Main Page   Modules   Data Structures   File List   Data Fields   Globals   Related Pages  

lcas.c

Go to the documentation of this file.
00001 /*                                                                                                            
00002  * Copyright (c) 2001 EU DataGrid.                                                                             
00003  * For license conditions see http://www.eu-datagrid.org/license.html                                          
00004  *
00005  * Copyright (c) 2001, 2002 by 
00006  *     Martijn Steenbakkers <martijn@nikhef.nl>,
00007  *     David Groep <davidg@nikhef.nl>,
00008  *     NIKHEF Amsterdam, the Netherlands
00009  */
00010 
00049 /*****************************************************************************
00050                             Include header files
00051 ******************************************************************************/
00052 #include "lcas_config.h"
00053 #include <stdio.h>
00054 #include <stdlib.h>
00055 #include <string.h>
00056 
00057 #if HAVE_MALLOC_H
00058 #    include <malloc.h>
00059 #endif
00060 
00061 /* Programming interface to dynamic linking loader */
00062 #if HAVE_DLFCN_H
00063 #    include <dlfcn.h>
00064 #endif
00065 
00066 #include <gssapi.h>
00067 
00068 /* LCAS includes */
00069 #include "lcas_types.h"
00070 #include "_lcas_utils.h"
00071 #include "_lcas_defines.h"
00072 #include "_lcas_log.h"
00073 #include "_lcas_db_read.h"
00074 
00075 
00076 /******************************************************************************
00077                              Define constants
00078 ******************************************************************************/
00079 
00080 #ifndef NUL
00081 #define NUL '\0' 
00082 #endif
00083 
00084 /* LCAS authorization module definitions */
00085 #define MAXAUTHMODS 3 
00086 #define MAXPROCS    3 
00088 /*
00089  * LCAS error codes
00090  */
00091 #define FAILED_LCAS_USERALLOW   1 
00093 #define FAILED_LCAS_USERBAN     2 
00095 #define FAILED_LCAS_CLOCKCHECK  3 
00097 #define FAILED_LCAS_OTHER       4 
00098 #define FAILED_LCAS_PLUGIN      5 
00101 #ifndef APIMAJORVERSION
00102 #    define APIMAJORVERSION -1
00103 #endif
00104 #ifndef APIMINORVERSION
00105 #    define APIMINORVERSION -1
00106 #endif
00107 #ifndef APIPATCHVERSION
00108 #    define APIPATCHVERSION -1
00109 #endif
00110 
00111 /******************************************************************************
00112                                Type definitions
00113 ******************************************************************************/
00119 enum lcas_proctype_e
00120 {
00121     INITPROC, 
00122     AUTHPROC, 
00123     TERMPROC, 
00124     ENDOFPROCS /*< this is the last enumeration value */
00125 };
00126 
00132 typedef int (*lcas_proc_t)();
00133 
00144 typedef struct lcas_plugindl_s
00145 {
00146     void *                    handle; 
00147     lcas_proc_t               procs[MAXPROCS]; 
00148     char                      pluginname[LCAS_MAXPATHLEN+1]; 
00149     char                      pluginargs[LCAS_MAXARGSTRING+1]; 
00150     int                       argc; 
00151     char *                    argv[LCAS_MAXARGS]; 
00152     struct lcas_plugindl_s *  next; 
00153 }
00154 lcas_plugindl_t;
00155 
00156 /******************************************************************************
00157                           Module specific prototypes
00158 ******************************************************************************/
00159 static lcas_plugindl_t * PluginInit(lcas_db_entry_t *, lcas_plugindl_t **);
00160 static lcas_proc_t       get_procsymbol(void *, char *);
00161 static int               print_lcas_plugin(int, lcas_plugindl_t *);
00162 static int               parse_args_plugin(const char *, const char *, char **, int *);
00163 static int               clean_plugin_list(lcas_plugindl_t **);
00164 
00165 /******************************************************************************
00166                        Define module specific variables
00167 ******************************************************************************/
00168 static lcas_cred_id_t    lcas_cred; 
00169 static int               lcas_initialized = 0; 
00170 static char *            lcas_db_file_default = NULL; 
00171 static char *            lcas_dir         = NULL; 
00172 static lcas_plugindl_t * plugin_list      = NULL; 
00173 static lcas_plugindl_t * authmod_list     = NULL; 
00174 static char *            authmods[MAXAUTHMODS][2] = {
00175                              {(char *) NULL, (char *) NULL},
00176                              {(char *) NULL, (char *) NULL},
00177                              {(char *) NULL, (char *) NULL}
00178 }; 
00179 /*
00180 static char *            authmods[MAXAUTHMODS][2] =
00181 {
00182                              "lcas_userallow.mod", "allowed_users.db",
00183                              "lcas_userban.mod",   "ban_users.db",
00184                              "lcas_timeslots.mod", "timeslots.db"
00185                          };
00186 */
00187 
00188 int getMajorVersionNumber() { return (int)(APIMAJORVERSION); }
00189 int getMinorVersionNumber() { return (int)(APIMINORVERSION); }
00190 int getPatchVersionNumber() { return (int)(APIPATCHVERSION); }
00191 
00192 /*
00193  * To be done: set up LCAS as a service and communicate with gatekeeper
00194  * in an established security context
00195  */
00196 
00197 
00198 /******************************************************************************
00199 Function:   lcas_init
00200 Description:
00201     Initialize LCAS module: 
00202     setup logging, error handling
00203     read from LCAS database the plugins to be loaded
00204 
00205 Parameters:
00206     fp: file handle for logging (from gatekeeper)
00207 Returns:
00208     0: initialization succeeded
00209     1: initialization failed
00210 ******************************************************************************/
00211 int lcas_init(
00212         FILE* fp
00213 )
00214 {
00215     lcas_db_entry_t **  lcas_db_handle=NULL;
00216     lcas_db_entry_t **  lcas_mod_handle=NULL;
00217     lcas_db_entry_t *   lcas_mod_db=NULL;
00218     lcas_db_entry_t     lcas_mod_entry;
00219     lcas_db_entry_t *   ihandle=NULL;
00220     lcas_plugindl_t *   plugin_entry=NULL;
00221     lcas_plugindl_t *   authmod_entry=NULL;
00222     char *              lcas_db_file=NULL;
00223     int                 ientry;
00224     int                 i;
00225 
00226     if (lcas_initialized)
00227     {
00228         if (lcas_log(0,"LCAS already initialized\n") != 0)
00229         {
00230             fprintf(stderr,"LCAS already initialized, but wrongly\n");
00231             goto fail_lcas_init;
00232         }
00233         return 0;
00234     }
00235 
00236     /* set logging file descriptor, for the moment the gatekeeper logfile */
00237 /*  lcas_log_open(NULL,fp,DO_USRLOG|DO_SYSLOG); */
00238     lcas_log_open(NULL,fp,DO_USRLOG);
00239     lcas_log_debug(0,"\n");
00240     lcas_log(LOG_NOTICE,"Initialization LCAS version %s\n",VERSION);
00241 
00242     /* get LCAS (database) home directory and set lcas_db_file */
00243     lcas_dir = getenv("LCAS_DIR");
00244     lcas_dir = (lcas_dir ? lcas_dir : LCAS_ETC_HOME );
00245     lcas_db_file_default = getenv("LCAS_DB_FILE");
00246     lcas_db_file_default = (lcas_db_file_default ? lcas_db_file_default : "lcas.db" );
00247 
00248     lcas_db_file=lcas_genfilename(lcas_dir, lcas_db_file_default, NULL);
00249 
00250     /*
00251      * To be done: obtain the LCAS policy database which is stored within the
00252      * Configuration Management subsystem
00253      */
00254 
00255     /* put the STANDARD AUTHORIZATION MODULE info in lcas_db-like structure */
00256     lcas_mod_entry.next=NULL;
00257     lcas_mod_handle=&lcas_mod_db;
00258     for (i=0; i < MAXAUTHMODS; ++i)
00259     {
00260         if (authmods[i][0] == NULL) break; /* No standard, default authorization modules */
00261         *(lcas_mod_entry.pluginname)=NUL;
00262         *(lcas_mod_entry.pluginargs)=NUL;
00263         if (authmods[i][0] != NULL)
00264         {
00265             strncpy(lcas_mod_entry.pluginname,authmods[i][0],LCAS_MAXPATHLEN);
00266             (lcas_mod_entry.pluginname)[LCAS_MAXPATHLEN]=NUL;
00267         }
00268         if (authmods[i][1] != NULL)
00269         {
00270             strncpy(lcas_mod_entry.pluginargs,authmods[i][1],LCAS_MAXARGSTRING);
00271             (lcas_mod_entry.pluginargs)[LCAS_MAXARGSTRING]=NUL;
00272         }
00273         lcas_log_debug(1,"lcas.mod-lcas_init(): creating db structure for authorization module %s\n",
00274                  authmods[i][0]);
00275         if (lcas_db_fill_entry(lcas_mod_handle, &lcas_mod_entry) == NULL)
00276         {
00277             lcas_log(0,"lcas.mod-lcas_init() error: Cannot create standard authorization module (%d-%s) db structure\n",
00278                     i,authmods[i][0]);
00279             goto fail_lcas_init;
00280         }
00281     }
00282 
00283     /*
00284      * init the STANDARD AUTHORIZATION MODULES (PluginInit)
00285      * - open plugins and check the symbols plugin_init and confirm_authorization
00286      * - run plugin_init
00287      */
00288     ientry=0;
00289     ihandle=*lcas_mod_handle;
00290     while (ihandle)
00291     {
00292         if (strlen(ihandle->pluginname) > 0)
00293         {
00294             lcas_log_debug(1,"lcas.mod-lcas_init(): initializing standard module %s (db entry %d)\n",
00295                      ihandle->pluginname, ientry);
00296             if ((authmod_entry=PluginInit(ihandle,&authmod_list)) == NULL)
00297             {
00298                 lcas_log(0,"lcas.mod-lcas_init(): error initializing standard module : %s\n",
00299                          ihandle->pluginname);
00300                 goto fail_lcas_init;
00301             }
00302         }
00303         ientry++;
00304         ihandle=ihandle->next;
00305     }
00306 
00307     /* 
00308      * read PLUGIN AUTHORIZATION MODULE info from LCAS database and store
00309      * the info in a lcas_db structure
00310      */
00311     lcas_log_debug(0,"lcas.mod-lcas_init(): Reading LCAS database %s\n",
00312             lcas_db_file);
00313     lcas_db_handle=lcas_db_read(lcas_db_file);
00314     if (lcas_db_handle == NULL)
00315     {
00316         lcas_log(0,"lcas.mod-lcas_init(): Failed to read LCAS database %s\n",
00317                  lcas_db_file);
00318         goto fail_lcas_init;
00319     }
00320     /*
00321      * init the PLUGIN AUTHORIZATION MODULES (PluginInit)
00322      * - open plugins and check the symbols plugin_init and confirm_authorization
00323      * - run plugin_init
00324      */
00325     ientry=0;
00326     ihandle=*lcas_db_handle;
00327     while (ihandle)
00328     {
00329         if (strlen(ihandle->pluginname) > 0)
00330         {
00331             lcas_log_debug(1,"lcas.mod-lcas_init(): initializing plugin %s (db entry %d)\n",
00332                      ihandle->pluginname, ientry);
00333             if ((plugin_entry=PluginInit(ihandle,&plugin_list)) == NULL)
00334             {
00335                 lcas_log(0,"lcas.mod-lcas_init(): error initializing plugin: %s\n",ihandle->pluginname);
00336                 goto fail_lcas_init;
00337             }
00338             /* 
00339              * Check if plugin module is already registered as standard authorization module,
00340              * by comparing the complete path names of the plugin and modules
00341              */
00342             authmod_entry=authmod_list;
00343             while (authmod_entry)
00344             {
00345                 if ( (strncmp(authmod_entry->pluginname,
00346                               plugin_entry->pluginname,
00347                               LCAS_MAXPATHLEN) == 0)
00348                    )
00349                 {
00350                     lcas_log(0,"lcas.mod-lcas_init() error: plugin %s already registered as\n",
00351                              plugin_entry->pluginname);
00352                     lcas_log(0,"    standard authorization module\n");
00353                     goto fail_lcas_init;
00354                 }
00355                 authmod_entry=authmod_entry->next;
00356             }
00357             
00358         }
00359         ientry++;
00360         ihandle=ihandle->next;
00361     }
00362 
00363     authmod_entry=authmod_list;
00364     while (authmod_entry)
00365     {
00366         print_lcas_plugin(2,authmod_entry);
00367         lcas_log_debug(2,"\n");
00368         authmod_entry=authmod_entry->next;
00369     }
00370 
00371     plugin_entry=plugin_list;
00372     while (plugin_entry)
00373     {
00374         print_lcas_plugin(2,plugin_entry);
00375         lcas_log_debug(2,"\n");
00376         plugin_entry=plugin_entry->next;
00377     }
00378 
00379     /* clean STANDARD authorization module database structure */
00380     if(lcas_db_clean_list(&lcas_mod_db))
00381     {
00382         lcas_log(0,"lcas.mod-lcas_init() error: could not clean up authmod db structure\n");
00383         goto fail_lcas_init;
00384     }
00385     /* clean PLUGIN authorization module database structure */
00386     if (lcas_db_clean())
00387     {
00388         lcas_log(0,"lcas.mod-lcas_init() error: could not clean up plugin db structure\n");
00389         goto fail_lcas_init;
00390     }
00391 
00392     /* success */
00393     if (lcas_db_file) free(lcas_db_file);
00394     lcas_initialized++;
00395     return 0;
00396 
00397  fail_lcas_init:
00398     /* failure */
00399     lcas_db_clean_list(&lcas_mod_db);
00400     lcas_db_clean();
00401     if (clean_plugin_list(&plugin_list)!=0)
00402     {
00403         lcas_log(0,"lmas.mod-lcas_init() error: could not clean up plugin list\n");
00404     }
00405     if (lcas_db_file) free(lcas_db_file);
00406 
00407     return 1;
00408 }
00409 
00410 /******************************************************************************
00411 Function:   PluginInit
00412 Description:
00413     Initialize the plugin
00414     - Create entry in (plugin)list
00415     - Open plugins and check the symbols plugin_init and confirm_authorization
00416     - run plugin_init
00417 
00418 Parameters:
00419     db_handle: handle to LCAS db (containing pluginname and pluginargs)
00420     list:      pointer to list to which (plugin) module has to be added
00421 Returns:
00422     pointer to plugin structure
00423     NULL: could not initialize plugin
00424 ******************************************************************************/
00443 static lcas_plugindl_t * PluginInit(
00444         lcas_db_entry_t * db_handle,
00445         lcas_plugindl_t ** list
00446 )
00447 {
00448     char *                 name;
00449 #if 0
00450     char *                 names[5]={NULL,NULL,NULL,NULL,NULL};
00451 #endif
00452     char *                 pname=NULL;
00453     char *                 args=NULL;
00454 #if 0
00455     char *                 db;
00456     char *                 dbs[5]={NULL,NULL,NULL,NULL,NULL};
00457     char *                 pdb=NULL;
00458 #endif
00459     void *                 plugin_handle;
00460     lcas_proc_t            plugin_procs[MAXPROCS];
00461     lcas_plugindl_t *      pplugin=NULL;
00462     int                    i;
00463     int                    retval;
00464 
00465     name = db_handle->pluginname;
00466 #if 0
00467     db = db_handle->pluginargs;
00468 #endif
00469     args = db_handle->pluginargs;
00470 
00471     /* Find plugin module */
00472 #if 0
00473     names[0]=lcas_genfilename(NULL,name,NULL);
00474     names[1]=lcas_genfilename("modules",name,NULL);
00475     names[2]=lcas_genfilename(LCAS_MOD_HOME,name,NULL);
00476     names[3]=lcas_genfilename(LCAS_LIB_HOME,name,NULL);
00477     names[4]=lcas_genfilename(LCAS_ETC_HOME,name,NULL);
00478     pname=lcas_getfexist(5,names[0],
00479                       names[1],names[2],
00480                       names[3],names[4]
00481           );
00482 #endif
00483     pname = lcas_findfile(name);
00484     if (pname == NULL)
00485     {
00486         lcas_log(0,
00487             "lcas.mod-PluginInit(): plugin %s not found\n",
00488             name
00489         );
00490         goto fail_PluginInit;
00491     }
00492 
00493 #if 0
00494     /* Find database */
00495     if (strlen(db) > 0)
00496     {
00497         dbs[0]=lcas_genfilename(NULL,db,NULL);
00498         dbs[1]=lcas_genfilename("modules",db,NULL);
00499         dbs[2]=lcas_genfilename(LCAS_ETC_HOME,db,NULL);
00500         dbs[3]=lcas_genfilename(LCAS_MOD_HOME,db,NULL);
00501         dbs[4]=lcas_genfilename(LCAS_LIB_HOME,db,NULL);
00502         pdb=lcas_getfexist(5,dbs[0],
00503                         dbs[1],dbs[2],
00504                         dbs[3],dbs[4]
00505             );
00506     }
00507 #endif
00508 
00509     /* Try a dlopen() */
00510     plugin_handle=dlopen(pname,RTLD_NOW);
00511 //    plugin_handle=dlopen(pname,RTLD_NOW|RTLD_GLOBAL);
00512     if (!plugin_handle)
00513     {
00514         lcas_log(0,"lcas.mod-PluginInit(): dlopen error for %s:\n    %s\n",
00515             pname,dlerror()
00516         );
00517         goto fail_PluginInit;
00518     }
00519 
00520     /* Check symbols */
00521     for (i=0; i < MAXPROCS; ++i)
00522     {
00523         switch (i)
00524         {
00525             case INITPROC:
00526                 plugin_procs[i]=get_procsymbol(plugin_handle,"plugin_initialize");
00527                 if (plugin_procs[i] == NULL)
00528                 {
00529                     lcas_log(0,"lcas.mod-PluginInit(): plugin %s not compliant\n",
00530                         name);
00531                     lcas_log(0,"lcas.mod-PluginInit(): missing function \"plugin_initialize()\"\n");
00532                     goto fail_PluginInit;
00533                 }
00534                 else
00535                 {
00536                     lcas_log_debug(2,"lcas.mod-PluginInit(): found \"plugin_initialize()\"\n");
00537                 }
00538                 break;
00539             case AUTHPROC:
00540                 plugin_procs[i]=get_procsymbol(plugin_handle,"plugin_confirm_authorization");
00541                 if (plugin_procs[i] == NULL)
00542                 {
00543                     lcas_log(0,"lcas.mod-PluginInit(): plugin %s not compliant\n",
00544                         name);
00545                     lcas_log(0,"lcas.mod-PluginInit(): missing function \"plugin_confirm_authorization()\"\n");
00546                     goto fail_PluginInit;
00547                 }
00548                 else
00549                 {
00550                     lcas_log_debug(2,"lcas.mod-PluginInit(): found \"plugin_confirm_authorization()\"\n");
00551                 }
00552                 break;
00553             case TERMPROC:
00554                 plugin_procs[i]=get_procsymbol(plugin_handle,"plugin_terminate");
00555                 if (plugin_procs[i] == NULL)
00556                 {
00557                     lcas_log(0,"lcas.mod-PluginInit(): plugin %s not compliant\n",
00558                         name);
00559                     lcas_log(0,"lcas.mod-PluginInit(): missing function \"plugin_terminate()\"\n");
00560                     goto fail_PluginInit;
00561                 }
00562                 else
00563                 {
00564                     lcas_log_debug(2,"lcas.mod-PluginInit(): found \"plugin_terminate()\"\n");
00565                 }
00566                 break;
00567             default:
00568                 /* do nothing */
00569                 plugin_procs[i]=NULL;
00570                 break;
00571         }
00572     }
00573     /* Make a new entry at end of plugin list */
00574     if (!*list)
00575     {
00576         lcas_log_debug(2,"lcas.mod-PluginInit(): creating first pluginlist entry\n");
00577         *list=pplugin=(lcas_plugindl_t *)malloc(sizeof(lcas_plugindl_t));
00578     }
00579     else
00580     {
00581         lcas_log_debug(2,"lcas.mod-PluginInit(): creating new pluginlist entry\n");
00582         pplugin=*list;
00583         while (pplugin->next) pplugin=pplugin->next;
00584         pplugin=pplugin->next=(lcas_plugindl_t *)malloc(sizeof(lcas_plugindl_t));
00585     }
00586     if (!pplugin)
00587     {
00588         lcas_log(0,"lcas.mod-PluginInit(): error creating new pluginlist entry\n");
00589         goto fail_PluginInit;
00590     }
00591     /* Set plugin list elements */
00592     pplugin->next=NULL;
00593     pplugin->handle=plugin_handle;
00594     for (i=0; i < MAXPROCS; ++i)
00595         pplugin->procs[i]=plugin_procs[i];
00596     if (pname != NULL)
00597     {
00598         strncpy(pplugin->pluginname,pname,LCAS_MAXPATHLEN);
00599         (pplugin->pluginname)[LCAS_MAXPATHLEN]=NUL;
00600     }
00601     else
00602         strncpy(pplugin->pluginname,"",LCAS_MAXPATHLEN);
00603 
00604     if (args != NULL)
00605     {
00606         strncpy(pplugin->pluginargs,args,LCAS_MAXARGSTRING);
00607         (pplugin->pluginargs)[LCAS_MAXARGSTRING]=NUL;
00608     }
00609     else
00610         strncpy(pplugin->pluginargs,"",LCAS_MAXARGSTRING);
00611 
00612     /* Parse options */
00613     if (parse_args_plugin(pname,args,pplugin->argv,&(pplugin->argc)) )
00614     {
00615         lcas_log(0,"lcas.mod-PluginInit(): Could not parse arguments for plugin module %s\n",
00616         pname);
00617         goto fail_PluginInit;
00618     }
00619     for (i=0; i < pplugin->argc; ++i)
00620         lcas_log_debug(4,"%s arg %d = %s\n",pname,i,(pplugin->argv)[i]);
00621 
00622 
00623     /* Run plugin_initialize() */
00624 #if 0
00625     retval=(*(pplugin->procs[INITPROC]))(pplugin->pluginargs);
00626 #endif
00627     retval=(*(pplugin->procs[INITPROC]))(pplugin->argc,pplugin->argv);
00628     if (retval != LCAS_MOD_SUCCESS )
00629     {
00630         lcas_log(0,"lcas.mod-PluginInit(): \"plugin_initialize()\" failed\n");
00631         goto fail_PluginInit;
00632     }
00633     else
00634     {
00635         lcas_log_debug(2,"lcas.mod-PluginInit(): \"plugin_initialize()\" succeeded\n");
00636     }
00637 
00638 
00639     /* free stuff */
00640     if (pname) { free(pname); pname=NULL; }
00641 #if 0
00642     for (i=0; i < 5; ++i)
00643     {
00644         if (names[i]) free(names[i]);
00645         if (dbs[i]) free(dbs[i]);
00646     }
00647 #endif
00648 
00649     return pplugin;
00650 
00651  fail_PluginInit:
00652     if (pname) { free(pname); pname=NULL; }
00653 #if 0
00654     for (i=0; i < 5; ++i)
00655     {
00656         if (names[i]) free(names[i]);
00657         if (dbs[i]) free(dbs[i]);
00658     }
00659 #endif
00660     return NULL;
00661 }
00662 
00663 /******************************************************************************
00664 Function:   parse_args_plugin()
00665 Description:
00666     Parse the argument string of the plugin and create xargv and xargc
00667 
00668 Parameters:
00669     name: name of the plugin (goes into argv[0])
00670     argstring: string containing the arguments
00671     xargv: array of argument strings (has to be freed later)
00672     xargc: number of arguments
00673 Returns:
00674     0 on succes
00675     1 on failure
00676 ******************************************************************************/
00695 static int parse_args_plugin(
00696         const char * name,
00697         const char * argstring,
00698         char ** xargv,
00699         int * xargc
00700 )
00701 {
00702     int len=0;
00703     int i;
00704     int rc;
00705 
00706     /* set modulename */
00707     len=strlen(name);
00708     if ( (len > 0) && (len < LCAS_MAXPATHLEN) )
00709     {
00710         xargv[0]=(char *)malloc(len+1);
00711         if (xargv[0] != NULL)
00712             strncpy(xargv[0],name,len+1);
00713         else
00714             return 1;
00715     }
00716 
00717     *xargc=LCAS_MAXARGS-1;
00718     if ( (rc=lcas_tokenize(argstring, &xargv[1], xargc, " \t\n")) )
00719     {
00720         lcas_log(0,"lcas.mod-parse_args_plugin(): something wrong parsing arguments of %s, rc=%d\n",
00721                  name, rc);
00722         (*xargc)++;
00723         return 1;
00724     }
00725     (*xargc)++; /* increase by one for xargv[0] */
00726     lcas_log_debug(3,"lcas.mod-parse_args_plugin(): Found %d arguments:\n", *xargc);
00727     for (i=0; i < *xargc; i++)
00728         lcas_log_debug(3,"lcas.mod-parse_args_plugin(): %d --> %s\n", i, xargv[i]);
00729 
00730     return 0;
00731 }
00732 
00733 /******************************************************************************
00734 Function:   get_procsymbol
00735 Description:
00736     get procedure symbol from dlopen-ed library
00737 
00738 Parameters:
00739     handle:  handle of dynamic library
00740     symname: name of procedure symbol
00741 Returns:
00742     handle to procedure symbol
00743     NULL: Could not get symbol
00744 ******************************************************************************/
00756 static lcas_proc_t get_procsymbol(
00757         void * handle,
00758         char * symname
00759 )
00760 {
00761     lcas_proc_t symhandle;
00762     char *error;
00763 
00764     symhandle=dlsym(handle,symname);
00765     if ((error = dlerror()) != NULL)
00766     {
00767         lcas_log(0,"lcas.mod-get_procsymbol(): dlsym error: %s",error);
00768         return NULL;
00769     }
00770     return symhandle;
00771 }
00772 
00773 /******************************************************************************
00774 Function:   clean_plugin_list
00775 Description:
00776     clean (free) the list of plugins and call the plugin termination functions
00777 
00778 Parameters:
00779     list:      pointer to list of plugins which has to be freeed.
00780 
00781 Returns:
00782     1: succes
00783     0: failure
00784 ******************************************************************************/
00796 static int clean_plugin_list(
00797         lcas_plugindl_t ** list
00798 )
00799 {
00800     int                           rc;
00801     lcas_plugindl_t *             plugin_entry=NULL;
00802 
00803     plugin_entry=*list;
00804     while (plugin_entry)
00805     {
00806         lcas_plugindl_t * plugin_next;
00807         int               i;
00808 
00809         rc = plugin_entry->procs[TERMPROC]();
00810         if (rc != LCAS_MOD_SUCCESS)
00811         {
00812             lcas_log(0,"lcas.mod-clean_plugin_list(): failed to terminate plugin module %s\n",
00813                     plugin_entry->pluginname);
00814         }
00815         lcas_log_debug(1, "lcas.mod-clean_plugin_list(): plugin module %s terminated\n",
00816                 plugin_entry->pluginname);
00817         dlclose(plugin_entry->handle);
00818 
00819         plugin_next=plugin_entry->next;
00820         for (i=0; i < plugin_entry->argc; i++)
00821         {
00822             if ((plugin_entry->argv)[i] != NULL)
00823             {
00824                 lcas_log_debug(3,"Freeing %d - %s\n",i,(plugin_entry->argv)[i]);
00825                 free((plugin_entry->argv)[i]);
00826             }
00827         }
00828         free(plugin_entry);
00829         plugin_entry=plugin_next;
00830     }
00831     *list=plugin_entry=NULL;
00832     return 0;
00833 }
00834 
00835 /******************************************************************************
00836 Function:   print_lcas_plugin
00837 Description:
00838     print the lcas_plugindl_t structure
00839 
00840 Parameters:
00841     debug_lvl: debugging level
00842     plugin:    plugin structure
00843 Returns:
00844     1: succes
00845     0: failure
00846 ******************************************************************************/
00859 static int print_lcas_plugin(
00860         int debug_lvl,
00861         lcas_plugindl_t * plugin
00862 )
00863 {
00864     int i=0;
00865 
00866     lcas_log_debug(debug_lvl,"\tplugin name                   : %s\n",plugin->pluginname);
00867     lcas_log_debug(debug_lvl,"\tplugin arguments              : %s\n",plugin->pluginargs);
00868     lcas_log_debug(debug_lvl,"\tplugin address                : %x\n",plugin);
00869     lcas_log_debug(debug_lvl,"\tplugin size                   : %d\n",sizeof(lcas_plugindl_t));
00870     lcas_log_debug(debug_lvl,"\tplugin handle                 : %x\n",plugin->handle);
00871     lcas_log_debug(debug_lvl,"\tplugin_initialize()           : %x\n",plugin->procs[INITPROC]);
00872     lcas_log_debug(debug_lvl,"\tplugin_confirm_authorization(): %x\n",plugin->procs[AUTHPROC]);
00873     lcas_log_debug(debug_lvl,"\tplugin_terminate()            : %x\n",plugin->procs[TERMPROC]);
00874     lcas_log_debug(debug_lvl,"\tplugin argc                   : %d\n",plugin->argc);
00875     for (i=0; i < plugin->argc; i++)
00876         lcas_log_debug(debug_lvl,"\tplugin argv[%2d]               : %s\n",i,(plugin->argv)[i]);
00877     lcas_log_debug(debug_lvl,"\tplugin next                   : %x\n",plugin->next);
00878     if (plugin->next != NULL)
00879         lcas_log_debug(debug_lvl,"\tplugin_next                   : %s\n",(plugin->next)->pluginname);
00880     else
00881         lcas_log_debug(debug_lvl,"\tplugin_next                   : last plugin in list\n");
00882 
00883     return 1;
00884 }
00885 
00886 /******************************************************************************
00887 Function:   lcas_get_fabric_authorization
00888 Description:
00889     Call LCAS in order to get authorization on the local fabric
00890 
00891 Parameters:
00892     request: JDL
00893     user_cred : user globus credential handle
00894 Returns:
00895     0: authorization succeeded
00896     1: authorization failed
00897 ******************************************************************************/
00898 #if ALLOW_EMPTY_CREDENTIALS
00899 int lcas_get_fabric_authorization(
00900         char * user_dn_tmp,
00901         gss_cred_id_t user_cred,
00902         lcas_request_t request
00903 )
00904 #else
00905 int lcas_get_fabric_authorization(
00906         gss_cred_id_t user_cred,
00907         lcas_request_t request
00908 )
00909 #endif
00910 {
00911     char *                        user_dn = NULL;
00912     int                           rc;
00913     int                           retval;
00914     int                           lcas_authorized=0;
00915 
00916     lcas_plugindl_t *             plugin_entry;
00917     lcas_plugindl_t *             authmod_entry;
00918 
00919 
00920     /* Default authorization = no authorization */
00921     lcas_authorized=0;
00922 
00923     if (lcas_initialized == 0)
00924     {
00925         fprintf(stderr,"LCAS has to be initialized first !\n");
00926         retval = FAILED_LCAS_OTHER;
00927         goto fail_lcas_get_fabric_authorization;
00928     }
00929     lcas_log_debug(0,"\n");
00930     lcas_log(LOG_NOTICE,"LCAS authorization request\n");
00931 
00932     /*
00933      * Create lcas credential (checks if dn can be extracted)
00934      */
00935     if ( lcas_fill_cred(user_dn_tmp, user_cred, &lcas_cred) != 0)
00936     {
00937         lcas_log(0,"lcas.mod-lcas_get_fabric_authorization() error: could not create lcas credential, something wrong\n");
00938         lcas_log(0,"                                              : with user DN and user credential\n");
00939         retval = FAILED_LCAS_OTHER;
00940         goto fail_lcas_get_fabric_authorization;
00941     }
00942     user_dn = lcas_get_dn(lcas_cred);
00943     if (user_dn == NULL)
00944     {
00945         lcas_log(0, "lcas.mod-lcas_get_fabric_authorization() error: user DN empty\n");
00946         retval = FAILED_LCAS_OTHER;
00947         goto fail_lcas_get_fabric_authorization;
00948     }
00949 
00950     lcas_log_debug(0, "lcas.mod-lcas_get_fabric_authorization(): user is %s\n", user_dn);
00951 
00952     /*
00953      *             - Call the STANDARD authorization modules
00954      */
00955     authmod_entry=authmod_list;
00956     while (authmod_entry)
00957     {
00958         rc = authmod_entry->procs[AUTHPROC](request, lcas_cred);
00959         if (rc != LCAS_MOD_SUCCESS)
00960         {
00961             lcas_log_debug(0,"lcas.mod-lcas_get_fabric_authorization(): authorization failed for standard module %s\n",
00962                     authmod_entry->pluginname);
00963             retval = FAILED_LCAS_PLUGIN;
00964             goto fail_lcas_get_fabric_authorization;
00965         }
00966         lcas_log_debug(0, "lcas.mod-lcas_get_fabric_authorization(): authorization granted by standard module %s\n",
00967                 authmod_entry->pluginname);
00968         lcas_authorized++;
00969 
00970         authmod_entry=authmod_entry->next;
00971     }
00972 
00973     /*
00974      *             - Call the PLUGIN authorization modules
00975      */
00976     plugin_entry=plugin_list;
00977     while (plugin_entry)
00978     {
00979         rc = plugin_entry->procs[AUTHPROC](request, lcas_cred);
00980         if (rc != LCAS_MOD_SUCCESS)
00981         {
00982             lcas_log_debug(0,"lcas.mod-lcas_get_fabric_authorization(): authorization failed for plugin %s\n",
00983                     plugin_entry->pluginname);
00984             retval = FAILED_LCAS_PLUGIN;
00985             goto fail_lcas_get_fabric_authorization;
00986         }
00987         lcas_log_debug(0, "lcas.mod-lcas_get_fabric_authorization(): authorization granted by plugin %s\n",
00988                 plugin_entry->pluginname);
00989         lcas_authorized++;
00990 
00991         plugin_entry=plugin_entry->next;
00992     }
00993 
00994     /*
00995      * To be done: 
00996      *             if the user is authorized call FLIDS component and return
00997      *             the (temporary) certificate.
00998      */
00999 
01000     /*
01001      * Check if lcas_authorized > 0
01002      */
01003     if ( !(lcas_authorized > 0) )
01004     {
01005         lcas_log_debug(0,"lcas.mod-lcas_get_fabric_authorization(): No authorization modules were called (check lcas db file)\n");
01006         retval = FAILED_LCAS_OTHER;
01007         goto fail_lcas_get_fabric_authorization;
01008     }
01009     else
01010         lcas_log_debug(2,"lcas.mod-lcas_get_fabric_authorization(): %d modules authorized you\n",lcas_authorized);
01011 
01012     /* success */
01013     lcas_release_cred(&lcas_cred);
01014     lcas_log_debug(0,"lcas.mod-lcas_get_fabric_authorization(): succeeded\n");
01015     return 0;
01016 
01017  fail_lcas_get_fabric_authorization:
01018     /* failure */
01019     lcas_release_cred(&lcas_cred);
01020     lcas_log_debug(0,"lcas.mod-lcas_get_fabric_authorization(): failed\n");
01021     return retval;
01022 }
01023 
01024 /******************************************************************************
01025 Function:   lcas_term
01026 Description:
01027     Terminate LCAS module: 
01028 
01029 Parameters:
01030 Returns:
01031     0: termination succeeded
01032     1: termination failed
01033 ******************************************************************************/
01034 int lcas_term()
01035 {
01036     int                           rc;
01037     lcas_plugindl_t *             plugin_entry;
01038     lcas_plugindl_t *             authmod_entry;
01039 
01040     lcas_log_debug(0,"\n");
01041     lcas_log(LOG_NOTICE,"Termination LCAS\n");
01042     /*
01043      *             - Terminate the STANDARD authorization modules
01044      *               and clean up the authmod structure
01045      */
01046     authmod_entry=authmod_list;
01047     while (authmod_entry)
01048     {
01049         lcas_plugindl_t * authmod_next;
01050         int               i;
01051 
01052         rc = authmod_entry->procs[TERMPROC]();
01053         if (rc != LCAS_MOD_SUCCESS)
01054         {
01055             lcas_log(0,"lcas.mod-lcas_term(): failed to terminate standard module %s\n",
01056                     authmod_entry->pluginname);
01057             return 1;
01058         }
01059         lcas_log_debug(1, "lcas.mod-lcas_term(): standard module %s terminated\n",
01060                 authmod_entry->pluginname);
01061 
01062         authmod_next=authmod_entry->next;
01063         for (i=0; i < authmod_entry->argc; i++)
01064         {
01065             if ((authmod_entry->argv)[i] != NULL)
01066             {
01067                 lcas_log_debug(3,"Freeing %d - %s\n",i,(authmod_entry->argv)[i]);
01068                 free((authmod_entry->argv)[i]);
01069             }
01070         }
01071         free(authmod_entry);
01072         authmod_entry=authmod_next;
01073     }
01074     authmod_list=authmod_entry=NULL;
01075 
01076     /*
01077      *             - Terminate the PLUGIN authorization modules
01078      *               and clean up the plugin structure
01079      */
01080     plugin_entry=plugin_list;
01081     while (plugin_entry)
01082     {
01083         lcas_plugindl_t * plugin_next;
01084         int               i;
01085 
01086         rc = plugin_entry->procs[TERMPROC]();
01087         if (rc != LCAS_MOD_SUCCESS)
01088         {
01089             lcas_log(0,"lcas.mod-lcas_term(): failed to terminate plugin module %s\n",
01090                     plugin_entry->pluginname);
01091             return 1;
01092         }
01093         lcas_log_debug(1, "lcas.mod-lcas_term(): plugin module %s terminated\n",
01094                 plugin_entry->pluginname);
01095 
01096         plugin_next=plugin_entry->next;
01097         for (i=0; i < plugin_entry->argc; i++)
01098         {
01099             if ((plugin_entry->argv)[i] != NULL)
01100             {
01101                 lcas_log_debug(3,"Freeing %d - %s\n",i,(plugin_entry->argv)[i]);
01102                 free((plugin_entry->argv)[i]);
01103             }
01104         }
01105         free(plugin_entry);
01106         plugin_entry=plugin_next;
01107     }
01108     plugin_list=plugin_entry=NULL;
01109 
01110     /* close logging */
01111 /*  Cannot close logfile, still used by gatekeeper
01112     lcas_log_close();
01113 */
01114 
01115     lcas_initialized=0;
01116     return 0;
01117 }
01118 
01119 /******************************************************************************
01120 CVS Information:
01121     $Source: /cvs/fabric_mgt/gridification/lcas/src/lcas.c,v $
01122     $Date: 2003/08/27 14:44:12 $
01123     $Revision: 2.14 $
01124     $Author: martijn $
01125 ******************************************************************************/
Generated at Tue Sep 23 15:06:52 2003 for edg-lcas by doxygen1.2.8.1 written by Dimitri van Heesch, © 1997-2001