00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071
00072
00073
00074
00075
00076
00077 #include "lcas_config.h"
00078 #include <stdio.h>
00079 #include <stdlib.h>
00080 #include <string.h>
00081
00082 #if HAVE_MALLOC_H
00083 #include <malloc.h>
00084 #endif
00085
00086 #include "lcas_modules.h"
00087 #include "lcas_gridlist.h"
00088
00089
00090
00091
00092 static char * modname="lcas_userban.mod";
00093 static char * userban_db = NULL;
00094
00095
00096
00097
00098
00099
00100
00101
00102
00103
00104
00105
00106
00107
00108 #if 0
00109 int plugin_initialize(char * plugin_db)
00110 #endif
00111 int plugin_initialize(int argc, char ** argv)
00112 {
00113 int i;
00114
00115 lcas_log_debug(2,"%s-plugin_initialize(): passed arguments:\n",modname);
00116 for (i=0; i < argc; i++)
00117 {
00118 lcas_log_debug(2,"%s-plugin_initialize(): arg %d is %s\n",
00119 modname,i,argv[i]);
00120 }
00121
00122 if (argc > 1)
00123 userban_db = lcas_findfile(argv[1]);
00124
00125
00126 if (userban_db == NULL)
00127 {
00128 lcas_log(0,"\t%s-plugin_initialize() error: banned user file required !\n",
00129 modname);
00130 return LCAS_MOD_NOFILE;
00131 }
00132 if (lcas_getfexist(1,userban_db) == NULL)
00133 {
00134 lcas_log(0,
00135 "\t%s-plugin_initialize() error: Cannot find banned user file: %s\n",
00136 modname,userban_db
00137 );
00138 return LCAS_MOD_NOFILE;
00139 }
00140 return LCAS_MOD_SUCCESS;
00141 }
00142
00143
00144
00145
00146
00147
00148
00149
00150
00151
00152
00153
00154
00155 int
00156 plugin_confirm_authorization(lcas_request_t request, lcas_cred_id_t lcas_cred)
00157 {
00158 int rc;
00159 char * dummy = NULL;
00160 char * user_dn = NULL;
00161
00162
00163
00164
00165 if ( (user_dn = lcas_get_dn(lcas_cred)) == NULL)
00166 {
00167 lcas_log(0, "lcas.mod-lcas_get_fabric_authorization() error: user DN empty\n");
00168 goto lcas_userban_noauth;
00169 }
00170
00171
00172 lcas_log_debug(0,"\t%s-plugin_confirm_authorization(): checking banned users in %s\n",
00173 modname,userban_db);
00174
00175 rc = lcas_gridlist(user_dn, &dummy, userban_db, MATCH_ONLY_DN, NULL, NULL);
00176
00177 if ( rc == LCAS_MOD_ENTRY )
00178 {
00179
00180 lcas_log_debug(0,"\t%s-plugin_confirm_authorization(): entry found for %s\n",
00181 modname,user_dn);
00182 goto lcas_userban_noauth;
00183 }
00184 else if ( rc == LCAS_MOD_NOFILE )
00185 {
00186
00187 lcas_log(0,
00188 "\t%s-plugin_confirm_authorization() error: Cannot find banned user file: %s\n",
00189 modname,userban_db);
00190 goto lcas_userban_nofile;
00191 }
00192
00193 lcas_userban_auth:
00194
00195 if (dummy != NULL) free(dummy);
00196 return LCAS_MOD_SUCCESS;
00197
00198 lcas_userban_noauth:
00199
00200 if (dummy != NULL) free(dummy);
00201 return LCAS_MOD_FAIL;
00202
00203 lcas_userban_nofile:
00204
00205 if (dummy != NULL) free(dummy);
00206 return LCAS_MOD_NOFILE;
00207 }
00208
00209
00210
00211
00212
00213
00214
00215
00216
00217
00218
00219 int plugin_terminate()
00220 {
00221 lcas_log_debug(1,"%s-plugin_terminate(): terminating\n",modname);
00222 if (userban_db) { free(userban_db); userban_db=NULL; }
00223
00224 return LCAS_MOD_SUCCESS;
00225 }