pegasus/src/Pegasus/Common/Executor.cpp - diff

Return to Executor.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Common

Diff for /pegasus/src/Pegasus/Common/Executor.cpp between version 1.1.2.12 and 1.1.2.13

version 1.1.2.12, 2007/01/09 20:25:40

version 1.1.2.13, 2007/01/11 00:16:45

Line 67

PEGASUS_NAMESPACE_BEGIN

static int _sock = -1;

////////////////////////////////////////////////////////////////////////////////

static Mutex _mutex;

// class ExecutorImpl

////////////////////////////////////////////////////////////////////////////////

static int _getSock()

class ExecutorImpl

{

public:

virtual ~ExecutorImpl()

{

int sock;

_mutex.lock();

sock = _sock;

_mutex.unlock();

return sock;

}

virtual int detectExecutor() = 0;

virtual int ping() = 0;

virtual FILE* openFile(

const char* path,

int mode) = 0;

virtual int renameFile(

const char* oldPath,

const char* newPath) = 0;

virtual int removeFile(

const char* path) = 0;

virtual int startProviderAgent(

const SessionKey& sessionKey,

const char* module,

int uid,

int gid,

int& pid,

SessionKey& providerAgentSessionKey,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe) = 0;

virtual int daemonizeExecutor() = 0;

virtual int reapProviderAgent(

const SessionKey& sessionKey,

int pid) = 0;

virtual int authenticatePassword(

const char* username,

const char* password,

SessionKey& sessionKey) = 0;

virtual int validateUser(

const char* username) = 0;

virtual int challengeLocal(

const char* username,

char challenge[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey) = 0;

virtual int authenticateLocal(

const SessionKey& sessionKey,

const char* challengeResponse) = 0;

virtual int newSessionKey(

const char username[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey) = 0;

virtual int deleteSessionKey(

const SessionKey& sessionKey) = 0;

};

////////////////////////////////////////////////////////////////////////////////

////

//// Loopback stubs:

// class ExecutorLoopbackImpl

////

////////////////////////////////////////////////////////////////////////////////

static int Loopback_ping()

class ExecutorLoopbackImpl : public ExecutorImpl

{

// Nothing to do.

public:

return 0;

virtual ~ExecutorLoopbackImpl()

{

}

virtual int detectExecutor()

{

return -1;

}

FILE* Loopback_openFile(

virtual int ping()

{

return -1;

}

virtual FILE* openFile(

const char* path,

int mode)

{

Line 113

Line 185

}

static int Loopback_renameFile(

virtual int renameFile(

const char* oldPath,

const char* newPath)

{

return FileSystem::renameFile(oldPath, newPath) ? 0 : -1;

}

static int Loopback_removeFile(

virtual int removeFile(

const char* path)

{

return FileSystem::removeFile(path) ? 0 : -1;

}

static int _getProviderAgentPath(String& path)

{

// ATTN: is this really a sufficient replacement for getHomedPath().

// Does getHomedPath() use the configuration file?

path = PEGASUS_PROVIDER_AGENT_PROC_NAME;

if (path[0] != '/')

{

const char* env = getenv("PEGASUS_HOME");

if (!env)

return -1;

path = String(env) + String("/") + path;

}

return 0;

}

#if defined(PEGASUS_OS_TYPE_WINDOWS)

static int Loopback_startProviderAgent(

virtual int startProviderAgent(

const SessionKey& sessionKey,

const char* module,

int uid,

int gid,

int& pid,

SessionKey& providerAgentSessionKey,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

#if defined(PEGASUS_OS_TYPE_WINDOWS)

AutoMutex autoMutex(_mutex);

// Set output parameters in case of failure.

Line 237

Line 293

writePipe = pipeToAgent;

return 0;

}

#elif defined(PEGASUS_OS_OS400)

static int Loopback_startProviderAgent(

const char* module,

int uid,

int gid,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

// ATTN: no implementation for OS400.

return -1;

}

#else /* POSIX CASE FOLLOWS */

static int Loopback_startProviderAgent(

const SessionKey& sessionKey,

const char* module,

int uid,

int gid,

int& pid,

SessionKey& providerAgentSessionKey,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

AutoMutex autoMutex(_mutex);

// Initialize output parameters in case of error.

Line 320

Line 356

#if !defined(PEGASUS_OS_VMS)

// Close unused descriptors. Leave stdin, stdout, stderr, and the

// Close unused descriptors. Leave stdin, stdout, stderr,

// child's pipe descriptors open.

// and the child's pipe descriptors open.

struct rlimit rlim;

Line 397

Line 433

writePipe = new AnonymousPipe(0, writeFdStr);

return 0;

}

#endif /* !defined(START_PROVIDER_AGENT) */

static int Loopback_daemonizeExecutor()

{

// Nothing to do.

return 0;

}

static int Loopback_changeOwner(

virtual int daemonizeExecutor()

const char* path,

const char* owner)

{

return FileSystem::changeFileOwner(path, owner) ? 0 : -1;

return -1;

}

static int Loopback_reapProviderAgent(

virtual int reapProviderAgent(

const SessionKey& sessionKey,

int pid)

{

Line 426

Line 454

return status;

}

static int Loopback_authenticatePassword(

virtual int authenticatePassword(

const char* username,

const char* password,

SessionKey& sessionKey)

Line 436

Line 464

#if defined(PEGASUS_PAM_AUTHENTICATION)

return PAMAuthenticate(username, password);

#else

// ATTN: not handled so don't call in this case.

sessionKey.clear();

return -1;

#endif

}

static int Loopback_validateUser(

virtual int validateUser(

const char* username)

{

#if defined(PEGASUS_PAM_AUTHENTICATION)

return PAMValidateUser(username);

#else

// ATTN: not handled so don't call in this case.

return -1;

#endif

}

////////////////////////////////////////////////////////////////////////////////

virtual int challengeLocal(

////////////////////////////////////////////////////////////////////////////////

const char* username,

////

char challenge[EXECUTOR_BUFFER_SIZE],

//// Out-of-process stubs.

SessionKey& sessionKey)

////

////////////////////////////////////////////////////////////////////////////////

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

//==============================================================================

// _recv()

// Receives *size* bytes from the given socket.

//==============================================================================

static ssize_t _recv(int sock, void* buffer, size_t size)

{

size_t r = size;

// ATTN: not handled so don't call in this case.

char* p = (char*)buffer;

sessionKey.clear();

if (size == 0)

return -1;

}

while (r)

virtual int authenticateLocal(

const SessionKey& sessionKey,

const char* challengeResponse)

{

ssize_t n;

// ATTN: not handled so don't call in this case.

EXECUTOR_RESTART(read(sock, p, r), n);

if (n == -1)

return -1;

else if (n == 0)

}

return size - r;

r -= n;

virtual int newSessionKey(

p += n;

const char username[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey)

{

sessionKey.clear();

return -1;

}

return size - r;

virtual int deleteSessionKey(

const SessionKey& sessionKey)

{

return -1;

}

//==============================================================================

private:

// _send()

// Sends *size* bytes on the given socket.

//==============================================================================

static ssize_t _send(int sock, void* buffer, size_t size)

static int _getProviderAgentPath(String& path)

{

size_t r = size;

path = PEGASUS_PROVIDER_AGENT_PROC_NAME;

char* p = (char*)buffer;

while (r)

if (path[0] != '/')

{

ssize_t n;

const char* env = getenv("PEGASUS_HOME");

EXECUTOR_RESTART(write(sock, p, r), n);

if (n == -1)

if (!env)

return -1;

else if (n == 0)

return size - r;

r -= n;

path = String(env) + String("/") + path;

p += n;

}

return size - r;

return 0;

}

static int _receiveDescriptorArray(int sock, int descriptors[], size_t count)

Mutex _mutex;

{

};

// This control data begins with a cmsghdr struct followed by the data

// (a descriptor in this case). The union ensures that the data is aligned

// suitably for the leading cmsghdr struct. The descriptor itself is

// properly aligned since the cmsghdr ends on a boundary that is suitably

// aligned for any type (including int).

// ControlData = [ cmsghdr | int ]

size_t size = CMSG_SPACE(sizeof(int) * count);

char* data = (char*)malloc(size);

// Define a msghdr that refers to the control data, which is filled in

// by calling recvmsg() below.

msghdr mh;

memset(&mh, 0, sizeof(mh));

mh.msg_control = data;

mh.msg_controllen = size;

// The other process sends a single-byte message. This byte is not

// used since we only need the control data (the descriptor) but we

// must request at least one byte from recvmsg().

struct iovec iov[1];

////////////////////////////////////////////////////////////////////////////////

memset(iov, 0, sizeof(iov));

char dummy;

// class ExecutorSocketImpl : public ExecutorImpl

iov[0].iov_base = &dummy;

iov[0].iov_len = 1;

mh.msg_iov = iov;

////////////////////////////////////////////////////////////////////////////////

mh.msg_iovlen = 1;

// Receive the message from the other process.

ssize_t n = recvmsg(sock, &mh, 0);

if (n <= 0)

return -1;

// Get a pointer to control message. Return if the header is null or does

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

// not contain what we expect.

cmsghdr* cmh = CMSG_FIRSTHDR(&mh);

class ExecutorSocketImpl : public ExecutorImpl

{

public:

if (!cmh ||

ExecutorSocketImpl(int sock) : _sock(sock)

cmh->cmsg_len != CMSG_LEN(sizeof(int) * count) ||

cmh->cmsg_level != SOL_SOCKET ||

cmh->cmsg_type != SCM_RIGHTS)

{

return -1;

}

// Copy the data:

virtual ~ExecutorSocketImpl()

{

memcpy(descriptors, CMSG_DATA(cmh), sizeof(int) * count);

}

virtual int detectExecutor()

{

return 0;

}

static int Socket_ping()

virtual int ping()

{

AutoMutex autoMutex(_mutex);

Line 594

Line 571

ExecutorRequestHeader header;

header.code = EXECUTOR_PING_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

ExecutorPingResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

if (response.magic == EXECUTOR_PING_MAGIC)

Line 608

Line 585

return -1;

}

FILE* Socket_openFile(

virtual FILE* openFile(

const char* path,

int mode)

{

Line 622

Line 599

ExecutorRequestHeader header;

header.code = EXECUTOR_OPEN_FILE_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return NULL;

// _send request body.

Line 632

Line 609

Strlcpy(request.path, path, EXECUTOR_BUFFER_SIZE);

request.mode = mode;

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return NULL;

// Receive the response

ExecutorOpenFileResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return NULL;

// Receive descriptor (if response successful).

Line 648

Line 625

{

int fds[1];

if (_receiveDescriptorArray(_getSock(), fds, 1) != 0)

if (_receiveDescriptorArray(_sock, fds, 1) != 0)

return NULL;

if (fds[0] == -1)

Line 665

Line 642

return NULL;

}

static int Socket_renameFile(

virtual int renameFile(

const char* oldPath,

const char* newPath)

{

Line 676

Line 653

ExecutorRequestHeader header;

header.code = EXECUTOR_RENAME_FILE_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 686

Line 663

Strlcpy(request.oldPath, oldPath, EXECUTOR_BUFFER_SIZE);

Strlcpy(request.newPath, newPath, EXECUTOR_BUFFER_SIZE);

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorRenameFileResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

static int Socket_removeFile(

virtual int removeFile(

const char* path)

{

AutoMutex autoMutex(_mutex);

Line 709

Line 686

ExecutorRequestHeader header;

header.code = EXECUTOR_REMOVE_FILE_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 718

Line 695

memset(&request, 0, sizeof(request));

Strlcpy(request.path, path, EXECUTOR_BUFFER_SIZE);

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorRemoveFileResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

static int Socket_startProviderAgent(

virtual int startProviderAgent(

const SessionKey& sessionKey,

const char* module,

int uid,

Line 759

Line 736

ExecutorRequestHeader header;

header.code = EXECUTOR_START_PROVIDER_AGENT_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 771

Line 748

request.uid = uid;

request.gid = gid;

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorStartProviderAgentResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

// Get the session key.

Line 798

Line 775

// Receive descriptors.

int descriptors[2];

int result = _receiveDescriptorArray(_getSock(), descriptors, 2);

int result = _receiveDescriptorArray(_sock, descriptors, 2);

if (result == 0)

{

int readFd = descriptors[0];

int writeFd = descriptors[1];

// Create to and from AnonymousPipe instances to correspond to the pipe

// Create to and from AnonymousPipe instances to correspond to

// descriptors created above.

// the pipe descriptors created above.

char readFdStr[32];

char writeFdStr[32];

Line 820

Line 797

return result;

}

static int Socket_daemonizeExecutor()

virtual int daemonizeExecutor()

{

AutoMutex autoMutex(_mutex);

Line 829

Line 806

ExecutorRequestHeader header;

header.code = EXECUTOR_DAEMONIZE_EXECUTOR_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// Receive the response

ExecutorDaemonizeExecutorResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

static int Socket_reapProviderAgent(

virtual int reapProviderAgent(

const SessionKey& sessionKey,

int pid)

{

Line 853

Line 830

ExecutorRequestHeader header;

header.code = EXECUTOR_REAP_PROVIDER_AGENT;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body:

Line 863

Line 840

Strlcpy(request.key, sessionKey.data(), sizeof(request.key));

request.pid = pid;

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorReapProviderAgentResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

static int Socket_authenticatePassword(

virtual int authenticatePassword(

const char* username,

const char* password,

SessionKey& sessionKey)

Line 890

Line 867

ExecutorRequestHeader header;

header.code = EXECUTOR_AUTHENTICATE_PASSWORD_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 900

Line 877

Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE);

Strlcpy(request.password, password, EXECUTOR_BUFFER_SIZE);

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorAuthenticatePasswordResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size());

Line 915

Line 892

return response.status;

}

static int Socket_validateUser(

virtual int validateUser(

const char* username)

{

AutoMutex autoMutex(_mutex);

Line 925

Line 902

ExecutorRequestHeader header;

header.code = EXECUTOR_VALIDATE_USER_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 934

Line 911

memset(&request, 0, sizeof(request));

Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE);

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorValidateUserResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

int Socket_challengeLocal(

virtual int challengeLocal(

const char* user,

const char* username,

char challenge[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey)

{

Line 961

Line 938

ExecutorRequestHeader header;

header.code = EXECUTOR_CHALLENGE_LOCAL_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

ExecutorChallengeLocalRequest request;

memset(&request, 0, sizeof(request));

Strlcpy(request.user, user, EXECUTOR_BUFFER_SIZE);

Strlcpy(request.user, username, EXECUTOR_BUFFER_SIZE);

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorChallengeLocalResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size());

Line 986

Line 963

return response.status;

}

int Socket_authenticateLocal(

virtual int authenticateLocal(

const SessionKey& sessionKey,

const char* token)

const char* challengeResponse)

{

AutoMutex autoMutex(_mutex);

Line 997

Line 974

ExecutorRequestHeader header;

header.code = EXECUTOR_AUTHENTICATE_LOCAL_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 1005

Line 982

ExecutorAuthenticateLocalRequest request;

memset(&request, 0, sizeof(request));

Strlcpy(request.key, (char*)sessionKey.data(), EXECUTOR_BUFFER_SIZE);

Strlcpy(request.token, token, EXECUTOR_BUFFER_SIZE);

Strlcpy(request.token, challengeResponse, EXECUTOR_BUFFER_SIZE);

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorAuthenticateLocalResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

int Socket_newSessionKey(

virtual int newSessionKey(

const char username[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey)

{

Line 1033

Line 1010

ExecutorRequestHeader header;

header.code = EXECUTOR_NEW_SESSION_KEY_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// _send request body.

Line 1042

Line 1019

memset(&request, 0, sizeof(request));

Strlcpy(request.username, username, sizeof(request.username));

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorNewSessionKeyResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size());

Line 1057

Line 1034

return response.status;

}

int Socket_deleteSessionKey(

virtual int deleteSessionKey(

const SessionKey& sessionKey)

{

AutoMutex autoMutex(_mutex);

Line 1067

Line 1044

ExecutorRequestHeader header;

header.code = EXECUTOR_DELETE_SESSION_KEY_MESSAGE;

if (_send(_getSock(), &header, sizeof(header)) != sizeof(header))

if (_send(_sock, &header, sizeof(header)) != sizeof(header))

return -1;

// Send request body.

Line 1076

Line 1053

memset(&request, 0, sizeof(request));

Strlcpy(request.key, sessionKey.data(), sizeof(request.key));

if (_send(_getSock(), &request, sizeof(request)) != sizeof(request))

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

// Receive the response

ExecutorDeleteSessionKeyResponse response;

if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response))

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

return response.status;

}

private:

static ssize_t _recv(int sock, void* buffer, size_t size)

{

size_t r = size;

char* p = (char*)buffer;

if (size == 0)

return -1;

while (r)

{

ssize_t n;

EXECUTOR_RESTART(read(sock, p, r), n);

if (n == -1)

return -1;

else if (n == 0)

return size - r;

r -= n;

p += n;

}

return size - r;

}

static ssize_t _send(int sock, void* buffer, size_t size)

{

size_t r = size;

char* p = (char*)buffer;

while (r)

{

ssize_t n;

EXECUTOR_RESTART(write(sock, p, r), n);

if (n == -1)

return -1;

else if (n == 0)

return size - r;

r -= n;

p += n;

}

return size - r;

}

static int _receiveDescriptorArray(

int sock, int descriptors[], size_t count)

{

// This control data begins with a cmsghdr struct followed by the data

// (a descriptor in this case). The union ensures that the data is

// aligned suitably for the leading cmsghdr struct. The descriptor

// itself is properly aligned since the cmsghdr ends on a boundary

// that is suitably aligned for any type (including int).

// ControlData = [ cmsghdr | int ]

size_t size = CMSG_SPACE(sizeof(int) * count);

char* data = (char*)malloc(size);

// Define a msghdr that refers to the control data, which is filled in

// by calling recvmsg() below.

msghdr mh;

memset(&mh, 0, sizeof(mh));

mh.msg_control = data;

mh.msg_controllen = size;

// The other process sends a single-byte message. This byte is not

// used since we only need the control data (the descriptor) but we

// must request at least one byte from recvmsg().

struct iovec iov[1];

memset(iov, 0, sizeof(iov));

char dummy;

iov[0].iov_base = &dummy;

iov[0].iov_len = 1;

mh.msg_iov = iov;

mh.msg_iovlen = 1;

// Receive the message from the other process.

ssize_t n = recvmsg(sock, &mh, 0);

if (n <= 0)

return -1;

// Get a pointer to control message. Return if the header is null or

// does not contain what we expect.

cmsghdr* cmh = CMSG_FIRSTHDR(&mh);

if (!cmh ||

cmh->cmsg_len != CMSG_LEN(sizeof(int) * count) ||

cmh->cmsg_level != SOL_SOCKET ||

cmh->cmsg_type != SCM_RIGHTS)

{

return -1;

}

// Copy the data:

memcpy(descriptors, CMSG_DATA(cmh), sizeof(int) * count);

return 0;

}

int _sock;

Mutex _mutex;

};

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

////////////////////////////////////////////////////////////////////////////////

// class Executor

////////////////////////////////////////////////////////////////////////////////

////

//// Executor Methods:

static int _sock = -1;

////

static ExecutorImpl* _impl = 0;

////////////////////////////////////////////////////////////////////////////////

static Mutex _mutex;

////////////////////////////////////////////////////////////////////////////////

static ExecutorImpl* _getImpl()

{

// Use the double-checked locking technique to avoid the overhead of a lock

// on every call.

if (_impl == 0)

{

_mutex.lock();

if (_impl == 0)

{

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

if (_sock == -1)

_impl = new ExecutorLoopbackImpl();

else

_impl = new ExecutorSocketImpl(_sock);

#endif

}

_mutex.unlock();

}

return _impl;

}

void Executor::setSock(int sock)

{

Line 1108

Line 1230

int Executor::detectExecutor()

{

if (_getSock() == -1)

return _getImpl()->detectExecutor();

return -1;

else

return 0;

}

int Executor::ping()

{

if (_getSock() == -1)

return _getImpl()->ping();

return Loopback_ping();

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_ping();

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

FILE* Executor::openFile(

const char* path,

int mode)

{

if (_getSock() == -1)

return _getImpl()->openFile(path, mode);

return Loopback_openFile(path, mode);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_openFile(path, mode);

#else

return NULL;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::renameFile(

const char* oldPath,

const char* newPath)

{

if (_getSock() == -1)

return _getImpl()->renameFile(oldPath, newPath);

return Loopback_renameFile(oldPath, newPath);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_renameFile(oldPath, newPath);

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::removeFile(

const char* path)

{

if (_getSock() == -1)

return _getImpl()->removeFile(path);

return Loopback_removeFile(path);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_removeFile(path);

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::startProviderAgent(

Line 1177

Line 1268

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

if (_getSock() == -1)

return _getImpl()->startProviderAgent(sessionKey, module,

return Loopback_startProviderAgent(sessionKey, module,

uid, gid, pid, providerAgentSessionKey, readPipe, writePipe);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_startProviderAgent(sessionKey, module,

uid, gid, pid, providerAgentSessionKey, readPipe, writePipe);

#else

providerAgentSessionKey.clear();

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::daemonizeExecutor()

{

if (_getSock() == -1)

return _getImpl()->daemonizeExecutor();

return Loopback_daemonizeExecutor();

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_daemonizeExecutor();

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::reapProviderAgent(

const SessionKey& sessionKey,

int pid)

{

if (_getSock() == -1)

return _getImpl()->reapProviderAgent(sessionKey, pid);

return Loopback_reapProviderAgent(sessionKey, pid);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_reapProviderAgent(sessionKey, pid);

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::authenticatePassword(

Line 1221

Line 1289

const char* password,

SessionKey& sessionKey)

{

if (_getSock() == -1)

return _getImpl()->authenticatePassword(username, password, sessionKey);

return Loopback_authenticatePassword(username, password, sessionKey);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_authenticatePassword(username, password, sessionKey);

#else

sessionKey.clear();

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::validateUser(

const char* username)

{

if (_getSock() == -1)

return _getImpl()->validateUser(username);

return Loopback_validateUser(username);

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_validateUser(username);

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::challengeLocal(

Line 1250

Line 1303

char path[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey)

{

if (_getSock() == -1)

return _getImpl()->challengeLocal(user, path, sessionKey);

return -1;

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_challengeLocal(user, path, sessionKey);

#else

sessionKey.clear();

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::authenticateLocal(

const SessionKey& sessionKey,

const char* challengeResponse)

{

if (_getSock() == -1)

return _getImpl()->authenticateLocal(sessionKey, challengeResponse);

return -1;

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_authenticateLocal(sessionKey, challengeResponse);

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::newSessionKey(

const char username[EXECUTOR_BUFFER_SIZE],

SessionKey& sessionKey)

{

if (_getSock() == -1)

return _getImpl()->newSessionKey(username, sessionKey);

{

sessionKey.clear();

return 0;

}

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_newSessionKey(username, sessionKey);

#else

return -1;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

int Executor::deleteSessionKey(

const SessionKey& sessionKey)

{

if (_getSock() == -1)

return _getImpl()->deleteSessionKey(sessionKey);

return 0;

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

return Socket_deleteSessionKey(sessionKey);

#else

return 0;

#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */

}

PEGASUS_NAMESPACE_END

Legend:

Removed from v.1.1.2.12
changed lines
	Added in v.1.1.2.13

No CVS admin address has been configured