From aee5071763e3da99f0e1a6ab428273382f545a5b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20Kou=C5=99il?= Date: Mon, 6 Aug 2007 15:51:24 +0000 Subject: [PATCH] Switched to the updated glite_gss API to remove globus dependencies - used edg_wll_gss_get_client_conn() instead of gss_inquire_context() to get information about the client - s/gss_release_cred/edg_wll_gss_release_cred - added some missing headers --- org.glite.lb.server/src/bkindex.c | 1 + org.glite.lb.server/src/bkserverd.c | 49 +++++++++++----------------------- org.glite.lb.server/src/db_store.c | 1 + org.glite.lb.server/src/dump.c | 1 + org.glite.lb.server/src/il_lbproxy.c | 1 + org.glite.lb.server/src/index.c.T | 1 + org.glite.lb.server/src/index_parse.y | 1 + org.glite.lb.server/src/load.c | 1 + org.glite.lb.server/src/lock.c | 1 + org.glite.lb.server/src/notif_match.c | 1 + org.glite.lb.server/src/notification.c | 1 + org.glite.lb.server/src/request.c | 1 + org.glite.lb.server/src/server_state.c | 2 ++ org.glite.lb.server/src/stats.c | 1 + org.glite.lb.server/src/write2rgma.c | 1 + 15 files changed, 30 insertions(+), 34 deletions(-) diff --git a/org.glite.lb.server/src/bkindex.c b/org.glite.lb.server/src/bkindex.c index 7f88935..fdbee8d 100644 --- a/org.glite.lb.server/src/bkindex.c +++ b/org.glite.lb.server/src/bkindex.c @@ -7,6 +7,7 @@ #include #include #include +#include #include "glite/wmsutils/jobid/strmd5.h" #include "glite/lb/context-int.h" diff --git a/org.glite.lb.server/src/bkserverd.c b/org.glite.lb.server/src/bkserverd.c index 57871c8..10ba66f 100644 --- a/org.glite.lb.server/src/bkserverd.c +++ b/org.glite.lb.server/src/bkserverd.c @@ -26,6 +26,7 @@ #include #include #include +#include #ifdef GLITE_LB_SERVER_WITH_WS #include "soap_version.h" @@ -135,7 +136,7 @@ static char *server_subject = NULL; static time_t purge_timeout[EDG_WLL_NUMBER_OF_STATCODES]; static time_t notif_duration = 60*60*24*7; -static gss_cred_id_t mycred = GSS_C_NO_CREDENTIAL; +static edg_wll_GssCred mycred = NULL; time_t cert_mtime = 0; char *cadir = NULL, *vomsdir = NULL, @@ -312,7 +313,6 @@ int main(int argc, char *argv[]) FILE *fpid; key_t semkey; edg_wll_Context ctx; - OM_uint32 min_stat; edg_wll_GssStatus gss_code; struct timeval to; int request_timeout = REQUEST_TIMEOUT; @@ -631,7 +631,7 @@ a.sin_addr.s_addr = INADDR_ANY; semctl(semset, 0, IPC_RMID, 0); unlink(pidfile); free(port); - gss_release_cred(&min_stat, &mycred); + edg_wll_gss_release_cred(&mycred, NULL); return 0; @@ -730,12 +730,9 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) { struct clnt_data_t *cdata = (struct clnt_data_t *)data; edg_wll_Context ctx; - gss_name_t client_name = GSS_C_NO_NAME; - gss_buffer_desc token = GSS_C_EMPTY_BUFFER; - gss_cred_id_t newcred = GSS_C_NO_CREDENTIAL; + edg_wll_GssPrincipal client = NULL; + edg_wll_GssCred newcred = NULL; edg_wll_GssStatus gss_code; - OM_uint32 min_stat, - maj_stat; struct timeval dns_to = {DNS_TIMEOUT, 0}, conn_start, now; struct sockaddr_in a; @@ -753,7 +750,7 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) */ if ( !edg_wll_gss_acquire_cred_gsi(server_cert, server_key, &newcred, NULL, &gss_code) ) { dprintf(("[%d] reloading credentials\n", getpid())); - gss_release_cred(&min_stat, &mycred); + edg_wll_gss_release_cred(&mycred, NULL); mycred = newcred; } else { dprintf(("[%d] reloading credentials failed, using old ones\n", getpid())); } /* @@ -913,32 +910,16 @@ int bk_handle_connection(int conn, struct timeval *timeout, void *data) return 1; } - maj_stat = gss_inquire_context(&min_stat, ctx->connections->serverConnection->gss.context, - &client_name, NULL, NULL, NULL, NULL, NULL, NULL); - if ( !GSS_ERROR(maj_stat) ) - maj_stat = gss_display_name(&min_stat, client_name, &token, NULL); - - if ( !GSS_ERROR(maj_stat) ) - { + ret = edg_wll_gss_get_client_conn(&ctx->connections->serverConnection->gss, &client, NULL); + if (ret || client->flags & EDG_WLL_GSS_FLAG_ANON) { + dprintf(("[%d] annonymous client\n",getpid())); + } else { if (ctx->peerName) free(ctx->peerName); - ctx->peerName = (char *)token.value; - memset(&token, 0, sizeof(token)); - /* XXX DK: pujde pouzit lifetime z inquire_context()? - * - ctx->peerProxyValidity = ASN1_UTCTIME_mktime(X509_get_notAfter(peer)); - */ - + ctx->peerName = strdup(client->name); + edg_wll_gss_free_princ(client); + dprintf(("[%d] client DN: %s\n",getpid(),ctx->peerName)); } - else - /* XXX DK: Check if the ANONYMOUS flag is set ? - */ - dprintf(("[%d] annonymous client\n",getpid())); - - if ( client_name != GSS_C_NO_NAME ) - gss_release_name(&min_stat, &client_name); - if ( token.value ) - gss_release_buffer(&min_stat, &token); if ( edg_wll_SetVomsGroups(ctx, &ctx->connections->serverConnection->gss, server_cert, server_key, vomsdir, cadir) ) { @@ -1222,7 +1203,7 @@ int bk_clnt_disconnect(int conn, struct timeval *timeout, void *cdata) edg_wll_Context ctx = ((struct clnt_data_t *) cdata)->ctx; - if ( ctx->connections->serverConnection->gss.context != GSS_C_NO_CONTEXT) + if ( ctx->connections->serverConnection->gss.context != NULL) edg_wll_gss_close(&ctx->connections->serverConnection->gss, timeout); edg_wll_FreeContext(ctx); ctx = NULL; @@ -1240,7 +1221,7 @@ int bk_ws_clnt_disconnect(int conn, struct timeval *timeout, void *cdata) gsplugin_ctx = glite_gsplugin_get_context(soap); glite_gsplugin_set_connection(gsplugin_ctx, NULL); - glite_gsplugin_set_credential(gsplugin_ctx, GSS_C_NO_CREDENTIAL); + glite_gsplugin_set_credential(gsplugin_ctx, NULL); if ( (rv = bk_clnt_disconnect(conn, timeout, cdata)) ) return rv; diff --git a/org.glite.lb.server/src/db_store.c b/org.glite.lb.server/src/db_store.c index 83a88cb..4c7349b 100644 --- a/org.glite.lb.server/src/db_store.c +++ b/org.glite.lb.server/src/db_store.c @@ -4,6 +4,7 @@ #include #include #include +#include #include "glite/lb/context-int.h" #include "glite/lb/events.h" diff --git a/org.glite.lb.server/src/dump.c b/org.glite.lb.server/src/dump.c index ea926d0..431b6af 100644 --- a/org.glite.lb.server/src/dump.c +++ b/org.glite.lb.server/src/dump.c @@ -6,6 +6,7 @@ #include #include #include +#include #include "glite/lb/trio.h" #include "glite/wmsutils/jobid/cjobid.h" diff --git a/org.glite.lb.server/src/il_lbproxy.c b/org.glite.lb.server/src/il_lbproxy.c index 654ef2a..ec7f6d6 100644 --- a/org.glite.lb.server/src/il_lbproxy.c +++ b/org.glite.lb.server/src/il_lbproxy.c @@ -1,6 +1,7 @@ #ident "$Header$" #include +#include #include "glite/lb/context-int.h" #include "glite/lb/log_proto.h" diff --git a/org.glite.lb.server/src/index.c.T b/org.glite.lb.server/src/index.c.T index 83ee1a4..4f50a1c 100644 --- a/org.glite.lb.server/src/index.c.T +++ b/org.glite.lb.server/src/index.c.T @@ -2,6 +2,7 @@ #include #include #include +#include #include "glite/lb/context-int.h" #include "lbs_db.h" diff --git a/org.glite.lb.server/src/index_parse.y b/org.glite.lb.server/src/index_parse.y index 4c9265b..7201426 100644 --- a/org.glite.lb.server/src/index_parse.y +++ b/org.glite.lb.server/src/index_parse.y @@ -4,6 +4,7 @@ #include #include +#include #include "glite/lb/context-int.h" diff --git a/org.glite.lb.server/src/load.c b/org.glite.lb.server/src/load.c index 5d2f431..2970a4e 100644 --- a/org.glite.lb.server/src/load.c +++ b/org.glite.lb.server/src/load.c @@ -10,6 +10,7 @@ #include #include #include +#include #include "glite/lb/trio.h" diff --git a/org.glite.lb.server/src/lock.c b/org.glite.lb.server/src/lock.c index d9b95ac..de75dd9 100644 --- a/org.glite.lb.server/src/lock.c +++ b/org.glite.lb.server/src/lock.c @@ -1,5 +1,6 @@ #ident "$Header$" +#include #include #include #include diff --git a/org.glite.lb.server/src/notif_match.c b/org.glite.lb.server/src/notif_match.c index 1435e46..cdd376a 100644 --- a/org.glite.lb.server/src/notif_match.c +++ b/org.glite.lb.server/src/notif_match.c @@ -5,6 +5,7 @@ #include #include #include +#include #include "glite/lb/context-int.h" #include "glite/lb/trio.h" diff --git a/org.glite.lb.server/src/notification.c b/org.glite.lb.server/src/notification.c index 6328e1f..65d4e60 100644 --- a/org.glite.lb.server/src/notification.c +++ b/org.glite.lb.server/src/notification.c @@ -4,6 +4,7 @@ #include #include #include +#include #include "glite/wmsutils/jobid/strmd5.h" #include "glite/lb/trio.h" diff --git a/org.glite.lb.server/src/request.c b/org.glite.lb.server/src/request.c index cb84b1f..1e08608 100644 --- a/org.glite.lb.server/src/request.c +++ b/org.glite.lb.server/src/request.c @@ -3,6 +3,7 @@ #include #include #include +#include #include "glite/lb/il_string.h" #include "glite/lb/il_msg.h" diff --git a/org.glite.lb.server/src/server_state.c b/org.glite.lb.server/src/server_state.c index d2bf8f0..2f208b0 100644 --- a/org.glite.lb.server/src/server_state.c +++ b/org.glite.lb.server/src/server_state.c @@ -1,5 +1,7 @@ #ident "$Header$" +#include + #include "glite/lb/trio.h" #include "glite/lb/context-int.h" diff --git a/org.glite.lb.server/src/stats.c b/org.glite.lb.server/src/stats.c index 45d799d..c512e66 100644 --- a/org.glite.lb.server/src/stats.c +++ b/org.glite.lb.server/src/stats.c @@ -6,6 +6,7 @@ #include #include #include +#include #include "glite/lb/events.h" #include "glite/lb/jobstat.h" diff --git a/org.glite.lb.server/src/write2rgma.c b/org.glite.lb.server/src/write2rgma.c index f5aae86..a9f4ab0 100755 --- a/org.glite.lb.server/src/write2rgma.c +++ b/org.glite.lb.server/src/write2rgma.c @@ -9,6 +9,7 @@ #include #include #include +#include #include -- 1.8.2.3