/[pdpsoft]/trunk/grid-mw-security/glexec/util/lcaslcmaps_getaccount_cli/lcaslcmaps_getaccount_cli.c
ViewVC logotype

Diff of /trunk/grid-mw-security/glexec/util/lcaslcmaps_getaccount_cli/lcaslcmaps_getaccount_cli.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1948 by okoeroo, Fri Sep 24 13:42:55 2010 UTC revision 1949 by dennisvd, Mon Sep 27 20:35:52 2010 UTC
# Line 28  Line 28 
28   */   */
29    
30    
 /* PEM string interface - used by gLExec */  
 #define LCMAPS_RETURN_ACCOUNT_FROM_PEM  
   
 /* Without GSI interfaces - used by WMS / Globus DAS */  
 /* #define LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI  */  
 /* #define LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI */  
31    
32    
33  #include <stdio.h>  #include <stdio.h>
# Line 84  typedef struct lcmaps_account_info_s Line 78  typedef struct lcmaps_account_info_s
78  } lcmaps_account_info_t;  } lcmaps_account_info_t;
79  #endif  #endif
80    
81    typedef enum {
82        LCMAPS_RETURN_ACCOUNT_FROM_PEM,
83        LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI,
84        LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI,
85    } lcmaps_mode_t;
86    
87    
88  /* Define to have getopt() behave POSIX correctly */  /* Define to have getopt() behave POSIX correctly */
89  #define POSIXLY_CORRECT  #define POSIXLY_CORRECT
90    
# Line 197  void lcmaps_print_account(lcmaps_account Line 198  void lcmaps_print_account(lcmaps_account
198  }  }
199    
200  /* Dynamically loads LCMAPS library and all needed symbols */  /* Dynamically loads LCMAPS library and all needed symbols */
201  int loadlcmaps(lcmaps_library_t *lib)   {  int loadlcmaps(lcmaps_library_t *lib, lcmaps_mode_t mode) {
202      /* Make sure lib->handle has welldefined value */      /* Make sure lib->handle has welldefined value */
203      lib->handle=lib->helper=NULL;      lib->handle=lib->helper=NULL;
204    
# Line 226  int loadlcmaps(lcmaps_library_t *lib)  { Line 227  int loadlcmaps(lcmaps_library_t *lib)  {
227      /* lib->helper now contains the handle containing get*VersionNumber() */      /* lib->helper now contains the handle containing get*VersionNumber() */
228    
229      /* Now load the real library */      /* Now load the real library */
230  #ifdef LCMAPS_RETURN_ACCOUNT_FROM_PEM      switch (mode) {
231      if ( (lib->handle=dlopen("liblcmaps_return_account_from_pem.so",      case LCMAPS_RETURN_ACCOUNT_FROM_PEM:
232                               RTLD_NOW | RTLD_GLOBAL))==NULL )   {        if ( (lib->handle=dlopen("liblcmaps_return_account_from_pem.so",
233                                   RTLD_NOW | RTLD_GLOBAL))==NULL ) {
234          fprintf(stderr,"Error: %s\n",dlerror());          fprintf(stderr,"Error: %s\n",dlerror());
235          return 1;          return 1;
236      }        }
237  #endif        break;
238  #ifdef LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI      case LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI:
239      if ( (lib->handle=dlopen("liblcmaps_return_poolindex_without_gsi.so",        if ( (lib->handle=dlopen("liblcmaps_return_poolindex_without_gsi.so",
240                               RTLD_NOW | RTLD_GLOBAL))==NULL )   {                                 RTLD_NOW | RTLD_GLOBAL))==NULL ) {
241          fprintf(stderr,"Error: %s\n",dlerror());          fprintf(stderr,"Error: %s\n",dlerror());
242          return 1;          return 1;
243      }        }
244  #endif        break;
245  #ifdef LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI      case LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI:
246      /* if ( (lib->handle=dlopen("liblcmaps_without_gsi.so", */      /* if ( (lib->handle=dlopen("liblcmaps_without_gsi.so", */
247      if ( (lib->handle=dlopen("liblcmaps_return_poolindex_without_gsi.so",        if ( (lib->handle=dlopen("liblcmaps_return_poolindex_without_gsi.so",
248                               RTLD_NOW | RTLD_GLOBAL))==NULL )   {                                 RTLD_NOW | RTLD_GLOBAL))==NULL ) {
249          fprintf(stderr,"Error: %s\n",dlerror());          fprintf(stderr,"Error: %s\n",dlerror());
250          return 1;          return 1;
251          }
252      }      }
253  #endif  
254    #define print_dlerror_and_return { fprintf(stderr,"Error: %s\n",dlerror()); \
255            dlclose(lib->handle);                                           \
256            dlclose(lib->helper);                                           \
257        return 1; }
258    
259      /* Load functions */      /* Load functions */
260      if ( (lib->lcmaps_init=      if ( (lib->lcmaps_init=
261              (int (*)(FILE*))            (int (*)(FILE*)) dlsym(lib->handle,"lcmaps_init"))==NULL ||
                 dlsym(lib->handle,"lcmaps_init"))==NULL ||  
262           (lib->lcmaps_account_info_init=           (lib->lcmaps_account_info_init=
263              (int (*)(lcmaps_account_info_t*))            (int (*)(lcmaps_account_info_t*))
264                  dlsym(lib->handle,"lcmaps_account_info_init"))==NULL ||            dlsym(lib->handle,"lcmaps_account_info_init"))==NULL ||
 #ifdef LCMAPS_RETURN_ACCOUNT_FROM_PEM  
          (lib->lcmaps_return_account_from_pem=  
             (int (*)(char*,int,lcmaps_account_info_t*))  
                 dlsym(lib->handle,"lcmaps_return_account_from_pem"))==NULL ||  
 #endif  
 #ifdef LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI  
          (lib->lcmaps_return_poolindex_without_gsi=  
             (int (*)(char*,char**,int,lcmaps_account_info_t*))  
                 dlsym(lib->handle,"lcmaps_return_poolindex_without_gsi"))==NULL ||  
 #endif  
 #ifdef LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI  
          (lib->lcmaps_return_account_without_gsi=  
             (int (*)(char*,char**,int,int,lcmaps_account_info_t*))  
                 dlsym(lib->handle,"lcmaps_return_account_without_gsi"))==NULL ||  
 #endif  
265           (lib->lcmaps_term=           (lib->lcmaps_term=
266              (int (*)(void))            (int (*)(void)) dlsym(lib->handle,"lcmaps_term"))==NULL )   {
                 dlsym(lib->handle,"lcmaps_term"))==NULL )   {  
267          fprintf(stderr,"Error: %s\n",dlerror());          fprintf(stderr,"Error: %s\n",dlerror());
268          dlclose(lib->handle);          dlclose(lib->handle);
269          dlclose(lib->helper);          dlclose(lib->helper);
270          return 1;          return 1;
271      }      }
272        
273        switch (mode) {
274            case  LCMAPS_RETURN_ACCOUNT_FROM_PEM:
275                if ( (lib->lcmaps_return_account_from_pem=
276                      (int (*)(char*,int,lcmaps_account_info_t*))
277                      dlsym(lib->handle,"lcmaps_return_account_from_pem"))==NULL ) {
278                    fprintf(stderr,"Error: %s\n",dlerror());
279                    dlclose(lib->handle);
280                    dlclose(lib->helper);
281                    return 1;
282                }
283                break;
284            case  LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI:
285                if ( (lib->lcmaps_return_poolindex_without_gsi=
286                 (int (*)(char*,char**,int,lcmaps_account_info_t*))
287                      dlsym(lib->handle,"lcmaps_return_poolindex_without_gsi"))==NULL )
288                    print_dlerror_and_return;
289                break;
290            case LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI:
291                if ( (lib->lcmaps_return_account_without_gsi=
292                 (int (*)(char*,char**,int,int,lcmaps_account_info_t*))
293                      dlsym(lib->handle,"lcmaps_return_account_without_gsi"))==NULL )
294                    print_dlerror_and_return;
295        }
296        
297    
298      return 0;      return 0;
299  }  }
300    
301    
302    
 #ifdef LCMAPS_RETURN_ACCOUNT_FROM_PEM  
303  /* Loads LCMAPS library and does a run, for given pemstring and to logfile or  /* Loads LCMAPS library and does a run, for given pemstring and to logfile or
304   * syslog when logfile is NULL. */   * syslog when logfile is NULL. */
305  int lcmaps(char *pemstring,FILE *logfile)       {  int lcmaps_pem(char *pemstring,FILE *logfile)   {
306      int rc;      int rc;
307      lcmaps_library_t lib;      lcmaps_library_t lib;
308      lcmaps_account_info_t account;      lcmaps_account_info_t account;
309    
310      /* Load lcmaps library and symbols */      /* Load lcmaps library and symbols */
311      if (loadlcmaps(&lib))      if (loadlcmaps(&lib, LCMAPS_RETURN_ACCOUNT_FROM_PEM))
312          return 1;          return 1;
313    
314      /* Do a run */      /* Do a run */
# Line 326  finalize: Line 340  finalize:
340      dlclose(lib.handle);      dlclose(lib.handle);
341      return rc;      return rc;
342  }  }
 #endif  
   
343    
344  #ifdef LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI  int lcmaps_nogsi_pool(char *my_dn, char *fqan, FILE *logfile)   {
 int lcmaps(char *pemstring,FILE *logfile)       {  
345      int rc;      int rc;
346      lcmaps_library_t lib;      lcmaps_library_t lib;
347      lcmaps_account_info_t account;      lcmaps_account_info_t account;
348    
     char *  my_dn = "/O=dutchgrid/O=users/O=nikhef/CN=Oscar Koeroo";  
349      char ** fqans = NULL;      char ** fqans = NULL;
350    
351      fqans = malloc(sizeof(char*) * 2);      fqans = malloc(sizeof(char*) * 2);
352      fqans[0] = strdup("/dteam/Role=NULL/Capability=NULL");      fqans[0] = strdup(fqan);
353    
354      /* Load lcmaps library and symbols */      /* Load lcmaps library and symbols */
355      if (loadlcmaps(&lib))      if (loadlcmaps(&lib,LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI))
356          return 1;          return 1;
357    
358      /* Do a run */      /* Do a run */
# Line 374  finalize: Line 384  finalize:
384      dlclose(lib.handle);      dlclose(lib.handle);
385      return rc;      return rc;
386  }  }
 #endif  
387    
388  #ifdef LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI  int lcmaps_nogsi_account(char *my_dn, char *fqan, FILE *logfile) {
 int lcmaps(char *pemstring,FILE *logfile)       {  
389      int rc;      int rc;
390      lcmaps_library_t lib;      lcmaps_library_t lib;
391      lcmaps_account_info_t account;      lcmaps_account_info_t account;
392    
     char *  my_dn = "/O=dutchgrid/O=users/O=nikhef/CN=Oscar Koeroo";  
393      char ** fqans = NULL;      char ** fqans = NULL;
394    
395      fqans = malloc(sizeof(char*) * 2);      fqans = malloc(sizeof(char*) * 2);
396      fqans[0] = strdup("/dteam/Role=NULL/Capability=NULL");      fqans[0] = strdup(fqan);
397    
398      /* Load lcmaps library and symbols */      /* Load lcmaps library and symbols */
399      if (loadlcmaps(&lib))      if (loadlcmaps(&lib, LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI))
400          return 1;          return 1;
401    
402      /* Do a run */      /* Do a run */
# Line 421  finalize: Line 428  finalize:
428      dlclose(lib.handle);      dlclose(lib.handle);
429      return rc;      return rc;
430  }  }
 #endif  
   
   
431    
432    
433  /* Parses the options for LCAS and opens the logfile when needed */  /* Parses the options for LCAS and opens the logfile when needed */
# Line 570  void usage(char *prog)   { Line 574  void usage(char *prog)   {
574      int uid=(int)getuid();      int uid=(int)getuid();
575    
576      printf("Usage: %s [options]\n\n",prog);      printf("Usage: %s [options]\n\n",prog);
577      printf("Valid options are:\n");      printf("Valid options are:\n"
578      printf(" -h        print this help text.\n");             " -h        print this help text.\n\n"
579      printf("\n -s        send output to stderr instead of syslog or file.\n");             " -s        send output to stderr instead of syslog or file.\n"
580      printf(" -q        quiet output (no warnings).\n");             " -q        quiet output (no warnings).\n"
581      printf(" -p<file>  read pemstring from given file.\n");             " -p<file>  read pemstring from given file.\n"
582      printf(" -x<file>  set or override X509_USER_PROXY to given file.\n");             " -x<file>  set or override X509_USER_PROXY to given file.\n\n"
583      printf("\n -V<dir>   set or override X509_VOMS_DIR to given dir.\n");             " -V<dir>   set or override X509_VOMS_DIR to given dir.\n"
584      printf(" -C<dir>   set or override X509_CERT_DIR to given dir.\n");             " -C<dir>   set or override X509_CERT_DIR to given dir.\n\n"
585      printf("\n -L[opts]  run LCAS with given options: ");             " -L[opts]  run LCAS with given options: "
586      printf("<var>=<value>,<var=value>,...\n");             "<var>=<value>,<var=value>,...\n"
587      printf("   db=<file>      set or override LCAS_DB_FILE.\n");             "   db=<file>      set or override LCAS_DB_FILE.\n"
588      printf("   debug=<level>  set or override LCAS_DEBUG_LEVEL.\n");             "   debug=<level>  set or override LCAS_DEBUG_LEVEL.\n"
589  /*    printf("   log=<level>    set or override LCAS_LOG_LEVEL (which is ignored).\n");*/             /*  "   log=<level>    set or override LCAS_LOG_LEVEL (which is ignored).\n"*/
590      printf("   rsl=<string>   set rsl string (needs to be quoted).\n");             "   rsl=<string>   set rsl string (needs to be quoted).\n"
591      printf("   file=<file>    send debug/log output to file instead of ");             "   file=<file>    send debug/log output to file instead of "
592      printf("syslog, ignored\n                  when -s is specified.\n");             "syslog, ignored\n                  when -s is specified.\n"
593      printf("\n -l[opts]  run LCMAPS with given options: ");             "\n -l[opts]  run LCMAPS with given options: "
594      printf("<var>=<value>,<var=value>,...\n");             "<var>=<value>,<var=value>,...\n"
595      printf("   db=<file>      set or override LCMAPS_DB_FILE.\n");             "   db=<file>      set or override LCMAPS_DB_FILE.\n"
596      printf("   policy=<name>  set or override LCMAPS_POLICY_NAME.\n");             "   policy=<name>  set or override LCMAPS_POLICY_NAME.\n"
597      printf("   debug=<level>  set or override LCMAPS_DEBUG_LEVEL.\n");             "   debug=<level>  set or override LCMAPS_DEBUG_LEVEL.\n"
598  /*    printf("   log=<level>    set or override LCMAPS_LOG_LEVEL (which is ignored).\n");*/             /*  "   log=<level>    set or override LCMAPS_LOG_LEVEL (which is ignored).\n"*/
599      printf("   file=<file>    send debug/log output to file instead of ");             "   file=<file>    send debug/log output to file instead of "
600      printf("syslog, ignored\n                  when -s is specified.\n");             "syslog, ignored\n                  when -s is specified.\n\n"
601               " LCMAPS normally extracts all information from a PEM string (i.e. a proxy \n"
602               " certificate), but it can be run in a mode \"without_gsi\" where the data such\n"
603               " as the DN and FQAN are passed as plain strings, as set on the command line.\n"
604               " with -d and -f.\n"
605               " -m pem          run LCMAPS get_account with full pem string (default).\n"
606               " -m nogsi_pi     run LCMAPS return_poolindex_without_gsi\n"
607               " -m nogsi_ga     run LCMAPS return_account_without_gsi\n"
608               " -d<DN>          use DN (in without_gsi mode)\n"
609               " -f<FQAN>        use FQAN (in without_gsi mode)\n"
610               );
611      printf("\nExample:\n");      printf("\nExample:\n");
612      printf(" %s -s -p/tmp/x509up_u%d -x/tmp/x509up_u%d \\\n",prog,uid,uid);      printf(" %s -s -p/tmp/x509up_u%d -x/tmp/x509up_u%d \\\n",prog,uid,uid);
613      printf("    -L debug=5,db=/tmp/lcas.db \\\n");      printf("    -L debug=5,db=/tmp/lcas.db \\\n");
# Line 614  int main(int argc, char *argv[])       { Line 628  int main(int argc, char *argv[])       {
628      FILE *lcmaps_logfile=NULL,*lcas_logfile=NULL;      FILE *lcmaps_logfile=NULL,*lcas_logfile=NULL;
629      int do_lcas=0,do_lcmaps=0,verbose=1;      int do_lcas=0,do_lcmaps=0,verbose=1;
630      char *pemstring=NULL,*rsl=NULL;      char *pemstring=NULL,*rsl=NULL;
631        lcmaps_mode_t mode = LCMAPS_RETURN_ACCOUNT_FROM_PEM;
632        char *dn = NULL;
633        char *fqan = NULL;
634    
635      /* Parse the commandline options */      /* Parse the commandline options */
636      while ((opt = getopt(argc, argv, ":hsqp:x:V:C:l:L:")) != -1) {      while ((opt = getopt(argc, argv, ":hsqp:x:V:C:l:L:m:d:f:")) != -1) {
637          switch (opt) {          switch (opt) {
638              case 'h':              case 'h':
639                  usage(argv[0]);                  usage(argv[0]);
# Line 652  int main(int argc, char *argv[])       { Line 669  int main(int argc, char *argv[])       {
669                  lcas_set_vars(optarg,&rsl,&lcas_logfile);                  lcas_set_vars(optarg,&rsl,&lcas_logfile);
670                  if (optarg[0]=='-') optind--;                  if (optarg[0]=='-') optind--;
671                  break;                  break;
672                case 'm':
673                    if (strcmp(optarg, "pem") == 0) {
674                        mode = LCMAPS_RETURN_ACCOUNT_FROM_PEM;
675                    } else if (strcmp(optarg, "nogsi_pi") == 0) {
676                        mode = LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI;
677                    } else if (strcmp(optarg, "nogsi_ga") == 0) {
678                        mode = LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI;
679                    } else {
680                        fprintf(stderr, "option -m requires one of pem, nogsi_pi, nogsi_ga.\n"
681                                "Use -h for help.\n");
682                        exit(EXIT_FAILURE);
683                    }
684                    break;
685                case 'd':
686                    dn = optarg;
687                    break;
688                case 'f':
689                    fqan = optarg;
690                    break;
691              case ':':              case ':':
692                  /* Option did not receive an expected argument (only when last                  /* Option did not receive an expected argument (only when last
693                   * of line get here, otherwise next option is used as argument),                   * of line get here, otherwise next option is used as argument),
# Line 702  int main(int argc, char *argv[])       { Line 738  int main(int argc, char *argv[])       {
738                  fprintf(stderr,"Warning: using LCMAPS default db file.\n");                  fprintf(stderr,"Warning: using LCMAPS default db file.\n");
739              if (getenv("LCMAPS_POLICY_NAME")==NULL)              if (getenv("LCMAPS_POLICY_NAME")==NULL)
740                  fprintf(stderr,"Warning: using LCMAPS default policy name.\n");                  fprintf(stderr,"Warning: using LCMAPS default policy name.\n");
741                if ( (mode == LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI ||
742                      mode == LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI) &&
743                     dn == NULL)
744                    fprintf(stderr,"Warning: running without GSI with NULL DN string.\n");
745          }          }
746      }      }
747    
# Line 714  int main(int argc, char *argv[])       { Line 754  int main(int argc, char *argv[])       {
754    
755      /* Do LCMAPS when requested */      /* Do LCMAPS when requested */
756      if (do_lcmaps)  {      if (do_lcmaps)  {
757          rc=lcmaps(pemstring,lcmaps_logfile);          switch (mode) {
758                case LCMAPS_RETURN_ACCOUNT_FROM_PEM:
759                    rc=lcmaps_pem(pemstring,lcmaps_logfile);
760                    break;
761                case LCMAPS_RETURN_POOLINDEX_WITHOUT_GSI:
762                    rc=lcmaps_nogsi_pool(dn,fqan,lcmaps_logfile);
763                    break;
764                case LCMAPS_RETURN_ACCOUNT_WITHOUT_GSI:
765                    rc=lcmaps_nogsi_account(dn,fqan,lcmaps_logfile);
766            }
767          if (rc!=0) fprintf(stderr,"LCMAPS failed.\n");          if (rc!=0) fprintf(stderr,"LCMAPS failed.\n");
768      }      }
769    

Legend:
Removed from v.1948  
changed lines
  Added in v.1949

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28