSThttpError("403 Forbidden"); - - if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - - dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2); - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, file); - - if (stat(dir_path_file, &statbuf) != 0) GRSThttpError("404 Not Found"); - - newfile = GRSThttpGetCGI("newfile"); - - if ((strcmp(newfile, GRST_ACL_FILE) == 0) || - (strcmp(newfile, file) == 0)) GRSThttpError("403 Forbidden"); - - dir_path_newfile = malloc(strlen(dir_path) + strlen(newfile) + 2); - strcpy(dir_path_newfile, dir_path); - strcat(dir_path_newfile, "/"); - strcat(dir_path_newfile, newfile); - - vfile = makevfilename(newfile, statbuf.st_size, dn); - dir_path_vfile = malloc(strlen(dir_path) + strlen(vfile) + 2); - strcpy(dir_path_vfile, dir_path); - strcat(dir_path_vfile, "/"); - strcat(dir_path_vfile, vfile); - - unlink(dir_path_newfile); /* just in case */ - - if ((link(dir_path_file, dir_path_vfile ) == 0) && - (link(dir_path_file, dir_path_newfile) == 0) && - (unlink(dir_path_file) == 0)) - { - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s\n\n", dir_uri); - return; - } - - puts("Status: 500 Failed trying to rename\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Error renaming %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error renaming %s%s

\n", - dir_uri, file); - - GRSThttpPrintf(&bp, "

GridSite considers you are authorized " - "to rename it, but the rename failed. This is " - "probably a web server or operating system level " - "misconfiguration. Consult the site administrator."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -void newdirectory(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int len; - char *dir_path_file, *vfile, *dir_path_vfile, *filedup; - FILE *fp; - GRSThttpBody bp; - - if ((file[0] == '\0') || - !GRSTgaclPermHasWrite(perm) || (strcmp(file, GRST_ACL_FILE) == 0)) - GRSThttpError("403 Forbidden"); - - filedup = strdup(file); - if (filedup[strlen(filedup)-1] == '/') filedup[strlen(filedup)-1] = '\0'; - if (index(filedup, '/') != NULL) GRSThttpError("403 Forbidden"); - - dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2); - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, file); - - if (mkdir(dir_path_file, 0751) == 0) - { - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); - return; - } - - puts("Status: 500 Failed trying to create\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Error create %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error creating directory %s%s

\n", - dir_uri, file); - - GRSThttpPrintf(&bp, - "

GridSite considers you are authorized " - "to create the directory, but the creation failed. This " - "is probably a web server or operating system level " - "misconfiguration. Consult the site administrator."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "parent directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -void editdnlistaction(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int numdn = 0, ifd, ofd, numdnlines = 0, i, found; - char *dir_path_file, *dir_path_tmpfile, *realfile, - *dnlistsuri, *server_name, *fulldiruri, *p, oneline[513], - **dnlines, name[81], *add; - FILE *ofp; - struct stat statbuf; - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden"); - - dnlistsuri = getenv("GRST_DN_LISTS_URI"); - if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI"); - - server_name = getenv("SERVER_NAME"); - - if ((server_name == NULL) || - (dnlistsuri == NULL) || - (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) != 0)) - GRSThttpError("403 Forbidden"); - - asprintf(&fulldiruri, "https://%s%s", server_name, dir_uri); - - if ((strncmp(fulldiruri, file, strlen(fulldiruri)) != 0) && - ((strncmp(fulldiruri, file, strlen(fulldiruri) - 1) != 0) || - (strlen(fulldiruri) - 1 != strlen(file)))) - { - puts("Status: 403 Forbidden\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Error writing %s\n", file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error writing %s to %s

\n", - file, dir_uri); - - GRSThttpPrintf(&bp, "

You cannot create a DN List " - "with that prefix in this directory. Please see the " - "the GridSite User's Guide for an explanation."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); - return; - } - - p = GRSThttpGetCGI("numdn"); - if ((p == NULL) || (sscanf(p, "%d", &numdn) != 1)) - GRSThttpError("500 No number of DNs"); - - if (numdn > 0) - { - dnlines = malloc(sizeof(char *) * numdn); - - for (i=1; i <= numdn; ++i) - { - sprintf(name, "dn%d", i); - p = GRSThttpGetCGI(name); - - if (*p != '\0') - { - dnlines[numdnlines] = p; - ++numdnlines; - } - } - } - - add = GRSThttpGetCGI("add"); - - realfile = GRSThttpUrlEncode(file); - - dir_path_file = malloc(strlen(dir_path) + strlen(realfile) + 2); - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, realfile); - - dir_path_tmpfile = malloc(strlen(dir_path) + 13); - strcpy(dir_path_tmpfile, dir_path); - strcat(dir_path_tmpfile, "/.tmp.XXXXXX"); - - if (((ofd = mkstemp(dir_path_tmpfile)) != -1) && - ((ofp = fdopen(ofd, "w")) != NULL)) - { - if (*add != '\0') - { - fputs(add, ofp); - fputc('\n', ofp); - } - - for (i=0; i < numdnlines; ++i) - { - fputs(dnlines[i], ofp); - fputc('\n', ofp); - } - - if ((fclose(ofp) == 0) && - ((stat(dir_path_file, &statbuf) != 0) || - (unlink(dir_path_file) == 0)) && - (rename(dir_path_tmpfile, dir_path_file) == 0)) - { - printf("Status: 302 Moved Temporarily\nContent-Length: 0\n" - "Location: %s%s?cmd=managedir\n\n", dir_uri, admin_file); - return; - } - } - - puts("Status: 500 Failed trying to write\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Error writing %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Error writing %s%s

\n", - dir_uri, file); - - GRSThttpPrintf(&bp, "

GridSite considers you are authorized " - "to write the file, but the write failed. This is " - "probably a web server or operating system level " - "misconfiguration. Consult the site administrator."); - - GRSThttpPrintf(&bp,"

" - "Return to " - "directory listing\n", dir_uri, admin_file); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); - - /* try to clean up */ - if (stat(dir_path_tmpfile, &statbuf) == 0) unlink(dir_path_tmpfile); -} - -void printfile(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int fd; - char *dir_path_file; - struct stat statbuf; - - if (!GRSTgaclPermHasRead(perm)) GRSThttpError("403 Forbidden"); - - if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - - dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2); - - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, file); - - fd = open(dir_path_file, O_RDONLY); - if (fd == -1) GRSThttpError("500 Internal server error"); - - if ((fstat(fd, &statbuf) != 0) || - !S_ISREG(statbuf.st_mode)) GRSThttpError("403 Forbidden"); - - printf("Status: 200 OK\nContent-Type: text/html\nContent-Length: %d\n\n", - statbuf.st_size); - - fflush(stdout); - - sendfile(1, fd, 0, statbuf.st_size); -} - -void filehistory(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int fd, n, i, j, enclen, num = 0; - char *encodedfile, *p, *dndecoded, modified[99], *vfile, *q, - *encdn; - time_t file_time; - size_t file_size; - struct stat statbuf; - struct dirent **namelist; - struct tm file_tm; - GRSThttpBody bp; - - if (!GRSTgaclPermHasRead(perm)) GRSThttpError("403 Forbidden"); - - if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - GRSThttpPrintf(&bp, "History of %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - GRSThttpPrintf(&bp, - "

History of %s%s

\n", - dir_uri, file, dir_uri, file); - - asprintf(&vfile, "%s/%s", dir_path, file); - if (stat(vfile, &statbuf) == 0) - { - localtime_r((const time_t *) &(statbuf.st_mtime), &file_tm); - strftime(modified, sizeof(modified), - "%a %e %b %Y %k:%M", &file_tm); - - GRSThttpPrintf(&bp, "

Last modified: %s\n", modified); - } - free(vfile); - - encodedfile = GRSThttpUrlEncode(file); - for (p=encodedfile; *p != '\0'; ++p) if (*p == '%') *p = '='; - enclen = strlen(encodedfile); - - n = scandir(dir_path, &namelist, 0, alphasort); - - if (n > 0) - { - for (i = n - 1; i >= 0; --i) - { - if ((strncmp(namelist[i]->d_name, GRST_HIST_PREFIX, - sizeof(GRST_HIST_PREFIX) - 1) == 0) && - ((namelist[i]->d_name)[sizeof(GRST_HIST_PREFIX) - 1] == ':') && - (strncmp(&((namelist[i]->d_name)[sizeof(GRST_HIST_PREFIX)]), - encodedfile, enclen) == 0) && - ((namelist[i]->d_name)[sizeof(GRST_HIST_PREFIX)+enclen] == ':')) - { - if (num == 0) GRSThttpPrintf(&bp, - "

\n" - "" - "\n"); - - ++num; - - p = index(namelist[i]->d_name, ':'); - p = index(&p[1], ':'); - sscanf(&p[1], "%X:", &file_time); - p = index(&p[1], ':'); /* skip over microseconds time */ - p = index(&p[1], ':'); - sscanf(&p[1], "%X:", &file_size); - p = index(&p[1], ':'); - - encdn = strdup(&p[1]); - q = index(encdn, ':'); - if (q != NULL) *q = '\0'; - - for (q=encdn; *q != '\0'; ++q) if (*q == '=') *q = '%'; - dndecoded = GRSThttpUrlDecode(encdn); - - localtime_r((const time_t *) &file_time, &file_tm); - strftime(modified, sizeof(modified), - "%a %e %b %Y %k:%M", &file_tm); - - GRSThttpPrintf(&bp, - "\n", - modified, file_size, dndecoded); - - free(dndecoded); - - asprintf(&vfile, "%s/%s", dir_path, namelist[i]->d_name); - if ((stat(vfile, &statbuf) == 0) && (statbuf.st_size > 0)) - { - GRSThttpPrintf(&bp, "\n", - dir_uri, admin_file, dir_uri, namelist[i]->d_name); - else GRSThttpPrintf(&bp, "%s%s\">View\n", - dir_uri, namelist[i]->d_name); - } - else GRSThttpPrintf(&bp, ""); - - free(vfile); - } - } - } - - if (num > 0) GRSThttpPrintf(&bp, "
DateSize afterChanged by
%s%d%sView
 
\n"); - else GRSThttpPrintf(&bp, "

No history for this file\n"); - - if (GRSTgaclPermHasList(perm)) - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - else adminfooter(&bp, dn, help_uri, dir_uri, NULL); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); -} - -void ziplist(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - char *shellcmd, *unzip, oneline[129]; - FILE *fp; - GRSThttpBody bp; - - if (!GRSTgaclPermHasRead(perm)) GRSThttpError("403 Forbidden"); - - if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - GRSThttpPrintf(&bp, "Contents of %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - GRSThttpPrintf(&bp, - "

Contents of ZIP file %s%s

\n", - dir_uri, file, dir_uri, file); - - unzip = getenv("GRST_UNZIP"); - if (unzip == NULL) unzip = getenv("REDIRECT_GRST_UNZIP"); - - if (unzip != NULL) - { - GRSThttpPrintf(&bp, "
\n");
-      asprintf(&shellcmd, "cd %s ; %s -Z %s", dir_path, unzip, file);
-      fp = popen(shellcmd, "r");
-  
-      while (fgets(oneline, sizeof(oneline), fp) != NULL)           
-                          GRSThttpPrintf(&bp, "%s", oneline);         
-      pclose(fp);
-      GRSThttpPrintf(&bp, "
\n"); - - if (GRSTgaclPermHasWrite(perm)) - GRSThttpPrintf(&bp, - "

" - " in %s" - "" - "
" - "

(All files are placed in the same directory and files " - "beginning with "." are ignored.)

\n", - dir_uri, admin_file, dir_uri, file); - } - else GRSThttpPrintf(&bp, "

unzip path not defined!\n"); - - if (GRSTgaclPermHasList(perm)) - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - else adminfooter(&bp, dn, help_uri, dir_uri, NULL); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); -} - -void unzipfile(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - char *shellcmd, *unzip, oneline[129]; - FILE *fp; - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden"); - - if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - GRSThttpPrintf(&bp, "Unzipping %s%s\n", dir_uri, file); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - GRSThttpPrintf(&bp, - "

Unzipping %s%s

\n", - dir_uri, file, dir_uri, file); - - unzip = getenv("GRST_UNZIP"); - if (unzip == NULL) unzip = getenv("REDIRECT_GRST_UNZIP"); - - if (unzip != NULL) - { - GRSThttpPrintf(&bp, "
\n");
-      asprintf(&shellcmd, "cd %s ; %s -jo %s -x '.*'", dir_path, unzip, file);
-      fp = popen(shellcmd, "r");
-  
-      while (fgets(oneline, sizeof(oneline), fp) != NULL)           
-                          GRSThttpPrintf(&bp, "%s", oneline);         
-      pclose(fp);
-      GRSThttpPrintf(&bp, "
\n"); - - if (GRSTgaclPermHasList(perm)) - GRSThttpPrintf(&bp, "

" - "Back to " - "directory", dir_uri, admin_file); - } - else GRSThttpPrintf(&bp, "

unzip path not defined!\n"); - - if (GRSTgaclPermHasList(perm)) - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - else adminfooter(&bp, dn, help_uri, dir_uri, NULL); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); -} - -void editfileform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int fd, rawpagesize, i, c; - char *dir_path_file, *rawpage, *p; - FILE *fp = NULL; - struct stat statbuf; - GRSThttpBody bp; - - if (!GRSTgaclPermHasWrite(perm)) GRSThttpError("403 Forbidden"); - - if (index(file, '/') != NULL) GRSThttpError("403 Forbidden"); - - dir_path_file = malloc(strlen(dir_path) + strlen(file) + 2); - - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, file); - - fd = open(dir_path_file, O_RDONLY); - if (fd != -1) - { - fp = fdopen(fd, "r"); - if (fp == NULL) GRSThttpError("500 File open failed!"); - - if ((fstat(fd, &statbuf) != 0) || - !S_ISREG(statbuf.st_mode)) GRSThttpError("500 Not a regular file!"); - } - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp, "Edit file %s\n", file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Edit file %s

\n", file); - - GRSThttpPrintf(&bp,"
\n",dir_uri,admin_file); - GRSThttpPrintf(&bp,"

\n"); - GRSThttpPrintf(&bp,"

File name: \n", file); - GRSThttpPrintf(&bp,"\n"); - GRSThttpPrintf(&bp,"

\n"); - GRSThttpPrintf(&bp, "

\n"); - GRSThttpPrintf(&bp, "

\n"); - - if (fp != NULL) fclose(fp); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); -} - -void editdnlistform(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *file, char *dir_uri, char *admin_file) -{ - int fd, i, c, numdn = 0; - char *dir_path_file, *rawpage, *p, *dnlistsuri, *server_name, *fulluri, - *realfile, oneline[513]; - FILE *fp = NULL; - struct stat statbuf; - GRSThttpBody bp; - - dnlistsuri = getenv("GRST_DN_LISTS_URI"); - if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI"); - - if (!GRSTgaclPermHasWrite(perm) || - (dnlistsuri == NULL) || - (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) != 0)) - GRSThttpError("403 Forbidden"); - - realfile = GRSThttpUrlEncode(file); - - dir_path_file = malloc(strlen(dir_path) + strlen(realfile) + 2); - - strcpy(dir_path_file, dir_path); - strcat(dir_path_file, "/"); - strcat(dir_path_file, realfile); - - fd = open(dir_path_file, O_RDONLY); - if (fd != -1) /* we dont mind open failing, but it must work if it doesnt */ - { - fp = fdopen(fd, "r"); - if (fp == NULL) GRSThttpError("500 File open failed!"); - - if ((fstat(fd, &statbuf) != 0) || - !S_ISREG(statbuf.st_mode)) GRSThttpError("500 Not a regular file!"); - } - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp, "Edit DN List %s\n", file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Edit DN List

\n"); - - GRSThttpPrintf(&bp,"
\n",dir_uri,admin_file); - GRSThttpPrintf(&bp,"

\n"); - GRSThttpPrintf(&bp,"

List URL: \n", file, strlen(file)); - GRSThttpPrintf(&bp,"\n"); - - if (fp != NULL) - { - GRSThttpPrintf(&bp, "

\n" - "\n"); - - while (fgets(oneline, sizeof(oneline), fp) != NULL) - { - ++numdn; - - p = rindex(oneline, '\n'); - if (p != NULL) *p = '\0'; - - GRSThttpPrintf(&bp, "" - "\n", numdn, oneline, oneline); - } - - GRSThttpPrintf(&bp,"
Keep?Name
%s
\n"); - } - - GRSThttpPrintf(&bp,"\n", numdn); - - GRSThttpPrintf(&bp, "

Add new DN: \n"); - - GRSThttpPrintf(&bp,"

\n"); - GRSThttpPrintf(&bp, "

\n"); - - if (fp != NULL) fclose(fp); - - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); -} - -void managedir(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *dir_uri, char *admin_file) -{ - int n, is_dnlists_dir = 0, enclen, numfiles, encprefixlen; - char *d_namepath, modified[99], *absaclpath, *editable, *p, *unzip, - *dnlistsuri, *d_name, *server_name, *fulluri, *encfulluri, - *encprefix, *dnlistsprefix; - GRSThttpBody bp; - struct tm mtime_tm; - struct stat statbuf; - struct dirent **namelist, *subdirfile_ent; - DIR *subDIR; - - if (((!GRSTgaclPermHasWrite(perm)) && - (!GRSTgaclPermHasList(perm))) || - (stat(dir_path, &statbuf) != 0) || !S_ISDIR(statbuf.st_mode)) - GRSThttpError("403 Forbidden"); - - editable = getenv("GRST_EDITABLE"); - if (editable == NULL) editable = getenv("REDIRECT_GRST_EDITABLE"); - - unzip = getenv("GRST_UNZIP"); - if (unzip == NULL) unzip = getenv("REDIRECT_GRST_UNZIP"); - - dnlistsuri = getenv("GRST_DN_LISTS_URI"); - if (dnlistsuri == NULL) dnlistsuri = getenv("REDIRECT_GRST_DN_LISTS_URI"); - - if (dnlistsuri && (strncmp(dnlistsuri, dir_uri, strlen(dnlistsuri)) == 0)) - { - is_dnlists_dir = 1; - server_name = getenv("SERVER_NAME"); - - asprintf(&fulluri, "https://%s%s", server_name, dir_uri); - encfulluri = GRSThttpUrlEncode(fulluri); - enclen = strlen(encfulluri); - - asprintf(&dnlistsprefix, "https://%s%s", server_name, dnlistsuri); - encprefix = GRSThttpUrlEncode(dnlistsprefix); - encprefixlen = strlen(encprefix); - } - - printf("Status: 200 OK\nContent-Type: text/html\n"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintf(&bp,"Manage directory %s\n", dir_uri); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpPrintf(&bp, "

Manage directory %s

\n\n", dir_uri); - - if (dir_uri[1] != '\0') - GRSThttpPrintf(&bp, - "\n", admin_file); - - if (GRSTgaclPermHasList(perm) || GRSTgaclPermHasAdmin(perm)) - { - absaclpath = malloc(strlen(dir_path) + sizeof(GRST_ACL_FILE) + 1); - strcpy(absaclpath, dir_path); - strcat(absaclpath, "/"); - strcat(absaclpath, GRST_ACL_FILE); - - if (stat(absaclpath, &statbuf) == 0) /* ACL exists in THIS directory */ - { - localtime_r(&(statbuf.st_mtime), &mtime_tm); - strftime(modified, sizeof(modified), - "", - &mtime_tm); - - if (!is_dnlists_dir) - { - GRSThttpPrintf(&bp, - "" - "%s\n", - GRST_ACL_FILE, - GRST_ACL_FILE, - statbuf.st_size, modified); - - GRSThttpPrintf(&bp, - "", - dir_uri, admin_file, GRST_ACL_FILE); - } - else GRSThttpPrintf(&bp, - "" - "%s\n", - GRST_ACL_FILE, - statbuf.st_size, modified); - - if (GRSTgaclPermHasAdmin(perm)) - GRSThttpPrintf(&bp, - "" - "", - dir_uri, admin_file, - dir_uri, admin_file, GRST_ACL_FILE); - else if (GRSTgaclPermHasRead(perm)) - GRSThttpPrintf(&bp, - "" - "", dir_uri, admin_file); - else GRSThttpPrintf(&bp, "\n"); - - GRSThttpPrintf(&bp, "\n"); - } - else if (GRSTgaclPermHasAdmin(perm)) - GRSThttpPrintf(&bp, "\n" - "\n" - "\n", - dir_uri, admin_file); - } - - if (GRSTgaclPermHasList(perm)) - { - n = scandir(dir_path, &namelist, 0, alphasort); - while (n--) - { - if (namelist[n]->d_name[0] != '.') - { - d_namepath = malloc(strlen(dir_path) + - strlen(namelist[n]->d_name) + 2); - strcpy(d_namepath, dir_path); - strcat(d_namepath, "/"); - strcat(d_namepath, namelist[n]->d_name); - stat(d_namepath, &statbuf); - - if (S_ISDIR(statbuf.st_mode)) - { - subDIR = opendir(d_namepath); - - if (subDIR == NULL) numfiles = 99; /* stop deletion */ - else - { - numfiles = 0; - while ((subdirfile_ent = readdir(subDIR)) != NULL) - if (subdirfile_ent->d_name[0] != '.') ++numfiles; - else if (strncmp(subdirfile_ent->d_name, - GRST_ACL_FILE, - sizeof(GRST_ACL_FILE)) == 0) ++numfiles; - - closedir(subDIR); - } - } - - free(d_namepath); - - localtime_r(&(statbuf.st_mtime), &mtime_tm); - strftime(modified, sizeof(modified), - "", - &mtime_tm); - - if (S_ISDIR(statbuf.st_mode)) - { - GRSThttpPrintf(&bp, - "" - "%s\n", - dir_uri, namelist[n]->d_name, admin_file, - namelist[n]->d_name, - statbuf.st_size, modified); - - if (numfiles == 0) - GRSThttpPrintf(&bp, - "\n", - dir_uri, admin_file, namelist[n]->d_name); - else GRSThttpPrintf(&bp, "\n"); - - GRSThttpPrintf(&bp, "\n"); - } - else if (is_dnlists_dir) - { - if ((strlen(namelist[n]->d_name) <= encprefixlen) || - (strncmp(namelist[n]->d_name, encprefix, - encprefixlen) != 0)) continue; - - d_name = GRSThttpUrlDecode(namelist[n]->d_name); - - GRSThttpPrintf(&bp, "" - "%s" - "", - d_name, d_name, - statbuf.st_size, modified); - - if (GRSTgaclPermHasWrite(perm)) - GRSThttpPrintf(&bp, "" - "" - "" - "" - "\n", - dir_uri, admin_file, d_name); - else GRSThttpPrintf(&bp, "\n"); - - if (GRSTgaclPermHasWrite(perm)) - GRSThttpPrintf(&bp, "" - "" - "" - "" - "\n", - dir_uri, admin_file, d_name); - else GRSThttpPrintf(&bp, "\n"); - - GRSThttpPrintf(&bp, ""); - } - else /* regular directory, not DN Lists */ - { - d_name = namelist[n]->d_name; - - GRSThttpPrintf(&bp, - "" - "%s", - dir_uri, d_name, - d_name, - statbuf.st_size, modified); - - GRSThttpPrintf(&bp, - "", - dir_uri, admin_file, d_name); - - p = rindex(namelist[n]->d_name, '.'); - - if ((unzip != NULL) && - (p != NULL) && - (strcasecmp(&p[1], "zip") == 0) && - GRSTgaclPermHasRead(perm)) - GRSThttpPrintf(&bp, - "\n", - dir_uri, admin_file, d_name); - else if ((p != NULL) && - (strstr(editable, &p[1]) != NULL) && - GRSTgaclPermHasWrite(perm)) - GRSThttpPrintf(&bp, - "\n", - dir_uri, admin_file, d_name); - else GRSThttpPrintf(&bp, ""); - - if (GRSTgaclPermHasWrite(perm)) - GRSThttpPrintf(&bp, - "\n", dir_uri, admin_file, d_name); - else - GRSThttpPrintf(&bp, "\n"); - - if (GRSTgaclPermHasWrite(perm)) - GRSThttpPrintf(&bp, - "\n", dir_uri, admin_file, d_name); - else - GRSThttpPrintf(&bp, ""); - } - } - - free(namelist[n]); - } - - free(namelist); - } - - if (GRSTgaclPermHasWrite(perm)) - { - if (is_dnlists_dir) - { - GRSThttpPrintf(&bp, "\n" - "" - "\n" - "\n", - dir_uri, admin_file, fulluri, strlen(fulluri)+8); - - GRSThttpPrintf(&bp, "\n" - "\n" - "\n", - dir_uri, admin_file); - } - else - { - GRSThttpPrintf(&bp, "\n" - "\n" - "" - "\n" - "\n" - "\n", - dir_uri, admin_file); - - GRSThttpPrintf(&bp, - "\n" - "\n" - "" - "" - "\n" - "" - "\n" - "\n", dir_uri, admin_file); - } - } - - GRSThttpPrintf(&bp, "
[Parent " - "directory]
%R%e %b %y
%s%ld" - "History
%s%ldEditDeleteView    
%R%e %b %y
" - "%s/%ld " - "Delete  
%s%ld 
 
  
%s%ld" - "History" - "List" - "Edit " - "Delete " - "Rename
 
New list name: " - "\n" - "
New directory: " - "\n" - "
New name:\n" - "
Upload file:New name: " - "
Local name:
\n"); - - if (!is_dnlists_dir) adminfooter(&bp, dn, help_uri, dir_uri, NULL); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); -} - diff --git a/org.gridsite.core/src/grst_admin_gacl.c b/org.gridsite.core/src/grst_admin_gacl.c deleted file mode 100644 index 2cb517a..0000000 --- a/org.gridsite.core/src/grst_admin_gacl.c +++ /dev/null @@ -1,980 +0,0 @@ -/* - Copyright (c) 2003-5, Shiv Kaushal, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*-----------------------------------------------------------* -* This program is part of GridSite: http://www.gridsite.org/ * -*------------------------------------------------------------*/ - -#include -#include -#include -#include -#include -#include - -extern char *grst_perm_syms[]; -extern int grst_perm_vals[]; - -#include "grst_admin.h" - -// CGI GACL Editor interface functions -void show_acl(int admin, GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void new_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void new_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void edit_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void edit_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void add_cred_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void add_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_entry_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void del_cred_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void admin_continue(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file, GRSThttpBody *bp); - -// Functions for producing HTML output -void StartHTML(GRSThttpBody *bp, char *dir_uri, char* dir_path); -void StartForm(GRSThttpBody *bp, char* dir_uri, char* dir_path, char* admin_file, int timestamp, char* target_function); -void EndForm(GRSThttpBody *bp); -void GRSTgaclCredTableStart(GRSThttpBody *bp); -void GRSTgaclCredTableAdd(GRSTgaclUser *user, GRSTgaclEntry *entry, GRSTgaclCred *cred, GRSTgaclNamevalue *namevalue, int cred_no, int entry_no, int admin, int timestamp, GRSThttpBody *bp, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); -void GRSTgaclCredTableEnd(GRSTgaclEntry* entry, int entry_no, int admin, int timestamp, GRSThttpBody *bp, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); - -// ACL Manipulation functions -int GACLentriesInAcl(GRSTgaclAcl *acl); -int GRSTgaclCredsInEntry(GRSTgaclEntry *entry); -void check_acl_save(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file, GRSTgaclUser* user, GRSTgaclAcl *acl, GRSThttpBody *bp); -void GACLeditGetPerms(GRSTgaclEntry *entry); -GRSTgaclEntry *GACLreturnEntry(GRSTgaclAcl *acl, int entry_no); -GRSTgaclCred *GACLreturnCred(GRSTgaclEntry *entry, int cred_no); - -void StringHTMLEncode (char* string, GRSThttpBody *bp); - -void revert_acl(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file); - -/*****************************************/ -/********** FUNCTIONS FOLLOW *************/ -/*****************************************/ - -void show_acl(int admin, GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Shows the contents of the ACL. Gives edit 'buttons' if (int admin) == 1 - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclNamevalue *namevalue; - int entry_no, cred_no, allow, deny,timestamp; - GRSThttpBody bp; - char* AclFilename; - struct stat file_info; - int history_mode=0; - - if (admin==2){ - history_mode=1; - admin=0; - } - - /*double-check access permision*/ - if (!GRSTgaclPermHasAdmin(perm)) admin=0; - - StartHTML(&bp, dir_uri, dir_path); - - /* Load ACL from file and get timestamp*/ - if (history_mode==1) { - AclFilename=malloc(strlen(dir_path)+strlen(file)+2); - strcpy(AclFilename, dir_path); - strcat(AclFilename, "/"); - strcat(AclFilename, file); - } - else AclFilename=GRSTgaclFileFindAclname(dir_path); - - if (AclFilename==NULL){ - GRSThttpPrintf ( &bp,"The ACL was not found !!!
\n"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; - } - - stat(GRSTgaclFileFindAclname(dir_path), &file_info); - timestamp=file_info.st_mtime; - acl = GRSTgaclAclLoadFile(AclFilename); - - if (acl==NULL){ - GRSThttpPrintf ( &bp,"The ACL was found but could not be loaded - it could be incorrectly formatted
\n"); - adminfooter(&bp, dn, help_uri, dir_uri, NULL); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(&bp); - return; - } - - if (admin) GRSThttpPrintf (&bp,"New Entry
\n", dir_uri, admin_file, dir_uri, timestamp ); - - // Start with the first entry in the list and work through - entry=acl->firstentry; - entry_no=1; - while (entry!=NULL){ - - GRSThttpPrintf (&bp,"
Entry %d:\n", entry_no); - if (admin){ - GRSThttpPrintf (&bp,"Edit Entry ", dir_uri, admin_file, entry_no, dir_uri, timestamp ); - GRSThttpPrintf (&bp,"Delete Entry ",dir_uri, admin_file, entry_no, dir_uri, timestamp ); - GRSThttpPrintf (&bp,"

\n"); - } - - GRSTgaclCredTableStart(&bp); - - // Start with the first credential in the entry and work through - cred=entry->firstcred; - cred_no=1; - while (cred!=NULL){ - namevalue=cred->firstname; - GRSTgaclCredTableAdd(user, entry, cred, namevalue, cred_no, entry_no, admin, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - // Change to next credential - cred=cred->next; - cred_no++; - } - - GRSTgaclCredTableEnd (entry, entry_no, admin, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - // Change to next entry - entry=entry->next; - entry_no++; - } - - if (!admin && GRSTgaclPermHasAdmin(perm) && !history_mode) //Print a link for admin mode, if not in admin mode but the user has admin permissions - GRSThttpPrintf (&bp,"Admin Mode", dir_uri, admin_file, dir_uri, timestamp ); - if (history_mode==1 && GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"), user)){ - StartForm(&bp, dir_uri, dir_path, admin_file, timestamp, "revert_acl"); -//GRSThttpPrintf (&bp,"Revert to this Version", dir_uri, admin_file, dir_uri, timestamp, file ); - GRSThttpPrintf (&bp, "\n", file); - // Revert Button - GRSThttpPrintf (&bp, "

\n\n"); - } - - adminfooter(&bp, dn, help_uri, dir_uri, NULL); - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); GRSThttpWriteOut(&bp); return; -} - - -void new_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm,char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Presents the user with a form asking for details required to create a new entry - GRSThttpBody bp; - int timestamp=atol(GRSThttpGetCGI("timestamp")); - GRSTgaclCred* cred; - GRSTgaclEntry *entry; - GRSTgaclNamevalue* namevalue; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - StartHTML(&bp, dir_uri, dir_path); - StartForm(&bp, dir_uri, dir_path, admin_file, timestamp, "new_entry"); - GRSThttpPrintf (&bp, "NEW ENTRY IN ACL FOR %s

\n", dir_uri); - - GRSTgaclCredTableStart(&bp); - GRSTgaclCredTableAdd(user, entry,cred, namevalue, 0, 0, 0, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - GRSTgaclCredTableEnd (entry, 0, 0, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - - /*Submit and reset buttons - submit button sends the data in the form back to the script & new_entry() to be called*/ - EndForm(&bp); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; -} - -void new_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Processes the information entered into the form from new_entry_form() and adds a new entry to the ACL - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - char *type, *value; - GRSThttpBody bp; - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - // Get new credential info and perform checks - type=GRSThttpGetCGI("type"); - value=GRSThttpGetCGI("cred0_value"); - - if (strcmp(type, "not_chosen")==0){ - GRSThttpError ("500 Invalid input - credential type not chosen"); - return; - } - - // Create the credential - cred=GRSTgaclCredNew(type); - if (strcmp(type, "person")==0) GRSTgaclCredAddValue(cred,"dn", value); - else if (strcmp(type, "dn-list")==0) GRSTgaclCredAddValue(cred, "url", value); - else if (strcmp(type, "voms")==0) GRSTgaclCredAddValue(cred, "fqan", value); - else if (strcmp(type, "dns")==0) GRSTgaclCredAddValue(cred, "hostname", value); - else if (strcmp(type, "any-user")==0) {} // namevalue not entered for any-user credential - else{ - GRSThttpError ("500 Invalid input - credential type not valid"); - return; - } - - // Create and empty entry, add the credential and get permissions - entry = GRSTgaclEntryNew(); - GRSTgaclEntryAddCred(entry, cred); - GACLeditGetPerms(entry); - - // Load the ACL, add the entry and save - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path)); - GRSTgaclAclAddEntry(acl, entry); - check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp); - return; -} - -void del_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Deletes the entry denoted by the GCI variable "entry_no"*/ - int entry_no; - GRSTgaclAcl *acl; - GRSTgaclEntry *previous, *entry; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - // Load the ACL - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path)); - - // Get the number of the entry to be deleted and check okay to delete - entry_no=atol(GRSThttpGetCGI("entry_no")); - if(GACLentriesInAcl(acl)<=1){ - StartHTML(&bp, dir_uri, dir_path); - GRSThttpPrintf (&bp, "ERROR: Cannot delete all entries from the ACL
\n"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; - } - - // Get pointer to entry and previous entry - entry = GACLreturnEntry(acl, entry_no); - if (entry_no!=1) previous = GACLreturnEntry(acl, entry_no-1); - - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read entry from ACL file"); - return; - } - - // Perform deletion from the list by changing pointers - if (entry_no==1) acl->firstentry=entry->next; - else if (entry_no==GACLentriesInAcl(acl)) previous->next=NULL; - else previous->next=entry->next; - - // Save ACL and exit - check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp); - - return; -} - - -void edit_entry_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Presents the user with an editable form containing details of entry denoted by CGI variable entry_no*/ - int entry_no, cred_no, i, admin=0, timestamp=atol(GRSThttpGetCGI("timestamp")); - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclNamevalue *namevalue; - // struct _GACLnamevalue *namevalue; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - // Load ACL from file - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path)); - - // Get pointer to the entry and check okay - entry_no=atol(GRSThttpGetCGI("entry_no")); - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - StartHTML(&bp, dir_uri, dir_path); - GRSThttpPrintf (&bp, "EDITING ENTRY %d IN ACL FOR %s

\n", entry_no, dir_uri); - - // Start with first credential in the entry and display them in order*/ - cred=entry->firstcred; - cred_no=1; - StartForm(&bp, dir_uri, dir_path, admin_file, timestamp, "edit_entry"); - GRSThttpPrintf (&bp, "\n", entry_no); - - GRSTgaclCredTableStart(&bp); - - while (cred!=NULL){ - // Start with the first namevalue in the credential - namevalue=cred->firstname; - GRSTgaclCredTableAdd(user, entry, cred, namevalue, cred_no, entry_no, admin, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - // Change to next credential - cred=cred->next; - cred_no++; - } - GRSTgaclCredTableEnd (entry, entry_no, admin, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - EndForm(&bp); - - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; -} - - -void edit_entry(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - //Processes the information entered into the form from edit_entry_form() and updates the entry corresponding to entry_no*/ - int entry_no, cred_no, i; - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclNamevalue *namevalue; - char variable[30]; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - // Load the ACL - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path)); - - // Get pointer to the entry and perform checks - entry_no=atol(GRSThttpGetCGI("entry_no")); - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - // Start with the first credential and update each one - cred=entry->firstcred; - cred_no=1; - - while (cred!=NULL){ - if (strcmp(cred->type, "any-user")!=0){ - namevalue=cred->firstname; - sprintf(variable, "cred%d_value", cred_no); - namevalue->value=GRSThttpGetCGI(variable); - } - //Change to next credential*/ - cred=cred->next; - cred_no++; - } - - // Update permissions - GACLeditGetPerms(entry); - check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp); - return; -} - - -void add_cred_form(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Presents the user with a form asking for details required to create a new credential in the entry denoted by entry_no - GRSThttpBody bp; - int timestamp=atol(GRSThttpGetCGI("timestamp")), entry_no=atol(GRSThttpGetCGI("entry_no")); - GRSTgaclAcl *acl; - GRSTgaclEntry* entry; - GRSTgaclCred* cred; - GRSTgaclNamevalue* namevalue; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path)); // Load the ACL - - //Get pointer to the entry and perform checks - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - - if (strcmp(GRSThttpGetCGI("cmd"), "add_cred_form")==0){ //if not a new entry check to see if cred exists - cred=entry->firstcred; - while (cred!=NULL) { - if (strcmp (cred->type, "any-user")==0) { - StartHTML(&bp, dir_uri, dir_path); - GRSThttpPrintf (&bp, "ERROR: AND-ing \"any-user\" credential with other credential does not make sense
\n"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; - } - cred=cred->next; - } - } - - StartHTML(&bp, dir_uri, dir_path); - GRSThttpPrintf (&bp, " NEW CREDENTIAL IN ENTRY %d OF ACL FOR %s

\n", entry_no, dir_uri); - StartForm(&bp, dir_uri, dir_path, admin_file, timestamp, "add_cred"); - - GRSThttpPrintf (&bp, " \n", entry_no); - - GRSTgaclCredTableStart(&bp); - GRSTgaclCredTableAdd(user, entry, cred, namevalue, 0, 0, 0, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - GRSTgaclCredTableEnd (entry, 0, 0, timestamp, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - - EndForm(&bp); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; -} - - -void add_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Processes the information entered into the form [add_cred_form()]and adds a new credential to the entry corresponding to entry_no - int entry_no; - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSThttpBody bp; - char *type, *value; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path));// Load the ACL - - // Get pointer to the entry and perform checks - entry_no=atol(GRSThttpGetCGI("entry_no")); - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl)){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - // Create new credential and add it to entry - type=GRSThttpGetCGI("type"); - value=GRSThttpGetCGI("cred0_value"); - cred=GRSTgaclCredNew(type); - if (strcmp(type, "person") ==0) GRSTgaclCredAddValue(cred,"dn", value); - else if (strcmp(type, "dn-list") ==0) GRSTgaclCredAddValue(cred, "url", value); - else if (strcmp(type, "voms") ==0) GRSTgaclCredAddValue(cred, "fqan", value); - else if (strcmp(type, "dns") ==0) GRSTgaclCredAddValue(cred, "hostname", value); - else if (strcmp(type, "any-user")==0) {}// namevalue not entered for any-user credential - else{ - GRSThttpError ("500 Credential type not valid"); - return; - } - GRSTgaclEntryAddCred(entry, cred); - - check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp); - return; -} - - -void del_cred(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Deletes the credential denoted by the GCI variable "cred_no", in the entry denoted by "entry_no" - int entry_no, cred_no; - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *previous, *cred; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path)); - - // Get pointer to the entry and perform checks - entry_no=atol(GRSThttpGetCGI("entry_no")); - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - // Get pointer the the credential and perform checks - cred_no=atol(GRSThttpGetCGI("cred_no")); - cred=GACLreturnCred(entry, cred_no); - if(entry==NULL || entry_no<1 || cred_no>GRSTgaclCredsInEntry(entry)){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - // Get pointer to previous credential - if needed - if (cred_no!=1) previous = GACLreturnCred(entry, cred_no-1); - - // Perform deletion from the list by changing pointers - if (cred_no==1) entry->firstcred=cred->next; - else if (cred_no==GRSTgaclCredsInEntry(entry)) previous->next=NULL; - else previous->next=cred->next; - - check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp); - return; -} - -void admin_continue(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file, GRSThttpBody *bp){ - // Single line printed out to forward users back to show_acl in admin mode - // Should ALWAYS called from another function so no HTML header required - // Should ALWAYS be the end of a page - GRSThttpPrintf (bp, "\n
Click Here to return to the editor", dir_uri,admin_file,dir_uri, time(NULL)); - adminfooter(bp, dn, help_uri, dir_uri, NULL); - GRSThttpPrintHeaderFooter(bp, dir_path, GRST_FOOTFILE); - GRSThttpWriteOut(bp); - return; -} - - -void del_entry_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Prints out entry denoted by entry_no and asks if the user really wants to delete it - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclNamevalue *namevalue; - int entry_no, cred_no, allow, deny, i, timestamp; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path));// Load ACL from file - - if (acl==NULL){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - // Get pointer to the entry and check okay - entry_no=atol(GRSThttpGetCGI("entry_no")); - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - StartHTML(&bp, dir_uri, dir_path); - GRSThttpPrintf (&bp, "

Do you really want to delete the following entry?



\n"); - GRSThttpPrintf (&bp,"
Entry %d:
\n", entry_no); - - // Print the entry out - // Start with the first credential in the entry and work through - cred=entry->firstcred; - cred_no=1; - - GRSTgaclCredTableStart(&bp); - while (cred!=NULL){ - // Start with the first namevalue in the credential - namevalue=cred->firstname; - GRSTgaclCredTableAdd(user, entry, cred, namevalue, cred_no, entry_no, 0, 0, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - // Change to next credential - cred=cred->next; - cred_no++; - } - - GRSTgaclCredTableEnd (entry, entry_no, 0, 0, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - - StartForm(&bp, dir_uri, dir_path, admin_file, atol(GRSThttpGetCGI("timestamp")), "del_entry"); - GRSThttpPrintf (&bp, "\n", entry_no); - GRSThttpPrintf (&bp, "

\n\n"); - - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; -} - -void del_cred_sure(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Prints out credential denoted by entry_no/cred_no and asks if the user really wants to delete it - GRSTgaclAcl *acl; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclNamevalue *namevalue; - int entry_no, cred_no, allow, deny, timestamp, i; - GRSThttpBody bp; - - if (!GRSTgaclPermHasAdmin(perm)) GRSThttpError ("403 Forbidden"); - - acl = GRSTgaclAclLoadFile(GRSTgaclFileFindAclname(dir_path));// Load ACL from file - - if (acl==NULL){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - // Get pointer to the entry and check okay - entry_no=atol(GRSThttpGetCGI("entry_no")); - entry = GACLreturnEntry(acl, entry_no); - if(entry==NULL || entry_no<1 || entry_no>GACLentriesInAcl(acl) ){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - // Get pointer to the credential and check okay - cred_no=atol(GRSThttpGetCGI("cred_no")); - cred=GACLreturnCred(entry, cred_no); - if(entry==NULL || entry_no<1 || cred_no>GRSTgaclCredsInEntry(entry)){ - GRSThttpError ("500 Unable to read from ACL file"); - return; - } - - if(GRSTgaclCredsInEntry(entry)<=1){ - del_entry_sure(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - return; - } - - StartHTML(&bp, dir_uri, dir_path); - GRSThttpPrintf (&bp, "

Do you really want to delete the following credential from entry %d?



", entry_no); - - // Print the credential out - GRSTgaclCredTableStart(&bp); - GRSTgaclCredTableAdd(user, entry, cred, cred->firstname, cred_no, entry_no, 0, 0, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - GRSTgaclCredTableEnd (entry, entry_no, 0, 0, &bp, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - GRSThttpPrintf (&bp,"
\n"); - - // Yes Button - StartForm(&bp, dir_uri, dir_path, admin_file, atol(GRSThttpGetCGI("timestamp")), "del_cred"); - GRSThttpPrintf (&bp, "\n", entry_no); - GRSThttpPrintf (&bp, "\n", cred_no); - GRSThttpPrintf (&bp, "

\n\n"); - - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, &bp); - return; -} - - -int GACLentriesInAcl(GRSTgaclAcl *acl){ - // Returns the number of entries in acl - GRSTgaclEntry *entry; - int number; - - entry=acl->firstentry; - number=0; - - while (entry!=NULL) - { - number++; - entry=entry->next; - } - - return number; -} - -int GRSTgaclCredsInEntry(GRSTgaclEntry *entry){ - // Returns the number of credentials in entry - int number; - GRSTgaclCred *cred; - - cred=entry->firstcred; - number=0; - - while (cred!=NULL) - { - number++; - cred=cred->next; - } - - return number; -} - - -void GACLeditGetPerms(GRSTgaclEntry *entry){ - // Updates the permissions entry using permissions from a form produced using GRSTgaclCredTableEnd - int i; - char buf[30]; - - - for (i=0; grst_perm_syms[i]!=NULL; i++) /* Print the list of allowed permissions*/ - { - sprintf (buf, "allow_%s", grst_perm_syms[i]); // Update allowed - if (strcmp (GRSThttpGetCGI(buf), "ON") == 0 ) GRSTgaclEntryAllowPerm(entry, grst_perm_vals[i]); else GRSTgaclEntryUnallowPerm(entry, grst_perm_vals[i]); - - sprintf (buf, "deny_%s", grst_perm_syms[i]); // Update denied - if (strcmp (GRSThttpGetCGI(buf), "ON") == 0 ) GRSTgaclEntryDenyPerm(entry, grst_perm_vals[i]); else GRSTgaclEntryUndenyPerm(entry, grst_perm_vals[i]); - - } - - return; -} - -GRSTgaclEntry *GACLreturnEntry(GRSTgaclAcl *acl, int entry_no){ - // Returns a pointer to entry in ACL denoted by entry_no, returns NULL if not found - int number; - GRSTgaclEntry *entry; - - if (acl==NULL) return NULL; - - entry=acl->firstentry; - number=1; - - while (entry!=NULL) - { - if (number==entry_no) return entry; - number++; - entry=entry->next; - } - - return NULL; -} - - -GRSTgaclCred *GACLreturnCred(GRSTgaclEntry *entry, int cred_no){ - // Returns a pointer to credential denoted by cred_no in entry, returns NULL if not found - int number; - GRSTgaclCred *cred; - - if (entry==NULL) return NULL; - - cred=entry->firstcred; - number=1; - - while (cred!=NULL) - { - if (number==cred_no) return cred; - number++; - cred=cred->next; - } - - return NULL; -} -void StartHTML(GRSThttpBody *bp, char *dir_uri, char* dir_path){ - //Start HTML output and insert page title - printf("Status: 200 OK\nContent-Type: text/html\n"); - GRSThttpBodyInit(bp); - GRSThttpPrintf(bp, "Access Control List for %s\n", dir_uri); - GRSThttpPrintHeaderFooter(bp, dir_path, GRST_HEADFILE); - return; -} -void StartForm(GRSThttpBody *bp, char* dir_uri, char* dir_path, char* admin_file, int timestamp, char* target_function){ - // Starts an HTML form with gridsite admin as the target and target_function as the value of cmd. - // Also inputs the dir_uri and the timestamp - GRSThttpPrintf (bp, "
\n", dir_uri, admin_file, dir_uri); - GRSThttpPrintf (bp, " \n", target_function); - GRSThttpPrintf (bp, " \n", timestamp); - return; -} - -void EndForm(GRSThttpBody *bp){ - GRSThttpPrintf (bp, "

\n"); - GRSThttpPrintf (bp, "
\n"); - return; -} - -void GRSTgaclCredTableStart(GRSThttpBody *bp){ - //Starts an HTML table of credentials by setting the column widths and inputting the headings - GRSThttpPrintf (bp,""); - GRSThttpPrintf (bp,""); - return; -} - -void GRSTgaclCredTableAdd(GRSTgaclUser *user, GRSTgaclEntry *entry, GRSTgaclCred *cred, GRSTgaclNamevalue *namevalue, int cred_no, int entry_no, int admin, int timestamp, GRSThttpBody *bp, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Adds the credential "cred" to a table started byGRSTgaclCredTableStart allowing the user to edit if appropriate - char* cmd = GRSThttpGetCGI("cmd"); - int edit_values=0, new_cred=0, allow_new_person=1; - int site_admin=GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"), user); - - if (strcmp(cmd, "new_entry_form")==0 || strcmp(cmd, "add_cred_form")==0) new_cred=1; - if (new_cred || strcmp(cmd, "edit_entry_form")==0) edit_values=1; - - if (new_cred) { /*Print out type and descriptor*/ - if (strcmp(cmd, "add_cred_form")==0){ /*if not a new entry check to see if cred exists.*/ - cred=entry->firstcred; - while (cred!=NULL) {if (strcmp (cred->type, "person")==0) allow_new_person=0; cred=cred->next;} - } - //create dummy credential for the user to edit - cred=GRSTgaclCredNew("new"); - GRSTgaclCredAddValue(cred, "", ""); - namevalue=cred->firstname; - //Drop down list of types - GRSThttpPrintf(bp,""); - GRSThttpPrintf(bp,""); - } - - else { //Print out type and descriptor for existing cred - - GRSThttpPrintf(bp,""); -} - -void GRSTgaclCredTableEnd(GRSTgaclEntry* entry, int entry_no, int admin, int timestamp, GRSThttpBody *bp, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - // Finishes off a table of credentials by inputting "Add Credential" link and a list of premissions in the final row - int i, blank_perms, edit_perms, show_perms; - char* cmd = GRSThttpGetCGI("cmd"); - - if (strcmp(cmd, "add_cred_form")==0 ||strcmp(cmd, "del_cred_sure")==0) show_perms=0; else show_perms=1; - if (strcmp(cmd, "edit_entry_form")==0 || strcmp(cmd, "new_entry_form")==0) edit_perms=1; else edit_perms=0; - if (strcmp(cmd, "new_entry_form")==0) blank_perms=1; else blank_perms=0; - - // If showing the last row is not required then exit - if (show_perms==0){GRSThttpPrintf (bp,"
Credential No.TypeValue
New"); - GRSThttpPrintf (bp, "
%d", cred_no); - if (admin) GRSThttpPrintf (bp,"(Delete)", dir_uri,admin_file,dir_uri, entry_no, cred_no, timestamp); - GRSThttpPrintf(bp, "%s ", cred->type); - } - - if (strcmp(cred->type, "any-user")==0) GRSThttpPrintf (bp, " "); /* Do not print out namevalue for any-user credential*/ - else{ - if (edit_values){ // Place namevalue in an editable box if appropriate - GRSThttpPrintf (bp, "value, bp); - GRSThttpPrintf (bp, "\">"); - } - else if (strcmp(cred->type, "dn-list")==0){ - GRSThttpPrintf(bp, "value, bp); - GRSThttpPrintf(bp, " \">"); - StringHTMLEncode(namevalue->value, bp); - GRSThttpPrintf(bp, ""); - } - else { GRSThttpPrintf(bp, " "); StringHTMLEncode(namevalue->value, bp);} - - } - //Print out warning symbol if cred being printed relates to current user - but NOT for users in site admin list - if (GRSTgaclUserHasCred(user, cred) && !site_admin) GRSThttpPrintf(bp, " <--"); - GRSThttpPrintf(bp, "

\n"); return;} - - GRSThttpPrintf (bp,""); - - if (admin) GRSThttpPrintf (bp,"Add Credential", dir_uri,admin_file,dir_uri, entry_no, timestamp); - - GRSThttpPrintf (bp, "\n "); - - if (blank_perms) entry->allowed=entry->denied=GRST_PERM_NONE; - - // Show Permissions - will produce a list or a list of check boxes depending on whether the permissions are to be edited or not - GRSThttpPrintf (bp, "Allowed: "); - for (i=0; grst_perm_syms[i]!=NULL; i++) /* Print the list of allowed permissions*/ - { - if ( entry->allowed & grst_perm_vals[i]){ - if (edit_perms) GRSThttpPrintf (bp, "%s   \n", grst_perm_syms[i],grst_perm_syms[i]); - else GRSThttpPrintf(bp,"%s ", grst_perm_syms[i]); if (strcmp(grst_perm_syms[i], "none")==0) break; - } - else if (strcmp(grst_perm_syms[i], "none")!=0 && edit_perms) GRSThttpPrintf (bp, "%s   \n", grst_perm_syms[i],grst_perm_syms[i]); - } - - if (edit_perms) GRSThttpPrintf (bp, "

"); - GRSThttpPrintf (bp, "Denied: "); - for (i=0; grst_perm_syms[i]!=NULL; i++) /* Print the list of denied permissions*/ - { - if ( entry->denied & grst_perm_vals[i]) - { - if (edit_perms) GRSThttpPrintf (bp, "%s   \n", grst_perm_syms[i],grst_perm_syms[i]); - else GRSThttpPrintf(bp,"%s ", grst_perm_syms[i]); - if (strcmp(grst_perm_syms[i], "none")==0) break; - } - else if (strcmp(grst_perm_syms[i], "none")!=0 && edit_perms) GRSThttpPrintf (bp, "%s   \n", grst_perm_syms[i],grst_perm_syms[i]); - } - - GRSThttpPrintf (bp, ""); - GRSThttpPrintf (bp,"
\n"); - GRSThttpPrintf (bp,"\n"); -} - -void check_acl_save(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file, GRSTgaclUser* user, GRSTgaclAcl *acl, GRSThttpBody *bp){ - // Checks if the acl for the current directory has been changed, check the current user's permissions. - // If all is okay the ACl is saved -> returns 1 else returns 0 - struct stat file_info; - GRSTgaclPerm new_perm; - char *vfile, *dir_path_vfile, *dir_path_file; - FILE *fp; - - - /*Check ACL has not been modified*/ - stat(GRSTgaclFileFindAclname(dir_path), &file_info); - if (atol(GRSThttpGetCGI("timestamp"))!=file_info.st_mtime){ - StartHTML(bp, dir_uri, dir_path); - GRSThttpPrintf (bp, "ERROR: CANNOT SAVE CHANGES

The ACL has been modified since it was last viewed\n

"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp); - return; - } - - // check users permissions in the new ACL - - if (!GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"), user)) - { - new_perm = GRSTgaclAclTestUser(acl, user); - if (new_perm != perm){ - StartHTML(bp, dir_uri, dir_path); - if (!GRSTgaclPermHasAdmin(new_perm)){//Check that user still has Admin permissions - if not then exit without saving the new ACL - GRSThttpPrintf (bp, "ERROR: CANNOT SAVE CHANGES\n\n

You cannot deny yourself admin access from within the editor\n"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp); - return; - } - //Functions to inform of other permission changes come next - GRSThttpPrintf (bp, "WARNING: OPERATION CHANGED YOUR PERMISSIONS!\n\n

You still have Admin permissions

\n"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp); - return; - } - } - // ACL not modified, notified of permission changes - can now save - - dir_path_file=GRSTgaclFileFindAclname(dir_path); - vfile=makevfilename(".gacl", file_info.st_size, dn); // Make temporary file name - dir_path_vfile = malloc(strlen(dir_path) + strlen(vfile) + 2); - strcpy(dir_path_vfile, dir_path); - strcat(dir_path_vfile, "/"); - strcat(dir_path_vfile, vfile); - - - // save the new ACL to the temporary file in the correct format using the GridsiteACLFormat directive - - if (strcasecmp(getenv("REDIRECT_GRST_ACL_FORMAT"), "XACML") ==0) GRSTxacmlAclSave(acl, dir_path_vfile); - else if (strcasecmp(getenv("REDIRECT_GRST_ACL_FORMAT"), "GACL") ==0) GRSTgaclAclSave(acl, dir_path_vfile); - else - { - GRSThttpPrintf (bp, "ERROR: ACL type not correctly specified"); - admin_continue(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, bp); - return; - } - - - unlink(dir_path_file); - if (link (dir_path_vfile,dir_path_file)!=0) GRSThttpError("403 Forbidden"); - - printf ("Status: 302 Moved Temporarily\n Content Length: 0\nLocation: %s%s?cmd=admin_acl\n\n", dir_uri, admin_file); - return; -} - -void StringHTMLEncode (char* string, GRSThttpBody *bp){ - - char* current_char; - char* tmp; - int n; - tmp=malloc(2); - - *(tmp+1)='\0'; - current_char=string; - while(*current_char != '\0'){ - - if (*current_char == '<') GRSThttpPrintf (bp,"<"); - else if (*current_char == '>') GRSThttpPrintf (bp,">"); - else if (*current_char == '&') GRSThttpPrintf (bp,"&"); - else if (*current_char == '\'') GRSThttpPrintf (bp,"'"); - else if (*current_char == '"') GRSThttpPrintf (bp,"""); - else{ - *tmp=*current_char; - GRSThttpPrintf(bp, "%s", tmp); - - } - current_char++; - } - return; -} - -void revert_acl(GRSTgaclUser *user, char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, char *file, char *dir_uri, char *admin_file){ - char *AclFilename; - GRSTgaclAcl *acl; - GRSThttpBody bp; - // Load the old ACL, add the entry and save - AclFilename=malloc(strlen(dir_path)+strlen(file)+2); - strcpy(AclFilename, dir_path); - strcat(AclFilename, "/"); - strcat(AclFilename, file); - - acl = GRSTgaclAclLoadFile(AclFilename); - check_acl_save(dn, perm, help_uri, dir_path, file, dir_uri, admin_file, user, acl, &bp); - return; -} diff --git a/org.gridsite.core/src/grst_admin_main.c b/org.gridsite.core/src/grst_admin_main.c deleted file mode 100644 index a9e9f0e..0000000 --- a/org.gridsite.core/src/grst_admin_main.c +++ /dev/null @@ -1,378 +0,0 @@ -/* - Andrew McNab and Shiv Kaushal, University of Manchester. - Copyright (c) 2002-5. All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*------------------------------------------------------------------* - * This program is part of GridSite: http://www.gridsite.org/ * - *------------------------------------------------------------------*/ - -#ifndef VERSION -#define VERSION "x.x.x" -#endif - -#ifndef _GNU_SOURCE -#define _GNU_SOURCE -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -// when porting: remember that sendfile() is very OS-specific! -#include - -#include - -#include "grst_admin.h" - -/* - - GridSite human/interactive management interface. This should produce - a CGI executable, usually ./sbin/real-gridsite-admin.cgi, which is - called from HTML forms either by GET or POST methods or both (ie input - present in both QUERY_STRING and the stdin of the CGI process.) - - The CGI name/value pairs used are: - - cmd = edit, managedir, print, history - file = short name of file, without path - - If real-gridsite-admin.cgi is run by an internal redirection inside - mod_gridsite (as should ALWAYS be the case) then the environment - variable REDIRECT_GRST_DIR_PATH will be set to the full path of - the directory holding the file in question. This respects any complex - URI -> file path mapping done by Apache. - -*/ - -void GRSThttpError(char *status) -{ - printf("Status: %s\n", status); - printf("Server-CGI: GridSite Admin %s\n", VERSION); - printf("Content-Length: %d\n", 2 * strlen(status) + 58); - puts("Content-Type: text/html\n"); - - printf("%s\n", status); - printf("

%s

\n", status); - - exit(0); -} - -void adminfooter(GRSThttpBody *bp, char *dn, char *help_uri, char *dir_uri, - char *admin_file) -{ - GRSThttpPrintf(bp, "

\n"); - - if (dn != NULL) GRSThttpPrintf(bp, "

You are %s
\n", dn); - else GRSThttpPrintf(bp, "
\n"); - - if (admin_file != NULL) - GRSThttpPrintf(bp, "" - "Manage directory .\n", - dir_uri, admin_file); - else GRSThttpPrintf(bp, "" - "Back to directory .\n", dir_uri); - - if (help_uri != NULL) - GRSThttpPrintf(bp, "Website Help .\n", help_uri); - - if ((getenv("GRST_NO_LINK") == NULL) && - (getenv("REDIRECT_GRST_NO_LINK") == NULL)) - GRSThttpPrintf(bp, "Built with " - "GridSite %s\n", - VERSION); - - GRSThttpPrintf(bp, "\n"); -} - -int GRSTstrCmpShort(char *long_s, char *short_s) -{ - while (*short_s != '\0') - { - if (*long_s > *short_s) return +1; - if (*long_s < *short_s) return -1; - - ++long_s; - ++short_s; - } - - return 0; -} - -char *makevfilename(char *publicname, size_t size, char *dn) -{ - int i; - char *ext, *vfilename, *encpublicname, *encdn, *p; - struct timeval tv_now; - - gettimeofday(&tv_now, NULL); - - ext = rindex(publicname, '.'); - if (ext == NULL) ext = ""; - - encpublicname = GRSThttpUrlEncode(publicname); - for (p=encpublicname; *p != '\0'; ++p) if (*p == '%') *p = '='; - - encdn = GRSThttpUrlEncode(dn); - for (p=encdn; *p != '\0'; ++p) if (*p == '%') *p = '='; - - /* we used zero-padding for times so - alphanumeric sorting will sort chronologically too */ - - asprintf(&vfilename, "%s:%s:%08X:%05X:%X:%s:%s", GRST_HIST_PREFIX, - encpublicname, tv_now.tv_sec, tv_now.tv_usec, size, encdn, ext); - - return vfilename; -} - -void justheader(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *dir_uri, char *admin_file) -{ - GRSThttpBody bp; - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_HEADFILE); - - GRSThttpWriteOut(&bp); -} - -void justfooter(char *dn, GRSTgaclPerm perm, char *help_uri, char *dir_path, - char *dir_uri, char *admin_file) -{ - GRSThttpBody bp; - - puts("Status: 200 OK\nContent-Type: text/html"); - - GRSThttpBodyInit(&bp); - - if (GRSTgaclPermHasList(perm) || GRSTgaclPermHasWrite(perm) - || GRSTgaclPermHasAdmin(perm)) - adminfooter(&bp, dn, help_uri, dir_uri, admin_file); - - GRSThttpPrintHeaderFooter(&bp, dir_path, GRST_FOOTFILE); - - GRSThttpWriteOut(&bp); -} - -int main() -{ - int i, gsiproxylimit_i = 1; - char *cmd, *dir_uri, *file, *dir_path, *admin_file, *dn = NULL, - *help_uri, *p, *content_type, *request_uri, *button, - *grst_cred_0, *gsiproxylimit, *dn_lists, buf[12]; - GRSTgaclCred *cred; - GRSTgaclUser *user = NULL; - GRSTgaclAcl *acl; - GRSTgaclPerm perm = GRST_PERM_NONE; - - help_uri = getenv("REDIRECT_GRST_HELP_URI"); /* can be NULL */ - admin_file = getenv("REDIRECT_GRST_ADMIN_FILE"); - dir_path = getenv("REDIRECT_GRST_DIR_PATH"); - request_uri = getenv("REQUEST_URI"); - - if ((dir_path == NULL) || (admin_file == NULL) || (request_uri == NULL)) - { - puts("Status: 500 Internal Server Error\nContent-type: text/plain\n\n" - "REDIRECT_GRST_DIR_PATH or REDIRECT_GRST_ADMIN_FILE " - "or REQUEST_URI missing"); - return; - } - - GRSTgaclInit(); - - grst_cred_0 = getenv("GRST_CRED_0"); - - if ((grst_cred_0 != NULL) && (cred = GRSTx509CompactToCred(grst_cred_0))) - { - gsiproxylimit = getenv("REDIRECT_GRST_GSIPROXY_LIMIT"); - if (gsiproxylimit != NULL) sscanf(gsiproxylimit, "%d", &gsiproxylimit_i); - - if (GRSTgaclCredGetDelegation(cred) <= gsiproxylimit_i) - { - user = GRSTgaclUserNew(cred); - - if ((p = index(grst_cred_0, ' ')) && - (p = index(++p, ' ')) && - (p = index(++p, ' ')) && - (p = index(++p, ' '))) dn = &p[1]; - } - /* User has a cert so check for voms attributes */ - for(i=1; ; i++) - { - sprintf (buf, "GRST_CRED_%d", i); - - - grst_cred_0 = getenv(buf); - if (grst_cred_0==NULL) break; - - if (cred=GRSTx509CompactToCred(grst_cred_0)) - GRSTgaclUserAddCred(user, cred); - } - /* no more voms attributes found found */ - } - else if ((dn = getenv("SSL_CLIENT_S_DN")) != NULL) - { - cred = GRSTgaclCredNew("person"); - GRSTgaclCredAddValue(cred, "dn", dn); - user = GRSTgaclUserNew(cred); - } - - dn_lists = getenv("REDIRECT_GRST_DN_LISTS"); - if (dn_lists == NULL) dn_lists = getenv("GRST_DN_LISTS"); - if (dn_lists != NULL) GRSTgaclUserSetDNlists(user, dn_lists); - - if (GRSTgaclDNlistHasUser(getenv("REDIRECT_GRST_ADMIN_LIST"), - user)) perm = GRST_PERM_ALL; - else - { - p = getenv("REMOTE_HOST"); - if (p != NULL) - { - cred = GRSTgaclCredNew("dns"); - GRSTgaclCredAddValue(cred, "hostname", p); - - if (user == NULL) user = GRSTgaclUserNew(cred); - else GRSTgaclUserAddCred(user, cred); - } - - acl = GRSTgaclAclLoadforFile(dir_path); - if (acl != NULL) perm = GRSTgaclAclTestUser(acl, user); - } - - /* we're relying on being a CGI with all this un-free()ed strdup()ing */ - - dir_uri = strdup(request_uri); - p = rindex(dir_uri, '?'); - if (p != NULL) *p = '\0'; - p = rindex(dir_uri, '/'); - if (p != NULL) p[1] = '\0'; - - content_type = getenv("CONTENT_TYPE"); - - if ((content_type != NULL) && - (GRSTstrCmpShort(content_type, "multipart/form-data; boundary=") == 0)) - { - uploadfile(dn, perm, help_uri, dir_path, dir_uri, admin_file); - return 0; - } - - cmd = GRSThttpGetCGI("cmd"); - file = GRSThttpGetCGI("file"); - button = GRSThttpGetCGI("button"); - - /* file and directory functions in grst_admin_file.c */ - - if (strcmp(cmd, "header") == 0) - justheader(dn, perm, help_uri, dir_path, dir_uri, admin_file); - else if (strcmp(cmd, "footer") == 0) - justfooter(dn, perm, help_uri, dir_path, dir_uri, admin_file); - else if (strcmp(cmd, "managedir") == 0) - managedir(dn, perm, help_uri, dir_path, dir_uri, admin_file); - else if (strcmp(cmd, "print") == 0) - printfile(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "history") == 0) - filehistory(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "editdnlist") == 0) - editdnlistform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "edit") == 0) - { - if ((strcasecmp(button, "new directory") == 0) || - (strcasecmp(button, "Create") == 0)) - newdirectory(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else - editfileform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - } - else if (strcmp(cmd, "editaction") == 0) - editfileaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "editdnlistaction") == 0) - editdnlistaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "delete") == 0) - deletefileform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "deleteaction") == 0) - deletefileaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "rename") == 0) - renameform(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "renameaction") == 0) - renameaction(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "ziplist") == 0) - ziplist(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "unzipfile") == 0) - unzipfile(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "create_acl") == 0) - create_acl(dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - - /* GACL functions in grst_admin_gacl.c */ - - else if (strcmp(cmd, "show_acl") == 0) - show_acl(0, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "admin_acl") == 0) - show_acl(1, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "acl_history") == 0) - show_acl(2, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd, "revert_acl") == 0) - revert_acl(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - //show_acl(2, user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"new_entry_form")==0) - new_entry_form(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"new_entry")==0) - new_entry(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"del_entry_sure")==0) - del_entry_sure(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"del_entry")==0) - del_entry(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"edit_entry_form")==0) - edit_entry_form(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"edit_entry")==0) - edit_entry(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"add_cred_form")==0) - add_cred_form(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"add_cred")==0) - add_cred(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"del_cred_sure")==0) - del_cred_sure(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - else if (strcmp(cmd,"del_cred")==0) - del_cred(user, dn, perm, help_uri, dir_path, file, dir_uri, admin_file); - - /* you what? */ - - else GRSThttpError("500 Internal Server Error"); -} diff --git a/org.gridsite.core/src/grst_asn1.c b/org.gridsite.core/src/grst_asn1.c deleted file mode 100644 index e47c143..0000000 --- a/org.gridsite.core/src/grst_asn1.c +++ /dev/null @@ -1,506 +0,0 @@ - -#define _GNU_SOURCE -#include -#include - -#include -#include -#include - -#include -#include -#include - -#include "gridsite.h" - -/// ASN1 time string (in a char *) to time_t -/** - * (Use ASN1_STRING_data() to convert ASN1_GENERALIZEDTIME to char * if - * necessary) - */ - -time_t GRSTasn1TimeToTimeT(char *asn1time, size_t len) -{ - char zone; - struct tm time_tm; - - if (len == 0) len = strlen(asn1time); - - if ((len != 13) && (len != 15)) return 0; /* dont understand */ - - if ((len == 13) && - ((sscanf(asn1time, "%02d%02d%02d%02d%02d%02d%c", - &(time_tm.tm_year), - &(time_tm.tm_mon), - &(time_tm.tm_mday), - &(time_tm.tm_hour), - &(time_tm.tm_min), - &(time_tm.tm_sec), - &zone) != 7) || (zone != 'Z'))) return 0; /* dont understand */ - - if ((len == 15) && - ((sscanf(asn1time, "20%02d%02d%02d%02d%02d%02d%c", - &(time_tm.tm_year), - &(time_tm.tm_mon), - &(time_tm.tm_mday), - &(time_tm.tm_hour), - &(time_tm.tm_min), - &(time_tm.tm_sec), - &zone) != 7) || (zone != 'Z'))) return 0; /* dont understand */ - - /* time format fixups */ - - if (time_tm.tm_year < 90) time_tm.tm_year += 100; - --(time_tm.tm_mon); - - return timegm(&time_tm); -} - -/* this function is taken from OpenSSL without modification */ - -static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, - int indent) - { - static const char fmt[]="%-18s"; - static const char fmt2[]="%2d %-15s"; - char str[128]; - const char *p,*p2=NULL; - - if (constructed & V_ASN1_CONSTRUCTED) - p="cons: "; - else - p="prim: "; - if (BIO_write(bp,p,6) < 6) goto err; -#if OPENSSL_VERSION_NUMBER >= 0x0090701fL - BIO_indent(bp,indent,128); -#endif - - p=str; - if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) - sprintf(str,"priv [ %d ] ",tag); - else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) - sprintf(str,"cont [ %d ]",tag); - else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) - sprintf(str,"appl [ %d ]",tag); - else p = ASN1_tag2str(tag); - - if (p2 != NULL) - { - if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err; - } - else - { - if (BIO_printf(bp,fmt,p) <= 0) goto err; - } - return(1); -err: - return(0); - } - -static void GRSTasn1AddToTaglist(struct GRSTasn1TagList taglist[], - int maxtag, int *lasttag, - char *treecoords, int start, int headerlength, - int length, int tag) -{ - if ((strlen(treecoords) > GRST_ASN1_MAXCOORDLEN) || - (*lasttag + 1 > maxtag)) return; - - ++(*lasttag); - - strncpy(taglist[*lasttag].treecoords, treecoords, GRST_ASN1_MAXCOORDLEN+1); - taglist[*lasttag].start = start; - taglist[*lasttag].headerlength = headerlength; - taglist[*lasttag].length = length; - taglist[*lasttag].tag = tag; -} - -int GRSTasn1SearchTaglist(struct GRSTasn1TagList taglist[], - int lasttag, char *treecoords) -{ - int i; - - for (i=0; i <= lasttag; ++i) - { - if (strcmp(treecoords, taglist[i].treecoords) == 0) return i; - } - - return -1; -} - -static int GRSTasn1PrintPrintable(BIO *bp, char *str, int length) -{ - int ret = 0; - char *dup, *p; - - dup = strndup(str, length); - - for (p=dup; *p != '\0'; ++p) if ((*p < ' ') || (*p > '~')) *p = '.'; - - if (bp != NULL) ret = BIO_write(bp, dup, strlen(dup)); - - free(dup); - - return ret; -} - -static int GRSTasn1Parse2(BIO *bp, unsigned char **pp, long length, int offset, - int depth, int indent, int dump, char *treecoords, - struct GRSTasn1TagList taglist[], int maxtag, int *lasttag) - { - int sibling = 0; - char sibtreecoords[512]; - - unsigned char *p,*ep,*tot,*op,*opp; - long len; - int tag,xclass,ret=0; - int nl,hl,j,r; - ASN1_OBJECT *o=NULL; - ASN1_OCTET_STRING *os=NULL; - int dump_indent; - - - dump_indent = 6; /* Because we know BIO_dump_indent() */ - p= *pp; - tot=p+length; - op=p-1; - while ((p < tot) && (op < p)) - { - op=p; - j=ASN1_get_object(&p,&len,&tag,&xclass,length); - - if (j & 0x80) - { - if ((bp != NULL) && - (BIO_write(bp,"Error in encoding\n",18) <= 0)) - goto end; - ret=0; - goto end; - } - hl=(p-op); - length-=hl; - - ++sibling; - sprintf(sibtreecoords, "%s-%d", treecoords, sibling); - - GRSTasn1AddToTaglist(taglist, maxtag, lasttag, sibtreecoords, - (int)offset+(int)(op - *pp), - (int) hl, len, tag); - - if (bp != NULL) - { - BIO_printf(bp, " %s %ld %ld %d %d ", sibtreecoords, - (long)offset+(long)(op - *pp), hl, len, tag); - - GRSTasn1PrintPrintable(bp, p, -// &((*pp)[(long)offset+(long)(op - *pp)+hl]), - (len > 30) ? 30 : len); - - BIO_printf(bp, "\n"); - } - - - /* if j == 0x21 it is a constructed indefinite length object */ - if ((bp != NULL) && - (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp)) - <= 0)) goto end; - - if (j != (V_ASN1_CONSTRUCTED | 1)) - { - if ((bp != NULL) && - (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ", - depth,(long)hl,len) <= 0)) - goto end; - } - else - { - if ((bp != NULL) && - (BIO_printf(bp,"d=%-2d hl=%ld l=inf ", - depth,(long)hl) <= 0)) - goto end; - } - if ((bp != NULL) && - !asn1_print_info(bp,tag,xclass,j,(indent)?depth:0)) - goto end; - if (j & V_ASN1_CONSTRUCTED) - { - ep=p+len; - if ((bp != NULL) && - (BIO_write(bp,"\n",1) <= 0)) goto end; - if (len > length) - { - if (bp != NULL) BIO_printf(bp, - "length is greater than %ld\n",length); - ret=0; - goto end; - } - if ((j == 0x21) && (len == 0)) - { - for (;;) - { - r=GRSTasn1Parse2(bp,&p,(long)(tot-p), - offset+(p - *pp),depth+1, - indent,dump,sibtreecoords, - taglist, maxtag, lasttag); - if (r == 0) { ret=0; goto end; } - if ((r == 2) || (p >= tot)) break; - } - } - else - while (p < ep) - { - r=GRSTasn1Parse2(bp,&p,(long)len, - offset+(p - *pp),depth+1, - indent,dump,sibtreecoords, - taglist, maxtag, lasttag); - if (r == 0) { ret=0; goto end; } - } - } - else if (xclass != 0) - { - p+=len; - if ((bp != NULL) && - (BIO_write(bp,"\n",1) <= 0)) goto end; - } - else - { - nl=0; - if ( (tag == V_ASN1_PRINTABLESTRING) || - (tag == V_ASN1_T61STRING) || - (tag == V_ASN1_IA5STRING) || - (tag == V_ASN1_VISIBLESTRING) || - (tag == V_ASN1_UTCTIME) || - (tag == V_ASN1_GENERALIZEDTIME)) - { - if ((bp != NULL) && - (BIO_write(bp,":",1) <= 0)) goto end; - if ((len > 0) && (bp != NULL) && - BIO_write(bp,(char *)p,(int)len) - != (int)len) - goto end; - } - else if (tag == V_ASN1_OBJECT) - { - opp=op; - if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) - { - if (bp != NULL) - { - if (BIO_write(bp,":",1) <= 0) goto end; - i2a_ASN1_OBJECT(bp,o); - } - } - else - { - if ((bp != NULL) && - (BIO_write(bp,":BAD OBJECT",11) <= 0)) - goto end; - } - } - else if (tag == V_ASN1_BOOLEAN) - { - int ii; - - opp=op; - ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl); - if (ii < 0) - { - if ((bp != NULL) && - (BIO_write(bp,"Bad boolean\n",12))) - goto end; - } - if (bp != NULL) BIO_printf(bp,":%d",ii); - } - else if (tag == V_ASN1_BMPSTRING) - { - /* do the BMP thang */ - } - else if (tag == V_ASN1_OCTET_STRING) - { - int i; - - opp=op; - os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); - if (os != NULL) - { - opp=os->data; - - if (os->length > 0) - { - if ((bp != NULL) && - (BIO_write(bp,":",1) <= 0)) - goto end; - if ((bp != NULL) && - (GRSTasn1PrintPrintable(bp, - opp, - os->length) <= 0)) - goto end; - } - - M_ASN1_OCTET_STRING_free(os); - os=NULL; - } - } - else if (tag == V_ASN1_INTEGER) - { - ASN1_INTEGER *bs; - int i; - - opp=op; - bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl); - if (bs != NULL) - { - if ((bp != NULL) && - (BIO_write(bp,":",1) <= 0)) goto end; - if (bs->type == V_ASN1_NEG_INTEGER) - if ((bp != NULL) && - (BIO_write(bp,"-",1) <= 0)) - goto end; - for (i=0; ilength; i++) - { - if ((bp != NULL) && - (BIO_printf(bp,"%02X", - bs->data[i]) <= 0)) - goto end; - } - if (bs->length == 0) - { - if ((bp != NULL) && - (BIO_write(bp,"00",2) <= 0)) - goto end; - } - } - else - { - if ((bp != NULL) && - (BIO_write(bp,"BAD INTEGER",11) <= 0)) - goto end; - } - M_ASN1_INTEGER_free(bs); - } - else if (tag == V_ASN1_ENUMERATED) - { - ASN1_ENUMERATED *bs; - int i; - - opp=op; - bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl); - if (bs != NULL) - { - if ((bp != NULL) && - (BIO_write(bp,":",1) <= 0)) goto end; - if (bs->type == V_ASN1_NEG_ENUMERATED) - if ((bp != NULL) && - (BIO_write(bp,"-",1) <= 0)) - goto end; - for (i=0; ilength; i++) - { - if ((bp != NULL) && - (BIO_printf(bp,"%02X", - bs->data[i]) <= 0)) - goto end; - } - if (bs->length == 0) - { - if ((bp != NULL) && - (BIO_write(bp,"00",2) <= 0)) - goto end; - } - } - else - { - if ((bp != NULL) && - (BIO_write(bp,"BAD ENUMERATED",11) <= 0)) - goto end; - } - M_ASN1_ENUMERATED_free(bs); - } - else if (len > 0 && dump) - { - if (!nl) - { - if ((bp != NULL) && - (BIO_write(bp,"\n",1) <= 0)) - goto end; - } - if ((bp != NULL) && - (BIO_dump_indent(bp,(char *)p, - ((dump == -1 || dump > len)?len:dump), - dump_indent) <= 0)) - goto end; - nl=1; - } - - if (!nl) - { - if ((bp != NULL) && - (BIO_write(bp,"\n",1) <= 0)) goto end; - } - p+=len; - if ((tag == V_ASN1_EOC) && (xclass == 0)) - { - ret=2; /* End of sequence */ - goto end; - } - } - - length-=len; - } - ret=1; -end: - if (o != NULL) ASN1_OBJECT_free(o); - if (os != NULL) M_ASN1_OCTET_STRING_free(os); - *pp=p; - return(ret); - } - -int GRSTasn1ParseDump(BIO *bp, unsigned char *pp, long len, - struct GRSTasn1TagList taglist[], - int maxtag, int *lasttag) - { - return(GRSTasn1Parse2(bp,&pp,len,0,0,0,0,"", - taglist, maxtag, lasttag)); - } - -int GRSTasn1GetX509Name(char *x509name, int maxlength, char *coords, - char *asn1string, - struct GRSTasn1TagList taglist[], int lasttag) -{ - int i, iobj, istr, n, len = 0; - ASN1_OBJECT *obj = NULL; - unsigned char coordstmp[81], *q; - const unsigned char *shortname; - - for (i=1; ; ++i) - { - sprintf(coordstmp, coords, i, 1); - iobj = GRSTasn1SearchTaglist(taglist, lasttag, coordstmp); - if (iobj < 0) break; - - sprintf(coordstmp, coords, i, 2); - istr = GRSTasn1SearchTaglist(taglist, lasttag, coordstmp); - if (istr < 0) break; - - q = &asn1string[taglist[iobj].start]; - d2i_ASN1_OBJECT(&obj, &q, taglist[iobj].length + - taglist[iobj].headerlength); - - n = OBJ_obj2nid(obj); -// free obj now? - shortname = OBJ_nid2sn(n); - - if (len + 2 + strlen(shortname) + taglist[istr].length >= maxlength) - { - x509name[0] = '\0'; - return GRST_RET_FAILED; - } - - sprintf(&x509name[len], "/%s=%.*s", shortname, - taglist[istr].length, - &asn1string[taglist[istr].start+taglist[istr].headerlength]); - len += 2 + strlen(shortname) + taglist[istr].length; - } - - x509name[len] = '\0'; - - return GRST_RET_OK; -} diff --git a/org.gridsite.core/src/grst_gacl.c b/org.gridsite.core/src/grst_gacl.c deleted file mode 100644 index 1df2f02..0000000 --- a/org.gridsite.core/src/grst_gacl.c +++ /dev/null @@ -1,1170 +0,0 @@ -/* - Copyright (c) 2002-3, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -/*---------------------------------------------------------------* - * For more information about GridSite: http://www.gridsite.org/ * - *---------------------------------------------------------------*/ - -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef _GNU_SOURCE -#define _GNU_SOURCE -#endif -#include - -#include -#include -#include - -#include "gridsite.h" - -/* * - * Global variables, shared by all GACL functions by private to libgacl * - * */ - -char *grst_perm_syms[] = { "none", - "read", - "exec", - "list", - "write", - "admin", - NULL }; - -GRSTgaclPerm grst_perm_vals[] = { GRST_PERM_NONE, - GRST_PERM_READ, - GRST_PERM_EXEC, - GRST_PERM_LIST, - GRST_PERM_WRITE, - GRST_PERM_ADMIN, - -1 }; - -int GRSTgaclInit(void) -{ - xmlInitParser(); - - LIBXML_TEST_VERSION - - xmlKeepBlanksDefault(0); - - return 1; -} - -/* declare these two private functions at the start */ - -GRSTgaclAcl *GRSTgaclAclParse(xmlDocPtr, xmlNodePtr, GRSTgaclAcl *); -GRSTgaclAcl *GRSTxacmlAclParse(xmlDocPtr, xmlNodePtr, GRSTgaclAcl *); - -/* * - * Functions to manipulate GRSTgaclCred structures * - * */ - -GRSTgaclCred *GRSTgaclCredNew(char *type) -/* - GRSTgaclCredNew - allocate a new GRSTgaclCred structure, and return - it's pointer or NULL on (malloc) error. -*/ -{ - GRSTgaclCred *newcred; - - if (type == NULL) return NULL; - - newcred = malloc(sizeof(GRSTgaclCred)); - if (newcred == NULL) return NULL; - - newcred->type = strdup(type); - newcred->delegation = 0; - newcred->firstname = NULL; - newcred->next = NULL; - - return newcred; -} - -int GRSTgaclCredAddValue(GRSTgaclCred *cred, char *rawname, char *rawvalue) -/* - GRSTgaclCredAddValue - add a name/value pair to a GRSTgaclCred -*/ -{ - int i; - char *name, *value; - GRSTgaclNamevalue *p; - - name = strdup(rawname); - - /* no leading or trailing space in value */ - - value = rawvalue; - while ((*value != '\0') && isspace(*value)) ++value; - - value = strdup(value); - - for (i=strlen(value) - 1; (i >= 0) && isspace(value[i]); --i) value[i]='\0'; - - if (cred->firstname == NULL) - { - cred->firstname = malloc(sizeof (GRSTgaclNamevalue)); - (cred->firstname)->name = name; - (cred->firstname)->value = value; - (cred->firstname)->next = NULL; - } - else - { - p = cred->firstname; - - while (p->next != NULL) p = (GRSTgaclNamevalue *) p->next; - - p->next = malloc(sizeof(GRSTgaclNamevalue)); - ((GRSTgaclNamevalue *) p->next)->name = name; - ((GRSTgaclNamevalue *) p->next)->value = value; - ((GRSTgaclNamevalue *) p->next)->next = NULL; - } - - return 1; -} - -static int GRSTgaclNamevalueFree(GRSTgaclNamevalue *p) -{ - if (p == NULL) return 1; - - if (p->next != NULL) - GRSTgaclNamevalueFree((GRSTgaclNamevalue *) p->next); - if (p->name != NULL) free(p->name); - if (p->value != NULL) free(p->value); - free(p); - - return 1; -} - -int GRSTgaclCredFree(GRSTgaclCred *cred) -/* - GRSTgaclCredFree - free memory structures of a GRSTgaclCred, - returning 1 always! -*/ -{ - if (cred == NULL) return 1; - - GRSTgaclNamevalueFree(cred->firstname); - if (cred->type != NULL) free(cred->type); - free(cred); - - return 1; -} - -static int GRSTgaclCredsFree(GRSTgaclCred *firstcred) -/* - GRSTgaclCredsFree - free a cred and all the creds in its *next chain -*/ -{ - if (firstcred == NULL) return 0; - - if (firstcred->next != NULL) GRSTgaclCredsFree(firstcred->next); - - return GRSTgaclCredFree(firstcred); -} - -static int GRSTgaclCredInsert(GRSTgaclCred *firstcred, GRSTgaclCred *newcred) -/* - GRSTgaclCredInsert - insert a cred in the *next chain of firstcred - - FOR THE MOMENT THIS JUST APPENDS! -*/ -{ - if (firstcred == NULL) return 0; - - if (firstcred->next == NULL) - { - firstcred->next = newcred; - return 1; - } - - return GRSTgaclCredInsert(firstcred->next, newcred); -} - -int GRSTgaclEntryAddCred(GRSTgaclEntry *entry, GRSTgaclCred *cred) -/* - GRSTaddCred - add a new credential to an existing entry, returning 1 - on success or 0 on error -*/ -{ - if (entry == NULL) return 0; - - if (entry->firstcred == NULL) - { - entry->firstcred = cred; - return 1; - } - else return GRSTgaclCredInsert(entry->firstcred, cred); -} - -static int GRSTgaclCredRemoveCred(GRSTgaclCred *firstcred, GRSTgaclCred *oldcred) -/* - (Private) - - GRSTgaclCredRemoveCred - remove a cred in the *next chain of firstcred - and relink the chain -*/ -{ - if (firstcred == NULL) return 0; - -// yeah, I know -} - -int GRSTgaclEntryDelCred(GRSTgaclEntry *entry, GRSTgaclCred *cred) -/* - GRSTgaclEntryDelCred - remove a new cred from an entry, returning 1 - on success (or absense) or 0 on error. -*/ -{ - if (entry == NULL) return 0; - - return GRSTgaclCredRemoveCred(entry->firstcred, cred); -} - -int GRSTgaclCredPrint(GRSTgaclCred *cred, FILE *fp) -/* - GRSTgaclCredPrint - print a credential and any name-value pairs is contains -*/ -{ - char *q; - GRSTgaclNamevalue *p; - - if (cred->firstname != NULL) - { - fprintf(fp, "<%s>\n", cred->type); - - p = cred->firstname; - - do { - fprintf(fp, "<%s>", p->name); - - for (q=p->value; *q != '\0'; ++q) - if (*q == '<') fputs("<", fp); - else if (*q == '>') fputs(">", fp); - else if (*q == '&') fputs("&" , fp); - else if (*q == '\'') fputs("'", fp); - else if (*q == '"') fputs(""", fp); - else fputc(*q, fp); - - fprintf(fp, "\n", p->name); - - p = (GRSTgaclNamevalue *) p->next; - - } while (p != NULL); - - fprintf(fp, "\n", cred->type); - } - else fprintf(fp, "<%s/>\n", cred->type); - - return 1; -} - -/* * - * Functions to manipulate GRSTgaclEntry structures * - * */ - -GRSTgaclEntry *GRSTgaclEntryNew(void) -/* - GRSTgaclEntryNew - allocate space for a new entry, returning its pointer - or NULL on failure. -*/ -{ - GRSTgaclEntry *newentry; - - newentry = (GRSTgaclEntry *) malloc(sizeof(GRSTgaclEntry)); - if (newentry == NULL) return NULL; - - newentry->firstcred = NULL; - newentry->allowed = 0; - newentry->denied = 0; - newentry->next = NULL; - - return newentry; -} - -int GRSTgaclEntryFree(GRSTgaclEntry *entry) -/* - GRSTgaclEntryFree - free up space used by an entry (always returns 1) -*/ -{ - int i; - - if (entry == NULL) return 1; - - GRSTgaclCredsFree(entry->firstcred); - - free(entry); - - return 1; -} - -static int GRSTgaclEntriesFree(GRSTgaclEntry *entry) -/* - GRSTgaclEntriesFree - free up entry and all entries linked to in its *next - chain -*/ -{ - if (entry == NULL) return 0; - - if (entry->next != NULL) GRSTgaclEntriesFree(entry->next); - - return GRSTgaclEntryFree(entry); -} - -static int GRSTgaclEntryInsert(GRSTgaclEntry *firstentry, GRSTgaclEntry *newentry) -/* - GRSTgaclEntryInsert - insert an entry in the *next chain of firstentry - - FOR THE MOMENT THIS JUST APPENDS -*/ -{ - if (firstentry == NULL) return 0; - - if (firstentry->next == NULL) - { - firstentry->next = newentry; - return 1; - } - - return GRSTgaclEntryInsert(firstentry->next, newentry); -} - -int GRSTgaclAclAddEntry(GRSTgaclAcl *acl, GRSTgaclEntry *entry) -/* - GRSTgaclAclAddEntry - add a new entry to an existing acl, returning 1 - on success or 0 on error -*/ -{ - if (acl == NULL) return 0; - - if (acl->firstentry == NULL) - { - acl->firstentry = entry; - return 1; - } - else return GRSTgaclEntryInsert(acl->firstentry, entry); -} - -int GRSTgaclEntryPrint(GRSTgaclEntry *entry, FILE *fp) -{ - GRSTgaclCred *cred; - GRSTgaclPerm i; - - fputs("\n", fp); - - for (cred = entry->firstcred; cred != NULL; cred = cred->next) - GRSTgaclCredPrint(cred, fp); - - if (entry->allowed) - { - fputs("", fp); - - for (i=GRST_PERM_READ; i <= GRST_PERM_ADMIN; ++i) - if ((entry->allowed) & i) GRSTgaclPermPrint(i, fp); - - fputs("\n", fp); - } - - - if (entry->denied) - { - fputs("", fp); - - for (i=GRST_PERM_READ; i <= GRST_PERM_ADMIN; ++i) - if (entry->denied & i) GRSTgaclPermPrint(i, fp); - - fputs("\n", fp); - } - - fputs("\n", fp); - - return 1; -} - -/* * - * Functions to manipulate GRSTgaclPerm items * - * */ - -int GRSTgaclPermPrint(GRSTgaclPerm perm, FILE *fp) -{ - GRSTgaclPerm i; - - for (i=GRST_PERM_READ; grst_perm_syms[i] != NULL; ++i) - if (perm == grst_perm_vals[i]) - { - fprintf(fp, "<%s/>", grst_perm_syms[i]); - return 1; - } - - return 0; -} - -int GRSTgaclEntryAllowPerm(GRSTgaclEntry *entry, GRSTgaclPerm perm) -{ - entry->allowed = entry->allowed | perm; - - return 1; -} - -int GRSTgaclEntryUnallowPerm(GRSTgaclEntry *entry, GRSTgaclPerm perm) -{ - entry->allowed = entry->allowed & ~perm; - - return 1; -} - -int GRSTgaclEntryDenyPerm(GRSTgaclEntry *entry, GRSTgaclPerm perm) -{ - entry->denied = entry->denied | perm; - - return 1; -} - -int GRSTgaclEntryUndenyPerm(GRSTgaclEntry *entry, GRSTgaclPerm perm) -{ - entry->denied = entry->denied & ~perm; - - return 1; -} - -char *GRSTgaclPermToChar(GRSTgaclPerm perm) -/* - GRSTgaclPermToChar - return char * or NULL corresponding to most significant - set bit of perm. -*/ -{ - char *p = NULL; - GRSTgaclPerm i; - - for (i=0; grst_perm_syms[i] != NULL; ++i) - if (perm & grst_perm_vals[i]) p = grst_perm_syms[i]; - - return p; -} - -GRSTgaclPerm GRSTgaclPermFromChar(char *s) -/* - GRSTgaclPermToChar - return access perm corresponding to symbol s[] -*/ -{ - GRSTgaclPerm i; - - for (i=0; grst_perm_syms[i] != NULL; ++i) - if (strcasecmp(grst_perm_syms[i], s) == 0) return grst_perm_vals[i]; - - return -1; -} - -/* * - * Functions to manipulate GRSTgaclAcl structures * - * */ - -GRSTgaclAcl *GRSTgaclAclNew(void) -/* - GRSTgaclAclNew - allocate a new acl and return its pointer (or NULL - on failure.) -*/ -{ - GRSTgaclAcl *newacl; - - newacl = (GRSTgaclAcl *) malloc(sizeof(GRSTgaclAcl)); - if (newacl == NULL) return NULL; - - newacl->firstentry = NULL; - - return newacl; -} - -int GRSTgaclAclFree(GRSTgaclAcl *acl) -/* - GRSTgaclAclFree - free up space used by *acl. Always returns 1. -*/ -{ - if (acl == NULL) return 1; - - GRSTgaclEntriesFree(acl->firstentry); - - return 1; -} - -int GRSTgaclAclPrint(GRSTgaclAcl *acl, FILE *fp) -{ - GRSTgaclEntry *entry; - - fputs("\n", fp); - - for (entry = acl->firstentry; entry != NULL; entry = entry->next) - GRSTgaclEntryPrint(entry, fp); - - fputs("\n", fp); - - return 1; -} - -int GRSTgaclAclSave(GRSTgaclAcl *acl, char *filename) -{ - int ret; - FILE *fp; - - fp = fopen(filename, "w"); - if (fp == NULL) return 0; - - fputs("\n", fp); - - ret = GRSTgaclAclPrint(acl, fp); - - fclose(fp); - - return ret; -} - -/* * - * Functions for loading and parsing XML using libxml * - * */ - -// need to check these for libxml memory leaks? - what needs to be freed? - -static GRSTgaclCred *GRSTgaclCredParse(xmlNodePtr cur) -/* - GRSTgaclCredParse - parse a credential stored in the libxml structure cur, - returning it as a pointer or NULL on error. -*/ -{ - xmlNodePtr cur2; - GRSTgaclCred *cred; - - cred = GRSTgaclCredNew((char *) cur->name); - - cred->firstname = NULL; - cred->next = NULL; - - for (cur2 = cur->xmlChildrenNode; cur2 != NULL; cur2=cur2->next) - { - GRSTgaclCredAddValue(cred, (char *) cur2->name, - (char *) xmlNodeGetContent(cur2)); - } - - return cred; -} - -static GRSTgaclEntry *GRSTgaclEntryParse(xmlNodePtr cur) -/* - GRSTgaclEntryParse - parse an entry stored in the libxml structure cur, - returning it as a pointer or NULL on error. -*/ -{ - int i; - xmlNodePtr cur2; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclPerm perm; - - if (xmlStrcmp(cur->name, (const xmlChar *) "entry") != 0) return NULL; - - cur = cur->xmlChildrenNode; - - entry = GRSTgaclEntryNew(); - - while (cur != NULL) - { - if (xmlStrcmp(cur->name, (const xmlChar *) "allow") == 0) - { - for (cur2 = cur->xmlChildrenNode; cur2 != NULL; cur2=cur2->next) - for (i=0; grst_perm_syms[i] != NULL; ++i) - if (xmlStrcmp(cur2->name, - (const xmlChar *) grst_perm_syms[i]) == 0) - GRSTgaclEntryAllowPerm(entry, grst_perm_vals[i]); - } - else if (xmlStrcmp(cur->name, (const xmlChar *) "deny") == 0) - { - for (cur2 = cur->xmlChildrenNode; cur2 != NULL; cur2=cur2->next) - for (i=0; grst_perm_syms[i] != NULL; ++i) - if (xmlStrcmp(cur2->name, - (const xmlChar *) grst_perm_syms[i]) == 0) - GRSTgaclEntryDenyPerm(entry, grst_perm_vals[i]); - } - else if ((cred = GRSTgaclCredParse(cur)) != NULL) - { - if (!GRSTgaclEntryAddCred(entry, cred)) - { - GRSTgaclCredFree(cred); - GRSTgaclEntryFree(entry); - return NULL; - } - } - else /* I cannot parse this - give up rather than get it wrong */ - { - GRSTgaclEntryFree(entry); - return NULL; - } - - cur=cur->next; - } - - return entry; -} - -GRSTgaclAcl *GRSTgaclAclLoadFile(char *filename) -{ - xmlDocPtr doc; - xmlNodePtr cur; - GRSTgaclAcl *acl; - - doc = xmlParseFile(filename); - if (doc == NULL) return NULL; - - cur = xmlDocGetRootElement(doc); - if (cur == NULL) return NULL; - - if (!xmlStrcmp(cur->name, (const xmlChar *) "Policy")) { acl=GRSTxacmlAclParse(doc, cur, acl);} - else if (!xmlStrcmp(cur->name, (const xmlChar *) "gacl")) {acl=GRSTgaclAclParse(doc, cur, acl);} - else /* ACL format not recognised */ - { - free(doc); - free(cur); - return NULL; - } - - - xmlFreeDoc(doc); - return acl; -} - -GRSTgaclAcl *GRSTgaclAclParse(xmlDocPtr doc, xmlNodePtr cur, GRSTgaclAcl *acl) -{ - GRSTgaclEntry *entry; - - cur = cur->xmlChildrenNode; - - acl = GRSTgaclAclNew(); - - while (cur != NULL) - { - entry = GRSTgaclEntryParse(cur); - if (entry == NULL) - { - GRSTgaclAclFree(acl); - xmlFreeDoc(doc); - return NULL; - } - - GRSTgaclAclAddEntry(acl, entry); - - cur=cur->next; - } - - return acl; -} -int GRSTgaclFileIsAcl(char *pathandfile) -/* Return 1 if filename in *pathandfile starts GRST_ACL_FILE - Return 0 otherwise. */ -{ - char *filename; - - filename = rindex(pathandfile, '/'); - if (filename == NULL) filename = pathandfile; - else filename++; - - return (strncmp(filename, GRST_ACL_FILE, sizeof(GRST_ACL_FILE) - 1) == 0); -} - -char *GRSTgaclFileFindAclname(char *pathandfile) -/* Return malloc()ed ACL filename that governs the given file or directory - (for directories, the ACL file is in the directory itself), or NULL if none - can be found. */ -{ - int len; - char *path, *file, *p; - struct stat statbuf; - - len = strlen(pathandfile); - if (len == 0) return NULL; - - path = malloc(len + sizeof(GRST_ACL_FILE) + 2); - strcpy(path, pathandfile); - - if ((stat(path, &statbuf) == 0) && - S_ISDIR(statbuf.st_mode) && - (path[len-1] != '/')) - { - strcat(path, "/"); - ++len; - } - - if (path[len-1] != '/') - { - p = rindex(pathandfile, '/'); - if (p != NULL) - { - file = &p[1]; - p = rindex(path, '/'); - sprintf(p, "/%s:%s", GRST_ACL_FILE, file); - - if (stat(path, &statbuf) == 0) return path; - - *p = '\0'; /* otherwise strip off any filename */ - } - } - - while (path[0] != '\0') - { - strcat(path, "/"); - strcat(path, GRST_ACL_FILE); - - if (stat(path, &statbuf) == 0) return path; - - p = rindex(path, '/'); - *p = '\0'; /* strip off the / we added for ACL */ - - p = rindex(path, '/'); - if (p == NULL) break; /* must start without / and we there now ??? */ - - *p = '\0'; /* strip off another layer of / */ - } - - free(path); - return NULL; -} - -GRSTgaclAcl *GRSTgaclAclLoadforFile(char *pathandfile) -/* Return ACL that governs the given file or directory (for directories, - the ACL file is in the directory itself.) */ -{ - char *path; - GRSTgaclAcl *acl; - - path = GRSTgaclFileFindAclname(pathandfile); - - if (path != NULL) - { - acl = GRSTgaclAclLoadFile(path); - free(path); - return acl; - } - - return NULL; -} - -/* * - * Functions to create and query GACLuser * - * */ - -GRSTgaclUser *GRSTgaclUserNew(GRSTgaclCred *cred) -{ - GRSTgaclUser *user; - - if (cred == NULL) return NULL; - - user = malloc(sizeof(GRSTgaclUser)); - - if (user != NULL) user->firstcred = cred; - - user->dnlists = NULL; - - return user; -} - -int GRSTgaclUserFree(GRSTgaclUser *user) -{ - if (user == NULL) return 1; - - if (user->firstcred != NULL) GRSTgaclCredsFree(user->firstcred); - - if (user->dnlists != NULL) free(user->dnlists); - - free(user); - - return 1; -} - -int GRSTgaclUserAddCred(GRSTgaclUser *user, GRSTgaclCred *cred) -{ - GRSTgaclCred *crediter; - - if ((user == NULL) || (cred == NULL)) return 0; - - if (user->firstcred == NULL) - { - user->firstcred = cred; - cred->next = NULL; /* so cannot be used to add whole lists */ - return 1; - } - - crediter = user->firstcred; - - while (crediter->next != NULL) crediter = crediter->next; - - crediter->next = cred; - cred->next = NULL; /* so cannot be used to add whole lists */ - - return 1; -} - -int GRSTgaclUserHasCred(GRSTgaclUser *user, GRSTgaclCred *cred) -/* test if the user has the given credential */ -{ - GRSTgaclCred *crediter; - GRSTgaclNamevalue *usernamevalue, *crednamevalue; - - - if (cred == NULL) return 0; - - if (strcmp(cred->type, "any-user") == 0) return 1; - - if (user == NULL) return 0; - - if (strcmp(cred->type, "dn-list") == 0) - { - if ((cred->firstname == NULL) || - (strcmp((cred->firstname)->name, "url") != 0) || - ((cred->firstname)->next != NULL)) return 0; - - return GRSTgaclDNlistHasUser((cred->firstname)->value, user); - } - - if (strcmp(cred->type, "dns") == 0) - { - if ((user->firstcred == NULL) || - ((user->firstcred)->firstname == NULL) || - (cred->firstname == NULL) || - (strcmp((cred->firstname)->name, "hostname") != 0) || - ((cred->firstname)->next != NULL)) return 0; - - for (crediter=user->firstcred; - crediter != NULL; - crediter = crediter->next) - if (strcmp(crediter->type, "dns") == 0) - { - if ((crediter->firstname == NULL) || - (strcmp((crediter->firstname)->name, "hostname") != 0)) return 0; - - return (fnmatch((cred->firstname)->value, - (crediter->firstname)->value, FNM_CASEFOLD) == 0); - } - - - return 0; - } - - if (strcmp(cred->type, "auth-user") == 0) - { - if ((user->firstcred == NULL) || - ((user->firstcred)->firstname == NULL)) return 0; - - for (crediter=user->firstcred; - crediter != NULL; - crediter = crediter->next) - if (strcmp(crediter->type, "person") == 0) return 1; - - return 0; - } - - for (crediter=user->firstcred; crediter != NULL; crediter = crediter->next) - { - if (strcmp(crediter->type, cred->type) != 0) continue; - - if ((crediter->firstname == NULL) && - (cred->firstname == NULL)) return 1; - - if ((crediter->firstname == NULL) || - (cred->firstname == NULL)) continue; - - usernamevalue = crediter->firstname; - crednamevalue = cred->firstname; - - for (;;) - { - if (strcmp(usernamevalue->name,crednamevalue->name) != 0) break; - - if (strcmp(cred->type, "person") == 0) - { - if (GRSTx509NameCmp(usernamevalue->value, - crednamevalue->value) != 0) break; - } - else if (strcmp(usernamevalue->value, - crednamevalue->value) != 0) break; - - /* ok if cred list runs out before user's cred list */ - if (crednamevalue->next == NULL) return 1; - - /* but not ok if more names to match which user doesn't have */ - if (usernamevalue->next == NULL) break; - - crednamevalue = (GRSTgaclNamevalue *) crednamevalue->next; - usernamevalue = (GRSTgaclNamevalue *) usernamevalue->next; - } - } - - return 0; -} - -GRSTgaclCred *GRSTgaclUserFindCredtype(GRSTgaclUser *user, char *type) -/* find the first credential of a given type for this user */ -{ - GRSTgaclCred *cred; - - if (user == NULL) return NULL; - - cred = user->firstcred; - - while (cred != NULL) - { - if (strcmp(cred->type, type) == 0) return cred; - - cred = cred->next; - } - - return NULL; -} - -int GRSTgaclUserSetDNlists(GRSTgaclUser *user, char *dnlists) -{ - if ((user == NULL) || (dnlists == NULL)) return 0; - - if (user->dnlists != NULL) free(user->dnlists); - - user->dnlists = strdup(dnlists); - - return 1; -} - -/* * - * Functions to test for access perm of an individual * - * */ - -static char *recurse4file(char *dir, char *file, int recurse_level) -/* try to find file[] in dir[]. try subdirs if not found. - return full path to first found version or NULL on failure */ -{ - char *fullfilename, *fulldirname; - struct stat statbuf; - DIR *dirDIR; - struct dirent *file_ent; - - /* try to find in current directory */ - - asprintf(&fullfilename, "%s/%s", dir, file); - if (stat(fullfilename, &statbuf) == 0) return fullfilename; - free(fullfilename); - - /* maybe search in subdirectories */ - - if (recurse_level >= GRST_RECURS_LIMIT) return NULL; - - dirDIR = opendir(dir); - - if (dirDIR == NULL) return NULL; - - while ((file_ent = readdir(dirDIR)) != NULL) - { - if (file_ent->d_name[0] == '.') continue; - - asprintf(&fulldirname, "%s/%s", dir, file_ent->d_name); - - if ((stat(fulldirname, &statbuf) == 0) && - S_ISDIR(statbuf.st_mode) && - ((fullfilename = recurse4file(fulldirname, file, - recurse_level + 1)) != NULL)) - { - closedir(dirDIR); - return fullfilename; - } - - free(fulldirname); - } - - closedir(dirDIR); - - return NULL; -} - -int GRSTgaclDNlistHasUser(char *listurl, GRSTgaclUser *user) -{ - char *dn_lists_dirs, *dn_list_ptr, *enclisturl, *filename, *dirname, - line[512], *p; - FILE *fp; - GRSTgaclCred *cred; - - if ((listurl == NULL) || (user == NULL)) return 0; - - enclisturl = GRSThttpUrlEncode(listurl); - - if (user->dnlists != NULL) p = user->dnlists; - else p = getenv("GRST_DN_LISTS"); - - if (p == NULL) p = GRST_DN_LISTS; - dn_lists_dirs = strdup(p); /* we need to keep this for free() later! */ - dn_list_ptr = dn_lists_dirs; /* copy, for naughty function strsep() */ - - while ((dirname = strsep(&dn_list_ptr, ":")) != NULL) - { - filename = recurse4file(dirname, enclisturl, 0); - if (filename == NULL) continue; - - fp = fopen(filename, "r"); - free(filename); - - if (fp == NULL) continue; - - while (fgets(line, sizeof(line), fp) != NULL) - { - p = index(line, '\n'); - if (p != NULL) *p = '\0'; - - cred = user->firstcred; - - while (cred != NULL) - { - if ((strcmp(cred->type, "person") == 0) && - (cred->firstname != NULL) && - (strcmp("dn", (cred->firstname)->name) == 0) && - (GRSTx509NameCmp(line, (cred->firstname)->value) == 0)) - { - fclose(fp); - free(dn_lists_dirs); - free(enclisturl); - return 1; - } - - cred = cred->next; - } - } - - fclose(fp); - } - - free(dn_lists_dirs); - free(enclisturl); - - return 0; -} - -GRSTgaclPerm GRSTgaclAclTestUser(GRSTgaclAcl *acl, GRSTgaclUser *user) -/* - GACLgaclAclTestUser - return bit fields depending on access perms user has - for given acl. All zero for no access. If *user is - NULL, matching to "any-user" will still work. -*/ -{ - int flag, onlyanyuser; - GRSTgaclPerm allowperms = 0, denyperms = 0, allowed; - GRSTgaclEntry *entry; - GRSTgaclCred *cred, *usercred; - - if (acl == NULL) return 0; - - for (entry = acl->firstentry; entry != NULL; entry = entry->next) - { - flag = 1; /* begin by assuming this entry applies to us */ - onlyanyuser = 1; /* begin by assuming just */ - - /* now go through creds, checking they all do apply to us */ - - for (cred = entry->firstcred; cred != NULL; cred = cred->next) - if (!GRSTgaclUserHasCred(user, cred)) flag = 0; - else if (strcmp(cred->type, "any-user") != 0) onlyanyuser = 0; - - if (!flag) continue; /* flag false if a subtest failed */ - - /* does apply to us, so we remember this entry's perms */ - - /* we dont allow Write or Admin on the basis of any-user alone */ - - allowed = entry->allowed; - - if (onlyanyuser) - allowed = entry->allowed & ~GRST_PERM_WRITE & ~GRST_PERM_ADMIN; - else allowed = entry->allowed; - - allowperms = allowperms | allowed; - denyperms = denyperms | entry->denied; - } - - return (allowperms & (~ denyperms)); - /* for each perm type, any deny we saw kills any allow */ -} - -GRSTgaclPerm GRSTgaclAclTestexclUser(GRSTgaclAcl *acl, GRSTgaclUser *user) -/* - GRSTgaclAclTestexclUser - - return bit fields depending on ALLOW perms OTHER users - have for given acl. All zero if they have no access. - (used for testing if a user has exclusive access) -*/ -{ - int flag; - GRSTgaclPerm perm = 0; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - - if (acl == NULL) return 0; - - for (entry = acl->firstentry; entry != NULL; entry = entry->next) - { - flag = 0; /* flag will be set if cred implies other users */ - - for (cred = entry->firstcred; cred != NULL; cred = cred->next) - { - if (strcmp(cred->type, "person") != 0) - /* if we ever add support for other person-specific credentials, - they must also be recognised here */ - { - flag = 1; - break; - } - - if (!GRSTgaclUserHasCred(user, cred)) - /* if user doesnt have this person credential, assume - it refers to a different individual */ - { - flag = 1; - break; - } - } - - if (flag) perm = perm | entry->allowed; - } - - return perm; -} - -/* - Wrapper functions for gridsite-gacl.h support of legacy API -*/ - -GRSTgaclEntry *GACLparseEntry(xmlNodePtr cur) -{ - return GRSTgaclEntryParse(cur); -} diff --git a/org.gridsite.core/src/grst_http.c b/org.gridsite.core/src/grst_http.c deleted file mode 100644 index c7b375e..0000000 --- a/org.gridsite.core/src/grst_http.c +++ /dev/null @@ -1,407 +0,0 @@ -/* - Copyright (c) 2002-3, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -#ifndef VERSION -#define VERSION "x.x.x" -#endif - -#define _GNU_SOURCE -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "gridsite.h" - -void GRSThttpBodyInit(GRSThttpBody *thisbody) -{ - thisbody->size = 0; /* simple, but we don't expose internals to callers */ -} - -void GRSThttpPrintf(GRSThttpBody *thisbody, char *fmt, ...) -/* append printf() style format and arguments to *thisbody. - This requires vasprintf from glibc!! */ -{ - char *p; - size_t size; - va_list args; - - va_start(args, fmt); - size = vasprintf(&p, fmt, args); - va_end(args); - - if (size == 0) free(p); /* don't need to bother in this case */ - else if (size > 0) - { - if (thisbody->size == 0) /* need to initialise */ - { - thisbody->first = (GRSThttpCharsList *)malloc(sizeof(GRSThttpCharsList)); - thisbody->first->text = p; - thisbody->first->next = NULL; - - thisbody->last = thisbody->first; - thisbody->size = size; - } - else - { - thisbody->last->next = (GRSThttpCharsList *) - malloc(sizeof(GRSThttpCharsList)); - ((GRSThttpCharsList *) thisbody->last->next)->text = p; - ((GRSThttpCharsList *) thisbody->last->next)->next = NULL; - - thisbody->last = thisbody->last->next; - thisbody->size = thisbody->size + size; - } - } -} - -int GRSThttpCopy(GRSThttpBody *thisbody, char *file) -/* - copy a whole file, named file[], into the body output buffer, returning - 1 if file was found and copied ok, or 0 otherwise. -*/ -{ - int fd, len; - char c, *p; - struct stat statbuf; - - fd = open(file, O_RDONLY); - - if (fd == -1) return 0; - - if (fstat(fd, &statbuf) != 0) - { - close(fd); - return 0; - } - - p = malloc(statbuf.st_size + 1); - - if (p == NULL) - { - close(fd); - return 0; - } - - len = read(fd, p, statbuf.st_size); - p[len] = '\0'; - - close(fd); - - if (thisbody->size == 0) /* need to initialise */ - { - thisbody->first = (GRSThttpCharsList *) malloc(sizeof(GRSThttpCharsList)); - thisbody->first->text = p; - thisbody->first->next = NULL; - - thisbody->last = thisbody->first; - thisbody->size = len; - } - else - { - thisbody->last->next=(GRSThttpCharsList *)malloc(sizeof(GRSThttpCharsList)); - ((GRSThttpCharsList *) thisbody->last->next)->text = p; - ((GRSThttpCharsList *) thisbody->last->next)->next = NULL; - - thisbody->last = thisbody->last->next; - thisbody->size = thisbody->size + len; - } - - return 1; -} - -void GRSThttpWriteOut(GRSThttpBody *thisbody) -/* output Content-Length header, blank line then whole of the body to - standard output */ -{ - GRSThttpCharsList *p; - - printf("Content-Length: %d\n\n", thisbody->size); - - p = thisbody->first; - - while (p != NULL) - { - fputs(p->text, stdout); - - p = p->next; - } -} - -int GRSThttpPrintHeaderFooter(GRSThttpBody *bp, char *file, char *headfootname) -/* - try to print Header or Footer appropriate for absolute path file[], - returning 1 rather than 0 if found. -*/ -{ - int found = 0; - char *pathfile, *p; - struct stat statbuf; - - pathfile = malloc(strlen(file) + strlen(headfootname) + 2); - strcpy(pathfile, file); - - if ((pathfile[strlen(pathfile) - 1] != '/') && - (stat(pathfile, &statbuf) == 0) && - S_ISDIR(statbuf.st_mode)) strcat(pathfile, "/"); - - for (;;) - { - p = rindex(pathfile, '/'); - if (p == NULL) break; - p[1] = '\0'; - strcat(p, headfootname); - - if (stat(pathfile, &statbuf) == 0) - { - found = GRSThttpCopy(bp, pathfile); - break; - } - - p[0] = '\0'; - } - - free(pathfile); - return found; -} - -char *GRSThttpGetCGI(char *name) -/* - Return a malloc()ed copy of CGI form parameter identified by name[], - either received by QUERY_STRING (via GET) or on stdin (via POST). - Caller must free() the returned string itself. If name[] is not found, - an empty NUL-terminated malloc()ed string is returned. name[] has any - URL-encoding reversed. -*/ -{ - char *p, *namepattern, *valuestart, *returnvalue, *querystring; - int c, i, j, n, contentlength = 0; - static char *cgiposted = NULL; - size_t size_needed; - - if (cgiposted == NULL) /* have to initialise cgiposted */ - { - p = getenv("CONTENT_LENGTH"); - if (p != NULL) sscanf(p, "%d", &contentlength); - - querystring = getenv("REDIRECT_QUERY_STRING"); - if (querystring == NULL) querystring = getenv("QUERY_STRING"); - - if (querystring == NULL) cgiposted = malloc(contentlength + 3); - else cgiposted = malloc(contentlength + strlen(querystring) + 4); - - cgiposted[0] = '&'; - - for (i = 1; i <= contentlength; ++i) - { - c = getchar(); - if (c == EOF) break; - cgiposted[i] = c; - } - - cgiposted[i] = '&'; - cgiposted[i+1] = '\0'; - - if (querystring != NULL) - { - strcat(cgiposted, querystring); - strcat(cgiposted, "&"); - } - } - - namepattern = malloc(strlen(name) + 3); - sprintf(namepattern, "&%s=", name); - - p = strstr(cgiposted, namepattern); - free(namepattern); - if (p == NULL) return strdup(""); - - valuestart = &p[strlen(name) + 2]; - - for (n=0; valuestart[n] != '&'; ++n) ; - - returnvalue = malloc(n + 1); - - j=0; - - for (i=0; i < n; ++i) - { - if ((i < n - 2) && (valuestart[i] == '%')) /* url encoded as %HH */ - { - returnvalue[j] = 0; - - if (isdigit(valuestart[i+1])) - returnvalue[j] += 16 * (valuestart[i+1] - '0'); - else if (isalpha(valuestart[i+1])) - returnvalue[j] += 16 * (10 + tolower(valuestart[i+1]) - 'a'); - - if (isdigit(valuestart[i+2])) - returnvalue[j] += valuestart[i+2] - '0'; - else if (isalpha(valuestart[i+2])) - returnvalue[j] += 10 + tolower(valuestart[i+2]) - 'a'; - - i = i + 2; - } - else if (valuestart[i] == '+') returnvalue[j] = ' '; - else returnvalue[j] = valuestart[i]; - - if (returnvalue[j] == '\r') continue; /* CR/LF -> LF */ - ++j; - } - - returnvalue[j] = '\0'; - - return returnvalue; -} - -/* * - * Utility functions * - * */ - -char *GRSThttpUrlDecode(char *in) -{ - int i, j, n; - char *out; - - n = strlen(in); - out = malloc(n + 1); - - j=0; - - for (i=0; i < n; ++i) - { - if ((i < n - 2) && (in[i] == '%')) /* url encoded as %HH */ - { - out[j] = 0; - - if (isdigit(in[i+1])) - out[j] += 16 * (in[i+1] - '0'); - else if (isalpha(in[i+1])) - out[j] += 16 * (10 + tolower(in[i+1]) - 'a'); - - if (isdigit(in[i+2])) - out[j] += in[i+2] - '0'; - else if (isalpha(in[i+2])) - out[j] += 10 + tolower(in[i+2]) - 'a'; - - i = i + 2; - } - else if (in[i] == '+') out[j] = ' '; - else out[j] = in[i]; - - ++j; - } - - out[j] = '\0'; - - return out; -} - -char *GRSThttpUrlEncode(char *in) -/* Return a pointer to a malloc'd string holding a URL-encoded (RFC 1738) - version of *in. Only A-Z a-z 0-9 . _ - are passed through unmodified. - (DN's processed by GRSThttpUrlEncode can be used as valid Unix filenames, - assuming they do not exceed restrictions on filename length.) */ -{ - char *out, *p, *q; - - out = malloc(3*strlen(in) + 1); - - p = in; - q = out; - - while (*p != '\0') - { - if (isalnum(*p) || (*p == '.') || (*p == '_') || (*p == '-')) - { - *q = *p; - ++q; - } - else - { - sprintf(q, "%%%2X", *p); - q = &q[3]; - } - - ++p; - } - - *q = '\0'; - return out; -} - -char *GRSThttpUrlMildencode(char *in) -/* Return a pointer to a malloc'd string holding a partially URL-encoded - version of *in. "Partially" means that A-Z a-z 0-9 . = - _ @ and / - are passed through unmodified. (DN's processed by GRSThttpUrlMildencode() - can be used as valid Unix paths+filenames if you are prepared to - create or simulate the resulting /X=xyz directories.) */ -{ - char *out, *p, *q; - - out = malloc(3*strlen(in) + 1); - - p = in; - q = out; - - while (*p != '\0') - { - if (isalnum(*p) || (*p == '.') || (*p == '=') || (*p == '-') - || (*p == '/') || (*p == '@') || (*p == '_')) - { - *q = *p; - ++q; - } - else if (*p == ' ') - { - *q = '+'; - ++q; - } - else - { - sprintf(q, "%%%2X", *p); - q = &q[3]; - } - - ++p; - } - - *q = '\0'; - return out; -} diff --git a/org.gridsite.core/src/grst_x509.c b/org.gridsite.core/src/grst_x509.c deleted file mode 100644 index ccf6100..0000000 --- a/org.gridsite.core/src/grst_x509.c +++ /dev/null @@ -1,1491 +0,0 @@ -/* - Copyright (c) 2002-5, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - - --------------------------------------------------------------- - For more information about GridSite: http://www.gridsite.org/ - --------------------------------------------------------------- -*/ - -#define _GNU_SOURCE - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "gridsite.h" - -#define GRST_KEYSIZE 512 -#define GRST_PROXYCACHE "/../proxycache/" -#define GRST_MAX_CHAIN_LEN 9 - -/// Compare X509 Distinguished Name strings -int GRSTx509NameCmp(char *a, char *b) -/** - * This function attempts to do with string representations what - * would ideally be done with OIDs/values. In particular, we equate - * "/Email=" == "/emailAddress=" to deal with this important change - * between OpenSSL 0.9.6 and 0.9.7. - * Other than that, it is currently the same as ordinary strcmp(3). - */ -{ - int ret; - char *aa, *bb, *p; - - aa = strdup(a); - while ((p = strstr(aa, "/emailAddress=")) != NULL) - { - memmove(&p[6], &p[13], strlen(&p[13]) + 1); - p[1] = 'E'; - } - - bb = strdup(b); - while ((p = strstr(bb, "/emailAddress=")) != NULL) - { - memmove(&p[6], &p[13], strlen(&p[13]) + 1); - p[1] = 'E'; - } - - ret = strcmp(aa, bb); - - free(aa); - free(bb); - - return ret; -} - - -/// Check critical extensions -/** - * Returning GRST_RET_OK if all of extensions are known to us or - * OpenSSL; GRST_REF_FAILED otherwise. - * - * Since this function relies on functionality (X509_supported_extension) - * introduced in 0.9.7, then we do nothing and report an error - * (GRST_RET_FAILED) if one of the associated defines - * (X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) is absent. - */ - -int GRSTx509KnownCriticalExts(X509 *cert) -{ - int i; - char s[80]; - X509_EXTENSION *ex; - -#ifdef X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION - for (i = 0; i < X509_get_ext_count(cert); ++i) - { - ex = X509_get_ext(cert, i); - - if (X509_EXTENSION_get_critical(ex) && - !X509_supported_extension(ex)) - { - OBJ_obj2txt(s, sizeof(s), X509_EXTENSION_get_object(ex), 1); - - if (strcmp(s, GRST_PROXYCERTINFO_OID) != 0) return GRST_RET_FAILED; - } - } - - return GRST_RET_OK; -#else - return GRST_RET_FAILED; -#endif -} - -/// Check if certificate can be used as a CA to sign standard X509 certs -/* - * Return GRST_RET_OK if true; GRST_RET_FAILED if not. - */ - -int GRSTx509IsCA(X509 *cert) -{ - int idret, purpose_id; - - purpose_id = X509_PURPOSE_get_by_sname("sslclient"); - - /* final argument to X509_check_purpose() is whether to check for CAness */ - - if (X509_check_purpose(cert, purpose_id + X509_PURPOSE_MIN, 1)) - return GRST_RET_OK; - else return GRST_RET_FAILED; -} - -/// Check certificate chain for GSI proxy acceptability. -/** - * Returns X509_V_OK/GRST_RET_OK if valid; OpenSSL X509 errors otherwise. - * - * Inspired by GSIcheck written by Mike Jones, SVE, Manchester Computing, - * The University of Manchester. - * - * The GridSite version handles old and new style Globus proxies, and - * proxies derived from user certificates issued with "X509v3 Basic - * Constraints: CA:FALSE" (eg UK e-Science CA) - * - * We do not check chain links between certs here: this is done by - * GRST_check_issued/X509_check_issued in mod_ssl's ssl_engine_init.c - * - * TODO: we do not yet check ProxyCertInfo and ProxyCertPolicy extensions - * (although via GRSTx509KnownCriticalExts() we can accept them.) - */ - -int GRSTx509CheckChain(int *first_non_ca, X509_STORE_CTX *ctx) -{ - STACK_OF(X509) *certstack; /* Points to the client's cert chain */ - X509 *cert; /* Points to the client's cert */ - int depth; /* Depth of cert chain */ - size_t len,len2; /* Lengths of issuer and cert DN */ - int IsCA; /* Holds whether cert is allowed to sign */ - int prevIsCA; /* Holds whether previous cert in chain is - allowed to sign */ - int prevIsLimited; /* previous cert was proxy and limited */ - int i,j; /* Iteration variables */ - char *cert_DN; /* Pointer to current-certificate-in-chain's - DN */ - char *issuer_DN; /* Pointer to - issuer-of-current-cert-in-chain's DN */ - char *proxy_part_DN; /* Pointer to end part of current-cert-in-chain - maybe eg "/CN=proxy" */ - time_t now; - - time(&now); - - *first_non_ca = 0; /* set to something predictable if things fail */ - - /* Check for context */ - if (!ctx) return X509_V_ERR_INVALID_CA; - /* Can't GSI-verify if there is no context. Here and throughout this - function we report all errors as X509_V_ERR_INVALID_CA. */ - - /* Set necessary preliminary values */ - IsCA = TRUE; /* =prevIsCA - start from a CA */ - prevIsLimited = 0; - - /* Get the client cert chain */ - certstack = X509_STORE_CTX_get_chain(ctx); /* Get the client's chain */ - depth = sk_X509_num(certstack); /* How deep is that chain? */ - - /* Check the client chain */ - for (i=depth-1; i >= 0; --i) - /* loop through client-presented chain starting at CA end */ - { - prevIsCA=IsCA; - - /* Check for X509 certificate and point to it with 'cert' */ - if (cert = sk_X509_value(certstack, i)) - { - /* we check times and reject immediately if invalid */ - - if (now < - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notBefore(cert)),0)) - return X509_V_ERR_INVALID_CA; - - if (now > - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(cert)),0)) - return X509_V_ERR_INVALID_CA; - - /* If any forebear certificate is not allowed to sign we must - assume all decendents are proxies and cannot sign either */ - if (prevIsCA) - { - /* always treat the first cert (from the CA files) as a CA */ - if (i == depth-1) IsCA = TRUE; - /* check if this cert is valid CA for signing certs */ - else IsCA = (GRSTx509IsCA(cert) == GRST_RET_OK); - - if (!IsCA) *first_non_ca = i; - } - else - { - IsCA = FALSE; - /* Force proxy check next iteration. Important because I can - sign any CA I create! */ - } - - cert_DN = X509_NAME_oneline(X509_get_subject_name(cert),NULL,0); - issuer_DN = X509_NAME_oneline(X509_get_issuer_name(cert),NULL,0); - len = strlen(cert_DN); - len2 = strlen(issuer_DN); - - /* issuer didn't have CA status, so this is (at best) a proxy: - check for bad proxy extension*/ - - if (!prevIsCA) - { - if (prevIsLimited) /* we reject proxies of limited proxies! */ - return X509_V_ERR_INVALID_CA; - - /* User not allowed to sign shortened DN */ - if (len2 > len) return X509_V_ERR_INVALID_CA; - - /* Proxy subject must begin with issuer. */ - if (strncmp(cert_DN, issuer_DN, len2) != 0) - return X509_V_ERR_INVALID_CA; - - /* Set pointer to end of base DN in cert_DN */ - proxy_part_DN = &cert_DN[len2]; - - /* First attempt at support for Old and New style GSI - proxies: /CN=anything is ok for now */ - if (strncmp(proxy_part_DN, "/CN=", 4) != 0) - return X509_V_ERR_INVALID_CA; - - if ((strncmp(proxy_part_DN, "/CN=limited proxy", 17) == 0) && - (i > 0)) prevIsLimited = 1; /* ready for next cert ... */ - } - } - } - - /* Check cert whose private key is being used by client. If previous in - chain is not allowed to be a CA then need to check this final cert for - valid proxy-icity too */ - if (!prevIsCA) - { - if (prevIsLimited) return X509_V_ERR_INVALID_CA; - /* we do not accept proxies signed by limited proxies */ - - if (cert = sk_X509_value(certstack, 0)) - { - /* Load DN & length of DN and either its issuer or the - first-bad-issuer-in-chain */ - cert_DN = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0); - issuer_DN = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0); - len = strlen(cert_DN); - len2 = strlen(issuer_DN); - - /* issuer didn't have CA status, check for bad proxy extension */ - - if (len2 > len) return X509_V_ERR_INVALID_CA; - /* User not allowed to sign shortened DN */ - - if (strncmp(cert_DN, issuer_DN, len2) != 0) - return X509_V_ERR_INVALID_CA; - /* Proxy subject must begin with issuer. */ - - proxy_part_DN = &cert_DN[len2]; - /* Set pointer to end of DN base in cert_DN */ - - /* Remander of subject must be either "/CN=proxy" or - "/CN=limited proxy" (or /CN=XYZ for New style GSI) */ - - /* First attempt at support for Old and New style GSI - proxies: /CN=anything is ok for now. */ - if (strncmp(proxy_part_DN, "/CN=", 4) != 0) - return X509_V_ERR_INVALID_CA; - } - } - - return X509_V_OK; /* this is also GRST_RET_OK, of course - by choice */ -} - -/// Example VerifyCallback routine - -/** - * - */ - -int GRSTx509VerifyCallback (int ok, X509_STORE_CTX *ctx) -{ - int errnum = X509_STORE_CTX_get_error(ctx); - int errdepth = X509_STORE_CTX_get_error_depth(ctx); - int first_non_ca; - -#ifndef X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION -#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 -#endif - - if (errnum == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) - { - if (GRSTx509KnownCriticalExts(X509_STORE_CTX_get_current_cert(ctx)) - == GRST_RET_OK) - { - ok = TRUE; - errnum = X509_V_OK; - X509_STORE_CTX_set_error(ctx, errnum); - } - } - else if ((errdepth == 0) && - (errnum == X509_V_OK) && - (GRSTx509CheckChain(&first_non_ca, ctx) != X509_V_OK)) ok = FALSE; - - - return ok; - -// check this - -// if (ok) return GRST_RET_OK; -// else return GRST_RET_FAILED; -} - -/// Check the signature of the VOMS attributes -/* - * Returns GRST_RET_OK if signature is ok, other values if not. - */ - -static int GRSTx509VerifyVomsSig(time_t *time1_time, time_t *time2_time, - unsigned char *asn1string, - struct GRSTasn1TagList taglist[], - int lasttag, - char *vomsdir) -{ -#define GRST_ASN1_COORDS_VOMS_DN "-1-1-1-1-3-1-1-1-%d-1-%d" -#define GRST_ASN1_COORDS_VOMS_INFO "-1-1-1-1" -#define GRST_ASN1_COORDS_VOMS_SIG "-1-1-1-3" - int ret, isig, iinfo; - char *certpath, acvomsdn[200]; - unsigned char *q; - DIR *vomsDIR; - struct dirent *vomsdirent; - X509 *cert; - EVP_PKEY *prvkey; - FILE *fp; - EVP_MD_CTX ctx; - time_t voms_service_time1, voms_service_time2; - - if ((vomsdir == NULL) || (vomsdir[0] == '\0')) return GRST_RET_FAILED; - - if (GRSTasn1GetX509Name(acvomsdn, sizeof(acvomsdn), - GRST_ASN1_COORDS_VOMS_DN, - asn1string, taglist, lasttag) != GRST_RET_OK) return GRST_RET_FAILED; - - iinfo = GRSTasn1SearchTaglist(taglist, lasttag, GRST_ASN1_COORDS_VOMS_INFO); - isig = GRSTasn1SearchTaglist(taglist, lasttag, GRST_ASN1_COORDS_VOMS_SIG); - - if ((iinfo < 0) || (isig < 0)) return GRST_RET_FAILED; - - vomsDIR = opendir(vomsdir); - if (vomsDIR == NULL) return GRST_RET_FAILED; - - while ((vomsdirent = readdir(vomsDIR)) != NULL) - { - asprintf(&certpath, "%s/%s", vomsdir, vomsdirent->d_name); - fp = fopen(certpath, "r"); - free(certpath); - if (fp == NULL) continue; - - cert = PEM_read_X509(fp, NULL, NULL, NULL); - fclose(fp); - if (cert == NULL) continue; - - if (GRSTx509NameCmp(acvomsdn, - X509_NAME_oneline(X509_get_subject_name(cert),NULL,0)) != 0) - { - X509_free(cert); - continue; - } - - prvkey = X509_extract_key(cert); - if (prvkey == NULL) - { - X509_free(cert); - continue; - } - - OpenSSL_add_all_digests(); -#if OPENSSL_VERSION_NUMBER >= 0x0090701fL - EVP_MD_CTX_init(&ctx); - EVP_VerifyInit_ex(&ctx, EVP_md5(), NULL); -#endif - - EVP_VerifyUpdate(&ctx, - &asn1string[taglist[iinfo].start+ - 0*taglist[iinfo].headerlength], - taglist[iinfo].length+taglist[iinfo].headerlength); - - ret = EVP_VerifyFinal(&ctx, - &asn1string[taglist[isig].start+ - taglist[isig].headerlength]+1, - taglist[isig].length - 1, - prvkey); - -#if OPENSSL_VERSION_NUMBER >= 0x0090701fL - EVP_MD_CTX_cleanup(&ctx); -#endif - EVP_PKEY_free(prvkey); - - if (ret != 1) /* signature doesnt match, look for more */ - { - continue; - X509_free(cert); - } - - voms_service_time1 = - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notBefore(cert)),0); - if (voms_service_time1 > *time1_time) - *time1_time = voms_service_time1; - - voms_service_time2 = - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(cert)),0); - if (voms_service_time2 < *time1_time) - *time2_time = voms_service_time2; - - X509_free(cert); - closedir(vomsDIR); - return GRST_RET_OK ; /* verified */ - } - - closedir(vomsDIR); - return GRST_RET_FAILED; -} - -/// Get the VOMS attributes in the given extension -/* - * Puts any VOMS credentials found into the Compact Creds string array - * starting at *creds. Always returns GRST_RET_OK. - */ - -int GRSTx509ParseVomsExt(int *lastcred, int maxcreds, size_t credlen, - char *creds, time_t time1_time, time_t time2_time, - X509_EXTENSION *ex, char *ucuserdn, char *vomsdir) -{ -#define MAXTAG 500 -#define GRST_ASN1_COORDS_FQAN "-1-1-1-1-7-1-2-1-2-%d" -#define GRST_ASN1_COORDS_USER_DN "-1-1-1-1-2-1-1-1-1-%d-1-%d" -#define GRST_ASN1_COORDS_TIME1 "-1-1-1-1-6-1" -#define GRST_ASN1_COORDS_TIME2 "-1-1-1-1-6-2" - ASN1_OCTET_STRING *asn1data; - char *asn1string, s[81], acuserdn[200], acvomsdn[200]; - long asn1length; - int lasttag=-1, itag, i; - struct GRSTasn1TagList taglist[MAXTAG+1]; - time_t actime1, actime2, time_now; - - asn1data = X509_EXTENSION_get_data(ex); - asn1string = ASN1_STRING_data(asn1data); - asn1length = ASN1_STRING_length(asn1data); - - GRSTasn1ParseDump(NULL, asn1string, asn1length, taglist, MAXTAG, &lasttag); - - GRSTasn1GetX509Name(acuserdn, sizeof(acuserdn), GRST_ASN1_COORDS_USER_DN, - asn1string, taglist, lasttag); - if (GRSTx509NameCmp(ucuserdn, acuserdn) != 0) return GRST_RET_FAILED; - - if (GRSTx509VerifyVomsSig(&time1_time, &time2_time, - asn1string, taglist, lasttag, vomsdir) - != GRST_RET_OK) return GRST_RET_FAILED; - - itag = GRSTasn1SearchTaglist(taglist, lasttag, GRST_ASN1_COORDS_TIME1); - actime1 = GRSTasn1TimeToTimeT(&asn1string[taglist[itag].start+ - taglist[itag].headerlength], - taglist[itag].length); - if (actime1 > time1_time) time1_time = actime1; - - itag = GRSTasn1SearchTaglist(taglist, lasttag, GRST_ASN1_COORDS_TIME2); - actime2 = GRSTasn1TimeToTimeT(&asn1string[taglist[itag].start+ - taglist[itag].headerlength], - taglist[itag].length); - if (actime2 < time2_time) time2_time = actime2; - - time(&time_now); - if ((time1_time > time_now) || (time2_time < time_now)) - return GRST_RET_OK; /* expiration isnt invalidity ...? */ - - for (i=1; ; ++i) - { - sprintf(s, GRST_ASN1_COORDS_FQAN, i); - itag = GRSTasn1SearchTaglist(taglist, lasttag, s); - - if (itag > -1) - { - if (*lastcred < maxcreds - 1) - { - ++(*lastcred); - - snprintf(&creds[*lastcred * (credlen + 1)], credlen+1, - "VOMS %010lu %010lu 0 %.*s", - time1_time, time2_time, - taglist[itag].length, - &asn1string[taglist[itag].start+ - taglist[itag].headerlength]); - } - } - else break; - } - - return GRST_RET_OK; -} - -/// Get the VOMS attributes in the extensions to the given cert stack -/* - * Puts any VOMS credentials found into the Compact Creds string array - * starting at *creds. Always returns GRST_RET_OK. - */ - -int GRSTx509GetVomsCreds(int *lastcred, int maxcreds, size_t credlen, - char *creds, X509 *usercert, STACK_OF(X509) *certstack, - char *vomsdir) -{ - int i, j, vomsfound=0; - char s[80]; - unsigned char *ucuser; - X509_EXTENSION *ex; - ASN1_STRING *asn1str; - X509 *cert; - time_t time1_time = 0, time2_time = 0, uctime1_time, uctime2_time; - - uctime1_time = - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notBefore(usercert)),0); - uctime2_time = - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(usercert)),0); - ucuser = - X509_NAME_oneline(X509_get_subject_name(usercert), NULL, 0); - - for (j=sk_X509_num(certstack)-1; j >= 0; --j) - { - cert = sk_X509_value(certstack, j); - - time1_time = - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notBefore(cert)),0); - uctime1_time = (time1_time > uctime1_time) ? time1_time:uctime1_time; - - time2_time = - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(cert)),0); - uctime2_time = (time2_time < uctime2_time) ? time2_time:uctime2_time; - - for (i=0; i < X509_get_ext_count(cert); ++i) - { - ex = X509_get_ext(cert, i); - OBJ_obj2txt(s, sizeof(s), X509_EXTENSION_get_object(ex), 1); - - if (strcmp(s, GRST_VOMS_OID) == 0) /* a VOMS extension */ - { - vomsfound=1; - GRSTx509ParseVomsExt(lastcred, maxcreds, credlen, creds, - uctime1_time, uctime2_time, - ex, ucuser, vomsdir); - } - } - - if (vomsfound) return GRST_RET_OK; - } - - return GRST_RET_OK; -} - -/// Turn a Compact Cred line into a GRSTgaclCred object -/** - * Returns pointer to created GRSTgaclCred or NULL or failure. - */ - -GRSTgaclCred *GRSTx509CompactToCred(char *grst_cred) -{ - int delegation; - char *p; - time_t now, notbefore, notafter; - GRSTgaclCred *cred = NULL; - - time(&now); - - if (grst_cred == NULL) return NULL; /* just in case */ - - if (strncmp(grst_cred, "X509USER ", 9) == 0) - { - if ((sscanf(grst_cred, "X509USER %lu %lu %d", - ¬before, ¬after, &delegation) == 3) - && (now >= notbefore) - && (now <= notafter) - && (p = index(grst_cred, ' ')) - && (p = index(++p, ' ')) - && (p = index(++p, ' ')) - && (p = index(++p, ' '))) - { - cred = GRSTgaclCredNew("person"); - GRSTgaclCredSetDelegation(cred, delegation); - GRSTgaclCredAddValue(cred, "dn", &p[1]); - } - - return cred; - } - - if (strncmp(grst_cred, "VOMS ", 5) == 0) - { - if ((sscanf(grst_cred, "VOMS %lu %lu %d", - ¬before, ¬after, &delegation) == 3) - && (now >= notbefore) - && (now <= notafter) - && (p = index(grst_cred, ' ')) - && (p = index(++p, ' ')) - && (p = index(++p, ' ')) - && (p = index(++p, ' '))) - { - /* include /VO/group/subgroup/Role=role/Capability=cap */ - - if (p[1] != '/') return NULL; /* must begin with / */ - - cred = GRSTgaclCredNew("voms"); - GRSTgaclCredSetDelegation(cred, delegation); - GRSTgaclCredAddValue(cred, "fqan", &p[1]); - } - - return cred; - } - - return NULL; /* dont recognise this credential type */ -} - -/// Get the credentials in an X509 cert/GSI proxy, including any VOMS -/** - * Credentials are placed in Compact Creds string array at *creds. - * - * Function returns GRST_RET_OK on success, or GRST_RET_FAILED if - * some inconsistency found in certificate. - */ - -int GRSTx509CompactCreds(int *lastcred, int maxcreds, size_t credlen, - char *creds, STACK_OF(X509) *certstack, char *vomsdir) -{ - int i, j, delegation = 0; - char credtemp[credlen+1]; - X509 *cert, *usercert = NULL, *gsiproxycert = NULL; - - *lastcred = -1; - - for (i = sk_X509_num(certstack) - 1; i >= 0; --i) - { - cert = sk_X509_value(certstack, i); - - if (usercert != NULL) - { /* found a (GSI proxy) cert after the user cert */ - gsiproxycert = cert; - ++delegation; - } - - if ((usercert == NULL) && - (i < sk_X509_num(certstack) - 1) && - (GRSTx509IsCA(cert) != GRST_RET_OK)) usercert = cert; - /* found the 1st non-CA cert */ - } - - if ((usercert == NULL) /* if no usercert ("EEC"), we're not interested */ - || - (snprintf(credtemp, credlen+1, "X509USER %010lu %010lu %d %s", - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notBefore(usercert)),0), - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(usercert)),0), - delegation, - X509_NAME_oneline(X509_get_subject_name(usercert), NULL, 0)) >= credlen+1) - || - (*lastcred >= maxcreds-1)) - { - *lastcred = -1; /* just in case the caller looks at it */ - return GRST_RET_FAILED; /* tell caller that things didn't work out */ - } - - ++(*lastcred); - strcpy(&creds[*lastcred * (credlen + 1)], credtemp); - - if ((gsiproxycert != NULL) - && - (snprintf(credtemp, credlen+1, "GSIPROXY %010lu %010lu %d %s", - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notBefore(gsiproxycert)),0), - GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(gsiproxycert)),0), - delegation, - X509_NAME_oneline(X509_get_subject_name(gsiproxycert), NULL, 0)) < credlen+1) - && - (*lastcred < maxcreds-1)) - { - ++(*lastcred); - strcpy(&creds[*lastcred * (credlen + 1)], credtemp); - - GRSTx509GetVomsCreds(lastcred, maxcreds, credlen, creds, - usercert, certstack, vomsdir); - - } - - return GRST_RET_OK; -} - -/// Find proxy file name of the current user -/** - * Return a string with the proxy file name or NULL if not present. - * This function does not check if the proxy has expired. - */ - -char *GRSTx509FindProxyFileName(void) -{ - char *p; - - p = getenv("X509_USER_PROXY"); - - if (p != NULL) return strdup(p); - - p = malloc(sizeof("/tmp/x509up_uXYYYXXXYYY")); - - sprintf(p, "/tmp/x509up_u%d", getuid()); - - return p; -} - -static void mpcerror(FILE *debugfp, char *msg) -{ - if (debugfp != NULL) - { - fputs(msg, debugfp); - ERR_print_errors_fp(debugfp); - } -} - -/// Make a GSI Proxy chain from a request, certificate and private key -/** - * The proxy chain is returned in *proxychain. If debugfp is non-NULL, - * errors are output to that file pointer. The proxy will expired in - * the given number of minutes starting from the current time. - */ - -int GRSTx509MakeProxyCert(char **proxychain, FILE *debugfp, - char *reqtxt, char *cert, char *key, int minutes) -{ - char *ptr, *certchain; - int i, subjAltName_pos, ncerts; - long serial = 2796, ptrlen; - EVP_PKEY *pkey, *CApkey; - const EVP_MD *digest; - X509 *certs[GRST_MAX_CHAIN_LEN]; - X509_REQ *req; - X509_NAME *name, *CAsubject, *newsubject; - X509_NAME_ENTRY *ent; - X509V3_CTX ctx; - X509_EXTENSION *subjAltName; - STACK_OF (X509_EXTENSION) * req_exts; - FILE *fp; - BIO *reqmem, *certmem; - - /* read in the request */ - reqmem = BIO_new(BIO_s_mem()); - BIO_puts(reqmem, reqtxt); - - if (!(req = PEM_read_bio_X509_REQ(reqmem, NULL, NULL, NULL))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error reading request from BIO memory\n"); - BIO_free(reqmem); - return GRST_RET_FAILED; - } - - BIO_free(reqmem); - - /* verify signature on the request */ - if (!(pkey = X509_REQ_get_pubkey (req))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error getting public key from request\n"); - return GRST_RET_FAILED; - } - - if (X509_REQ_verify(req, pkey) != 1) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error verifying signature on certificate\n"); - return GRST_RET_FAILED; - } - - /* read in the signing certificate */ - if (!(fp = fopen(cert, "r"))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error opening signing certificate file\n"); - return GRST_RET_FAILED; - } - - for (ncerts = 1; ncerts < GRST_MAX_CHAIN_LEN; ++ncerts) - if (!(certs[ncerts] = PEM_read_X509(fp, NULL, NULL, NULL))) break; - - if (ncerts == 1) /* zeroth cert with be new proxy cert */ - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error reading signing certificate file\n"); - return GRST_RET_FAILED; - } - - fclose(fp); - - CAsubject = X509_get_subject_name(certs[1]); - - /* read in the CA private key */ - if (!(fp = fopen(key, "r"))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error reading signing private key file\n"); - return GRST_RET_FAILED; - } - - if (!(CApkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error reading signing private key in file\n"); - return GRST_RET_FAILED; - } - - fclose(fp); - - /* get subject name */ - if (!(name = X509_REQ_get_subject_name (req))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error getting subject name from request\n"); - return GRST_RET_FAILED; - } - - /* create new certificate */ - if (!(certs[0] = X509_new ())) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error creating X509 object\n"); - return GRST_RET_FAILED; - } - - /* set version number for the certificate (X509v3) and the serial number - need 3 = v4 for GSI proxy?? */ - if (X509_set_version (certs[0], 3L) != 1) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error setting certificate version\n"); - return GRST_RET_FAILED; - } - - ASN1_INTEGER_set (X509_get_serialNumber (certs[0]), serial++); - - if (!(name = X509_get_subject_name(certs[1]))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error getting subject name from CA certificate\n"); - return GRST_RET_FAILED; - } - - if (X509_set_issuer_name (certs[0], name) != 1) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error setting issuer name of certificate\n"); - return GRST_RET_FAILED; - } - - /* set issuer and subject name of the cert from the req and the CA */ - ent = X509_NAME_ENTRY_create_by_NID(NULL, OBJ_txt2nid("commonName"), - MBSTRING_ASC, "proxy", -1); - - newsubject = X509_NAME_dup(CAsubject); - - X509_NAME_add_entry(newsubject, ent, -1, 0); - - if (X509_set_subject_name(certs[0], newsubject) != 1) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error setting subject name of certificate\n"); - return GRST_RET_FAILED; - } - - /* set public key in the certificate */ - if (X509_set_pubkey(certs[0], pkey) != 1) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error setting public key of the certificate\n"); - return GRST_RET_FAILED; - } - -// need to set validity within limits of earlier certificates in the chain - - /* set duration for the certificate */ - if (!(X509_gmtime_adj (X509_get_notBefore(certs[0]), 0))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error setting beginning time of the certificate\n"); - return GRST_RET_FAILED; - } - - if (!(X509_gmtime_adj (X509_get_notAfter(certs[0]), 60 * minutes))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error setting ending time of the certificate\n"); - return GRST_RET_FAILED; - } - - /* sign the certificate with the signing private key */ - if (EVP_PKEY_type (CApkey->type) == EVP_PKEY_RSA) - digest = EVP_md5(); - else - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error checking signing private key for a valid digest\n"); - return GRST_RET_FAILED; - } - - if (!(X509_sign (certs[0], CApkey, digest))) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error signing certificate\n"); - return GRST_RET_FAILED; - } - - /* store the completed certificate chain */ - - certchain = strdup(""); - - for (i=0; i < ncerts; ++i) - { - certmem = BIO_new(BIO_s_mem()); - - if (PEM_write_bio_X509(certmem, certs[i]) != 1) - { - mpcerror(debugfp, - "GRSTx509MakeProxyCert(): error writing certificate to memory BIO\n"); - return GRST_RET_FAILED; - } - - ptrlen = BIO_get_mem_data(certmem, &ptr); - - certchain = realloc(certchain, strlen(certchain) + ptrlen + 1); - - strncat(certchain, ptr, ptrlen); - - BIO_free(certmem); - } - - *proxychain = certchain; - - return GRST_RET_OK; -} - -/// Find a proxy file in the proxy cache -/** - * Returns the full path and file name of proxy file associated - * with given delegation ID and user DN. - */ - -char *GRSTx509CachedProxyFind(char *proxydir, char *delegation_id, - char *user_dn) -/* - Return a pointer to a malloc'd string with the full path of the - proxy file corresponding to the given delegation_id, or NULL - if not found. -*/ -{ - int ret, len; - char *filename = NULL, *line, *p, *proxyfile = NULL; - DIR *proxyDIR; - FILE *fp; - struct dirent *ent; - struct stat entstat; - - if ((proxyDIR = opendir(proxydir)) == NULL) return NULL; - - len = strlen(delegation_id); - if (strlen(user_dn) > len) len = strlen(user_dn); - - if ((line = malloc(len + 2)) == NULL) return NULL; - - while ((ent = readdir(proxyDIR)) != NULL) - { - if (ent->d_name[0] != '.') /* private keys begin with . */ - { - if (asprintf(&filename, "%s/%s", proxydir, ent->d_name) == -1) - break; - if ((stat(filename, &entstat) != 0) - || !S_ISREG(entstat.st_mode)) - { - free(filename); - continue; - } - - fp = fopen(filename, "r"); - if (fp != NULL) - { - if (fgets(line, len + 2, fp) != NULL) - { - p = index(line, '\n'); - - if (p != NULL) - { - *p = '\0'; - if (strcmp(line, delegation_id) == 0) - { - if (fgets(line, len + 2, fp) != NULL) - { - p = index(line, '\n'); - - if (p != NULL) - { - *p = '\0'; - - if (strcmp(line, user_dn) == 0) - { - proxyfile = filename; - fclose(fp); - break; - } - } - } - } - } - } - - fclose(fp); - } - - free(filename); - } - } - - closedir(proxyDIR); - free(line); - - return proxyfile; -} - -/// Find a temporary proxy private key file in the proxy cache -/** - * Returns the full path and file name of the private key file associated - * with given delegation ID and user DN. - */ - -char *GRSTx509CachedProxyKeyFind(char *proxydir, char *delegation_id, - char *user_dn) -/* - Return a pointer to a malloc'd string with the full path of the - private proxy key corresponding to the given delegation_id, or NULL - if not found. -*/ -{ - int ret, len; - char *filename = NULL, *line, *p, *keyfile = NULL; - DIR *proxyDIR; - FILE *fp; - struct dirent *ent; - struct stat entstat; - - if ((proxyDIR = opendir(proxydir)) == NULL) return NULL; - - len = strlen(delegation_id); - if (strlen(user_dn) > len) len = strlen(user_dn); - - if ((line = malloc(len + 2)) == NULL) return NULL; - - while ((ent = readdir(proxyDIR)) != NULL) - { - if (ent->d_name[0] == '.') /* private keys begin with . */ - { - if (asprintf(&filename, "%s/%s", proxydir, ent->d_name) == -1) - break; - if ((stat(filename, &entstat) != 0) - || !S_ISREG(entstat.st_mode)) - { - free(filename); - continue; - } - - fp = fopen(filename, "r"); - if (fp != NULL) - { - if (fgets(line, len + 2, fp) != NULL) - { - p = index(line, '\n'); - - if (p != NULL) - { - *p = '\0'; - if (strcmp(line, delegation_id) == 0) - { - if (fgets(line, len + 2, fp) != NULL) - { - p = index(line, '\n'); - - if (p != NULL) - { - *p = '\0'; - - if (strcmp(line, user_dn) == 0) - { - keyfile = filename; - fclose(fp); - break; - } - } - } - } - } - } - - fclose(fp); - } - - free(filename); - } - } - - closedir(proxyDIR); - free(line); - - return keyfile; -} - -/// Make and store a X.509 request for a GSI proxy -/** - * Returns GRST_RET_OK on success, non-zero otherwise. Request string - * is PEM encoded, and the key is stored in proxydir as temporary file - * with a filename like .XXXXXX - */ - -int GRSTx509MakeProxyRequest(char **reqtxt, char *proxydir, - char *delegation_id, char *user_dn) -{ - int i, fd; - char *docroot, *reqfile, *prvkeyfile, *ptr; - size_t ptrlen; - FILE *fp; - RSA *keypair; - X509_NAME *subject; - X509_NAME_ENTRY *ent; - EVP_PKEY *pkey; - X509_REQ *certreq; - BIO *reqmem; - const EVP_MD *digest; - struct stat statbuf; - - if ((keypair = RSA_generate_key(GRST_KEYSIZE, 65537, NULL, NULL)) == NULL) - return 1; - asprintf(&prvkeyfile, "%s/.XXXXXX", proxydir); - - fd = mkstemp(prvkeyfile); - - if ((fp = fdopen(fd, "w")) == NULL) return 1; - - fprintf(fp, "%s\n%s\n", delegation_id, user_dn); - - if (!PEM_write_RSAPrivateKey(fp, keypair, NULL, NULL, 0, NULL, NULL)) - return 1; - - if (fclose(fp) != 0) return 1; - - /* now create the certificate request */ - - certreq = X509_REQ_new(); - if (certreq == NULL) return 1; - - OpenSSL_add_all_algorithms(); - - pkey = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(pkey, keypair); - - X509_REQ_set_pubkey(certreq, pkey); - - subject = X509_NAME_new(); - ent = X509_NAME_ENTRY_create_by_NID(NULL, OBJ_txt2nid("organizationName"), - MBSTRING_ASC, "Dummy", -1); - X509_NAME_add_entry (subject, ent, -1, 0); - X509_REQ_set_subject_name (certreq, subject); - - digest = EVP_md5(); - X509_REQ_sign(certreq, pkey, digest); - - reqmem = BIO_new(BIO_s_mem()); - PEM_write_bio_X509_REQ(reqmem, certreq); - ptrlen = BIO_get_mem_data(reqmem, &ptr); - - *reqtxt = malloc(ptrlen + 1); - memcpy(*reqtxt, ptr, ptrlen); - (*reqtxt)[ptrlen] = '\0'; - - BIO_free(reqmem); - - X509_REQ_free(certreq); - - return 0; -} - -/// Create a stack of X509 certificate from a PEM-encoded string -/** - * Creates a dynamically allocated stack of X509 certificate objects - * by walking through the PEM-encoded X509 certificates. - * - * Returns GRST_RET_OK on success, non-zero otherwise. - * - */ - -int GRSTx509StringToChain(STACK_OF(X509) **certstack, char *certstring) -{ - STACK_OF(X509_INFO) *sk=NULL; - BIO *certbio; - X509_INFO *xi; - - *certstack = sk_X509_new_null(); - if (*certstack == NULL) return GRST_RET_FAILED; - - certbio = BIO_new_mem_buf(certstring, -1); - - if (!(sk=PEM_X509_INFO_read_bio(certbio, NULL, NULL, NULL))) - { - BIO_free(certbio); - sk_X509_INFO_free(sk); - sk_X509_free(*certstack); - return GRST_RET_FAILED; - } - - while (sk_X509_INFO_num(sk)) - { - xi=sk_X509_INFO_shift(sk); - if (xi->x509 != NULL) - { - sk_X509_push(*certstack, xi->x509); - xi->x509=NULL; - } - X509_INFO_free(xi); - } - - if (!sk_X509_num(*certstack)) - { - BIO_free(certbio); - sk_X509_INFO_free(sk); - sk_X509_free(*certstack); - return GRST_RET_FAILED; - } - - BIO_free(certbio); - sk_X509_INFO_free(sk); - - return GRST_RET_OK; -} - -/// Return the short file name for the given delegation_id and user_dn -/** - * Returns a malloc'd string with the short file name (no paths) that - * derived from the hashed delegation_id and user_dn - * - * File name is SHA1_HASH(DelegationID)+"-"+SHA1_HASH(DN) where DN - * is DER encoded version of user_dn with any trailing CN=proxy removed - * Hashes are the most significant 8 bytes, in lowercase hexadecimal. - */ - -char *GRSTx509MakeProxyFileName(char *delegation_id, - STACK_OF(X509) *certstack) -{ - int i, depth, prevIsCA = 1, IsCA, hash_name_len, delegation_id_len, - der_name_len; - unsigned char *der_name, *buf, hash_name[EVP_MAX_MD_SIZE], - hash_delegation_id[EVP_MAX_MD_SIZE], - filename[34]; - X509_NAME *subject_name; - X509 *cert; - const EVP_MD *m; - EVP_MD_CTX ctx; - - depth = sk_X509_num(certstack); - - for (i=depth-1; i >= 0; --i) - /* loop through the proxy chain starting at CA end */ - { - if (cert = sk_X509_value(certstack, i)) - { - IsCA = (GRSTx509IsCA(cert) == GRST_RET_OK); - - if (prevIsCA && !IsCA) /* the full certificate of the user */ - { - break; - } - } - } - - if (i < 0) return NULL; /* not found: something wrong with the chain */ - - if ((subject_name = X509_get_subject_name(cert)) == NULL) return NULL; - - der_name_len = i2d_X509_NAME(X509_get_subject_name(cert), NULL); - if (der_name_len == 0) return NULL; - - buf = OPENSSL_malloc(der_name_len); - der_name = buf; - - - if (!i2d_X509_NAME(X509_get_subject_name(cert), &der_name)) - { - OPENSSL_free(der_name); - return NULL; - } - - OpenSSL_add_all_digests(); - - m = EVP_sha1(); - if (m == NULL) - { - OPENSSL_free(der_name); - return NULL; - } - - - EVP_DigestInit(&ctx, m); - EVP_DigestUpdate(&ctx, delegation_id, strlen(delegation_id)); - EVP_DigestFinal(&ctx, hash_delegation_id, &delegation_id_len); - - /* lots of nasty hard coded numbers: - "8bytes/16chars delegation ID" + "-" + "8bytes/16chars DN" */ - - for (i=0; i <=7; ++i) - sprintf(&filename[i*2], "%02x", hash_delegation_id[i]); - - filename[16] = '-'; - - - - EVP_DigestInit(&ctx, m); - EVP_DigestUpdate(&ctx, buf, der_name_len); - EVP_DigestFinal(&ctx, hash_name, &hash_name_len); - - for (i=0; i <=7; ++i) - sprintf(&filename[17 + i*2], "%02x", hash_name[i]); - - return strdup(filename); -} - -/// Store a GSI proxy chain in the proxy cache, along with the private key -/** - * Returns GRST_RET_OK on success, non-zero otherwise. The existing - * private key with the same delegation ID and user DN is appended to - * make a valid proxy file, and the temporary private key file deleted. - */ - -int GRSTx509CacheProxy(char *proxydir, char *delegation_id, - char *user_dn, char *proxychain) -{ - int c, len = 0, i; - char *upcertfile, *upcertpath, *prvkeyfile, *p, *ptr; - FILE *ifp, *ofp; - STACK_OF(X509) *certstack; - BIO *certmem; - X509 *cert; - long ptrlen; - - prvkeyfile = GRSTx509CachedProxyKeyFind(proxydir, delegation_id, user_dn); - - if (prvkeyfile == NULL) - { - return GRST_RET_FAILED; - } - - if ((ifp = fopen(prvkeyfile, "r")) == NULL) - { - free(prvkeyfile); - return GRST_RET_FAILED; - } - -// fprintf(stderr, "\n\n\n\n PROXYCHAIN = \n %s", proxychain); - if (GRSTx509StringToChain(&certstack, proxychain) != GRST_RET_OK) - return GRST_RET_FAILED; - - upcertfile = GRSTx509MakeProxyFileName(delegation_id, certstack); - - if (upcertfile == NULL) - { - free(prvkeyfile); - sk_X509_free(certstack); - return GRST_RET_FAILED; - } - - asprintf(&upcertpath, "%s/%s", proxydir, upcertfile); - ofp = fopen(upcertpath, "w"); - chmod(upcertpath, S_IRUSR | S_IWUSR); - free(upcertpath); - - if (ofp == NULL) - { - fclose(ifp); - free(prvkeyfile); - free(upcertfile); - return GRST_RET_FAILED; - } - - fprintf(ofp, "%s\n%s\n", delegation_id, user_dn); - - /* write out the most recent proxy by itself */ - - if (cert = sk_X509_value(certstack, 0)) - { - certmem = BIO_new(BIO_s_mem()); - if (PEM_write_bio_X509(certmem, cert) == 1) - { - ptrlen = BIO_get_mem_data(certmem, &ptr); - fwrite(ptr, 1, ptrlen, ofp); - } - - BIO_free(certmem); - } - - /* insert proxy private key */ - - while ((c = fgetc(ifp)) != EOF) fputc(c, ofp); - unlink(prvkeyfile); - free(prvkeyfile); - - for (i=1; i <= sk_X509_num(certstack) - 1; ++i) - /* loop through the proxy chain starting at 2nd most recent proxy */ - { - if (cert = sk_X509_value(certstack, i)) - { - certmem = BIO_new(BIO_s_mem()); - if (PEM_write_bio_X509(certmem, cert) == 1) - { - ptrlen = BIO_get_mem_data(certmem, &ptr); - fwrite(ptr, 1, ptrlen, ofp); - } - - BIO_free(certmem); - } - } - - fputs(proxychain, ofp); /* write out certificates */ - - - sk_X509_free(certstack); - free(upcertfile); - - if (fclose(ifp) != 0) return GRST_RET_FAILED; - if (fclose(ofp) != 0) return GRST_RET_FAILED; - -/* should also check validity of proxy cert to avoid suprises? */ - - return GRST_RET_OK; -} diff --git a/org.gridsite.core/src/grst_xacml.c b/org.gridsite.core/src/grst_xacml.c deleted file mode 100644 index c38424f..0000000 --- a/org.gridsite.core/src/grst_xacml.c +++ /dev/null @@ -1,577 +0,0 @@ -/* - Andrew McNab and Shiv Kaushal, University of Manchester. - Copyright (c) 2002-3. All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -/*------------------------------------------------------------------------* - * For more information about GridSite: http://www.gridpp.ac.uk/gridsite/ * - *------------------------------------------------------------------------*/ - -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef _GNU_SOURCE -#define _GNU_SOURCE -#endif -#include - -#include -#include -#include - -#include "gridsite.h" - -//#define XACML_DEBUG - -#ifdef XACML_DEBUG - #define XACML_DEBUG_FILE "/tmp/grstxacmldebug.out" -#endif - - -/* * - * Global variables, shared by all GACL functions by private to libgacl * - * */ - -extern char *grst_perm_syms[]; -extern GRSTgaclPerm grst_perm_vals[]; - - -FILE* debugfile; - -GRSTgaclAcl *GRSTgaclAclParse(xmlDocPtr, xmlNodePtr, GRSTgaclAcl *); -GRSTgaclAcl *GRSTxacmlAclParse(xmlDocPtr, xmlNodePtr, GRSTgaclAcl *); - -/* * - * Functions to read in XACML 1.1 compliant format ACL * - * Functions based on method for opening GACL format * - * */ - -// need to check these for libxml memory leaks? - what needs to be freed? - - -static GRSTgaclCred *GRSTxacmlCredParse(xmlNodePtr cur) -/* - GRSTxacmlCredParse - parse a credential stored in the libxml structure cur, - returning it as a pointer or NULL on error. -*/ -{ - xmlNodePtr attr_val; - xmlNodePtr attr_des; - GRSTgaclCred *cred; - - // cur points to or , loop done outside this function. - - if ( (xmlStrcmp(cur->name, (const xmlChar *) "AnySubject") == 0)) cred = GRSTgaclCredNew("any-user"); - - else{ - - attr_val=cur->xmlChildrenNode->xmlChildrenNode; - attr_des=attr_val->next; - - cred = GRSTgaclCredNew((char *) xmlNodeGetContent(attr_des->properties->children)); - - cred->firstname = NULL; - cred->next = NULL; - - //Assumed that there is only one name/value pair per credential - GRSTgaclCredAddValue(cred, (char *) xmlNodeGetContent(attr_des->properties->next->children), - (char *) xmlNodeGetContent(attr_val)); - } - - return cred; -} - -static GRSTgaclEntry *GRSTxacmlEntryParse(xmlNodePtr cur) -/* - GRSTxacmlEntryParse - parse an entry stored in the libxml structure cur, - returning it as a pointer or NULL on error. Also checks to see if the following - tag refers to the same by checking the of both -*/ -{ - int i, check=0; - xmlDocPtr doc=cur->doc; - xmlNodePtr cur2; - xmlNodePtr rule_root=cur; - GRSTgaclEntry *entry; - GRSTgaclCred *cred; - GRSTgaclPerm perm; - - - // Next line not needed as function only called if tag found - // if (xmlStrcmp(cur->name, (const xmlChar *) "Rule") != 0) return NULL; - // cur and rule_root point to the tag - - cur = cur->xmlChildrenNode->xmlChildrenNode; - // cur should now be pointing at tag -#ifdef XACML_DEBUG - fprintf (debugfile, "Starting to Parse Entry\n"); -#endif - entry = GRSTgaclEntryNew(); - - while (cur!=NULL){ - - if (xmlStrcmp(cur->name, (const xmlChar *) "Subjects") == 0){ -#ifdef XACML_DEBUG - fprintf (debugfile, "Starting to Parse Credentials\n"); -#endif - if (check==0){ - // cur still pointing at tag make cur2 point to and loop over them. - cur2=cur->xmlChildrenNode; - while (cur2!=NULL){ - if ( ((cred = GRSTxacmlCredParse(cur2)) != NULL) && (!GRSTgaclEntryAddCred(entry, cred))){ - GRSTgaclCredFree(cred); - GRSTgaclEntryFree(entry); - return NULL; - } - cur2=cur2->next; - } - } - } - - else if (xmlStrcmp(cur->name, (const xmlChar *) "Actions") == 0){ -#ifdef XACML_DEBUG - fprintf (debugfile, "Starting to Parse Permissions\n"); -#endif - if (xmlStrcmp(xmlNodeGetContent(rule_root->properties->next->children), (const xmlChar *) "Permit") == 0 ){ -#ifdef XACML_DEBUG - fprintf (debugfile, "\tPermit-ed actions: "); -#endif - for (cur2 = cur->xmlChildrenNode; cur2 != NULL; cur2=cur2->next) //cur2-> - for (i=0; grst_perm_syms[i] != NULL; ++i) - if (xmlStrcmp(xmlNodeGetContent(cur2->xmlChildrenNode->xmlChildrenNode), (const xmlChar *) grst_perm_syms[i]) == 0) - { -#ifdef XACML_DEBUG - fprintf (debugfile, "%s ", grst_perm_syms[i]); -#endif - GRSTgaclEntryAllowPerm(entry, grst_perm_vals[i]); - } - } - - if (xmlStrcmp(xmlNodeGetContent(rule_root->properties->next->children), (const xmlChar *) "Deny") == 0 ) { -#ifdef XACML_DEBUG - fprintf (debugfile, "\tDeny-ed actions: "); -#endif - for (cur2 = cur->xmlChildrenNode; cur2 != NULL; cur2=cur2->next) //cur2-> - for (i=0; grst_perm_syms[i] != NULL; ++i) - if (xmlStrcmp(xmlNodeGetContent(cur2->xmlChildrenNode->xmlChildrenNode), (const xmlChar *) grst_perm_syms[i]) == 0) - { - -#ifdef XACML_DEBUG - fprintf (debugfile, "%s ", grst_perm_syms[i]); -#endif - GRSTgaclEntryDenyPerm(entry, grst_perm_vals[i]); - } - } - - } - else{ // I cannot parse this - give up rather than get it wrong -#ifdef XACML_DEBUG - fprintf (debugfile, "OOOPSIE\n"); -#endif - GRSTgaclEntryFree(entry); - return NULL; - } - - cur=cur->next; - - // Check if next Rule should be included when end of current rule reached - // If RuleId are from the same entry (eg Entry1A and Entry1D) - // make cur point to the next Rule's tag - if (cur==NULL) - if (check==0) - if (rule_root->next!=NULL) - if ( strncmp(xmlNodeGetContent(rule_root->properties->children), // RuleId of this Rule - xmlNodeGetContent(rule_root->next->properties->children), // RuleId of next Rule - 6) == 0){ -#ifdef XACML_DEBUG - fprintf (debugfile, "End of perms and creds, next is %s \n", xmlNodeGetContent(rule_root->next->properties->children)); -#endif - rule_root=rule_root->next; - cur=rule_root->xmlChildrenNode->xmlChildrenNode; -#ifdef XACML_DEBUG - fprintf (debugfile, "skipped to <%s> tag of next Rule\n", cur->name); -#endif - check++; - } - } - - return entry; -} - -GRSTgaclAcl *GRSTxacmlAclLoadFile(char *filename) -{ -xmlDocPtr doc; - xmlNodePtr cur; - GRSTgaclAcl *acl; - - doc = xmlParseFile(filename); - if (doc == NULL) return NULL; - - cur = xmlDocGetRootElement(doc); - if (cur == NULL) return NULL; - - if (!xmlStrcmp(cur->name, (const xmlChar *) "Policy")) { acl=GRSTxacmlAclParse(doc, cur, acl);} - else if (!xmlStrcmp(cur->name, (const xmlChar *) "gacl")) {acl=GRSTgaclAclParse(doc, cur, acl);} - else /* ACL format not recognised */ - { - free(doc); - free(cur); - return NULL; - } - - xmlFreeDoc(doc); - return acl; -} - -GRSTgaclAcl *GRSTxacmlAclParse(xmlDocPtr doc, xmlNodePtr cur, GRSTgaclAcl *acl) -{ - GRSTgaclEntry *entry; - - #ifdef XACML_DEBUG - debugfile=fopen(XACML_DEBUG_FILE, "w"); - fprintf (debugfile, "ACL loaded..\n"); - fprintf (debugfile, "Parsing XACML\n"); - #endif - - // Have an XACML policy file. - // Skip tag and set cur to first tag - cur = cur->xmlChildrenNode->next; - - acl = GRSTgaclAclNew(); - - while (cur != NULL){ - - if ( !xmlStrcmp(cur->name, (const xmlChar *)"Rule") ) - { // IF statement not needed? - #ifdef XACML_DEBUG - fprintf (debugfile, "Rule %s found\n", xmlNodeGetContent(cur->properties->children) ); - fprintf (debugfile, "Parsing Entry for this rule\n"); - #endif - entry = GRSTxacmlEntryParse(cur); - - if (entry == NULL) - { - GRSTgaclAclFree(acl); - xmlFreeDoc(doc); - return NULL; - } - else GRSTgaclAclAddEntry(acl, entry); - - #ifdef XACML_DEBUG - fprintf (debugfile, "Entry read in\n\n"); - #endif - } - - // If the current and next Rules are part of the same entry then advance two Rules - // If not then advance 1 - if (cur->next != NULL) - { - if ( strncmp(xmlNodeGetContent(cur->properties->children), // RuleId of this Rule - xmlNodeGetContent(cur->next->properties->children), // RuleId of next Rule - 6) == 0) - { - #ifdef XACML_DEBUG - fprintf (debugfile, "skipping next rule %s, should have been caught previously\n\n", xmlNodeGetContent(cur->next->properties->children) ); - #endif - cur=cur->next; - } // Check first 6 characters i.e. Entry1**/ - } - - cur=cur->next; - - } - - #ifdef XACML_DEBUG - fprintf (debugfile, "Finished loading ACL - Fanfare!\n"); - fclose(debugfile); - #endif - - return acl; -} - - -int GRSTxacmlFileIsAcl(char *pathandfile) -/* Return 1 if filename in *pathandfile starts GRST_ACL_FILE - Return 0 otherwise. */ -{ - char *filename; - - filename = rindex(pathandfile, '/'); - if (filename == NULL) filename = pathandfile; - else filename++; - - return (strncmp(filename, GRST_ACL_FILE, sizeof(GRST_ACL_FILE) - 1) == 0); -} - -char *GRSTxacmlFileFindAclname(char *pathandfile) -/* Return malloc()ed ACL filename that governs the given file or directory - (for directories, the ACL file is in the directory itself), or NULL if none - can be found. */ -{ - char *path, *p; - struct stat statbuf; - - path = malloc(strlen(pathandfile) + sizeof(GRST_ACL_FILE) + 1); - strcpy(path, pathandfile); - - if (stat(path, &statbuf) == 0) - { - if (!S_ISDIR(statbuf.st_mode)) /* can strip this / off straightaway */ - { - p = rindex(path, '/'); - if (p != NULL) *p = '\0'; - } - } - - while (path[0] != '\0') - { - strcat(path, "/"); - strcat(path, GRST_ACL_FILE); - - if (stat(path, &statbuf) == 0) return path; - - p = rindex(path, '/'); - *p = '\0'; /* strip off the / we added for ACL */ - - p = rindex(path, '/'); - if (p == NULL) break; /* must start without / and we there now ??? */ - - *p = '\0'; /* strip off another layer of / */ - } - - free(path); - return NULL; -} - -GRSTgaclAcl *GRSTxacmlAclLoadforFile(char *pathandfile) -/* Return ACL that governs the given file or directory (for directories, - the ACL file is in the directory itself.) */ -{ - char *path; - GRSTgaclAcl *acl; - - path = GRSTxacmlFileFindAclname(pathandfile); - - if (path != NULL) - { - acl = GRSTxacmlAclLoadFile(path); - free(path); - return acl; - } - - return NULL; -} - - - -/* * - * Functions to save ACL in XACML 1.1 compliant format * - * Functions based on method for saving to GACL format * - * */ - - -int GRSTxacmlCredPrint(GRSTgaclCred *cred, FILE *fp) -/* - GRSTxacmlCredPrint - print a credential and any name-value pairs is contains in XACML form -*/ -{ - char *q; - GRSTgaclNamevalue *p; - - if (cred->firstname != NULL) - { - - p = cred->firstname; - - do { - - fputs("\t\t\t\t\n", fp); - fputs("\t\t\t\t\t\n", fp); - fputs("\t\t\t\t\t\t", fp); - for (q=p->value; *q != '\0'; ++q) - if (*q == '<') fputs("<", fp); - else if (*q == '>') fputs(">", fp); - else if (*q == '&') fputs("&" , fp); - else if (*q == '\'') fputs("'", fp); - else if (*q == '"') fputs(""", fp); - else fputc(*q, fp); - - - fputs("\n", fp); - - fputs("\t\t\t\t\t\ttype); - fputs("\t\t\t\t\t\t\tDataType=", fp); - fprintf(fp, "\"%s\"/>\n", p->name); - fputs("\t\t\t\t\t\n", fp); - fputs("\t\t\t\t\n", fp); - p = (GRSTgaclNamevalue *) p->next; - } while (p != NULL); - - } - else fputs("\t\t\t\t\n", fp); - - return 1; -} - - -int GRSTxacmlEntryPrint(GRSTgaclEntry *entry, FILE *fp, int rule_number) -{ - GRSTgaclCred *cred; - GRSTgaclPerm i; - - if (entry->allowed){ - - fprintf(fp, "\t\n", rule_number); - fputs("\t\t\n", fp); - fputs("\t\t\t\n", fp); - - for (cred = entry->firstcred; cred != NULL; cred = cred->next) - GRSTxacmlCredPrint(cred, fp); - - fputs("\t\t\t\n", fp); - fputs("\t\t\t\n", fp); - - for (i=GRST_PERM_READ; i <= GRST_PERM_ADMIN; ++i) - if ((entry->allowed) & i) GRSTxacmlPermPrint(i, fp); - - fputs("\t\t\t\n", fp); - fputs("\t\t\n", fp); - fputs("\t\n", fp); - } - - if (entry->denied){ - - fprintf(fp, "\t\n", rule_number); - fputs("\t\t\n", fp); - fputs("\t\t\t\n", fp); - - for (cred = entry->firstcred; cred != NULL; cred = cred->next) - GRSTxacmlCredPrint(cred, fp); - - fputs("\t\t\t\n", fp); - fputs("\t\t\t\n", fp); - - for (i=GRST_PERM_READ; i <= GRST_PERM_ADMIN; ++i) - if (entry->denied & i) GRSTxacmlPermPrint(i, fp); - - fputs("\t\t\t\n", fp); - fputs("\t\t\n", fp); - fputs("\t\n", fp); - } - return 1; -} - - -int GRSTxacmlPermPrint(GRSTgaclPerm perm, FILE *fp) -{ - GRSTgaclPerm i; - - for (i=GRST_PERM_READ; grst_perm_syms[i] != NULL; ++i) - if (perm == grst_perm_vals[i]) - { - - fputs("\t\t\t\t\n", fp); - fputs("\t\t\t\t\t\n", fp); - fputs("\t\t\t\t\t\t", fp); - fprintf(fp, "%s", grst_perm_syms[i]); - fputs("\n", fp); - fputs("\t\t\t\t\t\t\n", fp); - fputs("\t\t\t\t\t\n", fp); - fputs("\t\t\t\t\n",fp); - - return 1; - } - - return 0; -} - -int GRSTxacmlAclPrint(GRSTgaclAcl *acl, FILE *fp, char* dir_uri) -{ - GRSTgaclEntry *entry; - int rule_number=1; - - fputs("\n\n", fp); - - fputs("\t\n\t\t\n\t\t\t\n", fp); - fputs("\t\t\t\t\n", fp); - fputs("\t\t\t\t\t", fp); - fprintf(fp, "%s", dir_uri); - fputs("\n", fp); - fputs("\t\t\t\t\t\n", fp); - - fputs("\t\t\t\t\n\t\t\t\n\t\t\n\t\t\n\t\t\t\n\t\t", fp); - fputs("\n\t\t\n\t\t\t\n\t\t\n\t\n\n", fp); - - for (entry = acl->firstentry; entry != NULL; entry = entry->next){ - - GRSTxacmlEntryPrint(entry, fp, rule_number); - rule_number++; - } - - fputs("\n", fp); - - return 1; -} - -int GRSTxacmlAclSave(GRSTgaclAcl *acl, char *filename, char* dir_uri) -{ - int ret; - FILE *fp; - - fp = fopen(filename, "w"); - if (fp == NULL) return 0; - - fprintf(fp,"\n"); - - ret = GRSTxacmlAclPrint(acl, fp, dir_uri); - - fclose(fp); - - return ret; -} - - - - diff --git a/org.gridsite.core/src/gsexec.c b/org.gridsite.core/src/gsexec.c deleted file mode 100644 index 292dcf3..0000000 --- a/org.gridsite.core/src/gsexec.c +++ /dev/null @@ -1,1056 +0,0 @@ -/* Copyright 1999-2004 The Apache Software Foundation - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * suexec.c -- "Wrapper" support program for suEXEC behaviour for Apache - * - *********************************************************************** - * - * NOTE! : DO NOT edit this code!!! Unless you know what you are doing, - * editing this code might open up your system in unexpected - * ways to would-be crackers. Every precaution has been taken - * to make this code as safe as possible; alter it at your own - * risk. - * - *********************************************************************** - * - * - */ - -#include "apr.h" -#include "apr_file_io.h" -#include "ap_config.h" -#include "gsexec.h" - -#include -#include -#include -#include -#include -#if APR_HAVE_UNISTD_H -#include -#endif - -#include -#include -#include - -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_GRP_H -#include -#endif - -/* - *********************************************************************** - * There is no initgroups() in QNX, so I believe this is safe :-) - * Use cc -osuexec -3 -O -mf -DQNX suexec.c to compile. - * - * May 17, 1997. - * Igor N. Kovalenko -- infoh mail.wplus.net - *********************************************************************** - */ - -#if defined(NEED_INITGROUPS) -int initgroups(const char *name, gid_t basegid) -{ - /* QNX and MPE do not appear to support supplementary groups. */ - return 0; -} -#endif - -#if defined(SUNOS4) -extern char *sys_errlist[]; -#define strerror(x) sys_errlist[(x)] -#endif - -#if defined(PATH_MAX) -#define AP_MAXPATH PATH_MAX -#elif defined(MAXPATHLEN) -#define AP_MAXPATH MAXPATHLEN -#else -#define AP_MAXPATH 8192 -#endif - -#define AP_ENVBUF 256 - -extern char **environ; -static FILE *log = NULL; - -char *safe_env_lst[] = -{ - /* variable name starts with */ - "HTTP_", - "SSL_", - "GRST_", - - /* variable name is */ - "AUTH_TYPE=", - "CONTENT_LENGTH=", - "CONTENT_TYPE=", - "DATE_GMT=", - "DATE_LOCAL=", - "DOCUMENT_NAME=", - "DOCUMENT_PATH_INFO=", - "DOCUMENT_ROOT=", - "DOCUMENT_URI=", - "GATEWAY_INTERFACE=", - "HTTPS=", - "LAST_MODIFIED=", - "PATH_INFO=", - "PATH_TRANSLATED=", - "QUERY_STRING=", - "QUERY_STRING_UNESCAPED=", - "REMOTE_ADDR=", - "REMOTE_HOST=", - "REMOTE_IDENT=", - "REMOTE_PORT=", - "REMOTE_USER=", - "REDIRECT_HANDLER=", - "REDIRECT_QUERY_STRING=", - "REDIRECT_REMOTE_USER=", - "REDIRECT_STATUS=", - "REDIRECT_URL=", - "REQUEST_METHOD=", - "REQUEST_URI=", - "SCRIPT_FILENAME=", - "SCRIPT_NAME=", - "SCRIPT_URI=", - "SCRIPT_URL=", - "SERVER_ADMIN=", - "SERVER_NAME=", - "SERVER_ADDR=", - "SERVER_PORT=", - "SERVER_PROTOCOL=", - "SERVER_SIGNATURE=", - "SERVER_SOFTWARE=", - "UNIQUE_ID=", - "USER_NAME=", - "TZ=", - NULL -}; - - -static void err_output(int is_error, const char *fmt, va_list ap) -{ -#ifdef AP_LOG_EXEC - time_t timevar; - struct tm *lt; - - if (!log) { - if ((log = fopen(AP_LOG_EXEC, "a")) == NULL) { - fprintf(stderr, "suexec failure: could not open log file\n"); - perror("fopen"); - exit(1); - } - } - - if (is_error) { - fprintf(stderr, "suexec policy violation: see suexec log for more " - "details\n"); - } - - time(&timevar); - lt = localtime(&timevar); - - fprintf(log, "[%d-%.2d-%.2d %.2d:%.2d:%.2d]: ", - lt->tm_year + 1900, lt->tm_mon + 1, lt->tm_mday, - lt->tm_hour, lt->tm_min, lt->tm_sec); - - vfprintf(log, fmt, ap); - - fflush(log); -#endif /* AP_LOG_EXEC */ - return; -} - -static void log_err(const char *fmt,...) -{ -#ifdef AP_LOG_EXEC - va_list ap; - - va_start(ap, fmt); - err_output(1, fmt, ap); /* 1 == is_error */ - va_end(ap); -#endif /* AP_LOG_EXEC */ - return; -} - -static void log_no_err(const char *fmt,...) -{ -#ifdef AP_LOG_EXEC - va_list ap; - - va_start(ap, fmt); - err_output(0, fmt, ap); /* 0 == !is_error */ - va_end(ap); -#endif /* AP_LOG_EXEC */ - return; -} - -static void clean_env(void) -{ - char pathbuf[512]; - char **cleanenv; - char **ep; - int cidx = 0; - int idx; - - /* While cleaning the environment, the environment should be clean. - * (e.g. malloc() may get the name of a file for writing debugging info. - * Bad news if MALLOC_DEBUG_FILE is set to /etc/passwd. Sprintf() may be - * susceptible to bad locale settings....) - * (from PR 2790) - */ - char **envp = environ; - char *empty_ptr = NULL; - - environ = &empty_ptr; /* VERY safe environment */ - - if ((cleanenv = (char **) calloc(AP_ENVBUF, sizeof(char *))) == NULL) { - log_err("failed to malloc memory for environment\n"); - exit(120); - } - - sprintf(pathbuf, "PATH=%s", AP_SAFE_PATH); - cleanenv[cidx] = strdup(pathbuf); - cidx++; - - for (ep = envp; *ep && cidx < AP_ENVBUF-1; ep++) { - for (idx = 0; safe_env_lst[idx]; idx++) { - if (!strncmp(*ep, safe_env_lst[idx], - strlen(safe_env_lst[idx]))) { - cleanenv[cidx] = *ep; - cidx++; - break; - } - } - } - - cleanenv[cidx] = NULL; - - environ = cleanenv; -} - -/* Pool account functions */ - - -#include -#include -#include -#include -#include -#include -#include - -/****************************************************************************** -Function: mapdir_otherlink -Description: - find another link in map directory to the same inode as firstlink - and change the modification time of firstlink to now (so that we - always know when this pair was last used) - -Parameters: - firstlink, the filename of the link we already know - -Returns: - a pointer to the other link's filename (without path) or NULL if none - found (this is malloc'd and will need freeing) - -******************************************************************************/ -static char *mapdir_otherlink(char *mapdir, char *firstlink) -{ - int ret; - char *firstlinkpath, *otherlinkdup, *otherlinkpath; - struct dirent *mapdirentry; - DIR *mapdirstream; - struct stat statbuf; - ino_t firstinode; - - firstlinkpath = malloc(strlen(mapdir) + 2 + strlen(firstlink)); - sprintf(firstlinkpath, "%s/%s", mapdir, firstlink); - ret = stat(firstlinkpath, &statbuf); - free(firstlinkpath); - if (ret != 0) return NULL; - if (statbuf.st_nlink != 2) return NULL; - - firstinode = statbuf.st_ino; /* save for comparisons */ - - mapdirstream = opendir(mapdir); - - if (mapdirstream != NULL) - { - while ((mapdirentry = readdir(mapdirstream)) != NULL) - { - if (strcmp(mapdirentry->d_name, firstlink) == 0) continue; - - otherlinkpath = malloc(strlen(mapdir) + 2 + - strlen(mapdirentry->d_name)); - sprintf(otherlinkpath, "%s/%s", mapdir, - mapdirentry->d_name); - - ret = stat(otherlinkpath, &statbuf); - if ((ret == 0) && (statbuf.st_ino == firstinode)) - { - utime(otherlinkpath, (struct utimbuf *) NULL); - free(otherlinkpath); - otherlinkdup = strdup(mapdirentry->d_name); - closedir(mapdirstream); - return otherlinkdup; - } - else free(otherlinkpath); - } - - closedir(mapdirstream); - } - - return NULL; -} - -/****************************************************************************** -Function: mapdir_urlencode -Description: - Convert string to URL encoded and return pointer to the encoded - version, obtained through malloc. Calling routine must free - this. Here "URL encoded" means anything other than an isalnum() - goes to %HH where HH is its ascii value in hex; also A-Z => a-z - This name is suitable for filenames since no / or spaces. - -Parameters: - rawstring, the string to be converted - -Returns: - a pointer to the encoded string or NULL if the malloc failed - -******************************************************************************/ -static char *mapdir_urlencode(char *rawstring) -{ - int encodedchar = 0, rawchar = 0; - char * encodedstring; - - encodedstring = (char *) malloc(3 * strlen(rawstring) + 1); - - if (encodedstring == NULL) return (char *) NULL; - - while (rawstring[rawchar] != '\0') - { - if (isalnum(rawstring[rawchar])) - { - encodedstring[encodedchar] = tolower(rawstring[rawchar]); - ++rawchar; - ++encodedchar; - } - else - { - sprintf(&encodedstring[encodedchar], "%%%02x", - rawstring[rawchar]); - ++rawchar; - encodedchar = encodedchar + 3; - } - } - - encodedstring[encodedchar] = '\0'; - - return encodedstring; -} - -/****************************************************************************** -Function: mapdir_newlease -Description: - Search for an unleased local username to give to the X.509 DN or - directory key corresponding to encodedfilename, and then lease it. - -Parameters: - encodedfilename, URL-encoded X.509 DN or directory key to associate - with an unlease pool username - -Returns: - no return value -******************************************************************************/ - -void mapdir_newlease(char *mapdir, char *encodedkey) -{ - int ret; - char *userfilename, *encodedfilename; - struct dirent *mapdirentry; - DIR *mapdirstream; - struct stat statbuf; - - encodedfilename = malloc(strlen(mapdir) + (size_t) 2 + - strlen(encodedkey)); - sprintf(encodedfilename, "%s/%s", mapdir, encodedkey); - - mapdirstream = opendir(mapdir); - - while ((mapdirentry = readdir(mapdirstream)) != NULL) - { - /* we dont want any files that dont look like acceptable usernames */ - if ((*(mapdirentry->d_name) == '%') || - (strcmp(mapdirentry->d_name, "root") == 0)) continue; - else if (*(mapdirentry->d_name) == '.') continue; - else if (index(mapdirentry->d_name, '~') != NULL) continue; - - userfilename = malloc(strlen(mapdir) + (size_t) 2 + - strlen(mapdirentry->d_name)); - sprintf(userfilename, "%s/%s", mapdir, mapdirentry->d_name); - stat(userfilename, &statbuf); - - if (statbuf.st_nlink == 1) /* this one isnt leased yet */ - { - ret = link(userfilename, encodedfilename); - free(userfilename); - if (ret != 0) - { - /* link failed: this is probably because a VERY lucky - other process has obtained a lease for encodedfilename - while we were faffing around */ - closedir(mapdirstream); - free(encodedfilename); - return; - } - - stat(encodedfilename, &statbuf); - if (statbuf.st_nlink > 2) - { - /* two keys have grabbed the same username: back off */ - unlink(encodedfilename); - continue; - } - - closedir(mapdirstream); - free(encodedfilename); - return; /* link worked ok, so return */ - } - else free(userfilename); /* already in use, try next one */ - } - - closedir(mapdirstream); - free(encodedfilename); - return; /* no unleased names left: give up */ -} - -/****************************************************************************** -Function: gridmapdir_userid -Description: - This is equivalent to globus_gss_assist_gridmap but for the dynamic - user ids in the gridmapdir: maps a globusID to a local unix user id, - either one already leased, or calls gridmapdir_newlease() to obtain - a new lease. This is called by globus_gss_assist_gridmap if the - local user id in the static gridmap file begins . (for a dynamic id) - -Parameters: - globusidp, globus client name who requested authentication - usernameprefix, prefix of the local usernames which would - be acceptable (or "\0" ) - *userid returned userid name for local system. - -Returns: - - 0 on success - !=0 on failure - -******************************************************************************/ - - - -int GRSTexecGetMapping(char **target_uname, char **target_gname, - char *mapdir, char *key) -{ - char *encodedkey; - - if (key[0] != '/') return 1; /* must be a proper X.509 DN or path */ - - encodedkey = mapdir_urlencode(key); -log_err("encodedkey=%s\n", encodedkey); - *target_uname = mapdir_otherlink(mapdir, encodedkey); -log_err("*target_uname=%s\n", *target_uname); - - if (*target_uname == NULL) /* maybe no lease yet */ - { - mapdir_newlease(mapdir, encodedkey); - /* try making a lease */ - - *target_uname = mapdir_otherlink(mapdir, encodedkey); - /* check if there is a now a lease - possibly made by someone else */ - - if (*target_uname == NULL) - { - free(encodedkey); - return 1; /* still no good */ - } - } - - free(encodedkey); - -// nasty hack for now -*target_gname = strdup(*target_uname); - - return 0; -} - -void internal_server_error(void) -{ - /* use this when its probably an httpd.conf configuration error */ - - puts("Status: 500 Internal Server Error\n" - "Content-Type: text/html\n\n" - "500 Internal Server Error\n" - "

Internal Server Error

"); -} - -void forbidden_error(void) -{ - /* use this when unix file permissions/ownerships are probably wrong */ - - puts("Status: 403 Forbidden\n" - "Content-Type: text/html\n\n" - "403 Forbidden\n" - "

Forbidden

"); -} - -int main(int argc, char *argv[]) -{ - int userdir = 0; /* ~userdir flag */ - uid_t uid; /* user information */ - gid_t gid; /* target group placeholder */ - uid_t httpd_uid; /* uid for AP_HTTPD_USER */ - gid_t httpd_gid; /* uid for AP_HTTPD_GROUP */ - char *mapping_type; /* suexec / X509DN / directory */ - char *map_x509dn; /* DN to use as pool acct. key */ - char *map_directory; /* directory as pool acct. key */ - - char *diskmode_env; /* GRST_DISK_MODE as a string */ - apr_fileperms_t diskmode_apr; /* GRST_DISK_MODE as Apache perms */ - mode_t diskmode_t; /* GRST_DISK_MODE as mode_t */ - - char *target_uname; /* target user name */ - char *target_gname; /* target group name */ - char *target_homedir; /* target home directory */ - char *actual_uname; /* actual user name */ - char *actual_gname; /* actual group name */ - char *prog; /* name of this program */ - char *cmd; /* command to be executed */ - char cwd[AP_MAXPATH]; /* current working directory */ - char dwd[AP_MAXPATH]; /* docroot working directory */ - struct passwd *pw; /* password entry holder */ - struct group *gr; /* group entry holder */ - struct stat dir_info; /* directory info holder */ - struct stat prg_info; /* program info holder */ - - /* - * Start with a "clean" environment - */ - clean_env(); - - prog = argv[0]; - /* - * Check existence/validity of the UID of the user - * running this program. Error out if invalid. - */ - uid = getuid(); - if ((pw = getpwuid(uid)) == NULL) { - log_err("crit: invalid uid: (%ld)\n", uid); - internal_server_error(); - exit(102); - } - /* - * Check existence/validity of the GID of the user - * running this program. Error out if invalid. - */ - gid = getgid(); - if ((gr = getgrgid(gid)) == NULL) { - log_err("crit: invalid gid: (%ld)\n", gid); - internal_server_error(); - exit(102); - } - /* - * See if this is a 'how were you compiled' request, and - * comply if so. - */ - if ((argc > 1) - && (! strcmp(argv[1], "-V")) - && ((uid == 0) -#ifdef _OSD_POSIX - /* User name comparisons are case insensitive on BS2000/OSD */ - || (! strcasecmp(AP_HTTPD_USER, pw->pw_name))) -#else /* _OSD_POSIX */ - || (! strcmp(AP_HTTPD_USER, pw->pw_name))) -#endif /* _OSD_POSIX */ - ) { -#ifdef AP_DOC_ROOT - fprintf(stderr, " -D AP_DOC_ROOT=\"%s\"\n", AP_DOC_ROOT); -#endif -#ifdef AP_GID_MIN - fprintf(stderr, " -D AP_GID_MIN=%d\n", AP_GID_MIN); -#endif -#ifdef AP_HTTPD_USER - fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER); -#endif -#ifdef AP_LOG_EXEC - fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC); -#endif -#ifdef AP_SAFE_PATH - fprintf(stderr, " -D AP_SAFE_PATH=\"%s\"\n", AP_SAFE_PATH); -#endif -#ifdef AP_SUEXEC_UMASK - fprintf(stderr, " -D AP_SUEXEC_UMASK=%03o\n", AP_SUEXEC_UMASK); -#endif -#ifdef AP_UID_MIN - fprintf(stderr, " -D AP_UID_MIN=%d\n", AP_UID_MIN); -#endif -#ifdef AP_USERDIR_SUFFIX - fprintf(stderr, " -D AP_USERDIR_SUFFIX=\"%s\"\n", AP_USERDIR_SUFFIX); -#endif - exit(0); - } - /* - * If there are a proper number of arguments, set - * all of them to variables. Otherwise, error out. - */ - if (argc < 4) { - log_err("too few arguments\n"); - internal_server_error(); - exit(101); - } - - mapping_type = getenv("GRST_EXEC_METHOD"); -// log_err("mapping_type from GRST_EXEC_METHOD=%s\n",mapping_type); - if ((mapping_type == NULL) || - (mapping_type[0] == '\0') || - (strcasecmp(mapping_type, "suexec") == 0)) - { - target_uname = argv[1]; - target_gname = argv[2]; - mapping_type = NULL; - } - else if (strcasecmp(mapping_type, "X509DN") == 0) - { -// log_err("X509DN mapping type\n"); - if ((map_x509dn = getenv("GRST_CRED_0")) == NULL) - map_x509dn = getenv("SSL_CLIENT_S_DN"); - - if ((map_x509dn == NULL) || (map_x509dn[0] == '\0')) - { - log_err("No GRST_CRED_0/SSL_CLIENT_S_DN despite X509DN mapping\n"); - forbidden_error(); - exit(151); - } - - if (GRSTexecGetMapping(&target_uname, &target_gname, - GRST_EXECMAPDIR, map_x509dn) - != 0) - { - log_err("GRSTexecGetMapping() failed mapping \"%s\"\n", - map_x509dn); - forbidden_error(); - exit(152); - } - } - else if (strcasecmp(mapping_type, "directory") == 0) - { - map_directory = getenv("GRST_EXEC_DIRECTORY"); - if (map_directory == NULL) - { - log_err("No GRST_EXEC_DIRECTORY despite directory mapping\n"); - internal_server_error(); - exit(153); - } - - if (GRSTexecGetMapping(&target_uname, &target_gname, - GRST_EXECMAPDIR, map_directory) - != 0) - { - log_err("GRSTexecGetMapping() failed mapping \"%s\"\n", - map_directory); - internal_server_error(); - exit(154); - } - } - else - { - log_err("mapping type \"%s\" not recognised\n", mapping_type); - internal_server_error(); - exit(155); - } - - cmd = argv[3]; - - /* - * Check to see if the user running this program - * is the user allowed to do so as defined in - * suexec.h. If not the allowed user, error out. - */ -#ifdef _OSD_POSIX - /* User name comparisons are case insensitive on BS2000/OSD */ - if (strcasecmp(AP_HTTPD_USER, pw->pw_name)) { - log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER); - internal_server_error(); - exit(103); - } - /* User name comparisons are case insensitive on BS2000/OSD */ - if (strcasecmp(AP_HTTPD_GROUP, gr->gr_name)) { - log_err("group mismatch (%s instead of %s)\n", gr->gr_name, AP_HTTPD_GROUP); - internal_server_error(); - exit(103); - } -#else /*_OSD_POSIX*/ - if (strcmp(AP_HTTPD_USER, pw->pw_name)) { - log_err("user mismatch (%s instead of %s)\n", pw->pw_name, AP_HTTPD_USER); - internal_server_error(); - exit(103); - } - if (strcmp(AP_HTTPD_GROUP, gr->gr_name)) { - log_err("group mismatch (%s instead of %s)\n", gr->gr_name, AP_HTTPD_GROUP); - internal_server_error(); - exit(103); - } -#endif /*_OSD_POSIX*/ - - /* Since they match (via name) save these for later */ - - httpd_uid = uid; - httpd_gid = gid; - - /* - * Check for a leading '/' (absolute path) in the command to be executed, - * or attempts to back up out of the current directory, - * to protect against attacks. If any are - * found, error out. Naughty naughty crackers. - */ - if ((cmd[0] == '/') || (!strncmp(cmd, "../", 3)) - || (strstr(cmd, "/../") != NULL)) { - log_err("invalid command (%s)\n", cmd); - internal_server_error(); - exit(104); - } - - /* - * Check to see if this is a ~userdir request. If - * so, set the flag, and remove the '~' from the - * target username. - */ - if (!strncmp("~", target_uname, 1)) { - target_uname++; - userdir = 1; - } - - /* - * Error out if the target username is invalid. - */ - if (strspn(target_uname, "1234567890") != strlen(target_uname)) { - if ((pw = getpwnam(target_uname)) == NULL) { - log_err("invalid target user name: (%s)\n", target_uname); - internal_server_error(); - exit(105); - } - } - else { - if ((pw = getpwuid(atoi(target_uname))) == NULL) { - log_err("invalid target user id: (%s)\n", target_uname); - internal_server_error(); - exit(121); - } - } - - /* - * Error out if the target group name is invalid. - */ - if (strspn(target_gname, "1234567890") != strlen(target_gname)) { - if ((gr = getgrnam(target_gname)) == NULL) { - log_err("invalid target group name: (%s)\n", target_gname); - internal_server_error(); - exit(106); - } - gid = gr->gr_gid; - actual_gname = strdup(gr->gr_name); - } - else { - gid = atoi(target_gname); - actual_gname = strdup(target_gname); - } - -#ifdef _OSD_POSIX - /* - * Initialize BS2000 user environment - */ - { - pid_t pid; - int status; - - switch (pid = ufork(target_uname)) { - case -1: /* Error */ - log_err("failed to setup bs2000 environment for user %s: %s\n", - target_uname, strerror(errno)); - internal_server_error(); - exit(150); - case 0: /* Child */ - break; - default: /* Father */ - while (pid != waitpid(pid, &status, 0)) - ; - /* @@@ FIXME: should we deal with STOP signals as well? */ - if (WIFSIGNALED(status)) { - kill (getpid(), WTERMSIG(status)); - } - internal_server_error(); - exit(WEXITSTATUS(status)); - } - } -#endif /*_OSD_POSIX*/ - - /* - * Save these for later since initgroups will hose the struct - */ - uid = pw->pw_uid; - actual_uname = strdup(pw->pw_name); - target_homedir = strdup(pw->pw_dir); - - /* - * Log the transaction here to be sure we have an open log - * before we setuid(). - */ - log_no_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n", - target_uname, actual_uname, - target_gname, actual_gname, - cmd); - - /* - * Error out if attempt is made to execute as root or as - * a UID less than AP_UID_MIN. Tsk tsk. - */ - if ((uid == 0) || (uid < AP_UID_MIN)) { - log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd); - internal_server_error(); - exit(107); - } - - /* - * Error out if attempt is made to execute as root group - * or as a GID less than AP_GID_MIN. Tsk tsk. - */ - if ((gid == 0) || (gid < AP_GID_MIN)) { - log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd); - internal_server_error(); - exit(108); - } - - /* - * Change UID/GID here so that the following tests work over NFS. - * - * Initialize the group access list for the target user, - * and setgid() to the target group. If unsuccessful, error out. - */ - if (((setgid(gid)) != 0) || (initgroups(actual_uname, gid) != 0)) { - log_err("failed to setgid (%ld: %s)\n", gid, cmd); - internal_server_error(); - exit(109); - } - - /* - * setuid() to the target user. Error out on fail. - */ - if ((setuid(uid)) != 0) { - log_err("failed to setuid (%ld: %s)\n", uid, cmd); - internal_server_error(); - exit(110); - } - - /* - * Get the current working directory, as well as the proper - * document root (dependant upon whether or not it is a - * ~userdir request). Error out if we cannot get either one, - * or if the current working directory is not in the docroot. - * Use chdir()s and getcwd()s to avoid problems with symlinked - * directories. Yuck. - */ - if (getcwd(cwd, AP_MAXPATH) == NULL) { - log_err("cannot get current working directory\n"); - internal_server_error(); - exit(111); - } - -#if 0 - if (userdir) { - if (((chdir(target_homedir)) != 0) || - ((chdir(AP_USERDIR_SUFFIX)) != 0) || - ((getcwd(dwd, AP_MAXPATH)) == NULL) || - ((chdir(cwd)) != 0)) { - log_err("cannot get docroot information (%s)\n", target_homedir); - internal_server_error(); - exit(112); - } - } - else { - if (((chdir(AP_DOC_ROOT)) != 0) || - ((getcwd(dwd, AP_MAXPATH)) == NULL) || - ((chdir(cwd)) != 0)) { - log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT); - internal_server_error(); - exit(113); - } - } - - if ((strncmp(cwd, dwd, strlen(dwd))) != 0) { - log_err("command not in docroot (%s/%s)\n", cwd, cmd); - internal_server_error(); - exit(114); - } -#endif - - /* - * Stat the cwd and verify it is a directory, or error out. - */ - if (((lstat(cwd, &dir_info)) != 0) || !(S_ISDIR(dir_info.st_mode))) { - log_err("cannot stat directory: (%s)\n", cwd); - internal_server_error(); - exit(115); - } - - /* - * Error out if cwd is writable by others. - */ - if ((dir_info.st_mode & S_IWOTH) || (dir_info.st_mode & S_IWGRP)) { - log_err("directory is writable by others: (%s)\n", cwd); - forbidden_error(); - exit(116); - } - - /* - * Error out if we cannot stat the program. - */ - if (((lstat(cmd, &prg_info)) != 0) || (S_ISLNK(prg_info.st_mode))) { - log_err("cannot stat program: (%s)\n", cmd); - forbidden_error(); - exit(117); - } - - /* - * Error out if the program is writable by others. - */ - if (prg_info.st_mode & S_IWOTH) { - log_err("file is writable by others: (%s/%s)\n", cwd, cmd); - forbidden_error(); - exit(118); - } - - /* - * Error out if the file is setuid or setgid. - */ - if ((prg_info.st_mode & S_ISUID) || (prg_info.st_mode & S_ISGID)) { - log_err("file is either setuid or setgid: (%s/%s)\n", cwd, cmd); - forbidden_error(); - exit(119); - } - - /* - * Error out if the target name/group is different from - * the name/group of the cwd or the program AND the name/group - * of the cwd and program are not the AP_HTTPD_USER/AP_HTTPD_GROUP - * AND the name/group of the cwd and program are not root - */ - if (((uid != dir_info.st_uid) && (httpd_uid != dir_info.st_uid) - && (0 != dir_info.st_uid)) || - ((gid != dir_info.st_gid) && (httpd_gid != dir_info.st_gid) - && (0 != dir_info.st_gid)) || - ((uid != prg_info.st_uid) && (httpd_uid != prg_info.st_uid) - && (0 != prg_info.st_uid)) || - ((gid != prg_info.st_gid) && (httpd_gid != prg_info.st_gid) - && (0 != prg_info.st_gid))) - { - log_err("target (%ld/%ld) or %s (%ld/%ld) or root (0/0) uid/gid " - "mismatch with directory (%ld/%ld) or program (%ld/%ld)\n", - uid, gid, AP_HTTPD_USER, httpd_uid, httpd_gid, - dir_info.st_uid, dir_info.st_gid, - prg_info.st_uid, prg_info.st_gid); - forbidden_error(); - exit(120); - } - /* - * Error out if the program is not executable for the user. - * Otherwise, she won't find any error in the logs except for - * "[error] Premature end of script headers: ..." - */ - if (!(prg_info.st_mode & S_IXUSR)) { - log_err("file has no execute permission: (%s/%s)\n", cwd, cmd); - forbidden_error(); - exit(121); - } - - diskmode_env = getenv("GRST_DISK_MODE"); - if (diskmode_env != NULL) - { - diskmode_apr = 0; - sscanf(diskmode_env, "%i", &diskmode_apr); - - diskmode_t = S_IRUSR | S_IWUSR; - - if (diskmode_apr & APR_GREAD ) diskmode_t |= S_IRGRP; - if (diskmode_apr & APR_GWRITE) diskmode_t |= S_IWGRP; - if (diskmode_apr & APR_WREAD ) diskmode_t |= S_IROTH; - - diskmode_t &= (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH); - -// log_err("diskmode_env=%s diskmode_apr=%x diskmode_t=%o ~diskmode_t=%o\n", diskmode_env, diskmode_apr, diskmode_t, ~diskmode_t); - - umask(~diskmode_t); - } -#ifdef AP_SUEXEC_UMASK - else umask(AP_SUEXEC_UMASK); -#else - else umask(~(S_IRUSR | S_IWUSR)); -#endif /* AP_SUEXEC_UMASK */ - - /* - * Be sure to close the log file so the CGI can't - * mess with it. If the exec fails, it will be reopened - * automatically when log_err is called. Note that the log - * might not actually be open if AP_LOG_EXEC isn't defined. - * However, the "log" cell isn't ifdef'd so let's be defensive - * and assume someone might have done something with it - * outside an ifdef'd AP_LOG_EXEC block. - */ - if (log != NULL) { - fclose(log); - log = NULL; - } - - /* - * Execute the command, replacing our image with its own. - */ -#ifdef NEED_HASHBANG_EMUL - /* We need the #! emulation when we want to execute scripts */ - { - extern char **environ; - - ap_execve(cmd, &argv[3], environ); - } -#else /*NEED_HASHBANG_EMUL*/ - execv(cmd, &argv[3]); -#endif /*NEED_HASHBANG_EMUL*/ - - /* - * (I can't help myself...sorry.) - * - * Uh oh. Still here. Where's the kaboom? There was supposed to be an - * EARTH-shattering kaboom! - * - * Oh well, log the failure and error out. - */ - log_err("(%d)%s: exec failed (%s)\n", errno, strerror(errno), cmd); - internal_server_error(); - exit(255); -} diff --git a/org.gridsite.core/src/gsexec.h b/org.gridsite.core/src/gsexec.h deleted file mode 100644 index b777421..0000000 --- a/org.gridsite.core/src/gsexec.h +++ /dev/null @@ -1,126 +0,0 @@ -/* Copyright 1999-2004 The Apache Software Foundation - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * suexec.h -- user-definable variables for the suexec wrapper code. - * (See README.configure on how to customize these variables.) - */ - - -#ifndef _SUEXEC_H -#define _SUEXEC_H - -/* - * Include ap_config_layout so we can work out where the default htdocsdir - * and logsdir are. - */ -#include "ap_config_layout.h" - -/* - * HTTPD_USER -- Define as the username under which Apache normally - * runs. This is the only user allowed to execute - * this program. - */ -#ifndef AP_HTTPD_USER -#define AP_HTTPD_USER "apache" -#endif - -/* - * HTTPD_GROUP -- Define as the group under which Apache normally - * runs. This is the only user allowed to execute - * this program. - */ -#ifndef AP_HTTPD_GROUP -#define AP_HTTPD_GROUP "apache" -#endif - -/* - * UID_MIN -- Define this as the lowest UID allowed to be a target user - * for suEXEC. For most systems, 500 or 100 is common, but - * 99 will include user nobody on RedHat Linux systems. - */ -#ifdef AP_UID_MIN -#undef AP_UID_MIN -#endif -#define AP_UID_MIN 99 - -/* - * GID_MIN -- Define this as the lowest GID allowed to be a target group - * for suEXEC. For most systems, 100 is common, but 99 will - * include group nobody on RedHat Linux systems. - */ -#ifdef AP_GID_MIN -#undef AP_GID_MIN -#endif -#define AP_GID_MIN 99 - -/* - * USERDIR_SUFFIX -- Define to be the subdirectory under users' - * home directories where suEXEC access should - * be allowed. All executables under this directory - * will be executable by suEXEC as the user so - * they should be "safe" programs. If you are - * using a "simple" UserDir directive (ie. one - * without a "*" in it) this should be set to - * the same value. suEXEC will not work properly - * in cases where the UserDir directive points to - * a location that is not the same as the user's - * home directory as referenced in the passwd file. - * - * If you have VirtualHosts with a different - * UserDir for each, you will need to define them to - * all reside in one parent directory; then name that - * parent directory here. IF THIS IS NOT DEFINED - * PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK! - * See the suEXEC documentation for more detailed - * information. - */ -#ifndef AP_USERDIR_SUFFIX -#define AP_USERDIR_SUFFIX "public_html" -#endif - -/* - * LOG_EXEC -- Define this as a filename if you want all suEXEC - * transactions and errors logged for auditing and - * debugging purposes. - */ -#ifndef AP_LOG_EXEC -#define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR "/suexec_log" /* Need me? */ -#endif - -/* - * DOC_ROOT -- Define as the DocumentRoot set for Apache. This - * will be the only hierarchy (aside from UserDirs) - * that can be used for suEXEC behavior. - */ -#ifndef AP_DOC_ROOT -#define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR -#endif - -/* - * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables. - * - */ -#ifndef AP_SAFE_PATH -#define AP_SAFE_PATH "/usr/local/bin:/usr/bin:/bin" -#endif - -/* - * GRST_EXECMAPDIR -- Location of the gridmapdir-style directory of lock files - * - */ -#define GRST_EXECMAPDIR "/var/www/execmapdir" - -#endif /* _SUEXEC_H */ diff --git a/org.gridsite.core/src/htcp b/org.gridsite.core/src/htcp deleted file mode 100644 index 8a64842f5685ba9462ec46f27388593f059ae03f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22680 zcmch93w&Hvx$jCcp&`aj%Bj#ofuRscrFry)p}bm}>5D#wHpOyy4AW$iopv%a&g|&} zNJ&jc2}7_b_$!K95RZrmTu-Zj7E|Gv@;kYlT&!BPV3l&tj;R=~JrK1r_y1pynVliU z$Nk;A+m*GxwZ8SO@3o$L_PWczVsTMXkuXoOC=rCpdOc-x5g%HtO6Cfmm>{afG%;12 zhAfuN?E((MQKT745j+Sb2$Ml%@(xcK!#@FLU>RvM$Om-=!ij5zU|@Ywsmf*Et0+To zP~jv3+hut%qOwH@KlYR{_)x~ca<;)x4Y(R@Gxz{An6m5Nv|9ka?=ki3BJCUMA}uwM z_GoHrZ8BCnTh&F=0%XOKRqJG3^1(p9s}SZPoP|)2;6vbZhKl6hIrvMxO+=WAK%IOP z;cSFU5iUUBGXsJ2(5!rF@b^N5a)b{doR7d~x{AbP9akfsgg}035$X_TA{0K9!8}r@ z04A7>abj;l-iHCx#?%L&3Kfm{dnO?2#ysaCajpiYAudChqTx$)%;+4QzDUOxBmM{i zZFf4tEQIkM>Xg2~vPt6Y?8{onj{~L+1~p8*65gTVof>{v!xv~csNuIX{4)(-jF|No zYvG>IFx*je-J{w+1C~l^{BwXu{LgE+P2d>%kx`|}ClS&l&XVom=w4Zo}Du}`r4c@5XYu?T-j!Fv?w z4{G>1#H3%L>l=A*NB%LFea}MqGmuZ&f1)_5>l^;Upuy)31k&3=KtDdj8J#xzcntL& z7yaurz3YL;`d`xcjC}lqF|Rq5h;X=@BZ7@Lu3ETq*&@NLU^tZA7EFfiSlo7H#KVc! zSfay~(;jWNMX(i-2rgN%`r3snf~yxVUh8iPHZ8n%g+HiJlacnM9Sp_e;b@BpF5etn z6K+FJII$=aN+!ce7s2L8I229AMKIXb5sLi$ZFh}CYI)dRuB40SKIY&VvB*Mv9WOJ^(MK(2?Rc~kJET-C9qB1Rk zW+pEaNxLPMvPE0i4yW2%7(-*hNG#eW^P-!@Cz7#*Ejq#-&GBubBNU0mngwt|i8j%m zOvXdaVGv0~n?uQPb4Oex+M_Mut)exKgxyL^WQdMUc6*0LBvM$>NhX^^(N@-Pfyxk( z0(gjTAv2+*Ceqp*i6vRP1v(I5AQU0FV1iZ904TS{U>gy#W3c10)lhp&do-9zhGDKC zL~quH=m@n(St+8BBM~r~vXi1U5e@@$E6fFV2)Bgn5I~qr)k7A9Sh8Z-wTptYp-hwF ztXYIP!~IXeoJq#}r(D{U5Vu6*6-i2}HuIQL53%_$XFdp+Ic!pUJEpY~5l1oeDkWSj zZr2s7(U(rcFOEKxN50_$+WnU|uEkpz238-@=V~k}B7^71+GAAK^U`UO~8;@Gc1l2-g$tl5i8@2EuU(uP3~K@NE*lnebA=0SVtmI6!!Tgj)!& zCtNRKi|}oPeG-lkra(iL5{?s&6BZJ-32!Al@*Xm(wi50ld{n}B626=8poF^!?;_kM z;hltc6Mja*cN5-2c#nkdCHy$yT@v0!_!+`o5`KX2vxMUk-c7iV@NE))nD9Zu0SWIR zJVA18d2uusBI5_SkzO86PVBZP&7_Yxi@Jn|RH|14qjTgWfr?-MQ~ zJSgEl!j**kB>WQLDTJSq@Ik^p!h0kI6Juhrk7vbC2`=-T~{3k zbzysl&+pwVy8Ap|Jq$Se>LZLYmFZVg!#^q|O3}+N_PnF|z#|?kUqNdsbuN&o>^@#$ zF*7^Z{Zb|9umSSWeY`2-pWNf$oAFn8pY~Vw_#L2T{LX@a(+F9B-QyqWKJLk;oNTHr zn;LOeLIPw1r^G+Ks|Z+oAuUlhDwOWgqLde9{R^l|G4vb!&8GJD`cDL` zevNvKK`l;|4jljj$ZagQeyoe*iidPxYFXx%y^^(&?!NMX^D(H4%q?Q$nFZ6jw>Ajx zeO-zGva)fH^*V{nI||)64GMjTYjL)4o;9jln3!u}ldFY_fb)|->lVr=-tn@HS7hU5 z&NaGS|MBk5!bY$4F&08!_b8(2K5zO3 zRoLr)HefA5aR%D&^9GzH2F1QWu}KW4NOQAjGC1g8Ko=Fm+tIqLf0L{JgmLR1FfzL9 zUv28gT=n}ECVc69SNl80sShJjrp>BBxJl-glP|w09n+%f#m2etBo7&Z1L2w<&G;X$5*Tl;5(}^mI|mIY z9P1Oh?Wwx$srjPobs+z*RwT0Vx!HKVbq~a4cXY~>H6UR& zbt1cuL>!Mct|Td~dcxUbR8?j@hPv5(Y{dD6%I%R&N)ge3&zdepJmQ>VL`3@yMcbt~ zMH^>iQ%4-3icrUT2FFBJY!%IZ#BoNA*?ZIL(L}(i(ZpUcCE&D@sE?`+Y?{5uI$L8t zW-#H870x>fD)Cn=?P{pAz5V{9R1OS<0d9B#K&rIge_Z7r@12}hsj}`Xi-mXR9jC$E zokxZJaddfCAqIxJ?A&7KUz8+0{uAAuCq(KaW3V!wViXLQLf2WycLEGq&q>{n1e|-_ z>Ji&7M(-I@8Pu&8sBATqb-b$`2HLDB@}@5V-tH7|=WN&~A>q^^Q` zP+|?_=~O8?aGYicO3}PK@5QoG_uua*eGP4sS#W5Ww9=ZSb-PqmmP&VNgRGvRQ8azy zbz#VK;AnAXT^TBEEVKShPUcoR_bE!~MvEkBgV;VzHYOd^^ZlIMsdtP^DF3uB(G7iH z6$}+&%||h%Pv%O$tV`dZny8J6VsHAV0N9(;Tj^Vc+IDWQLNU9xy?i_gXXcqY`rneN zF-ly5HM&;fCzNnQbCIQOv>cV+*WfmV*ONEcxDBt!H{3Q(!>?eIpc@|5Qh!fo8S72e z8oNhTrn2A@#$dK9_pyx=*|$Qutc^t*YniiJsDJawWZ6Ra4mw2#@&|4>YEV*i3fmW+6J_5zU32yZ`M;b!-du(dUB z;+=nx!b-e~qEvH1C--aKb3Wru{{SLVGh;jYm5R<7AN{K2R!-FaQ}H;o%kWfDoZ9w5 z&N`qf{2k8v{QrJ`FS#Jk!F8I0iO9;^Pnwuo%sJ?f6`A+jUelKa)Ub82cJxO~4M=*# znWGdj#@e4zc{Fh9Y-QYjXmR^QmA(`#-Bmn{B~gVkP&Rc;`pHGsp1h@g@iyi2k%*1X zeGIGU;rfj9L?)|@si#Q}rJY~S*M3;mu9TC@MBRTI6kEOi<5@8j<#5hb)e)yl<&Rla zHT3(r*HKg1G3OS@ESK?W5n`rc$9X`tBbPH{reVj~rdb#}4LeRKm*49@Xy#zYS)R+5 z>l`!XI?k+If%Q`eXw8*&aGa^Re2gPAv6pZrm>f)4kj!y@soc5We?rM}!ZpXr37G2} z#XIImC^F-Bp>X1PEw9pLBhul*S z=d+3(>;d!wy1>*4$S|&{zo7`KCfzG8$GJ}xK{f6bm*Z^C<&QCSFqf^xRjVtMtskv8KLQarKXy`oDhnkD2;uS?~R( z{<>nvm>L^%Pi7rQgdva!hr=&RGY*#piM0*x;_~4O1e)~2>x@Cp)O(g@Dy7{FX z_A4){d@P&JWr3avQSgK*@TR{kI~%4bu7SD9xzCi@6?*YKREdQgdUuJxtgAt!a@l|6 z^x)_A8l`0=L^ufq?@qo5a^=*e=4JdRWqH{GAmj;uSIs$!cEI_=uyh@`z!2XN_4-d{ z#qeXGgbjjs=chq6*Br=^85_M>CF@dCRB~(!>vDAdT`CLmnMOw3#70Q$TuA}R3sWCb zNgO2%Pf&auhAWV>5+!w+lo4%LuqGTsCF@efroyi?>rO(l8G}7PRHd-N8k*a=^thB0 zcFF1TTZ&v}-H91L>>2Fwk7oR%TEt6CvW}Y==1LJy*VY+M_4-Glr&l1KX%RR9=WD;! z+WZFug-oflq{2p=s}#4UIh?Ri4;W4L7zp1+!`MZXW$UxEovT%|vhW6Un|eL0U{ZwU zV8LVfi|8oN`y|gtdj_!)DdL}i6Es{O%J>g)tfwm->R*5byG~K_Di3GqI)x6$RGHjW z9|8B?ouA_p-;eZ_-t-?)DhG3H1+hbWoyhBs>1K2D+99>E?32jHvZ#IR3jfhNt9$)N zcgSA{us5%BbDK>aa-PaFJPyfz5Bkpdt@Sq+E1|}#)>y2>9KTEnK7N^0g;w^^PHZ=% z60S~7q5{fH!6vmeL7Ddj5pW)ITplUyG_;Huog>g>gG^CzwT7H!e^`=TYL^bhr5!yR zORb{)-0tFhL8*kRY`&`nW_Mp{SHtwwTC91oZAXryT&RQwLKC}X=5Yy5_wMX*f#vpg z_?j#^-AHwNCh{M?L{+I4uhdGw7Q~B7r;t=)-I{9JeJ4&Udh=ai4AHf@3 zjyEk0#ziJ|h<%5n?_uX6eRAWOBYWRr=LedMBHBJ6RoqfRDG%MBPZ3w50*-CdVY@6iVu*A z+XT#C|EYYUaZZJlY9f!ZM6_6;E%;8`2?c*-_T#QHFMT4`+qwIN^$`E$vlOf6z#qPb#(L9}u`CTZU2n=JF$DLdTae@Y9vMCU0Xikm zVa;x1z_~bwS#an#;Cx6Gp-!(n3osjt0q5;wk~~V>i_-z;=ec~@irH`sIDMu-IrM<@ zz>uV%hkXpGx#3oy<1L>+C&OVYw%%$R;X>gy;%=H=9kmrJ>KN$p-lZG!u1_wo3MxE+ z3eF`tnZ~r4KM)&mCL3zUdX0}_E^`rso`LVIPTN# z4mdBpVU(rMvGnQOfb&GI1V_o(ZVfoQRZhP=@B%UHv+soYWXj*gXm}CYVFK-J6uCx% zE>b!A%k!CXJ2&7o82UU9CYAg?zCUeFU;3rBRT~(62AoG#EsQeVok!&Udnu~R9T)cB zOzTZoBUQ7H85r-i3%K@O|NI+j0{ibH!p2JKNRR*M(0Yv0>Zpm(azNdkhcNWtCFf~n zf3+VcS@&+NLQ<>DNDY-pjbU9jj^(raczoz|>%+UW4XEEgh`)&Vx)P({;euITBB_c0 zJLF`11e_OlHPqsbSU+dL91hP8B!p zXEExhcfpaz`d3!9rZUy(@__T(e5UrV!z$+#)WPKN4j@KUuI5kQ;Xd#<=K%XTI zIGBipAd=_xGJUVfsRT^JJyNuqettSnikuPI<8Yg+W_umF&~Xv6 zcCp8Llw;qeN-M)>a$Pa+2;R3^-(Y_7S5i5rZh$WJ1eL<0_$lBgkjI6umnhG~n`P(m z_mLW_70ymIV%6`&<&dcJ(oA|LGD;&D>jT++7a^TVSL1KiPVct%k+&_slDrM8k!2do z_W9)B0_-0Wdzr-cxg|Wr{QF;5=I2&ud?len9e+(C_4*HEPW~-ls>#0euo7IKa7#u0 z#*j1WQ1fGV-{gSvFRCmfCt@Y4JmCIYguO@A9iAzN(Z43_%@W%O+`>-fTwp}Oc4g=* zqY#DNV89vD%=wS@hELpdYtU@fU|75z!xr>zh0xo-tm zHgyvJEr&@p0q;0M)%o=1ZpZOG96yeY$e%UfwK)DCa6AW&dS<+27Cyb!d)e&seLwJ& zJ=-T0>n4`Pk*`vb$~2}j^Jlg{qhY4LHFR$1YDKZ zs8i&cdrD`TWD@T`ZYDj<(v-#O>cgwmbOW>cd;#a{ii7@iJV!|OU)fAcF3&=WPk%b1 z5|~MjuwArZ+JXDf=Vetklb{;88efW`M=#@QE zvf*zbt2md%348bp$STQYQP$y4Bg>QW_RF_A81}_b0@=tcHJMz?58a|NPcxaAXT=a_ zRA5dpncRa7%~6?U%%tcXoQBR*nWr<8T9BEitITq5ItyVTd3GMzcmD7TK={o^np*04 zkQy3#jToKBHha@QMygk;7ryx;X787}-tOmePdZ|~BebpXGnY6;`VDS6YY2*Ba?f-mO|#gU?`TV-P|O6N&@52`q~{F40R*Euh_JQ4%S zM`S+V8|&p`b{`2ioj3_lziSvv^50=EvT%qjj2@Os(JUbM4d(vFo1f?Xhg%s+>UUIQ2IWIQ>ArCr$}C=NbZZ zbCJTNRblyn;#_1HWI^|SRa~xqQBe;Bmm58&Euen|q_^(IjgEKkmxF{ieUH=`e#?jI zcw^w)|1+sJtgR|k$6_BEZi5Z1bs8mFh{7JlX{yZnXN_`QAqudBj0?yTV^~=RDH1NK^HNw|^@6hswAJuXoP; zlZ4d>DhG)#aG{OjkB|h0_Zd89!|nlPatvd<-PA|@R-3AqNny- zP5>w=B_XrYL^s7RDLhj(->J<+H=8M<=MZr;EjLqH)vDf1*?zi~8;wiF2l4_|76>?x zuinfQAq9L6Cc_CG#+WOi)-km7;hSQv1mgg^Rs*nbKy$(g9FwGa{D+4(82$@Trsxel zP_EGyNpX*|vB*V7zuO`mRL5S;RaP@%+UV{)+`Jvf0f+hZ432`ZUB{3(^k>Kbt1P`j zs`W0~SDDrtfD)VoKaurw_PuPhQ2ggX;C=QDI8#)`ym4I)uv8lNRb^adPi|z^ad^Nf z-YB(?T})b$K;O8OTKy|dfD=CW!SKa@11j*wm`QG~L~6crg#`iYJ(v9tja9(BcMBEp z91d8O{imM7{%GvfQhr4>04dMQ;pLo`-c7;qx{xf7=llK&M(e;AMr=kgp+&eGve%1 zb@0}KZ#>N}e$dv#roaq>JhC3v;}po4gQzh^Q(NW_u@yOZ@iz+oqtcJ$TPXdq34U~y zA&gd!#jE6lBm~Z#+9(x+^>RyQ{k2%ckCS)=;UMhWcHy zUfXKMeuA$JHkLSVfHnCxQsJ!m9>3^(gnx$1`P=AWPj)a<(me`I@F&#n-&lVR6avl@ zQ0|Q=QQsW$yNyM$s2z^lH7ml=Hrtx-t7;KTo0}!?Jd5A zDckZHbW&ImO4>CmV=e8i?co+QR27=ZwyQSys&4dEHTjmTY|?o(RU2xmw&n9A4ltX5 zDFXhLV$Irx!oO;X6rrXuwk6t@2(^T3*0$dc)~X^AC0t>Ns7h8P@yAzlwT}$(d$8Kt zT3>6ZJpy^{n2#Uv_*%kAd^04~;Y-F+iRQ4c6$rA5W!v%O{JJ`^u%*T4qXr8bkzc&M(5A4jr9BaDwqpqx z1&Xs0;nu4}vvw(b%LJFYO5js8yQV|i_bRbG6cvlZ8&E$X7RD2Zw~6JcC_+RmOtrzA z;$n5PEmp-gqtRyA;$mzkKZ;O`FdN}Ag!u?pBV3EH7-2cWDugu%EAR=N;k3LeIlmmA zhqXuS*nCknt3Cp+_L=7zcw5p}H5)donu`JrRMpRJna@8&y+-~=4Is~|omG1|v2Nn` zW3g!R7N2jebcLFAYgXJu@TNwWn;`QRaNuiC`eM+mJQ9WgtM`iafqMADZ^Qbrn^l^Cy`$rK3U(=kbiCR0vI z!sW(T?P0P5yi-zKTkEsz<~aFIws*8gLXvE|Rv1WD zDC$clEnf&SQ@BJZnruZuJQ1^F&9O*r`Py(8Xkkeo)X1lH(=_$ z1OsbUufI{$*&Xq^t;kHpgDFe~`SL~nHBBz?I{%HJRae^);R=5EFK7Jls*3 z59`QmNsDBHjmtRW)xq!UXz?0+qM1sx+uQ0$0`mYSop2HZTtxnfAcc=(En8VptV|_s zUmNBkU&!|1vsOT}FnUI7RHyXe6VOx#I#)Snr-eH0n_iWiPJiYo8*=qAbWvY*G)7l# z$0Y@AzPcH#H%=R~$7>@AWX=Nfg&GHPjdKb^bK#D-y$v|-QNi%%E?*2+??~bE(Ku!l zHPR<%j+t^gDD?)&>|(wepMUz=qnhVMp(v%ZLeR{H7-m^LV}yX@p1f4Ir<6kct##zb zt-fmZ$Y^YfRFQN$Yysr4poy7DA2s1go#u%p^Y~(bF~0#~%#{-3Q5~NSfH1%0VSJ&E zYjn)-O!-=t_XFV5QTZJ^&k&aGz&E3a%RYr~OA$Z&NlzIC+=;a{J^_{Aq4MqnJ|ze< zv8m>=yB_rLsi(Z_f%gamdOT(LBve!*K7%m=J_(g~EMNf_8@(HwHN>bUu-A;;3mD12 z`!V+`u;NpYtpsw-DY#$O*-}AeJmzG~ZW^ z>pEum=G4xuo#UHbUq7#Y_Uw=Os@GtVv=m)Y=GV-gjqif~pJCUwHqZI{=>Pwy0gh^u z+dAyf2E=wk#g<9ogY$4AE^5&^!?g>qT~=d<+C;4tN?M|}Wm^;#RcvF~*A`9H>hXCD zfN#oc6X6K)RU#g-MXkIgpw zI@+7jKnxY}r&dx^HSuvdD#bcDg62HnuO`j`2Kxm2l)S430Q-%3SjOi<1iX}zc=Ape z6!-v}hkcn3K5LeDuaF-5_EO-*5llH_hL0hze-n>={#hgf=-?a+fG%c`-H1~A(t z-U#;nBiH8JBC5fA2x;QccHHRlE+ZGY9Nr!m-bvt{JO$p@U3mN+*t00#7K(E8IB!wM zY**fm1Uw%Yp?&#~Kk~5;!SGj&Ii0I|ViOq-c! z?sd4g03DkBe7!a`UG|-mGOHmg6|f^_0NswBt-Ie=$5&ajcL$xa(&c zl19EFc*aKo8~KWW-2m9gR|NUsc7h-FBLeL+#WKY5<9-RBCDtJhxZ2wUc&7_4Y<~;N zN3}lL{!YL`>yz!@575}7NO;9p0K575Cg2FhF+}kD3UPo5{ZPJxNb?tlxb6eoSBPIA z{xI%2SgqmzL~Pc2y!+_)fcbnJf$Pg6DDd1}p0XPdvpzoo<5Pvea-W9DH{m&eIj+*v zC*k%pu7~+tfWY#V8h%T|{NCT_zq0u4Ea%Xrs6UwA)=yG${SE=gq!rb+BriM8WQr=4dbNo~KI7?g(m=_)x_&SZh9(0L+tA?v} zeK~<6&7Q~dyL9=L8onQ}>EGmkH{j&`@CPmLqZ+?i)BjfuKdtNkn<>}u&o$hs@qeq~ z^ELbzz;1h0Vu<7Q8Ea(y3gH7xc>#jwx3e<=^InZ63`OK`mKqXscZV&~@N(V$8V&Q4 z5y~3_d>8z89)?QR-vQX&{%1A*9F6}C4V$~gz7N=pFFy2F{$7vIWeBAIbHHXiJOkt5 zuXOn(y8LYoo4dwJXgE9^2U!1Xz;1qO0rNxo4(N&eUZe4iJy!!Z{yiQ3-K5KBX?m@I z-TLbQY{pCW&u)$XrpD)24I?gn@7CpebotX7Hg}U9(6G_htAO47zX_PXon?PCSarQO6dD?UCuf_gq48Z?KJ~VK9uj@QH^i(-vyX2m<>Ol z)#cZN7Tf!phLM!?am*HpxULWr%?Uecr&?QUn{hGKqNderf-9D-ZNklB!C>PUX!)XC zQM|Sur^FpN>afEtxV9=7Y>5SVkQ9mpj z(jPPsn=$D;Rk;b0RC!1SUfUA5I1OilxP%J{UhgIE^h$1v+M%uaJKL~@!wp~y7UVD1 z!tpKc-f9WrtSPB)26GqdtH<0~!Pa=t+G1`VbC>XTv*>1bPEcO?77Qg4p>6VRuOJ%3 z)nAZA9)2aMt7I&QbJms!Zw8Zhh&3lu>Z&+%MVXr{q2`9w zeQoX>>IWylkg_=z$H}(3IL(cru2n0@k+-wC^W=4M?hI6m!Y|xeW2~dvby+}N+2^{P zOUuEac;{IN%OI={+E>sSruG4ep zt2^%UIkVh%@#VAY!B{*IF5peQ?Mmj|jThm$D@o^8x9z#J%}saX-h9YA@x~(K4m@cs zb=9A{Ox^nD&XE`L95Z5|22jlH|i+yLlCk%k_7A!E>`@$qhFEL2&} dmDNj(@vd*=5qGr3-7W_a+)C)qD!AkE{{VB7HDmw) diff --git a/org.gridsite.core/src/htcp.c b/org.gridsite.core/src/htcp.c deleted file mode 100644 index 3275806..0000000 --- a/org.gridsite.core/src/htcp.c +++ /dev/null @@ -1,1237 +0,0 @@ -/* - Copyright (c) 2002-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*---------------------------------------------------------------* - * For more about GridSite: http://www.gridsite.org/ * - *---------------------------------------------------------------*/ - -#ifndef VERSION -#define VERSION "0.0.0" -#endif - -#define _GNU_SOURCE - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* deal with older versions of libcurl and curl.h */ - -#ifndef CURLOPT_WRITEDATA -#define CURLOPT_WRITEDATA CURLOPT_FILE -#endif - -#ifndef CURLOPT_READDATA -#define CURLOPT_READDATA CURLOPT_FILE -#endif - -#ifndef CURLE_HTTP_RETURNED_ERROR -#define CURLE_HTTP_RETURNED_ERROR CURLE_HTTP_NOT_FOUND -#endif - -#define HTCP_GET 1 -#define HTCP_PUT 2 -#define HTCP_DELETE 3 -#define HTCP_LIST 4 -#define HTCP_LONGLIST 5 -#define HTCP_MKDIR 6 - -struct grst_stream_data { char *source; - char *destination; - int ishttps; - int method; - FILE *fp; - char *cert; - char *key; - char *capath; - char *useragent; - char *errorbuf; - int noverify; - int anonymous; - long long downgrade; - int verbose; } ; - -struct grst_index_blob { char *text; - size_t used; - size_t allocated; } ; - -struct grst_dir_list { char *filename; - size_t length; - int length_set; - time_t modified; - int modified_set; } ; - -struct grst_header_data { int retcode; - char *location; - char *gridauthonetime; - size_t length; - int length_set; - time_t modified; - int modified_set; - struct grst_stream_data *common_data; } ; - -size_t headers_callback(void *ptr, size_t size, size_t nmemb, void *p) -/* Find the values of the return code, Content-Length, Last-Modified - and Location headers */ -{ - float f; - char *s, *q; - size_t realsize; - struct tm modified_tm; - struct grst_header_data *header_data; - - header_data = (struct grst_header_data *) p; - realsize = size * nmemb; - s = malloc(realsize + 1); - memcpy(s, ptr, realsize); - s[realsize] = '\0'; - - if (sscanf(s, "Content-Length: %d", &(header_data->length)) == 1) - header_data->length_set = 1; - else if (sscanf(s, "HTTP/%f %d ", &f, &(header_data->retcode)) == 2) ; - else if (strncmp(s, "Location: ", 10) == 0) - { - header_data->location = strdup(&s[10]); - - if (header_data->common_data->verbose > 0) - fprintf(stderr, "Received Location: %s\n", header_data->location); - } - else if (strncmp(s, "Set-Cookie: GRID_AUTH_ONETIME=", 30) == 0) - { - header_data->gridauthonetime = strdup(&s[12]); - q = index(header_data->gridauthonetime, ';'); - if (q != NULL) *q = '\0'; - - if (header_data->common_data->verbose > 0) - fprintf(stderr, "Received Grid Auth Cookie: %s\n", - header_data->gridauthonetime); - } - else if (strncmp(s, "Last-Modified: ", 15) == 0) - { - /* follow RFC 2616: first try RFC 822 (kosher), then RFC 850 and - asctime() formats too. Must be GMT whatever the format. */ - - if (strptime(&s[15], "%a, %d %b %Y %T GMT", &modified_tm) != NULL) - { - header_data->modified = mktime(&modified_tm); - header_data->modified_set = 1; - } - else if (strptime(&s[15], "%a, %d-%b-%y %T GMT", &modified_tm) != NULL) - { - header_data->modified = mktime(&modified_tm); - header_data->modified_set = 1; - } - else if (strptime(&s[15], "%a %b %d %T %Y", &modified_tm) != NULL) - { - header_data->modified = mktime(&modified_tm); - header_data->modified_set = 1; - } - } - - free(s); - return realsize; -} - -int set_std_opts(CURL *easyhandle, struct grst_stream_data *common_data) -{ - struct stat statbuf; - - curl_easy_setopt(easyhandle, CURLOPT_FOLLOWLOCATION, 0); - - if ((common_data->cert != NULL) && (common_data->key != NULL)) - { - curl_easy_setopt(easyhandle, CURLOPT_SSLENGINE, NULL); - curl_easy_setopt(easyhandle, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(easyhandle, CURLOPT_SSLCERT, common_data->cert); - curl_easy_setopt(easyhandle, CURLOPT_SSLKEY, common_data->key); - } - else - { - curl_easy_setopt(easyhandle, CURLOPT_SSLENGINE, "RSA"); - curl_easy_setopt(easyhandle, CURLOPT_SSLCERTTYPE, "ENG"); - } - - if (common_data->capath != NULL) - { -#if (LIBCURL_VERSION_NUM >= 0x070908) - if ((stat(common_data->capath, &statbuf) == 0) && - S_ISDIR(statbuf.st_mode)) - curl_easy_setopt(easyhandle, CURLOPT_CAPATH, common_data->capath); - else -#endif - curl_easy_setopt(easyhandle, CURLOPT_CAINFO, common_data->capath); - } - - if (common_data->noverify) - curl_easy_setopt(easyhandle, CURLOPT_SSL_VERIFYHOST, 0); - else curl_easy_setopt(easyhandle, CURLOPT_SSL_VERIFYHOST, 2); - - return 1; -} - -int do_copies(char *sources[], char *destination, - struct grst_stream_data *common_data) -{ - char *p, *thisdestination; - int isrc, anyerror = 0, thiserror, isdirdest; - CURL *easyhandle; - struct stat statbuf; - struct grst_header_data header_data; - struct curl_slist *dgheader_slist = NULL, *nodgheader_slist = NULL; - - easyhandle = curl_easy_init(); - - if (common_data->downgrade >= (long long) 0) - { - asprintf(&p, "HTTP-Downgrade-Size: %lld", common_data->downgrade); - dgheader_slist = curl_slist_append(dgheader_slist, p); - free(p); - - nodgheader_slist = curl_slist_append(nodgheader_slist, - "HTTP-Downgrade-Size:"); - } - - curl_easy_setopt(easyhandle, CURLOPT_USERAGENT, common_data->useragent); - if (common_data->verbose > 1) - curl_easy_setopt(easyhandle, CURLOPT_VERBOSE, 1); - - curl_easy_setopt(easyhandle, CURLOPT_HEADERFUNCTION, headers_callback); - curl_easy_setopt(easyhandle, CURLOPT_WRITEHEADER, &header_data); - - set_std_opts(easyhandle, common_data); - - curl_easy_setopt(easyhandle, CURLOPT_ERRORBUFFER, common_data->errorbuf); - - if (destination[strlen(destination) - 1] != '/') - { - isdirdest = 0; - thisdestination = destination; - } - else isdirdest = 1; - - for (isrc=0; sources[isrc] != NULL; ++isrc) - { - if (isdirdest) - { - p = rindex(sources[isrc], '/'); - if (p == NULL) p = sources[isrc]; - else p++; - - asprintf(&thisdestination, "%s%s", destination, p); - } - - if (common_data->verbose > 0) - fprintf(stderr, "%s -> %s\n", sources[isrc], thisdestination); - - if (common_data->method == HTCP_GET) - { - common_data->fp = fopen(thisdestination, "w"); - if (common_data->fp == NULL) - { - fprintf(stderr,"... failed to open destination source file %s\n", - thisdestination); - anyerror = 99; - if (isdirdest) free(thisdestination); - continue; - } - - curl_easy_setopt(easyhandle, CURLOPT_WRITEDATA, common_data->fp); - curl_easy_setopt(easyhandle, CURLOPT_URL, sources[isrc]); - - if ((common_data->downgrade >= (long long) 0) && - (strncmp(sources[isrc], "https://", 8) == 0)) - { - if (common_data->verbose > 0) - fprintf(stderr, "Add HTTP-Downgrade-Size: %lld header\n", - common_data->downgrade); - - curl_easy_setopt(easyhandle,CURLOPT_HTTPHEADER,dgheader_slist); - } - else - curl_easy_setopt(easyhandle,CURLOPT_HTTPHEADER,nodgheader_slist); - } - else if (common_data->method == HTCP_PUT) - { - if (stat(sources[isrc], &statbuf) != 0) - { - fprintf(stderr, "... source file %s not found\n", sources[isrc]); - anyerror = 99; - if (isdirdest) free(thisdestination); - continue; - } - - common_data->fp = fopen(sources[isrc], "r"); - if (common_data->fp == NULL) - { - fprintf(stderr, "... failed to open source file %s\n", - sources[isrc]); - anyerror = 99; - if (isdirdest) free(thisdestination); - continue; - } - - curl_easy_setopt(easyhandle, CURLOPT_READDATA, common_data->fp); - curl_easy_setopt(easyhandle, CURLOPT_URL, thisdestination); - curl_easy_setopt(easyhandle, CURLOPT_INFILESIZE, statbuf.st_size); - curl_easy_setopt(easyhandle, CURLOPT_UPLOAD, 1); - - if (((long long) statbuf.st_size >= common_data->downgrade) && - (strncmp(thisdestination, "https://", 8) == 0)) - curl_easy_setopt(easyhandle,CURLOPT_HTTPHEADER,dgheader_slist); - else - curl_easy_setopt(easyhandle,CURLOPT_HTTPHEADER,nodgheader_slist); - } - - header_data.retcode = 0; - header_data.location = NULL; - header_data.gridauthonetime = NULL; - header_data.common_data = common_data; - thiserror = curl_easy_perform(easyhandle); - - fclose(common_data->fp); - - if ((common_data->downgrade >= (long long) 0) && - (thiserror == 0) && - (header_data.retcode == 302) && - (header_data.location != NULL) && - (strncmp(header_data.location, "http://", 7) == 0) && - (header_data.gridauthonetime != NULL)) - { - if (common_data->verbose > 0) - fprintf(stderr, "... Found (%d)\nHTTP-Downgrade to %s\n", - header_data.retcode, header_data.location); - - /* try again with new URL and all the previous CURL options */ - - if (common_data->method == HTCP_GET) - { - common_data->fp = fopen(thisdestination, "w"); - if (common_data->fp == NULL) - { - fprintf(stderr, "... failed to open destination source " - "file %s\n", thisdestination); - anyerror = 99; - if (isdirdest) free(thisdestination); - continue; - } - } - else if (common_data->method == HTCP_PUT) - { - common_data->fp = fopen(sources[isrc], "r"); - if (common_data->fp == NULL) - { - fprintf(stderr, "... failed to open source file %s\n", - sources[isrc]); - anyerror = 99; - if (isdirdest) free(thisdestination); - continue; - } - } - - header_data.retcode = 0; - curl_easy_setopt(easyhandle, CURLOPT_URL, header_data.location); - curl_easy_setopt(easyhandle, CURLOPT_HTTPHEADER, nodgheader_slist); - curl_easy_setopt(easyhandle, CURLOPT_COOKIE, - header_data.gridauthonetime); - thiserror = curl_easy_perform(easyhandle); - - fclose(common_data->fp); - } - - if ((thiserror != 0) || - (header_data.retcode < 200) || - (header_data.retcode >= 300)) - { - fprintf(stderr, "... curl error: %s (%d), HTTP error: %d\n", - common_data->errorbuf, thiserror, header_data.retcode); - - if (thiserror != 0) anyerror = thiserror; - else anyerror = header_data.retcode; - } - else if (common_data->verbose > 0) - fprintf(stderr, "... OK (%d)\n", header_data.retcode); - - if (isdirdest) free(thisdestination); - } - - curl_easy_cleanup(easyhandle); - - return anyerror; -} - -int do_deletes(char *sources[], struct grst_stream_data *common_data) -{ - int isrc, anyerror = 0, thiserror; - CURL *easyhandle; - struct grst_header_data header_data; - - header_data.common_data = common_data; - - easyhandle = curl_easy_init(); - - curl_easy_setopt(easyhandle, CURLOPT_USERAGENT, common_data->useragent); - if (common_data->verbose > 1) - curl_easy_setopt(easyhandle, CURLOPT_VERBOSE, 1); - - curl_easy_setopt(easyhandle, CURLOPT_HEADERFUNCTION, headers_callback); - curl_easy_setopt(easyhandle, CURLOPT_WRITEHEADER, &header_data); - - curl_easy_setopt(easyhandle, CURLOPT_ERRORBUFFER, common_data->errorbuf); - curl_easy_setopt(easyhandle, CURLOPT_CUSTOMREQUEST, "DELETE"); - curl_easy_setopt(easyhandle, CURLOPT_NOBODY, 1); - - set_std_opts(easyhandle, common_data); - - for (isrc=0; sources[isrc] != NULL; ++isrc) - { - if (common_data->verbose > 0) - fprintf(stderr, "Deleting %s\n", sources[isrc]); - - curl_easy_setopt(easyhandle, CURLOPT_URL, sources[isrc]); - - header_data.retcode = 0; - thiserror = curl_easy_perform(easyhandle); - - if ((thiserror != 0) || - (header_data.retcode < 200) || - (header_data.retcode >= 300)) - { - fprintf(stderr, "... curl error: %s (%d), HTTP error: %d\n", - common_data->errorbuf, thiserror, header_data.retcode); - - if (thiserror != 0) anyerror = thiserror; - else anyerror = header_data.retcode; - } - else if (common_data->verbose > 0) - fprintf(stderr, "... OK (%d)\n", header_data.retcode); - } - - curl_easy_cleanup(easyhandle); - - return anyerror; -} - -int do_mkdirs(char *sources[], struct grst_stream_data *common_data) -{ - int isrc, anyerror = 0, thiserror; - CURL *easyhandle; - struct grst_header_data header_data; - - header_data.common_data = common_data; - - easyhandle = curl_easy_init(); - - curl_easy_setopt(easyhandle, CURLOPT_USERAGENT, common_data->useragent); - if (common_data->verbose > 1) - curl_easy_setopt(easyhandle, CURLOPT_VERBOSE, 1); - - curl_easy_setopt(easyhandle, CURLOPT_HEADERFUNCTION, headers_callback); - curl_easy_setopt(easyhandle, CURLOPT_WRITEHEADER, &header_data); - - curl_easy_setopt(easyhandle, CURLOPT_ERRORBUFFER, common_data->errorbuf); - curl_easy_setopt(easyhandle, CURLOPT_CUSTOMREQUEST, "PUT"); - curl_easy_setopt(easyhandle, CURLOPT_NOBODY, 1); - - set_std_opts(easyhandle, common_data); - - for (isrc=0; sources[isrc] != NULL; ++isrc) - { - if (common_data->verbose > 0) - fprintf(stderr, "Make directory %s\n", sources[isrc]); - - curl_easy_setopt(easyhandle, CURLOPT_URL, sources[isrc]); - - header_data.retcode = 0; - thiserror = curl_easy_perform(easyhandle); - - if ((thiserror != 0) || - (header_data.retcode < 200) || - (header_data.retcode >= 300)) - { - fprintf(stderr, "... curl error: %s (%d), HTTP error: %d\n", - common_data->errorbuf, thiserror, header_data.retcode); - - if (thiserror != 0) anyerror = thiserror; - else anyerror = header_data.retcode; - } - else if (common_data->verbose > 0) - fprintf(stderr, "... OK (%d)\n", header_data.retcode); - } - - curl_easy_cleanup(easyhandle); - - return anyerror; -} - -size_t rawindex_callback(void *ptr, size_t size, size_t nmemb, void *data) -{ - if ( ((struct grst_index_blob *) data)->used + size * nmemb >= - ((struct grst_index_blob *) data)->allocated ) - { - ((struct grst_index_blob *) data)->allocated = - ((struct grst_index_blob *) data)->used + size * nmemb + 4096; - - ((struct grst_index_blob *) data)->text = - realloc( ((struct grst_index_blob *) data)->text, - ((struct grst_index_blob *) data)->allocated ); - } - - memcpy( &( ((struct grst_index_blob *) - data)->text[((struct grst_index_blob *) data)->used] ), - ptr, size * nmemb); - - ((struct grst_index_blob *) data)->used += size * nmemb; - - return size * nmemb; -} - -char *canonicalise(char *link, char *source) -{ - int i, j, srclen; - char *s; - - srclen = strlen(source); - - if ((strncmp(link, "https://", 8) == 0) || - (strncmp(link, "http://", 7) == 0)) - { - if (strncmp(link, source, srclen) != 0) return NULL; /* other site */ - - if (link[srclen] == '\0') return NULL; /* we dont self-link! */ - - for (i=0; link[srclen + i] != '\0'; ++i) - if (link[srclen + i] == '/') - { - if (link[srclen + i + 1] != '\0') return NULL; /* no subdirs */ - else return strdup(&link[srclen]); /* resolves to this dir */ - } - } - else if (link[0] != '/') /* relative link - need to check for subsubdirs */ - { - for (i=0; link[i] != '\0'; ++i) - if ((link[i] == '/') && (link[i+1] != '\0')) return NULL; - - s = strdup(link); - - for (i=0; s[i] != '\0'; ++i) - if (s[i] == '#') - { - s[i] = '\0'; - break; - } - - return s; - } - - /* absolute link on this server, starting / */ - - for (i=8; source[i] != '\0'; ++i) if (source[i] == '/') break; - - if (strncmp(link, &source[i], srclen - i) != 0) return NULL; - - for (j = srclen - i; link[j] != '\0'; ++j) - if ((link[j] == '/') && (link[j+1] != '\0')) return NULL; - - s = strdup(&link[srclen - i]); - - for (i=0; s[i] != '\0'; ++i) - if (s[i] == '#') - { - s[i] = '\0'; - break; - } - - if (s[0] == '\0') /* on second thoughts... */ - { - free(s); - return NULL; - } - - return s; -} - -int grst_dir_list_cmp(const void *a, const void *b) -{ - return strcmp( ((struct grst_dir_list *) a)->filename, - ((struct grst_dir_list *) b)->filename); -} - -struct grst_dir_list *index_to_dir_list(char *text, char *source) -{ - int taglevel = 0, wordnew = 1, i, namestart, used = 0, - allocated = 256; - char *p, *s; - struct grst_dir_list *list; - - list = (struct grst_dir_list *) - malloc(allocated * sizeof(struct grst_dir_list)); - - list[0].filename = NULL; - list[0].length = 0; - list[0].length_set = 0; - list[0].modified = 0; - list[0].modified_set = 0; - - for (p=text; *p != '\0'; ++p) - { - if (*p == '<') - { - ++taglevel; - - if ((taglevel == 1) && (list[used].filename != NULL)) - { - ++used; - if (used >= allocated) - { - allocated += 256; - list = (struct grst_dir_list *) - realloc((void *) list, - allocated * sizeof(struct grst_dir_list)); - } - - list[used].filename = NULL; - list[used].length = 0; - list[used].length_set = 0; - list[used].modified = 0; - list[used].modified_set = 0; - } - - wordnew = 1; - continue; - } - - if (*p == '>') - { - --taglevel; - wordnew = 1; - continue; - } - - if (isspace(*p)) - { - wordnew = 1; - continue; - } - - if ((wordnew) && (taglevel == 1)) - { - if (((*p == 'h') || (*p == 'H')) && - (strncasecmp(p, "href=", 5) == 0)) - { - if (p[5] == '"') { namestart = 6; - for (i=namestart; (p[i] != '\0') && - (p[i] != '"' ) && - (p[i] != '\n') && - (p[i] != '\t') && - (p[i] != '>' ) ; ++i) ; } - else { namestart = 5; - for (i=namestart; (p[i] != '\0') && - (p[i] != '"' ) && - (p[i] != ' ' ) && - (p[i] != '\n') && - (p[i] != '\t') && - (p[i] != ')' ) && - (p[i] != '>' ) ; ++i) ; } - if (i > namestart) - { - s = malloc(1 + i - namestart); - memcpy(s, &p[namestart], i - namestart); - s[i - namestart] = '\0'; - - list[used].filename = canonicalise(s, source); - free(s); - } - - p = &p[i-1]; /* -1 since continue results in ++i */ - continue; - } - - if (((*p == 'c') || (*p == 'C')) && - (strncasecmp(p, "content-length=", 15) == 0)) - { - list[used].length = 0; - list[used].length_set = 1; - - if (p[15] == '"') list[used].length = atoi(&p[16]); - else list[used].length = atoi(&p[15]); - - p = &p[15]; - continue; - } - - if (((*p == 'l') || (*p == 'L')) && - (strncasecmp(p, "last-modified=", 14) == 0)) - { - list[used].modified = 0; - list[used].modified_set = 1; - - if (p[14] == '"') list[used].modified = atoi(&p[15]); - else list[used].modified = atoi(&p[14]); - - p = &p[14]; - continue; - } - } - - wordnew = 0; - } - - qsort((void *) list, used, sizeof(struct grst_dir_list), grst_dir_list_cmp); - - return list; -} - -int do_listings(char *sources[], struct grst_stream_data *common_data, - int islonglist) -{ - int isrc, anyerror = 0, thiserror, i, isdir, ilast; - CURL *easyhandle; - const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", - "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }; - char *s; - struct grst_index_blob rawindex; - struct grst_dir_list *list; - struct grst_header_data header_data; - struct tm modified_tm; - time_t now; - - time(&now); - - header_data.common_data = common_data; - - easyhandle = curl_easy_init(); - - curl_easy_setopt(easyhandle, CURLOPT_USERAGENT, common_data->useragent); - if (common_data->verbose > 1) - curl_easy_setopt(easyhandle, CURLOPT_VERBOSE, 1); - - curl_easy_setopt(easyhandle, CURLOPT_WRITEHEADER, &header_data); - curl_easy_setopt(easyhandle, CURLOPT_HEADERFUNCTION, headers_callback); - - curl_easy_setopt(easyhandle, CURLOPT_ERRORBUFFER, common_data->errorbuf); - - set_std_opts(easyhandle, common_data); - - for (isrc=0; sources[isrc] != NULL; ++isrc) - { - if (common_data->verbose > 0) - fprintf(stderr, "Listing %s\n", sources[isrc]); - - if (sources[1] != NULL) printf("\n%s:\n", sources[isrc]); - - curl_easy_setopt(easyhandle, CURLOPT_URL, sources[isrc]); - - if (sources[isrc][strlen(sources[isrc])-1] == '/') - { - isdir = 1; - curl_easy_setopt(easyhandle,CURLOPT_WRITEFUNCTION,rawindex_callback); - curl_easy_setopt(easyhandle,CURLOPT_WRITEDATA,(void *) &rawindex); - curl_easy_setopt(easyhandle,CURLOPT_NOBODY,0); - rawindex.text = NULL; - rawindex.used = 0; - rawindex.allocated = 0; - } - else - { - isdir = 0; - curl_easy_setopt(easyhandle, CURLOPT_WRITEFUNCTION, NULL); - curl_easy_setopt(easyhandle, CURLOPT_WRITEDATA, NULL); - curl_easy_setopt(easyhandle, CURLOPT_NOBODY, 1); - } - - header_data.gridauthonetime = NULL; - header_data.length_set = 0; - header_data.modified_set = 0; - header_data.retcode = 0; - thiserror = curl_easy_perform(easyhandle); - - if ((thiserror != 0) || - (header_data.retcode < 200) || - (header_data.retcode >= 300)) - { - fprintf(stderr, "... curl error: %s (%d), HTTP error: %d\n", - common_data->errorbuf, thiserror, header_data.retcode); - - if (thiserror != 0) anyerror = thiserror; - else anyerror = header_data.retcode; - } - else if (isdir) - { - if (common_data->verbose > 0) - fprintf(stderr, "... OK (%d)\n", header_data.retcode); - - rawindex.text[rawindex.used] = '\0'; - - list = index_to_dir_list(rawindex.text, sources[isrc]); - ilast = -1; - - for (i=0; list[i].filename != NULL; ++i) - { - if (list[i].filename[0] == '.') continue; - - if (strncmp(list[i].filename, "mailto:", 7) == 0) continue; - - if ((ilast >= 0) && - (strcmp(list[i].filename, list[ilast].filename) == 0)) - continue; - ilast=i; - - if (islonglist) - { - if (!list[i].length_set || !list[i].modified_set) - { - curl_easy_setopt(easyhandle, CURLOPT_WRITEFUNCTION, - NULL); - curl_easy_setopt(easyhandle, CURLOPT_WRITEDATA, NULL); - curl_easy_setopt(easyhandle, CURLOPT_NOBODY, 1); - - asprintf(&s, "%s%s", sources[isrc], list[i].filename); - curl_easy_setopt(easyhandle, CURLOPT_URL, s); - - header_data.gridauthonetime = NULL; - header_data.length_set = 0; - header_data.modified_set = 0; - header_data.retcode = 0; - thiserror = curl_easy_perform(easyhandle); - free(s); - - if ((thiserror == 0) && - (header_data.retcode >= 200) && - (header_data.retcode <= 299)) - { - if (header_data.length_set) - { - list[i].length_set = 1; - list[i].length = header_data.length; - } - - if (header_data.modified_set) - { - list[i].modified_set = 1; - list[i].modified = header_data.modified; - } - } - } - - if (list[i].length_set) printf("%10ld ", list[i].length); - else fputs(" ? ", stdout); - - if (list[i].modified_set) - { - localtime_r(&(list[i].modified), &modified_tm); - - if (list[i].modified < now - 15552000) - printf("%s %2d %4d ", - months[modified_tm.tm_mon], - modified_tm.tm_mday, - modified_tm.tm_year + 1900); - else printf("%s %2d %02d:%02d ", - months[modified_tm.tm_mon], - modified_tm.tm_mday, - modified_tm.tm_hour, - modified_tm.tm_min); - } - else fputs(" ? ? ? ", stdout); - } - - puts(list[i].filename); - } - } - else - { - if (islonglist) - { - printf("%10ld ", header_data.length); - - localtime_r(&(header_data.modified), &modified_tm); - - if (header_data.modified < now - 15552000) - printf("%s %2d %4d ", - months[modified_tm.tm_mon], - modified_tm.tm_mday, - modified_tm.tm_year + 1900); - else printf("%s %2d %02d:%02d ", - months[modified_tm.tm_mon], - modified_tm.tm_mday, - modified_tm.tm_hour, - modified_tm.tm_min); - } - - puts(sources[isrc]); - } - } - - curl_easy_cleanup(easyhandle); - - return anyerror; -} - -#if (LIBCURL_VERSION_NUM < 0x070908) -char *make_tmp_ca_roots(char *dir) -/* libcurl before 7.9.8 doesnt support CURLOPT_CAPATH and the directory, - so we make a temporary file with the concatenated CA root certs: that - is, all the files in that directory which end in .0 */ -{ - int ofd, ifd, c; - size_t size; - char tmp_ca_roots[] = "/tmp/.ca-roots-XXXXXX", buffer[4096], *s; - DIR *rootsDIR; - struct dirent *root_ent; - - if ((rootsDIR = opendir(dir)) == NULL) return NULL; - - if ((ofd = mkstemp(tmp_ca_roots)) == -1) - { - closedir(rootsDIR); - return NULL; - } - - while ((root_ent = readdir(rootsDIR)) != NULL) - { - if ((root_ent->d_name[0] != '.') && - (strlen(root_ent->d_name) > 2) && - (strncmp(&(root_ent->d_name[strlen(root_ent->d_name)-2]), - ".0", 2) == 0)) - { - asprintf(&s, "%s/%s", dir, root_ent->d_name); - ifd = open(s, O_RDONLY); - free(s); - - if (ifd != -1) - { - while ((size = read(ifd, buffer, sizeof(buffer))) > 0) - write(ofd, buffer, size); - close(ifd); - } - } - } - - closedir(rootsDIR); - - if (close(ofd) == 0) return strdup(tmp_ca_roots); - - unlink(tmp_ca_roots); /* try to clean up */ - - return NULL; -} -#endif - -void printsyntax(char *argv0) -{ - char *p; - - p = rindex(argv0, '/'); - if (p != NULL) ++p; - else p = argv0; - - fprintf(stderr, "%s [options] Source-URL[s] [Destination URL]\n" - "%s is one of a set of clients to fetch files or directory listings\n" -"from remote servers using HTTP or HTTPS, or to put or delete files or\n" -"directories onto remote servers using HTTPS. htcp is similar to scp(1)\n" -"but uses HTTP/HTTPS rather than ssh as its transfer protocol.\n" -"See the htcp(1) or http://www.gridsite.org/ for details.\n" -"(Version: %s)\n", p, p, VERSION); -} - -int main(int argc, char *argv[]) -{ - char **sources, *destination = NULL, *executable, *p; - int c, i, option_index, anyerror; - struct stat statbuf; - struct grst_stream_data common_data; - struct passwd *userpasswd; - struct option long_options[] = { {"verbose", 0, 0, 'v'}, - {"cert", 1, 0, 0}, - {"key", 1, 0, 0}, - {"capath", 1, 0, 0}, - {"delete", 0, 0, 0}, - {"list", 0, 0, 0}, - {"long-list", 0, 0, 0}, - {"mkdir", 0, 0, 0}, - {"no-verify", 0, 0, 0}, - {"anon", 0, 0, 0}, - {"downgrade-size", 1, 0, 0}, -// {"streams", 1, 0, 0}, -// {"blocksize", 1, 0, 0}, -// {"recursive", 0, 0, 0}, - {0, 0, 0, 0} }; - -#if (LIBCURL_VERSION_NUM < 0x070908) - char *tmp_ca_roots = NULL; -#endif - - if (argc == 1) - { - printsyntax(argv[0]); - return 0; - } - - common_data.cert = NULL; - common_data.key = NULL; - common_data.capath = NULL; - common_data.method = 0; - common_data.errorbuf = malloc(CURL_ERROR_SIZE); - asprintf(&(common_data.useragent), - "htcp/%s (http://www.gridsite.org/)", VERSION); - common_data.verbose = 0; - common_data.noverify = 0; - common_data.anonymous = 0; - common_data.downgrade = (long long) -1; - - while (1) - { - option_index = 0; - - c = getopt_long(argc, argv, "v", long_options, &option_index); - - if (c == -1) break; - else if (c == 0) - { - if (option_index == 1) common_data.cert = optarg; - else if (option_index == 2) common_data.key = optarg; - else if (option_index == 3) common_data.capath = optarg; - else if (option_index == 4) common_data.method = HTCP_DELETE; - else if (option_index == 5) common_data.method = HTCP_LIST; - else if (option_index == 6) common_data.method = HTCP_LONGLIST; - else if (option_index == 7) common_data.method = HTCP_MKDIR; - else if (option_index == 8) common_data.noverify = 1; - else if (option_index == 9) common_data.anonymous = 1; - else if (option_index ==10) common_data.downgrade = atoll(optarg); - } - else if (c == 'v') ++(common_data.verbose); - } - - if (common_data.verbose > 0) - { - p = rindex(argv[0], '/'); - if (p != NULL) ++p; - else p = argv[0]; - fprintf(stderr, "%s version %s\n", p, VERSION); - } - - if (common_data.anonymous) /* prevent any use of user certs */ - { - common_data.cert = NULL; - common_data.key = NULL; - } - else if ((common_data.cert == NULL) && (common_data.key != NULL)) - common_data.cert = common_data.key; - else if ((common_data.cert != NULL) && (common_data.key == NULL)) - common_data.key = common_data.cert; - else if ((common_data.cert == NULL) && (common_data.key == NULL)) - { - common_data.cert = getenv("X509_USER_PROXY"); - if (common_data.cert != NULL) common_data.key = common_data.cert; - else - { - asprintf(&(common_data.cert), "/tmp/x509up_u%d", geteuid()); - - /* one fine day, we will check the proxy file for expiry too ... */ - - if (stat(common_data.cert, &statbuf) == 0) - common_data.key = common_data.cert; - else - { - common_data.cert = getenv("X509_USER_CERT"); - common_data.key = getenv("X509_USER_KEY"); - - userpasswd = getpwuid(geteuid()); - - if ((common_data.cert == NULL) && - (userpasswd != NULL) && - (userpasswd->pw_dir != NULL)) - asprintf(&(common_data.cert), "%s/.globus/usercert.pem", - userpasswd->pw_dir); - - if ((common_data.key == NULL) && - (userpasswd != NULL) && - (userpasswd->pw_dir != NULL)) - asprintf(&(common_data.key), "%s/.globus/userkey.pem", - userpasswd->pw_dir); - } - } - } - - if (common_data.capath == NULL) common_data.capath = getenv("X509_CERT_DIR"); - - if (common_data.capath == NULL) - common_data.capath = "/etc/grid-security/certificates"; - -#if (LIBCURL_VERSION_NUM < 0x070908) - /* libcurl before 7.9.8 doesnt support CURLOPT_CAPATH and the directory */ - - if ((common_data.capath != NULL) && - (stat(common_data.capath, &statbuf) == 0) && S_ISDIR(statbuf.st_mode)) - { - tmp_ca_roots = make_tmp_ca_roots(common_data.capath); - common_data.capath = tmp_ca_roots; - } -#endif - - executable = rindex(argv[0], '/'); - if (executable != NULL) executable++; - else executable = argv[0]; - - if (common_data.method == 0) /* command-line options override exec name */ - { - if (strcmp(executable,"htls")==0) common_data.method=HTCP_LIST; - else if (strcmp(executable,"htll")==0) common_data.method=HTCP_LONGLIST; - else if (strcmp(executable,"htrm")==0) common_data.method=HTCP_DELETE; - else if (strcmp(executable,"htmkdir")==0) common_data.method=HTCP_MKDIR; - } - - if ((common_data.method == HTCP_DELETE) || - (common_data.method == HTCP_LIST) || - (common_data.method == HTCP_MKDIR) || - (common_data.method == HTCP_LONGLIST)) - { - if (optind >= argc) - { - fprintf(stderr, "Must give at least 1 non-option argument\n\n"); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - - sources = (char **) malloc(sizeof(char *) * (1 + argc - optind)); - for (i=0; i < argc - optind; ++i) - { - sources[i] = argv[optind + i]; - - if ((common_data.method == HTCP_MKDIR) && - (sources[i][strlen(sources[i])-1] != '/')) - { - fprintf(stderr, "Argument \"%s\" is not a " - "directory URL (no trailing /)\n\n", sources[i]); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - } - - sources[i] = NULL; - - if (common_data.method == HTCP_DELETE) - anyerror = do_deletes(sources, &common_data); - else if (common_data.method == HTCP_MKDIR) - anyerror = do_mkdirs(sources, &common_data); - else if (common_data.method == HTCP_LONGLIST) - anyerror = do_listings(sources, &common_data, 1); - else anyerror = do_listings(sources, &common_data, 0); - - if (anyerror > 99) anyerror = CURLE_HTTP_RETURNED_ERROR; - - return anyerror; - } - - if (optind >= argc - 1) - { - fputs("Must give at least 2 non-option arguments\n\n", stderr); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - - sources = (char **) malloc(sizeof(char *) * (argc - optind)); - - for (i=0; i < (argc - optind - 1); ++i) - { - if (strncmp(argv[optind + i], "file:", 5) == 0) - sources[i] = &argv[optind + i][5]; - else sources[i] = argv[optind + i]; - - if (sources[i][0] == '\0') - { - fprintf(stderr, "Source argument %d is empty\n\n", i + 1); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - } - - sources[i] = NULL; - - if (strncmp(argv[optind + i], "file:", 5) == 0) - destination = &argv[optind + i][5]; - else destination = argv[optind + i]; - - if (destination[0] == '\0') - { - fputs("Destination argument is empty\n\n", stderr); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - - if ((argc - optind > 2) && (destination[strlen(destination)-1] != '/')) - { - fputs("For multiple sources, destination " - "must be a directory (end in /)\n\n", stderr); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - - if ((strncmp(destination, "http://", 7) == 0) || - (strncmp(destination, "https://", 8) == 0)) - common_data.method = HTCP_PUT; - else common_data.method = HTCP_GET; - - for (i=0; sources[i] != NULL; ++i) - { - if ((common_data.method == HTCP_PUT) && - ((strncmp(sources[i], "http://", 7) == 0) || - (strncmp(sources[i], "https://", 8) == 0))) - { - fputs("Cannot have both source and destination remote\n\n",stderr); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - - if ((common_data.method == HTCP_GET) && - ((strncmp(sources[i], "http://", 7) != 0) && - (strncmp(sources[i], "https://", 8) != 0))) - { - fputs("Cannot have both source and " - "destination local (for now)\n\n",stderr); - printsyntax(argv[0]); - return CURLE_URL_MALFORMAT; - } - } - - anyerror = do_copies(sources, destination, &common_data); - if (anyerror > 99) anyerror = CURLE_HTTP_RETURNED_ERROR; - - return anyerror; -} diff --git a/org.gridsite.core/src/htproxyput.c b/org.gridsite.core/src/htproxyput.c deleted file mode 100644 index 834bea2..0000000 --- a/org.gridsite.core/src/htproxyput.c +++ /dev/null @@ -1,565 +0,0 @@ -/* - Copyright (c) 2002-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* - -Build with: - -gcc -lcurl -lssl -lcrypto -o grst-proxy-put grst-proxy-put.c libgridsite.a - -http://www.gridpp.ac.uk/authz/gridsite/ - -*/ - -#ifndef VERSION -#define VERSION "0.0.0" -#endif - -#define _GNU_SOURCE - -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -#include -#include -#include - -#include - -#include "gridsite.h" - -#include "soapH.h" -#include "delegation.nsmap" - -#define USE_SOAP 0 -#define USE_G_HTTPS 1 -#define HTPROXY_PUT 0 - -int debugfunction(CURL *curl, curl_infotype type, char *s, size_t n, void *p) -{ - fwrite(s, sizeof(char), n, (FILE *) p); - - return 0; -} - -size_t parsegprheaders(void *ptr, size_t size, size_t nmemb, void *p) -{ - int i; - - if ((size * nmemb > 15) && - (strncmp((char *) ptr, "Delegation-ID: ", 15) == 0)) - { - *((char **) p) = malloc( size * nmemb - 14 ); - - memcpy(*((char **) p), &(((char *) ptr)[15]), size * nmemb - 15); - - for (i=0; i < size * nmemb - 15; ++i) - if (((*((char **) p))[i] == '\n') || ((*((char **) p))[i] == '\r')) - { - (*((char **) p))[i] = '\0'; /* drop trailing newline */ - break; - } - - (*((char **) p))[size * nmemb - 15] = '\0'; - } - - return size * nmemb; -} - -struct gprparams { char *req; size_t len; } ; - -size_t storegprbody(void *ptr, size_t size, size_t nmemb, void *p) -{ - ((struct gprparams *) p)->req = realloc( ((struct gprparams *) p)->req, - ((struct gprparams *) p)->len + size * nmemb + 1); - - memcpy( &((((struct gprparams *) p)->req)[((struct gprparams *) p)->len]), - ptr, size * nmemb); - - ((struct gprparams *) p)->len += size * nmemb; - - return size * nmemb; -} - -int GRSTgetProxyReq(CURL *curl, FILE *debugfp, char *delegid, char **reqtxt, - char *requrl, char *cert, char *key) -{ - char *delheader; - struct curl_slist *headerlist = NULL; - CURLcode res; - struct gprparams params; - - params.req = NULL; - params.len = 0; - - curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *) ¶ms); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, storegprbody); - - curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(curl, CURLOPT_SSLCERT, cert); - - curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM"); - curl_easy_setopt(curl, CURLOPT_SSLKEY, key); - curl_easy_setopt(curl, CURLOPT_SSLKEYPASSWD, NULL); - -// curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, parsegprheaders); -// curl_easy_setopt(curl, CURLOPT_WRITEHEADER, (void *) delegid); - - curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/grid-security/certificates/"); - - curl_easy_setopt(curl, CURLOPT_URL, requrl); - curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "GET-PROXY-REQ"); - - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER,0); - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST,0); - - asprintf(&delheader, "Delegation-ID: %s", delegid); - headerlist = curl_slist_append(headerlist, delheader); - curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); - - if (debugfp != NULL) - { - curl_easy_setopt(curl, CURLOPT_VERBOSE, 1); - curl_easy_setopt(curl, CURLOPT_DEBUGDATA, debugfp); - curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, debugfunction); - } - - res = curl_easy_perform(curl); - - if (params.req != NULL) - { - params.req[params.len] = '\0'; - *reqtxt = params.req; - } - else *reqtxt = NULL; - - return (int) res; -} - -struct ppcparams{ char *cert; size_t len; }; - -size_t getppcbody(void *ptr, size_t size, size_t nmemb, void *p) -{ - size_t i; - - if (((struct ppcparams *) p)->len == 0) return 0; - - if (size * nmemb < ((struct ppcparams *) p)->len) i = size * nmemb; - else i = ((struct ppcparams *) p)->len; - - memcpy(ptr, ((struct ppcparams *) p)->cert, i); - - ((struct ppcparams *) p)->len -= i; - ((struct ppcparams *) p)->cert = &((((struct ppcparams *) p)->cert)[i+1]); - - return i; -} - -int GRSTputProxyCerts(CURL *curl, FILE *debugfp, char *delegid, char *certtxt, - char *requrl, char *cert, char *key) -{ - CURLcode res; - char *delheader; - long httpcode; - struct curl_slist *headerlist = NULL; - struct ppcparams params; - - params.cert = certtxt; - params.len = strlen(certtxt); - - curl_easy_setopt(curl, CURLOPT_READDATA, ¶ms); - curl_easy_setopt(curl, CURLOPT_READFUNCTION, getppcbody); - curl_easy_setopt(curl, CURLOPT_INFILESIZE, strlen(certtxt)); - curl_easy_setopt(curl, CURLOPT_UPLOAD, 1); - - curl_easy_setopt(curl, CURLOPT_NOBODY, 1); - - curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(curl, CURLOPT_SSLCERT, cert); - - curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM"); - curl_easy_setopt(curl, CURLOPT_SSLKEY, key); -// curl_easy_setopt(curl, CURLOPT_SSLKEYPASSWD, NULL); - - curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/grid-security/certificates/"); - - curl_easy_setopt(curl, CURLOPT_URL, requrl); - curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "PUT-PROXY-CERT"); - - headerlist = curl_slist_append(headerlist, - "Content-Type: application/x-x509-user-cert-chain"); - - asprintf(&delheader, "Delegation-ID: %s", delegid); - headerlist = curl_slist_append(headerlist, delheader); - curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); - -curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); -curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); - - if (debugfp != NULL) - { - curl_easy_setopt(curl, CURLOPT_VERBOSE, 1); - curl_easy_setopt(curl, CURLOPT_DEBUGDATA, debugfp); - curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, debugfunction); - } - - res = curl_easy_perform(curl); - - curl_easy_getinfo(curl, CURLINFO_HTTP_CODE, &httpcode); - - curl_slist_free_all(headerlist); - - free(delheader); - - return (int) res; -} - - -#if (LIBCURL_VERSION_NUM < 0x070908) -char *make_tmp_ca_roots(char *dir) -/* libcurl before 7.9.8 doesnt support CURLOPT_CAPATH and the directory, - so we make a temporary file with the concatenated CA root certs: that - is, all the files in that directory which end in .0 */ -{ - int ofd, ifd, c; - size_t size; - char tmp_ca_roots[] = "/tmp/.ca-roots-XXXXXX", buffer[4096], *s; - DIR *rootsDIR; - struct dirent *root_ent; - - if ((rootsDIR = opendir(dir)) == NULL) return NULL; - - if ((ofd = mkstemp(tmp_ca_roots)) == -1) - { - closedir(rootsDIR); - return NULL; - } - - while ((root_ent = readdir(rootsDIR)) != NULL) - { - if ((root_ent->d_name[0] != '.') && - (strlen(root_ent->d_name) > 2) && - (strncmp(&(root_ent->d_name[strlen(root_ent->d_name)-2]), - ".0", 2) == 0)) - { - asprintf(&s, "%s/%s", dir, root_ent->d_name); - ifd = open(s, O_RDONLY); - free(s); - - if (ifd != -1) - { - while ((size = read(ifd, buffer, sizeof(buffer))) > 0) - write(ofd, buffer, size); - - close(ifd); - } - } - } - - closedir(rootsDIR); - - if (close(ofd) == 0) return strdup(tmp_ca_roots); - - unlink(tmp_ca_roots); /* try to clean up if errors */ - - return NULL; -} -#endif - -void printsyntax(char *argv0) -{ - char *p; - - p = rindex(argv0, '/'); - if (p != NULL) ++p; - else p = argv0; - - fprintf(stderr, "%s [options] URL\n" - "(Version: %s)\n", p, VERSION); -} - -int main(int argc, char *argv[]) -{ - char *delegation_id = "", *reqtxt, *certtxt, *valid = NULL, - *cert = NULL, *key = NULL, *capath = NULL, *keycert; - struct ns__putProxyResponse *unused; - int option_index, c, protocol = USE_SOAP, noverify = 0, - method = HTPROXY_PUT, verbose = 0, fd, minutes; - struct soap soap_get, soap_put; - FILE *ifp, *ofp; - struct stat statbuf; - struct passwd *userpasswd; - struct option long_options[] = { {"verbose", 0, 0, 'v'}, - {"cert", 1, 0, 0}, - {"key", 1, 0, 0}, - {"capath", 1, 0, 0}, - {"soap", 0, 0, 0}, - {"g-https", 0, 0, 0}, - {"no-verify", 0, 0, 0}, - {"valid", 1, 0, 0}, - {"delegation-id",1, 0, 0}, - {"put", 0, 0, 0}, - {0, 0, 0, 0} }; - CURL *curl; - - if (argc == 1) - { - printsyntax(argv[0]); - return 0; - } - - while (1) - { - option_index = 0; - - c = getopt_long(argc, argv, "v", long_options, &option_index); - - if (c == -1) break; - else if (c == 0) - { - if (option_index == 1) cert = optarg; - else if (option_index == 2) key = optarg; - else if (option_index == 3) capath = optarg; - else if (option_index == 4) protocol = USE_SOAP; - else if (option_index == 5) protocol = USE_G_HTTPS; - else if (option_index == 6) noverify = 1; - else if (option_index == 7) valid = optarg; - else if (option_index == 8) delegation_id = optarg; - else if (option_index == 9) method = HTPROXY_PUT; - } - else if (c == 'v') ++verbose; - } - - if (optind + 1 != argc) - { - fprintf(stderr, "Must specify a target URL!\n"); - return 1; - } - - if (valid == NULL) minutes = 60 * 12; - else minutes = atoi(valid); - - if (verbose) fprintf(stderr, "Proxy valid for %d minutes\n", minutes); - - ERR_load_crypto_strings (); - OpenSSL_add_all_algorithms(); - - if ((cert == NULL) && (key != NULL)) cert = key; - else if ((cert != NULL) && (key == NULL)) key = cert; - else if ((cert == NULL) && (key == NULL)) - { - cert = getenv("X509_USER_PROXY"); - if (cert != NULL) key = cert; - else - { - asprintf(&(cert), "/tmp/x509up_u%d", geteuid()); - - /* one fine day, we will check the proxy file for - expiry too to avoid suprises when we try to use it ... */ - - if (stat(cert, &statbuf) == 0) key = cert; - else - { - cert = getenv("X509_USER_CERT"); - key = getenv("X509_USER_KEY"); - - userpasswd = getpwuid(geteuid()); - - if ((cert == NULL) && - (userpasswd != NULL) && - (userpasswd->pw_dir != NULL)) - asprintf(&(cert), "%s/.globus/usercert.pem", - userpasswd->pw_dir); - - if ((key == NULL) && - (userpasswd != NULL) && - (userpasswd->pw_dir != NULL)) - asprintf(&(key), "%s/.globus/userkey.pem", - userpasswd->pw_dir); - - } - } - } - - if (capath == NULL) capath = getenv("X509_CERT_DIR"); - if (capath == NULL) capath = "/etc/grid-security/certificates"; - - if (verbose) fprintf(stderr, "key=%s\ncert=%s\ncapath=%s\n", - key, cert, capath); - -#if (LIBCURL_VERSION_NUM < 0x070908) - /* libcurl before 7.9.8 doesnt support CURLOPT_CAPATH and the directory */ - - if ((capath != NULL) && - (stat(capath, &statbuf) == 0) && S_ISDIR(statbuf.st_mode)) - { - tmp_ca_roots = make_tmp_ca_roots(capath); - capath = tmp_ca_roots; - } -#endif - - if (protocol == USE_G_HTTPS) - { - if (verbose) fprintf(stderr, "Using G-HTTPS delegation protocol\n"); - - if (verbose) fprintf(stderr, "Delegation-ID: %s\n", delegation_id); - - curl_global_init(CURL_GLOBAL_DEFAULT); - curl = curl_easy_init(); - -// curl_easy_setopt(curl, CURLOPT_SSLKEYPASSWD, NULL); - - GRSTgetProxyReq(curl, stderr, delegation_id, &reqtxt, - argv[optind], cert, key); - - if (GRSTx509MakeProxyCert(&certtxt, stderr, reqtxt, cert, key, minutes) - != GRST_RET_OK) - { - return 1; - } - - GRSTputProxyCerts(curl, stderr, delegation_id, certtxt, - argv[optind], cert, key); - - curl_easy_cleanup(curl); - curl_global_cleanup(); - - return 0; - } - else if (protocol == USE_SOAP) - { - if (strcmp(key, cert) != 0) /* we have to concatenate for gSOAP */ - { - keycert = strdup("/tmp/XXXXXX"); - - fd = mkstemp(keycert); - ofp = fdopen(fd, "w"); - - ifp = fopen(key, "r"); - while ((c = fgetc(ifp)) != EOF) fputc(c, ofp); - fclose(ifp); - - ifp = fopen(cert, "r"); - while ((c = fgetc(ifp)) != EOF) fputc(c, ofp); - fclose(ifp); - - fclose(ofp); - - if (verbose) fprintf(stderr, "Created %s key/cert file\n", keycert); - } - else keycert = key; - - if (verbose) - { - fprintf(stderr, "Using SOAP delegation protocol\n"); - fprintf(stderr, "Delegation-ID: %s\n", delegation_id); - fprintf(stderr, "Send getProxyReq to service\n"); - } - - soap_init(&soap_get); - - if (soap_ssl_client_context(&soap_get, - SOAP_SSL_DEFAULT, - keycert, - "", - NULL, - capath, - NULL)) - { - soap_print_fault(&soap_get, stderr); - return 1; - } - - soap_call_ns__getProxyReq(&soap_get, - argv[optind], /* HTTPS url of service */ - "", /* no password on proxy */ - delegation_id, - &reqtxt); - - if (soap_get.error) - { - soap_print_fault(&soap_get, stderr); - return 1; - } - - if (verbose) fprintf(stderr, "reqtxt:\n%s", reqtxt); - - if (GRSTx509MakeProxyCert(&certtxt, stderr, reqtxt, cert, key, minutes) - != GRST_RET_OK) - { - return 1; - } - - soap_init(&soap_put); - - if (verbose) fprintf(stderr, "Send putProxy to service:\n%s\n", certtxt); - - if (soap_ssl_client_context(&soap_put, - SOAP_SSL_DEFAULT, - keycert, - "", - NULL, - capath, - NULL)) - { - soap_print_fault(&soap_put, stderr); - return 1; - } - - soap_call_ns__putProxy(&soap_put, argv[optind], "", delegation_id, - certtxt, unused); - if (soap_put.error) - { - soap_print_fault(&soap_put, stderr); - return 1; - } - - return 0; - } - - /* weirdness */ -} - diff --git a/org.gridsite.core/src/mod_gridsite.c b/org.gridsite.core/src/mod_gridsite.c deleted file mode 100644 index 450640f..0000000 --- a/org.gridsite.core/src/mod_gridsite.c +++ /dev/null @@ -1,2544 +0,0 @@ -/* - Copyright (c) 2003-5, Andrew McNab and Shiv Kaushal, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/*------------------------------------------------------------------* - * This program is part of GridSite: http://www.gridsite.org/ * - *------------------------------------------------------------------*/ - -#ifndef VERSION -#define VERSION "x.x.x" -#endif - -#ifndef _GNU_SOURCE -#define _GNU_SOURCE -#endif - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - - -#include "mod_ssl-private.h" - -#include "gridsite.h" - -#ifndef UNSET -#define UNSET -1 -#endif - -module AP_MODULE_DECLARE_DATA gridsite_module; - -typedef struct -{ - int auth; - int envs; - int format; - int indexes; - char *indexheader; - int gridsitelink; - char *adminfile; - char *adminuri; - char *helpuri; - char *dnlists; - char *dnlistsuri; - char *adminlist; - int gsiproxylimit; - char *unzip; - char *methods; - char *editable; - char *headfile; - char *footfile; - int downgrade; - char *authcookiesdir; - int soap2cgi; - char *aclformat; - char *execmethod; - ap_unix_identity_t execugid; - apr_fileperms_t diskmode; -} mod_gridsite_cfg; /* per-directory config choices */ - - -typedef struct -{ - xmlDocPtr doc; -// char *outbuffer; -} soap2cgi_ctx; /* store per-request context for Soap2cgi in/out filters */ - -static const char Soap2cgiFilterName[]="Soap2cgiFilter"; - -static void mod_gridsite_soap2cgi_insert(request_rec *r) -{ - mod_gridsite_cfg *conf; - soap2cgi_ctx *ctx; - - conf = (mod_gridsite_cfg *) ap_get_module_config(r->per_dir_config, - &gridsite_module); - - if (conf->soap2cgi) - { - ctx = (soap2cgi_ctx *) malloc(sizeof(soap2cgi_ctx)); - ctx->doc = NULL; - - ap_add_output_filter(Soap2cgiFilterName, ctx, r, r->connection); - - ap_add_input_filter(Soap2cgiFilterName, NULL, r, r->connection); - } -} - -xmlNodePtr find_one_child(xmlNodePtr parent_node, char *name) -{ - xmlNodePtr cur; - - for (cur = parent_node->children; cur != NULL; cur = cur->next) - { - if ((cur->type == XML_ELEMENT_NODE) && - (strcmp(cur->name, name) == 0)) return cur; - } - - return NULL; -} - -int add_one_node(xmlDocPtr doc, char *line) -{ - char *p, *name, *aftername, *attrname = NULL, *value = NULL; - xmlNodePtr cur, cur_child; - - cur = xmlDocGetRootElement(doc); - - p = index(line, '='); - if (p == NULL) return 1; - - *p = '\0'; - value = &p[1]; - - name = line; - - while (1) /* go through each .-deliminated segment of line[] */ - { - if ((p = index(name, '.')) != NULL) - { - *p = '\0'; - aftername = &p[1]; - } - else aftername = &name[strlen(name)]; - - if ((p = index(name, '_')) != NULL) - { - *p = '\0'; - attrname = &p[1]; - } - - cur_child = find_one_child(cur, name); - - if (cur_child == NULL) - cur_child = xmlNewChild(cur, NULL, name, NULL); - - cur = cur_child; - - name = aftername; - - if (attrname != NULL) - { - xmlSetProp(cur, attrname, value); - return 0; - } - - if (*name == '\0') - { - xmlNodeSetContent(cur, value); - return 0; - } - } -} - -static apr_status_t mod_gridsite_soap2cgi_out(ap_filter_t *f, - apr_bucket_brigade *bbIn) -{ - char *p, *name, *outbuffer; - request_rec *r = f->r; - conn_rec *c = r->connection; - apr_bucket *bucketIn, *pbktEOS; - apr_bucket_brigade *bbOut; - - const char *data; - apr_size_t len; - char *buf; - apr_size_t n; - apr_bucket *pbktOut; - - soap2cgi_ctx *ctx; - xmlNodePtr root_node = NULL; - xmlBufferPtr buff; - - ctx = (soap2cgi_ctx *) f->ctx; - -// LIBXML_TEST_VERSION; - - bbOut = apr_brigade_create(r->pool, c->bucket_alloc); - - if (ctx->doc == NULL) - { - ctx->doc = xmlNewDoc("1.0"); - - root_node = xmlNewNode(NULL, "Envelope"); - xmlDocSetRootElement(ctx->doc, root_node); - - xmlNewChild(root_node, NULL, "Header", NULL); - xmlNewChild(root_node, NULL, "Body", NULL); - } - - apr_brigade_pflatten(bbIn, &outbuffer, &len, r->pool); - - /* split up buffer and feed each line to add_one_node() */ - - name = outbuffer; - - while (*name != '\0') - { - p = index(name, '\n'); - if (p != NULL) - { - *p = '\0'; - ++p; - } - else p = &name[strlen(name)]; /* point to final NUL */ - - add_one_node(ctx->doc, name); - - name = p; - } - - APR_BRIGADE_FOREACH(bucketIn, bbIn) - { - if (APR_BUCKET_IS_EOS(bucketIn)) - { - /* write out XML tree we have built */ - - buff = xmlBufferCreate(); - xmlNodeDump(buff, ctx->doc, root_node, 0, 0); - -// TODO: simplify/reduce number of copies or libxml vs APR buffers? - - buf = (char *) xmlBufferContent(buff); - - pbktOut = apr_bucket_heap_create(buf, strlen(buf), NULL, - c->bucket_alloc); - - APR_BRIGADE_INSERT_TAIL(bbOut, pbktOut); - - xmlBufferFree(buff); - - pbktEOS = apr_bucket_eos_create(c->bucket_alloc); - APR_BRIGADE_INSERT_TAIL(bbOut, pbktEOS); - - continue; - } - } - - return ap_pass_brigade(f->next, bbOut); -} - -static apr_status_t mod_gridsite_soap2cgi_in(ap_filter_t *f, - apr_bucket_brigade *pbbOut, - ap_input_mode_t eMode, - apr_read_type_e eBlock, - apr_off_t nBytes) -{ - request_rec *r = f->r; - conn_rec *c = r->connection; -// CaseFilterInContext *pCtx; - apr_status_t ret; - -#ifdef NEVERDEFINED - - ret = ap_get_brigade(f->next, pCtx->pbbTmp, eMode, eBlock, nBytes); - - if (!(pCtx = f->ctx)) { - f->ctx = pCtx = apr_palloc(r->pool, sizeof *pCtx); - pCtx->pbbTmp = apr_brigade_create(r->pool, c->bucket_alloc); - } - - if (APR_BRIGADE_EMPTY(pCtx->pbbTmp)) { - ret = ap_get_brigade(f->next, pCtx->pbbTmp, eMode, eBlock, nBytes); - - if (eMode == AP_MODE_EATCRLF || ret != APR_SUCCESS) - return ret; - } - - while(!APR_BRIGADE_EMPTY(pCtx->pbbTmp)) { - apr_bucket *pbktIn = APR_BRIGADE_FIRST(pCtx->pbbTmp); - apr_bucket *pbktOut; - const char *data; - apr_size_t len; - char *buf; - int n; - - /* It is tempting to do this... - * APR_BUCKET_REMOVE(pB); - * APR_BRIGADE_INSERT_TAIL(pbbOut,pB); - * and change the case of the bucket data, but that would be wrong - * for a file or socket buffer, for example... - */ - - if(APR_BUCKET_IS_EOS(pbktIn)) { - APR_BUCKET_REMOVE(pbktIn); - APR_BRIGADE_INSERT_TAIL(pbbOut, pbktIn); - break; - } - - ret=apr_bucket_read(pbktIn, &data, &len, eBlock); - if(ret != APR_SUCCESS) - return ret; - - buf = malloc(len); - for(n=0 ; n < len ; ++n) - buf[n] = apr_toupper(data[n]); - - pbktOut = apr_bucket_heap_create(buf, len, 0, c->bucket_alloc); - APR_BRIGADE_INSERT_TAIL(pbbOut, pbktOut); - apr_bucket_delete(pbktIn); - } -#endif - - return APR_SUCCESS; -} - -char *make_admin_footer(request_rec *r, mod_gridsite_cfg *conf, - int isdirectory) -/* - make string holding last modified text and admin links -*/ -{ - char *out, *https, *p, *dn = NULL, *file = NULL, *permstr = NULL, - *temp, modified[99], *dir_uri, *grst_cred_0 = NULL; - GRSTgaclPerm perm = GRST_PERM_NONE; - struct tm mtime_tm; - time_t mtime_time; - - https = (char *) apr_table_get(r->subprocess_env, "HTTPS"); - - dir_uri = apr_pstrdup(r->pool, r->uri); - p = rindex(dir_uri, '/'); - - if (p == NULL) return ""; - - file = apr_pstrdup(r->pool, &p[1]); - p[1] = '\0'; - /* dir_uri always gets both a leading and a trailing slash */ - - out = apr_pstrdup(r->pool, "

\n"); - - if (!isdirectory) - { - mtime_time = apr_time_sec(r->finfo.mtime); - - localtime_r(&mtime_time, &mtime_tm); - strftime(modified, sizeof(modified), - "%a %e %B %Y", &mtime_tm); - temp = apr_psprintf(r->pool,"

Last modified %s\n", modified); - out = apr_pstrcat(r->pool, out, temp, NULL); - - if ((conf->adminuri != NULL) && - (conf->adminuri[0] != '\0') && - (conf->adminfile != NULL) && - (conf->adminfile[0] != '\0') && - (strncmp(file, GRST_HIST_PREFIX, sizeof(GRST_HIST_PREFIX)-1) != 0)) - { - temp = apr_psprintf(r->pool, - ". " - "View page history\n", - conf->adminfile, file); - out = apr_pstrcat(r->pool, out, temp, NULL); - } - - out = apr_pstrcat(r->pool, out, "", NULL); - } - - out = apr_pstrcat(r->pool, out, "
", NULL); - - if (r->connection->notes != NULL) - grst_cred_0 = (char *) - apr_table_get(r->connection->notes, "GRST_CRED_0"); - - if ((grst_cred_0 != NULL) && - (strncmp(grst_cred_0, "X509USER ", sizeof("X509USER")) == 0)) - { - p = index(grst_cred_0, ' '); - if (p != NULL) - { - p = index(++p, ' '); - if (p != NULL) - { - p = index(++p, ' '); - if (p != NULL) - { - p = index(++p, ' '); - if (p != NULL) dn = p; - } - } - } - } - - if (dn != NULL) - { - temp = apr_psprintf(r->pool, "You are %s
\n", dn); - out = apr_pstrcat(r->pool, out, temp, NULL); - - if (r->notes != NULL) - permstr = (char *) apr_table_get(r->notes, "GRST_PERM"); - - if ((permstr != NULL) && - (conf->adminuri != NULL) && - (conf->adminuri[0] != '\0') && - (conf->adminfile != NULL) && - (conf->adminfile[0] != '\0')) - { - sscanf(permstr, "%d", &perm); - - if (!isdirectory && - GRSTgaclPermHasWrite(perm) && - (strncmp(file, GRST_HIST_PREFIX, - sizeof(GRST_HIST_PREFIX) - 1) != 0)) - { - temp = apr_psprintf(r->pool, - "" - "Edit page .\n", conf->adminfile, file); - out = apr_pstrcat(r->pool, out, temp, NULL); - } - - if (GRSTgaclPermHasList(perm) || GRSTgaclPermHasWrite(perm)) - { - temp = apr_psprintf(r->pool, - "Manage directory .\n", - dir_uri, conf->adminfile); - - out = apr_pstrcat(r->pool, out, temp, NULL); - } - } - } - - if ((https != NULL) && (strcasecmp(https, "on") == 0)) - temp = apr_psprintf(r->pool, - "Switch to HTTP \n", - r->server->server_hostname, r->unparsed_uri); - else temp = apr_psprintf(r->pool, - "Switch to HTTPS \n", - r->server->server_hostname, r->unparsed_uri); - - out = apr_pstrcat(r->pool, out, temp, NULL); - - if ((conf->helpuri != NULL) && (conf->helpuri[0] != '\0')) - { - temp = apr_psprintf(r->pool, - ". Website Help\n", conf->helpuri); - out = apr_pstrcat(r->pool, out, temp, NULL); - } - - if ((!isdirectory) && - (conf->adminuri != NULL) && - (conf->adminuri[0] != '\0') && - (conf->adminfile != NULL) && - (conf->adminfile[0] != '\0')) - { - temp = apr_psprintf(r->pool, ". " - "Print View\n", conf->adminfile, file); - out = apr_pstrcat(r->pool, out, temp, NULL); - } - - if (conf->gridsitelink) - { - temp = apr_psprintf(r->pool, - ". Built with " - "GridSite %s\n", VERSION); - out = apr_pstrcat(r->pool, out, temp, NULL); - } - - out = apr_pstrcat(r->pool, out, "\n\n", NULL); - - return out; -} - -int html_format(request_rec *r, mod_gridsite_cfg *conf) -/* - try to do GridSite formatting of .html files (NOT .shtml etc) -*/ -{ - int i, fd, errstatus; - char *buf, *p, *file, *s, *head_formatted, *header_formatted, - *body_formatted, *admin_formatted, *footer_formatted; - size_t length; - struct stat statbuf; - apr_file_t *fp; - - if (r->finfo.filetype == APR_NOFILE) return HTTP_NOT_FOUND; - - if (apr_file_open(&fp, r->filename, APR_READ, 0, r->pool) != 0) - return HTTP_INTERNAL_SERVER_ERROR; - - file = rindex(r->uri, '/'); - if (file != NULL) ++file; /* file points to name without path */ - - buf = apr_palloc(r->pool, (size_t)(r->finfo.size + 1)); - length = r->finfo.size; - apr_file_read(fp, buf, &length); - buf[r->finfo.size] = '\0'; - apr_file_close(fp); - - /* **** try to find a header file in this or parent directories **** */ - - /* first make a buffer big enough to hold path names we want to try */ - fd = -1; - s = malloc(strlen(r->filename) + strlen(conf->headfile) + 1); - strcpy(s, r->filename); - - for (;;) - { - p = rindex(s, '/'); - if (p == NULL) break; /* failed to find one */ - p[1] = '\0'; - strcat(p, conf->headfile); - - fd = open(s, O_RDONLY); - if (fd != -1) break; /* found one */ - - *p = '\0'; - } - - free(s); - - if (fd == -1) /* not found, so set up not to output one */ - { - head_formatted = apr_pstrdup(r->pool, ""); - header_formatted = apr_pstrdup(r->pool, ""); - body_formatted = buf; - } - else /* found a header file, so set up head and body to surround it */ - { - fstat(fd, &statbuf); - header_formatted = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, header_formatted, statbuf.st_size); - header_formatted[statbuf.st_size] = '\0'; - close(fd); - - p = strstr(buf, "pool, ""); - body_formatted = buf; - } - else - { - *p = '\0'; - head_formatted = buf; - ++p; - - while ((*p != '>') && (*p != '\0')) ++p; - - if (*p == '\0') - { - body_formatted = p; - } - else - { - *p = '\0'; - ++p; - body_formatted = p; - } - } - } - - /* **** remove closing tag from body **** */ - - p = strstr(body_formatted, "filename) + strlen(conf->footfile)); - strcpy(s, r->filename); - - for (;;) - { - p = rindex(s, '/'); - if (p == NULL) break; /* failed to find one */ - - p[1] = '\0'; - strcat(p, conf->footfile); - - fd = open(s, O_RDONLY); - if (fd != -1) break; /* found one */ - - *p = '\0'; - } - - free(s); - - if (fd == -1) /* failed to find a footer, so set up empty default */ - { - footer_formatted = apr_pstrdup(r->pool, ""); - } - else /* found a footer, so set up to use it */ - { - fstat(fd, &statbuf); - footer_formatted = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, footer_formatted, statbuf.st_size); - footer_formatted[statbuf.st_size] = '\0'; - close(fd); - } - - /* **** can now calculate the Content-Length and output headers **** */ - - length = strlen(head_formatted) + strlen(header_formatted) + - strlen(body_formatted) + strlen(admin_formatted) + - strlen(footer_formatted); - - ap_set_content_length(r, length); - ap_set_content_type(r, "text/html"); - - /* ** output the HTTP body (HTML Head+Body) ** */ - - ap_rputs(head_formatted, r); - ap_rputs(header_formatted, r); - ap_rputs(body_formatted, r); - ap_rputs(admin_formatted, r); - ap_rputs(footer_formatted, r); - - return OK; -} - -int html_dir_list(request_rec *r, mod_gridsite_cfg *conf) -/* - output HTML directory listing, with level of formatting controlled - by GridSiteHtmlFormat/conf->format -*/ -{ - int i, fd, n; - char *buf, *p, *s, *head_formatted, *header_formatted, - *body_formatted, *admin_formatted, *footer_formatted, *temp, - modified[99], *d_namepath, *indexheaderpath, *indexheadertext; - size_t length; - struct stat statbuf; - struct tm mtime_tm; - struct dirent **namelist; - - if (r->finfo.filetype == APR_NOFILE) return HTTP_NOT_FOUND; - - head_formatted = apr_psprintf(r->pool, - "Directory listing %s\n", r->uri); - - if (conf->format) - { - /* **** try to find a header file in this or parent directories **** */ - - /* first make a buffer big enough to hold path names we want to try */ - fd = -1; - s = malloc(strlen(r->filename) + strlen(conf->headfile) + 1); - strcpy(s, r->filename); - - for (;;) - { - p = rindex(s, '/'); - if (p == NULL) break; /* failed to find one */ - p[1] = '\0'; - strcat(p, conf->headfile); - - fd = open(s, O_RDONLY); - if (fd != -1) break; /* found one */ - - *p = '\0'; - } - - free(s); - - if (fd == -1) /* not found, so set up to output sensible default */ - { - header_formatted = apr_pstrdup(r->pool, ""); - } - else /* found a header file, so set up head and body to surround it */ - { - fstat(fd, &statbuf); - header_formatted = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, header_formatted, statbuf.st_size); - header_formatted[statbuf.st_size] = '\0'; - close(fd); - } - } - else header_formatted = apr_pstrdup(r->pool, ""); - - body_formatted = apr_psprintf(r->pool, - "

Directory listing %s

\n", r->uri); - - if (conf->indexheader != NULL) - { - indexheaderpath = apr_psprintf(r->pool, "%s/%s", r->filename, - conf->indexheader); - fd = open(indexheaderpath, O_RDONLY); - if (fd != -1) - { - fstat(fd, &statbuf); - indexheadertext = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, indexheadertext, statbuf.st_size); - indexheadertext[statbuf.st_size] = '\0'; - close(fd); - - body_formatted = apr_pstrcat(r->pool, body_formatted, - indexheadertext, NULL); - } - } - - body_formatted = apr_pstrcat(r->pool, body_formatted, "

\n", NULL); - - if (r->unparsed_uri[1] != '\0') - body_formatted = apr_pstrcat(r->pool, body_formatted, - "\n", - NULL); - - n = scandir(r->filename, &namelist, 0, versionsort); - while (n--) - { - if ((namelist[n]->d_name[0] != '.') && - ((conf->indexheader == NULL) || - (strcmp(conf->indexheader, namelist[n]->d_name) != 0))) - { - d_namepath = apr_psprintf(r->pool, "%s/%s", r->filename, - namelist[n]->d_name); - stat(d_namepath, &statbuf); - - localtime_r(&(statbuf.st_mtime), &mtime_tm); - strftime(modified, sizeof(modified), - "", - &mtime_tm); - - if (S_ISDIR(statbuf.st_mode)) - temp = apr_psprintf(r->pool, - "" - "%s\n", - namelist[n]->d_name, statbuf.st_size, statbuf.st_mtime, - namelist[n]->d_name, - statbuf.st_size, modified); - else temp = apr_psprintf(r->pool, - "" - "%s\n", - namelist[n]->d_name, statbuf.st_size, statbuf.st_mtime, - namelist[n]->d_name, - statbuf.st_size, modified); - - body_formatted = apr_pstrcat(r->pool,body_formatted,temp,NULL); - } - - free(namelist[n]); - } - - free(namelist); - - body_formatted = apr_pstrcat(r->pool, body_formatted, "
[Parent directory]
%R%e %b %y
" - "%s/%ld
" - "%s%ld
\n", NULL); - - if (conf->format) - { - /* **** set up dynamic part of footer to go at end of body **** */ - - admin_formatted = make_admin_footer(r, conf, TRUE); - - /* **** try to find a footer file in this or parent directories **** */ - - /* first make a buffer big enough to hold path names we want to try */ - fd = -1; - s = malloc(strlen(r->filename) + strlen(conf->footfile)); - strcpy(s, r->filename); - - for (;;) - { - p = rindex(s, '/'); - if (p == NULL) break; /* failed to find one */ - - p[1] = '\0'; - strcat(p, conf->footfile); - - fd = open(s, O_RDONLY); - if (fd != -1) break; /* found one */ - - *p = '\0'; - } - - free(s); - - if (fd == -1) /* failed to find a footer, so use standard default */ - { - footer_formatted = apr_pstrdup(r->pool, ""); - } - else /* found a footer, so set up to use it */ - { - fstat(fd, &statbuf); - footer_formatted = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, footer_formatted, statbuf.st_size); - footer_formatted[statbuf.st_size] = '\0'; - close(fd); - } - } - else - { - admin_formatted = apr_pstrdup(r->pool, ""); - footer_formatted = apr_pstrdup(r->pool, ""); - } - - /* **** can now calculate the Content-Length and output headers **** */ - - length = strlen(head_formatted) + strlen(header_formatted) + - strlen(body_formatted) + strlen(admin_formatted) + - strlen(footer_formatted); - - ap_set_content_length(r, length); - ap_set_content_type(r, "text/html"); - - /* ** output the HTTP body (HTML Head+Body) ** */ - - ap_rputs(head_formatted, r); - ap_rputs(header_formatted, r); - ap_rputs(body_formatted, r); - ap_rputs(admin_formatted, r); - ap_rputs(footer_formatted, r); - - return OK; -} - -int http_downgrade(request_rec *r, mod_gridsite_cfg *conf) -{ - int i; - char *httpurl, *filetemplate, *cookievalue, *envname_i, - *grst_cred_i, expires_str[APR_RFC822_DATE_LEN]; - apr_uint64_t gridauthcookie; - apr_table_t *env; - apr_time_t expires_time; - apr_file_t *fp; - - /* create random cookie and gridauthcookie file */ - - if (apr_generate_random_bytes((char *) &gridauthcookie, - sizeof(gridauthcookie)) - != APR_SUCCESS) return HTTP_INTERNAL_SERVER_ERROR; - - filetemplate = apr_psprintf(r->pool, "%s/%016llxXXXXXX", - ap_server_root_relative(r->pool, - conf->authcookiesdir), - gridauthcookie); - - if (apr_file_mktemp(&fp, - filetemplate, - APR_CREATE | APR_WRITE | APR_EXCL, - r->pool) - != APR_SUCCESS) return HTTP_INTERNAL_SERVER_ERROR; - - expires_time = apr_time_now() + apr_time_from_sec(300); - /* onetime cookies are valid for only 5 mins! */ - - apr_file_printf(fp, "expires=%lu\ndomain=%s\npath=%s\nonetime=yes\n", - (time_t) apr_time_sec(expires_time), r->hostname, r->uri); - - for (i=0; ; ++i) - { - envname_i = apr_psprintf(r->pool, "GRST_CRED_%d", i); - if (grst_cred_i = (char *) - apr_table_get(r->connection->notes, envname_i)) - { - apr_file_printf(fp, "%s=%s\n", envname_i, grst_cred_i); - } - else break; /* GRST_CRED_i are numbered consecutively */ - } - - if (apr_file_close(fp) != APR_SUCCESS) - { - apr_file_remove(filetemplate, r->pool); /* try to clean up */ - return HTTP_INTERNAL_SERVER_ERROR; - } - - /* send redirection header back to client */ - - cookievalue = rindex(filetemplate, '/'); - if (cookievalue != NULL) ++cookievalue; - else cookievalue = filetemplate; - - apr_rfc822_date(expires_str, expires_time); - - apr_table_add(r->headers_out, - apr_pstrdup(r->pool, "Set-Cookie"), - apr_psprintf(r->pool, - "GRID_AUTH_ONETIME=%s; " - "expires=%s; " - "domain=%s; " - "path=%s", - cookievalue, expires_str, r->hostname, r->uri)); - - httpurl = apr_pstrcat(r->pool, "http://", r->hostname, - ap_escape_uri(r->pool, r->uri), NULL); - apr_table_setn(r->headers_out, apr_pstrdup(r->pool, "Location"), httpurl); - - r->status = HTTP_MOVED_TEMPORARILY; - return OK; -} - -int http_put_method(request_rec *r, mod_gridsite_cfg *conf) -{ - char buf[2048]; - size_t length; - int retcode; - apr_file_t *fp; - - /* *** check if directory creation: PUT /.../ *** */ - - if ((r->unparsed_uri != NULL) && - (r->unparsed_uri[0] != '\0') && - (r->unparsed_uri[strlen(r->unparsed_uri) - 1] == '/')) - { - if (apr_dir_make(r->filename, - conf->diskmode - | APR_UEXECUTE | APR_GEXECUTE | APR_WEXECUTE, - r->pool) != 0) return HTTP_INTERNAL_SERVER_ERROR; - - /* we force the permissions, rather than accept any existing ones */ - - apr_file_perms_set(r->filename, conf->diskmode - | APR_UEXECUTE | APR_GEXECUTE | APR_WEXECUTE); - - ap_set_content_length(r, 0); - ap_set_content_type(r, "text/html"); - return OK; - } - - /* *** otherwise assume trying to create a regular file *** */ - - if (apr_file_open(&fp, r->filename, APR_WRITE | APR_CREATE | APR_BUFFERED, - conf->diskmode, r->pool) != 0) return HTTP_INTERNAL_SERVER_ERROR; - - /* we force the permissions, rather than accept any existing ones */ - - apr_file_perms_set(r->filename, conf->diskmode); - -// TODO: need to add Range: support at some point too - - retcode = ap_setup_client_block(r, REQUEST_CHUNKED_DECHUNK); - if (retcode == OK) - { - if (ap_should_client_block(r)) - while ((length = ap_get_client_block(r, buf, sizeof(buf))) > 0) - if (apr_file_write(fp, buf, &length) != 0) - { - retcode = HTTP_INTERNAL_SERVER_ERROR; - break; - } - - ap_set_content_length(r, 0); - ap_set_content_type(r, "text/html"); - } - - if (apr_file_close(fp) != 0) return HTTP_INTERNAL_SERVER_ERROR; - - return retcode; -} - -int http_delete_method(request_rec *r, mod_gridsite_cfg *conf) -{ - if (remove(r->filename) != 0) return HTTP_FORBIDDEN; - - ap_set_content_length(r, 0); - ap_set_content_type(r, "text/html"); - - return OK; -} - -static int mod_gridsite_dir_handler(request_rec *r, mod_gridsite_cfg *conf) -/* - handler switch for directories -*/ -{ - /* *** is this a write method? only possible if GridSiteAuth on *** */ - - if (conf->auth) - { - if ((r->method_number == M_PUT) && - (conf->methods != NULL) && - (strstr(conf->methods, " PUT " ) != NULL)) - return http_put_method(r, conf); - - if ((r->method_number == M_DELETE) && - (conf->methods != NULL) && - (strstr(conf->methods, " DELETE ") != NULL)) - return http_delete_method(r, conf); - } - - /* *** directory listing? *** */ - - if ((r->method_number == M_GET) && (conf->indexes)) - return html_dir_list(r, conf); /* directory listing */ - - return DECLINED; /* *** nothing to see here, move along *** */ -} - -static int mod_gridsite_nondir_handler(request_rec *r, mod_gridsite_cfg *conf) -/* - one big handler switch for everything other than directories, since we - might be responding to MIME * / * for local PUT, MOVE, COPY and DELETE, - and GET inside ghost directories. -*/ -{ - char *downgradesize; - apr_off_t numericsize; - - /* *** is this a write method or HTTP downgrade? - only possible if GridSiteAuth on *** */ - - if (conf->auth) - { - if ((conf->downgrade) && - ((downgradesize = (char *) apr_table_get(r->headers_in, - "HTTP-Downgrade-Size")) != NULL) && - ((numericsize = (apr_off_t) atoll(downgradesize)) >= 0) && - -// TODO: what if we're pointing at a CGI or some dynamic content??? - (((r->method_number == M_GET) && (r->finfo.size >= numericsize)) - || (r->method_number == M_PUT)) && - - (strcasecmp(apr_table_get(r->subprocess_env, "HTTPS"), "on") == 0)) - return http_downgrade(r, conf); - - if ((r->method_number == M_PUT) && - (conf->methods != NULL) && - (strstr(conf->methods, " PUT " ) != NULL)) - return http_put_method(r, conf); - - if ((r->method_number == M_DELETE) && - (conf->methods != NULL) && - (strstr(conf->methods, " DELETE ") != NULL)) - return http_delete_method(r, conf); - } - - /* *** check if a special ghost admin CGI *** */ - - if (conf->adminfile && conf->adminuri && - (strlen(r->filename) > strlen(conf->adminfile) + 1) && - (strcmp(&(r->filename[strlen(r->filename) - strlen(conf->adminfile)]), - conf->adminfile) == 0) && - (r->filename[strlen(r->filename)-strlen(conf->adminfile)-1] == '/') && - ((r->method_number == M_POST) || - (r->method_number == M_GET))) - { - ap_internal_redirect(conf->adminuri, r); - return OK; - } - - /* *** finally look for .html files that we should format *** */ - - if ((conf->format) && /* conf->format set by GridSiteHtmlFormat on */ - (strlen(r->filename) > 5) && - (strcmp(&(r->filename[strlen(r->filename)-5]), ".html") == 0) && - (r->method_number == M_GET)) return html_format(r, conf); - - return DECLINED; /* *** nothing to see here, move along *** */ -} - -static void recurse4dirlist(char *dirname, time_t *dirs_time, - char *fulluri, int fullurilen, - char *encfulluri, int enclen, - apr_pool_t *pool, char **body, - int recurse_level) -/* try to find DN Lists in dir[] and its subdirs that match the fulluri[] - prefix. add blobs of HTML to body as they are found. */ -{ - char *unencname, modified[99], *oneline, *d_namepath; - DIR *oneDIR; - struct dirent *onedirent; - struct tm mtime_tm; - size_t length; - struct stat statbuf; - - if ((stat(dirname, &statbuf) != 0) || - (!S_ISDIR(statbuf.st_mode)) || - ((oneDIR = opendir(dirname)) == NULL)) return; - - if (statbuf.st_mtime > *dirs_time) *dirs_time = statbuf.st_mtime; - - while ((onedirent = readdir(oneDIR)) != NULL) - { - if (onedirent->d_name[0] == '.') continue; - - d_namepath = apr_psprintf(pool, "%s/%s", dirname, onedirent->d_name); - if (stat(d_namepath, &statbuf) != 0) continue; - - if (S_ISDIR(statbuf.st_mode) && (recurse_level < GRST_RECURS_LIMIT)) - recurse4dirlist(d_namepath, dirs_time, fulluri, - fullurilen, encfulluri, enclen, - pool, body, recurse_level + 1); - else if ((strncmp(onedirent->d_name, encfulluri, enclen) == 0) && - (onedirent->d_name[strlen(onedirent->d_name) - 1] != '~')) - { - unencname = GRSThttpUrlDecode(onedirent->d_name); - - if (strncmp(unencname, fulluri, fullurilen) == 0) - { - - if (statbuf.st_mtime > *dirs_time) - *dirs_time = statbuf.st_mtime; - - localtime_r(&(statbuf.st_mtime), &mtime_tm); - strftime(modified, sizeof(modified), - "%R%e %b %y", - &mtime_tm); - - oneline = apr_psprintf(pool, - "" - "%s" - "%ld%s\n", - &unencname[fullurilen], statbuf.st_size, - statbuf.st_mtime, unencname, - statbuf.st_size, modified); - - *body = apr_pstrcat(pool, *body, oneline, NULL); - } - - free(unencname); /* libgridsite doesnt use pools */ - } - } - - closedir(oneDIR); -} - -static int mod_gridsite_dnlistsuri_dir_handler(request_rec *r, - mod_gridsite_cfg *conf) -/* - virtual DN-list file lister: make all DN lists on the dn-lists - path of this server appear to be in the dn-lists directory itself - (ie where they appear in the DN lists path doesnt matter, as long - as their name matches) -*/ -{ - int enclen, fullurilen, fd; - char *fulluri, *encfulluri, *dn_list_ptr, *dirname, *unencname, - *body, *oneline, *p, *s, - *head_formatted, *header_formatted, *footer_formatted, - *permstr = NULL; - struct stat statbuf; - size_t length; - time_t dirs_time = 0; - GRSTgaclPerm perm = GRST_PERM_NONE; - - if (r->notes != NULL) - permstr = (char *) apr_table_get(r->notes, "GRST_PERM"); - - if (permstr != NULL) sscanf(permstr, "%d", &perm); - - fulluri = apr_psprintf(r->pool, "https://%s%s", - ap_get_server_name(r), conf->dnlistsuri); - fullurilen = strlen(fulluri); - - encfulluri = GRSThttpUrlEncode(fulluri); - enclen = strlen(encfulluri); - - if (conf->dnlists != NULL) p = conf->dnlists; - else p = getenv("GRST_DN_LISTS"); - - if (p == NULL) p = GRST_DN_LISTS; - dn_list_ptr = apr_pstrdup(r->pool, p); - - head_formatted = apr_psprintf(r->pool, - "Directory listing %s\n", r->uri); - - if (conf->format) - { - /* **** try to find a header file in this or parent directories **** */ - - /* first make a buffer big enough to hold path names we want to try */ - fd = -1; - s = malloc(strlen(r->filename) + strlen(conf->headfile) + 1); - strcpy(s, r->filename); - - for (;;) - { - p = rindex(s, '/'); - if (p == NULL) break; /* failed to find one */ - p[1] = '\0'; - strcat(p, conf->headfile); - - fd = open(s, O_RDONLY); - if (fd != -1) break; /* found one */ - - *p = '\0'; - } - - free(s); - - if (fd == -1) /* not found, so set up to output sensible default */ - { - header_formatted = apr_pstrdup(r->pool, ""); - } - else /* found a header file, so set up head and body to surround it */ - { - fstat(fd, &statbuf); - header_formatted = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, header_formatted, statbuf.st_size); - header_formatted[statbuf.st_size] = '\0'; - close(fd); - } - } - else header_formatted = apr_pstrdup(r->pool, ""); - - body = apr_psprintf(r->pool, - "

Directory listing %s

\n", r->uri); - - if ((r->uri)[1] != '\0') - body = apr_pstrcat(r->pool, body, - "\n", - NULL); - - while ((dirname = strsep(&dn_list_ptr, ":")) != NULL) - recurse4dirlist(dirname, &dirs_time, fulluri, fullurilen, - encfulluri, enclen, r->pool, &body, 0); - - if ((stat(r->filename, &statbuf) == 0) && - S_ISDIR(statbuf.st_mode) && - GRSTgaclPermHasWrite(perm)) - { - oneline = apr_psprintf(r->pool, - "\n" - "" - "\n", - r->uri, conf->adminfile); - - body = apr_pstrcat(r->pool, body, oneline, NULL); - } - - body = apr_pstrcat(r->pool, body, "
[Parent directory]
\n", NULL); - - free(encfulluri); /* libgridsite doesnt use pools */ - - if (conf->format) - { - /* **** try to find a footer file in this or parent directories **** */ - - /* first make a buffer big enough to hold path names we want to try */ - fd = -1; - s = malloc(strlen(r->filename) + strlen(conf->footfile)); - strcpy(s, r->filename); - - for (;;) - { - p = rindex(s, '/'); - if (p == NULL) break; /* failed to find one */ - - p[1] = '\0'; - strcat(p, conf->footfile); - - fd = open(s, O_RDONLY); - if (fd != -1) break; /* found one */ - - *p = '\0'; - } - - free(s); - - if (fd == -1) /* failed to find a footer, so use standard default */ - { - footer_formatted = apr_pstrdup(r->pool, ""); - } - else /* found a footer, so set up to use it */ - { - fstat(fd, &statbuf); - footer_formatted = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, footer_formatted, statbuf.st_size); - footer_formatted[statbuf.st_size] = '\0'; - close(fd); - } - } - else footer_formatted = apr_pstrdup(r->pool, ""); - - /* **** can now calculate the Content-Length and output headers **** */ - - length = strlen(head_formatted) + strlen(header_formatted) + - strlen(body) + strlen(footer_formatted); - - ap_set_content_length(r, length); - r->mtime = apr_time_from_sec(dirs_time); - ap_set_last_modified(r); - ap_set_content_type(r, "text/html"); - - /* ** output the HTTP body (HTML Head+Body) ** */ - ap_rputs(head_formatted, r); - ap_rputs(header_formatted, r); - ap_rputs(body, r); - ap_rputs(footer_formatted, r); - - return OK; -} - -static char *recurse4file(char *dir, char *file, apr_pool_t *pool, - int recurse_level) -/* try to find file[] in dir[]. try subdirs if not found. - return full path to first found version or NULL on failure */ -{ - char *fullfilename, *fulldirname; - struct stat statbuf; - DIR *dirDIR; - struct dirent *file_ent; - - /* try to find in current directory */ - - fullfilename = apr_psprintf(pool, "%s/%s", dir, file); - - if (stat(fullfilename, &statbuf) == 0) return fullfilename; - - /* maybe search in subdirectories */ - - if (recurse_level >= GRST_RECURS_LIMIT) return NULL; - - dirDIR = opendir(dir); - - if (dirDIR == NULL) return NULL; - - while ((file_ent = readdir(dirDIR)) != NULL) - { - if (file_ent->d_name[0] == '.') continue; - - fulldirname = apr_psprintf(pool, "%s/%s", dir, file_ent->d_name); - if ((stat(fulldirname, &statbuf) == 0) && - S_ISDIR(statbuf.st_mode) && - ((fullfilename = recurse4file(fulldirname, file, - pool, recurse_level + 1)) != NULL)) - { - closedir(dirDIR); - return fullfilename; - } - } - - closedir(dirDIR); - - return NULL; -} - -static int mod_gridsite_dnlistsuri_handler(request_rec *r, - mod_gridsite_cfg *conf) -/* - virtual DN-list file generator -*/ -{ - int fd; - char *fulluri, *encfulluri, *dn_list_ptr, *filename, *dirname, *p, - *buf; - struct stat statbuf; - - /* *** check if a special ghost admin CGI *** */ - - if (conf->adminfile && conf->adminuri && - (strlen(r->filename) > strlen(conf->adminfile) + 1) && - (strcmp(&(r->filename[strlen(r->filename) - strlen(conf->adminfile)]), - conf->adminfile) == 0) && - (r->filename[strlen(r->filename)-strlen(conf->adminfile)-1] == '/') && - ((r->method_number == M_POST) || - (r->method_number == M_GET))) - { - ap_internal_redirect(conf->adminuri, r); - return OK; - } - - fulluri = apr_psprintf(r->pool, "https://%s%s", - ap_get_server_name(r), r->uri); - - encfulluri = GRSThttpUrlEncode(fulluri); - - if (conf->dnlists != NULL) p = conf->dnlists; - else p = getenv("GRST_DN_LISTS"); - - if (p == NULL) p = GRST_DN_LISTS; - dn_list_ptr = apr_pstrdup(r->pool, p); - - while ((dirname = strsep(&dn_list_ptr, ":")) != NULL) - { - filename = recurse4file(dirname, encfulluri, r->pool, 0); - - if (filename == NULL) continue; - - fd = open(filename, O_RDONLY); - - if (fd == -1) continue; - - fstat(fd, &statbuf); - ap_set_content_length(r, (apr_off_t) statbuf.st_size); - r->mtime = apr_time_from_sec(statbuf.st_mtime); - ap_set_content_type(r, "text/plain"); - ap_set_last_modified(r); - - buf = apr_palloc(r->pool, statbuf.st_size + 1); - read(fd, buf, statbuf.st_size); - buf[statbuf.st_size] = '\0'; - - ap_rputs(buf, r); - - close(fd); - - return OK; - } - - return HTTP_NOT_FOUND; -} - -static void *create_gridsite_dir_config(apr_pool_t *p, char *path) -{ - mod_gridsite_cfg *conf = apr_palloc(p, sizeof(*conf)); - - if (path == NULL) /* set up server defaults */ - { - conf->auth = 0; /* GridSiteAuth on/off */ - conf->envs = 1; /* GridSiteEnvs on/off */ - conf->format = 0; /* GridSiteHtmlFormat on/off */ - conf->indexes = 0; /* GridSiteIndexes on/off */ - conf->indexheader = NULL; /* GridSiteIndexHeader File-value */ - conf->gridsitelink = 1; /* GridSiteLink on/off */ - conf->adminfile = apr_pstrdup(p, GRST_ADMIN_FILE); - /* GridSiteAdminFile File-value */ - conf->adminuri = NULL; /* GridSiteAdminURI URI-value */ - conf->helpuri = NULL; /* GridSiteHelpURI URI-value */ - conf->dnlists = NULL; /* GridSiteDNlists Search-path */ - conf->dnlistsuri = NULL; /* GridSiteDNlistsURI URI-value */ - conf->adminlist = NULL; /* GridSiteAdminList URI-value */ - conf->gsiproxylimit = 1; /* GridSiteGSIProxyLimit number */ - conf->unzip = NULL; /* GridSiteUnzip file-path */ - - conf->methods = apr_pstrdup(p, " GET "); - /* GridSiteMethods methods */ - - conf->editable = apr_pstrdup(p, " txt shtml html htm css js php jsp "); - /* GridSiteEditable types */ - - conf->headfile = apr_pstrdup(p, GRST_HEADFILE); - conf->footfile = apr_pstrdup(p, GRST_FOOTFILE); - /* GridSiteHeadFile and GridSiteFootFile file name */ - - conf->downgrade = 0; /* GridSiteDowngrade on/off */ - conf->authcookiesdir = apr_pstrdup(p, "gridauthcookies"); - /* GridSiteAuthCookiesDir dir-path */ - conf->soap2cgi = 0; /* GridSiteSoap2cgi on/off */ - conf->aclformat = apr_pstrdup(p, "GACL"); - /* GridSiteACLFormat gacl/xacml */ - conf->execmethod = NULL; - /* GridSiteExecMethod nosetuid/suexec/X509DN/directory */ - - conf->execugid.uid = 0; /* GridSiteUserGroup User Group */ - conf->execugid.gid = 0; /* ditto */ - conf->execugid.userdir = 0; /* ditto */ - - conf->diskmode = APR_UREAD | APR_UWRITE; - /* GridSiteDiskMode group-mode world-mode - GroupNone | GroupRead | GroupWrite WorldNone | WorldRead */ - } - else - { - conf->auth = UNSET; /* GridSiteAuth on/off */ - conf->envs = UNSET; /* GridSiteEnvs on/off */ - conf->format = UNSET; /* GridSiteHtmlFormat on/off */ - conf->indexes = UNSET; /* GridSiteIndexes on/off */ - conf->indexheader = NULL; /* GridSiteIndexHeader File-value */ - conf->gridsitelink = UNSET; /* GridSiteLink on/off */ - conf->adminfile = NULL; /* GridSiteAdminFile File-value */ - conf->adminuri = NULL; /* GridSiteAdminURI URI-value */ - conf->helpuri = NULL; /* GridSiteHelpURI URI-value */ - conf->dnlists = NULL; /* GridSiteDNlists Search-path */ - conf->dnlistsuri = NULL; /* GridSiteDNlistsURI URI-value */ - conf->adminlist = NULL; /* GridSiteAdminList URI-value */ - conf->gsiproxylimit = UNSET; /* GridSiteGSIProxyLimit number */ - conf->unzip = NULL; /* GridSiteUnzip file-path */ - conf->methods = NULL; /* GridSiteMethods methods */ - conf->editable = NULL; /* GridSiteEditable types */ - conf->headfile = NULL; /* GridSiteHeadFile file name */ - conf->footfile = NULL; /* GridSiteFootFile file name */ - conf->downgrade = UNSET; /* GridSiteDowngrade on/off */ - conf->authcookiesdir= NULL; /* GridSiteAuthCookiesDir dir-path */ - conf->soap2cgi = UNSET; /* GridSiteSoap2cgi on/off */ - conf->aclformat = NULL; /* GridSiteACLFormat gacl/xacml */ - conf->execmethod = NULL; /* GridSiteExecMethod */ - conf->execugid.uid = UNSET; /* GridSiteUserGroup User Group */ - conf->execugid.gid = UNSET; /* ditto */ - conf->execugid.userdir = UNSET; /* ditto */ - conf->diskmode = UNSET; /* GridSiteDiskMode group world */ - } - - return conf; -} - -static void *merge_gridsite_dir_config(apr_pool_t *p, void *vserver, - void *vdirect) -/* merge directory with server-wide directory configs */ -{ - mod_gridsite_cfg *conf, *server, *direct; - - server = (mod_gridsite_cfg *) vserver; - direct = (mod_gridsite_cfg *) vdirect; - conf = apr_palloc(p, sizeof(*conf)); - - if (direct->auth != UNSET) conf->auth = direct->auth; - else conf->auth = server->auth; - - if (direct->envs != UNSET) conf->envs = direct->envs; - else conf->envs = server->envs; - - if (direct->format != UNSET) conf->format = direct->format; - else conf->format = server->format; - - if (direct->indexes != UNSET) conf->indexes = direct->indexes; - else conf->indexes = server->indexes; - - if (direct->gridsitelink != UNSET) conf->gridsitelink=direct->gridsitelink; - else conf->gridsitelink=server->gridsitelink; - - if (direct->indexheader != NULL) conf->indexheader = direct->indexheader; - else conf->indexheader = server->indexheader; - - if (direct->adminfile != NULL) conf->adminfile = direct->adminfile; - else conf->adminfile = server->adminfile; - - if (direct->adminuri != NULL) conf->adminuri = direct->adminuri; - else conf->adminuri = server->adminuri; - - if (direct->helpuri != NULL) conf->helpuri = direct->helpuri; - else conf->helpuri = server->helpuri; - - if (direct->dnlists != NULL) conf->dnlists = direct->dnlists; - else conf->dnlists = server->dnlists; - - if (direct->dnlistsuri != NULL) conf->dnlistsuri = direct->dnlistsuri; - else conf->dnlistsuri = server->dnlistsuri; - - if (direct->adminlist != NULL) conf->adminlist = direct->adminlist; - else conf->adminlist = server->adminlist; - - if (direct->gsiproxylimit != UNSET) - conf->gsiproxylimit = direct->gsiproxylimit; - else conf->gsiproxylimit = server->gsiproxylimit; - - if (direct->unzip != NULL) conf->unzip = direct->unzip; - else conf->unzip = server->unzip; - - if (direct->methods != NULL) conf->methods = direct->methods; - else conf->methods = server->methods; - - if (direct->editable != NULL) conf->editable = direct->editable; - else conf->editable = server->editable; - - if (direct->headfile != NULL) conf->headfile = direct->headfile; - else conf->headfile = server->headfile; - - if (direct->footfile != NULL) conf->footfile = direct->footfile; - else conf->footfile = server->footfile; - - if (direct->downgrade != UNSET) conf->downgrade = direct->downgrade; - else conf->downgrade = server->downgrade; - - if (direct->authcookiesdir != NULL) - conf->authcookiesdir = direct->authcookiesdir; - else conf->authcookiesdir = server->authcookiesdir; - - if (direct->soap2cgi != UNSET) conf->soap2cgi = direct->soap2cgi; - else conf->soap2cgi = server->soap2cgi; - - if (direct->aclformat != NULL) conf->aclformat = direct->aclformat; - else conf->aclformat = server->aclformat; - - if (direct->execmethod != NULL) conf->execmethod = direct->execmethod; - else conf->execmethod = server->execmethod; - - if (direct->execugid.uid != UNSET) - { conf->execugid.uid = direct->execugid.uid; - conf->execugid.gid = direct->execugid.gid; - conf->execugid.userdir = direct->execugid.userdir; } - else - { conf->execugid.uid = server->execugid.uid; - conf->execugid.gid = server->execugid.gid; - conf->execugid.userdir = server->execugid.userdir; } - - if (direct->diskmode != UNSET) conf->diskmode = direct->diskmode; - else conf->diskmode = server->diskmode; - - return conf; -} - -static const char *mod_gridsite_take1_cmds(cmd_parms *a, void *cfg, - const char *parm) -{ - int n; - char *p; - - if (strcasecmp(a->cmd->name, "GridSiteAdminFile") == 0) - { - if (index(parm, '/') != NULL) - return "/ not permitted in GridSiteAdminFile"; - - ((mod_gridsite_cfg *) cfg)->adminfile = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteAdminURI") == 0) - { - if (*parm != '/') return "GridSiteAdminURI must begin with /"; - - ((mod_gridsite_cfg *) cfg)->adminuri = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteHelpURI") == 0) - { - if (*parm != '/') return "GridSiteHelpURI must begin with /"; - - ((mod_gridsite_cfg *) cfg)->helpuri = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteDNlists") == 0) - { - ((mod_gridsite_cfg *) cfg)->dnlists = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteDNlistsURI") == 0) - { - if (*parm != '/') return "GridSiteDNlistsURI must begin with /"; - - if ((*parm != '\0') && (parm[strlen(parm) - 1] == '/')) - ((mod_gridsite_cfg *) cfg)->dnlistsuri = - apr_pstrdup(a->pool, parm); - else - ((mod_gridsite_cfg *) cfg)->dnlistsuri = - apr_pstrcat(a->pool, parm, "/", NULL); - } - else if (strcasecmp(a->cmd->name, "GridSiteAdminList") == 0) - { - ((mod_gridsite_cfg *) cfg)->adminlist = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteGSIProxyLimit") == 0) - { - n = -1; - - if ((sscanf(parm, "%d", &n) == 1) && (n >= 0)) - ((mod_gridsite_cfg *) cfg)->gsiproxylimit = n; - else return "GridSiteGSIProxyLimit must be a number >= 0"; - } - else if (strcasecmp(a->cmd->name, "GridSiteUnzip") == 0) - { - if (*parm != '/') return "GridSiteUnzip must begin with /"; - - ((mod_gridsite_cfg *) cfg)->unzip = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteMethods") == 0) - { - ((mod_gridsite_cfg *) cfg)->methods = - apr_psprintf(a->pool, " %s ", parm); - - for (p = ((mod_gridsite_cfg *) cfg)->methods; - *p != '\0'; - ++p) if (*p == '\t') *p = ' '; - } - else if (strcasecmp(a->cmd->name, "GridSiteEditable") == 0) - { - ((mod_gridsite_cfg *) cfg)->editable = - apr_psprintf(a->pool, " %s ", parm); - - for (p = ((mod_gridsite_cfg *) cfg)->editable; - *p != '\0'; - ++p) if (*p == '\t') *p = ' '; - } - else if (strcasecmp(a->cmd->name, "GridSiteHeadFile") == 0) - { - ((mod_gridsite_cfg *) cfg)->headfile = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteFootFile") == 0) - { - ((mod_gridsite_cfg *) cfg)->footfile = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteIndexHeader") == 0) - { - if (index(parm, '/') != NULL) - return "/ not permitted in GridSiteIndexHeader"; - - ((mod_gridsite_cfg *) cfg)->indexheader = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteAuthCookiesDir") == 0) - { - if (index(parm, '/') != NULL) - return "/ not permitted in GridSiteAuthCookiesDir"; - - ((mod_gridsite_cfg *) cfg)->authcookiesdir = - apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteACLFormat") == 0) - { - if ((strcasecmp(parm,"GACL") != 0) && - (strcasecmp(parm,"XACML") != 0)) - return "GridsiteACLFormat must be either GACL or XACML"; - - ((mod_gridsite_cfg *) cfg)->aclformat = apr_pstrdup(a->pool, parm); - } - else if (strcasecmp(a->cmd->name, "GridSiteExecMethod") == 0) - { - if (strcasecmp(parm, "nosetuid") == 0) - { - ((mod_gridsite_cfg *) cfg)->execmethod = NULL; - return NULL; - } - - if ((strcasecmp(parm, "suexec") != 0) && - (strcasecmp(parm, "X509DN") != 0) && - (strcasecmp(parm, "directory") != 0)) - return "GridsiteExecMethod must be nosetuid, suexec, X509DN or directory"; - - ((mod_gridsite_cfg *) cfg)->execmethod = apr_pstrdup(a->pool, parm); - } - - return NULL; -} - -static const char *mod_gridsite_take2_cmds(cmd_parms *a, void *cfg, - const char *parm1, const char *parm2) -{ - if (strcasecmp(a->cmd->name, "GridSiteUserGroup") == 0) - { - if (!(unixd_config.suexec_enabled)) - return "Using GridSiteUserGroup will " - "require rebuilding Apache with suexec support!"; - - /* NB ap_uname2id/ap_gname2id are NOT thread safe - but OK - as long as not used in .htaccess, just at server start time */ - - ((mod_gridsite_cfg *) cfg)->execugid.uid = ap_uname2id(parm1); - ((mod_gridsite_cfg *) cfg)->execugid.gid = ap_gname2id(parm2); - ((mod_gridsite_cfg *) cfg)->execugid.userdir = 0; - } - else if (strcasecmp(a->cmd->name, "GridSiteDiskMode") == 0) - { - if ((strcasecmp(parm1, "GroupNone" ) != 0) && - (strcasecmp(parm1, "GroupRead" ) != 0) && - (strcasecmp(parm1, "GroupWrite") != 0)) - return "First parameter of GridSiteDiskMode must be " - "GroupNone, GroupRead or GroupWrite!"; - - if ((strcasecmp(parm2, "WorldNone" ) != 0) && - (strcasecmp(parm2, "WorldRead" ) != 0)) - return "Second parameter of GridSiteDiskMode must be " - "WorldNone or WorldRead!"; - - ((mod_gridsite_cfg *) cfg)->diskmode = - APR_UREAD | APR_UWRITE - | ( APR_GREAD * (strcasecmp(parm1, "GroupRead") == 0)) - | ((APR_GREAD | APR_GWRITE) * (strcasecmp(parm1, "GroupWrite") == 0)) - | ((APR_GREAD | APR_WREAD) * (strcasecmp(parm2, "WorldRead") == 0)); - } - - return NULL; -} - -static const char *mod_gridsite_flag_cmds(cmd_parms *a, void *cfg, - int flag) -{ - if (strcasecmp(a->cmd->name, "GridSiteAuth") == 0) - { - ((mod_gridsite_cfg *) cfg)->auth = flag; - } - else if (strcasecmp(a->cmd->name, "GridSiteEnvs") == 0) - { - ((mod_gridsite_cfg *) cfg)->envs = flag; - } - else if (strcasecmp(a->cmd->name, "GridSiteHtmlFormat") == 0) - { - ((mod_gridsite_cfg *) cfg)->format = flag; - } - else if (strcasecmp(a->cmd->name, "GridSiteIndexes") == 0) - { - ((mod_gridsite_cfg *) cfg)->indexes = flag; - } - else if (strcasecmp(a->cmd->name, "GridSiteLink") == 0) - { - ((mod_gridsite_cfg *) cfg)->gridsitelink = flag; - } - else if (strcasecmp(a->cmd->name, "GridSiteDowngrade") == 0) - { -// TODO: return error if try this on non-HTTPS virtual server - - ((mod_gridsite_cfg *) cfg)->downgrade = flag; - } - else if (strcasecmp(a->cmd->name, "GridSiteSoap2cgi") == 0) - { - ((mod_gridsite_cfg *) cfg)->soap2cgi = flag; - } - - return NULL; -} - -static const command_rec mod_gridsite_cmds[] = -{ -// TODO: need to check and document valid contexts for each command! - - AP_INIT_FLAG("GridSiteAuth", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - AP_INIT_FLAG("GridSiteEnvs", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - AP_INIT_FLAG("GridSiteHtmlFormat", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - AP_INIT_FLAG("GridSiteIndexes", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - AP_INIT_FLAG("GridSiteLink", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - - AP_INIT_TAKE1("GridSiteAdminFile", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "Ghost per-directory admin CGI"), - AP_INIT_TAKE1("GridSiteAdminURI", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "URI of real gridsite-admin.cgi"), - AP_INIT_TAKE1("GridSiteHelpURI", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "URI of Website Help pages"), - AP_INIT_TAKE1("GridSiteDNlists", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "DN Lists directories search path"), - AP_INIT_TAKE1("GridSiteDNlistsURI", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "URI of published DN lists"), - AP_INIT_TAKE1("GridSiteAdminList", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "URI of admin DN List"), - AP_INIT_TAKE1("GridSiteGSIProxyLimit", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "Max level of GSI proxy validity"), - AP_INIT_TAKE1("GridSiteUnzip", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "Absolute path to unzip command"), - - AP_INIT_RAW_ARGS("GridSiteMethods", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "permitted HTTP methods"), - AP_INIT_RAW_ARGS("GridSiteEditable", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "editable file extensions"), - AP_INIT_TAKE1("GridSiteHeadFile", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "filename of HTML header"), - AP_INIT_TAKE1("GridSiteFootFile", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "filename of HTML footer"), - AP_INIT_TAKE1("GridSiteIndexHeader", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "filename of directory header"), - - AP_INIT_FLAG("GridSiteDowngrade", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - AP_INIT_TAKE1("GridSiteAuthCookiesDir", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "directory with Grid Auth Cookies"), - - AP_INIT_FLAG("GridSiteSoap2cgi", mod_gridsite_flag_cmds, - NULL, OR_FILEINFO, "on or off"), - - AP_INIT_TAKE1("GridSiteACLFormat", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "format to save access control lists in"), - - AP_INIT_TAKE1("GridSiteExecMethod", mod_gridsite_take1_cmds, - NULL, OR_FILEINFO, "execution strategy used by gsexec"), - - AP_INIT_TAKE2("GridSiteUserGroup", mod_gridsite_take2_cmds, - NULL, OR_FILEINFO, - "user and group of gsexec processes in suexec mode"), - - AP_INIT_TAKE2("GridSiteDiskMode", mod_gridsite_take2_cmds, - NULL, OR_FILEINFO, - "group and world file modes for new files/directories"), - - {NULL} -}; - -static int mod_gridsite_first_fixups(request_rec *r) -{ - mod_gridsite_cfg *conf; - - if (r->finfo.filetype != APR_DIR) return DECLINED; - - conf = (mod_gridsite_cfg *) - ap_get_module_config(r->per_dir_config, &gridsite_module); - - /* we handle DN Lists as regular files, even if they also match - directory names */ - - if ((conf != NULL) && - (conf->dnlistsuri != NULL) && - (strncmp(r->uri, conf->dnlistsuri, strlen(conf->dnlistsuri)) == 0) && - (strcmp(r->uri, conf->dnlistsuri) != 0)) - { - r->finfo.filetype = APR_REG; - } - - return DECLINED; -} - -static int mod_gridsite_perm_handler(request_rec *r) -/* - Do authentication/authorization here rather than in the normal module - auth functions since the results of mod_ssl are available. - - We also publish environment variables here if requested by GridSiteEnv. -*/ -{ - int retcode = DECLINED, i, n; - char *dn, *p, envname[14], *grst_cred_0 = NULL, *dir_path, - *remotehost, s[99], *grst_cred_i, *file, *cookies, - *gridauthonetime, *cookiefile, oneline[1025], *key_i; - const char *content_type; - time_t now, notbefore, notafter; - apr_table_t *env; - apr_finfo_t cookiefile_info; - apr_file_t *fp; - GRSTgaclCred *cred = NULL, *cred_0 = NULL; - GRSTgaclUser *user = NULL; - GRSTgaclPerm perm = GRST_PERM_NONE; - GRSTgaclAcl *acl = NULL; - mod_gridsite_cfg *cfg; - - cfg = (mod_gridsite_cfg *) - ap_get_module_config(r->per_dir_config, &gridsite_module); - - if (cfg == NULL) return DECLINED; - - if ((cfg->auth == 0) && - (cfg->envs == 0)) - return DECLINED; /* if not turned on, look invisible */ - - env = r->subprocess_env; - - if ((p = (char *) apr_table_get(r->headers_in, "Cookie")) != NULL) - { - cookies = apr_pstrcat(r->pool, " ", p, NULL); - gridauthonetime = strstr(cookies, " GRID_AUTH_ONETIME="); - - if (gridauthonetime != NULL) - { - for (p = &gridauthonetime[19]; (*p != '\0') && (*p != ';'); ++p) - if (!isalnum(*p)) *p = '_'; - - cookiefile = apr_psprintf(r->pool, "%s/%s", - ap_server_root_relative(r->pool, - cfg->authcookiesdir), - &gridauthonetime[19]); - - if ((apr_stat(&cookiefile_info , cookiefile, - APR_FINFO_TYPE, r->pool) == APR_SUCCESS) && - (cookiefile_info.filetype == APR_REG) && - (apr_file_open(&fp, cookiefile, APR_READ, 0, r->pool) - == APR_SUCCESS)) - { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, - "Open Grid Auth Cookie file %s", cookiefile); - - while (apr_file_gets(oneline, - sizeof(oneline), fp) == APR_SUCCESS) - { - p = index(oneline, '\n'); - if (p != NULL) *p = '\0'; - - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, - "%s: %s", cookiefile, oneline); - - if ((strncmp(oneline, "expires=", 8) == 0) && - (apr_time_from_sec(atoll(&oneline[8])) < - apr_time_now())) - break; - else if ((strncmp(oneline, "domain=", 7) == 0) && - (strcmp(&oneline[7], r->hostname) != 0)) - break; /* exact needed in the version */ - else if ((strncmp(oneline, "path=", 5) == 0) && - (strcmp(&oneline[5], r->uri) != 0)) - break; - else if (strncmp(oneline, "onetime=yes", 11) == 0) - apr_file_remove(cookiefile, r->pool); - else if (strncmp(oneline, "GRST_CRED_", 10) == 0) - { - grst_cred_i = index(oneline, '='); - if (grst_cred_i == NULL) continue; - *grst_cred_i = '\0'; - ++grst_cred_i; - - i = atoi(&oneline[10]); - cred = GRSTx509CompactToCred(grst_cred_i); - - if (cred == NULL) continue; - - if ((i == 0) && (user == NULL)) - { - if (GRSTgaclCredGetDelegation(cred) - <= ((mod_gridsite_cfg *) cfg)->gsiproxylimit) - { - user = GRSTgaclUserNew(cred); - - ap_log_error(APLOG_MARK, APLOG_DEBUG, - 0, r->server, - "Using identity %s from " - "GRID_AUTH_ONETIME", - grst_cred_i); - - if (((mod_gridsite_cfg *) cfg)->envs) - apr_table_setn(env, oneline, grst_cred_i); - } - } - else if ((i > 0) && (user != NULL)) - { - GRSTgaclUserAddCred(user, cred); - - if (((mod_gridsite_cfg *) cfg)->envs) - apr_table_set(env,oneline,grst_cred_i); - } - } - } - - apr_file_close(fp); - } - } - } - - /* do we need/have per-connection (SSL) cred variable(s)? */ - - if ((user == NULL) && - (r->connection->notes != NULL) && - ((grst_cred_0 = (char *) - apr_table_get(r->connection->notes, "GRST_CRED_0")) != NULL)) - { - if (((mod_gridsite_cfg *) cfg)->envs) - apr_table_setn(env, "GRST_CRED_0", grst_cred_0); - - cred_0 = GRSTx509CompactToCred(grst_cred_0); - if ((cred_0 != NULL) && - (GRSTgaclCredGetDelegation(cred_0) - <= ((mod_gridsite_cfg *) cfg)->gsiproxylimit)) - { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, - "Using identity %s from SSL/TLS", grst_cred_0); - - user = GRSTgaclUserNew(cred_0); - - /* check for VOMS GRST_CRED_i too */ - - for (i=1; ; ++i) - { - snprintf(envname, sizeof(envname), "GRST_CRED_%d", i); - if (grst_cred_i = (char *) - apr_table_get(r->connection->notes,envname)) - { - if (((mod_gridsite_cfg *) cfg)->envs) - apr_table_setn(env, - apr_pstrdup(r->pool, envname), - grst_cred_i); - - if (cred = GRSTx509CompactToCred(grst_cred_i)) - GRSTgaclUserAddCred(user, cred); - } - else break; /* GRST_CRED_i are numbered consecutively */ - } - } - } - - if ((user != NULL) && ((mod_gridsite_cfg *) cfg)->dnlists) - GRSTgaclUserSetDNlists(user, ((mod_gridsite_cfg *) cfg)->dnlists); - - /* this checks for NULL arguments itself */ - if (GRSTgaclDNlistHasUser(((mod_gridsite_cfg *) cfg)->adminlist, user)) - perm = GRST_PERM_ALL; - else - { - remotehost = (char *) ap_get_remote_host(r->connection, - r->per_dir_config, REMOTE_DOUBLE_REV, NULL); - if ((remotehost != NULL) && (*remotehost != '\0')) - { - cred = GRSTgaclCredNew("dns"); - GRSTgaclCredAddValue(cred, "hostname", remotehost); - - if (user == NULL) user = GRSTgaclUserNew(cred); - else GRSTgaclUserAddCred(user, cred); - } - - acl = GRSTgaclAclLoadforFile(r->filename); - if (acl != NULL) perm = GRSTgaclAclTestUser(acl, user); - } - - apr_table_setn(r->notes, "GRST_PERM", apr_psprintf(r->pool, "%d", perm)); - - if (((mod_gridsite_cfg *) cfg)->envs) - { - apr_table_setn(env, "GRST_PERM", apr_psprintf(r->pool, "%d", perm)); - - if (((dir_path = apr_pstrdup(r->pool, r->filename)) != NULL) && - ((p = rindex(dir_path, '/')) != NULL)) - { - *p = '\0'; - apr_table_setn(env, "GRST_DIR_PATH", dir_path); - } - - if (((mod_gridsite_cfg *) cfg)->helpuri != NULL) - apr_table_setn(env, "GRST_HELP_URI", - ((mod_gridsite_cfg *) cfg)->helpuri); - - if (((mod_gridsite_cfg *) cfg)->adminfile != NULL) - apr_table_setn(env, "GRST_ADMIN_FILE", - ((mod_gridsite_cfg *) cfg)->adminfile); - - if (((mod_gridsite_cfg *) cfg)->editable != NULL) - apr_table_setn(env, "GRST_EDITABLE", - ((mod_gridsite_cfg *) cfg)->editable); - - if (((mod_gridsite_cfg *) cfg)->headfile != NULL) - apr_table_setn(env, "GRST_HEAD_FILE", - ((mod_gridsite_cfg *) cfg)->headfile); - - if (((mod_gridsite_cfg *) cfg)->footfile != NULL) - apr_table_setn(env, "GRST_FOOT_FILE", - ((mod_gridsite_cfg *) cfg)->footfile); - - if (((mod_gridsite_cfg *) cfg)->dnlists != NULL) - apr_table_setn(env, "GRST_DN_LISTS", - ((mod_gridsite_cfg *) cfg)->dnlists); - - if (((mod_gridsite_cfg *) cfg)->dnlistsuri != NULL) - apr_table_setn(env, "GRST_DN_LISTS_URI", - ((mod_gridsite_cfg *) cfg)->dnlistsuri); - - if (((mod_gridsite_cfg *) cfg)->adminlist != NULL) - apr_table_setn(env, "GRST_ADMIN_LIST", - ((mod_gridsite_cfg *) cfg)->adminlist); - - apr_table_setn(env, "GRST_GSIPROXY_LIMIT", - apr_psprintf(r->pool, "%d", - ((mod_gridsite_cfg *)cfg)->gsiproxylimit)); - - if (((mod_gridsite_cfg *) cfg)->unzip != NULL) - apr_table_setn(env, "GRST_UNZIP", - ((mod_gridsite_cfg *) cfg)->unzip); - - if (!(((mod_gridsite_cfg *) cfg)->gridsitelink)) - apr_table_setn(env, "GRST_NO_LINK", "1"); - - if (((mod_gridsite_cfg *) cfg)->aclformat != NULL) - apr_table_setn(env, "GRST_ACL_FORMAT", - ((mod_gridsite_cfg *) cfg)->aclformat); - - if (((mod_gridsite_cfg *) cfg)->execmethod != NULL) - { - apr_table_setn(env, "GRST_EXEC_METHOD", - ((mod_gridsite_cfg *) cfg)->execmethod); - - if ((strcasecmp(((mod_gridsite_cfg *) cfg)->execmethod, - "directory") == 0) && (r->filename != NULL)) - { - if ((r->content_type != NULL) && - (strcmp(r->content_type, DIR_MAGIC_TYPE) == 0)) - apr_table_setn(env, "GRST_EXEC_DIRECTORY", r->filename); - else - { - file = apr_pstrdup(r->pool, r->filename); - p = rindex(file, '/'); - if (p != NULL) - { - *p = '\0'; - apr_table_setn(env, "GRST_EXEC_DIRECTORY", file); - } - } - } - } - - apr_table_setn(env, "GRST_DISK_MODE", - apr_psprintf(r->pool, "0x%04x", - ((mod_gridsite_cfg *)cfg)->diskmode)); - } - - if (((mod_gridsite_cfg *) cfg)->auth) - { - /* *** Check HTTP method to decide which perm bits to check *** */ - - if (r->filename != NULL) - { - file = rindex(r->filename, '/'); - if (file != NULL) ++file; - else file = r->filename; - } - else file = NULL; - - content_type = r->content_type; - if ((content_type != NULL) && - (strcmp(content_type, DIR_MAGIC_TYPE) == 0) && - (((mod_gridsite_cfg *) cfg)->dnlistsuri != NULL) && - (strncmp(r->uri, - ((mod_gridsite_cfg *) cfg)->dnlistsuri, - strlen(((mod_gridsite_cfg *) cfg)->dnlistsuri)) == 0) && - (strlen(r->uri) > strlen(((mod_gridsite_cfg *) cfg)->dnlistsuri))) - content_type = "text/html"; - - if ( GRSTgaclPermHasNone(perm) || - - /* first two M_GET conditions make the subtle distinction - between .../ that maps to .../index.html (governed by - Read perm) or to dir list (governed by List perm); - third M_GET condition deals with typeless CGI requests */ - - ((r->method_number == M_GET) && - !GRSTgaclPermHasRead(perm) && - (content_type != NULL) && - (strcmp(content_type, DIR_MAGIC_TYPE) != 0)) || - - ((r->method_number == M_GET) && - !GRSTgaclPermHasList(perm) && - (content_type != NULL) && - (strcmp(content_type, DIR_MAGIC_TYPE) == 0)) || - - ((r->method_number == M_GET) && - !GRSTgaclPermHasRead(perm) && - (content_type == NULL)) || - - ((r->method_number == M_POST) && !GRSTgaclPermHasRead(perm) ) || - - (((r->method_number == M_PUT) || (r->method_number == M_DELETE)) && - !GRSTgaclPermHasWrite(perm) && - ((file == NULL) || (strcmp(file, GRST_ACL_FILE) != 0)) ) || - - (((r->method_number == M_PUT) || (r->method_number == M_DELETE)) && - !GRSTgaclPermHasAdmin(perm) && - (file != NULL) && - (strcmp(file, GRST_ACL_FILE) == 0) ) ) retcode = HTTP_FORBIDDEN; - } - - return retcode; -} - -int GRST_X509_check_issued_wrapper(X509_STORE_CTX *ctx,X509 *x,X509 *issuer) -/* We change the default callback to use our wrapper and discard errors - due to GSI proxy chains (ie where users certs act as CAs) */ -{ - int ret; - ret = X509_check_issued(issuer, x); - if (ret == X509_V_OK) - return 1; - - /* Non self-signed certs without signing are ok if they passed - the other checks inside X509_check_issued. Is this enough? */ - if ((ret == X509_V_ERR_KEYUSAGE_NO_CERTSIGN) && - (X509_NAME_cmp(X509_get_subject_name(issuer), - X509_get_subject_name(x)) != 0)) return 1; - - /* If we haven't asked for issuer errors don't set ctx */ - if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK)) return 0; - - ctx->error = ret; - ctx->current_cert = x; - ctx->current_issuer = issuer; - return ctx->verify_cb(0, ctx); -} - -/* Later OpenSSL versions add a second pointer ... */ -int GRST_verify_cert_wrapper(X509_STORE_CTX *ctx, void *p) - -/* Earlier ones have a single argument ... */ -// int GRST_verify_cert_wrapper(X509_STORE_CTX *ctx) - -/* Before 0.9.7 we cannot change the check_issued callback directly in - the X509_STORE, so we must insert it in another callback that gets - called early enough */ -{ - ctx->check_issued = GRST_X509_check_issued_wrapper; - - return X509_verify_cert(ctx); -} - -int GRST_callback_SSLVerify_wrapper(int ok, X509_STORE_CTX *ctx) -{ - SSL *ssl = (SSL *) X509_STORE_CTX_get_app_data(ctx); - conn_rec *conn = (conn_rec *) SSL_get_app_data(ssl); - server_rec *s = conn->base_server; - SSLConnRec *sslconn = - (SSLConnRec *) ap_get_module_config(conn->conn_config, &ssl_module); - int errnum = X509_STORE_CTX_get_error(ctx); - int errdepth = X509_STORE_CTX_get_error_depth(ctx); - int returned_ok; - int first_non_ca; - - /* - * GSI Proxy user-cert-as-CA handling: - * we skip Invalid CA errors at this stage, since we will check this - * again at errdepth=0 for the full chain using GRSTx509CheckChain - */ - if (errnum == X509_V_ERR_INVALID_CA) - { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, - "Skip Invalid CA error in case a GSI Proxy"); - - sslconn->verify_error = NULL; - ok = TRUE; - errnum = X509_V_OK; - X509_STORE_CTX_set_error(ctx, errnum); - } - - /* - * New style GSI Proxy handling, with critical ProxyCertInfo - * extension: we use GRSTx509KnownCriticalExts() to check this - */ -#ifndef X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION -#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 -#endif - if (errnum == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) - { - if (GRSTx509KnownCriticalExts(X509_STORE_CTX_get_current_cert(ctx)) - == GRST_RET_OK) - { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, - "GRSTx509KnownCriticalExts() accepts previously " - "Unhandled Critical Extension (GSI Proxy?)"); - - sslconn->verify_error = NULL; - ok = TRUE; - errnum = X509_V_OK; - X509_STORE_CTX_set_error(ctx, errnum); - } - } - - returned_ok = ssl_callback_SSLVerify(ok, ctx); - - /* in case ssl_callback_SSLVerify changed it */ - errnum = X509_STORE_CTX_get_error(ctx); - - if ((errdepth == 0) && (errnum == X509_V_OK)) - /* - * We've now got the last certificate - the identity being used for - * this connection. At this point we check the whole chain for valid - * CAs or, failing that, GSI-proxy validity using GRSTx509CheckChain. - */ - { - errnum = GRSTx509CheckChain(&first_non_ca, ctx); - - if (errnum != X509_V_OK) - { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Invalid certificate chain reported by " - "GRSTx509CheckChain()"); - - sslconn->verify_error = X509_verify_cert_error_string(errnum); - ok = FALSE; - } - else - { - int i, lastcred; - STACK_OF(X509) *peer_certs; - const int maxcreds = 99; - const size_t credlen = 1024; - char creds[maxcreds][credlen+1], envname[14]; - - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "Valid certificate" - " chain reported by GRSTx509CheckChain()"); - - /* - * Always put result of GRSTx509CompactCreds() into environment - */ - if (peer_certs = (STACK_OF(X509) *) X509_STORE_CTX_get_chain(ctx)) - { - if (GRSTx509CompactCreds(&lastcred, maxcreds, credlen, - (char *) creds, peer_certs, GRST_VOMS_DIR) == GRST_RET_OK) - { - for (i=0; i <= lastcred; ++i) - { - apr_table_setn(conn->notes, - apr_psprintf(conn->pool, "GRST_CRED_%d", i), - apr_pstrdup(conn->pool, creds[i])); - - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, - "store GRST_CRED_%d=%s", i, creds[i]); - } - } - /* free remaining dup'd certs? */ - } - } - } - - return returned_ok; -} - -static int mod_gridsite_server_post_config(apr_pool_t *pPool, - apr_pool_t *pLog, apr_pool_t *pTemp, server_rec *main_server) -{ - SSL_CTX *ctx; - SSLSrvConfigRec *sc; - server_rec *this_server; - - ap_add_version_component(pPool, - apr_psprintf(pPool, "mod_gridsite/%s", VERSION)); - - for (this_server = main_server; - this_server != NULL; - this_server = this_server->next) - { - sc = ap_get_module_config(this_server->module_config, &ssl_module); - - if ((sc != NULL) && - (sc->enabled) && - (sc->server != NULL) && - (sc->server->ssl_ctx != NULL)) - { - ctx = sc->server->ssl_ctx; - - /* in 0.9.7 we could set the issuer-checking callback directly */ -// ctx->cert_store->check_issued = GRST_X509_check_issued_wrapper; - - /* but in case 0.9.6 we do it indirectly with another wrapper */ - SSL_CTX_set_cert_verify_callback(ctx, - GRST_verify_cert_wrapper, - (void *) NULL); - - /* whatever version, we can set the SSLVerify wrapper properly */ - SSL_CTX_set_verify(ctx, ctx->verify_mode, - GRST_callback_SSLVerify_wrapper); - - if (main_server->loglevel >= APLOG_DEBUG) - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, main_server, - "Set mod_ssl verify callbacks to GridSite wrappers"); - } - } - - return OK; -} - -static void mod_gridsite_child_init(apr_pool_t *pPool, server_rec *pServer) -{ - GRSTgaclInit(); -} - -static int mod_gridsite_handler(request_rec *r) -{ - mod_gridsite_cfg *conf; - - conf = (mod_gridsite_cfg *) - ap_get_module_config(r->per_dir_config, &gridsite_module); - - if ((conf->dnlistsuri != NULL) && - (strncmp(r->uri, conf->dnlistsuri, strlen(conf->dnlistsuri)) == 0)) - { - if (strcmp(r->uri, conf->dnlistsuri) == 0) - return mod_gridsite_dnlistsuri_dir_handler(r, conf); - - return mod_gridsite_dnlistsuri_handler(r, conf); - } - - if (strcmp(r->handler, DIR_MAGIC_TYPE) == 0) - return mod_gridsite_dir_handler(r, conf); - - return mod_gridsite_nondir_handler(r, conf); -} - -static ap_unix_identity_t *mod_gridsite_get_suexec_id_doer(const request_rec *r) -{ - mod_gridsite_cfg *conf; - - conf = (mod_gridsite_cfg *) - ap_get_module_config(r->per_dir_config, &gridsite_module); - - if ((conf->execugid.uid != UNSET) && - (conf->execmethod != NULL)) - { - - /* also push GRST_EXEC_DIRECTORY into request environment here too */ - - return &(conf->execugid); - } - - - - return NULL; -} - -static void register_hooks(apr_pool_t *p) -{ - /* set up the Soap2cgi input and output filters */ - - ap_hook_insert_filter(mod_gridsite_soap2cgi_insert, NULL, NULL, - APR_HOOK_MIDDLE); - - ap_register_output_filter(Soap2cgiFilterName, mod_gridsite_soap2cgi_out, - NULL, AP_FTYPE_RESOURCE); - -// ap_register_input_filter(Soap2cgiFilterName, mod_gridsite_soap2cgi_in, -// NULL, AP_FTYPE_RESOURCE); - - /* config and handler stuff */ - - ap_hook_post_config(mod_gridsite_server_post_config, NULL, NULL, - APR_HOOK_LAST); - ap_hook_child_init(mod_gridsite_child_init, NULL, NULL, APR_HOOK_MIDDLE); - - ap_hook_fixups(mod_gridsite_first_fixups,NULL,NULL,APR_HOOK_FIRST); - - ap_hook_fixups(mod_gridsite_perm_handler,NULL,NULL,APR_HOOK_REALLY_LAST); - - ap_hook_handler(mod_gridsite_handler, NULL, NULL, APR_HOOK_FIRST); - - ap_hook_get_suexec_identity(mod_gridsite_get_suexec_id_doer, - NULL, NULL, APR_HOOK_MIDDLE); -} - -module AP_MODULE_DECLARE_DATA gridsite_module = -{ - STANDARD20_MODULE_STUFF, - create_gridsite_dir_config, /* dir config creater */ - merge_gridsite_dir_config, /* dir merger */ - NULL, /* server config */ - NULL, /* merge server config */ - mod_gridsite_cmds, /* command apr_table_t */ - register_hooks /* register hooks */ -}; diff --git a/org.gridsite.core/src/mod_ssl-private.h b/org.gridsite.core/src/mod_ssl-private.h deleted file mode 100644 index 7b0b784..0000000 --- a/org.gridsite.core/src/mod_ssl-private.h +++ /dev/null @@ -1,106 +0,0 @@ -/* - Copyright (c) 2003-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* - - Portions of this code are derived from Apache mod_ssl, and are covered - by the Apache Software License: - - * Copyright 2001-2004 The Apache Software Foundation - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/*------------------------------------------------------------------* - * This program is part of GridSite: http://www.gridsite.org/ * - *------------------------------------------------------------------*/ - - -/* - * After 2.0.49, Apache mod_ssl has most of the mod_ssl structures defined - * in ssl_private.h, which is not installed along with httpd-devel (eg in - * the FC2 RPM.) This include file provides SIMPLIFIED structures for use - * by mod_gridsite: for example, pointers to unused structures are replaced - * by void * and some of the structures are truncated when only the early - * members are used. - * - * CLEARLY, THIS WILL BREAK IF THERE ARE MAJOR CHANGES TO ssl_private.h!!! - */ - -#include - -typedef enum { - SSL_SHUTDOWN_TYPE_UNSET, - SSL_SHUTDOWN_TYPE_STANDARD, - SSL_SHUTDOWN_TYPE_UNCLEAN, - SSL_SHUTDOWN_TYPE_ACCURATE -} ssl_shutdown_type_e; - -typedef struct { - SSL *ssl; - const char *client_dn; - X509 *client_cert; - ssl_shutdown_type_e shutdown_type; - const char *verify_info; - const char *verify_error; - int verify_depth; - int is_proxy; - int disabled; - int non_ssl_request; -} SSLConnRec; - -typedef struct { - void *sc; /* pointer back to server config */ - SSL_CTX *ssl_ctx; -} modssl_ctx_t; - -typedef struct { - void *mc; - unsigned int enabled; - unsigned int proxy_enabled; - const char *vhost_id; - int vhost_id_len; - int session_cache_timeout; - modssl_ctx_t *server; - modssl_ctx_t *proxy; -} SSLSrvConfigRec; - -extern module AP_MODULE_DECLARE_DATA ssl_module; diff --git a/org.gridsite.core/src/proxyput-example.c b/org.gridsite.core/src/proxyput-example.c deleted file mode 100644 index f0fe834..0000000 --- a/org.gridsite.core/src/proxyput-example.c +++ /dev/null @@ -1,131 +0,0 @@ -/* - Copyright (c) 2002-4, Andrew McNab, University of Manchester - All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, are permitted provided that the following - conditions are met: - - o Redistributions of source code must retain the above - copyright notice, this list of conditions and the following - disclaimer. - o Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* - Change the hard-coded defaults below to your set up. -*/ - -#define LOCALPROXY "/tmp/x509up" -#define DELEGATIONURL "https://testing.hep.man.ac.uk/gridsite-delegation.cgi" -#define CAPATH "/etc/grid-security/certificates" -#define DELEGATIONID "1234567890" -#define EXPIREMINUTES 60 - -#ifndef VERSION -#define VERSION "0.0.0" -#endif - -#define _GNU_SOURCE - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -#include "gridsite.h" - -#include "soapH.h" -#include "delegation.nsmap" - -int main(int argc, char *argv[]) -{ - char *reqtxt, *certtxt; - struct ns__putProxyResponse *unused; - struct soap soap_get, soap_put; - - ERR_load_crypto_strings (); - OpenSSL_add_all_algorithms(); - - soap_init(&soap_get); - - if (soap_ssl_client_context(&soap_get, - SOAP_SSL_DEFAULT, - LOCALPROXY, - "", - NULL, - CAPATH, - NULL)) - { - soap_print_fault(&soap_get, stderr); - return 1; - } - - soap_call_ns__getProxyReq(&soap_get, - DELEGATIONURL, /* HTTPS url of service */ - "", /* no password on proxy */ - DELEGATIONID, - &reqtxt); - - if (soap_get.error) - { - soap_print_fault(&soap_get, stderr); - return 1; - } - - if (GRSTx509MakeProxyCert(&certtxt, stderr, reqtxt, - LOCALPROXY, LOCALPROXY, EXPIREMINUTES) - != GRST_RET_OK) - { - return 1; - } - - soap_init(&soap_put); - - if (soap_ssl_client_context(&soap_put, - SOAP_SSL_DEFAULT, - LOCALPROXY, - "", - NULL, - CAPATH, - NULL)) - { - soap_print_fault(&soap_put, stderr); - return 1; - } - - soap_call_ns__putProxy(&soap_put, DELEGATIONURL, "", DELEGATIONID, - certtxt, unused); - if (soap_put.error) - { - soap_print_fault(&soap_put, stderr); - return 1; - } - - return 0; -} - diff --git a/org.gridsite.core/src/roffit b/org.gridsite.core/src/roffit deleted file mode 100755 index d1c7263..0000000 --- a/org.gridsite.core/src/roffit +++ /dev/null @@ -1,370 +0,0 @@ -#!/usr/bin/env perl -# -# roffit: convert man page source files to HTML -# -# Read an nroff file. Output a HTML file. -# -# This is a very simple script, but I use it on very simple man pages and I've -# found no other script that makes beautiful web pages. -# -my $version = "0.3"; # (14 November 2003) -# Author: Daniel Stenberg -# Please email me improvements. -# -# You're free to do whatever you want with this script. -# -# Changes: -# -# 0.3 - Daniel Fandrich brought: -# o deal with .lp lines -# o .TH needs no section portion anymore -# o added generator meta tag in the header -# -# 0.2 - fixed the name for the SH section -# - added links from all words within \fIthis\fP or \fBthis\fP -# that has the same text as a .SH or .IP. -# - -use strict; -#use warnings; - -my $InFH = \*STDIN; -my $OutFH = \*STDOUT; -my $debugFH = \*STDERR; - -my %manpage; -my @out; - -my $indentlevel=0; # logical levels, not columns -my @p; -my $within_tp; -my $standalone=1; # by default we make stand-alone HTML pages -my $pre; -my %anchor; # hash with all anchors - -while($ARGV[0]) { - if($ARGV[0] eq "--bare") { - # don't include headers and stuff - $standalone=0; - shift @ARGV; - } - else { - printf $debugFH "unknown option: %s\n", $ARGV[0] if($ARGV[0] ne "-h"); - print $debugFH "Usage: roffit [options] < infile > outfile\n", - "Options:\n", - " --bare Do not put in HTML, HEAD, BODY tags\n"; - exit; - } -} - -sub showp { - my @p = @_; - push @out, "\n

", @p; -} - -sub defaultcss { - print $OutFH < -P.level0 { - padding-left: 2em; -} - -P.level1 { - padding-left: 4em; -} - -P.level2 { - padding-left: 6em; -} - -span.emphasis { - font-style: italic; -} - -span.bold { - font-weight: bold; -} - -span.manpage { - font-weight: bold; -} - -h2.nroffsh { - background-color: #e0e0e0; -} - -span.nroffip { - font-weight: bold; - font-size: 120%; - font-family: monospace; -} - -p.roffit { - text-align: center; - font-size: 80%; -} - -ENDOFCSS - ; -} - -sub text2name { - my ($text) = @_; - $text =~ s/^ *([^ ]*).*/$1/g; - $text =~ s/[^a-zA-Z0-9-]//g; - return $text; -} - -# scan through the file and check for sections we should convert -# to proper links -sub linkfile { - my @new; - for(@out) { - my $line=$_; - my $l; - while($line =~ s/([^<]*)<\/span>/[]/) { - my ($style, $name)=($1, $2); - - $l = text2name($name); - - #printf $debugFH "$style - $name - %s - %d\n", - #$l, $anchor{$l}; - - my $link; - if($anchor{$l}) { - $link="$name"; - } - else { - $link="$name"; - } - $line =~ s/\[\]/$link/; - } - push @new, $line; - } - return @new; -} - -sub parsefile { - - while(<$InFH>) { - my $in = $_; - my $out; - # print $debugFH "DEBUG IN: $_"; - - $in =~ s/[\r\n]//g if(!$pre); # tear off newlines - - if($in =~ /^\.([^ \n]*)(.*)/) { - # this is a line starting with a dot, that means it is special - my ($keyword, $rest) = ($1, $2); - $out = ""; - - # cut off initial spaces - $rest =~ s/^ +//g; - - if($keyword eq "\\\"") { - # this is a comment, skip this line - } - elsif($keyword =~ /^TH$/i) { - # man page header: - # curl 1 "22 Oct 2003" "Curl 7.10.8" "Curl Manual" - # NAME SECTION DATE VERSION MANUAL - if($rest =~ /([^ ]*) (\d+) \"([^\"]*)\" \"([^\"]*)\"(\"([^\"]*)\")?/) { - # strict matching only so far - $manpage{'name'} = $1; - $manpage{'section'} = $2; - $manpage{'date'} = $3; - $manpage{'version'} = $4; - $manpage{'manual'} = $6; - } - } - elsif($keyword =~ /^SH$/i) { - # Section Header - showp(@p); - @p=""; - if($pre) { - push @out, "\n"; - $pre = 0; - } - - my $name = text2name($rest); - $anchor{$name}=1; - - $rest =~ s/\"//g; # cut off quotes - $rest =~ s//>/g; - $out = "

$rest

"; - $indentlevel=0; - $within_tp=0; - } - elsif(($keyword =~ /^B$/i) || ($keyword =~ /^BI$/i)) { - # Make B and BI the same for simplicity - $rest =~ s/\"//g; # cut off quotes - $rest =~ s//>/g; - push @p, "$rest "; - } - elsif($keyword =~ /^I$/i) { - $rest =~ s/\"//g; # cut off quotes - $rest =~ s//>/g; - push @p, "$rest "; - } - elsif($keyword =~ /^RS$/i) { - # the start of another indent-level. for inlined tables - # within an "IP" - showp(@p); - @p=""; - $indentlevel++; - } - elsif($keyword =~ /^RE$/i) { - # end of the RS section - showp(@p); - @p=""; - $indentlevel--; - } - elsif($keyword =~ /^NF$/i) { - # We let nf start a 
 section
-                showp(@p);
-                @p="";
-                push @out, "
\n";
-                $pre=1
-            }
-            elsif($keyword =~ /^TP$/i) {
-                # Used within an "RS" section to make a new line. The first
-                # TP as a column indicator, but we decide to do that
-                # controlling in the CSS instead.
-                $within_tp=1;
-                showp(@p);
-                @p="";                
-            }
-            elsif($keyword =~ /^IP$/i) {
-                # start of a new paragraph coming up
-                showp(@p);
-                @p="";
-
-                my $name= text2name($rest);
-                $anchor{$name}=1;
-
-                $rest =~ s/\"//g; # cut off quotes
-                $rest =~ s//>/g;
-                
-                $indentlevel-- if ($indentlevel);
-                push @p, "$rest ";
-                # make this a single-line title
-                showp(@p);
-                @p="";
-                $indentlevel++;
-                $within_tp=0;
-            }
-            elsif($keyword =~ /^ad$/i) {
-                showp(@p);
-                @p="";
-            }
-            elsif($keyword =~ /^sp$/i) {
-                showp(@p);
-                @p="";
-            }
-            elsif($keyword =~ /^lp$/i) {
-                # marks end of a paragraph
-                showp(@p);
-                @p="";
-            }
-            elsif($keyword =~ /^pp$/i) {
-                # PP ends a TP section, but some TP sections don't use it
-                $within_tp=0;
-            }
-            elsif($keyword =~ /^so$/i) {
-                # This keyword refers to a different man page, named in the
-                # $rest.
-                # We don't support this
-                push @out, "See the $rest man page.\n";
-            }
-            elsif($keyword =~ /^BR$/i) {
-                # I'm not sure what this does exactly, but this is commonly
-                # used to include pointers to other man pages. Let's assume
-                # it only does that for now.
-                # blabla (3)
-                # or "blabla (3)"
-                # or strcmp "(3), " strcasecmp "(3)"
-                # etc
-                
-                $rest =~ s/\"//g; # cut off quotes
-                my @all = split /,/, $rest;
-                for(@all) {
-                    if(/([^ ]*) *\((\d+)\)/) {
-                        # TODO: this looks like a man page, check if there's a
-                        # HTML file for it and if so make a link to it
-                    }
-
-                    push @p, "$_ ";
-                }
-            }
-            else {
-                showp(@p);
-                print $debugFH "ALERT: unknown keyword \"$keyword\"\n";
-            }
-        }
-        else {
-            # text line, decode \-stuff
-            my $txt = $in;
-
-            $txt =~ s//>/g;
-            $txt =~ s/\\&//g; # cut off \&
-            $txt =~ s/\\fI//g;
-            $txt =~ s/\\fB//g;
-            $txt =~ s/\\fP/<\/span>/g;
-            $txt =~ s/\\//g;
-
-            if($txt =~ /^[ \t\r\n]*$/) {
-                # no contents, marks end of a paragraph
-                showp(@p);
-                @p="";
-            }
-            else {
-                $txt =~ s/^ /\ \;/g;
-                push @p, "$txt ";
-            }
-            $out ="";
-        }
-
-        if($out) {
-            push @out, $out;
-   #         print $debugFH "DEBUG OUT: $out\n";
-        }
-        else {
-   #         print $debugFH "DEBUG OUT: [withheld]\n";
-        }
-    }
-    showp(@p);
-}
-
-parsefile();
-
-my @conv = linkfile();
-
-my $title=sprintf("%s man page",
-                  $manpage{'name'}?$manpage{'name'}:"secret");
-
-if($standalone) {
-    print $OutFH <
-$title
-
-MOO
-    ;
-    defaultcss();
-    print "\n";
-}
-
-print $OutFH @conv;
-print $OutFH <
- This HTML page was made with roffit.
-ROFFIT
-    ;
-
-if($standalone) {
-    print "\n";
-}
diff --git a/org.gridsite.core/src/showx509exts.c b/org.gridsite.core/src/showx509exts.c
deleted file mode 100644
index d37dff4..0000000
--- a/org.gridsite.core/src/showx509exts.c
+++ /dev/null
@@ -1,117 +0,0 @@
-
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#include "gridsite.h"
-
-#define MAXTAG 500
-                                 
-main()
-{
-   X509   *cert, *tmpcert;
-   STACK_OF(X509) *certstack = sk_X509_new_null();
-   FILE   *fp;
-   struct vomsdata *vd;
-   int    i, j, vomserror, i1, i2, j1, j2, lastobject;
-   X509_EXTENSION *ex;
-   ASN1_OBJECT *asnobject;
-   char s[80], *t;
-   ASN1_OCTET_STRING *asndata;
-   BIO *out;
-   unsigned char *p, *op, *tot, *p1, *p2, *q, *oq;
-   long len1, length1, len2, length2;
-   int tag,xclass,ret=0;
-   struct GRSTasn1TagList taglist[MAXTAG+1];
-   int lasttag=-1, itag;
-   
- 
-   OpenSSL_add_all_algorithms();
-   ERR_load_crypto_strings();
-//   seed_prng();
-   
-//   fp = fopen("proxy-with-voms", "r");
-   fp = fopen("/tmp/x509up_u300", "r");
-   
-   cert = PEM_read_X509(fp, NULL, NULL, NULL);
-      
-   fclose(fp);
-
-   out=BIO_new(BIO_s_file());                                                                                        
-   BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-        
-   for (i = 0; i < X509_get_ext_count(cert); ++i)
-      {
-        lasttag=-1;
-      
-        ex = X509_get_ext(cert, i);
-                          
-        OBJ_obj2txt(s, sizeof(s), X509_EXTENSION_get_object(ex), 1);        
-        printf("%d OID=%s\n", i, s);
-        
-        asnobject = X509_EXTENSION_get_object(ex);
-        asndata = X509_EXTENSION_get_data(ex);
-
-        p1 = ASN1_STRING_data(asndata);
-        p = p1;
-        length1 = ASN1_STRING_length(asndata);
-              
-        GRSTasn1ParseDump(out, p1, length1, taglist, MAXTAG, &lasttag);
-
-{
-        int n, tag, xclass;
-        unsigned char *q, buf[100];
-        const unsigned char *dn, hash[EVP_MAX_MD_SIZE];
-        ASN1_OBJECT *obj = NULL;
-        const EVP_MD *m;
-        EVP_MD_CTX ctx;
-   
-        itag = GRSTasn1SearchTaglist(taglist, &lasttag, 
-               "-1-1-1-1-2-1-1-1-1-1-1-1");
-               
-        X509_NAME *xname;
-        
-        q = &p[taglist[itag].start];
-        
-        d2i_ASN1_OBJECT(&obj, &q, taglist[itag].length + 
-                                  taglist[itag].headerlength);
-
-        n  = OBJ_obj2nid(obj);
-        dn = OBJ_nid2sn(n);
-                         
-//        dn = X509_NAME_oneline(xname,NULL,0);
-        
-        printf("n=%d dn=%s obj2txt=%s\n", n, dn, OBJ_obj2txt(NULL,0,obj,1));
-
-        GRSTasn1GetX509Name(buf, 99, "-1-1-1-1-2-1-1-1-1-%d-1-%d", p1, taglist, &lasttag);
-        printf("%s\n", buf);
-        GRSTasn1GetX509Name(buf, 99, "-1-1-1-1-3-1-1-1-%d-1-%d", p1, taglist, &lasttag);
-        printf("%s\n", buf);
-        
-/*        
-        m = EVP_md5();
-        EVP_DigestInit(&ctx, m); 
-        EVP_DigestUpdate(&ctx, delegation_id, strlen(delegation_id));
-        EVP_DigestFinal(&ctx, hash, &delegation_id_len);
- */      
-}              
-
-/*       
-        itag = GRSTasn1SearchTaglist(taglist, &lasttag,
-                                     "1-1-1-1-1-7-1-2-1-2-1");
-                                    
-        printf("tag=%d %s %d %.*s\n",
-               itag, taglist[itag].treecoords, taglist[itag].tag,
-               taglist[itag].length, 
-               &p[taglist[itag].start+taglist[itag].headerlength]);
-*/
-      }
-}
diff --git a/org.gridsite.core/src/urlencode.c b/org.gridsite.core/src/urlencode.c
deleted file mode 100644
index bea36a9..0000000
--- a/org.gridsite.core/src/urlencode.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
-   Copyright (c) 2002-3, Andrew McNab, University of Manchester
-   All rights reserved.
-
-   Redistribution and use in source and binary forms, with or
-   without modification, are permitted provided that the following
-   conditions are met:
-
-     o Redistributions of source code must retain the above
-       copyright notice, this list of conditions and the following
-       disclaimer. 
-     o Redistributions in binary form must reproduce the above
-       copyright notice, this list of conditions and the following
-       disclaimer in the documentation and/or other materials
-       provided with the distribution. 
-
-   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
-   CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-   INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-   DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
-   BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-   EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
-   TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
-   ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-   OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-   POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*---------------------------------------------------------------*
- * For more about GridSite: http://www.gridsite.org/             *
- *---------------------------------------------------------------*/
-
-#include 
-#include 
-
-#include "gridsite.h"
-
-int main(int argn, char *argv[])
-{
-  int    i;
-
-  if (argn == 1)
-    {
-      puts("urlencode [-m|-d] string-to-encode-or-decode");
-      return 0;
-    }
-
-  if      (strcmp(argv[1], "-d") == 0) /* decode */
-   for (i = 2; i < argn; ++i) 
-      {
-        if (i > 2) fputs(" ", stdout);
-        fputs(GRSThttpUrlDecode(argv[i]), stdout);
-      }
-  else if (strcmp(argv[1], "-m") == 0) /* mild encode */
-   for (i = 2; i < argn; ++i) 
-      {
-        if (i > 2) fputs("%20", stdout);
-        fputs(GRSThttpUrlMildencode(argv[i]), stdout);
-      }
-  else /* standard encode */
-   for (i = 1; i < argn; ++i) 
-      {
-        if (i > 1) fputs("%20", stdout);
-        fputs(GRSThttpUrlEncode(argv[i]), stdout);
-      }
-
-  puts("");
-
-  return 0;
-}
diff --git a/org.gridsite.core/src/xacmlexample.c b/org.gridsite.core/src/xacmlexample.c
deleted file mode 100644
index af914b9..0000000
--- a/org.gridsite.core/src/xacmlexample.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
-   Copyright (c) 2005, Andrew McNab and Shiv Kaushal, University of Manchester
-   All rights reserved.
-
-   Redistribution and use in source and binary forms, with or
-   without modification, are permitted provided that the following
-   conditions are met:
-
-     o Redistributions of source code must retain the above
-       copyright notice, this list of conditions and the following
-       disclaimer. 
-     o Redistributions in binary form must reproduce the above
-       copyright notice, this list of conditions and the following
-       disclaimer in the documentation and/or other materials
-       provided with the distribution. 
-
-   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
-   CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-   INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-   DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
-   BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-   EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
-   TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
-   ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-   OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-   POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/*---------------------------------------------------------------*
- * For more about GridSite: http://www.gridsite.org/             *
- *---------------------------------------------------------------*/
-
-/*
-   Example program using XACML
-
-   Build with:
-   
-    gcc -o xacmlexample xacmlexample.c -L. -I. -lgridsite -lxml2 -lz -lm
-*/
-
-#include 
-#include 
-#include 
-#include 
-
-int main()
-{
-  GRSTgaclCred  *cred, *usercred;
-  GRSTgaclEntry *entry;
-  GRSTgaclAcl   *acl1, *acl2;
-  GRSTgaclUser  *user;
-  GRSTgaclPerm   perm0, perm1, perm2;
-  FILE          *fp;
-
-  /* must initialise GACL before using XACML functions */
-
-  GRSTgaclInit();
-
-  /* build up an ACL, starting with a credential */
-
-  cred = GRSTgaclCredNew("person");
-
-  GRSTgaclCredAddValue(cred, "dn", "/O=Grid/CN=Mr Grid Person");
-
-  /* create an entry to put it in */
-
-  entry = GRSTgaclEntryNew();
-
-  /* add the credential to it */
-
-  GRSTgaclEntryAddCred(entry, cred);
-
-  /* add another credential */
-
-  cred = GRSTgaclCredNew("dn-list");
-  GRSTgaclCredAddValue(cred, "url", "example-dn-list");
-  GRSTgaclEntryAddCred(entry, cred);
-
-  fp = fopen("example-dn-list", "w");
-  fputs("/O=Grid/CN=Mr Grid Person\n", fp);
-  fclose(fp);
-
-  /* associate some permissions and denials to the credential */
-
-  GRSTgaclEntryAllowPerm( entry, GRST_PERM_READ);
-  GRSTgaclEntryAllowPerm( entry, GRST_PERM_WRITE);
-  GRSTgaclEntryAllowPerm( entry, GRST_PERM_ADMIN);
-  GRSTgaclEntryDenyPerm(  entry, GRST_PERM_ADMIN);
-  GRSTgaclEntryDenyPerm(  entry, GRST_PERM_LIST);
-
-  perm0 = GRST_PERM_READ | GRST_PERM_WRITE;
-
-  printf("test perm should be %d\n", perm0);
-
-  /* create a new ACL and add the entry to it */
-
-  acl1 = GRSTgaclAclNew();
-
-  GRSTgaclAclAddEntry(acl1, entry);
-
-  /* create a GRSTgaclUser to compare with the ACL */
-
-  usercred = GRSTgaclCredNew("person");
-
-  GRSTgaclCredAddValue(usercred, "dn", "/O=Grid/CN=Mr Grid Person");
-
-  user = GRSTgaclUserNew(usercred);
-
-  GRSTgaclUserSetDNlists(user, getcwd(NULL, 0));
-  printf("DN Lists dir %s\n", getcwd(NULL, 0));
-
-//  putenv("GRST_DN_LISTS=.");
-
-  perm1 = GRSTgaclAclTestUser(acl1, user);
-
-  printf("test /O=Grid/CN=Mr Grid Person in acl = %d\n", perm1);
-
-  /* print and save the whole ACL */
-
-  GRSTgaclAclPrint(acl1, stdout);
-
-  GRSTxacmlAclSave(acl1, "example.xacml");
-
-  puts("gridacl.out saved");
-
-  puts("");
-
-  /* load the ACL back off the disk, print and test it */
-
-  acl2 = GRSTxacmlAclLoadFile("example.xacml");
-
-  puts("gridacl.out loaded");
-
-  if (acl2 != NULL) GRSTgaclAclPrint(acl2, stdout); else puts("acl2 is NULL");
-
-  perm2 = GRSTgaclAclTestUser(acl2, user);
-
-  printf("test /O=Grid/CN=Mr Grid Person in acl = %d\n", perm2);
-
-  if (perm1 != perm0) return 1;
-  if (perm2 != perm0) return 2;
-
-  return 0;
-}
-
-- 
1.8.2.3