From 87e23e6b0a81a28f1fd3e0da509fd045ad1d8ae5 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Daniel=20Kou=C5=99il?= <kouril@ics.muni.cz>
Date: Tue, 22 Mar 2005 10:10:18 +0000
Subject: [PATCH] - used proper key to sign new VOMS proxy - removed some
 memleaks - closed (or removed) all opened files to avoid file descriptors
 leaking

---
 .../project/version.properties                     |  2 +-
 org.glite.security.proxyrenewal/src/renew.c        |  8 +++--
 org.glite.security.proxyrenewal/src/renewd_locl.h  |  2 +-
 org.glite.security.proxyrenewal/src/voms.c         | 34 +++++++++++++++++-----
 4 files changed, 33 insertions(+), 13 deletions(-)

diff --git a/org.glite.security.proxyrenewal/project/version.properties b/org.glite.security.proxyrenewal/project/version.properties
index ee0add9..1273cdd 100644
--- a/org.glite.security.proxyrenewal/project/version.properties
+++ b/org.glite.security.proxyrenewal/project/version.properties
@@ -1,4 +1,4 @@
 
-module.version = 1.0.8
+module.version = 1.0.9
 module.age = 1
 				
diff --git a/org.glite.security.proxyrenewal/src/renew.c b/org.glite.security.proxyrenewal/src/renew.c
index ca6158c..c14b6c0 100644
--- a/org.glite.security.proxyrenewal/src/renew.c
+++ b/org.glite.security.proxyrenewal/src/renew.c
@@ -120,7 +120,7 @@ renew_proxy(proxy_record *record, char *basename, char **new_proxy)
    edg_wlpr_Log(LOG_DEBUG, "Trying to renew proxy in %s.%d",
 	        basename, record->suffix);
 
-   snprintf(tmp_proxy, sizeof(tmp_proxy), "%s.%d.renew.XXXXXX", 
+   snprintf(tmp_proxy, sizeof(tmp_proxy), "%s.%d.myproxy.XXXXXX", 
 	    basename, record->suffix);
    tmp_fd = mkstemp(tmp_proxy);
    if (tmp_fd == -1) {
@@ -174,7 +174,7 @@ renew_proxy(proxy_record *record, char *basename, char **new_proxy)
       char tmp_voms_proxy[FILENAME_MAX];
       int tmp_voms_fd;
       
-      snprintf(tmp_voms_proxy, sizeof(tmp_voms_proxy), "%s.%d.renew.XXXXXX",
+      snprintf(tmp_voms_proxy, sizeof(tmp_voms_proxy), "%s.%d.voms.XXXXXX",
 	       basename, record->suffix);
       tmp_voms_fd = mkstemp(tmp_voms_proxy);
       if (tmp_voms_fd == -1) {
@@ -184,13 +184,15 @@ renew_proxy(proxy_record *record, char *basename, char **new_proxy)
 	 goto end;
       }
 
-      ret = renew_voms_certs(repository_file, tmp_voms_proxy);
+      ret = renew_voms_creds(repository_file, renewed_proxy, tmp_voms_proxy);
+      close(tmp_voms_fd);
       if (ret) {
 	 unlink(tmp_voms_proxy);
 	 goto end;
       }
 
       renewed_proxy = tmp_voms_proxy;
+      unlink(tmp_proxy);
    }
 
    if (new_proxy)
diff --git a/org.glite.security.proxyrenewal/src/renewd_locl.h b/org.glite.security.proxyrenewal/src/renewd_locl.h
index 37708c6..c4b8de4 100644
--- a/org.glite.security.proxyrenewal/src/renewd_locl.h
+++ b/org.glite.security.proxyrenewal/src/renewd_locl.h
@@ -75,6 +75,6 @@ int
 get_proxy_base_name(char *file, char **subject);
 
 int
-renew_voms_certs(const char *cur_file, const char *new_file);
+renew_voms_creds(const char *cur_file, const char *renewed_file, const char *new_file);
 
 #endif /* RENEWALD_LOCL_H */
diff --git a/org.glite.security.proxyrenewal/src/voms.c b/org.glite.security.proxyrenewal/src/voms.c
index 8c630bd..f8f7129 100644
--- a/org.glite.security.proxyrenewal/src/voms.c
+++ b/org.glite.security.proxyrenewal/src/voms.c
@@ -180,10 +180,11 @@ renew_voms_cert(struct vomsdata *vd, struct voms **voms_cert,
    return 0;
 }
 
-int
-renew_voms_certs(const char *cur_file, const char *new_file)
+static int
+renew_voms_certs(const char *cur_file, const char *renewed_file, const char *new_file)
 {
    globus_gsi_cred_handle_t cur_proxy = NULL;
+   globus_gsi_cred_handle_t new_proxy = NULL;
    struct vomsdata *vd = NULL;
    struct voms **voms_cert = NULL;
    int voms_err, ret;
@@ -251,21 +252,38 @@ renew_voms_certs(const char *cur_file, const char *new_file)
    if (ret)
       goto end;
 
-   ret = generate_proxy(cur_proxy, extension, new_file);
+   ret = load_proxy(renewed_file, NULL, NULL, NULL, &new_proxy);
+   if (ret)
+      goto end;
+
+   ret = generate_proxy(new_proxy, extension, new_file);
 
 end:
-#if 0
-   if (ret)
-      unlink(new_file);
-#endif
    (old_env_proxy) ? setenv("X509_USER_PROXY", old_env_proxy, 1) :
       		     unsetenv("X509_USER_PROXY");
 
-   VOMS_Destroy(vd);
+   if (cert)
+      X509_free(cert);
+   if (chain)
+      sk_X509_pop_free(chain, X509_free);
+   if (vd)
+      VOMS_Destroy(vd);
+   if (cur_proxy)
+      globus_gsi_cred_handle_destroy(cur_proxy);
+   if (new_proxy)
+      globus_gsi_cred_handle_destroy(new_proxy);
+   if (buf)
+      free(buf);
 
    return ret;
 }
 
+int
+renew_voms_creds(const char *cur_file, const char *renewed_file, const char *new_file)
+{
+   return renew_voms_certs(cur_file, renewed_file, new_file);
+}
+
 #if 0
 int
 main(int argc, char *argv[])
-- 
1.8.2.3