📄 myproxy.c
字号:
/* It's ok if ERROR not present */ response->error_string = 0; len = convert_message(data, MYPROXY_ERROR_STRING, CONVERT_MESSAGE_ALLOW_MULTIPLE, &response->error_string); return_code = 0; goto error; } /* Parse any cred info in response */ /* start time */ if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_START_TIME_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len > 0) { /* credential info present */ response->info_creds = malloc(sizeof(struct myproxy_creds)); memset(response->info_creds, 0, sizeof(struct myproxy_creds)); switch(string_to_int(buf, &value)) { case STRING_TO_INT_SUCCESS: response->info_creds->start_time = value; break; case STRING_TO_INT_NONNUMERIC: verror_put_string("Non-numeric characters in CRED_START_TIME \"%s\"", buf); goto error; case STRING_TO_INT_ERROR: goto error; } if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_END_TIME_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len > 0) { switch(string_to_int(buf, &value)) { case STRING_TO_INT_SUCCESS: response->info_creds->end_time = value; break; case STRING_TO_INT_NONNUMERIC: verror_put_string("Non-numeric characters in CRED_END_TIME \"%s\"", buf); goto error; case STRING_TO_INT_ERROR: goto error; } } if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_CRED_NAME_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len > 0) response->info_creds->credname = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_CRED_DESC_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len > 0) response->info_creds->creddesc = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_CRED_OWNER_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) response->info_creds->owner_name = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_RETRIEVER_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) response->info_creds->retrievers = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_KEY_RETRIEVER_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) response->info_creds->keyretrieve = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_TRUSTED_RETRIEVER_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) response->info_creds->trusted_retrievers = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_RENEWER_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) response->info_creds->renewers = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", MYPROXY_LOCKMSG_STRING, NULL); if (len < 0) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) response->info_creds->lockmsg = strdup(buf); len = convert_message(data, MYPROXY_ADDITIONAL_CREDS_STRING, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) { /* addl credentials */ char **strs; struct myproxy_creds *cred = response->info_creds; len = parse_add_creds(buf, &strs, &num_creds); if (len == -1) { verror_put_string("Error parsing additional cred string"); goto error; } for (i = 0; i < num_creds; i++) { cred->next = malloc(sizeof(struct myproxy_creds)); cred = cred->next; memset(cred, 0, sizeof(struct myproxy_creds)); cred->credname = strdup(strs[i]); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_CRED_DESC_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->creddesc = strdup(buf); if (tmp) tmp[0]='\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_START_TIME_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len > 0) { switch(string_to_int(buf, &value)) { case STRING_TO_INT_SUCCESS: cred->start_time = value; break; case STRING_TO_INT_NONNUMERIC: verror_put_string("Non-numeric characters in CRED_START_TIME \"%s\"", buf); goto error; case STRING_TO_INT_ERROR: goto error; } } if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_END_TIME_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len > 0) { switch(string_to_int(buf, &value)) { case STRING_TO_INT_SUCCESS: cred->end_time = value; break; case STRING_TO_INT_NONNUMERIC: verror_put_string("Non-numeric characters in CRED_END_TIME \"%s\"", buf); goto error; case STRING_TO_INT_ERROR: goto error; } } if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_CRED_OWNER_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->owner_name = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_RETRIEVER_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->retrievers = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_KEY_RETRIEVER_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->keyretrieve = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_TRUSTED_RETRIEVER_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->trusted_retrievers = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_RENEWER_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->renewers = strdup(buf); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_CRED_PREFIX, "_", strs[i], "_", MYPROXY_LOCKMSG_STRING, NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (len >= 0) cred->lockmsg = strdup(buf); } /* de-allocate string-list from parse_add_creds() */ for (i=0; i < num_creds; i++) { free(strs[i]); } free(strs); } } len = convert_message(data, MYPROXY_AUTHORIZATION_STRING, CONVERT_MESSAGE_ALLOW_MULTIPLE, &buf); if (len > 0) { if (parse_auth_data(buf, &response->authorization_data)) { verror_put_string("Error parsing authorization data from server response"); goto error; } } len = convert_message(data, MYPROXY_TRUSTED_CERTS_STRING, CONVERT_MESSAGE_DEFAULT_FLAGS, &tmp); if (len > 0) { char *tok, *files; myproxy_certs_t *curr=NULL; files = strdup(tmp); for (tok = strtok(files, ","); tok; tok = strtok(NULL, ",")) { if (curr == NULL) { response->trusted_certs = curr = (myproxy_certs_t *)malloc(sizeof(myproxy_certs_t)); } else { curr->next = (myproxy_certs_t *)malloc(sizeof(myproxy_certs_t)); curr = curr->next; } memset(curr, 0, sizeof(myproxy_certs_t)); curr->filename = strdup(tok); myproxy_debug("got cert file: %s\n", curr->filename); if (tmp) tmp[0] = '\0'; len = my_append(&tmp, MYPROXY_FILEDATA_PREFIX, "_", tok, "=", NULL); if (len == -1) goto error; len = convert_message(data, tmp, CONVERT_MESSAGE_DEFAULT_FLAGS, &buf); if (len == -1) goto error; if (b64_decode(buf, &curr->contents) < 0) { verror_put_string("b64 decode failed!"); goto error; } /* myproxy_debug("contents:\n%s\n", curr->contents); */ } free(files); } /* Success */ return_code = 0; error: if (tmp) free(tmp); if (buf) free(buf); if (new_data) free(new_data); return return_code;}int myproxy_send(myproxy_socket_attrs_t *attrs, const char *data, const int datalen) { char error_string[1024]; assert(data != NULL); if (GSI_SOCKET_write_buffer(attrs->gsi_socket, data, datalen) == GSI_SOCKET_ERROR) { GSI_SOCKET_get_error_string(attrs->gsi_socket, error_string, sizeof(error_string)); verror_put_string("Error writing: %s\n", error_string); return -1; } return 0;}int myproxy_recv(myproxy_socket_attrs_t *attrs, char *data, const int datalen){ unsigned char *buffer = NULL; char error_string[1024]; size_t readlen; assert(data != NULL); if (GSI_SOCKET_read_token(attrs->gsi_socket, &buffer, &readlen) == GSI_SOCKET_ERROR) { GSI_SOCKET_get_error_string(attrs->gsi_socket, error_string, sizeof(error_string)); verror_put_string("Error reading: %s\n", error_string); return -1; } if (readlen > datalen) { memcpy(data, buffer, datalen); free(buffer); verror_put_string("Response was truncated\n"); return -2; } memcpy(data, buffer, readlen); free(buffer); return readlen;}intmyproxy_recv_ex(myproxy_socket_attrs_t *attrs, char **data){ size_t readlen; char error_string[1024]; if (GSI_SOCKET_read_token(attrs->gsi_socket, (unsigned char **)data, &readlen) == GSI_SOCKET_ERROR) { GSI_SOCKET_get_error_string(attrs->gsi_socket, error_string, sizeof(error_string)); verror_put_string("Error reading: %s\n", error_string); return -1; } return readlen;}intmyproxy_recv_response(myproxy_socket_attrs_t *attrs, myproxy_response_t *response){ int responselen; char *response_buffer = NULL; /* Receive a response from the server */ responselen = myproxy_recv_ex(attrs, &response_buffer); if (responselen < 0) { return(-1); } if (responselen == 0) { verror_put_string("Server closed connection.\n"); return(-1); } /* Make a response object from the response buffer */ if (myproxy_deserialize_response(response, response_buffer, responselen) < 0) { free(response_buffer); return(-1); } free(response_buffer); response_buffer = NULL; /* Check version */ if (strcmp(response->version, MYPROXY_VERSION) != 0) { verror_put_string("Error: Received invalid version number from server"); return(-1); } /* Check response */ switch(response->response_type) { case MYPROXY_ERROR_RESPONSE: verror_put_string("ERROR from server: %s", response->error_string); return(-1); break; case MYPROXY_OK_RESPONSE: case MYPROXY_AUTHORIZATION_RESPONSE: break; default: verror_put_string("Received unknown response type"); return(-1); break; } return 0;}int myproxy_recv_response_ex(myproxy_socket_attrs_t *socket_attrs, myproxy_response_t *server_response, myproxy_request_t *client_request){ do { if (myproxy_recv_response(socket_attrs, server_response) != 0) { return -1; } if (server_response->response_type == MYPROXY_AUTHORIZATION_RESPONSE) { if (myproxy_handle_authorization(socket_attrs, server_response, client_request) != 0) { return -1; } authorization_data_free(server_response->authorization_data); server_response->authorization_data = NULL; } } while (server_response->response_type == MYPROXY_AUTHORIZATION_RESPONSE); return 0;}int myproxy_handle_authorization(myproxy_socket_attrs_t *attrs, myproxy_response_t *server_response, myproxy_request_t *client_request){ myproxy_proto_response_type_t response_type; authorization_data_t *d = NULL; /* just pointer into server_response->authorization_data, no memory is allocated for this pointer */ int return_status = -1; char *buffer = NULL; int bufferlen; response_type = server_response->response_type; if (response_type == MYPROXY_AUTHORIZATION_RESPONSE) { /* Server wants authorization. Try the possibilities. */ if (client_request->authzcreds != NULL) { /* We have an AUTHZ cert. */ d = authorization_create_response( server_response->authorization_data, AUTHORIZETYPE_CERT, client_request->authzcreds, strlen(client_request->authzcreds) + 1); } else { verror_put_string("No credentials for renewal authorization."); }#if defined(HAVE_LIBSASL2) if (d == NULL) { /* No luck with AUTHORIZETYPE_CERT. Try SASL. */ d = authorization_create_response( server_response->authorization_data, AUTHORIZETYPE_SASL, "", 1); }#endif if (d == NULL) { /* No luck with previous methods. Try PASSWD. */ d = authorization_create_response( server_response->authorization_data, AUTHORIZETYPE_PASSWD, client_request->passphrase, strlen(client_request->passphrase) + 1); } if (d == NULL) { /* No acceptable methods found. */ verror_put_string("Unable to respond to server's authentication challenge."); goto end; } buffer = malloc(d->client_data_len + sizeof(int)); if (!buffer) { verror_put_string("malloc() failed"); goto end; } (*buffer) = d->method; bufferlen = d->client_data_len + sizeof(int); memcpy(buffer + sizeof(int), d->client_data, d->client_data_len); /* Send the authorization data to the server */ if (myproxy_send(attrs, buffer, bufferlen) < 0) { goto end; } #if defined(HAVE_LIBSASL2) /* SASL method requires more negotiation. */ if (d->method == AUTHORIZETYPE_SASL) { if (auth_sasl_negotiate_client(attrs, client_request) < 0) goto end; }#endif } return_status = 0;end: if (buffer) free(buffer); return return_status;}voidmyproxy_free(myproxy_socket_attrs_t *attrs, myproxy_request_t *request, myproxy_response_t *response){ if (attrs != NULL) { if (attrs->pshost != NULL) free(attrs->pshost); GSI_SOCKET_destroy(attrs->gsi_socket); close(attrs->socket_fd); free(attrs); } if (request != NULL) { if (request->version != NULL) free(request->version); if (request->username != NULL) free(request->username); if (request->retrievers != NULL) free(request->retrievers); if (request->renewers != NULL)⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -