00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036 #ifndef HEADER_GRIDSITE_H
00037 #define HEADER_GRIDSITE_H
00038
00039 #ifndef GRST_VERSION
00040 #define GRST_VERSION 010500
00041 #endif
00042
00043 #ifdef __cplusplus
00044 extern "C" {
00045 #endif
00046
00047 #ifndef GRST_NO_OPENSSL
00048
00049 #ifndef HEADER_SSL_H
00050 #include <openssl/ssl.h>
00051 #endif
00052
00053 #ifndef HEADER_CRYPTO_H
00054 #include <openssl/crypto.h>
00055 #endif
00056
00057 #endif
00058
00059 #ifndef _TIME_H
00060 #include <time.h>
00061 #endif
00062
00063 #ifndef _STDIO_H
00064 #include <stdio.h>
00065 #endif
00066
00067 #ifndef _STDINT_H
00068 #include <stdint.h>
00069 #endif
00070
00071 #ifndef FALSE
00072 #define FALSE (0)
00073 #endif
00074 #ifndef TRUE
00075 #define TRUE (!FALSE)
00076 #endif
00077
00078
00079 #define GRST_RET_OK 0
00080
00081
00082 #define GRST_RET_FAILED 1000
00083
00084
00085 #define GRST_RET_CERT_NOT_FOUND 1001
00086
00087
00088 #define GRST_RET_BAD_SIGNATURE 1002
00089
00090
00091 #define GRST_RET_NO_SUCH_FILE 1003
00092
00093
00094
00095 #define GRSTerrorLog(GRSTerrorLevel, ...) ((GRSTerrorLogFunc != NULL) && ((GRSTerrorLogFunc)(__FILE__, __LINE__, GRSTerrorLevel, __VA_ARGS__)))
00096
00097 extern int (*GRSTerrorLogFunc)(char *, int, int, char *, ...);
00098
00099
00100
00101 #define GRST_LOG_EMERG 0
00102 #define GRST_LOG_ALERT 1
00103 #define GRST_LOG_CRIT 2
00104 #define GRST_LOG_ERR 3
00105 #define GRST_LOG_WARNING 4
00106 #define GRST_LOG_NOTICE 5
00107 #define GRST_LOG_INFO 6
00108 #define GRST_LOG_DEBUG 7
00109
00110 #define GRST_MAX_TIME_T INT32_MAX
00111
00112 typedef struct { char *auri;
00113 int delegation;
00114 int nist_loa;
00115 time_t notbefore;
00116 time_t notafter;
00117 void *next; } GRSTgaclCred;
00118
00119
00120 __attribute__ ((deprecated))
00121 typedef struct { char *name;
00122 char *value;
00123 void *next; } GRSTgaclNamevalue;
00124
00125 typedef int GRSTgaclAction;
00126 typedef unsigned int GRSTgaclPerm;
00127
00128 typedef struct { GRSTgaclCred *firstcred;
00129 GRSTgaclPerm allowed;
00130 GRSTgaclPerm denied;
00131 void *next; } GRSTgaclEntry;
00132
00133 typedef struct { GRSTgaclEntry *firstentry; } GRSTgaclAcl;
00134
00135 typedef struct { GRSTgaclCred *firstcred; char *dnlists; } GRSTgaclUser;
00136
00137 #define GRST_PERM_NONE 0
00138 #define GRST_PERM_READ 1
00139 #define GRST_PERM_EXEC 2
00140 #define GRST_PERM_LIST 4
00141 #define GRST_PERM_WRITE 8
00142 #define GRST_PERM_ADMIN 16
00143 #define GRST_PERM_ALL 31
00144
00145
00146 #define GRSTgaclPermIsNone(perm) ((perm) == 0)
00147
00148 #define GRSTgaclPermHasNone(perm) ((perm) == 0)
00149 #define GRSTgaclPermHasRead(perm) (((perm) & GRST_PERM_READ ) != 0)
00150 #define GRSTgaclPermHasExec(perm) (((perm) & GRST_PERM_EXEC ) != 0)
00151 #define GRSTgaclPermHasList(perm) (((perm) & GRST_PERM_LIST ) != 0)
00152 #define GRSTgaclPermHasWrite(perm) (((perm) & GRST_PERM_WRITE) != 0)
00153 #define GRSTgaclPermHasAdmin(perm) (((perm) & GRST_PERM_ADMIN) != 0)
00154
00155 #define GRST_ACTION_ALLOW 0
00156 #define GRST_ACTION_DENY 1
00157
00158 #define GRST_HIST_PREFIX ".grsthist"
00159 #define GRST_ACL_FILE ".gacl"
00160 #define GRST_DN_LISTS "/etc/grid-security/dn-lists"
00161 #define GRST_RECURS_LIMIT 9
00162
00163 #define GRST_PROXYCERTINFO_OLD_OID "1.3.6.1.4.1.3536.1.222"
00164 #define GRST_PROXYCERTINFO_OID "1.3.6.1.5.5.7.1.14"
00165 #define GRST_VOMS_OID "1.3.6.1.4.1.8005.100.100.5"
00166 #define GRST_VOMS_PK_CERT_LIST_OID "1.3.6.1.4.1.8005.100.100.10"
00167 #define GRST_VOMS_DIR "/etc/grid-security/vomsdir"
00168 #define GRST_KEYUSAGE_OID "2.5.29.15"
00169
00170 #define GRST_ASN1_MAXCOORDLEN 50
00171 #define GRST_ASN1_MAXTAGS 500
00172
00173 struct GRSTasn1TagList { char treecoords[GRST_ASN1_MAXCOORDLEN+1];
00174 int start;
00175 int headerlength;
00176 int length;
00177 int tag; } ;
00178
00179 #define GRST_X509_SERIAL_DIGITS 49
00180
00181 typedef struct { int type;
00182 int errors;
00183 char *issuer;
00184 char *dn;
00185 char *value;
00186 time_t notbefore;
00187 time_t notafter;
00188 int delegation;
00189 char serial[GRST_X509_SERIAL_DIGITS+1];
00190 char *ocsp;
00191 void *raw;
00192 void *next; } GRSTx509Cert;
00193
00194 #define GRST_CERT_BAD_FORMAT 1
00195 #define GRST_CERT_BAD_CHAIN 2
00196 #define GRST_CERT_BAD_SIG 4
00197 #define GRST_CERT_BAD_TIME 8
00198 #define GRST_CERT_BAD_OCSP 16
00199
00200 #define GRST_CERT_TYPE_CA 1
00201 #define GRST_CERT_TYPE_EEC 2
00202 #define GRST_CERT_TYPE_PROXY 3
00203 #define GRST_CERT_TYPE_VOMS 4
00204
00205
00206 typedef struct { GRSTx509Cert *firstcert; } GRSTx509Chain;
00207
00208 #ifndef GRST_NO_OPENSSL
00209 int GRSTx509CertLoad(GRSTx509Cert *, X509 *);
00210 int GRSTx509ChainLoadCheck(GRSTx509Chain **, STACK_OF(X509) *, X509 *, char *, char *);
00211 #endif
00212 int GRSTx509ChainFree(GRSTx509Chain *);
00213
00214 #define GRST_HTTP_PORT 777
00215 #define GRST_HTTPS_PORT 488
00216 #define GRST_HTCP_PORT 777
00217 #define GRST_GSIFTP_PORT 2811
00218
00219 #define GRSThtcpNOPop 0
00220 #define GRSThtcpTSTop 1
00221
00222 typedef struct { unsigned char length_msb;
00223 unsigned char length_lsb;
00224 char text[1]; } GRSThtcpCountstr;
00225
00226 #define GRSThtcpCountstrLen(string) (256*((string)->length_msb) + (string)->length_lsb)
00227
00228 typedef struct { unsigned char total_length_msb;
00229 unsigned char total_length_lsb;
00230 unsigned char version_msb;
00231 unsigned char version_lsb;
00232 unsigned char data_length_msb;
00233 unsigned char data_length_lsb;
00234 unsigned int response : 4;
00235 unsigned int opcode : 4;
00236 unsigned int rr : 1;
00237 unsigned int f1 : 1;
00238 unsigned int reserved : 6;
00239 unsigned int trans_id;
00240 GRSThtcpCountstr *method;
00241 GRSThtcpCountstr *uri;
00242 GRSThtcpCountstr *version;
00243 GRSThtcpCountstr *req_hdrs;
00244 GRSThtcpCountstr *resp_hdrs;
00245 GRSThtcpCountstr *entity_hdrs;
00246 GRSThtcpCountstr *cache_hdrs; } GRSThtcpMessage;
00247
00248 int GRSTgaclInit(void);
00249
00250 __attribute__ ((deprecated))
00251 GRSTgaclCred *GRSTgaclCredNew(char *);
00252
00253 GRSTgaclCred *GRSTgaclCredCreate(char *, char *);
00254
00255 __attribute__ ((deprecated))
00256 int GRSTgaclCredAddValue(GRSTgaclCred *, char *, char *);
00257
00258 #define GRSTgaclCredGetAuri(cred) ((cred)->auri)
00259
00260 #define GRSTgaclCredSetNotBefore(cred, time) ((cred)->notbefore = (time))
00261 #define GRSTgaclCredGetNotBefore(cred) ((cred)->notbefore)
00262
00263 #define GRSTgaclCredSetNotAfter(cred, time) ((cred)->notafter = (time))
00264 #define GRSTgaclCredGetNotAfter(cred) ((cred)->notafter)
00265
00266 #define GRSTgaclCredSetDelegation(cred, level) ((cred)->delegation = (level))
00267 #define GRSTgaclCredGetDelegation(cred) ((cred)->delegation)
00268
00269 #define GRSTgaclCredSetNistLoa(cred, level) ((cred)->nist_loa = (level))
00270 #define GRSTgaclCredGetNistLoa(cred) ((cred)->nist_loa)
00271
00272
00273 int GRSTgaclCredFree(GRSTgaclCred *);
00274
00275
00276 int GRSTgaclEntryAddCred(GRSTgaclEntry *, GRSTgaclCred *);
00277
00278
00279 int GRSTgaclEntryDelCred(GRSTgaclEntry *, GRSTgaclCred *);
00280
00281
00282 int GRSTgaclCredCredPrint(GRSTgaclCred *, FILE *);
00283
00284 int GRSTgaclCredCmpAuri(GRSTgaclCred *, GRSTgaclCred *);
00285
00286
00287 GRSTgaclEntry *GRSTgaclEntryNew(void);
00288
00289
00290 int GRSTgaclEntryFree(GRSTgaclEntry *);
00291
00292
00293 int GRSTgaclAclAddEntry(GRSTgaclAcl *, GRSTgaclEntry *);
00294
00295
00296 int GRSTgaclEntryPrint(GRSTgaclEntry *, FILE *);
00297
00298
00299
00300 int GRSTgaclPermPrint(GRSTgaclPerm, FILE *);
00301
00302
00303 int GRSTgaclEntryAllowPerm(GRSTgaclEntry *, GRSTgaclPerm);
00304
00305
00306 int GRSTgaclEntryUnallowPerm(GRSTgaclEntry *, GRSTgaclPerm);
00307
00308
00309 int GRSTgaclEntryDenyPerm(GRSTgaclEntry *, GRSTgaclPerm);
00310
00311
00312 int GRSTgaclEntryUndenyPerm(GRSTgaclEntry *, GRSTgaclPerm);
00313
00314
00315 char *GRSTgaclPermToChar(GRSTgaclPerm);
00316
00317
00318 GRSTgaclPerm GRSTgaclPermFromChar(char *);
00319
00320
00321 GRSTgaclAcl *GRSTgaclAclNew(void);
00322
00323
00324 int GRSTgaclAclFree(GRSTgaclAcl *);
00325
00326
00327 int GRSTgaclAclPrint(GRSTgaclAcl *, FILE *);
00328
00329
00330 int GRSTgaclAclSave(GRSTgaclAcl *, char *);
00331
00332
00333 GRSTgaclAcl *GRSTgaclAclLoadFile(char *);
00334
00335
00336 char *GRSTgaclFileFindAclname(char *);
00337
00338
00339 GRSTgaclAcl *GRSTgaclAclLoadforFile(char *);
00340
00341
00342 int GRSTgaclFileIsAcl(char *);
00343
00344
00345
00346 GRSTgaclUser *GRSTgaclUserNew(GRSTgaclCred *);
00347
00348
00349 int GRSTgaclUserFree(GRSTgaclUser *);
00350
00351
00352 int GRSTgaclUserAddCred(GRSTgaclUser *, GRSTgaclCred *);
00353
00354
00355 int GRSTgaclUserHasCred(GRSTgaclUser *, GRSTgaclCred *);
00356
00357 __attribute__ ((deprecated))
00358 int GRSTgaclUserSetDNlists(GRSTgaclUser *, char *);
00359
00360 int GRSTgaclUserLoadDNlists(GRSTgaclUser *, char *);
00361
00362
00363 GRSTgaclCred *GRSTgaclUserFindCredtype(GRSTgaclUser *, char *);
00364
00365 __attribute__ ((deprecated))
00366 int GRSTgaclDNlistHasUser(char *, GRSTgaclUser *);
00367
00368 int GRSTgaclUserHasAURI(GRSTgaclUser *, char *);
00369
00370
00371 GRSTgaclPerm GRSTgaclAclTestUser(GRSTgaclAcl *, GRSTgaclUser *);
00372
00373
00374 GRSTgaclPerm GRSTgaclAclTestexclUser(GRSTgaclAcl *, GRSTgaclUser *);
00375
00376 char *GRSThttpUrlDecode(char *);
00377
00378
00379 char *GRSThttpUrlEncode(char *);
00380
00381
00382 char *GRSThttpUrlMildencode(char *);
00383
00384 int GRSTx509NameCmp(char *, char *);
00385
00386 #ifndef GRST_NO_OPENSSL
00387 int GRSTx509KnownCriticalExts(X509 *);
00388
00389 int GRSTx509IsCA(X509 *);
00390 int GRSTx509CheckChain(int *, X509_STORE_CTX *);
00391 int GRSTx509VerifyCallback(int, X509_STORE_CTX *);
00392
00393 __attribute__ ((deprecated))
00394 int GRSTx509GetVomsCreds(int *, int, size_t, char *, X509 *, STACK_OF(X509) *, char *);
00395
00396 __attribute__ ((deprecated))
00397 GRSTgaclCred *GRSTx509CompactToCred(char *);
00398
00399 __attribute__ ((deprecated))
00400 int GRSTx509CompactCreds(int *, int, size_t, char *, STACK_OF(X509) *, char *, X509 *);
00401 #endif
00402
00403 char *GRSTx509CachedProxyFind(char *, char *, char *);
00404 char *GRSTx509FindProxyFileName(void);
00405 int GRSTx509MakeProxyCert(char **, FILE *, char *, char *, char *, int);
00406 char *GRSTx509CachedProxyKeyFind(char *, char *, char *);
00407 int GRSTx509ProxyDestroy(char *, char *, char *);
00408 int GRSTx509ProxyGetTimes(char *, char *, char *, time_t *, time_t *);
00409 int GRSTx509CreateProxyRequest(char **, char **, char *);
00410 int GRSTx509MakeProxyRequest(char **, char *, char *, char *);
00411
00412 char *GRSTx509MakeDelegationID(void);
00413
00414 #ifndef GRST_NO_OPENSSL
00415 int GRSTx509StringToChain(STACK_OF(X509) **, char *);
00416 char *GRSTx509MakeProxyFileName(char *, STACK_OF(X509) *);
00417 #endif
00418
00419 int GRSTx509CacheProxy(char *, char *, char *, char *);
00420
00421 #define GRST_HEADFILE "gridsitehead.txt"
00422 #define GRST_FOOTFILE "gridsitefoot.txt"
00423 #define GRST_ADMIN_FILE "gridsite-admin.cgi"
00424
00425 typedef struct { char *text;
00426 void *next; } GRSThttpCharsList;
00427
00428 typedef struct { size_t size;
00429 GRSThttpCharsList *first;
00430 GRSThttpCharsList *last; } GRSThttpBody;
00431
00432 void GRSThttpBodyInit(GRSThttpBody *);
00433 void GRSThttpPrintf(GRSThttpBody *, char *, ...);
00434 int GRSThttpCopy(GRSThttpBody *, char *);
00435 void GRSThttpWriteOut(GRSThttpBody *);
00436 int GRSThttpPrintHeaderFooter(GRSThttpBody *, char *, char *);
00437 int GRSThttpPrintHeader(GRSThttpBody *, char *);
00438 int GRSThttpPrintFooter(GRSThttpBody *, char *);
00439 char *GRSThttpGetCGI(char *);
00440
00441 time_t GRSTasn1TimeToTimeT(char *, size_t);
00442 int GRSTasn1SearchTaglist(struct GRSTasn1TagList taglist[], int, char *);
00443 #ifndef GRST_NO_OPENSSL
00444 int GRSTasn1ParseDump(BIO *, unsigned char *, long,
00445 struct GRSTasn1TagList taglist[], int, int *);
00446 #endif
00447 int GRSTasn1GetX509Name(char *, int, char *, char *,
00448 struct GRSTasn1TagList taglist[], int);
00449
00450 int GRSThtcpNOPrequestMake(char **, int *, unsigned int);
00451 int GRSThtcpNOPresponseMake(char **, int *, unsigned int);
00452 int GRSThtcpTSTrequestMake(char **, int *, unsigned int, char *, char *, char *);
00453 int GRSThtcpTSTresponseMake(char **, int *, unsigned int, char *, char *, char *);
00454 int GRSThtcpMessageParse(GRSThtcpMessage *, char *, int);
00455
00456 #ifndef GRST_PASSCODE_JS
00457
00458 #define GRST_PASSCODE_JS "<script type=\"text/javascript\" language=\"Javascript\"><!--\nfunction changeValue(formName){ if( document.forms[formName].passcode.value==\"\" ) document.forms[formName].passcode.value=getCookie(\"GRIDHTTP_PASSCODE\"); return true; } \nfunction getCookie(c_name){ if (document.cookie.length>0) { c_start=document.cookie.indexOf(c_name + \"=\"); if (c_start!=-1) { c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(\";\",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); }} return \"\"; } \n -->\n</script>"
00459 #endif
00460
00461 #ifdef __cplusplus
00462 }
00463 #endif
00464
00465 #endif // HEADER_GRIDSITE_H