Main Page   Modules   Data Structures   File List   Data Fields   Globals   Related Pages  

lcmaps.c

Go to the documentation of this file.
00001 /*                                                                                                            
00002  * Copyright (c) 2001 EU DataGrid.                                                                             
00003  * For license conditions see http://www.eu-datagrid.org/license.html                                          
00004  *
00005  * Copyright (c) 2001, 2002 by 
00006  *     Martijn Steenbakkers <martijn@nikhef.nl>,
00007  *     David Groep <davidg@nikhef.nl>,
00008  *     NIKHEF Amsterdam, the Netherlands
00009  */
00010 
00060 #include "lcmaps_config.h"
00061 #include <stdio.h>
00062 #include <stdlib.h>
00063 #include <string.h>
00064 #include <gssapi.h>
00065 
00066 /* LCMAPS includes */
00067 #include "pluginmanager/_lcmaps_pluginmanager.h"
00068 #include "pluginmanager/_lcmaps_log.h"
00069 #include "lcmaps_types.h"
00070 #include "lcmaps_utils.h"
00071 #include "pluginmanager/_lcmaps_utils.h"
00072 #include "lcmaps_cred_data.h"
00073 
00074 /******************************************************************************
00075                        Define module specific variables
00076 ******************************************************************************/
00077 static lcmaps_cred_id_t    lcmaps_cred; 
00078 static int                 lcmaps_initialized = 0; 
00081 /******************************************************************************
00082 Function:   lcmaps_init_and_log
00083 Description:
00084     Select logging type
00085     Start PluginManager:
00086     read from LCMAPS config file, the plugins to be loaded
00087 
00088 Parameters:
00089     fp: file handle for logging (from gatekeeper or other previously opened file handle)
00090         If the file handle is zero, assume that only syslogging is requested
00091     logtype: type of logging (usrlog and/or syslog)
00092 
00093 Returns:
00094     0: initialization succeeded
00095     1: initialization failed
00096 ******************************************************************************/
00115 int lcmaps_init_and_log(
00116         FILE* fp,
00117         unsigned short logtype
00118 )
00119 {
00120     if (lcmaps_initialized)
00121     {
00122         if (lcmaps_log(0,"LCMAPS already initialized\n") != 0)
00123         {
00124             fprintf(stderr,"LCMAPS already initialized, but wrongly\n");
00125             goto fail_lcmaps_init_and_log;
00126         }
00127         return 0;
00128     }
00129 
00130     /* start logging */
00131     if (lcmaps_log_open(NULL,fp,logtype))
00132         goto fail_lcmaps_init_and_log;
00133     lcmaps_log_debug(0,"\n");
00134     lcmaps_log_time(LOG_DEBUG,"Initialization LCMAPS version %s\n",VERSION);
00135 
00136     /* Start PluginManager */
00137     if (startPluginManager()) {
00138         lcmaps_log(0,"lcmaps.mod-lcmaps_init() error: could not start plugin manager\n");
00139         goto fail_lcmaps_init_and_log;
00140     }
00141 
00142     /* success */
00143     lcmaps_initialized++;
00144     return 0;
00145 
00146  fail_lcmaps_init_and_log:
00147     return 1;
00148 
00149 }
00150 
00151 /******************************************************************************
00152 Function:   lcmaps_init
00153 Description:
00154     Start PluginManager:
00155     read from LCMAPS config file, the plugins to be loaded
00156 
00157 Parameters:
00158     fp: file handle for logging (from gatekeeper or other previously opened file handle)
00159         If the file handle is zero, assume that only syslogging is requested
00160 Returns:
00161     0: initialization succeeded
00162     1: initialization failed
00163 ******************************************************************************/
00180 int lcmaps_init(
00181         FILE* fp
00182 )
00183 {
00184     /* set logging file descriptor, for the moment the gatekeeper logfile */
00185     /* if fp == NULL --> syslogging, otherwise only DO_USRLOG */
00186     if (fp)
00187     {
00188         return lcmaps_init_and_log(fp,DO_USRLOG);
00189     }
00190     else
00191     {
00192         return lcmaps_init_and_log(NULL,DO_SYSLOG);
00193     }
00194 }
00195 
00196 
00197 /******************************************************************************
00198 Function:   lcmaps_run
00199 Description:
00200     do the user mapping
00201 
00202 Parameters:
00203     request: JDL
00204     user_cred : user globus credential handle
00205 Returns:
00206     0: mapping succeeded
00207     1: mapping failed
00208 ******************************************************************************/
00224 #if ALLOW_EMPTY_CREDENTIALS
00225 int lcmaps_run(
00226         char * user_dn_tmp,
00227         gss_cred_id_t user_cred,
00228         lcmaps_request_t request
00229 )
00230 #else
00231 int lcmaps_run(
00232         gss_cred_id_t user_cred,
00233         lcmaps_request_t request
00234 )
00235 #endif
00236 {
00237     char *                        user_dn = NULL;
00238 
00239     if (lcmaps_initialized == 0)
00240     {
00241         fprintf(stderr,"LCMAPS has to be initialized first !\n");
00242         goto fail_lcmaps_run;
00243     }
00244     lcmaps_log_time(LOG_NOTICE,"LCMAPS credential mapping request\n");
00245 
00246     /*
00247      * Create lcmaps credential (checks if dn can be extracted)
00248      */
00249     if ( lcmaps_fill_cred(user_dn_tmp, user_cred, &lcmaps_cred) != 0)
00250     {
00251         lcmaps_log(0,"lcmaps.mod-lcmaps_run() error: could not create lcmaps credential, something wrong\n");
00252         lcmaps_log(0,"                             : with user DN and user credential\n");
00253         goto fail_lcmaps_run;
00254     }
00255     user_dn = lcmaps_get_dn(lcmaps_cred);
00256     if (user_dn == NULL)
00257     {
00258         lcmaps_log(0, "lcmaps.mod-lcmaps_run() error: user DN empty\n");
00259         goto fail_lcmaps_run;
00260     }
00261 
00262     /* Run PluginManager */
00263     if (runPluginManager(request, lcmaps_cred, 0, NULL)) {
00264         lcmaps_log(0,"lcmaps.mod-lcmaps_run() error: could not run plugin manager\n");
00265         goto fail_lcmaps_run;
00266     }
00267 
00268     /* succes */
00269     lcmaps_release_cred(&lcmaps_cred);
00270     lcmaps_log_time(0,"lcmaps.mod-lcmaps_run(): succeeded\n");
00271     return 0;
00272 
00273  fail_lcmaps_run:
00274     lcmaps_release_cred(&lcmaps_cred);
00275     lcmaps_log_time(0,"lcmaps.mod-lcmaps_run(): failed\n");
00276     return 1;
00277 }
00278 
00279 /******************************************************************************
00280 Function:   lcmaps_run_and_return_username
00281 Description:
00282     do the user mapping based on the provided list of policies (first successful
00283     policy found in the lcmaps policy file (lcmaps.db) will result in the user
00284     mapping) and return user name (needed for e.g. GridFTP)
00285 
00286 Parameters:
00287     request     : JDL
00288     user_cred   : user globus credential handle
00289     usernamep   : pointer to user name (to be freed by calling application)
00290     npols       : number of policies to be considered for evaluation
00291     policynames : the names of the policies to be considered for evaluation
00292 
00293 Returns:
00294     0: mapping succeeded
00295     1: mapping failed
00296 ******************************************************************************/
00321 #if ALLOW_EMPTY_CREDENTIALS
00322 int lcmaps_run_and_return_username(
00323         char * user_dn_tmp,
00324         gss_cred_id_t user_cred,
00325         lcmaps_request_t request,
00326         char ** usernamep,
00327         int npols,
00328         char ** policynames
00329 )
00330 #else
00331 int lcmaps_run_and_return_username(
00332         gss_cred_id_t user_cred,
00333         lcmaps_request_t request,
00334         char ** usernamep,
00335         int npols,
00336         char ** policynames
00337 )
00338 #endif
00339 {
00340     char *           user_dn = NULL;
00341 
00342     uid_t *          uid;
00343     int              cntUid;
00344     struct passwd *  user_info   = NULL;
00345 
00346     if (lcmaps_initialized == 0)
00347     {
00348         fprintf(stderr,"LCMAPS has to be initialized first !\n");
00349         goto fail_lcmaps_run_and_return_username;
00350     }
00351     lcmaps_log_time(LOG_NOTICE,"LCMAPS credential mapping request\n");
00352 
00353     lcmaps_log_debug(1, "Using lcmaps_run_and_return_username interface of LCMAPS\n");
00354     if (usernamep == NULL)
00355         goto fail_lcmaps_run_and_return_username;
00356 
00357     *usernamep = NULL;
00358 
00359     /*
00360      * Create lcmaps credential (checks if dn can be extracted)
00361      */
00362 #if ALLOW_EMPTY_CREDENTIALS
00363     if ( lcmaps_fill_cred(user_dn_tmp, user_cred, &lcmaps_cred) != 0)
00364 #else
00365     if ( lcmaps_fill_cred(NULL, user_cred, &lcmaps_cred) != 0)
00366 #endif
00367     {
00368         lcmaps_log(0,"lcmaps.mod-lcmaps_run_and_return_username() error: could not create lcmaps credential, something wrong\n");
00369         lcmaps_log(0,"                                                 : with user DN and user credential\n");
00370         goto fail_lcmaps_run_and_return_username;
00371     }
00372     user_dn = lcmaps_get_dn(lcmaps_cred);
00373     if (user_dn == NULL)
00374     {
00375         lcmaps_log(0, "lcmaps.mod-lcmaps_run_and_return_username() error: user DN empty\n");
00376         goto fail_lcmaps_run_and_return_username;
00377     }
00378 
00379     /* Run PluginManager */
00380     if (runPluginManager(request, lcmaps_cred, npols, policynames)) {
00381         lcmaps_log(0,"lcmaps.mod-lcmaps_run_and_return_username() error: could not run plugin manager\n");
00382         goto fail_lcmaps_run_and_return_username;
00383     }
00384 
00385     /*
00386      * Apparently lcmaps succeeded, so let's get the username from the credential repository
00387      * and return happily
00388      */
00389 
00390     /* Now try to get the userid drom the credential data */
00391     uid    = getCredentialData(UID,     &cntUid);
00392     if (uid)
00393     {
00394         if ( (user_info = getpwuid(uid[0])) == NULL )
00395         {
00396             fprintf(stderr,"LCMAPS could not find the username related to uid: %d\n",uid[0]);
00397             return 1;
00398         }
00399         (*usernamep) = strdup(user_info->pw_name);
00400     }
00401     else
00402     {
00403         fprintf(stderr,"LCMAPS could not find any uid\n");
00404         return 1;
00405     }
00406 
00407     /* succes */
00408     lcmaps_release_cred(&lcmaps_cred);
00409     lcmaps_log_time(0,"lcmaps.mod-lcmaps_run_and_return_username(): succeeded\n");
00410     return 0;
00411 
00412  fail_lcmaps_run_and_return_username:
00413     lcmaps_release_cred(&lcmaps_cred);
00414     lcmaps_log_time(0,"lcmaps.mod-lcmaps_run_and_return_username(): failed\n");
00415     return 1;
00416 }
00417 
00418 /******************************************************************************
00419 Function:   lcmaps_run_without_credentials
00420 Description:
00421     do the user mapping without credentials, only the user DN
00422 
00423 Parameters:
00424     user_dn_tmp: user DN
00425 Returns:
00426     0: mapping succeeded
00427     1: mapping failed
00428 ******************************************************************************/
00442 int lcmaps_run_without_credentials(
00443         char * user_dn_tmp
00444 )
00445 {
00446     gss_cred_id_t user_cred  = GSS_C_NO_CREDENTIAL;
00447     lcmaps_request_t request = (lcmaps_request_t) NULL;
00448     char *           user_dn = NULL;
00449 
00450     if (lcmaps_initialized == 0)
00451     {
00452         fprintf(stderr,"LCMAPS has to be initialized first !\n");
00453         goto fail_lcmaps_run_without_credentials;
00454     }
00455     lcmaps_log_time(LOG_NOTICE,"LCMAPS credential mapping request\n");
00456 
00457     /*
00458      * Create lcmaps credential (checks if dn can be extracted)
00459      */
00460     if ( lcmaps_fill_cred(user_dn_tmp, user_cred, &lcmaps_cred) != 0)
00461     {
00462         lcmaps_log(0,"lcmaps.mod-lcmaps_run_without_credentials() error: could not create lcmaps credential, something wrong\n");
00463         lcmaps_log(0,"                                              : with user DN and user credential\n");
00464         goto fail_lcmaps_run_without_credentials;
00465     }
00466     user_dn = lcmaps_get_dn(lcmaps_cred);
00467     if (user_dn == NULL)
00468     {
00469         lcmaps_log(0, "lcmaps.mod-lcmaps_run_without_credentials() error: user DN empty\n");
00470         goto fail_lcmaps_run_without_credentials;
00471     }
00472 
00473     /* Run PluginManager */
00474     if (runPluginManager(request, lcmaps_cred, 0, NULL)) {
00475         lcmaps_log(0,"lcmaps.mod-lcmaps_run_without_credentials() error: could not run plugin manager\n");
00476         goto fail_lcmaps_run_without_credentials;
00477     }
00478 
00479     /* succes */
00480     lcmaps_release_cred(&lcmaps_cred);
00481     lcmaps_log_debug(0,"lcmaps.mod-lcmaps_run_without_credentials(): succeeded\n");
00482     return 0;
00483 
00484  fail_lcmaps_run_without_credentials:
00485     lcmaps_release_cred(&lcmaps_cred);
00486     lcmaps_log_debug(0,"lcmaps.mod-lcmaps_run_without_credentials(): failed\n");
00487     return 1;
00488 }
00489 
00490 
00491 /******************************************************************************
00492 Function:   lcmaps_term
00493 Description:
00494     Terminate LCMAPS module: 
00495 
00496 Parameters:
00497 Returns:
00498     0: termination succeeded
00499     1: termination failed
00500 ******************************************************************************/
00512 int lcmaps_term()
00513 {
00514     lcmaps_log_time(LOG_DEBUG,"Termination LCMAPS\n");
00515     lcmaps_log_time(0,"lcmaps.mod-lcmaps_term(): terminating\n");
00516     if (stopPluginManager() != 0)
00517         return 1;
00518     if (lcmaps_log_close() != 0)
00519         return 1;
00520     return 0;
00521 }
00522 
00523 /******************************************************************************
00524 CVS Information:
00525     $Source: /local/reps/lcgware/fabric_mgt/gridification/lcmaps/src/lcmaps.c,v $
00526     $Date: 2004/10/01 15:17:31 $
00527     $Revision: 1.8 $
00528     $Author: maart $
00529 ******************************************************************************/

Generated on Sat Oct 2 02:18:26 2004 for edg-lcmaps by doxygen1.2.14 written by Dimitri van Heesch, © 1997-2002