/[pdpsoft]/trunk/grid-mw-security/ees/plugin_examples/localaccount/src/localaccount.c
ViewVC logotype

Diff of /trunk/grid-mw-security/ees/plugin_examples/localaccount/src/localaccount.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1711 by aramv, Wed May 19 13:53:17 2010 UTC revision 1712 by aramv, Tue May 25 14:35:26 2010 UTC
# Line 5  Line 5 
5  #include <pwd.h>  #include <pwd.h>
6  #include <pwd.h>  #include <pwd.h>
7    
 char* _gridmapfile;  
 char* _gridmapdir;  
   
 char* _mapping_attribute;  
   
 char* _obligation_name;  
 char* _attribute_user;  
 char* _attribute_group;  
   
 int   _use_names;  
 int   _use_pool;  
   
8  gid_t gid_from_user_name(char* _user_name);  gid_t gid_from_user_name(char* _user_name);
9  gid_t gid_from_uid(uid_t _uid);  gid_t gid_from_uid(uid_t _uid);
10  /*gid_t gid_from_group_name(char* _group_name);*/  /*gid_t gid_from_group_name(char* _group_name);*/
# Line 30  void print_passwd_entry(struct passwd _p Line 18  void print_passwd_entry(struct passwd _p
18    
19  EES_PL_RC plugin_initialize(int argc, char* argv[]){  EES_PL_RC plugin_initialize(int argc, char* argv[]){
20    int option_index, c;    int option_index, c;
21    
22      char* _obligation_name;
23      char* _obligation_name_attr_name;
24      char* _attribute_user;
25      char* _attribute_user_attr_name;
26      char* _attribute_group;
27      char* _attribute_group_attr_name;
28    
29      char* _gridmapfile;
30      char* _gridmapfile_attr_name;
31      char* _gridmapdir;
32      char* _gridmapdir_attr_name;
33    
34      char* _mapping_attribute;
35      int   _use_names;
36      int   _use_pool;
37    
38    
39      aos_context_t*   _none_context;
40      aos_attribute_t* _obligation_name_attr;
41      aos_attribute_t* _attribute_user_attr;
42      aos_attribute_t* _attribute_group_attr;
43      aos_attribute_t* _attribute_gridmapfile_attr;
44    
45    static struct option long_options[] =    static struct option long_options[] =
46    {    {
47      /*{"gridmap",       required_argument, 0, 'g'},*/      /*{"gridmap",       required_argument, 0, 'g'},*/
# Line 109  EES_PL_RC plugin_initialize(int argc, ch Line 121  EES_PL_RC plugin_initialize(int argc, ch
121      }      }
122    }    }
123    
124    
125      asprintf(&_attribute_user_attr_name, "user_attribute_%s", EEF_getRunningPluginName());
126      asprintf(&_attribute_group_attr_name, "group_attribute_%s", EEF_getRunningPluginName());
127      asprintf(&_obligation_name_attr_name, "obligation_name_%s", EEF_getRunningPluginName());
128      asprintf(&_gridmapfile_attr_name, "gridmap_%s", EEF_getRunningPluginName());
129    
130      /* store attribute names in AOS for lookup during run */
131    
132      if((_attribute_user_attr = createAttribute())){
133        setAttributeId(   _attribute_user_attr, _attribute_user_attr_name);
134        setAttributeValue(_attribute_user_attr, _attribute_user, strlen(_attribute_user)+1);
135      }
136    
137      if((_attribute_group_attr = createAttribute())){
138        setAttributeId(   _attribute_group_attr, _attribute_group_attr_name);
139        setAttributeValue(_attribute_group_attr, _attribute_group, strlen(_attribute_group)+1);
140      }
141    
142      if((_obligation_name_attr = createAttribute())){
143        setAttributeId(   _obligation_name_attr, _obligation_name_attr_name);
144        setAttributeValue(_obligation_name_attr, _obligation_name, strlen(_obligation_name)+1);
145      }
146    
147      if((_attribute_gridmapfile_attr = createAttribute())){
148        setAttributeId(   _attribute_gridmapfile_attr, _gridmapfile_attr_name);
149        setAttributeValue(_attribute_gridmapfile_attr, _gridmapfile, strlen(_gridmapfile)+1);
150      }
151    
152      if((_none_context = createContext(NONE)) != NULL){
153        addAttribute(_none_context, _attribute_user_attr);
154        addAttribute(_none_context, _attribute_group_attr);
155        addAttribute(_none_context, _obligation_name_attr);
156        addAttribute(_none_context, _attribute_gridmapfile_attr);
157        addContext(_none_context);
158      }
159    
160    return EES_PL_SUCCESS;    return EES_PL_SUCCESS;
161  }  }
162    
# Line 127  EES_PL_RC plugin_run(){ Line 175  EES_PL_RC plugin_run(){
175    char             *_uid_str        = NULL;    char             *_uid_str        = NULL;
176    char             *_gid_str        = NULL;    char             *_gid_str        = NULL;
177    
178    char*             _user_name      = NULL;    char             *_user_name      = NULL;
179      char             *_attribute_user;
180      char             *_attribute_user_attr_name;
181      char             *_attribute_group;
182      char             *_attribute_group_attr_name;
183      char             *_obligation;
184      char             *_obligation_name;
185    
186      char             *_gridmapfile;
187      char             *_gridmapfile_attr_name;
188    
189      char             *_mapping_attribute = "http://authz-interop.org/xacml/subject/subject-x509-id";
190      struct passwd     _tmp_pwd_s;
191    
192      /* construct field names for this instance */
193      asprintf(&_attribute_user_attr_name, "user_attribute_%s", EEF_getRunningPluginName());
194      asprintf(&_attribute_group_attr_name, "group_attribute_%s", EEF_getRunningPluginName());
195      asprintf(&_obligation_name, "obligation_name_%s", EEF_getRunningPluginName());
196      asprintf(&_gridmapfile_attr_name, "gridmap_%s", EEF_getRunningPluginName());
197    
198    /* fetch DN (subject-x509-id) */    printf("Running %s\n", EEF_getRunningPluginName());
199    
200      /* fetch _dn (subject-x509-id) */
201    rewindContexts(NULL);    rewindContexts(NULL);
202    while((_context = getNextContext(SUBJECT, NULL))){    while((_context = getNextContext(SUBJECT, NULL))){
203      rewindAttributes(_context);      rewindAttributes(_context);
# Line 140  EES_PL_RC plugin_run(){ Line 208  EES_PL_RC plugin_run(){
208      }      }
209    }    }
210    
211      /* populate fields:
212       * _attribute_user;
213       * _attribute_group;
214       * _obligation;
215       * _gridmapfile;
216       */
217      rewindContexts(NULL);
218      while((_context = getNextContext(NONE, NULL))){
219        rewindAttributes(_context);
220        while((_tmp_attr = getNextAttribute(_context))){
221          /*printf("Attribute %s at %s in %p\n", getAttributeValueAsString(_tmp_attr), getAttributeId(_tmp_attr), _tmp_attr);*/
222          if(strcmp(getAttributeId(_tmp_attr), _attribute_user_attr_name) == 0){
223            _attribute_user = getAttributeValueAsString(_tmp_attr);
224          }
225          if(strcmp(getAttributeId(_tmp_attr), _attribute_group_attr_name) == 0){
226            _attribute_group = getAttributeValueAsString(_tmp_attr);
227          }
228          if(strcmp(getAttributeId(_tmp_attr), _obligation_name) == 0){
229            _obligation = getAttributeValueAsString(_tmp_attr);
230          }
231          if(strcmp(getAttributeId(_tmp_attr), _gridmapfile_attr_name) == 0){
232            _gridmapfile = getAttributeValueAsString(_tmp_attr);
233          }
234        }
235      }
236    
237    _dn = "/O=dutchgrid/O=users/O=nikhef/CN=Aram Cornelis Zeno Verstegen";    _dn = "/O=dutchgrid/O=users/O=nikhef/CN=Aram Cornelis Zeno Verstegen";
238    /* check if a DN was found */    /* check if a DN was found */
239    if(_dn == NULL){    if(_dn == NULL){
# Line 148  EES_PL_RC plugin_run(){ Line 242  EES_PL_RC plugin_run(){
242    }    }
243    
244    /* TODO check if path to gridmapfile exists */    /* TODO check if path to gridmapfile exists */
245      printf("Gridmapfile: %s\n", _gridmapfile);
246    /* look up DN in gridmapfile */    /* look up DN in gridmapfile */
247    parse_gridmapfile(_gridmapfile, &_mappings);    parse_gridmapfile(_gridmapfile, &_mappings);
248    _mapping_line = find_mapping(_mappings, _dn, MATCH_WILD_CHARS);    _mapping_line = find_mapping(_mappings, _dn, MATCH_WILD_CHARS);
# Line 158  EES_PL_RC plugin_run(){ Line 253  EES_PL_RC plugin_run(){
253      gridmap_list_free(_mappings);      gridmap_list_free(_mappings);
254    } else {    } else {
255      gridmap_list_free(_mappings);      gridmap_list_free(_mappings);
256        printf("Set sail for fail\n");
257      goto end_failure;      goto end_failure;
258    }    }
259    
260      printf("Hoi!\n");
261    
262    /* TODO check if path to gridmapdir exists */    /* TODO check if path to gridmapdir exists */
263    
   
264    /* TODO add secondary GIDs */    /* TODO add secondary GIDs */
265    
266    /* TODO fetch something from passwd */    /* TODO fetch something from passwd */
267    
268      _tmp_pwd_s = passwd_struct_for_user_name(_user_name);
269    
270      _uid_str = username_from_passwd_struct(_tmp_pwd_s);
271      /*_gid_str = username_from_passwd_struct(_tmp_pwd_s);*/
272    
273    /*printf("Adding obligations for uid %s and gid %s\n", _uid_str, _gid_str);*/    /*printf("Adding obligations for uid %s and gid %s\n", _uid_str, _gid_str);*/
274    
275      printf("Mapping to user attribute %s\n", _attribute_user);
276      printf("Mapping to group attribute %s\n", _attribute_group);
277    
278    /* add obligation for new uid-gid */    /* add obligation for new uid-gid */
279    if((_uid_attr = createAttribute())){    if((_uid_attr = createAttribute())){
280      setAttributeId(   _uid_attr, _attribute_user);      setAttributeId(   _uid_attr, _attribute_user);
281      setAttributeValue(_uid_attr, _uid_str, strlen(_uid_str)+1);      setAttributeValue(_uid_attr, _uid_str, strlen(_uid_str)+1);
282    }    }
283    free(_uid_str);    /*free(_uid_str);*/
284    
285      printf("Set uid str\n");
286    
287    if(_gid_str){    if(_gid_str){
288      if((_gid_attr = createAttribute())){      if((_gid_attr = createAttribute())){
# Line 185  EES_PL_RC plugin_run(){ Line 291  EES_PL_RC plugin_run(){
291      }      }
292      free(_gid_str);      free(_gid_str);
293    }    }
294      printf("Bijna klaar!\n");
295    
296    if((_context = createContext(OBLIGATION)) != NULL){    if((_context = createContext(OBLIGATION)) != NULL){
297      setContextObligationId(_context, _obligation_name);      setContextObligationId(_context, _obligation_name);
298      addAttribute(_context, _uid_attr);      addAttribute(_context, _uid_attr);
299      addAttribute(_context, _gid_attr);      addAttribute(_context, _gid_attr);
300      addContext(_context);      addContext(_context);
   
301      return EES_PL_SUCCESS;      return EES_PL_SUCCESS;
302    
303    }    }
304      printf("klaar!\n");
305    
306    end_failure:    end_failure:
307      return EES_PL_FAILURE;      return EES_PL_FAILURE;
308  }  }
309    
310    EES_PL_RC get_field(char* field){
311      aos_context_t* _context;
312      aos_attribute_t* _tmp_attr;
313      while((_context = getNextContext(SUBJECT, NULL))){
314        rewindAttributes(_context);
315        while((_tmp_attr = getNextAttribute(_context))){
316          /*if(strcmp(getAttributeId(_tmp_attr), _mapping_attribute) == 0){*/
317          /*_dn = getAttributeValueAsString(_tmp_attr);*/
318          /*}*/
319        }
320      }
321      
322    }
323    
324  EES_PL_RC plugin_terminate(){  EES_PL_RC plugin_terminate(){
325      aos_context_t* _context;
326      aos_attribute_t* _tmp_attr;
327      rewindContexts(NULL);
328      while((_context = getNextContext(SUBJECT, NULL))){
329        rewindAttributes(_context);
330        while((_tmp_attr = getNextAttribute(_context))){
331          destroyAttribute(_context, _tmp_attr);
332        }
333      }
334    return EES_PL_SUCCESS;      return EES_PL_SUCCESS;  
335  }  }
336    
# Line 303  struct passwd passwd_struct_for_uid(uid_ Line 433  struct passwd passwd_struct_for_uid(uid_
433  char* username_from_passwd_struct(struct passwd _pw_entry){  char* username_from_passwd_struct(struct passwd _pw_entry){
434    char*  _uid_str     = "";    char*  _uid_str     = "";
435    
436    if(!_use_names){    /*if(!_use_names){*/
437      _uid_str = strdup(_pw_entry.pw_name);      _uid_str = strdup(_pw_entry.pw_name);
438    } else {      /*} else {*/
439      if(asprintf(&_uid_str, "%llu", (unsigned long long) _pw_entry.pw_uid) == -1){      /*if(asprintf(&_uid_str, "%llu", (unsigned long long) _pw_entry.pw_uid) == -1){*/
440        return NULL;      /*return NULL; */
441      }      /*}*/
442    }      /*}*/
443    return _uid_str;    return _uid_str;
444  }  }
445    

Legend:
Removed from v.1711  
changed lines
  Added in v.1712

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28