diff options
| author | Günther Deschner <gdeschner@redhat.com> | 2012-10-23 14:05:14 +0200 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2013-04-08 09:26:59 -0400 |
| commit | 19d091b9eaddc52d9c33ab0419029603f15db1da (patch) | |
| tree | 4f9923a7f2ecbfe517bc882f0ccf5d99ad9f0991 | |
| parent | 31d5d819608e9534af9147c77d1760eebe9a252b (diff) | |
| download | gss-proxy-19d091b9eaddc52d9c33ab0419029603f15db1da.tar.gz gss-proxy-19d091b9eaddc52d9c33ab0419029603f15db1da.tar.xz gss-proxy-19d091b9eaddc52d9c33ab0419029603f15db1da.zip | |
Abstract configuration layer for gssproxy.
Signed-off-by: Günther Deschner <gdeschner@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
| -rw-r--r-- | proxy/Makefile.am | 3 | ||||
| -rw-r--r-- | proxy/configure.ac | 3 | ||||
| -rw-r--r-- | proxy/src/gp_config.c | 155 | ||||
| -rw-r--r-- | proxy/src/gp_config.h | 47 | ||||
| -rw-r--r-- | proxy/src/gp_config_iniparser.c | 136 | ||||
| -rw-r--r-- | proxy/src/gp_config_iniparser.h | 40 |
6 files changed, 326 insertions, 58 deletions
diff --git a/proxy/Makefile.am b/proxy/Makefile.am index 4c2e514..79df078 100644 --- a/proxy/Makefile.am +++ b/proxy/Makefile.am @@ -126,6 +126,8 @@ dist_noinst_HEADERS = \ src/gp_creds.h \ src/gp_export.h \ src/gp_conv.h \ + src/gp_config.h \ + src/gp_config_iniparser.h \ src/gp_debug.h \ src/gp_rpc_creds.h \ src/mechglue/gss_plugin.h @@ -137,6 +139,7 @@ dist_noinst_HEADERS = \ gssproxy_SOURCES = \ src/gp_config.c \ + src/gp_config_iniparser.c \ src/gp_init.c \ src/gp_socket.c \ src/gp_workers.c \ diff --git a/proxy/configure.ac b/proxy/configure.ac index f07fc5e..42ab027 100644 --- a/proxy/configure.ac +++ b/proxy/configure.ac @@ -84,7 +84,8 @@ fi #Check for iniparser AC_CHECK_HEADERS([iniparser.h], - [AC_CHECK_LIB(iniparser, iniparser_set, [ INI_LIBS="-liniparser" ], + [AC_CHECK_LIB(iniparser, iniparser_set, + [ INI_LIBS="-liniparser"; AC_DEFINE([HAVE_INIPARSER], [1], [Iniparser library available.]) ], [AC_MSG_ERROR([Iniparser library must support iniparser_set])])], [AC_MSG_ERROR([Iniparser development package is not installed])] ) diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c index 075e1b7..b19c095 100644 --- a/proxy/src/gp_config.c +++ b/proxy/src/gp_config.c @@ -29,7 +29,7 @@ #include <string.h> #include <errno.h> #include "gp_proxy.h" -#include "iniparser.h" +#include "gp_config.h" static void gp_service_free(struct gp_service *svc) { @@ -43,41 +43,6 @@ static void gp_service_free(struct gp_service *svc) memset(svc, 0, sizeof(struct gp_service)); } -static char *get_char_value(dictionary *dict, - const char *secname, - const char *key) -{ - char *skey; - char *value; - int ret; - - ret = asprintf(&skey, "%s:%s", secname, key); - if (ret == -1) { - return NULL; - } - - value = iniparser_getstring(dict, skey, NULL); - free(skey); - return value; -} - -static int get_int_value(dictionary *dict, - const char *secname, - const char *key) -{ - char *skey; - int ret; - - ret = asprintf(&skey, "%s:%s", secname, key); - if (ret == -1) { - return -1; - } - - ret = iniparser_getint(dict, skey, -1); - free(skey); - return ret; -} - static bool option_is_set(const char *s) { if (strcasecmp(s, "1") == 0 || @@ -91,12 +56,12 @@ static bool option_is_set(const char *s) } static int get_krb5_mech_cfg(struct gp_service *svc, - dictionary *dict, + struct gp_ini_context *ctx, const char *secname) { const char *value; - value = get_char_value(dict, secname, "krb5_principal"); + value = gp_config_get_string(ctx, secname, "krb5_principal"); if (value) { svc->krb5.principal = strdup(value); if (!svc->krb5.principal) { @@ -104,7 +69,7 @@ static int get_krb5_mech_cfg(struct gp_service *svc, } } - value = get_char_value(dict, secname, "krb5_keytab"); + value = gp_config_get_string(ctx, secname, "krb5_keytab"); if (value) { svc->krb5.keytab = strdup(value); if (!svc->krb5.keytab) { @@ -112,7 +77,7 @@ static int get_krb5_mech_cfg(struct gp_service *svc, } } - value = get_char_value(dict, secname, "krb5_ccache"); + value = gp_config_get_string(ctx, secname, "krb5_ccache"); if (value) { svc->krb5.ccache = strdup(value); if (!svc->krb5.ccache) { @@ -135,10 +100,10 @@ static int setup_service_creds_handle(struct gp_service *svc) return 0; } -static int load_services(struct gp_config *cfg, dictionary *dict) +static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx) { int num_sec; - char *secname; + char *secname = NULL; char *value; char *token; char *handle; @@ -146,7 +111,7 @@ static int load_services(struct gp_config *cfg, dictionary *dict) int ret; int i, n; - num_sec = iniparser_getnsec(dict); + num_sec = gp_config_get_nsec(ctx); /* allocate enough space for num_sec services, * we won't waste too much space by overallocating */ @@ -157,7 +122,7 @@ static int load_services(struct gp_config *cfg, dictionary *dict) } for (i = 0; i < num_sec; i++) { - secname = iniparser_getsecname(dict, i); + secname = gp_config_get_secname(ctx, i); ret = strncmp(secname, "service/", 8); if (ret == 0) { @@ -175,24 +140,25 @@ static int load_services(struct gp_config *cfg, dictionary *dict) goto done; } - valnum = get_int_value(dict, secname, "euid"); + valnum = gp_config_get_int(ctx, secname, "euid"); if (valnum == -1) { /* malformed section, mech is missing */ GPDEBUG("Euid missing from [%s], ignoring.\n", secname); gp_service_free(cfg->svcs[n]); cfg->num_svcs--; + free(secname); continue; } cfg->svcs[n]->euid = valnum; - value = get_char_value(dict, secname, "trusted"); + value = gp_config_get_string(ctx, secname, "trusted"); if (value != NULL) { if (option_is_set(value)) { cfg->svcs[n]->trusted = true; } } - value = get_char_value(dict, secname, "kernel_nfsd"); + value = gp_config_get_string(ctx, secname, "kernel_nfsd"); if (value != NULL) { if (option_is_set(value)) { cfg->svcs[n]->kernel_nfsd = true; @@ -204,12 +170,13 @@ static int load_services(struct gp_config *cfg, dictionary *dict) goto done; } - value = get_char_value(dict, secname, "mechs"); + value = gp_config_get_string(ctx, secname, "mechs"); if (value == NULL) { /* malformed section, mech is missing */ GPDEBUG("Mechs missing from [%s], ignoring.\n", secname); gp_service_free(cfg->svcs[n]); cfg->num_svcs--; + free(secname); continue; } @@ -218,7 +185,7 @@ static int load_services(struct gp_config *cfg, dictionary *dict) ret = strcmp(value, "krb5"); if (ret == 0) { - ret = get_krb5_mech_cfg(cfg->svcs[n], dict, secname); + ret = get_krb5_mech_cfg(cfg->svcs[n], ctx, secname); if (ret == 0) { cfg->svcs[n]->mechs |= GP_CRED_KRB5; } else { @@ -237,8 +204,11 @@ static int load_services(struct gp_config *cfg, dictionary *dict) GPDEBUG("No mechs found for [%s], ignoring.\n", secname); gp_service_free(cfg->svcs[n]); cfg->num_svcs--; + free(secname); continue; } + free(secname); + secname = NULL; } } @@ -250,32 +220,58 @@ static int load_services(struct gp_config *cfg, dictionary *dict) ret = 0; done: + free(secname); return ret; } +static int gp_init_ini_context(const char *config_file, + struct gp_ini_context **ctxp) +{ + struct gp_ini_context *ctx; + int ret; + + if (!ctxp) { + return EINVAL; + } + + ctx = calloc(1, sizeof(struct gp_ini_context)); + if (!ctx) { + return ENOENT; + } + + ret = gp_config_init(config_file, ctx); + if (ret) { + return ret; + } + + *ctxp = ctx; + + return 0; +} + int load_config(struct gp_config *cfg) { - dictionary *d; + struct gp_ini_context *ctx; char *tmpstr; int ret; - d = iniparser_load(cfg->config_file); - if (!d) { - return ENOENT; + ret = gp_init_ini_context(cfg->config_file, &ctx); + if (ret) { + return ret; } - tmpstr = iniparser_getstring(d, "gssproxy:debug", NULL); + tmpstr = gp_config_get_string(ctx, "gssproxy", "debug"); if (tmpstr) { if (option_is_set(tmpstr)) { gp_debug_enable(); } } - cfg->num_workers = iniparser_getint(d, "gssproxy:worker threads", 0); + cfg->num_workers = gp_config_get_int(ctx, "gssproxy", "worker threads"); - ret = load_services(cfg, d); + ret = load_services(cfg, ctx); - iniparser_freedict(d); + gp_config_close(ctx); return ret; } @@ -358,3 +354,48 @@ void free_config(struct gp_config **cfg) free(config); *cfg = NULL; } + +#ifdef HAVE_INIPARSER +#define WITH_INIPARSER 1 +#endif + +#ifdef WITH_INIPARSER +#include "gp_config_iniparser.h" + +int gp_config_init(const char *config_file, + struct gp_ini_context *ctx) +{ + return gp_iniparser_init(config_file, ctx); +} + +char *gp_config_get_string(struct gp_ini_context *ctx, + const char *secname, + const char *keyname) +{ + return gp_iniparser_get_string(ctx, secname, keyname); +} + +int gp_config_get_int(struct gp_ini_context *ctx, + const char *secname, + const char *keyname) +{ + return gp_iniparser_get_int(ctx, secname, keyname); +} + +int gp_config_get_nsec(struct gp_ini_context *ctx) +{ + return gp_iniparser_get_nsec(ctx); +} + +char *gp_config_get_secname(struct gp_ini_context *ctx, + int i) +{ + return gp_iniparser_get_secname(ctx, i); +} + +int gp_config_close(struct gp_ini_context *ctx) +{ + return gp_iniparser_close(ctx); +} + +#endif /* WITH_INIPARSER */ diff --git a/proxy/src/gp_config.h b/proxy/src/gp_config.h new file mode 100644 index 0000000..5ae3495 --- /dev/null +++ b/proxy/src/gp_config.h @@ -0,0 +1,47 @@ +/* + GSS-PROXY + + Copyright (C) 2011 Red Hat, Inc. + Copyright (C) 2011 Simo Sorce <simo.sorce@redhat.com> + Copyright (C) 2012 Guenther Deschner <guenther.deschner@redhat.com> + + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the "Software"), + to deal in the Software without restriction, including without limitation + the rights to use, copy, modify, merge, publish, distribute, sublicense, + and/or sell copies of the Software, and to permit persons to whom the + Software is furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + DEALINGS IN THE SOFTWARE. +*/ + +#ifndef _GSS_CONFIG_H_ +#define _GSS_CONFIG_H_ + +struct gp_ini_context { + void *private_data; +}; + +int gp_config_init(const char *config_file, + struct gp_ini_context *ctx); +char *gp_config_get_string(struct gp_ini_context *ctx, + const char *secname, + const char *keyname); +int gp_config_get_int(struct gp_ini_context *ctx, + const char *secname, + const char *keyname); +int gp_config_get_nsec(struct gp_ini_context *ctx); +char *gp_config_get_secname(struct gp_ini_context *ctx, + int i); +int gp_config_close(struct gp_ini_context *ctx); + +#endif /* _GSS_CONFIG_H_ */ diff --git a/proxy/src/gp_config_iniparser.c b/proxy/src/gp_config_iniparser.c new file mode 100644 index 0000000..34288d4 --- /dev/null +++ b/proxy/src/gp_config_iniparser.c @@ -0,0 +1,136 @@ +/* + GSS-PROXY + + Copyright (C) 2011 Red Hat, Inc. + Copyright (C) 2011 Simo Sorce <simo.sorce@redhat.com> + Copyright (C) 2012 Guenther Deschner <guenther.deschner@redhat.com> + + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the "Software"), + to deal in the Software without restriction, including without limitation + the rights to use, copy, modify, merge, publish, distribute, sublicense, + and/or sell copies of the Software, and to permit persons to whom the + Software is furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + DEALINGS IN THE SOFTWARE. +*/ + +#include "config.h" +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include "gp_proxy.h" +#include "gp_config.h" +#include "gp_config_iniparser.h" + +#ifdef HAVE_INIPARSER + +#include <iniparser.h> + +char *gp_iniparser_get_string(struct gp_ini_context *ctx, + const char *secname, + const char *key) +{ + dictionary *dict; + char *skey; + char *value; + int ret; + + dict = (dictionary *)ctx->private_data; + + ret = asprintf(&skey, "%s:%s", secname, key); + if (ret == -1) { + return NULL; + } + + value = iniparser_getstring(dict, skey, NULL); + free(skey); + return value; +} + +int gp_iniparser_get_int(struct gp_ini_context *ctx, + const char *secname, + const char *key) +{ + dictionary *dict; + char *skey; + int ret; + + dict = (dictionary *)ctx->private_data; + + ret = asprintf(&skey, "%s:%s", secname, key); + if (ret == -1) { + return -1; + } + + ret = iniparser_getint(dict, skey, -1); + free(skey); + return ret; +} + +int gp_iniparser_init(const char *config_file, + struct gp_ini_context *ctx) +{ + dictionary *d; + + if (!ctx) { + return EINVAL; + } + + d = iniparser_load(config_file); + if (!d) { + return ENOENT; + } + + ctx->private_data = d; + + return 0; +} + +int gp_iniparser_close(struct gp_ini_context *ctx) +{ + dictionary *dict; + + if (!ctx) { + return 0; + } + + dict = (dictionary *)ctx->private_data; + + iniparser_freedict(dict); + + return 0; +} + +int gp_iniparser_get_nsec(struct gp_ini_context *ctx) +{ + dictionary *dict = dict = (dictionary *)ctx->private_data; + + return iniparser_getnsec(dict); +} + +char *gp_iniparser_get_secname(struct gp_ini_context *ctx, + int i) +{ + dictionary *dict = dict = (dictionary *)ctx->private_data; + char *value; + + value = iniparser_getsecname(dict, i); + if (!value) { + return NULL; + } + + return strdup(value); +} + +#endif /* HAVE_INIPARSER */ diff --git a/proxy/src/gp_config_iniparser.h b/proxy/src/gp_config_iniparser.h new file mode 100644 index 0000000..b68a3fc --- /dev/null +++ b/proxy/src/gp_config_iniparser.h @@ -0,0 +1,40 @@ +/* + GSS-PROXY + + Copyright (C) 2011 Red Hat, Inc. + Copyright (C) 2011 Simo Sorce <simo.sorce@redhat.com> + Copyright (C) 2012 Guenther Deschner <guenther.deschner@redhat.com> + + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the "Software"), + to deal in the Software without restriction, including without limitation + the rights to use, copy, modify, merge, publish, distribute, sublicense, + and/or sell copies of the Software, and to permit persons to whom the + Software is furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + DEALINGS IN THE SOFTWARE. +*/ + +#include "gp_config.h" + +char *gp_iniparser_get_string(struct gp_ini_context *ctx, + const char *secname, + const char *key); +int gp_iniparser_get_int(struct gp_ini_context *ctx, + const char *secname, + const char *key); +int gp_iniparser_init(const char *config_file, + struct gp_ini_context *ctx); +int gp_iniparser_close(struct gp_ini_context *ctx); +int gp_iniparser_get_nsec(struct gp_ini_context *ctx); +char *gp_iniparser_get_secname(struct gp_ini_context *ctx, + int i); |