myproxy.c

代理服务器源代码 供大家学习使用,希望大家喜欢

    }

    /* passphrase */
    len = convert_message(data,
			  MYPROXY_PASSPHRASE_STRING, 
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
                          &buf);

    if (len <= -1) 
    {
	verror_prepend_string("Error parsing passphrase from client request");
	goto error;
    }
    
    /* XXX request_passphrase is a static buffer. Why? */
    strncpy(request->passphrase, buf, sizeof(request->passphrase));

    /* new passphrase (for change passphrase only) */
    len = convert_message(data,
			  MYPROXY_NEW_PASSPHRASE_STRING, 
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -1) 
    {
	verror_prepend_string("Error parsing passphrase from client request");
	goto error;
    }
    else
    	if (len == -2)
		request->new_passphrase[0] = '\0';
	else
		strncpy (request->new_passphrase, buf, sizeof(request->new_passphrase));
    
    /* lifetime */
    len = convert_message(data,
			  MYPROXY_LIFETIME_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
                          &buf);
    if (len <= -1)
    {
	verror_prepend_string("Error parsing lifetime from client request");
	goto error;
    }
    
    if (parse_string(buf, &request->proxy_lifetime) == -1)
    {
	goto error;
    }

    /* retriever */
    len = convert_message(data,
			  MYPROXY_RETRIEVER_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found*/
       request->retrievers = NULL;
    else
    if (len <= -1)
    {
	verror_prepend_string("Error parsing retriever from client request");
	goto error;
    }
    else
    {
      request->retrievers = strdup(buf);

      if (request->retrievers == NULL)
      {
	verror_put_errno(errno);
	goto error;
      }
    }


    /* renewer */
    len = convert_message(data,
			  MYPROXY_RENEWER_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found*/
       request->renewers = NULL;
    else
       if (len <= -1)
       {
 	verror_prepend_string("Error parsing renewer from client request");
	goto error;
       }
       else
       {
         request->renewers = strdup(buf);
    
         if (request->renewers == NULL)
         {
	  verror_put_errno(errno);
	  goto error;
         }
       }

    /* credential name */
    if (tmp) tmp[0] = '\0';
    len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", 
		    MYPROXY_CRED_NAME_STRING, NULL);

    if (len == -1) {
	goto error;
    }
				
    len = convert_message(data,
			  tmp, CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found - assign default*/
	request->credname = NULL;
    else
       if (len <= -1)
       {
 	verror_prepend_string("Error parsing credential name from client request");
	goto error;
       }
       else
       {
         request->credname = strdup(buf);
    
         if (request->credname == NULL)
         {
	  verror_put_errno(errno);
	  goto error;
         }
       }

    /* credential description */
    if (tmp) tmp[0] = '\0';
    len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_",
		    MYPROXY_CRED_DESC_STRING, NULL);

    len = convert_message(data,
			  tmp, CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found*/
	request->creddesc = NULL;
    else
       if (len <= -1)
       {
 	verror_prepend_string("Error parsing credential description from client request");
	goto error;
       }
       else
       {
         request->creddesc = strdup(buf);
    
         if (request->creddesc == NULL)
         {
	  verror_put_errno(errno);
	  goto error;
         }
       }

    /* key retriever */
    len = convert_message(data,
			  MYPROXY_KEY_RETRIEVER_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found*/
       request->keyretrieve = NULL;
    else
    if (len <= -1)
    {
	verror_prepend_string("Error parsing key retriever from client request");
	goto error;
    }
    else
    {
      request->keyretrieve = strdup(buf);

      if (request->keyretrieve == NULL)
      {
	verror_put_errno(errno);
	goto error;
      }
    }

    /* trusted retriever */
    len = convert_message(data,
			  MYPROXY_TRUSTED_RETRIEVER_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found*/
       request->trusted_retrievers = NULL;
    else
    if (len <= -1)
    {
	verror_prepend_string("Error parsing trusted retrievers from client request");
	goto error;
    }
    else
    {
      request->trusted_retrievers = strdup(buf);

      if (request->trusted_retrievers == NULL)
      {
	verror_put_errno(errno);
	goto error;
      }
    }

    /* trusted root certificates */
    len = convert_message(data,
			  MYPROXY_TRUSTED_CERTS_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);

    if (len == -2)  /*-2 indicates string not found*/
       request->want_trusted_certs = 0;
    else
    if (len <= -1)
    {
	verror_prepend_string("Error parsing TRUSTED_CERTS in client request");
	goto error;
    }
    else
    {
	if (string_to_int(buf, &request->want_trusted_certs) !=
	    STRING_TO_INT_SUCCESS) {
	    verror_prepend_string("Error parsing TRUSTED_CERTS in client request");
	    goto error;
	}
    }

    /* Success */
    return_code = 0;

 error:
    if (tmp) free(tmp);
    if (buf) free(buf);
    if (new_data) free(new_data);

    return return_code;
} 

int
myproxy_serialize_response(const myproxy_response_t *response, 
                           char *data, const int datalen) 
{
    int len;
    char *buf = NULL;

    assert(data != NULL);
    assert(datalen > 0);

    len = myproxy_serialize_response_ex(response, &buf);
    if (len <= 0) {
	if (buf) free(buf);
	return len;
    }
    if (len >= datalen) {
	verror_put_string("Buffer size exceeded in myproxy_serialize_response().");
	if (buf) free(buf);
	return -1;
    }
    memcpy(data, buf, len);
    free(buf);
    return len;
}

int
myproxy_serialize_response_ex(const myproxy_response_t *response, 
			      char **data) 
{
    int len;
    authorization_data_t **p;
    const char *response_string;
    
    assert(data != NULL);
    assert(response != NULL);

    if (*data) (*data)[0] = '\0';

    /*Version*/    
    len = my_append(data, MYPROXY_VERSION_STRING,
		    response->version, "\n", NULL);
    if (len < 0)
        return -1;
    
    response_string = encode_response((myproxy_proto_response_type_t) response->response_type);

    /*Response string*/
    if (response_string == NULL) {
	return -1;
    }
    
    len = my_append(data, MYPROXY_RESPONSE_TYPE_STRING, 
		    response_string, "\n", NULL);
    if (len < 0)
        return -1;
    
    /*Authorization data*/
    if ((p = response->authorization_data)) {
       while (*p) {
	  len = my_append(data, MYPROXY_AUTHORIZATION_STRING,
			  authorization_get_name((*p)->method), ":", 
			  (*p)->server_data, "\n", NULL);
	  if (len < 0)
	     return -1;
	  p++;
       }
    }

    /* Include credential info in OK response to INFO request */
    if (response->response_type == MYPROXY_OK_RESPONSE &&
	response->info_creds) {
	int first_cred = 1;
	myproxy_creds_t *cred;
	char date[40];
	for (cred = response->info_creds; cred != NULL; cred = cred->next) {
	    /* Include name on first cred only.  Other creds are indexed by
	       name, so there is no need for an additional name field. */
	    if (cred->credname && first_cred) {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", MYPROXY_CRED_NAME_STRING,
				cred->credname, "\n", NULL);
		if (len == -1)
		    goto error;
	    }
	    assert(cred->credname || first_cred);
	    if (cred->creddesc) {
		if (first_cred) {
		    len = my_append(data, 
				    MYPROXY_CRED_PREFIX,
				    "_", MYPROXY_CRED_DESC_STRING,
				    cred->creddesc, "\n", NULL);
		} else {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", cred->credname,
				    "_", MYPROXY_CRED_DESC_STRING,
				    cred->creddesc, "\n", NULL);
		}
		if (len == -1)
		    goto error;
	    }
	    sprintf(date, "%lu",  cred->start_time);
	    if (first_cred) {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", MYPROXY_START_TIME_STRING, 
				date, "\n", NULL);
	    } else {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", cred->credname,
				"_", MYPROXY_START_TIME_STRING, 
				date, "\n", NULL);
	    }
	    if (len == -1)
		goto error;
	    sprintf(date, "%lu", cred->end_time);
	    if (first_cred) {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", MYPROXY_END_TIME_STRING, 
				date, "\n", NULL);
	    } else {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", cred->credname,
				"_", MYPROXY_END_TIME_STRING, 
				date, "\n", NULL);
	    }
	    if (len == -1)
		goto error;
	    if (first_cred) {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", MYPROXY_CRED_OWNER_STRING,
				cred->owner_name, "\n", NULL);
	    } else {
		len = my_append(data, MYPROXY_CRED_PREFIX,
				"_", cred->credname,
				"_", MYPROXY_CRED_OWNER_STRING,
				cred->owner_name, "\n", NULL);
	    }
	    if (len == -1)
		goto error;
	    if (cred->retrievers) {
		if (first_cred) {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", MYPROXY_RETRIEVER_STRING,
				    cred->retrievers, "\n", NULL);
		} else {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", cred->credname,
				    "_", MYPROXY_RETRIEVER_STRING,
				    cred->retrievers, "\n", NULL);
		}
		if (len == -1)
		    goto error;
	    }	
	    if (cred->keyretrieve) {
		if (first_cred) {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", MYPROXY_KEY_RETRIEVER_STRING,
				    cred->keyretrieve, "\n", NULL);
		} else {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", cred->credname,
				    "_", MYPROXY_KEY_RETRIEVER_STRING,
				    cred->keyretrieve, "\n", NULL);
		}
		if (len == -1)
		    goto error;
	    }	
	    if (cred->trusted_retrievers) {
		if (first_cred) {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", MYPROXY_TRUSTED_RETRIEVER_STRING,
				    cred->trusted_retrievers, "\n", NULL);
		} else {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", cred->credname,
				    "_", MYPROXY_TRUSTED_RETRIEVER_STRING,
				    cred->trusted_retrievers, "\n", NULL);
		}
		if (len == -1)
		    goto error;
	    }	
	    if (cred->renewers) {
		if (first_cred) {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", MYPROXY_RENEWER_STRING,
				    cred->renewers, "\n", NULL);
		} else {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", cred->credname,
				    "_", MYPROXY_RENEWER_STRING,
				    cred->renewers, "\n", NULL);
		}
		if (len == -1)
		    goto error;
	    }
	    if (cred->lockmsg) {
		char *newline;
		newline = strchr(cred->lockmsg, '\n');
		if (newline) {
		    *newline = '\0'; /* only send first line */
		}
		if (first_cred) {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", MYPROXY_LOCKMSG_STRING,
				    cred->lockmsg, "\n", NULL);
		} else {
		    len = my_append(data,
				    MYPROXY_CRED_PREFIX,
				    "_", cred->credname,
				    "_", MYPROXY_LOCKMSG_STRING,
				    cred->lockmsg, "\n", NULL);
		}
		if (newline) {
		    *newline = '\n';
		}
		if (len == -1)
		    goto error;
	    }
	    first_cred = 0;
	}
	if (response->info_creds->next) {
	    len = my_append(data,
			    MYPROXY_ADDITIONAL_CREDS_STRING, NULL);
	    if (len < 0)
		return -1;
	    for (cred = response->info_creds->next;
		 cred != NULL;
		 cred = cred->next) {
		if (cred->next) {
		    len = my_append(data, cred->credname,
				    "," , NULL);
		} else {
		    len = my_append(data, cred->credname,
				    NULL);
		}
		if (len < 0)
		    return -1;
	    }
	    len = my_append(data, 
			    "\n", NULL);
	    if (len < 0)
		return -1;
	}
    }

    /* Only add error string(s) if necessary */
    if (response->response_type == MYPROXY_ERROR_RESPONSE) {
	char *start, *end;
	/* send each line individually */
	for (start=response->error_string;
	     (end = strchr(start, '\n')) != NULL;
	     start = end+1) {
	    *end = '\0';
	    len = my_append(data, MYPROXY_ERROR_STRING,
			    start, "\n", NULL);
	    if (len < 0) return -1;
	}
	/* send the last line */
	if (start[0] != '\0') {
	    len = my_append(data, MYPROXY_ERROR_STRING,
			    start, "\n", NULL);
	    if (len < 0) return -1;
	}
    }

    /* Include trusted certificates */
    if (response->trusted_certs) {
	myproxy_certs_t *cert;

	len = my_append(data, MYPROXY_TRUSTED_CERTS_STRING,
			NULL);
	if (len < 0)
	    return -1;

	for (cert = response->trusted_certs; cert; cert = cert->next) {
	    if (cert->next) {
		len = my_append(data, cert->filename,
				"," , NULL);
	    } else {
		len = my_append(data, cert->filename,
				NULL);
	    }	    
	    if (len < 0)
		return -1;
	}
	len = my_append(data, "\n", NULL);
	if (len < 0)
	    return -1;
	
	
	for (cert = response->trusted_certs; cert; cert = cert->next) {
	    char *b64data;
	    if (b64_encode(cert->contents, &b64data) < 0) {
		goto error;
	    }
	    /* myproxy_debug("got b64:\n%s\n", b64data); */
	    len = my_append(data, MYPROXY_FILEDATA_PREFIX,
			    "_", cert->filename, "=",
			    b64data,
			    "\n", NULL);
	    free(b64data);

	    if (len < 0)
		return -1;
	}
    }

    /* myproxy_debug("sending %s\n", data); */

    return len+1;

    error:
    	return -1;
}


int
myproxy_deserialize_response(myproxy_response_t *response,
                             const char *data, const int datalen) 
{
    int len, return_code = -1;
    int value, i, num_creds;
    char *tmp=NULL, *buf=NULL, *new_data=NULL;

    assert(response != NULL);
    assert(data != NULL);

    /* if the input data isn't null terminated, fix it now. */
    if (data[datalen-1] != '\0') {
	new_data = malloc(datalen+1);
	memcpy(new_data, data, datalen);
	new_data[datalen] = '\0';
	data = new_data;
    }

    if (response->authorization_data) {
	free(response->authorization_data);
	response->authorization_data = NULL;
    }

    /* myproxy_debug("received %s\n", data); */

    len = convert_message(data,
			  MYPROXY_VERSION_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);
    if (len < 0) {
	goto error;
    }
    if (response->version) {
	free(response->version);
    }
    response->version = strdup(buf);
    if (response->version == NULL) {
	verror_put_errno(errno);
	goto error;
    }

    len = convert_message(data,
			  MYPROXY_RESPONSE_TYPE_STRING,
			  CONVERT_MESSAGE_DEFAULT_FLAGS,
			  &buf);
    if (len < 0) {
	goto error;
    }

    if (parse_response_type(buf,
			    &response->response_type) == -1) {
	goto error;
    }

    if (response->response_type == MYPROXY_ERROR_RESPONSE) {