Main Page | Modules | Data Structures | File List | Data Fields | Globals | Related Pages

lcmaps_gsi_utils.c

Go to the documentation of this file.
00001 /*
00002  * Copyright (c) Members of the EGEE Collaboration. 2004.
00003  * See http://eu-egee.org/partners/ for details on the copyright holders.
00004  * For license conditions see the license file or
00005  * http://eu-egee.org/license.html
00006  */
00007 
00019 #ifndef LCMAPS_GSI_UTILS_C
00020 #define LCMAPS_GSI_UTILS_C
00021 
00022 /******************************************************************************
00023                              Include header files
00024 ******************************************************************************/
00025 #include <stdio.h>
00026 #include <stdlib.h>
00027 #include <string.h>
00028 
00029 /* For X509 and STACK_OF(X509) structs (output) */
00030 #include <openssl/x509.h>
00031 
00032 /* For the gss_cred_id_t struct (input) */
00033 #include <gssapi.h>
00034 
00035 /* Internal globus header:
00036  * defines gss_cred_id_desc (= internal structure of gss_cred_id_t)
00037  */
00038 #include "gssapi_openssl.h"
00039 
00040 /* Defines globus_gsi_cred_handle_t (GSI (globus) credential,
00041  * part of gss_cred_id_desc)
00042  * and interface functions to globus_gsi_cred_handle_t:
00043  * globus_gsi_cred_get_cert() and globus_gsi_cred_get_cert_chain()
00044  */
00045 #include "globus_gsi_credential.h"
00046 
00047 /* Internal globus header:
00048  * describes internal structure of globus_gsi_cred_get_cert
00049  * not needed if interface functions to globus_gsi_cred_handle_t are used
00050  */
00051 //#include "globus_i_gsi_credential.h"
00052 
00053 /* LCMAPS includes */
00054 #include "_lcmaps_gsi_utils.h"
00055 
00056 /******************************************************************************
00057 Function:       lcmaps_gss_cred_to_dn() (copied from GLOBUS gatekeeper.c)
00058 Description:    Get the globusid from gssapi
00059 Parameters:
00060                 globus_cred: globus credential
00061 Returns:        globusid string (which could be freeed)
00062 ******************************************************************************/
00063 char * lcmaps_gss_cred_to_dn(
00064         gss_cred_id_t globus_cred
00065 )
00066 {
00067     char*                         globusid = NULL;
00068     char*                         globusid_tmp = NULL;
00069     gss_name_t                    globus_name = GSS_C_NO_NAME;
00070     gss_buffer_desc               globus_buffer_desc = GSS_C_EMPTY_BUFFER;
00071     gss_buffer_t                  globus_buffer = &globus_buffer_desc;
00072     OM_uint32                     major_status = 0;
00073     OM_uint32                     minor_status = 0;
00074     OM_uint32                     minor_status2 = 0;
00075 
00076     if ((major_status = gss_inquire_cred(&minor_status,
00077                                          globus_cred,
00078                                          &globus_name,
00079                                          NULL, NULL, NULL)) == GSS_S_COMPLETE)
00080     {
00081         major_status = gss_display_name(&minor_status,
00082                                         globus_name, globus_buffer, NULL);
00083         gss_release_name(&minor_status2, &globus_name);
00084     }
00085     /*
00086      * The gssapi_cleartext does not implement gss_inquire_cred,
00087      * so fall back to using environment variable.
00088      */
00089     if (major_status == GSS_S_COMPLETE)
00090     {
00091         globusid = globus_buffer_desc.value;
00092     }
00093     else
00094     {
00095         globusid = getenv("GLOBUSID");
00096         globusid = (globusid ? globusid : "GLOBUSID");
00097     }
00098     globusid_tmp = strdup(globusid);
00099 
00100     if (globus_buffer_desc.value)
00101     {
00102         gss_release_buffer(&minor_status2, globus_buffer);
00103     }
00104     return globusid_tmp;
00105 }
00106 
00107 /******************************************************************************
00108 Function:       lcmaps_cred_to_x509()
00109 Description:    Return the pointer to X509 structure from gss credential
00110 Parameters:
00111                 cred: globus credential
00112 Returns:        pointer to X509 struct or NULL
00113 ******************************************************************************/
00127 X509 * lcmaps_cred_to_x509(
00128         gss_cred_id_t cred
00129 )
00130 {
00131     /* Internally a gss_cred_id_t type is a pointer to a gss_cred_id_desc */
00132     gss_cred_id_desc *       cred_desc = NULL;
00133     globus_gsi_cred_handle_t gsi_cred_handle;
00134     X509 * px509=NULL;
00135 
00136     /* cast to gss_cred_id_desc */
00137     if (cred != GSS_C_NO_CREDENTIAL)
00138     {
00139         cred_desc = (gss_cred_id_desc *) cred;
00140         if (globus_module_activate(GLOBUS_GSI_CREDENTIAL_MODULE) ==GLOBUS_SUCCESS)
00141         {
00142             gsi_cred_handle = cred_desc->cred_handle;
00143             if (globus_gsi_cred_get_cert(gsi_cred_handle, &px509) == GLOBUS_SUCCESS)
00144             {
00145                 globus_module_deactivate(GLOBUS_GSI_CREDENTIAL_MODULE);
00146                 return px509;
00147             }
00148             else
00149             {
00150                 globus_module_deactivate(GLOBUS_GSI_CREDENTIAL_MODULE);
00151                 return NULL;
00152             }
00153         }
00154         else
00155         {
00156             globus_module_deactivate(GLOBUS_GSI_CREDENTIAL_MODULE);
00157             return NULL;
00158         }
00159     }
00160     else
00161     {
00162         return NULL;
00163     }
00164 }
00165 
00166 
00167 /******************************************************************************
00168 Function:       lcmaps_cred_to_x509_chain()
00169 Description:    Return the pointer to X509 chain from gss credential
00170 Parameters:
00171                 cred: globus credential
00172 Returns:        pointer to X509 chain or NULL
00173 ******************************************************************************/
00187 STACK_OF(X509) * lcmaps_cred_to_x509_chain(
00188         gss_cred_id_t cred
00189 )
00190 {
00191     /* Internally a gss_cred_id_t type is a pointer to a gss_cred_id_desc */
00192     gss_cred_id_desc *       cred_desc = NULL;
00193     globus_gsi_cred_handle_t gsi_cred_handle;
00194     STACK_OF(X509) * px509_chain=NULL;
00195 
00196     /* cast to gss_cred_id_desc */
00197     if (cred != GSS_C_NO_CREDENTIAL)
00198     {
00199         cred_desc = (gss_cred_id_desc *) cred;
00200         if (globus_module_activate(GLOBUS_GSI_CREDENTIAL_MODULE) ==GLOBUS_SUCCESS)
00201         {
00202             gsi_cred_handle = cred_desc->cred_handle;
00203             if (globus_gsi_cred_get_cert_chain(gsi_cred_handle, &px509_chain) == GLOBUS_SUCCESS)
00204             {
00205                 globus_module_deactivate(GLOBUS_GSI_CREDENTIAL_MODULE);
00206                 return px509_chain;
00207             }
00208             else
00209             {
00210                 globus_module_deactivate(GLOBUS_GSI_CREDENTIAL_MODULE);
00211                 return NULL;
00212             }
00213         }
00214         else
00215         {
00216             globus_module_deactivate(GLOBUS_GSI_CREDENTIAL_MODULE);
00217             return NULL;
00218         }
00219     }
00220     else
00221     {
00222         return NULL;
00223     }
00224 }
00225 
00226 #endif /* LCMAPS_GSI_UTILS_C */
00227 
00228 /******************************************************************************
00229 CVS Information:
00230     $Source: /cvs/jra1mw/org.glite.security.lcmaps/src/grid_credential_handling/gsi_handling/lcmaps_gsi_utils.c,v $
00231     $Date: 2004/12/02 17:17:53 $
00232     $Revision: 1.1 $
00233     $Author: msteenba $
00234 ******************************************************************************/
Generated on Sun May 29 21:22:10 2005 for lcmaps by doxygen 1.3.5