Main Page | Data Structures | File List | Data Fields | Globals

voms_api.h

Go to the documentation of this file.
00001 /*********************************************************************
00002  *
00003  * Authors: Vincenzo Ciaschini - Vincenzo.Ciaschini@cnaf.infn.it 
00004  *
00005  * Copyright (c) 2002, 2003 INFN-CNAF on behalf of the EU DataGrid.
00006  * For license conditions see LICENSE file or
00007  * http://www.edg.org/license.html
00008  *
00009  * Parts of this code may be based upon or even include verbatim pieces,
00010  * originally written by other people, in which case the original header
00011  * follows.
00012  *
00013  *********************************************************************/
00014 
00015 #ifndef VOMS_API_H
00016 #define VOMS_API_H
00017 
00018 #include <fstream>
00019 #include <string>
00020 #include <vector>
00021 
00022 
00023 extern "C" {
00024 #ifndef GSSAPI_H_
00025 typedef void * gss_cred_id_t;
00026 typedef void * gss_ctx_id_t;
00027 #endif
00028 
00029 #include <openssl/x509.h>
00030 #include <openssl/bio.h>
00031 #include <sys/types.h>
00032 #include "newformat.h"
00033 }
00034 
00037 struct data {
00038   std::string group; 
00039   std::string role;  
00040   std::string cap;   
00041 };
00042 
00045 struct attribute {
00046   std::string name;      
00047   std::string qualifier; 
00048   std::string value;     
00049 };
00050 
00051 struct attributelist {
00052   std::string grantor;               
00053   std::vector<attribute> attributes; 
00054 };
00055 
00056 
00059 enum data_type { 
00060   TYPE_NODATA,  
00061   TYPE_STD,     
00062   TYPE_CUSTOM   
00063 };
00064 
00065 struct contactdata {   
00069   std::string  nick;    
00070   std::string  host;    
00071   std::string  contact; 
00072   std::string  vo;      
00073   int          port;           
00075   int          version; 
00076 };
00077 
00078 struct voms {
00079   friend class vomsdata;
00080   int version;             
00081   int siglen;              
00082   std::string signature;   
00083   std::string user;        
00084   std::string userca;      
00085   std::string server;      
00086   std::string serverca;    
00087   std::string voname;      
00088   std::string uri;         
00089   std::string date1;       
00090   std::string date2;       
00091   data_type type;          
00092   std::vector<data> std;   
00093   std::string custom;      
00094   /* Data below this line only makes sense if version >= 1 */
00095   std::vector<std::string> fqan; 
00096   std::string serial;      
00097   /* Data below this line is private. */
00098 
00099 private:
00100   void *realdata;                  
00101   X509 *holder;
00102 public:
00103   voms(const voms &);
00104   voms();
00105   voms &operator=(const voms &);
00106   ~voms();
00107 
00108 private:
00109   struct vomsr *translate();
00110   friend int TranslateVOMS(struct vomsdatar *vd, std::vector<voms>&v, int *error);
00111 
00112 public:
00113   AC *GetAC();
00114 
00115 public:
00116   std::vector<attributelist>& GetAttributes();   
00117   std::vector<std::string> GetTargets();
00118 };
00119 
00120 enum recurse_type { 
00121   RECURSE_CHAIN, 
00122   RECURSE_NONE,
00123   RECURSE_DEEP
00124 };
00125 
00126 enum verify_type {
00127   VERIFY_FULL      = 0xffffffff,
00128   VERIFY_NONE      = 0x00000000,
00129   VERIFY_DATE      = 0x00000001,
00130   VERIFY_TARGET    = 0x00000002,
00131   VERIFY_KEY       = 0x00000004,
00132   VERIFY_SIGN      = 0x00000008,
00133   VERIFY_ORDER     = 0x00000010,
00134   VERIFY_ID        = 0x00000020,
00135   VERIFY_CERTLIST  = 0x00000040
00136 };
00137 
00140 enum verror_type { 
00141   VERR_NONE,
00142   VERR_NOSOCKET,   
00143   VERR_NOIDENT,    
00144   VERR_COMM,       
00145   VERR_PARAM,      
00146   VERR_NOEXT,      
00147   VERR_NOINIT,     
00148   VERR_TIME,       
00149   VERR_IDCHECK,    
00150   VERR_EXTRAINFO,  
00151   VERR_FORMAT,     
00152   VERR_NODATA,     
00153   VERR_PARSE,      
00154   VERR_DIR,        
00155   VERR_SIGN,       
00156   VERR_SERVER,     
00157   VERR_MEM,        
00158   VERR_VERIFY,     
00159   //  VERR_IDENT, 
00160   VERR_TYPE,       
00161   VERR_ORDER,      
00162   VERR_SERVERCODE, 
00163   VERR_NOTAVAIL,   
00164   VERR_FILE        
00165 };
00166 
00167 typedef bool (*check_sig)(X509 *, void *, verror_type &); 
00169 struct vomsdata {
00170   private:
00171   class Initializer {
00172   public:
00173     Initializer();
00174   private:
00175     Initializer(Initializer &);
00176   };
00177 
00178   private:
00179   static Initializer init;
00180   std::string ca_cert_dir;
00181   std::string voms_cert_dir;
00182   int duration;
00183   std::string ordering;
00184   std::vector<contactdata> servers;
00185   std::vector<std::string> targets;
00186 
00187   public:
00188   verror_type error; 
00190   vomsdata(std::string voms_dir = "", 
00191            std::string cert_dir = ""); 
00202   bool LoadSystemContacts(std::string dir = ""); 
00209   bool LoadUserContacts(std::string dir = ""); 
00219   std::vector<contactdata> FindByAlias(std::string alias); 
00227   std::vector<contactdata> FindByVO(std::string vo); 
00235   void Order(std::string att); 
00242   void ResetOrder(void); 
00244   void AddTarget(std::string target);         
00249   std::vector<std::string> ListTargets(void); 
00251   void ResetTargets(void);        
00252   std::string ServerErrors(void); 
00254   bool Retrieve(X509 *cert, STACK_OF(X509) *chain, 
00255                 recurse_type how = RECURSE_CHAIN); 
00264   bool Contact(std::string hostname, int port, 
00265                std::string servsubject, 
00266                std::string command); 
00277   bool ContactRaw(std::string hostname, int port, 
00278                   std::string servsubject, 
00279                   std::string command,
00280                   std::string &raw,
00281       int& version);  
00291   void SetVerificationType(verify_type how); 
00295   void SetLifetime(int lifetime); 
00299   bool Import(std::string buffer);
00306   bool Export(std::string &data); 
00313   bool DefaultData(voms &); 
00316   std::vector<voms> data; 
00319   std::string workvo;     
00320   std::string extra_data; 
00329 private:
00330   bool loadfile(std::string, uid_t uid, gid_t gid);
00331   bool loadfile0(std::string, uid_t uid, gid_t gid);
00332   bool verifydata(std::string &message, std::string subject, std::string ca, 
00333                   X509 *holder, voms &v);
00334   X509 *check(check_sig f, void *data); 
00335   bool check_cert(X509 *cert);
00336   bool retrieve(X509 *cert, STACK_OF(X509) *chain, recurse_type how,
00337                 AC_SEQ **listnew, std::string &subject, std::string &ca,
00338                 X509 **holder);
00339   verify_type ver_type;
00340 
00341   std::string serverrors;
00342   std::string errmessage;
00343   
00344   void seterror(verror_type, std::string);
00345 
00346   bool verifyac(X509 *, X509 *, AC*, voms&);
00347   bool check_sig_ac(X509 *, void *);
00348   X509 *check(void *);
00349   bool my_conn(const std::string&, int, const std::string&, int,
00350                const std::string&, std::string&, std::string&,
00351                std::string&);
00352   bool contact(const std::string&, int, const std::string&,
00353                const std::string&, std::string&, std::string&,
00354                std::string&);
00355   bool verifydata(AC *ac, const std::string& subject, const std::string& ca, 
00356                   X509 *holder, voms &v);
00357   bool evaluate(AC_SEQ *, const std::string&, const std::string&, X509*);
00358 
00359 public:
00360 
00361   std::string ErrorMessage(void); 
00363   bool RetrieveFromCtx(gss_ctx_id_t context, recurse_type how); 
00368   bool RetrieveFromCred(gss_cred_id_t credential, recurse_type how);  
00373   bool Retrieve(X509_EXTENSION *ext); 
00377   bool RetrieveFromProxy(recurse_type how); 
00381   bool Retrieve(FILE *file, recurse_type how); 
00387   ~vomsdata();
00388 private:
00389   //  X509 *check_file(void *);
00390   bool check_cert(STACK_OF(X509) *);
00391   X509 *check_from_certs(AC *ac, const std::string& voname);
00392   X509 *check_from_file(AC *, std::ifstream&, const std::string &vo, const std::string &filename);
00393 
00394 public:
00395   vomsdata(const vomsdata &);
00396 
00397 private:
00398   int retry_count;
00399   
00400 public:
00401   void SetRetryCount(int retryCount);
00402   
00403 private:
00404   STACK_OF(X509) *load_chain(BIO *in);
00405                                 
00406 public:
00407   void SetVerificationTime(time_t);
00408                                   
00409 private:
00410   time_t verificationtime;
00411   bool verifyac(X509 *, X509 *, AC*, time_t, voms&);
00412 
00413 public:
00414   bool LoadCredentials(X509 *cert, STACK_OF(X509) *chain, EVP_PKEY *key);
00415 
00416 private:
00417   X509           *ucert;
00418   STACK_OF(X509) *cert_chain;
00419   EVP_PKEY        *upkey;
00420 };
00421 
00422 
00423 int getMajorVersionNumber(void);
00424 int getMinorVersionNumber(void);
00425 int getPatchVersionNumber(void);
00426 
00427 #endif

Generated on Tue Jun 30 05:29:44 2009 for VOMS CC API by  doxygen 1.4.4