Main Page | Data Structures | File List | Data Fields | Globals

voms_api.h

Go to the documentation of this file.
00001 /*********************************************************************
00002  *
00003  * Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it 
00004  *
00005  * Copyright (c) Members of the EGEE Collaboration. 2004-2010.
00006  * See http://www.eu-egee.org/partners/ for details on the copyright holders.
00007  *
00008  * Licensed under the Apache License, Version 2.0 (the "License");
00009  * you may not use this file except in compliance with the License.
00010  * You may obtain a copy of the License at
00011  *
00012  *    http://www.apache.org/licenses/LICENSE-2.0
00013  *
00014  * Unless required by applicable law or agreed to in writing, software
00015  * distributed under the License is distributed on an "AS IS" BASIS,
00016  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00017  * See the License for the specific language governing permissions and
00018  * limitations under the License.
00019  *
00020  * Parts of this code may be based upon or even include verbatim pieces,
00021  * originally written by other people, in which case the original header
00022  * follows.
00023  *
00024  *********************************************************************/
00025 
00026 #ifndef VOMS_API_H
00027 #define VOMS_API_H
00028 
00029 #include <fstream>
00030 #include <string>
00031 #include <vector>
00032 
00033 #define NOGLOBUS
00034 extern "C" {
00035 #ifndef GSSAPI_H_
00036 typedef void * gss_cred_id_t;
00037 typedef void * gss_ctx_id_t;
00038 #endif
00039 
00040 #include <openssl/x509.h>
00041 #include <openssl/bio.h>
00042 #include <sys/types.h>
00043 #include "newformat.h"
00044 }
00045 
00048 struct data {
00049   std::string group; 
00050   std::string role;  
00051   std::string cap;   
00052 };
00053 
00056 struct attribute {
00057   std::string name;      
00058   std::string qualifier; 
00059   std::string value;     
00060 };
00061 
00062 struct attributelist {
00063   std::string grantor;               
00064   std::vector<attribute> attributes; 
00065 };
00066 
00067 
00070 enum data_type { 
00071   TYPE_NODATA,  
00072   TYPE_STD,     
00073   TYPE_CUSTOM   
00074 };
00075 
00076 struct contactdata {   
00080   std::string  nick;    
00081   std::string  host;    
00082   std::string  contact; 
00083   std::string  vo;      
00084   int          port;      
00086   int          version; 
00087 };
00088 
00089 class vomspriv;
00090 
00091 struct voms {
00092   friend class vomsdata;
00093   int version;             
00094   int siglen;              
00095   std::string signature;   
00096   std::string user;        
00097   std::string userca;      
00098   std::string server;      
00099   std::string serverca;    
00100   std::string voname;      
00101   std::string uri;         
00102   std::string date1;       
00103   std::string date2;       
00104   data_type type;          
00105   std::vector<data> std;   
00106   std::string custom;      
00107   /* Data below this line only makes sense if version >= 1 */
00108   std::vector<std::string> fqan; 
00109   std::string serial;      
00110   /* Data below this line is private. */
00111 
00112 private:
00113   void *realdata;                  
00114   X509 *holder;
00115 public:
00116   voms(const voms &);
00117   voms();
00118   voms &operator=(const voms &);
00119   ~voms();
00120 
00121 private:
00122   struct vomsr *translate();
00123   friend int TranslateVOMS(struct vomsdatar *vd, std::vector<voms>&v, int *error);
00124 
00125 public:
00126   AC *GetAC();
00127 
00128 public:
00129   std::vector<attributelist>& GetAttributes();   
00130   std::vector<std::string> GetTargets();
00131 
00132 private:
00133   vomspriv *vp;
00134 };
00135 
00136 enum recurse_type { 
00137   RECURSE_CHAIN, 
00138   RECURSE_NONE,
00139   RECURSE_DEEP
00140 };
00141 
00142 enum verify_type {
00143   VERIFY_FULL      = 0xffffffff,
00144   VERIFY_NONE      = 0x00000000,
00145   VERIFY_DATE      = 0x00000001,
00146   VERIFY_TARGET    = 0x00000002,
00147   VERIFY_KEY       = 0x00000004,
00148   VERIFY_SIGN      = 0x00000008,
00149   VERIFY_ORDER     = 0x00000010,
00150   VERIFY_ID        = 0x00000020,
00151   VERIFY_CERTLIST  = 0x00000040
00152 };
00153 
00156 enum verror_type { 
00157   VERR_NONE,
00158   VERR_NOSOCKET,   
00159   VERR_NOIDENT,    
00160   VERR_COMM,       
00161   VERR_PARAM,      
00162   VERR_NOEXT,      
00163   VERR_NOINIT,     
00164   VERR_TIME,       
00165   VERR_IDCHECK,    
00166   VERR_EXTRAINFO,  
00167   VERR_FORMAT,     
00168   VERR_NODATA,     
00169   VERR_PARSE,      
00170   VERR_DIR,        
00171   VERR_SIGN,       
00172   VERR_SERVER,     
00173   VERR_MEM,        
00174   VERR_VERIFY,     
00175   //  VERR_IDENT, 
00176   VERR_TYPE,       
00177   VERR_ORDER,      
00178   VERR_SERVERCODE, 
00179   VERR_NOTAVAIL,   
00180   VERR_FILE        
00181 };
00182 
00183 typedef bool (*check_sig)(X509 *, void *, verror_type &); 
00185 class vomsdatapriv;
00186 
00187 struct vomsdata {
00188   private:
00189   class Initializer {
00190   public:
00191     Initializer();
00192   private:
00193     Initializer(Initializer &);
00194   };
00195 
00196   private:
00197   static Initializer init;
00198   std::string ca_cert_dir;
00199   std::string voms_cert_dir;
00200   int duration;
00201   std::string ordering;
00202   std::vector<contactdata> servers;
00203   std::vector<std::string> targets;
00204 
00205   public:
00206   verror_type error; 
00208   vomsdata(std::string voms_dir = "", 
00209            std::string cert_dir = ""); 
00220   bool LoadSystemContacts(std::string dir = ""); 
00227   bool LoadUserContacts(std::string dir = ""); 
00237   std::vector<contactdata> FindByAlias(std::string alias); 
00245   std::vector<contactdata> FindByVO(std::string vo); 
00253   void Order(std::string att); 
00260   void ResetOrder(void); 
00262   void AddTarget(std::string target);         
00267   std::vector<std::string> ListTargets(void); 
00269   void ResetTargets(void);        
00270   std::string ServerErrors(void); 
00272   bool Retrieve(X509 *cert, STACK_OF(X509) *chain, 
00273                 recurse_type how = RECURSE_CHAIN); 
00282   bool Contact(std::string hostname, int port, 
00283                std::string servsubject, 
00284                std::string command); 
00294   bool Contact(std::string hostname, int port, 
00295                std::string servsubject, 
00296                std::string command,
00297                int timeout); 
00308   bool ContactRaw(std::string hostname, int port, 
00309                   std::string servsubject, 
00310                   std::string command,
00311                   std::string &raw,
00312       int& version);  
00321   bool ContactRaw(std::string hostname, int port, 
00322                   std::string servsubject, 
00323                   std::string command,
00324                   std::string &raw,
00325       int& version,
00326       int timeout);  
00336   void SetVerificationType(verify_type how); 
00340   void SetLifetime(int lifetime); 
00344   bool Import(std::string buffer);
00351   bool Export(std::string &data); 
00358   bool DefaultData(voms &); 
00361   std::vector<voms> data; 
00364   std::string workvo;     
00365   std::string extra_data; 
00374 private:
00375   bool loadfile(std::string, uid_t uid, gid_t gid);
00376   bool loadfile0(std::string, uid_t uid, gid_t gid);
00377   bool verifydata(std::string &message, std::string subject, std::string ca, 
00378                   X509 *holder, voms &v);
00379   bool check_cert(X509 *cert);
00380   bool retrieve(X509 *cert, STACK_OF(X509) *chain, recurse_type how,
00381                 AC_SEQ **listnew, std::string &subject, std::string &ca,
00382                 X509 **holder);
00383   verify_type ver_type;
00384 
00385   std::string serverrors;
00386   std::string errmessage;
00387   
00388   void seterror(verror_type, std::string);
00389 
00390   bool check_sig_ac(X509 *, void *);
00391   X509 *check(void *);
00392   bool contact(const std::string&, int, const std::string&,
00393                const std::string&, std::string&, std::string&,
00394                std::string&, int timeout);
00395   bool verifydata(AC *ac, const std::string& subject, const std::string& ca, 
00396                   X509 *holder, voms &v);
00397   bool evaluate(AC_SEQ *, const std::string&, const std::string&, X509*);
00398 
00399 public:
00400 
00401   std::string ErrorMessage(void); 
00404 #ifdef NOGLOBUS
00405   bool RetrieveFromCtx(gss_ctx_id_t context, recurse_type how); 
00410   bool RetrieveFromCred(gss_cred_id_t credential, recurse_type how);  
00414 #endif
00415 
00416   bool Retrieve(X509_EXTENSION *ext); 
00420   bool RetrieveFromProxy(recurse_type how); 
00424   bool Retrieve(FILE *file, recurse_type how); 
00431   bool Retrieve(AC *ac);
00435   ~vomsdata();
00436 private:
00437   //  X509 *check_file(void *);
00438   bool check_cert(STACK_OF(X509) *);
00439   X509 *check_from_certs(AC *ac, const std::string& voname);
00440   X509 *check_from_file(AC *, std::ifstream&, const std::string &vo, const std::string &filename);
00441 
00442 public:
00443   vomsdata(const vomsdata &);
00444 
00445 private:
00446   int retry_count;
00447   
00448 public:
00449   void SetRetryCount(int retryCount);
00450   
00451 public:
00452   void SetVerificationTime(time_t);
00453                                   
00454 private:
00455   time_t verificationtime;
00456   bool verifyac(X509 *, X509 *, AC*, time_t, voms&);
00457 
00458 public:
00459   bool LoadCredentials(X509*, EVP_PKEY *, STACK_OF(X509) *);
00460   bool ContactRESTRaw(const std::string&, int, const std::string&, std::string&, int, int);
00461 
00462 private:
00463   bool InterpretOutput(const std::string&, std::string&);
00464 
00465 private:
00466   vomsdatapriv *vdp;
00467 };
00468 
00469 
00470 extern "C" {
00471 int getVOMSMajorVersionNumber(void);
00472 int getVOMSMinorVersionNumber(void);
00473 int getVOMSPatchVersionNumber(void);
00474 }
00475 
00476 #endif

Generated on Sat Oct 15 12:33:23 2011 for VOMS CC API by  doxygen 1.3.9.1