lcmaps: lcmaps_credential.c Source File

00001 /*                                                                                                            
00002  * Copyright (c) Members of the EGEE Collaboration. 2004.
00003  * See http://eu-egee.org/partners/ for details on the copyright holders.
00004  * For license conditions see the license file or
00005  * http://eu-egee.org/license.html
00006  */
00007 
00018 #ifndef LCMAPS_CREDENTIAL_C
00019 #define LCMAPS_CREDENTIAL_C
00020 
00021 /******************************************************************************
00022                              Include header files
00023 ******************************************************************************/
00024 #include "lcmaps_config.h"
00025 #include <stdio.h>
00026 #include <stdlib.h>
00027 #include <string.h>
00028 
00029 #ifdef LCMAPS_GSI_MODE
00030 #   include <gssapi.h>
00031 #   include "gsi_handling/_lcmaps_gsi_utils.h"
00032 #   include "gsi_handling/_lcmaps_voms_attributes.h"
00033 #endif
00034 #include "_lcmaps_credential.h"
00035 
00036 /* LCMAPS includes */
00037 #include "lcmaps_log.h"
00038 
00039 #ifdef LCMAPS_GSI_MODE
00040 
00041 /******************************************************************************
00042 Function:       lcmaps_credential_store_gss_cred_id_t()
00043 Description:    Fill credential with gss_cred_id_t (internally gsi credential)
00044                 If the lcmaps credential does not yet contain the DN,
00045                 try to retrieve it from the gss credential.
00046                 If the lcmaps credential does not yet contain VOMS
00047                 attributes, try to retrieve them from the gss credential.
00048 Parameters:
00049                 gss_credential:     gss credential (internally gsi credential)
00050                 plcmaps_credential: pointer to lcmaps_credential
00051 Returns:        0:  succes
00052                 1:  failed to retrieve DN from gss_credential
00053                 2:  failed to retrieve VOMS attributes, because the proxy does not
00054                     contain them (VERR_NOEXT)
00055                 3:  error in retrieving VOMS attributes.
00056                 -1: failure, because lcmaps_credential does not exist
00057 ******************************************************************************/
00058 int lcmaps_credential_store_gss_cred_id_t(
00059         gss_cred_id_t      gss_credential,
00060         lcmaps_cred_id_t * plcmaps_credential
00061 )
00062 {
00063     char * logstr = "lcmaps.mod-lcmaps_credential_store_gss_cred_id_t()";
00064 
00065     if (plcmaps_credential == NULL)
00066     {
00067         return -1;
00068     }
00069     /* Fill credential */
00070     plcmaps_credential->cred = gss_credential;
00071 
00072     /* Check if the user DN has been filled. If not, try to extract it */
00073     if ((plcmaps_credential->dn == NULL) && (gss_credential != GSS_C_NO_CREDENTIAL))
00074     {
00075         if ((plcmaps_credential->dn = lcmaps_gss_cred_to_dn(gss_credential)) == NULL)
00076         {
00077             return 1;
00078         }
00079     }
00080 
00081     /* Check if the VOMS attributes have been filled. If not, try to extract them */
00082     if ((plcmaps_credential->fqan == NULL) && (gss_credential != GSS_C_NO_CREDENTIAL))
00083     {
00084         if ( (plcmaps_credential->fqan = lcmaps_gss_cred_to_voms_fqans(
00085                                             gss_credential,
00086                                             &(plcmaps_credential->nfqan)
00087                                         ) ) == NULL)
00088         {
00089             if (plcmaps_credential->nfqan == 0)
00090             {
00091                 lcmaps_log_debug(1, "%s: No FQANs found in gss credentials\n", logstr);
00092                 return 2;
00093             }
00094             else
00095             {
00096                 lcmaps_log_debug(1, "%s: Error retrieving VOMS attributes\n", logstr);
00097                 return 3;
00098             }
00099         }
00100     }
00101     return 0;
00102 }
00103 
00104 /******************************************************************************
00105 Function:       lcmaps_credential_get_gss_cred_id_t()
00106 Description:    returns gss credential (internally gsi credential)
00107 Parameters:
00108                 lcmaps_credential: lcmaps_credential
00109 Returns:        gss credential
00110 ******************************************************************************/
00111 gss_cred_id_t lcmaps_credential_get_gss_cred_id_t(
00112         lcmaps_cred_id_t lcmaps_credential
00113 )
00114 {
00115     return (lcmaps_credential.cred);
00116 }
00117 
00118 /******************************************************************************
00119 Function:       lcmaps_credential_store_gss_ctx_id_t()
00120 Description:    Fill credential with gss_ctx_id_t (gss security context)
00121 Parameters:
00122                 gss_context:        gss security context
00123                 plcmaps_credential: pointer to lcmaps_credential
00124 Returns:        0: succes
00125                 1: failure
00126 ******************************************************************************/
00127 int lcmaps_credential_store_gss_ctx_id_t(
00128         gss_ctx_id_t       gss_context,
00129         lcmaps_cred_id_t * plcmaps_credential
00130 )
00131 {
00132     return 1;
00133 }
00134 
00135 /******************************************************************************
00136 Function:       lcmaps_credential_get_gss_ctx_id_t()
00137 Description:    returns gss security context
00138 Parameters:
00139                 lcmaps_credential: lcmaps_credential
00140 Returns:        gss security context
00141 ******************************************************************************/
00142 gss_ctx_id_t lcmaps_credential_get_gss_ctx_id_t(
00143         lcmaps_cred_id_t lcmaps_credential
00144 )
00145 {
00146     return (lcmaps_credential.context);
00147 }
00148 
00149 #endif /* LCMAPS_GSI_MODE */
00150 
00151 
00152 /******************************************************************************
00153 Function:       lcmaps_credential_store_dn()
00154 Description:    Fill credential with dn
00155 Parameters:
00156                 dn:                 distinguished name
00157                 plcmaps_credential: pointer to lcmaps_credential
00158 Returns:        0: succes
00159                 1: failed to fill dn
00160                 -1: failure, because lcmaps_credential does not exist
00161 ******************************************************************************/
00162 int lcmaps_credential_store_dn(
00163         char *             dn,
00164         lcmaps_cred_id_t * plcmaps_credential
00165 )
00166 {
00167     if (plcmaps_credential == NULL)
00168     {
00169         lcmaps_log(0,"lcmaps.mod-lcmaps_credential_store_dn(): Create lcmaps_cred_id_t first!\n");
00170         return -1;
00171     }
00172 
00173     /* DN may have already been filled, from gss_credential */
00174     if (plcmaps_credential->dn == NULL)
00175     {
00176         if (dn != NULL)
00177         {
00178             plcmaps_credential->dn = strdup(dn);
00179         }
00180         else /* dn is empty and lcmaps_cred_id_t has not been filled with otherwise */
00181         {
00182             lcmaps_log(0,"lcmaps.mod-lcmaps_credential_store_dn(): Cannot fill empty DN\n");
00183             return 1;
00184         }
00185     }
00186     return 0;
00187 }
00188 
00189 /******************************************************************************
00190 Function:       lcmaps_credential_get_dn()
00191 Description:    returns user dn
00192 Parameters:
00193                 lcmaps_credential: lcmaps_credential
00194 Returns:        user dn
00195 ******************************************************************************/
00196 char * lcmaps_credential_get_dn(
00197         lcmaps_cred_id_t lcmaps_credential
00198 )
00199 {
00200     return (lcmaps_credential.dn);
00201 }
00202 
00203 /******************************************************************************
00204 Function:       lcmaps_credential_store_fqan_list()
00205 Description:    Fill credential with list of FQANs
00206 Parameters:
00207                 nfqan:              number of elements of the FQAN list
00208                 fqan_list:          FQAN list (list of strings)
00209                 plcmaps_credential: pointer to lcmaps_credential
00210 Returns:        0: succes
00211                 1: failure, because the presented fqan list is malformed
00212                 2: failure, because of a malloc error
00213                 -1: failure, because lcmaps_credential does not exist
00214 ******************************************************************************/
00215 int lcmaps_credential_store_fqan_list(
00216         int                nfqan,
00217         char **            fqan_list,
00218         lcmaps_cred_id_t * plcmaps_credential
00219 )
00220 {
00221     int     i    = 0;
00222     char *  fqan = NULL;
00223 
00224     if (plcmaps_credential == NULL)
00225     {
00226         lcmaps_log(0,"lcmaps.mod-lcmaps_credential_store_dn(): Create lcmaps_cred_id_t first!\n");
00227         return -1;
00228     }
00229 
00230     /* Check if a FQAN list exists already. If so, return happily */
00231     if ( (plcmaps_credential->fqan == NULL) && (nfqan > 0) )
00232     {
00233         plcmaps_credential->nfqan = nfqan;
00234         plcmaps_credential->fqan = (char **) malloc(nfqan * sizeof(char *));
00235         if (plcmaps_credential->fqan == NULL) /* malloc error */
00236         {
00237             lcmaps_log(0,"lcmaps.mod-lcmaps_credential_store_fqan_list(): Malloc error!\n");
00238             return 2;
00239         }
00240         for (i = 0; i < nfqan; i++)
00241         {
00242             if ((fqan = fqan_list[i]) != NULL)
00243             {
00244                 if ( ((plcmaps_credential->fqan)[i] = strdup(fqan)) == NULL)
00245                 {
00246                     lcmaps_log(0,"lcmaps.mod-lcmaps_credential_store_fqan_list(): Malloc error!\n");
00247                     return 2;
00248                 }
00249             }
00250             else
00251             {
00252                 lcmaps_log(0,"lcmaps.mod-lcmaps_credential_store_fqan_list(): malformed fqan list\n");
00253                 return 1;
00254             }
00255         }
00256     }
00257     return 0;
00258 }
00259 
00260 /******************************************************************************
00261 Function:       lcmaps_credential_get_fqan_list()
00262 Description:    returns the list of FQANs and number of elements
00263 Parameters:
00264                 pnfqan:            pointer to the number of FQANs in the list
00265                 lcmaps_credential: lcmaps_credential
00266 Returns:        list of FQANs
00267 ******************************************************************************/
00268 char ** lcmaps_credential_get_fqan_list(
00269         int *            pnfqan,
00270         lcmaps_cred_id_t lcmaps_credential
00271 )
00272 {
00273     *pnfqan = lcmaps_credential.nfqan;
00274     return (lcmaps_credential.fqan);
00275 }
00276 
00277 /******************************************************************************
00278 Function:       lcmaps_credential_init()
00279 Description:    initialize the lcmaps_cred_id_t: set the member values to
00280                 the default values
00281 Parameters:
00282                 plcmaps_credential: pointer to lcmaps_credential
00283 Returns:        0:  succes
00284                 1:  failed to set the member values
00285                 -1: failure, because lcmaps_credential does not exist
00286 ******************************************************************************/
00287 int lcmaps_credential_init(
00288         lcmaps_cred_id_t * plcmaps_credential
00289 )
00290 {
00291     if (plcmaps_credential == NULL)
00292     {
00293         lcmaps_log(0,"lcmaps.mod-lcmaps_credential_init(): Create lcmaps_cred_id_t first!\n");
00294         return -1;
00295     }
00296 #ifdef LCMAPS_GSI_MODE
00297     plcmaps_credential->cred    = GSS_C_NO_CREDENTIAL;
00298     plcmaps_credential->context = GSS_C_NO_CONTEXT;
00299 #endif
00300     plcmaps_credential->dn      = (char *) NULL;
00301     plcmaps_credential->fqan    = (char **) NULL;
00302     plcmaps_credential->nfqan   = -1;
00303 
00304     return 0;
00305 }
00306 
00307 /******************************************************************************
00308 Function:       lcmaps_release_cred()
00309 Description:    release lcmaps credential
00310 Parameters:
00311                 plcmaps_credential: pointer to lcmaps_credential
00312 Returns:        0: succes
00313                 1: failure
00314 ******************************************************************************/
00315 int lcmaps_release_cred(
00316         lcmaps_cred_id_t * plcmaps_credential
00317 )
00318 {
00319     int i = 0;
00320 
00321     if (plcmaps_credential == NULL)
00322         return 0;
00323 
00324     if (plcmaps_credential->dn != NULL)
00325         free(plcmaps_credential->dn);
00326 
00327     if (plcmaps_credential->nfqan > 0)
00328     for (i = 0; i < plcmaps_credential->nfqan; i++)
00329     {
00330         if ((plcmaps_credential->fqan)[i] != NULL)
00331             free((plcmaps_credential->fqan)[i]);
00332     }
00333     if (plcmaps_credential->fqan != NULL) /* this removes the whole array of char* */
00334     {
00335         free(plcmaps_credential->fqan);
00336     }
00337     return 0;
00338 }
00339 
00340 #endif /* LCMAPS_CREDENTIAL_C */
00341 
00342 /******************************************************************************
00343 CVS Information:
00344     $Source: /cvs/jra1mw/org.glite.security.lcmaps/src/grid_credential_handling/lcmaps_credential.c,v $
00345     $Date: 2005/02/27 01:30:41 $
00346     $Revision: 1.2 $
00347     $Author: msteenba $
00348 ******************************************************************************/