From 9394a9c8984fb20c53479b23cdd5d12b557e5ef1 Mon Sep 17 00:00:00 2001
From: Marcel Poul <marcel.poul@cern.ch>
Date: Tue, 12 Jun 2012 13:14:12 +0000
Subject: [PATCH] move mechanism specific context to canl global context

---
 emi.canl.canl-c/src/canl.c      |  8 +++----
 emi.canl.canl-c/src/canl_cred.c |  7 +++++-
 emi.canl.canl-c/src/canl_locl.h |  8 +++----
 emi.canl.canl-c/src/canl_ssl.c  | 51 ++++++++++++++++++++++++-----------------
 4 files changed, 44 insertions(+), 30 deletions(-)

diff --git a/emi.canl.canl-c/src/canl.c b/emi.canl.canl-c/src/canl.c
index 9abd339..117f6f2 100644
--- a/emi.canl.canl-c/src/canl.c
+++ b/emi.canl.canl-c/src/canl.c
@@ -20,7 +20,7 @@ canl_ctx canl_create_ctx()
         return NULL;
 
     for (i = 0; i < sizeof(mechs)/sizeof(mechs[0]); i++)
-	mechs[i]->initialize(ctx, &mechs[i]->glb_ctx);
+	mechs[i]->initialize(ctx); /*TODO every mech must have its own ctx*/
 
     return ctx;
 }
@@ -121,7 +121,7 @@ canl_io_connect(canl_ctx cc, canl_io_handler io, const char *host,
                 break;
             case TRY_AGAIN:
                 err = update_error(glb_cc, ETIMEDOUT, POSIX_ERROR,
-                        "Cannot resolve the server hostname (%s)", host);
+                        " Timeout reached when connecting to (%s)", host);
 		goto end;
             case NETDB_INTERNAL:
 		err = update_error(glb_cc, errno, POSIX_ERROR,
@@ -154,7 +154,7 @@ canl_io_connect(canl_ctx cc, canl_io_handler io, const char *host,
 		if (err)
 		    continue;
 
-		err = mech->client_init(glb_cc, mech->glb_ctx, &ctx);
+		err = mech->client_init(glb_cc, &ctx);
 		if (err) {
 		    canl_io_close(glb_cc, io_cc);
 		    continue;
@@ -271,7 +271,7 @@ canl_io_accept(canl_ctx cc, canl_io_handler io, int new_fd,
 
     io_cc->sock = new_fd;
 
-    err = mech->server_init(glb_cc, mech->glb_ctx, &conn_ctx);
+    err = mech->server_init(glb_cc, &conn_ctx);
     if (err)
         goto end;
 
diff --git a/emi.canl.canl-c/src/canl_cred.c b/emi.canl.canl-c/src/canl_cred.c
index 931fc5a..ac9ccb9 100644
--- a/emi.canl.canl-c/src/canl_cred.c
+++ b/emi.canl.canl-c/src/canl_cred.c
@@ -105,10 +105,15 @@ canl_ctx_set_cred(canl_ctx ctx, canl_cred cred)
     glb_ctx *cc = (glb_ctx*) ctx;
     creds *crd = (creds*) cred;
     int ret = 0;
-    mech_glb_ctx *m_ctx = (mech_glb_ctx*) canl_mech_ssl.glb_ctx;
+    mech_glb_ctx *m_ctx = (mech_glb_ctx *)cc->mech_ctx;
 
     if (!ctx)
         return EINVAL;
+
+    if (!m_ctx)
+        return set_error(cc, EINVAL, POSIX_ERROR, "SSL context not"
+                " initialized");
+
     if (!crd || !m_ctx->cert_key)
         return set_error(cc, EINVAL, POSIX_ERROR, "Cred. handler"
                 " not initialized" );
diff --git a/emi.canl.canl-c/src/canl_locl.h b/emi.canl.canl-c/src/canl_locl.h
index a706429..d253efc 100644
--- a/emi.canl.canl-c/src/canl_locl.h
+++ b/emi.canl.canl-c/src/canl_locl.h
@@ -53,6 +53,7 @@ typedef struct _glb_ctx
     /* XXX Do we need to keep these two:? */
     canl_err_origin err_orig;
     long original_err_code;
+    void *mech_ctx;
 } glb_ctx;
 
 typedef struct _asyn_result {
@@ -76,10 +77,9 @@ typedef struct _io_handler
 
 typedef struct canl_mech {
     CANL_AUTH_MECHANISM mech;
-    void *glb_ctx;
 
     canl_err_code (*initialize)
-        (glb_ctx *, void **);
+        (glb_ctx *);
 
     canl_err_code (*set_flags)
         (glb_ctx *cc, unsigned int *mech_flags,  unsigned int flags);
@@ -88,10 +88,10 @@ typedef struct canl_mech {
 	(glb_ctx *, void *);
 
     canl_err_code (*client_init)
-        (glb_ctx *, void *, void **);
+        (glb_ctx *, void **);
 
     canl_err_code (*server_init)
-        (glb_ctx *, void *, void **);
+        (glb_ctx *, void **);
 
     canl_err_code (*free_ctx)
 	(glb_ctx *, void *);
diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c
index d20dd43..4869886 100644
--- a/emi.canl.canl-c/src/canl_ssl.c
+++ b/emi.canl.canl-c/src/canl_ssl.c
@@ -247,9 +247,9 @@ set_ocsp_store(canl_x509store_t *store)
 
 
     static canl_err_code
-ssl_initialize(glb_ctx *cc, void **v_glb_ctx)
+ssl_initialize(glb_ctx *cc)
 {
-    mech_glb_ctx **m_glb_ctx = (mech_glb_ctx **)v_glb_ctx;
+    mech_glb_ctx **m_glb_ctx = (mech_glb_ctx **)cc->mech_ctx;
     int err = 0;
     char *ca_cert_fn, *user_cert_fn, *user_key_fn, *user_proxy_fn;
     char *ca_cert_dirn = NULL;
@@ -346,10 +346,10 @@ ssl_set_dir(glb_ctx *cc, char **target, const char *ca_dir)
 }
 
 static canl_err_code
-ssl_server_init(glb_ctx *cc, void *v_ctx, void **ctx)
+ssl_server_init(glb_ctx *cc, void **ctx)
 {
-    mech_glb_ctx *m_ctx = (mech_glb_ctx *)v_ctx;
-    SSL_CTX *ssl_ctx = (SSL_CTX *) m_ctx->mech_ctx;
+    mech_glb_ctx *m_ctx = (mech_glb_ctx *)cc->mech_ctx;
+    SSL_CTX *ssl_ctx = NULL; 
     SSL *ssl = NULL;
     char *user_cert_fn, *user_key_fn, *user_proxy_fn;
     int err = 0;
@@ -358,8 +358,10 @@ ssl_server_init(glb_ctx *cc, void *v_ctx, void **ctx)
     if (cc == NULL)
 	return EINVAL;
 
-    if (ssl_ctx == NULL)
-	return set_error(cc, EINVAL, POSIX_ERROR, "SSL not initialized");
+    if (!m_ctx || !m_ctx->mech_ctx)
+	return set_error(cc, EINVAL, POSIX_ERROR, "SSL context not"
+                " initialized");
+    ssl_ctx = (SSL_CTX *) m_ctx->mech_ctx;
 
     err = proxy_get_filenames(0, NULL, NULL, &user_proxy_fn,
             &user_cert_fn, &user_key_fn);
@@ -438,21 +440,22 @@ ssl_server_init(glb_ctx *cc, void *v_ctx, void **ctx)
 }
 
 static canl_err_code
-ssl_client_init(glb_ctx *cc, void *v_ctx, void **ctx)
+ssl_client_init(glb_ctx *cc, void **ctx)
 {
-    mech_glb_ctx *m_ctx = (mech_glb_ctx *)v_ctx;
-    SSL_CTX *ssl_ctx = (SSL_CTX *) m_ctx->mech_ctx;
+    mech_glb_ctx *m_ctx = (mech_glb_ctx *)cc->mech_ctx;
+    SSL_CTX *ssl_ctx = NULL;
     SSL *ssl = NULL;
     int err = 0, i = 0;
     char *user_cert_fn, *user_key_fn, *user_proxy_fn;
     user_cert_fn = user_key_fn = user_proxy_fn = NULL;
-
+    
     if (cc == NULL)
 	return EINVAL;
-
-    if (ssl_ctx == NULL)
+    
+    if (!m_ctx || !m_ctx->mech_ctx)
 	return set_error(cc, EINVAL, POSIX_ERROR, "SSL context not"
                 " initialized");
+    ssl_ctx = (SSL_CTX *) m_ctx->mech_ctx;
 
     err = proxy_get_filenames(0, NULL, NULL, &user_proxy_fn,
             &user_cert_fn, &user_key_fn);
@@ -1127,8 +1130,11 @@ canl_ctx_set_ssl_cred(canl_ctx cc, char *cert, char *key, char *proxy,
 {
     glb_ctx *glb_cc = (glb_ctx*) cc;
     int err = 0;
+    mech_glb_ctx *m_ctx = (mech_glb_ctx *)glb_cc->mech_ctx;
 
-    mech_glb_ctx *m_ctx = canl_mech_ssl.glb_ctx;
+    if (!m_ctx)
+	return set_error(cc, EINVAL, POSIX_ERROR, "SSL context not"
+                " initialized");
 
     if (!cc)
         return EINVAL;
@@ -1148,12 +1154,15 @@ canl_err_code
 canl_ctx_set_crl_dir(canl_ctx cc, const char *dir)
 {
     glb_ctx *glb_cc = (glb_ctx*) cc;
-    struct canl_mech *mech = find_mech(GSS_C_NO_OID); //TODO for now
-    mech_glb_ctx *m_ctx = (mech_glb_ctx *)mech->glb_ctx;
+    mech_glb_ctx *m_ctx = (mech_glb_ctx *)glb_cc->mech_ctx;
     
     if (!cc)
         return EINVAL;
     
+    if (!m_ctx)
+	return set_error(glb_cc, EINVAL, POSIX_ERROR, "SSL context not"
+                " initialized");
+    
     return ssl_set_dir(glb_cc, &m_ctx->crl_dir, dir);
 }
 
@@ -1161,12 +1170,15 @@ canl_err_code
 canl_ctx_set_ca_dir(canl_ctx cc, const char *dir)
 {
     glb_ctx *glb_cc = (glb_ctx*) cc;
-    struct canl_mech *mech = find_mech(GSS_C_NO_OID); //TODO for now
-    mech_glb_ctx *m_ctx = (mech_glb_ctx *)mech->glb_ctx;
+    mech_glb_ctx *m_ctx = (mech_glb_ctx *)glb_cc->mech_ctx;
     
     if (!cc)
         return EINVAL;
     
+    if (!m_ctx)
+	return set_error(glb_cc, EINVAL, POSIX_ERROR, "SSL context not"
+                " initialized");
+    
     return ssl_set_dir(glb_cc, &m_ctx->ca_dir, dir);
 }
 
@@ -1415,11 +1427,8 @@ error_exit:
     return 0;
 }
 
-mech_glb_ctx ssl_glb_ctx;
-
 canl_mech canl_mech_ssl = {
     TLS,
-    &ssl_glb_ctx,
     ssl_initialize,
     ssl_set_flags,
     ssl_finish,
-- 
1.8.2.3