bind.c

来自「ftam等标准协议服务器和客户端的源代码。」· C语言 代码 · 共 958 行 · 第 1/2 页

/* bind.c - */

#ifndef	lint
static char *rcsid = "$Header: /xtel/isode/isode/quipu/dish/RCS/bind.c,v 9.0 1992/06/16 12:35:39 isode Rel $";
#endif

/* 
 * $Header: /xtel/isode/isode/quipu/dish/RCS/bind.c,v 9.0 1992/06/16 12:35:39 isode Rel $
 *
 *
 * $Log: bind.c,v $
 * Revision 9.0  1992/06/16  12:35:39  isode
 * Release 8.0
 *
 */

/*
 *				  NOTICE
 *
 *    Acquisition, use, and distribution of this module and related
 *    materials are subject to the restrictions of a license agreement.
 *    Consult the Preface in the User's Manual for the full terms of
 *    this agreement.
 *
 */


#include <signal.h>
#include "manifest.h"
#include "quipu/util.h"
#include <fcntl.h>
#include <sys/stat.h>
#include "quipu/dua.h"
#include "quipu/name.h"
#include "quipu/bind.h"
#include "quipu/dsp.h"
#include "quipu/ds_error.h"
#include "quipu/entry.h"
#include "quipu/read.h"
#include "tailor.h"
#include "pepsy.h"
#include "quipu/DAS-types.h"

#include "osisec-stub.h"

extern DN       fixed_pos;
DN	        user_name;

#define	OPT	(!frompipe || rps -> ps_byteno == 0 ? opt : rps)
#define	RPS	(!frompipe || opt -> ps_byteno == 0 ? rps : opt)
extern	char	frompipe;
extern	PS	opt, rps;

extern char	retpipe[],
		inbuf [],
		bound;

extern char	dad_flag;

extern int	dsap_ad;
extern unsigned	connect_time,
		cache_time;

extern Entry database_root;

static char	username [LINESIZE];
static char	password [LINESIZE];
static int	auth_type = DBA_AUTH_SIMPLE; 
static char	first_bind = TRUE;

char		neverefer = FALSE;

static struct ds_bind_arg bindarg;
static struct ds_bind_arg bindresult;
static struct ds_bind_error binderr;

static int 	main_dsa_id;
static int	referral_dsa;

#ifndef NO_STATS
extern LLog * log_stat;
#endif 
extern LLog * log_dsap;

extern int parent_pid;
static unsigned waiting = 0;

extern char *new_version();
extern unsigned long hash_passwd();
extern char *hash2str();
extern struct certificate *cert_cpy();
extern struct SecurityServices *dsap_security;
static int protect_password();
static int sign_bindarg();

/* ARGSUSED */
SFD alarm_sig (sd)
int sd;
{
SFD dish_quit ();

	if (frompipe && (parent_pid != 0))
		if (kill (parent_pid,0) == -1) {
			/* invoking shell gone - exit */
			dish_quit (SIGHUP);
		}
		

	if (bound) {
		(void) dap_unbind (main_dsa_id);
#ifndef NO_STATS
	LLOG (log_stat,LLOG_NOTICE,("Connection closed"));
#endif
		bound = FALSE;
		if (referral_dsa != 0) {
			(void) dap_unbind (referral_dsa);
			referral_dsa = 0;
		}
	}

	waiting += connect_time;
	if (frompipe && (waiting >= cache_time))
		dish_quit (SIGHUP);
		
	(void) signal (SIGALRM, alarm_sig);
	(void) alarm (connect_time);
}

set_alarm ()
{
	waiting = 0;
	(void) signal (SIGALRM, alarm_sig);
	(void) alarm (connect_time);
}

/* ARGSUSED */
SFD bind_sig (sd)
int sd;
{
extern jmp_buf  dish_env;

	ps_print (OPT,"Bind timeout\n");
	if (referral_dsa != 0) {
		referral_dsa = 0;
		dsap_ad = main_dsa_id;
	}
	longjmp (dish_env,1);
}

bind_alarm ()
{
	(void) signal (SIGALRM, bind_sig);
	(void) alarm (connect_time);
}

isnumeric (ptr)
char * ptr;
{
	if ((ptr == NULLCP) || (*ptr == 0))
		return FALSE;

	while (*ptr)
		if (! isdigit (*ptr++) )
			return FALSE;

	return TRUE;
}

call_bind (argc,argv)
int argc;
char ** argv;
{
int 	x;
char    noconnect = FALSE;
static  char    bdsa  [LINESIZE], save_bdsa[LINESIZE];
char   *save_address;
char   *save_name;
extern  char * dsa_address,
	     * myname;
FILE    *fp;
char    buf[BUFSIZ];
DN	newdn, dsadn;
extern  char * tailfile;
extern DN sequence_dn ();
char got_name = FALSE;
char got_pass = FALSE;

	bdsa[0] = 0;
	save_address = dsa_address;
	save_name = myname;

	for (x=1; x<argc; x++) {
		if (test_arg (argv[x], "-noconnect",3))
			noconnect = TRUE;
#ifdef PDU_DUMP
		else if (test_arg (argv[x], "-pdus",2)) {
			if (++x == argc) {
				ps_print (OPT,"PDU file name missing\n");
				Usage (argv[0]);
				return (NOTOK);
			}
			ps_printf (RPS,"Dumping PDUs in directory %s\n",argv[x]);
			pdu_dump_init (argv[x]);
		}
#endif		
 		else if (test_arg (argv[x], "-user",1)) {
			got_name = TRUE;
			if ((++x == argc) || (*argv[x] == '-')) {
				x--;
				*username = 0;
			} else
				(void) strcpy (username,argv[x]);
		} else if (test_arg (argv[x], "-pipe",2)) {
			if (strcmp (argv[0],"dish") == 0)
				ps_print (OPT,"Sorry... '-pipe' must be the first argument to dish.\n");
			else 
				Usage (argv[0]);
			return (NOTOK);
		} else if (test_arg (argv[x], "-norefer",3))
			neverefer = TRUE;
		else if (test_arg (argv[x], "-refer",1))
			neverefer = FALSE;
		/* these flags select the mode of authentication only */
		else if (test_arg (argv[x],"-noauthentication",3)) 
			auth_type = DBA_AUTH_NONE;
		else if (test_arg (argv[x], "-protected", 3))
			auth_type = DBA_AUTH_PROTECTED;
		else if (test_arg (argv[x], "-simple", 3))
			auth_type = DBA_AUTH_SIMPLE;
		else if (test_arg (argv[x], "-strong", 3))
			auth_type = DBA_AUTH_STRONG;
		/* -password sets the `key', whatever the mode  */
		else if (test_arg (argv[x], "-password",2)) {
			got_pass = TRUE;
			if ((++x == argc)  || (*argv[x] == '-')) {
				x--;
				*password = 0;
			} else {
				int i;
				(void) strcpy (password,argv[x]);
				for (i=0; i< (int)strlen(password) ; i++)
					if ( i < 4 )
						argv[x][i] = 'X';
					else
						argv[x][i] = 0;

			}
		} else if (test_arg (argv[x], "-call",1)) {
			if (++x == argc) {
				ps_print (OPT,"dsa name missing\n");
				Usage (argv[0]);
				return (NOTOK);
			}
			(void) strcpy (bdsa,argv[x]);
		} else {
			/* assume its the user name */
			if (got_name) {
				ps_print (OPT,"One user name only please!\n");
				Usage (argv[0]);
				return (NOTOK);
			} 
			got_name = TRUE;
			(void) strcpy (username,argv[x]);
			if (*username == '-') {
				ps_printf (OPT,"Unknown option %s\n",username);
				username[0] = 0;
				Usage (argv[0]);
				return (NOTOK);
			}
		}
	}


	if (noconnect)
		return (OK);

	if (isnumeric (username)) {
	    PS	    ps;

	    if ((newdn = sequence_dn (atoi (username))) == NULLDN) {
		ps_printf (OPT,"Invalid sequence in username %s\n",username);
		Usage (argv[0]);
		return (NOTOK);
	    }
	    if ((ps = ps_alloc (str_open)) == NULLPS) {
		ps_printf (OPT, "Unable to expand sequence: out of memory\n");
		return NOTOK;
	    }
	    if (str_setup (ps, username, sizeof username - 2, 1) == NOTOK) {
		ps_printf (OPT, "Unable to expand sequence: %s\n",
			   ps_error (ps -> ps_errno));
		ps_free (ps);
		return NOTOK;
	    }
	    dn_print (ps, newdn, EDBOUT);
	    ps_print (ps, " ");
	    *--ps -> ps_ptr = NULL, ps -> ps_cnt++;

	    ps_free (ps);
	}
	else
	    newdn = NULLDN;

	if ((got_name && ! got_pass) || (*password == 0)) {
		bindarg.dba_passwd_len = 0;
		bindarg.dba_passwd[0]  = 0;
		if ((*username != 0) && (auth_type != DBA_AUTH_NONE)) {
			get_password (username, password);
			(void) strcpy(&bindarg.dba_passwd[0], password);
			bindarg.dba_passwd_len = strlen	(&bindarg.dba_passwd[0]);
		}
	} else {
		bindarg.dba_passwd_len = strlen (password);
		(void) strcpy (bindarg.dba_passwd, password);
	}

	if ((bindarg.dba_passwd_len == 0) && (auth_type != DBA_AUTH_STRONG))
		auth_type = DBA_AUTH_NONE;

	if (*username == 0) {
		bindarg.dba_dn = NULLDN;
		/* Don't need credentials to bind as NULLDN! */
		auth_type = DBA_AUTH_NONE;
	}
	else
		if (newdn)
		    bindarg.dba_dn = dn_cpy (newdn);
	    	else {
		    if ((bindarg.dba_dn = str2dn (username[0] != '@' ? username
								  : username + 1))
			    == NULLDN) {
			ps_printf (OPT,"Invalid DN for username: %s\n",username);
			Usage (argv[0]);
			return (NOTOK);
		    }
		}

	/* prepare credentials */
	bindarg.dba_auth_type = auth_type;
	switch (auth_type) {
	case DBA_AUTH_NONE:
	case DBA_AUTH_SIMPLE:
		break;
	case DBA_AUTH_PROTECTED: 
		protect_password();
		break;
	case DBA_AUTH_STRONG:
		if (sign_bindarg() != OK)
			bindarg.dba_auth_type = DBA_AUTH_NONE;
		break;
	}

	if (isnumeric (bdsa) && (dsadn = sequence_dn (atoi (bdsa)))) {
	    PS	ps;

	    dsadn = dn_cpy (dsadn);
	    if ((ps = ps_alloc (str_open)) == NULLPS) {
		ps_printf (OPT, "Unable to expand sequence: out of memory\n");
		return NOTOK;
	    }
	    if (str_setup (ps, bdsa, sizeof bdsa - 2, 1) == NOTOK) {
		ps_printf (OPT, "Unable to expand sequence: %s\n",
			   ps_error (ps -> ps_errno));
		ps_free (ps);
		return NOTOK;
	    }
	    dn_print (ps, dsadn, EDBOUT);
	    ps_print (ps, " ");
	    *--ps -> ps_ptr = NULL, ps -> ps_cnt++;

	    ps_free (ps);
	}
	else {
	    int	    old_ppe;
	    extern int print_parse_errors;

	    old_ppe = print_parse_errors, print_parse_errors = FALSE;
	    dsadn = *bdsa == '@' && index (bdsa + 1, '=') ? str2dn (bdsa + 1)
							  : NULLDN;
	    print_parse_errors = old_ppe;
	}

	if (dsadn) {
	    int	    gotit = 0;
	    Entry   e;
	    static AttributeType t_addr = NULL;

	    if (!t_addr && !(t_addr = str2AttrT ("presentationAddress")))
		fatal (-100, "presentationAddress: invalid attribute type");

	    if ((!(e = local_find_entry (dsadn, FALSE)) || !e -> e_lock)
		    && bound
		    && rebind () == OK) {
		struct ds_read_arg read_arg;
		struct ds_read_result read_result;
		struct DSError read_error;

		bzero ((char *) &read_arg, sizeof read_arg);

		read_arg.rda_object = dsadn;

		(void) service_control (OPT, 0, NULLVP, &read_arg.rda_common);

		read_arg.rda_eis.eis_allattributes = FALSE;
		read_arg.rda_eis.eis_select = as_comp_new (AttrT_cpy (t_addr),
							   NULLAV,
							   NULLACL_INFO);
		read_arg.rda_eis.eis_infotypes = EIS_ATTRIBUTESANDVALUES;

		if (ds_read (&read_arg, &read_error, &read_result) == DS_OK) {
		    cache_entry (&read_result.rdr_entry,
				 read_arg.rda_eis.eis_allattributes,
				 read_arg.rda_eis.eis_infotypes);
		    entryinfo_comp_free (&read_result.rdr_entry, 0);
		    e = local_find_entry (dsadn, FALSE);
		}
	    }

	    if (e) {
		Attr_Sequence attr;
		AV_Sequence avseq;

		for (attr = e -> e_attributes; attr; attr = attr -> attr_link)
		    if (AttrT_cmp (attr -> attr_type, t_addr) == 0)
			break;
		if (attr && (avseq = attr -> attr_value)) {
		    static char dsaddr[BUFSIZ];

		    (void) strcpy (myname = save_bdsa, bdsa);
		    (void) strcpy (dsa_address = dsaddr,
				   paddr2str ((struct PSAPaddr *)
					          avseq -> avseq_av.av_struct,
					      NULLNA));
		    gotit++;
		}
	    }
	    if (!gotit) {
		ps_printf (OPT,
			   "Unable to determine presentation address for @");
		dn_print (OPT, dsadn, EDBOUT);
		ps_printf (OPT, "\n");
		return NOTOK;
	    }
	    
	    dn_free (dsadn), dsadn = NULL;
	}
	else
	/* now set dsa_address */
	if (bdsa[0] != 0) {
	        (void) strcpy (myname = save_bdsa, bdsa);
		dsa_address = NULLCP;

		/* read tailor file to get address */
		
		if( (fp = fopen(isodefile(tailfile, 0), "r")) == (FILE *)NULL) {
			LLOG (log_dsap,LLOG_FATAL,("can't open %s",tailfile));
			fatal (-72, "Cannot open tailor file");
		}

		while(fgets(buf, sizeof(buf), fp) != NULLCP)
			if ( (*buf != '#') && (*buf != '\n') )
				/* not a comment or blank */
				if (tai_string (buf) == NOTOK)
					DLOG (log_dsap,LLOG_DEBUG,("tai_string failed %s",buf));

		(void) fclose(fp);
		
		if (dsa_address == NULLCP)
			dsa_address = myname;
	}

	if (bound) 
		(void) ds_unbind ();
		
	bound = FALSE;
	first_bind = FALSE;

	binderr.dbe_value = 0;
	bind_alarm ();